unicorn 3.5.0 → 3.6.0

data/.document

@@ -13,7 +13,6 @@ NEWS
 ChangeLog
 LATEST
 lib
-ext/unicorn_http/unicorn_http.c
 unicorn_1
 unicorn_rails_1
 ISSUES

data/DESIGN

@@ -11,7 +11,7 @@
   only non-Ruby part and there are no plans to add any more
   non-Ruby components.
 
-* All HTTP protocol parsing and I/O is done much like Mongrel:
+* All HTTP parsing and I/O is done much like Mongrel:
     1. read/parse HTTP request headers in full
     2. call Rack application
     3. write HTTP response back to the client

data/GIT-VERSION-GEN

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 GVF=GIT-VERSION-FILE
-DEF_VER=v3.5.0.GIT
+DEF_VER=v3.6.0.GIT
 
 LF='
 '

data/GNUmakefile

@@ -15,7 +15,7 @@ GIT-VERSION-FILE: .FORCE-GIT-VERSION-FILE
 -include local.mk
 ruby_bin := $(shell which $(RUBY))
 ifeq ($(DLEXT),) # "so" for Linux
-  DLEXT := $(shell $(RUBY) -rrbconfig -e 'puts Config::CONFIG["DLEXT"]')
+  DLEXT := $(shell $(RUBY) -rrbconfig -e 'puts RbConfig::CONFIG["DLEXT"]')
 endif
 ifeq ($(RUBY_VERSION),)
   RUBY_VERSION := $(shell $(RUBY) -e 'puts RUBY_VERSION')
@@ -205,9 +205,9 @@ $(rails_git)/info/cloned-stamp:
 	git clone --mirror -q $(rails_git_url) $(rails_git)
 	> $@
 
-$(rails_git)/info/v2.3.8-stamp: $(rails_git)/info/cloned-stamp
+$(rails_git)/info/v2.2.3-stamp: $(rails_git)/info/cloned-stamp
 	cd $(rails_git) && git fetch
-	cd $(rails_git) && git rev-parse --verify refs/tags/v2.3.8
+	cd $(rails_git) && git rev-parse --verify refs/tags/v2.2.3
 	> $@
 
 rails_tests := $(addsuffix .r,$(addprefix $(T_r).,$(rails_vers)))
@@ -220,7 +220,7 @@ $(T_r).%.r: export PATH := $(test_prefix)/bin:$(PATH)
 $(T_r).%.r: export RUBYLIB := $(test_prefix):$(test_prefix)/lib:$(MYLIBS)
 $(T_r).%.r: export UNICORN_RAILS_TEST_VERSION = $(rv)
 $(T_r).%.r: export RAILS_GIT_REPO = $(CURDIR)/$(rails_git)
-$(T_r).%.r: $(test_prefix)/.stamp $(rails_git)/info/v2.3.8-stamp
+$(T_r).%.r: $(test_prefix)/.stamp $(rails_git)/info/v2.2.3-stamp
 	$(run_test)
 
 ifneq ($(VERSION),)

data/KNOWN_ISSUES

@@ -3,8 +3,15 @@
 Occasionally odd {issues}[link:ISSUES.html] arise without a transparent or
 acceptable solution.  Those issues are documented here.
 
+* PRNGs (pseudo-random number generators) loaded before forking
+  (e.g. "preload_app true") may need to have their internal state
+  reset in the after_fork hook.  Starting with \Unicorn 3.6.0, we
+  have builtin workarounds for Kernel#rand and OpenSSL::Random users,
+  but applications may use other PRNGs.
+
 * Under some versions of Ruby 1.8, it is necessary to call +srand+ in an
-  after_fork hook to get correct random number generation.
+  after_fork hook to get correct random number generation.  We have a builtin
+  workaround for this starting with \Unicorn 3.6.0
 
   See http://redmine.ruby-lang.org/issues/show/4338
 

data/README

@@ -78,7 +78,7 @@ and run setup.rb after unpacking it:
 
 http://rubyforge.org/frs/?group_id=1306
 
-You may also install it via RubyGems on Gemcutter:
+You may also install it via RubyGems on RubyGems.org:
 
   gem install unicorn
 

data/bin/unicorn

@@ -7,7 +7,7 @@ ENV["RACK_ENV"] ||= "development"
 rackup_opts = Unicorn::Configurator::RACKUP
 options = rackup_opts[:options]
 
-opts = OptionParser.new("", 24, '  ') do |opts|
+op = OptionParser.new("", 24, '  ') do |opts|
   cmd = File.basename($0)
   opts.banner = "Usage: #{cmd} " \
                 "[ruby options] [#{cmd} options] [rackup config file]"
@@ -105,7 +105,7 @@ opts = OptionParser.new("", 24, '  ') do |opts|
   opts.parse! ARGV
 end
 
-app = Unicorn.builder(ARGV[0] || 'config.ru', opts)
+app = Unicorn.builder(ARGV[0] || 'config.ru', op)
 
 if $DEBUG
   require 'pp'

data/bin/unicorn_rails

@@ -8,7 +8,7 @@ ENV['RAILS_ENV'] ||= "development"
 rackup_opts = Unicorn::Configurator::RACKUP
 options = rackup_opts[:options]
 
-opts = OptionParser.new("", 24, '  ') do |opts|
+op = OptionParser.new("", 24, '  ') do |opts|
   cmd = File.basename($0)
   opts.banner = "Usage: #{cmd} " \
                 "[ruby options] [#{cmd} options] [rackup config file]"
@@ -124,11 +124,11 @@ def rails_dispatcher
   result || abort("Unable to locate the application dispatcher class")
 end
 
