RubyGems - puma - Versions diffs - 6.4.3 → 8.0.2 - Mend

puma 6.4.3 → 8.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

checksums.yaml +4 -4
data/History.md +448 -8
data/README.md +110 -51
data/docs/5.0-Upgrade.md +98 -0
data/docs/6.0-Upgrade.md +56 -0
data/docs/7.0-Upgrade.md +52 -0
data/docs/8.0-Upgrade.md +100 -0
data/docs/deployment.md +58 -23
data/docs/fork_worker.md +11 -1
data/docs/grpc.md +62 -0
data/docs/images/favicon.svg +1 -0
data/docs/images/running-puma.svg +1 -0
data/docs/images/standard-logo.svg +1 -0
data/docs/java_options.md +54 -0
data/docs/jungle/README.md +1 -1
data/docs/kubernetes.md +11 -16
data/docs/plugins.md +6 -2
data/docs/restart.md +2 -2
data/docs/signals.md +21 -21
data/docs/stats.md +11 -5
data/docs/systemd.md +14 -5
data/ext/puma_http11/extconf.rb +20 -32
data/ext/puma_http11/http11_parser.java.rl +51 -65
data/ext/puma_http11/mini_ssl.c +29 -9
data/ext/puma_http11/org/jruby/puma/EnvKey.java +241 -0
data/ext/puma_http11/org/jruby/puma/Http11.java +194 -101
data/ext/puma_http11/org/jruby/puma/Http11Parser.java +71 -85
data/ext/puma_http11/puma_http11.c +125 -118
data/lib/puma/app/status.rb +11 -3
data/lib/puma/binder.rb +22 -12
data/lib/puma/cli.rb +11 -9
data/lib/puma/client.rb +233 -136
data/lib/puma/client_env.rb +171 -0
data/lib/puma/cluster/worker.rb +24 -21
data/lib/puma/cluster/worker_handle.rb +38 -8
data/lib/puma/cluster.rb +74 -48
data/lib/puma/cluster_accept_loop_delay.rb +91 -0
data/lib/puma/commonlogger.rb +3 -3
data/lib/puma/configuration.rb +197 -64
data/lib/puma/const.rb +23 -12
data/lib/puma/control_cli.rb +11 -7
data/lib/puma/detect.rb +13 -0
data/lib/puma/dsl.rb +483 -127
data/lib/puma/error_logger.rb +7 -5
data/lib/puma/events.rb +25 -10
data/lib/puma/io_buffer.rb +8 -4
data/lib/puma/jruby_restart.rb +0 -16
data/lib/puma/launcher/bundle_pruner.rb +3 -5
data/lib/puma/launcher.rb +76 -59
data/lib/puma/log_writer.rb +17 -11
data/lib/puma/minissl/context_builder.rb +1 -0
data/lib/puma/minissl.rb +1 -1
data/lib/puma/null_io.rb +26 -0
data/lib/puma/plugin/systemd.rb +3 -3
data/lib/puma/rack/urlmap.rb +1 -1
data/lib/puma/reactor.rb +19 -13
data/lib/puma/{request.rb → response.rb} +57 -209
data/lib/puma/runner.rb +15 -17
data/lib/puma/sd_notify.rb +1 -4
data/lib/puma/server.rb +200 -104
data/lib/puma/server_plugin_control.rb +32 -0
data/lib/puma/single.rb +7 -4
data/lib/puma/state_file.rb +3 -2
data/lib/puma/thread_pool.rb +179 -96
data/lib/puma/util.rb +0 -7
data/lib/puma.rb +10 -0
data/lib/rack/handler/puma.rb +11 -8
data/tools/Dockerfile +15 -5
metadata +26 -16
data/ext/puma_http11/ext_help.h +0 -15

data/ext/puma_http11/extconf.rb CHANGED Viewed

@@ -10,15 +10,13 @@ end
 unless ENV["PUMA_DISABLE_SSL"]
   # don't use pkg_config('openssl') if '--with-openssl-dir' is used
-  # also looks within the Ruby build for directory info
   has_openssl_dir = dir_config('openssl').any? ||
-    RbConfig::CONFIG['configure_args']&.include?('openssl') ||
-    Dir.exist?("#{RbConfig::TOPDIR}/src/main/c/openssl") # TruffleRuby
+    RbConfig::CONFIG['configure_args']&.include?('openssl')
   found_pkg_config = !has_openssl_dir && pkg_config('openssl')
   found_ssl = if !$mingw && found_pkg_config
-    puts 'using OpenSSL pkgconfig (openssl.pc)'
+    puts '──── Using OpenSSL pkgconfig (openssl.pc) ────'
     true
   elsif have_library('libcrypto', 'BIO_read') && have_library('libssl', 'SSL_CTX_new')
     true
@@ -33,45 +31,35 @@ unless ENV["PUMA_DISABLE_SSL"]
   if found_ssl
     have_header "openssl/bio.h"
-    # below is  yes for 1.0.2 & later
-    have_func "DTLS_method"                            , "openssl/ssl.h"
