falcon 0.31.0 → 0.32.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f779301a15b9adf72ca83712fa1128a7ac7df69b4ec190fa5aee25e44ca23c57
-  data.tar.gz: 3a939860b31ae73aa9627e8d62eb1721d4d2621e4d851713788cd5b09fd5d433
+  metadata.gz: 19fc217c5ab4d9c7e1b888d46366843e3d549c4d771cec14f0f17a4578144be8
+  data.tar.gz: fbb6d14f55d0fb392a98edcc4381a54db624376e3d40d0a5db4ba70ae9ccb9e4
 SHA512:
-  metadata.gz: fa3b215cfe77d2f14fa6e6750954246daee7dc8551770a2dd1b726e5151b844f76e6c164c78e07f761191deced2ee7056723b389ce5fbc99d7b49f4878d84ee1
-  data.tar.gz: a4a381b1c2f959ca30d37f20b152654cb4c77c992f3395a579e22a6fe0c03a4b0a7c081ee803991e973b8bc5d98d6ab77afca7eb00f76b5a3262825d332179c3
+  metadata.gz: 8a66a5a99d8902246e058565ee11023fad33dfe8a5909271e3536d43cc6a5d439b664142df4a82c83791f04ea86a631ea06f957fdf18b181818af8a6871d688e
+  data.tar.gz: 23c44cee1313788820af52e6787efe5157a7d228bd7032b77125a6f6d226d72576bf32073c35cdf78a1db05a466457ea14685dc110766eddbbe29950894857e3

data/VIRTUAL.md

@@ -0,0 +1,14 @@
+For every `falcon.rb`:
+
+Spawn a child which loads falcon.rb:
+	- Bind to `server.ipc`
+
+Server loads falcon.rb:
+	- Figure out whether it is application or not.
+
+Server forks client:
+	- Client binds to `server.ipc`.
+	- Server connects to `server.ipc`.
+
+
+Server expects client to bind to `server.ipc`.

data/examples/beer/falcon.rb

@@ -0,0 +1,5 @@
+#!/usr/bin/env -S falcon host
+
+host 'beer.localhost', :rack, :self_signed do
+	root __dir__
+end

data/examples/benchmark/falcon.rb

@@ -0,0 +1,3 @@
+#!/usr/bin/env -S ./bin/falcon virtual
+
+host 'benchmark.local', :self_signed

data/examples/hello/config.ru

@@ -1,3 +1,21 @@
 #!/usr/bin/env falcon --verbose serve -c
 
-run lambda {|env| [200, {}, ["Hello World"]]}
+require 'async'
+
+class RequestLogger
+	def initialize(app)
+		@app = app
+	end
+	
+	def call(env)
+		logger = Async.logger.with(level: :debug, name: "middleware")
+		
+		Async(logger: logger) do
+			@app.call(env)
+		end.wait
+	end
+end
+
+use RequestLogger
+
+run lambda {|env| Async.logger.debug(self) {env['HTTP_USER_AGENT']}; [200, {}, ["Hello World"]]}

data/examples/hello/falcon.rb

@@ -0,0 +1,9 @@
+#!/usr/bin/env -S falcon host
+
+host 'hello.localhost', :rack, :self_signed do
+	root __dir__
+end
+
+# service 'jobs' do
+# 	shell ['rake', 'background:jobs:process']
+# end

data/falcon.gemspec

@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
 		
 	spec.add_dependency "async", "~> 1.13"
 	spec.add_dependency "async-io", "~> 1.22"
-	spec.add_dependency "async-http", "~> 0.41.0"
-	spec.add_dependency "async-container", "~> 0.10.0"
+	spec.add_dependency "async-http", "~> 0.43.0"
+	spec.add_dependency "async-container", "~> 0.12.0"
 	
 	spec.add_dependency "rack", ">= 1.0"
 	
@@ -32,7 +32,7 @@ Gem::Specification.new do |spec|
 	
 	spec.add_development_dependency "trenni"
 	spec.add_development_dependency "async-rspec", "~> 1.7"
-	spec.add_development_dependency "async-websocket", "~> 0.11.0"
+	spec.add_development_dependency "async-websocket", "~> 0.12.0"
 	spec.add_development_dependency "async-process", "~> 1.1"
 	
 	spec.add_development_dependency "covered", "~> 0.10"

data/lib/falcon/adapters/response.rb

@@ -77,7 +77,7 @@ module Falcon
 			end
 			
 			def initialize(status, headers, body, protocol = nil)
-				super(nil, status, nil, headers, body, protocol)
+				super(nil, status, headers, body, protocol)
 			end
 		end
 	end

data/lib/falcon/command.rb

@@ -20,6 +20,7 @@
 
 require_relative 'command/serve'
 require_relative 'command/virtual'
+require_relative 'command/host'
 
 require_relative 'version'
 