-def rails_builder(ru, opts, daemonize)
-  return Unicorn.builder(ru, opts) if ru
+def rails_builder(ru, op, daemonize)
+  return Unicorn.builder(ru, op) if ru
 
   # allow Configurator to parse cli switches embedded in the ru file
-  Unicorn::Configurator::RACKUP.update(:file => :rails, :optparse => opts)
+  Unicorn::Configurator::RACKUP.update(:file => :rails, :optparse => op)
 
   # this lambda won't run until after forking if preload_app is false
   # this runs after config file reloading
@@ -136,7 +136,7 @@ def rails_builder(ru, opts, daemonize)
     # Rails 3 includes a config.ru, use it if we find it after
     # working_directory is bound.
     ::File.exist?('config.ru') and
-      return Unicorn.builder('config.ru', opts).call
+      return Unicorn.builder('config.ru', op).call
 
     # Load Rails and (possibly) the private version of Rack it bundles.
     begin
@@ -185,7 +185,7 @@ def rails_builder(ru, opts, daemonize)
   end
 end
 
-app = rails_builder(ARGV[0], opts, rackup_opts[:daemonize])
+app = rails_builder(ARGV[0], op, rackup_opts[:daemonize])
 
 if $DEBUG
   require 'pp'

data/examples/logrotate.conf

@@ -0,0 +1,29 @@
+# example logrotate config file, I usually keep this in
+# /etc/logrotate.d/unicorn_app on my Debian systems
+#
+# See the logrotate(8) manpage for more information:
+#    http://linux.die.net/man/8/logrotate
+
+# Modify the following glob to match the logfiles your app writes to:
+/var/log/unicorn_app/*.log {
+	# this first block is mostly just personal preference, though
+	# I wish logrotate offered an "hourly" option...
+	daily
+	missingok
+	rotate 180
+	compress # must use with delaycompress below
+	dateext
+
+	# this is important if using "compress" since we need to call
+	# the "lastaction" script below before compressing:
+	delaycompress
+
+	# note the lack of the evil "copytruncate" option in this
+	# config.  Unicorn supports the USR1 signal and we send it
+	# as our "lastaction" action:
+	lastaction
+		# assuming your pid file is in /var/run/unicorn_app/pid
+		pid=/var/run/unicorn_app/pid
+		test -s $pid && kill -USR1 "$(cat $pid)"
+	endscript
+}

data/examples/unicorn.conf.rb

@@ -12,6 +12,13 @@
 # more will usually help for _short_ waits on databases/caches.
 worker_processes 4
 
+# Since Unicorn is never exposed to outside clients, it does not need to
+# run on the standard HTTP port (80), there is no reason to start Unicorn
+# as root unless it's from system init scripts.
+# If running the master process as root and the workers as an unprivileged
+# user, do this to switch euid/egid in the workers (also chowns logs):
+# user "unprivileged_user", "unprivileged_group"
+
 # Help ensure your application will always spawn in the symlinked
 # "current" directory that Capistrano sets up.
 working_directory "/path/to/app/current" # available in 0.94.0+

data/lib/unicorn.rb

@@ -5,10 +5,27 @@ require 'stringio'
 require 'rack'
 require 'kgio'
 
+# :stopdoc:
 # Unicorn module containing all of the classes (include C extensions) for
 # running a Unicorn web server.  It contains a minimalist HTTP server with just
 # enough functionality to service web application requests fast as possible.
+# :startdoc:
+
+# \Unicorn exposes very little of an user-visible API and most of its
+# internals are subject to change.  \Unicorn is designed to host Rack
+# applications, so applications should be written against the Rack SPEC
+# and not \Unicorn internals.
 module Unicorn
+
+  # Raised inside TeeInput when a client closes the socket inside the
+  # application dispatch.  This is always raised with an empty backtrace
+  # since there is nothing in the application stack that is responsible
+  # for client shutdowns/disconnects.  This exception is visible to Rack
+  # applications unless PrereadInput middleware is loaded.
+  class ClientShutdown < EOFError
+  end
+
+  # :stopdoc:
   def self.run(app, options = {})
     Unicorn::HttpServer.new(app, options).start.join
   end
@@ -63,14 +80,9 @@ module Unicorn
       Unicorn::SocketHelper.sock_name(io)
     end
   end
+  # :startdoc:
 end
-
-# raised inside TeeInput when a client closes the socket inside the
-# application dispatch.  This is always raised with an empty backtrace
-# since there is nothing in the application stack that is responsible
-# for client shutdowns/disconnects.
-class Unicorn::ClientShutdown < EOFError; end
-
+# :enddoc:
 require 'unicorn/const'
 require 'unicorn/socket_helper'
 require 'unicorn/stream_input'

data/lib/unicorn/app/exec_cgi.rb

@@ -1,5 +1,5 @@
 # -*- encoding: binary -*-
-
+# :enddoc:
 require 'unicorn'
 
 module Unicorn::App

data/lib/unicorn/app/inetd.rb

@@ -1,10 +1,9 @@
 # -*- encoding: binary -*-
-
+# :enddoc:
 # Copyright (c) 2009 Eric Wong
 # You can redistribute it and/or modify it under the same terms as Ruby.
 
