Hello community, here is the log from the commit of package perl-AnyEvent for openSUSE:Factory checked in at 2014-02-11 10:42:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-AnyEvent (Old) and /work/SRC/openSUSE:Factory/.perl-AnyEvent.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-AnyEvent" Changes: -------- --- /work/SRC/openSUSE:Factory/perl-AnyEvent/perl-AnyEvent.changes 2013-10-06 14:52:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.perl-AnyEvent.new/perl-AnyEvent.changes 2014-02-11 10:42:18.000000000 +0100 @@ -1,0 +2,25 @@ +Sun Feb 9 13:32:23 UTC 2014 - [email protected] + +- updated to 7.07 + - the documentation for custom tls verify schemes was wrong. make it agree + with the code (reported by Maxime Soulé). + - added cbor read and write types to AnyEvent::Handle (using CBOR::XS). + - work around an API change in openssl that could cause wrong tls connection + aborts, likely on windows only (analyzed by sten). + - calling AnyEvent->now_update with AnyEvent::Impl::Perl caused an + endless loop (reported by Dietrich Rebmann). + - add tlsv1_1 and tlsv1_2 protocols to AnyEvent::TLS + (patch by Maxime Soulé). + - document AnyEvent::Impl::IOAsync::set_loop and + $AnyEvent::Impl::IOAsync::LOOP. Though only documented now, this + functionality has _always_ been available. + - force a toplevel domain name in t/81_hosts.t (analyzed by + David Jack Wange Olrik). + - document that AnyEvent::Log uses AnyEvent::IO. + - warn about AnyEvent::Filesys::Notify performance. + - praise the joys of AnyEvent::Fork::*. + - time for an =encoding directive. + - do no longer use JSON to create a default json coder, use + JSON::XS or JSON::PP directly. + +------------------------------------------------------------------- Old: ---- AnyEvent-7.05.tar.gz New: ---- AnyEvent-7.07.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-AnyEvent.spec ++++++ --- /var/tmp/diff_new_pack.Yr3wQP/_old 2014-02-11 10:42:18.000000000 +0100 +++ /var/tmp/diff_new_pack.Yr3wQP/_new 2014-02-11 10:42:18.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package perl-AnyEvent # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: perl-AnyEvent -Version: 7.05 +Version: 7.07 Release: 0 %define cpan_name AnyEvent Summary: the DBI of event loop programming ++++++ AnyEvent-7.05.tar.gz -> AnyEvent-7.07.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/Changes new/AnyEvent-7.07/Changes --- old/AnyEvent-7.05/Changes 2013-08-21 10:38:11.000000000 +0200 +++ new/AnyEvent-7.07/Changes 2013-12-17 17:45:05.000000000 +0100 @@ -9,6 +9,28 @@ TODO: invalid. and localhost. specialcasing inside AEDNS and not AESocket (rfc6761) TODO: maybe implement env variable to give hosts precedence +7.07 Tue Dec 17 17:45:02 CET 2013 + - the documentation for custom tls verify schemes was wrong. make it agree + with the code (reported by Maxime Soulé). + - added cbor read and write types to AnyEvent::Handle (using CBOR::XS). + - work around an API change in openssl that could cause wrong tls connection + aborts, likely on windows only (analyzed by sten). + - calling AnyEvent->now_update with AnyEvent::Impl::Perl caused an + endless loop (reported by Dietrich Rebmann). + - add tlsv1_1 and tlsv1_2 protocols to AnyEvent::TLS + (patch by Maxime Soulé). + - document AnyEvent::Impl::IOAsync::set_loop and + $AnyEvent::Impl::IOAsync::LOOP. Though only documented now, this + functionality has _always_ been available. + - force a toplevel domain name in t/81_hosts.t (analyzed by + David Jack Wange Olrik). + - document that AnyEvent::Log uses AnyEvent::IO. + - warn about AnyEvent::Filesys::Notify performance. + - praise the joys of AnyEvent::Fork::*. + - time for an =encoding directive. + - do no longer use JSON to create a default json coder, use + JSON::XS or JSON::PP directly. + 7.05 Wed Aug 21 10:38:08 CEST 2013 - uts46data.pl couldn't be found due to wrong naming of the file (reported by Fulko Hew). