unicorn 4.9.0 → 5.0.0.pre1

data/test/unit/test_socket_helper.rb

@@ -189,7 +189,7 @@ class TestSocketHelper < Test::Unit::TestCase
     port = unused_port @test_addr
     name = "#@test_addr:#{port}"
     sock = bind_listen(name, :reuseport => true)
-    cur = sock.getsockopt(Socket::SOL_SOCKET, SO_REUSEPORT).unpack('i')[0]
+    cur = sock.getsockopt(:SOL_SOCKET, :SO_REUSEPORT).int
     assert_operator cur, :>, 0
   rescue Errno::ENOPROTOOPT
     # kernel does not support SO_REUSEPORT (older Linux)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: unicorn
 version: !ruby/object:Gem::Version
-  version: 4.9.0
+  version: 5.0.0.pre1
 platform: ruby
 authors:
 - Unicorn hackers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-24 00:00:00.000000000 Z
+date: 2015-06-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -160,7 +160,6 @@ files:
 - bin/unicorn_rails
 - examples/big_app_gc.rb
 - examples/echo.ru
-- examples/git.ru
 - examples/init.sh
 - examples/logger_mp_safe.rb
 - examples/logrotate.conf
@@ -178,8 +177,6 @@ files:
 - ext/unicorn_http/unicorn_http.rl
 - ext/unicorn_http/unicorn_http_common.rl
 - lib/unicorn.rb
-- lib/unicorn/app/exec_cgi.rb
-- lib/unicorn/app/inetd.rb
 - lib/unicorn/app/old_rails.rb
 - lib/unicorn/app/old_rails/static.rb
 - lib/unicorn/cgi_wrapper.rb
@@ -192,9 +189,6 @@ files:
 - lib/unicorn/oob_gc.rb
 - lib/unicorn/preread_input.rb
 - lib/unicorn/socket_helper.rb
-- lib/unicorn/ssl_client.rb
-- lib/unicorn/ssl_configurator.rb
-- lib/unicorn/ssl_server.rb
 - lib/unicorn/stream_input.rb
 - lib/unicorn/tee_input.rb
 - lib/unicorn/tmpio.rb
@@ -245,8 +239,6 @@ files:
 - t/t0014-rewindable-input-true.sh
 - t/t0014.ru
 - t/t0015-configurator-internals.sh
-- t/t0016-trust-x-forwarded-false.sh
-- t/t0017-trust-x-forwarded-true.sh
 - t/t0018-write-on-close.sh
 - t/t0019-max_header_len.sh
 - t/t0020-at_exit-handler.sh
@@ -273,12 +265,10 @@ files:
 - test/unit/test_droplet.rb
 - test/unit/test_http_parser.rb
 - test/unit/test_http_parser_ng.rb
-- test/unit/test_http_parser_xftrust.rb
 - test/unit/test_request.rb
 - test/unit/test_response.rb
 - test/unit/test_server.rb
 - test/unit/test_signals.rb
-- test/unit/test_sni_hostnames.rb
 - test/unit/test_socket_helper.rb
 - test/unit/test_stream_input.rb
 - test/unit/test_tee_input.rb
@@ -303,9 +293,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.5
@@ -316,9 +306,7 @@ test_files:
 - test/unit/test_configurator.rb
 - test/unit/test_http_parser.rb
 - test/unit/test_http_parser_ng.rb
-- test/unit/test_http_parser_xftrust.rb
 - test/unit/test_request.rb
 - test/unit/test_response.rb
 - test/unit/test_server.rb
-- test/unit/test_sni_hostnames.rb
 - test/unit/test_util.rb

data/examples/git.ru

@@ -1,13 +0,0 @@
-#\-E none
-
-# See http://thread.gmane.org/gmane.comp.web.curl.general/10473/raw on
-# how to setup git for this.  A better version of the above patch was
-# accepted and committed on June 15, 2009, so you can pull the latest
-# curl CVS snapshot to try this out.
-require 'unicorn/app/inetd'
-
-use Rack::Lint
-use Rack::Chunked # important!
-run Unicorn::App::Inetd.new(
- *%w(git daemon --verbose --inetd --export-all --base-path=/home/ew/unicorn)
-)

