puma 5.6.4 → 6.4.2

data/README.md

@@ -4,21 +4,23 @@
 
 # Puma: A Ruby Web Server Built For Parallelism
 
-[![Actions MRI](https://github.com/puma/puma/workflows/MRI/badge.svg?branch=master)](https://github.com/puma/puma/actions?query=workflow%3AMRI)
-[![Actions non MRI](https://github.com/puma/puma/workflows/non_MRI/badge.svg?branch=master)](https://github.com/puma/puma/actions?query=workflow%3Anon_MRI)
+[![Actions](https://github.com/puma/puma/workflows/Tests/badge.svg?branch=master)](https://github.com/puma/puma/actions?query=workflow%3ATests)
 [![Code Climate](https://codeclimate.com/github/puma/puma.svg)](https://codeclimate.com/github/puma/puma)
-[![SemVer](https://api.dependabot.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&version-scheme=semver)](https://dependabot.com/compatibility-score.html?dependency-name=puma&package-manager=bundler&version-scheme=semver)
 [![StackOverflow](https://img.shields.io/badge/stackoverflow-Puma-blue.svg)]( https://stackoverflow.com/questions/tagged/puma )
 
 Puma is a **simple, fast, multi-threaded, and highly parallel HTTP 1.1 server for Ruby/Rack applications**.
 
 ## Built For Speed & Parallelism
 
-Puma processes requests using a C-optimized Ragel extension (inherited from Mongrel) that provides fast, accurate HTTP 1.1 protocol parsing in a portable way. Puma then serves the request using a thread pool. Each request is served in a separate thread, so truly parallel Ruby implementations (JRuby, Rubinius) will use all available CPU cores.
+Puma is a server for [Rack](https://github.com/rack/rack)-powered HTTP applications written in Ruby.  It is: 
+* **Multi-threaded**. Each request is served in a separate thread. This helps you serve more requests per second with less memory use.
+* **Multi-process**. "Pre-forks" in cluster mode, using less memory per-process thanks to copy-on-write memory.
+* **Standalone**. With SSL support, zero-downtime rolling restarts and a built-in request bufferer, you can deploy Puma without any reverse proxy.
+* **Battle-tested**. Our HTTP parser is inherited from Mongrel and has over 15 years of production use. Puma is currently the most popular Ruby webserver, and is the default server for Ruby on Rails.
 
 Originally designed as a server for [Rubinius](https://github.com/rubinius/rubinius), Puma also works well with Ruby (MRI) and JRuby.
 
-On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel.
+On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel. Truly parallel Ruby implementations (TruffleRuby, JRuby) don't have this limitation.
 
 ## Quick Start
 
@@ -108,15 +110,25 @@ Puma also offers "clustered mode". Clustered mode `fork`s workers from a master
 $ puma -t 8:32 -w 3
 ```
 
+Or with the `WEB_CONCURRENCY` environment variable:
+
+```
+$ WEB_CONCURRENCY=3 puma -t 8:32
+```
+
 Note that threads are still used in clustered mode, and the `-t` thread flag setting is per worker, so `-w 2 -t 16:16` will spawn 32 threads in total, with 16 in each worker process.
 
-In clustered mode, Puma can "preload" your application. This loads all the application code *prior* to forking. Preloading reduces total memory usage of your application via an operating system feature called [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) (Ruby 2.0+ only). Use the `--preload` flag from the command line:
+For an in-depth discussion of the tradeoffs of thread and process count settings, [see our docs](https://github.com/puma/puma/blob/9282a8efa5a0c48e39c60d22ca70051a25df9f55/docs/kubernetes.md#workers-per-pod-and-other-config-issues).
+
+In clustered mode, Puma can "preload" your application. This loads all the application code *prior* to forking. Preloading reduces total memory usage of your application via an operating system feature called [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write).
+
+If the `WEB_CONCURRENCY` environment variable is set to a value > 1 (and `--prune-bundler` has not been specified), preloading will be enabled by default. Otherwise, you can use the `--preload` flag from the command line:
 
 ```
 $ puma -w 3 --preload
 ```
 
-If you're using a configuration file, use the `preload_app!` method:
+Or, if you're using a configuration file, you can use the `preload_app!` method:
 
 ```ruby
 # config/puma.rb
@@ -124,7 +136,9 @@ workers 3
 preload_app!
 ```
 
-Additionally, you can specify a block in your configuration file that will be run on boot of each worker:
+Preloading can’t be used with phased restart, since phased restart kills and restarts workers one-by-one, and preloading copies the code of master into the workers.
+
+When using clustered mode, you can specify a block in your configuration file that will be run on boot of each worker:
 
 ```ruby
 # config/puma.rb
@@ -137,12 +151,10 @@ This code can be used to setup the process before booting the application, allow
 you to do some Puma-specific things that you don't want to embed in your application.
 For instance, you could fire a log notification that a worker booted or send something to statsd. This can be called multiple times.
 
