diff --git a/Rakefile b/Rakefile index ef11de51..4ca600c4 100644 --- a/Rakefile +++ b/Rakefile @@ -47,6 +47,29 @@ if !Puma.jruby? end else # Java (JRuby) + # ::Rake::JavaExtensionTask.source_files supplies the list of files to + # compile. At present, it only works with a glob prefixed with @ext_dir. + # override it so we can select the files + class ::Rake::JavaExtensionTask + def source_files + if ENV["DISABLE_SSL"] + # uses no_ssl/PumaHttp11Service.java, removes MiniSSL.java + FileList[ + File.join(@ext_dir, "no_ssl/PumaHttp11Service.java"), + File.join(@ext_dir, "org/jruby/puma/Http11.java"), + File.join(@ext_dir, "org/jruby/puma/Http11Parser.java") + ] + else + FileList[ + File.join(@ext_dir, "PumaHttp11Service.java"), + File.join(@ext_dir, "org/jruby/puma/Http11.java"), + File.join(@ext_dir, "org/jruby/puma/Http11Parser.java"), + File.join(@ext_dir, "org/jruby/puma/MiniSSL.java") + ] + end + end + end + Rake::JavaExtensionTask.new("puma_http11", gemspec) do |ext| ext.lib_dir = "lib/puma" end diff --git a/ext/puma_http11/no_ssl/PumaHttp11Service.java b/ext/puma_http11/no_ssl/PumaHttp11Service.java new file mode 100644 index 00000000..5701e83f --- /dev/null +++ b/ext/puma_http11/no_ssl/PumaHttp11Service.java @@ -0,0 +1,15 @@ +package puma; + +import java.io.IOException; + +import org.jruby.Ruby; +import org.jruby.runtime.load.BasicLibraryService; + +import org.jruby.puma.Http11; + +public class PumaHttp11Service implements BasicLibraryService { + public boolean basicLoad(final Ruby runtime) throws IOException { + Http11.createHttp11(runtime); + return true; + } +} diff --git a/ext/puma_http11/puma_http11.c b/ext/puma_http11/puma_http11.c index 962cb847..b27b2534 100644 --- a/ext/puma_http11/puma_http11.c +++ b/ext/puma_http11/puma_http11.c @@ -434,7 +434,9 @@ VALUE HttpParser_body(VALUE self) { return http->body; } +#ifdef HAVE_OPENSSL_BIO_H void Init_mini_ssl(VALUE mod); +#endif void Init_puma_http11() { @@ -463,5 +465,7 @@ void Init_puma_http11() rb_define_method(cHttpParser, "body", HttpParser_body, 0); init_common_fields(); +#ifdef HAVE_OPENSSL_BIO_H Init_mini_ssl(mPuma); +#endif } diff --git a/lib/puma.rb b/lib/puma.rb index 86f5d97a..1e8f8e2c 100644 --- a/lib/puma.rb +++ b/lib/puma.rb @@ -10,6 +10,9 @@ require 'stringio' require 'thread' +require_relative 'puma/puma_http11' +require_relative 'puma/detect' + module Puma autoload :Const, 'puma/const' autoload :Server, 'puma/server' @@ -33,4 +36,12 @@ module Puma return unless Thread.current.respond_to?(:name=) Thread.current.name = "puma #{name}" end + + unless HAS_SSL + module MiniSSL + # this class is defined so that it exists when Puma is compiled + # without ssl support, as Server and Reactor use it in rescue statements. + class SSLError < StandardError ; end + end + end end diff --git a/lib/puma/binder.rb b/lib/puma/binder.rb index ef9c24fb..805bcd0c 100644 --- a/lib/puma/binder.rb +++ b/lib/puma/binder.rb @@ -5,10 +5,16 @@ require 'socket' require 'puma/const' require 'puma/util' -require 'puma/minissl/context_builder' require 'puma/configuration' module Puma + + if HAS_SSL + require 'puma/minissl' + require 'puma/minissl/context_builder' + require 'puma/accept_nonblock' + end + class Binder include Puma::Const @@ -155,6 +161,9 @@ module Puma @listeners << [str, io] when "ssl" + + raise "Puma compiled without SSL support" unless HAS_SSL + params = Util.parse_query uri.query ctx = MiniSSL::ContextBuilder.new(params, @events).context @@ -245,9 +254,8 @@ module Puma def add_ssl_listener(host, port, ctx, optimize_for_latency=true, backlog=1024) - require 'puma/minissl' - MiniSSL.check + raise "Puma compiled without SSL support" unless HAS_SSL if host == "localhost" loopback_addresses.each do |addr| @@ -264,7 +272,6 @@ module Puma s.setsockopt(Socket::SOL_SOCKET,Socket::SO_REUSEADDR, true) s.listen backlog - ssl = MiniSSL::Server.new s, ctx env = @proto_env.dup env[HTTPS_KEY] = HTTPS @@ -275,8 +282,7 @@ module Puma end def inherit_ssl_listener(fd, ctx) - require 'puma/minissl' - MiniSSL.check + raise "Puma compiled without SSL support" unless HAS_SSL if fd.kind_of? TCPServer s = fd diff --git a/lib/puma/detect.rb b/lib/puma/detect.rb index 5e8682c9..fa57c701 100644 --- a/lib/puma/detect.rb +++ b/lib/puma/detect.rb @@ -1,6 +1,13 @@ # frozen_string_literal: true module Puma + # at present, MiniSSL::Engine is only defined in extension code, not in minissl.rb + HAS_SSL = const_defined?(:MiniSSL, false) && MiniSSL.const_defined?(:Engine, false) + + def self.ssl? + HAS_SSL + end + IS_JRUBY = defined?(JRUBY_VERSION) def self.jruby? diff --git a/lib/puma/minissl.rb b/lib/puma/minissl.rb index b0f5847f..fd212005 100644 --- a/lib/puma/minissl.rb +++ b/lib/puma/minissl.rb @@ -10,7 +10,6 @@ require 'puma/puma_http11' module Puma module MiniSSL - # define constant at runtime, as it's easy to determine at built time, # but Puma could (it shouldn't) be loaded with an older OpenSSL version HAS_TLS1_3 = !IS_JRUBY && @@ -203,8 +202,6 @@ module Puma class SSLError < StandardError # Define this for jruby even though it isn't used. end - - def self.check; end end class Context diff --git a/lib/puma/minissl/context_builder.rb b/lib/puma/minissl/context_builder.rb index 667b3ae5..f499b5b4 100644 --- a/lib/puma/minissl/context_builder.rb +++ b/lib/puma/minissl/context_builder.rb @@ -2,9 +2,6 @@ module Puma module MiniSSL class ContextBuilder def initialize(params, events) - require 'puma/minissl' - MiniSSL.check - @params = params @events = events end diff --git a/lib/puma/reactor.rb b/lib/puma/reactor.rb index 780903d2..8fcc2fa2 100644 --- a/lib/puma/reactor.rb +++ b/lib/puma/reactor.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true require 'puma/util' -require 'puma/minissl' +require 'puma/minissl' if ::Puma::HAS_SSL require 'nio' diff --git a/lib/puma/runner.rb b/lib/puma/runner.rb index 4a9a9c2a..022b39c7 100644 --- a/lib/puma/runner.rb +++ b/lib/puma/runner.rb @@ -2,7 +2,6 @@ require 'puma/server' require 'puma/const' -require 'puma/minissl/context_builder' module Puma # Generic class that is used by `Puma::Cluster` and `Puma::Single` to diff --git a/lib/puma/server.rb b/lib/puma/server.rb index 9e3ce90c..0aceb23a 100644 --- a/lib/puma/server.rb +++ b/lib/puma/server.rb @@ -9,12 +9,9 @@ require 'puma/null_io' require 'puma/reactor' require 'puma/client' require 'puma/binder' -require 'puma/accept_nonblock' require 'puma/util' require 'puma/io_buffer' -require 'puma/puma_http11' - require 'socket' require 'forwardable'