RubyGems - puma - Versions diffs - 4.2.1 → 4.3.0 - Mend

puma 4.2.1 → 4.3.0

Potentially problematic release.

This version of puma might be problematic. Click here for more details.

Files changed (20) hide show

checksums.yaml +4 -4
data/History.md +16 -1
data/README.md +5 -25
data/docs/tcp_mode.md +96 -0
data/ext/puma_http11/extconf.rb +5 -0
data/ext/puma_http11/http11_parser.java.rl +21 -37
data/ext/puma_http11/org/jruby/puma/Http11.java +106 -114
data/ext/puma_http11/org/jruby/puma/Http11Parser.java +91 -106
data/ext/puma_http11/puma_http11.c +2 -0
data/lib/puma/binder.rb +2 -58
data/lib/puma/cli.rb +1 -1
data/lib/puma/const.rb +2 -2
data/lib/puma/control_cli.rb +11 -3
data/lib/puma/dsl.rb +4 -2
data/lib/puma/minissl/context_builder.rb +76 -0
data/lib/puma/reactor.rb +2 -1
data/lib/puma/runner.rb +7 -0
data/lib/puma/thread_pool.rb +1 -1
metadata +4 -3
data/lib/puma/convenient.rb +0 -25

data/lib/puma/cli.rb CHANGED

@@ -162,7 +162,7 @@ module Puma
           end
           o.on "--extra-runtime-dependencies GEM1,GEM2", "Defines any extra needed gems when using --prune-bundler" do |arg|
-            c.extra_runtime_dependencies arg.split(',')
+            user_config.extra_runtime_dependencies arg.split(',')
           end
           o.on "-q", "--quiet", "Do not log requests internally (default true)" do

data/lib/puma/const.rb CHANGED

@@ -100,8 +100,8 @@ module Puma
   # too taxing on performance.
   module Const
-    PUMA_VERSION = VERSION = "4.2.1".freeze
-    CODE_NAME = "Distant Airhorns".freeze
+    PUMA_VERSION = VERSION = "4.3.0".freeze
+    CODE_NAME = "Mysterious Traveller".freeze
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
     FAST_TRACK_KA_TIMEOUT = 0.2

data/lib/puma/control_cli.rb CHANGED

@@ -22,7 +22,7 @@ module Puma
       @control_auth_token = nil
       @config_file = nil
       @command = nil
-      @environment = ENV['RACK_ENV'] || "development"
+      @environment = ENV['RACK_ENV']
       @argv = argv.dup
       @stdout = stdout
@@ -82,8 +82,10 @@ module Puma
       @command = argv.shift
       unless @config_file == '-'
+        environment = @environment || 'development'
         if @config_file.nil?
-          @config_file = %W(config/puma/#{@environment}.rb config/puma.rb).find do |f|
+          @config_file = %W(config/puma/#{environment}.rb config/puma.rb).find do |f|
             File.exist?(f)
           end
         end
@@ -130,7 +132,7 @@ module Puma
         @pid = sf.pid
       elsif @pidfile
         # get pid from pid_file
-        @pid = File.open(@pidfile).gets.to_i
+        File.open(@pidfile) { |f| @pid = f.read.to_i }
       end
     end
@@ -139,6 +141,12 @@ module Puma
       # create server object by scheme
       server = case uri.scheme
+                when "ssl"
+                  require 'openssl'
+                  OpenSSL::SSL::SSLSocket.new(
+                    TCPSocket.new(uri.host, uri.port),
+                    OpenSSL::SSL::SSLContext.new
+                  ).tap(&:connect)
                 when "tcp"
                   TCPSocket.new uri.host, uri.port
                 when "unix"

data/lib/puma/dsl.rb CHANGED

@@ -583,6 +583,8 @@ module Puma
     # new Bundler context and thus can float around as the release
     # dictates.
     #
+    # See also: extra_runtime_dependencies
+    #
     # @note This is incompatible with +preload_app!+.
     # @note This is only supported for RubyGems 2.2+
     def prune_bundler(answer=true)
@@ -603,7 +605,7 @@ module Puma
     end
     # When using prune_bundler, if extra runtime dependencies need to be loaded to
-    # initialize your app, then this setting can be used.
+    # initialize your app, then this setting can be used. This includes any Puma plugins.
     #
     # Before bundler is pruned, the gem names supplied will be looked up in the bundler
     # context and then loaded again after bundler is pruned.
@@ -612,7 +614,7 @@ module Puma
     # @example
     #   extra_runtime_dependencies ['gem_name_1', 'gem_name_2']
     # @example
-    #   extra_runtime_dependencies ['puma_worker_killer']
+    #   extra_runtime_dependencies ['puma_worker_killer', 'puma-heroku']
     def extra_runtime_dependencies(answer = [])
       @options[:extra_runtime_dependencies] = Array(answer)
     end

