puma 5.0.4 → 5.1.0

data/ext/puma_http11/puma_http11.c

@@ -40,7 +40,9 @@ static VALUE global_http_version;
 static VALUE global_request_path;
 
 /** Defines common length and error messages for input length validation. */
-#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " # length " allowed length (was %d)"
+#define QUOTE(s) #s
+#define EXPLAND_MAX_LENGHT_VALUE(s) QUOTE(s)
+#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " EXPLAND_MAX_LENGHT_VALUE(length) " allowed length (was %d)"
 
 /** Validates the max length of given input and throws an HttpParserError exception if over. */
 #define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) { rb_raise(eHttpParserError, MAX_##N##_LENGTH_ERR, len); }
@@ -50,12 +52,16 @@ static VALUE global_request_path;
 
 
 /* Defines the maximum allowed lengths for various input elements.*/
+#ifndef PUMA_QUERY_STRING_MAX_LENGTH
+#define PUMA_QUERY_STRING_MAX_LENGTH (1024 * 10)
+#endif
+
 DEF_MAX_LENGTH(FIELD_NAME, 256);
 DEF_MAX_LENGTH(FIELD_VALUE, 80 * 1024);
 DEF_MAX_LENGTH(REQUEST_URI, 1024 * 12);
 DEF_MAX_LENGTH(FRAGMENT, 1024); /* Don't know if this length is specified somewhere or not */
 DEF_MAX_LENGTH(REQUEST_PATH, 8192);
-DEF_MAX_LENGTH(QUERY_STRING, (1024 * 10));
+DEF_MAX_LENGTH(QUERY_STRING, PUMA_QUERY_STRING_MAX_LENGTH);
 DEF_MAX_LENGTH(HEADER, (1024 * (80 + 32)));
 
 struct common_field {

data/lib/puma.rb

@@ -12,6 +12,7 @@ require 'thread'
 
 require 'puma/puma_http11'
 require 'puma/detect'
+require 'puma/json'
 
 module Puma
   autoload :Const, 'puma/const'
@@ -25,8 +26,7 @@ module Puma
 
   # @!attribute [rw] stats_object
   def self.stats
-    require 'json'
-    @get_stats.stats.to_json
+    Puma::JSON.generate @get_stats.stats
   end
 
   # @!attribute [r] stats_hash

data/lib/puma/app/status.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+require 'puma/json'
 
 module Puma
   module App
@@ -22,10 +23,6 @@ module Puma
           return rack_response(403, 'Invalid auth token', 'text/plain')
         end
 
-        if env['PATH_INFO'] =~ /\/(gc-stats|stats|thread-backtraces)$/
-          require 'json'
-        end
-
         # resp_type is processed by following case statement, return
         # is a number (status) or a string used as the body of a 200 response
         resp_type =
@@ -49,17 +46,17 @@ module Puma
             GC.start ; 200
 
           when 'gc-stats'
-            GC.stat.to_json
+            Puma::JSON.generate GC.stat
 
           when 'stats'
-            @launcher.stats.to_json
+            Puma::JSON.generate @launcher.stats
 
           when 'thread-backtraces'
             backtraces = []
             @launcher.thread_status do |name, backtrace|
               backtraces << { name: name, backtrace: backtrace }
             end
-            backtraces.to_json
+            Puma::JSON.generate backtraces
 
           else
             return rack_response(404, "Unsupported action", 'text/plain')

data/lib/puma/binder.rb

@@ -111,6 +111,43 @@ module Puma
       ["LISTEN_FDS", "LISTEN_PID"] # Signal to remove these keys from ENV
     end
 
