Class: Puma::Binder
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Instance Chain:
self,
Const
|
|
| Inherits: | Object |
| Defined in: | lib/puma/binder.rb |
Constant Summary
-
RACK_VERSION =
# File 'lib/puma/binder.rb', line 20[1,6].freeze
Const - Included
BANNED_HEADER_KEY, CGI_VER, CHUNKED, CHUNK_SIZE, CLOSE, CLOSE_CHUNKED, CODE_NAME, COLON, CONNECTION_CLOSE, CONNECTION_KEEP_ALIVE, CONTENT_LENGTH, CONTENT_LENGTH2, CONTENT_LENGTH_S, CONTINUE, DQUOTE, EARLY_HINTS, ERROR_RESPONSE, FAST_TRACK_KA_TIMEOUT, GATEWAY_INTERFACE, HALT_COMMAND, HEAD, HIJACK, HIJACK_IO, HIJACK_P, HTTP, HTTPS, HTTPS_KEY, HTTP_10_200, HTTP_11, HTTP_11_100, HTTP_11_200, HTTP_CONNECTION, HTTP_EXPECT, HTTP_HEADER_DELIMITER, HTTP_HOST, HTTP_VERSION, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED_PROTO, HTTP_X_FORWARDED_SCHEME, HTTP_X_FORWARDED_SSL, IANA_HTTP_METHODS, ILLEGAL_HEADER_KEY_REGEX, ILLEGAL_HEADER_VALUE_REGEX, KEEP_ALIVE, LINE_END, LOCALHOST, LOCALHOST_IPV4, LOCALHOST_IPV6, MAX_BODY, MAX_HEADER, NEWLINE, PATH_INFO, PORT_443, PORT_80, PROXY_PROTOCOL_V1_REGEX, PUMA_CONFIG, PUMA_PEERCERT, PUMA_SERVER_STRING, PUMA_SOCKET, PUMA_TMP_BASE, PUMA_VERSION, QUERY_STRING, RACK_AFTER_REPLY, RACK_INPUT, RACK_URL_SCHEME, REMOTE_ADDR, REQUEST_METHOD, REQUEST_PATH, REQUEST_URI, RESTART_COMMAND, SERVER_NAME, SERVER_PORT, SERVER_PROTOCOL, SERVER_SOFTWARE, STOP_COMMAND, SUPPORTED_HTTP_METHODS, TRANSFER_ENCODING, TRANSFER_ENCODING2, TRANSFER_ENCODING_CHUNKED, UNSPECIFIED_IPV4, UNSPECIFIED_IPV6, WRITE_TIMEOUT
Class Method Summary
Instance Attribute Summary
- #activated_sockets readonly
- #connected_ports readonly
- #envs readonly
- #inherited_fds readonly
- #ios rw
- #ios=(value) rw
- #listeners rw
- #listeners=(value) rw
- #proto_env readonly
- #unix_paths readonly
- #loopback_addresses readonly private
Instance Method Summary
- #add_ssl_listener(host, port, ctx, optimize_for_latency = true, backlog = 1024)
-
#add_tcp_listener(host, port, optimize_for_latency = true, backlog = 1024)
Tell the server to listen on host
host, portport. -
#add_unix_listener(path, umask = nil, mode = nil, backlog = 1024)
Tell the server to listen on
pathas a UNIX domain socket. - #close
- #close_listeners
-
#create_activated_fds(env_hash)
systemd socket activation.
- #create_inherited_fds(env_hash)
- #env(sock)
- #inherit_ssl_listener(fd, ctx)
- #inherit_tcp_listener(host, port, fd)
- #inherit_unix_listener(path, fd)
- #localhost_authority
- #localhost_authority_context
- #parse(binds, log_writer = nil, log_msg = 'Listening')
- #redirects_for_restart
- #redirects_for_restart_env
-
#synthesize_binds_from_activated_fs(binds, only_matching)
Synthesize binds from systemd socket activation.
