raptor 0.3.0 → 0.4.0

data/lib/raptor/request.rb

@@ -5,6 +5,7 @@ require "socket"
 require "stringio"
 require "tempfile"
 
+require "atomic-ruby/atomic_boolean"
 require "rack"
 
 require_relative "raptor_http"
@@ -39,6 +40,7 @@ module Raptor
     end
 
     STATUS_WITH_NO_ENTITY_BODY = Set.new([204, 304, *100..199]).freeze
+    BAD_REQUEST_RESPONSE = "HTTP/1.1 400 Bad Request\r\nContent-Length: 0\r\nConnection: close\r\n\r\n"
     INTERNAL_SERVER_ERROR_RESPONSE = "HTTP/1.1 500 Internal Server Error\r\nContent-Length: 0\r\nConnection: close\r\n\r\n"
     CONTENT_TOO_LARGE_RESPONSE = "HTTP/1.1 413 Content Too Large\r\nContent-Length: 0\r\nConnection: close\r\n\r\n"
 
@@ -92,11 +94,39 @@ module Raptor
       [decoded, :incomplete]
     end
 
+    # Writes a string to the socket, retrying on partial writes and flow control blocks.
+    #
+    # Uses write_nonblock with `WRITE_TIMEOUT` to avoid blocking the thread
+    # indefinitely on slow clients.
+    #
+    # @param socket [TCPSocket] the socket to write to
+    # @param string [String] the data to write
+    # @return [void]
+    # @raise [WriteError] if the socket is not writable within the timeout or raises IOError
+    #
+    # @rbs (TCPSocket socket, String string) -> void
+    def self.socket_write(socket, string)
+      bytes = 0
+      byte_size = string.bytesize
+
+      while bytes < byte_size
+        begin
+          bytes += socket.write_nonblock(bytes.zero? ? string : string.byteslice(bytes..-1))
+        rescue IO::WaitWritable
+          raise WriteError unless socket.wait_writable(WRITE_TIMEOUT)
+          retry
+        rescue IOError
+          raise WriteError
+        end
+      end
+    end
+
     # @rbs @app: ^(Hash[String, untyped]) -> [Integer, Hash[String, String | Array[String]], untyped]
     # @rbs @server_port: Integer
     # @rbs @max_body_size: Integer?
     # @rbs @body_spool_threshold: Integer?
     # @rbs @on_error: ^(Hash[String, untyped]?, Exception) -> void | nil
+    # @rbs @running: AtomicBoolean
 
     # Creates a new Request handler.
     #
@@ -115,6 +145,17 @@ module Raptor
       @max_body_size = client_options[:max_body_size]
       @body_spool_threshold = client_options[:body_spool_threshold]
       @on_error = on_error
+      @running = AtomicBoolean.new(true)
+    end
+
+    # Signals eager keep-alive loops to stop processing further requests on
+    # their connections. In-flight requests complete normally.
+    #
+    # @return [void]
+    #
+    # @rbs () -> void
+    def shutdown
+      @running.make_false
     end
 
     # Eagerly reads and parses the first request on a freshly accepted
@@ -155,7 +196,12 @@ module Raptor
 
       parser = HttpParser.new
       env = {}
-      nread = parser.execute(env, buffer, 0)
+      nread = begin
+        parser.execute(env, buffer, 0)
+      rescue HttpParserError
+        reject_malformed(socket)
+        return
+      end
       parse_data = { parse_count: 1, content_length: parser.content_length }
 
       body = nil
@@ -210,7 +256,11 @@ module Raptor
 
         parser = Raptor::HttpParser.new
         env = {}
-        nread = parser.execute(env, data[:buffer], 0)
+        nread = begin
+          parser.execute(env, data[:buffer], 0)
+        rescue Raptor::HttpParserError
+          next Ractor.make_shareable(data.merge(complete: true, malformed: true))
+        end
         parse_data = if data[:parse_data]
           data[:parse_data].dup
         else
@@ -269,6 +319,12 @@ module Raptor
         return
       end
 
