Hello community, here is the log from the commit of package rubygem-bunny for openSUSE:Factory checked in at 2017-04-20 20:58:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-bunny (Old) and /work/SRC/openSUSE:Factory/.rubygem-bunny.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-bunny" Thu Apr 20 20:58:08 2017 rev:35 rq:489036 version:2.6.5 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-bunny/rubygem-bunny.changes 2017-03-21 22:49:01.635209295 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-bunny.new/rubygem-bunny.changes 2017-04-20 20:58:11.362540911 +0200 @@ -1,0 +2,6 @@ +Sun Apr 16 04:29:10 UTC 2017 - co...@suse.com + +- updated to version 2.6.5 + see installed ChangeLog.md + +------------------------------------------------------------------- Old: ---- bunny-2.6.4.gem New: ---- bunny-2.6.5.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-bunny.spec ++++++ --- /var/tmp/diff_new_pack.ppz6zI/_old 2017-04-20 20:58:12.246415912 +0200 +++ /var/tmp/diff_new_pack.ppz6zI/_new 2017-04-20 20:58:12.250415347 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-bunny -Version: 2.6.4 +Version: 2.6.5 Release: 0 %define mod_name bunny %define mod_full_name %{mod_name}-%{version} ++++++ bunny-2.6.4.gem -> bunny-2.6.5.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 2017-03-04 13:51:22.000000000 +0100 +++ new/.gitignore 2017-04-15 21:38:44.000000000 +0200 @@ -21,6 +21,8 @@ *.dump deploy.docs.sh .ruby-version +.idea +*.srl spec/tls/*.pem spec/tls/*.pem~ spec/tls/*.p12 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CONTRIBUTING.md new/CONTRIBUTING.md --- old/CONTRIBUTING.md 2017-03-04 13:51:22.000000000 +0100 +++ new/CONTRIBUTING.md 2017-04-15 21:38:44.000000000 +0200 @@ -24,7 +24,14 @@ RABBITMQ_NODENAME=bunny RABBITMQ_CONFIG_FILE=./spec/config/rabbitmq RABBITMQ_ENABLED_PLUGINS_FILE=./spec/config/enabled_plugins rabbitmq-server ``` -The specs use the RabbitMQ management plugin and require a TLS port to be available. The config files in the spec/config directory enable these. +The specs use the RabbitMQ management plugin and require a TLS port to +be available. The config files in the spec/config directory enable +these. TLS (x509 PEM) certificates include a hostname-specific fields, +the tests allow for expecting hostname overriding using the `BUNNY_RABBITMQ_HOSTNAME` +environment variables (default value is `127.0.0.1`). + +Server, CA and client certificates can be found under `spec/tls`. They are supposed to be +generated with [tls-gen](github.com/michaelklishin/tls-gen) or similar in the target environment. Next up you'll need to prepare your node for the specs (just once): @@ -32,6 +39,12 @@ RABBITMQ_NODENAME=bunny ./bin/ci/before_build ``` +The script uses `rabbitmqctl` and `rabbitmq-plugins` +to set up RabbitMQ in a way that Bunny test suites expect. Two environment variables, +`RABBITMQCTL` and `RABBITMQ_PLUGINS`, are available to control what `rabbitmqctl` and +`rabbitmq-plugins` commands will be used. By default they are taken from `PATH` +and prefixed with `sudo`. + And then run the core integration suite: ``` @@ -40,26 +53,26 @@ #### Running a RabbitMQ server in a Docker container -First off you have to [install Docker](https://docs.docker.com/engine/installation/) (>= 1.9). +First off you have to [install Docker Compose](https://docker.github.io/compose/install/) (and by proxy Docker). +Version >= 1.6.0+ is required for compose version 2 syntax. -After Docker has been installed (and the `docker` command is available on your command line path), run +After those have been installed (and the `docker-compose` command is available on your command line path), run - ./bin/ci/start_rabbitmq +``` +docker-compose up +``` The first time you do this, it will take some time, since it has to download everything it needs to build the Docker image. The RabbitMQ server will run in the foreground in the terminal