Release Name: 0.4.0
Notes:
kgio-monkey 0.4.0 - minor updates and improvements
Wraps OpenSSL to provide {kgio-compatible}[http://bogomips.org/kgio/]
kgio_trywrite and kgio_tryread IO methods to Kgio::SSL wrapper objects.
* http://bogomips.org/kgio-monkey/
* kgio@librelist.org
* git://bogomips.org/kgio-monkey.git
* http://bogomips.org/kgio-monkey/NEWS.atom.xml
Changes:
Do not consider this release (or previous releases) of
kgio-monkey remotely production-ready. It has not been
reviewed by anybody with any security/crypto background.
* shutdown() is now called before close() after the
SSL shutdown sequence. This prevents forked processes
from holding onto a TCP connection.
* various test fixes for OpenSSL 1.0.0
* documentation updates and fixes (thanks to Iñaki Baz Castillo)
* Errno::ETIMEDOUT exceptions are now raised without a backtrace
* kgio_trysendfile() now uses pread() instead of mmap() when
emulating sendfile(), this avoids the possibility of SIGBUS
if an mmap()-ed file is truncated.
Changes:
GIT-VERSION-GEN | 2 +-
ext/kgio_monkey/ancient_ruby.h | 25 +++++
ext/kgio_monkey/extconf.rb | 1 +
ext/kgio_monkey/kgio_monkey.c | 197 +++++++++++++++++++---------------------
lib/flipper/tcp_proxy.rb | 5 +-
script/sslgen.sh | 8 +-
test/external_session_cache.rb | 2 +-
test/test_client_auth.rb | 2 +-
test/test_tdb_session_cache.rb | 10 +-
9 files changed, 133 insertions(+), 119 deletions(-)
commit 01f13e69c5ef12fb03a2753a9f55bb8897af1a45
Author: Eric Wong
Date: Sun Apr 29 05:49:00 2012 +0000
kgio-monkey 0.4.0 - minor updates and improvements
Do not consider this release (or previous releases) of
kgio-monkey remotely production-ready. It has not been
reviewed by anybody with any security/crypto background.
* shutdown() is now called before close() after the
SSL shutdown sequence. This prevents forked processes
from holding onto a TCP connection.
* various test fixes for OpenSSL 1.0.0
* documentation updates and fixes (thanks to Iñaki Baz Castillo)
* Errno::ETIMEDOUT exceptions are now raised without a backtrace
* kgio_trysendfile() now uses pread() instead of mmap() when
emulating sendfile(), this avoids the possibility of SIGBUS
if an mmap()-ed file is truncated.
commit 6f0234beb49182cbde3b4b54079fd71c7ab3e675
Author: Eric Wong
Date: Sat Apr 28 01:23:34 2012 +0000
test_tdb_session_cache: fix Ruby 1.8.7 syntax errors
Yes, we still support Ruby 1.8.7 for now...
commit a2bbb88359f94cb810c870ef2309bc26d980bec0
Author: Eric Wong
Date: Fri Apr 27 18:21:05 2012 -0700
replace mmap with pread in mock sendfile implementation
mmap() opens us up to SIGBUS errors if a file we're attempting
to read gets truncated by another process after mmap().
commit 43347e61f3096206fc1ad813f69d0cae60f7a249
Author: Eric Wong
Date: Thu Apr 26 17:34:38 2012 -0700
test/external_session_cache: force SSLv3 for tests
TLS 1.2 seems to enforce caching, or I'm doing something
wrong...
commit a406d0e1d4dcc4740ecf944cd09a95a6b06a9a30
Author: Eric Wong
Date: Fri Apr 27 00:14:02 2012 +0000
call shutdown() on close for descriptors shared across fork()
This prevents forked processes from holding onto a socket for
too long if another process already completed the SSL_shutdown()
sequence.
commit 62b1d31b3ebe2175659109a90f06806c51d31f1c
Author: Eric Wong
Date: Thu Apr 12 17:25:49 2012 -0700
test/test_client_auth: allow TLSv1.2 as a protocol
This was added in OpenSSL 1.0.1
commit 4959cc9d5f29dd4e1c0618855a50d414a7836d07
Author: Eric Wong
Date: Thu Apr 12 17:25:19 2012 -0700
script/sslgen: use larger keys for tests
This seems required for TLSv1.2 under OpenSSL 1.0.1
commit 6c17cafdfeb3c154d46847db8efa34f0a2f486cf
Author: Iñaki Baz Castillo
Date: Tue Apr 10 23:45:25 2012 +0200
Fixed some typos in Kgio::SSLConnector documentation
Signed-off-by: Eric Wong
commit 02a3f6556cdce372b91f7a42bbf610b19ed591ec
Author: Eric Wong
Date: Fri Dec 9 13:39:22 2011 -0800
flipper: enable SO_KEEPALIVE on all TCP sockets
Otherwise we may never be notified of catastrophic
failures on the remote end.
commit a465915ae91284fce31cb819c4e81a2ab8d9b8dd
Author: Eric Wong
Date: Mon Oct 3 20:05:36 2011 +0000
raise empty backtrace for Errno::ETIMEDOUT
Timed-out connections are of the control of the application
experiencing it, so there's no reason for it to generate a
backtrace for these errors.
commit f8e809c2310f97caae1558daddef7bfcc399ac53
Author: Eric Wong
Date: Thu Aug 25 14:22:48 2011 -0700
doc: fixup OP_NO_COMPRESSION documentation
Oops, forgot to update before the last release
|