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/META.json new/AnyEvent-7.07/META.json --- old/AnyEvent-7.05/META.json 2013-08-21 10:40:16.000000000 +0200 +++ new/AnyEvent-7.07/META.json 2013-12-17 19:36:12.000000000 +0100 @@ -4,7 +4,7 @@ "unknown" ], "dynamic_config" : 1, - "generated_by" : "ExtUtils::MakeMaker version 6.72, CPAN::Meta::Converter version 2.120630", + "generated_by" : "ExtUtils::MakeMaker version 6.8, CPAN::Meta::Converter version 2.120921", "license" : [ "unknown" ], @@ -44,5 +44,5 @@ } }, "release_status" : "stable", - "version" : "7.05" + "version" : "7.07" } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/META.yml new/AnyEvent-7.07/META.yml --- old/AnyEvent-7.05/META.yml 2013-08-21 10:40:16.000000000 +0200 +++ new/AnyEvent-7.07/META.yml 2013-12-17 19:36:12.000000000 +0100 @@ -7,7 +7,7 @@ configure_requires: ExtUtils::MakeMaker: 0 dynamic_config: 1 -generated_by: 'ExtUtils::MakeMaker version 6.72, CPAN::Meta::Converter version 2.120630' +generated_by: 'ExtUtils::MakeMaker version 6.8, CPAN::Meta::Converter version 2.120921' license: unknown meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html @@ -26,4 +26,4 @@ Net::SSLeay: 1.33 Task::Weaken: 0 requires: {} -version: 7.05 +version: 7.07 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/README new/AnyEvent-7.07/README --- old/AnyEvent-7.05/README 2013-08-21 10:40:16.000000000 +0200 +++ new/AnyEvent-7.07/README 2013-12-17 19:36:12.000000000 +0100 @@ -471,6 +471,10 @@ my $done = AnyEvent->condvar; + # this forks and immediately calls exit in the child. this + # normally has all sorts of bad consequences for your parent, + # so take this as an example only. always fork and exec, + # or call POSIX::_exit, in real code. my $pid = fork or exit 5; my $w = AnyEvent->child ( @@ -720,7 +724,7 @@ "end" before sending. The ping example mentioned above is slightly more complicated, as - the there are results to be passwd back, and the number of tasks + the there are results to be passed back, and the number of tasks that are begun can potentially be zero: my $cv = AnyEvent->condvar; @@ -1123,6 +1127,18 @@ fuses IO::AIO and AnyEvent together, giving AnyEvent access to event-based file I/O, and much more. + AnyEvent::Fork, AnyEvent::Fork::RPC, AnyEvent::Fork::Pool, + AnyEvent::Fork::Remote + These let you safely fork new subprocesses, either locally or + remotely (e.g.v ia ssh), using some RPC protocol or not, without the + limitations normally imposed by fork (AnyEvent works fine for + example). Dynamically-resized worker pools are obviously included as + well. + + And they are quite tiny and fast as well - "abusing" AnyEvent::Fork + just to exec external programs can easily beat using "fork" and + "exec" (or even "system") in most programs. + AnyEvent::Filesys::Notify AnyEvent is good for non-blocking stuff, but it can't detect file or path changes (e.g. "watch this directory for new files", "watch this @@ -1133,16 +1149,13 @@ transparently on other platforms, so it's about as portable as it gets. - (I haven't used it myself, but I haven't heard anybody complaining - about it yet). + (I haven't used it myself, but it seems the biggest problem with it + is it quite bad performance). AnyEvent::DBI Executes DBI requests asynchronously in a proxy process for you, notifying you in an event-based way when the operation is finished. - AnyEvent::HTTPD - A simple embedded webserver. - AnyEvent::FastPing The fastest ping in the west. @@ -2037,17 +2050,34 @@ If you have to fork, you must either do so *before* creating your first watcher OR you must not use AnyEvent at all in the child OR you must do - something completely out of the scope of AnyEvent. + something completely out of the scope of AnyEvent (see below). The problem of doing event processing in the parent *and* the child is much more complicated: even for backends that *are* fork-aware or fork-safe, their behaviour is not usually what you want: fork clones all watchers, that means all timers, I/O watchers etc. are active in both - parent and child, which is almost never what you want. USing "exec" to - start worker children from some kind of manage rprocess is usually + parent and child, which is almost never what you want. Using "exec" to + start worker children from some kind