unicorn-camilo 4.8.2.5.19 → 5.0.0

data/lib/unicorn/app/inetd.rb

@@ -1,109 +0,0 @@
-# -*- encoding: binary -*-
-# :enddoc:
-# Copyright (c) 2009 Eric Wong
-# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
-# the GPLv2+ (GPLv3+ preferred)
-
-# this class *must* be used with Rack::Chunked
-module Unicorn::App
-  class Inetd < Struct.new(:cmd)
-
-    class CatBody < Struct.new(:errors, :err_rd, :out_rd, :pid_map)
-      def initialize(env, cmd)
-        self.errors = env['rack.errors']
-        in_rd, in_wr = IO.pipe
-        self.err_rd, err_wr = IO.pipe
-        self.out_rd, out_wr = IO.pipe
-
-        cmd_pid = fork {
-          inp, out, err = (0..2).map { |i| IO.new(i) }
-          inp.reopen(in_rd)
-          out.reopen(out_wr)
-          err.reopen(err_wr)
-          [ in_rd, in_wr, err_rd, err_wr, out_rd, out_wr ].each { |i| i.close }
-          exec(*cmd)
-        }
-        [ in_rd, err_wr, out_wr ].each { |io| io.close }
-        [ in_wr, err_rd, out_rd ].each { |io| io.binmode }
-        in_wr.sync = true
-
-        # Unfortunately, input here must be processed inside a seperate
-        # thread/process using blocking I/O since env['rack.input'] is not
-        # IO.select-able and attempting to make it so would trip Rack::Lint
-        inp_pid = fork {
-          input = env['rack.input']
-          [ err_rd, out_rd ].each { |io| io.close }
-
-          # this is dependent on input.read having readpartial semantics:
-          buf = input.read(16384)
-          begin
-            in_wr.write(buf)
-          end while input.read(16384, buf)
-        }
-        in_wr.close
-        self.pid_map = {
-          inp_pid => 'input streamer',
-          cmd_pid => cmd.inspect,
-        }
-      end
-
-      def each
-        begin
-          rd, = IO.select([err_rd, out_rd])
-          rd && rd.first or next
-
-          if rd.include?(err_rd)
-            begin
-              errors.write(err_rd.read_nonblock(16384))
-            rescue Errno::EINTR
-            rescue Errno::EAGAIN
-              break
-            end while true
-          end
-
-          rd.include?(out_rd) or next
-
-          begin
-            yield out_rd.read_nonblock(16384)
-          rescue Errno::EINTR
-          rescue Errno::EAGAIN
-            break
-          end while true
-        rescue EOFError,Errno::EPIPE,Errno::EBADF,Errno::EINVAL
-          break
-        end while true
-
-        self
-      end
-
-      def close
-        pid_map.each { |pid, str|
-          begin
-            pid, status = Process.waitpid2(pid)
-            status.success? or
-              errors.write("#{str}: #{status.inspect} (PID:#{pid})\n")
-          rescue Errno::ECHILD
-            errors.write("Failed to reap #{str} (PID:#{pid})\n")
-          end
-        }
-        out_rd.close
-        err_rd.close
-      end
-
-    end
-
-    def initialize(*cmd)
-      self.cmd = cmd
-    end
-
-    def call(env)
-      /\A100-continue\z/i =~ env[Unicorn::Const::HTTP_EXPECT] and
-          return [ 100, {} , [] ]
-
-      [ 200, { 'Content-Type' => 'application/octet-stream' },
-       CatBody.new(env, cmd) ]
-    end
-
-  end
-
-end

data/lib/unicorn/ssl_client.rb

@@ -1,11 +0,0 @@
-# -*- encoding: binary -*-
-# :stopdoc:
-class Unicorn::SSLClient < Kgio::SSL
-  alias write kgio_write
-  alias close kgio_close
-
-  # this is no-op for now, to be fixed in kgio-monkey if people care
-  # about SSL support...
-  def shutdown(how = nil)
-  end
-end