-Constants loaded by your application (such as `Rails`) will not be available in `on_worker_boot`.
-However, these constants _will_ be available if `preload_app!` is enabled, either explicitly in your `puma` config or automatically if
-using 2 or more workers in cluster mode.
-If `preload_app!` is not enabled and 1 worker is used, then `on_worker_boot` will fire, but your app will not be preloaded and constants will not be available.
+Constants loaded by your application (such as `Rails`) will not be available in `on_worker_boot`
+unless preloading is enabled.
 
-`before_fork` specifies a block to be run before workers are forked:
+You can also specify a block to be run before workers are forked, using `before_fork`:
 
 ```ruby
 # config/puma.rb
@@ -151,7 +163,14 @@ before_fork do
 end
 ```
 
-Preloading can’t be used with phased restart, since phased restart kills and restarts workers one-by-one, and `preload_app!` copies the code of master into the workers.
+You can also specify a block to be run after puma is booted using `on_booted`:
+
+```ruby
+# config/puma.rb
+on_booted do
+  # configuration here
+end
+```
 
 ### Error handling
 
@@ -192,35 +211,38 @@ Need a bit of security? Use SSL sockets:
 ```
 $ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'
 ```
-#### Self-signed SSL certificates (via the [`localhost`] gem, for development use): 
+#### Self-signed SSL certificates (via the [`localhost`] gem, for development use):
 
-Puma supports the [`localhost`] gem for self-signed certificates. This is particularly useful if you want to use Puma with SSL locally, and self-signed certificates will work for your use-case. Currently, the integration can only be used in MRI. 
+Puma supports the [`localhost`] gem for self-signed certificates. This is particularly useful if you want to use Puma with SSL locally, and self-signed certificates will work for your use-case. Currently, the integration can only be used in MRI.
 
 Puma automatically configures SSL when the [`localhost`] gem is loaded in a `development` environment:
 
+Add the gem to your Gemfile:
 ```ruby
-# Add the gem to your Gemfile
-group(:development) do 
+group(:development) do
   gem 'localhost'
 end
+```
 
-# And require it implicitly using bundler
+And require it implicitly using bundler:
+```ruby
 require "bundler"
 Bundler.require(:default, ENV["RACK_ENV"].to_sym)
+```
 
-# Alternatively, you can require the gem in config.ru:
-require './app'
+Alternatively, you can require the gem in your configuration file, either `config/puma/development.rb`, `config/puma.rb`, or set via the `-C` cli option:
+```ruby
 require 'localhost'
-run Sinatra::Application
+# configuration methods (from Puma::DSL) as needed
 ```
 
 Additionally, Puma must be listening to an SSL socket:
 
 ```shell
-$ puma -b 'ssl://localhost:9292' config.ru
+$ puma -b 'ssl://localhost:9292' -C config/use_local_host.rb
 
 # The following options allow you to reach Puma over HTTP as well:
-$ puma -b ssl://localhost:9292 -b tcp://localhost:9393 config.ru
+$ puma -b ssl://localhost:9292 -b tcp://localhost:9393 -C config/use_local_host.rb
 ```
 
 [`localhost`]: https://github.com/socketry/localhost
@@ -266,6 +288,30 @@ $ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&verification_f
 List of available flags: `USE_CHECK_TIME`, `CRL_CHECK`, `CRL_CHECK_ALL`, `IGNORE_CRITICAL`, `X509_STRICT`, `ALLOW_PROXY_CERTS`, `POLICY_CHECK`, `EXPLICIT_POLICY`, `INHIBIT_ANY`, `INHIBIT_MAP`, `NOTIFY_POLICY`, `EXTENDED_CRL_SUPPORT`, `USE_DELTAS`, `CHECK_SS_SIGNATURE`, `TRUSTED_FIRST`, `SUITEB_128_LOS_ONLY`, `SUITEB_192_LOS`, `SUITEB_128_LOS`, `PARTIAL_CHAIN`, `NO_ALT_CHAINS`, `NO_CHECK_TIME`
 (see https://www.openssl.org/docs/manmaster/man3/X509_VERIFY_PARAM_set_hostflags.html#VERIFICATION-FLAGS).
 
