- Update to 3.0.1 (bsc#1232554, CVE-2024-49769):
* Fix a bug that would lead to Waitress busy looping on select() on a half-open socket due to a race condition that existed when creating a new HTTPChannel. See https://github.com/Pylons/waitress/pull/435, https://github.com/Pylons/waitress/issues/418 and https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 * No longer strip the header values before passing them to the WSGI environ. See https://github.com/Pylons/waitress/pull/434 and https://github.com/Pylons/waitress/issues/432 * Fix a race condition in Waitress when `channel_request_lookahead` is enabled that could lead to HTTP request smuggling. * See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-waitress?expand=0&rev=69
This commit is contained in:
commit
c7e6eec52a
25
.gitattributes
vendored
Normal file
25
.gitattributes
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
||||
## Specific LFS patterns
|
||||
python3.inv filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
3
_multibuild
Normal file
3
_multibuild
Normal file
@ -0,0 +1,3 @@
|
||||
<multibuild>
|
||||
<package>doc</package>
|
||||
</multibuild>
|
4
fetch-intersphinx-inventories.sh
Normal file
4
fetch-intersphinx-inventories.sh
Normal file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
|
||||
wget -O python3.inv https://docs.python.org/3/objects.inv
|
||||
|
490
python-waitress.changes
Normal file
490
python-waitress.changes
Normal file
@ -0,0 +1,490 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 30 06:49:46 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
- Update to 3.0.1 (bsc#1232554, CVE-2024-49769):
|
||||
* Fix a bug that would lead to Waitress busy looping on select()
|
||||
on a half-open socket due to a race condition that existed when
|
||||
creating a new HTTPChannel. See
|
||||
https://github.com/Pylons/waitress/pull/435,
|
||||
https://github.com/Pylons/waitress/issues/418 and
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
|
||||
* No longer strip the header values before passing them to the
|
||||
WSGI environ. See https://github.com/Pylons/waitress/pull/434
|
||||
and https://github.com/Pylons/waitress/issues/432
|
||||
* Fix a race condition in Waitress when
|
||||
`channel_request_lookahead` is enabled that could lead to HTTP
|
||||
request smuggling.
|
||||
* See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 30 07:59:06 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 3.0.0:
|
||||
* Fixed testing of vendored asyncore code to not rely on
|
||||
particular naming for errno's.
|
||||
* HTTP Request methods and versions are now validated to meet
|
||||
the HTTP standards thereby dropping invalid requests on the floor.
|
||||
* No longer close the connection when sending a HEAD request
|
||||
response.
|
||||
* Always attempt to send the Connection: close response header
|
||||
when we are going to close the connection to let the remote
|
||||
know in more instances.
|
||||
* Document that trusted_proxy may be set to a wildcard value to
|
||||
trust all proxies.
|
||||
* clear_untrusted_proxy_headers is set to True by default.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 4 15:20:28 UTC 2023 - Ana Guerrero <ana.guerrero@suse.com>
|
||||
|
||||
- Add BuildRequires on python-setuptools for both flavors.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 26 07:18:05 UTC 2023 - Bernhard Wiedemann <bwiedemann@suse.com>
|
||||
|
||||
- Drop sphinx doctrees for reproducible builds
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 10 09:00:11 UTC 2023 - ecsos <ecsos@opensuse.org>
|
||||
|
||||
- Fix build error for waitress:doc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 3 11:10:33 UTC 2023 - Martin Liška <mliska@suse.cz>
|
||||
|
||||
- Use sphinx-build and do not depend on removed build_sphinx
|
||||
in Sphinx 7.0 (boo#1211051).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 21 12:39:06 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- add sle15_python_module_pythons (jsc#PED-68)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 18 20:45:25 UTC 2022 - Ben Greiner <code@bnavigator.de>
|
||||
|
||||
- Remove code coverage checking for packaging tests
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 31 03:16:03 UTC 2022 - Arun Persaud <arun@gmx.de>
|
||||
|
||||
- specfile:
|
||||
* be more specific in %files section
|
||||
|
||||
- update to version 2.1.2 (bsc#1200126, CVE-2022-31015):
|
||||
* Bugfix
|
||||
+ When expose_tracebacks is enabled waitress would fail to
|
||||
properly encode unicode thereby causing another error during
|
||||
error handling. See https://github.com/Pylons/waitress/pull/378
|
||||
+ Header length checking had a calculation that was done
|
||||
incorrectly when the data was received across multple socket
|
||||
reads. This calculation has been corrected, and no longer will
|
||||
Waitress send back a 413 Request Entity Too Large. See
|
||||
https://github.com/Pylons/waitress/pull/376
|
||||
* Security Bugfix
|
||||
+ in 2.1.0 a new feature was introduced that allowed the WSGI
|
||||
thread to start sending data to the socket. However this
|
||||
introduced a race condition whereby a socket may be closed in
|
||||
the sending thread while the main thread is about to call
|
||||
select() therey causing the entire application to be taken down.