data/lib/unicorn/ssl_configurator.rb

@@ -1,104 +0,0 @@
-# -*- encoding: binary -*-
-# :stopdoc:
-# This module is included in Unicorn::Configurator
-# :startdoc:
-#
-module Unicorn::SSLConfigurator
-  def ssl(&block)
-    ssl_require!
-    before = @set[:listeners].dup
-    opts = @set[:ssl_opts] = {}
-    yield
-    (@set[:listeners] - before).each do |address|
-      (@set[:listener_opts][address] ||= {})[:ssl_opts] = opts
-    end
-    ensure
-      @set.delete(:ssl_opts)
-  end
-
-  def ssl_certificate(file)
-    ssl_set(:ssl_certificate, file)
-  end
-
-  def ssl_certificate_key(file)
-    ssl_set(:ssl_certificate_key, file)
-  end
-
-  def ssl_client_certificate(file)
-    ssl_set(:ssl_client_certificate, file)
-  end
-
-  def ssl_dhparam(file)
-    ssl_set(:ssl_dhparam, file)
-  end
-
-  def ssl_ciphers(openssl_cipherlist_spec)
-    ssl_set(:ssl_ciphers, openssl_cipherlist_spec)
-  end
-
-  def ssl_crl(file)
-    ssl_set(:ssl_crl, file)
-  end
-
-  def ssl_prefer_server_ciphers(bool)
-    ssl_set(:ssl_prefer_server_ciphers, check_bool(bool))
-  end
-
-  def ssl_protocols(list)
-    ssl_set(:ssl_protocols, list)
-  end
-
-  def ssl_verify_client(on_off_optional)
-    ssl_set(:ssl_verify_client, on_off_optional)
-  end
-
-  def ssl_session_timeout(seconds)
-    ssl_set(:ssl_session_timeout, seconds)
-  end
-
-  def ssl_verify_depth(depth)
-    ssl_set(:ssl_verify_depth, depth)
-  end
-
-  # Allows specifying an engine for OpenSSL to use.  We have not been
-  # able to successfully test this feature due to a lack of hardware,
-  # Reports of success or patches to mongrel-unicorn@rubyforge.org is
-  # greatly appreciated.
-  def ssl_engine(engine)
-    ssl_warn_global(:ssl_engine)
-    ssl_require!
-    OpenSSL::Engine.load
-    OpenSSL::Engine.by_id(engine)
-    @set[:ssl_engine] = engine
-  end
-
-  def ssl_compression(bool)
-    # OpenSSL uses the SSL_OP_NO_COMPRESSION flag, Flipper follows suit
-    # with :ssl_no_compression, but we negate it to avoid exposing double
-    # negatives to the user.
-    ssl_set(:ssl_no_compression, check_bool(:ssl_compression, ! bool))
-  end
-
-private
-
-  def ssl_warn_global(func) # :nodoc:
-    Hash === @set[:ssl_opts] or return
-    warn("`#{func}' affects all SSL contexts in this process, " \
-         "not just this block")
-  end
-
-  def ssl_set(key, value) # :nodoc:
-    cur = @set[:ssl_opts]
-    Hash === cur or
-             raise ArgumentError, "#{key} must be called inside an `ssl' block"
-    cur[key] = value
-  end
-
-  def ssl_require! # :nodoc:
-    require "flipper"
-    require "unicorn/ssl_client"
-    rescue LoadError
-      warn "install 'kgio-monkey' for SSL support"
-      raise
-  end
-end

data/lib/unicorn/ssl_server.rb

@@ -1,42 +0,0 @@
-# -*- encoding: binary -*-
-# :stopdoc:
-# this module is meant to be included in Unicorn::HttpServer
-# It is an implementation detail and NOT meant for users.
-module Unicorn::SSLServer
-  attr_accessor :ssl_engine
-
-  def ssl_enable!
-    sni_hostnames = rack_sni_hostnames(@app)
-    seen = {} # we map a single SSLContext to multiple listeners
-    listener_ctx = {}
-    @listener_opts.each do |address, address_opts|
-      ssl_opts = address_opts[:ssl_opts] or next
-      listener_ctx[address] = seen[ssl_opts.object_id] ||= begin
-        unless sni_hostnames.empty?
-          ssl_opts = ssl_opts.dup
-          ssl_opts[:sni_hostnames] = sni_hostnames
-        end
-        ctx = Flipper.ssl_context(ssl_opts)
-        # FIXME: make configurable
-        ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_OFF
-        ctx
-      end
-    end
-    Unicorn::HttpServer::LISTENERS.each do |listener|
-      ctx = listener_ctx[sock_name(listener)] or next
-      listener.extend(Kgio::SSLServer)
-      listener.ssl_ctx = ctx
-      listener.kgio_ssl_class = Unicorn::SSLClient
-    end
-  end
-
-  # ugh, this depends on Rack internals...
-  def rack_sni_hostnames(rack_app) # :nodoc:
-    hostnames = {}
-    if Rack::URLMap === rack_app
-      mapping = rack_app.instance_variable_get(:@mapping)
-      mapping.each { |hostname,_,_,_| hostnames[hostname] = true }
-    end
-    hostnames.keys
-  end
-end

