--- /dev/null
--- /dev/null
++puma (4.3.1-1)
++
++ Several tests have been disabled by default:
++
++ - test/test_puma_server_ssl.rb has been disabled because all tests fail
++ randomly. However these tests have never been performed in puma 3.x and
++ they also work randomly. So until someone can look into them and fix them,
++ we decided to not run them (see also #921931).
++
++ - test_control_for_ssl (test/test_cli.rb) and
++ test_control_ssl (test/test_pumactl.rb) show similar issues and don't seem
++ to imply that the package fails to work. So they have been disabled too.
++
++ -- Daniel Leidert <dleidert@debian.org> Wed, 05 Feb 2020 23:51:51 +0100
--- /dev/null
--- /dev/null
++puma (5.6.5-3+deb12u1) bookworm; urgency=medium
++
++ * Team upload
++ * d/patches/
++ + CVE-2023-40175.patch: Fix CVE-2023-40175, incorrect behavior when
++ parsing chunked transfer encoding bodies and zero-length
++ Content-Length headers in a way that allowed HTTP request
++ smuggling. (Closes: #1050079)
++
++ + CVE-2024-21647.patch: Fix CVE-2024-21647 by limiting the size of
++ chunk extensions. (Closes: #1060345)
++
++ + CVE-2024-45614.patch: Fix CVE-2024-45614, clients could clobber
++ values set by intermediate proxies (such as X-Forwarded-For) by
++ providing a underscore version of the same header.
++ (Closes: #1082379)
++
++ -- Abhijith PA <abhijith@debian.org> Wed, 29 Jan 2025 07:26:33 +0530
++
++puma (5.6.5-3) unstable; urgency=medium
++
++ * Team upload.
++ * d/control (Vcs-Git): Fix URL.
++
++ -- Daniel Leidert <dleidert@debian.org> Thu, 09 Feb 2023 16:24:05 +0100
++
++puma (5.6.5-2) unstable; urgency=medium
++
++ * debian/ruby-tests.rake: skip test that fails often (Closes: #1006022)
++ * debian/ruby-tests.rake: exclude tests that fail often but not always
++
++ -- Antonio Terceiro <terceiro@debian.org> Wed, 02 Nov 2022 09:26:37 -0300
++
++puma (5.6.5-1) unstable; urgency=medium
++
++ * Update watch file for github.com pattern change
++ * New upstream version 5.6.5
++ * Refresh patches
++ * Bump Standards-Version to 4.6.1 (no changes needed)
++
++ -- Pirate Praveen <praveen@debian.org> Sun, 16 Oct 2022 22:44:46 +0530
++
++puma (5.6.4-1) unstable; urgency=medium
++
++ * New upstream version 5.6.4
++ * Refresh patches
++ * Disable some tests that fail with
++ NameError: uninitialized constant Puma::LogWriter
++ * Remove tmp/restart.txt in clean
++
++ -- Pirate Praveen <praveen@debian.org> Mon, 04 Apr 2022 13:24:10 +0530
++
++puma (5.5.2-2) unstable; urgency=medium
++
++ * Team upload
++ * debian/rules: force an UTF-8 locale
++ * debian/ruby-tests.rake: wrap lines
++ * debian/ruby-tests.rake: run all ssl tests on autopkgtest only
++ * debian/test/control: give ssl test a name
++
++ -- Antonio Terceiro <terceiro@debian.org> Tue, 02 Nov 2021 16:35:12 -0300
++
++puma (5.5.2-1) unstable; urgency=medium
++
++ * Team upload
++ * New upstream version 5.5.2
++ - Builds and tests fine again (Closes: #998295)
++ * Add build-dependency on ruby-localhost
++ * debian/rules: exclude several unnecessary files from installation
++
++ -- Antonio Terceiro <terceiro@debian.org> Tue, 02 Nov 2021 14:39:10 -0300
++
++puma (5.3.2-3) unstable; urgency=medium
++
++ * Use --gem-install layout option of dh-ruby
++
++ -- Pirate Praveen <praveen@debian.org> Tue, 12 Oct 2021 02:24:33 +0530
++
++puma (5.3.2-2) unstable; urgency=medium
++
++ * Reupload to unstable
++ * Bump Standards-Version to 4.6.0 (no changes needed)
++ * Bump debhelper compatibility level to 13
++
++ -- Pirate Praveen <praveen@debian.org> Mon, 11 Oct 2021 03:17:23 +0530
++
++puma (5.3.2-1) experimental; urgency=medium
++
++ * New upstream version 5.3.2 (Closes: #989054) (Fixes: CVE-2021-29509)
++ * Refresh patches
++
++ -- Pirate Praveen <praveen@debian.org> Fri, 28 May 2021 22:34:53 +0530
++
++puma (4.3.8-1) unstable; urgency=medium
++
++ * New upstream version 4.3.8 (Closes: #989054) (Fixes: CVE-2021-29509)
++
++ -- Pirate Praveen <praveen@debian.org> Wed, 26 May 2021 10:24:19 +0530
++
++puma (5.2.2-2) experimental; urgency=medium
++
++ * Disable test that failied on amd64 buildd
++
++ -- Pirate Praveen <praveen@debian.org> Mon, 08 Mar 2021 23:03:52 +0530
++
++puma (5.2.2-1) experimental; urgency=medium
++
++ * New upstream version 5.2.2
++ * Bump Standards-Version to 4.5.1 (no changes needed)
++ * Refresh patches for new upstream release
++ * Add ruby-minitest-stub-const as build dependency
++ * Disable failing tests
++
++ -- Pirate Praveen <praveen@debian.org> Sun, 07 Mar 2021 21:03:52 +0530
++
++puma (4.3.6-1) unstable; urgency=medium
++
++ * Team upload.
++ * New upstream version.
++ - Fixes CVE-2020-11076 and CVE-2020-11077 (closes: #972102).
++ * d/copyright: Minor update.
++ * d/puma.lintian-overrides: Add package override.
++ * d/ruby-tests.rake: Add logic to run SSL test.
++ * d/patches/*.patch: Add missing headers and refresh.
++ * d/source/lintian-overrides: Add source override.
++ * d/tests/control: Set environment variable to run the SSL tests separately
++ (similar to the solution used in the jekyll package).
++ * d/tests/test-puma-server-ssl*: Removed.
