RubyForge: Mongrel: File Release Notes and Changelog

Notes:
Release Name: 4.2.0

Notes:
unicorn 4.2.0

Unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels.  Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between Unicorn and slow clients.

* http://unicorn.bogomips.org/
* mongrel-unicorn@rubyforge.org
* git://bogomips.org/unicorn.git
* http://unicorn.bogomips.org/NEWS.atom.xml

Changes:

The GPLv3 is now an option to the Unicorn license.  The existing GPLv2
and Ruby-only terms will always remain options, but the GPLv3 is
preferred.

Daemonization is correctly detected on all terminals for development
use (Brian P O'Rourke).

Unicorn::OobGC respects applications that disable GC entirely
during application dispatch (Yuichi Tateno).

Many test fixes for OpenBSD, which may help other *BSDs, too.
(Jeremy Evans).

There is now _optional_ SSL support (via the "kgio-monkey"
RubyGem).  On fast, secure LANs, SSL is only intended for
detecting data corruption that weak TCP checksums cannot detect.
Our SSL support is remains unaudited by security experts.

There are also some minor bugfixes and documentation
improvements.

Ruby 2.0.0dev also has a copy-on-write friendly GC which can save memory
when combined with "preload_app true", so if you're in the mood, start
testing Unicorn with the latest Ruby!



Changes:
 COPYING                             |  899 ++++++++++++++++++++++++-----------
 DESIGN                              |    6 +-
 GIT-VERSION-GEN                     |    2 +-
 LICENSE                             |   17 +-
 Links                               |    3 +
 README                              |    6 +-
 Rakefile                            |    2 +-
 examples/unicorn.conf.rb            |    2 +-
 ext/unicorn_http/unicorn_http.rl    |    3 +-
 lib/unicorn/app/inetd.rb            |    3 +-
 lib/unicorn/app/old_rails.rb        |    3 +-
 lib/unicorn/app/old_rails/static.rb |    3 +-
 lib/unicorn/cgi_wrapper.rb          |    3 +-
 lib/unicorn/configurator.rb         |   16 +-
 lib/unicorn/const.rb                |    2 +-
 lib/unicorn/http_server.rb          |   11 +-
 lib/unicorn/oob_gc.rb               |    2 +
 lib/unicorn/socket_helper.rb        |    5 +-
 lib/unicorn/ssl_client.rb           |    6 +
 lib/unicorn/ssl_configurator.rb     |  104 ++++
 lib/unicorn/ssl_server.rb           |   42 ++
 script/isolate_for_tests            |   11 +-
 t/.gitignore                        |    3 +
 t/GNUmakefile                       |    6 +-
 t/bin/sha1sum.rb                    |    8 +-
 t/sslgen.sh                         |   71 +++
 t/t0011-active-unix-socket.sh       |    2 +-
 t/t0600-https-server-basic.sh       |   48 ++
 t/test-lib.sh                       |   21 +-
 test/rails/test_rails.rb            |    5 +-
 test/test_helper.rb                 |    4 +-
 test/unit/test_http_parser.rb       |    3 +-
 test/unit/test_http_parser_ng.rb    |    8 +
 test/unit/test_request.rb           |    3 +-
 test/unit/test_response.rb          |    3 +-
 test/unit/test_server.rb            |    3 +-
 test/unit/test_signals.rb           |    3 +-
 test/unit/test_sni_hostnames.rb     |   47 ++
 unicorn.gemspec                     |    8 +-
 39 files changed, 1053 insertions(+), 344 deletions(-)

commit b6a154eba6d79fd1572f61290e55f4d05df86730
Author: Eric Wong 
Date:   Sat Jan 28 09:05:07 2012 +0000

    unicorn 4.2.0
    
    The GPLv3 is now an option to the Unicorn license.  The existing GPLv2
    and Ruby-only terms will always remain options, but the GPLv3 is
    preferred.
    
    Daemonization is correctly detected on all terminals for development
    use (Brian P O'Rourke).
    
    Unicorn::OobGC respects applications that disable GC entirely
    during application dispatch (Yuichi Tateno).
    
    Many test fixes for OpenBSD, which may help other *BSDs, too.
    (Jeremy Evans).
    
    There is now _optional_ SSL support (via the "kgio-monkey"
    RubyGem).  On fast, secure LANs, SSL is only intended for
    detecting data corruption that weak TCP checksums cannot detect.
    Our SSL support is remains unaudited by security experts.
    
    There are also some minor bugfixes and documentation
    improvements.
    
