puma 5.3.2 → 6.0.0

data/lib/puma/client.rb

@@ -8,7 +8,7 @@ class IO
   end
 end
 
-require 'puma/detect'
+require_relative 'detect'
 require 'tempfile'
 require 'forwardable'
 
@@ -23,6 +23,11 @@ module Puma
 
   class ConnectionError < RuntimeError; end
 
+  class HttpParserError501 < IOError; end
+
+  #———————————————————————— DO NOT USE — this class is for internal use only ———
+
+
   # An instance of this class represents a unique request from a client.
   # For example, this could be a web request from a browser or from CURL.
   #
@@ -35,7 +40,21 @@ module Puma
   # Instances of this class are responsible for knowing if
   # the header and body are fully buffered via the `try_to_finish` method.
   # They can be used to "time out" a response via the `timeout_at` reader.
-  class Client
+  #
+  class Client # :nodoc:
+
+    # this tests all values but the last, which must be chunked
+    ALLOWED_TRANSFER_ENCODING = %w[compress deflate gzip].freeze
+
+    # chunked body validation
+    CHUNK_SIZE_INVALID = /[^\h]/.freeze
+    CHUNK_VALID_ENDING = "\r\n".freeze
+
+    # Content-Length header value validation
+    CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
+
+    TE_ERR_MSG = 'Invalid Transfer-Encoding'
+
     # The object used for a request with no body. All requests with
     # no body share this one object since it has no state.
     EmptyBody = NullIO.new
@@ -47,15 +66,12 @@ module Puma
       @io = io
       @to_io = io.to_io
       @proto_env = env
-      if !env
-        @env = nil
-      else
-        @env = env.dup
-      end
+      @env = env ? env.dup : nil
 
       @parser = HttpParser.new
       @parsed_bytes = 0
       @read_header = true
+      @read_proxy = false
       @ready = false
 
       @body = nil
@@ -69,8 +85,10 @@ module Puma
       @hijacked = false
 
       @peerip = nil
+      @peer_family = nil
       @listener = nil
       @remote_addr_header = nil
+      @expect_proxy_proto = false
 
       @body_remain = 0
 
@@ -106,7 +124,7 @@ module Puma
 
     # @!attribute [r] in_data_phase
     def in_data_phase
-      !@read_header
+      !(@read_header || @read_proxy)
     end
 
     def set_timeout(val)
@@ -121,6 +139,7 @@ module Puma
     def reset(fast_check=true)
       @parser.reset
       @read_header = true
+      @read_proxy = !!@expect_proxy_proto
       @env = @proto_env.dup
       @body = nil
       @tempfile = nil
@@ -131,6 +150,8 @@ module Puma
       @in_last_chunk = false
 
       if @buffer
+        return false unless try_to_parse_proxy_protocol
+
         @parsed_bytes = @parser.execute(@env, @buffer, @parsed_bytes)
 
         if @parser.finished?
@@ -143,8 +164,7 @@ module Puma
         return false
       else
         begin
-          if fast_check &&
-              IO.select([@to_io], nil, nil, FAST_TRACK_KA_TIMEOUT)
+          if fast_check && @to_io.wait_readable(FAST_TRACK_KA_TIMEOUT)
             return try_to_finish
           end
         rescue IOError
@@ -157,13 +177,37 @@ module Puma
     def close
       begin
         @io.close
-      rescue IOError
-        Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
+      rescue IOError, Errno::EBADF
+        Puma::Util.purge_interrupt_queue
+      end
+    end
+
+    # If necessary, read the PROXY protocol from the buffer. Returns
+    # false if more data is needed.
+    def try_to_parse_proxy_protocol
+      if @read_proxy
+        if @expect_proxy_proto == :v1
+          if @buffer.include? "\r\n"
+            if md = PROXY_PROTOCOL_V1_REGEX.match(@buffer)
+              if md[1]
+                @peerip = md[1].split(" ")[0]
+              end
+              @buffer = md.post_match
+            end
+            # if the buffer has a \r\n but doesn't have a PROXY protocol
+            # request, this is just HTTP from a non-PROXY client; move on
+            @read_proxy = false
+            return @buffer.size > 0
+          else
+            return false
+          end
+        end
       end
+      true
     end
 
     def try_to_finish
-      return read_body unless @read_header
+      return read_body if in_data_phase
 
       begin
         data = @io.read_nonblock(CHUNK_SIZE)
@@ -188,6 +232,8 @@ module Puma
         @buffer = data
       end
 