-    have_func "SSL_CTX_set_session_cache_mode(NULL, 0)", "openssl/ssl.h"
+    ssl_h = "openssl/ssl.h".freeze
-    # below are yes for 1.1.0 & later
-    have_func "TLS_server_method"                      , "openssl/ssl.h"
-    have_func "SSL_CTX_set_min_proto_version(NULL, 0)" , "openssl/ssl.h"
+    puts "\n──── Below are yes for 1.0.2 & later ────"
+    have_func "DTLS_method"                            , ssl_h
+    have_func "SSL_CTX_set_session_cache_mode(NULL, 0)", ssl_h
-    have_func "X509_STORE_up_ref"
-    have_func "SSL_CTX_set_ecdh_auto(NULL, 0)"         , "openssl/ssl.h"
+    puts "\n──── Below are yes for 1.1.0 & later ────"
+    have_func "TLS_server_method"                      , ssl_h
+    have_func "SSL_CTX_set_min_proto_version(NULL, 0)" , ssl_h
-    # below exists in 1.1.0 and later, but isn't documented until 3.0.0
-    have_func "SSL_CTX_set_dh_auto(NULL, 0)"           , "openssl/ssl.h"
+    puts "\n──── Below is yes for 1.1.0 and later, but isn't documented until 3.0.0 ────"
+    # https://github.com/openssl/openssl/blob/OpenSSL_1_1_0/include/openssl/ssl.h#L1159
+    have_func "SSL_CTX_set_dh_auto(NULL, 0)"           , ssl_h
-    # below is yes for 3.0.0 & later
-    have_func "SSL_get1_peer_certificate"              , "openssl/ssl.h"
+    puts "\n──── Below is yes for 1.1.1 & later ────"
+    have_func "SSL_CTX_set_ciphersuites(NULL, \"\")"   , ssl_h
-    # Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0
-    if Random.respond_to?(:bytes)
-      $defs.push "-DHAVE_RANDOM_BYTES"
-      puts "checking for Random.bytes... yes"
-    else
-      puts "checking for Random.bytes... no"
-    end
+    puts "\n──── Below is yes for 3.0.0 & later ────"
+    have_func "SSL_get1_peer_certificate"              , ssl_h
+    puts ''
   end
 end
 if ENV["PUMA_MAKE_WARNINGS_INTO_ERRORS"]
   # Make all warnings into errors
   # Except `implicit-fallthrough` since most failures comes from ragel state machine generated code
-  if respond_to?(:append_cflags, true) # Ruby 2.5 and later
-    append_cflags(config_string('WERRORFLAG') || '-Werror')
-    append_cflags '-Wno-implicit-fallthrough'
-  else
-    # flag may not exist on some platforms, -Werror may not be defined on some platforms, but
-    # works with all in current CI
-    $CFLAGS << " #{config_string('WERRORFLAG') || '-Werror'}"
-    $CFLAGS << ' -Wno-implicit-fallthrough'
-  end
+  append_cflags(config_string('WERRORFLAG') || '-Werror')
+  append_cflags '-Wno-implicit-fallthrough'
 end
 create_makefile("puma/puma_http11")

data/ext/puma_http11/http11_parser.java.rl CHANGED Viewed

@@ -2,6 +2,7 @@ package org.jruby.puma;
 import org.jruby.Ruby;
 import org.jruby.RubyHash;
+import org.jruby.RubyString;
 import org.jruby.util.ByteList;
 public class Http11Parser {
@@ -12,44 +13,44 @@ public class Http11Parser {
   machine puma_parser;
-  action mark {parser.mark = fpc; }
+  action mark {this.mark = fpc; }
-  action start_field { parser.field_start = fpc; }
-  action snake_upcase_field { /* FIXME stub */ }
+  action start_field { this.field_start = fpc; }
+  action snake_upcase_field { /* done lazily as needed */ }
   action write_field {
-    parser.field_len = fpc-parser.field_start;
+    this.field_len = fpc-this.field_start;
   }
-  action start_value { parser.mark = fpc; }
+  action start_value { this.mark = fpc; }
   action write_value {
-    Http11.http_field(runtime, parser.data, parser.buffer, parser.field_start, parser.field_len, parser.mark, fpc-parser.mark);
+    Http11.http_field(runtime, envStrings, this, fpc-this.mark);
   }