+    # Synthesize binds from systemd socket activation
+    #
+    # When systemd socket activation is enabled, it can be tedious to keep the
+    # binds in sync. This method can synthesize any binds based on the received
+    # activated sockets. Any existing matching binds will be respected.
+    #
+    # When only_matching is true in, all binds that do not match an activated
+    # socket is removed in place.
+    #
+    # It's a noop if no activated sockets were received.
+    def synthesize_binds_from_activated_fs(binds, only_matching)
+      return binds unless activated_sockets.any?
+
+      activated_binds = []
+
+      activated_sockets.keys.each do |proto, addr, port|
+        if port
+          tcp_url = "#{proto}://#{addr}:#{port}"
+          ssl_url = "ssl://#{addr}:#{port}"
+          ssl_url_prefix = "#{ssl_url}?"
+
+          existing = binds.find { |bind| bind == tcp_url || bind == ssl_url || bind.start_with?(ssl_url_prefix) }
+
+          activated_binds << (existing || tcp_url)
+        else
+          # TODO: can there be a SSL bind without a port?
+          activated_binds << "#{proto}://#{addr}"
+        end
+      end
+
+      if only_matching
+        activated_binds
+      else
+        binds | activated_binds
+      end
+    end
+
     def parse(binds, logger, log_msg = 'Listening')
       binds.each do |str|
         uri = URI.parse str

data/lib/puma/cli.rb

@@ -104,6 +104,10 @@ module Puma
             user_config.bind arg
           end
 
+          o.on "--bind-to-activated-sockets [only]", "Bind to all activated sockets" do |arg|
+            user_config.bind_to_activated_sockets(arg || true)
+          end
+
           o.on "-C", "--config PATH", "Load PATH as a config file" do |arg|
             file_config.load arg
           end

data/lib/puma/client.rb

@@ -239,13 +239,8 @@ module Puma
     # @version 5.0.0
     #
     def can_close?
-      # Allow connection to close if it's received at least one full request
-      # and hasn't received any data for a future request.
-      #
-      # From RFC 2616 section 8.1.4:
-      # Servers SHOULD always respond to at least one request per connection,
-      # if at all possible.
-      @requests_served > 0 && @parsed_bytes == 0
+      # Allow connection to close if we're not in the middle of parsing a request.
+      @parsed_bytes == 0
     end
 
     private

data/lib/puma/cluster.rb

@@ -114,7 +114,7 @@ module Puma
       debug "Workers to cull: #{workers_to_cull.inspect}"
 
       workers_to_cull.each do |worker|
-        log "- Worker #{worker.index} (pid: #{worker.pid}) terminating"
+        log "- Worker #{worker.index} (PID: #{worker.pid}) terminating"
         worker.term
       end
     end
@@ -329,15 +329,19 @@ module Puma
 
       output_header "cluster"
 
-      log "* Process workers: #{@options[:workers]}"
+      # This is aligned with the output from Runner, see Runner#output_header
+      log "*      Workers: #{@options[:workers]}"
 
-      before = Thread.list
+      # Threads explicitly marked as fork safe will be ignored.
+      # Used in Rails, but may be used by anyone.
+      before = Thread.list.reject { |t| t.thread_variable_get(:fork_safe) }
 
       if preload?
+        log "*     Restarts: (\u2714) hot (\u2716) phased"
         log "* Preloading application"
         load_and_bind
 
-        after = Thread.list
+        after = Thread.list.reject { |t| t.thread_variable_get(:fork_safe) }
 
         if after.size > before.size
           threads = (after - before)
@@ -351,7 +355,7 @@ module Puma
           end
         end
       else
-        log "* Phased restart available"
+        log "*     Restarts: (\u2714) hot (\u2714) phased"
 
         unless @launcher.config.app_configured?
           error "No application configured, nothing to run"
@@ -430,7 +434,7 @@ module Puma
                 case req
                 when "b"
                   w.boot!
-                  log "- Worker #{w.index} (pid: #{pid}) booted, phase: #{w.phase}"
+                  log "- Worker #{w.index} (PID: #{pid}) booted, phase: #{w.phase}"
                   @next_check = Time.now
                 when "e"
                   # external term, see worker method, Signal.trap "SIGTERM"

