puma 6.3.1 → 6.4.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dcbde9283993550beb848a4f777bf9d33a1e163f5356cfeeb40be3eede72e7d0
4
- data.tar.gz: 5394fdd8307e5a1fd40c7cf560d01565a6a9d69fd0fa0006ff6b28e483e627aa
3
+ metadata.gz: e3cedcd91a2366db019124505992d71ff47717760e4c3f37d9e7ae681c45bbdb
4
+ data.tar.gz: 6ad4999caa3542103c8bb2d3a1bd49202e1c8cf71d409ee96e13d23c169f0d32
5
5
  SHA512:
6
- metadata.gz: 473b3047986b69763e01fb3b3f7fc1137070cb041ae235e520216e568860295a3b0ed105e4c52ee1d3aa05353d1b247e0782a1aa7bde840a540200f21d84320b
7
- data.tar.gz: 69e625526fcc0b7216a419326e172114ed0ba4c7842722c1f896ed4d2fd559e4b58ea31f95a7ca52d37f11b5930433cfa6faab3f510996a39b1de3d3ff46d2a7
6
+ metadata.gz: a69d8cec268d2e35444609f2e69e737e47eb1dc30dd2b3a387e5f3e84bc4905d8241ae3b158f39259a9930ca093fff17db927039aaef54583e6c1a30d8b12a61
7
+ data.tar.gz: f03e924b53e70ac876c786031b23775e4b91aa5d009d5f40fb9a0c241093a238c4b78a99fc062c8495e634b2cfc8561626e9aaf0888c203d40cf84f9d14c539b
data/History.md CHANGED
@@ -1,6 +1,58 @@
1
+ ## 6.4.3 / 2024-09-19
2
+
3
+ * Security
4
+ * Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). ([CVE-2024-45614](https://github.com/puma/puma/security/advisories/GHSA-9hf4-67fc-4vf4)/GHSA-9hf4-67fc-4vf4)
5
+
6
+ ## 6.4.2 / 2024-01-08
7
+
8
+ * Security
9
+ * Limit the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. ([GHSA-c2f4-cvqm-65w2](https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2))
10
+
11
+ ## 6.4.1 / 2024-01-03
12
+
13
+ * Bugfixes
14
+ * DSL#warn_if_in_single_mode - fixup when workers set via CLI ([#3256])
15
+ * Fix `idle-timeout` not working in cluster mode ([#3235], [#3228], [#3282], [#3283])
16
+ * Fix worker 0 timing out during phased restart ([#3225], [#2786])
17
+ * context_builder.rb - require openssl if verify_mode != 'none' ([#3179])
18
+ * Make puma cluster process suitable as PID 1 ([#3255])
19
+ * Improve Puma::NullIO consistency with real IO ([#3276])
20
+ * extconf.rb - fixup to detect openssl info in Ruby build ([#3271], [#3266])
21
+ * MiniSSL.java - set serialVersionUID, fix RaiseException deprecation ([#3270])
22
+ * dsl.rb - fix warn_if_in_single_mode when WEB_CONCURRENCY is set ([#3265], [#3264])
23
+
24
+ * Maintenance
25
+ * LOTS of test refactoring to make tests more stable and easier to write - thanks to @MSP-Greg!
26
+ * Fix bug in tests re: TestPuma::HOST4 ([#3254])
27
+ * Dockerfile for minimal repros: use Ruby 3.2, expect bundler installed ([#3245])
28
+ * fix define_method calls, use Symbol parameter instead of String ([#3293])
29
+
30
+ * Docs
31
+ * README.md - add the puma-acme plugin ([#3301])
32
+ * Remove `--keep-file-descriptors` flag from systemd docs ([#3248])
33
+ * Note symlink mechanism in restart documentation for hot restart ([#3298])
34
+
35
+ ## 6.4.0 / 2023-09-21
36
+
37
+ * Features
38
+ * on_thread_exit hook ([#2920])
39
+ * on_thread_start_hook ([#3195])
40
+ * Shutdown on idle ([#3209], [#2580])
41
+ * New error message when control server port taken ([#3204])
42
+
43
+ * Refactor
44
+ * Remove `Forwardable` dependency ([#3191], #3190)
45
+ * Update URLMap Regexp usage for Ruby v3.3 ([#3165])
46
+
47
+ * Bugfixes
48
+ * Bring the cert_pem: parameter into parity with the cert: parameter to ssl_bind. ([#3174])
49
+ * Fix using control server with IPv6 host ([#3181])
50
+ * control_cli.rb - add require_relative 'log_writer' ([#3187])
51
+ * Fix cases where fallback Rack response wasn't sent to the client ([#3094])
52
+
1
53
  ## 6.3.1 / 2023-08-18
2
54
 
3
- * Security
55
+ * Security
4
56
  * Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields ([GHSA-68xg-gqqm-vgj8](https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8))
5
57
 
