| Age | Commit message (Collapse) | Author |
|---|
|
RDoc is not markdown.
|
|
|
|
- Unless `sizeof(BDIGIT) == 4`, (8-byte integer not available), the
size to be loaded was wrong.
- Since `BDIGIT`s are dumped as raw binary, the loaded byte order was
inverted unless little-endian.
|
|
https://github.com/ruby/resolv/commit/49aefa3bba
|
|
When set, supports returning IPv6 results even if there is no
public IPv6 address for the system.
Implements Ruby Feature #14922
https://github.com/ruby/resolv/commit/09d141de38
|
|
|
|
This commit adds assertions to verify that the shape cache is correct
compared to the shape tree.
|
|
This adds an assertion that the instance variable does not already exist
in the shape tree when creating a new shape.
|
|
(https://github.com/ruby/irb/pull/782)
https://github.com/ruby/irb/commit/fa9ecf9a5b
|
|
test_autocomplete_with_multiple_doc_namespaces
(https://github.com/ruby/irb/pull/786)
https://github.com/ruby/irb/commit/85c6ddeb7d
|
|
We use dh2048_ffdhe2048.pem file (DH 2048 bits) instead of dh1024.pem file in
both non-FIPS and FIPS cases. Because the following command fails to generate
the pem file with 1024 bits. And the OpenSSL FIPS 140-2 security policy
document explains the DH public keys are allowed from 2048 bits.[1]
```
$ OPENSSL_CONF=/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/ssl/openssl_fips.cnf \
/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/bin/openssl \
dhparam -out dh1024.pem 1024
Generating DH parameters, 1024 bit long safe prime
dhparam: Generating DH key parameters failed
```
The dh2048_ffdhe2048.pem file was created by the following command with the
OpenSSL FIPS configuration file. The logic to generate the DH pem file is
different between non-FIPS and FIPS cases. In FIPS, it seems that the command
always returns the text defined as ffdhe2048 in the FFDHE groups in RFC 7919
unlike non-FIPS.[2]
As the generated pem file is a normal and valid PKCS#3-style group parameter, we
use the file for the non-FIPS case too.
```
$ OPENSSL_CONF=/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/ssl/openssl_fips.cnf \
/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/bin/openssl \
dhparam -out dh2048_ffdhe2048.pem 2048
```
Note that the hard-coded PEM-encoded string in the `test_DHparams` is
intentional to avoid modifying the content unintentionally.
* [1] https://www.openssl.org/source/ - OpenSSL 3.0.8 FIPS 140-2 security
policy document page 25, Table 10 – Public Keys - DH Public
- DH (2048/3072/4096/6144/8192) public key agreement key
* [2] RFC7919 - Appendix A.1: ffdhe2048
https://www.rfc-editor.org/rfc/rfc7919#appendix-A.1
|
|
https://github.com/ruby/openssl/commit/dc26433ae5
|
|
Once it fails on "Perform CodeQL Analysis", it proceeds to subsequent
steps and fails because required files are not created by previous
steps. When we have a continue-on-error, all subsequent steps that rely
on the step should have a continue-on-error as well.
|
|
This started to reliably fail on MinGW at an irrelevant commit:
https://github.com/ruby/ruby/actions/runs/6981002841/job/18997302124
https://github.com/ruby/ruby/actions/runs/6981946473/job/19000104223
https://github.com/ruby/ruby/actions/runs/6983823136/job/19005613809
https://github.com/ruby/ruby/actions/runs/6983912116/job/19005844596
https://github.com/ruby/ruby/actions/runs/6984215921/job/19006649495
https://github.com/ruby/ruby/actions/runs/6984383103/job/19007100446
https://github.com/ruby/ruby/actions/runs/6986489509/job/19012000642
So this failure is not detecting a new bug. Let's skip this until we fix
this test for MinGW.
|
|
Resolv::ResolvError
This allows to differentiate a timeout from an NXDOMAIN response.
Fixes [Bug #18151]
https://github.com/ruby/resolv/commit/c0e5abab76
|
|
|
|
If truncation is detected, return immediately from decode so that
the UDP connection can be retried with TCP, instead of failing to
decode due to trying to decode a truncated response.
Fixes [Bug #13513]
https://github.com/ruby/resolv/commit/0de996dbca
|
|
When generic instance variable has a shape, it is marked movable. If it
it transitions to too complex, it needs to update references otherwise
it may have incorrect references.
|
|
This is required for the same reason that super CC needs it.
See 36023d5cb751d62fca0c27901c07527b20170f4d.
Reproducer:
def cached_foo_callsite(obj) = obj.foo
class Foo
def foo = :v1
module R
refine Foo do
def foo = :unused
end
end
end
obj = Foo.new
cached_foo_callsite(obj) # set up cc with cme for foo=:v1
class Foo
def foo = :v2
end
GC.start # cme for foo=:v1 collected, if not reachable by cached_foo_callsite
cached_foo_callsite(obj)
[Bug #19994]
|
|
On large Ruby applications, shutdown may be slow if a major GC has just
started because rb_objspace_call_finalizer completes the GC.
