Permalink
Browse files

Merge branch 'stable-5.1'

# Resolved conflicts:
#	src/helper-scripts/node-loader.js
  • Loading branch information...
2 parents 1579332 + d58a2a8 commit 7c01b8a8d5b764a1e483178d4a98d619ca3247e5 @OnixGH OnixGH committed Jan 26, 2017
Showing with 488 additions and 141 deletions.
  1. +6 −1 .travis.yml
  2. +33 −0 CHANGELOG
  3. +4 −8 CONTRIBUTING.md
  4. +1 −0 CONTRIBUTORS
  5. +1 −1 INSTALL.md
  6. +2 −2 README.md
  7. +1 −0 build/misc.rb
  8. +3 −3 build/packaging.rb
  9. +81 −20 dev/ci/run_travis.sh
  10. +4 −1 src/agent/Core/CoreMain.cpp
  11. +135 −6 src/agent/Core/SecurityUpdateChecker.h
  12. +2 −2 src/agent/Core/SpawningKit/SmartSpawner.h
  13. +1 −1 src/agent/Core/SpawningKit/Spawner.h
  14. +2 −2 src/cxx_supportlib/Constants.h
  15. +14 −22 src/cxx_supportlib/Crypto.cpp
  16. +1 −1 src/cxx_supportlib/Crypto.h
  17. +2 −3 src/cxx_supportlib/UnionStationFilterSupport.h
  18. +1 −1 src/cxx_supportlib/Utils/BufferedIO.h
  19. +46 −1 src/cxx_supportlib/Utils/Curl.h
  20. +1 −1 src/cxx_supportlib/Utils/DateParsing.h
  21. +51 −34 src/helper-scripts/node-loader.js
  22. +1 −1 src/ruby_supportlib/phusion_passenger.rb
  23. +1 −1 src/ruby_supportlib/phusion_passenger/admin_tools/memory_stats.rb
  24. +27 −7 src/ruby_supportlib/phusion_passenger/config/install_standalone_runtime_command.rb
  25. +15 −3 src/ruby_supportlib/phusion_passenger/config/nginx_engine_compiler.rb
  26. +1 −1 src/ruby_supportlib/phusion_passenger/constants.rb
  27. +1 −1 src/ruby_supportlib/phusion_passenger/platform_info/apache_detector.rb
  28. +4 −1 src/ruby_supportlib/phusion_passenger/platform_info/depcheck_specs/libs.rb
  29. +16 −10 src/ruby_supportlib/phusion_passenger/standalone/start_command.rb
  30. +2 −2 src/ruby_supportlib/phusion_passenger/utils/unseekable_socket.rb
  31. +13 −0 test/config.json.travis-osx
  32. +3 −3 test/cxx/Core/SecurityUpdateCheckerTest.cpp
  33. +4 −0 test/cxx/Core/SpawningKit/SmartSpawnerTest.cpp
  34. +5 −0 test/cxx/FilterSupportTest.cpp
  35. +1 −1 test/cxx/IOUtilsTest.cpp
  36. +2 −0 test/stub/apache2/httpd.conf.erb
View
@@ -9,7 +9,7 @@ env:
- TEST_SOURCE_PACKAGING=1
before_install:
- - 'gem uninstall bundler bundle rubygems-update --all -x && gem update --system 2.6.1 && gem install bundler && gem uninstall rubygems-update --all -x && gem update --system 2.6.4'
+ - 'gem update --system 2.6.4 && gem install bundler'
- 'gem --version'
- 'bundle --version'
- 'rvm list'
@@ -23,3 +23,8 @@ cache:
notifications:
slack: phusionnl:PH5p7JYXyv2XLDpICHh8Nj6F
+
+os:
+ - osx
+ - linux
+
View
@@ -1,6 +1,37 @@
Next version (not yet released)
-------------------------------
+
+
+
+Release 5.1.2
+-------------
+
+ * Improve curl check for passenger-install- scripts to catch (very old) curl versions that won't compile against 5.1+.
+ * Fixes remaining false positives (logging) from the new Meteor cluster warning system. Closes GH-1905.
+ * Create a private keychain on macOS when the system keychain is defaulted to, this avoids a permissions issue with the system keychain when performing the Security Update Check. This is necessary because the system keychain is the default keychain of daemon users and root on macOS.
+ * Improve `passenger-memory-stats` to include JRuby processes that fail to rename as expected. Closes GH-1878.