of manage prrocess is usually preferred, because it is much easier and cleaner, at the expense of having to have another binary. + In addition to logical problems with fork, there are also implementation + problems. For example, on POSIX systems, you cannot fork at all in Perl + code if a thread (I am talking of pthreads here) was ever created in the + process, and this is just the tip of the iceberg. In general, using fork + from Perl is difficult, and attempting to use fork without an exec to + implement some kind of parallel processing is almost certainly doomed. + + To safely fork and exec, you should use a module such as Proc::FastSpawn + that let's you safely fork and exec new processes. + + If you want to do multiprocessing using processes, you can look at the + AnyEvent::Fork module (and some related modules such as + AnyEvent::Fork::RPC, AnyEvent::Fork::Pool and AnyEvent::Fork::Remote). + This module allows you to safely create subprocesses without any + limitations - you can use X11 toolkits or AnyEvent in the children + created by AnyEvent::Fork safely and without any special precautions. + SECURITY CONSIDERATIONS AnyEvent can be forced to load any event model via $ENV{PERL_ANYEVENT_MODEL}. While this cannot (to my knowledge) be used diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/DNS.pm new/AnyEvent-7.07/lib/AnyEvent/DNS.pm --- old/AnyEvent-7.05/lib/AnyEvent/DNS.pm 2012-11-15 02:23:35.000000000 +0100 +++ new/AnyEvent-7.07/lib/AnyEvent/DNS.pm 2013-11-28 11:48:52.000000000 +0100 @@ -1106,7 +1106,7 @@ my ($port, $host) = AnyEvent::Socket::unpack_sockaddr ($peer); - return unless $port == 53 && grep $_ eq $host, @{ $self->{server} }; + return unless $port == DOMAIN_PORT && grep $_ eq $host, @{ $self->{server} }; $self->_feed ($pkt); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Handle.pm new/AnyEvent-7.07/lib/AnyEvent/Handle.pm --- old/AnyEvent-7.05/lib/AnyEvent/Handle.pm 2013-07-31 00:30:31.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Handle.pm 2013-12-17 17:42:35.000000000 +0100 @@ -498,7 +498,7 @@ This callback will only be called on TLS shutdowns, not when the underlying handle signals EOF. -=item json => JSON or JSON::XS object +=item json => L<JSON>, L<JSON::PP> or L<JSON::XS> object This is the json coder object used by the C<json> read and write types. @@ -506,8 +506,17 @@ suitable one (on demand), which will write and expect UTF-8 encoded JSON texts. -Note that you are responsible to depend on the JSON module if you want to -use this functionality, as AnyEvent does not have a dependency itself. +=item cbor => L<CBOR::XS> object + +This is the cbor coder object used by the C<cbor> read and write types. + +If you don't supply it, then AnyEvent::Handle will create and use a +suitable one (on demand), which will write CBOR without using extensions, +if possible. texts. + +Note that you are responsible to depend on the L<CBOR::XS> module if you +want to use this functionality, as AnyEvent does not have a dependency on +it itself. =back @@ -1055,10 +1064,10 @@ this module doesn't need delimiters after or between JSON texts to be able to read them, many other languages depend on that. -A simple RPC protocol that interoperates easily with others is to send -JSON arrays (or objects, although arrays are usually the better choice as -they mimic how function argument passing works) and a newline after each -JSON text: +A simple RPC protocol that interoperates easily with other languages is +to send JSON arrays (or objects, although arrays are usually the better +choice as they mimic how function argument passing works) and a newline +after each JSON text: $handle->push_write (json => ["method", "arg1", "arg2"]); # whatever $handle->push_write ("\012"); @@ -1071,19 +1080,50 @@ Other languages could read single lines terminated by a newline and pass this line into their JSON decoder of choice. +=item cbor => $perl_scalar + +Encodes the given scalar into a CBOR value. Unless you provide your own +L<CBOR::XS> object, this means it will be encoded to a CBOR string not +using any extensions, if possible. + +CBOR