puma 4.3.12 → 5.6.4

data/ext/puma_http11/org/jruby/puma/MiniSSL.java

@@ -6,6 +6,7 @@ import org.jruby.RubyModule;
 import org.jruby.RubyObject;
 import org.jruby.RubyString;
 import org.jruby.anno.JRubyMethod;
+import org.jruby.exceptions.RaiseException;
 import org.jruby.javasupport.JavaEmbedUtils;
 import org.jruby.runtime.Block;
 import org.jruby.runtime.ObjectAllocator;
@@ -22,6 +23,7 @@ import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
 import java.io.FileInputStream;
+import java.io.InputStream;
 import java.io.IOException;
 import java.nio.Buffer;
 import java.nio.ByteBuffer;
@@ -32,6 +34,8 @@ import java.security.NoSuchAlgorithmException;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.Map;
 
 import static javax.net.ssl.SSLEngineResult.Status;
 import static javax.net.ssl.SSLEngineResult.HandshakeStatus;
@@ -77,11 +81,11 @@ public class MiniSSL extends RubyObject {
     /**
      * Writes bytes to the buffer after ensuring there's room
      */
-    public void put(byte[] bytes) {
-      if (buffer.remaining() < bytes.length) {
-        resize(buffer.limit() + bytes.length);
+    private void put(byte[] bytes, final int offset, final int length) {
+      if (buffer.remaining() < length) {
+        resize(buffer.limit() + length);
       }
-      buffer.put(bytes);
+      buffer.put(bytes, offset, length);
     }
 
     /**
@@ -112,7 +116,7 @@ public class MiniSSL extends RubyObject {
 
       buffer.get(bss);
       buffer.clear();
-      return new ByteList(bss);
+      return new ByteList(bss, false);
     }
 
     @Override
@@ -120,6 +124,8 @@ public class MiniSSL extends RubyObject {
   }
 
   private SSLEngine engine;
+  private boolean closed;
+  private boolean handshake;
   private MiniSSLBuffer inboundNetData;
   private MiniSSLBuffer outboundAppData;
   private MiniSSLBuffer outboundNetData;
@@ -128,10 +134,39 @@ public class MiniSSL extends RubyObject {
     super(runtime, klass);
   }
 
+  private static Map<String, KeyManagerFactory> keyManagerFactoryMap = new ConcurrentHashMap<String, KeyManagerFactory>();
+  private static Map<String, TrustManagerFactory> trustManagerFactoryMap = new ConcurrentHashMap<String, TrustManagerFactory>();
+
   @JRubyMethod(meta = true)
-  public static IRubyObject server(ThreadContext context, IRubyObject recv, IRubyObject miniSSLContext) {
-    RubyClass klass = (RubyClass) recv;
+  public static synchronized IRubyObject server(ThreadContext context, IRubyObject recv, IRubyObject miniSSLContext)
+      throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException {
+    // Create the KeyManagerFactory and TrustManagerFactory for this server
+    String keystoreFile = miniSSLContext.callMethod(context, "keystore").convertToString().asJavaString();
+    char[] password = miniSSLContext.callMethod(context, "keystore_pass").convertToString().asJavaString().toCharArray();
+
+    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+    InputStream is = new FileInputStream(keystoreFile);
+    try {
+      ks.load(is, password);
+    } finally {
+      is.close();
+    }
+    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+    kmf.init(ks, password);
+    keyManagerFactoryMap.put(keystoreFile, kmf);
+
+    KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
+    is = new FileInputStream(keystoreFile);
+    try {
+      ts.load(is, password);
+    } finally {
+      is.close();
+    }
+    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+    tmf.init(ts);
+    trustManagerFactoryMap.put(keystoreFile, tmf);
 
+    RubyClass klass = (RubyClass) recv;
     return klass.newInstance(context,
         new IRubyObject[] { miniSSLContext },
         Block.NULL_BLOCK);
@@ -139,24 +174,20 @@ public class MiniSSL extends RubyObject {
 
