puma 3.12.1 → 5.6.4

data/lib/puma/configuration.rb

@@ -11,6 +11,7 @@ module Puma
 
     DefaultTCPHost = "0.0.0.0"
     DefaultTCPPort = 9292
+    DefaultWorkerCheckInterval = 5
     DefaultWorkerTimeout = 60
     DefaultWorkerShutdownTimeout = 30
   end
@@ -20,7 +21,7 @@ module Puma
   # In this class any "user" specified options take precedence over any
   # "file" specified options, take precedence over any "default" options.
   #
-  # User input is prefered over "defaults":
+  # User input is preferred over "defaults":
   #   user_options    = { foo: "bar" }
   #   default_options = { foo: "zoo" }
   #   options = UserFileDefaultOptions.new(user_options, default_options)
@@ -32,7 +33,7 @@ module Puma
   #   puts options.all_of(:foo)
   #   # => ["bar", "zoo"]
   #
-  # A "file" option can be set. This config will be prefered over "default" options
+  # A "file" option can be set. This config will be preferred over "default" options
   # but will defer to any available "user" specified options.
   #
   #   user_options    = { foo: "bar" }
@@ -54,9 +55,7 @@ module Puma
     attr_reader :user_options, :file_options, :default_options
 
     def [](key)
-      return user_options[key]    if user_options.key?(key)
-      return file_options[key]    if file_options.key?(key)
-      return default_options[key] if default_options.key?(key)
+      fetch(key)
     end
 
     def []=(key, value)
@@ -64,7 +63,11 @@ module Puma
     end
 
     def fetch(key, default_value = nil)
-      self[key] || default_value
+      return user_options[key]    if user_options.key?(key)
+      return file_options[key]    if file_options.key?(key)
+      return default_options[key] if default_options.key?(key)
+
+      default_value
     end
 
     def all_of(key)
@@ -90,6 +93,12 @@ module Puma
         end
       end
     end
+
+    def final_options
+      default_options
+        .merge(file_options)
+        .merge(user_options)
+    end
   end
 
   # The main configuration class of Puma.
@@ -106,16 +115,17 @@ module Puma
   #
   # It also handles loading plugins.
   #
-  # > Note: `:port` and `:host` are not valid keys. By they time they make it to the
+  # [Note:]
+  #   `:port` and `:host` are not valid keys. By the time they make it to the
   #   configuration options they are expected to be incorporated into a `:binds` key.
   #   Under the hood the DSL maps `port` and `host` calls to `:binds`
   #
-  #   config = Configuration.new({}) do |user_config, file_config, default_config|
-  #     user_config.port 3003
-  #   end
-  #   config.load
-  #   puts config.options[:port]
-  #   # => 3003
+  #     config = Configuration.new({}) do |user_config, file_config, default_config|
+  #       user_config.port 3003
+  #     end
+  #     config.load
+  #     puts config.options[:port]
+  #     # => 3003
   #
   # It is expected that `load` is called on the configuration instance after setting
   # config. This method expands any values in `config_file` and puts them into the
@@ -137,6 +147,10 @@ module Puma
       @file_dsl    = DSL.new(@options.file_options, self)
       @default_dsl = DSL.new(@options.default_options, self)
 
+      if !@options[:prune_bundler]
+        default_options[:preload_app] = (@options[:workers] > 1) && Puma.forkable?
+      end
+
       if block
         configure(&block)
       end
@@ -167,26 +181,37 @@ module Puma
       self
     end
 