+ * [Standalone] Don't download or compile Nginx when using the builtin engine. Closes GH-1910.
+ * [Standalone] Fixes `--nginx-tarball` option of `passenger start` and `passenger-config install-standalone-runtime` (wasn't working). Also verifies that `--nginx-version` is explicitly specified as it should be.
+
+
+Release 5.1.1
+-------------
+
+ * The precompiled version of the PassengerAgent binary (used for e.g. gem installs) now configures (statically linked) libcurl with system keystore, so that the new security update check can successfully validate certs.
+ * Fixes some false positives (logging) from the new Node and Meteor cluster warning system. Logging is less repetitive and has extra debug info. Closes GH-1905.
+ * Updates the upload-progress module in the Nginx Debian package. The module version that we linked against in 5.1.0 was 0.9.2, but due to a bug in that version the module didn't work.
+ * The security update check now reports whether libcurl + SSL backend are statically linked to Passenger, in which case the check also needs to warn about relevant OpenSSL vulnerabilities in the linked library.
+ * Increases the allowed line lengths emitted by apps at startup.
+ * Adds support for the unary 'not' operator in the Union Station filter language.
+ * [Enterprise] Add missing flying-passenger integration mode to security update check.
+ * Fixes support for Rails 5.0.1 Action Cable. Specifically, we now support the `options` argument in the `write_nonblock` method in hijacked Rack IO sockets.
+ * [Apache] Introduces a small delay to prevent running the Security Update Checker twice at startup.
+
+
+Release 5.1.0
+--------------
+
* Upgrades union_station_hooks_core to version 2.1.2.
* [Enterprise] When running a Rails app in multithreaded mode, Passenger Enterprise automatically tags Rails logs with the current thread number. This makes it possible to distinguish logs generated by different threads.
* Fixes permissions issue on Linux when setting OOM score after lowering privileges. Closes GH-1858.
@@ -25,6 +56,7 @@ Next version (not yet released)
* [Nginx] The preferred Nginx version is now 1.10.2 (previously 1.10.1).
* RPM pkg builder fix for breaking SELinux change in RHEL 7.3.
* RPM pkg builder fix for RHEL6/CentOS6 incompatibility and replacement in Passenger.
+ * Adds Ubuntu 16.10 "Yakkety" packages.
Release 5.0.30
@@ -47,6 +79,7 @@ Release 5.0.29
* [Nginx] The preferred Nginx version is now 1.10.1 (previously 1.10.0).
* [Nginx] The preferred PCRE version is now 8.39 (previously 8.34).
* [Standalone] Passenger Standalone now supports /dev/stdout and /dev/stderr as log file path (via `--log-file` or Passengerfile.json). This is especially useful in Docker containers. In previous versions logging to those paths did not work, resulting in nothing getting logged at all.
+ * Adds Ubuntu 16.04 "Xenial" packages, deprecates Ubuntu 15.10 “Wily” packages (in accordance with LTS support policy).
Release 5.0.28
View
@@ -17,7 +17,7 @@
* [Ruby coding style](#ruby_coding_style)
* [Systems programming fundamentals](#systems_programming_fundamentals)
* [Further reading](#further_reading)
- * [Git structure](#git_structure)
+ * [Pull requests](#pull_requests)
Thank you for your interest in Phusion Passenger. Phusion Passenger is open source so your contributions are very welcome. Although we also provide a [commercial version](https://www.phusionpassenger.com/enterprise) and [commercial support](https://www.phusionpassenger.com/commercial_support), the core remains open source and we remain committed to keep it that way. This guide gives you an overview of the ways with which you can contribute, as well as contribution guidelines.
@@ -350,11 +350,7 @@ A good and comprehensive, but rather large source for learning POSIX is the [POS
* [Coding Tips and Pitfalls](https://github.com/phusion/passenger/blob/master/doc/CodingTipsAndPitfalls.md)
-<a name="git_structure"></a>
-### Git structure
+<a name="pull_requests"></a>
+### Pull requests
-The **master** branch is the main development branch, containing the latest and greatest code that was tested and accepted for inclusion into passenger (usually merged in from loose development branches that are deleted afterwards). This branch may not be stable enough yet for production.
-
-Branches like **stable-4.0**, **stable-5.0** are production quality branches (split off from master) for major versions. Each production branch has tags for minor versions, whereby **tag x.0.1** represents the first production-ready version on a branch (there may be some release candidates before that). For example: branch stable-5.0, tagged 5.0.1 is the first release of the 5.0 line that is ready for production.
