unicorn 1.0.2 → 1.1.0

data/lib/unicorn/const.rb

@@ -8,8 +8,8 @@ module Unicorn
   # Symbols did not really improve things much compared to constants.
   module Const
 
-    # The current version of Unicorn, currently 1.0.2
-    UNICORN_VERSION="1.0.2"
+    # The current version of Unicorn, currently 1.1.0
+    UNICORN_VERSION="1.1.0"
 
     DEFAULT_HOST = "0.0.0.0" # default TCP listen host address
     DEFAULT_PORT = 8080      # default TCP listen port

data/lib/unicorn/http_request.rb

@@ -1,6 +1,5 @@
 # -*- encoding: binary -*-
 
-require 'stringio'
 require 'unicorn_http'
 
 module Unicorn
@@ -53,7 +52,7 @@ module Unicorn
       #  that client may be a proxy, gateway, or other intermediary
       #  acting on behalf of the actual source client."
       REQ[Const::REMOTE_ADDR] =
-                    TCPSocket === socket ? socket.peeraddr.last : LOCALHOST
+                    TCPSocket === socket ? socket.peeraddr[-1] : LOCALHOST
 
       # short circuit the common case with small GET requests first
       if PARSER.headers(REQ, socket.readpartial(Const::CHUNK_SIZE, BUF)).nil?

data/lib/unicorn/http_response.rb

@@ -1,75 +1,70 @@
 # -*- encoding: binary -*-
-
 require 'time'
 
-module Unicorn
-  # Writes a Rack response to your client using the HTTP/1.1 specification.
-  # You use it by simply doing:
-  #
-  #   status, headers, body = rack_app.call(env)
-  #   HttpResponse.write(socket, [ status, headers, body ])
-  #
-  # Most header correctness (including Content-Length and Content-Type)
-  # is the job of Rack, with the exception of the "Connection: close"
-  # and "Date" headers.
-  #
-  # A design decision was made to force the client to not pipeline or
-  # keepalive requests.  HTTP/1.1 pipelining really kills the
-  # performance due to how it has to be handled and how unclear the
-  # standard is.  To fix this the HttpResponse always gives a
-  # "Connection: close" header which forces the client to close right
-  # away.  The bonus for this is that it gives a pretty nice speed boost
-  # to most clients since they can close their connection immediately.
-
-  class HttpResponse
+# Writes a Rack response to your client using the HTTP/1.1 specification.
+# You use it by simply doing:
+#
+#   status, headers, body = rack_app.call(env)
+#   HttpResponse.write(socket, [ status, headers, body ])
+#
+# Most header correctness (including Content-Length and Content-Type)
+# is the job of Rack, with the exception of the "Connection: close"
+# and "Date" headers.
+#
+# A design decision was made to force the client to not pipeline or
+# keepalive requests.  HTTP/1.1 pipelining really kills the
+# performance due to how it has to be handled and how unclear the
+# standard is.  To fix this the HttpResponse always gives a
+# "Connection: close" header which forces the client to close right
+# away.  The bonus for this is that it gives a pretty nice speed boost
+# to most clients since they can close their connection immediately.
+module Unicorn::HttpResponse
 
-    # Every standard HTTP code mapped to the appropriate message.
-    CODES = Rack::Utils::HTTP_STATUS_CODES.inject({}) { |hash,(code,msg)|
-      hash[code] = "#{code} #{msg}"
-      hash
-    }
+  # Every standard HTTP code mapped to the appropriate message.
+  CODES = Rack::Utils::HTTP_STATUS_CODES.inject({}) { |hash,(code,msg)|
+    hash[code] = "#{code} #{msg}"
+    hash
+  }
 
-    # Rack does not set/require a Date: header.  We always override the
-    # Connection: and Date: headers no matter what (if anything) our
-    # Rack application sent us.
-    SKIP = { 'connection' => true, 'date' => true, 'status' => true }
+  # Rack does not set/require a Date: header.  We always override the
+  # Connection: and Date: headers no matter what (if anything) our
+  # Rack application sent us.
+  SKIP = { 'connection' => true, 'date' => true, 'status' => true }
 
