- update to 3.0.2:
* When using Waitress to process trusted proxy headers, Waitress will now update the headers to drop any untrusted values, thereby making sure that WSGI apps only get trusted and validated values that Waitress itself used to update the environ. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-waitress?expand=0&rev=72
This commit is contained in:
commit
5e9b1792ec
25
.gitattributes
vendored
Normal file
25
.gitattributes
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
||||
## Specific LFS patterns
|
||||
python3.inv filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
3
_multibuild
Normal file
3
_multibuild
Normal file
@ -0,0 +1,3 @@
|
||||
<multibuild>
|
||||
<package>doc</package>
|
||||
</multibuild>
|
4
fetch-intersphinx-inventories.sh
Normal file
4
fetch-intersphinx-inventories.sh
Normal file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
|
||||
wget -O python3.inv https://docs.python.org/3/objects.inv
|
||||
|
500
python-waitress.changes
Normal file
500
python-waitress.changes
Normal file
@ -0,0 +1,500 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 20 17:06:45 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 3.0.2:
|
||||
* When using Waitress to process trusted proxy headers,
|
||||
Waitress will now update the headers to drop any untrusted
|
||||
values, thereby making sure that WSGI apps only get trusted
|
||||
and validated values that Waitress itself used to update the
|
||||
environ.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 30 06:49:46 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
- Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768):
|
||||
* Fix a bug that would lead to Waitress busy looping on select()
|
||||
on a half-open socket due to a race condition that existed when
|
||||
creating a new HTTPChannel. See
|
||||
https://github.com/Pylons/waitress/pull/435,
|
||||
https://github.com/Pylons/waitress/issues/418 and
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
|
||||
* No longer strip the header values before passing them to the
|
||||
WSGI environ. See https://github.com/Pylons/waitress/pull/434
|
||||
and https://github.com/Pylons/waitress/issues/432
|
||||
* Fix a race condition in Waitress when
|
||||
`channel_request_lookahead` is enabled that could lead to HTTP
|
||||
request smuggling.
|
||||
* See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 30 07:59:06 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 3.0.0:
|
||||
* Fixed testing of vendored asyncore code to not rely on
|
||||
particular naming for errno's.
|
||||
* HTTP Request methods and versions are now validated to meet
|
||||
the HTTP standards thereby dropping invalid requests on the floor.
|
||||
* No longer close the connection when sending a HEAD request
|
||||
response.
|
||||
* Always attempt to send the Connection: close response header
|
||||
when we are going to close the connection to let the remote
|
||||
know in more instances.
|
||||
* Document that trusted_proxy may be set to a wildcard value to
|
||||
trust all proxies.
|
||||
* clear_untrusted_proxy_headers is set to True by default.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 4 15:20:28 UTC 2023 - Ana Guerrero <ana.guerrero@suse.com>
|
||||
|
||||
- Add BuildRequires on python-setuptools for both flavors.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 26 07:18:05 UTC 2023 - Bernhard Wiedemann <bwiedemann@suse.com>
|
||||
|
||||
- Drop sphinx doctrees for reproducible builds
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 10 09:00:11 UTC 2023 - ecsos <ecsos@opensuse.org>
|
||||
|
||||
- Fix build error for waitress:doc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 3 11:10:33 UTC 2023 - Martin Liška <mliska@suse.cz>
|
||||
|
||||
- Use sphinx-build and do not depend on removed build_sphinx
|
||||
in Sphinx 7.0 (boo#1211051).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 21 12:39:06 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- add sle15_python_module_pythons (jsc#PED-68)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 18 20:45:25 UTC 2022 - Ben Greiner <code@bnavigator.de>
|
||||
|
||||
- Remove code coverage checking for packaging tests
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 31 03:16:03 UTC 2022 - Arun Persaud <arun@gmx.de>
|
||||
|
||||
- specfile:
|
||||
* be more specific in %files section
|
||||
|
||||
- update to version 2.1.2 (bsc#1200126, CVE-2022-31015):
|
||||
* Bugfix
|
||||
+ When expose_tracebacks is enabled waitress would fail to
|
||||
properly encode unicode thereby causing another error during
|
||||
error handling. See https://github.com/Pylons/waitress/pull/378
|
||||
+ Header length checking had a calculation that was done
|
||||
incorrectly when the data was received across multple socket
|
||||
reads. This calculation has been corrected, and no longer will
|
||||
Waitress send back a 413 Request Entity Too Large. See
|
||||
https://github.com/Pylons/waitress/pull/376
|
||||
* Security Bugfix
|
||||
+ in 2.1.0 a new feature was introduced that allowed the WSGI
|
||||
thread to start sending data to the socket. However this
|
||||
introduced a race condition whereby a socket may be closed in
|
||||
the sending thread while the main thread is about to call
|
||||
select() therey causing the entire application to be taken down.
