puma 6.0.2 → 6.2.2

data/lib/puma/plugin/systemd.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+require_relative '../plugin'
+
+# Puma's systemd integration allows Puma to inform systemd:
+#  1. when it has successfully started
+#  2. when it is starting shutdown
+#  3. periodically for a liveness check with a watchdog thread
+#  4. periodically set the status
+Puma::Plugin.create do
+  def start(launcher)
+    require_relative '../sd_notify'
+
+    launcher.log_writer.log "* Enabling systemd notification integration"
+
+    # hook_events
+    launcher.events.on_booted { Puma::SdNotify.ready }
+    launcher.events.on_stopped { Puma::SdNotify.stopping }
+    launcher.events.on_restart { Puma::SdNotify.reloading }
+
+    # start watchdog
+    if Puma::SdNotify.watchdog?
+      ping_f = watchdog_sleep_time
+
+      in_background do
+        launcher.log_writer.log "Pinging systemd watchdog every #{ping_f.round(1)} sec"
+        loop do
+          sleep ping_f
+          Puma::SdNotify.watchdog
+        end
+      end
+    end
+
+    # start status loop
+    instance = self
+    sleep_time = 1.0
+    in_background do
+      launcher.log_writer.log "Sending status to systemd every #{sleep_time.round(1)} sec"
+
+      loop do
+        sleep sleep_time
+        # TODO: error handling?
+        Puma::SdNotify.status(instance.status)
+      end
+    end
+  end
+
+  def status
+    if clustered?
+      messages = stats[:worker_status].map do |worker|
+        common_message(worker[:last_status])
+      end.join(',')
+
+      "Puma #{Puma::Const::VERSION}: cluster: #{booted_workers}/#{workers}, worker_status: [#{messages}]"
+    else
+      "Puma #{Puma::Const::VERSION}: worker: #{common_message(stats)}"
+    end
+  end
+
+  private
+
+  def watchdog_sleep_time
+    usec = Integer(ENV["WATCHDOG_USEC"])
+
+    sec_f = usec / 1_000_000.0
+    # "It is recommended that a daemon sends a keep-alive notification message
+    # to the service manager every half of the time returned here."
+    sec_f / 2
+  end
+
+  def stats
+    Puma.stats_hash
+  end
+
+  def clustered?
+    stats.has_key?(:workers)
+  end
+
+  def workers
+    stats.fetch(:workers, 1)
+  end
+
+  def booted_workers
+    stats.fetch(:booted_workers, 1)
+  end
+
+  def common_message(stats)
+    "{ #{stats[:running]}/#{stats[:max_threads]} threads, #{stats[:pool_capacity]} available, #{stats[:backlog]} backlog }"
+  end
+end

data/lib/puma/rack_default.rb

@@ -2,8 +2,23 @@
 
 require_relative '../rack/handler/puma'
 
-module Rack::Handler
-  def self.default(options = {})
-    Rack::Handler::Puma
+# rackup was removed in Rack 3, it is now a separate gem
+if Object.const_defined? :Rackup
+  module Rackup
+    module Handler
+      def self.default(options = {})
+        ::Rackup::Handler::Puma
+      end
+    end
   end
+elsif Object.const_defined?(:Rack) && Rack::RELEASE < '3'
+  module Rack
+    module Handler
+      def self.default(options = {})
+        ::Rack::Handler::Puma
+      end
+    end
+  end
+else
+  raise "Rack 3 must be used with the Rackup gem"
 end

data/lib/puma/request.rb

@@ -53,8 +53,13 @@ module Puma
       socket  = client.io   # io may be a MiniSSL::Socket
       app_body = nil
 
+
       return false if closed_socket?(socket)
 
+      if client.http_content_length_limit_exceeded
+        return prepare_response(413, {}, ["Payload Too Large"], requests, client)
+      end
+
       normalize_env env, client
 
       env[PUMA_SOCKET] = socket
@@ -101,6 +106,7 @@ module Puma
         # is called
         res_body = app_body
 
+        # full hijack, app called env['rack.hijack']
         return :async if client.hijacked
 
         status = status.to_i
@@ -164,78 +170,87 @@ module Puma
       resp_info = str_headers(env, status, headers, res_body, io_buffer, force_keep_alive)
 
       close_body = false
+      response_hijack = nil
+      content_length = resp_info[:content_length]
+      keep_alive     = resp_info[:keep_alive]
 