-    # writes the rack_response to socket as an HTTP response
-    def self.write(socket, rack_response, have_header = true)
-      status, headers, body = rack_response
+  # writes the rack_response to socket as an HTTP response
+  def self.write(socket, rack_response, have_header = true)
+    status, headers, body = rack_response
 
-      if have_header
-        status = CODES[status.to_i] || status
-        out = []
+    if have_header
+      status = CODES[status.to_i] || status
+      out = []
 
-        # Don't bother enforcing duplicate supression, it's a Hash most of
-        # the time anyways so just hope our app knows what it's doing
-        headers.each do |key, value|
-          next if SKIP.include?(key.downcase)
-          if value =~ /\n/
-            # avoiding blank, key-only cookies with /\n+/
-            out.concat(value.split(/\n+/).map! { |v| "#{key}: #{v}\r\n" })
-          else
-            out << "#{key}: #{value}\r\n"
-          end
+      # Don't bother enforcing duplicate supression, it's a Hash most of
+      # the time anyways so just hope our app knows what it's doing
+      headers.each do |key, value|
+        next if SKIP.include?(key.downcase)
+        if value =~ /\n/
+          # avoiding blank, key-only cookies with /\n+/
+          out.concat(value.split(/\n+/).map! { |v| "#{key}: #{v}\r\n" })
+        else
+          out << "#{key}: #{value}\r\n"
         end
-
-        # Rack should enforce Content-Length or chunked transfer encoding,
-        # so don't worry or care about them.
-        # Date is required by HTTP/1.1 as long as our clock can be trusted.
-        # Some broken clients require a "Status" header so we accomodate them
-        socket.write("HTTP/1.1 #{status}\r\n" \
-                     "Date: #{Time.now.httpdate}\r\n" \
-                     "Status: #{status}\r\n" \
-                     "Connection: close\r\n" \
-                     "#{out.join('')}\r\n")
       end
 
-      body.each { |chunk| socket.write(chunk) }
-      socket.close # flushes and uncorks the socket immediately
-      ensure
-        body.respond_to?(:close) and body.close
+      # Rack should enforce Content-Length or chunked transfer encoding,
+      # so don't worry or care about them.
+      # Date is required by HTTP/1.1 as long as our clock can be trusted.
+      # Some broken clients require a "Status" header so we accomodate them
+      socket.write("HTTP/1.1 #{status}\r\n" \
+                   "Date: #{Time.now.httpdate}\r\n" \
+                   "Status: #{status}\r\n" \
+                   "Connection: close\r\n" \
+                   "#{out.join('')}\r\n")
     end
 
+    body.each { |chunk| socket.write(chunk) }
+    socket.close # flushes and uncorks the socket immediately
+    ensure
+      body.respond_to?(:close) and body.close
   end
 end

data/lib/unicorn/launcher.rb

@@ -24,7 +24,11 @@ module Unicorn::Launcher
 
     # We only start a new process group if we're not being reexecuted
     # and inheriting file descriptors from our parent
-    unless ENV['UNICORN_FD']
+    if ENV['UNICORN_FD']
+      exit if fork
+      Process.setsid
+      exit if fork
+    else
       # grandparent - reads pipe, exits when master is ready
       #  \_ parent  - exits immediately ASAP
       #      \_ unicorn master - writes to pipe when ready

data/lib/unicorn/socket_helper.rb

@@ -1,11 +1,28 @@
 # -*- encoding: binary -*-
-
+# :enddoc:
 require 'socket'
 
 module Unicorn
   module SocketHelper
     include Socket::Constants
 
+    # :stopdoc:
+    # internal interface, only used by Rainbows!/Zbatery
+    DEFAULTS = {
+      # The semantics for TCP_DEFER_ACCEPT changed in Linux 2.6.32+
+      # with commit d1b99ba41d6c5aa1ed2fc634323449dd656899e9
+      # This change shouldn't affect Unicorn users behind nginx (a
+      # value of 1 remains an optimization), but Rainbows! users may
+      # want to use a higher value on Linux 2.6.32+ to protect against
+      # denial-of-service attacks
+      :tcp_defer_accept => 1,
+
+      # FreeBSD, we need to override this to 'dataready' when we
+      # eventually get HTTPS support
+      :accept_filter => 'httpready',
+    }
+    #:startdoc:
+
     # configure platform-specific options (only tested on Linux 2.6 so far)
     case RUBY_PLATFORM
     when /linux/
@@ -14,22 +31,13 @@ module Unicorn
 
