RubyGems - puma - Versions diffs - 3.8.2 → 3.9.0 - Mend

puma 3.8.2 → 3.9.0

Potentially problematic release.

This version of puma might be problematic. Click here for more details.

Files changed (13) hide show

checksums.yaml +4 -4
data/History.md +23 -0
data/ext/puma_http11/mini_ssl.c +1 -1
data/ext/puma_http11/org/jruby/puma/MiniSSL.java +9 -2
data/lib/puma/const.rb +2 -2
data/lib/puma/events.rb +1 -2
data/lib/puma/launcher.rb +3 -0
data/lib/puma/minissl.rb +16 -1
data/lib/puma/runner.rb +2 -2
data/lib/puma/server.rb +5 -3
data/lib/puma/thread_pool.rb +9 -1
data/lib/rack/handler/puma.rb +6 -1
metadata +19 -19

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7b623ac72b5bea3525cc1c76bd48385e0eef0a17
-  data.tar.gz: d5a2ec55bef9deb959e22faa6c077e7b323a7834
+  metadata.gz: b81d09730460553a429075838b26bb574a4b9610
+  data.tar.gz: a3336117cdff61b925b86effef73382d5e765862
 SHA512:
-  metadata.gz: 33c903e1d88e6552d8146a9fd1a829f8c6e8f15d131ec37854d29025952186a9cafda9204b89d12682f3905973bb8c6c0606948587e34b36b62d24c16ad5572b
-  data.tar.gz: d4137246420030c7e1deb7988c7cf15f20b8543211d6c1ef6fae240092941aeeae60c53353d81d8aa7b62064410119f4e4a80d8427b16a5d6c98d4a6fe51b495
+  metadata.gz: 7a9b8d7cf54f2c97932e16ff76c19be931f936b246305912f1a2b939405af0a41192d7f5ee7ee462640e629a28476c591d44e702401d7a11128a8b3669af4151
+  data.tar.gz: dca5d59920db309d50c341cb19ab4f24d8d3f3781488e9c78a3a240b0d6f7908ad61854eb60965ffbeda10048285375ce9432b3c6d4444db1dd0cf5ca9799eaf

data/History.md CHANGED

@@ -1,3 +1,26 @@
+## 3.9.0 / 2017-06-01
+* 2 features:
+  * The ENV is now reset to its original values when Puma restarts via USR1/USR2 (#1260) (MRI only, no JRuby support)
+  * Puma will no longer accept more clients than the maximum number of threads. (#1278)
+* 9 bugfixes:
+  * Reduce information leakage by preventing HTTP parse errors from writing environment hashes to STDERR (#1306)
+  * Fix SSL/WebSocket compatibility (#1274)
+  * HTTP headers with empty values are no longer omitted from responses. (#1261)
+  * Fix a Rack env key which was set to nil. (#1259)
+  * peercert has been implemented for JRuby (#1248)
+  * Fix port settings when using rails s (#1277, #1290)
+  * Fix compat w/LibreSSL (#1285)
+  * Fix restarting Puma w/symlinks and a new Gemfile (#1282)
+  * Replace Dir.exists? with Dir.exist? (#1294)
+* 1 known issue:
+  * A bug in MRI 2.2+ can result in IOError: stream closed. See #1206. This issue has existed since at least Puma 3.6, and probably further back.
+* 1 refactor:
+  * Lots of test fixups from @grosser.
 ## 3.8.2 / 2017-03-14
 * 1 bugfix:

data/ext/puma_http11/mini_ssl.c CHANGED

@@ -88,7 +88,7 @@ DH *get_dh1024() {
   DH *dh;
   dh = DH_new();
-#if OPENSSL_VERSION_NUMBER < 0x10100005L
+#if OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER)
   dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
   dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);

data/ext/puma_http11/org/jruby/puma/MiniSSL.java CHANGED

@@ -6,6 +6,7 @@ import org.jruby.RubyModule;
 import org.jruby.RubyObject;
 import org.jruby.RubyString;
 import org.jruby.anno.JRubyMethod;
+import org.jruby.javasupport.JavaEmbedUtils;
 import org.jruby.runtime.Block;
 import org.jruby.runtime.ObjectAllocator;
 import org.jruby.runtime.ThreadContext;
@@ -18,6 +19,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -27,6 +29,7 @@ import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import static javax.net.ssl.SSLEngineResult.Status;
@@ -333,7 +336,11 @@ public class MiniSSL extends RubyObject {
   }
   @JRubyMethod
-  public IRubyObject peercert() {
-    return getRuntime().getNil();
+  public IRubyObject peercert() throws CertificateEncodingException {
+    try {
+      return JavaEmbedUtils.javaToRuby(getRuntime(), engine.getSession().getPeerCertificates()[0].getEncoded());
+    } catch (SSLPeerUnverifiedException ex) {
+      return getRuntime().getNil();
+    }
   }
 }

data/lib/puma/const.rb CHANGED

@@ -95,8 +95,8 @@ module Puma
   # too taxing on performance.
   module Const
-    PUMA_VERSION = VERSION = "3.8.2".freeze
-    CODE_NAME = "Sassy Salamander".freeze
+    PUMA_VERSION = VERSION = "3.9.0".freeze
+    CODE_NAME = "Private Caller".freeze
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
     FAST_TRACK_KA_TIMEOUT = 0.2

data/lib/puma/events.rb CHANGED

@@ -91,8 +91,7 @@ module Puma
     # parsing exception.
     #
     def parse_error(server, env, error)
-      @stderr.puts "#{Time.now}: HTTP parse error, malformed request (#{env[HTTP_X_FORWARDED_FOR] || env[REMOTE_ADDR]}): #{error.inspect}"
-      @stderr.puts "#{Time.now}: ENV: #{env.inspect}\n---\n"
+      @stderr.puts "#{Time.now}: HTTP parse error, malformed request (#{env[HTTP_X_FORWARDED_FOR] || env[REMOTE_ADDR]}): #{error.inspect}\n---\n"
     end
     # An SSL error has occurred.

