Make sure low level error response is sent to the client

[Vuta]

Closes #2341

Description

Currently, when Client I/O operations raise any exceptions, we build a fallback rack response (either by lowlevel_error_handler or by default puma's hard-coded response), but doesn't do anything with it. This commit ensures that this response is sent back to client.

To verify:

1. bundle exec puma -C test/config/lowlevel_error_handler.rb test/rackup/hello.ru
2. curl -i GET localhost:9292

HTTP/1.1 500 Internal Server Error
Content-Length: 24

something wrong happened

Your checklist for this pull request

• I have reviewed the guidelines for contributing to this repository.
• I have added (or updated) appropriate tests if this PR fixes a bug or adds a feature.
• My pull request is 100 lines added/removed or less so that it can be easily reviewed.
• If this PR doesn't need tests (docs change), I added [ci skip] to the title of the PR.
• If this closes any issues, I have added "Closes #issue" to the PR description or my commit messages.
• I have updated the documentation accordingly.
• All new and existing tests passed, including Rubocop.

[nateberkopec]

🤔 Huh?

[Vuta]

Previously it failed on some platforms (non MRI or windows I think). This is the full data

HTTP/1.0 500 Internal Server Error\r\nContent-Length: 659\r\n\r\nPuma caught this error: undefined method `downcase' for 1:Integer (NoMethodError)\n/Users/vutran/learning/puma/lib/puma/request.rb:610:in `block in str_headers'\n/Users/vutran/learning/puma/lib/puma/request.rb:607:in `each'\n/Users/vutran/learning/puma/lib/puma/request.rb:607:in `str_headers'\n/Users/vutran/learning/puma/lib/puma/request.rb:170:in `prepare_response'\n/Users/vutran/learning/puma/lib/puma/request.rb:131:in `handle_request'\n/Users/vutran/learning/puma/lib/puma/server.rb:431:in `process_client'\n/Users/vutran/learning/puma/lib/puma/server.rb:233:in `block in run'\n/Users/vutran/learning/puma/lib/puma/thread_pool.rb:147:in `block in spawn_thread'HTTP/1.1 500 Internal Server Error\r\n\r\n

I guess matching against "Puma caught this error: undefined method `downcase' for 1:Integer" would be better?

[dentarg]

@nateberkopec I commented on the same thing with the previous attempt: https://github.com/puma/puma/pull/2731/files#diff-732bb402028f0495d2e1bbcdf2abd9deef82f19e1b5f45711e5e32d450656563

We should understand why this is changing, not just change it

[dentarg]

This is the full data

Why does it say HTTP/1.1 500 Internal Server Error\r\n\r\n at the end?

What does it say in master?

[Vuta]

Why does it say HTTP/1.1 500 Internal Server Error\r\n\r\n at the end?

That comes from the client.write_error(500). We can either

1. keep that line and change the regex to make the test pass
2. remove that line completely

I went with (1) because I wasn't sure if (2) has any other implications

[nateberkopec]

Leaving unmerged to give other maintainers some time to look but LGTM

[MSP-Greg]

I need to look at the code more, but is this optional? I'm not sure if everyone wants backtrace info sent to a client? Options for logging it, but not to the client, unless development mode? Sorry, busy with other things (reliable CI)...

[Vuta]

I need to look at the code more, but is this optional? I'm not sure if everyone wants backtrace info sent to a client? Options for logging it, but not to the client, unless development mode? Sorry, busy with other things (reliable CI)...

I think it's optional. If user sets the environment to something other than development and test, the general message An unhandled lowlevel error occurred. The application logs may have details. will be sent instead.

[nateberkopec]

Marking as waiting for review as @Vuta has responded to maintainer concerns but we don't have an approve yet.

[MSP-Greg]

I'll defer to others, but I'm not sure about any responses that might 'fingerprint' Puma's use to clients.

[dentarg]

I'll defer to others, but I'm not sure about any responses that might 'fingerprint' Puma's use to clients.

Fair point considering the recent Server header discussions.

It is set here

puma/lib/puma/server.rb

Line 544 in 6d3fd09

[status, {}, ["An unhandled lowlevel error occurred. The application logs may have details.\n"]]

I guess it is meant to be helpful in cases where you haven't configured the low level handler and something unexpected happens in production... but I agree it is sharing unnecessary details to the end user.

[Vuta]

@dentarg thanks. I agree that end users don't need to know about "unhandled lowlevel error" or "application logs". So I removed them altogether.

[dentarg]

I'm not sure this is that much better than the previous message, it is probably still somewhat unique to Puma.

I checked what pitchfork does in the 500 Internal Server Error case, and it doesn't respond with any body (RACK_ENV=development and RACK_ENV=production behaves the same).

$ curl -s -v http://127.0.0.1:8080/raise
*   Trying 127.0.0.1:8080...
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET /raise HTTP/1.1
> Host: 127.0.0.1:8080
> User-Agent: curl/7.84.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Internal Server Error
* no chunk, no close, no size. Assume close to signal end
<
* Closing connection 0

$ curl -s -v http://127.0.0.1:8080/nil
*   Trying 127.0.0.1:8080...
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET /nil HTTP/1.1
> Host: 127.0.0.1:8080
> User-Agent: curl/7.84.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Internal Server Error
* no chunk, no close, no size. Assume close to signal end
<
* Closing connection 0

[nateberkopec]

Why does MiniSSL::SSLError get slightly different handling now? If I'm reading it right, this branch still has the "bug" of never responding to the client actually?

[Vuta]

Adding lowlevel_error to MiniSSL::SSLError so that the handler code can be run, and we don't send anything back to client because there is nothing to send back right (the connection isn't established)? If I understand your previous comment correctly