   action request_method {
-    Http11.request_method(runtime, parser.data, parser.buffer, parser.mark, fpc-parser.mark);
+    Http11.request_method(runtime, envStrings, this, fpc-this.mark);
   }
   action request_uri {
-    Http11.request_uri(runtime, parser.data, parser.buffer, parser.mark, fpc-parser.mark);
+    Http11.request_uri(runtime, envStrings, this, fpc-this.mark);
   }
   action fragment {
-    Http11.fragment(runtime, parser.data, parser.buffer, parser.mark, fpc-parser.mark);
+    Http11.fragment(runtime, envStrings, this, fpc-this.mark);
   }
-  action start_query {parser.query_start = fpc; }
+  action start_query {this.query_start = fpc; }
   action query_string {
-    Http11.query_string(runtime, parser.data, parser.buffer, parser.query_start, fpc-parser.query_start);
+    Http11.query_string(runtime, envStrings, this, fpc-this.query_start);
   }
   action server_protocol {
-    Http11.server_protocol(runtime, parser.data, parser.buffer, parser.mark, fpc-parser.mark);
+    Http11.server_protocol(runtime, envStrings, this, fpc-this.mark);
   }
   action request_path {
-    Http11.request_path(runtime, parser.data, parser.buffer, parser.mark, fpc-parser.mark);
+    Http11.request_path(runtime, envStrings, this, fpc-this.mark);
   }
   action done {
-    parser.body_start = fpc + 1;
-    http.header_done(runtime, parser.data, parser.buffer, fpc + 1, pe - fpc - 1);
+    this.body_start = fpc + 1;
+    http.header_done(runtime, this, fpc + 1, pe - fpc - 1);
     fbreak;
   }
@@ -60,69 +61,54 @@ public class Http11Parser {
 /** Data **/
 %% write data noentry;
-   public static interface ElementCB {
-     public void call(Ruby runtime, RubyHash data, ByteList buffer, int at, int length);
-   }
+   int cs;
+   int body_start;
+   int nread;
+   int mark;
+   int field_start;
+   int field_len;
+   int query_start;
-   public static interface FieldCB {
-     public void call(Ruby runtime, RubyHash data, ByteList buffer, int field, int flen, int value, int vlen);
-   }
+   RubyHash data;
+   byte[] buffer;
-   public static class HttpParser {
-      int cs;
-      int body_start;
-      int content_len;
-      int nread;
-      int mark;
-      int field_start;
-      int field_len;
-      int query_start;
-      RubyHash data;
-      ByteList buffer;
-      public void init() {
-          cs = 0;
-          %% write init;
-          body_start = 0;
-          content_len = 0;
-          mark = 0;
-          nread = 0;
-          field_len = 0;
-          field_start = 0;
-      }
-   }
+   public void init() {
-   public final HttpParser parser = new HttpParser();
+       %% write init;
+       body_start = 0;
+       mark = 0;
+       nread = 0;
+       field_len = 0;
+       field_start = 0;
+   }
    public int execute(Ruby runtime, Http11 http, ByteList buffer, int off) {
      int p, pe;
-     int cs = parser.cs;
+     int cs = this.cs;
      int len = buffer.length();
+     int beg = buffer.begin();
+     RubyString[] envStrings = http.envStrings;
      assert off<=len : "offset past end of buffer";
-     p = off;
-     pe = len;
-     // get a copy of the bytes, since it may not start at 0
-     // FIXME: figure out how to just use the bytes in-place
-     byte[] data = buffer.bytes();
-     parser.buffer = buffer;
+     p = beg + off;
+     pe = beg + len;
+     byte[] data = buffer.unsafeBytes();
+     this.buffer = data;
      %% write exec;
-     parser.cs = cs;
-     parser.nread += (p - off);
+     this.cs = cs;
+     this.nread += (p - off);
      assert p <= pe                  : "buffer overflow after parsing execute";