    Ruby 2.0.0dev also has a copy-on-write friendly GC which can save memory
    when combined with "preload_app true", so if you're in the mood, start
    testing Unicorn with the latest Ruby!

commit 8478a54008ea64bf734b9dfc78d940ed69bc00ff
Author: Eric Wong 
Date:   Sat Jan 28 09:03:57 2012 +0000

    doc: update doc for Ruby 2.0.0dev CoW-friendliness
    
    Ruby 2.0.0dev is the future and includes a CoW-friendly GC,
    so we shall encourage folks to give Ruby 2.0.0dev a spin.

commit 49c70ae741b96588021eb1bb6327da4cf78f8ec0
Author: Eric Wong 
Date:   Fri Jan 27 19:55:28 2012 +0000

    script/isolate_for_tests: disable sqlite3-ruby for Ruby 2.0.0dev
    
    We don't need it because we don't test old Rails with bleeding edge Ruby.

commit c8abf6a06c0bd7eb1dfc8457ef1c31de31e7715b
Author: Eric Wong 
Date:   Fri Jan 27 19:54:41 2012 +0000

    disable old Rails tests for Ruby 2.0.0
    
    I doubt anybody would attempt to run ancient, unsupported versions
    of Rails on the latest (unreleased, even) versions of Ruby...

commit 79ae7110b37f9b82151cc61960d93a33bb543669
Author: Eric Wong 
Date:   Fri Jan 27 19:27:43 2012 +0000

    script/isolate_for_tests: update to kgio 2.7.2
    
    Again, we test with the latest version.

commit d6d9178f5dc40cf5cb4c5ef61094d4103f23dce5
Author: Eric Wong 
Date:   Tue Jan 24 21:48:35 2012 +0000

    update tests for Rack 1.4.1
    
    Trying to ensure things always work with the latest version.

commit a7b286273690f801c61a1db9475f74299ffaef6c
Author: Eric Wong 
Date:   Sun Jan 8 02:01:53 2012 +0000

    Rakefile: swap freshmeat.net URL for freecode.com
    
    :<

commit 0782f9fb69993b62dc0c3a90f900c4d8cf5745e6
Author: Eric Wong 
Date:   Wed Dec 28 06:03:00 2011 +0000

    update tests for rack 1.4.0
    
    It's the latest and greatest version, so ensure everything
    works with it.

commit cda82b5ff44c8fcfb61315f822bbaefa3471d4fe
Author: Eric Wong 
Date:   Sat Dec 17 06:51:58 2011 +0000

    http: test case for "Connection: TE"
    
    We need to be sure we don't barf on this header.

commit 68e8d3726542c549f291f82bdcb751d372c34597
Author: Eric Wong 
Date:   Tue Dec 13 15:04:59 2011 -0800

    cleanup exception handling on SIGUSR1
    
    No need to duplicate logic here

commit 7688fe59a8a80f473b276aa1ab01ff24cab6a653
Author: Eric Wong 
Date:   Tue Dec 13 06:04:51 2011 +0000

    quiet possible IOError from SIGUSR1 (reopen logs)
    
    It's possible for a SIGUSR1 signal to be received in the
    worker immediately before calling IO.select.  In that case,
    do not clutter logging with IOError and just process the
    reopen log request.

commit 2cc0db7761ee4286c5ccbc48395c70c41d402119
Author: Eric Wong 
Date:   Mon Dec 5 02:27:14 2011 +0000

    socket_helper: fix grammerr fail
    
    Oops :x

commit ee6ffca0a8d129dd930f4c63d0c4c9ef034b245f
Author: Eric Wong 
Date:   Mon Dec 5 01:33:41 2011 +0000

    socket_helper: set SO_KEEPALIVE on TCP sockets
    
    Even LANs can break or be unreliable sometimes and socket
    disconnect messages get lost, which means we fall back to
    the global (kill -9) timeout in Unicorn.
    
    While the default global timeout is much shorter (60s) than
    typical TCP timeouts, some HTTP application dispatches take much
    I/O or computational time (streaming many gigabytes), so the
    global timeout becomes ineffective.
    
    Under Linux, sysadmins are encouraged to lower the default
    net.ipv4.tcp_keepalive_* knobs in sysctl.  There should be
    similar knobs in other operating systems (the default keepalive
    intervals are usually ridiculously high, too high for anything).
    
    When the listen socket has SO_KEEPALIVE set, the flag should be
    inherited by accept()-ed sockets.

commit 27f666a973a59c8c6738a65b69f9060c41e6958c
Author: Eric Wong 
Date:   Mon Dec 5 01:28:33 2011 +0000

    socket_helper: remove out-of-date comment for TCP_NODELAY
    
    We favor low latency and consistency with the Unix socket
    behavior even with TCP.

commit 5f8ea2614f92172c7b214441aa3c09a6054c3aa8
Author: Eric Wong 
Date:   Mon Dec 5 01:26:39 2011 +0000

    bump dependencies
    
    We should always be testing with the newest available versions
    to watch for incompatibilities, even if we don't /require/ the
    latest ones to run.

commit fbcf6aa641e5827da48a3b6776c9897de123b405
Author: Eric Wong 
Date:   Tue Nov 15 16:32:12 2011 -0800

    tests: try to set a shorter path for Unix domain sockets
    
    We're only allowed 108 bytes for Unix domain sockets.
    mktemp(1) usually generates path names of reasonable length
    and we rely on it anyways.

commit c4c880c5a2ac521d4a6d0bad132d38dfff375a6c
Author: Eric Wong 
Date:   Tue Nov 15 15:28:44 2011 -0800

    tests: just use the sha1sum implemented in Ruby
    
    The output of SHA1 command-line tools is too unstable and
    I'm more comfortable with Ruby 1.9 encoding support than
    I was in 2009.
    