where you started it. You can stop -it by pressing CTRL+C. +it by pressing CTRL+C. If you want to run it in the background, run `docker-compose up -d`. ### Running Test Suites -Prior to running the tests, configure the RabbitMQ permissions -by running `./bin/ci/before_build`. The script uses `rabbitmqctl` and `rabbitmq-plugins` -to set up RabbitMQ in a way that Bunny test suites expect. Two environment variables, -`RABBITMQCTL` and `RABBITMQ_PLUGINS`, are available to control what `rabbitmqctl` and -`rabbitmq-plugins` commands will be used. By default they are taken from `PATH` -and prefixed with `sudo`. +Prior to running the tests, configure the RabbitMQ permissions by running `./bin/ci/before_build` +if you have RabbitMQ locally installed, if you are running RabbitMQ via Docker as above this step +is not required as the setup is baked in. Make sure you have those two installed and then run integration tests: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ChangeLog.md new/ChangeLog.md --- old/ChangeLog.md 2017-03-04 13:51:22.000000000 +0100 +++ new/ChangeLog.md 2017-04-15 21:38:44.000000000 +0200 @@ -1,4 +1,20 @@ -## Changes between Bunny 2.6.3 and 2.6.4 (unreleased) +## Changes between Bunny 2.6.4 and 2.6.5 (April 15th, 2017) + +### Absolute Windows File Paths are No Longer treated as Inline Certs + +Contributed by Jared Smartt. + +GitHub issue: [#492](https://github.com/ruby-amqp/bunny/issues/492). + + + +## Changes between Bunny 2.6.3 and 2.6.4 (March 4th, 2017) + +### `Bunny::ContinuationQueue#poll` Less Prone to Race Conditions + +`Bunny::ContinuationQueue#poll` was reworked with feedback from Joseph Wong. + +GitHub issue: [#462](https://github.com/ruby-amqp/bunny/issues/462) ### Recovery Attempt Counting Strategy Changed @@ -16,6 +32,12 @@ GitHub issue: [#408](https://github.com/ruby-amqp/bunny/issues/408) +### Opening a Channel on an Intentionally Closed Connection Immediately Raises an Exception + +Contributed by Alessandro Verlato. + +GitHub issue: [#465](https://github.com/ruby-amqp/bunny/issues/465) + ## Changes between Bunny 2.6.2 and 2.6.3 (January 19th, 2016) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2017-03-04 13:51:22.000000000 +0100 +++ new/README.md 2017-04-15 21:38:44.000000000 +0200 @@ -73,7 +73,7 @@ ### Most Recent Release -[![Gem Version](https://badge.fury.io/rb/bunny.png)](http://badge.fury.io/rb/bunny) +[![Gem Version](https://badge.fury.io/rb/bunny.svg)](http://badge.fury.io/rb/bunny) ### With Rubygems @@ -88,7 +88,7 @@ To use Bunny in a project managed with Bundler: ``` ruby -gem "bunny", ">= 2.6.3" +gem "bunny", ">= 2.6.4" ``` @@ -167,9 +167,7 @@ To subscribe for announcements of releases, important changes and so on, please follow [@rubyamqp](https://twitter.com/#!/rubyamqp) on Twitter. -More detailed announcements can be found in the blogs - -* [RabbitMQ Ruby clients blog](http://blog.rubyrabbitmq.info) +More detailed announcements can be found in the [RabbitMQ Ruby clients blog](http://blog.rubyrabbitmq.info). ### Reporting Issues diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Rakefile new/Rakefile --- old/Rakefile 2017-03-04 13:51:22.000000000 +0100 +++ new/Rakefile 2017-04-15 21:38:44.000000000 +0200 @@ -4,7 +4,7 @@ RSpec::Core::RakeTask.new(:integration) do |t| # excludes unit tests as those involve many iterations # and sometimes suffer from obscure interference from integration tests (!) - t.pattern = ["spec/higher_level_api/integration", "spec/lower_level_api/integration", "spec/issues", "spec/stress"]. + t.pattern = ["spec/higher_level_api/integration", "spec/lower_level_api/integration", "spec/issues"]. map { |dir| Dir.glob(File.join(dir, "**", "*_spec.rb")) }.reduce(&:+) - ["spec/higher_level_api/integration/tls_connection_spec.rb"] t.rspec_opts = "--format progress" @@ -30,9 +30,17 @@ RSpec::Core::RakeTask.new(:recovery_integration) do |t| # otherwise all examples