[OpenSRF-GIT] OpenSRF branch rel_3_0 updated. osrf_rel_3_0_1-7-g7d673a2
Evergreen Git
git at git.evergreen-ils.org
Tue Nov 6 11:49:40 EST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSRF".
The branch, rel_3_0 has been updated
via 7d673a24367996c2ccc31b76eb613b2a5b0de2bb (commit)
via e574cdf4321f01fa1ae6777e38dadd4e04895932 (commit)
via e0f49880d6d844aae1e6b31d7e4743ad596402d5 (commit)
from 7866a18c7455f8243e9f1076ebdff230f5905357 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7d673a24367996c2ccc31b76eb613b2a5b0de2bb
Author: Galen Charlton <gmc at equinoxinitiative.org>
Date: Tue Nov 6 11:48:10 2018 -0500
update ChangeLog for 3.0.2
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/ChangeLog b/ChangeLog
index 4208422..a5b603d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,8 @@
-commit ae7d4165ffbcfb35f98700c061e02714b9f3ebee
+commit e574cdf4321f01fa1ae6777e38dadd4e04895932
Author: Galen Charlton <gmc at equinoxinitiative.org>
-Date: Mon May 7 19:30:24 2018 -0400
+Date: Tue Nov 6 11:36:57 2018 -0500
- update version numbers for OpenSRF 3.0.1
+ update version numbers for 3.0.2
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
@@ -11,251 +11,94 @@ Date: Mon May 7 19:30:24 2018 -0400
1 1 src/python/setup.py
1 1 version.m4
-commit b5c03e9036a58acfe3099730d98666af7578472e
+commit e0f49880d6d844aae1e6b31d7e4743ad596402d5
Author: Galen Charlton <gmc at equinoxinitiative.org>
-Date: Mon May 7 19:25:45 2018 -0400
+Date: Tue Nov 6 11:35:11 2018 -0500
- update release notes for OpenSRF 3.0.1
+ update release notes for OpenSRF 3.0.2
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-37 1 doc/RELEASE_NOTES.txt
+61 1 doc/RELEASE_NOTES.txt
-commit b704d6ad373ed581b4f8caa2bd156161a0aa1bbd
-Author: Galen Charlton <gmc at equinoxinitiative.org>
-Date: Mon May 7 16:03:16 2018 -0400
-
- LP#1243841: quiet a misleading indentation warning
-
- Adjusts a spaces-vs-tabs issue to fix the following compilation
- warning:
-
- osrf_prefork.c: In function ‘check_children’:
- osrf_prefork.c:1067:5: warning: this ‘if’ clause does not
- guard... [-Wmisleading-indentation]
- if( select_ret <= 0 ) // we're done here
- ^~
- osrf_prefork.c:1072:2: note: ...this statement, but the latter is
- misleadingly indented as if it is guarded by the ‘if’
- cur_child = forker->first_child;
- ^~~~~~~~~
-
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-1 1 src/libopensrf/osrf_prefork.c
-
-commit 62a29dafa4b978d3bc6f4ef8d2dddebe1b319ebb
-Author: Jason Stephenson <jason at sigio.com>
-Date: Tue Nov 7 16:39:39 2017 -0500
+commit 7866a18c7455f8243e9f1076ebdff230f5905357
+Author: Bill Erickson <berickxx at gmail.com>
+Date: Mon Aug 27 10:12:57 2018 -0400
- LP#1243841 - Quiet remaining Make install warnings.
-
- We silence the following warnings:
+ LP#1684970 Translator compatible with mod_remoteip
- apachetools.c:179:15: warning: initialization discards 'const' qualifier
- from pointer target type [enabled by default]
+ Teach the OSRF Translator to request the IP address of the user agent
+ (e.g. web browser) instead of the IP address of the up stream client,
+ which may be a proxy, using the Apache 2.4 request_rec->useragent_ip
+ value.
- apachetools.c:181:8: warning: assignment discards 'const' qualifier from
- pointer target type [enabled by default]
+ http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html
- apachetools.c:183:8: warning: assignment discards 'const' qualifier from
- pointer target type [enabled by default]
+ This make is possible for the translator to access the client IP with
+ Apache's mod_remoteip enabled and configured.
- ./osrf_websocket_translator.c:541:9: warning: return makes integer from
- pointer without a cast [enabled by default]
+ Includes sample config and install documentation.