-     assert parser.nread <= len      : "nread longer than length";
-     assert parser.body_start <= len : "body starts after buffer end";
-     assert parser.mark < len        : "mark is after buffer end";
-     assert parser.field_len <= len  : "field has length longer than whole buffer";
-     assert parser.field_start < len : "field starts after buffer end";
+     assert this.nread <= len      : "nread longer than length";
+     assert this.body_start <= len : "body starts after buffer end";
+     assert this.mark < len        : "mark is after buffer end";
+     assert this.field_len <= len  : "field has length longer than whole buffer";
+     assert this.field_start < len : "field starts after buffer end";
-     return parser.nread;
+     return this.nread;
    }
    public int finish() {
@@ -136,10 +122,10 @@ public class Http11Parser {
   }
   public boolean has_error() {
-    return parser.cs == puma_parser_error;
+    return this.cs == puma_parser_error;
   }
   public boolean is_finished() {
-    return parser.cs == puma_parser_first_final;
+    return this.cs == puma_parser_first_final;
   }
 }

data/ext/puma_http11/mini_ssl.c CHANGED Viewed

@@ -229,7 +229,7 @@ VALUE
 sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
   SSL_CTX* ctx;
   int ssl_options;
-  VALUE key, cert, ca, verify_mode, ssl_cipher_filter, no_tlsv1, no_tlsv1_1,
+  VALUE key, cert, ca, verify_mode, ssl_cipher_filter, ssl_ciphersuites, no_tlsv1, no_tlsv1_1,
     verification_flags, session_id_bytes, cert_pem, key_pem, key_password_command, key_password;
   BIO *bio;
   X509 *x509 = NULL;
@@ -269,6 +269,8 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
   ssl_cipher_filter = rb_funcall(mini_ssl_ctx, rb_intern_const("ssl_cipher_filter"), 0);
+  ssl_ciphersuites = rb_funcall(mini_ssl_ctx, rb_intern_const("ssl_ciphersuites"), 0);
   no_tlsv1 = rb_funcall(mini_ssl_ctx, rb_intern_const("no_tlsv1"), 0);
   no_tlsv1_1 = rb_funcall(mini_ssl_ctx, rb_intern_const("no_tlsv1_1"), 0);
@@ -444,6 +446,14 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
     SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL@STRENGTH");
   }
+#if HAVE_SSL_CTX_SET_CIPHERSUITES
+  // Only override OpenSSL default ciphersuites if config option is supplied.
+  if (!NIL_P(ssl_ciphersuites)) {
+    StringValue(ssl_ciphersuites);
+    SSL_CTX_set_ciphersuites(ctx, RSTRING_PTR(ssl_ciphersuites));
+  }
+#endif
 #if OPENSSL_VERSION_NUMBER < 0x10002000L
   // Remove this case if OpenSSL 1.0.1 (now EOL) support is no longer needed.
   ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -461,13 +471,8 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
     SSL_CTX_set_verify(ctx, NUM2INT(verify_mode), engine_verify_callback);
   }
-  // Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0
   session_id_bytes = rb_funcall(
-#ifdef HAVE_RANDOM_BYTES
     rb_cRandom,
-#else
-    rb_const_get(rb_cRandom, rb_intern_const("DEFAULT")),
-#endif
     rb_intern_const("bytes"),
     1, ULL2NUM(SSL_MAX_SSL_SESSION_ID_LENGTH));
@@ -655,14 +660,29 @@ VALUE engine_shutdown(VALUE self) {
   TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);
+  if (SSL_in_init(conn->ssl)) {
+    // Avoid "shutdown while in init" error
+    // See https://github.com/openssl/openssl/blob/openssl-3.5.2/ssl/ssl_lib.c#L2827-L2828
+    return Qtrue;
+  }
   ERR_clear_error();
   ok = SSL_shutdown(conn->ssl);
-  if (ok == 0) {
-    return Qfalse;
+  // See https://github.com/openssl/openssl/blob/openssl-3.5.2/ssl/ssl_lib.c#L2792-L2797
+  // for description of SSL_shutdown return values.