6
58
  ## 6.3.0 / 2023-05-31
@@ -15,7 +67,7 @@
15
67
  * Handle malformed request path ([#3155], [#3148])
16
68
  * Misc lib file fixes - trapping additional errors, CI helper ([#3129])
17
69
  * Fixup req form data file upload with "r\n" line endings ([#3137])
18
- * Restore rack 1.6 compatibility Restore rack 1.6 compatibility ([#3156])
70
+ * Restore rack 1.6 compatibility ([#3156])
19
71
 
20
72
  * Refactor
21
73
  * const.rb - Update Puma::HTTP_STATUS_CODES ([#3162])
@@ -74,12 +126,12 @@
74
126
  * Refactor const.rb - freeze ([#3016])
75
127
 
76
128
  ## 6.0.1 / 2022-12-20
77
-
129
+
78
130
  * Bugfixes
79
131
  * Handle waking up a closed selector in Reactor#add ([#3005])
80
132
  * Fixup response processing, enumerable bodies ([#3004], [#3000])
81
133
  * Correctly close app body for all code paths ([#3002], [#2999])
82
- * Refactor
134
+ * Refactor
83
135
  * Add IOBuffer to Client, remove from ThreadPool thread instances ([#3013])
84
136
 
85
137
  ## 6.0.0 / 2022-10-14
@@ -108,12 +160,12 @@
108
160
  * Allow header values to be arrays (Rack 3) ([#2936], [#2931])
109
161
  * Export Puma/Ruby versions in /stats ([#2875])
110
162
  * Allow configuring request uri max length & request path max length ([#2840])
111
- * Add a couple of public accessors ([#2774])
163
+ * Add a couple of public accessors ([#2774])
112
164
  * Log entire backtrace when worker start fails ([#2891])
113
165
  * [jruby] Enable TLSv1.3 support ([#2886])
114
166
  * [jruby] support setting TLS protocols + rename ssl_cipher_list ([#2899])
115
167
  * [jruby] Support a truststore option ([#2849], [#2904], [#2884])
116
-
168
+
117
169
  * Bugfixes
118
170
  * Load the configuration before passing it to the binder ([#2897])
119
171
  * Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT ([#2932], [#1441])
@@ -126,6 +178,26 @@
126
178
  * Ruby 3.2 will have native IO#wait_* methods, don't require io/wait ([#2903])
127
179
  * Various internal API refactorings ([#2942], [#2921], [#2922], [#2955])
128
180
 
181
+ ## 5.6.9 / 2024-09-19
182
+
183
+ * Security
184
+ * Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). ([CVE-2024-45614](https://github.com/puma/puma/security/advisories/GHSA-9hf4-67fc-4vf4)/GHSA-9hf4-67fc-4vf4)
185
+
186
+ ## 5.6.8 / 2024-01-08
187
+
188
+ * Security
189
+ * Limit the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. ([GHSA-c2f4-cvqm-65w2](https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2))
190
+
191
+ ## 5.6.7 / 2023-08-18
192
+
193
+ * Security
194
+ * Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields ([GHSA-68xg-gqqm-vgj8](https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8))
195
+
196
+ ## 5.6.6 / 2023-06-21
197
+
198
+ * Bugfix
199
+ * Prevent loading with rack 3 ([#3166])
200
+
129
201
  ## 5.6.5 / 2022-08-23
130
202
 
131
203
  * Feature
@@ -2001,6 +2073,38 @@ be added back in a future date when a java Puma::MiniSSL is added.
2001
2073
  * Bugfixes
2002
2074
  * Your bugfix goes here <Most recent on the top, like GitHub> (#Github Number)
2003
2075
 