will be skipped ENV.delete("CI") - t.pattern = Dir.glob("spec/higher_level_api/integration/connection_recovery_spec.rb") + t.pattern = ["spec/higher_level_api/integration/connection_recovery_spec.rb"] t.rspec_opts = "--format progress --backtrace" end +RSpec::Core::RakeTask.new(:stress) do |t| + # excludes unit tests as those involve many iterations + # and sometimes suffer from obscure interference from integration tests (!) + t.pattern = ["spec/stress/**/*_spec.rb"] + + t.rspec_opts = "--format progress" +end + task :default => :integration diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bin/ci/before_build new/bin/ci/before_build --- old/bin/ci/before_build 2017-03-04 13:51:22.000000000 +0100 +++ new/bin/ci/before_build 2017-04-15 21:38:45.000000000 +0200 @@ -40,3 +40,7 @@ # requires RabbitMQ 3.0+ # rabbit_plugins 'enable rabbitmq_management' + +# Reduce retention policy for faster publishing of stats +rabbit_control "eval 'supervisor2:terminate_child(rabbit_mgmt_sup_sup, rabbit_mgmt_sup), application:set_env(rabbitmq_management, sample_retention_policies, [{global, [{605, 1}]}, {basic, [{605, 1}]}, {detailed, [{10, 1}]}]), rabbit_mgmt_sup_sup:start_child().'" +rabbit_control "eval 'supervisor2:terminate_child(rabbit_mgmt_agent_sup_sup, rabbit_mgmt_agent_sup), application:set_env(rabbitmq_management_agent, sample_retention_policies, [{global, [{605, 1}]}, {basic, [{605, 1}]}, {detailed, [{10, 1}]}]), rabbit_mgmt_agent_sup_sup:start_child().'" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bin/ci/start_rabbitmq new/bin/ci/start_rabbitmq --- old/bin/ci/start_rabbitmq 2017-03-04 13:51:22.000000000 +0100 +++ new/bin/ci/start_rabbitmq 1970-01-01 01:00:00.000000000 +0100 @@ -1,9 +0,0 @@ -#!/bin/bash -if [ -z `which docker` ]; then - echo 'You need to install docker to run this script. See https://docs.docker.com/engine/installation/' - exit -fi - -cd $(dirname $(readlink -f $0)) -docker build -t bunny_rabbitmq ../../docker && \ -exec docker run --net host -ti bunny_rabbitmq diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bunny.gemspec new/bunny.gemspec --- old/bunny.gemspec 2017-03-04 13:51:22.000000000 +0100 +++ new/bunny.gemspec 2017-04-15 21:38:45.000000000 +0200 @@ -24,7 +24,7 @@ s.email = ["michael.s.klis...@gmail.com"] # Dependencies - s.add_dependency "amq-protocol", ">= 2.0.1" + s.add_dependency "amq-protocol", ">= 2.1.0" # Files. s.has_rdoc = true Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/docker/Dockerfile new/docker/Dockerfile --- old/docker/Dockerfile 2017-03-04 13:51:22.000000000 +0100 +++ new/docker/Dockerfile 2017-04-15 21:38:45.000000000 +0200 @@ -4,7 +4,7 @@ apt-get install -yq --no-install-recommends wget ca-certificates RUN echo 'deb http://www.rabbitmq.com/debian/ testing main' > /etc/apt/sources.list.d/rabbitmq.list && \ - wget -O- https://www.rabbitmq.com/rabbitmq-signing-key-public.asc | apt-key add - + wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | apt-key add - RUN apt-get -q update && \ apt-get install -yq --no-install-recommends rabbitmq-server @@ -12,3 +12,5 @@ COPY docker-entrypoint.sh / ENTRYPOINT /docker-entrypoint.sh + +EXPOSE 5671 5672 15672 \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/docker/docker-entrypoint.sh new/docker/docker-entrypoint.sh --- old/docker/docker-entrypoint.sh 2017-03-04 13:51:22.000000000 +0100 +++ new/docker/docker-entrypoint.sh 2017-04-15 21:38:45.000000000 +0200 @@ -1,9 +1,10 @@ #!/bin/sh server=rabbitmq-server ctl=rabbitmqctl -plugins=rabbitmq-plugins delay=3 +echo "[Configuration] $(eval cat $RABBITMQ_CONFIG_FILE.config)" + echo '[Configuration] Starting RabbitMQ in detached mode.' $server -detached @@ -12,10 +13,6 @@ sleep $delay -echo '*** Enabling plugins ***' -$plugins enable --online rabbitmq_management -$plugins enable --online rabbitmq_consistent_hash_exchange - echo '*** Creating users ***' $ctl add_user bunny_gem bunny_password $ctl add_user bunny_reader reader_password diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/docker-compose.yml new/docker-compose.yml --- old/docker-compose.