|
||||
Waitress will no longer close the socket in the WSGI thread,
|
||||
instead waking up the main thread to cleanup. See
|
||||
https://github.com/Pylons/waitress/pull/377
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 17 17:42:42 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 2.1.1 (bsc#1197255, CVE-2022-24761):
|
||||
* Waitress now validates that chunked encoding extensions are valid, and don’t
|
||||
contain invalid characters that are not allowed. They are still skipped/not
|
||||
processed, but if they contain invalid data we no longer continue in and return
|
||||
a 400 Bad Request. This stops potential HTTP desync/HTTP request smuggling.
|
||||
Thanks to Zhang Zeyu for reporting this issue. See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
* Waitress now validates that the chunk length is only valid hex digits when
|
||||
parsing chunked encoding, and values such as 0x01 and +01 are no longer
|
||||
supported. This stops potential HTTP desync/HTTP request smuggling. Thanks
|
||||
to Zhang Zeyu for reporting this issue. See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
* Waitress now validates that the Content-Length sent by a remote contains only
|
||||
digits in accordance with RFC7230 and will return a 400 Bad Request when the
|
||||
Content-Length header contains invalid data, such as +10 which would
|
||||
previously get parsed as 10 and accepted. This stops potential HTTP
|
||||
desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue.
|
||||
See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 27 12:27:31 UTC 2021 - Stefan Schubert <schubi@suse.de>
|
||||
|
||||
- Use libalternatives instead of update-alternatives.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 27 11:27:31 UTC 2021 - pgajdos@suse.com
|
||||
|
||||
- version update to 2.0.0
|
||||
- Friendly Reminder
|
||||
This release still contains a variety of deprecation notices about defaults
|
||||
that can be set for a variety of options.
|
||||
Please note that this is your last warning, and you should update your
|
||||
configuration if you do NOT want to use the new defaults.
|
||||
See the arguments documentation page for all supported options, and pay
|
||||
attention to the warnings:
|
||||
https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html
|
||||
- Fix a crash on startup when listening to multiple interfaces.
|
||||
See https://github.com/Pylons/waitress/pull/332
|
||||
- Waitress no longer attempts to guess at what the ``server_name`` should be for
|
||||
a listen socket, instead it always use a new adjustment/argument named
|
||||
``server_name``.
|
||||
Please see the documentation for ``server_name`` in
|
||||
https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html and
|
||||
see https://github.com/Pylons/waitress/pull/329
|
||||
- Allow tasks to notice if the client disconnected.
|
||||
This inserts a callable ``waitress.client_disconnected`` into the environment
|
||||
that allows the task to check if the client disconnected while waiting for
|
||||
the response at strategic points in the execution and to cancel the
|
||||
operation.
|
||||
It requires setting the new adjustment ``channel_request_lookahead`` to a value
|
||||
larger than 0, which continues to read requests from a channel even if a
|
||||
request is already being processed on that channel, up to the given count,
|
||||
since a client disconnect is detected by reading from a readable socket and
|
||||
receiving an empty result.
|
||||
See https://github.com/Pylons/waitress/pull/310
|
||||
- Drop Python 2.7 and 3.5 support
|
||||
- The server now issues warning output when it there are enough open
|
||||
connections (controlled by "connection_limit"), that it is no longer
|
||||
accepting new connections. This situation was previously difficult to
|
||||
diagnose.
|
||||
See https://github.com/Pylons/waitress/pull/322
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 1 13:33:24 UTC 2020 - Hans-Peter Jansen <hpj@urpla.net>
|
||||
|
||||
- Update to version 1.4.4 (2020-06-01)
|
||||
+ Fix an issue with keep-alive connections in which memory usage
|
||||
was higher than expected because output buffers were being
|
||||
reused across requests on a long-lived connection and each
|
||||
buffer would not be freed until it was full or the connection
|
||||
was closed. Buffers are now rotated per-request to stabilize
|
||||
their behavior.
