3266 Commits

Author SHA1 Message Date
Benoit Chesneau
f3190f84cc
feat: add PROXY protocol v2 support with version selection (#3451)
Extend --proxy-protocol to accept version values (off, v1, v2, auto) instead
of being boolean-only. This allows explicit control over which PROXY protocol
versions are accepted.

Changes:
- Add InvalidProxyHeader exception for v2 binary header errors
- Add validate_proxy_protocol() validator with backwards compatibility
- Update ProxyProtocol setting with nargs="?" and const="auto"
- Add PROXY v2 constants (PP_V2_SIGNATURE, PPCommand, PPFamily, PPProtocol)
- Add _parse_proxy_protocol_v1() and _parse_proxy_protocol_v2() methods
- Update both sync (message.py) and async (asgi/message.py) parsers
- Add hex escape handling in treq.py for v2 binary test data
- Add test cases for v2 TCPv4 and TCPv6

Backwards compatible: --proxy-protocol alone (or True) maps to "auto".

Closes #2912
2026-01-23 18:40:44 +01:00
Benoit Chesneau
f95ac41b8f fix: use smaller buffer in finish_body for faster timeout
Reduce buffer size from 8192 to 1024 bytes when discarding unread
body data, allowing timeouts to trigger more quickly on slow or
stalled connections.
2026-01-23 14:46:40 +01:00
Benoit Chesneau
66963367f3 fix: set socket to blocking mode on keepalive connections
On keepalive connections, finish_request() sets the socket to non-blocking
for selector registration. When the connection is reused, handle() calls
conn.init() which returns early (already initialized) without restoring
blocking mode. This caused SSLWantReadError when WSGI apps read the
request body on SSL connections.

Fix by explicitly setting blocking mode at the start of handle().

Fixes #3448
2026-01-23 14:40:40 +01:00
Benoit Chesneau
c0c4b65f0f docs: regenerate settings.md 2026-01-23 11:41:15 +01:00
Benoit Chesneau
f22cd6558e feat: add socket backlog metric (Linux only)
Add --enable-backlog-metric option to emit a gunicorn.backlog histogram
metric showing connections waiting in the socket backlog. This helps
identify worker saturation and concurrency issues.

Also distinguishes between timer (|ms) and histogram (|h) statsd metric
types per the statsd spec.

Note: Only works on Linux using TCP_INFO from getsockopt.

Closes #2407
Partially fixes #2057
2026-01-23 11:39:05 +01:00
Benoit Chesneau
e52ac46e29 feat: support CIDR networks in forwarded_allow_ips and proxy_allow_ips
Use Python's ipaddress module to support IP networks in allow lists.
Individual IP addresses are converted to /32 (IPv4) or /128 (IPv6)
networks. CIDR notation (e.g., 192.168.0.0/16) is now supported.

Fixes #1485
Closes #2390
2026-01-23 11:39:05 +01:00
Benoit Chesneau
b0d38928c8 feat: InotifyReloader now watches newly loaded modules
Refactor reloader to share code via ReloaderBase class. InotifyReloader
now calls refresh_dirs() on each event loop timeout (~1 sec) to watch
directories for dynamically loaded modules (e.g., Django dynamic imports).

Fixes #1790
Closes #1791
2026-01-23 11:39:05 +01:00
Benoit Chesneau
bbc9bba95e fix: log SIGTERM as info level, not warning
SIGTERM is expected during graceful shutdown and reload operations.
Logging it as warning level causes unnecessary noise in error logs.
SIGKILL remains at error level (suggests OOM), other signals at warning.

Closes #3094
2026-01-23 11:39:05 +01:00
Benoit Chesneau
19d07bd4af fix: print exception to stderr on worker boot failure
When a worker fails to boot, the exception is now printed to stderr
(in addition to being logged), consistent with AppImportError handling.
This makes boot failures more visible to users.

Closes #2933
2026-01-23 11:39:05 +01:00
Benoit Chesneau
56abeaf105 fix: unreader.unread() now prepends data to buffer
The unread method was incorrectly appending data to the end of the
buffer instead of prepending it to the beginning. This caused issues
when reading partial data and then unreading it.

Closes #2915
Closes #2346
2026-01-23 11:39:05 +01:00
Benoit Chesneau
8e75b3aba3 fix: prevent RecursionError when pickling Config
On Python 3.8+ with macOS, the multiprocessing module uses 'spawn' by
default which pickles objects. When pickle.load tries to read
__setstate__ before __dict__ is restored, it hits __getattr__ causing
infinite recursion. Adding a special case for 'settings' prevents this.

Closes #2401
2026-01-23 11:39:05 +01:00
Benoit Chesneau
a182066bea fix: use proper exception chaining with 'raise from' in glogging.py
Use 'raise X from e' syntax instead of just 'raise X' when wrapping
exceptions. This provides more accurate exception chaining messages
("The above exception was the direct cause of" vs "During handling of").

Closes #2360
2026-01-23 11:39:05 +01:00
Benoit Chesneau
33e5337395 docs: fix post_request hook signature description
The description incorrectly stated the callable accepts two parameters
(Worker and Request), but the signature shows four parameters including
environ and resp.