-      # below converts app_body into body, dependent on app_body's characteristics, and
-      # resp_info[:content_length] will be set if it can be determined
-      if !resp_info[:content_length] && !resp_info[:transfer_encoding] && status != 204
-        if res_body.respond_to?(:to_ary) && (array_body = res_body.to_ary)
-          body = array_body
-          resp_info[:content_length] = body.sum(&:bytesize)
-        elsif res_body.is_a?(File) && res_body.respond_to?(:size)
-          body = res_body
-          resp_info[:content_length] = body.size
-        elsif res_body.respond_to?(:to_path) && res_body.respond_to?(:each) &&
+      if res_body.respond_to?(:each) && !resp_info[:response_hijack]
+        # below converts app_body into body, dependent on app_body's characteristics, and
+        # content_length will be set if it can be determined
+        if !content_length && !resp_info[:transfer_encoding] && status != 204
+          if res_body.respond_to?(:to_ary) && (array_body = res_body.to_ary) &&
+              array_body.is_a?(Array)
+            body = array_body.compact
+            content_length = body.sum(&:bytesize)
+          elsif res_body.is_a?(File) && res_body.respond_to?(:size)
+            body = res_body
+            content_length = body.size
+          elsif res_body.respond_to?(:to_path) && File.readable?(fn = res_body.to_path)
+            body = File.open fn, 'rb'
+            content_length = body.size
+            close_body = true
+          else
+            body = res_body
+          end
+        elsif !res_body.is_a?(::File) && res_body.respond_to?(:to_path) &&
             File.readable?(fn = res_body.to_path)
           body = File.open fn, 'rb'
-          resp_info[:content_length] = body.size
+          content_length = body.size
           close_body = true
+        elsif !res_body.is_a?(::File) && res_body.respond_to?(:filename) &&
+            res_body.respond_to?(:bytesize) && File.readable?(fn = res_body.filename)
+          # Sprockets::Asset
+          content_length = res_body.bytesize unless content_length
+          if (body_str = res_body.to_hash[:source])
+            body = [body_str]
+          else                           # avoid each and use a File object
+            body = File.open fn, 'rb'
+            close_body = true
+          end
         else
           body = res_body
         end
-      elsif !res_body.is_a?(::File) && res_body.respond_to?(:to_path) && res_body.respond_to?(:each) &&
-          File.readable?(fn = res_body.to_path)
-        body = File.open fn, 'rb'
-        resp_info[:content_length] = body.size
-        close_body = true
-      elsif !res_body.is_a?(::File) && res_body.respond_to?(:filename) && res_body.respond_to?(:each) &&
-          res_body.respond_to?(:bytesize) && File.readable?(fn = res_body.filename)
-        # Sprockets::Asset
-        resp_info[:content_length] = res_body.bytesize unless resp_info[:content_length]
-        if res_body.to_hash[:source]   # use each to return @source
-          body = res_body
-        else                           # avoid each and use a File object
-          body = File.open fn, 'rb'
-          close_body = true
-        end
       else
-        body = res_body
+        # partial hijack, from Rack spec:
+        #   Servers must ignore the body part of the response tuple when the
+        #   rack.hijack response header is present.
+        response_hijack = resp_info[:response_hijack] || res_body
       end
 
       line_ending = LINE_END
 
-      content_length = resp_info[:content_length]
-      keep_alive     = resp_info[:keep_alive]
-
-      if res_body && !res_body.respond_to?(:each)
-        response_hijack = res_body
-      else
-        response_hijack = resp_info[:response_hijack]
-      end
-
       cork_socket socket
 
       if resp_info[:no_body]
-        if content_length and status != 204
+        # 101 (Switching Protocols) doesn't return here or have content_length,
+        # it should be using `response_hijack`
+        unless status == 101
+          if content_length && status != 204
+            io_buffer.append CONTENT_LENGTH_S, content_length.to_s, line_ending
+          end
+
+          io_buffer << LINE_END
+          fast_write_str socket, io_buffer.read_and_reset
+          socket.flush
+          return keep_alive
+        end
+      else
+        if content_length
           io_buffer.append CONTENT_LENGTH_S, content_length.to_s, line_ending
+          chunked = false
+        elsif !response_hijack && resp_info[:allow_chunked]
+          io_buffer << TRANSFER_ENCODING_CHUNKED
+          chunked = true
         end
-
-        io_buffer << LINE_END
-        fast_write_str socket, io_buffer.read_and_reset
-        socket.flush
-        return keep_alive
-      end
-      if content_length
-        io_buffer.append CONTENT_LENGTH_S, content_length.to_s, line_ending
-        chunked = false
-      elsif !response_hijack and resp_info[:allow_chunked]
-        io_buffer << TRANSFER_ENCODING_CHUNKED
-        chunked = true
       end
 