+#### Controlling OpenSSL Password Decryption
+
+To enable runtime decryption of an encrypted SSL key (not available for JRuby), use `key_password_command`:
+
+```
+$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&key_password_command=/path/to/command.sh'
+```
+
+`key_password_command` must:
+
+1. Be executable by Puma.
+2. Print the decryption password to stdout.
+
+ For example:
+
+```shell
+#!/bin/sh
+
+echo "this is my password"
+```
+
+`key_password_command` can be used with `key` or `key_pem`. If the key
+is not encrypted, the executable will not be called.
+
 ### Control/Status Server
 
 Puma has a built-in status and control app that can be used to query and control Puma.
@@ -341,16 +387,18 @@ end
 
 ## Deployment
 
-Puma has support for Capistrano with an [external gem](https://github.com/seuros/capistrano-puma).
+ * Puma has support for Capistrano with an [external gem](https://github.com/seuros/capistrano-puma).
+
+ * Additionally, Puma has support for built-in daemonization via the [puma-daemon](https://github.com/kigster/puma-daemon) ruby gem. The gem restores the `daemonize` option that was removed from Puma starting version 5, but only for MRI Ruby.
+
 
 It is common to use process monitors with Puma. Modern process monitors like systemd or rc.d
-provide continuous monitoring and restarts for increased
-reliability in production environments:
+provide continuous monitoring and restarts for increased reliability in production environments:
 
 * [rc.d](docs/jungle/rc.d/README.md)
 * [systemd](docs/systemd.md)
 
-Community guides: 
+Community guides:
 
 * [Deploying Puma on OpenBSD using relayd and httpd](https://gist.github.com/anon987654321/4532cf8d6c59c1f43ec8973faa031103)
 
@@ -360,7 +408,9 @@ Community guides:
 
 * [puma-metrics](https://github.com/harmjanblok/puma-metrics) — export Puma metrics to Prometheus
 * [puma-plugin-statsd](https://github.com/yob/puma-plugin-statsd) — send Puma metrics to statsd
-* [puma-plugin-systemd](https://github.com/sj26/puma-plugin-systemd) — deeper integration with systemd for notify, status and watchdog
+* [puma-plugin-systemd](https://github.com/sj26/puma-plugin-systemd) — deeper integration with systemd for notify, status and watchdog. Puma 5.1.0 integrated notify and watchdog, which probably conflicts with this plugin. Puma 6.1.0 added status support which obsoletes the plugin entirely.
+* [puma-plugin-telemetry](https://github.com/babbel/puma-plugin-telemetry) - telemetry plugin for Puma offering various targets to publish
+* [puma-acme](https://github.com/anchordotdev/puma-acme) - automatic SSL/HTTPS certificate provisioning and setup
 
 ### Monitoring
 

data/bin/puma-wild

@@ -16,7 +16,7 @@ end
 
 module Puma; end
 
-Puma.const_set("WILD_ARGS", ["-I", inc])
+Puma.const_set(:WILD_ARGS, ["-I", inc])
 
 require 'puma/cli'
 

data/docs/compile_options.md

@@ -19,3 +19,37 @@ For Bundler, use its configuration system:
 ```
 bundle config build.puma "--with-cflags='-D PUMA_QUERY_STRING_MAX_LENGTH=64000'"
 ```
+
+## Request Path, `PUMA_REQUEST_PATH_MAX_LENGTH`
+
+By default, the max length of `REQUEST_PATH` is `8192`. But you may want to
+adjust it to accept longer paths in requests.
+
+For manual install, pass the `PUMA_REQUEST_PATH_MAX_LENGTH` option like this:
+
+```
+gem install puma -- --with-cflags="-D PUMA_REQUEST_PATH_MAX_LENGTH=64000"
+```
+
+For Bundler, use its configuration system:
+
+```
+bundle config build.puma "--with-cflags='-D PUMA_REQUEST_PATH_MAX_LENGTH=64000'"
+```
+
+## Request URI, `PUMA_REQUEST_URI_MAX_LENGTH`
+
+By default, the max length of `REQUEST_URI` is `1024 * 12`. But you may want to
+adjust it to accept longer URIs in requests.
+
+For manual install, pass the `PUMA_REQUEST_URI_MAX_LENGTH` option like this:
+
+```
+gem install puma -- --with-cflags="-D PUMA_REQUEST_URI_MAX_LENGTH=64000"
+```
+
+For Bundler, use its configuration system:
+
+```
+bundle config build.puma "--with-cflags='-D PUMA_REQUEST_URI_MAX_LENGTH=64000'"
+```