values are self-delimiting, so you can write CBOR at one end of +a handle and read them at the other end without using any additional +framing. + +A simple nd very very fast RPC protocol that interoperates with +other languages is to send CBOR and receive CBOR values (arrays are +recommended): + + $handle->push_write (cbor => ["method", "arg1", "arg2"]); # whatever + +An AnyEvent::Handle receiver would simply use the C<cbor> read type: + + $handle->push_read (cbor => sub { my $array = $_[1]; ... }); + =cut sub json_coder() { eval { require JSON::XS; JSON::XS->new->utf8 } - || do { require JSON; JSON->new->utf8 } + || do { require JSON::PP; JSON::PP->new->utf8 } } register_write_type json => sub { my ($self, $ref) = @_; - my $json = $self->{json} ||= json_coder; + ($self->{json} ||= json_coder) + ->encode ($ref) +}; + +sub cbor_coder() { + require CBOR::XS; + CBOR::XS->new +} - $json->encode ($ref) +register_write_type cbor => sub { + my ($self, $scalar) = @_; + + ($self->{cbor} ||= cbor_coder) + ->encode ($scalar) }; =item storable => $reference @@ -1666,13 +1706,12 @@ Reads a JSON object or array, decodes it and passes it to the callback. When a parse error occurs, an C<EBADMSG> error will be raised. -If a C<json> object was passed to the constructor, then that will be used -for the final decode, otherwise it will create a JSON coder expecting UTF-8. +If a C<json> object was passed to the constructor, then that will be +used for the final decode, otherwise it will create a L<JSON::XS> or +L<JSON::PP> coder object expecting UTF-8. This read type uses the incremental parser available with JSON version -2.09 (and JSON::XS version 2.2) and above. You have to provide a -dependency on your own: this module will load the JSON module, but -AnyEvent does not depend on it itself. +2.09 (and JSON::XS version 2.2) and above. Since JSON texts are fully self-delimiting, the C<json> read and write types are an ideal simple RPC protocol: just exchange JSON datagrams. See @@ -1686,7 +1725,6 @@ my $json = $self->{json} ||= json_coder; my $data; - my $rbuf = \$self->{rbuf}; sub { my $ref = eval { $json->incr_parse ($_[0]{rbuf}) }; @@ -1715,6 +1753,52 @@ } }; +=item cbor => $cb->($handle, $scalar) + +Reads a CBOR value, decodes it and passes it to the callback. When a parse +error occurs, an C<EBADMSG> error will be raised. + +If a L<CBOR::XS> object was passed to the constructor, then that will be +used for the final decode, otherwise it will create a CBOR coder without +enabling any options. + +You have to provide a dependency to L<CBOR::XS> on your own: this module +will load the L<CBOR::XS> module, but AnyEvent does not depend on it +itself. + +Since CBOR values are fully self-delimiting, the C<cbor> read and write +types are an ideal simple RPC protocol: just exchange CBOR datagrams. See +the C<cbor> write type description, above, for an actual example. + +=cut + +register_read_type cbor => sub { + my ($self, $cb) = @_; + + my $cbor = $self->{cbor} ||= cbor_coder; + + my $data; + + sub { + my (@value) = eval { $cbor->incr_parse ($_[0]{rbuf}) }; + + if (@value) { + $cb->($_[0], @value); + + 1 + } elsif ($@) { + # error case + $cbor->incr_reset; + + $_[0]->_error (Errno::EBADMSG); + + () + } else { + () + } + } +}; + =item storable => $cb->($handle, $ref) Deserialises a L<Storable> frozen representation as written by the @@ -1976,15 +2060,18 @@ my $tmp; - if (length $self->{_tls_wbuf}) { - while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { - substr $self->{_tls_wbuf}, 0, $tmp, ""; + while (length $self->{_tls_wbuf}) { + if (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) <= 0) { + $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp); + + return $self->_tls_error ($tmp) + if $tmp != $ERROR_WANT_READ + && ($tmp != $ERROR_SYSCALL || $!); + + last; } - $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp); - return $self->_tls_error ($tmp) - if $tmp != $ERROR_WANT_READ - && ($tmp != $ERROR_SYSCALL || $!); + substr $self->{_tls_wbuf}, 0, $tmp, ""; } while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { @@ -2008,7 +2095,7 @@ $self->{tls} or return; # tls session might have gone away in callback } - $tmp = Net::SSLeay::get_error ($self->{tls}, -1); + $tmp = Net::SSLeay::get_error ($self->{tls}, -1); # -1 is not neccessarily correct, but Net::SSLeay doesn't tell us return $self->_tls_error ($tmp) if $tmp != $ERROR_WANT_READ && ($tmp != $ERROR_SYSCALL || $!); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Impl/IOAsync.pm new/AnyEvent-7.07/lib/AnyEvent/Impl/IOAsync.pm --- old/AnyEvent-7.05/lib/AnyEvent/Impl/IOAsync.pm 2012-04-08 06:20:09.