Your message dated Thu, 27 Nov 2014 18:30:30 +0000
with message-id <[email protected]>
and subject line Re: Bug#771009: unblock: ruby-mysql2/0.3.16-2
has caused the Debian Bug report #771009,
regarding unblock: ruby-mysql2/0.3.16-2 (preapproval)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
771009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771009
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Dear release team,
I would like to ask for a pre-approval for an upload
of ruby-mysql2 in order to fix 2 important bugs in Jessie, upon request
of upstream.
The two bugs are:
- #770891 possible openssl infinite loop
The current version in Jessie can cause infinite OpenSSL loop, because
of a dummy socket that may not be able to absorb all the write. The
patch proposes to replace the socket by /dev/null.
- #770896 libmysql may not be called correctly during initialization of the gem
The current version of ruby-mysql2 may not completely initialize the
MySQL library, so that different threads that trying to connect to
the database may not succeed because of a race condition. The patch
ensures full initialization of the MySQL library when the Ruby library
is loaded.
These two bugs are fixed by very short patches, converted from upstream
commits.
Please find enclosed the debdiff with the version 0.3.16-2, containing
the changelog entry and the two patches.
If a preapproval is granted, should I then file a new unblock request
when the upload is performed?
Thanks!
Cédric
unblock ruby-mysql2/0.3.16-2
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru ruby-mysql2-0.3.16/debian/changelog
ruby-mysql2-0.3.16/debian/changelog
--- ruby-mysql2-0.3.16/debian/changelog 2014-06-15 00:37:29.000000000 +0200
+++ ruby-mysql2-0.3.16/debian/changelog 2014-11-25 18:02:36.000000000 +0100
@@ -1,3 +1,15 @@
+ruby-mysql2 (0.3.16-2) unstable; urgency=medium
+
+ * Add upstream patch avoid_openssl_loop.patch to use /dev/null in the
+ invalidate_fd function to avoid infinite loop in OpenSSL (Closes: #770891)
+ Before, a dummy socket was used instead of /dev/null, which may not absorb
+ all writes and lead to an infinite loop.
+ * Add upstream patch correct_mysql_init.patch to correctly initialize the
+ MySQL library, to avoid race condition when other threads try to create a
+ connection (Closes: #770896)
+
+ -- Cédric Boutillier <[email protected]> Tue, 25 Nov 2014 17:52:01 +0100
+
ruby-mysql2 (0.3.16-1) unstable; urgency=medium
[ Jérémy Bobbio ]
diff -Nru ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch
ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch
--- ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch 1970-01-01
01:00:00.000000000 +0100
+++ ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch 2014-11-25
23:07:16.000000000 +0100
@@ -0,0 +1,49 @@
+Description: Use /dev/null in invalidate_fd to avoid infinite loop in OpenSSL
+ Thanks to Andy Bakun / @thwarted for identifying the issue and
+ suggesting the /dev/null workaround.
+Author: Aaron Stone <[email protected]>
+Origin:
upstream,https://github.com/brianmario/mysql2/commit/fc30a7c056e63517f5f66702016941b3902ec0b6.patch
+Reviewed-by: Cédric Boutillier <[email protected]>
+Last-Update: 2014-08-24
+
+--- a/ext/mysql2/client.c
++++ b/ext/mysql2/client.c
+@@ -167,26 +167,30 @@
+
+ #ifndef _WIN32
+ /*
+- * Redirect clientfd to a dummy socket for mysql_close to
+- * write, shutdown, and close on as a no-op.
+- * We do this hack because we want to call mysql_close to release
+- * memory, but do not want mysql_close to drop connections in the
+- * parent if the socket got shared in fork.
++ * Redirect clientfd to /dev/null for mysql_close and SSL_close to write,
++ * shutdown, and close. The hack is needed to prevent shutdown() from breaking
++ * a socket that may be in use by the parent or other processes after fork.
++ *
++ * /dev/null is used to absorb writes; previously a dummy socket was used, but
++ * it could not abosrb writes and caused openssl to go into an infinite loop.
++ *
+ * Returns Qtrue or Qfalse (success or failure)
++ *
++ * Note: if this function is needed on Windows, use "nul" instead of
"/dev/null"
+ */
+ static VALUE invalidate_fd(int clientfd)
+ {
+ #ifdef SOCK_CLOEXEC
+ /* Atomically set CLOEXEC on the new FD in case another thread forks */
+- int sockfd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
++ int sockfd = open("/dev/null", O_RDWR | O_CLOEXEC);
+ if (sockfd < 0) {
+ /* Maybe SOCK_CLOEXEC is defined but not available on this kernel */
+- int sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
++ int sockfd = open("/dev/null", O_RDWR);
+ fcntl(sockfd, F_SETFD, FD_CLOEXEC);
+ }
+ #else
+ /* Well we don't have SOCK_CLOEXEC, so just set FD_CLOEXEC quickly */
+- int sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
++ int sockfd = open("/dev/null", O_RDWR);
+ fcntl(sockfd, F_SETFD, FD_CLOEXEC);
+ #endif
+
diff -Nru ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch
ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch
--- ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch 1970-01-01
01:00:00.000000000 +0100
+++ ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch 2014-11-25
23:07:43.000000000 +0100
@@ -0,0 +1,38 @@
+Description: Added call to mysql_library_init during initialization of the gem
+ This call must be performed before trying to call mysql_init from
+ multiple threads
+ Reference: http://dev.mysql.com/doc/refman/5.1/en/mysql-init.html
+ Minimal reproduction of the problem if mysql_library_init is not called
+
+ require 'mysql2'
+
+ def connect
+ Mysql2::Client.new()
+ end
+
+ threads = [0,1].map {
+ Thread.new { connect }
+ }
+ threads.map(&:join)
+ puts "OK!"
+Author: Michael Kruglos <[email protected]>
+Reviewed-by: Cédric Boutillier <[email protected]>
+Origin:
upstream,https://github.com/brianmario/mysql2/commit/de48627ee89b9dfd7d966f3ea747e95a48085792.patch
+Last-Update: 2014-07-30
+
+--- a/ext/mysql2/client.c
++++ b/ext/mysql2/client.c
+@@ -1237,6 +1237,13 @@
+ }
+ }
+
++ /* Initializing mysql library, so different threads could call Client.new */
++ /* without race condition in the library */
++ if (mysql_library_init(0, NULL, NULL) != 0) {
++ rb_raise(rb_eRuntimeError, "Could not initialize MySQL client library");
++ return;
++ }
++
+ #if 0
+ mMysql2 = rb_define_module("Mysql2"); Teach RDoc about Mysql2 constant.
+ #endif
diff -Nru ruby-mysql2-0.3.16/debian/patches/series
ruby-mysql2-0.3.16/debian/patches/series
--- ruby-mysql2-0.3.16/debian/patches/series 2014-06-15 00:23:19.000000000
+0200
+++ ruby-mysql2-0.3.16/debian/patches/series 2014-11-25 18:01:18.000000000
+0100
@@ -1,3 +1,5 @@
remove_rpath_compilation_flag.patch
remove_rubygems_from_examples.patch
#deactivate_failing_specs.patch
+avoid_openssl_loop.patch
+correct_mysql_init.patch
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
On Thu, 2014-11-27 at 00:53 +0100, Cédric Boutillier wrote:
> I've just uploaded ruby-mysql2/0.3.16-2 with the changes indicated in my
> previous email. Please unblock this package for migration to Jessie.
Unblocked.
Regards,
Adam
--- End Message ---