   @JRubyMethod
   public IRubyObject initialize(ThreadContext threadContext, IRubyObject miniSSLContext)
-      throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
-    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
-    KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
+      throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
 
-    char[] password = miniSSLContext.callMethod(threadContext, "keystore_pass").convertToString().asJavaString().toCharArray();
     String keystoreFile = miniSSLContext.callMethod(threadContext, "keystore").convertToString().asJavaString();
-    ks.load(new FileInputStream(keystoreFile), password);
-    ts.load(new FileInputStream(keystoreFile), password);
-
-    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-    kmf.init(ks, password);
-
-    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-    tmf.init(ts);
+    KeyManagerFactory kmf = keyManagerFactoryMap.get(keystoreFile);
+    TrustManagerFactory tmf = trustManagerFactoryMap.get(keystoreFile);
+    if(kmf == null || tmf == null) {
+      throw new KeyStoreException("Could not find KeyManagerFactory/TrustManagerFactory for keystore: " + keystoreFile);
+    }
 
     SSLContext sslCtx = SSLContext.getInstance("TLS");
 
     sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+    closed = false;
+    handshake = false;
     engine = sslCtx.createSSLEngine();
 
     String[] protocols;
@@ -173,7 +204,7 @@ public class MiniSSL extends RubyObject {
     engine.setEnabledProtocols(protocols);
     engine.setUseClientMode(false);
 
-    long verify_mode = miniSSLContext.callMethod(threadContext, "verify_mode").convertToInteger().getLongValue();
+    long verify_mode = miniSSLContext.callMethod(threadContext, "verify_mode").convertToInteger("to_i").getLongValue();
     if ((verify_mode & 0x1) != 0) { // 'peer'
         engine.setWantClientAuth(true);
     }
@@ -198,14 +229,9 @@ public class MiniSSL extends RubyObject {
 
   @JRubyMethod
   public IRubyObject inject(IRubyObject arg) {
-    try {
-      byte[] bytes = arg.convertToString().getBytes();
-      inboundNetData.put(bytes);
-      return this;
-    } catch (Exception e) {
-      e.printStackTrace();
-      throw new RuntimeException(e);
-    }
+    ByteList bytes = arg.convertToString().getByteList();
+    inboundNetData.put(bytes.unsafeBytes(), bytes.getBegin(), bytes.getRealSize());
+    return this;
   }
 
   private enum SSLOperation {
@@ -240,14 +266,21 @@ public class MiniSSL extends RubyObject {
           // need to wait for more data to come in before we retry
           retryOp = false;
           break;
+        case CLOSED:
+          closed = true;
+          retryOp = false;
+          break;
         default:
-          // other cases are OK and CLOSED.  We're done here.
+          // other case is OK.  We're done here.
           retryOp = false;
       }
+      if (res.getHandshakeStatus() == HandshakeStatus.FINISHED) {
+        handshake = true;
+      }
     }
 
     // after each op, run any delegated tasks if needed
-    if(engine.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
+    if(res.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
       Runnable runnable;
       while ((runnable = engine.getDelegatedTask()) != null) {
         runnable.run();
@@ -258,7 +291,7 @@ public class MiniSSL extends RubyObject {
   }
 
   @JRubyMethod
-  public IRubyObject read() throws Exception {
+  public IRubyObject read() {
     try {
       inboundNetData.flip();
 