data/docs/fork_worker.md

@@ -10,7 +10,7 @@ Puma 5 introduces an experimental new cluster-mode configuration option, `fork_w
 10004           \_ puma: cluster worker 3: 10000 [puma]
 ```
 
-Similar to the `preload_app!` option, the `fork_worker` option allows your application to be initialized only once for copy-on-write memory savings, and it has two additional advantages:
+The `fork_worker` option allows your application to be initialized only once for copy-on-write memory savings, and it has two additional advantages:
 
 1. **Compatible with phased restart.** Because the master process itself doesn't preload the application, this mode works with phased restart (`SIGUSR1` or `pumactl phased-restart`). When worker 0 reloads as part of a phased restart, it initializes a new copy of your application first, then the other workers reload by forking from this new worker already containing the new preloaded application.
 
@@ -24,8 +24,6 @@ Similar to the `preload_app!` option, the `fork_worker` option allows your appli
 
 ### Limitations
 
-- Not compatible with the `preload_app!` option
-
 - This mode is still very experimental so there may be bugs or edge-cases, particularly around expected behavior of existing hooks. Please open a [bug report](https://github.com/puma/puma/issues/new?template=bug_report.md) if you encounter any issues.
 
 - In order to fork new workers cleanly, worker 0 shuts down its server and stops serving requests so there are no open file descriptors or other kinds of shared global state between processes, and to maximize copy-on-write efficiency across the newly-forked workers. This may temporarily reduce total capacity of the cluster during a phased restart / refork.

data/docs/kubernetes.md

@@ -64,3 +64,15 @@ There is a subtle race condition between step 2 and 3: The replication controlle
 The way Kubernetes works this way, rather than handling step 2 synchronously, is due to the CAP theorem: in a distributed system there is no way to guarantee that any message will arrive promptly. In particular, waiting for all Service controllers to report back might get stuck for an indefinite time if one of them has already been terminated or if there has been a net split. A way to work around this is to add a sleep to the pre-stop hook of the same time as the `terminationGracePeriodSeconds` time. This will allow the Puma process to keep serving new requests during the entire grace period, although it will no longer receive new requests after all Service controllers have propagated the removal of the pod from their endpoint lists. Then, after `terminationGracePeriodSeconds`, the pod receives `SIGKILL` and closes down. If your process can't handle SIGKILL properly, for example because it needs to release locks in different services, you can also sleep for a shorter period (and/or increase `terminationGracePeriodSeconds`) as long as the time slept is longer than the time that your Service controllers take to propagate the pod removal. The downside of this workaround is that all pods will take at minimum the amount of time slept to shut down and this will increase the time required for your rolling deploy.
 
 More discussions and links to relevant articles can be found in https://github.com/puma/puma/issues/2343.
+
+## Workers Per Pod, and Other Config Issues
+
+With containerization, you will have to make a decision about how "big" to make each pod. Should you run 2 pods with 50 workers each? 25 pods, each with 4 workers? 100 pods, with each Puma running in single mode? Each scenario represents the same total amount of capacity (100 Puma processes that can respond to requests), but there are tradeoffs to make.
+
+* Worker counts should be somewhere between 4 and 32 in most cases. You want more than 4 in order to minimize time spent in request queueing for a free Puma worker, but probably less than ~32 because otherwise autoscaling is working in too large of an increment or they probably won't fit very well into your nodes. In any queueing system, queue time is proportional to 1/n, where n is the number of things pulling from the queue. Each pod will have its own request queue (i.e., the socket backlog). If you have 4 pods with 1 worker each (4 request queues), wait times are, proportionally, about 4 times higher than if you had 1 pod with 4 workers (1 request queue).
