puma 5.0.4 → 5.1.0

data/lib/puma/dsl.rb

@@ -34,6 +34,34 @@ module Puma
   class DSL
     include ConfigDefault
 
+    # convenience method so logic can be used in CI
+    # @see ssl_bind
+    #
+    def self.ssl_bind_str(host, port, opts)
+      verify = opts.fetch(:verify_mode, 'none').to_s
+
+      tls_str =
+        if opts[:no_tlsv1_1]  then '&no_tlsv1_1=true'
+        elsif opts[:no_tlsv1] then '&no_tlsv1=true'
+        else ''
+        end
+
+      ca_additions = "&ca=#{opts[:ca]}" if ['peer', 'force_peer'].include?(verify)
+
+      if defined?(JRUBY_VERSION)
+        ssl_cipher_list = opts[:ssl_cipher_list] ?
+          "&ssl_cipher_list=#{opts[:ssl_cipher_list]}" : nil
+        keystore_additions = "keystore=#{opts[:keystore]}&keystore-pass=#{opts[:keystore_pass]}"
+        "ssl://#{host}:#{port}?#{keystore_additions}#{ssl_cipher_list}" \
+          "&verify_mode=#{verify}#{tls_str}#{ca_additions}"
+      else
+        ssl_cipher_filter = opts[:ssl_cipher_filter] ?
+          "&ssl_cipher_filter=#{opts[:ssl_cipher_filter]}" : nil
+        "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}" \
+          "#{ssl_cipher_filter}&verify_mode=#{verify}#{tls_str}#{ca_additions}"
+      end
+    end
+
     def initialize(options, config)
       @config  = config
       @options = options
@@ -191,6 +219,32 @@ module Puma
       @options[:binds] = []
     end
 
+    # Bind to (systemd) activated sockets, regardless of configured binds.
+    #
+    # Systemd can present sockets as file descriptors that are already opened.
+    # By default Puma will use these but only if it was explicitly told to bind
+    # to the socket. If not, it will close the activated sockets. This means
+    # all configuration is duplicated.
+    #
+    # Binds can contain additional configuration, but only SSL config is really
+    # relevant since the unix and TCP socket options are ignored.
+    #
+    # This means there is a lot of duplicated configuration for no additional
+    # value in most setups. This method tells the launcher to bind to all
+    # activated sockets, regardless of existing bind.
+    #
+    # To clear configured binds, the value only can be passed. This will clear
+    # out any binds that may have been configured.
+    #
+    # @example Use any systemd activated sockets as well as configured binds
+    #   bind_to_activated_sockets
+    #
+    # @example Only bind to systemd activated sockets, ignoring other binds
+    #   bind_to_activated_sockets 'only'
+    def bind_to_activated_sockets(bind=true)
+      @options[:bind_to_activated_sockets] = bind
+    end
+
     # Define the TCP port to bind to. Use +bind+ for more advanced options.
     #
     # @example
@@ -376,28 +430,15 @@ module Puma
     #     ssl_cipher_filter: cipher_filter, # optional
     #     verify_mode: verify_mode,         # default 'none'
     #   }
-    # @example For JRuby additional keys are required: keystore & keystore_pass.
+    # @example For JRuby, two keys are required: keystore & keystore_pass.
     #   ssl_bind '127.0.0.1', '9292', {
-    #     cert: path_to_cert,
-    #     key: path_to_key,
-    #     ssl_cipher_filter: cipher_filter, # optional
-    #     verify_mode: verify_mode,         # default 'none'
     #     keystore: path_to_keystore,
-    #     keystore_pass: password
+    #     keystore_pass: password,
+    #     ssl_cipher_list: cipher_list,     # optional
+    #     verify_mode: verify_mode          # default 'none'
     #   }
     def ssl_bind(host, port, opts)
-      verify = opts.fetch(:verify_mode, 'none').to_s
-      no_tlsv1 = opts.fetch(:no_tlsv1, 'false')
-      no_tlsv1_1 = opts.fetch(:no_tlsv1_1, 'false')
-      ca_additions = "&ca=#{opts[:ca]}" if ['peer', 'force_peer'].include?(verify)
-
-      if defined?(JRUBY_VERSION)
-        keystore_additions = "keystore=#{opts[:keystore]}&keystore-pass=#{opts[:keystore_pass]}"
-        bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}&#{keystore_additions}&verify_mode=#{verify}&no_tlsv1=#{no_tlsv1}&no_tlsv1_1=#{no_tlsv1_1}#{ca_additions}"
-      else
-        ssl_cipher_filter = "&ssl_cipher_filter=#{opts[:ssl_cipher_filter]}" if opts[:ssl_cipher_filter]
-        bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}#{ssl_cipher_filter}&verify_mode=#{verify}&no_tlsv1=#{no_tlsv1}&no_tlsv1_1=#{no_tlsv1_1}#{ca_additions}"
-      end
+      bind self.class.ssl_bind_str(host, port, opts)
     end
 