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Impl/IOAsync.pm 2013-12-10 21:01:47.000000000 +0100 @@ -19,6 +19,40 @@ I/O watchers need to dup their fh because IO::Async only supports IO handles, not plain file descriptors. +=head1 FUNCTIONS AND VARIABLES + +The only user-servicible part in this module is the C<set_loop> function +and C<$LOOP> variable: + +=over 4 + +=item AnyEvent::Impl::IOAsync::set_loop $new_loop + +Unfortunately, IO::Async has no concept of a default loop. Modules using +IO::Async must be told by their caller which loop to use, which makes it +impossible to transparently use IO::Async from a module. + +This module is no exception. It creates a new IO::Async::Loop object when +it is loaded. This might not be the right loop object, though, and thus +you can replace it by a call to this function with the loop object of your +choice. + +Note that switching loops while watchers are already initialised can have +unexpected effects, and is not supported unless you can live witht he +consequences. + +=item $AnyEvent::Impl::IOAsync::LOOP + +This variable always contains the IO::Async::Loop object used by this +AnyEvent backend. See above for more info. + +Storing the "default" loop makes this module a possible arbiter for other +modules that want to use IO::Async transparently. It's advised to directly +refer to this variable each time you want to use it, without making a +local copy. + +=back + =head1 PROBLEMS WITH IO::Async This section had a long list of problems and shortcomings that made it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Impl/Perl.pm new/AnyEvent-7.07/lib/AnyEvent/Impl/Perl.pm --- old/AnyEvent-7.05/lib/AnyEvent/Impl/Perl.pm 2012-04-08 06:20:09.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Impl/Perl.pm 2013-08-28 22:16:22.000000000 +0200 @@ -38,9 +38,9 @@ *AE::idle = \&AnyEvent::Loop::idle; *_poll = \&AnyEvent::Loop::one_event; *loop = \&AnyEvent::Loop::run; # compatibility with AnyEvent < 6.0 +*now_update = \&AnyEvent::Loop::now_update; -sub now { $AnyEvent::Loop::NOW } -sub now_update { AE::now_update } +sub now { $AnyEvent::Loop::NOW } sub AnyEvent::CondVar::Base::_wait { AnyEvent::Loop::one_event until exists $_[0]{_ae_sent}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Intro.pod new/AnyEvent-7.07/lib/AnyEvent/Intro.pod --- old/AnyEvent-7.05/lib/AnyEvent/Intro.pod 2013-07-31 00:12:50.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Intro.pod 2013-12-10 16:53:50.000000000 +0100 @@ -1,3 +1,5 @@ +=encoding utf-8 + =head1 NAME AnyEvent::Intro - an introductory tutorial to AnyEvent diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Log.pm new/AnyEvent-7.07/lib/AnyEvent/Log.pm --- old/AnyEvent-7.05/lib/AnyEvent/Log.pm 2013-07-31 02:02:32.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Log.pm 2013-09-28 13:12:38.000000000 +0200 @@ -73,9 +73,9 @@ $AnyEvent::Log::FILTER->level ("info"); The design goal behind this module was to keep it simple (and small), -but make it powerful enough to be potentially useful for any module, and -extensive enough for the most common tasks, such as logging to multiple -targets, or being able to log into a database. +but make it powerful enough to be potentially useful for any module, +and extensive enough for the most common tasks, such as logging to +multiple targets, or being able to log into a database. The module is also usable before AnyEvent itself is initialised, in which case some of the functionality might be reduced. @@ -1498,6 +1498,12 @@ =back +=head1 ASYNCHRONOUS DISK I/O + +This module uses L<AnyEvent::IO> to actually write log messages (in +C<log_to_file> and C<log_to_path>), so it doesn't block your program when +the disk is busy and a non-blocking L<AnyEvent::IO> backend is available. + =head1 AUTHOR Marc Lehmann <[email protected]> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Loop.pm new/AnyEvent-7.07/lib/AnyEvent/Loop.pm --- old/AnyEvent-7.05/lib/AnyEvent/Loop.pm 2012-04-08 06:20:09.