2076
+ [#3256]:https://github.com/puma/puma/pull/3256 "PR by @MSP-Greg, merged 2023-10-16"
2077
+ [#3235]:https://github.com/puma/puma/pull/3235 "PR by @joshuay03, merged 2023-10-03"
2078
+ [#3228]:https://github.com/puma/puma/issues/3228 "Issue by @davidalejandroaguilar, closed 2023-10-03"
2079
+ [#3282]:https://github.com/puma/puma/issues/3282 "Issue by @bensheldon, closed 2024-01-02"
2080
+ [#3283]:https://github.com/puma/puma/pull/3283 "PR by @joshuay03, merged 2024-01-02"
2081
+ [#3225]:https://github.com/puma/puma/pull/3225 "PR by @joshuay03, merged 2023-09-27"
2082
+ [#2786]:https://github.com/puma/puma/issues/2786 "Issue by @vitiokss, closed 2023-09-27"
2083
+ [#3179]:https://github.com/puma/puma/pull/3179 "PR by @MSP-Greg, merged 2023-09-26"
2084
+ [#3255]:https://github.com/puma/puma/pull/3255 "PR by @casperisfine, merged 2023-10-19"
2085
+ [#3276]:https://github.com/puma/puma/pull/3276 "PR by @casperisfine, merged 2023-11-16"
2086
+ [#3271]:https://github.com/puma/puma/pull/3271 "PR by @MSP-Greg, merged 2023-10-30"
2087
+ [#3266]:https://github.com/puma/puma/issues/3266 "Issue by @Dragonicity, closed 2023-10-30"
2088
+ [#3270]:https://github.com/puma/puma/pull/3270 "PR by @MSP-Greg, merged 2023-10-30"
2089
+ [#3265]:https://github.com/puma/puma/pull/3265 "PR by @MSP-Greg, merged 2023-10-25"
2090
+ [#3264]:https://github.com/puma/puma/issues/3264 "Issue by @dentarg, closed 2023-10-25"
2091
+ [#3254]:https://github.com/puma/puma/pull/3254 "PR by @casperisfine, merged 2023-10-11"
2092
+ [#3245]:https://github.com/puma/puma/pull/3245 "PR by @olleolleolle, merged 2023-10-02"
2093
+ [#3293]:https://github.com/puma/puma/pull/3293 "PR by @MSP-Greg, merged 2023-12-21"
2094
+ [#3301]:https://github.com/puma/puma/pull/3301 "PR by @benburkert, merged 2023-12-29"
2095
+ [#3248]:https://github.com/puma/puma/pull/3248 "PR by @dentarg, merged 2023-10-04"
2096
+ [#3298]:https://github.com/puma/puma/pull/3298 "PR by @til, merged 2023-12-26"
2097
+ [#2920]:https://github.com/puma/puma/pull/2920 "PR by @biinari, merged 2023-07-11"
2098
+ [#3195]:https://github.com/puma/puma/pull/3195 "PR by @binarygit, merged 2023-08-15"
2099
+ [#3209]:https://github.com/puma/puma/pull/3209 "PR by @joshuay03, merged 2023-09-04"
2100
+ [#2580]:https://github.com/puma/puma/issues/2580 "Issue by @schuetzm, closed 2023-09-04"
2101
+ [#3204]:https://github.com/puma/puma/pull/3204 "PR by @dhavalsingh, merged 2023-08-25"
2102
+ [#3191]:https://github.com/puma/puma/pull/3191 "PR by @MSP-Greg, merged 2023-08-31"
2103
+ [#3165]:https://github.com/puma/puma/pull/3165 "PR by @fallwith, merged 2023-06-06"
2104
+ [#3174]:https://github.com/puma/puma/pull/3174 "PR by @copiousfreetime, merged 2023-06-11"
2105
+ [#3181]:https://github.com/puma/puma/pull/3181 "PR by @MSP-Greg, merged 2023-06-23"
2106
+ [#3187]:https://github.com/puma/puma/pull/3187 "PR by @MSP-Greg, merged 2023-06-30"
2107
+ [#3094]:https://github.com/puma/puma/pull/3094 "PR by @Vuta, merged 2023-07-23"
2004
2108
  [#3106]:https://github.com/puma/puma/pull/3106 "PR by @MSP-Greg, merged 2023-05-29"
2005
2109
  [#3014]:https://github.com/puma/puma/issues/3014 "Issue by @kyledrake, closed 2023-05-29"
2006
2110
  [#3161]:https://github.com/puma/puma/pull/3161 "PR by @MSP-Greg, merged 2023-05-27"
@@ -2099,6 +2203,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
2099
2203
  [#2921]:https://github.com/puma/puma/issues/2921 "Issue by @MSP-Greg, closed 2022-09-15"
2100
2204
  [#2922]:https://github.com/puma/puma/issues/2922 "Issue by @MSP-Greg, closed 2022-09-10"
2101
2205
  [#2955]:https://github.com/puma/puma/pull/2955 "PR by @cafedomancer, merged 2022-09-15"
2206
+ [#3166]:https://github.com/puma/puma/pull/3166 "PR by @JoeDupuis, merged 2023-06-08"
2102
2207
  [#2868]:https://github.com/puma/puma/pull/2868 "PR by @MSP-Greg, merged 2022-06-02"
2103
2208
  [#2866]:https://github.com/puma/puma/issues/2866 "Issue by @slondr, closed 2022-06-02"
2104
2209
  [#2883]:https://github.com/puma/puma/pull/2883 "PR by @MSP-Greg, merged 2022-06-02"
@@ -2125,7 +2230,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
2125
2230
  [#2794]:https://github.com/puma/puma/pull/2794 "PR by @johnnyshields, merged 2022-01-10"
2126
2231
  [#2759]:https://github.com/puma/puma/pull/2759 "PR by @ob-stripe, merged 2021-12-11"
2127
2232
  [#2731]:https://github.com/puma/puma/pull/2731 "PR by @baelter, merged 2021-11-02"
2128
- [#2341]:https://github.com/puma/puma/issues/2341 "Issue by @cjlarose, opened 2020-08-18"
2233
+ [#2341]:https://github.com/puma/puma/issues/2341 "Issue by @cjlarose, closed 2023-07-23"
2129
2234
  [#2728]:https://github.com/puma/puma/pull/2728 "PR by @dalibor, merged 2021-10-31"
2130
2235
  [#2733]:https://github.com/puma/puma/pull/2733 "PR by @ob-stripe, merged 2021-12-12"
2131
2236
  [#2807]:https://github.com/puma/puma/pull/2807 "PR by @MSP-Greg, merged 2022-01-25"
@@ -2173,7 +2278,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
2173
2278
  [#2563]:https://github.com/puma/puma/pull/2563 "PR by @MSP-Greg, merged 2021-03-06"
2174
2279
  [#2504]:https://github.com/puma/puma/issues/2504 "Issue by @fsateler, closed 2021-03-06"
2175
2280
  [#2591]:https://github.com/puma/puma/pull/2591 "PR by @MSP-Greg, merged 2021-05-05"
2176
- [#2572]:https://github.com/puma/puma/issues/2572 "Issue by @josefbilendo, closed 2021-05-05"
2281
+ [#2572]:https://github.com/puma/puma/issues/2572 "Issue by @josef-krabath, closed 2021-05-05"
2177
2282
  [#2613]:https://github.com/puma/puma/pull/2613 "PR by @smcgivern, merged 2021-04-27"
2178
2283
  [#2605]:https://github.com/puma/puma/pull/2605 "PR by @pascalbetz, merged 2021-04-26"
2179
2284
  [#2584]:https://github.com/puma/puma/issues/2584 "Issue by @kaorihinata, closed 2021-04-26"
@@ -2489,7 +2594,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
2489
2594
  [#1110]:https://github.com/puma/puma/pull/1110 "PR by @montdidier, merged 2016-12-12"
2490
2595
  [#1135]:https://github.com/puma/puma/pull/1135 "PR by @jkraemer, merged 2016-11-19"
2491
2596
  [#1081]:https://github.com/puma/puma/pull/1081 "PR by @frodsan, merged 2016-09-08"
2492
- [#1138]:https://github.com/puma/puma/pull/1138 "PR by @steakknife, merged 2016-12-13"
2597
+ [#1138]:https://github.com/puma/puma/pull/1138 "PR by @skull-squadron, merged 2016-12-13"
2493
2598
  [#1118]:https://github.com/puma/puma/pull/1118 "PR by @hiroara, merged 2016-11-20"
2494
2599
  [#1075]:https://github.com/puma/puma/issues/1075 "Issue by @pvalena, closed 2016-09-06"
2495
2600
  [#932]:https://github.com/puma/puma/issues/932 "Issue by @everplays, closed 2016-07-24"
data/README.md CHANGED
@@ -12,11 +12,15 @@ Puma is a **simple, fast, multi-threaded, and highly parallel HTTP 1.1 server fo
12
12
 