|
||||
Waitress will no longer close the socket in the WSGI thread,
|
||||
instead waking up the main thread to cleanup. See
|
||||
https://github.com/Pylons/waitress/pull/377
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 17 17:42:42 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 2.1.1 (bsc#1197255, CVE-2022-24761):
|
||||
* Waitress now validates that chunked encoding extensions are valid, and don’t
|
||||
contain invalid characters that are not allowed. They are still skipped/not
|
||||
processed, but if they contain invalid data we no longer continue in and return
|
||||
a 400 Bad Request. This stops potential HTTP desync/HTTP request smuggling.
|
||||
Thanks to Zhang Zeyu for reporting this issue. See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
* Waitress now validates that the chunk length is only valid hex digits when
|
||||
parsing chunked encoding, and values such as 0x01 and +01 are no longer
|
||||
supported. This stops potential HTTP desync/HTTP request smuggling. Thanks
|
||||
to Zhang Zeyu for reporting this issue. See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
* Waitress now validates that the Content-Length sent by a remote contains only
|
||||
digits in accordance with RFC7230 and will return a 400 Bad Request when the
|
||||
Content-Length header contains invalid data, such as +10 which would
|
||||
previously get parsed as 10 and accepted. This stops potential HTTP
|
||||
desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue.
|
||||
See
|
||||
https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 27 12:27:31 UTC 2021 - Stefan Schubert <schubi@suse.de>
|
||||
|
||||
- Use libalternatives instead of update-alternatives.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 27 11:27:31 UTC 2021 - pgajdos@suse.com
|
||||
|
||||
- version update to 2.0.0
|
||||
- Friendly Reminder
|
||||
This release still contains a variety of deprecation notices about defaults
|
||||
that can be set for a variety of options.
|
||||
Please note that this is your last warning, and you should update your
|
||||
configuration if you do NOT want to use the new defaults.
|
||||
See the arguments documentation page for all supported options, and pay
|
||||
attention to the warnings:
|
||||
https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html
|
||||
- Fix a crash on startup when listening to multiple interfaces.
|
||||
See https://github.com/Pylons/waitress/pull/332
|
||||
- Waitress no longer attempts to guess at what the ``server_name`` should be for
|
||||
a listen socket, instead it always use a new adjustment/argument named
|
||||
``server_name``.
|
||||
Please see the documentation for ``server_name`` in
|
||||
https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html and
|
||||
see https://github.com/Pylons/waitress/pull/329
|
||||
- Allow tasks to notice if the client disconnected.
|
||||
This inserts a callable ``waitress.client_disconnected`` into the environment
|
||||
that allows the task to check if the client disconnected while waiting for
|
||||
the response at strategic points in the execution and to cancel the
|
||||
operation.
|
||||
It requires setting the new adjustment ``channel_request_lookahead`` to a value
|
||||
larger than 0, which continues to read requests from a channel even if a
|
||||
request is already being processed on that channel, up to the given count,
|
||||
since a client disconnect is detected by reading from a readable socket and
|
||||
receiving an empty result.
|
||||
See https://github.com/Pylons/waitress/pull/310
|
||||
- Drop Python 2.7 and 3.5 support
|
||||
- The server now issues warning output when it there are enough open
|
||||
connections (controlled by "connection_limit"), that it is no longer
|
||||
accepting new connections. This situation was previously difficult to
|
||||
diagnose.