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/docker-compose.yml 2017-04-15 21:38:45.000000000 +0200 @@ -0,0 +1,18 @@ +version: '2' +services: + rabbitmq: + build: ./docker + container_name: bunny_rabbitmq + environment: + RABBITMQ_NODENAME: bunny + # link to spec specific configuration + RABBITMQ_CONFIG_FILE: /spec/config/rabbitmq + RABBITMQ_ENABLED_PLUGINS_FILE: /spec/config/enabled_plugins + # send logs to stdout + RABBITMQ_LOGS: '-' + RABBITMQ_SASL_LOGS: '-' + ports: + - 5671-5672:5671-5672 + - 15672:15672 + volumes: + - ./spec:/spec:ro \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/bunny/channel.rb new/lib/bunny/channel.rb --- old/lib/bunny/channel.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/lib/bunny/channel.rb 2017-04-15 21:38:45.000000000 +0200 @@ -308,7 +308,7 @@ # @see http://rubybunny.info/articles/extensions.html RabbitMQ Extensions to AMQP 0.9.1 guide # @api public def fanout(name, opts = {}) - Exchange.new(self, :fanout, name, opts) + find_exchange(name) || Exchange.new(self, :fanout, name, opts) end # Declares a direct exchange or looks it up in the cache of previously @@ -326,7 +326,7 @@ # @see http://rubybunny.info/articles/extensions.html RabbitMQ Extensions to AMQP 0.9.1 guide # @api public def direct(name, opts = {}) - Exchange.new(self, :direct, name, opts) + find_exchange(name) || Exchange.new(self, :direct, name, opts) end # Declares a topic exchange or looks it up in the cache of previously @@ -344,7 +344,7 @@ # @see http://rubybunny.info/articles/extensions.html RabbitMQ Extensions to AMQP 0.9.1 guide # @api public def topic(name, opts = {}) - Exchange.new(self, :topic, name, opts) + find_exchange(name) || Exchange.new(self, :topic, name, opts) end # Declares a headers exchange or looks it up in the cache of previously @@ -362,7 +362,7 @@ # @see http://rubybunny.info/articles/extensions.html RabbitMQ Extensions to AMQP 0.9.1 guide # @api public def headers(name, opts = {}) - Exchange.new(self, :headers, name, opts) + find_exchange(name) || Exchange.new(self, :headers, name, opts) end # Provides access to the default exchange @@ -1384,7 +1384,7 @@ # @see #nacked_set # @see http://rubybunny.info/articles/extensions.html RabbitMQ Extensions guide # @api public - def confirm_select(callback=nil) + def confirm_select(callback = nil) raise_if_no_longer_open! if @next_publish_seq_no == 0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/bunny/reader_loop.rb new/lib/bunny/reader_loop.rb --- old/lib/bunny/reader_loop.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/lib/bunny/reader_loop.rb 2017-04-15 21:38:45.000000000 +0200 @@ -54,7 +54,7 @@ @network_is_down = true @session_thread.raise(Bunny::NetworkFailure.new("caught an unexpected exception in the network loop: #{e.message}", e)) end - rescue Errno::EBADF => ebadf + rescue Errno::EBADF => _ebadf break if terminate? # ignored, happens when we loop after the transport has already been closed @mutex.synchronize { @stopping = true } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/bunny/session.rb new/lib/bunny/session.rb --- old/lib/bunny/session.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/lib/bunny/session.rb 2017-04-15 21:38:45.000000000 +0200 @@ -187,7 +187,8 @@ @channel_max = @client_channel_max @client_heartbeat = self.heartbeat_from(opts) - @client_properties = DEFAULT_CLIENT_PROPERTIES.merge(opts.fetch(:properties, {})) + client_props = opts[:properties] || opts[:client_properties] || {} + @client_properties = DEFAULT_CLIENT_PROPERTIES.merge(client_props) @mechanism = opts.fetch(:auth_mechanism, "PLAIN") @credentials_encoder = credentials_encoder_for(@mechanism) @locale = @opts.fetch(:locale, DEFAULT_LOCALE) @@ -817,7 +818,7 @@ shut_down_all_consumer_work_pools! maybe_shutdown_reader_loop maybe_shutdown_heartbeat_sender - rescue ShutdownSignal => sse + rescue ShutdownSignal => _sse # no-op rescue Exception => e @logger.warn "Caught an exception when cleaning up after receiving connection.close: #{e.message}" @@ -1208,7 +1209,7 @@ begin shut_down_all_consumer_work_pools! maybe_shutdown_reader_loop - rescue ShutdownSignal => sse + rescue ShutdownSignal => _sse # no-op rescue Exception => e @logger.warn "Caught an exception when cleaning up after receiving connection.close: #{e.message}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/bunny/transport.rb new/lib/bunny/transport.rb --- old/lib/bunny/transport.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/lib/bunny/transport.rb 2017-04-15 21:38:45.000000000 +0200 @@ -4,7 +4,7 @@ begin require "openssl" -rescue LoadError => le +rescue LoadError => _le $stderr.puts "Could not load OpenSSL" end @@ -92,7 +92,7 @@ end def connected? - :not_connected == @status && open? + :connected == @status && open? end def configure_socket(&block) @@ -263,7 +263,7 @@ :connect_timeout => timeout) true - rescue SocketError, Timeout::Error => e + rescue SocketError, Timeout::Error => _e false ensure s.close if s @@ -318,7 +318,7 @@ def tls_certificate_from(opts) begin read_client_certificate! - rescue MissingTLSCertificateFile => e + rescue MissingTLSCertificateFile => _e inline_client_certificate_from(opts) end end @@ -326,7 +326,7 @@ def tls_key_from(opts) begin read_client_key! - rescue MissingTLSKeyFile => e + rescue MissingTLSKeyFile => _e inline_client_key_from(opts) end end @@ -364,6 +364,11 @@ raise "cannot wrap a socket into TLS socket, @tls_context is nil. This is a Bunny bug." unless @tls_context s = Bunny::SSLSocketImpl.new(socket, @tls_context) + + # always set the SNI server name if possible since RFC 3546 and RFC 6066 both state + # that TLS clients supporting the extensions can talk to TLS servers that do not + s.hostname = @host if s.respond_to?(:hostname) + s.sync_close = true s end @@ -450,9 +455,9 @@ cert_files = [] cert_inlines = [] certs.each do |cert| - # if it starts with / then it's a file path that may or may not - # exists (e.g. a default OpenSSL path). MK. - if File.readable?(cert) || cert =~ /^\// + # if it starts with / or C:/ then it's a file path that may or may not + # exist (e.g. a default OpenSSL path). MK. + if File.readable?(cert) || cert =~ /^([a-z]:?)?\//i cert_files.push(cert) else cert_inlines.push(cert) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/bunny/version.rb new/lib/bunny/version.rb --- old/lib/bunny/version.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/lib/bunny/version.rb 2017-04-15 21:38:45.000000000 +0200 @@ -2,5 +2,5 @@ module Bunny # @return [String] Version of the library - VERSION = "2.6.4" + VERSION = "2.6.5" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2017-03-04 13:51:22.000000000 +0100 +++ new/metadata 2017-04-15 21:38:44.000000000 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: bunny version: !ruby/object:Gem::Version - version: 2.6.4 + version: 2.6.5 platform: ruby authors: - Chris Duncan @@ -12,7 +12,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2017-03-04 00:00:00.000000000 Z +date: 2017-04-15 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: amq-protocol @@ -20,14 +20,14 @@ requirements: - - ">=" - !ruby/object:Gem::Version - version: 2.0.1 + version: 2.1.0 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - ">=" - !ruby/object:Gem::Version - version: 2.0.1 + version: 2.1.0 description: Easy to use, feature complete Ruby client for RabbitMQ 3.3 and later versions. email: @@ -59,8 +59,8 @@ - benchmarks/synchronized_sorted_set.rb - benchmarks/write_vs_write_nonblock.rb - bin/ci/before_build -- bin/ci/start_rabbitmq - bunny.gemspec +- docker-compose.yml - docker/Dockerfile - docker/docker-entrypoint.sh - examples/connection/authentication_failure.rb @@ -199,6 +199,9 @@ - spec/tls/ca_key.pem - spec/tls/client_certificate.pem - spec/tls/client_key.pem +- spec/tls/generate-server-cert.sh +- spec/tls/server-openssl.cnf +- spec/tls/server.csr - spec/tls/server_certificate.pem - spec/tls/server_key.pem - spec/unit/bunny_spec.rb @@ -228,7 +231,7 @@ version: '0' requirements: [] rubyforge_project: -rubygems_version: 2.5.1 +rubygems_version: 2.6.11 signing_key: specification_version: 4 summary: Popular easy to use Ruby client for RabbitMQ @@ -297,6 +300,9 @@ - spec/tls/ca_key.pem - spec/tls/client_certificate.pem - spec/tls/client_key.pem +- spec/tls/generate-server-cert.sh +- spec/tls/server-openssl.cnf +- spec/tls/server.csr - spec/tls/server_certificate.pem - spec/tls/server_key.pem - spec/unit/bunny_spec.rb diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/config/rabbitmq.config new/spec/config/rabbitmq.config --- old/spec/config/rabbitmq.config 2017-03-04 13:51:22.000000000 +0100 +++ new/spec/config/rabbitmq.config 2017-04-15 21:38:45.000000000 +0200 @@ -2,12 +2,13 @@ {rabbit, [ {ssl_listeners, [5671]}, - {ssl_options, [{cacertfile,"spec/tls/cacert.pem"}, - {certfile,"spec/tls/server_cert.pem"}, - {keyfile,"spec/tls/server_key.pem"}, + {ssl_options, [{cacertfile,"/spec/tls/ca_certificate.pem"}, + {certfile,"/spec/tls/server_certificate.pem"}, + {keyfile,"/spec/tls/server_key.pem"}, {verify,verify_none}, - {fail_if_no_peer_cert,false}]} ] - }, + {fail_if_no_peer_cert,false}]}, + {loopback_users, []} + ] }, {rabbitmq_management, [{listener, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/higher_level_api/integration/connection_recovery_spec.rb new/spec/higher_level_api/integration/connection_recovery_spec.rb --- old/spec/higher_level_api/integration/connection_recovery_spec.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/spec/higher_level_api/integration/connection_recovery_spec.rb 2017-04-15 21:38:45.000000000 +0200 @@ -316,6 +316,7 @@ delivered = false ch = c.create_channel + ch.confirm_select q = ch.queue("", exclusive: true) q.subscribe do |_, _, _| delivered = true @@ -325,13 +326,14 @@ expect(ch).to be_open q.publish("") + ch.wait_for_confirms poll_until { delivered } end end it "recovers all consumers" do - n = 1024 + n = 32 with_open do |c| ch = c.create_channel @@ -347,7 +349,7 @@ end it "recovers all queues" do - n = 256 + n = 32 qs = [] @@ -385,6 +387,16 @@ end def close_all_connections! + # let whatever actions were taken before + # this call a chance to propagate, e.g. to make + # sure that connections are accounted for in the + # stats DB. + # + # See bin/ci/before_build for management plugin + # pre-configuration. + # + # MK. + sleep 1.1 connections.each do |conn_info| close_ignoring_permitted_exceptions(conn_info.name) end @@ -401,14 +413,14 @@ end def poll_while(&probe) - Timeout::timeout(10) { - sleep 0.1 while probe[] + Timeout.timeout(20) { + sleep 0.1 while probe.call } end def poll_until(&probe) - Timeout::timeout(10) { - sleep 0.1 until probe[] + Timeout.timeout(20) { + sleep 0.1 until probe.call } end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/higher_level_api/integration/connection_stop_spec.rb new/spec/higher_level_api/integration/connection_stop_spec.rb --- old/spec/higher_level_api/integration/connection_stop_spec.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/spec/higher_level_api/integration/connection_stop_spec.rb 2017-04-15 21:38:45.000000000 +0200 @@ -4,6 +4,16 @@ let(:http_client) { RabbitMQ::HTTP::Client.new("http://127.0.0.1:15672") } def close_connection(client_port) + # let whatever actions were taken before + # this call a chance to propagate, e.g. to make + # sure that connections are accounted for in the + # stats DB. + # + # See bin/ci/before_build for management plugin + # pre-configuration. + # + # MK. + sleep 1.1 c = http_client. list_connections. find { |conn_info| conn_info && conn_info.peer_port.to_i == client_port } @@ -12,7 +22,7 @@ end def wait_for_recovery - sleep 0.5 + sleep 1.5 end it "can be closed" do @@ -58,6 +68,7 @@ c.start ch = c.create_channel + sleep 1.5 expect(c).to be_open sleep 1.5 close_connection(c.local_port) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/higher_level_api/integration/exchange_declare_spec.rb new/spec/higher_level_api/integration/exchange_declare_spec.rb --- old/spec/higher_level_api/integration/exchange_declare_spec.