13
13
  ## Built For Speed &amp; Parallelism
14
14
 
15
- Puma processes requests using a C-optimized Ragel extension (inherited from Mongrel) that provides fast, accurate HTTP 1.1 protocol parsing in a portable way. Puma then serves the request using a thread pool. Each request is served in a separate thread, so truly parallel Ruby implementations (JRuby, Rubinius) will use all available CPU cores.
15
+ Puma is a server for [Rack](https://github.com/rack/rack)-powered HTTP applications written in Ruby. It is:
16
+ * **Multi-threaded**. Each request is served in a separate thread. This helps you serve more requests per second with less memory use.
17
+ * **Multi-process**. "Pre-forks" in cluster mode, using less memory per-process thanks to copy-on-write memory.
18
+ * **Standalone**. With SSL support, zero-downtime rolling restarts and a built-in request bufferer, you can deploy Puma without any reverse proxy.
19
+ * **Battle-tested**. Our HTTP parser is inherited from Mongrel and has over 15 years of production use. Puma is currently the most popular Ruby webserver, and is the default server for Ruby on Rails.
16
20
 
17
21
  Originally designed as a server for [Rubinius](https://github.com/rubinius/rubinius), Puma also works well with Ruby (MRI) and JRuby.
18
22
 
19
- On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel.
23
+ On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel. Truly parallel Ruby implementations (TruffleRuby, JRuby) don't have this limitation.
20
24
 
21
25
  ## Quick Start
22
26
 
@@ -114,6 +118,8 @@ $ WEB_CONCURRENCY=3 puma -t 8:32
114
118
 
115
119
  Note that threads are still used in clustered mode, and the `-t` thread flag setting is per worker, so `-w 2 -t 16:16` will spawn 32 threads in total, with 16 in each worker process.
116
120
 
121
+ For an in-depth discussion of the tradeoffs of thread and process count settings, [see our docs](https://github.com/puma/puma/blob/9282a8efa5a0c48e39c60d22ca70051a25df9f55/docs/kubernetes.md#workers-per-pod-and-other-config-issues).
122
+
117
123
  In clustered mode, Puma can "preload" your application. This loads all the application code *prior* to forking. Preloading reduces total memory usage of your application via an operating system feature called [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write).
118
124
 
119
125
  If the `WEB_CONCURRENCY` environment variable is set to a value > 1 (and `--prune-bundler` has not been specified), preloading will be enabled by default. Otherwise, you can use the `--preload` flag from the command line:
@@ -211,29 +217,32 @@ Puma supports the [`localhost`] gem for self-signed certificates. This is partic
211
217
 
212
218
  Puma automatically configures SSL when the [`localhost`] gem is loaded in a `development` environment:
213
219
 