       # do not send out partial frames (Linux)
       TCP_CORK = 3 unless defined?(TCP_CORK)
-    when /freebsd(([1-4]\..{1,2})|5\.[0-4])/
-      # Do nothing for httpready, just closing a bug when freebsd <= 5.4
-      TCP_NOPUSH = 4 unless defined?(TCP_NOPUSH) # :nodoc:
     when /freebsd/
       # do not send out partial frames (FreeBSD)
       TCP_NOPUSH = 4 unless defined?(TCP_NOPUSH)
 
-      # Use the HTTP accept filter if available.
-      # The struct made by pack() is defined in /usr/include/sys/socket.h
-      # as accept_filter_arg
-      unless `/sbin/sysctl -nq net.inet.accf.http`.empty?
-        # set set the "httpready" accept filter in FreeBSD if available
-        # if other protocols are to be supported, this may be
-        # String#replace-d with "dataready" arguments instead
-        FILTER_ARG = ['httpready', nil].pack('a16a240')
-      end
+      def accf_arg(af_name)
+        [ af_name, nil ].pack('a16a240')
+      end if defined?(SO_ACCEPTFILTER)
     end
 
     def set_tcp_sockopt(sock, opt)
@@ -49,10 +57,25 @@ module Unicorn
       end
 
       # No good reason to ever have deferred accepts off
+      # (except maybe benchmarking)
       if defined?(TCP_DEFER_ACCEPT)
-        sock.setsockopt(SOL_TCP, TCP_DEFER_ACCEPT, 1)
-      elsif defined?(SO_ACCEPTFILTER) && defined?(FILTER_ARG)
-        sock.setsockopt(SOL_SOCKET, SO_ACCEPTFILTER, FILTER_ARG)
+        # this differs from nginx, since nginx doesn't allow us to
+        # configure the the timeout...
+        tmp = DEFAULTS.merge(opt)
+        seconds = tmp[:tcp_defer_accept]
+        seconds = DEFAULTS[:tcp_defer_accept] if seconds == true
+        seconds = 0 unless seconds # nil/false means disable this
+        sock.setsockopt(SOL_TCP, TCP_DEFER_ACCEPT, seconds)
+      elsif respond_to?(:accf_arg)
+        tmp = DEFAULTS.merge(opt)
+        if name = tmp[:accept_filter]
+          begin
+            sock.setsockopt(SOL_SOCKET, SO_ACCEPTFILTER, accf_arg(name))
+          rescue => e
+            logger.error("#{sock_name(sock)} " \
+                         "failed to set accept_filter=#{name} (#{e.inspect})")
+          end
+        end
       end
     end
 
@@ -69,14 +92,11 @@ module Unicorn
       end
       sock.listen(opt[:backlog] || 1024)
       rescue => e
-        if respond_to?(:logger)
-          logger.error "error setting socket options: #{e.inspect}"
-          logger.error e.backtrace.join("\n")
-        end
+        logger.error "error setting socket options: #{e.inspect}"
+        logger.error e.backtrace.join("\n")
     end
 
     def log_buffer_sizes(sock, pfx = '')
-      respond_to?(:logger) or return
       rcvbuf = sock.getsockopt(SOL_SOCKET, SO_RCVBUF).unpack('i')
       sndbuf = sock.getsockopt(SOL_SOCKET, SO_SNDBUF).unpack('i')
       logger.info "#{pfx}#{sock_name(sock)} rcvbuf=#{rcvbuf} sndbuf=#{sndbuf}"
@@ -91,9 +111,7 @@ module Unicorn
       sock = if address[0] == ?/
         if File.exist?(address)
           if File.socket?(address)
-            if self.respond_to?(:logger)
-              logger.info "unlinking existing socket=#{address}"
-            end
+            logger.info "unlinking existing socket=#{address}"
             File.unlink(address)
           else
             raise ArgumentError,