+* Unless you have a very I/O-heavy application (50%+ time spent waiting on IO), use the default thread count (5 for MRI). Using higher numbers of threads with low I/O wait (<50%) will lead to additional request queueing time (latency!) and additional memory usage.
+* More processes per pod reduces memory usage per process, because of copy-on-write memory and because the cost of the single master process is "amortized" over more child processes.
+* Don't run less than 4 processes per pod if you can. Low numbers of processes per pod will lead to high request queueing, which means you will have to run more pods.
+* If multithreaded, allocate 1 CPU per worker. If single threaded, allocate 0.75 cpus per worker. Most web applications spend about 25% of their time in I/O - but when you're running multi-threaded, your Puma process will have higher CPU usage and should be able to fully saturate a CPU core.
+* Most Puma processes will use about ~512MB-1GB per worker, and about 1GB for the master process. However, you probably shouldn't bother with setting memory limits lower than around 2GB per process, because most places you are deploying will have 2GB of RAM per CPU. A sensible memory limit for a Puma configuration of 4 child workers might be something like 8 GB (1 GB for the master, 7GB for the 4 children).
+

data/docs/nginx.md

@@ -2,7 +2,7 @@
 
 This is a very common setup using an upstream. It was adapted from some Capistrano recipe I found on the Internet a while ago.
 
-```
+```nginx
 upstream myapp {
   server unix:///myapp/tmp/puma.sock;
 }

data/docs/restart.md

@@ -27,6 +27,7 @@ Any of the following will cause a Puma server to perform a hot restart:
 
 ### Additional notes
 
+* The newly started Puma process changes its current working directory to the directory specified by the `directory` option. If `directory` is set to symlink, this is automatically re-evaluated, so this mechanism can be used to upgrade the application.
 * Only one version of the application is running at a time.
 * `on_restart` is invoked just before the server shuts down. This can be used to clean up resources (like long-lived database connections) gracefully. Since Ruby 2.0, it is not typically necessary to explicitly close file descriptors on restart. This is because any file descriptor opened by Ruby will have the `FD_CLOEXEC` flag set, meaning that file descriptors are closed on `exec`. `on_restart` is useful, though, if your application needs to perform any more graceful protocol-specific shutdown procedures before closing connections.
 

data/docs/systemd.md

@@ -24,8 +24,7 @@ After=network.target
 
 [Service]
 # Puma supports systemd's `Type=notify` and watchdog service
-# monitoring, if the [sd_notify](https://github.com/agis/ruby-sdnotify) gem is installed,
-# as of Puma 5.1 or later.
+# monitoring, as of Puma 5.1 or later.
 # On earlier versions of Puma or JRuby, change this to `Type=simple` and remove
 # the `WatchdogSec` line.
 Type=notify
@@ -52,7 +51,7 @@ ExecStart=/<FULLPATH>/bin/puma -C <YOUR_APP_PATH>/puma.rb
 # Variant: Rails start.
 # ExecStart=/<FULLPATH>/bin/puma -C <YOUR_APP_PATH>/config/puma.rb ../config.ru
 
-# Variant: Use `bundle exec --keep-file-descriptors puma` instead of binstub
+# Variant: Use `bundle exec puma` instead of binstub
 # Variant: Specify directives inline.
 # ExecStart=/<FULLPATH>/puma -b tcp://0.0.0.0:9292 -b ssl://0.0.0.0:9293?key=key.pem&cert=cert.pem
 
@@ -77,9 +76,7 @@ compatible with both clustered mode and application preload.
 
 **Note:** Any wrapper scripts which `exec`, or other indirections in `ExecStart`
 may result in activated socket file descriptors being closed before reaching the
-puma master process. For example, if using `bundle exec`, pass the
-`--keep-file-descriptors` flag. `bundle exec` can be avoided by using a `puma`
-executable generated by `bundle binstubs puma`. This is tracked in [#1499].
+puma master process.
 