+      if parsed_request[:malformed]
+        socket = reactor.remove(parsed_request[:id])
+        reject_malformed(socket) if socket
+        return
+      end
+
       unless parsed_request[:complete]
         reactor.update_state(parsed_request)
       else
@@ -394,6 +450,11 @@ module Raptor
     # @rbs (TCPSocket socket, Integer id, Reactor reactor, AtomicThreadPool thread_pool, Integer request_count, String remote_addr, String url_scheme) -> void
     def eager_keepalive(socket, id, reactor, thread_pool, request_count, remote_addr, url_scheme)
       loop do
+        unless @running.true?
+          socket.close rescue nil
+          return
+        end
+
         unless socket.wait_readable(KEEPALIVE_READ_TIMEOUT)
           reactor.persist(socket, id, request_count, remote_addr: remote_addr, url_scheme: url_scheme)
           return
@@ -418,7 +479,12 @@ module Raptor
 
         parser = HttpParser.new
         env = {}
-        nread = parser.execute(env, buffer, 0)
+        nread = begin
+          parser.execute(env, buffer, 0)
+        rescue HttpParserError
+          reject_malformed(socket)
+          return
+        end
         parse_data = { parse_count: 1, content_length: parser.content_length }
 
         body = nil
@@ -515,6 +581,18 @@ module Raptor
       socket.close rescue nil
     end
 
+    # Writes a 400 response and closes the socket. Used when the HTTP parser
+    # rejects the request line or headers.
+    #
+    # @param socket [TCPSocket] the client socket
+    # @return [void]
+    #
+    # @rbs (TCPSocket socket) -> void
+    def reject_malformed(socket)
+      socket.write(BAD_REQUEST_RESPONSE) rescue nil
+      socket.close rescue nil
+    end
+
     # Builds a Rack environment hash from parsed HTTP request data.
     #
     # Populates all required Rack env keys including rack.* keys, REMOTE_ADDR,
@@ -644,7 +722,7 @@ module Raptor
       end
       response << "\r\n"
 
-      socket_write(socket, response)
+      Request.socket_write(socket, response)
     end
 
     # Writes a complete HTTP response to the socket.
@@ -777,7 +855,7 @@ module Raptor
     def write_hijacked_response(socket, response, headers, response_hijack)
       response << format_headers(headers)
       response << "\r\n"
-      socket_write(socket, response)
+      Request.socket_write(socket, response)
       uncork_socket(socket)
       response_hijack.call(socket)
     end
@@ -802,7 +880,7 @@ module Raptor
 
       response << format_headers(headers)
       response << "\r\n"
-      socket_write(socket, response)
+      Request.socket_write(socket, response)
     end
 
     # Writes a complete response with a body.
@@ -824,7 +902,7 @@ module Raptor
       if body.respond_to?(:call)
         response << format_headers(headers)
         response << "\r\n"
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
         uncork_socket(socket)
         body.call(socket)
         return
@@ -861,7 +939,7 @@ module Raptor
         raise TypeError, "body must respond to each, to_ary, or to_path"
       end
 
-      socket_write(socket, "0\r\n\r\n") if use_chunked
+      Request.socket_write(socket, "0\r\n\r\n") if use_chunked
     end
 
     # Calculates content length from an array or file body without consuming it.
@@ -901,15 +979,15 @@ module Raptor
     def write_file_body(socket, response, path, content_length, use_chunked)
       File.open(path, "rb") do |file|
         if use_chunked
-          socket_write(socket, response)
+          Request.socket_write(socket, response)
           while (chunk = file.read(FILE_CHUNK_SIZE))
-            socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
+            Request.socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
           end
         elsif content_length && content_length < BODY_BUFFER_THRESHOLD
           response << file.read(content_length)
-          socket_write(socket, response)
+          Request.socket_write(socket, response)
         else
-          socket_write(socket, response)
+          Request.socket_write(socket, response)
           IO.copy_stream(file, socket)
         end
       end
@@ -952,12 +1030,12 @@ module Raptor
 
       if use_chunked
         response << "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n"
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
       elsif chunk.bytesize < BODY_BUFFER_THRESHOLD
-        socket_write(socket, response << chunk)
+        Request.socket_write(socket, response << chunk)
       else
-        socket_write(socket, response)
-        socket_write(socket, chunk)
+        Request.socket_write(socket, response)
+        Request.socket_write(socket, chunk)
       end
     end
 
@@ -973,13 +1051,13 @@ module Raptor
     # @rbs (TCPSocket socket, String response, Array[String] body_array, bool use_chunked) -> void
     def write_multiple_chunks(socket, response, body_array, use_chunked)
       if use_chunked
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
         body_array.each do |chunk|
           raise TypeError, "body must yield String values" unless chunk.is_a?(String)
 
           next if chunk.empty?
 