+    # @version 5.0.0
+    def default_max_threads
+      Puma.mri? ? 5 : 16
+    end
+
     def puma_default_options
       {
-        :min_threads => 0,
-        :max_threads => 16,
+        :min_threads => Integer(ENV['PUMA_MIN_THREADS'] || ENV['MIN_THREADS'] || 0),
+        :max_threads => Integer(ENV['PUMA_MAX_THREADS'] || ENV['MAX_THREADS'] || default_max_threads),
         :log_requests => false,
         :debug => false,
         :binds => ["tcp://#{DefaultTCPHost}:#{DefaultTCPPort}"],
-        :workers => 0,
-        :daemon => false,
+        :workers => Integer(ENV['WEB_CONCURRENCY'] || 0),
+        :silence_single_worker_warning => false,
         :mode => :http,
+        :worker_check_interval => DefaultWorkerCheckInterval,
         :worker_timeout => DefaultWorkerTimeout,
         :worker_boot_timeout => DefaultWorkerTimeout,
         :worker_shutdown_timeout => DefaultWorkerShutdownTimeout,
+        :worker_culling_strategy => :youngest,
         :remote_address => :socket,
         :tag => method(:infer_tag),
-        :environment => -> { ENV['RACK_ENV'] || "development" },
+        :environment => -> { ENV['APP_ENV'] || ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development' },
         :rackup => DefaultRackup,
         :logger => STDOUT,
         :persistent_timeout => Const::PERSISTENT_TIMEOUT,
-        :first_data_timeout => Const::FIRST_DATA_TIMEOUT
+        :first_data_timeout => Const::FIRST_DATA_TIMEOUT,
+        :raise_exception_on_sigterm => true,
+        :max_fast_inline => Const::MAX_FAST_INLINE,
+        :io_selector_backend => :auto,
+        :mutate_stdout_and_stderr_to_sync_on_write => true,
       }
     end
 
@@ -244,14 +269,6 @@ module Puma
     def app
       found = options[:app] || load_rackup
 
-      if @options[:mode] == :tcp
-        require 'puma/tcp_logger'
-
-        logger = @options[:logger]
-        quiet = !@options[:log_requests]
-        return TCPLogger.new(logger, found, quiet)
-      end
-
       if @options[:log_requests]
         require 'puma/commonlogger'
         logger = @options[:logger]
@@ -274,8 +291,19 @@ module Puma
       @plugins.create name
     end
 
-    def run_hooks(key, arg)
-      @options.all_of(key).each { |b| b.call arg }
+    def run_hooks(key, arg, events)
+      @options.all_of(key).each do |b|
+        begin
+          b.call arg
+        rescue => e
+          events.log "WARNING hook #{key} failed with exception (#{e.class}) #{e.message}"
+          events.debug e.backtrace.join("\n")
+        end
+      end
+    end
+
+    def final_options
+      @options.final_options
     end
 
     def self.temp_path
@@ -318,6 +346,8 @@ module Puma
       raise "Missing rackup file '#{rackup}'" unless File.exist?(rackup)
 
       rack_app, rack_options = rack_builder.parse_file(rackup)
+      rack_options = rack_options || {}
+
       @options.file_options.merge!(rack_options)
 
       config_ru_binds = []
@@ -331,29 +361,9 @@ module Puma
     end
 
     def self.random_token
-      begin
-        require 'openssl'
-      rescue LoadError
-      end
-
-      count = 16
-
-      bytes = nil
-
-      if defined? OpenSSL::Random
-        bytes = OpenSSL::Random.random_bytes(count)
-      elsif File.exist?("/dev/urandom")
-        File.open('/dev/urandom') { |f| bytes = f.read(count) }
-      end
-
-      if bytes
-        token = "".dup
-        bytes.each_byte { |b| token << b.to_s(16) }
-      else
-        token = (0..count).to_a.map { rand(255).to_s(16) }.join
-      end
+      require 'securerandom' unless defined?(SecureRandom)
 
-      return token
+      SecureRandom.hex(16)
     end
   end
 end

data/lib/puma/const.rb

@@ -76,7 +76,7 @@ module Puma
     508 => 'Loop Detected',
     510 => 'Not Extended',
     511 => 'Network Authentication Required'
-  }
+  }.freeze
 
   # For some HTTP status codes the client only expects headers.
   #
@@ -85,7 +85,7 @@ module Puma
     204 => true,
     205 => true,
     304 => true
-  }
+  }.freeze
 