 # this class *must* be used with Rack::Chunked
-
 module Unicorn::App
   class Inetd < Struct.new(:cmd)
 

data/lib/unicorn/app/old_rails.rb

@@ -1,5 +1,6 @@
 # -*- encoding: binary -*-
 
+# :enddoc:
 # This code is based on the original Rails handler in Mongrel
 # Copyright (c) 2005 Zed A. Shaw
 # Copyright (c) 2009 Eric Wong

data/lib/unicorn/app/old_rails/static.rb

@@ -1,5 +1,5 @@
 # -*- encoding: binary -*-
-
+# :enddoc:
 # This code is based on the original Rails handler in Mongrel
 # Copyright (c) 2005 Zed A. Shaw
 # Copyright (c) 2009 Eric Wong

data/lib/unicorn/cgi_wrapper.rb

@@ -1,5 +1,6 @@
 # -*- encoding: binary -*-
 
+# :enddoc:
 # This code is based on the original CGIWrapper from Mongrel
 # Copyright (c) 2005 Zed A. Shaw
 # Copyright (c) 2009 Eric Wong

data/lib/unicorn/configurator.rb

@@ -103,20 +103,24 @@ class Unicorn::Configurator
     set[key]
   end
 
-  # sets object to the +new+ Logger-like object.  The new logger-like
+  # sets object to the +obj+ Logger-like object.  The new Logger-like
   # object must respond to the following methods:
-  #  +debug+, +info+, +warn+, +error+, +fatal+
+  # * debug
+  # * info
+  # * warn
+  # * error
+  # * fatal
   # The default Logger will log its output to the path specified
   # by +stderr_path+.  If you're running Unicorn daemonized, then
   # you must specify a path to prevent error messages from going
   # to /dev/null.
-  def logger(new)
+  def logger(obj)
     %w(debug info warn error fatal).each do |m|
-      new.respond_to?(m) and next
-      raise ArgumentError, "logger=#{new} does not respond to method=#{m}"
+      obj.respond_to?(m) and next
+      raise ArgumentError, "logger=#{obj} does not respond to method=#{m}"
     end
 
-    set[:logger] = new
+    set[:logger] = obj
   end
 
   # sets after_fork hook to a given block.  This block will be called by
@@ -132,11 +136,6 @@ class Unicorn::Configurator
   #    # Existing options for Unicorn::Configurator#listen such as
   #    # :backlog, :rcvbuf, :sndbuf are available here as well.
   #    server.listen(addr, :tries => -1, :delay => 5, :backlog => 128)
-  #
-  #    # drop permissions to "www-data" in the worker
-  #    # generally there's no reason to start Unicorn as a priviledged user
-  #    # as it is not recommended to expose Unicorn to public clients.
-  #    worker.user('www-data', 'www-data') if Process.euid == 0
   #  end
   def after_fork(*args, &block)
     set_hook(:after_fork, block_given? ? block : args[0])
@@ -208,131 +207,157 @@ class Unicorn::Configurator
     set[:listeners] = addresses
   end
 