- #loc_addr_str(io) private
- #socket_activation_fd(int) private
Constructor Details
.new(log_writer, conf = Configuration.new) ⇒ Binder
# File 'lib/puma/binder.rb', line 22
def initialize(log_writer, conf = Configuration.new) @log_writer = log_writer @conf = conf @listeners = [] @inherited_fds = {} @activated_sockets = {} @unix_paths = [] @proto_env = { "rack.version".freeze => RACK_VERSION, "rack.errors".freeze => log_writer.stderr, "rack.multithread".freeze => conf.[:max_threads] > 1, "rack.multiprocess".freeze => conf.[:workers] >= 1, "rack.run_once".freeze => false, RACK_URL_SCHEME => conf.[:rack_url_scheme], "SCRIPT_NAME".freeze => ENV['SCRIPT_NAME'] || "", # I'd like to set a default CONTENT_TYPE here but some things # depend on their not being a default set and inferring # it from the content. And so if i set it here, it won't # infer properly. "QUERY_STRING".freeze => "", SERVER_SOFTWARE => PUMA_SERVER_STRING, GATEWAY_INTERFACE => CGI_VER } @envs = {} @ios = [] end
Instance Attribute Details
#activated_sockets (readonly)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
#connected_ports (readonly)
# File 'lib/puma/binder.rb', line 71
def connected_ports t = ios.map { |io| io.addr[1] }; t.uniq!; t end
#envs (readonly)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
#inherited_fds (readonly)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
#ios (rw)
[ GitHub ]# File 'lib/puma/binder.rb', line 53
attr_reader :ios
#ios=(value) (rw)
#listeners (rw)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
#listeners=(value) (rw)
#loopback_addresses (readonly, private)
[ GitHub ]# File 'lib/puma/binder.rb', line 480
def loopback_addresses t = Socket.ip_address_list.select do |addrinfo| addrinfo.ipv6_loopback? || addrinfo.ipv4_loopback? end t.map! { |addrinfo| addrinfo.ip_address }; t.uniq!; t end
#proto_env (readonly)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
#unix_paths (readonly)
# File 'lib/puma/binder.rb', line 56
attr_reader :activated_sockets, :envs, :inherited_fds, :listeners, :proto_env, :unix_paths
Instance Method Details
#add_ssl_listener(host, port, ctx, optimize_for_latency = true, backlog = 1024)
[ GitHub ]# File 'lib/puma/binder.rb', line 353
def add_ssl_listener(host, port, ctx, optimize_for_latency=true, backlog=1024) raise "Puma compiled without SSL support" unless HAS_SSL # Puma will try to use local authority context if context is supplied nil ctx ||= if host == "localhost" loopback_addresses.each do |addr| add_ssl_listener addr, port, ctx, optimize_for_latency, backlog end return end host = host[1..-2] if host&.start_with? '[' s = TCPServer.new(host, port) if optimize_for_latency s.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) end s.setsockopt(Socket::SOL_SOCKET,Socket::SO_REUSEADDR, true) s.listen backlog ssl = MiniSSL::Server.new s, ctx env = @proto_env.dup env[HTTPS_KEY] = HTTPS @envs[ssl] = env @ios << ssl s end
#add_tcp_listener(host, port, optimize_for_latency = true, backlog = 1024)
Tell the server to listen on host host, port port. If optimize_for_latency is true (the default) then clients connecting will be optimized for latency over throughput.
backlog indicates how many unaccepted connections the kernel should allow to accumulate before returning connection refused.
# File 'lib/puma/binder.rb', line 325
def add_tcp_listener(host, port, optimize_for_latency=true, backlog=1024) if host == "localhost" loopback_addresses.each do |addr| add_tcp_listener addr, port, optimize_for_latency, backlog end return end host = host[1..-2] if host&.start_with? '[' tcp_server = TCPServer.new(host, port) if optimize_for_latency tcp_server.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) end tcp_server.setsockopt(Socket::SOL_SOCKET,Socket::SO_REUSEADDR, true) tcp_server.listen backlog @ios << tcp_server tcp_server end
#add_unix_listener(path, umask = nil, mode = nil, backlog = 1024)
Tell the server to listen on path as a UNIX domain socket.
