2019-11-20 19:35:07 +01:00
|
|
|
#![cfg(feature = "rustls")]
|
2021-01-17 06:19:32 +01:00
|
|
|
|
2021-02-07 04:54:58 +01:00
|
|
|
extern crate tls_rustls as rustls;
|
2021-01-17 06:19:32 +01:00
|
|
|
|
|
|
|
use std::{
|
|
|
|
io::BufReader,
|
|
|
|
sync::{
|
|
|
|
atomic::{AtomicUsize, Ordering},
|
|
|
|
Arc,
|
|
|
|
},
|
|
|
|
};
|
2019-07-31 22:02:56 +02:00
|
|
|
|
|
|
|
use actix_http::HttpService;
|
2019-12-12 18:08:38 +01:00
|
|
|
use actix_http_test::test_server;
|
2021-01-04 00:47:04 +01:00
|
|
|
use actix_service::{map_config, pipeline_factory, ServiceFactoryExt};
|
2021-01-17 06:19:32 +01:00
|
|
|
use actix_web::{dev::AppConfig, http::Version, web, App, HttpResponse};
|
2020-05-18 04:46:57 +02:00
|
|
|
use futures_util::future::ok;
|
2021-01-17 06:19:32 +01:00
|
|
|
use rustls::internal::pemfile::{certs, pkcs8_private_keys};
|
|
|
|
use rustls::{ClientConfig, NoClientAuth, ServerConfig};
|
|
|
|
|
|
|
|
fn tls_config() -> ServerConfig {
|
|
|
|
let cert = rcgen::generate_simple_self_signed(vec!["localhost".to_owned()]).unwrap();
|
|
|
|
let cert_file = cert.serialize_pem().unwrap();
|
|
|
|
let key_file = cert.serialize_private_key_pem();
|
|
|
|
|
|
|
|
let mut config = ServerConfig::new(NoClientAuth::new());
|
|
|
|
let cert_file = &mut BufReader::new(cert_file.as_bytes());
|
|
|
|
let key_file = &mut BufReader::new(key_file.as_bytes());
|
|
|
|
|
|
|
|
let cert_chain = certs(cert_file).unwrap();
|
|
|
|
let mut keys = pkcs8_private_keys(key_file).unwrap();
|
|
|
|
config.set_single_cert(cert_chain, keys.remove(0)).unwrap();
|
|
|
|
|
|
|
|
config
|
2019-07-31 22:02:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
mod danger {
|
2021-01-17 06:19:32 +01:00
|
|
|
pub struct NoCertificateVerification;
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2021-01-17 06:19:32 +01:00
|
|
|
impl rustls::ServerCertVerifier for NoCertificateVerification {
|
2019-07-31 22:02:56 +02:00
|
|
|
fn verify_server_cert(
|
|
|
|
&self,
|
2021-01-17 06:19:32 +01:00
|
|
|
_roots: &rustls::RootCertStore,
|
|
|
|
_presented_certs: &[rustls::Certificate],
|
2019-07-31 22:02:56 +02:00
|
|
|
_dns_name: webpki::DNSNameRef<'_>,
|
|
|
|
_ocsp: &[u8],
|
2021-01-17 06:19:32 +01:00
|
|
|
) -> Result<rustls::ServerCertVerified, rustls::TLSError> {
|
|
|
|
Ok(rustls::ServerCertVerified::assertion())
|
2019-07-31 22:02:56 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-17 06:19:32 +01:00
|
|
|
#[actix_rt::test]
|
|
|
|
async fn test_connection_reuse_h2() {
|
2019-11-26 06:25:50 +01:00
|
|
|
let num = Arc::new(AtomicUsize::new(0));
|
|
|
|
let num2 = num.clone();
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2019-12-12 18:08:38 +01:00
|
|
|
let srv = test_server(move || {
|
2019-11-26 06:25:50 +01:00
|
|
|
let num2 = num2.clone();
|
|
|
|
pipeline_factory(move |io| {
|
|
|
|
num2.fetch_add(1, Ordering::Relaxed);
|
|
|
|
ok(io)
|
|
|
|
})
|
|
|
|
.and_then(
|
|
|
|
HttpService::build()
|
2019-12-20 12:36:48 +01:00
|
|
|
.h2(map_config(
|
2021-02-12 00:03:17 +01:00
|
|
|
App::new().service(web::resource("/").route(web::to(HttpResponse::Ok))),
|
2019-12-20 12:36:48 +01:00
|
|
|
|_| AppConfig::default(),
|
2019-12-20 12:27:32 +01:00
|
|
|
))
|
2021-01-17 06:19:32 +01:00
|
|
|
.rustls(tls_config())
|
2019-11-26 06:25:50 +01:00
|
|
|
.map_err(|_| ()),
|
|
|
|
)
|
2020-03-08 08:42:45 +01:00
|
|
|
})
|
|
|
|
.await;
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2021-01-17 06:19:32 +01:00
|
|
|
// disable TLS verification
|
2019-11-26 06:25:50 +01:00
|
|
|
let mut config = ClientConfig::new();
|
|
|
|
let protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
|
|
|
|
config.set_protocols(&protos);
|
|
|
|
config
|
|
|
|
.dangerous()
|
2021-01-17 06:19:32 +01:00
|
|
|
.set_certificate_verifier(Arc::new(danger::NoCertificateVerification));
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2020-09-11 10:24:39 +02:00
|
|
|
let client = awc::Client::builder()
|
2021-02-18 13:30:09 +01:00
|
|
|
.connector(awc::Connector::new().rustls(Arc::new(config)))
|
2019-11-26 06:25:50 +01:00
|
|
|
.finish();
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2019-11-26 06:25:50 +01:00
|
|
|
// req 1
|
|
|
|
let request = client.get(srv.surl("/")).send();
|
|
|
|
let response = request.await.unwrap();
|
|
|
|
assert!(response.status().is_success());
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2019-11-26 06:25:50 +01:00
|
|
|
// req 2
|
|
|
|
let req = client.post(srv.surl("/"));
|
|
|
|
let response = req.send().await.unwrap();
|
|
|
|
assert!(response.status().is_success());
|
|
|
|
assert_eq!(response.version(), Version::HTTP_2);
|
2019-07-31 22:02:56 +02:00
|
|
|
|
2019-11-26 06:25:50 +01:00
|
|
|
// one connection
|
|
|
|
assert_eq!(num.load(Ordering::Relaxed), 1);
|
2019-07-31 22:02:56 +02:00
|
|
|
}
|