-  # adds an +address+ to the existing listener set.
+  # Adds an +address+ to the existing listener set.  May be specified more
+  # than once.  +address+ may be an Integer port number for a TCP port, an
+  # "IP_ADDRESS:PORT" for TCP listeners or a pathname for UNIX domain sockets.
+  #
+  #   listen 3000 # listen to port 3000 on all TCP interfaces
+  #   listen "127.0.0.1:3000"  # listen to port 3000 on the loopback interface
+  #   listen "/tmp/.unicorn.sock" # listen on the given Unix domain socket
+  #   listen "[::1]:3000" # listen to port 3000 on the IPv6 loopback interface
   #
   # The following options may be specified (but are generally not needed):
   #
-  # +:backlog+: this is the backlog of the listen() syscall.
+  # [:backlog => number of clients]
+  #
+  #   This is the backlog of the listen() syscall.
+  #
+  #   Some operating systems allow negative values here to specify the
+  #   maximum allowable value.  In most cases, this number is only
+  #   recommendation and there are other OS-specific tunables and
+  #   variables that can affect this number.  See the listen(2)
+  #   syscall documentation of your OS for the exact semantics of
+  #   this.
+  #
+  #   If you are running unicorn on multiple machines, lowering this number
+  #   can help your load balancer detect when a machine is overloaded
+  #   and give requests to a different machine.
+  #
+  #   Default: 1024
   #
-  # Some operating systems allow negative values here to specify the
-  # maximum allowable value.  In most cases, this number is only
-  # recommendation and there are other OS-specific tunables and
-  # variables that can affect this number.  See the listen(2)
-  # syscall documentation of your OS for the exact semantics of
-  # this.
+  # [:rcvbuf => bytes, :sndbuf => bytes]
   #
-  # If you are running unicorn on multiple machines, lowering this number
-  # can help your load balancer detect when a machine is overloaded
-  # and give requests to a different machine.
+  #   Maximum receive and send buffer sizes (in bytes) of sockets.
   #
-  # Default: 1024
+  #   These correspond to the SO_RCVBUF and SO_SNDBUF settings which
+  #   can be set via the setsockopt(2) syscall.  Some kernels
+  #   (e.g. Linux 2.4+) have intelligent auto-tuning mechanisms and
+  #   there is no need (and it is sometimes detrimental) to specify them.
   #
-  # +:rcvbuf+, +:sndbuf+: maximum receive and send buffer sizes of sockets
+  #   See the socket API documentation of your operating system
+  #   to determine the exact semantics of these settings and
+  #   other operating system-specific knobs where they can be
+  #   specified.
   #
-  # These correspond to the SO_RCVBUF and SO_SNDBUF settings which
-  # can be set via the setsockopt(2) syscall.  Some kernels
-  # (e.g. Linux 2.4+) have intelligent auto-tuning mechanisms and
-  # there is no need (and it is sometimes detrimental) to specify them.
+  #   Defaults: operating system defaults
   #
-  # See the socket API documentation of your operating system
-  # to determine the exact semantics of these settings and
-  # other operating system-specific knobs where they can be
-  # specified.
+  # [:tcp_nodelay => true or false]
   #
-  # Defaults: operating system defaults
+  #   Disables Nagle's algorithm on TCP sockets if +true+
   #
-  # +:tcp_nodelay+: disables Nagle's algorithm on TCP sockets
+  #   This has no effect on UNIX sockets.
   #
-  # This has no effect on UNIX sockets.
+  #   Default: operating system defaults (usually Nagle's algorithm enabled)
   #
-  # Default: operating system defaults (usually Nagle's algorithm enabled)
+  # [:tcp_nopush => true or false]
   #
-  # +:tcp_nopush+: enables/disables TCP_CORK in Linux or TCP_NOPUSH in FreeBSD
+  #   Enables/disables TCP_CORK in Linux or TCP_NOPUSH in FreeBSD
   #
-  # This is enabled by default as of Unicorn 3.4.  This prevents partial
-  # TCP frames from being sent out and reduces wakeups in nginx if it is
-  # on a different machine.  Since Unicorn is only designed for applications
-  # that send the response body quickly without keepalive, sockets will
-  # always be flushed on close to prevent delays.
+  #   This is enabled by default as of Unicorn 3.4.  This prevents partial
+  #   TCP frames from being sent out and reduces wakeups in nginx if it is
+  #   on a different machine.  Since Unicorn is only designed for applications
+  #   that send the response body quickly without keepalive, sockets will
+  #   always be flushed on close to prevent delays.
   #
-  # This has no effect on UNIX sockets.
+  #   This has no effect on UNIX sockets.
   #
-  # +:tries+: times to retry binding a socket if it is already in use
+  # [:tries => Integer]
   #
-  # A negative number indicates we will retry indefinitely, this is
-  # useful for migrations and upgrades when individual workers
-  # are binding to different ports.
+  #   Times to retry binding a socket if it is already in use
   #
-  # Default: 5
+  #   A negative number indicates we will retry indefinitely, this is
+  #   useful for migrations and upgrades when individual workers
+  #   are binding to different ports.
   #
-  # +:delay+: seconds to wait between successive +tries+
+  #   Default: 5
   #
-  # Default: 0.5 seconds
+  # [:delay => seconds]
   #
-  # +:umask+: sets the file mode creation mask for UNIX sockets
+  #   Seconds to wait between successive +tries+
   #
-  # Typically UNIX domain sockets are created with more liberal
-  # file permissions than the rest of the application.  By default,
-  # we create UNIX domain sockets to be readable and writable by
-  # all local users to give them the same accessibility as
-  # locally-bound TCP listeners.
+  #   Default: 0.5 seconds
   #
-  # This has no effect on TCP listeners.
+  # [:umask => mode]
   #
-  # Default: 0 (world read/writable)
+  #   Sets the file mode creation mask for UNIX sockets.  If specified,
+  #   this is usually in octal notation.
   #
-  # +:tcp_defer_accept:+ defer accept() until data is ready (Linux-only)
+  #   Typically UNIX domain sockets are created with more liberal
+  #   file permissions than the rest of the application.  By default,
+  #   we create UNIX domain sockets to be readable and writable by
+  #   all local users to give them the same accessibility as
+  #   locally-bound TCP listeners.
   #
-  # For Linux 2.6.32 and later, this is the number of retransmits to
-  # defer an accept() for if no data arrives, but the client will
-  # eventually be accepted after the specified number of retransmits
-  # regardless of whether data is ready.
+  #   This has no effect on TCP listeners.
   #
-  # For Linux before 2.6.32, this is a boolean option, and
-  # accepts are _always_ deferred indefinitely if no data arrives.
-  # This is similar to <code>:accept_filter => "dataready"</code>
-  # under FreeBSD.
+  #   Default: 0000 (world-read/writable)
   #
-  # Specifying +true+ is synonymous for the default value(s) below,
-  # and +false+ or +nil+ is synonymous for a value of zero.
+  # [:tcp_defer_accept => Integer]
   #
-  # A value of +1+ is a good optimization for local networks
-  # and trusted clients.  For Rainbows! and Zbatery users, a higher
-  # value (e.g. +60+) provides more protection against some
-  # denial-of-service attacks.  There is no good reason to ever
-  # disable this with a +zero+ value when serving HTTP.
+  #   Defer accept() until data is ready (Linux-only)
   #
-  # Default: 1 retransmit for \Unicorn, 60 for Rainbows! 0.95.0\+
+  #   For Linux 2.6.32 and later, this is the number of retransmits to
+  #   defer an accept() for if no data arrives, but the client will
+  #   eventually be accepted after the specified number of retransmits
+  #   regardless of whether data is ready.
   #
-  # +:accept_filter: defer accept() until data is ready (FreeBSD-only)
+  #   For Linux before 2.6.32, this is a boolean option, and
+  #   accepts are _always_ deferred indefinitely if no data arrives.
+  #   This is similar to <code>:accept_filter => "dataready"</code>
+  #   under FreeBSD.
   #
-  # This enables either the "dataready" or (default) "httpready"
-  # accept() filter under FreeBSD.  This is intended as an
-  # optimization to reduce context switches with common GET/HEAD
-  # requests.  For Rainbows! and Zbatery users, this provides
-  # some protection against certain denial-of-service attacks, too.
+  #   Specifying +true+ is synonymous for the default value(s) below,
+  #   and +false+ or +nil+ is synonymous for a value of zero.
   #
-  # There is no good reason to change from the default.
+  #   A value of +1+ is a good optimization for local networks
+  #   and trusted clients.  For Rainbows! and Zbatery users, a higher
+  #   value (e.g. +60+) provides more protection against some
+  #   denial-of-service attacks.  There is no good reason to ever
+  #   disable this with a +zero+ value when serving HTTP.
   #
-  # Default: "httpready"
-  def listen(address, opt = {})
+  #   Default: 1 retransmit for \Unicorn, 60 for Rainbows! 0.95.0\+
+  #
+  # [:accept_filter => String]
+  #
+  #   defer accept() until data is ready (FreeBSD-only)
+  #
+  #   This enables either the "dataready" or (default) "httpready"
+  #   accept() filter under FreeBSD.  This is intended as an
+  #   optimization to reduce context switches with common GET/HEAD
+  #   requests.  For Rainbows! and Zbatery users, this provides
+  #   some protection against certain denial-of-service attacks, too.
+  #
+  #   There is no good reason to change from the default.
+  #
+  #   Default: "httpready"
+  def listen(address, options = {})
     address = expand_addr(address)
     if String === address
       [ :umask, :backlog, :sndbuf, :rcvbuf, :tries ].each do |key|
-        value = opt[key] or next
+        value = options[key] or next
         Integer === value or
           raise ArgumentError, "not an integer: #{key}=#{value.inspect}"
       end
       [ :tcp_nodelay, :tcp_nopush ].each do |key|
-        (value = opt[key]).nil? and next
+        (value = options[key]).nil? and next
         TrueClass === value || FalseClass === value or
           raise ArgumentError, "not boolean: #{key}=#{value.inspect}"
       end
-      unless (value = opt[:delay]).nil?
+      unless (value = options[:delay]).nil?
         Numeric === value or
           raise ArgumentError, "not numeric: delay=#{value.inspect}"
       end
-      set[:listener_opts][address].merge!(opt)
+      set[:listener_opts][address].merge!(options)
     end
 
