diff --git a/.release-notes/next-release.md b/.release-notes/next-release.md index de644fd..c936a01 100644 --- a/.release-notes/next-release.md +++ b/.release-notes/next-release.md @@ -69,3 +69,19 @@ let creds = Credentials(auth, token) Authorization headers now use `Bearer` format (`Authorization: Bearer `) instead of the legacy `token` format. GitHub accepts both. +## Fix programs hanging on shutdown when the remote peer didn't cleanly close connections + +Closing an HTTP connection could hang indefinitely on POSIX when the remote peer's FIN notification was missed in a narrow timing window. The connection would get stuck in CLOSE_WAIT, preventing the Pony runtime from exiting. This is now handled correctly and connections close promptly. + +## Fix HTTPS connections staying open longer than expected when idle + +Idle timeouts didn't fire reliably on HTTPS connections, meaning connections could stay open well past their intended lifetime. Idle timeouts now work correctly for both plain and SSL connections. + +## Fix internal resource leak when a connection was closed during establishment + +Closing a connection while it was still being established (during TCP or TLS handshake) could leak internal resources. Early close is now handled cleanly. + +## Fix SSL certificate validation accepting certificates with empty name entries + +X.509 hostname verification could incorrectly accept certificates with empty name entries. Certificates must now have non-empty name fields to pass validation. + diff --git a/CHANGELOG.md b/CHANGELOG.md index 28cc5ae..6bc599f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ All notable changes to this project will be documented in this file. This projec ### Fixed +- Fix programs hanging on shutdown when the remote peer didn't cleanly close connections ([PR #112](https://github.com/ponylang/github_rest_api/pull/NNN)) +- Fix HTTPS connections staying open longer than expected when idle ([PR #112](https://github.com/ponylang/github_rest_api/pull/NNN)) +- Fix internal resource leak when a connection was closed during establishment ([PR #112](https://github.com/ponylang/github_rest_api/pull/NNN)) +- Fix SSL certificate validation accepting certificates with empty name entries ([PR #112](https://github.com/ponylang/github_rest_api/pull/NNN)) ### Added diff --git a/corral.json b/corral.json index 8043f34..917d8a5 100644 --- a/corral.json +++ b/corral.json @@ -10,7 +10,7 @@ }, { "locator": "github.com/ponylang/courier.git", - "version": "0.1.0" + "version": "0.1.2" }, { "locator": "github.com/ponylang/uri.git", diff --git a/github_rest_api/paginated_list.pony b/github_rest_api/paginated_list.pony index 17e825f..9198803 100644 --- a/github_rest_api/paginated_list.pony +++ b/github_rest_api/paginated_list.pony @@ -240,6 +240,7 @@ actor LinkedJsonRequester is courier.HTTPClientConnectionActor | courier.ConnectionFailedDNS => "DNS resolution failed" | courier.ConnectionFailedTCP => "Unable to connect" | courier.ConnectionFailedSSL => "SSL handshake failed" + | courier.ConnectionFailedTimeout => "Connection timed out" end _receiver.failure(0, "", consume msg) diff --git a/github_rest_api/request/check_requester.pony b/github_rest_api/request/check_requester.pony index c343300..c9d8507 100644 --- a/github_rest_api/request/check_requester.pony +++ b/github_rest_api/request/check_requester.pony @@ -117,6 +117,7 @@ actor CheckRequester is courier.HTTPClientConnectionActor | courier.ConnectionFailedDNS => "DNS resolution failed" | courier.ConnectionFailedTCP => "Unable to connect" | courier.ConnectionFailedSSL => "SSL handshake failed" + | courier.ConnectionFailedTimeout => "Connection timed out" end _receiver.failure(0, "", consume msg) diff --git a/github_rest_api/request/json_requester.pony b/github_rest_api/request/json_requester.pony index 5cf3333..2460dd8 100644 --- a/github_rest_api/request/json_requester.pony +++ b/github_rest_api/request/json_requester.pony @@ -159,6 +159,7 @@ actor JsonRequester is courier.HTTPClientConnectionActor | courier.ConnectionFailedDNS => "DNS resolution failed" | courier.ConnectionFailedTCP => "Unable to connect" | courier.ConnectionFailedSSL => "SSL handshake failed" + | courier.ConnectionFailedTimeout => "Connection timed out" end _receiver.failure(0, "", consume msg) diff --git a/github_rest_api/request/no_content_requester.pony b/github_rest_api/request/no_content_requester.pony index 787a8a9..0c27a9d 100644 --- a/github_rest_api/request/no_content_requester.pony +++ b/github_rest_api/request/no_content_requester.pony @@ -135,6 +135,7 @@ actor NoContentRequester is courier.HTTPClientConnectionActor | courier.ConnectionFailedDNS => "DNS resolution failed" | courier.ConnectionFailedTCP => "Unable to connect" | courier.ConnectionFailedSSL => "SSL handshake failed" + | courier.ConnectionFailedTimeout => "Connection timed out" end _receiver.failure(0, "", consume msg)