# File 'lib/puma/binder.rb', line 404
def add_unix_listener(path, umask=nil, mode=nil, backlog=1024) # Let anyone connect by default umask ||= 0 begin old_mask = File.umask(umask) if File.exist? path begin old = UNIXSocket.new path rescue SystemCallError, IOError File.unlink path else old.close raise "There is already a server bound to: #{path}" end end s = UNIXServer.new path.sub(/\A@/, "\0") # check for abstract UNIXSocket s.listen backlog @ios << s ensure File.umask old_mask end if mode File.chmod mode, path end env = @proto_env.dup env[REMOTE_ADDR] = "127.0.0.1" @envs[s] = env s end
#close
[ GitHub ]# File 'lib/puma/binder.rb', line 65
def close @ios.each { |i| i.close } end
#close_listeners
[ GitHub ]# File 'lib/puma/binder.rb', line 451
def close_listeners @listeners.each do |l, io| begin io.close unless io.closed? uri = URI.parse l next unless uri.scheme == 'unix' unix_path = "#{uri.host}#{uri.path}" File.unlink unix_path if @unix_paths.include?(unix_path) && File.exist?(unix_path) rescue Errno::EBADF end end end
#create_activated_fds(env_hash)
systemd socket activation. LISTEN_FDS = number of listening sockets. e.g. 2 means accept on 2 sockets w/descriptors 3 and 4. LISTEN_PID = PID of the service process, aka us
# File 'lib/puma/binder.rb', line 89
def create_activated_fds(env_hash) @log_writer.debug "ENV['LISTEN_FDS'] #{ENV['LISTEN_FDS'].inspect} env_hash['LISTEN_PID'] #{env_hash['LISTEN_PID'].inspect}" return [] unless env_hash['LISTEN_FDS'] && env_hash['LISTEN_PID'].to_i == $$ env_hash['LISTEN_FDS'].to_i.times do |index| sock = TCPServer.for_fd(socket_activation_fd(index)) key = begin # Try to parse as a path [:unix, Socket.unpack_sockaddr_un(sock.getsockname)] rescue ArgumentError # Try to parse as a port/ip port, addr = Socket.unpack_sockaddr_in(sock.getsockname) addr = "[#{addr}]" if addr&.include? ':' [:tcp, addr, port] end @activated_sockets[key] = sock @log_writer.debug "Registered #{key.join ':'} for activation from LISTEN_FDS" end ["LISTEN_FDS", "LISTEN_PID"] # Signal to remove these keys from ENV end
#create_inherited_fds(env_hash)
# File 'lib/puma/binder.rb', line 76
def create_inherited_fds(env_hash) env_hash.select {|k,v| k =~ /PUMA_INHERIT_\d+/}.each do |_k, v| fd, url = v.split(":", 2) @inherited_fds[url] = fd.to_i end.keys # pass keys back for removal end
#env(sock)
[ GitHub ]# File 'lib/puma/binder.rb', line 61
def env(sock) @envs.fetch(sock, @proto_env) end
#inherit_ssl_listener(fd, ctx)
[ GitHub ]# File 'lib/puma/binder.rb', line 384
def inherit_ssl_listener(fd, ctx) raise "Puma compiled without SSL support" unless HAS_SSL # Puma will try to use local authority context if context is supplied nil ctx ||= s = fd.kind_of?(::TCPServer) ? fd : ::TCPServer.for_fd(fd) ssl = MiniSSL::Server.new(s, ctx) env = @proto_env.dup env[HTTPS_KEY] = HTTPS @envs[ssl] = env @ios << ssl s end
#inherit_tcp_listener(host, port, fd)
[ GitHub ]# File 'lib/puma/binder.rb', line 346
def inherit_tcp_listener(host, port, fd) s = fd.kind_of?(::TCPServer) ? fd : ::TCPServer.for_fd(fd) @ios << s s end
#inherit_unix_listener(path, fd)
[ GitHub ]# File 'lib/puma/binder.rb', line 439
def inherit_unix_listener(path, fd) s = fd.kind_of?(::TCPServer) ? fd : ::UNIXServer.for_fd(fd) @ios << s env = @proto_env.dup env[REMOTE_ADDR] = "127.0.0.1" @envs[s] = env s end