- ./osrf_http_translator.c:300:25: warning: passing argument 1 of 'free'
- discards 'const' qualifier from pointer target type [enabled by default]
-
- Signed-off-by: Jason Stephenson <jason at sigio.com>
+ Signed-off-by: Bill Erickson <berickxx at gmail.com>
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-1 1 src/gateway/apachetools.c
+17 0 README
+10 0 examples/apache2/opensrf.conf
1 1 src/gateway/osrf_http_translator.c
-1 1 src/gateway/osrf_websocket_translator.c
-
-commit 35c7bb1b81bd41d99ad0a0756bf669a13e6ef63b
-Author: Jason Stephenson <jason at sigio.com>
-Date: Tue Nov 7 15:58:05 2017 -0500
-
- LP#1243841 - Quiet additional Make warnings and some code cleanup.
-
- We make the following warnings go away:
-
- osrf_legacy_json.c:607:6: warning: variable ‘fourth_dash’ set but
- not used [-Wunused-but-set-variable]
-
- osrf_legacy_json.c:836:5: warning: passing argument 3 of ‘makeNode’
- discards ‘const’ qualifier from pointer target type [enabled by
- default]
-
- utils.c:133:2: warning: format not a string literal and no format
- arguments [-Wformat-security]
-
- We also cleanup the while block nested in a do while block around line
- 63 of osrf_cache.c to be more readable by adding braces and breaking
- it across 3 lines.
-
- Signed-off-by: Jason Stephenson <jason at sigio.com>
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-3 1 src/libopensrf/osrf_cache.c
-4 6 src/libopensrf/osrf_legacy_json.c
-6 3 src/libopensrf/utils.c
-
-commit 4dadb76c5b7e73615de4a1ff923aa46b77b95330
-Author: Chris Sharp <csharp at georgialibraries.org>
-Date: Tue Sep 19 21:25:12 2017 -0400
-
- LP#1243841 - Quiet wrong format warnings during make install.
-
- During make install, the compiler warns that %d expects an int when the
- actual value is a long int. Changing %d to %ld fixes the issue.
-
- Signed-off-by: Chris Sharp <csharp at georgialibraries.org>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-3 3 src/gateway/osrf_websocket_translator.c
-
-commit c298ab7017627c3502a1b185e2d5871dd0b671ee
-Author: Chris Sharp <csharp at georgialibraries.org>
-Date: Tue Sep 19 20:46:28 2017 -0400
-
- LP#1243841 - Quiet unused return value warning in srfsh.c
-
- Using the technique described here: https://stackoverflow.com/a/13999461.
-
- Signed-off-by: Chris Sharp <csharp at georgialibraries.org>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-1 1 src/srfsh/srfsh.c
-
-commit 3994a17e604f32dc184e9f01afac1b3c573b9927
-Author: Chris Sharp <csharp at georgialibraries.org>
-Date: Tue Sep 19 20:37:13 2017 -0400
-
- LP#1243841 - Quiet unused return value warnings.
-
- Using advice given here: https://stackoverflow.com/a/13999461, "The
- only good (if ugly) way to suppress these is to convert the return
- value into something that the compiler agrees that you can ignore."
-
- Signed-off-by: Chris Sharp <csharp at georgialibraries.org>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-4 4 src/libopensrf/utils.c
-
-commit f50772c5726b1655d67bfefaaa5cd7d4d8892b47
-Author: Chris Sharp <csharp at georgialibraries.org>
-Date: Tue Sep 19 18:10:00 2017 -0400
-
- LP#1243841 - Wrap truth test using "=" in an extra set of parens.
-
- Referring to https://stackoverflow.com/questions/5476759/compiler-warning-suggest-parentheses-around-assignment-used-as-truth-value,
- it is recommended to wrap variable assignments that are used as a truth
- test within an extra set of parentheses.
-
- Signed-off-by: Chris Sharp <csharp at georgialibraries.org>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
- Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-
-1 1 src/libopensrf/osrf_cache.c
-commit 2f7688068af65cbe44c460daf0835b25344e6cca
-Author: Jason Stephenson <jason at sigio.com>
-Date: Sun Feb 18 12:12:13 2018 -0500
+commit 7d144fbdb50b3d91c8fd9429f35838b37f3cd83c
+Author: Bill Erickson <berickxx at gmail.com>
+Date: Wed Jul 11 12:27:05 2018 -0400
- LP1340982: Ignore both 'comment' and '#comment' nodes in Settings Parse.