|
||||
See https://github.com/Pylons/waitress/pull/322
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 1 13:33:24 UTC 2020 - Hans-Peter Jansen <hpj@urpla.net>
|
||||
|
||||
- Update to version 1.4.4 (2020-06-01)
|
||||
+ Fix an issue with keep-alive connections in which memory usage
|
||||
was higher than expected because output buffers were being
|
||||
reused across requests on a long-lived connection and each
|
||||
buffer would not be freed until it was full or the connection
|
||||
was closed. Buffers are now rotated per-request to stabilize
|
||||
their behavior.
|
||||
+ See https://github.com/Pylons/waitress/pull/300
|
||||
+ Waitress threads have been updated to contain their thread
|
||||
number. This will allow loggers that use that information to
|
||||
print the thread that the log is coming from.
|
||||
+ See https://github.com/Pylons/waitress/pull/302
|
||||
- Switch to pytest, disable one test, that requires network
|
||||
- Create _multibuild for doc package
|
||||
It requires installation of base package now
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 17 08:40:18 UTC 2020 - Jacek Tomasiak <jtomasiak@suse.com>
|
||||
|
||||
- make sure UTF8 locale is used when runnning tests
|
||||
* Sometimes functional tests executed in python3 failed if stdout was not
|
||||
set to UTF-8. The error message was:
|
||||
ValueError: underlying buffer has been detached
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 18 07:25:32 UTC 2020 - Petr Gajdos <pgajdos@suse.com>
|
||||
|
||||
- %python3_only -> %python_alternative
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 6 17:29:20 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
|
||||
|
||||
- update to 1.4.3
|
||||
* Waitress did not properly validate that the HTTP headers it received
|
||||
were properly formed, thereby potentially allowing a front-end server
|
||||
to treat a request different from Waitress. This could lead to HTTP
|
||||
request smuggling/splitting.
|
||||
- drop patch local-intersphinx-inventories.patch
|
||||
* it was commented out, anyway
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 20 18:28:24 UTC 2019 - Dirk Mueller <dmueller@suse.com>
|
||||
|
||||
- update to 1.4.0:
|
||||
- Waitress used to slam the door shut on HTTP pipelined requests without
|
||||
setting the ``Connection: close`` header as appropriate in the response. This
|
||||
is of course not very friendly. Waitress now explicitly sets the header when
|
||||
responding with an internally generated error such as 400 Bad Request or 500
|
||||
Internal Server Error to notify the remote client that it will be closing the
|
||||
connection after the response is sent.
|
||||
|
||||
- Waitress no longer allows any spaces to exist between the header field-name
|
||||
and the colon. While waitress did not strip the space and thereby was not
|
||||
vulnerable to any potential header field-name confusion, it should have sent
|
||||
back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
|
||||
|
||||
- CRLR handling Security fixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 29 13:35:14 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>
|
||||
|
||||
- update to 1.3.1
|
||||
* Waitress won’t accidentally throw away part of the path if it
|
||||
starts with a double slash
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 6 10:23:01 UTC 2019 - pgajdos@suse.com
|
||||
|
||||
- version update to 1.3.0
|
||||
Deprecations
|
||||
~~~~~~~~~~~~
|
||||
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
|
||||
pending removal in a future release.
|
||||
and https://github.com/Pylons/waitress/pull/246
|
||||
Features
|
||||
~~~~~~~~
|
||||
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
|
||||
backpressure on the ``app_iter`` to avoid letting it spin faster than data
|
||||
can be written to the socket. This stabilizes responses that iterate quickly
|
||||
with a lot of data.
|
||||
See https://github.com/Pylons/waitress/pull/242
|
||||
- Stop early and close the ``app_iter`` when attempting to write to a closed
|
||||
socket due to a client disconnect. This should notify a long-lived streaming
|
||||
response when a client hangs up.
|
||||
See https://github.com/Pylons/waitress/pull/238
|
||||
and https://github.com/Pylons/waitress/pull/240
|
||||
and https://github.com/Pylons/waitress/pull/241
|
||||
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
|
||||
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
|
||||
much waitress will buffer internally before flushing to the kernel, whereas
|
||||
previously it used to also throttle how much data was sent to the kernel.
|
||||
This change enables a streaming ``app_iter`` containing small chunks to
|
||||
still be flushed efficiently.