data/lib/unicorn/tee_input.rb

@@ -1,224 +1,232 @@
 # -*- encoding: binary -*-
 
-module Unicorn
-
-  # acts like tee(1) on an input input to provide a input-like stream
-  # while providing rewindable semantics through a File/StringIO backing
-  # store.  On the first pass, the input is only read on demand so your
-  # Rack application can use input notification (upload progress and
-  # like).  This should fully conform to the Rack::Lint::InputWrapper
-  # specification on the public API.  This class is intended to be a
-  # strict interpretation of Rack::Lint::InputWrapper functionality and
-  # will not support any deviations from it.
-  #
-  # When processing uploads, Unicorn exposes a TeeInput object under
-  # "rack.input" of the Rack environment.
-  class TeeInput < Struct.new(:socket, :req, :parser, :buf, :len, :tmp, :buf2)
-
-    # Initializes a new TeeInput object.  You normally do not have to call
-    # this unless you are writing an HTTP server.
-    def initialize(*args)
-      super(*args)
-      self.len = parser.content_length
-      self.tmp = len && len < Const::MAX_BODY ? StringIO.new("") : Util.tmpio
-      self.buf2 = ""
-      if buf.size > 0
-        parser.filter_body(buf2, buf) and finalize_input
-        tmp.write(buf2)
-        tmp.seek(0)
-      end
+# acts like tee(1) on an input input to provide a input-like stream
+# while providing rewindable semantics through a File/StringIO backing
+# store.  On the first pass, the input is only read on demand so your
+# Rack application can use input notification (upload progress and
+# like).  This should fully conform to the Rack::Lint::InputWrapper
+# specification on the public API.  This class is intended to be a
+# strict interpretation of Rack::Lint::InputWrapper functionality and
+# will not support any deviations from it.
+#
+# When processing uploads, Unicorn exposes a TeeInput object under
+# "rack.input" of the Rack environment.
+class Unicorn::TeeInput < Struct.new(:socket, :req, :parser,
+                                     :buf, :len, :tmp, :buf2)
+
+  # The maximum size (in +bytes+) to buffer in memory before
+  # resorting to a temporary file.  Default is 112 kilobytes.
+  @@client_body_buffer_size = Unicorn::Const::MAX_BODY
+
+  # The I/O chunk size (in +bytes+) for I/O operations where
+  # the size cannot be user-specified when a method is called.
+  # The default is 16 kilobytes.
+  @@io_chunk_size = Unicorn::Const::CHUNK_SIZE
+
+  # Initializes a new TeeInput object.  You normally do not have to call
+  # this unless you are writing an HTTP server.
+  def initialize(*args)
+    super(*args)
+    self.len = parser.content_length
+    self.tmp = len && len < @@client_body_buffer_size ?
+               StringIO.new("") : Unicorn::Util.tmpio
+    self.buf2 = ""
+    if buf.size > 0
+      parser.filter_body(buf2, buf) and finalize_input
+      tmp.write(buf2)
+      tmp.rewind
     end
+  end
 