+  switch (ok) {
+    case 0:
+      // "close notify" alert is sent by us.
+      return Qfalse;
+    case 1:
+      // "close notify" alert was received from peer.
+      return Qtrue;
+    default:
+      raise_error(conn->ssl, ok);
   }
-  return Qtrue;
+  return Qnil;
 }
 VALUE engine_init(VALUE self) {

data/ext/puma_http11/org/jruby/puma/EnvKey.java ADDED Viewed

@@ -0,0 +1,241 @@
+package org.jruby.puma;
+import org.jruby.util.ByteList;
+import java.nio.charset.StandardCharsets;
+/**
+ * A set of keys representing HTTP/1.1 header fields and CGI env keys.
+ *
+ * The set of header fields is derived from RFC 2616 with some additions
+ * common to mainstream browsers.
+ *
+ * This enum is used by {@link Http11 }to access pre-allocated strings for
+ * Puma's version of these keys and includes a perfect hash function to quickly
+ * find the key for a given range of bytes.
+ */
+public enum EnvKey {
+    ACCEPT,
+    ACCEPT_CHARSET,
+    ACCEPT_ENCODING,
+    ACCEPT_LANGUAGE,
+    ACCEPT_RANGES,
+    AGE,
+    ALLOW,
+    AUTHORIZATION,
+    CACHE_CONTROL,
+    CONNECTION,
+    CONTENT_ENCODING,
+    CONTENT_LANGUAGE,
+    CONTENT_LENGTH(true),
+    CONTENT_LOCATION,
+    CONTENT_MD5,
+    CONTENT_RANGE,
+    CONTENT_TYPE(true),
+    DATE,
+    ETAG,
+    EXPECT,
+    EXPIRES,
+    FRAGMENT(true),
+    FROM,
+    HOST,
+    IF_MATCH,
+    IF_MODIFIED_SINCE,
+    IF_NONE_MATCH,
+    IF_RANGE,
+    IF_UNMODIFIED_SINCE,
+    KEEP_ALIVE,
+    LAST_MODIFIED,
+    LOCATION,
+    MAX_FORWARDS,
+    PRAGMA,
+    PROXY_AUTHENTICATE,
+    PROXY_AUTHORIZATION,
+    QUERY_STRING(true),
+    RANGE,
+    REFERER,
+    REQUEST_METHOD(true),
+    REQUEST_PATH(true),
+    REQUEST_URI(true),
+    RETRY_AFTER,
+    SERVER,
+    SERVER_PROTOCOL(true),
+    TE,
+    TRAILER,
+    TRANSFER_ENCODING,
+    UPGRADE,
+    USER_AGENT,
+    VARY,
+    VIA,
+    X_FORWARDED_FOR,
+    X_REAL_IP,
+    WARNING,
+    WWW_AUTHENTICATE;
+    final ByteList httpName;
+    EnvKey() {
+        this(false);
+    }
+    EnvKey(boolean raw) {
+        String httpName = raw ? name() : "HTTP_" + name();
+        this.httpName = new ByteList(ByteList.plain(httpName), false);
+    }
+    /**
+     * Using a perfect hash, find the EnvKey for a given field name, or null if none matches.
+     *
+     * Generated by the gperf tool as C and adapted to Java. Must be regenerated if the set of keys changes.