@@ -271,13 +304,14 @@ public class MiniSSL extends RubyObject {
 
       HandshakeStatus handshakeStatus = engine.getHandshakeStatus();
       boolean done = false;
+      SSLEngineResult res = null;
       while (!done) {
         switch (handshakeStatus) {
           case NEED_WRAP:
-            doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
+            res = doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
             break;
           case NEED_UNWRAP:
-            SSLEngineResult res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
+            res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
             if (res.getStatus() == Status.BUFFER_UNDERFLOW) {
               // need more data before we can shake more hands
               done = true;
@@ -286,7 +320,9 @@ public class MiniSSL extends RubyObject {
           default:
             done = true;
         }
-        handshakeStatus = engine.getHandshakeStatus();
+        if (!done) {
+          handshakeStatus = res.getHandshakeStatus();
+        }
       }
 
       if (inboundNetData.hasRemaining()) {
@@ -300,55 +336,46 @@ public class MiniSSL extends RubyObject {
         return getRuntime().getNil();
       }
 
-      RubyString str = getRuntime().newString("");
-      str.setValue(appDataByteList);
-      return str;
-    } catch (Exception e) {
-      throw getRuntime().newEOFError(e.getMessage());
+      return RubyString.newString(getRuntime(), appDataByteList);
+    } catch (SSLException e) {
+      RaiseException re = getRuntime().newEOFError(e.getMessage());
+      re.initCause(e);
+      throw re;
     }
   }
 
   @JRubyMethod
   public IRubyObject write(IRubyObject arg) {
-    try {
-      byte[] bls = arg.convertToString().getBytes();
-      outboundAppData = new MiniSSLBuffer(bls);
+    byte[] bls = arg.convertToString().getBytes();
+    outboundAppData = new MiniSSLBuffer(bls);
 
-      return getRuntime().newFixnum(bls.length);
-    } catch (Exception e) {
-      e.printStackTrace();
-      throw new RuntimeException(e);
-    }
+    return getRuntime().newFixnum(bls.length);
   }
 
   @JRubyMethod
-  public IRubyObject extract() throws SSLException {
+  public IRubyObject extract(ThreadContext context) {
     try {
       ByteList dataByteList = outboundNetData.asByteList();
       if (dataByteList != null) {
-        RubyString str = getRuntime().newString("");
-        str.setValue(dataByteList);
-        return str;
+        return RubyString.newString(context.runtime, dataByteList);
       }
 
       if (!outboundAppData.hasRemaining()) {
-        return getRuntime().getNil();
+        return context.nil;
       }
 
       outboundNetData.clear();
       doOp(SSLOperation.WRAP, outboundAppData, outboundNetData);
       dataByteList = outboundNetData.asByteList();
       if (dataByteList == null) {
-        return getRuntime().getNil();
+        return context.nil;
       }
 
-      RubyString str = getRuntime().newString("");
-      str.setValue(dataByteList);
-
-      return str;
-    } catch (Exception e) {
-      e.printStackTrace();
-      throw new RuntimeException(e);
+      return RubyString.newString(context.runtime, dataByteList);
+    } catch (SSLException e) {
+      RaiseException ex = context.runtime.newRuntimeError(e.toString());
+      ex.initCause(e);
+      throw ex;
     }
   }
 
@@ -356,8 +383,25 @@ public class MiniSSL extends RubyObject {
   public IRubyObject peercert() throws CertificateEncodingException {
     try {
       return JavaEmbedUtils.javaToRuby(getRuntime(), engine.getSession().getPeerCertificates()[0].getEncoded());
-    } catch (SSLPeerUnverifiedException ex) {
+    } catch (SSLPeerUnverifiedException e) {
       return getRuntime().getNil();
     }
   }
+
+  @JRubyMethod(name = "init?")
+  public IRubyObject isInit(ThreadContext context) {
+    return handshake ? getRuntime().getFalse() : getRuntime().getTrue();
+  }
+
+  @JRubyMethod
+  public IRubyObject shutdown() {
+    if (closed || engine.isInboundDone() && engine.isOutboundDone()) {
+      if (engine.isOutboundDone()) {
+        engine.closeOutbound();
+      }
+      return getRuntime().getTrue();
+    } else {
+      return getRuntime().getFalse();
+    }
+  }
 }

data/ext/puma_http11/puma_http11.c

@@ -40,7 +40,9 @@ static VALUE global_http_version;
 static VALUE global_request_path;
 