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/Loop.pm 2013-08-31 16:41:02.000000000 +0200 @@ -130,7 +130,7 @@ sub MAXWAIT() { 3600 } # never sleep for longer than this many seconds BEGIN { - local $SIG{__DIE__}; + local $SIG{__DIE__}; # protect us against the many broken __DIE__ handlers out there my $time_hires = eval "use Time::HiRes (); 1"; my $clk_tck = eval "use POSIX (); POSIX::sysconf (POSIX::_SC_CLK_TCK ())"; my $round; # actual granularity @@ -153,7 +153,7 @@ $next = (POSIX::times ())[0]; # we assume 32 bit signed on wrap but 64 bit will never wrap - $last -= 4294967296 if $last > $next; # 0x100000000, but perl has probelsm with big hex constants + $last -= 4294967296 if $last > $next; # 0x100000000, but perl has problems with big hex constants $MNOW += ($next - $last) * $HZ1; $last = $next; }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/TLS.pm new/AnyEvent-7.07/lib/AnyEvent/TLS.pm --- old/AnyEvent-7.05/lib/AnyEvent/TLS.pm 2012-04-13 06:31:52.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent/TLS.pm 2013-12-10 20:41:41.000000000 +0100 @@ -127,12 +127,13 @@ =over 4 -=item method => "SSLv2" | "SSLv3" | "TLSv1" | "any" +=item method => "SSLv2" | "SSLv3" | "TLSv1" | "TLSv1_1" | "TLSv1_2" | "any" -The protocol parser to use. C<SSLv2>, C<SSLv3> and C<TLSv1> will use -a parser for those protocols only (so will I<not> accept or create -connections with/to other protocol versions), while C<any> (the -default) uses a parser capable of all three protocols. +The protocol parser to use. C<SSLv2>, C<SSLv3>, C<TLSv1>, C<TLSv1_1> +and C<TLSv1_2> will use a parser for those protocols only (so will +I<not> accept or create connections with/to other protocol versions), +while C<any> (the default) uses a parser capable of all three +protocols. The default is to use C<"any"> but disable SSLv2. This has the effect of sending a SSLv2 hello, indicating the support for SSLv3 and TLSv1, but not @@ -141,11 +142,15 @@ Specifying a specific version is almost always wrong to use for a server speaking to a wide variety of clients (e.g. web browsers), and often wrong for a client. If you only want to allow a specific protocol version, use -the C<sslv2>, C<sslv3> or C<tlsv1> arguments instead. +the C<sslv2>, C<sslv3>, C<tlsv1>, C<tlsv1_1> or C<tlsv1_2> arguments instead. For new services it is usually a good idea to enforce a C<TLSv1> method from the beginning. +C<TLSv1_1> and C<TLSv1_2> require L<Net::SSLeay> >= 1.55 and OpenSSL +>= 1.0.1. Check the L<Net::SSLeay> and OpenSSL documentations for more +details. + =item sslv2 => $enabled Enable or disable SSLv2 (normally I<disabled>). @@ -158,6 +163,20 @@ Enable or disable TLSv1 (normally I<enabled>). +=item tlsv1_1 => $enabled + +Enable or disable TLSv1_1 (normally I<enabled>). + +This requires L<Net::SSLeay> >= 1.55 and OpenSSL >= 1.0.1. Check the +L<Net::SSLeay> and OpenSSL documentations for more details. + +=item tlsv1_2 => $enabled + +Enable or disable TLSv1_2 (normally I<enabled>). + +This requires L<Net::SSLeay> >= 1.55 and OpenSSL >= 1.0.1. Check the +L<Net::SSLeay> and OpenSSL documentations for more details. + =item verify => $enable Enable or disable peer certificate checking (default is I<disabled>, which @@ -231,16 +250,11 @@ just assumes that subjectAltNames are possible, but no wildcards are possible anywhere. -=item [$check_cn, $wildcards_in_alt, $wildcards_in_cn] +=item [$wildcards_in_alt, $wildcards_in_cn, $check_cn] You can also specify a scheme yourself by using an array reference with three integers. -C<$check_cn> specifies if and how the common name field is used: C<0> -means it will be completely ignored, C<1> means it will only be used if -no