puma 5.6.7 → 6.4.2

data/lib/puma/const.rb

@@ -5,7 +5,6 @@ module Puma
   class UnsupportedOption < RuntimeError
   end
 
-
   # Every standard HTTP code mapped to the appropriate message.  These are
   # used so frequently that they are placed directly in Puma for easy
   # access rather than Puma::Const itself.
@@ -19,6 +18,7 @@ module Puma
     100 => 'Continue',
     101 => 'Switching Protocols',
     102 => 'Processing',
+    103 => 'Early Hints',
     200 => 'OK',
     201 => 'Created',
     202 => 'Accepted',
@@ -50,16 +50,16 @@ module Puma
     410 => 'Gone',
     411 => 'Length Required',
     412 => 'Precondition Failed',
-    413 => 'Payload Too Large',
+    413 => 'Content Too Large',
     414 => 'URI Too Long',
     415 => 'Unsupported Media Type',
     416 => 'Range Not Satisfiable',
     417 => 'Expectation Failed',
-    418 => 'I\'m A Teapot',
     421 => 'Misdirected Request',
-    422 => 'Unprocessable Entity',
+    422 => 'Unprocessable Content',
     423 => 'Locked',
     424 => 'Failed Dependency',
+    425 => 'Too Early',
     426 => 'Upgrade Required',
     428 => 'Precondition Required',
     429 => 'Too Many Requests',
@@ -74,7 +74,7 @@ module Puma
     506 => 'Variant Also Negotiates',
     507 => 'Insufficient Storage',
     508 => 'Loop Detected',
-    510 => 'Not Extended',
+    510 => 'Not Extended (OBSOLETED)',
     511 => 'Network Authentication Required'
   }.freeze
 
@@ -100,55 +100,40 @@ module Puma
   # too taxing on performance.
   module Const
 
-    PUMA_VERSION = VERSION = "5.6.7".freeze
-    CODE_NAME = "Birdie's Version".freeze
+    PUMA_VERSION = VERSION = "6.4.2"
+    CODE_NAME = "The Eagle of Durango"
 
-    PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
+    PUMA_SERVER_STRING = ["puma", PUMA_VERSION, CODE_NAME].join(" ").freeze
 
     FAST_TRACK_KA_TIMEOUT = 0.2
 
-    # The default number of seconds for another request within a persistent
-    # session.
-    PERSISTENT_TIMEOUT = 20
-
-    # The default number of seconds to wait until we get the first data
-    # for the request
-    FIRST_DATA_TIMEOUT = 30
-
     # How long to wait when getting some write blocking on the socket when
     # sending data back
     WRITE_TIMEOUT = 10
 
-    # How many requests to attempt inline before sending a client back to
-    # the reactor to be subject to normal ordering. The idea here is that
-    # we amortize the cost of going back to the reactor for a well behaved
-    # but very "greedy" client across 10 requests. This prevents a not
-    # well behaved client from monopolizing the thread forever.
-    MAX_FAST_INLINE = 10
-
     # The original URI requested by the client.
-    REQUEST_URI= 'REQUEST_URI'.freeze
-    REQUEST_PATH = 'REQUEST_PATH'.freeze
-    QUERY_STRING = 'QUERY_STRING'.freeze
-    CONTENT_LENGTH = "CONTENT_LENGTH".freeze
+    REQUEST_URI= "REQUEST_URI"
+    REQUEST_PATH = "REQUEST_PATH"
+    QUERY_STRING = "QUERY_STRING"
+    CONTENT_LENGTH = "CONTENT_LENGTH"
 
-    PATH_INFO = 'PATH_INFO'.freeze
+    PATH_INFO = "PATH_INFO"
 
-    PUMA_TMP_BASE = "puma".freeze
+    PUMA_TMP_BASE = "puma"
 
     ERROR_RESPONSE = {
       # Indicate that we couldn't parse the request
-      400 => "HTTP/1.1 400 Bad Request\r\n\r\n".freeze,
+      400 => "HTTP/1.1 400 Bad Request\r\n\r\n",
       # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
-      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND".freeze,
+      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\n\r\n",
       # The standard empty 408 response for requests that timed out.
-      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze,
+      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\n\r\n",
       # Indicate that there was an internal error, obviously.
-      500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze,
+      500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n",
       # Incorrect or invalid header value
-      501 => "HTTP/1.1 501 Not Implemented\r\n\r\n".freeze,
+      501 => "HTTP/1.1 501 Not Implemented\r\n\r\n",
       # A common header for indicating the server is too busy.  Not used yet.
-      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
+      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\n"
     }.freeze
 