|
||||
+ See https://github.com/Pylons/waitress/pull/300
|
||||
+ Waitress threads have been updated to contain their thread
|
||||
number. This will allow loggers that use that information to
|
||||
print the thread that the log is coming from.
|
||||
+ See https://github.com/Pylons/waitress/pull/302
|
||||
- Switch to pytest, disable one test, that requires network
|
||||
- Create _multibuild for doc package
|
||||
It requires installation of base package now
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 17 08:40:18 UTC 2020 - Jacek Tomasiak <jtomasiak@suse.com>
|
||||
|
||||
- make sure UTF8 locale is used when runnning tests
|
||||
* Sometimes functional tests executed in python3 failed if stdout was not
|
||||
set to UTF-8. The error message was:
|
||||
ValueError: underlying buffer has been detached
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 18 07:25:32 UTC 2020 - Petr Gajdos <pgajdos@suse.com>
|
||||
|
||||
- %python3_only -> %python_alternative
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 6 17:29:20 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
|
||||
|
||||
- update to 1.4.3
|
||||
* Waitress did not properly validate that the HTTP headers it received
|
||||
were properly formed, thereby potentially allowing a front-end server
|
||||
to treat a request different from Waitress. This could lead to HTTP
|
||||
request smuggling/splitting.
|
||||
- drop patch local-intersphinx-inventories.patch
|
||||
* it was commented out, anyway
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 20 18:28:24 UTC 2019 - Dirk Mueller <dmueller@suse.com>
|
||||
|
||||
- update to 1.4.0:
|
||||
- Waitress used to slam the door shut on HTTP pipelined requests without
|
||||
setting the ``Connection: close`` header as appropriate in the response. This
|
||||
is of course not very friendly. Waitress now explicitly sets the header when
|
||||
responding with an internally generated error such as 400 Bad Request or 500
|
||||
Internal Server Error to notify the remote client that it will be closing the
|
||||
connection after the response is sent.
|
||||
|
||||
- Waitress no longer allows any spaces to exist between the header field-name
|
||||
and the colon. While waitress did not strip the space and thereby was not
|
||||
vulnerable to any potential header field-name confusion, it should have sent
|
||||
back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
|
||||
|
||||
- CRLR handling Security fixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 29 13:35:14 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>
|
||||
|
||||
- update to 1.3.1
|
||||
* Waitress won’t accidentally throw away part of the path if it
|
||||
starts with a double slash
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 6 10:23:01 UTC 2019 - pgajdos@suse.com
|
||||
|
||||
- version update to 1.3.0
|
||||
Deprecations
|
||||
~~~~~~~~~~~~
|
||||
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
|
||||
pending removal in a future release.
|
||||
and https://github.com/Pylons/waitress/pull/246
|
||||
Features
|
||||
~~~~~~~~
|
||||
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
|
||||
backpressure on the ``app_iter`` to avoid letting it spin faster than data
|
||||
can be written to the socket. This stabilizes responses that iterate quickly
|
||||
with a lot of data.
|
||||
See https://github.com/Pylons/waitress/pull/242
|
||||
- Stop early and close the ``app_iter`` when attempting to write to a closed
|
||||
socket due to a client disconnect. This should notify a long-lived streaming
|
||||
response when a client hangs up.
|
||||
See https://github.com/Pylons/waitress/pull/238
|
||||
and https://github.com/Pylons/waitress/pull/240
|
||||
and https://github.com/Pylons/waitress/pull/241
|
||||
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
|
||||
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
|
||||
much waitress will buffer internally before flushing to the kernel, whereas
|
||||
previously it used to also throttle how much data was sent to the kernel.
|
||||
This change enables a streaming ``app_iter`` containing small chunks to
|
||||
still be flushed efficiently.
|
||||
See https://github.com/Pylons/waitress/pull/246
|
||||
Bugfixes
|
||||
~~~~~~~~
|
||||
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
|
||||
no longer set the version to the string value "None". See
|
||||
https://github.com/Pylons/waitress/pull/252 and
|
||||
https://github.com/Pylons/waitress/issues/110
|
||||
- When a client closes a socket unexpectedly there was potential for memory
|
||||
leaks in which data was written to the buffers after they were closed,
|
||||
causing them to reopen.