 /** Defines common length and error messages for input length validation. */
-#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " # length " allowed length (was %d)"
+#define QUOTE(s) #s
+#define EXPLAIN_MAX_LENGTH_VALUE(s) QUOTE(s)
+#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " EXPLAIN_MAX_LENGTH_VALUE(length) " allowed length (was %d)"
 
 /** Validates the max length of given input and throws an HttpParserError exception if over. */
 #define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) { rb_raise(eHttpParserError, MAX_##N##_LENGTH_ERR, len); }
@@ -50,12 +52,16 @@ static VALUE global_request_path;
 
 
 /* Defines the maximum allowed lengths for various input elements.*/
+#ifndef PUMA_QUERY_STRING_MAX_LENGTH
+#define PUMA_QUERY_STRING_MAX_LENGTH (1024 * 10)
+#endif
+
 DEF_MAX_LENGTH(FIELD_NAME, 256);
 DEF_MAX_LENGTH(FIELD_VALUE, 80 * 1024);
 DEF_MAX_LENGTH(REQUEST_URI, 1024 * 12);
 DEF_MAX_LENGTH(FRAGMENT, 1024); /* Don't know if this length is specified somewhere or not */
-DEF_MAX_LENGTH(REQUEST_PATH, 2048);
-DEF_MAX_LENGTH(QUERY_STRING, (1024 * 10));
+DEF_MAX_LENGTH(REQUEST_PATH, 8192);
+DEF_MAX_LENGTH(QUERY_STRING, PUMA_QUERY_STRING_MAX_LENGTH);
 DEF_MAX_LENGTH(HEADER, (1024 * (80 + 32)));
 
 struct common_field {
@@ -112,21 +118,6 @@ static struct common_field common_http_fields[] = {
 # undef f
 };
 
-/*
- * qsort(3) and bsearch(3) improve average performance slightly, but may
- * not be worth it for lack of portability to certain platforms...
- */
-#if defined(HAVE_QSORT_BSEARCH)
-/* sort by length, then by name if there's a tie */
-static int common_field_cmp(const void *a, const void *b)
-{
-  struct common_field *cfa = (struct common_field *)a;
-  struct common_field *cfb = (struct common_field *)b;
-  signed long diff = cfa->len - cfb->len;
-  return diff ? diff : memcmp(cfa->name, cfb->name, cfa->len);
-}
-#endif /* HAVE_QSORT_BSEARCH */
-
 static void init_common_fields(void)
 {
   unsigned i;
@@ -143,28 +134,10 @@ static void init_common_fields(void)
     }
     rb_global_variable(&cf->value);
   }
-
-#if defined(HAVE_QSORT_BSEARCH)
-  qsort(common_http_fields,
-        ARRAY_SIZE(common_http_fields),
-        sizeof(struct common_field),
-        common_field_cmp);
-#endif /* HAVE_QSORT_BSEARCH */
 }
 
 static VALUE find_common_field_value(const char *field, size_t flen)
 {
-#if defined(HAVE_QSORT_BSEARCH)
-  struct common_field key;
-  struct common_field *found;
-  key.name = field;
-  key.len = (signed long)flen;
-  found = (struct common_field *)bsearch(&key, common_http_fields,
-                                         ARRAY_SIZE(common_http_fields),
-                                         sizeof(struct common_field),
-                                         common_field_cmp);
-  return found ? found->value : Qnil;
-#else /* !HAVE_QSORT_BSEARCH */
   unsigned i;
   struct common_field *cf = common_http_fields;
   for(i = 0; i < ARRAY_SIZE(common_http_fields); i++, cf++) {
@@ -172,7 +145,6 @@ static VALUE find_common_field_value(const char *field, size_t flen)
       return cf->value;
   }
   return Qnil;
-#endif /* !HAVE_QSORT_BSEARCH */
 }
 
 void http_field(puma_parser* hp, const char *field, size_t flen,
@@ -287,11 +259,18 @@ void HttpParser_free(void *data) {
   }
 }
 