host names have been found in the subjectAltNames, and C<2> means the -common name will always be checked against the peername. - C<$wildcards_in_alt> and C<$wildcards_in_cn> specify whether and where wildcards (C<*>) are allowed in subjectAltNames and the common name, respectively. C<0> means no wildcards are allowed, C<1> means they @@ -248,6 +262,11 @@ means they can be used anywhere (C<www*.example.org>), except that very dangerous matches will not be allowed (C<*.org> or C<*>). +C<$check_cn> specifies if and how the common name field is checked: C<0> +means it will be completely ignored, C<1> means it will only be used if +no host names have been found in the subjectAltNames, and C<2> means the +common name will always be checked against the peername. + =back You can specify either the name of the parent protocol (recommended, @@ -553,6 +572,30 @@ # ocsp_request => 7, #); +BEGIN { + eval 'sub _check_tls_gt_1 (){' + . (($Net::SSLeay::VERSION >= 1.55 && Net::SSLeay::OPENSSL_VERSION_NUMBER() >= 0x1000100f) * 1) + . '}'; +} + +our %SSL_METHODS = ( + any => \&Net::SSLeay::CTX_new, + sslv23 => \&Net::SSLeay::CTX_new, # deliberately undocumented + sslv2 => \&Net::SSLeay::CTX_v2_new, + sslv3 => \&Net::SSLeay::CTX_v3_new, + tlsv1 => \&Net::SSLeay::CTX_tlsv1_new, +); + +# Add TLSv1_1 and TLSv1_2 if Net::SSLEay and openssl allow them +if (_check_tls_gt_1) { + $SSL_METHODS{tlsv1_1} = \&Net::SSLeay::CTX_tlsv1_1_new; + $SSL_METHODS{tlsv1_2} = \&Net::SSLeay::CTX_tlsv1_2_new; +} else { + for my $method (qw(tlsv1_1 tlsv1_2)) { + $SSL_METHODS{$method} = sub { croak "AnyEvent::TLS method '$method' requires openssl v1.0.1 and Net::SSLeay 1.55 or higher" }; + } +} + sub new { my ($class, %arg) = @_; @@ -560,12 +603,8 @@ my $method = lc $arg{method} || "any"; - my $ctx = $method eq "any" ? Net::SSLeay::CTX_new () - : $method eq "sslv23" ? Net::SSLeay::CTX_new () # deliberately undocumented - : $method eq "sslv2" ? Net::SSLeay::CTX_v2_new () - : $method eq "sslv3" ? Net::SSLeay::CTX_v3_new () - : $method eq "tlsv1" ? Net::SSLeay::CTX_tlsv1_new () - : croak "'$method' is not a valid AnyEvent::TLS method (must be one of SSLv2, SSLv3, TLSv1 or any)"; + my $ctx = ($SSL_METHODS{$method} + || croak "'$method' is not a valid AnyEvent::TLS method (must be one of @{[ sort keys %SSL_METHODS ]})")->(); my $self = bless { ctx => $ctx }, $class; # to make sure it's destroyed if we croak @@ -574,6 +613,8 @@ $op |= Net::SSLeay::OP_NO_SSLv2 () unless $arg{sslv2}; $op |= Net::SSLeay::OP_NO_SSLv3 () if exists $arg{sslv3} && !$arg{sslv3}; $op |= Net::SSLeay::OP_NO_TLSv1 () if exists $arg{tlsv1} && !$arg{tlsv1}; + $op |= Net::SSLeay::OP_NO_TLSv1_1 () if exists $arg{tlsv1_1} && !$arg{tlsv1_1} && _check_tls_gt_1; + $op |= Net::SSLeay::OP_NO_TLSv1_2 () if exists $arg{tlsv1_2} && !$arg{tlsv1_2} && _check_tls_gt_1; $op |= Net::SSLeay::OP_SINGLE_DH_USE () if !exists $arg{dh_single_use} || $arg{dh_single_use}; Net::SSLeay::CTX_set_options ($ctx, $op); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent/Util.pm new/AnyEvent-7.07/lib/AnyEvent/Util.pm --- old/AnyEvent-7.05/lib/AnyEvent/Util.pm 2013-03-23 15:40:46.000000000 +0100 +++ new/AnyEvent-7.07/lib/AnyEvent/Util.pm 2013-12-10 16:54:17.000000000 +0100 @@ -1,3 +1,5 @@ +=encoding utf-8 + =head1 NAME AnyEvent::Util - various utility functions. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/lib/AnyEvent.pm new/AnyEvent-7.07/lib/AnyEvent.pm --- old/AnyEvent-7.05/lib/AnyEvent.pm 2013-08-21 10:40:12.000000000 +0200 +++ new/AnyEvent-7.07/lib/AnyEvent.pm 2013-12-17 17:44:18.000000000 +0100 @@ -489,6 +489,10 @@ my $done = AnyEvent->condvar; + # this forks and immediately calls exit in the child. this + # normally has all sorts of bad consequences for your parent, + # so take this as an example only. always fork and exec, + # or call POSIX::_exit, in real code. my $pid = fork or exit 5; my $w = AnyEvent->child ( @@ -747,7 +751,7 @@ sending. The ping example mentioned above is slightly more complicated, as the -there are results to be passwd back, and the number of tasks that are +there are results to be passed back, and