Closes #2592
2026-01-23 11:39:05 +01:00
Benoit Chesneau
7c22955837
Merge pull request #3450 from benoitc/fix/ssl-want-read-error-3448
fix: handle SSLWantReadError in finish_body() (#3448)
2026-01-23 11:17:46 +01:00
Benoit Chesneau
4ef635446b docs: add dogstatsd_tags example to description
Clarify the expected format with a concrete example.

Closes #3288
2026-01-23 10:37:30 +01:00
Benoit Chesneau
36f3807a74 docs: remove RuntimeDirectory from systemd service example
The RuntimeDirectory directive is unused by gunicorn and causes
unnecessary directory creation in /run.

Closes #3341
2026-01-23 10:36:42 +01:00
Benoit Chesneau
46e7726838 fix: make syslog_addr default platform-neutral in docs
The syslog_addr setting has different defaults depending on the
platform (macOS, FreeBSD, OpenBSD, Linux). Added default_doc to
show all platform-specific defaults in the documentation, ensuring
consistent output regardless of which platform generates the docs.

Also kept the diagnostic git diff in CI for future debugging.
2026-01-23 10:08:01 +01:00
Benoit Chesneau
f68ad2e095 ci: add git diff output to diagnose settings.md issue 2026-01-23 10:04:57 +01:00
Benoit Chesneau
38e23175e7 docs: regenerate settings.md with updated worker versions 2026-01-23 09:57:33 +01:00
Benoit Chesneau
0e175a2d34 fix: resolve lint issues and remove obsolete Sphinx references
- Fix lint issues in test_gthread.py:
  - Remove unused imports (queue, partial, http)
  - Move fcntl import to top level
  - Remove unused variable assignment
  - Replace unnecessary lambdas with method references
  - Add blank lines before nested function definitions (E306)

- Update .github/workflows/lint.yml:
  - Replace Sphinx docs check with MkDocs settings generator
  - docs/source directory no longer exists after MkDocs migration

- Update tox.ini:
  - Remove docs/source/*.rst lint (directory doesn't exist)
  - Add tests/test_gthread.py to lint targets
2026-01-23 09:56:32 +01:00
Benoit Chesneau
47b9a18619 fix: handle SSLWantReadError in finish_body() (#3448)
The finish_body() function can raise ssl.SSLWantReadError when
discarding unread request body data on SSL connections. This causes
TLS requests to fail intermittently with "Invalid request" errors.

Handle SSLWantReadError by treating it as "no more data to read".
This is safe because finish_body() only discards leftover data before
keepalive - if SSL says "need to wait for more data", there's nothing
left to discard.

Fixes #3448
2026-01-23 09:38:41 +01:00
Benoit Chesneau
cae2ef4fe4 github: Consolidate triage into single Issue Triage category 2026-01-23 02:23:31 +01:00
Benoit Chesneau
6a46d66a56 github: Add discussions-first triage workflow
Redirect issue creation to GitHub Discussions for proper triage:
- Disable blank issues, redirect to discussion categories
- Add structured discussion templates for bugs, features, questions
- Add preapproved issue template for maintainer use only
- Update CONTRIBUTING.md to reflect new workflow
2026-01-23 02:13:34 +01:00
Benoit Chesneau
e021e3e93f docs: Update 24.0.0 changelog with security fixes 2026-01-23 01:39:23 +01:00
Benoit Chesneau
3960372b82
Merge pull request #3426 from benoitc/website-2025
Migrate docs build to MkDocs
2026-01-23 01:20:42 +01:00
Benoit Chesneau
d34d3de01b docs: Set release date for 24.0.0 2026-01-23 01:20:03 +01:00
Benoit Chesneau
066e6d8bb3 docs: Move ASGI worker tab after Gthread 2026-01-23 01:20:03 +01:00
Benoit Chesneau
c6b1159483 docs: Add Tornado worker to design page 2026-01-23 01:20:03 +01:00
Benoit Chesneau
c959daeb82 docs: Redesign architecture page with visual components
Add tabbed worker types, comparison table, decision guide admonitions,
and scaling callouts. Rename master to arbiter throughout.
2026-01-23 01:20:03 +01:00
Benoit Chesneau
571bc121d1 docs: Add punchy theme with vibrant colors and modern features
- Brighter green palette (#00a650, #00c853) with teal accent
- Dark/light mode toggle with system preference detection
- Gradient header, tabs, buttons, and footer
- Inter font for text, JetBrains Mono for code
- Sticky navigation tabs, auto-hide header
- Progress indicator, search sharing, breadcrumbs
- Custom scrollbars and selection highlighting
- Enhanced code blocks, tables, and admonitions
2026-01-23 01:20:03 +01:00
Benoit Chesneau
73adc7cb29 docs: Add collapsible TOC for settings reference
- Change settings headers to h2 sections / h3 settings for TOC visibility
- Enable toc.integrate to show TOC in left sidebar
- Add JavaScript for collapsible section toggles on settings page
2026-01-23 01:20:03 +01:00
Benoit Chesneau
dcec6e701a docs: Modern landing page with custom template
- Add custom home.html template to break out of MkDocs constraints
- Create Caddy-inspired minimal CSS for landing page
- Redesign hero section with terminal demo
- Add framework tags and worker type cards
- Full-width sections with vertical narrative flow
- Dark mode support
2026-01-23 01:20:03 +01:00
Benoit Chesneau
5ea4eb340a docs: Add 2026 changelog and modernize README 2026-01-23 01:20:03 +01:00
Benoit Chesneau
0b961036b7 docs: Configure GitHub Pages deployment with custom domain 2026-01-23 01:20:03 +01:00
Benoit Chesneau
e9bc51cce4 docs: Modernize landing page with hero, pillars, and framework cards 2026-01-23 01:20:03 +01:00
Benoit Chesneau
819d2a2490 docs: Add quickstart guide and Docker deployment 2026-01-23 01:20:03 +01:00
Benoit Chesneau
0a697cde7f docs: Add ASGI worker and uWSGI protocol documentation 2026-01-23 01:20:03 +01:00
Benoit Chesneau
19a2efec63 Migrate docs build to MkDocs 2026-01-23 01:20:03 +01:00
Benoit Chesneau
58d803977d bump version to 24.0.0, remove sphinx docs 2026-01-23 01:12:46 +01:00
Benoit Chesneau
f9df39f600 gevent: Require gevent 24.10.1+ to address CVE-2024-3219 2026-01-23 00:59:51 +01:00
Benoit Chesneau
db3b0819dc build: Update license config to PEP 639 format for uv compatibility 2026-01-23 00:51:32 +01:00
Benoit Chesneau
3663895651
Merge pull request #3445 from benoitc/async-workers-security-upgrade
Require secure versions of async worker dependencies
2026-01-23 00:42:48 +01:00
Benoit Chesneau
9aaa75c0bf fix: Add noqa comments for E402 in geventlet worker 2026-01-23 00:36:05 +01:00
Benoit Chesneau
086dadfa1e testing: Pin gevent and eventlet minimum versions 2026-01-23 00:26:35 +01:00
Benoit Chesneau
4062a82ba7 eventlet: Require eventlet 0.40.3+ for security fixes
Upgrade minimum eventlet version to 0.40.3 to address security
vulnerabilities:

- CVE-2021-21419 (Moderate 6.9): Websocket memory exhaustion via
  large/compressed frames (fixed in 0.31.0)
- CVE-2025-58068 (Moderate 6.3): HTTP Request Smuggling via improper
  trailer handling (fixed in 0.40.3)

Also restructure module to call monkey_patch() at import time for
better patching coverage, while keeping hubs.use_hub() in the worker's
patch() method since it creates OS resources that don't survive fork.

Add comprehensive tests for the eventlet worker.
2026-01-23 00:25:50 +01:00
Benoit Chesneau
543854c123 gevent: Require gevent 23.9.0+ for security fixes
Address CVE-2023-41419 (Critical - remote privilege escalation via
WSGIServer) by requiring gevent 23.9.0 or higher.

Changes:
- Update minimum gevent version from 1.4.0 to 23.9.0
- Remove legacy server.kill() code path (gevent < 1.0)
- Update documentation to reflect new version requirement
- Add comprehensive tests for gevent worker
2026-01-23 00:14:11 +01:00
Benoit Chesneau
4b9d787c93 tornado: Require Tornado 6.5.0+ for security fixes
Update minimum Tornado version to 6.5.0 to address:
- CVE-2024-52804 (Medium): HTTP Cookie Parsing DoS
- CVE-2025-47287 (High 7.5): Multipart/Form-Data Parser DoS

This simplifies the tornado worker by removing legacy code paths
for Tornado < 5.0 and < 6.0, reducing the codebase by ~30%.

Changes:
- pyproject.toml: Update tornado requirement to >=6.5.0
- gtornado.py: Remove TORNADO5 constant and legacy code paths
- tornadoapp.py: Update example to use async/await syntax
- test_gtornado.py: Add comprehensive test suite
2026-01-23 00:02:01 +01:00
Benoit Chesneau
5b50487bab
Merge pull request #3444 from benoitc/asgi-worker
Add native ASGI worker and uWSGI binary protocol support
2026-01-22 20:31:23 +01:00
Benoit Chesneau
81b653457c ci: Fix test dependencies for Docker and FreeBSD workflows
- Docker integration: Install pytest-cov to support coverage addopts
- FreeBSD: Install pytest-asyncio for ASGI async test support
2026-01-22 19:33:57 +01:00
Benoit Chesneau
1521266e2f asgi/uwsgi: Address PR review feedback
- asgi: Check HTTP method is GET for WebSocket upgrade per RFC 6455
  Section 4.1. Previously HEAD and other methods with upgrade headers
  could trigger WebSocket handling.

- uwsgi: Add detailed docstring explaining header mapping from CGI-style
  environment variables to HTTP headers, including the lossy nature of
  underscore-to-hyphen conversion.
2026-01-22 19:28:11 +01:00