|
||||
See https://github.com/Pylons/waitress/pull/246
|
||||
Bugfixes
|
||||
~~~~~~~~
|
||||
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
|
||||
no longer set the version to the string value "None". See
|
||||
https://github.com/Pylons/waitress/pull/252 and
|
||||
https://github.com/Pylons/waitress/issues/110
|
||||
- When a client closes a socket unexpectedly there was potential for memory
|
||||
leaks in which data was written to the buffers after they were closed,
|
||||
causing them to reopen.
|
||||
See https://github.com/Pylons/waitress/pull/239
|
||||
- Fix the queue depth warnings to only show when all threads are busy.
|
||||
See https://github.com/Pylons/waitress/pull/243
|
||||
and https://github.com/Pylons/waitress/pull/247
|
||||
- Trigger the ``app_iter`` to close as part of shutdown. This will only be
|
||||
noticeable for users of the internal server api. In more typical operations
|
||||
the server will die before benefiting from these changes.
|
||||
See https://github.com/Pylons/waitress/pull/245
|
||||
- Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
|
||||
already been sent. This would cause buffers in waitress to grow without
|
||||
bounds. These buffers now properly rotate and release their data.
|
||||
See https://github.com/Pylons/waitress/pull/242
|
||||
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
|
||||
an exception when passed to the ``wsgi.file_wrapper`` callback.
|
||||
See https://github.com/Pylons/waitress/pull/249
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 20 18:49:38 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
- Trim marketing wording and other platform mentions.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 25 19:47:04 UTC 2019 - Todd R <toddrme2178@gmail.com>
|
||||
|
||||
- Add fetch-intersphinx-inventories.sh to sources
|
||||
- Add local-intersphinx-inventories.patch for generating the docs
|
||||
correctly
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 7 14:56:02 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
|
||||
|
||||
- update to version 1.2.1:
|
||||
too many changes to list here, see:
|
||||
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
|
||||
or even:
|
||||
https://github.com/Pylons/waitress/commits/master
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 4 12:55:53 UTC 2018 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Remove superfluous devel dependency for noarch package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 13 00:49:45 UTC 2017 - arun@gmx.de
|
||||
|
||||
- update to version 1.1.0:
|
||||
* Features
|
||||
+ Waitress now has a __main__ and thus may be called with "python
|
||||
-mwaitress"
|
||||
* Bugfixes
|
||||
+ Waitress no longer allows lowercase HTTP verbs. This change was
|
||||
made to fall in line with most HTTP servers. See
|
||||
https://github.com/Pylons/waitress/pull/170
|
||||
+ When receiving non-ascii bytes in the request URL, waitress will
|
||||
no longer abruptly close the connection, instead returning a 400
|
||||
Bad Request. See https://github.com/Pylons/waitress/pull/162 and
|
||||
https://github.com/Pylons/waitress/issues/64
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 1 16:38:04 UTC 2017 - toddrme2178@gmail.com
|
||||
|
||||
- Update to 1.0.2
|
||||
* Python 3.6 is now officially supported in Waitress
|
||||
* Add a work-around for libc issue on Linux not following the
|
||||
documented standards. If getnameinfo() fails because of DNS not
|
||||
being available it should return the IP address instead of the
|
||||
reverse DNS entry, however instead getnameinfo() raises. We
|
||||
catch this, and ask getnameinfo() for the same information
|
||||
again, explicitly asking for IP address instead of reverse
|
||||
DNS hostname.
|
||||
- Implement single-spec version.
|
||||
- Fix source URL.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 15 14:49:27 UTC 2016 - tbechtold@suse.com
|
||||
|
||||
- update to 1.0.1:
|
||||
- IPv6 support on Windows was broken due to missing constants in the socket
|
||||
module. This has been resolved by setting the constants on Windows if they
|
||||
are missing. See https://github.com/Pylons/waitress/issues/138
|
||||
- A ValueError was raised on Windows when passing a string for the port, on
|
||||
Windows in Python 2 using service names instead of port numbers doesn't work
|
||||
with `getaddrinfo`. This has been resolved by attempting to convert the port
|
||||
number to an integer, if that fails a ValueError will be raised. See
|
||||
https://github.com/Pylons/waitress/issues/139
|
||||
- Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
|
||||
issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
|
||||
hosts where there is no internet connection but localhost is requested to be
|
||||
bound to. See https://github.com/Pylons/waitress/issues/131 for more
|
||||
information.