+      return false unless try_to_parse_proxy_protocol
+
       @parsed_bytes = @parser.execute(@env, @buffer, @parsed_bytes)
 
       if @parser.finished?
@@ -202,13 +248,13 @@ module Puma
 
     def eagerly_finish
       return true if @ready
-      return false unless IO.select([@to_io], nil, nil, 0)
+      return false unless @to_io.wait_readable(0)
       try_to_finish
     end
 
     def finish(timeout)
       return if @ready
-      IO.select([@to_io], nil, nil, timeout) || timeout! until try_to_finish
+      @to_io.wait_readable(timeout) || timeout! until try_to_finish
     end
 
     def timeout!
@@ -227,7 +273,7 @@ module Puma
       return @peerip if @peerip
 
       if @remote_addr_header
-        hdr = (@env[@remote_addr_header] || LOCALHOST_IP).split(/[\s,]/).first
+        hdr = (@env[@remote_addr_header] || @io.peeraddr.last).split(/[\s,]/).first
         @peerip = hdr
         return hdr
       end
@@ -235,6 +281,16 @@ module Puma
       @peerip ||= @io.peeraddr.last
     end
 
+    def peer_family
+      return @peer_family if @peer_family
+
+      @peer_family ||= begin
+                         @io.local_address.afamily
+                       rescue
+                         Socket::AF_INET
+                       end
+    end
+
     # Returns true if the persistent connection can be closed immediately
     # without waiting for the configured idle/shutdown timeout.
     # @version 5.0.0
@@ -244,10 +300,21 @@ module Puma
       @parsed_bytes == 0
     end
 
+    def expect_proxy_proto=(val)
+      if val
+        if @read_header
+          @read_proxy = true
+        end
+      else
+        @read_proxy = false
+      end
+      @expect_proxy_proto = val
+    end
+
     private
 
     def setup_body
-      @body_read_start = Process.clock_gettime(Process::CLOCK_MONOTONIC, :millisecond)
+      @body_read_start = Process.clock_gettime(Process::CLOCK_MONOTONIC, :float_millisecond)
 
       if @env[HTTP_EXPECT] == CONTINUE
         # TODO allow a hook here to check the headers before
@@ -261,16 +328,27 @@ module Puma
       body = @parser.body
 
       te = @env[TRANSFER_ENCODING2]
-
       if te
-        if te.include?(",")
-          te.split(",").each do |part|
-            if CHUNKED.casecmp(part.strip) == 0
-              return setup_chunked_body(body)
-            end
+        te_lwr = te.downcase
+        if te.include? ','
+          te_ary = te_lwr.split ','
+          te_count = te_ary.count CHUNKED
+          te_valid = te_ary[0..-2].all? { |e| ALLOWED_TRANSFER_ENCODING.include? e }
+          if te_ary.last == CHUNKED && te_count == 1 && te_valid
+            @env.delete TRANSFER_ENCODING2
+            return setup_chunked_body body
+          elsif te_count >= 1
+            raise HttpParserError   , "#{TE_ERR_MSG}, multiple chunked: '#{te}'"
+          elsif !te_valid
+            raise HttpParserError501, "#{TE_ERR_MSG}, unknown value: '#{te}'"
           end
-        elsif CHUNKED.casecmp(te) == 0
-          return setup_chunked_body(body)
+        elsif te_lwr == CHUNKED
+          @env.delete TRANSFER_ENCODING2
+          return setup_chunked_body body
+        elsif ALLOWED_TRANSFER_ENCODING.include? te_lwr
+          raise HttpParserError     , "#{TE_ERR_MSG}, single value must be chunked: '#{te}'"
+        else
+          raise HttpParserError501  , "#{TE_ERR_MSG}, unknown value: '#{te}'"
         end
       end
 
