From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-2.8 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00, RP_MATCHES_RCVD,URIBL_BLOCKED shortcircuit=no autolearn=unavailable version=3.3.2 X-Original-To: yahns-public@yhbt.net Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 7581E20579; Tue, 1 Mar 2016 01:58:31 +0000 (UTC) Date: Tue, 1 Mar 2016 01:58:31 +0000 From: Eric Wong To: ruby-talk@ruby-lang.org, yahns-public@yhbt.net Subject: [ANN] yahns 1.12.2 -_- sleepy app server for Ruby Message-ID: <20160229-yahns-1.12.2-unle@shed> References: <20160214-yahns-1.12.0-released@yhbt.net> <20160222-yahns-1.12.1-released@yhbt.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160222-yahns-1.12.1-released@yhbt.net> List-Id: A Free Software, multi-threaded, non-blocking network application server designed for low _idle_ power consumption. It is primarily optimized for applications with occasional users which see little or no traffic. yahns currently hosts Rack/HTTP applications, but may eventually support other application types. Unlike some existing servers, yahns is extremely sensitive to fatal bugs in the applications it hosts. Changes: yahns 1.12.2 - minor doc and TLS fixes This release ensures OpenSSL::SSL::SSLContext#session_id_context is always set for OpenSSL users. It won't overwrite existing settings, but setting it to a random value is necessary to ensure clients do not get aborted connections when attempting to use a session cache. No need to actually upgrade if you're on 1.12.1, you may add the following to your yahns_config(5) file where OpenSSL::SSL::SSLContext is configured: # recommended, not required. This sets safer defaults # provided by Ruby on top of what OpenSSL gives: ssl_ctx.set_params # required, and done by default in v1.12.2: ssl_ctx.session_id_context ||= OpenSSL::Random.random_bytes(32) yahns gives you full control of of how OpenSSL::SSL::SSLContext is configured. To avoid bugs, yahns only ensures OpenSSL::SSL::SSLContext#session_id_context is set (if not previously set by the user) and calls OpenSSL::SSL::SSLContext#setup before spawning threads to avoid race conditions. yahns itself does not and will not enforce any opinion on the compatibility/performance/security trade-offs regarding TLS configuration. Note: keep in mind using an SSL session cache may be less useful with yahns because HTTP/1.1 persistent connections may live forever :) 3 bug/doc fixes on top of v1.12.1: document OpenSSL::SSL::SSLContext#set_params use ssl: ensure is session_id_context is always set test/*: fix mktmpdir usage for 1.9.3 Please note the disclaimer: yahns is extremely sensitive to fatal bugs in the apps it hosts. There is no (and never will be) any built-in "watchdog"-type feature to kill stuck processes/threads. Each yahns process may be handling thousands of clients; unexpectedly killing the process will abort _all_ of those connections. Lives may be lost! yahns hackers are not responsible for your application/library bugs. Use an application server which is tolerant of buggy applications if you cannot be bothered to fix all your fatal bugs. * git clone git://yhbt.net/yahns * http://yahns.yhbt.net/README * http://yahns.yhbt.net/NEWS.atom.xml * we only accept plain-text email yahns-public@yhbt.net * and archive all the mail we receive: http://yhbt.net/yahns-public/ * nntp://news.public-inbox.org/inbox.comp.lang.ruby.yahns