++
++ -- Daniel Leidert <dleidert@debian.org> Thu, 15 Oct 2020 20:57:29 +0200
++
++puma (4.3.3-3) unstable; urgency=medium
++
++ * Include patch from gitlab to improve performance
++
++ -- Pirate Praveen <praveen@debian.org> Tue, 18 Aug 2020 00:15:20 +0530
++
++puma (4.3.3-2) unstable; urgency=medium
++
++ [ Daniel Leidert ]
++ * debian/tests/test_puma_server_ssl,
++ debian/tests/test_puma_server_ssl.rake: Run test/test_puma_server_ssl.rb
++ in an openssl enviroment not using the Debian defaults.
++ * debian/tests/control: Add new test.
++
++ [ Debian Janitor ]
++ * Set field Upstream-Contact in debian/copyright.
++ * Remove obsolete fields Contact, Name from debian/upstream/metadata
++ (already present in machine-readable debian/copyright).
++
++ [ Pirate Praveen ]
++ * Remove debian-branch option from debian/gbp.conf
++ * Reupload to unstable
++
++ -- Pirate Praveen <praveen@debian.org> Mon, 03 Aug 2020 15:37:16 +0530
++
++puma (4.3.3-1) experimental; urgency=medium
++
++ * Team upload.
++ * New upstream release.
++ - Fixes CVE-2020-5247 (closes: #952766).
++ - Fixes CVE-2020-5249 (closes: #953122).
++ * d/control (Section): Change to web.
++ (Vcs-Git): Indicate branch name via -b debian/experimental.
++ (Homepage): Use secure URL.
++ (Depends): Use ${ruby:Depends}.
++ * d/copyright (Source): Use secure URL.
++ * d/rules: Add override to install upstream changelog.
++ * d/watch: Use package name for tarball.
++
++ -- Daniel Leidert <dleidert@debian.org> Thu, 05 Mar 2020 01:34:17 +0100
++
++puma (4.3.1-1) experimental; urgency=medium
++
++ * Team upload.
++ * New upstream release
++ - Fixes CVE-2019-16770 Keepalive thread overload/DoS (closes: #946312).
++ * d/control (Rules-Requires-Root): Set to binary-targets.
++ (Build-Depends, Depends): Add ruby-nio4r.
++ (Build-Depends): Add curl for test/test_integration_single.rb.
++ * d/ruby-tests.rake: Disable test/test_puma_server_ssl.rb.
++ * d/README.source: Add to explain tests which have been disabled.
++ * d/patches/0004-puma.gemspec-drop-git-usage.patch: Refresh patch.
++ * d/patches/0011-disable-minitest-extensions.patch: Add patch.
++ - Disable unavailable minitest extensions (retry and proveit).
++ * d/patches/0012-disable-cli-ssl-tests.patch: Add patch.
++ - Disable CLI SSL tests.
++ * d/patches/0013-fix-test-term-not-accepts-new-connections.patch: Add.
++ - Fix test_term_not_accepts_new_connections to be locale independent.
++ * d/patches/0002-test_integration-disable-test-that-fails-randomly.patch,
++ d/patches/0003-test_cli-disable-test-that-rails-randomly.patch,
++ d/patches/0005-test_puma_server-disable-test-that-fails-randomly.patch,
++ d/patches/0006-test-helper.rb-drop-bundler-usage.patch,
++ d/patches/0007-test-test_cli.rb-disable-test-that-fails-randomly.patch,
++ d/patches/0008-fix-ssl-tests.patch,
++ d/patches/0009-disable-tests-failing-in-single-cpu.patch,
++ d/patches/0010-fix-cluster-exit-for-ruby27.patch: Remove obsolete patches.
++ * d/patches/series: Adjust.
++
++ -- Daniel Leidert <dleidert@debian.org> Thu, 06 Feb 2020 11:45:11 +0100
++
++puma (3.12.4-1) unstable; urgency=medium
++
++ * Team upload.
++ * New upstream release.
++ - Fixes CVE-2020-5247 (closes: #952766).
++ - Fixes CVE-2020-5249 (closes: #953122).
++ * d/control (Section): Changed to web.
++ (Homepage): Use secure URL.
++ (Depends): Add ${ruby:Depends}.
++ * d/copyright (Source): Use secure URL.
++ * d/ruby-tests.rake: Disable test/test_puma_server_ssl.rb for the moment.
++ These tests fail due to openssl being configured to use SECLEVEL2
++ (https://github.com/puma/puma/issues/2147).
++ * d/rules: Add override to install upstream changelog.
++ * d/watch: Rename downloaded tarball to include package name.
++ * d/patches/0008-fix-ssl-tests.patch: Remove patch. Applied upstream.
++ * d/patches/CVE-2019-16770.patch: Ditto.
++ * d/patches/*.patch: Refresh patches.
++ * d/patches/series: Adjust.
++
++ -- Daniel Leidert <dleidert@debian.org> Wed, 04 Mar 2020 23:09:16 +0100
++
++puma (3.12.0-4) unstable; urgency=medium
++
++ * Team upload.
++ * d/control (Rules-Requires-Root): Set to binary-targets.
++ * d/patches/0011-disable-minitest-extensions.patch: Add patch.
++ - Disable unavailable minitest retry extension.
++ * d/patches/CVE-2019-16770.patch: Add patch.
++ - Backport fix for CVE-2019-16770 from upstream (closes: #946312).
++ * d/patches/series: Add patch.
++
++ -- Daniel Leidert <dleidert@debian.org> Thu, 06 Feb 2020 12:54:59 +0100
++
++puma (3.12.0-3) unstable; urgency=medium
++
++ * Team upload.
++ * d/compat: Remove obsolete file.
++ * d/control: Add Rules-Requires-Root field.
++ (Build-Depends): Use debhelper-compat.
++ (Standards-Version): Bump to 4.5.0.
++ (Depends): Drop ruby-interpreter.
++ * d/copyright (Format): Fix insecure-copyright-format-uri and add myself.
++ * d/puma.1, d/pumactl.1: Add manual pages.
++ * d/puma.manpages: Install manual pages.
++ * d/ruby-tests.rake: Set verbose mode.
++ * d/patches/0010-fix-cluster-exit-for-ruby27.patch: Add patch.
++ - Fix hang with Ruby >= 2.6 when shutting down workers.
++ * d/patches/series: Enable new patch.
++ * d/upstream/metadata: Add metadata.
++ * d/upstream/metadata: Add metadata.