     # Use +path+ as the file to store the server info state. This is
@@ -561,7 +602,7 @@ module Puma
     end
 
     # Preload the application before starting the workers; this conflicts with
-    # phased restart feature. This is off by default.
+    # phased restart feature. On by default if your app uses more than 1 worker.
     #
     # @note Cluster mode only.
     # @example
@@ -810,5 +851,12 @@ module Puma
     def nakayoshi_fork(enabled=true)
       @options[:nakayoshi_fork] = enabled
     end
+
+    # The number of requests to attempt inline before sending a client back to
+    # the reactor to be subject to normal ordering.
+    #
+    def max_fast_inline(num_of_requests)
+      @options[:max_fast_inline] = Float(num_of_requests)
+    end
   end
 end

data/lib/puma/events.rb

@@ -137,10 +137,26 @@ module Puma
       register(:on_booted, &block)
     end
 
+    def on_restart(&block)
+      register(:on_restart, &block)
+    end
+
+    def on_stopped(&block)
+      register(:on_stopped, &block)
+    end
+
     def fire_on_booted!
       fire(:on_booted)
     end
 
+    def fire_on_restart!
+      fire(:on_restart)
+    end
+
+    def fire_on_stopped!
+      fire(:on_stopped)
+    end
+
     DEFAULT = new(STDOUT, STDERR)
 
     # Returns an Events object which writes its status to 2 StringIO

data/lib/puma/json.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+require 'stringio'
+
+module Puma
+
+  # Puma deliberately avoids the use of the json gem and instead performs JSON
+  # serialization without any external dependencies. In a puma cluster, loading
+  # any gem into the puma master process means that operators cannot use a
+  # phased restart to upgrade their application if the new version of that
+  # application uses a different version of that gem. The json gem in
+  # particular is additionally problematic because it leverages native
+  # extensions. If the puma master process relies on a gem with native
+  # extensions and operators remove gems from disk related to old releases,
+  # subsequent phased restarts can fail.
+  #
+  # The implementation of JSON serialization in this module is not designed to
+  # be particularly full-featured or fast. It just has to handle the few places
+  # where Puma relies on JSON serialization internally.
+
+  module JSON
+    QUOTE = /"/
+    BACKSLASH = /\\/
+    CONTROL_CHAR_TO_ESCAPE = /[\x00-\x1F]/ # As required by ECMA-404
+    CHAR_TO_ESCAPE = Regexp.union QUOTE, BACKSLASH, CONTROL_CHAR_TO_ESCAPE
+
+    class SerializationError < StandardError; end
+
+    class << self
+      def generate(value)
+        StringIO.open do |io|
+          serialize_value io, value
+          io.string
+        end
+      end
+
+      private
+
+      def serialize_value(output, value)
+        case value
+        when Hash
+          output << '{'
+          value.each_with_index do |(k, v), index|
+            output << ',' if index != 0
+            serialize_object_key output, k
+            output << ':'
+            serialize_value output, v
+          end
+          output << '}'
+        when Array
+          output << '['
+          value.each_with_index do |member, index|
+            output << ',' if index != 0
+            serialize_value output, member
+          end
+          output << ']'
+        when Integer, Float
+          output << value.to_s
+        when String
+          serialize_string output, value
+        when true
+          output << 'true'
+        when false
+          output << 'false'
+        when nil
+          output << 'null'
+        else
+          raise SerializationError, "Unexpected value of type #{value.class}"
+        end
+      end
+
+      def serialize_string(output, value)
+        output << '"'
+        output << value.gsub(CHAR_TO_ESCAPE) do |character|
+          case character
+          when BACKSLASH
+            '\\\\'
+          when QUOTE
+            '\\"'
+          when CONTROL_CHAR_TO_ESCAPE
+            '\u%.4X' % character.ord
+          end
+        end
+        output << '"'
+      end
+
+      def serialize_object_key(output, value)
+        case value
+        when Symbol, String
+          serialize_string output, value.to_s
+        else
+          raise SerializationError, "Could not serialize object of type #{value.class} as object key"
+        end
+      end
+    end
+  end
+end

