[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#771009: marked as done (unblock: ruby-mysql2/0.3.16-2 (preapproval))

Your message dated Thu, 27 Nov 2014 18:30:30 +0000
with message-id <1417113030.11353.29.camel@adam-barratt.org.uk>
and subject line Re: Bug#771009: unblock: ruby-mysql2/0.3.16-2
has caused the Debian Bug report #771009,
regarding unblock: ruby-mysql2/0.3.16-2 (preapproval)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
771009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771009
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear release team,


I would like to ask for a pre-approval for an upload
of ruby-mysql2 in order to fix 2 important bugs in Jessie, upon request
of upstream.

The two bugs are:
- #770891 possible openssl infinite loop
  The current version in Jessie can cause infinite OpenSSL loop, because
  of a dummy socket that may not be able to absorb all the write. The
  patch proposes to replace the socket by /dev/null.

- #770896 libmysql may not be called correctly during initialization of the gem
  The current version of ruby-mysql2 may not completely initialize the
  MySQL library, so that different threads that trying to connect to
  the database may not succeed because of a race condition. The patch
  ensures full initialization of the MySQL library when the Ruby library
  is loaded.

These two bugs are fixed by very short patches, converted from upstream
commits.

Please find enclosed the debdiff with the version 0.3.16-2, containing
the changelog entry and the two patches.

If a preapproval is granted, should I then file a new unblock request
when the upload is performed?

Thanks!

Cédric

unblock ruby-mysql2/0.3.16-2

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru ruby-mysql2-0.3.16/debian/changelog ruby-mysql2-0.3.16/debian/changelog
--- ruby-mysql2-0.3.16/debian/changelog	2014-06-15 00:37:29.000000000 +0200
+++ ruby-mysql2-0.3.16/debian/changelog	2014-11-25 18:02:36.000000000 +0100
@@ -1,3 +1,15 @@
+ruby-mysql2 (0.3.16-2) unstable; urgency=medium
+
+  * Add upstream patch avoid_openssl_loop.patch to use /dev/null in the
+    invalidate_fd function to avoid infinite loop in OpenSSL (Closes: #770891)
+    Before, a dummy socket was used instead of /dev/null, which may not absorb
+    all writes and lead to an infinite loop.
+  * Add upstream patch correct_mysql_init.patch to correctly initialize the
+    MySQL library, to avoid race condition when other threads try to create a
+    connection (Closes: #770896)
+
+ -- Cédric Boutillier <boutil@debian.org>  Tue, 25 Nov 2014 17:52:01 +0100
+
 ruby-mysql2 (0.3.16-1) unstable; urgency=medium
 