@@ -43,7 +44,8 @@ module Falcon
 			
 			nested :command, {
 				'serve' => Serve,
-				'virtual' => Virtual
+				'virtual' => Virtual,
+				'host' => Host,
 			}, default: 'serve'
 			
 			def verbose?

data/lib/falcon/command/host.rb

@@ -0,0 +1,76 @@
+# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+require_relative '../server'
+require_relative '../endpoint'
+require_relative '../hosts'
+require_relative '../configuration'
+
+require 'async/container'
+require 'async/container/controller'
+
+require 'async/io/host_endpoint'
+require 'async/io/shared_endpoint'
+require 'async/io/ssl_endpoint'
+
+require 'samovar'
+
+require 'rack/builder'
+require 'rack/server'
+
+module Falcon
+	module Command
+		class Host < Samovar::Command
+			self.description = "Run a specific virtual host."
+			
+			one :path, "A path specified if running from a script."
+			
+			def assume_privileges(path)
+				stat = File.stat(path)
+				
+				Process::GID.change_privilege(stat.gid)
+				Process::UID.change_privilege(stat.uid)
+			end
+			
+			def run(container, verbose = false)
+				configuration = Configuration.new(verbose)
+				configuration.load_file(@path)
+				
+				Async.logger.info(self) {"Starting services described by #{@path}..."}
+				
+				assume_privileges(@path)
+				
+				configuration.each do |environment|
+					Falcon::Host.new(environment).run(container)
+				end
+				
+				return container
+			end
+			
+			def call
+				container = Async::Container::Forked.new
+				
+				container = run(container, parent.verbose?)
+				
+				container.wait
+			end
+		end
+	end
+end

data/lib/falcon/command/serve.rb

@@ -44,8 +44,6 @@ module Falcon
 				option '-h/--hostname <hostname>', "Specify the hostname which would be used for certificates, etc."
 				option '-t/--timeout <duration>', "Specify the maximum time to wait for blocking operations.", type: Float, default: 60*10
 				
-				option '--reuse-port', "Enable SO_REUSEPORT if possible.", default: false
-				
 				option '-c/--config <path>', "Rackup configuration file to load", default: 'config.ru'
 				
 				option '--forked | --threaded | --hybrid', "Select a specific parallelism model", key: :container, default: :forked

data/lib/falcon/command/virtual.rb

@@ -38,7 +38,7 @@ require 'rack/server'
 module Falcon
 	module Command
 		class Virtual < Samovar::Command
-			self.description = "Run an HTTP server with one or more virtual hosts."
+			self.description = "Run one or more virtual hosts with a front-end proxy."
 			
 			options do
 				option '--bind-insecure <address>', "Bind redirection to the given hostname/address", default: "http://[::]"
@@ -64,6 +64,14 @@ module Falcon
 				
 				container.wait
 			end
+			
+			def insecure_endpoint
+				Async::HTTP::Endpoint.parse(@options[:bind_insecure])
+			end
+			
+			def secure_endpoint
+				Async::HTTP::Endpoint.parse(@options[:bind_secure])
+			end
 		end
 	end
 end

data/lib/falcon/configuration.rb

@@ -87,7 +87,9 @@ module Falcon
 						
 						context.session_id_context = ssl_session_id
 						
-						context.set_params
+						context.set_params(
+							verify_mode: OpenSSL::SSL::VERIFY_NONE,
+						)
 						
 						context.setup
 					end
@@ -137,10 +139,10 @@ module Falcon
 				
 				authority 'localhost'
 				scheme 'https'
-				protocol {::Async::HTTP::Protocol::HTTP2}
 				ipc_path {::File.expand_path("server.ipc", root)}
 				
-				endpoint {ProxyEndpoint.unix(ipc_path, protocol: protocol, scheme: scheme, authority: authority)}
+				endpoint {ProxyEndpoint.unix(ipc_path, protocol: Async::HTTP::Protocol::HTTP2, scheme: scheme, authority: authority)}
+				protocol {endpoint.protocol}
 				
 				bound_endpoint do
 					Async::Reactor.run do

data/lib/falcon/hosts.rb

@@ -69,22 +69,25 @@ module Falcon
 			Process::UID.change_privilege(stat.uid)
 		end
 		
+		def spawn(container)
+			container.spawn(name: self.name, restart: true) do |instance|
+				path = File.join(self.root, "falcon.rb")
+				
+				assume_privileges(path)
+				
+				instance.exec("bundle", "exec", path)
+			end
+		end
+		
 		def run(container)
 			if @environment.include?(:server)
 				bound_endpoint = self.bound_endpoint
 				
-				container.run(count: 1, name: self.name) do |task, instance|
+				container.run(name: self.name, restart: true) do |task, instance|
 					Async.logger.info(self) {"Starting application server..."}
 					