data/local.mk.sample

@@ -1,59 +0,0 @@
-# this is the local.mk file used by Eric Wong on his dev boxes.
-# GNUmakefile will source local.mk in the top-level source tree
-# if it is present.
-#
-# This is depends on a bunch of GNU-isms from bash, sed, touch.
-
-DLEXT := so
-
-# Avoid loading rubygems to speed up tests because gmake is
-# fork+exec heavy with Ruby.
-prefix = $(HOME)
-
-# XXX clean this up
-ifeq ($(r192),)
-  ifeq ($(r19),)
-    ifeq ($(rbx),)
-      ifeq ($(r186),)
-        RUBY := $(prefix)/bin/ruby
-      else
-        prefix := $(prefix)/r186-p114
-        export PATH := $(prefix)/bin:$(PATH)
-        RUBY := $(prefix)/bin/ruby
-      endif
-    else
-      prefix := $(prefix)/rbx
-      export PATH := $(prefix)/bin:$(PATH)
-      RUBY := $(prefix)/bin/rbx
-    endif
-  else
-    prefix := $(prefix)/ruby-1.9
-    export PATH := $(prefix)/bin:$(PATH)
-    RUBY := $(prefix)/bin/ruby --disable-gems
-  endif
-else
-  prefix := $(prefix)/ruby-1.9.2
-  export PATH := $(prefix)/bin:$(PATH)
-  RUBY := $(prefix)/bin/ruby --disable-gems
-endif
-
-# pipefail is THE reason to use bash (v3+) or never revisions of ksh93
-# SHELL := /bin/bash -e -o pipefail
-SHELL := /bin/ksh93 -e -o pipefail
-
-full-test: test-18 test-191 test-192 test-rbx test-186
-
-# FIXME: keep eye on Rubinius activity and wait for fixes from upstream
-# so we don't need RBX_SKIP anymore
-test-rbx: export RBX_SKIP := 1
-test-rbx: export RUBY := $(RUBY)
-test-rbx:
-	$(MAKE) test test-integration rbx=T 2>&1 |sed -e 's!^!rbx !'
-test-186:
-	$(MAKE) test-all r186=1 2>&1 |sed 's!^!1.8.6 !'
-test-18:
-	$(MAKE) test-all 2>&1 |sed 's!^!1.8 !'
-test-191:
-	$(MAKE) test-all r19=1 2>&1 |sed 's!^!1.9.1 !'
-test-192:
-	$(MAKE) test-all r192=1 2>&1 |sed 's!^!1.9.2 !'

data/script/isolate_for_tests

@@ -1,31 +0,0 @@
-#!/usr/bin/env ruby
-# scripts/Makefiles can read and eval the output of this script and
-# use it as RUBYLIB
-require 'rubygems'
-require 'isolate'
-fp = File.open(__FILE__, "rb")
-fp.flock(File::LOCK_EX)
-
-ruby_engine = defined?(RUBY_ENGINE) ? RUBY_ENGINE : 'ruby'
-opts = {
-  :system => false,
-  # we want "ruby-1.8.7" and not "ruby-1.8", so disable :multiruby
-  :multiruby => false,
-  :path => "tmp/isolate/#{ruby_engine}-#{RUBY_VERSION}",
-}
-
-pid = fork do
-  Isolate.now!(opts) do
-    gem 'raindrops', '0.13.0'
-    gem 'kgio', '2.9.2'
-    gem 'rack', '1.5.2'
-  end
-end
-_, status = Process.waitpid2(pid)
-status.success? or abort status.inspect
-lib_paths = Dir["#{opts[:path]}/gems/*-*/lib"].map { |x| File.expand_path(x) }
-dst = "tmp/isolate/#{ruby_engine}-#{RUBY_VERSION}.mk"
-File.open("#{dst}.#$$", "w") do |fp|
-  fp.puts "ISOLATE_LIBS=#{lib_paths.join(':')}"
-end
-File.rename("#{dst}.#$$", dst)

data/t/t0016-trust-x-forwarded-false.sh

@@ -1,30 +0,0 @@
-#!/bin/sh
-. ./test-lib.sh
-t_plan 5 "trust_x_forwarded=false configuration test"
-
-t_begin "setup and start" && {
-	unicorn_setup
-	echo "trust_x_forwarded false" >> $unicorn_config
-	unicorn -D -c $unicorn_config env.ru
-	unicorn_wait_start
-}
-
-t_begin "spoofed request with X-Forwarded-Proto does not trigger" && {
-	curl -H 'X-Forwarded-Proto: https' http://$listen/ | \
-		grep -F '"rack.url_scheme"=>"http"'
-}
-
-t_begin "spoofed request with X-Forwarded-SSL does not trigger" && {
-	curl -H 'X-Forwarded-SSL: on' http://$listen/ | \
-		grep -F '"rack.url_scheme"=>"http"'
-}
-
-t_begin "killing succeeds" && {
-	kill $unicorn_pid
-}
-
-t_begin "check stderr has no errors" && {
-	check_stderr
-}
-
-t_done

data/t/t0017-trust-x-forwarded-true.sh

@@ -1,30 +0,0 @@
-#!/bin/sh
-. ./test-lib.sh
-t_plan 5 "trust_x_forwarded=true configuration test"
-
-t_begin "setup and start" && {
-	unicorn_setup
-	echo "trust_x_forwarded true " >> $unicorn_config
-	unicorn -D -c $unicorn_config env.ru
-	unicorn_wait_start
-}
-
-t_begin "spoofed request with X-Forwarded-Proto sets 'https'" && {
-	curl -H 'X-Forwarded-Proto: https' http://$listen/ | \
-		grep -F '"rack.url_scheme"=>"https"'
-}
-
-t_begin "spoofed request with X-Forwarded-SSL sets 'https'" && {
-	curl -H 'X-Forwarded-SSL: on' http://$listen/ | \
-		grep -F '"rack.url_scheme"=>"https"'
-}
-
-t_begin "killing succeeds" && {
-	kill $unicorn_pid
-}
-
-t_begin "check stderr has no errors" && {
-	check_stderr
-}
-
-t_done

data/test/unit/test_http_parser_xftrust.rb

@@ -1,38 +0,0 @@
-# -*- encoding: binary -*-
-require 'test/test_helper'
-
-include Unicorn
-
-class HttpParserXFTrustTest < Test::Unit::TestCase
-  def setup
-    assert HttpParser.trust_x_forwarded?
-  end
-
-  def test_xf_trust_false_xfp
-    HttpParser.trust_x_forwarded = false
-    parser = HttpParser.new
-    parser.buf << "GET / HTTP/1.1\r\nHost: foo:\r\n" \
-                  "X-Forwarded-Proto: https\r\n\r\n"
-    env = parser.parse
-    assert_kind_of Hash, env
-    assert_equal 'foo', env['SERVER_NAME']
-    assert_equal '80', env['SERVER_PORT']
-    assert_equal 'http', env['rack.url_scheme']
-  end
-
-  def test_xf_trust_false_xfs
-    HttpParser.trust_x_forwarded = false
-    parser = HttpParser.new
-    parser.buf << "GET / HTTP/1.1\r\nHost: foo:\r\n" \
-                  "X-Forwarded-SSL: on\r\n\r\n"
-    env = parser.parse
-    assert_kind_of Hash, env
-    assert_equal 'foo', env['SERVER_NAME']
-    assert_equal '80', env['SERVER_PORT']
-    assert_equal 'http', env['rack.url_scheme']
-  end
-
-  def teardown
-    HttpParser.trust_x_forwarded = true
-  end
-end