data/lib/puma/cluster/worker.rb

@@ -108,11 +108,17 @@ module Puma
           server_thread = server.run
           stat_thread ||= Thread.new(@worker_write) do |io|
             Puma.set_thread_name "stat payload"
+            base_payload = "p#{Process.pid}"
 
             while true
               begin
-                require 'json'
-                io << "p#{Process.pid}#{server.stats.to_json}\n"
+                b = server.backlog || 0
+                r = server.running || 0
+                t = server.pool_capacity || 0
+                m = server.max_threads || 0
+                rc = server.requests_count || 0
+                payload = %Q!#{base_payload}{ "backlog":#{b}, "running":#{r}, "pool_capacity":#{t}, "max_threads": #{m}, "requests_count": #{rc} }\n!
+                io << payload
               rescue IOError
                 Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
                 break

data/lib/puma/cluster/worker_handle.rb

@@ -42,8 +42,11 @@ module Puma
 
       def ping!(status)
         @last_checkin = Time.now
-        require 'json'
-        @last_status = JSON.parse(status, symbolize_names: true)
+        captures = status.match(/{ "backlog":(?<backlog>\d*), "running":(?<running>\d*), "pool_capacity":(?<pool_capacity>\d*), "max_threads": (?<max_threads>\d*), "requests_count": (?<requests_count>\d*) }/)
+        @last_status = captures.names.inject({}) do |hash, key|
+          hash[key.to_sym] = captures[key].to_i
+          hash
+        end
       end
 
       # @see Puma::Cluster#check_workers

data/lib/puma/configuration.rb

@@ -92,6 +92,12 @@ module Puma
         end
       end
     end
+
+    def final_options
+      default_options
+        .merge(file_options)
+        .merge(user_options)
+    end
   end
 
   # The main configuration class of Puma.
@@ -198,7 +204,8 @@ module Puma
         :logger => STDOUT,
         :persistent_timeout => Const::PERSISTENT_TIMEOUT,
         :first_data_timeout => Const::FIRST_DATA_TIMEOUT,
-        :raise_exception_on_sigterm => true
+        :raise_exception_on_sigterm => true,
+        :max_fast_inline => Const::MAX_FAST_INLINE
       }
     end
 
@@ -289,6 +296,10 @@ module Puma
       end
     end
 
+    def final_options
+      @options.final_options
+    end
+
     def self.temp_path
       require 'tmpdir'
 

data/lib/puma/const.rb

@@ -100,8 +100,8 @@ module Puma
   # too taxing on performance.
   module Const
 
-    PUMA_VERSION = VERSION = "5.0.4".freeze
-    CODE_NAME = "Spoony Bard".freeze
+    PUMA_VERSION = VERSION = "5.1.0".freeze
+    CODE_NAME = "At Your Service".freeze
 
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
 
@@ -228,7 +228,6 @@ module Puma
     COLON = ": ".freeze
 
     NEWLINE = "\n".freeze
-    HTTP_INJECTION_REGEX = /[\r\n]/.freeze
 
     HIJACK_P = "rack.hijack?".freeze
     HIJACK = "rack.hijack".freeze
@@ -239,5 +238,14 @@ module Puma
     # Mininum interval to checks worker health
     WORKER_CHECK_INTERVAL = 5
 