++
++ -- Daniel Leidert <dleidert@debian.org> Wed, 05 Feb 2020 18:20:58 +0100
++
++puma (3.12.0-2) unstable; urgency=medium
++
++ * Disable tests failing in single cpu (Closes: #921931)
++
++ -- Pirate Praveen <praveen@debian.org> Sun, 10 Feb 2019 18:56:47 +0530
++
++puma (3.12.0-1) unstable; urgency=medium
++
++ [ Balint Reczey ]
++ * New upstream version 3.12.0
++ * Refresh patches
++
++ [ Pirate Praveen ]
++ * Fix OpenSSL 1.1.1 test failures with upstream patch (Closes: #900156)
++ * Bump Standards-Version to 4.3.0 (no changes needed)
++ * Add myself to uploaders
++
++ -- Pirate Praveen <praveen@debian.org> Sun, 10 Feb 2019 10:56:59 +0530
++
++puma (3.11.3-1) unstable; urgency=medium
++
++ * Team upload
++ * Remove myself from Uploaders:
++ * New upstream version 3.11.3
++ * Build against libssl-dev instead of libssl1.0-dev (Closes: #859542)
++ * Refresh packaging files with `dh-make-ruby -wo .`
++ * Bump debhelper compat to 11
++ * Change Vcs-* to point to salsa.debian.org
++ * Use standard debian/ruby-tests.rake
++ * drop build-dependency on ruby-hoe
++ * Refresh patches
++ * New patches:
++ - 0006-test-helper.rb-drop-bundler-usage.patch
++ - 0007-test-test_cli.rb-disable-test-that-fails-randomly.patch
++ * Replace 0001-test_puma_server_ssl-update-for-newer-versions-of-Op.patch
++ with 0001-test_puma_server_ssl-disable-test-that-takes-too-lon.patch
++
++
++ -- Antonio Terceiro <terceiro@debian.org> Wed, 28 Mar 2018 18:53:22 -0300
++
++puma (3.6.0-1) unstable; urgency=medium
++
++ * Initial release (Closes: #720336)
++
++ -- Antonio Terceiro <terceiro@debian.org> Thu, 10 Nov 2016 16:47:06 -0200
--- /dev/null
--- /dev/null
++tmp/restart.txt
--- /dev/null
--- /dev/null
++Source: puma
++Section: web
++Priority: optional
++Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
++Uploaders: Pirate Praveen <praveen@debian.org>
++Build-Depends: curl,
++ debhelper-compat (= 13),
++ gem2deb (>= 1.6),
++ libssl-dev,
++ rake,
++ ruby-localhost,
++ ruby-nio4r (>= 2),
++ ruby-rack (<< 3),
++ ruby-minitest-stub-const
++Standards-Version: 4.6.1
++Vcs-Git: https://salsa.debian.org/ruby-team/puma.git
++Vcs-Browser: https://salsa.debian.org/ruby-team/puma
++Homepage: https://puma.io
++Testsuite: autopkgtest-pkg-ruby
++XS-Ruby-Versions: all
++Rules-Requires-Root: binary-targets
++
++Package: puma
++Architecture: any
++XB-Ruby-Versions: ${ruby:Versions}
++Depends: ruby, ${misc:Depends}, ${ruby:Depends}, ${shlibs:Depends}
++Description: threaded HTTP 1.1 server for Ruby/Rack applications
++ Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for
++ Ruby/Rack applications. Puma is intended for use in both development and
++ production environments.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: puma
++Upstream-Contact: https://github.com/puma/puma/issues
++Source: https://github.com/puma/puma
++
++Files: *
++Copyright: 2005, Zed Shaw
++ 2011, Evan Phoenix
++License: BSD-3-clause
++
++Files: debian/*
++Copyright: 2016 Antonio Terceiro <terceiro@debian.org>
++ 2020 Daniel Leidert <dleidert@debian.org>
++License: BSD-3-clause
++Comment: The Debian packaging is licensed under the same terms as the source.
++
++License: BSD-3-clause
++ All rights reserved.
++ .
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions are met:
++ .
++ * Redistributions of source code must retain the above copyright notice, this
++ list of conditions and the following disclaimer.
++ * Redistributions in binary form must reproduce the above copyright notice
++ this list of conditions and the following disclaimer in the documentation
++ and/or other materials provided with the distribution.
++ * Neither the name of the Evan Phoenix nor the names of its contributors
++ may be used to endorse or promote products derived from this software
++ without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
++ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
++ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
++ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null
--- /dev/null
++[DEFAULT]
++pristine-tar = true
++verbose = true
--- /dev/null
--- /dev/null
++From: Antonio Terceiro <terceiro@softwarelivre.org>
++Date: Wed, 5 Feb 2020 21:36:05 +0100
++Subject: Drop git usage from gemspec
++
++Forwarded: not-needed
++---
++ puma.gemspec | 3 +--
++ 1 file changed, 1 insertion(+), 2 deletions(-)
++
++--- a/puma.gemspec
+++++ b/puma.gemspec
++@@ -13,8 +13,7 @@
++ if RbConfig::CONFIG['ruby_version'] >= '2.5'
++ s.metadata["msys2_mingw_dependencies"] = "openssl"
++ end
++- s.files = `git ls-files -- bin docs ext lib tools`.split("\n") +
++- %w[History.md LICENSE README.md]
+++ s.files = Dir.glob('**/*').reject { |f| f =~ /^debian\//}
++ s.homepage = "https://puma.io"
++
++ if s.respond_to?(:metadata=)
--- /dev/null
--- /dev/null
++From: Daniel Leidert <daniel.leidert@wgdd.de>
++Date: Wed, 5 Feb 2020 22:20:42 +0100
++Subject: Disable unavailable minitest extensions
++
++Forwarded: not-needed
++---
++ test/helper.rb | 8 ++++----
++ 1 file changed, 4 insertions(+), 4 deletions(-)
++
++--- a/test/helper.rb
+++++ b/test/helper.rb
++@@ -14,7 +14,6 @@
++ require_relative "minitest/verbose"
++ require "minitest/autorun"
++ require "minitest/pride"
++-require "minitest/proveit"
++ require "minitest/stub_const"
++ require "net/http"
++ require_relative "helpers/apps"
++@@ -102,10 +101,6 @@
++ end
++
++ Minitest::Test.prepend TimeoutEveryTestCase
++-if ENV['CI']
++- require 'minitest/retry'
++- Minitest::Retry.use!
++-end
++
++ module TestSkips
++
++@@ -178,7 +173,7 @@
++ REPO_NAME = ENV['GITHUB_REPOSITORY'] ? ENV['GITHUB_REPOSITORY'][/[^\/]+\z/] : 'puma'
++
++ def self.run(reporter, options = {}) # :nodoc:
++- prove_it!