-          socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
+          Request.socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
         end
       else
         body_array.each do |chunk|
@@ -987,7 +1065,7 @@ module Raptor
 
           response << chunk
         end
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
       end
     end
 
@@ -1003,13 +1081,13 @@ module Raptor
     # @rbs (TCPSocket socket, String response, untyped body, bool use_chunked) -> void
     def write_enumerable_body(socket, response, body, use_chunked)
       if use_chunked
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
         body.each do |chunk|
           raise TypeError, "body must yield String values" unless chunk.is_a?(String)
 
           next if chunk.empty?
 
-          socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
+          Request.socket_write(socket, "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n")
         end
       else
         body.each do |chunk|
@@ -1017,7 +1095,7 @@ module Raptor
 
           response << chunk
         end
-        socket_write(socket, response)
+        Request.socket_write(socket, response)
       end
     end
 
@@ -1090,33 +1168,6 @@ module Raptor
       end
     end
 
-    # Writes a string to the socket, retrying on partial writes and flow control blocks.
-    #
-    # Uses write_nonblock with a 5-second writable timeout to avoid blocking the
-    # thread indefinitely on slow clients.
-    #
-    # @param socket [TCPSocket] the socket to write to
-    # @param string [String] the data to write
-    # @return [void]
-    # @raise [WriteError] if the socket is not writable within the timeout or raises IOError
-    #
-    # @rbs (TCPSocket socket, String string) -> void
-    def socket_write(socket, string)
-      bytes = 0
-      byte_size = string.bytesize
-
-      while bytes < byte_size
-        begin
-          bytes += socket.write_nonblock(bytes.zero? ? string : string.byteslice(bytes..-1))
-        rescue IO::WaitWritable
-          raise WriteError unless socket.wait_writable(WRITE_TIMEOUT)
-          retry
-        rescue IOError
-          raise WriteError
-        end
-      end
-    end
-
     if Socket.const_defined?(:TCP_CORK)
       # Enables TCP_CORK on the socket to batch outgoing packets into fewer segments.
       #

data/lib/raptor/server.rb

@@ -14,8 +14,8 @@ module Raptor
   # providing natural backpressure based on system capacity.
   #
   # Supports TCP, Unix domain, and SSL listeners transparently. TCP_NODELAY is
-  # applied only to TCP sockets, and SSL handshakes are performed synchronously
-  # before the connection is dispatched.
+  # applied only to TCP sockets, and SSL handshakes are offloaded to the thread
+  # pool so a slow client cannot block the server thread.
   #
   # For HTTP/1.1 connections the first request is parsed inline on the server
   # thread and dispatched directly to the thread pool, falling back to the
@@ -27,7 +27,7 @@ module Raptor
   #   binder = Binder.new(["tcp://0.0.0.0:3000"])
   #   reactor = Reactor.new(thread_pool, ractor_pool, client_options: {})
   #   request = Request.new(app, 3000)
-  #   server = Server.new(binder, reactor, thread_pool, request)
+  #   server = Server.new(binder, reactor, thread_pool, request, client_options: { first_data_timeout: 30 })
   #   server.run
   #   # ... later
   #   server.shutdown
@@ -41,6 +41,7 @@ module Raptor
     # @rbs @reactor: Reactor
     # @rbs @thread_pool: AtomicThreadPool
     # @rbs @request: Request
+    # @rbs @client_options: Hash[Symbol, untyped]
     # @rbs @running: AtomicBoolean
 
     # Creates a new Server instance.
@@ -49,14 +50,16 @@ module Raptor
     # @param reactor [Reactor] the reactor for handling client connections
     # @param thread_pool [AtomicThreadPool] thread pool for application processing
     # @param request [Request] the HTTP/1.1 request handler
+    # @param client_options [Hash] client timeout configuration, used to bound TLS handshakes
     # @return [void]
     #
-    # @rbs (Binder binder, Reactor reactor, AtomicThreadPool thread_pool, Request request) -> void
-    def initialize(binder, reactor, thread_pool, request)
+    # @rbs (Binder binder, Reactor reactor, AtomicThreadPool thread_pool, Request request, client_options: Hash[Symbol, untyped]) -> void
+    def initialize(binder, reactor, thread_pool, request, client_options:)
       @binder = binder
       @reactor = reactor
       @thread_pool = thread_pool
       @request = request
+      @client_options = client_options
       @running = AtomicBoolean.new(true)
     end
 