+    # Illegal character in the key or value of response header
+    DQUOTE = "\"".freeze
+    HTTP_HEADER_DELIMITER = Regexp.escape("(),/:;<=>?@[]{}\\").freeze
+    ILLEGAL_HEADER_KEY_REGEX = /[\x00-\x20#{DQUOTE}#{HTTP_HEADER_DELIMITER}]/.freeze
+    # header values can contain HTAB?
+    ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
+
+    # Banned keys of response header
+    BANNED_HEADER_KEY = /rack.|status/.freeze
   end
 end

data/lib/puma/control_cli.rb

@@ -11,10 +11,32 @@ require 'socket'
 module Puma
   class ControlCLI
 
-    COMMANDS = %w{halt restart phased-restart start stats status stop reload-worker-directory gc gc-stats thread-backtraces refork}
+    # values must be string or nil
+    # value of `nil` means command cannot be processed via signal
+    # @version 5.0.3
+    CMD_PATH_SIG_MAP = {
+      'gc'       => nil,
+      'gc-stats' => nil,
+      'halt'     => 'SIGQUIT',
+      'phased-restart' => 'SIGUSR1',
+      'refork'   => 'SIGURG',
+      'reload-worker-directory' => nil,
+      'restart'  => 'SIGUSR2',
+      'start'    => nil,
+      'stats'    => nil,
+      'status'   => '',
+      'stop'     => 'SIGTERM',
+      'thread-backtraces' => nil
+    }.freeze
+
+    # @deprecated 6.0.0
+    COMMANDS = CMD_PATH_SIG_MAP.keys.freeze
+
+    # commands that cannot be used in a request
+    NO_REQ_COMMANDS = %w{refork}.freeze
 
     # @version 5.0.0
-    PRINTABLE_COMMANDS = %w{gc-stats stats thread-backtraces}
+    PRINTABLE_COMMANDS = %w{gc-stats stats thread-backtraces}.freeze
 
     def initialize(argv, stdout=STDOUT, stderr=STDERR)
       @state = nil
@@ -33,7 +55,7 @@ module Puma
       @cli_options = {}
 
       opts = OptionParser.new do |o|
-        o.banner = "Usage: pumactl (-p PID | -P pidfile | -S status_file | -C url -T token | -F config.rb) (#{COMMANDS.join("|")})"
+        o.banner = "Usage: pumactl (-p PID | -P pidfile | -S status_file | -C url -T token | -F config.rb) (#{CMD_PATH_SIG_MAP.keys.join("|")})"
 
         o.on "-S", "--state PATH", "Where the state file to use is" do |arg|
           @state = arg
@@ -74,7 +96,7 @@ module Puma
         end
 
         o.on_tail("-V", "--version", "Show version") do
-          puts Const::PUMA_VERSION
+          @stdout.puts Const::PUMA_VERSION
           exit
         end
       end
@@ -86,10 +108,10 @@ module Puma
 
       # check presence of command
       unless @command
-        raise "Available commands: #{COMMANDS.join(", ")}"
+        raise "Available commands: #{CMD_PATH_SIG_MAP.keys.join(", ")}"
       end
 
-      unless COMMANDS.include? @command
+      unless CMD_PATH_SIG_MAP.key? @command
         raise "Invalid command: #{@command}"
       end
 
@@ -134,7 +156,7 @@ module Puma
         @pid = sf.pid
       elsif @pidfile
         # get pid from pid_file
-        File.open(@pidfile) { |f| @pid = f.read.to_i }
+        @pid = File.read(@pidfile, mode: 'rb:UTF-8').to_i
       end
     end
 