-
- Modify the XML2perl helper function in OpenSRF::Utils::SettingsParser
- to ignore comment nodes that have names of comment and #comment.
-
- To reproduce the bug:
-
- 1. Stop OpenSRF services.
-
- 2. Add a XML comment, any text betwen <!-- and -->, in the list of
- MARC templates in the opensrf.xml file.
-
- 3. Restart OpenSRF services.
-
- 4. In the staff client, go to Cataloging->Create New MARC Record.
-
- 5. In the list of templates, you will #comment where you added the
- comment. (NOTE: I only tested with 1 comment. Things may get worse
- with more than 1 comment.)
+ LP#1711145 NGINX sample config security improvements
- 6. There will be an error like the following in the
- open-ils.cat_stderr.log if you attempt to choose the #comment entry:
+ * Adds security recommendations from
+ https://mozilla.github.io/server-side-tls/ssl-config-generator/
+ * Enables http2
+ * Apply a 5-minute proxy read timeout to avoid too-short timeouts on
+ long API calls.
+ * Adds a (commented) section on sending nginx logs to syslog
- Caught error from 'run' method: Exception: OpenSRF::EX::ERROR
- 2018-02-18T11:24:30 OpenSRF::Application
- /usr/local/share/perl/5.22.1/OpenSRF/Application.pm:240 System
- ERROR: Unable to open MARC template file: HASH(0x2249928) :
+ Includes INSTALL notes on generating the dhparam file.
- To test the fix:
-
- 1. Leave the comments in the opensrf.xml file from before.
-
- 2. Apply this commit, do make and make install for OpenSRF.
-
- 3. Just to make sure, do make and make install for Evergreen.
-
- 4. Repeat steps 3 and 4 from above.
-
- 5. You should NOT see any templates named #comment.
-
- Signed-off-by: Jason Stephenson <jason at sigio.com>
+ Signed-off-by: Bill Erickson <berickxx at gmail.com>
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-1 1 src/perl/lib/OpenSRF/Utils/SettingsParser.pm
+10 2 README
+30 2 examples/nginx/osrf-ws-http-proxy
-commit 24a14a104c2a216664ab52311eb9f90955b75e31
+commit d2683cd6d552fdbc6dc25e24cc2aa6c047243b4c
Author: Bill Erickson <berickxx at gmail.com>
-Date: Tue Apr 10 15:06:56 2018 -0400
+Date: Tue Jun 12 12:12:45 2018 -0400
- LP#1762815 Empty client TZ defaults to server TZ (Perl)
+ LP#1776510 JS libs handle transport errors
- Fixes an issue in the Perl client time zone handling that resulted in
- the server defaulting to UTC time instead of the server time zone when
- no time zone value was received from the client.
-
- Signed-off-by: Bill Erickson <berickxx at gmail.com>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
-
-1 0 src/perl/lib/OpenSRF/DomainObject/oilsMessage.pm
-
-commit 0c7f94abf5911cdf042c1162705e721a4fd2899f
-Author: Bill Erickson <berickxx at gmail.com>
-Date: Wed Jan 24 15:16:14 2018 -0500
-
- LP#1744158 Websocket proc exits on ejabberd disconnect
+ Teach the websocket client code to look for the transport_error flag
+ applied to the websocket wrapper message by the websocket gateway when a
+ request for an unavilable service is made.
- Any errors relaying websocket messages to OpenSRF now result in the WS
- client being disconnected, allowing the WS process to exit. This
- prevents the WS gateway from accepting requests it cannot process and
- allows the client to connect to a new WS process.
+ When encountered, fire the transport or generic error handler callbacks,
+ if available. Avoid any attempts to further process the message.
Signed-off-by: Bill Erickson <berickxx at gmail.com>
- Signed-off-by: Jason Stephenson <jason at sigio.com>
+ Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
-17 4 src/gateway/osrf_websocket_translator.c
+23 0 src/javascript/opensrf.js
-commit 0cb4209fa03091b62df2793a7b273e0c981798d3
-Author: Bill Erickson <berickxx at gmail.com>
-Date: Wed Jan 31 13:07:41 2018 -0500
+commit 0df7943369cbd5416276de84b428cd0a27a2b1eb
+Author: Mike Rylander <mrylander at gmail.com>
+Date: Fri Jul 7 15:22:21 2017 -0400
- LP#1746577 Websocket responder exits on jabber disconnect
+ LP#1702978: memcache Get methods use key as va_list format
- Regularly check for Jabber socket disconnects in the websocket gateway
- "responder" thread (that relays messages from opensrf to the WS client)
- and force a client disconnect when a broken jabber socket is detected.