     set[:listeners] << address
@@ -373,11 +398,11 @@ class Unicorn::Configurator
     set_bool(:preload_app, bool)
   end
 
-  # Toggles making <code>env["rack.input"]</code> rewindable.
+  # Toggles making \env[\"rack.input\"] rewindable.
   # Disabling rewindability can improve performance by lowering
   # I/O and memory usage for applications that accept uploads.
   # Keep in mind that the Rack 1.x spec requires
-  # <code>env["rack.input"]</code> to be rewindable, so this allows
+  # \env[\"rack.input\"] to be rewindable, so this allows
   # intentionally violating the current Rack 1.x spec.
   #
   # +rewindable_input+ defaults to +true+ when used with Rack 1.x for
@@ -443,6 +468,7 @@ class Unicorn::Configurator
   # The master process always stays running as the user who started it.
   # This switch will occur after calling the after_fork hook, and only
   # if the Worker#user method is not called in the after_fork hook
+  # +group+ is optional and will not change if unspecified.
   def user(user, group = nil)
     # raises ArgumentError on invalid user/group
     Etc.getpwnam(user)
@@ -455,6 +481,9 @@ class Unicorn::Configurator
   # Rainbows!/Zbatery installations facing untrusted clients directly
   # should set this to +false+.  This is +true+ by default as Unicorn
   # is designed to only sit behind trusted nginx proxies.
+  #
+  # This has never been publically documented and is subject to removal
+  # in future releases.
   def trust_x_forwarded(bool) # :nodoc:
     set_bool(:trust_x_forwarded, bool)
   end
@@ -462,7 +491,7 @@ class Unicorn::Configurator
   # expands "unix:path/to/foo" to a socket relative to the current path
   # expands pathnames of sockets if relative to "~" or "~username"
   # expands "*:port and ":port" to "0.0.0.0:port"
-  def expand_addr(address) #:nodoc
+  def expand_addr(address) #:nodoc:
     return "0.0.0.0:#{address}" if Integer === address
     return address unless String === address
 

data/lib/unicorn/const.rb

@@ -1,5 +1,6 @@
 # -*- encoding: binary -*-
 
+# :enddoc:
 # Frequently used constants when constructing requests or responses.
 # Many times the constant just refers to a string with the same
 # contents.  Using these constants gave about a 3% to 10% performance

data/lib/unicorn/http_request.rb

@@ -1,5 +1,6 @@
 # -*- encoding: binary -*-
-
+# :enddoc:
+# no stable API here
 require 'unicorn_http'
 
 # TODO: remove redundant names

data/lib/unicorn/http_response.rb

@@ -1,4 +1,5 @@
 # -*- encoding: binary -*-
+# :enddoc:
 # Writes a Rack response to your client using the HTTP/1.1 specification.
 # You use it by simply doing:
 #

data/lib/unicorn/http_server.rb

@@ -4,15 +4,19 @@
 # processes which in turn handle the I/O and application process.
 # Listener sockets are started in the master process and shared with
 # forked worker children.
+#
+# Users do not need to know the internals of this class, but reading the
+# {source}[http://bogomips.org/unicorn.git/tree/lib/unicorn/http_server.rb]
+# is education for programmers wishing to learn how \Unicorn works.
+# See Unicorn::Configurator for information on how to configure \Unicorn.
 class Unicorn::HttpServer
+  # :stopdoc:
   attr_accessor :app, :request, :timeout, :worker_processes,
                 :before_fork, :after_fork, :before_exec,
                 :listener_opts, :preload_app,
                 :reexec_pid, :orig_app, :init_listeners,
                 :master_pid, :config, :ready_pipe, :user
   attr_reader :pid, :logger
-
-  # :stopdoc:
   include Unicorn::SocketHelper
   include Unicorn::HttpResponse
 
@@ -84,6 +88,7 @@ class Unicorn::HttpServer
   rescue
     Dir.pwd
   end
+  # :stopdoc:
 
