1
0
mirror of https://github.com/fafhrd91/actix-web synced 2024-11-25 08:52:42 +01:00
actix-web/awc/tests/test_rustls_client.rs

123 lines
3.5 KiB
Rust
Raw Normal View History

2019-11-20 19:35:07 +01:00
#![cfg(feature = "rustls")]
2021-01-17 06:19:32 +01:00
2021-02-07 04:54:58 +01:00
extern crate tls_rustls as rustls;
2021-01-17 06:19:32 +01:00
use std::{
io::BufReader,
sync::{
atomic::{AtomicUsize, Ordering},
Arc,
},
time::SystemTime,
2021-01-17 06:19:32 +01:00
};
use actix_http::HttpService;
2019-12-12 18:08:38 +01:00
use actix_http_test::test_server;
2021-04-16 21:48:37 +02:00
use actix_service::{fn_service, map_config, ServiceFactoryExt};
2021-10-20 23:32:05 +02:00
use actix_tls::connect::tls::rustls::webpki_roots_cert_store;
2021-04-01 16:26:13 +02:00
use actix_utils::future::ok;
2021-01-17 06:19:32 +01:00
use actix_web::{dev::AppConfig, http::Version, web, App, HttpResponse};
use rustls::{
client::{ServerCertVerified, ServerCertVerifier},
Certificate, ClientConfig, OwnedTrustAnchor, PrivateKey, RootCertStore, ServerConfig,
ServerName,
};
use rustls_pemfile::{certs, pkcs8_private_keys};
2021-01-17 06:19:32 +01:00
fn tls_config() -> ServerConfig {
let cert = rcgen::generate_simple_self_signed(vec!["localhost".to_owned()]).unwrap();
let cert_file = cert.serialize_pem().unwrap();
let key_file = cert.serialize_private_key_pem();
let cert_file = &mut BufReader::new(cert_file.as_bytes());
let key_file = &mut BufReader::new(key_file.as_bytes());
let cert_chain = certs(cert_file)
.unwrap()
.into_iter()
.map(Certificate)
.collect();
2021-01-17 06:19:32 +01:00
let mut keys = pkcs8_private_keys(key_file).unwrap();
ServerConfig::builder()
.with_safe_defaults()
.with_no_client_auth()
.with_single_cert(cert_chain, PrivateKey(keys.remove(0)))
.unwrap()
}
mod danger {
use super::*;
2021-01-17 06:19:32 +01:00
pub struct NoCertificateVerification;
impl ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_end_entity: &Certificate,
_intermediates: &[Certificate],
_server_name: &ServerName,
_scts: &mut dyn Iterator<Item = &[u8]>,
_ocsp_response: &[u8],
_now: SystemTime,
) -> Result<ServerCertVerified, rustls::Error> {
Ok(ServerCertVerified::assertion())
}
}
}
2021-01-17 06:19:32 +01:00
#[actix_rt::test]
async fn test_connection_reuse_h2() {
2019-11-26 06:25:50 +01:00
let num = Arc::new(AtomicUsize::new(0));
let num2 = num.clone();
2019-12-12 18:08:38 +01:00
let srv = test_server(move || {
2019-11-26 06:25:50 +01:00
let num2 = num2.clone();
2021-04-16 21:48:37 +02:00
fn_service(move |io| {
2019-11-26 06:25:50 +01:00
num2.fetch_add(1, Ordering::Relaxed);
ok(io)
})
.and_then(
HttpService::build()
2019-12-20 12:36:48 +01:00
.h2(map_config(
2021-02-12 00:03:17 +01:00
App::new().service(web::resource("/").route(web::to(HttpResponse::Ok))),
2019-12-20 12:36:48 +01:00
|_| AppConfig::default(),
2019-12-20 12:27:32 +01:00
))
2021-01-17 06:19:32 +01:00
.rustls(tls_config())
2019-11-26 06:25:50 +01:00
.map_err(|_| ()),
)
2020-03-08 08:42:45 +01:00
})
.await;
let mut config = ClientConfig::builder()
.with_safe_defaults()
2021-10-20 23:32:05 +02:00
.with_root_certificates(webpki_roots_cert_store())
.with_no_client_auth();
2019-11-26 06:25:50 +01:00
let protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
config.alpn_protocols = protos;
// disable TLS verification
2019-11-26 06:25:50 +01:00
config
.dangerous()
2021-01-17 06:19:32 +01:00
.set_certificate_verifier(Arc::new(danger::NoCertificateVerification));
let client = awc::Client::builder()
2021-02-18 13:30:09 +01:00
.connector(awc::Connector::new().rustls(Arc::new(config)))
2019-11-26 06:25:50 +01:00
.finish();
2019-11-26 06:25:50 +01:00
// req 1
let request = client.get(srv.surl("/")).send();
let response = request.await.unwrap();
assert!(response.status().is_success());
2019-11-26 06:25:50 +01:00
// req 2
let req = client.post(srv.surl("/"));
let response = req.send().await.unwrap();
assert!(response.status().is_success());
assert_eq!(response.version(), Version::HTTP_2);
2019-11-26 06:25:50 +01:00
// one connection
assert_eq!(num.load(Ordering::Relaxed), 1);
}