+ And, when a key (composed of, say, a username or barcode) has a % in it,
+ bad things happen. We will stop acting as if these are variadic functions
+ now, and also update Evergreen so that it does not do that either.
- Signed-off-by: Bill Erickson <berickxx at gmail.com>
- Signed-off-by: Chris Sharp <csharp at georgialibraries.org>
+ TODO: Make these actually non-variadic, but that breaks ABI.
+
+ Signed-off-by: Mike Rylander <mrylander at gmail.com>
+ Signed-off-by: Cesar Velez <cesar.velez at equinoxinitiative.org>
Signed-off-by: Jason Stephenson <jason at sigio.com>
-18 2 src/gateway/osrf_websocket_translator.c
+13 17 src/libopensrf/osrf_cache.c
commit e574cdf4321f01fa1ae6777e38dadd4e04895932
Author: Galen Charlton <gmc at equinoxinitiative.org>
Date: Tue Nov 6 11:36:57 2018 -0500
update version numbers for 3.0.2
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/README b/README
index b00a76b..364e2f4 100644
--- a/README
+++ b/README
@@ -29,7 +29,7 @@ Issue the following commands as the *user* Linux account.
+
[source, bash]
------------------------------------------------------------------------------
-wget https://evergreen-ils.org/downloads/opensrf-3.0.1.tar.gz
+wget https://evergreen-ils.org/downloads/opensrf-3.0.2.tar.gz
------------------------------------------------------------------------------
+
[NOTE]
@@ -40,8 +40,8 @@ http://git.evergreen-ils.org/?p=OpenSRF.git
+
[source, bash]
------------------------------------------------------------------------------
-tar -xvf opensrf-3.0.1.tar.gz
-cd opensrf-3.0.1/
+tar -xvf opensrf-3.0.2.tar.gz
+cd opensrf-3.0.2/
------------------------------------------------------------------------------
Installing prerequisites
@@ -469,14 +469,14 @@ a2dismod websocket
.(Debian Wheezy)
[source, bash]
---------------------------------------------------------------------------
-cd /path/to/opensrf-3.0.1
+cd /path/to/opensrf-3.0.2
cp examples/apache2/websockets/apache2.conf /etc/apache2-websockets/
---------------------------------------------------------------------------
+
.(Debian Jessie/Stretch, Ubuntu Trusty/Xenial)
[source, bash]
---------------------------------------------------------------------------
-cd /path/to/opensrf-3.0.1
+cd /path/to/opensrf-3.0.2
cp examples/apache_24/websockets/apache2.conf /etc/apache2-websockets/
---------------------------------------------------------------------------
+
@@ -566,7 +566,7 @@ apt-get install nginx
+
[source, bash]
---------------------------------------------------------------------------
-cd /path/to/opensrf-3.0.1
+cd /path/to/opensrf-3.0.2
cp examples/nginx/osrf-ws-http-proxy /etc/nginx/sites-available/
ln -s /etc/nginx/sites-available/osrf-ws-http-proxy /etc/nginx/sites-enabled/osrf-ws-http-proxy
rm /etc/nginx/sites-enabled/default
@@ -630,7 +630,7 @@ apt-get install haproxy
+
[source, bash]
---------------------------------------------------------------------------
-cd /path/to/opensrf-3.0.1
+cd /path/to/opensrf-3.0.2
cat examples/haproxy/osrf-ws-http-proxy >> /etc/haproxy/haproxy.cfg
---------------------------------------------------------------------------
+
diff --git a/src/perl/lib/OpenSRF.pm b/src/perl/lib/OpenSRF.pm
index 40a7097..17819c3 100644
--- a/src/perl/lib/OpenSRF.pm
+++ b/src/perl/lib/OpenSRF.pm
@@ -12,11 +12,11 @@ OpenSRF - Top level class for OpenSRF perl modules.
