2021-11-28 01:56:15 +01:00
|
|
|
//! No-Op TLS Acceptor Server
|
2020-09-13 11:12:07 +02:00
|
|
|
//!
|
|
|
|
//! Using either HTTPie (`http`) or cURL:
|
|
|
|
//!
|
|
|
|
//! This commands will produce errors in the server log:
|
|
|
|
//! ```sh
|
|
|
|
//! curl 127.0.0.1:8443
|
|
|
|
//! http 127.0.0.1:8443
|
|
|
|
//! ```
|
|
|
|
//!
|
|
|
|
//! These commands will show "empty reply" on the client but will debug print the TLS stream info
|
|
|
|
//! in the server log, indicating a successful TLS handshake:
|
|
|
|
//! ```sh
|
|
|
|
//! curl -k https://127.0.0.1:8443
|
|
|
|
//! http --verify=false https://127.0.0.1:8443
|
|
|
|
//! ```
|
|
|
|
|
2022-04-10 03:48:53 +02:00
|
|
|
#[rustfmt::skip]
|
|
|
|
// this `use` is only exists because of how we have organised the crate
|
|
|
|
// it is not necessary for your actual code; you should import from `rustls` directly
|
2021-02-04 16:22:38 +01:00
|
|
|
use tokio_rustls::rustls;
|
2020-12-29 01:38:41 +01:00
|
|
|
|
2020-09-13 11:12:07 +02:00
|
|
|
use std::{
|
|
|
|
fs::File,
|
|
|
|
io::{self, BufReader},
|
|
|
|
sync::{
|
|
|
|
atomic::{AtomicUsize, Ordering},
|
|
|
|
Arc,
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2021-02-20 18:25:22 +01:00
|
|
|
use actix_rt::net::TcpStream;
|
2021-11-02 00:41:28 +01:00
|
|
|
use actix_server::Server;
|
2021-04-16 01:00:02 +02:00
|
|
|
use actix_service::ServiceFactoryExt as _;
|
2021-02-20 18:25:22 +01:00
|
|
|
use actix_tls::accept::rustls::{Acceptor as RustlsAcceptor, TlsStream};
|
2020-09-13 11:12:07 +02:00
|
|
|
use futures_util::future::ok;
|
2021-10-19 17:48:23 +02:00
|
|
|
use rustls::{server::ServerConfig, Certificate, PrivateKey};
|
|
|
|
use rustls_pemfile::{certs, rsa_private_keys};
|
2022-03-15 20:37:08 +01:00
|
|
|
use tracing::info;
|
2020-09-13 11:12:07 +02:00
|
|
|
|
|
|
|
#[actix_rt::main]
|
|
|
|
async fn main() -> io::Result<()> {
|
2022-12-21 22:17:21 +01:00
|
|
|
env_logger::init_from_env(env_logger::Env::default().default_filter_or("info"));
|
2020-09-13 11:12:07 +02:00
|
|
|
|
|
|
|
// Load TLS key and cert files
|
|
|
|
let cert_file = &mut BufReader::new(File::open("./examples/cert.pem").unwrap());
|
|
|
|
let key_file = &mut BufReader::new(File::open("./examples/key.pem").unwrap());
|
|
|
|
|
2021-10-19 17:48:23 +02:00
|
|
|
let cert_chain = certs(cert_file)
|
|
|
|
.unwrap()
|
|
|
|
.into_iter()
|
|
|
|
.map(Certificate)
|
|
|
|
.collect();
|
2020-09-13 11:12:07 +02:00
|
|
|
let mut keys = rsa_private_keys(key_file).unwrap();
|
2021-10-19 17:48:23 +02:00
|
|
|
|
|
|
|
let tls_config = ServerConfig::builder()
|
|
|
|
.with_safe_defaults()
|
|
|
|
.with_no_client_auth()
|
|
|
|
.with_single_cert(cert_chain, PrivateKey(keys.remove(0)))
|
2020-09-13 11:12:07 +02:00
|
|
|
.unwrap();
|
|
|
|
|
|
|
|
let tls_acceptor = RustlsAcceptor::new(tls_config);
|
|
|
|
|
|
|
|
let count = Arc::new(AtomicUsize::new(0));
|
|
|
|
|
|
|
|
let addr = ("127.0.0.1", 8443);
|
|
|
|
info!("starting server on port: {}", &addr.0);
|
|
|
|
|
|
|
|
Server::build()
|
|
|
|
.bind("tls-example", addr, move || {
|
|
|
|
let count = Arc::clone(&count);
|
|
|
|
|
|
|
|
// Set up TLS service factory
|
2021-04-16 01:00:02 +02:00
|
|
|
tls_acceptor
|
|
|
|
.clone()
|
2020-09-13 11:12:07 +02:00
|
|
|
.map_err(|err| println!("Rustls error: {:?}", err))
|
2021-02-20 18:25:22 +01:00
|
|
|
.and_then(move |stream: TlsStream<TcpStream>| {
|
2020-09-13 11:12:07 +02:00
|
|
|
let num = count.fetch_add(1, Ordering::Relaxed);
|
2021-02-20 18:25:22 +01:00
|
|
|
info!("[{}] Got TLS connection: {:?}", num, &*stream);
|
2020-09-13 11:12:07 +02:00
|
|
|
ok(())
|
|
|
|
})
|
|
|
|
})?
|
|
|
|
.workers(1)
|
|
|
|
.run()
|
|
|
|
.await
|
|
|
|
}
|