data/lib/unicorn/app/exec_cgi.rb

@@ -1,154 +0,0 @@
-# -*- encoding: binary -*-
-# :enddoc:
-require 'unicorn'
-
-module Unicorn::App
-
-  # This class is highly experimental (even more so than the rest of Unicorn)
-  # and has never run anything other than cgit.
-  class ExecCgi < Struct.new(:args)
-
-    CHUNK_SIZE = 16384
-    PASS_VARS = %w(
-      CONTENT_LENGTH
-      CONTENT_TYPE
-      GATEWAY_INTERFACE
-      AUTH_TYPE
-      PATH_INFO
-      PATH_TRANSLATED
-      QUERY_STRING
-      REMOTE_ADDR
-      REMOTE_HOST
-      REMOTE_IDENT
-      REMOTE_USER
-      REQUEST_METHOD
-      SERVER_NAME
-      SERVER_PORT
-      SERVER_PROTOCOL
-      SERVER_SOFTWARE
-    ).map { |x| x.freeze } # frozen strings are faster for Hash assignments
-
-    class Body < Unicorn::TmpIO
-      def body_offset=(n)
-        sysseek(@body_offset = n)
-      end
-
-      def each
-        sysseek @body_offset
-        # don't use a preallocated buffer for sysread since we can't
-        # guarantee an actual socket is consuming the yielded string
-        # (or if somebody is pushing to an array for eventual concatenation
-        begin
-          yield sysread(CHUNK_SIZE)
-        rescue EOFError
-          break
-        end while true
-      end
-    end
-
-    # Intializes the app, example of usage in a config.ru
-    #   map "/cgit" do
-    #     run Unicorn::App::ExecCgi.new("/path/to/cgit.cgi")
-    #   end
-    def initialize(*args)
-      self.args = args
-      first = args[0] or
-        raise ArgumentError, "need path to executable"
-      first[0] == ?/ or args[0] = ::File.expand_path(first)
-      File.executable?(args[0]) or
-        raise ArgumentError, "#{args[0]} is not executable"
-    end
-
-    # Calls the app
-    def call(env)
-      out, err = Body.new, Unicorn::TmpIO.new
-      inp = force_file_input(env)
-      pid = fork { run_child(inp, out, err, env) }
-      inp.close
-      pid, status = Process.waitpid2(pid)
-      write_errors(env, err, status) if err.stat.size > 0
-      err.close
-
-      return parse_output!(out) if status.success?
-      out.close
-      [ 500, { 'Content-Length' => '0', 'Content-Type' => 'text/plain' }, [] ]
-    end
-
-    private
-
-    def run_child(inp, out, err, env)
-      PASS_VARS.each do |key|
-        val = env[key] or next
-        ENV[key] = val
-      end
-      ENV['SCRIPT_NAME'] = args[0]
-      ENV['GATEWAY_INTERFACE'] = 'CGI/1.1'
-      env.keys.grep(/^HTTP_/) { |key| ENV[key] = env[key] }
-
-      $stdin.reopen(inp)
-      $stdout.reopen(out)
-      $stderr.reopen(err)
-      exec(*args)
-    end
-
-    # Extracts headers from CGI out, will change the offset of out.
-    # This returns a standard Rack-compatible return value:
-    #   [ 200, HeadersHash, body ]
-    def parse_output!(out)
-      size = out.stat.size
-      out.sysseek(0)
-      head = out.sysread(CHUNK_SIZE)
-      offset = 2
-      head, body = head.split(/\n\n/, 2)
-      if body.nil?
-        head, body = head.split(/\r\n\r\n/, 2)
-        offset = 4
-      end
-      offset += head.length
-      out.body_offset = offset
-      size -= offset
-      prev = nil
-      headers = Rack::Utils::HeaderHash.new
-      head.split(/\r?\n/).each do |line|
-        case line
-        when /^([A-Za-z0-9-]+):\s*(.*)$/ then headers[prev = $1] = $2
-        when /^[ \t]/ then headers[prev] << "\n#{line}" if prev
-        end
-      end
-      status = headers.delete("Status") || 200
-      headers['Content-Length'] = size.to_s
-      [ status, headers, out ]
-    end
-
-    # ensures rack.input is a file handle that we can redirect stdin to
-    def force_file_input(env)
-      inp = env['rack.input']
-      # inp could be a StringIO or StringIO-like object
-      if inp.respond_to?(:size) && inp.size == 0
-        ::File.open('/dev/null', 'rb')
-      else
-        tmp = Unicorn::TmpIO.new
-
-        buf = inp.read(CHUNK_SIZE)
-        begin
-          tmp.syswrite(buf)
-        end while inp.read(CHUNK_SIZE, buf)
-        tmp.sysseek(0)
-        tmp
-      end
-    end
-
-    # rack.errors this may not be an IO object, so we couldn't
-    # just redirect the CGI executable to that earlier.
-    def write_errors(env, err, status)
-      err.seek(0)
-      dst = env['rack.errors']
-      pid = status.pid
-      dst.write("#{pid}: #{args.inspect} status=#{status} stderr:\n")
-      err.each_line { |line| dst.write("#{pid}: #{line}") }
-      dst.flush
-    end
-
-  end
-
-end