     # The basic max request size we'll try to read.
@@ -161,84 +146,136 @@ module Puma
     # Maximum request body size before it is moved out of memory and into a tempfile for reading.
     MAX_BODY = MAX_HEADER
 
-    REQUEST_METHOD = "REQUEST_METHOD".freeze
-    HEAD = "HEAD".freeze
+    REQUEST_METHOD = "REQUEST_METHOD"
+    HEAD = "HEAD"
+
+    # based on https://www.rfc-editor.org/rfc/rfc9110.html#name-overview,
+    # with CONNECT removed, and PATCH added
+    SUPPORTED_HTTP_METHODS = %w[HEAD GET POST PUT DELETE OPTIONS TRACE PATCH].freeze
+
+    # list from https://www.iana.org/assignments/http-methods/http-methods.xhtml
+    # as of 04-May-23
+    IANA_HTTP_METHODS = %w[
+      ACL
+      BASELINE-CONTROL
+      BIND
+      CHECKIN
+      CHECKOUT
+      CONNECT
+      COPY
+      DELETE
+      GET
+      HEAD
+      LABEL
+      LINK
+      LOCK
+      MERGE
+      MKACTIVITY
+      MKCALENDAR
+      MKCOL
+      MKREDIRECTREF
+      MKWORKSPACE
+      MOVE
+      OPTIONS
+      ORDERPATCH
+      PATCH
+      POST
+      PRI
+      PROPFIND
+      PROPPATCH
+      PUT
+      REBIND
+      REPORT
+      SEARCH
+      TRACE
+      UNBIND
+      UNCHECKOUT
+      UNLINK
+      UNLOCK
+      UPDATE
+      UPDATEREDIRECTREF
+      VERSION-CONTROL
+    ].freeze
+
     # ETag is based on the apache standard of hex mtime-size-inode (inode is 0 on win32)
-    LINE_END = "\r\n".freeze
-    REMOTE_ADDR = "REMOTE_ADDR".freeze
-    HTTP_X_FORWARDED_FOR = "HTTP_X_FORWARDED_FOR".freeze
-    HTTP_X_FORWARDED_SSL = "HTTP_X_FORWARDED_SSL".freeze
-    HTTP_X_FORWARDED_SCHEME = "HTTP_X_FORWARDED_SCHEME".freeze
-    HTTP_X_FORWARDED_PROTO = "HTTP_X_FORWARDED_PROTO".freeze
+    LINE_END = "\r\n"
+    REMOTE_ADDR = "REMOTE_ADDR"
+    HTTP_X_FORWARDED_FOR = "HTTP_X_FORWARDED_FOR"
+    HTTP_X_FORWARDED_SSL = "HTTP_X_FORWARDED_SSL"
+    HTTP_X_FORWARDED_SCHEME = "HTTP_X_FORWARDED_SCHEME"
+    HTTP_X_FORWARDED_PROTO = "HTTP_X_FORWARDED_PROTO"
 
-    SERVER_NAME = "SERVER_NAME".freeze
-    SERVER_PORT = "SERVER_PORT".freeze
-    HTTP_HOST = "HTTP_HOST".freeze
-    PORT_80 = "80".freeze
-    PORT_443 = "443".freeze
-    LOCALHOST = "localhost".freeze
-    LOCALHOST_IP = "127.0.0.1".freeze
+    SERVER_NAME = "SERVER_NAME"
+    SERVER_PORT = "SERVER_PORT"
+    HTTP_HOST = "HTTP_HOST"
+    PORT_80 = "80"
+    PORT_443 = "443"
+    LOCALHOST = "localhost"
+    LOCALHOST_IPV4 = "127.0.0.1"
+    LOCALHOST_IPV6 = "::1"
+    UNSPECIFIED_IPV4 = "0.0.0.0"
+    UNSPECIFIED_IPV6 = "::"
 
-    SERVER_PROTOCOL = "SERVER_PROTOCOL".freeze
-    HTTP_11 = "HTTP/1.1".freeze
+    SERVER_PROTOCOL = "SERVER_PROTOCOL"
+    HTTP_11 = "HTTP/1.1"
 
-    SERVER_SOFTWARE = "SERVER_SOFTWARE".freeze
-    GATEWAY_INTERFACE = "GATEWAY_INTERFACE".freeze
-    CGI_VER = "CGI/1.2".freeze
+    SERVER_SOFTWARE = "SERVER_SOFTWARE"
+    GATEWAY_INTERFACE = "GATEWAY_INTERFACE"
+    CGI_VER = "CGI/1.2"
 