+++ #prove_it!
++ super
++ end
++
--- /dev/null
--- /dev/null
++From: Daniel Leidert <daniel.leidert@wgdd.de>
++Date: Wed, 5 Feb 2020 23:18:37 +0100
++Subject: Disable cli ssl tests
++
++Forwarded: not-needed
++---
++ test/test_cli.rb | 2 +-
++ test/test_pumactl.rb | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++--- a/test/test_pumactl.rb
+++++ b/test/test_pumactl.rb
++@@ -223,7 +223,7 @@
++ refute_includes log, 'send_request'
++ end
++
++- def test_control_ssl
+++ def __test_control_ssl
++ skip_unless :ssl
++
++ host = "127.0.0.1"
--- /dev/null
--- /dev/null
++From: Daniel Leidert <daniel.leidert@wgdd.de>
++Date: Thu, 6 Feb 2020 11:24:24 +0100
++Subject: Fix test to read output locale independent
++
++The test fails if run in a non-English environment.
++---
++ test/test_integration_single.rb | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++--- a/test/test_integration_single.rb
+++++ b/test/test_integration_single.rb
++@@ -76,7 +76,7 @@
++ true while @server.gets !~ /Gracefully stopping/ # wait for server to begin graceful shutdown
++
++ # Invoke a request which must be rejected
++- _stdin, _stdout, rejected_curl_stderr, rejected_curl_wait_thread = Open3.popen3("curl #{HOST}:#{@tcp_port}")
+++ _stdin, _stdout, rejected_curl_stderr, rejected_curl_wait_thread = Open3.popen3({ "LC_ALL" => "C" }, "curl http://#{HOST}:#{@tcp_port}")
++
++ assert nil != Process.getpgid(@server.pid) # ensure server is still running
++ assert nil != Process.getpgid(curl_wait_thread[:pid]) # ensure first curl invocation still in progress
--- /dev/null
--- /dev/null
++This test failed on amd64 buildd
++https://buildd.debian.org/status/fetch.php?pkg=puma&arch=amd64&ver=5.2.2-1&stamp=1615133735&raw=0
++
++--- a/test/test_puma_server.rb
+++++ b/test/test_puma_server.rb
++@@ -1294,7 +1294,7 @@
++ end
++ end
++
++- def test_command_ignored_before_run
+++ def __test_command_ignored_before_run
++ @server.stop # ignored
++ @server.run
++ @server.halt
--- /dev/null
--- /dev/null
++From 7405a219801dcebc0ad6e0aa108d4319ca23f662 Mon Sep 17 00:00:00 2001
++From: Nate Berkopec <nate.berkopec@gmail.com>
++Date: Fri, 18 Aug 2023 09:47:23 +0900
++Subject: [PATCH] Merge pull request from GHSA-68xg-gqqm-vgj8
++
++* Reject empty string for Content-Length
++
++* Ignore trailers in last chunk
++
++* test_puma_server.rb - use heredoc, test_cl_and_te_smuggle
++
++* client.rb - stye/RubyCop
++
++* test_puma_server.rb - indented heredoc rubocop disable
++
++* Dentarg comments
++
++* Remove unused variable
++
++---------
++
++Co-authored-by: MSP-Greg <Greg.mpls@gmail.com>
++---
++ lib/puma/client.rb | 23 ++++++++++++++--------
++ test/test_puma_server.rb | 42 +++++++++++++++++++++++++++++++++++++++-
++ 2 files changed, 56 insertions(+), 9 deletions(-)
++
++diff --git a/lib/puma/client.rb b/lib/puma/client.rb
++index e966f995e8..9c11912caa 100644
++--- a/lib/puma/client.rb
+++++ b/lib/puma/client.rb
++@@ -45,7 +45,8 @@ class Client
++
++ # chunked body validation
++ CHUNK_SIZE_INVALID = /[^\h]/.freeze
++- CHUNK_VALID_ENDING = "\r\n".freeze
+++ CHUNK_VALID_ENDING = Const::LINE_END
+++ CHUNK_VALID_ENDING_SIZE = CHUNK_VALID_ENDING.bytesize
++
++ # Content-Length header value validation
++ CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
++@@ -347,8 +348,8 @@ def setup_body
++ cl = @env[CONTENT_LENGTH]
++
++ if cl
++- # cannot contain characters that are not \d
++- if cl =~ CONTENT_LENGTH_VALUE_INVALID
+++ # cannot contain characters that are not \d, or be empty
+++ if cl =~ CONTENT_LENGTH_VALUE_INVALID || cl.empty?
++ raise HttpParserError, "Invalid Content-Length: #{cl.inspect}"
++ end
++ else
++@@ -509,7 +510,7 @@ def decode_chunk(chunk)
++
++ while !io.eof?
++ line = io.gets
++- if line.end_with?("\r\n")
+++ if line.end_with?(CHUNK_VALID_ENDING)
++ # Puma doesn't process chunk extensions, but should parse if they're
++ # present, which is the reason for the semicolon regex
++ chunk_hex = line.strip[/\A[^;]+/]
++@@ -521,13 +522,19 @@ def decode_chunk(chunk)
++ @in_last_chunk = true
++ @body.rewind
++ rest = io.read
++- last_crlf_size = "\r\n".bytesize
++- if rest.bytesize < last_crlf_size
+++ if rest.bytesize < CHUNK_VALID_ENDING_SIZE
++ @buffer = nil
++- @partial_part_left = last_crlf_size - rest.bytesize
+++ @partial_part_left = CHUNK_VALID_ENDING_SIZE - rest.bytesize
++ return false
++ else
++- @buffer = rest[last_crlf_size..-1]
+++ # if the next character is a CRLF, set buffer to everything after that CRLF
+++ start_of_rest = if rest.start_with?(CHUNK_VALID_ENDING)
+++ CHUNK_VALID_ENDING_SIZE
+++ else # we have started a trailer section, which we do not support. skip it!
+++ rest.index(CHUNK_VALID_ENDING*2) + CHUNK_VALID_ENDING_SIZE*2
+++ end
+++
+++ @buffer = rest[start_of_rest..-1]
++ @buffer = nil if @buffer.empty?