+     *
+     * @param buffer the buffer containing the field name
+     * @param start  the starting offset of the field name
+     * @param len    the length of the field name
+     * @return the matching EnvKey, or else null
+     */
+    public static EnvKey keyForField(byte[] buffer, int start, int len) {
+        int key = hash(buffer, start, len);
+        if (key <= MAX_HASH_VALUE) {
+            EnvKey match = keyList[key];
+            if (match != null && equalsIgnoreCase(buffer, start, len, match.name())) {
+                return match;
+            }
+        }
+        return null;
+    }
+    private static boolean equalsIgnoreCase(byte[] buf, int start, int len, String key) {
+        int slen = key.length();
+        if (len != slen) return false;
+        for (int i = 0; i < slen; i++) {
+            byte b1 = buf[start + i];
+            byte b2 = (byte) key.charAt(i);
+            if (Http11.snakeUpcase(b1) != b2) return false;
+        }
+        return true;
+    }
+    private static int hash(byte[] buffer, int start, int len) {
+        return len
+                + asso_values[Byte.toUnsignedInt(Http11.snakeUpcase(buffer[start + len - 1]))]
+                + asso_values[Byte.toUnsignedInt(Http11.snakeUpcase(buffer[start]))];
+    }
+    private static final int MAX_HASH_VALUE = 94;
+    private final static int[] asso_values = {
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 10, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 5, 95, 15, 40, 0,
+            0, 10, 10, 15, 95, 0, 20, 5, 25, 95,
+            50, 40, 0, 40, 10, 35, 5, 35, 0, 10,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95, 95, 95, 95, 95,
+            95, 95, 95, 95, 95, 95
+    };
+    private static final EnvKey[] keyList = {
+            null, null, null, null, null,
+            EnvKey.RANGE,
+            null,
+            EnvKey.REFERER,
+            EnvKey.AGE,
+            EnvKey.FROM,
+            EnvKey.KEEP_ALIVE,
+            EnvKey.RETRY_AFTER,
+            EnvKey.TE,
+            EnvKey.VIA,
+            EnvKey.ETAG,
+            EnvKey.X_FORWARDED_FOR,
+            EnvKey.EXPECT,
+            EnvKey.TRAILER,
+            EnvKey.FRAGMENT,
+            EnvKey.VARY,
+            EnvKey.ACCEPT_LANGUAGE,
+            EnvKey.ACCEPT,
+            EnvKey.REQUEST_PATH,
+            EnvKey.IF_RANGE,
+            EnvKey.HOST,
+            null,
+            EnvKey.REQUEST_URI,
+            EnvKey.CONTENT_TYPE,
+            EnvKey.CONTENT_RANGE,
+            EnvKey.ACCEPT_CHARSET,
+            EnvKey.ACCEPT_ENCODING,
+            EnvKey.CONTENT_LANGUAGE,
+            EnvKey.IF_MODIFIED_SINCE,
+            EnvKey.IF_MATCH,
+            EnvKey.IF_UNMODIFIED_SINCE,
+            null,
+            EnvKey.CONTENT_MD5,
+            EnvKey.TRANSFER_ENCODING,
+            EnvKey.IF_NONE_MATCH,
+            EnvKey.CONTENT_LENGTH,
+            null,
+            EnvKey.CONTENT_ENCODING,
+            EnvKey.UPGRADE,
+            EnvKey.AUTHORIZATION,
+            EnvKey.DATE,
+            EnvKey.ALLOW,
+            EnvKey.SERVER,
+            EnvKey.EXPIRES,
+            EnvKey.CACHE_CONTROL,
+            null,
+            EnvKey.CONNECTION,
+            EnvKey.WWW_AUTHENTICATE,
+            EnvKey.WARNING,
+            EnvKey.LOCATION,
+            EnvKey.REQUEST_METHOD,
+            EnvKey.USER_AGENT,
+            EnvKey.CONTENT_LOCATION,
+            EnvKey.MAX_FORWARDS,
+            EnvKey.ACCEPT_RANGES,
+            EnvKey.X_REAL_IP,
+            null,
+            EnvKey.PRAGMA,
+            EnvKey.QUERY_STRING,
+            null, null, null, null, null,
+            EnvKey.PROXY_AUTHENTICATE,
+            null, null, null, null,
+            EnvKey.LAST_MODIFIED,
+            null,
+            EnvKey.SERVER_PROTOCOL,
+            null, null, null, null, null, null, null, null, null,
+            null, null, null, null, null, null, null, null, null,
+            EnvKey.PROXY_AUTHORIZATION
+    };
+    static {
+        // The perfect hash function must be regenerated if the list above changes
+        for (EnvKey key : values()) {
+            EnvKey found;
+            assert (found = keyForKey(key)) == key : key + " was not matched by perfect hash and found " + found;
+        }
+    }
+    // Only used for verification of the perfect hash, at boot with asserts enabled.
+    private static EnvKey keyForKey(EnvKey key) {
+        byte[] bytes = key.name().getBytes(StandardCharsets.ISO_8859_1);
+        return keyList[hash(bytes, 0, bytes.length)];
+    }
+}