-					if root = self.root
-						Dir.chdir(root)
-					end
-					
 					server = @evaluator.server
 					
-					# Drop root privileges:
-					assume_privileges(root)
-					
 					server.run
 					
 					task.children.each(&:wait)
@@ -95,6 +98,7 @@ module Falcon
 	
 	class Hosts
 		DEFAULT_ALPN_PROTOCOLS = ['h2', 'http/1.1'].freeze
+		SERVER_CIPHERS = "EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5".freeze
 		
 		def initialize(configuration)
 			@named = {}
@@ -126,7 +130,11 @@ module Falcon
 				
 				context.session_id_context = "falcon"
 				context.alpn_protocols = DEFAULT_ALPN_PROTOCOLS
-				context.set_params
+				
+				context.set_params(
+					ciphers: SERVER_CIPHERS,
+					verify_mode: OpenSSL::SSL::VERIFY_NONE,
+				)
 				
 				context.setup
 			end
@@ -160,24 +168,31 @@ module Falcon
 		
 		def run(container = Async::Container::Forked.new, **options)
 			@named.each do |name, host|
-				host.run(container)
+				host.spawn(container)
 			end
 			
 			secure_endpoint = Async::HTTP::Endpoint.parse(options[:bind_secure], ssl_context: self.ssl_context)
 			insecure_endpoint = Async::HTTP::Endpoint.parse(options[:bind_insecure])
 			
-			container.run(count: 1, name: "Falcon Proxy") do |task, instance|
+			secure_endpoint_bound = insecure_endpoint_bound = nil
+			
+			Async::Reactor.run do
+				secure_endpoint_bound = Async::IO::SharedEndpoint.bound(secure_endpoint)
+				insecure_endpoint_bound = Async::IO::SharedEndpoint.bound(insecure_endpoint)
+			end.wait
+			
+			container.run(name: "Falcon Proxy", restart: true) do |task, instance|
 				proxy = self.proxy
 				
-				proxy_server = Falcon::Server.new(proxy, secure_endpoint)
+				proxy_server = Falcon::Server.new(proxy, secure_endpoint_bound, secure_endpoint.protocol, secure_endpoint.scheme)
 				
 				proxy_server.run
 			end
 			
-			container.run(count: 1, name: "Falcon Redirector") do |task, instance|
+			container.run(name: "Falcon Redirector", restart: true) do |task, instance|
 				redirection = self.redirection(secure_endpoint)
 				
-				redirection_server = Falcon::Server.new(redirection, insecure_endpoint)
+				redirection_server = Falcon::Server.new(redirection, insecure_endpoint_bound, insecure_endpoint.protocol, insecure_endpoint.scheme)
 				
 				redirection_server.run
 			end

data/lib/falcon/proxy.rb

@@ -97,7 +97,7 @@ module Falcon
 			# end
 			
 			# The authority of the request must match the authority of the endpoint we are proxying to, otherwise SNI and other things won't work correctly.
-			request.authority = host.endpoint.authority
+			request.authority = host.authority
 			
 			if address = request.remote_address
 				request.headers.add(X_FORWARDED_FOR, address.ip_address)

data/lib/falcon/version.rb

@@ -19,5 +19,5 @@
 # THE SOFTWARE.
 
 module Falcon
-	VERSION = "0.31.0"
+	VERSION = "0.32.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: falcon
 version: !ruby/object:Gem::Version
-  version: 0.31.0
+  version: 0.32.0
 platform: ruby
 authors:
 - Samuel Williams
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-23 00:00:00.000000000 Z
+date: 2019-06-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: async
@@ -44,28 +44,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.41.0
+        version: 0.43.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.41.0
+        version: 0.43.0
 - !ruby/object:Gem::Dependency
   name: async-container
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.0
+        version: 0.12.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.0
+        version: 0.12.0
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.12.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.12.0
 - !ruby/object:Gem::Dependency
   name: async-process
   requirement: !ruby/object:Gem::Requirement
@@ -249,10 +249,14 @@ files:
 - Gemfile
 - README.md
 - Rakefile
+- VIRTUAL.md
 - bin/falcon
 - examples/beer/config.ru
+- examples/beer/falcon.rb
 - examples/benchmark/config.ru
+- examples/benchmark/falcon.rb
 - examples/hello/config.ru
+- examples/hello/falcon.rb
 - examples/push/client.rb
 - examples/push/config.ru
 - examples/push/index.html
@@ -274,6 +278,7 @@ files:
 - lib/falcon/adapters/response.rb
 - lib/falcon/adapters/rewindable.rb
 - lib/falcon/command.rb
+- lib/falcon/command/host.rb
 - lib/falcon/command/serve.rb
 - lib/falcon/command/virtual.rb
 - lib/falcon/configuration.rb