-
-In general we apply fixes to the respective stable branch and merge these into the master, so it is easiest if you submit pull requests to the stable branches (unless of course you are working with the unstable master). Conversely, new features always go to the master and are then cherrypicked from one or more branches.
+Pull requests should normally be submitted against the latest **stable** branch (e.g. **stable-5.1**), because once tested & accepted, we want users to benefit from the work as soon as possible. The stable branch is constantly tested, contains both bugfix and feature commits, and we periodically tag it to produce a new release.
View
@@ -26,6 +26,7 @@ David Keller
David Sissitka
Dirk Mueller
Dmitry Galinsky
+dr.dimitru
Dylan Vaughn
Eric Covener
Erik Ogan
View
@@ -4,4 +4,4 @@ Please read README.md for installation instructions.
If you're having trouble installing Phusion Passenger, please refer to [the documentation](https://www.phusionpassenger.com/).
-Documentation and support resources are also available on [the website](https://www.phusionpassenger.com/documentation_and_support).
+Documentation and support resources are also available on [the website](https://www.phusionpassenger.com/support).
View
@@ -6,13 +6,13 @@ What makes it so fast and reliable is its **C++** core, its **zero-copy** archit
<a href="http://vimeo.com/phusionnl/review/80475623/c16e940d1f"><img src="http://blog.phusion.nl/wp-content/uploads/2014/01/gameofthrones.jpg" height="300"></a><br><em>Phusion Passenger used in Game of Thrones Ascent</em>
-**Learn more:** [Website](https://www.phusionpassenger.com/) | [Documentation](https://www.phusionpassenger.com/documentation_and_support) | [Support resources](https://www.phusionpassenger.com/documentation_and_support) | [Github](https://github.com/phusion/passenger) | [Twitter](https://twitter.com/phusion_nl) | [Blog](http://blog.phusion.nl/)
+**Learn more:** [Website](https://www.phusionpassenger.com/) | [Documentation & Support](https://www.phusionpassenger.com/support) | [Github](https://github.com/phusion/passenger) | [Twitter](https://twitter.com/phusion_nl) | [Blog](http://blog.phusion.nl/)
<a href="https://www.phusionpassenger.com"><center><img src="http://blog.phusion.nl/wp-content/uploads/2012/07/Passenger_chair_256x256.jpg" width="160" height="160" alt="Phusion Passenger"></center></a>
## Installation
-Please follow [the installation instructions on the website](https://www.phusionpassenger.com/download).
+Please follow [the installation instructions on the website](https://www.phusionpassenger.com/get_it_now).
### Installing the source directly from git
View
@@ -137,6 +137,7 @@ def format_paragraph(text)
entries.push "Sean Wilkinson"
entries.push "Yichun Zhang"
entries.delete "OnixGH"
+ entries.delete "onix"
entries.push "Ruslan Ermilov (NGINX Inc)"
File.open("CONTRIBUTORS", "w") do |f|
f.puts(entries.sort{ |a, b| a.downcase <=> b.downcase }.join("\n"))
View
@@ -404,7 +404,7 @@ def homebrew_dir
request = Net::HTTP::Post.new(uri.request_uri)
request.set_form_data("token" => jenkins_token)
response = http.request(request)
- if response.code != 200 && response.body != "Scheduled.\n"
+ if response.code != '201'
abort "*** ERROR: Cannot initiate building of binaries:\n" +
"Status: #{response.code}\n\n" +
response.body
@@ -451,7 +451,7 @@ def homebrew_dir
request = Net::HTTP::Post.new(uri.request_uri)
request.set_form_data("token" => jenkins_token)
response = http.request(request)
- if response.code != 200 && response.body != "Scheduled.\n"
+ if response.code != '201'