data/lib/puma/launcher.rb

@@ -58,6 +58,13 @@ module Puma
 
       @config.load
 
+      if @config.options[:bind_to_activated_sockets]
+        @config.options[:binds] = @binder.synthesize_binds_from_activated_fs(
+          @config.options[:binds],
+          @config.options[:bind_to_activated_sockets] == 'only'
+        )
+      end
+
       @options = @config.options
       @config.clamp
 
@@ -87,6 +94,8 @@ module Puma
       Puma.stats_object = @runner
 
       @status = :run
+
+      log_config if ENV['PUMA_LOG_CONFIG']
     end
 
     attr_reader :binder, :events, :config, :options, :restart_dir
@@ -130,6 +139,7 @@ module Puma
 
     # Begin async shutdown of the server gracefully
     def stop
+      @events.fire_on_stopped!
       @status = :stop
       @runner.stop
     end
@@ -168,6 +178,7 @@ module Puma
 
       setup_signals
       set_process_title
+      integrate_with_systemd
       @runner.run
 
       case @status
@@ -229,11 +240,10 @@ module Puma
     def write_pid
       path = @options[:pidfile]
       return unless path
-
-      File.open(path, 'w') { |f| f.puts Process.pid }
-      cur = Process.pid
+      cur_pid = Process.pid
+      File.write path, cur_pid, mode: 'wb:UTF-8'
       at_exit do
-        delete_pidfile if cur == Process.pid
+        delete_pidfile if cur_pid == Process.pid
       end
     end
 
@@ -242,6 +252,7 @@ module Puma
     end
 
     def restart!
+      @events.fire_on_restart!
       @config.run_hooks :on_restart, self, @events
 
       if Puma.jruby?
@@ -316,6 +327,30 @@ module Puma
       end
     end
 
+    #
+    # Puma's systemd integration allows Puma to inform systemd:
+    #  1. when it has successfully started
+    #  2. when it is starting shutdown
+    #  3. periodically for a liveness check with a watchdog thread
+    #
+
+    def integrate_with_systemd
+      return unless ENV["NOTIFY_SOCKET"]
+
+      begin
+        require 'puma/systemd'
+      rescue LoadError
+        log "Systemd integration failed. It looks like you're trying to use systemd notify but don't have sd_notify gem installed"
+        return
+      end
+
+      log "* Enabling systemd notification integration"
+
+      systemd = Systemd.new(@events)
+      systemd.hook_events
+      systemd.start_watchdog
+    end
+
     def spec_for_gem(gem_name)
       Bundler.rubygems.loaded_specs(gem_name)
     end
@@ -338,6 +373,7 @@ module Puma
     end
 
