unicorn 4.2.1 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/GIT-VERSION-GEN +1 -1
- data/PHILOSOPHY +2 -2
- data/TUNING +1 -1
- data/ext/unicorn_http/global_variables.h +2 -2
- data/lib/unicorn/const.rb +1 -1
- data/lib/unicorn/http_server.rb +1 -0
- data/lib/unicorn/ssl_client.rb +5 -0
- data/lib/unicorn/worker.rb +2 -2
- data/t/detach.ru +11 -0
- data/t/sslgen.sh +4 -4
- data/t/t0011-active-unix-socket.sh +0 -0
- data/t/t0019-max_header_len.sh +0 -0
- data/t/t0020-at_exit-handler.sh +0 -0
- data/t/t0021-process_detach.sh +29 -0
- data/t/t9002-oob_gc-path.sh +0 -0
- metadata +8 -6
data/GIT-VERSION-GEN
CHANGED
data/PHILOSOPHY
CHANGED
@@ -64,7 +64,7 @@ from the effects of slow I/O.
|
|
64
64
|
By acting as a buffer to shield unicorn from slow I/O, a reverse proxy
|
65
65
|
will inevitably incur overhead in the form of extra data copies.
|
66
66
|
However, as I/O within a local network is fast (and faster still
|
67
|
-
with local sockets), this overhead is
|
67
|
+
with local sockets), this overhead is negligible for the vast majority
|
68
68
|
of HTTP requests and responses.
|
69
69
|
|
70
70
|
The ideal reverse proxy complements the weaknesses of unicorn.
|
@@ -86,7 +86,7 @@ A reverse proxy for unicorn should meet the following requirements:
|
|
86
86
|
In many (most?) cases, network devices and their interrupts are
|
87
87
|
only be handled by one CPU at a time. It should avoid contention
|
88
88
|
within the system by serializing all network I/O into one (or few)
|
89
|
-
userspace
|
89
|
+
userspace processes. Network I/O is not a CPU-intensive task and
|
90
90
|
it is not helpful to use multiple CPU cores (at least not for GigE).
|
91
91
|
|
92
92
|
4. It should efficiently manage persistent connections (and
|
data/TUNING
CHANGED
@@ -52,7 +52,7 @@ See Unicorn::Configurator for details on the config file format.
|
|
52
52
|
and may also thrash CPU caches, cancelling out performance gains
|
53
53
|
one would normally expect.
|
54
54
|
|
55
|
-
* UNIX domain sockets are
|
55
|
+
* UNIX domain sockets are slightly faster than TCP sockets, but only
|
56
56
|
work if nginx is on the same machine.
|
57
57
|
|
58
58
|
== Other \Unicorn settings
|
@@ -62,9 +62,9 @@ NORETURN(static void parser_raise(VALUE klass, const char *));
|
|
62
62
|
/* Defines the maximum allowed lengths for various input elements.*/
|
63
63
|
DEF_MAX_LENGTH(FIELD_NAME, 256);
|
64
64
|
DEF_MAX_LENGTH(FIELD_VALUE, 80 * 1024);
|
65
|
-
DEF_MAX_LENGTH(REQUEST_URI, 1024 *
|
65
|
+
DEF_MAX_LENGTH(REQUEST_URI, 1024 * 15);
|
66
66
|
DEF_MAX_LENGTH(FRAGMENT, 1024); /* Don't know if this length is specified somewhere or not */
|
67
|
-
DEF_MAX_LENGTH(REQUEST_PATH,
|
67
|
+
DEF_MAX_LENGTH(REQUEST_PATH, 4096); /* common PATH_MAX on modern systems */
|
68
68
|
DEF_MAX_LENGTH(QUERY_STRING, (1024 * 10));
|
69
69
|
|
70
70
|
static void init_globals(void)
|
data/lib/unicorn/const.rb
CHANGED
data/lib/unicorn/http_server.rb
CHANGED
@@ -536,6 +536,7 @@ class Unicorn::HttpServer
|
|
536
536
|
end
|
537
537
|
@request.headers? or headers = nil
|
538
538
|
http_response_write(client, status, headers, body)
|
539
|
+
client.shutdown # in case of fork() in Rack app
|
539
540
|
client.close # flush and uncork socket immediately, no keepalive
|
540
541
|
rescue => e
|
541
542
|
handle_error(client, e)
