puma 5.2.2 → 6.3.0

data/ext/puma_http11/puma_http11.c

@@ -36,13 +36,13 @@ static VALUE global_request_method;
 static VALUE global_request_uri;
 static VALUE global_fragment;
 static VALUE global_query_string;
-static VALUE global_http_version;
+static VALUE global_server_protocol;
 static VALUE global_request_path;
 
 /** Defines common length and error messages for input length validation. */
 #define QUOTE(s) #s
-#define EXPLAIN_MAX_LENGTH_VALUE(s) QUOTE(s)
-#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " EXPLAIN_MAX_LENGTH_VALUE(length) " allowed length (was %d)"
+#define EXPAND_MAX_LENGTH_VALUE(s) QUOTE(s)
+#define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " EXPAND_MAX_LENGTH_VALUE(length) " allowed length (was %d)"
 
 /** Validates the max length of given input and throws an HttpParserError exception if over. */
 #define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) { rb_raise(eHttpParserError, MAX_##N##_LENGTH_ERR, len); }
@@ -52,15 +52,23 @@ static VALUE global_request_path;
 
 
 /* Defines the maximum allowed lengths for various input elements.*/
+#ifndef PUMA_REQUEST_URI_MAX_LENGTH
+#define PUMA_REQUEST_URI_MAX_LENGTH (1024 * 12)
+#endif
+
+#ifndef PUMA_REQUEST_PATH_MAX_LENGTH
+#define PUMA_REQUEST_PATH_MAX_LENGTH (8192)
+#endif
+
 #ifndef PUMA_QUERY_STRING_MAX_LENGTH
 #define PUMA_QUERY_STRING_MAX_LENGTH (1024 * 10)
 #endif
 
 DEF_MAX_LENGTH(FIELD_NAME, 256);
 DEF_MAX_LENGTH(FIELD_VALUE, 80 * 1024);
-DEF_MAX_LENGTH(REQUEST_URI, 1024 * 12);
+DEF_MAX_LENGTH(REQUEST_URI, PUMA_REQUEST_URI_MAX_LENGTH);
 DEF_MAX_LENGTH(FRAGMENT, 1024); /* Don't know if this length is specified somewhere or not */
-DEF_MAX_LENGTH(REQUEST_PATH, 8192);
+DEF_MAX_LENGTH(REQUEST_PATH, PUMA_REQUEST_PATH_MAX_LENGTH);
 DEF_MAX_LENGTH(QUERY_STRING, PUMA_QUERY_STRING_MAX_LENGTH);
 DEF_MAX_LENGTH(HEADER, (1024 * (80 + 32)));
 
@@ -236,10 +244,10 @@ void query_string(puma_parser* hp, const char *at, size_t length)
   rb_hash_aset(hp->request, global_query_string, val);
 }
 
-void http_version(puma_parser* hp, const char *at, size_t length)
+void server_protocol(puma_parser* hp, const char *at, size_t length)
 {
   VALUE val = rb_str_new(at, length);
-  rb_hash_aset(hp->request, global_http_version, val);
+  rb_hash_aset(hp->request, global_server_protocol, val);
 }
 
 /** Finalizes the request header to have a bunch of stuff that's
@@ -281,7 +289,7 @@ VALUE HttpParser_alloc(VALUE klass)
   hp->fragment = fragment;
   hp->request_path = request_path;
   hp->query_string = query_string;
-  hp->http_version = http_version;
+  hp->server_protocol = server_protocol;
   hp->header_done = header_done;
   hp->request = Qnil;
 
@@ -451,7 +459,7 @@ VALUE HttpParser_body(VALUE self) {
 void Init_mini_ssl(VALUE mod);
 #endif
 