220
+ Add the gem to your Gemfile:
214
221
  ```ruby
215
- # Add the gem to your Gemfile
216
222
  group(:development) do
217
223
  gem 'localhost'
218
224
  end
225
+ ```
219
226
 
220
- # And require it implicitly using bundler
227
+ And require it implicitly using bundler:
228
+ ```ruby
221
229
  require "bundler"
222
230
  Bundler.require(:default, ENV["RACK_ENV"].to_sym)
231
+ ```
223
232
 
224
- # Alternatively, you can require the gem in config.ru:
225
- require './app'
233
+ Alternatively, you can require the gem in your configuration file, either `config/puma/development.rb`, `config/puma.rb`, or set via the `-C` cli option:
234
+ ```ruby
226
235
  require 'localhost'
227
- run Sinatra::Application
236
+ # configuration methods (from Puma::DSL) as needed
228
237
  ```
229
238
 
230
239
  Additionally, Puma must be listening to an SSL socket:
231
240
 
232
241
  ```shell
233
- $ puma -b 'ssl://localhost:9292' config.ru
242
+ $ puma -b 'ssl://localhost:9292' -C config/use_local_host.rb
234
243
 
235
244
  # The following options allow you to reach Puma over HTTP as well:
236
- $ puma -b ssl://localhost:9292 -b tcp://localhost:9393 config.ru
245
+ $ puma -b ssl://localhost:9292 -b tcp://localhost:9393 -C config/use_local_host.rb
237
246
  ```
238
247
 
239
248
  [`localhost`]: https://github.com/socketry/localhost
@@ -401,6 +410,7 @@ Community guides:
401
410
  * [puma-plugin-statsd](https://github.com/yob/puma-plugin-statsd) — send Puma metrics to statsd
402
411
  * [puma-plugin-systemd](https://github.com/sj26/puma-plugin-systemd) — deeper integration with systemd for notify, status and watchdog. Puma 5.1.0 integrated notify and watchdog, which probably conflicts with this plugin. Puma 6.1.0 added status support which obsoletes the plugin entirely.
403
412
  * [puma-plugin-telemetry](https://github.com/babbel/puma-plugin-telemetry) - telemetry plugin for Puma offering various targets to publish
413
+ * [puma-acme](https://github.com/anchordotdev/puma-acme) - automatic SSL/HTTPS certificate provisioning and setup
404
414
 
405
415
  ### Monitoring
406
416
 
data/docs/kubernetes.md CHANGED
@@ -64,3 +64,15 @@ There is a subtle race condition between step 2 and 3: The replication controlle
64
64
  The way Kubernetes works this way, rather than handling step 2 synchronously, is due to the CAP theorem: in a distributed system there is no way to guarantee that any message will arrive promptly. In particular, waiting for all Service controllers to report back might get stuck for an indefinite time if one of them has already been terminated or if there has been a net split. A way to work around this is to add a sleep to the pre-stop hook of the same time as the `terminationGracePeriodSeconds` time. This will allow the Puma process to keep serving new requests during the entire grace period, although it will no longer receive new requests after all Service controllers have propagated the removal of the pod from their endpoint lists. Then, after `terminationGracePeriodSeconds`, the pod receives `SIGKILL` and closes down. If your process can't handle SIGKILL properly, for example because it needs to release locks in different services, you can also sleep for a shorter period (and/or increase `terminationGracePeriodSeconds`) as long as the time slept is longer than the time that your Service controllers take to propagate the pod removal. The downside of this workaround is that all pods will take at minimum the amount of time slept to shut down and this will increase the time required for your rolling deploy.
65
65
 
66
66
  More discussions and links to relevant articles can be found in https://github.com/puma/puma/issues/2343.
67
+
68
+ ## Workers Per Pod, and Other Config Issues
69
+
70
+ With containerization, you will have to make a decision about how "big" to make each pod. Should you run 2 pods with 50 workers each? 25 pods, each with 4 workers? 100 pods, with each Puma running in single mode? Each scenario represents the same total amount of capacity (100 Puma processes that can respond to requests), but there are tradeoffs to make.
71
+
72
+ * Worker counts should be somewhere between 4 and 32 in most cases. You want more than 4 in order to minimize time spent in request queueing for a free Puma worker, but probably less than ~32 because otherwise autoscaling is working in too large of an increment or they probably won't fit very well into your nodes. In any queueing system, queue time is proportional to 1/n, where n is the number of things pulling from the queue. Each pod will have its own request queue (i.e., the socket backlog). If you have 4 pods with 1 worker each (4 request queues), wait times are, proportionally, about 4 times higher than if you had 1 pod with 4 workers (1 request queue).
73
+ * Unless you have a very I/O-heavy application (50%+ time spent waiting on IO), use the default thread count (5 for MRI). Using higher numbers of threads with low I/O wait (<50%) will lead to additional request queueing time (latency!) and additional memory usage.
74
+ * More processes per pod reduces memory usage per process, because of copy-on-write memory and because the cost of the single master process is "amortized" over more child processes.
75
+ * Don't run less than 4 processes per pod if you can. Low numbers of processes per pod will lead to high request queueing, which means you will have to run more pods.
76
+ * If multithreaded, allocate 1 CPU per worker. If single threaded, allocate 0.75 cpus per worker. Most web applications spend about 25% of their time in I/O - but when you're running multi-threaded, your Puma process will have higher CPU usage and should be able to fully saturate a CPU core.
77
+ * Most Puma processes will use about ~512MB-1GB per worker, and about 1GB for the master process. However, you probably shouldn't bother with setting memory limits lower than around 2GB per process, because most places you are deploying will have 2GB of RAM per CPU. A sensible memory limit for a Puma configuration of 4 child workers might be something like 8 GB (1 GB for the master, 7GB for the 4 children).
78
+
data/docs/restart.md CHANGED
@@ -27,6 +27,7 @@ Any of the following will cause a Puma server to perform a hot restart:
27
27
 
