Control: tags -1 - moreinfo Hi!
I've just uploaded ruby-mysql2/0.3.16-2 with the changes indicated in my previous email. Please unblock this package for migration to Jessie. unblock: ruby-mysql2/0.3.16-2 Thanks! Cédric
diff -Nru ruby-mysql2-0.3.16/debian/changelog ruby-mysql2-0.3.16/debian/changelog --- ruby-mysql2-0.3.16/debian/changelog 2014-06-15 00:37:29.000000000 +0200 +++ ruby-mysql2-0.3.16/debian/changelog 2014-11-27 00:04:11.000000000 +0100 @@ -1,3 +1,15 @@ +ruby-mysql2 (0.3.16-2) unstable; urgency=medium + + * Add upstream patch avoid_openssl_loop.patch to use /dev/null in the + invalidate_fd function to avoid infinite loop in OpenSSL (Closes: #770891) + Before, a dummy socket was used instead of /dev/null, which may not absorb + all writes and lead to an infinite loop. + * Add upstream patch correct_mysql_init.patch to correctly initialize the + MySQL library, to avoid race condition when other threads try to create a + connection (Closes: #770896) + + -- Cédric Boutillier <bou...@debian.org> Tue, 25 Nov 2014 17:52:01 +0100 + ruby-mysql2 (0.3.16-1) unstable; urgency=medium [ Jérémy Bobbio ] diff -Nru ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch --- ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch 1970-01-01 01:00:00.000000000 +0100 +++ ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch 2014-11-25 23:07:16.000000000 +0100 @@ -0,0 +1,49 @@ +Description: Use /dev/null in invalidate_fd to avoid infinite loop in OpenSSL + Thanks to Andy Bakun / @thwarted for identifying the issue and + suggesting the /dev/null workaround. +Author: Aaron Stone <aa...@serendipity.cx> +Origin: upstream,https://github.com/brianmario/mysql2/commit/fc30a7c056e63517f5f66702016941b3902ec0b6.patch +Reviewed-by: Cédric Boutillier <bou...@debian.org> +Last-Update: 2014-08-24 + +--- a/ext/mysql2/client.c ++++ b/ext/mysql2/client.c +@@ -167,26 +167,30 @@ + + #ifndef _WIN32 + /* +- * Redirect clientfd to a dummy socket for mysql_close to +- * write, shutdown, and close on as a no-op. +- * We do this hack because we want to call mysql_close to release +- * memory, but do not want mysql_close to drop connections in the +- * parent if the socket got shared in fork. ++ * Redirect clientfd to /dev/null for mysql_close and SSL_close to write, ++ * shutdown, and close. The hack is needed to prevent shutdown() from breaking ++ * a socket that may be in use by the parent or other processes after fork. ++ * ++ * /dev/null is used to absorb writes; previously a dummy socket was used, but ++ * it could not abosrb writes and caused openssl to go into an infinite loop. ++ * + * Returns Qtrue or Qfalse (success or failure) ++ * ++ * Note: if this function is needed on Windows, use "nul" instead of "/dev/null" + */ + static VALUE invalidate_fd(int clientfd) + { + #ifdef SOCK_CLOEXEC + /* Atomically set CLOEXEC on the new FD in case another thread forks */ +- int sockfd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); ++ int sockfd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (sockfd < 0) { + /* Maybe SOCK_CLOEXEC is defined but not available on this kernel */ +- int sockfd = socket(AF_UNIX, SOCK_STREAM, 0); ++ int sockfd = open("/dev/null", O_RDWR); + fcntl(sockfd, F_SETFD, FD_CLOEXEC); + } + #else + /* Well we don't have SOCK_CLOEXEC, so just set FD_CLOEXEC quickly */ +- int sockfd = socket(AF_UNIX, SOCK_STREAM, 0); ++ int sockfd = open("/dev/null", O_RDWR); + fcntl(sockfd, F_SETFD, FD_CLOEXEC); + #endif + diff -Nru ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch --- ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch 1970-01-01 01:00:00.000000000 +0100 +++ ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch 2014-11-25 23:07:43.000000000 +0100 @@ -0,0 +1,38 @@ +Description: Added call to mysql_library_init during initialization of the gem + This call must be performed before trying to call mysql_init from + multiple threads + Reference: http://dev.mysql.com/doc/refman/5.1/en/mysql-init.html + Minimal reproduction of the problem if mysql_library_init is not called + + require 'mysql2' + + def connect + Mysql2::Client.new() + end + + threads = [0,1].map { + Thread.new { connect } + } + threads.map(&:join) + puts "OK!" +Author: Michael Kruglos <mich...@kruglos.com> +Reviewed-by: Cédric Boutillier <bou...@debian.org> +Origin: upstream,https://github.com/brianmario/mysql2/commit/de48627ee89b9dfd7d966f3ea747e95a48085792.patch +Last-Update: 2014-07-30 + +--- a/ext/mysql2/client.c ++++ b/ext/mysql2/client.c +@@ -1237,6 +1237,13 @@ + } + } + ++ /* Initializing mysql library, so different threads could call Client.new */ ++ /* without race condition in the library */ ++ if (mysql_library_init(0, NULL, NULL) != 0) { ++ rb_raise(rb_eRuntimeError, "Could not initialize MySQL client library"); ++ return; ++ } ++ + #if 0 + mMysql2 = rb_define_module("Mysql2"); Teach RDoc about Mysql2 constant. + #endif diff -Nru ruby-mysql2-0.3.16/debian/patches/series ruby-mysql2-0.3.16/debian/patches/series --- ruby-mysql2-0.3.16/debian/patches/series 2014-06-15 00:23:19.000000000 +0200 +++ ruby-mysql2-0.3.16/debian/patches/series 2014-11-25 18:01:18.000000000 +0100 @@ -1,3 +1,5 @@ remove_rpath_compilation_flag.patch remove_rubygems_from_examples.patch #deactivate_failing_specs.patch +avoid_openssl_loop.patch +correct_mysql_init.patch