   # Frequently used constants when constructing requests or responses.  Many times
   # the constant just refers to a string with the same contents.  Using these constants
@@ -100,8 +100,9 @@ module Puma
   # too taxing on performance.
   module Const
 
-    PUMA_VERSION = VERSION = "3.12.1".freeze
-    CODE_NAME = "Llamas in Pajamas".freeze
+    PUMA_VERSION = VERSION = "5.6.4".freeze
+    CODE_NAME = "Birdie's Version".freeze
+
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
 
     FAST_TRACK_KA_TIMEOUT = 0.2
@@ -118,31 +119,37 @@ module Puma
     # sending data back
     WRITE_TIMEOUT = 10
 
+    # How many requests to attempt inline before sending a client back to
+    # the reactor to be subject to normal ordering. The idea here is that
+    # we amortize the cost of going back to the reactor for a well behaved
+    # but very "greedy" client across 10 requests. This prevents a not
+    # well behaved client from monopolizing the thread forever.
+    MAX_FAST_INLINE = 10
+
     # The original URI requested by the client.
     REQUEST_URI= 'REQUEST_URI'.freeze
     REQUEST_PATH = 'REQUEST_PATH'.freeze
     QUERY_STRING = 'QUERY_STRING'.freeze
+    CONTENT_LENGTH = "CONTENT_LENGTH".freeze
 
     PATH_INFO = 'PATH_INFO'.freeze
 
     PUMA_TMP_BASE = "puma".freeze
 
-    # Indicate that we couldn't parse the request
-    ERROR_400_RESPONSE = "HTTP/1.1 400 Bad Request\r\n\r\n".freeze
-
-    # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
-    ERROR_404_RESPONSE = "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND".freeze
-
-    # The standard empty 408 response for requests that timed out.
-    ERROR_408_RESPONSE = "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze
-
-    CONTENT_LENGTH = "CONTENT_LENGTH".freeze
-
-    # Indicate that there was an internal error, obviously.
-    ERROR_500_RESPONSE = "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze
-
-    # A common header for indicating the server is too busy.  Not used yet.
-    ERROR_503_RESPONSE = "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
+    ERROR_RESPONSE = {
+      # Indicate that we couldn't parse the request
+      400 => "HTTP/1.1 400 Bad Request\r\n\r\n".freeze,
+      # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
+      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND".freeze,
+      # The standard empty 408 response for requests that timed out.
+      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze,
+      # Indicate that there was an internal error, obviously.
+      500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze,
+      # Incorrect or invalid header value
+      501 => "HTTP/1.1 501 Not Implemented\r\n\r\n".freeze,
+      # A common header for indicating the server is too busy.  Not used yet.
+      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
+    }.freeze
 
     # The basic max request size we'll try to read.
     CHUNK_SIZE = 16 * 1024
@@ -160,6 +167,9 @@ module Puma
     LINE_END = "\r\n".freeze
     REMOTE_ADDR = "REMOTE_ADDR".freeze
     HTTP_X_FORWARDED_FOR = "HTTP_X_FORWARDED_FOR".freeze
+    HTTP_X_FORWARDED_SSL = "HTTP_X_FORWARDED_SSL".freeze
+    HTTP_X_FORWARDED_SCHEME = "HTTP_X_FORWARDED_SCHEME".freeze
+    HTTP_X_FORWARDED_PROTO = "HTTP_X_FORWARDED_PROTO".freeze
 
     SERVER_NAME = "SERVER_NAME".freeze
     SERVER_PORT = "SERVER_PORT".freeze
@@ -168,7 +178,6 @@ module Puma
     PORT_443 = "443".freeze
     LOCALHOST = "localhost".freeze
     LOCALHOST_IP = "127.0.0.1".freeze
-    LOCALHOST_ADDR = "127.0.0.1:0".freeze
 