   # Creates a working server on host:port (strange things happen if
   # port isn't a Number).  Use HttpServer::run to start the server and
@@ -94,7 +99,7 @@ class Unicorn::HttpServer
     @request = Unicorn::HttpRequest.new
     self.reexec_pid = 0
     options = options.dup
-    self.ready_pipe = options.delete(:ready_pipe)
+    @ready_pipe = options.delete(:ready_pipe)
     self.init_listeners = options[:listeners] ? options[:listeners].dup : []
     options[:use_defaults] = true
     self.config = Unicorn::Configurator.new(options)
@@ -277,10 +282,10 @@ class Unicorn::HttpServer
 
     proc_name 'master'
     logger.info "master process ready" # test_exec.rb relies on this message
-    if ready_pipe
-      ready_pipe.syswrite($$.to_s)
-      ready_pipe.close rescue nil
-      self.ready_pipe = nil
+    if @ready_pipe
+      @ready_pipe.syswrite($$.to_s)
+      @ready_pipe.close rescue nil
+      @ready_pipe = nil
     end
     begin
       reap_all_workers
@@ -484,14 +489,23 @@ class Unicorn::HttpServer
     next_sleep
   end
 
+  def after_fork_internal
+    @ready_pipe.close if @ready_pipe
+    self.ready_pipe = nil # XXX Rainbows! compat, change for Unicorn 4.x
+    tmp = srand # http://redmine.ruby-lang.org/issues/4338
+
+    # The OpenSSL PRNG is seeded with only the pid, and apps with frequently
+    # dying workers can recycle pids
+    OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
+  end
+
   def spawn_missing_workers
     (0...worker_processes).each do |worker_nr|
       WORKERS.values.include?(worker_nr) and next
       worker = Worker.new(worker_nr, Unicorn::TmpIO.new)
       before_fork.call(self, worker)
       WORKERS[fork {
-        ready_pipe.close if ready_pipe
-        self.ready_pipe = nil
+        after_fork_internal
         worker_loop(worker)
       }] = worker
     end
@@ -568,6 +582,9 @@ class Unicorn::HttpServer
     Unicorn::Util.reopen_logs
     logger.info "worker=#{worker_nr} done reopening logs"
     init_self_pipe!
+    rescue => e
+      logger.error(e) rescue nil
+      exit!(77) # EX_NOPERM in sysexits.h
   end
 
   # runs inside each forked worker, this sits around and waits

data/lib/unicorn/launcher.rb

@@ -1,5 +1,6 @@
 # -*- encoding: binary -*-
 
+# :enddoc:
 $stdout.sync = $stderr.sync = true
 $stdin.binmode
 $stdout.binmode

data/lib/unicorn/preread_input.rb

@@ -13,6 +13,8 @@ module Unicorn
 #     end
 #     run YourApp.new
 class PrereadInput
+
+  # :stopdoc:
   def initialize(app)
     @app = app
   end
@@ -26,5 +28,6 @@ class PrereadInput
     end
     @app.call(env)
   end
+  # :startdoc:
 end
 end

data/lib/unicorn/socket_helper.rb

@@ -17,7 +17,7 @@ module Unicorn
       # denial-of-service attacks
       :tcp_defer_accept => 1,
 
-      # FreeBSD, we need to override this to 'dataready' when we
+      # FreeBSD, we need to override this to 'dataready' if we
       # eventually get HTTPS support
       :accept_filter => 'httpready',
 

data/lib/unicorn/stream_input.rb

@@ -1,7 +1,7 @@
 # -*- encoding: binary -*-
 
 # When processing uploads, Unicorn may expose a StreamInput object under
-# "rack.input" of the Rack (2.x) environment.
+# "rack.input" of the (future) Rack (2.x) environment.
 class Unicorn::StreamInput
   # The I/O chunk size (in +bytes+) for I/O operations where
   # the size cannot be user-specified when a method is called.

data/lib/unicorn/tmpio.rb

@@ -25,5 +25,5 @@ class Unicorn::TmpIO < File
   # for easier env["rack.input"] compatibility with Rack <= 1.1
   def size
     stat.size
-  end
+  end unless File.method_defined?(:size)
 end

data/lib/unicorn/util.rb

@@ -8,7 +8,6 @@ module Unicorn::Util
 
     ! fp.closed? &&
       fp.sync &&
-      fp.path[0] == ?/ &&
       (fp.fcntl(Fcntl::F_GETFL) & append_flags) == append_flags
     rescue IOError, Errno::EBADF
       false
@@ -25,10 +24,12 @@ module Unicorn::Util
   # using logrotate(8) (without copytruncate) or similar tools.
   # A +File+ object is considered for reopening if it is:
   #   1) opened with the O_APPEND and O_WRONLY flags
-  #   2) opened with an absolute path (starts with "/")
-  #   3) the current open file handle does not match its original open path
-  #   4) unbuffered (as far as userspace buffering goes, not O_SYNC)
+  #   2) the current open file handle does not match its original open path
+  #   3) unbuffered (as far as userspace buffering goes, not O_SYNC)
   # Returns the number of files reopened
+  #
+  # In Unicorn 3.5.x and earlier, files must be opened with an absolute
+  # path to be considered a log file.
   def self.reopen_logs
     to_reopen = []
     nr = 0

data/lib/unicorn/worker.rb

@@ -2,16 +2,23 @@
 
 # This class and its members can be considered a stable interface
 # and will not change in a backwards-incompatible fashion between
-# releases of Unicorn.  You may need to access it in the
-# before_fork/after_fork hooks.  See the Unicorn::Configurator RDoc
-# for examples.
+# releases of \Unicorn.  Knowledge of this class is generally not
+# not needed for most users of \Unicorn.
+#
+# Some users may want to access it in the before_fork/after_fork hooks.
+# See the Unicorn::Configurator RDoc for examples.
 class Unicorn::Worker < Struct.new(:nr, :tmp, :switched)
 