-void Init_puma_http11()
+void Init_puma_http11(void)
 {
 
   VALUE mPuma = rb_define_module("Puma");
@@ -461,7 +469,7 @@ void Init_puma_http11()
   DEF_GLOBAL(request_uri, "REQUEST_URI");
   DEF_GLOBAL(fragment, "FRAGMENT");
   DEF_GLOBAL(query_string, "QUERY_STRING");
-  DEF_GLOBAL(http_version, "HTTP_VERSION");
+  DEF_GLOBAL(server_protocol, "SERVER_PROTOCOL");
   DEF_GLOBAL(request_path, "REQUEST_PATH");
 
   eHttpParserError = rb_define_class_under(mPuma, "HttpParserError", rb_eIOError);

data/lib/puma/app/status.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
-require 'puma/json'
+require_relative '../json_serialization'
 
 module Puma
   module App
@@ -39,6 +39,9 @@ module Puma
           when 'phased-restart'
             @launcher.phased_restart ? 200 : 404
 
+          when 'refork'
+            @launcher.refork ? 200 : 404
+
           when 'reload-worker-directory'
             @launcher.send(:reload_worker_directory) ? 200 : 404
 
@@ -46,17 +49,17 @@ module Puma
             GC.start ; 200
 
           when 'gc-stats'
-            Puma::JSON.generate GC.stat
+            Puma::JSONSerialization.generate GC.stat
 
           when 'stats'
-            Puma::JSON.generate @launcher.stats
+            Puma::JSONSerialization.generate @launcher.stats
 
           when 'thread-backtraces'
             backtraces = []
             @launcher.thread_status do |name, backtrace|
               backtraces << { name: name, backtrace: backtrace }
             end
-            Puma::JSON.generate backtraces
+            Puma::JSONSerialization.generate backtraces
 
           else
             return rack_response(404, "Unsupported action", 'text/plain')
@@ -77,13 +80,13 @@ module Puma
 
       def authenticate(env)
         return true unless @auth_token
-        env['QUERY_STRING'].to_s.split(/&;/).include?("token=#{@auth_token}")
+        env['QUERY_STRING'].to_s.split('&;').include? "token=#{@auth_token}"
       end
 
       def rack_response(status, body, content_type='application/json')
         headers = {
-          'Content-Type' => content_type,
-          'Content-Length' => body.bytesize.to_s
+          'content-type' => content_type,
+          'content-length' => body.bytesize.to_s
         }
 
         [status, headers, [body]]

data/lib/puma/binder.rb

@@ -3,24 +3,15 @@
 require 'uri'
 require 'socket'
 
-require 'puma/const'
-require 'puma/util'
-require 'puma/configuration'
+require_relative 'const'
+require_relative 'util'
+require_relative 'configuration'
 
 module Puma
 
   if HAS_SSL
-    require 'puma/minissl'
-    require 'puma/minissl/context_builder'
-
-    # Odd bug in 'pure Ruby' nio4r verion 2.5.2, which installs with Ruby 2.3.
-    # NIO doesn't create any OpenSSL objects, but it rescues an OpenSSL error.
-    # The bug was that it did not require openssl.
-    # @todo remove when Ruby 2.3 support is dropped
-    #
-    if windows? && RbConfig::CONFIG['ruby_version'] == '2.3.0'
-      require 'openssl'
-    end
+    require_relative 'minissl'
+    require_relative 'minissl/context_builder'
   end
 
   class Binder
@@ -28,8 +19,9 @@ module Puma
 
     RACK_VERSION = [1,6].freeze
 
-    def initialize(events, conf = Configuration.new)
-      @events = events
+    def initialize(log_writer, conf = Configuration.new)
+      @log_writer = log_writer
+      @conf = conf
       @listeners = []
       @inherited_fds = {}
       @activated_sockets = {}
@@ -37,10 +29,11 @@ module Puma
 
       @proto_env = {
         "rack.version".freeze => RACK_VERSION,
-        "rack.errors".freeze => events.stderr,
+        "rack.errors".freeze => log_writer.stderr,
         "rack.multithread".freeze => conf.options[:max_threads] > 1,
         "rack.multiprocess".freeze => conf.options[:workers] >= 1,
         "rack.run_once".freeze => false,
+        RACK_URL_SCHEME => conf.options[:rack_url_scheme],
         "SCRIPT_NAME".freeze => ENV['SCRIPT_NAME'] || "",
 