     SERVER_PROTOCOL = "SERVER_PROTOCOL".freeze
     HTTP_11 = "HTTP/1.1".freeze
@@ -227,5 +236,17 @@ module Puma
     HIJACK_IO = "rack.hijack_io".freeze
 
     EARLY_HINTS = "rack.early_hints".freeze
+
+    # Illegal character in the key or value of response header
+    DQUOTE = "\"".freeze
+    HTTP_HEADER_DELIMITER = Regexp.escape("(),/:;<=>?@[]{}\\").freeze
+    ILLEGAL_HEADER_KEY_REGEX = /[\x00-\x20#{DQUOTE}#{HTTP_HEADER_DELIMITER}]/.freeze
+    # header values can contain HTAB?
+    ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
+
+    # Banned keys of response header
+    BANNED_HEADER_KEY = /\A(rack\.|status\z)/.freeze
+
+    PROXY_PROTOCOL_V1_REGEX = /^PROXY (?:TCP4|TCP6|UNKNOWN) ([^\r]+)\r\n/.freeze
   end
 end

data/lib/puma/control_cli.rb

@@ -11,7 +11,32 @@ require 'socket'
 module Puma
   class ControlCLI
 
-    COMMANDS = %w{halt restart phased-restart start stats status stop reload-worker-directory gc gc-stats}
+    # values must be string or nil
+    # value of `nil` means command cannot be processed via signal
+    # @version 5.0.3
+    CMD_PATH_SIG_MAP = {
+      'gc'       => nil,
+      'gc-stats' => nil,
+      'halt'     => 'SIGQUIT',
+      'phased-restart' => 'SIGUSR1',
+      'refork'   => 'SIGURG',
+      'reload-worker-directory' => nil,
+      'restart'  => 'SIGUSR2',
+      'start'    => nil,
+      'stats'    => nil,
+      'status'   => '',
+      'stop'     => 'SIGTERM',
+      'thread-backtraces' => nil
+    }.freeze
+
+    # @deprecated 6.0.0
+    COMMANDS = CMD_PATH_SIG_MAP.keys.freeze
+
+    # commands that cannot be used in a request
+    NO_REQ_COMMANDS = %w{refork}.freeze
+
+    # @version 5.0.0
+    PRINTABLE_COMMANDS = %w{gc-stats stats thread-backtraces}.freeze
 
     def initialize(argv, stdout=STDOUT, stderr=STDERR)
       @state = nil
@@ -22,6 +47,7 @@ module Puma
       @control_auth_token = nil
       @config_file = nil
       @command = nil
+      @environment = ENV['APP_ENV'] || ENV['RACK_ENV'] || ENV['RAILS_ENV']
 
       @argv = argv.dup
       @stdout = stdout
@@ -29,7 +55,7 @@ module Puma
       @cli_options = {}
 
       opts = OptionParser.new do |o|
-        o.banner = "Usage: pumactl (-p PID | -P pidfile | -S status_file | -C url -T token | -F config.rb) (#{COMMANDS.join("|")})"
+        o.banner = "Usage: pumactl (-p PID | -P pidfile | -S status_file | -C url -T token | -F config.rb) (#{CMD_PATH_SIG_MAP.keys.join("|")})"
 
         o.on "-S", "--state PATH", "Where the state file to use is" do |arg|
           @state = arg
@@ -59,13 +85,18 @@ module Puma
           @config_file = arg
         end
 
+        o.on "-e", "--environment ENVIRONMENT",
+          "The environment to run the Rack app on (default development)" do |arg|
+          @environment = arg
+        end
+
         o.on_tail("-H", "--help", "Show this message") do
           @stdout.puts o
           exit
         end
 
         o.on_tail("-V", "--version", "Show version") do
-          puts Const::PUMA_VERSION
+          @stdout.puts Const::PUMA_VERSION
           exit
         end
       end
@@ -75,9 +106,22 @@ module Puma
 