|
data/lib/unicorn/ssl_client.rb
CHANGED
data/lib/unicorn/worker.rb
CHANGED
@@ -63,13 +63,13 @@ class Unicorn::Worker
|
|
63
63
|
# Changes the worker process to the specified +user+ and +group+
|
64
64
|
# This is only intended to be called from within the worker
|
65
65
|
# process from the +after_fork+ hook. This should be called in
|
66
|
-
# the +after_fork+ hook after any
|
66
|
+
# the +after_fork+ hook after any privileged functions need to be
|
67
67
|
# run (e.g. to set per-worker CPU affinity, niceness, etc)
|
68
68
|
#
|
69
69
|
# Any and all errors raised within this method will be propagated
|
70
70
|
# directly back to the caller (usually the +after_fork+ hook.
|
71
71
|
# These errors commonly include ArgumentError for specifying an
|
72
|
-
# invalid user/group and Errno::EPERM for insufficient
|
72
|
+
# invalid user/group and Errno::EPERM for insufficient privileges
|
73
73
|
def user(user, group = nil)
|
74
74
|
# we do not protect the caller, checking Process.euid == 0 is
|
75
75
|
# insufficient because modern systems have fine-grained
|
data/t/detach.ru
ADDED
data/t/sslgen.sh
CHANGED
@@ -36,13 +36,13 @@ ca_certinfo () {
|
|
36
36
|
echo unicorn@bogomips.org
|
37
37
|
}
|
38
38
|
|
39
|
-
openssl genrsa -out ca.key
|
39
|
+
openssl genrsa -out ca.key 1024
|
40
40
|
ca_certinfo | openssl req -new -x509 -days 666 -key ca.key -out ca.crt
|
41
41
|
|
42
|
-
openssl genrsa -out bad-ca.key
|
42
|
+
openssl genrsa -out bad-ca.key 1024
|
43
43
|
ca_certinfo | openssl req -new -x509 -days 666 -key bad-ca.key -out bad-ca.crt
|
44
44
|
|
45
|
-
openssl genrsa -out server.key
|
45
|
+
openssl genrsa -out server.key 1024
|
46
46
|
certinfo2 | openssl req -new -key server.key -out server.csr
|
47
47
|
|
48
48
|
openssl x509 -req -days 666 \
|
@@ -50,7 +50,7 @@ openssl x509 -req -days 666 \
|
|
50
50
|
n=2
|
51
51
|
mk_client_cert () {
|
52
52
|
CLIENT=$1
|
53
|
-
openssl genrsa -out $CLIENT.key
|
53
|
+
openssl genrsa -out $CLIENT.key 1024
|
54
54
|
certinfo2 | openssl req -new -key $CLIENT.key -out $CLIENT.csr
|
55
55
|
|
56
56
|
openssl x509 -req -days 666 \
|
File without changes
|
data/t/t0019-max_header_len.sh
CHANGED
File without changes
|
data/t/t0020-at_exit-handler.sh
CHANGED
File without changes
|
@@ -0,0 +1,29 @@
|
|
1
|
+
#!/bin/sh
|
2
|
+
. ./test-lib.sh
|
3
|
+
|
4
|
+
t_plan 5 "Process.detach on forked background process works"
|
5
|
+
|
6
|
+
t_begin "setup and startup" && {
|
7
|
+
t_fifos process_detach
|
8
|
+
unicorn_setup
|
9
|
+
TEST_FIFO=$process_detach \
|
10
|
+
unicorn -E none -D detach.ru -c $unicorn_config
|
11
|
+
unicorn_wait_start
|
12
|
+
}
|
13
|
+
|
14
|
+
t_begin "read detached PID with HTTP/1.0" && {
|
15
|
+
detached_pid=$(curl -0 -sSf http://$listen/)
|
16
|
+
t_info "detached_pid=$detached_pid"
|
17
|
+
}
|
18
|
+
|
19
|
+
t_begin "read background FIFO" && {
|
20
|
+
test xHIHI = x"$(cat $process_detach)"
|
21
|
+
}
|
22
|
+
|
23
|
+
t_begin "killing succeeds" && {
|
24
|
+
kill $unicorn_pid
|
25
|
+
}
|
26
|
+
|
27
|
+
t_begin "check stderr" && check_stderr
|
28
|
+
|
29
|
+
t_done
|
data/t/t9002-oob_gc-path.sh
CHANGED
File without changes
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: unicorn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 51
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 4
|
8
|
-
-
|
9
|
-
-
|
10
|
-
version: 4.
|
8
|
+
- 3
|
9
|
+
- 0
|
10
|
+
version: 4.3.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Unicorn hackers
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2012-
|
18
|
+
date: 2012-04-17 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
21
|
name: rack
|
@@ -223,6 +223,7 @@ files:
|
|
223
223
|
- t/bin/unused_listen
|
224
224
|
- t/bin/utee
|
225
225
|
- t/broken-app.ru
|
226
|
+
- t/detach.ru
|
226
227
|
- t/env.ru
|
227
228
|
- t/heartbeat-timeout.ru
|
228
229
|
- t/my-tap-lib.sh
|
@@ -290,6 +291,7 @@ files:
|
|
290
291
|
- t/t0018-write-on-close.sh
|
291
292
|
- t/t0019-max_header_len.sh
|
292
293
|
- t/t0020-at_exit-handler.sh
|
294
|
+
- t/t0021-process_detach.sh
|
293
295
|
- t/t0100-rack-input-tests.sh
|
294
296
|
- t/t0116-client_body_buffer_size.sh
|
295
297
|
- t/t0116.ru
|
@@ -421,7 +423,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
421
423
|
requirements: []
|
422
424
|
|
423
425
|
rubyforge_project: mongrel
|
424
|
-
rubygems_version: 1.8.
|
426
|
+
rubygems_version: 1.8.22
|
425
427
|
signing_key:
|
426
428
|
specification_version: 3
|
427
429
|
summary: Rack HTTP server for fast clients and Unix
|