++ set_ready
++ return true
++diff --git a/test/test_puma_server.rb b/test/test_puma_server.rb
++index 298e44b439..2bfaf98848 100644
++--- a/test/test_puma_server.rb
+++++ b/test/test_puma_server.rb
++@@ -627,7 +627,7 @@ def test_large_chunked_request
++ [200, {}, [""]]
++ }
++
++- header = "GET / HTTP/1.1\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n"
+++ header = "GET / HTTP/1.1\r\nConnection: close\r\nContent-Length: 200\r\nTransfer-Encoding: chunked\r\n\r\n"
++
++ chunk_header_size = 6 # 4fb8\r\n
++ # Current implementation reads one chunk of CHUNK_SIZE, then more chunks of size 4096.
++@@ -1365,4 +1365,44 @@ def test_rack_url_scheme_user
++ data = send_http_and_read "GET / HTTP/1.0\r\n\r\n"
++ assert_equal "user", data.split("\r\n").last
++ end
+++
+++ def test_cl_empty_string
+++ server_run do |env|
+++ [200, {}, [""]]
+++ end
+++
+++ empty_cl_request = "GET / HTTP/1.1\r\nHost: localhost\r\nContent-Length:\r\n\r\nGET / HTTP/1.1\r\nHost: localhost\r\n\r\n"
+++
+++ data = send_http_and_read empty_cl_request
+++ assert_operator data, :start_with?, 'HTTP/1.1 400 Bad Request'
+++ end
+++
+++ def test_crlf_trailer_smuggle
+++ server_run do |env|
+++ [200, {}, [""]]
+++ end
+++
+++ smuggled_payload = "GET / HTTP/1.1\r\nTransfer-Encoding: chunked\r\nHost: whatever\r\n\r\n0\r\nX:POST / HTTP/1.1\r\nHost: whatever\r\n\r\nGET / HTTP/1.1\r\nHost: whatever\r\n\r\n"
+++
+++ data = send_http_and_read smuggled_payload
+++ assert_equal 2, data.scan("HTTP/1.1 200 OK").size
+++ end
+++
+++ # test to check if content-length is ignored when 'transfer-encoding: chunked'
+++ # is used. See also test_large_chunked_request
+++ def test_cl_and_te_smuggle
+++ body = nil
+++ server_run { |env|
+++ body = env['rack.input'].read
+++ [200, {}, [""]]
+++ }
+++
+++ req = "POST /search HTTP/1.1\r\nHost: vulnerable-website.com\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 4\r\nTransfer-Encoding: chunked\r\n\r\n7b\r\nGET /404 HTTP/1.1\r\nHost: vulnerable-website.com\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 144\r\n\r\nx=\r\n0\r\n\r\n"
+++
+++ data = send_http_and_read req
+++
+++ assert_includes body, "GET /404 HTTP/1.1\r\n"
+++ assert_includes body, "Content-Length: 144\r\n"
+++ assert_equal 1, data.scan("HTTP/1.1 200 OK").size
+++ end
++ end
--- /dev/null
--- /dev/null
++From bbb880ffb6debbfdea535b4b3eb2204d49ae151d Mon Sep 17 00:00:00 2001
++From: Nate Berkopec <nate.berkopec@gmail.com>
++Date: Mon, 8 Jan 2024 14:48:43 +0900
++Subject: [PATCH] Merge pull request from GHSA-c2f4-cvqm-65w2
++
++Co-authored-by: MSP-Greg <MSP-Greg@users.noreply.github.com>
++Co-authored-by: Patrik Ragnarsson <patrik@starkast.net>
++Co-authored-by: Evan Phoenix <evan@phx.io>
++---
++ lib/puma/client.rb | 27 +++++++++++++++++++++++++++
++ test/test_puma_server.rb | 14 ++++++++++++++
++ 2 files changed, 41 insertions(+)
++
++--- a/lib/puma/client.rb
+++++ b/lib/puma/client.rb
++@@ -48,6 +48,14 @@ module Puma
++ CHUNK_VALID_ENDING = Const::LINE_END
++ CHUNK_VALID_ENDING_SIZE = CHUNK_VALID_ENDING.bytesize
++
+++ # The maximum number of bytes we'll buffer looking for a valid
+++ # chunk header.
+++ MAX_CHUNK_HEADER_SIZE = 4096
+++
+++ # The maximum amount of excess data the client sends
+++ # using chunk size extensions before we abort the connection.
+++ MAX_CHUNK_EXCESS = 16 * 1024
+++
++ # Content-Length header value validation
++ CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
++
++@@ -460,6 +468,7 @@ module Puma
++ @chunked_body = true
++ @partial_part_left = 0
++ @prev_chunk = ""
+++ @excess_cr = 0
++
++ @body = Tempfile.new(Const::PUMA_TMP_BASE)
++ @body.unlink
++@@ -541,6 +550,20 @@ module Puma
++ end
++ end
++
+++ # Track the excess as a function of the size of the
+++ # header vs the size of the actual data. Excess can
+++ # go negative (and is expected to) when the body is
+++ # significant.
+++ # The additional of chunk_hex.size and 2 compensates
+++ # for a client sending 1 byte in a chunked body over
+++ # a long period of time, making sure that that client
+++ # isn't accidentally eventually punished.