#loc_addr_str(io) (private)
[ GitHub ]# File 'lib/puma/binder.rb', line 487
def loc_addr_str(io) loc_addr = io.to_io.local_address if loc_addr.ipv6? "[#{loc_addr.ip_unpack[0]}]:#{loc_addr.ip_unpack[1]}" else loc_addr.ip_unpack.join(':') end end
#localhost_authority
[ GitHub ]#localhost_authority_context
[ GitHub ]# File 'lib/puma/binder.rb', line 306
def return unless key_path, crt_path = if [:key_path, :certificate_path].all? { |m| .respond_to?(m) } [.key_path, .certificate_path] else local_certificates_path = File.("~/.localhost") [File.join(local_certificates_path, "localhost.key"), File.join(local_certificates_path, "localhost.crt")] end MiniSSL::ContextBuilder.new({ "key" => key_path, "cert" => crt_path }, @log_writer).context end
#parse(binds, log_writer = nil, log_msg = 'Listening')
[ GitHub ]# File 'lib/puma/binder.rb', line 144
def parse(binds, log_writer = nil, log_msg = 'Listening') log_writer ||= @log_writer binds.each do |str| uri = URI.parse str case uri.scheme when "tcp" if fd = @inherited_fds.delete(str) io = inherit_tcp_listener uri.host, uri.port, fd log_writer.log "* Inherited #{str}" elsif sock = @activated_sockets.delete([ :tcp, uri.host, uri.port ]) io = inherit_tcp_listener uri.host, uri.port, sock log_writer.log "* Activated #{str}" else ios_len = @ios.length params = Util.parse_query uri.query low_latency = params.key?('low_latency') && params['low_latency'] != 'false' backlog = params.fetch('backlog', 1024).to_i io = add_tcp_listener uri.host, uri.port, low_latency, backlog @ios[ios_len..-1].each do |i| addr = loc_addr_str i log_writer.log "* #{log_msg} on http://#{addr}" end end @listeners << [str, io] if io when "unix" path = "#{uri.host}#{uri.path}".gsub("%20", " ") abstract = false if str.start_with? 'unix://@' raise "OS does not support abstract UNIXSockets" unless Puma.abstract_unix_socket? abstract = true path = "@#{path}" end if fd = @inherited_fds.delete(str) @unix_paths << path unless abstract || File.exist?(path) io = inherit_unix_listener path, fd log_writer.log "* Inherited #{str}" elsif sock = @activated_sockets.delete([ :unix, path ]) || @activated_sockets.delete([ :unix, File.realdirpath(path) ]) @unix_paths << path unless abstract || File.exist?(path) io = inherit_unix_listener path, sock log_writer.log "* Activated #{str}" else umask = nil mode = nil backlog = 1024 if uri.query params = Util.parse_query uri.query if u = params['umask'] # Use Integer() to respect the 0 prefix as octal umask = Integer(u) end if u = params['mode'] mode = Integer('0'+u) end if u = params['backlog'] backlog = Integer(u) end end @unix_paths << path unless abstract || File.exist?(path) io = add_unix_listener path, umask, mode, backlog log_writer.log "* #{log_msg} on #{str}" end @listeners << [str, io] when "ssl" cert_key = %w[cert key] raise "Puma compiled without SSL support" unless HAS_SSL params = Util.parse_query uri.query # If key and certs are not defined and localhost gem is required. # localhost gem will be used for self signed # Load localhost authority if not loaded. # Ruby 3 `values_at` accepts an array, earlier do not if params.values_at(*cert_key).all? { |v| v.to_s.empty? } ctx = && end ctx ||= begin # Extract cert_pem and key_pem from options[:store] if present cert_key.each do |v| if params[v]&.start_with?