This commit adds gc_abort which discards the mark stack if during
incremental marking and stops sweeping if during lazy sweeping.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
As Travis CI IBM z pipeine is operational again, I will add s390x again to check
the case. Though Travis s390x infra team is still investigating the root cause.
https://www.traviscistatus.com/
Please revert this commit or comment on the
<https://bugs.ruby-lang.org/issues/20013>, when you see the s390x builds are not
starting again.
Sorry for inconvenience.
|
|
https://github.com/rubygems/rubygems/commit/4eade32ad6
|
|
Replace ``String#split("\n").each`` with ``String#each_line``.
https://github.com/rubygems/rubygems/commit/958744807d
|
|
|
|
(https://github.com/ruby/resolv/pull/41)
If IPv6 is disabled inside a freebsd jail, it seems this returns
EPROTONOSUPPORT and not EAFNOSUPPORT. In both cases, we should simply
try some other listed DNS servers.
Fixes [Bug #19928] https://bugs.ruby-lang.org/issues/19928
https://github.com/ruby/resolv/commit/5e2d48708b
|
|
(https://github.com/ruby/resolv/pull/33)
* Implement dohpath SvcParam [RFC 9461]
This patch implements "dohpath" SvcParam proposed in
[draft-ietf-add-svcb-dns-08]. This parameter specifies a URI template
for the :path used in DNS-over-HTTPS requests.
"dohpath" is employed by [DDR], also a to-be-published Proposed Standard
that specifies how to upgrade DNS transport to a more secure one, i.d.,
DNS-over-TLS or DNS-over-HTTPS. DDR is deployed in the public DNS
resolvers including Cloudflare DNS, Google Public DNS, and Quad9.
[RFC 9461]: https://datatracker.ietf.org/doc/rfc9461/
[DDR]: https://datatracker.ietf.org/doc/draft-ietf-add-ddr/
https://github.com/ruby/resolv/commit/da9c023539
Co-authored-by: Sorah Fukumori <her@sorah.jp>
|
|
(https://github.com/ruby/resolv/pull/32)
* Add MessageDecoder#get_list
This method repeats yielding until all the data upto the current limit
is consumed, and then returns an Array containig the block results.
* Implement SVCB and HTTPS RRs [RFC 9460]
> This patch implements SVCB and HTTPS resource record types defined in
> [RFC 9460].
>
> The RR types are now supported by many server implementations including
> BIND, unbound, PowerDNS, and Knot DNS. Major browsers such as Chrome,
> Edge, and Safari have started to query HTTPS records, with the records
> gradually adopted by websites. Also, SVCB is actually deployed in the
> public DNS resolvers such as Cloudflare DNS and Google Public DNS for
> [DDR].
>
> With such wide adoption, we have plenty of real-world use cases, and
> it is unlikely the wire format will change further in an incompatible
> way. It is time to implement them in the client libraries!
>
> # Rationale for proposed API
>
> ## `Resolv::DNS::Resource::IN::ServiceBinding`
>
> This is an abstract class for SVCB-compatible RR types.
> SVCB-compatible RR types, as defined in the Draft, shares the wire
> format and the semantics of their RDATA fields with SVCB to allow
> implementations to share the processing of these RR types. So we do
> so.
>
> The interface of this class is straightforward: It has three
> attributes `priority`, `target`, and `params`, which correspond the
> RDATA fields SvcPriority, TargetName, and SvcParams, resp.
>
> SVCB RR type is defined specifically within IN class. Thus, this
> class is placed in the `Resolv::DNS::Resource::IN` namespace.
>
> ## `Resolv::DNS::Resource::IN::SVCB`, `Resolv::DNS::Resource::IN::HTTPS`
>
> Just inherits ServiceBinding class.
>
> ## `Resolv::DNS::SvcParam`
>
> This class represents a pair of a SvcParamKey and a SvcParamValue.
> Aligned with the design of `Resolv::DNS::Resource`, each SvcParamKey
> has its own subclass of `Resolv::DNS::SvcParam`.
>
> ## `Resolv::DNS::SvcParam::Generic`
>
> This is an abstract class representing a SvcParamKey that is unknown
> to this library. `Generic.create(key)` dynamically defines its
> subclass for specific `key`. E.g., `Generic.create(667)` will define
> `Generic::Key667`.
>
> This class holds SvcParamValue in its wire format.
>
> SvcParam with an unknown SvcParamKey will be decoded as a subclass of
> this class. Also, users of this library can generate a non-supported
> SvcParam if they know its wire format.
>
> ## `Resolv::DNS::SvcParams`
>
> This is conceptually a set of `SvcParam`s, whose elements have the
> unique SvcParamKeys. It behaves like a set, and for convenience
> provides indexing by SvcParamKey.