+++ @excess_cr += (line.size - len - chunk_hex.size - 2)
+++
+++ if @excess_cr >= MAX_CHUNK_EXCESS
+++ raise HttpParserError, "Maximum chunk excess detected"
+++ end
+++
++ len += 2
++
++ part = io.read(len)
++@@ -568,6 +591,10 @@ module Puma
++ @partial_part_left = len - part.size
++ end
++ else
+++ if @prev_chunk.size + chunk.size >= MAX_CHUNK_HEADER_SIZE
+++ raise HttpParserError, "maximum size of chunk header exceeded"
+++ end
+++
++ @prev_chunk = line
++ return false
++ end
++--- a/test/test_puma_server.rb
+++++ b/test/test_puma_server.rb
++@@ -648,6 +648,20 @@ EOF
++ end
++ end
++
+++ def test_large_chunked_request_header
+++ server_run(environment: :production) { |env|
+++ [200, {}, [""]]
+++ }
+++
+++ max_chunk_header_size = Puma::Client::MAX_CHUNK_HEADER_SIZE
+++ header = "GET / HTTP/1.1\r\nConnection: close\r\nContent-Length: 200\r\nTransfer-Encoding: chunked\r\n\r\n"
+++ socket = send_http "#{header}1;t#{'x' * (max_chunk_header_size + 2)}"
+++
+++ data = socket.read
+++
+++ assert_match "HTTP/1.1 400 Bad Request\r\n\r\n", data
+++ end
+++
++ def test_chunked_request_pause_before_value
++ body = nil
++ content_length = nil
--- /dev/null
--- /dev/null
++From cac3fd18cf29ed43719ff5d52d9cfec215f0a043 Mon Sep 17 00:00:00 2001
++From: Evan Phoenix <evan@phx.io>
++Date: Wed, 18 Sep 2024 21:56:07 -0700
++Subject: [PATCH] Merge commit from fork
++
++* Prevent underscores from clobbering hyphen headers
++
++* Special case encoding headers to prevent app confusion
++
++* Handle _ as , in jruby as well
++
++* Silence RuboCop offense
++
++---------
++
++Co-authored-by: Patrik Ragnarsson <patrik@starkast.net>
++---
++ ext/puma_http11/org/jruby/puma/Http11.java | 2 +
++ lib/puma/const.rb | 8 +++
++ lib/puma/request.rb | 19 ++++++--
++ test/test_normalize.rb | 57 ++++++++++++++++++++++
++ test/test_request_invalid.rb | 28 +++++++++++
++ 5 files changed, 111 insertions(+), 3 deletions(-)
++ create mode 100644 test/test_normalize.rb
++
++--- a/ext/puma_http11/org/jruby/puma/Http11.java
+++++ b/ext/puma_http11/org/jruby/puma/Http11.java
++@@ -99,6 +99,8 @@ public class Http11 extends RubyObject {
++ int bite = b.get(i) & 0xFF;
++ if(bite == '-') {
++ b.set(i, (byte)'_');
+++ } else if(bite == '_') {
+++ b.set(i, (byte)',');
++ } else {
++ b.set(i, (byte)Character.toUpperCase(bite));
++ }
++--- a/lib/puma/const.rb
+++++ b/lib/puma/const.rb
++@@ -244,6 +244,14 @@ module Puma
++ # header values can contain HTAB?
++ ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
++
+++ # The keys of headers that should not be convert to underscore
+++ # normalized versions. These headers are ignored at the request reading layer,
+++ # but if we normalize them after reading, it's just confusing for the application.
+++ UNMASKABLE_HEADERS = {
+++ "HTTP_TRANSFER,ENCODING" => true,
+++ "HTTP_CONTENT,LENGTH" => true,
+++ }
+++
++ # Banned keys of response header
++ BANNED_HEADER_KEY = /\A(rack\.|status\z)/.freeze
++
++--- a/lib/puma/request.rb
+++++ b/lib/puma/request.rb
++@@ -318,6 +318,11 @@ module Puma
++ # compatibility, we'll convert them back. This code is written to
++ # avoid allocation in the common case (ie there are no headers
++ # with `,` in their names), that's why it has the extra conditionals.
+++ #
+++ # @note If a normalized version of a `,` header already exists, we ignore
+++ # the `,` version. This prevents clobbering headers managed by proxies
+++ # but not by clients (Like X-Forwarded-For).
+++ #
++ # @param env [Hash] see Puma::Client#env, from request, modifies in place
++ # @version 5.0.3
++ #
++@@ -326,23 +331,30 @@ module Puma
++ to_add = nil
++
++ env.each do |k,v|
++- if k.start_with?("HTTP_") and k.include?(",") and k != "HTTP_TRANSFER,ENCODING"
+++ if k.start_with?("HTTP_") and k.include?(",") and !UNMASKABLE_HEADERS.key?(k)
++ if to_delete
++ to_delete << k
++ else
++ to_delete = [k]
++ end
++
+++ new_k = k.tr(",", "_")
+++ if env.key?(new_k)
+++ next
+++ end
+++
++ unless to_add
++ to_add = {}
++ end
++
++- to_add[k.tr(",", "_")] = v
+++ to_add[new_k] = v
++ end
++ end
++
++ if to_delete
++ to_delete.each { |k| env.delete(k) }
+++ end
+++ if to_add
++ env.merge! to_add
++ end
++ end
++--- /dev/null
+++++ b/test/test_normalize.rb
++@@ -0,0 +1,57 @@
+++# frozen_string_literal: true
+++
+++require_relative "helper"
+++
+++require "puma/request"
+++
+++class TestNormalize < Minitest::Test
+++ parallelize_me!
+++
+++ include Puma::Request
+++
+++ def test_comma_headers
+++ env = {
+++ "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
+++ "HTTP_X_FORWARDED,FOR" => "2.2.2.2",
+++ }
+++
+++ req_env_post_parse env
+++
+++ expected = {
+++ "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
+++ }
+++
+++ assert_equal expected, env
+++
+++ # Test that the iteration order doesn't matter
+++
+++ env = {
+++ "HTTP_X_FORWARDED,FOR" => "2.2.2.2",
+++ "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
+++ }
+++
+++ req_env_post_parse env
+++
+++ expected = {
+++ "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
+++ }
+++
+++ assert_equal expected, env
+++ end
+++
+++ def test_unmaskable_headers
+++ env = {
+++ "HTTP_CONTENT,LENGTH" => "100000",
+++ "HTTP_TRANSFER,ENCODING" => "chunky"
+++ }
+++
+++ req_env_post_parse env
+++
+++ expected = {
+++ "HTTP_CONTENT,LENGTH" => "100000",
+++ "HTTP_TRANSFER,ENCODING" => "chunky"
+++ }
+++
+++ assert_equal expected, env
+++ end
+++end
++--- a/test/test_request_invalid.rb
+++++ b/test/test_request_invalid.rb
++@@ -216,4 +216,32 @@ class TestRequestInvalid < Minitest::Tes
++
++ assert_status data
++ end
+++
+++ def test_underscore_header_1
+++ hdrs = [
+++ "X-FORWARDED-FOR: 1.1.1.1", # proper
+++ "X-FORWARDED-FOR: 2.2.2.2", # proper
+++ "X_FORWARDED-FOR: 3.3.3.3", # invalid, contains underscore
+++ "Content-Length: 5",
+++ ].join "\r\n"
+++
+++ response = send_http_and_read "#{GET_PREFIX}#{hdrs}\r\n\r\nHello\r\n\r\n"
+++
+++ assert_includes response, "HTTP_X_FORWARDED_FOR = 1.1.1.1, 2.2.2.2"
+++ refute_includes response, "3.3.3.3"
+++ end
+++
+++ def test_underscore_header_2
+++ hdrs = [
+++ "X_FORWARDED-FOR: 3.3.3.3", # invalid, contains underscore
+++ "X-FORWARDED-FOR: 2.2.2.2", # proper
+++ "X-FORWARDED-FOR: 1.1.1.1", # proper
+++ "Content-Length: 5",
+++ ].join "\r\n"
+++
+++ response = send_http_and_read "#{GET_PREFIX}#{hdrs}\r\n\r\nHello\r\n\r\n"
+++
+++ assert_includes response, "HTTP_X_FORWARDED_FOR = 2.2.2.2, 1.1.1.1"
+++ refute_includes response, "3.3.3.3"
+++ end
++ end
--- /dev/null
--- /dev/null
++0004-puma.gemspec-drop-git-usage.patch
++0011-disable-minitest-extensions.patch
++0012-disable-cli-ssl-tests.patch
++0013-fix-test-term-not-accepts-new-connections.patch
++0014-disable-test-failing-on-amd64.patch
++CVE-2023-40175.patch
++CVE-2024-21647.patch
++CVE-2024-45614.patch
--- /dev/null
--- /dev/null
++.TH PUMA "1" "January 2020" "PUMA 3.12" "User Commands"
++
++.SH NAME
++puma \- fast, concurrent web server for ruby and rack
++
++.SH USAGE
++.BI "puma [options...]" " [rackup file]"
++.PP
++.B puma [\-h | \-\-help | \-V | \-\-version]
++
++.SH OPTIONS
++.PP
++The following options are available:
++.TP
++.BI "\-b, \-\-bind " URI
++URI to bind to (tcp://, unix://, ssl://).