         # I'd like to set a default CONTENT_TYPE here but some things
@@ -49,7 +42,6 @@ module Puma
         # infer properly.
 
         "QUERY_STRING".freeze => "",
-        SERVER_PROTOCOL => HTTP_11,
         SERVER_SOFTWARE => PUMA_SERVER_STRING,
         GATEWAY_INTERFACE => CGI_VER
       }
@@ -77,7 +69,7 @@ module Puma
     # @!attribute [r] connected_ports
     # @version 5.0.0
     def connected_ports
-      ios.map { |io| io.addr[1] }.uniq
+      t = ios.map { |io| io.addr[1] }; t.uniq!; t
     end
 
     # @version 5.0.0
@@ -95,6 +87,7 @@ module Puma
     # @version 5.0.0
     #
     def create_activated_fds(env_hash)
+      @log_writer.debug "ENV['LISTEN_FDS'] #{ENV['LISTEN_FDS'].inspect}  env_hash['LISTEN_PID'] #{env_hash['LISTEN_PID'].inspect}"
       return [] unless env_hash['LISTEN_FDS'] && env_hash['LISTEN_PID'].to_i == $$
       env_hash['LISTEN_FDS'].to_i.times do |index|
         sock = TCPServer.for_fd(socket_activation_fd(index))
@@ -102,11 +95,11 @@ module Puma
           [:unix, Socket.unpack_sockaddr_un(sock.getsockname)]
         rescue ArgumentError # Try to parse as a port/ip
           port, addr = Socket.unpack_sockaddr_in(sock.getsockname)
-          addr = "[#{addr}]" if addr =~ /\:/
+          addr = "[#{addr}]" if addr&.include? ':'
           [:tcp, addr, port]
         end
         @activated_sockets[key] = sock
-        @events.debug "Registered #{key.join ':'} for activation from LISTEN_FDS"
+        @log_writer.debug "Registered #{key.join ':'} for activation from LISTEN_FDS"
       end
       ["LISTEN_FDS", "LISTEN_PID"] # Signal to remove these keys from ENV
     end
@@ -148,42 +141,52 @@ module Puma
       end
     end
 
-    def parse(binds, logger, log_msg = 'Listening')
+    def parse(binds, log_writer = nil, log_msg = 'Listening')
+      log_writer ||= @log_writer
       binds.each do |str|
         uri = URI.parse str
         case uri.scheme
         when "tcp"
           if fd = @inherited_fds.delete(str)
             io = inherit_tcp_listener uri.host, uri.port, fd
-            logger.log "* Inherited #{str}"
+            log_writer.log "* Inherited #{str}"
           elsif sock = @activated_sockets.delete([ :tcp, uri.host, uri.port ])
             io = inherit_tcp_listener uri.host, uri.port, sock
-            logger.log "* Activated #{str}"
+            log_writer.log "* Activated #{str}"
           else
             ios_len = @ios.length
             params = Util.parse_query uri.query
 
-            opt = params.key?('low_latency')
-            bak = params.fetch('backlog', 1024).to_i
+            low_latency = params.key?('low_latency') && params['low_latency'] != 'false'
+            backlog = params.fetch('backlog', 1024).to_i
 
-            io = add_tcp_listener uri.host, uri.port, opt, bak
+            io = add_tcp_listener uri.host, uri.port, low_latency, backlog
 
             @ios[ios_len..-1].each do |i|
               addr = loc_addr_str i
-              logger.log "* #{log_msg} on http://#{addr}"
+              log_writer.log "* #{log_msg} on http://#{addr}"
             end
           end
 
           @listeners << [str, io] if io
         when "unix"
           path = "#{uri.host}#{uri.path}".gsub("%20", " ")
+          abstract = false
+          if str.start_with? 'unix://@'
+            raise "OS does not support abstract UNIXSockets" unless Puma.abstract_unix_socket?
+            abstract = true
+            path = "@#{path}"
+          end
 
           if fd = @inherited_fds.delete(str)
+            @unix_paths << path unless abstract || File.exist?(path)
             io = inherit_unix_listener path, fd
-            logger.log "* Inherited #{str}"
-          elsif sock = @activated_sockets.delete([ :unix, path ])
+            log_writer.log "* Inherited #{str}"
+          elsif sock = @activated_sockets.delete([ :unix, path ]) ||
+              @activated_sockets.delete([ :unix, File.realdirpath(path) ])
+            @unix_paths << path unless abstract || File.exist?(path)
             io = inherit_unix_listener path, sock
-            logger.log "* Activated #{str}"
+            log_writer.log "* Activated #{str}"
           else
             umask = nil
             mode = nil
@@ -205,44 +208,67 @@ module Puma
               end
             end
 