|
||||
See https://github.com/Pylons/waitress/pull/239
|
||||
- Fix the queue depth warnings to only show when all threads are busy.
|
||||
See https://github.com/Pylons/waitress/pull/243
|
||||
and https://github.com/Pylons/waitress/pull/247
|
||||
- Trigger the ``app_iter`` to close as part of shutdown. This will only be
|
||||
noticeable for users of the internal server api. In more typical operations
|
||||
the server will die before benefiting from these changes.
|
||||
See https://github.com/Pylons/waitress/pull/245
|
||||
- Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
|
||||
already been sent. This would cause buffers in waitress to grow without
|
||||
bounds. These buffers now properly rotate and release their data.
|
||||
See https://github.com/Pylons/waitress/pull/242
|
||||
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
|
||||
an exception when passed to the ``wsgi.file_wrapper`` callback.
|
||||
See https://github.com/Pylons/waitress/pull/249
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 20 18:49:38 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
- Trim marketing wording and other platform mentions.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 25 19:47:04 UTC 2019 - Todd R <toddrme2178@gmail.com>
|
||||
|
||||
- Add fetch-intersphinx-inventories.sh to sources
|
||||
- Add local-intersphinx-inventories.patch for generating the docs
|
||||
correctly
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 7 14:56:02 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
|
||||
|
||||
- update to version 1.2.1:
|
||||
too many changes to list here, see:
|
||||
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
|
||||
or even:
|
||||
https://github.com/Pylons/waitress/commits/master
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 4 12:55:53 UTC 2018 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Remove superfluous devel dependency for noarch package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 13 00:49:45 UTC 2017 - arun@gmx.de
|
||||
|
||||
- update to version 1.1.0:
|
||||
* Features
|
||||
+ Waitress now has a __main__ and thus may be called with "python
|
||||
-mwaitress"
|
||||
* Bugfixes
|
||||
+ Waitress no longer allows lowercase HTTP verbs. This change was
|
||||
made to fall in line with most HTTP servers. See
|
||||
https://github.com/Pylons/waitress/pull/170
|
||||
+ When receiving non-ascii bytes in the request URL, waitress will
|
||||
no longer abruptly close the connection, instead returning a 400
|
||||
Bad Request. See https://github.com/Pylons/waitress/pull/162 and
|
||||
https://github.com/Pylons/waitress/issues/64
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 1 16:38:04 UTC 2017 - toddrme2178@gmail.com
|
||||
|
||||
- Update to 1.0.2
|
||||
* Python 3.6 is now officially supported in Waitress
|
||||
* Add a work-around for libc issue on Linux not following the
|
||||
documented standards. If getnameinfo() fails because of DNS not
|
||||
being available it should return the IP address instead of the
|
||||
reverse DNS entry, however instead getnameinfo() raises. We
|
||||
catch this, and ask getnameinfo() for the same information
|
||||
again, explicitly asking for IP address instead of reverse
|
||||
DNS hostname.
|
||||
- Implement single-spec version.
|
||||
- Fix source URL.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 15 14:49:27 UTC 2016 - tbechtold@suse.com
|
||||
|
||||
- update to 1.0.1:
|
||||
- IPv6 support on Windows was broken due to missing constants in the socket
|
||||
module. This has been resolved by setting the constants on Windows if they
|
||||
are missing. See https://github.com/Pylons/waitress/issues/138
|
||||
- A ValueError was raised on Windows when passing a string for the port, on
|
||||
Windows in Python 2 using service names instead of port numbers doesn't work
|
||||
with `getaddrinfo`. This has been resolved by attempting to convert the port
|
||||
number to an integer, if that fails a ValueError will be raised. See
|
||||
https://github.com/Pylons/waitress/issues/139
|
||||
- Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
|
||||
issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
|
||||
hosts where there is no internet connection but localhost is requested to be
|
||||
bound to. See https://github.com/Pylons/waitress/issues/131 for more
|
||||
information.