++.TP
++.BI "\-C, \-\-config " PATH
++Load given path as a config file.
++.TP
++.BI "\-\-control " URL
++DEPRECATED alias for \fB\-\-control\-url\fR.
++.TP
++.BI "\-\-control\-token " TOKEN
++The \fITOKEN\fR to use as authentication for the control server.
++.TP
++.BI "\-\-control\-url " URL
++The bind \fIURL\fR to use for the control server and app. Use \fIauto\fR to
++use a temp unix server. This requires to use a \fB\-\-control\-token\fR, which
++needs to be given with every request to the control server (\fItoken=foo\fR).
++.TP
++.B \-d, \-\-daemon
++Demonize the server into the background.
++.TP
++.B \-\-debug
++Show low level debugging information.
++.TP
++.BI "\-\-dir " DIR
++Change to given directory before starting.
++.TP
++.BI "\-e, \-\-environment " ENVIRONMENT
++The environment to run the Rack app on. Default \fIdevelopment\fR.
++.TP
++.BI "\-I, \-\-include " PATH
++Specify \fB$LOAD_PATH\fR directories.
++.TP
++.BI "\-p, \-\-port " PORT
++Define the TCP port to bind to. Use \fB\-b\fR for more advanced options.
++.TP
++.BI "\-\-pidfile " PATH
++Use the given path as PID file.
++.TP
++.B \-\-preload
++Preload the application. This loads all the application code prior to forking.
++Preloading reduces total memory usage of an application and is only available
++in cluster mode.
++.TP
++.B \-\-prune\-bundler
++Prune out the bundler env if possible.
++.TP
++.B \-q, \-\-quiet
++Do not log requests internally. Default: \fItrue\fR.
++.TP
++.B \-v, \-\-log-requests
++Log requests as they occur.
++.TP
++.BI "\-R, \-\-restart\-cmd " CMD
++The \fBpuma\fR command to run during a hot restart. Default: \fIinferred\fR.
++.TP
++.BI "\-S, \-\-state " PATH
++Where to store the state details.
++.TP
++.BI "\-t, \-\-threads " INT
++Min:max threads to use. Puma will automatically scale the number of threads,
++from the minimum until it caps out at the maximum, based on how much traffic
++is present. Default: \fI0:16\fR.
++.TP
++.B \-\-tcp\-mode
++Run the app in raw TCP mode instead of HTTP mode.
++.TP
++.B \-\-early-hints
++Enable early hints support.
++.TP
++.BI "\-w, \-\-workers " COUNT
++Activate cluster mode and define number of worker processes to create. In this
++mode workers are forked from a master process. Each child process still has
++its own thread pool and the \fB\-t\fR setting is per worker.
++.TP
++.BI "\-\-tag " NAME
++Additional text to display in process listing.
++.TP
++.BI "\-\-redirect\-stdout " FILE
++Redirect \fBSTDOUT\fR to a specific file.
++.TP
++.BI "\-\-redirect\-stderr " FILE
++Redirect \fBSTDERR\fR to a specific file.
++.TP
++.B \-\-[no\-]redirect\-append
++Append to redirected files.
++.TP
++.B \-h, \-\-help
++Show help.
++.TP
++.B \-V, \-\-version
++Print the version information.
++
++.SH EXAMPLES
++.PP
++The following examples show how to bind TCP or sockets:
++.PP
++Bind Puma to a socket with the -b (or --bind) flag:
++.RS
++.B puma -b tcp://127.0.0.1:9292
++.RE
++.PP
++To use a UNIX Socket instead of TCP:
++.RS
++.B puma -b unix:///var/run/puma.sock
++.RE
++.PP
++To change the permissions of the UNIX socket, add a umask parameter:
++.RS
++.B puma -b 'unix:///var/run/puma.sock?umask=0111'
++.RE
++.PP
++In need of a bit of security use SSL sockets:
++.RS
++.B puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'
++.RE
++.PP
++The following example show how to Create a control server and use
++.BR pumactl (1)
++to interact with the control server to restart \fBpuma\fR.
++.RS
++.B puma --control-url tcp://127.0.0.1:9293 --control-token foo
++.br
++.B pumactl --control-url 'tcp://127.0.0.1:9293' --control-token foo restart
++.RE
++.PP
++
++.SH "CONFIGURATION FILE"
++.B puma
++will look for a configuration file at \fIconfig/puma.rb\fR. If an environment
++is specified, either via the \fB\-e\fR and \fB\-\-environment\fR flags, or
++through the \fIRACK_ENV\fR or the \fIRAILS_ENV\fR environment variables, it
++looks for configuration at \fIconfig/puma/<environment_name>.rb\fR.
++.PP
++The \fB\-C\fR flag allows one to pass on a custom configuration location. If
++the value specified is a dash (\fI\-\fR) \fBpuma\fR won't look for any
++configuration file:
++.PP
++.RS
++.B puma -C \(dq\-\(dq
++.RE
++
++.SH "SEE ALSO"
++.PP
++There is extensive documentation at <\%https://puma.io/puma/\%> and
++<\%https://github.com/puma/puma\%>.