28
28
  ### Additional notes
29
29
 
30
+ * The newly started Puma process changes its current working directory to the directory specified by the `directory` option. If `directory` is set to symlink, this is automatically re-evaluated, so this mechanism can be used to upgrade the application.
30
31
  * Only one version of the application is running at a time.
31
32
  * `on_restart` is invoked just before the server shuts down. This can be used to clean up resources (like long-lived database connections) gracefully. Since Ruby 2.0, it is not typically necessary to explicitly close file descriptors on restart. This is because any file descriptor opened by Ruby will have the `FD_CLOEXEC` flag set, meaning that file descriptors are closed on `exec`. `on_restart` is useful, though, if your application needs to perform any more graceful protocol-specific shutdown procedures before closing connections.
32
33
 
data/docs/systemd.md CHANGED
@@ -51,7 +51,7 @@ ExecStart=/<FULLPATH>/bin/puma -C <YOUR_APP_PATH>/puma.rb
51
51
  # Variant: Rails start.
52
52
  # ExecStart=/<FULLPATH>/bin/puma -C <YOUR_APP_PATH>/config/puma.rb ../config.ru
53
53
 
54
- # Variant: Use `bundle exec --keep-file-descriptors puma` instead of binstub
54
+ # Variant: Use `bundle exec puma` instead of binstub
55
55
  # Variant: Specify directives inline.
56
56
  # ExecStart=/<FULLPATH>/puma -b tcp://0.0.0.0:9292 -b ssl://0.0.0.0:9293?key=key.pem&cert=cert.pem
57
57
 
@@ -76,9 +76,7 @@ compatible with both clustered mode and application preload.
76
76
 
77
77
  **Note:** Any wrapper scripts which `exec`, or other indirections in `ExecStart`
78
78
  may result in activated socket file descriptors being closed before reaching the
79
- puma master process. For example, if using `bundle exec`, pass the
80
- `--keep-file-descriptors` flag. `bundle exec` can be avoided by using a `puma`
81
- executable generated by `bundle binstubs puma`. This is tracked in [#1499].
79
+ puma master process.
82
80
 
83
81
  **Note:** Socket activation doesn't currently work on JRuby. This is tracked in
84
82
  [#1367].
@@ -10,7 +10,11 @@ end
10
10
 
11
11
  unless ENV["PUMA_DISABLE_SSL"]
12
12
  # don't use pkg_config('openssl') if '--with-openssl-dir' is used
13
- has_openssl_dir = dir_config('openssl').any?
13
+ # also looks within the Ruby build for directory info
14
+ has_openssl_dir = dir_config('openssl').any? ||
15
+ RbConfig::CONFIG['configure_args']&.include?('openssl') ||
16
+ Dir.exist?("#{RbConfig::TOPDIR}/src/main/c/openssl") # TruffleRuby
17
+
14
18
  found_pkg_config = !has_openssl_dir && pkg_config('openssl')
15
19
 
16
20
  found_ssl = if !$mingw && found_pkg_config
@@ -36,6 +36,12 @@ void raise_file_error(const char* caller, const char *filename) {
36
36
  rb_raise(eError, "%s: error in file '%s': %s", caller, filename, ERR_error_string(ERR_get_error(), NULL));
37
37
  }
38
38
 
39
+ NORETURN(void raise_param_error(const char* caller, const char *param));
40
+
41
+ void raise_param_error(const char* caller, const char *param) {
42
+ rb_raise(eError, "%s: error with parameter '%s': %s", caller, param, ERR_error_string(ERR_get_error(), NULL));
43
+ }
44
+
39
45
  void engine_free(void *ptr) {
40
46
  ms_conn *conn = ptr;
41
47
  ms_cert_buf* cert_buf = (ms_cert_buf*)SSL_get_app_data(conn->ssl);
@@ -226,7 +232,7 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
226
232
  VALUE key, cert, ca, verify_mode, ssl_cipher_filter, no_tlsv1, no_tlsv1_1,
227
233
  verification_flags, session_id_bytes, cert_pem, key_pem, key_password_command, key_password;
228
234
  BIO *bio;
229
- X509 *x509;
235
+ X509 *x509 = NULL;
230
236
  EVP_PKEY *pkey;
231
237
  pem_password_cb *password_cb = NULL;
232
238
  const char *password = NULL;
@@ -298,16 +304,65 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
298
304
  }
299
305
 