data/lib/unicorn/app/inetd.rb

@@ -1,109 +0,0 @@
-# -*- encoding: binary -*-
-# :enddoc:
-# Copyright (c) 2009 Eric Wong
-# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
-# the GPLv2+ (GPLv3+ preferred)
-
-# this class *must* be used with Rack::Chunked
-module Unicorn::App
-  class Inetd < Struct.new(:cmd)
-
-    class CatBody < Struct.new(:errors, :err_rd, :out_rd, :pid_map)
-      def initialize(env, cmd)
-        self.errors = env['rack.errors']
-        in_rd, in_wr = IO.pipe
-        self.err_rd, err_wr = IO.pipe
-        self.out_rd, out_wr = IO.pipe
-
-        cmd_pid = fork {
-          inp, out, err = (0..2).map { |i| IO.new(i) }
-          inp.reopen(in_rd)
-          out.reopen(out_wr)
-          err.reopen(err_wr)
-          [ in_rd, in_wr, err_rd, err_wr, out_rd, out_wr ].each { |i| i.close }
-          exec(*cmd)
-        }
-        [ in_rd, err_wr, out_wr ].each { |io| io.close }
-        [ in_wr, err_rd, out_rd ].each { |io| io.binmode }
-        in_wr.sync = true
-
-        # Unfortunately, input here must be processed inside a seperate
-        # thread/process using blocking I/O since env['rack.input'] is not
-        # IO.select-able and attempting to make it so would trip Rack::Lint
-        inp_pid = fork {
-          input = env['rack.input']
-          [ err_rd, out_rd ].each { |io| io.close }
-
-          # this is dependent on input.read having readpartial semantics:
-          buf = input.read(16384)
-          begin
-            in_wr.write(buf)
-          end while input.read(16384, buf)
-        }
-        in_wr.close
-        self.pid_map = {
-          inp_pid => 'input streamer',
-          cmd_pid => cmd.inspect,
-        }
-      end
-
-      def each
-        begin
-          rd, = IO.select([err_rd, out_rd])
-          rd && rd.first or next
-
-          if rd.include?(err_rd)
-            begin
-              errors.write(err_rd.read_nonblock(16384))
-            rescue Errno::EINTR
-            rescue Errno::EAGAIN
-              break
-            end while true
-          end
-
-          rd.include?(out_rd) or next
-
-          begin
-            yield out_rd.read_nonblock(16384)
-          rescue Errno::EINTR
-          rescue Errno::EAGAIN
-            break
-          end while true
-        rescue EOFError,Errno::EPIPE,Errno::EBADF,Errno::EINVAL
-          break
-        end while true
-
-        self
-      end
-
-      def close
-        pid_map.each { |pid, str|
-          begin
-            pid, status = Process.waitpid2(pid)
-            status.success? or
-              errors.write("#{str}: #{status.inspect} (PID:#{pid})\n")
-          rescue Errno::ECHILD
-            errors.write("Failed to reap #{str} (PID:#{pid})\n")
-          end
-        }
-        out_rd.close
-        err_rd.close
-      end
-
-    end
-
-    def initialize(*cmd)
-      self.cmd = cmd
-    end
-
-    def call(env)
-      /\A100-continue\z/i =~ env[Unicorn::Const::HTTP_EXPECT] and
-          return [ 100, {} , [] ]
-
-      [ 200, { 'Content-Type' => 'application/octet-stream' },
-       CatBody.new(env, cmd) ]
-    end
-
-  end
-
-end