data/lib/puma/minissl/context_builder.rb ADDED

@@ -0,0 +1,76 @@
+module Puma
+  module MiniSSL
+    class ContextBuilder
+      def initialize(params, events)
+        require 'puma/minissl'
+        MiniSSL.check
+        @params = params
+        @events = events
+      end
+      def context
+        ctx = MiniSSL::Context.new
+        if defined?(JRUBY_VERSION)
+          unless params['keystore']
+            events.error "Please specify the Java keystore via 'keystore='"
+          end
+          ctx.keystore = params['keystore']
+          unless params['keystore-pass']
+            events.error "Please specify the Java keystore password  via 'keystore-pass='"
+          end
+          ctx.keystore_pass = params['keystore-pass']
+          ctx.ssl_cipher_list = params['ssl_cipher_list'] if params['ssl_cipher_list']
+        else
+          unless params['key']
+            events.error "Please specify the SSL key via 'key='"
+          end
+          ctx.key = params['key']
+          unless params['cert']
+            events.error "Please specify the SSL cert via 'cert='"
+          end
+          ctx.cert = params['cert']
+          if ['peer', 'force_peer'].include?(params['verify_mode'])
+            unless params['ca']
+              events.error "Please specify the SSL ca via 'ca='"
+            end
+          end
+          ctx.ca = params['ca'] if params['ca']
+          ctx.ssl_cipher_filter = params['ssl_cipher_filter'] if params['ssl_cipher_filter']
+        end
+        ctx.no_tlsv1 = true if params['no_tlsv1'] == 'true'
+        ctx.no_tlsv1_1 = true if params['no_tlsv1_1'] == 'true'
+        if params['verify_mode']
+          ctx.verify_mode = case params['verify_mode']
+                            when "peer"
+                              MiniSSL::VERIFY_PEER
+                            when "force_peer"
+                              MiniSSL::VERIFY_PEER | MiniSSL::VERIFY_FAIL_IF_NO_PEER_CERT
+                            when "none"
+                              MiniSSL::VERIFY_NONE
+                            else
+                              events.error "Please specify a valid verify_mode="
+                              MiniSSL::VERIFY_NONE
+                            end
+        end
+        ctx
+      end
+      private
+      attr_reader :params, :events
+    end
+  end
+end

data/lib/puma/reactor.rb CHANGED

@@ -237,7 +237,8 @@ module Puma
                 ssl_socket = c.io
                 begin
                   addr = ssl_socket.peeraddr.last
-                rescue IOError
+                # EINVAL can happen when browser closes socket w/security exception
+                rescue IOError, Errno::EINVAL
                   addr = "<unknown>"
                 end

data/lib/puma/runner.rb CHANGED

@@ -2,6 +2,7 @@
 require 'puma/server'
 require 'puma/const'
+require 'puma/minissl/context_builder'
 module Puma
   # Generic class that is used by `Puma::Cluster` and `Puma::Single` to
@@ -64,6 +65,12 @@ module Puma
       control.max_threads = 1
       case uri.scheme
+      when "ssl"
+          log "* Starting control server on #{str}"
+          params = Util.parse_query uri.query
+          ctx = MiniSSL::ContextBuilder.new(params, @events).context
+          control.add_ssl_listener uri.host, uri.port, ctx
       when "tcp"
         log "* Starting control server on #{str}"
         control.add_tcp_listener uri.host, uri.port

data/lib/puma/thread_pool.rb CHANGED

@@ -189,7 +189,7 @@ module Puma
     # request, it might not be added to the `@todo` array right away.
     # For example if a slow client has only sent a header, but not a body
     # then the `@todo` array would stay the same size as the reactor works
-    # to try to buffer the request. In tha scenario the next call to this
+    # to try to buffer the request. In that scenario the next call to this
     # method would not block and another request would be added into the reactor
     # by the server. This would continue until a fully bufferend request
     # makes it through the reactor and can then be processed by the thread pool.

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puma
 version: !ruby/object:Gem::Version
-  version: 4.2.1
+  version: 4.3.0
 platform: ruby
 authors:
 - Evan Phoenix
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-07 00:00:00.000000000 Z
+date: 2019-11-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nio4r
@@ -53,6 +53,7 @@ files:
 - docs/restart.md
 - docs/signals.md
 - docs/systemd.md
+- docs/tcp_mode.md
 - ext/puma_http11/PumaHttp11Service.java
 - ext/puma_http11/ext_help.h
 - ext/puma_http11/extconf.rb
@@ -79,7 +80,6 @@ files:
 - lib/puma/configuration.rb
 - lib/puma/const.rb
 - lib/puma/control_cli.rb
-- lib/puma/convenient.rb
 - lib/puma/detect.rb
 - lib/puma/dsl.rb
 - lib/puma/events.rb
@@ -87,6 +87,7 @@ files:
 - lib/puma/jruby_restart.rb
 - lib/puma/launcher.rb
 - lib/puma/minissl.rb
+- lib/puma/minissl/context_builder.rb
 - lib/puma/null_io.rb
 - lib/puma/plugin.rb
 - lib/puma/plugin/tmp_restart.rb

data/lib/puma/convenient.rb DELETED

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-require 'puma/launcher'
-require 'puma/configuration'
-module Puma
-  def self.run(opts={})
-    cfg = Puma::Configuration.new do |user_config|
-      if port = opts[:port]
-        user_config.port port
-      end
-      user_config.quiet
-      yield c
-    end
-    cfg.clamp
-    events = Puma::Events.null
-    launcher = Puma::Launcher.new cfg, :events => events
-    launcher.run
-  end
-end