300
306
  if (!NIL_P(cert_pem)) {
307
+ X509 *ca = NULL;
308
+ unsigned long err;
309
+
301
310
  bio = BIO_new(BIO_s_mem());
302
311
  BIO_puts(bio, RSTRING_PTR(cert_pem));
312
+
313
+ /**
314
+ * Much of this pulled as a simplified version of the `use_certificate_chain_file` method
315
+ * from openssl's `ssl_rsa.c` file.
316
+ */
317
+
318
+ /* first read the cert as the first item in the pem file */
303
319
  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
320
+ if (NULL == x509) {
321
+ BIO_free_all(bio);
322
+ raise_param_error("PEM_read_bio_X509", "cert_pem");
323
+ }
304
324
 
305
- if (SSL_CTX_use_certificate(ctx, x509) != 1) {
306
- BIO_free(bio);
307
- raise_file_error("SSL_CTX_use_certificate", RSTRING_PTR(cert_pem));
325
+ /* Add the cert to the context */
326
+ /* 1 is success - otherwise check the error codes */
327
+ if (1 != SSL_CTX_use_certificate(ctx, x509)) {
328
+ BIO_free_all(bio);
329
+ raise_param_error("SSL_CTX_use_certificate", "cert_pem");
330
+ }
331
+
332
+ X509_free(x509); /* no longer need our reference */
333
+
334
+ /* Now lets load up the rest of the certificate chain */
335
+ /* 1 is success 0 is error */
336
+ if (0 == SSL_CTX_clear_chain_certs(ctx)) {
337
+ BIO_free_all(bio);
338
+ raise_param_error("SSL_CTX_clear_chain_certs","cert_pem");
339
+ }
340
+
341
+ while (1) {
342
+ ca = PEM_read_bio_X509(bio, NULL, NULL, NULL);
343
+
344
+ if (NULL == ca) {
345
+ break;
346
+ }
347
+
348
+ if (0 == SSL_CTX_add0_chain_cert(ctx, ca)) {
349
+ BIO_free_all(bio);
350
+ raise_param_error("SSL_CTX_add0_chain_cert","cert_pem");
351
+ }
352
+ /* don't free ca - its now owned by the context */
353
+ }
354
+
355
+ /* ca is NULL - so its either the end of the file or an error */
356
+ err = ERR_peek_last_error();
357
+
358
+ /* If its the end of the file - then we are done, in any case free the bio */
359
+ BIO_free_all(bio);
360
+
361
+ if ((ERR_GET_LIB(err) == ERR_LIB_PEM) && (ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
362
+ ERR_clear_error();
363
+ } else {
364
+ raise_param_error("PEM_read_bio_X509","cert_pem");
308
365
  }
309
- X509_free(x509);
310
- BIO_free(bio);
311
366
  }
312
367
 
313
368
  if (!NIL_P(key_pem)) {
@@ -491,7 +546,7 @@ NORETURN(void raise_error(SSL* ssl, int result));
491
546
 
492
547
  void raise_error(SSL* ssl, int result) {
493
548
  char buf[512];
494
- char msg[512];
549
+ char msg[768];
495
550
  const char* err_str;
496
551
  int err = errno;
497
552
  int mask = 4095;
@@ -749,6 +804,10 @@ void Init_mini_ssl(VALUE puma) {
749
804
 
750
805
  rb_define_method(eng, "init?", engine_init, 0);
751
806
 
807
+ /* @!attribute [r] peercert
808
+ * Returns `nil` when `MiniSSL::Context#verify_mode` is set to `VERIFY_NONE`.
809
+ * @return [String, nil] DER encoded cert
810
+ */
752
811
  rb_define_method(eng, "peercert", engine_peercert, 0);
753
812
 
754
813
  rb_define_method(eng, "ssl_vers_st", engine_ssl_vers_st, 0);
@@ -99,6 +99,8 @@ public class Http11 extends RubyObject {
99
99
  int bite = b.get(i) & 0xFF;
100
100
  if(bite == '-') {
101
101
  b.set(i, (byte)'_');
102
+ } else if(bite == '_') {
103
+ b.set(i, (byte)',');
102
104
  } else {
103
105
  b.set(i, (byte)Character.toUpperCase(bite));
104
106
  }
@@ -47,6 +47,7 @@ import static javax.net.ssl.SSLEngineResult.Status;
47
47
  import static javax.net.ssl.SSLEngineResult.HandshakeStatus;
48
48
 
49
49
  public class MiniSSL extends RubyObject { // MiniSSL::Engine
50
+ private static final long serialVersionUID = -6903439483039141234L;
50
51
  private static ObjectAllocator ALLOCATOR = new ObjectAllocator() {
51
52
  public IRubyObject allocate(Ruby runtime, RubyClass klass) {
52
53
  return new MiniSSL(runtime, klass);
@@ -500,7 +501,7 @@ public class MiniSSL extends RubyObject { // MiniSSL::Engine
500
501
  }
501
502
 