data/lib/puma/launcher.rb CHANGED

@@ -163,6 +163,8 @@ module Puma
     # Run the server. This blocks until the server is stopped
     def run
+      previous_env = (defined?(Bundler) ? Bundler.clean_env : ENV.to_h)
       @config.clamp
       @config.plugins.fire_starts self
@@ -178,6 +180,7 @@ module Puma
         graceful_stop
       when :restart
         log "* Restarting..."
+        ENV.replace(previous_env)
         @runner.before_restart
         restart!
       when :exit

data/lib/puma/minissl.rb CHANGED

@@ -36,7 +36,9 @@ module Puma
         output
       end
-      def read_nonblock(size)
+      def read_nonblock(size, *_)
+        # *_ is to deal with keyword args that were added
+        # at some point (and being used in the wild)
         while true
           output = engine_read_all
           return output if output
@@ -77,6 +79,19 @@ module Puma
       alias_method :syswrite, :write
       alias_method :<<, :write
+      # This is a temporary fix to deal with websockets code using
+      # write_nonblock. The problem with implementing it properly
+      # is that it means we'd have to have the ability to rewind
+      # an engine because after we write+extract, the socket
+      # write_nonblock call might raise an exception and later
+      # code would pass the same data in, but the engine would think
+      # it had already written the data in. So for the time being
+      # (and since write blocking is quite rare), go ahead and actually
+      # block in write_nonblock.
+      def write_nonblock(data, *_)
+        write data
+      end
       def flush
         @socket.flush
       end

data/lib/puma/runner.rb CHANGED

@@ -107,7 +107,7 @@ module Puma
       append = @options[:redirect_append]
       if stdout
-        unless Dir.exists?(File.dirname(stdout))
+        unless Dir.exist?(File.dirname(stdout))
           raise "Cannot redirect STDOUT to #{stdout}"
         end
@@ -117,7 +117,7 @@ module Puma
       end
       if stderr
-        unless Dir.exists?(File.dirname(stderr))
+        unless Dir.exist?(File.dirname(stderr))
           raise "Cannot redirect STDERR to #{stderr}"
         end

data/lib/puma/server.rb CHANGED

@@ -363,7 +363,7 @@ module Puma
                     end
                     pool << client
-                    pool.wait_until_not_full unless queue_requests
+                    pool.wait_until_not_full
                   end
                 rescue SystemCallError
                   # nothing
@@ -522,7 +522,9 @@ module Puma
         raise "No REQUEST PATH" unless env[REQUEST_PATH]
-        env[QUERY_STRING] = uri.query
+        # A nil env value will cause a LintError (and fatal errors elsewhere),
+        # so only set the env value if there actually is a value.
+        env[QUERY_STRING] = uri.query if uri.query
       end
       env[PATH_INFO] = env[REQUEST_PATH]
@@ -687,7 +689,7 @@ module Puma
             next
           end
-          if vs.respond_to?(:to_s)
+          if vs.respond_to?(:to_s) && !vs.to_s.empty?
             vs.to_s.split(NEWLINE).each do |v|
               lines.append k, colon, v, line_ending
             end

data/lib/puma/thread_pool.rb CHANGED

@@ -155,7 +155,15 @@ module Puma
     def wait_until_not_full
       @mutex.synchronize do
-        until @todo.size - @waiting < @max - @spawned or @shutdown
+        while true
+          return if @shutdown
+          return if @waiting > 0
+          # If we can still spin up new threads and there
+          # is work queued, then accept more work until we would
+          # spin up the max number of threads.
+          return if @todo.size < @max - @spawned
           @not_full.wait @mutex
         end
       end

data/lib/rack/handler/puma.rb CHANGED

@@ -42,7 +42,12 @@ module Rack
             user_config.threads min, max
           end
-          self.set_host_port_to_config(options[:Host], options[:Port], user_config)
+          if options[:Host] || options[:Port]
+            host = options[:Host] || default_options[:Host]
+            port = options[:Port] || default_options[:Port]
+            self.set_host_port_to_config(host, port, user_config)
+          end
           self.set_host_port_to_config(default_options[:Host], default_options[:Port], default_config)
           user_config.app app

metadata CHANGED

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: puma
 version: !ruby/object:Gem::Version
-  version: 3.8.2
+  version: 3.9.0
 platform: ruby
 authors:
 - Evan Phoenix
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-03-14 00:00:00.000000000 Z
+date: 2017-06-01 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: rdoc
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
@@ -58,20 +44,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: hoe
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.14'
+        version: '3.15'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.14'
+        version: '3.15'
 description: Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server
   for Ruby/Rack applications. Puma is intended for use in both development and production
   environments. In order to get the best throughput, it is highly recommended that
@@ -197,7 +197,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.5.1
+rubygems_version: 2.5.2
 signing_key:
 specification_version: 4
 summary: Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for