    Jeremy Evans noted the output of "openssl sha1" has
    changed since I last used it.

commit 2fd5910969419c17aa6a31fb2119eb47a121d497
Author: Jeremy Evans 
Date:   Tue Nov 15 15:26:36 2011 -0800

    test_helper: ensure test client connects to valid address
    
    You can listen on 0.0.0.0, but trying to connect to it doesn't work
    well on OpenBSD.
    
    Acked-by: Eric Wong 

commit 66c706acfb3cda802bac4629219e3c3e064352ed
Author: Jeremy Evans 
Date:   Tue Nov 15 15:21:58 2011 -0800

    t0011: fix test under OpenBSD
    
    expr on OpenBSD uses a basic regular expression (according to
    re_format(7)), which doesn't support +, only *.
    
    Acked-by: Eric Wong 

commit 9e62bc10294f0b6344b47cd596a93ae457d546fb
Author: Eric Wong 
Date:   Tue Nov 15 15:13:15 2011 -0800

    configurator: limit timeout to 30 days
    
    There's no practical difference between a timeout of 30 days and
    68 years from an HTTP server standpoint.
    
    POSIX limits us to 31 days, actually, but there could be
    rounding error with floats used in Ruby time calculations and
    there's no real difference between 30 and 31 days, either...
    
    Thanks to Jeremy Evans for pointing out large values will throw
    EINVAL (on select(2) under OpenBSD with Ruby 1.9.3 and
    RangeError on older Rubies.

commit aab850780f9ff0d74c346d7fd62ac588f4d5879b
Author: Eric Wong 
Date:   Tue Nov 15 15:09:21 2011 -0800

    t: ensure SSL certificates exist on fresh test
    
    We throw up some fake SSL certs for testing

commit c7ba76a21c5d00fb5c173cd6aa847442bbc652cb
Author: Yuichi Tateno 
Date:   Mon Oct 3 16:51:19 2011 +0900

    OobGC: force GC.start
    
    [ew: we need to explicitly enable GC if it is disabled
     and respect applications that disable GC]
    
    Acked-by: Eric Wong 

commit ac346b5abcfa6253bd792091e5fb011774c40d49
Author: Eric Wong 
Date:   Wed Sep 7 00:36:58 2011 +0000

    add preliminary SSL support
    
    This will also be the foundation of SSL support in Rainbows!
    and Zbatery.  Some users may also want to use this in
    Unicorn on LANs to meet certain security/auditing requirements.
    Of course, Nightmare! (in whatever form) should also be able to
    use it.

commit b48c6659b294b37f2c6ff3e75c1c9245522d48d1
Author: Brian P O'Rourke 
Date:   Wed Sep 14 18:50:29 2011 +0800

    Detect daemonization via configuration.
    
    This prevents the stopping of all workers by SIGWINCH if you're
    using a windowing system that will 'exec' unicorn from a process
    that's already in a process group.
    
    Acked-by: Eric Wong 

commit db2cba26acc5748bcf9919e3184a667c46911f8c
Author: Eric Wong 
Date:   Fri Sep 9 16:10:55 2011 -0700

    Links: add a link to the UnXF middleware
    
    Since unicorn is designed to be deployed behind nginx (or
    similar), X-Forwarded-* headers are common and Rack applications
    may blindly trust spoofed X-Forwarded-* headers.  UnXF provides
    a central place for managing that trust by using rpatricia.

commit d209910e29d4983f8346233262a49541464252c1
Author: Eric Wong 
Date:   Fri Sep 9 15:48:53 2011 -0700

    http_server: update comment on tick == 0
    
    The old comment was confusing.  We only zero the tick counter
    when forking because application loading can take a long time.
    Otherwise, it's always updated.
    
    ref: http://mid.gmane.org/20110908191352.GA25251@dcvr.yhbt.net

commit 0113de29108fb669a43d4d7f5528c77a2f96db57
Author: Eric Wong 
Date:   Fri Sep 2 16:17:57 2011 -0700

    http_server: a few more things eligible for GC in worker
    
    There is no need to keep extra hashes or Proc objects around in
    the heap.

commit cd22c595633ec36b69c60f27f2c3841ae0f6faca
Author: Eric Wong 
Date:   Mon Aug 29 19:54:32 2011 +0000

    add GPLv3 option to the license
    
    Existing license terms (Ruby-specific) and GPLv2 remain
    in place, but GPLv3 is preferred as it helps with
    distribution of AGPLv3 code and is explicitly compatible
    with Apache License (v2.0).
    
    Many more reasons are documented by the FSF:
    https://www.gnu.org/licenses/quick-guide-gplv3.html
    http://gplv3.fsf.org/rms-why.html
    
    ref: http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/933