502
503
  private static RaiseException newError(Ruby runtime, RubyClass errorClass, String message, Throwable cause) {
503
- RaiseException ex = new RaiseException(runtime, errorClass, message, true);
504
+ RaiseException ex = RaiseException.from(runtime, errorClass, message);
504
505
  ex.initCause(cause);
505
506
  return ex;
506
507
  }
data/lib/puma/binder.rb CHANGED
@@ -330,7 +330,7 @@ module Puma
330
330
  return
331
331
  end
332
332
 
333
- host = host[1..-2] if host and host[0..0] == '['
333
+ host = host[1..-2] if host&.start_with? '['
334
334
  tcp_server = TCPServer.new(host, port)
335
335
 
336
336
  if optimize_for_latency
@@ -364,7 +364,7 @@ module Puma
364
364
  return
365
365
  end
366
366
 
367
- host = host[1..-2] if host[0..0] == '['
367
+ host = host[1..-2] if host&.start_with? '['
368
368
  s = TCPServer.new(host, port)
369
369
  if optimize_for_latency
370
370
  s.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
data/lib/puma/cli.rb CHANGED
@@ -144,6 +144,10 @@ module Puma
144
144
  $LOAD_PATH.unshift(*arg.split(':'))
145
145
  end
146
146
 
147
+ o.on "--idle-timeout SECONDS", "Number of seconds until the next request before automatic shutdown" do |arg|
148
+ user_config.idle_timeout arg
149
+ end
150
+
147
151
  o.on "-p", "--port PORT", "Define the TCP port to bind to",
148
152
  "Use -b for more advanced options" do |arg|
149
153
  user_config.bind "tcp://#{Configuration::DEFAULTS[:tcp_host]}:#{arg}"
data/lib/puma/client.rb CHANGED
@@ -11,7 +11,6 @@ end
11
11
  require_relative 'detect'
12
12
  require_relative 'io_buffer'
13
13
  require 'tempfile'
14
- require 'forwardable'
15
14
 
16
15
  if Puma::IS_JRUBY
17
16
  # We have to work around some OpenSSL buffer/io-readiness bugs
@@ -52,6 +51,14 @@ module Puma
52
51
  CHUNK_VALID_ENDING = Const::LINE_END
53
52
  CHUNK_VALID_ENDING_SIZE = CHUNK_VALID_ENDING.bytesize
54
53
 
54
+ # The maximum number of bytes we'll buffer looking for a valid
55
+ # chunk header.
56
+ MAX_CHUNK_HEADER_SIZE = 4096
57
+
58
+ # The maximum amount of excess data the client sends
59
+ # using chunk size extensions before we abort the connection.
60
+ MAX_CHUNK_EXCESS = 16 * 1024
61
+
55
62
  # Content-Length header value validation
56
63
  CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
57
64
 
@@ -62,7 +69,6 @@ module Puma
62
69
  EmptyBody = NullIO.new
63
70
 
64
71
  include Puma::Const
65
- extend Forwardable
66
72
 
67
73
  def initialize(io, env=nil)
68
74
  @io = io
@@ -111,7 +117,10 @@ module Puma
111
117
 
112
118
  attr_accessor :remote_addr_header, :listener
113
119
 
114
- def_delegators :@io, :closed?
120
+ # Remove in Puma 7?
121
+ def closed?
122
+ @to_io.closed?
123
+ end
115
124
 
116
125
  # Test to see if io meets a bare minimum of functioning, @to_io needs to be
117
126
  # used for MiniSSL::Socket
@@ -495,6 +504,7 @@ module Puma
495
504
  @chunked_body = true
496
505
  @partial_part_left = 0
497
506
  @prev_chunk = ""
507
+ @excess_cr = 0
498
508
 
499
509
  @body = Tempfile.new(Const::PUMA_TMP_BASE)
500
510
  @body.unlink
@@ -576,6 +586,20 @@ module Puma
576
586
  end
577
587
  end
578
588
 
589
+ # Track the excess as a function of the size of the
590
+ # header vs the size of the actual data. Excess can
591
+ # go negative (and is expected to) when the body is
592
+ # significant.
593
+ # The additional of chunk_hex.size and 2 compensates
594
+ # for a client sending 1 byte in a chunked body over
595
+ # a long period of time, making sure that that client
596
+ # isn't accidentally eventually punished.
597
+ @excess_cr += (line.size - len - chunk_hex.size - 2)
598
+
599
+ if @excess_cr >= MAX_CHUNK_EXCESS
600
+ raise HttpParserError, "Maximum chunk excess detected"
601
+ end
602
+
579
603
  len += 2
580
604
 
581
605
  part = io.read(len)
@@ -603,6 +627,10 @@ module Puma
603
627
  @partial_part_left = len - part.size
604
628
  end
605
629
  else
630
+ if @prev_chunk.size + chunk.size >= MAX_CHUNK_HEADER_SIZE
631
+ raise HttpParserError, "maximum size of chunk header exceeded"
632
+ end
633
+
606
634
  @prev_chunk = line
607
635
  return false
608
636
  end