+            @unix_paths << path unless abstract || File.exist?(path)
             io = add_unix_listener path, umask, mode, backlog
-            logger.log "* #{log_msg} on #{str}"
+            log_writer.log "* #{log_msg} on #{str}"
           end
 
           @listeners << [str, io]
         when "ssl"
+          cert_key = %w[cert key]
 
           raise "Puma compiled without SSL support" unless HAS_SSL
 
           params = Util.parse_query uri.query
-          ctx = MiniSSL::ContextBuilder.new(params, @events).context
+
+          # If key and certs are not defined and localhost gem is required.
+          # localhost gem will be used for self signed
+          # Load localhost authority if not loaded.
+          # Ruby 3 `values_at` accepts an array, earlier do not
+          if params.values_at(*cert_key).all? { |v| v.to_s.empty? }
+            ctx = localhost_authority && localhost_authority_context
+          end
+
+          ctx ||=
+            begin
+              # Extract cert_pem and key_pem from options[:store] if present
+              cert_key.each do |v|
+                if params[v]&.start_with?('store:')
+                  index = Integer(params.delete(v).split('store:').last)
+                  params["#{v}_pem"] = @conf.options[:store][index]
+                end
+              end
+              MiniSSL::ContextBuilder.new(params, @log_writer).context
+            end
 
           if fd = @inherited_fds.delete(str)
-            logger.log "* Inherited #{str}"
+            log_writer.log "* Inherited #{str}"
             io = inherit_ssl_listener fd, ctx
           elsif sock = @activated_sockets.delete([ :tcp, uri.host, uri.port ])
             io = inherit_ssl_listener sock, ctx
-            logger.log "* Activated #{str}"
+            log_writer.log "* Activated #{str}"
           else
             ios_len = @ios.length
-            io = add_ssl_listener uri.host, uri.port, ctx
+            backlog = params.fetch('backlog', 1024).to_i
+            low_latency = params['low_latency'] != 'false'
+            io = add_ssl_listener uri.host, uri.port, ctx, low_latency, backlog
 
             @ios[ios_len..-1].each do |i|
               addr = loc_addr_str i
-              logger.log "* #{log_msg} on ssl://#{addr}?#{uri.query}"
+              log_writer.log "* #{log_msg} on ssl://#{addr}?#{uri.query}"
             end
           end
 
           @listeners << [str, io] if io
         else
-          logger.error "Invalid URI: #{str}"
+          log_writer.error "Invalid URI: #{str}"
         end
       end
 
       # If we inherited fds but didn't use them (because of a
       # configuration change), then be sure to close them.
       @inherited_fds.each do |str, fd|
-        logger.log "* Closing unused inherited connection: #{str}"
+        log_writer.log "* Closing unused inherited connection: #{str}"
 
         begin
           IO.for_fd(fd).close
@@ -258,17 +284,37 @@ module Puma
       end
 
       # Also close any unused activated sockets
-      @activated_sockets.each do |key, sock|
-        logger.log "* Closing unused activated socket: #{key.join ':'}"
-        begin
-          sock.close
-        rescue SystemCallError
+      unless @activated_sockets.empty?
+        fds = @ios.map(&:to_i)
+        @activated_sockets.each do |key, sock|
+          next if fds.include? sock.to_i
+          log_writer.log "* Closing unused activated socket: #{key.first}://#{key[1..-1].join ':'}"
+          begin
+            sock.close
+          rescue SystemCallError
+          end
+          # We have to unlink a unix socket path that's not being used
+          File.unlink key[1] if key.first == :unix
         end
-        # We have to unlink a unix socket path that's not being used
-        File.unlink key[1] if key[0] == :unix
       end
     end
 