   [ Jérémy Bobbio ]
diff -Nru ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch
--- ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch	1970-01-01 01:00:00.000000000 +0100
+++ ruby-mysql2-0.3.16/debian/patches/avoid_openssl_loop.patch	2014-11-25 23:07:16.000000000 +0100
@@ -0,0 +1,49 @@
+Description: Use /dev/null in invalidate_fd to avoid infinite loop in OpenSSL
+ Thanks to Andy Bakun / @thwarted for identifying the issue and
+ suggesting the /dev/null workaround.
+Author: Aaron Stone <aaron@serendipity.cx>
+Origin: upstream,https://github.com/brianmario/mysql2/commit/fc30a7c056e63517f5f66702016941b3902ec0b6.patch
+Reviewed-by: Cédric Boutillier <boutil@debian.org>
+Last-Update: 2014-08-24
+
+--- a/ext/mysql2/client.c
++++ b/ext/mysql2/client.c
+@@ -167,26 +167,30 @@
+ 
+ #ifndef _WIN32
+ /*
+- * Redirect clientfd to a dummy socket for mysql_close to
+- * write, shutdown, and close on as a no-op.
+- * We do this hack because we want to call mysql_close to release
+- * memory, but do not want mysql_close to drop connections in the
+- * parent if the socket got shared in fork.
++ * Redirect clientfd to /dev/null for mysql_close and SSL_close to write,
++ * shutdown, and close. The hack is needed to prevent shutdown() from breaking
++ * a socket that may be in use by the parent or other processes after fork.
++ *
++ * /dev/null is used to absorb writes; previously a dummy socket was used, but
++ * it could not abosrb writes and caused openssl to go into an infinite loop.
++ *
+  * Returns Qtrue or Qfalse (success or failure)
++ *
++ * Note: if this function is needed on Windows, use "nul" instead of "/dev/null"
+  */
+ static VALUE invalidate_fd(int clientfd)
+ {
+ #ifdef SOCK_CLOEXEC
+   /* Atomically set CLOEXEC on the new FD in case another thread forks */
+-  int sockfd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
++  int sockfd = open("/dev/null", O_RDWR | O_CLOEXEC);
+   if (sockfd < 0) {
+     /* Maybe SOCK_CLOEXEC is defined but not available on this kernel */
+-    int sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
++    int sockfd = open("/dev/null", O_RDWR);
+     fcntl(sockfd, F_SETFD, FD_CLOEXEC);
+   }
+ #else
+   /* Well we don't have SOCK_CLOEXEC, so just set FD_CLOEXEC quickly */
+-  int sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
++  int sockfd = open("/dev/null", O_RDWR);
+   fcntl(sockfd, F_SETFD, FD_CLOEXEC);
+ #endif
+ 
diff -Nru ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch
--- ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch	1970-01-01 01:00:00.000000000 +0100
+++ ruby-mysql2-0.3.16/debian/patches/correct_mysql_init.patch	2014-11-25 23:07:43.000000000 +0100
@@ -0,0 +1,38 @@
+Description: Added call to mysql_library_init during initialization of the gem
+      This call must be performed before trying to call mysql_init from
+      multiple threads
+      Reference: http://dev.mysql.com/doc/refman/5.1/en/mysql-init.html
+      Minimal reproduction of the problem if mysql_library_init is not called
+    
+        require 'mysql2'
+    
+        def connect
+          Mysql2::Client.new()
+        end
+    
+        threads = [0,1].map {
+          Thread.new { connect }
+        }
+        threads.map(&:join)
+        puts "OK!"
+Author: Michael Kruglos <michael@kruglos.com>
+Reviewed-by: Cédric Boutillier <boutil@debian.org>
+Origin: upstream,https://github.com/brianmario/mysql2/commit/de48627ee89b9dfd7d966f3ea747e95a48085792.patch
+Last-Update: 2014-07-30
+
+--- a/ext/mysql2/client.c
++++ b/ext/mysql2/client.c
+@@ -1237,6 +1237,13 @@
+     }
+   }
+ 
++  /* Initializing mysql library, so different threads could call Client.new */
++  /* without race condition in the library */
++  if (mysql_library_init(0, NULL, NULL) != 0) {
++    rb_raise(rb_eRuntimeError, "Could not initialize MySQL client library");
++    return;
++  }
++
+ #if 0
+   mMysql2      = rb_define_module("Mysql2"); Teach RDoc about Mysql2 constant.
+ #endif
diff -Nru ruby-mysql2-0.3.16/debian/patches/series ruby-mysql2-0.3.16/debian/patches/series
--- ruby-mysql2-0.3.16/debian/patches/series	2014-06-15 00:23:19.000000000 +0200
+++ ruby-mysql2-0.3.16/debian/patches/series	2014-11-25 18:01:18.000000000 +0100
@@ -1,3 +1,5 @@
 remove_rpath_compilation_flag.patch
 remove_rubygems_from_examples.patch
 #deactivate_failing_specs.patch
+avoid_openssl_loop.patch
+correct_mysql_init.patch

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
On Thu, 2014-11-27 at 00:53 +0100, Cédric Boutillier wrote:
> I've just uploaded ruby-mysql2/0.3.16-2 with the changes indicated in my
> previous email. Please unblock this package for migration to Jessie.

Unblocked.

Regards,

Adam

--- End Message ---
Reply to: