puma 5.2.2 → 6.3.0

data/lib/puma/minissl.rb

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 
 begin
-  require 'io/wait'
+  require 'io/wait' unless Puma::HAS_NATIVE_IO_WAIT
 rescue LoadError
 end
 
+require 'open3'
 # need for Puma::MiniSSL::OPENSSL constants used in `HAS_TLS1_3`
+# use require, see https://github.com/puma/puma/pull/2381
 require 'puma/puma_http11'
 
 module Puma
@@ -13,15 +15,16 @@ module Puma
     # Define constant at runtime, as it's easy to determine at built time,
     # but Puma could (it shouldn't) be loaded with an older OpenSSL version
     # @version 5.0.0
-    HAS_TLS1_3 = !IS_JRUBY &&
-      (OPENSSL_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) != -1 &&
-      (OPENSSL_LIBRARY_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) !=-1
+    HAS_TLS1_3 = IS_JRUBY ||
+        ((OPENSSL_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) != -1 &&
+         (OPENSSL_LIBRARY_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) !=-1)
 
     class Socket
       def initialize(socket, engine)
         @socket = socket
         @engine = engine
         @peercert = nil
+        @reuse = nil
       end
 
       # @!attribute [r] to_io
@@ -50,7 +53,7 @@ module Puma
       # is made with TLSv1.3 as an available protocol
       # @version 5.0.0
       def bad_tlsv1_3?
-        HAS_TLS1_3 && @engine.ssl_vers_st == ['TLSv1.3', 'SSLERR']
+        HAS_TLS1_3 && ssl_version_state == ['TLSv1.3', 'SSLERR']
       end
       private :bad_tlsv1_3?
 
@@ -123,7 +126,7 @@ module Puma
         while true
           wrote = @engine.write data
 
-          enc_wr = ''.dup
+          enc_wr = +''
           while (enc = @engine.extract)
             enc_wr << enc
           end
@@ -161,30 +164,15 @@ module Puma
         @socket.flush
       end
 
-      def read_and_drop(timeout = 1)
-        return :timeout unless IO.select([@socket], nil, nil, timeout)
-        case @socket.read_nonblock(1024, exception: false)
-        when nil
-          :eof
-        when :wait_readable
-          :eagain
-        else
-          :drop
-        end
-      end
-
-      def should_drop_bytes?
-        @engine.init? || !@engine.shutdown
-      end
-
       def close
         begin
-          # Read any drop any partially initialized sockets and any received bytes during shutdown.
-          # Don't let this socket hold this loop forever.
-          # If it can't send more packets within 1s, then give up.
-          return if [:timeout, :eof].include?(read_and_drop(1)) while should_drop_bytes?
+          unless @engine.shutdown
+            while alert_data = @engine.extract
+              @socket.write alert_data
+            end
+          end
         rescue IOError, SystemCallError
-          Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
+          Puma::Util.purge_interrupt_queue
           # nothing
         ensure
           @socket.close
@@ -210,10 +198,6 @@ module Puma
     if IS_JRUBY
       OPENSSL_NO_SSL3 = false
       OPENSSL_NO_TLS1 = false
-
-      class SSLError < StandardError
-        # Define this for jruby even though it isn't used.
-      end
     end
 
     class Context
@@ -223,49 +207,159 @@ module Puma
       def initialize
         @no_tlsv1   = false
         @no_tlsv1_1 = false
+        @key = nil
+        @cert = nil
+        @key_pem = nil
+        @cert_pem = nil
+        @reuse = nil
+        @reuse_cache_size = nil
+        @reuse_timeout = nil
+      end
+
+      def check_file(file, desc)
+        raise ArgumentError, "#{desc} file '#{file}' does not exist" unless File.exist? file
+        raise ArgumentError, "#{desc} file '#{file}' is not readable" unless File.readable? file
       end
 
       if IS_JRUBY
         # jruby-specific Context properties: java uses a keystore and password pair rather than a cert/key pair
         attr_reader :keystore
+        attr_reader :keystore_type
         attr_accessor :keystore_pass
-        attr_accessor :ssl_cipher_list
+        attr_reader :truststore
+        attr_reader :truststore_type
+        attr_accessor :truststore_pass
+        attr_reader :cipher_suites
+        attr_reader :protocols
 
         def keystore=(keystore)
-          raise ArgumentError, "No such keystore file '#{keystore}'" unless File.exist? keystore
+          check_file keystore, 'Keystore'
           @keystore = keystore
         end
 
+        def truststore=(truststore)
+          # NOTE: historically truststore was assumed the same as keystore, this is kept for backwards
+          # compatibility, to rely on JVM's trust defaults we allow setting `truststore = :default`
+          unless truststore.eql?(:default)
+            raise ArgumentError, "No such truststore file '#{truststore}'" unless File.exist?(truststore)
+          end
+          @truststore = truststore
+        end
+
+        def keystore_type=(type)
+          raise ArgumentError, "Invalid keystore type: #{type.inspect}" unless ['pkcs12', 'jks', nil].include?(type)
+          @keystore_type = type
+        end
+
+        def truststore_type=(type)
+          raise ArgumentError, "Invalid truststore type: #{type.inspect}" unless ['pkcs12', 'jks', nil].include?(type)
+          @truststore_type = type
+        end
+
+        def cipher_suites=(list)
+          list = list.split(',').map(&:strip) if list.is_a?(String)
+          @cipher_suites = list
+        end
+
+        # aliases for backwards compatibility
+        alias_method :ssl_cipher_list, :cipher_suites
+        alias_method :ssl_cipher_list=, :cipher_suites=
+
+        def protocols=(list)
+          list = list.split(',').map(&:strip) if list.is_a?(String)
+          @protocols = list
+        end
+
         def check
           raise "Keystore not configured" unless @keystore
+          # @truststore defaults to @keystore due backwards compatibility
         end
 
       else
         # non-jruby Context properties
         attr_reader :key
+        attr_reader :key_password_command
         attr_reader :cert
         attr_reader :ca
+        attr_reader :cert_pem
+        attr_reader :key_pem
         attr_accessor :ssl_cipher_filter
         attr_accessor :verification_flags
 
+        attr_reader :reuse, :reuse_cache_size, :reuse_timeout
+
         def key=(key)
-          raise ArgumentError, "No such key file '#{key}'" unless File.exist? key
+          check_file key, 'Key'
           @key = key
         end
 
+        def key_password_command=(key_password_command)
+          @key_password_command = key_password_command
+        end
+
         def cert=(cert)
-          raise ArgumentError, "No such cert file '#{cert}'" unless File.exist? cert
+          check_file cert, 'Cert'
           @cert = cert
         end
 
         def ca=(ca)
-          raise ArgumentError, "No such ca file '#{ca}'" unless File.exist? ca
+          check_file ca, 'ca'
           @ca = ca
         end
 
+        def cert_pem=(cert_pem)
+          raise ArgumentError, "'cert_pem' is not a String" unless cert_pem.is_a? String
+          @cert_pem = cert_pem
+        end
+
+        def key_pem=(key_pem)
+          raise ArgumentError, "'key_pem' is not a String" unless key_pem.is_a? String
+          @key_pem = key_pem
+        end
+
         def check
-          raise "Key not configured" unless @key
-          raise "Cert not configured" unless @cert
+          raise "Key not configured" if @key.nil? && @key_pem.nil?
+          raise "Cert not configured" if @cert.nil? && @cert_pem.nil?
+        end
+
+        # Executes the command to return the password needed to decrypt the key.
+        def key_password
+          raise "Key password command not configured" if @key_password_command.nil?
+
+          stdout_str, stderr_str, status = Open3.capture3(@key_password_command)
+
+          return stdout_str.chomp if status.success?
+
+          raise "Key password failed with code #{status.exitstatus}: #{stderr_str}"
+        end
+
+        # Controls session reuse.  Allowed values are as follows:
+        # * 'off' - matches the behavior of Puma 5.6 and earlier.  This is included
+        #   in case reuse 'on' is made the default in future Puma versions.
+        # * 'dflt' - sets session reuse on, with OpenSSL default cache size of
+        #   20k and default timeout of 300 seconds.
+        # * 's,t' - where s and t are integer strings, for size and timeout.
+        # * 's' - where s is an integer strings for size.
+        # * ',t' - where t is an integer strings for timeout.
+        #
+        def reuse=(reuse_str)
+          case reuse_str
+          when 'off'
+            @reuse = nil
+          when 'dflt'
+            @reuse = true
+          when /\A\d+\z/
+            @reuse = true
+            @reuse_cache_size = reuse_str.to_i
+          when /\A\d+,\d+\z/
+            @reuse = true
+            size, time = reuse_str.split ','
+            @reuse_cache_size = size.to_i
+            @reuse_timeout = time.to_i
+          when /\A,\d+\z/
+            @reuse = true
+            @reuse_timeout = reuse_str.delete(',').to_i
+          end
         end
       end
 

data/lib/puma/null_io.rb

@@ -52,5 +52,10 @@ module Puma
     def flush
       self
     end
+
+    # This is used as singleton class, so can't have state.
+    def closed?
+      false
+    end
   end
 end

data/lib/puma/plugin/systemd.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+require_relative '../plugin'
+
+# Puma's systemd integration allows Puma to inform systemd:
+#  1. when it has successfully started
+#  2. when it is starting shutdown
+#  3. periodically for a liveness check with a watchdog thread
+#  4. periodically set the status
+Puma::Plugin.create do
+  def start(launcher)
+    require_relative '../sd_notify'
+
+    launcher.log_writer.log "* Enabling systemd notification integration"
+
+    # hook_events
+    launcher.events.on_booted { Puma::SdNotify.ready }
+    launcher.events.on_stopped { Puma::SdNotify.stopping }
+    launcher.events.on_restart { Puma::SdNotify.reloading }
+
+    # start watchdog
+    if Puma::SdNotify.watchdog?
+      ping_f = watchdog_sleep_time
+
+      in_background do
+        launcher.log_writer.log "Pinging systemd watchdog every #{ping_f.round(1)} sec"
+        loop do
+          sleep ping_f
+          Puma::SdNotify.watchdog
+        end
+      end
+    end
+
+    # start status loop
+    instance = self
+    sleep_time = 1.0
+    in_background do
+      launcher.log_writer.log "Sending status to systemd every #{sleep_time.round(1)} sec"
+
+      loop do
+        sleep sleep_time
+        # TODO: error handling?
+        Puma::SdNotify.status(instance.status)
+      end
+    end
+  end
+
+  def status
+    if clustered?
+      messages = stats[:worker_status].map do |worker|
+        common_message(worker[:last_status])
+      end.join(',')
+
+      "Puma #{Puma::Const::VERSION}: cluster: #{booted_workers}/#{workers}, worker_status: [#{messages}]"
+    else
+      "Puma #{Puma::Const::VERSION}: worker: #{common_message(stats)}"
+    end
+  end
+
+  private
+
+  def watchdog_sleep_time
+    usec = Integer(ENV["WATCHDOG_USEC"])
+
+    sec_f = usec / 1_000_000.0
+    # "It is recommended that a daemon sends a keep-alive notification message
+    # to the service manager every half of the time returned here."
+    sec_f / 2
+  end
+
+  def stats
+    Puma.stats_hash
+  end
+
+  def clustered?
+    stats.has_key?(:workers)
+  end
+
+  def workers
+    stats.fetch(:workers, 1)
+  end
+
+  def booted_workers
+    stats.fetch(:booted_workers, 1)
+  end
+
+  def common_message(stats)
+    "{ #{stats[:running]}/#{stats[:max_threads]} threads, #{stats[:pool_capacity]} available, #{stats[:backlog]} backlog }"
+  end
+end

data/lib/puma/plugin/tmp_restart.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'puma/plugin'
+require_relative '../plugin'
 
 Puma::Plugin.create do
   def start(launcher)

data/lib/puma/plugin.rb

@@ -64,7 +64,7 @@ module Puma
     def fire_background
       @background.each_with_index do |b, i|
         Thread.new do
-          Puma.set_thread_name "plugin background #{i}"
+          Puma.set_thread_name "plgn bg #{i}"
           b.call
         end
       end
@@ -91,7 +91,7 @@ module Puma
       path = ary.first[CALLER_FILE]
 
       m = %r!puma/plugin/([^/]*)\.rb$!.match(path)
-      return m[1]
+      m[1]
     end
 
     def self.create(&blk)

data/lib/puma/rack/builder.rb

@@ -102,13 +102,13 @@ module Puma::Rack
       begin
         info = []
         server = Rack::Handler.get(options[:server]) || Rack::Handler.default(options)
-        if server && server.respond_to?(:valid_options)
+        if server&.respond_to?(:valid_options)
           info << ""
           info << "Server-specific options for #{server.name}:"
 
           has_options = false
           server.valid_options.each do |name, description|
-            next if name.to_s =~ /^(Host|Port)[^a-zA-Z]/ # ignore handler's host and port options, we do our own.
+            next if /^(Host|Port)[^a-zA-Z]/.match? name.to_s  # ignore handler's host and port options, we do our own.
 
             info << "  -O %-21s %s" % [name, description]
             has_options = true
@@ -165,7 +165,7 @@ module Puma::Rack
         require config
         app = Object.const_get(::File.basename(config, '.rb').capitalize)
       end
-      return app, options
+      [app, options]
     end
 
     def self.new_from_string(builder_script, file="(rackup)")
@@ -173,7 +173,7 @@ module Puma::Rack
         TOPLEVEL_BINDING, file, 0
     end
 