|
||||
- disable tests. need network access.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 20 11:27:26 UTC 2016 - dmueller@suse.com
|
||||
|
||||
- update to 0.9.0:
|
||||
* Security/Protections
|
||||
- Building on the changes made in pull request 117, add in checking for line
|
||||
feed/carriage return HTTP Response Splitting in the status line, as well as
|
||||
the key of a header. See https://github.com/Pylons/waitress/pull/124 and
|
||||
https://github.com/Pylons/waitress/issues/122.
|
||||
- Waitress will no longer accept headers or status lines with
|
||||
newline/carriage returns in them, thereby disallowing HTTP Response
|
||||
Splitting.
|
||||
* Bugfixes
|
||||
- FileBasedBuffer and more important ReadOnlyFileBasedBuffer no longer report
|
||||
False when tested with bool(), instead always returning True, and becoming
|
||||
more iterator like.
|
||||
- Call prune() on the output buffer at the end of a request so that it doesn't
|
||||
continue to grow without bounds.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 12 22:08:09 UTC 2014 - tbechtold@suse.com
|
||||
|
||||
- update to 0.8.9:
|
||||
- Fix tests under Windows. NB: to run tests under Windows, you cannot run
|
||||
"setup.py test" or "setup.py nosetests". Instead you must run ``python.exe
|
||||
-c "import nose; nose.main()"``. If you try to run the tests using the
|
||||
normal method under Windows, each subprocess created by the test suite will
|
||||
attempt to run the test suite again. See
|
||||
https://github.com/nose-devs/nose/issues/407 for more information.
|
||||
- Give the WSGI app_iter generated when ``wsgi.file_wrapper`` is used
|
||||
(ReadOnlyFileBasedBuffer) a ``close`` method. Do not call ``close`` on an
|
||||
instance of such a class when it's used as a WSGI app_iter, however. This is
|
||||
part of a fix which prevents a leakage of file descriptors; the other part of
|
||||
the fix was in WebOb
|
||||
(https://github.com/Pylons/webob/commit/951a41ce57bd853947f842028bccb500bd5237da).
|
||||
- Allow trusted proxies to override ``wsgi.url_scheme`` via a request header,
|
||||
``X_FORWARDED_PROTO``. Allows proxies which serve mixed HTTP / HTTPS
|
||||
requests to control signal which are served as HTTPS. See
|
||||
https://github.com/Pylons/waitress/pull/42.
|
||||
- Fix some cases where the creation of extremely large output buffers (greater
|
||||
than 2GB, suspected to be buffers added via ``wsgi.file_wrapper``) might
|
||||
cause an OverflowError on Python 2. See
|
||||
https://github.com/Pylons/waitress/issues/47.
|
||||
- When the ``url_prefix`` adjustment starts with more than one slash, all
|
||||
slashes except one will be stripped from its beginning. This differs from
|
||||
older behavior where more than one leading slash would be preserved in
|
||||
``url_prefix``.
|
||||
- If a client somehow manages to send an empty path, we no longer convert the
|
||||
empty path to a single slash in ``PATH_INFO``. Instead, the path remains
|
||||
empty. According to RFC 2616 section "5.1.2 Request-URI", the scenario of a
|
||||
client sending an empty path is actually not possible because the request URI
|
||||
portion cannot be empty.
|
||||
- If the ``url_prefix`` adjustment matches the request path exactly, we now
|
||||
compute ``SCRIPT_NAME`` and ``PATH_INFO`` properly. Previously, if the
|
||||
``url_prefix`` was ``/foo`` and the path received from a client was ``/foo``,
|
||||
we would set *both* ``SCRIPT_NAME`` and ``PATH_INFO`` to ``/foo``. This was
|
||||
incorrect. Now in such a case we set ``PATH_INFO`` to the empty string and
|
||||
we set ``SCRIPT_NAME`` to ``/foo``. Note that the change we made has no
|
||||
effect on paths that do not match the ``url_prefix`` exactly (such as
|
||||
``/foo/bar``); these continue to operate as they did. See
|
||||
https://github.com/Pylons/waitress/issues/46
|
||||
- Preserve header ordering of headers with the same name as per RFC 2616. See
|
||||
https://github.com/Pylons/waitress/pull/44
|
||||
- When waitress receives a ``Transfer-Encoding: chunked`` request, we no longer
|
||||
send the ``TRANSFER_ENCODING`` nor the ``HTTP_TRANSFER_ENCODING`` value to
|
||||
the application in the environment. Instead, we pop this header. Since we
|
||||
cope with chunked requests by buffering the data in the server, we also know
|
||||
when a chunked request has ended, and therefore we know the content length.