@@ -142,24 +164,27 @@ module Puma
       uri = URI.parse @control_url
 
       # create server object by scheme
-      server = case uri.scheme
-                when "ssl"
-                  require 'openssl'
-                  OpenSSL::SSL::SSLSocket.new(
-                    TCPSocket.new(uri.host, uri.port),
-                    OpenSSL::SSL::SSLContext.new)
-                    .tap { |ssl| ssl.sync_close = true }  # default is false
-                    .tap(&:connect)
-                when "tcp"
-                  TCPSocket.new uri.host, uri.port
-                when "unix"
-                  UNIXSocket.new "#{uri.host}#{uri.path}"
-                else
-                  raise "Invalid scheme: #{uri.scheme}"
-                end
-
-      if @command == "status"
-        message "Puma is started"
+      server =
+        case uri.scheme
+        when 'ssl'
+          require 'openssl'
+          OpenSSL::SSL::SSLSocket.new(
+            TCPSocket.new(uri.host, uri.port),
+            OpenSSL::SSL::SSLContext.new)
+            .tap { |ssl| ssl.sync_close = true }  # default is false
+            .tap(&:connect)
+        when 'tcp'
+          TCPSocket.new uri.host, uri.port
+        when 'unix'
+          UNIXSocket.new "#{uri.host}#{uri.path}"
+        else
+          raise "Invalid scheme: #{uri.scheme}"
+        end
+
+      if @command == 'status'
+        message 'Puma is started'
+      elsif NO_REQ_COMMANDS.include? @command
+        raise "Invalid request command: #{@command}"
       else
         url = "/#{@command}"
 
@@ -167,10 +192,10 @@ module Puma
           url = url + "?token=#{@control_auth_token}"
         end
 
-        server << "GET #{url} HTTP/1.0\r\n\r\n"
+        server.syswrite "GET #{url} HTTP/1.0\r\n\r\n"
 
         unless data = server.read
-          raise "Server closed connection before responding"
+          raise 'Server closed connection before responding'
         end
 
         response = data.split("\r\n")
@@ -179,13 +204,13 @@ module Puma
           raise "Server sent empty response"
         end
 
-        (@http,@code,@message) = response.first.split(" ",3)
+        @http, @code, @message = response.first.split(' ',3)
 
-        if @code == "403"
-          raise "Unauthorized access to server (wrong auth token)"
-        elsif @code == "404"
+        if @code == '403'
+          raise 'Unauthorized access to server (wrong auth token)'
+        elsif @code == '404'
           raise "Command error: #{response.last}"
-        elsif @code != "200"
+        elsif @code != '200'
           raise "Bad response from server: #{@code}"
         end
 
@@ -194,7 +219,7 @@ module Puma
       end
     ensure
       if server
-        if uri.scheme == "ssl"
+        if uri.scheme == 'ssl'
           server.sysclose
         else
           server.close unless server.closed?
@@ -204,51 +229,28 @@ module Puma
 
     def send_signal
       unless @pid
-        raise "Neither pid nor control url available"
+        raise 'Neither pid nor control url available'
       end
 
       begin
+        sig = CMD_PATH_SIG_MAP[@command]
 
-        case @command
-        when "restart"
-          Process.kill "SIGUSR2", @pid
-
-        when "halt"
-          Process.kill "QUIT", @pid
-
-        when "stop"
-          Process.kill "SIGTERM", @pid
-
-        when "stats"
-          puts "Stats not available via pid only"
-          return
-
-        when "reload-worker-directory"
-          puts "reload-worker-directory not available via pid only"
+        if sig.nil?
+          @stdout.puts "'#{@command}' not available via pid only"
           return
-
-        when "phased-restart"
-          Process.kill "SIGUSR1", @pid
-
-        when "status"
+        elsif sig.start_with? 'SIG'
+          Process.kill sig, @pid
+        elsif @command == 'status'
           begin
             Process.kill 0, @pid
-            puts "Puma is started"
+            @stdout.puts 'Puma is started'
           rescue Errno::ESRCH
-            raise "Puma is not running"
+            raise 'Puma is not running'
           end
-
-          return
-
-        when "refork"
-          Process.kill "SIGURG", @pid
-
-        else
           return
         end
-
       rescue SystemCallError
-        if @command == "restart"
+        if @command == 'restart'
           start
         else
           raise "No pid '#{@pid}' found"
@@ -259,14 +261,13 @@ module Puma
     end
 
     def run
-      return start if @command == "start"
-
+      return start if @command == 'start'
       prepare_configuration
 
-      if Puma.windows?
+      if Puma.windows? || @control_url
         send_request
       else
-        @control_url ? send_request : send_signal
+        send_signal
       end
 
     rescue => e