diff options
author | Eric Wong <e@80x24.org> | 2014-12-21 02:01:51 +0000 |
---|---|---|
committer | Eric Wong <e@80x24.org> | 2014-12-21 02:21:39 +0000 |
commit | 8277cde2c2661bc52ae13092b11d7776b22e64d5 (patch) | |
tree | dbb1ade44ddcc2a287e52d988c36f64973c9b298 /test | |
parent | dfb1252e8170af88e0730fc994f3e65120c8eb95 (diff) | |
download | yahns-8277cde2c2661bc52ae13092b11d7776b22e64d5.tar.gz |
This release adds basic OpenSSL support for HTTPS connections. Users must supply a OpenSSL::SSL::SSLContext object which yahns will use as-is. yahns will only support HTTPS on Ruby 2.1 and later, as we rely on "exception: false" in the read_nonblock and write_nonblock methods in OpenSSL::SSL::SSLSocket. See the Ruby standard library documentation on how to configure OpenSSL::SSL::SSLContext objects to pass to the yahns "listen" directive Editing the yahns config file to use OpenSSL goes something like this: require 'openssl' # we will not do this for the user, even ctx = OpenSSL::SSL::SSLContext.new # user must configure ctx here... listen 443, ssl_ctx: ctx Note: yahns developers are not responsible for bugs in OpenSSL itself or misconfigured SSLContext objects created by users. However, our support of OpenSSL sockets is barely-tested and likely buggy, too. Furthermore, the "sendfile" (or "kgio-sendfile") gem is no longer a required dependency. It is currently impossible to use zero-copy system calls with TLS sockets. There are also minor cleanups and a bugfix to ensure body#close is called for folks using body#to_path where `body' is the Rack response body. This bug affected logging using the 'clogger' gem when serving static files. Shortlog of changes since 1.4.0 save around 1500 bytes of memory on x86-64 http_response: remove arg for Array#join remove unused client_max_header_size config config: use literal symbol array for now http_response: reduce constants for 100 responses favor Array#map! for freshly-split arrays sendfile_compat: remove dependency on pread extras/autoindex: simplify checking non-.gz Rakefile: kill more useless gsub use initial cut at OpenSSL support test/test_ssl: skip test if SSL on older Rubies wbuf_common: close body proxies on sendfile abort bump published Ruby version requirement to 2.0 make sendfile an optional dependency openssl_client: ignore SSL_accept errors during negotiation Disclaimer: the yahns project does not and will never endorse any commercial entities, including certificate authorities. Shpx Nhgubevgl.
Diffstat (limited to 'test')
0 files changed, 0 insertions, 0 deletions