-void HttpParser_mark(puma_parser* hp) {
+void HttpParser_mark(void *ptr) {
+  puma_parser *hp = ptr;
   if(hp->request) rb_gc_mark(hp->request);
   if(hp->body) rb_gc_mark(hp->body);
 }
 
+const rb_data_type_t HttpParser_data_type = {
+    "HttpParser",
+    { HttpParser_mark, HttpParser_free, 0 },
+    0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
+};
+
 VALUE HttpParser_alloc(VALUE klass)
 {
   puma_parser *hp = ALLOC_N(puma_parser, 1);
@@ -308,7 +287,7 @@ VALUE HttpParser_alloc(VALUE klass)
 
   puma_parser_init(hp);
 
-  return Data_Wrap_Struct(klass, HttpParser_mark, HttpParser_free, hp);
+  return TypedData_Wrap_Struct(klass, &HttpParser_data_type, hp);
 }
 
 /**
@@ -320,7 +299,7 @@ VALUE HttpParser_alloc(VALUE klass)
 VALUE HttpParser_init(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
   puma_parser_init(http);
 
   return self;
@@ -337,7 +316,7 @@ VALUE HttpParser_init(VALUE self)
 VALUE HttpParser_reset(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
   puma_parser_init(http);
 
   return Qnil;
@@ -354,7 +333,7 @@ VALUE HttpParser_reset(VALUE self)
 VALUE HttpParser_finish(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
   puma_parser_finish(http);
 
   return puma_parser_is_finished(http) ? Qtrue : Qfalse;
@@ -385,7 +364,7 @@ VALUE HttpParser_execute(VALUE self, VALUE req_hash, VALUE data, VALUE start)
   char *dptr = NULL;
   long dlen = 0;
 
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
 
   from = FIX2INT(start);
   dptr = rb_extract_chars(data, &dlen);
@@ -401,7 +380,7 @@ VALUE HttpParser_execute(VALUE self, VALUE req_hash, VALUE data, VALUE start)
     VALIDATE_MAX_LENGTH(puma_parser_nread(http), HEADER);
 
     if(puma_parser_has_error(http)) {
-      rb_raise(eHttpParserError, "%s", "Invalid HTTP format, parsing fails.");
+      rb_raise(eHttpParserError, "%s", "Invalid HTTP format, parsing fails. Are you trying to open an SSL connection to a non-SSL Puma?");
     } else {
       return INT2FIX(puma_parser_nread(http));
     }
@@ -419,7 +398,7 @@ VALUE HttpParser_execute(VALUE self, VALUE req_hash, VALUE data, VALUE start)
 VALUE HttpParser_has_error(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
 
   return puma_parser_has_error(http) ? Qtrue : Qfalse;
 }
@@ -434,7 +413,7 @@ VALUE HttpParser_has_error(VALUE self)
 VALUE HttpParser_is_finished(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
 
   return puma_parser_is_finished(http) ? Qtrue : Qfalse;
 }
@@ -450,7 +429,7 @@ VALUE HttpParser_is_finished(VALUE self)
 VALUE HttpParser_nread(VALUE self)
 {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
 
   return INT2FIX(http->nread);
 }
@@ -463,15 +442,16 @@ VALUE HttpParser_nread(VALUE self)
  */
 VALUE HttpParser_body(VALUE self) {
   puma_parser *http = NULL;
-  DATA_GET(self, puma_parser, http);
+  DATA_GET(self, puma_parser, &HttpParser_data_type, http);
 
   return http->body;
 }
 
-void Init_io_buffer(VALUE puma);
+#ifdef HAVE_OPENSSL_BIO_H
 void Init_mini_ssl(VALUE mod);
+#endif
 