-    # :call-seq:
-    #   ios.size  => Integer
-    #
-    # Returns the size of the input.  For requests with a Content-Length
-    # header value, this will not read data off the socket and just return
-    # the value of the Content-Length header as an Integer.
-    #
-    # For Transfer-Encoding:chunked requests, this requires consuming
-    # all of the input stream before returning since there's no other
-    # way to determine the size of the request body beforehand.
-    #
-    # This method is no longer part of the Rack specification as of
-    # Rack 1.2, so its use is not recommended.  This method only exists
-    # for compatibility with Rack applications designed for Rack 1.1 and
-    # earlier.  Most applications should only need to call +read+ with a
-    # specified +length+ in a loop until it returns +nil+.
-    def size
-      len and return len
-
-      if socket
-        pos = tmp.pos
-        while tee(Const::CHUNK_SIZE, buf2)
-        end
-        tmp.seek(pos)
+  # :call-seq:
+  #   ios.size  => Integer
+  #
+  # Returns the size of the input.  For requests with a Content-Length
+  # header value, this will not read data off the socket and just return
+  # the value of the Content-Length header as an Integer.
+  #
+  # For Transfer-Encoding:chunked requests, this requires consuming
+  # all of the input stream before returning since there's no other
+  # way to determine the size of the request body beforehand.
+  #
+  # This method is no longer part of the Rack specification as of
+  # Rack 1.2, so its use is not recommended.  This method only exists
+  # for compatibility with Rack applications designed for Rack 1.1 and
+  # earlier.  Most applications should only need to call +read+ with a
+  # specified +length+ in a loop until it returns +nil+.
+  def size
+    len and return len
+
+    if socket
+      pos = tmp.pos
+      while tee(@@io_chunk_size, buf2)
       end
-
-      self.len = tmp.size
+      tmp.seek(pos)
     end
 
-    # :call-seq:
-    #   ios.read([length [, buffer ]]) => string, buffer, or nil
-    #
-    # Reads at most length bytes from the I/O stream, or to the end of
-    # file if length is omitted or is nil. length must be a non-negative
-    # integer or nil. If the optional buffer argument is present, it
-    # must reference a String, which will receive the data.
-    #
-    # At end of file, it returns nil or "" depend on length.
-    # ios.read() and ios.read(nil) returns "".
-    # ios.read(length [, buffer]) returns nil.
-    #
-    # If the Content-Length of the HTTP request is known (as is the common
-    # case for POST requests), then ios.read(length [, buffer]) will block
-    # until the specified length is read (or it is the last chunk).
-    # Otherwise, for uncommon "Transfer-Encoding: chunked" requests,
-    # ios.read(length [, buffer]) will return immediately if there is
-    # any data and only block when nothing is available (providing
-    # IO#readpartial semantics).
-    def read(*args)
-      socket or return tmp.read(*args)
-
-      length = args.shift
-      if nil == length
-        rv = tmp.read || ""
-        while tee(Const::CHUNK_SIZE, buf2)
-          rv << buf2
-        end
-        rv
+    self.len = tmp.size
+  end
+
+  # :call-seq:
+  #   ios.read([length [, buffer ]]) => string, buffer, or nil
+  #
+  # Reads at most length bytes from the I/O stream, or to the end of
+  # file if length is omitted or is nil. length must be a non-negative
+  # integer or nil. If the optional buffer argument is present, it
+  # must reference a String, which will receive the data.
+  #
+  # At end of file, it returns nil or "" depend on length.
+  # ios.read() and ios.read(nil) returns "".
+  # ios.read(length [, buffer]) returns nil.
+  #
+  # If the Content-Length of the HTTP request is known (as is the common
+  # case for POST requests), then ios.read(length [, buffer]) will block
+  # until the specified length is read (or it is the last chunk).
+  # Otherwise, for uncommon "Transfer-Encoding: chunked" requests,
+  # ios.read(length [, buffer]) will return immediately if there is
+  # any data and only block when nothing is available (providing
+  # IO#readpartial semantics).
+  def read(*args)
+    socket or return tmp.read(*args)
+
+    length = args.shift
+    if nil == length
+      rv = tmp.read || ""
+      while tee(@@io_chunk_size, buf2)
+        rv << buf2
+      end
+      rv
+    else
+      rv = args.shift || ""
+      diff = tmp.size - tmp.pos
+      if 0 == diff
+        ensure_length(tee(length, rv), length)
       else
-        rv = args.shift || ""
-        diff = tmp.size - tmp.pos
-        if 0 == diff
-          ensure_length(tee(length, rv), length)
-        else
-          ensure_length(tmp.read(diff > length ? length : diff, rv), length)
-        end
+        ensure_length(tmp.read(diff > length ? length : diff, rv), length)
       end
     end
+  end
 
