From 1ff86e5ac4f2378295b1d1880c3ec759b1d4b8cc Mon Sep 17 00:00:00 2001 From: Nikolay Kim Date: Thu, 27 Sep 2018 21:24:21 -0700 Subject: [PATCH] restore rust-tls support --- .travis.yml | 6 ++--- src/server/http.rs | 50 ++++++++++++++++++++++++++-------------- src/server/ssl/mod.rs | 8 +++---- src/server/ssl/rustls.rs | 43 ++++++++++------------------------ src/test.rs | 4 +--- 5 files changed, 53 insertions(+), 58 deletions(-) diff --git a/.travis.yml b/.travis.yml index 497f7bbc2..0023965da 100644 --- a/.travis.yml +++ b/.travis.yml @@ -32,12 +32,12 @@ script: - | if [[ "$TRAVIS_RUST_VERSION" != "stable" ]]; then cargo clean - cargo test --features="ssl,tls" -- --nocapture + cargo test --features="ssl,tls,rust-tls" -- --nocapture fi - | if [[ "$TRAVIS_RUST_VERSION" == "stable" ]]; then RUSTFLAGS="--cfg procmacro2_semver_exempt" cargo install -f cargo-tarpaulin - cargo tarpaulin --features="ssl,tls" --out Xml --no-count + cargo tarpaulin --features="ssl,tls,rust-tls" --out Xml --no-count bash <(curl -s https://codecov.io/bash) echo "Uploaded code coverage" fi @@ -46,7 +46,7 @@ script: after_success: - | if [[ "$TRAVIS_OS_NAME" == "linux" && "$TRAVIS_PULL_REQUEST" = "false" && "$TRAVIS_BRANCH" == "master" && "$TRAVIS_RUST_VERSION" == "beta" ]]; then - cargo doc --features "ssl,session" --no-deps && + cargo doc --features "ssl,tls,rust-tls,session" --no-deps && echo "" > target/doc/index.html && git clone https://github.com/davisp/ghp-import.git && ./ghp-import/ghp_import.py -n -p -f -m "Documentation upload" -r https://"$GH_TOKEN"@github.com/"$TRAVIS_REPO_SLUG.git" target/doc && diff --git a/src/server/http.rs b/src/server/http.rs index 1cc899816..6432f18fc 100644 --- a/src/server/http.rs +++ b/src/server/http.rs @@ -15,8 +15,8 @@ use native_tls::TlsAcceptor; #[cfg(any(feature = "alpn", feature = "ssl"))] use openssl::ssl::SslAcceptorBuilder; -//#[cfg(feature = "rust-tls")] -//use rustls::ServerConfig; +#[cfg(feature = "rust-tls")] +use rustls::ServerConfig; use super::acceptor::{AcceptorServiceFactory, DefaultAcceptor}; use super::builder::DefaultPipelineFactory; @@ -313,22 +313,38 @@ where Ok(self) } - // #[cfg(feature = "rust-tls")] - // /// Use listener for accepting incoming tls connection requests - // /// - // /// This method sets alpn protocols to "h2" and "http/1.1" - // pub fn listen_rustls(self, lst: net::TcpListener, builder: ServerConfig) -> Self { - // use super::{RustlsAcceptor, ServerFlags}; + #[cfg(feature = "rust-tls")] + /// Use listener for accepting incoming tls connection requests + /// + /// This method sets alpn protocols to "h2" and "http/1.1" + pub fn listen_rustls(mut self, lst: net::TcpListener, config: ServerConfig) -> Self { + use super::{RustlsAcceptor, ServerFlags}; + use actix_net::service::NewServiceExt; - // // alpn support - // let flags = if self.no_http2 { - // ServerFlags::HTTP1 - // } else { - // ServerFlags::HTTP1 | ServerFlags::HTTP2 - // }; - // - // self.listen_with(lst, RustlsAcceptor::with_flags(builder, flags)) - // } + // alpn support + let flags = if self.no_http2 { + ServerFlags::HTTP1 + } else { + ServerFlags::HTTP1 | ServerFlags::HTTP2 + }; + + let addr = lst.local_addr().unwrap(); + self.sockets.push(Socket { + lst, + addr, + scheme: "https", + handler: Box::new(HttpServiceBuilder::new( + self.factory.clone(), + move || { + RustlsAcceptor::with_flags(config.clone(), flags).map_err(|_| ()) + }, + DefaultPipelineFactory::new(), + )), + }); + + //Ok(self) + self + } /// The socket address to bind /// diff --git a/src/server/ssl/mod.rs b/src/server/ssl/mod.rs index 7302cf0b4..1d6b55b10 100644 --- a/src/server/ssl/mod.rs +++ b/src/server/ssl/mod.rs @@ -6,7 +6,7 @@ pub use self::openssl::*; #[cfg(feature = "tls")] mod nativetls; -//#[cfg(feature = "rust-tls")] -//mod rustls; -//#[cfg(feature = "rust-tls")] -//pub use self::rustls::RustlsAcceptor; +#[cfg(feature = "rust-tls")] +mod rustls; +#[cfg(feature = "rust-tls")] +pub use self::rustls::RustlsAcceptor; diff --git a/src/server/ssl/rustls.rs b/src/server/ssl/rustls.rs index 6ad0a7b2b..c74b62ea4 100644 --- a/src/server/ssl/rustls.rs +++ b/src/server/ssl/rustls.rs @@ -1,29 +1,25 @@ use std::net::Shutdown; -use std::sync::Arc; use std::{io, time}; +use actix_net::ssl; //::RustlsAcceptor; use rustls::{ClientSession, ServerConfig, ServerSession}; -use tokio_io::AsyncWrite; -use tokio_rustls::{AcceptAsync, ServerConfigExt, TlsStream}; +use tokio_io::{AsyncRead, AsyncWrite}; +use tokio_rustls::TlsStream; -use server::{AcceptorService, IoStream, ServerFlags}; +use server::{IoStream, ServerFlags}; -#[derive(Clone)] /// Support `SSL` connections via rustls package /// /// `rust-tls` feature enables `RustlsAcceptor` type -pub struct RustlsAcceptor { - config: Arc, +pub struct RustlsAcceptor { + _t: ssl::RustlsAcceptor, } -impl RustlsAcceptor { - /// Create `OpensslAcceptor` with enabled `HTTP/2` and `HTTP1.1` support. - pub fn new(config: ServerConfig) -> Self { - RustlsAcceptor::with_flags(config, ServerFlags::HTTP1 | ServerFlags::HTTP2) - } - - /// Create `OpensslAcceptor` with custom server flags. - pub fn with_flags(mut config: ServerConfig, flags: ServerFlags) -> Self { +impl RustlsAcceptor { + /// Create `RustlsAcceptor` with custom server flags. + pub fn with_flags( + mut config: ServerConfig, flags: ServerFlags, + ) -> ssl::RustlsAcceptor { let mut protos = Vec::new(); if flags.contains(ServerFlags::HTTP2) { protos.push("h2".to_string()); @@ -35,22 +31,7 @@ impl RustlsAcceptor { config.set_protocols(&protos); } - RustlsAcceptor { - config: Arc::new(config), - } - } -} - -impl AcceptorService for RustlsAcceptor { - type Accepted = TlsStream; - type Future = AcceptAsync; - - fn scheme(&self) -> &'static str { - "https" - } - - fn accept(&self, io: Io) -> Self::Future { - ServerConfigExt::accept_async(&self.config, io) + ssl::RustlsAcceptor::new(config) } } diff --git a/src/test.rs b/src/test.rs index b9d64f270..83b0b83b7 100644 --- a/src/test.rs +++ b/src/test.rs @@ -19,8 +19,6 @@ use openssl::ssl::SslAcceptorBuilder; use rustls::ServerConfig; #[cfg(feature = "alpn")] use server::OpensslAcceptor; -#[cfg(feature = "rust-tls")] -use server::RustlsAcceptor; use application::{App, HttpApplication}; use body::Binary; @@ -350,7 +348,7 @@ where let ssl = self.rust_ssl.take(); if let Some(ssl) = ssl { let tcp = net::TcpListener::bind(addr).unwrap(); - srv = srv.listen_with(tcp, RustlsAcceptor::new(ssl)); + srv = srv.listen_rustls(tcp, ssl); } } if !has_ssl {