-    STOP_COMMAND = "?".freeze
-    HALT_COMMAND = "!".freeze
-    RESTART_COMMAND = "R".freeze
+    STOP_COMMAND = "?"
+    HALT_COMMAND = "!"
+    RESTART_COMMAND = "R"
 
-    RACK_INPUT = "rack.input".freeze
-    RACK_URL_SCHEME = "rack.url_scheme".freeze
-    RACK_AFTER_REPLY = "rack.after_reply".freeze
-    PUMA_SOCKET = "puma.socket".freeze
-    PUMA_CONFIG = "puma.config".freeze
-    PUMA_PEERCERT = "puma.peercert".freeze
+    RACK_INPUT = "rack.input"
+    RACK_URL_SCHEME = "rack.url_scheme"
+    RACK_AFTER_REPLY = "rack.after_reply"
+    PUMA_SOCKET = "puma.socket"
+    PUMA_CONFIG = "puma.config"
+    PUMA_PEERCERT = "puma.peercert"
 
-    HTTP = "http".freeze
-    HTTPS = "https".freeze
+    HTTP = "http"
+    HTTPS = "https"
 
-    HTTPS_KEY = "HTTPS".freeze
+    HTTPS_KEY = "HTTPS"
 
-    HTTP_VERSION = "HTTP_VERSION".freeze
-    HTTP_CONNECTION = "HTTP_CONNECTION".freeze
-    HTTP_EXPECT = "HTTP_EXPECT".freeze
-    CONTINUE = "100-continue".freeze
+    HTTP_VERSION = "HTTP_VERSION"
+    HTTP_CONNECTION = "HTTP_CONNECTION"
+    HTTP_EXPECT = "HTTP_EXPECT"
+    CONTINUE = "100-continue"
 
-    HTTP_11_100 = "HTTP/1.1 100 Continue\r\n\r\n".freeze
-    HTTP_11_200 = "HTTP/1.1 200 OK\r\n".freeze
-    HTTP_10_200 = "HTTP/1.0 200 OK\r\n".freeze
+    HTTP_11_100 = "HTTP/1.1 100 Continue\r\n\r\n"
+    HTTP_11_200 = "HTTP/1.1 200 OK\r\n"
+    HTTP_10_200 = "HTTP/1.0 200 OK\r\n"
 
-    CLOSE = "close".freeze
-    KEEP_ALIVE = "keep-alive".freeze
+    CLOSE = "close"
+    KEEP_ALIVE = "keep-alive"
 
-    CONTENT_LENGTH2 = "content-length".freeze
-    CONTENT_LENGTH_S = "Content-Length: ".freeze
-    TRANSFER_ENCODING = "transfer-encoding".freeze
-    TRANSFER_ENCODING2 = "HTTP_TRANSFER_ENCODING".freeze
+    CONTENT_LENGTH2 = "content-length"
+    CONTENT_LENGTH_S = "Content-Length: "
+    TRANSFER_ENCODING = "transfer-encoding"
+    TRANSFER_ENCODING2 = "HTTP_TRANSFER_ENCODING"
 
-    CONNECTION_CLOSE = "Connection: close\r\n".freeze
-    CONNECTION_KEEP_ALIVE = "Connection: Keep-Alive\r\n".freeze
+    CONNECTION_CLOSE = "Connection: close\r\n"
+    CONNECTION_KEEP_ALIVE = "Connection: Keep-Alive\r\n"
 
-    TRANSFER_ENCODING_CHUNKED = "Transfer-Encoding: chunked\r\n".freeze
-    CLOSE_CHUNKED = "0\r\n\r\n".freeze
+    TRANSFER_ENCODING_CHUNKED = "Transfer-Encoding: chunked\r\n"
+    CLOSE_CHUNKED = "0\r\n\r\n"
 
-    CHUNKED = "chunked".freeze
+    CHUNKED = "chunked"
 
-    COLON = ": ".freeze
+    COLON = ": "
 
-    NEWLINE = "\n".freeze
+    NEWLINE = "\n"
 
-    HIJACK_P = "rack.hijack?".freeze
-    HIJACK = "rack.hijack".freeze
-    HIJACK_IO = "rack.hijack_io".freeze
+    HIJACK_P = "rack.hijack?"
+    HIJACK = "rack.hijack"
+    HIJACK_IO = "rack.hijack_io"
 
-    EARLY_HINTS = "rack.early_hints".freeze
+    EARLY_HINTS = "rack.early_hints"
 