('store:') index = Integer(params.delete(v).split('store:').last) params["#{v}_pem"] = @conf.[:store][index] end end MiniSSL::ContextBuilder.new(params, @log_writer).context end if fd = @inherited_fds.delete(str) log_writer.log "* Inherited #{str}" io = inherit_ssl_listener fd, ctx elsif sock = @activated_sockets.delete([ :tcp, uri.host, uri.port ]) io = inherit_ssl_listener sock, ctx log_writer.log "* Activated #{str}" else ios_len = @ios.length backlog = params.fetch('backlog', 1024).to_i low_latency = params['low_latency'] != 'false' io = add_ssl_listener uri.host, uri.port, ctx, low_latency, backlog @ios[ios_len..-1].each do |i| addr = loc_addr_str i log_writer.log "* #{log_msg} on ssl://#{addr}?#{uri.query}" end end @listeners << [str, io] if io else log_writer.error "Invalid URI: #{str}" end end # If we inherited fds but didn't use them (because of a # configuration change), then be sure to close them. @inherited_fds.each do |str, fd| log_writer.log "* Closing unused inherited connection: #{str}" begin IO.for_fd(fd).close rescue SystemCallError end # We have to unlink a unix socket path that's not being used uri = URI.parse str if uri.scheme == "unix" path = "#{uri.host}#{uri.path}" File.unlink path end end # Also close any unused activated sockets unless @activated_sockets.empty? fds = @ios.map(&:to_i) @activated_sockets.each do |key, sock| next if fds.include? sock.to_i log_writer.log "* Closing unused activated socket: #{key.first}://#{key[1..-1].join ':'}" begin sock.close rescue SystemCallError end # We have to unlink a unix socket path that's not being used File.unlink key[1] if key.first == :unix end end end
#redirects_for_restart
[ GitHub ]# File 'lib/puma/binder.rb', line 464
def redirects_for_restart redirects = @listeners.map { |a| [a[1].to_i, a[1].to_i] }.to_h redirects[:close_others] = true redirects end
#redirects_for_restart_env
# File 'lib/puma/binder.rb', line 471
def redirects_for_restart_env @listeners.each_with_object({}).with_index do |(listen, memo), i| memo["PUMA_INHERIT_#{i}"] = "#{listen[1].to_i}:#{listen[0]}" end end
#socket_activation_fd(int) (private)
# File 'lib/puma/binder.rb', line 497
def socket_activation_fd(int) int + 3 # 3 is the magic number you add to follow the SA protocol end
#synthesize_binds_from_activated_fs(binds, only_matching)
Synthesize binds from systemd socket activation
When systemd socket activation is enabled, it can be tedious to keep the binds in sync. This method can synthesize any binds based on the received activated sockets. Any existing matching binds will be respected.
When only_matching is true in, all binds that do not match an activated socket is removed in place.
It’s a noop if no activated sockets were received.
# File 'lib/puma/binder.rb', line 117
def synthesize_binds_from_activated_fs(binds, only_matching) return binds unless activated_sockets.any? activated_binds = [] activated_sockets.keys.each do |proto, addr, port| if port tcp_url = "#{proto}://#{addr}:#{port}" ssl_url = "ssl://#{addr}:#{port}" ssl_url_prefix = "#{ssl_url}?" existing = binds.find { |bind| bind == tcp_url || bind == ssl_url || bind.start_with?(ssl_url_prefix) } activated_binds << (existing || tcp_url) else # TODO: can there be a SSL bind without a port? activated_binds << "#{proto}://#{addr}" end end if only_matching activated_binds else binds | activated_binds end end