|
||||
- disable tests. need network access.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 20 11:27:26 UTC 2016 - dmueller@suse.com
|
||||
|
||||
- update to 0.9.0:
|
||||
* Security/Protections
|
||||
- Building on the changes made in pull request 117, add in checking for line
|
||||
feed/carriage return HTTP Response Splitting in the status line, as well as
|
||||
the key of a header. See https://github.com/Pylons/waitress/pull/124 and
|
||||
https://github.com/Pylons/waitress/issues/122.
|
||||
- Waitress will no longer accept headers or status lines with
|
||||
newline/carriage returns in them, thereby disallowing HTTP Response
|
||||
Splitting.
|
||||
* Bugfixes
|
||||
- FileBasedBuffer and more important ReadOnlyFileBasedBuffer no longer report
|
||||
False when tested with bool(), instead always returning True, and becoming
|
||||
more iterator like.
|
||||
- Call prune() on the output buffer at the end of a request so that it doesn't
|
||||
continue to grow without bounds.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 12 22:08:09 UTC 2014 - tbechtold@suse.com
|
||||
|
||||
- update to 0.8.9:
|
||||
- Fix tests under Windows. NB: to run tests under Windows, you cannot run
|
||||
"setup.py test" or "setup.py nosetests". Instead you must run ``python.exe
|
||||
-c "import nose; nose.main()"``. If you try to run the tests using the
|
||||
normal method under Windows, each subprocess created by the test suite will
|
||||
attempt to run the test suite again. See
|
||||
https://github.com/nose-devs/nose/issues/407 for more information.
|
||||
- Give the WSGI app_iter generated when ``wsgi.file_wrapper`` is used
|
||||
(ReadOnlyFileBasedBuffer) a ``close`` method. Do not call ``close`` on an
|
||||
instance of such a class when it's used as a WSGI app_iter, however. This is
|
||||
part of a fix which prevents a leakage of file descriptors; the other part of
|
||||
the fix was in WebOb
|
||||
(https://github.com/Pylons/webob/commit/951a41ce57bd853947f842028bccb500bd5237da).
|
||||
- Allow trusted proxies to override ``wsgi.url_scheme`` via a request header,
|
||||
``X_FORWARDED_PROTO``. Allows proxies which serve mixed HTTP / HTTPS
|
||||
requests to control signal which are served as HTTPS. See
|
||||
https://github.com/Pylons/waitress/pull/42.
|
||||
- Fix some cases where the creation of extremely large output buffers (greater
|
||||
than 2GB, suspected to be buffers added via ``wsgi.file_wrapper``) might
|
||||
cause an OverflowError on Python 2. See
|
||||
https://github.com/Pylons/waitress/issues/47.
|
||||
- When the ``url_prefix`` adjustment starts with more than one slash, all
|
||||
slashes except one will be stripped from its beginning. This differs from
|
||||
older behavior where more than one leading slash would be preserved in
|
||||
``url_prefix``.
|
||||
- If a client somehow manages to send an empty path, we no longer convert the
|
||||
empty path to a single slash in ``PATH_INFO``. Instead, the path remains
|
||||
empty. According to RFC 2616 section "5.1.2 Request-URI", the scenario of a
|
||||
client sending an empty path is actually not possible because the request URI
|
||||
portion cannot be empty.
|
||||
- If the ``url_prefix`` adjustment matches the request path exactly, we now
|
||||
compute ``SCRIPT_NAME`` and ``PATH_INFO`` properly. Previously, if the
|
||||
``url_prefix`` was ``/foo`` and the path received from a client was ``/foo``,
|
||||
we would set *both* ``SCRIPT_NAME`` and ``PATH_INFO`` to ``/foo``. This was
|
||||
incorrect. Now in such a case we set ``PATH_INFO`` to the empty string and
|
||||
we set ``SCRIPT_NAME`` to ``/foo``. Note that the change we made has no
|
||||
effect on paths that do not match the ``url_prefix`` exactly (such as
|
||||
``/foo/bar``); these continue to operate as they did. See
|
||||
https://github.com/Pylons/waitress/issues/46
|
||||
- Preserve header ordering of headers with the same name as per RFC 2616. See
|
||||
https://github.com/Pylons/waitress/pull/44
|
||||
- When waitress receives a ``Transfer-Encoding: chunked`` request, we no longer
|
||||
send the ``TRANSFER_ENCODING`` nor the ``HTTP_TRANSFER_ENCODING`` value to
|
||||
the application in the environment. Instead, we pop this header. Since we
|
||||
cope with chunked requests by buffering the data in the server, we also know
|
||||
when a chunked request has ended, and therefore we know the content length.