       @command = argv.shift
 
+      # check presence of command
+      unless @command
+        raise "Available commands: #{CMD_PATH_SIG_MAP.keys.join(", ")}"
+      end
+
+      unless CMD_PATH_SIG_MAP.key? @command
+        raise "Invalid command: #{@command}"
+      end
+
       unless @config_file == '-'
-        if @config_file.nil? and File.exist?('config/puma.rb')
-          @config_file = 'config/puma.rb'
+        environment = @environment || 'development'
+
+        if @config_file.nil?
+          @config_file = %W(config/puma/#{environment}.rb config/puma.rb).find do |f|
+            File.exist?(f)
+          end
         end
 
         if @config_file
@@ -89,19 +133,8 @@ module Puma
           @pidfile            ||= config.options[:pidfile]
         end
       end
-
-      # check present of command
-      unless @command
-        raise "Available commands: #{COMMANDS.join(", ")}"
-      end
-
-      unless COMMANDS.include? @command
-        raise "Invalid command: #{@command}"
-      end
-
     rescue => e
       @stdout.puts e.message
-      @stdout.puts e.backtrace
       exit 1
     end
 
@@ -123,7 +156,7 @@ module Puma
         @pid = sf.pid
       elsif @pidfile
         # get pid from pid_file
-        @pid = File.open(@pidfile).gets.to_i
+        @pid = File.read(@pidfile, mode: 'rb:UTF-8').to_i
       end
     end
 
@@ -131,17 +164,29 @@ module Puma
       uri = URI.parse @control_url
 
       # create server object by scheme
-      server = case uri.scheme
-                when "tcp"
-                  TCPSocket.new uri.host, uri.port
-                when "unix"
-                  UNIXSocket.new "#{uri.host}#{uri.path}"
-                else
-                  raise "Invalid scheme: #{uri.scheme}"
-                end
-
-      if @command == "status"
-        message "Puma is started"
+      server =
+        case uri.scheme
+        when 'ssl'
+          require 'openssl'
+          OpenSSL::SSL::SSLSocket.new(
+            TCPSocket.new(uri.host, uri.port),
+            OpenSSL::SSL::SSLContext.new)
+            .tap { |ssl| ssl.sync_close = true }  # default is false
+            .tap(&:connect)
+        when 'tcp'
+          TCPSocket.new uri.host, uri.port
+        when 'unix'
+          # check for abstract UNIXSocket
+          UNIXSocket.new(@control_url.start_with?('unix://@') ?
+            "\0#{uri.host}#{uri.path}" : "#{uri.host}#{uri.path}")
+        else
+          raise "Invalid scheme: #{uri.scheme}"
+        end
+
+      if @command == 'status'
+        message 'Puma is started'
+      elsif NO_REQ_COMMANDS.include? @command
+        raise "Invalid request command: #{@command}"
       else
         url = "/#{@command}"
 
@@ -149,10 +194,10 @@ module Puma
           url = url + "?token=#{@control_auth_token}"
         end
 
-        server << "GET #{url} HTTP/1.0\r\n\r\n"
+        server.syswrite "GET #{url} HTTP/1.0\r\n\r\n"
 
         unless data = server.read
-          raise "Server closed connection before responding"
+          raise 'Server closed connection before responding'
         end
 
         response = data.split("\r\n")
@@ -161,57 +206,55 @@ module Puma
           raise "Server sent empty response"
         end
 
-        (@http,@code,@message) = response.first.split(" ",3)
+        @http, @code, @message = response.first.split(' ',3)
 