 **Note:** Socket activation doesn't currently work on JRuby. This is tracked in
 [#1367].

data/docs/testing_benchmarks_local_files.md

@@ -0,0 +1,150 @@
+# Testing - benchmark/local files
+
+These files generate data that shows request-per-second (RPS), etc. Typically, files are in 
+pairs, a shell script and a Ruby script. The shell script starts the server, then runs the 
+Ruby file, which starts client request stream(s), then collects and logs metrics.
+
+## response_time_wrk.sh
+
+This uses [wrk] for generating data. One or more wrk runs are performed. Summarizes RPS and 
+wrk latency times. The default for the `-b` argument runs 28 different client request streams, 
+and takes a bit over 5 minutes.  See 'Request Stream Configuration' below for `-b` argument
+description.
+
+<details>
+  <summary>Summary output for<br/><code>benchmarks/local/response_time_wrk.sh -w2 -t5:5 -s tcp6</code>:</summary>
+
+```
+Type   req/sec    50%     75%     90%     99%    100%  Resp Size
+─────────────────────────────────────────────────────────────────    1kB
+array   13710    0.74    2.52    5.23    7.76   37.45      1024
+chunk   13502    0.76    2.55    5.28    7.84   11.23      1042
+string  13794    0.74    2.51    5.20    7.75   14.07      1024
+io       9615    1.16    3.45    7.13   10.57   15.75      1024
+─────────────────────────────────────────────────────────────────   10kB
+array   13458    0.76    2.57    5.31    7.93   13.94     10239
+chunk   13066    0.78    2.64    5.46    8.18   38.48     10320
+string  13500    0.76    2.55    5.29    7.88   11.42     10240
+io       9293    1.18    3.59    7.39   10.94   16.99     10240
+─────────────────────────────────────────────────────────────────  100kB
+array   11315    0.96    3.06    6.33    9.49   17.69    102424
+chunk    9916    1.10    3.48    7.20   10.73   15.14    103075
+string  10948    1.00    3.17    6.57    9.83   17.88    102378
+io       8901    1.21    3.72    7.48   11.27   59.98    102407
+─────────────────────────────────────────────────────────────────  256kB
+array    9217    1.15    3.82    7.88   11.74   17.12    262212
+chunk    7339    1.45    4.76    9.81   14.63   22.70    264007
+string   8574    1.19    3.81    7.73   11.21   15.80    262147
+io       8911    1.19    3.80    7.55   15.25   60.01    262183
+─────────────────────────────────────────────────────────────────  512kB
+array    6951    1.49    5.03   10.28   15.90   25.08    524378
+chunk    5234    2.03    6.56   13.57   20.46   32.15    527862
+string   6438    1.55    5.04   10.12   16.28   72.87    524275
+io       8533    1.15    4.62    8.79   48.15   70.51    524327
+───────────────────────────────────────────────────────────────── 1024kB
+array    4122    1.80   15.59   41.87   67.79  121.00   1048565
+chunk    3158    2.82   15.22   31.00   71.39   99.90   1055654
+string   4710    2.24    6.66   13.65   20.38   70.44   1048575
+io       8355    1.23    3.95    7.94   14.08   68.54   1048498
+───────────────────────────────────────────────────────────────── 2048kB
+array    2454    4.12   14.02   27.70   43.48   88.89   2097415
+chunk    1743    6.26   17.65   36.98   55.78   92.10   2111358
+string   2479    4.38   12.52   25.65   38.44   95.62   2097502
+io       8264    1.25    3.83    7.76   11.73   65.69   2097090
+
+Body    ────────── req/sec ──────────   ─────── req 50% times ───────
+ KB     array   chunk  string      io   array   chunk  string      io
+1       13710   13502   13794    9615   0.745   0.757   0.741   1.160
+10      13458   13066   13500    9293   0.760   0.784   0.759   1.180
+100     11315    9916   10948    8901   0.960   1.100   1.000   1.210
+256      9217    7339    8574    8911   1.150   1.450   1.190   1.190
+512      6951    5234    6438    8533   1.490   2.030   1.550   1.150
+1024     4122    3158    4710    8355   1.800   2.820   2.240   1.230
+2048     2454    1743    2479    8264   4.120   6.260   4.380   1.250
+─────────────────────────────────────────────────────────────────────
+wrk -t8 -c16 -d10s
+benchmarks/local/response_time_wrk.sh -w2 -t5:5 -s tcp6 -Y