     # Illegal character in the key or value of response header
-    DQUOTE = "\"".freeze
+    DQUOTE = "\""
     HTTP_HEADER_DELIMITER = Regexp.escape("(),/:;<=>?@[]{}\\").freeze
     ILLEGAL_HEADER_KEY_REGEX = /[\x00-\x20#{DQUOTE}#{HTTP_HEADER_DELIMITER}]/.freeze
     # header values can contain HTAB?

data/lib/puma/control_cli.rb

@@ -1,10 +1,8 @@
 # frozen_string_literal: true
 
 require 'optparse'
-require_relative 'state_file'
 require_relative 'const'
 require_relative 'detect'
-require_relative 'configuration'
 require 'uri'
 require 'socket'
 
@@ -33,9 +31,6 @@ module Puma
       'worker-count-up'   => 'SIGTTIN'
     }.freeze
 
-    # @deprecated 6.0.0
-    COMMANDS = CMD_PATH_SIG_MAP.keys.freeze
-
     # commands that cannot be used in a request
     NO_REQ_COMMANDS = %w[info reopen-log worker-count-down worker-count-up].freeze
 
@@ -129,6 +124,9 @@ module Puma
         end
 
         if @config_file
+          require_relative 'configuration'
+          require_relative 'log_writer'
+
           config = Puma::Configuration.new({ config_files: [@config_file] }, {})
           config.load
           @state              ||= config.options[:state]
@@ -152,6 +150,8 @@ module Puma
           raise "State file not found: #{@state}"
         end
 
+        require_relative 'state_file'
+
         sf = Puma::StateFile.new
         sf.load @state
 
@@ -167,22 +167,26 @@ module Puma
     def send_request
       uri = URI.parse @control_url
 
+      host = uri.host
+
       # create server object by scheme
       server =
         case uri.scheme
         when 'ssl'
           require 'openssl'
+          host = host[1..-2] if host&.start_with? '['
           OpenSSL::SSL::SSLSocket.new(
-            TCPSocket.new(uri.host, uri.port),
+            TCPSocket.new(host, uri.port),
             OpenSSL::SSL::SSLContext.new)
             .tap { |ssl| ssl.sync_close = true }  # default is false
             .tap(&:connect)
         when 'tcp'
-          TCPSocket.new uri.host, uri.port
+          host = host[1..-2] if host&.start_with? '['
+          TCPSocket.new host, uri.port
         when 'unix'
           # check for abstract UNIXSocket
           UNIXSocket.new(@control_url.start_with?('unix://@') ?
-            "\0#{uri.host}#{uri.path}" : "#{uri.host}#{uri.path}")
+            "\0#{host}#{uri.path}" : "#{host}#{uri.path}")
         else
           raise "Invalid scheme: #{uri.scheme}"
         end
@@ -287,7 +291,7 @@ module Puma
 
     private
     def start
-      require 'puma/cli'
+      require_relative 'cli'
 
       run_args = []
 
@@ -299,13 +303,13 @@ module Puma
       run_args += ["-C", @config_file] if @config_file
       run_args += ["-e", @environment] if @environment
 
-      events = Puma::Events.new @stdout, @stderr
+      log_writer = Puma::LogWriter.new(@stdout, @stderr)
 
       # replace $0 because puma use it to generate restart command
       puma_cmd = $0.gsub(/pumactl$/, 'puma')
       $0 = puma_cmd if File.exist?(puma_cmd)
 
-      cli = Puma::CLI.new run_args, events
+      cli = Puma::CLI.new run_args, log_writer
       cli.run
     end
   end

data/lib/puma/detect.rb

@@ -8,15 +8,18 @@ module Puma
   # @version 5.2.1
   HAS_FORK = ::Process.respond_to? :fork
 
+  HAS_NATIVE_IO_WAIT = ::IO.public_instance_methods(false).include? :wait_readable
+
   IS_JRUBY = Object.const_defined? :JRUBY_VERSION
 
-  IS_OSX = RUBY_PLATFORM.include? 'darwin'
+  IS_OSX = RUBY_DESCRIPTION.include? 'darwin'
+
+  IS_WINDOWS = RUBY_DESCRIPTION.match?(/mswin|ming|cygwin/)
 
-  IS_WINDOWS = !!(RUBY_PLATFORM =~ /mswin|ming|cygwin/) ||
-    IS_JRUBY && RUBY_DESCRIPTION.include?('mswin')
+  IS_LINUX = !(IS_OSX || IS_WINDOWS)
 
   # @version 5.2.0
-  IS_MRI = (RUBY_ENGINE == 'ruby' || RUBY_ENGINE.nil?)
+  IS_MRI = RUBY_ENGINE == 'ruby'
 
   def self.jruby?
     IS_JRUBY