-void Init_puma_http11()
+void Init_puma_http11(void)
 {
 
   VALUE mPuma = rb_define_module("Puma");
@@ -498,6 +478,7 @@ void Init_puma_http11()
   rb_define_method(cHttpParser, "body", HttpParser_body, 0);
   init_common_fields();
 
-  Init_io_buffer(mPuma);
+#ifdef HAVE_OPENSSL_BIO_H
   Init_mini_ssl(mPuma);
+#endif
 }

data/lib/puma/app/status.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+require 'puma/json_serialization'
 
 module Puma
   module App
@@ -7,58 +8,68 @@ module Puma
     class Status
       OK_STATUS = '{ "status": "ok" }'.freeze
 
-      def initialize(cli, token = nil)
-        @cli = cli
+      # @param launcher [::Puma::Launcher]
+      # @param token [String, nil] the token used for authentication
+      #
+      def initialize(launcher, token = nil)
+        @launcher = launcher
         @auth_token = token
       end
 
+      # most commands call methods in `::Puma::Launcher` based on command in
+      # `env['PATH_INFO']`
       def call(env)
         unless authenticate(env)
           return rack_response(403, 'Invalid auth token', 'text/plain')
         end
 
-        if env['PATH_INFO'] =~ /\/(gc-stats|stats|thread-backtraces)$/
-          require 'json'
-        end
+        # resp_type is processed by following case statement, return
+        # is a number (status) or a string used as the body of a 200 response
+        resp_type =
+          case env['PATH_INFO'][/\/([^\/]+)$/, 1]
+          when 'stop'
+            @launcher.stop ; 200
 
-        case env['PATH_INFO']
-        when /\/stop$/
-          @cli.stop
-          rack_response(200, OK_STATUS)
+          when 'halt'
+            @launcher.halt ; 200
 
-        when /\/halt$/
-          @cli.halt
-          rack_response(200, OK_STATUS)
+          when 'restart'
+            @launcher.restart ; 200
 
-        when /\/restart$/
-          @cli.restart
-          rack_response(200, OK_STATUS)
+          when 'phased-restart'
+            @launcher.phased_restart ? 200 : 404
 
-        when /\/phased-restart$/
-          if !@cli.phased_restart
-            rack_response(404, '{ "error": "phased restart not available" }')
-          else
-            rack_response(200, OK_STATUS)
-          end
+          when 'reload-worker-directory'
+            @launcher.send(:reload_worker_directory) ? 200 : 404
 
-        when /\/reload-worker-directory$/
-          if !@cli.send(:reload_worker_directory)
-            rack_response(404, '{ "error": "reload_worker_directory not available" }')
-          else
-            rack_response(200, OK_STATUS)
-          end
+          when 'gc'
+            GC.start ; 200
 
-        when /\/gc$/
-          GC.start
-          rack_response(200, OK_STATUS)
+          when 'gc-stats'
+            Puma::JSONSerialization.generate GC.stat
 
-        when /\/gc-stats$/
-          rack_response(200, GC.stat.to_json)
+          when 'stats'
+            Puma::JSONSerialization.generate @launcher.stats
+
+          when 'thread-backtraces'
+            backtraces = []
+            @launcher.thread_status do |name, backtrace|
+              backtraces << { name: name, backtrace: backtrace }
+            end
+            Puma::JSONSerialization.generate backtraces
+
+          else
+            return rack_response(404, "Unsupported action", 'text/plain')
+          end
 
-        when /\/stats$/
-          rack_response(200, @cli.stats)
-        else
-          rack_response 404, "Unsupported action", 'text/plain'
+        case resp_type
+        when String
+          rack_response 200, resp_type
+        when 200
+          rack_response 200, OK_STATUS
+        when 404
+          str = env['PATH_INFO'][/\/(\S+)/, 1].tr '-', '_'
+          rack_response 404, "{ \"error\": \"#{str} not available\" }"
         end
       end