abort "*** ERROR: Cannot initiate building of Debian packages:\n" +
"Status: #{response.code}\n\n" +
response.body
@@ -498,7 +498,7 @@ def homebrew_dir
request = Net::HTTP::Post.new(uri.request_uri)
request.set_form_data("token" => jenkins_token)
response = http.request(request)
- if response.code != 200 && response.body != "Scheduled.\n"
+ if response.code != '201'
abort "*** ERROR: Cannot initiate building of RPM packages:\n" +
"Status: #{response.code}\n\n" +
response.body
View
@@ -89,6 +89,13 @@ function apt_get_update() {
fi
}
+function brew_update() {
+ if [[ "$brew_updated" = "" ]]; then
+ brew_updated=1
+ run brew update
+ fi
+}
+
function rake_test_install_deps()
{
# We do not use Bundler here because the goal might be to
@@ -108,6 +115,9 @@ function rake_test_install_deps()
bundle_path=`dirname "$bundle_path"`
echo "Adding bundle path $bundle_path to GEM_PATH"
export GEM_PATH="$bundle_path:$GEM_PATH"
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ run brew install ccache
+ fi
}
function install_test_deps_with_doctools()
@@ -122,6 +132,9 @@ function install_base_test_deps()
{
if [[ "$install_base_test_deps" = "" ]]; then
install_base_test_deps=1
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ run brew install ccache
+ fi
retry_run 3 rake_test_install_deps BASE_DEPS=yes
fi
}
@@ -131,24 +144,47 @@ function install_node_and_modules()
if [[ "$install_node_and_modules" = "" ]]; then
install_node_and_modules=1
if [[ -e /host_cache ]]; then
- if [[ ! -e /host_cache/node-v0.10.20-linux-x64.tar.gz ]]; then
- run curl --fail -L -o /host_cache/node-v0.10.20-linux-x64.tar.gz \
- https://nodejs.org/dist/v0.10.20/node-v0.10.20-linux-x64.tar.gz
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ if [[ ! -e /host_cache/node-v4.7.2-darwin-x64.tar.gz ]]; then
+ run curl --fail -L -o /host_cache/node-v4.7.2-darwin-x64.tar.gz \
+ https://nodejs.org/dist/v4.7.2/node-v4.7.2-darwin-x64.tar.gz
+ fi
+ run tar xzf /host_cache/node-v4.7.2-darwin-x64.tar.gz
+ else
+ if [[ ! -e /host_cache/node-v4.7.2-linux-x64.tar.gz ]]; then
+ run curl --fail -L -o /host_cache/node-v4.7.2-linux-x64.tar.gz \
+ https://nodejs.org/dist/v4.7.2/node-v4.7.2-linux-x64.tar.gz
+ fi
+ run tar xzf /host_cache/node-v4.7.2-linux-x64.tar.gz
fi
- run tar xzf /host_cache/node-v0.10.20-linux-x64.tar.gz
else
- run curl --fail -L -O https://nodejs.org/dist/v0.10.20/node-v0.10.20-linux-x64.tar.gz
- run tar xzf node-v0.10.20-linux-x64.tar.gz
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ run curl --fail -L -O https://nodejs.org/dist/v4.7.2/node-v4.7.2-darwin-x64.tar.gz
+ run tar xzf node-v4.7.2-darwin-x64.tar.gz
+ else
+ run curl --fail -L -O https://nodejs.org/dist/v4.7.2/node-v4.7.2-linux-x64.tar.gz
+ run tar xzf node-v4.7.2-linux-x64.tar.gz
+ fi
+ fi
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ export PATH=`pwd`/node-v4.7.2-darwin-x64/bin:$PATH
+ else
+ export PATH=`pwd`/node-v4.7.2-linux-x64/bin:$PATH
fi
- export PATH=`pwd`/node-v0.10.20-linux-x64/bin:$PATH
retry_run 3 rake_test_install_deps NODE_MODULES=yes
fi
}
run uname -a
-run lsb_release -a
-run sudo tee /etc/dpkg/dpkg.cfg.d/02apt-speedup >/dev/null <<<"force-unsafe-io"
-run cp test/config.json.travis test/config.json
+if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ run sysctl -a
+ echo '$ sed -e "s/_USER_/'$USER'/" test/config.json.travis-osx > test/config.json'
+ sed -e "s/_USER_/$USER/" test/config.json.travis-osx > test/config.json
+else
+ run lsb_release -a
+ run sudo tee /etc/dpkg/dpkg.cfg.d/02apt-speedup >/dev/null <<<"force-unsafe-io"