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/spec/higher_level_api/integration/exchange_declare_spec.rb 2017-04-15 21:38:45.000000000 +0200 @@ -98,17 +98,18 @@ context "when declared with a different set of attributes" do it "raises an exception" do - ch = connection.create_channel + ch1 = connection.create_channel + ch2 = connection.create_channel - x = ch.fanout("bunny.tests.exchanges.fanout", auto_delete: true, durable: false) + x = ch1.fanout("bunny.tests.exchanges.fanout", auto_delete: true, durable: false) expect { # force re-declaration - ch.exchange_declare("bunny.tests.exchanges.fanout", :direct, auto_delete: false, durable: true) + ch2.exchange_declare("bunny.tests.exchanges.fanout", :direct, auto_delete: false, durable: true) }.to raise_error(Bunny::PreconditionFailed) - expect(ch).to be_closed + expect(ch2).to be_closed expect { - ch.fanout("bunny.tests.exchanges.fanout", auto_delete: true, durable: false) + ch2.fanout("bunny.tests.exchanges.fanout", auto_delete: true, durable: false) }.to raise_error(Bunny::ChannelAlreadyClosed) end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/higher_level_api/integration/tls_connection_spec.rb new/spec/higher_level_api/integration/tls_connection_spec.rb --- old/spec/higher_level_api/integration/tls_connection_spec.rb 2017-03-04 13:51:22.000000000 +0100 +++ new/spec/higher_level_api/integration/tls_connection_spec.rb 2017-04-15 21:38:45.000000000 +0200 @@ -30,6 +30,44 @@ end end + def local_hostname + ENV.fetch("BUNNY_RABBITMQ_HOSTNAME", "127.0.0.1") + end + + context "initialized with :tls => true" do + let(:subject) do + Bunny.new(:user => "bunny_gem", + :password => "bunny_password", + :vhost => "bunny_testbed", + :tls => true, + :verify_peer => verify_peer, + :tls_cert => "spec/tls/client_certificate.pem", + :tls_key => "spec/tls/client_key.pem", + :tls_ca_certificates => ["./spec/tls/ca_certificate.pem"]) + end + + context "peer verification is off" do + let(:verify_peer) { false } + + it "uses TLS port" do + expect(subject.port).to eq AMQ::Protocol::TLS_PORT + end + + it "sends the SNI details" do + # https://github.com/ruby-amqp/bunny/issues/440 + subject.start + expect(subject.transport.socket.hostname).to_not be_empty + end + end + + context "peer verification is on" do + let(:verify_peer) { true } + + it "uses TLS port" do + expect(subject.port).to eq AMQ::Protocol::TLS_PORT + end + end + end describe "TLS connection to RabbitMQ with client certificates" do let(:connection) do @@ -75,7 +113,7 @@ describe "TLS connection to RabbitMQ with a connection string" do let(:connection) do - c = Bunny.new("amqps://bunny_gem:bunny_password@127.0.0.1/bunny_testbed", + c = Bunny.new("amqps://bunny_gem:bunny_password@#{local_hostname}/bunny_testbed", tls_cert: "spec/tls/client_certificate.pem", tls_key: "spec/tls/client_key.pem", tls_ca_certificates: ["./spec/tls/ca_certificate.pem"], @@ -94,9 +132,9 @@ describe "TLS connection to RabbitMQ with a connection string and w/o client certificate and key" do let(:connection) do - c = Bunny.new("amqps://bunny_gem:bunny_password@127.0.0.1/bunny_testbed", + c = Bunny.new("amqps://bunny_gem:bunny_password@#{local_hostname}/bunny_testbed", tls_ca_certificates: ["./spec/tls/ca_certificate.pem"], - verify_peer: false) + verify_peer: verify_peer) c.start c end @@ -105,7 +143,27 @@ connection.close end - include_examples "successful TLS connection" + context "peer verification is off" do + let(:verify_peer) { false } + + include_examples "successful TLS connection" + + it "sends the SNI details" do + # https://github.com/ruby-amqp/bunny/issues/440 + expect(connection.transport.socket.hostname).to_not be_empty + end + end + + context "peer verification is on" do + let(:verify_peer) { true } + + include_examples "successful TLS connection" + + it "sends the SNI details" do + # https://github.com/ruby-amqp/bunny/issues/440 + expect(connection.transport.socket.hostname).to_not be_empty + end + end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/stress/concurrent_consumers_stress_spec.rb new/spec/stress/concurrent_consumers_stress_spec.rb --- old/spec/stress/concurrent_consumers_stress_spec.rb 2017-03-04 13:51:23.000000000 +0100 +++ new/spec/stress/concurrent_consumers_stress_spec.rb 2017-04-15 21:38:45.000000000 +0200 @@ -5,7 +5,7 @@ describe "Concurrent consumers sharing a connection" do before :all do @connection = Bunny.new(username: "bunny_gem", password: "bunny_password", vhost: "bunny_testbed", - automatic_recovery: false) + automatic_recovery: false, continuation_timeout: 45000) @connection.start end @@ -20,7 +20,7 @@ context "when publishing thousands of messages over 128K in size" do let(:colors) { ["red", "blue", "white"] } - let(:n) { 32 } + let(:n) { 16 } let(:m) { 5000 } it "successfully drain all queues" do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/tls/generate-server-cert.sh new/spec/tls/generate-server-cert.sh --- old/spec/tls/generate-server-cert.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/tls/generate-server-cert.sh 2017-04-15 21:38:45.000000000 +0200 @@ -0,0 +1,8 @@ +#!/bin/sh + +DIRNAME=$(dirname "$0") + +openssl req -sha256 -new -key $DIRNAME/server_key.pem -out $DIRNAME/server.csr -subj "/CN=mercurio" -config $DIRNAME/server-openssl.cnf +openssl x509 -sha256 -req -in $DIRNAME/server.csr -CA $DIRNAME/ca_certificate.pem -CAkey $DIRNAME/ca_key.pem -CAcreateserial -CAserial $DIRNAME/ca.srl -out $DIRNAME/server_certificate.pem -days 3650 -extensions v3_req -extfile $DIRNAME/server-openssl.cnf + +echo "Written new server CSR and certificate" \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/tls/server-openssl.cnf new/spec/tls/server-openssl.cnf --- old/spec/tls/server-openssl.cnf 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/tls/server-openssl.cnf 2017-04-15 21:38:45.000000000 +0200 @@ -0,0 +1,10 @@ +[req] +req_extensions = v3_req +distinguished_name = req_distinguished_name +[req_distinguished_name] +[ v3_req ] +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = @alt_names +[alt_names] +IP.1 = 127.0.0.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/tls/server.csr new/spec/tls/server.csr --- old/spec/tls/server.csr 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/tls/server.csr 2017-04-15 21:38:45.000000000 +0200 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICkjCCAXoCAQAwEzERMA8GA1UEAwwIbWVyY3VyaW8wggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCkvvzm5nB3CDqTFEYQnfOy8DwJLm34MvdrKQAThzDy +qa37sb4IC0YclBFbZfsw8+paK+Rpo2Vlhzclb66z0cGs9SvxuKkJ45w0fk0ctxMg +tvWISRGZR7LMw5u0q2m61dK0FTGSl+qzJohb5Dklb6BApoGoIPH+eYraVxHR29x2 +x8hqzBt5TpiUW8bu7LPQJbX0mYGhKQDf86kao+sptRQ2045D7vB3jrkPhq0XZVJi +QymzOSSejYSN1oZ464DtT+dpLBYHEVJoJPu4r4kY/8A7v+93PWQaDERKBfvwWHfV +U44xn7R/aojSvNT7kQILsf2BnfJlMwoedWQLxPddmB3PAgMBAAGgOjA4BgkqhkiG +9w0BCQ4xKzApMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMA8GA1UdEQQIMAaHBH8A +AAEwDQYJKoZIhvcNAQELBQADggEBAFyfaotajM/h2dyodKJqO6stAIpxiQXTds8V +5ZHDozBxzLZkeBIY+hsqh/owmqomk56swui+336WAKIBwIJyJrtIl8C/lupGaTbR +BouWWbyZOQAE2ExHcUgdGEOVoCN2ieBR4RVQ8Id4GAlHvlFGPqakaLMV6Zc7VqDh +vxdOLgATEE+MhebTo9yOHj14qdvzhi5w3ZEg1kdfOuGN9I4gJcv4PWwudBhn4wE7 +oHAIP2nixROI7cZcZ9fBrimcdGQsXNZLTXiGzNra4utOXuQ7w5qoiEhHoxXalowE +KvEA9otLadjtULg6DRd3zYuIyrUiBIRUHZ1p2xSnd/lLekbMfCQ= +-----END CERTIFICATE REQUEST-----