data/lib/unicorn/ssl_client.rb

@@ -1,11 +0,0 @@
-# -*- encoding: binary -*-
-# :stopdoc:
-class Unicorn::SSLClient < Kgio::SSL
-  alias write kgio_write
-  alias close kgio_close
-
-  # this is no-op for now, to be fixed in kgio-monkey if people care
-  # about SSL support...
-  def shutdown(how = nil)
-  end
-end

data/lib/unicorn/ssl_configurator.rb

@@ -1,104 +0,0 @@
-# -*- encoding: binary -*-
-# :stopdoc:
-# This module is included in Unicorn::Configurator
-# :startdoc:
-#
-module Unicorn::SSLConfigurator
-  def ssl(&block)
-    ssl_require!
-    before = @set[:listeners].dup
-    opts = @set[:ssl_opts] = {}
-    yield
-    (@set[:listeners] - before).each do |address|
-      (@set[:listener_opts][address] ||= {})[:ssl_opts] = opts
-    end
-    ensure
-      @set.delete(:ssl_opts)
-  end
-
-  def ssl_certificate(file)
-    ssl_set(:ssl_certificate, file)
-  end
-
-  def ssl_certificate_key(file)
-    ssl_set(:ssl_certificate_key, file)
-  end
-
-  def ssl_client_certificate(file)
-    ssl_set(:ssl_client_certificate, file)
-  end
-
-  def ssl_dhparam(file)
-    ssl_set(:ssl_dhparam, file)
-  end
-
-  def ssl_ciphers(openssl_cipherlist_spec)
-    ssl_set(:ssl_ciphers, openssl_cipherlist_spec)
-  end
-
-  def ssl_crl(file)
-    ssl_set(:ssl_crl, file)
-  end
-
-  def ssl_prefer_server_ciphers(bool)
-    ssl_set(:ssl_prefer_server_ciphers, check_bool(bool))
-  end
-
-  def ssl_protocols(list)
-    ssl_set(:ssl_protocols, list)
-  end
-
-  def ssl_verify_client(on_off_optional)
-    ssl_set(:ssl_verify_client, on_off_optional)
-  end
-
-  def ssl_session_timeout(seconds)
-    ssl_set(:ssl_session_timeout, seconds)
-  end
-
-  def ssl_verify_depth(depth)
-    ssl_set(:ssl_verify_depth, depth)
-  end
-
-  # Allows specifying an engine for OpenSSL to use.  We have not been
-  # able to successfully test this feature due to a lack of hardware,
-  # Reports of success or patches to unicorn-public@bogomips.org is
-  # greatly appreciated.
-  def ssl_engine(engine)
-    ssl_warn_global(:ssl_engine)
-    ssl_require!
-    OpenSSL::Engine.load
-    OpenSSL::Engine.by_id(engine)
-    @set[:ssl_engine] = engine
-  end
-
-  def ssl_compression(bool)
-    # OpenSSL uses the SSL_OP_NO_COMPRESSION flag, Flipper follows suit
-    # with :ssl_no_compression, but we negate it to avoid exposing double
-    # negatives to the user.
-    ssl_set(:ssl_no_compression, check_bool(:ssl_compression, ! bool))
-  end
-
-private
-
-  def ssl_warn_global(func) # :nodoc:
-    Hash === @set[:ssl_opts] or return
-    warn("`#{func}' affects all SSL contexts in this process, " \
-         "not just this block")
-  end
-
-  def ssl_set(key, value) # :nodoc:
-    cur = @set[:ssl_opts]
-    Hash === cur or
-             raise ArgumentError, "#{key} must be called inside an `ssl' block"
-    cur[key] = value
-  end
-
-  def ssl_require! # :nodoc:
-    require "flipper"
-    require "unicorn/ssl_client"
-    rescue LoadError
-      warn "install 'kgio-monkey' for SSL support"
-      raise
-  end
-end