@@ -108,9 +111,11 @@ module Raptor
 
     # Accepts a connection from the given listener and dispatches it.
     #
-    # For SSL connections with h2 negotiated via ALPN, the server sends
-    # initial SETTINGS and adds the connection to the reactor as an HTTP/2
-    # connection. All other connections follow the HTTP/1.1 path.
+    # For SSL listeners the TLS handshake is offloaded to the thread pool so
+    # a slow client cannot block the server thread. For SSL connections with
+    # h2 negotiated via ALPN, the server sends initial SETTINGS and adds the
+    # connection to the reactor as an HTTP/2 connection. All other connections
+    # follow the HTTP/1.1 path.
     #
     # @param listener [TCPServer, UNIXServer, Binder::SslListener] the ready listener
     # @param reactor [Reactor] the reactor to dispatch connections to
@@ -131,46 +136,117 @@ module Raptor
         remote_addr = "127.0.0.1"
       end
 
-      url_scheme = HTTP_SCHEME
-      client = tcp_client
-
       if listener.is_a?(Binder::SslListener)
-        url_scheme = HTTPS_SCHEME
-        begin
-          ssl_socket = OpenSSL::SSL::SSLSocket.new(tcp_client, listener.ssl_context)
-          ssl_socket.sync_close = true
-          ssl_socket.accept
-          client = ssl_socket
-        rescue OpenSSL::SSL::SSLError => error
-          warn "SSL handshake failed: #{error.message}"
-          tcp_client.close rescue nil
-          return
+        @thread_pool << proc do
+          dispatch_ssl_connection(listener, tcp_client, remote_addr, reactor)
         end
+        return
+      end
 
-        if ssl_socket.alpn_protocol == H2_PROTOCOL
-          ssl_socket.write(Http2.build_server_settings_frame) rescue nil
+      @request.eager_accept(
+        tcp_client,
+        tcp_client.object_id,
+        reactor,
+        @thread_pool,
+        remote_addr,
+        HTTP_SCHEME
+      )
+    end
 
-          reactor.add(
-            id: ssl_socket.object_id,
-            socket: ssl_socket,
-            remote_addr: remote_addr,
-            url_scheme: HTTPS_SCHEME,
-            protocol: :http2,
-            writer: Http2::Writer.new
-          )
+    # Performs the TLS handshake for an accepted SSL connection and dispatches
+    # it through the HTTP/2 or HTTP/1.1 path. The handshake is bounded by
+    # `:first_data_timeout` so a slow client cannot pin a worker thread.
+    #
+    # @param listener [Binder::SslListener] the SSL listener that accepted the connection
+    # @param tcp_client [TCPSocket] the accepted TCP socket
+    # @param remote_addr [String] the client's IP address
+    # @param reactor [Reactor] the reactor to dispatch the connection to
+    # @return [void]
+    #
+    # @rbs (Binder::SslListener listener, TCPSocket tcp_client, String remote_addr, Reactor reactor) -> void
+    def dispatch_ssl_connection(listener, tcp_client, remote_addr, reactor)
+      ssl_socket = OpenSSL::SSL::SSLSocket.new(tcp_client, listener.ssl_context)
+      ssl_socket.sync_close = true
+      return unless perform_ssl_handshake(ssl_socket)
+
+      if ssl_socket.alpn_protocol == H2_PROTOCOL
+        ssl_socket.write(Http2.build_server_settings_frame) rescue nil
+
+        reactor.add(
+          id: ssl_socket.object_id,
+          socket: ssl_socket,
+          remote_addr: remote_addr,
+          url_scheme: HTTPS_SCHEME,
+          protocol: :http2,
+          writer: Http2::Writer.new,
+          flow_control: Http2::FlowControl.new
+        )
 