-    def initialize(default_app = nil,&block)
+    def initialize(default_app = nil, &block)
       @use, @map, @run, @warmup = [], nil, default_app, nil
 
       # Conditionally load rack now, so that any rack middlewares,
@@ -183,7 +183,7 @@ module Puma::Rack
       rescue LoadError
       end
 
-      instance_eval(&block) if block_given?
+      instance_eval(&block) if block
     end
 
     def self.app(default_app = nil, &block)
@@ -276,7 +276,7 @@ module Puma::Rack
       app = @map ? generate_map(@run, @map) : @run
       fail "missing run or map statement" unless app
       app = @use.reverse.inject(app) { |a,e| e[a] }
-      @warmup.call(app) if @warmup
+      @warmup&.call app
       app
     end
 
@@ -287,7 +287,7 @@ module Puma::Rack
     private
 
     def generate_map(default_app, mapping)
-      require 'puma/rack/urlmap'
+      require_relative 'urlmap'
 
       mapped = default_app ? {'/' => default_app} : {}
       mapping.each { |r,b| mapped[r] = self.class.new(default_app, &b).to_app }

data/lib/puma/rack_default.rb

@@ -1,9 +1,24 @@
 # frozen_string_literal: true
 
-require 'rack/handler/puma'
+require_relative '../rack/handler/puma'
 
-module Rack::Handler
-  def self.default(options = {})
-    Rack::Handler::Puma
+# rackup was removed in Rack 3, it is now a separate gem
+if Object.const_defined? :Rackup
+  module Rackup
+    module Handler
+      def self.default(options = {})
+        ::Rackup::Handler::Puma
+      end
+    end
   end
+elsif Object.const_defined?(:Rack) && Rack.release < '3'
+  module Rack
+    module Handler
+      def self.default(options = {})
+        ::Rack::Handler::Puma
+      end
+    end
+  end
+else
+  raise "Rack 3 must be used with the Rackup gem"
 end

data/lib/puma/reactor.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'puma/queue_close' unless ::Queue.instance_methods.include? :close
-
 module Puma
   class UnsupportedBackend < StandardError; end
 
@@ -22,10 +20,12 @@ module Puma
     # its timeout elapses, or when the Reactor shuts down.
     def initialize(backend, &block)
       require 'nio'
-      unless backend == :auto || NIO::Selector.backends.include?(backend)
-        raise "unsupported IO selector backend: #{backend} (available backends: #{NIO::Selector.backends.join(', ')})"
+      valid_backends = [:auto, *::NIO::Selector.backends]
+      unless valid_backends.include?(backend)
+        raise ArgumentError.new("unsupported IO selector backend: #{backend} (available backends: #{valid_backends.join(', ')})")
       end
-      @selector = backend == :auto ? NIO::Selector.new : NIO::Selector.new(backend)
+
+      @selector = ::NIO::Selector.new(NIO::Selector.backends.delete(backend))
       @input = Queue.new
       @timeouts = []
       @block = block
@@ -50,7 +50,7 @@ module Puma
       @input << client
       @selector.wakeup
       true
-    rescue ClosedQueueError
+    rescue ClosedQueueError, IOError # Ignore if selector is already closed
       false
     end
 
@@ -61,12 +61,13 @@ module Puma
         @selector.wakeup
       rescue IOError # Ignore if selector is already closed
       end
-      @thread.join if @thread
+      @thread&.join
     end
 
     private
 
     def select_loop
+      close_selector = true
       begin
         until @input.closed? && @input.empty?
           # Wakeup any registered object that receives incoming data.
@@ -76,7 +77,7 @@ module Puma
 
           # Wakeup all objects that timed out.
           timed_out = @timeouts.take_while {|t| t.timeout == 0}
-          timed_out.each(&method(:wakeup!))
+          timed_out.each { |c| wakeup! c }
 
           unless @input.empty?
             until @input.empty?
@@ -89,11 +90,19 @@ module Puma
       rescue StandardError => e
         STDERR.puts "Error in reactor loop escaped: #{e.message} (#{e.class})"
         STDERR.puts e.backtrace
-        retry
+
+        # NoMethodError may be rarely raised when calling @selector.select, which
+        # is odd.  Regardless, it may continue for thousands of calls if retried.
+        # Also, when it raises, @selector.close also raises an error.
+        if NoMethodError === e
+          close_selector = false
+        else
+          retry
+        end
       end
       # Wakeup all remaining objects on shutdown.
       @timeouts.each(&@block)
-      @selector.close
+      @selector.close if close_selector
     end
 
     # Start monitoring the object.