-  # worker objects may be compared to just plain numbers
-  def ==(other_nr)
-    self.nr == other_nr
+  # worker objects may be compared to just plain Integers
+  def ==(other_nr) # :nodoc:
+    nr == other_nr
   end
 
+  # In most cases, you should be using the Unicorn::Configurator#user
+  # directive instead.  This method should only be used if you need
+  # fine-grained control of exactly when you want to change permissions
+  # in your after_fork hooks.
+  #
   # Changes the worker process to the specified +user+ and +group+
   # This is only intended to be called from within the worker
   # process from the +after_fork+ hook.  This should be called in

data/script/isolate_for_tests

@@ -17,8 +17,8 @@ opts = {
 pid = fork do
   Isolate.now!(opts) do
     gem 'sqlite3-ruby', '1.2.5'
-    gem 'kgio', '2.3.2'
-    gem 'rack', '1.1.0'
+    gem 'kgio', '2.3.3'
+    gem 'rack', '1.2.2'
   end
 end
 _, status = Process.waitpid2(pid)

data/t/t0100-rack-input-tests.sh

@@ -7,7 +7,7 @@ t_plan 10 "rack.input read tests"
 t_begin "setup and startup" && {
 	rtmpfiles curl_out curl_err
 	unicorn_setup
-	unicorn -D rack-input-tests.ru -c $unicorn_config
+	unicorn -E none -D rack-input-tests.ru -c $unicorn_config
         blob_sha1=$(rsha1 < random_blob)
 	blob_size=$(wc -c < random_blob)
         t_info "blob_sha1=$blob_sha1"

data/test/unit/test_http_parser.rb

@@ -302,7 +302,6 @@ class HttpParserTest < Test::Unit::TestCase
              "Host: hello\r\n" \
              "\r\n"
     parser.buf << header
-    req = parser.env
     assert_raises(HttpParserError) { parser.parse }
   end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: unicorn
 version: !ruby/object:Gem::Version 
-  hash: 19
+  hash: 31
   prerelease: 
   segments: 
   - 3
-  - 5
+  - 6
   - 0
-  version: 3.5.0
+  version: 3.6.0
 platform: ruby
 authors: 
 - Unicorn hackers
@@ -15,8 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-15 00:00:00 +00:00
-default_executable: 
+date: 2011-04-21 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rack
@@ -125,7 +124,6 @@ extra_rdoc_files:
 - lib/unicorn/tmpio.rb
 - lib/unicorn/util.rb
 - lib/unicorn/worker.rb
-- ext/unicorn_http/unicorn_http.c
 - ISSUES
 - Sandbox
 files: 
@@ -167,6 +165,7 @@ files:
 - examples/git.ru
 - examples/init.sh
 - examples/logger_mp_safe.rb
+- examples/logrotate.conf
 - examples/nginx.conf
 - examples/unicorn.conf.minimal.rb
 - examples/unicorn.conf.rb
@@ -348,22 +347,6 @@ files:
 - test/rails/app-2.2.2/log/.gitignore
 - test/rails/app-2.2.2/public/404.html
 - test/rails/app-2.2.2/public/500.html
-- test/rails/app-2.3.8/.gitignore
-- test/rails/app-2.3.8/Rakefile
-- test/rails/app-2.3.8/app/controllers/application_controller.rb
-- test/rails/app-2.3.8/app/controllers/foo_controller.rb
-- test/rails/app-2.3.8/app/helpers/application_helper.rb
-- test/rails/app-2.3.8/config/boot.rb
-- test/rails/app-2.3.8/config/database.yml
-- test/rails/app-2.3.8/config/environment.rb
-- test/rails/app-2.3.8/config/environments/development.rb
-- test/rails/app-2.3.8/config/environments/production.rb
-- test/rails/app-2.3.8/config/routes.rb
-- test/rails/app-2.3.8/db/.gitignore
-- test/rails/app-2.3.8/log/.gitignore
-- test/rails/app-2.3.8/public/404.html
-- test/rails/app-2.3.8/public/500.html
-- test/rails/app-2.3.8/public/x.txt
 - test/rails/test_rails.rb
 - test/test_helper.rb
 - test/unit/test_configurator.rb
@@ -380,7 +363,6 @@ files:
 - test/unit/test_upload.rb
 - test/unit/test_util.rb
 - unicorn.gemspec
-has_rdoc: true
 homepage: http://unicorn.bogomips.org/
 licenses: []
 
@@ -413,7 +395,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: mongrel
-rubygems_version: 1.6.1
+rubygems_version: 1.7.2
 signing_key: 
 specification_version: 3
 summary: Rack HTTP server for fast clients and Unix

data/test/rails/app-2.3.8/.gitignore

@@ -1,2 +0,0 @@
-/tmp
-/vendor

data/test/rails/app-2.3.8/Rakefile

@@ -1,7 +0,0 @@
-require(File.join(File.dirname(__FILE__), 'config', 'boot'))
-
-require 'rake'
-require 'rake/testtask'
-require 'rake/rdoctask'
-
-require 'tasks/rails'

data/test/rails/app-2.3.8/app/controllers/application_controller.rb

@@ -1,5 +0,0 @@
-# -*- encoding: binary -*-
-
-class ApplicationController < ActionController::Base
-  helper :all
-end