@@ -278,7 +356,12 @@ module Puma
 
       cl = @env[CONTENT_LENGTH]
 
-      unless cl
+      if cl
+        # cannot contain characters that are not \d
+        if CONTENT_LENGTH_VALUE_INVALID.match? cl
+          raise HttpParserError, "Invalid Content-Length: #{cl.inspect}"
+        end
+      else
         @buffer = body.empty? ? nil : body
         @body = EmptyBody
         set_ready
@@ -309,7 +392,7 @@ module Puma
 
       @body_remain = remain
 
-      return false
+      false
     end
 
     def read_body
@@ -437,7 +520,13 @@ module Puma
       while !io.eof?
         line = io.gets
         if line.end_with?("\r\n")
-          len = line.strip.to_i(16)
+          # Puma doesn't process chunk extensions, but should parse if they're
+          # present, which is the reason for the semicolon regex
+          chunk_hex = line.strip[/\A[^;]+/]
+          if CHUNK_SIZE_INVALID.match? chunk_hex
+            raise HttpParserError, "Invalid chunk size: '#{chunk_hex}'"
+          end
+          len = chunk_hex.to_i(16)
           if len == 0
             @in_last_chunk = true
             @body.rewind
@@ -468,7 +557,12 @@ module Puma
 
           case
           when got == len
-            write_chunk(part[0..-3]) # to skip the ending \r\n
+            # proper chunked segment must end with "\r\n"
+            if part.end_with? CHUNK_VALID_ENDING
+              write_chunk(part[0..-3]) # to skip the ending \r\n
+            else
+              raise HttpParserError, "Chunk size mismatch"
+            end
           when got <= len - 2
             write_chunk(part)
             @partial_part_left = len - part.size
@@ -492,7 +586,7 @@ module Puma
 
     def set_ready
       if @body_read_start
-        @env['puma.request_body_wait'] = Process.clock_gettime(Process::CLOCK_MONOTONIC, :millisecond) - @body_read_start
+        @env['puma.request_body_wait'] = Process.clock_gettime(Process::CLOCK_MONOTONIC, :float_millisecond) - @body_read_start
       end
       @requests_served += 1
       @ready = true

data/lib/puma/cluster/worker.rb

@@ -2,27 +2,29 @@
 
 module Puma
   class Cluster < Puma::Runner
+    #—————————————————————— DO NOT USE — this class is for internal use only ———
+
+
     # This class is instantiated by the `Puma::Cluster` and represents a single
     # worker process.
     #
     # At the core of this class is running an instance of `Puma::Server` which
     # gets created via the `start_server` method from the `Puma::Runner` class
     # that this inherits from.
-    class Worker < Puma::Runner
+    class Worker < Puma::Runner # :nodoc:
       attr_reader :index, :master
 
       def initialize(index:, master:, launcher:, pipes:, server: nil)
-        super launcher, launcher.events
+        super(launcher)
 
         @index = index
         @master = master
-        @launcher = launcher
-        @options = launcher.options
         @check_pipe = pipes[:check_pipe]
         @worker_write = pipes[:worker_write]
         @fork_pipe = pipes[:fork_pipe]
         @wakeup = pipes[:wakeup]
         @server = server
+        @hook_data = {}
       end
 
       def run
@@ -33,9 +35,9 @@ module Puma
         Signal.trap "SIGINT", "IGNORE"
         Signal.trap "SIGCHLD", "DEFAULT"
 
-       Thread.new do
-          Puma.set_thread_name "worker check pipe"
-          IO.select [@check_pipe]
+        Thread.new do
+          Puma.set_thread_name "wrkr check"
+          @check_pipe.wait_readable
           log "! Detected parent died, dying"
           exit! 1
         end
@@ -52,13 +54,14 @@ module Puma
 
         # Invoke any worker boot hooks so they can get
         # things in shape before booting the app.
-        @launcher.config.run_hooks :before_worker_boot, index, @launcher.events
+        @config.run_hooks(:before_worker_boot, index, @log_writer, @hook_data)
 
         begin
         server = @server ||= start_server
         rescue Exception => e
           log "! Unable to start worker"
-          log e.backtrace[0]
+          log e
+          log e.backtrace.join("\n    ")
           exit 1
         end
 