+Server cluster mode -w2 -t5:5, bind: tcp6
+Puma repo branch 00-response-refactor
+ruby 3.2.0dev (2022-06-14T01:21:55Z master 048f14221c) +YJIT [x86_64-linux]
+
+[2136] - Gracefully shutting down workers...
+[2136] === puma shutdown: 2022-06-13 21:16:13 -0500 ===
+[2136] - Goodbye!
+
+ 5:15 Total Time
+```
+</details><br/>
+
+## bench_base.sh, bench_base.rb
+
+These two files setup parameters for the Puma server, which is normally started in a shell 
+script. It then starts a Ruby file (a subclass of BenchBase), passing arguments to it. The 
+Ruby file is normally used to generate a client request stream(s).
+
+### Puma Configuration
+
+The following arguments are used for the Puma server:
+
+* **`-C`** - configuration file
+* **`-d`** - app delay
+* **`-r`** - rackup file, often defaults to test/rackup/ci_select.ru
+* **`-s`** - bind socket type, default is tcp/tcp4, also tcp6, ssl/ssl4, ssl6, unix, or aunix
+  (unix & abstract unix are not available with wrk).
+* **`-t`** - threads, expressed as '5:5', same as Puma --thread
+* **`-w`** - workers, same as Puma --worker
+* **`-Y`** - enable Ruby YJIT
+
+### Request Stream Configuration
+
+The following arguments are used for request streams:
+
+* **`-b`** - response body configuration. Body type options are a array, c chunked, s string,
+  and i for File/IO. None or any combination can be specified, they should start the option.
+  Then, any combination of comma separated integers can be used for the response body size
+  in kB. The string 'ac50,100' would create four runs, 50kb array, 50kB chunked, 100kB array,
+  and 100kB chunked. See 'Testing - test/rackup/ci-*.ru files' for more info.
+* **`-c`** - connections per client request stream thread, defaults to 2 for wrk.
+* **`-D`** - duration of client request stream in seconds.
+* **`-T`** - number of threads in the client request stream. For wrk, this defaults to
+  80% of Puma workers * max_threads.
+
+### Notes - Configuration
+
+The above lists script arguments.
+
+`bench_base.sh` contains most server defaults. Many can be set via ENV variables.
+
+`bench_base.rb` contains the client request stream defaults. The default value for
+`-b` is `acsi1,10,100,256,512,1024,2048`, which is a 4 x 7 matrix, and hence, runs
+28 jobs. Also, the i body type (File/IO) generates files, they are placed in the
+`"#{Dir.tmpdir}/.puma_response_body_io"` directory, which is created.
+
+### Notes - wrk
+
+The shell scripts use `-T` for wrk's thread count, since `-t` is used for Puma
+server threads.  Regarding the `-c` argument, wrk has an interesting behavior.
+The total number of connections is set by `(connections/threads).to_i`. The scripts
+here use `-c` as connections per thread.  Hence, using `-T4 -c2` will yield a total
+of eight wrk connections, two per thread. The equivalent wrk arguments would be `-t4 -c8`.
+
+Puma can only process so many requests, and requests will queue in the backlog
+until Puma can respond to them. With wrk, if the number of total connections is
+too high, one will see the upper latency times increase, pushing into the lower
+latency times as the connections are increased. The default values for wrk's
+threads and connections were chosen to minimize requests' time in the backlog.
+
+An example with four wrk runs using `-b s10`.  Notice that `req/sec` varies by
+less than 1%, but the `75%` times increase by an order of magnitude:
+```
+req/sec    50%     75%     90%     99%    100%  Resp Size   wrk cmd line
+─────────────────────────────────────────────────────────────────────────────
+ 13597   0.755   2.550   5.260   7.800  13.310     12040    wrk -t8  -c16 -d10
+ 13549   0.793   4.430   8.140  11.220  16.600     12002    wrk -t10 -c20 -d10
+ 13570   1.040  25.790  40.010  49.070  58.300     11982    wrk -t8  -c64 -d10
+ 13684   1.050  25.820  40.080  49.160  66.190     12033    wrk -t16 -c64 -d10
+```
+Finally, wrk's output may cause rounding errors, so the response body size calculation is
+imprecise.
+
+[wrk]: <https://github.com/ioquatix/wrk>

data/docs/testing_test_rackup_ci_files.md

@@ -0,0 +1,36 @@
+# Testing - test/rackup/ci-*.ru files
+
+## Overview
