A Free Software, multi-threaded, non-blocking network
application server designed for low _idle_ power consumption.
It is primarily optimized for applications with occasional users
which see little or no traffic. yahns currently hosts Rack/HTTP
applications, but may eventually support other application
types. Unlike some existing servers, yahns is extremely
sensitive to fatal bugs in the applications it hosts.
Changes:
yahns 1.12.2 - minor doc and TLS fixes
This release ensures OpenSSL::SSL::SSLContext#session_id_context
is always set for OpenSSL users. It won't overwrite existing
settings, but setting it to a random value is necessary to
ensure clients do not get aborted connections when attempting to
use a session cache.
No need to actually upgrade if you're on 1.12.1, you may add the
following to your yahns_config(5) file where
OpenSSL::SSL::SSLContext is configured:
# recommended, not required. This sets safer defaults
# provided by Ruby on top of what OpenSSL gives:
ssl_ctx.set_params
# required, and done by default in v1.12.2:
ssl_ctx.session_id_context ||= OpenSSL::Random.random_bytes(32)
yahns gives you full control of of how OpenSSL::SSL::SSLContext is
configured. To avoid bugs, yahns only ensures
OpenSSL::SSL::SSLContext#session_id_context is set (if not previously
set by the user) and calls OpenSSL::SSL::SSLContext#setup before
spawning threads to avoid race conditions. yahns itself does not and
will not enforce any opinion on the compatibility/performance/security
trade-offs regarding TLS configuration.
Note: keep in mind using an SSL session cache may be less useful
with yahns because HTTP/1.1 persistent connections may live
forever :)
3 bug/doc fixes on top of v1.12.1:
document OpenSSL::SSL::SSLContext#set_params use
ssl: ensure is session_id_context is always set
test/*: fix mktmpdir usage for 1.9.3
Please note the disclaimer:
yahns is extremely sensitive to fatal bugs in the apps it hosts. There
is no (and never will be) any built-in "watchdog"-type feature to kill
stuck processes/threads. Each yahns process may be handling thousands
of clients; unexpectedly killing the process will abort _all_ of those
connections. Lives may be lost!
yahns hackers are not responsible for your application/library bugs.
Use an application server which is tolerant of buggy applications
if you cannot be bothered to fix all your fatal bugs.
* git clone git://yhbt.net/yahns
* http://yahns.yhbt.net/README
* http://yahns.yhbt.net/NEWS.atom.xml
* we only accept plain-text email yahns-public@yhbt.net
* and archive all the mail we receive: http://yhbt.net/yahns-public/
* nntp://news.public-inbox.org/inbox.comp.lang.ruby.yahns
--
unsubscribe: yahns-public+unsubscr...@yhbt.net
archive: http://yhbt.net/yahns-public/