       io_buffer << line_ending
 
+      # partial hijack, we write headers, then hand the socket to the app via
+      # response_hijack.call
       if response_hijack
         fast_write_str socket, io_buffer.read_and_reset
+        uncork_socket socket
         response_hijack.call socket
         return :async
       end
@@ -295,8 +310,8 @@ module Puma
     def fast_write_response(socket, body, io_buffer, chunked, content_length)
       if body.is_a?(::File) && body.respond_to?(:read)
         if chunked  # would this ever happen?
-          while part = body.read(BODY_LEN_MAX)
-            io_buffer.append part.bytesize.to_s(16), LINE_END, part, LINE_END
+          while chunk = body.read(BODY_LEN_MAX)
+            io_buffer.append chunk.bytesize.to_s(16), LINE_END, chunk, LINE_END
           end
           fast_write_str socket, CLOSE_CHUNKED
         else
@@ -347,16 +362,22 @@ module Puma
         fast_write_str(socket, io_buffer.read_and_reset) unless io_buffer.length.zero?
       else
         # for enum bodies
-        fast_write_str socket, io_buffer.read_and_reset
         if chunked
+          empty_body = true
           body.each do |part|
-            next if (byte_size = part.bytesize).zero?
-             fast_write_str socket, (byte_size.to_s(16) << LINE_END)
-             fast_write_str socket, part
-             fast_write_str socket, LINE_END
+            next if part.nil? || (byte_size = part.bytesize).zero?
+            empty_body = false
+            io_buffer.append byte_size.to_s(16), LINE_END, part, LINE_END
+            fast_write_str socket, io_buffer.read_and_reset
+          end
+          if empty_body
+            io_buffer << CLOSE_CHUNKED
+            fast_write_str socket, io_buffer.read_and_reset
+          else
+            fast_write_str socket, CLOSE_CHUNKED
           end
-          fast_write_str socket, CLOSE_CHUNKED
         else
+          fast_write_str socket, io_buffer.read_and_reset
           body.each do |part|
             next if part.bytesize.zero?
             fast_write_str socket, part
@@ -476,7 +497,7 @@ module Puma
       to_add = nil
 
       env.each do |k,v|
-        if k.start_with?("HTTP_") and k.include?(",") and k != "HTTP_TRANSFER,ENCODING"
+        if k.start_with?("HTTP_") && k.include?(",") && k != "HTTP_TRANSFER,ENCODING"
           if to_delete
             to_delete << k
           else

data/lib/puma/runner.rb

@@ -198,5 +198,12 @@ module Puma
         }
       }
     end
+
+    # this method call should always be guarded by `@log_writer.debug?`
+    def debug_loaded_extensions(str)
+      @log_writer.debug "────────────────────────────────── #{str}"
+      re_ext = /\.#{RbConfig::CONFIG['DLEXT']}\z/i
+      $LOADED_FEATURES.grep(re_ext).each { |f| @log_writer.debug("    #{f}") }
+    end
   end
 end