-    # :call-seq:
-    #   ios.gets   => string or nil
-    #
-    # Reads the next ``line'' from the I/O stream; lines are separated
-    # by the global record separator ($/, typically "\n"). A global
-    # record separator of nil reads the entire unread contents of ios.
-    # Returns nil if called at the end of file.
-    # This takes zero arguments for strict Rack::Lint compatibility,
-    # unlike IO#gets.
-    def gets
-      socket or return tmp.gets
-      sep = $/ or return read
-
-      orig_size = tmp.size
-      if tmp.pos == orig_size
-        tee(Const::CHUNK_SIZE, buf2) or return nil
-        tmp.seek(orig_size)
-      end
+  # :call-seq:
+  #   ios.gets   => string or nil
+  #
+  # Reads the next ``line'' from the I/O stream; lines are separated
+  # by the global record separator ($/, typically "\n"). A global
+  # record separator of nil reads the entire unread contents of ios.
+  # Returns nil if called at the end of file.
+  # This takes zero arguments for strict Rack::Lint compatibility,
+  # unlike IO#gets.
+  def gets
+    socket or return tmp.gets
+    sep = $/ or return read
+
+    orig_size = tmp.size
+    if tmp.pos == orig_size
+      tee(@@io_chunk_size, buf2) or return nil
+      tmp.seek(orig_size)
+    end
 
-      sep_size = Rack::Utils.bytesize(sep)
-      line = tmp.gets # cannot be nil here since size > pos
-      sep == line[-sep_size, sep_size] and return line
+    sep_size = Rack::Utils.bytesize(sep)
+    line = tmp.gets # cannot be nil here since size > pos
+    sep == line[-sep_size, sep_size] and return line
 
-      # unlikely, if we got here, then tmp is at EOF
-      begin
-        orig_size = tmp.pos
-        tee(Const::CHUNK_SIZE, buf2) or break
-        tmp.seek(orig_size)
-        line << tmp.gets
-        sep == line[-sep_size, sep_size] and return line
-        # tmp is at EOF again here, retry the loop
-      end while true
-
-      line
-    end
+    # unlikely, if we got here, then tmp is at EOF
+    begin
+      orig_size = tmp.pos
+      tee(@@io_chunk_size, buf2) or break
+      tmp.seek(orig_size)
+      line << tmp.gets
+      sep == line[-sep_size, sep_size] and return line
+      # tmp is at EOF again here, retry the loop
+    end while true
 
-    # :call-seq:
-    #   ios.each { |line| block }  => ios
-    #
-    # Executes the block for every ``line'' in *ios*, where lines are
-    # separated by the global record separator ($/, typically "\n").
-    def each(&block)
-      while line = gets
-        yield line
-      end
+    line
+  end
 
-      self # Rack does not specify what the return value is here
+  # :call-seq:
+  #   ios.each { |line| block }  => ios
+  #
+  # Executes the block for every ``line'' in *ios*, where lines are
+  # separated by the global record separator ($/, typically "\n").
+  def each(&block)
+    while line = gets
+      yield line
     end
 
-    # :call-seq:
-    #   ios.rewind    => 0
-    #
-    # Positions the *ios* pointer to the beginning of input, returns
-    # the offset (zero) of the +ios+ pointer.  Subsequent reads will
-    # start from the beginning of the previously-buffered input.
-    def rewind
-      tmp.rewind # Rack does not specify what the return value is here
-    end
+    self # Rack does not specify what the return value is here
+  end
 
-  private
-
-    def client_error(e)
-      case e
-      when EOFError
-        # in case client only did a premature shutdown(SHUT_WR)
-        # we do support clients that shutdown(SHUT_WR) after the
-        # _entire_ request has been sent, and those will not have
-        # raised EOFError on us.
-        socket.close if socket
-        raise ClientShutdown, "bytes_read=#{tmp.size}", []
-      when HttpParserError
-        e.set_backtrace([])
-      end
-      raise e
-    end
+  # :call-seq:
+  #   ios.rewind    => 0
+  #
+  # Positions the *ios* pointer to the beginning of input, returns
+  # the offset (zero) of the +ios+ pointer.  Subsequent reads will
+  # start from the beginning of the previously-buffered input.
+  def rewind
+    tmp.rewind # Rack does not specify what the return value is here
+  end
 