+    def localhost_authority
+      @localhost_authority ||= Localhost::Authority.fetch if defined?(Localhost::Authority) && !Puma::IS_JRUBY
+    end
+
+    def localhost_authority_context
+      return unless localhost_authority
+
+      key_path, crt_path = if [:key_path, :certificate_path].all? { |m| localhost_authority.respond_to?(m) }
+        [localhost_authority.key_path, localhost_authority.certificate_path]
+      else
+        local_certificates_path = File.expand_path("~/.localhost")
+        [File.join(local_certificates_path, "localhost.key"), File.join(local_certificates_path, "localhost.crt")]
+      end
+      MiniSSL::ContextBuilder.new({ "key" => key_path, "cert" => crt_path }, @log_writer).context
+    end
+
     # Tell the server to listen on host +host+, port +port+.
     # If +optimize_for_latency+ is true (the default) then clients connecting
     # will be optimized for latency over throughput.
@@ -286,6 +332,7 @@ module Puma
 
       host = host[1..-2] if host and host[0..0] == '['
       tcp_server = TCPServer.new(host, port)
+
       if optimize_for_latency
         tcp_server.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
       end
@@ -307,6 +354,8 @@ module Puma
                          optimize_for_latency=true, backlog=1024)
 
       raise "Puma compiled without SSL support" unless HAS_SSL
+      # Puma will try to use local authority context if context is supplied nil
+      ctx ||= localhost_authority_context
 
       if host == "localhost"
         loopback_addresses.each do |addr|
@@ -334,6 +383,8 @@ module Puma
 
     def inherit_ssl_listener(fd, ctx)
       raise "Puma compiled without SSL support" unless HAS_SSL
+      # Puma will try to use local authority context if context is supplied nil
+      ctx ||= localhost_authority_context
 
       s = fd.kind_of?(::TCPServer) ? fd : ::TCPServer.for_fd(fd)
 
@@ -351,8 +402,6 @@ module Puma
     # Tell the server to listen on +path+ as a UNIX domain socket.
     #
     def add_unix_listener(path, umask=nil, mode=nil, backlog=1024)
-      @unix_paths << path unless File.exist? path
-
       # Let anyone connect by default
       umask ||= 0
 
@@ -369,8 +418,7 @@ module Puma
             raise "There is already a server bound to: #{path}"
           end
         end
-
-        s = UNIXServer.new(path)
+        s = UNIXServer.new path.sub(/\A@/, "\0") # check for abstract UNIXSocket
         s.listen backlog
         @ios << s
       ensure
@@ -389,8 +437,6 @@ module Puma
     end
 
     def inherit_unix_listener(path, fd)
-      @unix_paths << path unless File.exist? path
-
       s = fd.kind_of?(::TCPServer) ? fd : ::UNIXServer.for_fd(fd)
 
       @ios << s
@@ -403,24 +449,27 @@ module Puma
     end
 
     def close_listeners
-      listeners.each do |l, io|
-        io.close unless io.closed? # Ruby 2.2 issue
-        uri = URI.parse(l)
-        next unless uri.scheme == 'unix'
-        unix_path = "#{uri.host}#{uri.path}"
-        File.unlink unix_path if unix_paths.include? unix_path
+      @listeners.each do |l, io|
+        begin
+          io.close unless io.closed?
+          uri = URI.parse l
+          next unless uri.scheme == 'unix'
+          unix_path = "#{uri.host}#{uri.path}"
+          File.unlink unix_path if @unix_paths.include?(unix_path) && File.exist?(unix_path)
+        rescue Errno::EBADF
+        end
       end
     end
 
     def redirects_for_restart
-      redirects = listeners.map { |a| [a[1].to_i, a[1].to_i] }.to_h
+      redirects = @listeners.map { |a| [a[1].to_i, a[1].to_i] }.to_h
       redirects[:close_others] = true
       redirects
     end
 
     # @version 5.0.0
     def redirects_for_restart_env
-      listeners.each_with_object({}).with_index do |(listen, memo), i|
+      @listeners.each_with_object({}).with_index do |(listen, memo), i|
         memo["PUMA_INHERIT_#{i}"] = "#{listen[1].to_i}:#{listen[0]}"
       end
     end
@@ -429,9 +478,10 @@ module Puma
 