=head1 VERSION
-Version 3.0.1
+Version 3.0.2
=cut
-our $VERSION = "3.000001";
+our $VERSION = "3.000002";
=head1 METHODS
diff --git a/src/python/setup.py b/src/python/setup.py
index 02ebb35..6d399fb 100644
--- a/src/python/setup.py
+++ b/src/python/setup.py
@@ -3,7 +3,7 @@
from setuptools import setup
setup(name='OpenSRF',
- version='3.0.1',
+ version='3.0.2',
install_requires=[
'dnspython', # required by pyxmpp
'python-memcached',
diff --git a/version.m4 b/version.m4
index f1e537e..20eaa4c 100644
--- a/version.m4
+++ b/version.m4
@@ -1 +1 @@
-m4_define([VERSION_NUMBER],[3.0.1])
+m4_define([VERSION_NUMBER],[3.0.2])
commit e0f49880d6d844aae1e6b31d7e4743ad596402d5
Author: Galen Charlton <gmc at equinoxinitiative.org>
Date: Tue Nov 6 11:35:11 2018 -0500
update release notes for OpenSRF 3.0.2
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/doc/RELEASE_NOTES.txt b/doc/RELEASE_NOTES.txt
index e79e287..78a0b26 100644
--- a/doc/RELEASE_NOTES.txt
+++ b/doc/RELEASE_NOTES.txt
@@ -1,4 +1,4 @@
-OpenSRF 3.0.1 release notes
+OpenSRF 3.0.2 release notes
===========================
Supported platforms
@@ -8,6 +8,66 @@ The following Linux distributions are well-tested:
* Debian 7 (Wheezy), 8 (Jessie), and 9 (Stretch)
* Ubuntu 14.04 (Trusty Tahr) and 16.04 LTS (Xenial Xerus)
+OpenSRF 3.0.2
+-------------
+OpenSRF 3.0.2 was released on 6 November 2018 and fixes several
+bugs. All users of OpenSRF 3.0.x are advised to upgrade as soon
+as possible.
+
+The following bugs are fixed:
+
+ * LP#1684970: When running behind a proxy such as NGINX, the HTTP
+ translator was not getting the IP address of the user agent. As
+ a consequence, it was possible that two different HTTP translator
+ clients could end up talking to the same OpenSRF worker process.
+ This issue is resolved by using the `remoteip` Apache module
+ to extract the user agent's IP address from the X-Real-IP
+ HTTP header.
+ * LP#1702978: OpenSRF could fail to retrieve memcached values whose
+ keys contain the '%' character. This resulted in breaking
+ authentication in Evergreen when the username or barcode contained
+ a '%'.
+ * LP#1711145: The sample NGINX configuration file shipped with
+ OpenSRF had weak SSL settings. As of this release, it now
+ ** Enables http2
+ ** Adds a commented section on enabling SSL everywhere.
+ ** Apply a 5-minute proxy read timeout to avoid too-short timeouts on
+ long API calls.
+ ** Adds a commented section on sending NGINX logs to syslog.
+ ** Includes INSTALL notes on generating the dhparam file.
+ * LP#1776510: The JavaScript client code was not detecting when
+ the WebSockets gateway threw a transport error, e.g. when a request
+ was made of a nonexistent service. This situation can now be
+ caught by error-handling callbacks.
+
+Upgrade Notes
+~~~~~~~~~~~~~
+Users of NGINX should adjust their configuration to match the revisions
+in `examples/nginx/osrf-ws-http-proxy`.
+
+Users of Apache 2.4 and a proxy such as NGINX should enable the `remoteip`
+Apache module and apply the following configuration change to the Apache
+configuration:
+
+[source,sh]
+---------------------------------------------------------------------
+ RemoteIPInternalProxy 127.0.0.1/24 # adjust for actual internal
+ # address of proxy
+ RemoteIPInternalProxy ::1
+ RemoteIPHeader X-Real-IP
+---------------------------------------------------------------------
+
+Acknowledgments
+~~~~~~~~~~~~~~~
+We would like to thank the following people who contributed to coding
+and testing for OpenSRF 3.0.2:
+
+ * Galen Charlton
+ * Bill Erickson
+ * Mike Rylander
+ * Jason Stephenson
+ * Cesar Velez
+
OpenSRF 3.0.1
-------------
OpenSRF 3.0.1 was released on 25 May 2018 and fixes a number of
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 273 ++++++++++-------------------------------------
README | 14 ++--
doc/RELEASE_NOTES.txt | 62 +++++++++++-
src/perl/lib/OpenSRF.pm | 4 +-
src/python/setup.py | 2 +-
version.m4 | 2 +-
6 files changed, 130 insertions(+), 227 deletions(-)
hooks/post-receive
--
OpenSRF
More information about the opensrf-commits
mailing list