>
> - `#initialize(params)` takes an Enumerable of `SvcParam`s as the
> initial content. If it contains `SvcParam`s with the duplicate key,
> the one that appears last takes precedence.
> - `#[](key)` fetches the `SvcParam` with the given key. The key can be
> specified by its name (e.g., `:alpn`) or number (e.g., `1`).
> - `#add(param)` adds a `SvcParam` to the set. If the set already has a
> `SvcParam` with the same key, it will be replaced.
> - `#delete(key)` deletes a `SvcParam` by its key and returns it. The key
> can be specified by its name or number.
* Update comments referring to draft-ietf-dnsop-svcb-https-12
Published as RFC 9460. https://datatracker.ietf.org/doc/rfc9460/
[draft-ietf-dnsop-svcb-https-12]: https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/12/
[RFC 9460]: https://datatracker.ietf.org/doc/rfc9460/
[DDR]: https://datatracker.ietf.org/doc/draft-ietf-add-ddr/
https://github.com/ruby/resolv/commit/b3ced7f039
|
|
Previously, because gc_update_object_references() did not update the
VALUEs in the too_complex ivar st_table for T_CLASS and T_MODULE
objects, GC compaction could finish with corrupted objects.
- start with `klass`, not too_complex
- GC incremental step marks `klass` and its ivars
- ruby code makes `klass` too_complex
- GC compaction runs and move `klass` ivars, but because `klass` is
too_complex, its ivars are not updated by gc_update_object_references(),
leaving T_NONE or T_MOVED objects in the ivar table.
Co-authored-by: Peter Zhu <peter@peterzhu.ca>
|
|
Marking both keys and values versus marking just values is an important
distinction, but previously, gc_update_tbl_refs() and gc_update_table_refs()
had names that were too similar.
The st_table storing ivars for too_complex T_OBJECTs have IDs as keys,
but we were marking the IDs unnecessary previously, maybe due to the
confusing naming.
|
|
* YJIT: record num_send_cfunc stat
Also report num_send_known_cfunc as percentage of num_send_cfunc
* Rename num_send_known_cfunc => num_send_cfunc_inline
Name seems more descriptive of what we do with out custom codegen
|
|
|
|
https://github.com/rubygems/rubygems/commit/97ee203fd5
|
|
json-parseable output
https://github.com/rubygems/rubygems/commit/65efa44bc0
|
|
repetition
We're about to expand the repeated bit of code, so drying it up a little
is warranted.
https://github.com/rubygems/rubygems/commit/e69c658be6
|
|
(https://github.com/ruby/irb/pull/780)
https://github.com/ruby/irb/commit/d42138c477
|
|
Previously, it tripped the assert about too_complex in
ROBJECT_IV_CAPACITY(). This fixes double faults for some crashes and
helps with use during development.
|
|
|
|
|
|
https://github.com/ruby/prism/commit/6e5258938a
|
|
Fix https://github.com/ruby/prism/pull/1821
https://github.com/ruby/prism/commit/7d023a26b4
|
|
Extracted from PR #8932.
Co-Authored-By: Jean Boussier <byroot@ruby-lang.org>
|
|
When evacuating generic instance variables, the instance variables exist
in both the array and the ST table. We need to ensure it has switched
to the ST table before performing any operations that can trigger GC
compaction.
|
|
We've seen occasional CI failures on i686 in this codepath:
```
[BUG] vm_setivar_slowpath: didn't find ivar @verify_depth in shape
```
Generic ivars are very complex to get right, but also quite rare.
I don't see a good reason to take the risk to give them an optimized
path here, when the much more common T_CLASS/T_MODULE don't have one.
Having an optimization here means duplicating the fairly brittle
logic, which is a recipe for bugs, and I don't think it's worth
it in such case.
|
|
* [win32] fix compilation for windows-arm64
Credits to MSYS2 Ruby package using this patch.
* [win32] nm use full options
Fix compilation error when using MSYS2 environment.
Credits to MSYS2 Ruby package using this patch.
* [win32] detect llvm-windres (used for windows-arm64)
When adding preprocessor option for llvm-windres (using clang as
parameter), it fails. Thus, do not add this.
It's needed to be able to compile windows-arm64 version, because MSYS2
toolchain is LLVM based (instead of GCC/binutils).
* [win32] pioinfo detection for windows-arm64
This fixes "unexpected ucrtbase.dll" for native windows-arm64 ruby
binary. It does not solve issue with x64 version emulated on this
platform.
Value of pioinfo pointer can be found in ucrtbase.dll at latest adrp/add
sequence before return of _isatty function. This works for both release
and debug ucrt.
Due to the nature of aarch64 ISA (vs x86 or x64), it's needed to
disassemble instructions to retrieve offset value, which is a bit more
complicated than matching specific string patterns.
Details about adrp/add usage can be found in this blog post:
https://devblogs.microsoft.com/oldnewthing/20220809-00/?p=106955
For instruction decoding, the Arm documentation was used as a reference.
|