-    # tees off a +length+ chunk of data from the input into the IO
-    # backing store as well as returning it.  +dst+ must be specified.
-    # returns nil if reading from the input returns nil
-    def tee(length, dst)
-      unless parser.body_eof?
-        if parser.filter_body(dst, socket.readpartial(length, buf)).nil?
-          tmp.write(dst)
-          tmp.seek(0, IO::SEEK_END) # workaround FreeBSD/OSX + MRI 1.8.x bug
-          return dst
-        end
-      end
-      finalize_input
-      rescue => e
-        client_error(e)
+private
+
+  def client_error(e)
+    case e
+    when EOFError
+      # in case client only did a premature shutdown(SHUT_WR)
+      # we do support clients that shutdown(SHUT_WR) after the
+      # _entire_ request has been sent, and those will not have
+      # raised EOFError on us.
+      socket.close if socket
+      raise ClientShutdown, "bytes_read=#{tmp.size}", []
+    when HttpParserError
+      e.set_backtrace([])
     end
+    raise e
+  end
 
-    def finalize_input
-      while parser.trailers(req, buf).nil?
-        # Don't worry about raising ClientShutdown here on EOFError, tee()
-        # will catch EOFError when app is processing it, otherwise in
-        # initialize we never get any chance to enter the app so the
-        # EOFError will just get trapped by Unicorn and not the Rack app
-        buf << socket.readpartial(Const::CHUNK_SIZE)
+  # tees off a +length+ chunk of data from the input into the IO
+  # backing store as well as returning it.  +dst+ must be specified.
+  # returns nil if reading from the input returns nil
+  def tee(length, dst)
+    unless parser.body_eof?
+      if parser.filter_body(dst, socket.readpartial(length, buf)).nil?
+        tmp.write(dst)
+        tmp.seek(0, IO::SEEK_END) # workaround FreeBSD/OSX + MRI 1.8.x bug
+        return dst
       end
-      self.socket = nil
     end
+    finalize_input
+    rescue => e
+      client_error(e)
+  end
 
-    # tee()s into +dst+ until it is of +length+ bytes (or until
-    # we've reached the Content-Length of the request body).
-    # Returns +dst+ (the exact object, not a duplicate)
-    # To continue supporting applications that need near-real-time
-    # streaming input bodies, this is a no-op for
-    # "Transfer-Encoding: chunked" requests.
-    def ensure_length(dst, length)
-      # len is nil for chunked bodies, so we can't ensure length for those
-      # since they could be streaming bidirectionally and we don't want to
-      # block the caller in that case.
-      return dst if dst.nil? || len.nil?
-
-      while dst.size < length && tee(length - dst.size, buf2)
-        dst << buf2
-      end
+  def finalize_input
+    while parser.trailers(req, buf).nil?
+      # Don't worry about raising ClientShutdown here on EOFError, tee()
+      # will catch EOFError when app is processing it, otherwise in
+      # initialize we never get any chance to enter the app so the
+      # EOFError will just get trapped by Unicorn and not the Rack app
+      buf << socket.readpartial(@@io_chunk_size)
+    end
+    self.socket = nil
+  end
 
-      dst
+  # tee()s into +dst+ until it is of +length+ bytes (or until
+  # we've reached the Content-Length of the request body).
+  # Returns +dst+ (the exact object, not a duplicate)
+  # To continue supporting applications that need near-real-time
+  # streaming input bodies, this is a no-op for
+  # "Transfer-Encoding: chunked" requests.
+  def ensure_length(dst, length)
+    # len is nil for chunked bodies, so we can't ensure length for those
+    # since they could be streaming bidirectionally and we don't want to
+    # block the caller in that case.
+    return dst if dst.nil? || len.nil?
+
+    while dst.size < length && tee(length - dst.size, buf2)
+      dst << buf2
     end
 
+    dst
   end
+
 end