data/lib/puma/sd_notify.rb

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+require "socket"
+
+module Puma
+  # The MIT License
+  #
+  # Copyright (c) 2017-2022 Agis Anastasopoulos
+  #
+  # Permission is hereby granted, free of charge, to any person obtaining a copy of
+  # this software and associated documentation files (the "Software"), to deal in
+  # the Software without restriction, including without limitation the rights to
+  # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+  # the Software, and to permit persons to whom the Software is furnished to do so,
+  # subject to the following conditions:
+  #
+  # The above copyright notice and this permission notice shall be included in all
+  # copies or substantial portions of the Software.
+  #
+  # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+  # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+  # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+  # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+  # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+  #
+  # This is a copy of https://github.com/agis/ruby-sdnotify as of commit cca575c
+  # The only changes made was "rehoming" it within the Puma module to avoid
+  # namespace collisions and applying standard's code formatting style.
+  #
+  # SdNotify is a pure-Ruby implementation of sd_notify(3). It can be used to
+  # notify systemd about state changes. Methods of this package are no-op on
+  # non-systemd systems (eg. Darwin).
+  #
+  # The API maps closely to the original implementation of sd_notify(3),
+  # therefore be sure to check the official man pages prior to using SdNotify.
+  #
+  # @see https://www.freedesktop.org/software/systemd/man/sd_notify.html
+  module SdNotify
+    # Exception raised when there's an error writing to the notification socket
+    class NotifyError < RuntimeError; end
+
+    READY     = "READY=1"
+    RELOADING = "RELOADING=1"
+    STOPPING  = "STOPPING=1"
+    STATUS    = "STATUS="
+    ERRNO     = "ERRNO="
+    MAINPID   = "MAINPID="
+    WATCHDOG  = "WATCHDOG=1"
+    FDSTORE   = "FDSTORE=1"
+
+    def self.ready(unset_env=false)
+      notify(READY, unset_env)
+    end
+
+    def self.reloading(unset_env=false)
+      notify(RELOADING, unset_env)
+    end
+
+    def self.stopping(unset_env=false)
+      notify(STOPPING, unset_env)
+    end
+
+    # @param status [String] a custom status string that describes the current
+    #   state of the service
+    def self.status(status, unset_env=false)
+      notify("#{STATUS}#{status}", unset_env)
+    end
+
+    # @param errno [Integer]
+    def self.errno(errno, unset_env=false)
+      notify("#{ERRNO}#{errno}", unset_env)
+    end
+
+    # @param pid [Integer]
+    def self.mainpid(pid, unset_env=false)
+      notify("#{MAINPID}#{pid}", unset_env)
+    end
+
+    def self.watchdog(unset_env=false)
+      notify(WATCHDOG, unset_env)
+    end
+
+    def self.fdstore(unset_env=false)
+      notify(FDSTORE, unset_env)
+    end
+
+    # @param [Boolean] true if the service manager expects watchdog keep-alive
+    #   notification messages to be sent from this process.
+    #
+    # If the $WATCHDOG_USEC environment variable is set,
+    # and the $WATCHDOG_PID variable is unset or set to the PID of the current
+    # process
+    #
+    # @note Unlike sd_watchdog_enabled(3), this method does not mutate the
+    #   environment.
+    def self.watchdog?
+      wd_usec = ENV["WATCHDOG_USEC"]
+      wd_pid = ENV["WATCHDOG_PID"]
+
+      return false if !wd_usec
+
+      begin
+        wd_usec = Integer(wd_usec)
+      rescue
+        return false
+      end
+
+      return false if wd_usec <= 0
+      return true if !wd_pid || wd_pid == $$.to_s
+
+      false
+    end
+
+    # Notify systemd with the provided state, via the notification socket, if
+    # any.
+    #
+    # Generally this method will be used indirectly through the other methods
+    # of the library.
+    #
+    # @param state [String]
+    # @param unset_env [Boolean]
+    #
+    # @return [Fixnum, nil] the number of bytes written to the notification
+    #   socket or nil if there was no socket to report to (eg. the program wasn't
+    #   started by systemd)
+    #
+    # @raise [NotifyError] if there was an error communicating with the systemd
+    #   socket
+    #
+    # @see https://www.freedesktop.org/software/systemd/man/sd_notify.html
+    def self.notify(state, unset_env=false)
+      sock = ENV["NOTIFY_SOCKET"]
+
+      return nil if !sock
+
+      ENV.delete("NOTIFY_SOCKET") if unset_env
+
+      begin
+        Addrinfo.unix(sock, :DGRAM).connect do |s|
+          s.close_on_exec = true
+          s.write(state)
+        end
+      rescue StandardError => e
+        raise NotifyError, "#{e.class}: #{e.message}", e.backtrace
+      end
+    end
+  end
+end

data/lib/puma/server.rb

@@ -95,6 +95,7 @@ module Puma
       @queue_requests      = @options[:queue_requests]
       @max_fast_inline     = @options[:max_fast_inline]
       @io_selector_backend = @options[:io_selector_backend]
+      @http_content_length_limit = @options[:http_content_length_limit]
 
       temp = !!(@options[:environment] =~ /\A(development|test)\z/)
       @leak_stack_on_error = @options[:environment] ? temp : true
@@ -334,6 +335,7 @@ module Puma
                 drain += 1 if shutting_down?
                 pool << Client.new(io, @binder.env(sock)).tap { |c|
                   c.listener = sock
+                  c.http_content_length_limit = @http_content_length_limit
                   c.send(addr_send_name, addr_value) if addr_value
                 }
               end

data/lib/puma/single.rb

@@ -57,6 +57,8 @@ module Puma
 
       @events.fire_on_booted!
 
+      debug_loaded_extensions("Loaded Extensions:") if @log_writer.debug?
+
       begin
         server_thread.join
       rescue Interrupt