@@ -76,15 +79,14 @@ module Puma
           end
 
           Thread.new do
-            Puma.set_thread_name "worker fork pipe"
+            Puma.set_thread_name "wrkr fork"
             while (idx = @fork_pipe.gets)
               idx = idx.to_i
               if idx == -1 # stop server
                 if restart_server.length > 0
                   restart_server.clear
                   server.begin_restart(true)
-                  @launcher.config.run_hooks :before_refork, nil, @launcher.events
-                  Puma::Util.nakayoshi_gc @events if @options[:nakayoshi_fork]
+                  @config.run_hooks(:before_refork, nil, @log_writer, @hook_data)
                 end
               elsif idx == 0 # restart server
                 restart_server << true << false
@@ -106,7 +108,7 @@ module Puma
         begin
           @worker_write << "b#{Process.pid}:#{index}\n"
         rescue SystemCallError, IOError
-          Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
+          Puma::Util.purge_interrupt_queue
           STDERR.puts "Master seems to have exited, exiting."
           return
         end
@@ -114,7 +116,7 @@ module Puma
         while restart_server.pop
           server_thread = server.run
           stat_thread ||= Thread.new(@worker_write) do |io|
-            Puma.set_thread_name "stat payload"
+            Puma.set_thread_name "stat pld"
             base_payload = "p#{Process.pid}"
 
             while true
@@ -127,10 +129,10 @@ module Puma
                 payload = %Q!#{base_payload}{ "backlog":#{b}, "running":#{r}, "pool_capacity":#{t}, "max_threads": #{m}, "requests_count": #{rc} }\n!
                 io << payload
               rescue IOError
-                Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
+                Puma::Util.purge_interrupt_queue
                 break
               end
-              sleep Const::WORKER_CHECK_INTERVAL
+              sleep @options[:worker_check_interval]
             end
           end
           server_thread.join
@@ -138,7 +140,7 @@ module Puma
 
         # Invoke any worker shutdown hooks so they can prevent the worker
         # exiting until any background operations are completed
-        @launcher.config.run_hooks :before_worker_shutdown, index, @launcher.events
+        @config.run_hooks(:before_worker_shutdown, index, @log_writer, @hook_data)
       ensure
         @worker_write << "t#{Process.pid}\n" rescue nil
         @worker_write.close
@@ -147,7 +149,7 @@ module Puma
       private
 
       def spawn_worker(idx)
-        @launcher.config.run_hooks :before_worker_fork, idx, @launcher.events
+        @config.run_hooks(:before_worker_fork, idx, @log_writer, @hook_data)
 
         pid = fork do
           new_worker = Worker.new index: idx,
@@ -165,19 +167,9 @@ module Puma
           exit! 1
         end
 
-        @launcher.config.run_hooks :after_worker_fork, idx, @launcher.events
+        @config.run_hooks(:after_worker_fork, idx, @log_writer, @hook_data)
         pid
       end
-
-      def wakeup!
-        return unless @wakeup
-
-        begin
-          @wakeup.write "!" unless @wakeup.closed?
-        rescue SystemCallError, IOError
-          Thread.current.purge_interrupt_queue if Thread.current.respond_to? :purge_interrupt_queue
-        end
-      end
     end
   end
 end

data/lib/puma/cluster/worker_handle.rb

@@ -2,12 +2,15 @@
 
 module Puma
   class Cluster < Runner
+    #—————————————————————— DO NOT USE — this class is for internal use only ———
+
+
     # This class represents a worker process from the perspective of the puma
     # master process. It contains information about the process and its health
     # and it exposes methods to control the process via IPC. It does not
     # include the actual logic executed by the worker process itself. For that,
     # see Puma::Cluster::Worker.
-    class WorkerHandle
+    class WorkerHandle # :nodoc:
       def initialize(idx, pid, phase, options)
         @index = idx
         @pid = pid
@@ -40,6 +43,10 @@ module Puma
         @stage = :booted
       end
 
+      def term!
+        @term = true
+      end
+
       def term?
         @term
       end