+
+Puma should efficiently handle a variety of response bodies, varying both by size
+and by the type of object used for the body.
+
+Five rackup files are located in 'test/rackup' that can be used.  All have their
+request body size (in kB) set via `Body-Conf` header or with `ENV['CI_BODY_CONF']`.
+Additionally, the ci_select.ru file can have it's body type set via a starting
+character.
+
+* **ci_array.ru** - body is an `Array` of 1kB strings.  `Content-Length` is not set.
+* **ci_chunked.ru** - body is an `Enumerator` of 1kB strings.  `Content-Length` is not set.
+* **ci_io.ru** - body is a File/IO object.  `Content-Length` is set.
+* **ci_string.ru** - body is a single string.  `Content-Length` is set.
+* **ci_select.ru** - can be any of the above.
+
+All responses have 25 headers, total length approx 1kB.  ci_array.ru and ci_chunked.ru
+contain 1kB items.
+
+All can be delayed by a float value (seconds) specified by the `Dly` header
+
+Note that rhe `Body-Conf` header takes precedence, and `ENV['CI_BODY_CONF']` is
+only read on load.
+
+## ci_select.ru
+
+The ci_select.ru file allows a starting character to specify the body type in the
+`Body-Conf` header or with `ENV['CI_BODY_CONF']`.
+* **a** - array of strings
+* **c** - chunked (enum)
+* **s** - single string
+* **i** - File/IO
+
+A value of `a100` would return a body as an array of 100 1kB strings.

data/ext/puma_http11/extconf.rb

@@ -2,18 +2,26 @@ require 'mkmf'
 
 dir_config("puma_http11")
 
-if $mingw && RUBY_VERSION >= '2.4'
+if $mingw
   append_cflags  '-fstack-protector-strong -D_FORTIFY_SOURCE=2'
   append_ldflags '-fstack-protector-strong -l:libssp.a'
   have_library 'ssp'
 end
 
-unless ENV["DISABLE_SSL"]
-  dir_config("openssl")
+unless ENV["PUMA_DISABLE_SSL"]
+  # don't use pkg_config('openssl') if '--with-openssl-dir' is used
+  # also looks within the Ruby build for directory info
+  has_openssl_dir = dir_config('openssl').any? ||
+    RbConfig::CONFIG['configure_args']&.include?('openssl') ||
+    Dir.exist?("#{RbConfig::TOPDIR}/src/main/c/openssl") # TruffleRuby
 
-  found_ssl = if (!$mingw || RUBY_VERSION >= '2.4') && (t = pkg_config 'openssl')
+  found_pkg_config = !has_openssl_dir && pkg_config('openssl')
+
+  found_ssl = if !$mingw && found_pkg_config
     puts 'using OpenSSL pkgconfig (openssl.pc)'
     true
+  elsif have_library('libcrypto', 'BIO_read') && have_library('libssl', 'SSL_CTX_new')
+    true
   elsif %w'crypto libeay32'.find {|crypto| have_library(crypto, 'BIO_read')} &&
       %w'ssl ssleay32'.find {|ssl| have_library(ssl, 'SSL_CTX_new')}
     true
@@ -26,16 +34,20 @@ unless ENV["DISABLE_SSL"]
     have_header "openssl/bio.h"
 
     # below is  yes for 1.0.2 & later
-    have_func  "DTLS_method"                           , "openssl/ssl.h"
+    have_func "DTLS_method"                            , "openssl/ssl.h"
+    have_func "SSL_CTX_set_session_cache_mode(NULL, 0)", "openssl/ssl.h"
 
     # below are yes for 1.1.0 & later
-    have_func  "TLS_server_method"                     , "openssl/ssl.h"
-    have_func  "SSL_CTX_set_min_proto_version(NULL, 0)", "openssl/ssl.h"
+    have_func "TLS_server_method"                      , "openssl/ssl.h"
+    have_func "SSL_CTX_set_min_proto_version(NULL, 0)" , "openssl/ssl.h"
 
-    have_func  "X509_STORE_up_ref"
+    have_func "X509_STORE_up_ref"
     have_func "SSL_CTX_set_ecdh_auto(NULL, 0)"         , "openssl/ssl.h"
 
-    # below are yes for 3.0.0 & later, use for OpenSSL 3 detection
+    # below exists in 1.1.0 and later, but isn't documented until 3.0.0
+    have_func "SSL_CTX_set_dh_auto(NULL, 0)"           , "openssl/ssl.h"
+
+    # below is yes for 3.0.0 & later
     have_func "SSL_get1_peer_certificate"              , "openssl/ssl.h"
 
     # Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0
@@ -48,7 +60,7 @@ unless ENV["DISABLE_SSL"]
   end
 end
 
-if ENV["MAKE_WARNINGS_INTO_ERRORS"]
+if ENV["PUMA_MAKE_WARNINGS_INTO_ERRORS"]
   # Make all warnings into errors
   # Except `implicit-fallthrough` since most failures comes from ragel state machine generated code
   if respond_to?(:append_cflags, true) # Ruby 2.5 and later