|
||||
We set the content-length header in the environment, such that applications
|
||||
effectively never know the original request was a T-E: chunked request; it
|
||||
will appear to them as if the request is a non-chunked request with an
|
||||
accurate content-length.
|
||||
- Cope with the fact that the ``Transfer-Encoding`` value is case-insensitive.
|
||||
- When the ``--unix-socket-perms`` option was used as an argument to
|
||||
``waitress-serve``, a ``TypeError`` would be raised. See
|
||||
https://github.com/Pylons/waitress/issues/50.
|
||||
- Enable testsuite during build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 11 21:14:23 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.7:
|
||||
- The HTTP version of the response returned by waitress when it catches an
|
||||
exception will now match the HTTP request version.
|
||||
- Fix: CONNECTION header will be HTTP_CONNECTION and not CONNECTION_TYPE
|
||||
(see https://github.com/Pylons/waitress/issues/13)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 13 10:15:30 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.6:
|
||||
- Do alternate type of checking for UNIX socket support, instead of checking
|
||||
for platform == windows.
|
||||
|
||||
- Functional tests now use multiprocessing module instead of subprocess module,
|
||||
speeding up test suite and making concurrent execution more reliable.
|
||||
|
||||
- Runner now appends the current working directory to ``sys.path`` to support
|
||||
running WSGI applications from a directory (i.e., not installed in a
|
||||
virtualenv).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 25 11:28:09 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 0.8.5:
|
||||
- Fix runner multisegment imports in some Python 2 revisions (see
|
||||
https://github.com/Pylons/waitress/pull/34).
|
||||
- For compatibility, WSGIServer is now an alias of TcpWSGIServer. The
|
||||
signature of BaseWSGIServer is now compatible with WSGIServer pre-0.8.4.
|
||||
- Add a command-line runner called ``waitress-serve`` to allow Waitress
|
||||
to run WSGI applications without any addional machinery. This is
|
||||
essentially a thin wrapper around the ``waitress.serve()`` function.
|
||||
- Allow parallel testing (e.g., under ``detox`` or ``nosetests --processes``)
|
||||
using PID-dependent port / socket for functest servers.
|
||||
- Fix integer overflow errors on large buffers. Thanks to Marcin Kuzminski
|
||||
for the patch. See: https://github.com/Pylons/waitress/issues/22
|
||||
- Add support for listening on Unix domain sockets.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 2 12:47:10 UTC 2013 - speilicke@suse.com
|
||||
|
||||
- Fix license string
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 29 14:14:25 UTC 2013 - speilicke@suse.com
|
||||
|
||||
- Reduce buildrequires as long as the testsuite and doc build isn't fixed
|
||||
- Package COPYRIGHT.txt LICENSE.txt README.rst
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 29 13:06:10 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- Initial package (0.8.3)
|
||||
|
139
python-waitress.spec
Normal file
139
python-waitress.spec
Normal file
@ -0,0 +1,139 @@
|
||||
#
|
||||
# spec file for package python-waitress
|
||||
#
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%global flavor @BUILD_FLAVOR@%{nil}
|
||||
%if "%{flavor}" == "doc"
|
||||
%define psuffix -doc
|
||||
%endif
|
||||
%if "%{flavor}" == ""
|
||||
%define psuffix %{nil}
|
||||
%endif
|
||||
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
||||
%if 0%{?suse_version} > 1500
|
||||
%bcond_without libalternatives
|
||||
%else
|
||||
%bcond_with libalternatives
|
||||
%endif
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-waitress%{psuffix}
|
||||
Version: 3.0.1
|
||||
Release: 0
|
||||
Summary: Waitress WSGI server
|
||||
License: ZPL-2.1