|
||||
We set the content-length header in the environment, such that applications
|
||||
effectively never know the original request was a T-E: chunked request; it
|
||||
will appear to them as if the request is a non-chunked request with an
|
||||
accurate content-length.
|
||||
- Cope with the fact that the ``Transfer-Encoding`` value is case-insensitive.
|
||||
- When the ``--unix-socket-perms`` option was used as an argument to
|
||||
``waitress-serve``, a ``TypeError`` would be raised. See
|
||||
https://github.com/Pylons/waitress/issues/50.
|
||||
- Enable testsuite during build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 11 21:14:23 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.7:
|
||||
- The HTTP version of the response returned by waitress when it catches an
|
||||
exception will now match the HTTP request version.
|
||||
- Fix: CONNECTION header will be HTTP_CONNECTION and not CONNECTION_TYPE
|
||||
(see https://github.com/Pylons/waitress/issues/13)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 13 10:15:30 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.6:
|
||||
- Do alternate type of checking for UNIX socket support, instead of checking
|
||||
for platform == windows.
|
||||
|
||||
- Functional tests now use multiprocessing module instead of subprocess module,
|
||||
speeding up test suite and making concurrent execution more reliable.
|
||||
|
||||
- Runner now appends the current working directory to ``sys.path`` to support
|
||||
running WSGI applications from a directory (i.e., not installed in a
|
||||
virtualenv).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 25 11:28:09 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.5:
|
||||
- Fix runner multisegment imports in some Python 2 revisions (see
|
||||
https://github.com/Pylons/waitress/pull/34).
|
||||
- For compatibility, WSGIServer is now an alias of TcpWSGIServer. The
|
||||
signature of BaseWSGIServer is now compatible with WSGIServer pre-0.8.4.
|
||||
- Add a command-line runner called ``waitress-serve`` to allow Waitress
|
||||
to run WSGI applications without any addional machinery. This is
|
||||
essentially a thin wrapper around the ``waitress.serve()`` function.
|
||||
- Allow parallel testing (e.g., under ``detox`` or ``nosetests --processes``)
|
||||
using PID-dependent port / socket for functest servers.
|
||||
- Fix integer overflow errors on large buffers. Thanks to Marcin Kuzminski
|
||||
for the patch. See: https://github.com/Pylons/waitress/issues/22
|
||||
- Add support for listening on Unix domain sockets.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 2 12:47:10 UTC 2013 - speilicke@suse.com
|
||||
|
||||
- Fix license string
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 29 14:14:25 UTC 2013 - speilicke@suse.com
|
||||
|
||||
- Reduce buildrequires as long as the testsuite and doc build isn't fixed
|
||||
- Package COPYRIGHT.txt LICENSE.txt README.rst
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 29 13:06:10 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- Initial package (0.8.3)
|
||||
|
139
python-waitress.spec
Normal file
139
python-waitress.spec
Normal file
@ -0,0 +1,139 @@
|
||||
#
|
||||
# spec file for package python-waitress
|
||||
#
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%global flavor @BUILD_FLAVOR@%{nil}
|
||||
%if "%{flavor}" == "doc"
|
||||
%define psuffix -doc
|
||||
%endif
|
||||
%if "%{flavor}" == ""
|
||||
%define psuffix %{nil}
|
||||
%endif
|
||||
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
||||
%if 0%{?suse_version} > 1500
|
||||
%bcond_without libalternatives
|
||||
%else
|
||||
%bcond_with libalternatives
|
||||
%endif
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-waitress%{psuffix}
|
||||
Version: 3.0.2
|
||||
Release: 0
|
||||
Summary: Waitress WSGI server
|
||||
License: ZPL-2.1
|
||||
Group: Development/Languages/Python
|
||||
URL: https://github.com/Pylons/waitress
|
||||