data/test/rails/app-2.3.8/app/controllers/foo_controller.rb

@@ -1,36 +0,0 @@
-# -*- encoding: binary -*-
-
-require 'digest/sha1'
-class FooController < ApplicationController
-  def index
-    render :text => "FOO\n"
-  end
-
-  def xcookie
-    cookies["foo"] = "cookie-#$$-#{session[:gotta_use_the_session_in_2_3]}"
-    render :text => ""
-  end
-
-  def xnotice
-    flash[:notice] = "session #$$"
-    render :text => ""
-  end
-
-  def xpost
-    if request.post?
-      digest = Digest::SHA1.new
-      out = "params: #{params.inspect}\n"
-      if file = params[:file]
-        loop do
-          buf = file.read(4096) or break
-          digest.update(buf)
-        end
-        out << "sha1: #{digest.to_s}\n"
-      end
-      headers['content-type'] = 'text/plain'
-      render :text => out
-    else
-      render :status => 403, :text => "need post\n"
-    end
-  end
-end

data/test/rails/app-2.3.8/app/helpers/application_helper.rb

@@ -1,4 +0,0 @@
-# -*- encoding: binary -*-
-
-module ApplicationHelper
-end

data/test/rails/app-2.3.8/config/boot.rb

@@ -1,109 +0,0 @@
-# -*- encoding: binary -*-
-
-RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
-
-module Rails
-  class << self
-    def boot!
-      unless booted?
-        preinitialize
-        pick_boot.run
-      end
-    end
-
-    def booted?
-      defined? Rails::Initializer
-    end
-
-    def pick_boot
-      (vendor_rails? ? VendorBoot : GemBoot).new
-    end
-
-    def vendor_rails?
-      File.exist?("#{RAILS_ROOT}/vendor/rails")
-    end
-
-    def preinitialize
-      load(preinitializer_path) if File.exist?(preinitializer_path)
-    end
-
-    def preinitializer_path
-      "#{RAILS_ROOT}/config/preinitializer.rb"
-    end
-  end
-
-  class Boot
-    def run
-      load_initializer
-      Rails::Initializer.run(:set_load_path)
-    end
-  end
-
-  class VendorBoot < Boot
-    def load_initializer
-      require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
-      Rails::Initializer.run(:install_gem_spec_stubs)
-      Rails::GemDependency.add_frozen_gem_path
-    end
-  end
-
-  class GemBoot < Boot
-    def load_initializer
-      self.class.load_rubygems
-      load_rails_gem
-      require 'initializer'
-    end
-
-    def load_rails_gem
-      if version = self.class.gem_version
-        gem 'rails', version
-      else
-        gem 'rails'
-      end
-    rescue Gem::LoadError => load_error
-      $stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
-      exit 1
-    end
-
-    class << self
-      def rubygems_version
-        Gem::RubyGemsVersion rescue nil
-      end
-
-      def gem_version
-        if defined? RAILS_GEM_VERSION
-          RAILS_GEM_VERSION
-        elsif ENV.include?('RAILS_GEM_VERSION')
-          ENV['RAILS_GEM_VERSION']
-        else
-          parse_gem_version(read_environment_rb)
-        end
-      end
-
-      def load_rubygems
-        require 'rubygems'
-        min_version = '1.3.1'
-        unless rubygems_version >= min_version
-          $stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
-          exit 1
-        end
-
-      rescue LoadError
-        $stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
-        exit 1
-      end
-
-      def parse_gem_version(text)
-        $1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
-      end
-
-      private
-        def read_environment_rb
-          File.read("#{RAILS_ROOT}/config/environment.rb")
-        end
-    end
-  end
-end
-
-# All that for this:
-Rails.boot!

data/test/rails/app-2.3.8/config/database.yml

@@ -1,12 +0,0 @@
-development:
-  adapter: sqlite3
-  database: db/development.sqlite3
-  timeout: 5000
-test:
-  adapter: sqlite3
-  database: db/test.sqlite3
-  timeout: 5000
-production:
-  adapter: sqlite3
-  database: db/production.sqlite3
-  timeout: 5000

data/test/rails/app-2.3.8/config/environment.rb

@@ -1,17 +0,0 @@
-# -*- encoding: binary -*-
-
-unless defined? RAILS_GEM_VERSION
-  RAILS_GEM_VERSION = ENV['UNICORN_RAILS_VERSION']
-end
-
-# Bootstrap the Rails environment, frameworks, and default configuration
-require File.join(File.dirname(__FILE__), 'boot')
-
-Rails::Initializer.run do |config|
-  config.frameworks -= [ :active_resource, :action_mailer ]
-  config.action_controller.session_store = :active_record_store
-  config.action_controller.session = {
-    :session_key => "_unicorn_rails_test.#{rand}",
-    :secret => "#{rand}#{rand}#{rand}#{rand}",
-  }
-end

data/test/rails/app-2.3.8/config/environments/development.rb

@@ -1,7 +0,0 @@
-# -*- encoding: binary -*-
-
-config.cache_classes = false
-config.whiny_nils = true
-config.action_controller.consider_all_requests_local = true
-config.action_view.debug_rjs                         = true
-config.action_controller.perform_caching             = false

data/test/rails/app-2.3.8/config/environments/production.rb

@@ -1,6 +0,0 @@
-# -*- encoding: binary -*-
-
-config.cache_classes = true
-config.action_controller.consider_all_requests_local = false
-config.action_controller.perform_caching             = true
-config.action_view.cache_template_loading            = true

data/test/rails/app-2.3.8/config/routes.rb

@@ -1,6 +0,0 @@
-# -*- encoding: binary -*-
-
-ActionController::Routing::Routes.draw do |map|
-  map.connect ':controller/:action/:id'
-  map.connect ':controller/:action/:id.:format'
-end

data/test/rails/app-2.3.8/public/404.html

@@ -1 +0,0 @@
-404 Not Found

data/test/rails/app-2.3.8/public/500.html

@@ -1 +0,0 @@
-500 Internal Server Error

data/test/rails/app-2.3.8/public/x.txt

@@ -1 +0,0 @@
-HELLO