the number of tasks that are begun can potentially be zero: my $cv = AnyEvent->condvar; @@ -1183,6 +1187,17 @@ L<IO::AIO> and AnyEvent together, giving AnyEvent access to event-based file I/O, and much more. +=item L<AnyEvent::Fork>, L<AnyEvent::Fork::RPC>, L<AnyEvent::Fork::Pool>, L<AnyEvent::Fork::Remote> + +These let you safely fork new subprocesses, either locally or +remotely (e.g.v ia ssh), using some RPC protocol or not, without +the limitations normally imposed by fork (AnyEvent works fine for +example). Dynamically-resized worker pools are obviously included as well. + +And they are quite tiny and fast as well - "abusing" L<AnyEvent::Fork> +just to exec external programs can easily beat using C<fork> and C<exec> +(or even C<system>) in most programs. + =item L<AnyEvent::Filesys::Notify> AnyEvent is good for non-blocking stuff, but it can't detect file or @@ -1193,18 +1208,14 @@ fall back to blocking scans at regular intervals transparently on other platforms, so it's about as portable as it gets. -(I haven't used it myself, but I haven't heard anybody complaining about -it yet). +(I haven't used it myself, but it seems the biggest problem with it is +it quite bad performance). =item L<AnyEvent::DBI> Executes L<DBI> requests asynchronously in a proxy process for you, notifying you in an event-based way when the operation is finished. -=item L<AnyEvent::HTTPD> - -A simple embedded webserver. - =item L<AnyEvent::FastPing> The fastest ping in the west. @@ -1238,7 +1249,7 @@ use Carp (); -our $VERSION = '7.05'; +our $VERSION = '7.07'; our $MODEL; our @ISA; our @REGISTRY; @@ -2953,17 +2964,35 @@ If you have to fork, you must either do so I<before> creating your first watcher OR you must not use AnyEvent at all in the child OR you must do -something completely out of the scope of AnyEvent. +something completely out of the scope of AnyEvent (see below). The problem of doing event processing in the parent I<and> the child is much more complicated: even for backends that I<are> fork-aware or fork-safe, their behaviour is not usually what you want: fork clones all watchers, that means all timers, I/O watchers etc. are active in both -parent and child, which is almost never what you want. USing C<exec> -to start worker children from some kind of manage rprocess is usually +parent and child, which is almost never what you want. Using C<exec> +to start worker children from some kind of manage prrocess is usually preferred, because it is much easier and cleaner, at the expense of having to have another binary. +In addition to logical problems with fork, there are also implementation +problems. For example, on POSIX systems, you cannot fork at all in Perl +code if a thread (I am talking of pthreads here) was ever created in the +process, and this is just the tip of the iceberg. In general, using fork +from Perl is difficult, and attempting to use fork without an exec to +implement some kind of parallel processing is almost certainly doomed. + +To safely fork and exec, you should use a module such as +L<Proc::FastSpawn> that let's you safely fork and exec new processes. + +If you want to do multiprocessing using processes, you can +look at the L<AnyEvent::Fork> module (and some related modules +such as L<AnyEvent::Fork::RPC>, L<AnyEvent::Fork::Pool> and +L<AnyEvent::Fork::Remote>). This module allows you to safely create +subprocesses without any limitations - you can use X11 toolkits or +AnyEvent in the children created by L<AnyEvent::Fork> safely and without +any special precautions. + =head1 SECURITY CONSIDERATIONS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.05/t/81_hosts.t new/AnyEvent-7.07/t/81_hosts.t --- old/AnyEvent-7.05/t/81_hosts.t 2013-07-31 02:09:16.000000000 +0200 +++ new/AnyEvent-7.07/t/81_hosts.t 2013-08-26 13:10:00.000000000 +0200 @@ -1,7 +1,7 @@ use File::Temp qw(tempfile); use Test::More tests => 2; -my $test_host = 'test.invalid.tld'; +my $test_host = 'test.invalid.'; my $test_addr = '127.9.9.9'; my ($hosts_fh, $hosts_file) = tempfile UNLINK => 1; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