-          return
-        end
+        return
       end
 
       @request.eager_accept(
-        client,
-        client.object_id,
+        ssl_socket,
+        ssl_socket.object_id,
         reactor,
         @thread_pool,
         remote_addr,
-        url_scheme
+        HTTPS_SCHEME
       )
     end
+
+    # Drives a non-blocking SSL handshake to completion, bounded by the
+    # configured first-data timeout. Returns true on success, false on
+    # timeout or SSL error.
+    #
+    # @param ssl_socket [OpenSSL::SSL::SSLSocket] the SSL socket to hand-shake
+    # @return [Boolean] true if the handshake completed
+    #
+    # @rbs (OpenSSL::SSL::SSLSocket ssl_socket) -> bool
+    def perform_ssl_handshake(ssl_socket)
+      deadline = Process.clock_gettime(Process::CLOCK_MONOTONIC) + @client_options[:first_data_timeout]
+
+      begin
+        ssl_socket.accept_nonblock
+        true
+      rescue IO::WaitReadable
+        return false unless wait_for_handshake(ssl_socket, deadline, :read)
+
+        retry
+      rescue IO::WaitWritable
+        return false unless wait_for_handshake(ssl_socket, deadline, :write)
+
+        retry
+      rescue OpenSSL::SSL::SSLError => error
+        warn "SSL handshake failed: #{error.message}"
+        ssl_socket.close rescue nil
+        false
+      end
+    end
+
+    # Waits up to `deadline` for the socket to become ready for the next step
+    # of the SSL handshake. Closes the socket and returns false on timeout.
+    #
+    # @param ssl_socket [OpenSSL::SSL::SSLSocket] the SSL socket
+    # @param deadline [Float] absolute monotonic deadline
+    # @param direction [Symbol] either `:read` or `:write`
+    # @return [Boolean] true if the socket became ready before the deadline
+    #
+    # @rbs (OpenSSL::SSL::SSLSocket ssl_socket, Float deadline, Symbol direction) -> bool
+    def wait_for_handshake(ssl_socket, deadline, direction)
+      remaining = deadline - Process.clock_gettime(Process::CLOCK_MONOTONIC)
+      ready = if remaining <= 0
+        false
+      elsif direction == :read
+        ssl_socket.wait_readable(remaining)
+      else
+        ssl_socket.wait_writable(remaining)
+      end
+      return true if ready
+
+      warn "SSL handshake timed out"
+      ssl_socket.close rescue nil
+      false
+    end
   end
 end

data/lib/raptor/version.rb

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 
 module Raptor
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/sig/generated/raptor/cli.rbs

@@ -20,6 +20,8 @@ module Raptor
 
     DEFAULT_OPTIONS: untyped
 
+    DEFAULT_CONFIG_PATHS: untyped
+
     # Loads a configuration file and returns the hash it evaluates to.
     #
     # The file is evaluated at the top level so constants like `Raptor::*` resolve
@@ -33,6 +35,18 @@ module Raptor
     # @rbs (String path) -> Hash[Symbol, untyped]
     def self.load_config_file: (String path) -> Hash[Symbol, untyped]
 
+    # Returns the first existing path in {DEFAULT_CONFIG_PATHS} resolved
+    # against `root`, or nil if none exist.
+    #
+    # Used to pick up a project-local config file when no `-c`/`--config`
+    # flag was supplied.
+    #
+    # @param root [String] directory to resolve the default paths against
+    # @return [String, nil] the config path, or nil if no default file exists
+    #
+    # @rbs (?String root) -> String?
+    def self.default_config_path: (?String root) -> String?
+
     @command: Symbol
 
     @options: Hash[Symbol, untyped]

data/sig/generated/raptor/cluster.rbs

@@ -53,7 +53,7 @@ module Raptor
 
     @binder: Binder
 
-    @pidfile: String?
+    @pid_file: String?
 
     @stats_file: String?
 
@@ -83,7 +83,7 @@ module Raptor
     # @option options [Hash] :client client configuration
     # @option options [#call] :on_error callback invoked with (env, exception) when the Rack app raises
     # @option options [String, nil] :stats_file path to write per-worker stats JSON, or nil to disable
-    # @option options [String, nil] :pidfile path to write the master PID to, or nil to disable
+    # @option options [String, nil] :pid_file path to write the master PID to, or nil to disable
     # @return [void]
     #
     # @rbs (Hash[Symbol, untyped] options) -> void