|
||||
Group: Development/Languages/Python
|
||||
URL: https://github.com/Pylons/waitress
|
||||
Source: https://files.pythonhosted.org/packages/source/w/waitress/waitress-%{version}.tar.gz
|
||||
# intersphinx inventories, as fetched with fetch-intersphinx-inventories.sh
|
||||
# https://docs.python.org/3/objects.inv -> python3.inv
|
||||
Source1: python3.inv
|
||||
Source2: fetch-intersphinx-inventories.sh
|
||||
BuildRequires: %{python_module pip}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
BuildRequires: %{python_module wheel}
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: python-rpm-macros >= 20210929
|
||||
BuildArch: noarch
|
||||
%if "%{flavor}" == ""
|
||||
BuildRequires: %{python_module pytest}
|
||||
%if %{with libalternatives}
|
||||
BuildRequires: alts
|
||||
Requires: alts
|
||||
%else
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun): update-alternatives
|
||||
%endif
|
||||
%else
|
||||
# Documentation requirements
|
||||
%if 0%{?suse_version} > 1500
|
||||
BuildRequires: python3-Sphinx
|
||||
BuildRequires: python3-docutils
|
||||
BuildRequires: python3-pylons-sphinx-themes
|
||||
BuildRequires: python3-waitress = %{version}
|
||||
Recommends: python3-waitress = %{version}
|
||||
%else
|
||||
BuildRequires: %{python_module Sphinx}
|
||||
BuildRequires: %{python_module docutils}
|
||||
BuildRequires: %{python_module pylons-sphinx-themes}
|
||||
BuildRequires: %{python_module waitress = %{version}}
|
||||
Recommends: python-waitress = %{version}
|
||||
%endif
|
||||
%endif
|
||||
%python_subpackages
|
||||
|
||||
%if "%{flavor}" == ""
|
||||
%description
|
||||
Waitress is a pure-Python WSGI server. It has no dependencies except
|
||||
ones which live in the Python standard library. It supports HTTP/1.0
|
||||
and HTTP/1.1.
|
||||
|
||||
For more information, see the "docs" directory of the Waitress package or
|
||||
http://docs.pylonsproject.org/projects/waitress/en/latest/ .
|
||||
|
||||
%prep
|
||||
%setup -q -n waitress-%{version}
|
||||
sed -i '/addopts/d' setup.cfg
|
||||
|
||||
%build
|
||||
%pyproject_wheel
|
||||
|
||||
%install
|
||||
%pyproject_install
|
||||
%python_clone -a %{buildroot}%{_bindir}/waitress-serve
|
||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||
|
||||
%check
|
||||
# disable one test, that requires network
|
||||
%pytest -k 'not test_service_port'
|
||||
|
||||
%pre
|
||||
# If libalternatives is used: Removing old update-alternatives entries.
|
||||
%python_libalternatives_reset_alternative waitress-serve
|
||||
|
||||
%post
|
||||
%python_install_alternative waitress-serve
|
||||
|
||||
%postun
|
||||
%python_uninstall_alternative waitress-serve
|
||||
|
||||
%files %{python_files}
|
||||
%license LICENSE.txt
|
||||
%doc COPYRIGHT.txt README.rst
|
||||
%python_alternative %{_bindir}/waitress-serve
|
||||
%{python_sitelib}/waitress
|
||||
%{python_sitelib}/waitress-%{version}.dist-info
|
||||
|
||||
%else
|
||||
|
||||
# doc flavor
|
||||
%description
|
||||
This package contains documentation files for %{name}.
|
||||
|
||||
%prep
|
||||
%setup -q -n waitress-%{version}
|
||||
# python3.inv
|
||||
cp %{SOURCE1} docs/
|
||||
|
||||
%build
|
||||
sphinx-build -b html docs build/sphinx/html && rm -r build/sphinx/html/.{buildinfo,doctrees}
|
||||
|
||||
%files %{python_files}
|
||||
%license LICENSE.txt
|
||||
%doc build/sphinx/html
|
||||
%endif
|
||||
|
||||
%changelog
|
3
python3.inv
Normal file
3
python3.inv
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:bfdd2d959d2afb132ac6d420e36f322838b379cc41a8abf36e28b942e165e442
|
||||
size 107005
|
3
waitress-3.0.0.tar.gz
Normal file
3
waitress-3.0.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1
|
||||
size 179393
|
BIN
waitress-3.0.1.tar.gz
(Stored with Git LFS)
Normal file
BIN
waitress-3.0.1.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user