     def graceful_stop
+      @events.fire_on_stopped!
       @runner.stop_blocked
       log "=== puma shutdown: #{Time.now} ==="
       log "- Goodbye!"
@@ -493,5 +529,14 @@ module Puma
         Bundler.with_unbundled_env { yield }
       end
     end
+
+    def log_config
+      log "Configuration:"
+
+      @config.final_options
+        .each { |config_key, value| log "- #{config_key}: #{value}" }
+
+      log "\n"
+    end
   end
 end

data/lib/puma/reactor.rb

@@ -38,11 +38,11 @@ module Puma
       end
     end
 
-    # Add a new IO object to monitor.
+    # Add a new client to monitor.
     # The object must respond to #timeout and #timeout_at.
     # Returns false if the reactor is already shut down.
-    def add(io)
-      @input << io
+    def add(client)
+      @input << client
       @selector.wakeup
       true
     rescue ClosedQueueError
@@ -92,17 +92,19 @@ module Puma
     end
 
     # Start monitoring the object.
-    def register(io)
-      @selector.register(io, :r).value = io
-      @timeouts << io
+    def register(client)
+      @selector.register(client.to_io, :r).value = client
+      @timeouts << client
+    rescue ArgumentError
+      # unreadable clients raise error when processed by NIO
     end
 
     # 'Wake up' a monitored object by calling the provided block.
     # Stop monitoring the object if the block returns `true`.
-    def wakeup!(io)
-      if @block.call(io)
-        @selector.deregister(io)
-        @timeouts.delete(io)
+    def wakeup!(client)
+      if @block.call client
+        @selector.deregister client.to_io
+        @timeouts.delete client
       end
     end
   end

data/lib/puma/request.rb

@@ -282,13 +282,20 @@ module Puma
     end
     # private :normalize_env
 
+    # @param header_key [#to_s]
+    # @return [Boolean]
+    #
+    def illegal_header_key?(header_key)
+      !!(ILLEGAL_HEADER_KEY_REGEX =~ header_key.to_s)
+    end
+
     # @param header_value [#to_s]
     # @return [Boolean]
     #
-    def possible_header_injection?(header_value)
-      !!(HTTP_INJECTION_REGEX =~ header_value.to_s)
+    def illegal_header_value?(header_value)
+      !!(ILLEGAL_HEADER_VALUE_REGEX =~ header_value.to_s)
     end
-    private :possible_header_injection?
+    private :illegal_header_key?, :illegal_header_value?
 
     # Fixup any headers with `,` in the name to have `_` now. We emit
     # headers with `,` in them during the parse phase to avoid ambiguity
@@ -334,9 +341,11 @@ module Puma
     def str_early_hints(headers)
       eh_str = "HTTP/1.1 103 Early Hints\r\n".dup
       headers.each_pair do |k, vs|
+        next if illegal_header_key?(k)
+
         if vs.respond_to?(:to_s) && !vs.to_s.empty?
           vs.to_s.split(NEWLINE).each do |v|
-            next if possible_header_injection?(v)
+            next if illegal_header_value?(v)
             eh_str << "#{k}: #{v}\r\n"
           end
         else
@@ -399,9 +408,11 @@ module Puma
       res_info[:response_hijack] = nil
 
       headers.each do |k, vs|
+        next if illegal_header_key?(k)
+
         case k.downcase
         when CONTENT_LENGTH2
-          next if possible_header_injection?(vs)
+          next if illegal_header_value?(vs)
           res_info[:content_length] = vs
           next
         when TRANSFER_ENCODING
@@ -410,11 +421,13 @@ module Puma
         when HIJACK
           res_info[:response_hijack] = vs
           next
+        when BANNED_HEADER_KEY
+          next
         end
 
         if vs.respond_to?(:to_s) && !vs.to_s.empty?
           vs.to_s.split(NEWLINE).each do |v|
-            next if possible_header_injection?(v)
+            next if illegal_header_value?(v)
             lines.append k, colon, v, line_ending
           end
         else