     # @!attribute [r] loopback_addresses
     def loopback_addresses
-      Socket.ip_address_list.select do |addrinfo|
+      t = Socket.ip_address_list.select do |addrinfo|
         addrinfo.ipv6_loopback? || addrinfo.ipv4_loopback?
-      end.map { |addrinfo| addrinfo.ip_address }.uniq
+      end
+      t.map! { |addrinfo| addrinfo.ip_address }; t.uniq!; t
     end
 
     def loc_addr_str(io)

data/lib/puma/cli.rb

@@ -3,36 +3,31 @@
 require 'optparse'
 require 'uri'
 
-require 'puma'
-require 'puma/configuration'
-require 'puma/launcher'
-require 'puma/const'
-require 'puma/events'
+require_relative '../puma'
+require_relative 'configuration'
+require_relative 'launcher'
+require_relative 'const'
+require_relative 'log_writer'
 
 module Puma
   class << self
-    # The CLI exports its Puma::Configuration object here to allow
-    # apps to pick it up. An app needs to use it conditionally though
-    # since it is not set if the app is launched via another
-    # mechanism than the CLI class.
+    # The CLI exports a Puma::Configuration instance here to allow
+    # apps to pick it up. An app must load this object conditionally
+    # because it is not set if the app is launched via any mechanism
+    # other than the CLI class.
     attr_accessor :cli_config
   end
 
   # Handles invoke a Puma::Server in a command line style.
   #
   class CLI
-    KEYS_NOT_TO_PERSIST_IN_STATE = Launcher::KEYS_NOT_TO_PERSIST_IN_STATE
-
     # Create a new CLI object using +argv+ as the command line
     # arguments.
     #
-    # +stdout+ and +stderr+ can be set to IO-like objects which
-    # this object will report status on.
-    #
-    def initialize(argv, events=Events.stdio)
+    def initialize(argv, log_writer = LogWriter.stdio, events = Events.new)
       @debug = false
       @argv = argv.dup
-
+      @log_writer = log_writer
       @events = events
 
       @conf = nil
@@ -68,7 +63,7 @@ module Puma
         end
       end
 
-      @launcher = Puma::Launcher.new(@conf, :events => @events, :argv => argv)
+      @launcher = Puma::Launcher.new(@conf, :log_writer => @log_writer, :events => @events, :argv => argv)
     end
 
     attr_reader :launcher
@@ -82,7 +77,7 @@ module Puma
 
     private
     def unsupported(str)
-      @events.error(str)
+      @log_writer.error(str)
       raise UnsupportedOption
     end
 
@@ -98,7 +93,7 @@ module Puma
     #
 
     def setup_options
-      @conf = Configuration.new do |user_config, file_config|
+      @conf = Configuration.new({}, {events: @events}) do |user_config, file_config|
         @parser = OptionParser.new do |o|
           o.on "-b", "--bind URI", "URI to bind to (tcp://, unix://, ssl://)" do |arg|
             user_config.bind arg
@@ -112,6 +107,11 @@ module Puma
             file_config.load arg
           end
 
+          # Identical to supplying --config "-", but more semantic
+          o.on "--no-config", "Prevent Puma from searching for a config file" do |arg|
+            file_config.load "-"
+          end
+
           o.on "--control-url URL", "The bind url to use for the control server. Use 'auto' to use temp unix server" do |arg|
             configure_control_url(arg)
           end
@@ -146,7 +146,7 @@ module Puma
 
           o.on "-p", "--port PORT", "Define the TCP port to bind to",
             "Use -b for more advanced options" do |arg|
-            user_config.bind "tcp://#{Configuration::DefaultTCPHost}:#{arg}"
+            user_config.bind "tcp://#{Configuration::DEFAULTS[:tcp_host]}:#{arg}"
           end
 
           o.on "--pidfile PATH", "Use PATH as a pidfile" do |arg|
@@ -179,6 +179,10 @@ module Puma
             user_config.restart_command cmd
           end
 
+          o.on "-s", "--silent", "Do not log prompt messages other than errors" do
+            @log_writer = LogWriter.new(NullIO.new, $stderr)
+          end
+
           o.on "-S", "--state PATH", "Where to store the state details" do |arg|
             user_config.state_path arg
           end