-        if @code == "403"
-          raise "Unauthorized access to server (wrong auth token)"
-        elsif @code == "404"
+        if @code == '403'
+          raise 'Unauthorized access to server (wrong auth token)'
+        elsif @code == '404'
           raise "Command error: #{response.last}"
-        elsif @code != "200"
+        elsif @code != '200'
           raise "Bad response from server: #{@code}"
         end
 
         message "Command #{@command} sent success"
-        message response.last if @command == "stats" || @command == "gc-stats"
+        message response.last if PRINTABLE_COMMANDS.include?(@command)
       end
     ensure
-      server.close if server && !server.closed?
+      if server
+        if uri.scheme == 'ssl'
+          server.sysclose
+        else
+          server.close unless server.closed?
+        end
+      end
     end
 
     def send_signal
       unless @pid
-        raise "Neither pid nor control url available"
+        raise 'Neither pid nor control url available'
       end
 
       begin
+        sig = CMD_PATH_SIG_MAP[@command]
 
-        case @command
-        when "restart"
-          Process.kill "SIGUSR2", @pid
-
-        when "halt"
-          Process.kill "QUIT", @pid
-
-        when "stop"
-          Process.kill "SIGTERM", @pid
-
-        when "stats"
-          puts "Stats not available via pid only"
-          return
-
-        when "reload-worker-directory"
-          puts "reload-worker-directory not available via pid only"
+        if sig.nil?
+          @stdout.puts "'#{@command}' not available via pid only"
+          @stdout.flush unless @stdout.sync
           return
-
-        when "phased-restart"
-          Process.kill "SIGUSR1", @pid
-
-        else
+        elsif sig.start_with? 'SIG'
+          Process.kill sig, @pid
+        elsif @command == 'status'
+          begin
+            Process.kill 0, @pid
+            @stdout.puts 'Puma is started'
+            @stdout.flush unless @stdout.sync
+          rescue Errno::ESRCH
+            raise 'Puma is not running'
+          end
           return
         end
-
       rescue SystemCallError
-        if @command == "restart"
+        if @command == 'restart'
           start
         else
           raise "No pid '#{@pid}' found"
@@ -222,23 +265,21 @@ module Puma
     end
 
     def run
-      return start if @command == "start"
-
+      return start if @command == 'start'
       prepare_configuration
 
-      if Puma.windows?
+      if Puma.windows? || @control_url
         send_request
       else
-        @control_url ? send_request : send_signal
+        send_signal
       end
 
     rescue => e
       message e.message
-      message e.backtrace
       exit 1
     end
 
-  private
+    private
     def start
       require 'puma/cli'
 
@@ -250,6 +291,7 @@ module Puma
       run_args += ["--control-url", @control_url] if @control_url
       run_args += ["--control-token", @control_auth_token] if @control_auth_token
       run_args += ["-C", @config_file] if @config_file
+      run_args += ["-e", @environment] if @environment
 
       events = Puma::Events.new @stdout, @stderr
 

data/lib/puma/detect.rb

@@ -1,15 +1,42 @@
 # frozen_string_literal: true
 
+# This file can be loaded independently of puma.rb, so it cannot have any code
+# that assumes puma.rb is loaded.
+
+
 module Puma
-  IS_JRUBY = defined?(JRUBY_VERSION)
+  # @version 5.2.1
+  HAS_FORK = ::Process.respond_to? :fork
+
+  IS_JRUBY = Object.const_defined? :JRUBY_VERSION
+
+  IS_OSX = RUBY_PLATFORM.include? 'darwin'
+
+  IS_WINDOWS = !!(RUBY_PLATFORM =~ /mswin|ming|cygwin/) ||
+    IS_JRUBY && RUBY_DESCRIPTION.include?('mswin')
+
+  # @version 5.2.0
+  IS_MRI = (RUBY_ENGINE == 'ruby' || RUBY_ENGINE.nil?)
 
   def self.jruby?
     IS_JRUBY
   end
 
-  IS_WINDOWS = RUBY_PLATFORM =~ /mswin|ming|cygwin/
+  def self.osx?
+    IS_OSX
+  end
 
   def self.windows?
     IS_WINDOWS
   end
+
+  # @version 5.0.0
+  def self.mri?
+    IS_MRI
+  end
+
+  # @version 5.0.0
+  def self.forkable?
+    HAS_FORK
+  end
 end