+ run cp test/config.json.travis test/config.json
+fi
# Relax permissions on home directory so that the application root
# permission checks pass.
@@ -178,7 +214,6 @@ fi
ORIG_GEM_PATH="$GEM_PATH"
-
if [[ "$INSTALL_ALL_DEPS" = 1 ]]; then
run rake_test_install_deps DEVDEPS_DEFAULT=yes
INSTALL_DEPS=0
@@ -200,13 +235,14 @@ if [[ "$TEST_USH" = 1 ]]; then
export PASSENGER_CONFIG="$PWD/bin/passenger-config"
run "$PASSENGER_CONFIG" install-standalone-runtime --auto
- pushd src/ruby_supportlib/phusion_passenger/vendor/union_station_hooks_core
+ # RVM is bad and should feel bad
+ builtin pushd src/ruby_supportlib/phusion_passenger/vendor/union_station_hooks_core
bundle exec rake spec:travis TRAVIS_WITH_SUDO=1
- popd
+ builtin popd
- pushd src/ruby_supportlib/phusion_passenger/vendor/union_station_hooks_rails
+ builtin pushd src/ruby_supportlib/phusion_passenger/vendor/union_station_hooks_rails
bundle exec rake spec:travis GEM_BUNDLE_PATH="$DEPS_TARGET"
- popd
+ builtin popd
fi
if [[ "$TEST_NODE" = 1 ]]; then
@@ -229,13 +265,30 @@ if [[ "$TEST_NGINX" = 1 ]]; then
fi
if [[ "$TEST_APACHE2" = 1 ]]; then
- apt_get_update
- run sudo apt-get install -y --no-install-recommends \
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ brew_update
+ run brew install pcre openssl
+ if [[ "`sw_vers -productVersion | sed 's/^10\.\(.*\)/\1>=12.0/' | bc -l`" == "1" ]] ; then
+ run brew install apr apr-util
+ run brew link apr apr-util --force
+ export APR_CONFIG=`brew --prefix`/opt/apr/bin/apr-1-config
+ export APU_CONFIG=`brew --prefix`/opt/apr-util/bin/apu-1-config
+ fi
+ else
+ apt_get_update
+ run sudo apt-get install -y --no-install-recommends \
apache2-mpm-worker apache2-threaded-dev
+ fi
install_base_test_deps
install_node_and_modules
run ./bin/passenger-install-apache2-module --auto #--no-update-config
- run rvmsudo ./bin/passenger-install-apache2-module --auto --no-compile
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ # rvmsudo only preserves env vars matching /^(rvm|gemset|http_|PATH|IRBRC)|RUBY|GEM/
+ # https://github.com/rvm/rvm/blob/aae6505001e2d6b5e4dc9a355c18ffcbd073bab2/bin/rvmsudo#L83
+ run sudo -E ./bin/passenger-install-apache2-module --auto --no-compile
+ else
+ run rvmsudo ./bin/passenger-install-apache2-module --auto --no-compile
+ fi
run bundle exec drake -j$COMPILE_CONCURRENCY test:integration:apache2
fi
@@ -245,8 +298,16 @@ if [[ "$TEST_STANDALONE" = 1 ]]; then
fi
if [[ "$TEST_SOURCE_PACKAGING" = 1 ]]; then
- apt_get_update
- run sudo apt-get install -y --no-install-recommends source-highlight
+ if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ brew_update
+ run brew install source-highlight
+ else
+ apt_get_update
+ run sudo apt-get install -y --no-install-recommends source-highlight
+ fi
install_test_deps_with_doctools
run bundle _1.11.2_ exec rspec -f s -c test/integration_tests/source_packaging_test.rb
fi
+if [[ "$TRAVIS_OS_NAME" == 'osx' ]]; then
+ trap - EXIT
+fi
@@ -787,9 +787,12 @@ initializeSecurityUpdateChecker() {
if (!standaloneEngine.empty()) {
serverIntegration.append(" " + standaloneEngine);
}
+ if (options.get("server_software").find(FLYING_PASSENGER_NAME) != string::npos) {
+ serverIntegration.append(" flying");
+ }
string serverVersion = options.get("server_version", false); // not set in case of standalone / builtin
- workingObjects->securityUpdateChecker = new SecurityUpdateChecker(workingObjects->resourceLocator, proxy, serverIntegration, serverVersion);
+ workingObjects->securityUpdateChecker = new SecurityUpdateChecker(workingObjects->resourceLocator, proxy, serverIntegration, serverVersion, options.get("instance_dir",false));
workingObjects->securityUpdateChecker->start(24 * 60 * 60);
}
}
Oops, something went wrong.

0 comments on commit 7c01b8a

Please sign in to comment.