++
++.SH AUTHOR
++.PP
++This manual page was written by \fBDaniel Leidert\fP
++<\%dleidert@debian\.org\%>, for the Debian GNU/Linux system (but may be used by
++others).
--- /dev/null
--- /dev/null
++README.md
--- /dev/null
--- /dev/null
++examples/*
--- /dev/null
--- /dev/null
++# this is one of several sub-directories; no need to rename it
++repeated-path-segment puma usr/share/doc/puma/examples/puma/
--- /dev/null
--- /dev/null
++debian/puma.1
++debian/pumactl.1
++
--- /dev/null
--- /dev/null
++.TH PUMA "1" "January 2020" "PUMA 3.12" "User Commands"
++
++.SH NAME
++pumactl \- command line client for puma
++
++.SH USAGE
++.B pumactl [options...] [commands]
++.PP
++.B pumactl [\-h | \-\-help | \-V | \-\-version]
++
++.SH COMMANDS
++.TP
++.B halt
++Halt the server.
++.TP
++.B restart
++Restart the server.
++.TP
++.B phased-restart
++Restart server but phase out old workers while starting new workers one at a
++time.
++.TP
++.B start
++Start the server.
++.TP
++.B stats
++Show stats about the server.
++.TP
++.B status
++Show server status.
++.TP
++.B stop
++Stop server.
++.TP
++.B reload-worker-directory
++Reload the worker directory.
++.TP
++.B gc
++Start garbage collector.
++.TP
++.B gc-stats
++Show information about garbage collector.
++
++.SH OPTIONS
++.PP
++The following options are available:
++.TP
++.BI "\-F, \-\-config\-file " PATH
++Load given path as a config file.
++.TP
++.BI "\-T, \-\-control\-token " TOKEN
++The \fITOKEN\fR to use as authentication for the control server.
++.TP
++.BI "\-C, \-\-control\-url " URL
++The bind \fIURL\fR to use for the control server and app. Use \fIauto\fR to
++use a temp unix server. This requires to use a \fB\-\-control\-token\fR, which
++needs to be given with every request to the control server (\fItoken=foo\fR).
++.TP
++.BI "\-p, \-\-pid " PID
++Define the TCP port to bind to. Use \fB\-b\fR for more advanced options.
++.TP
++.BI "\-P, \-\-pidfile " PATH
++Use the given path as PID file.
++.TP
++.B \-Q, \-\-quiet
++Don't display messages.
++.TP
++.BI "\-S, \-\-state " PATH
++Where the state file is.
++.TP
++.B \-H, \-\-help
++Show help.
++.TP
++.B \-V, \-\-version
++Print the version information.
++
++.SH EXAMPLES
++Create a control server and use
++.BR pumactl (1)
++to interact with the control server to restart \fBpuma\fR.
++.RS
++.B puma --control-url tcp://127.0.0.1:9293 --control-token foo
++.br
++.B pumactl --control-url 'tcp://127.0.0.1:9293' --control-token foo restart
++.RE
++.PP
++
++.SH "SEE ALSO"
++.PP
++.BR puma (1)
++.PP
++There is extensive documentation at <\%https://puma.io/puma/\%> and
++<\%https://github.com/puma/puma\%>.
++
++.SH AUTHOR
++.PP
++This manual page was written by \fBDaniel Leidert\fP
++<\%dleidert@debian\.org\%>, for the Debian GNU/Linux system (but may be used by
++others).
--- /dev/null
--- /dev/null
++require 'gem2deb/rake/testtask'
++
++Gem2Deb::Rake::TestTask.new do |t|
++ t.libs = ['test']
++ if ENV['AUTOPKGTEST_TEST_PUMA_SERVER_SSL']
++ ENV['OPENSSL_CONF'] = '' # https://github.com/puma/puma/issues/2147
++ t.test_files = FileList['test/test_*_ssl.rb']
++ else
++ t.test_files = FileList['test/**/*_test.rb'] + FileList['test/**/test_*.rb'] - FileList[
++ 'test/test_*ssl.rb',
++ 'test/test_integration_systemd.rb',
++ 'test/test_integration_cluster.rb',
++ 'test/test_integration_pumactl.rb',
++ 'test/test_worker_gem_independence.rb',
++ 'test/test_preserve_bundler_env.rb',
++ 'test/test_request_invalid.rb',
++ 'test/test_busy_worker.rb',
++ ]
++ end
++ t.verbose = true
++end.tap do |t|
++ exclude = %w[
++ test_application_logs_are_flushed_on_write
++ test_hot_restart_does_not_drop_connections
++ test_logs_all_localhost_bindings
++ test_multiple_requests_waiting_on_less_busy_worker
++ test_term_not_accepts_new_connections
++ ]
++ t.options << ' ' << "-e'/" << exclude.join('|') << "/'"
++end
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++
++export GEM2DEB_TEST_RUNNER = --check-dependencies
++export DH_RUBY = --gem-install
++export DH_RUBY_GEM_INSTALL_EXCLUDE = benchmarks/* docs/* win_gem_test/* tools/* bin/puma-wild
++export LANG = C.UTF-8
++
++%:
++ dh $@ --buildsystem=ruby --with ruby
++
++override_dh_installchangelogs:
++ dh_installchangelogs History.md
--- /dev/null
--- /dev/null
++---
++include:
++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++# no signed tarballs by upstream
++puma source: debian-watch-does-not-check-gpg-signature
--- /dev/null
--- /dev/null
++Test-Command: export AUTOPKGTEST_TEST_PUMA_SERVER_SSL=1 && gem2deb-test-runner --check-dependencies --autopkgtest
++Depends: @, @builddeps@
++Restrictions: allow-stderr
++Features: test-name=ssl
--- /dev/null
--- /dev/null
++---
++Archive: GitHub
++Bug-Database: https://github.com/puma/puma/issues
++Bug-Submit: https://github.com/puma/puma/issues
++Changelog: https://github.com/puma/puma/tags
++Repository: https://github.com/puma/puma.git
++Repository-Browse: https://github.com/puma/puma
--- /dev/null
--- /dev/null
++version=4
++opts="searchmode=plain, \
++ filenamemangle=s/.+\/v@ANY_VERSION@/@PACKAGE@-$1\.tar\.gz/" \
++https://api.github.com/repos/puma/puma/releases \
++https://api.github.com/repos/puma/puma/tarball/v@ANY_VERSION@
projects / puma.git / commitdiff