Source: https://files.pythonhosted.org/packages/source/w/waitress/waitress-%{version}.tar.gz
|
||||
# intersphinx inventories, as fetched with fetch-intersphinx-inventories.sh
|
||||
# https://docs.python.org/3/objects.inv -> python3.inv
|
||||
Source1: python3.inv
|
||||
Source2: fetch-intersphinx-inventories.sh
|
||||
BuildRequires: %{python_module pip}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
BuildRequires: %{python_module wheel}
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: python-rpm-macros >= 20210929
|
||||
BuildArch: noarch
|
||||
%if "%{flavor}" == ""
|
||||
BuildRequires: %{python_module pytest}
|
||||
%if %{with libalternatives}
|
||||
BuildRequires: alts
|
||||
Requires: alts
|
||||
%else
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun): update-alternatives
|
||||
%endif
|
||||
%else
|
||||
# Documentation requirements
|
||||
%if 0%{?suse_version} > 1500
|
||||
BuildRequires: python3-Sphinx
|
||||
BuildRequires: python3-docutils
|
||||
BuildRequires: python3-pylons-sphinx-themes
|
||||
BuildRequires: python3-waitress = %{version}
|
||||
Recommends: python3-waitress = %{version}
|
||||
%else
|
||||
BuildRequires: %{python_module Sphinx}
|
||||
BuildRequires: %{python_module docutils}
|
||||
BuildRequires: %{python_module pylons-sphinx-themes}
|
||||
BuildRequires: %{python_module waitress = %{version}}
|
||||
Recommends: python-waitress = %{version}
|
||||
%endif
|
||||
%endif
|
||||
%python_subpackages
|
||||
|
||||
%if "%{flavor}" == ""
|
||||
%description
|
||||
Waitress is a pure-Python WSGI server. It has no dependencies except
|
||||
ones which live in the Python standard library. It supports HTTP/1.0
|
||||
and HTTP/1.1.
|
||||
|
||||
For more information, see the "docs" directory of the Waitress package or
|
||||
http://docs.pylonsproject.org/projects/waitress/en/latest/ .
|
||||
|
||||
%prep
|
||||
%setup -q -n waitress-%{version}
|
||||
sed -i '/addopts/d' setup.cfg
|
||||
|
||||
%build
|
||||
%pyproject_wheel
|
||||
|
||||
%install
|
||||
%pyproject_install
|
||||
%python_clone -a %{buildroot}%{_bindir}/waitress-serve
|
||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||
|
||||
%check
|
||||
# disable one test, that requires network
|
||||
%pytest -k 'not test_service_port'
|
||||
|
||||
%pre
|
||||
# If libalternatives is used: Removing old update-alternatives entries.
|
||||
%python_libalternatives_reset_alternative waitress-serve
|
||||
|
||||
%post
|
||||
%python_install_alternative waitress-serve
|
||||
|
||||
%postun
|
||||
%python_uninstall_alternative waitress-serve
|
||||
|
||||
%files %{python_files}
|
||||
%license LICENSE.txt
|
||||
%doc COPYRIGHT.txt README.rst
|
||||
%python_alternative %{_bindir}/waitress-serve
|
||||
%{python_sitelib}/waitress
|
||||
%{python_sitelib}/waitress-%{version}.dist-info
|
||||
|
||||
%else
|
||||
|
||||
# doc flavor
|
||||
%description
|
||||
This package contains documentation files for %{name}.
|
||||
|
||||
%prep
|
||||
%setup -q -n waitress-%{version}
|
||||
# python3.inv
|
||||
cp %{SOURCE1} docs/
|
||||
|
||||
%build
|
||||
sphinx-build -b html docs build/sphinx/html && rm -r build/sphinx/html/.{buildinfo,doctrees}
|
||||
|
||||
%files %{python_files}
|
||||
%license LICENSE.txt
|
||||
%doc build/sphinx/html
|
||||
%endif
|
||||
|
||||
%changelog
|
3
python3.inv
Normal file
3
python3.inv
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:bfdd2d959d2afb132ac6d420e36f322838b379cc41a8abf36e28b942e165e442
|
||||
size 107005
|
3
waitress-3.0.0.tar.gz
Normal file
3
waitress-3.0.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1
|
||||
size 179393
|
BIN
waitress-3.0.1.tar.gz
(Stored with Git LFS)
Normal file
BIN
waitress-3.0.1.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
3
waitress-3.0.2.tar.gz
Normal file
3
waitress-3.0.2.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:682aaaf2af0c44ada4abfb70ded36393f0e307f4ab9456a215ce0020baefc31f
|
||||
size 179901
|
Loading…
Reference in New Issue
Block a user