Rustls v0.22 support (#3275)

2025-06-26 06:57:43 +02:00 · 2024-02-03 23:55:01 +00:00
parent b1eb57ac4f
commit 2125aca2c5
24 changed files with 719 additions and 196 deletions
--- a/actix-test/CHANGES.md
+++ b/actix-test/CHANGES.md
@ -2,6 +2,8 @@

 ## Unreleased

+- Add `TestServerConfig::rustls_0_22()` method for Rustls v0.22 support behind new `rustls-0_22` crate feature.
+
 ## 0.1.2

 - Add `TestServerConfig::rustls_021()` method for Rustls v0.21 support behind new `rustls-0_21` crate feature.
--- a/actix-test/Cargo.toml
+++ b/actix-test/Cargo.toml
@ -27,6 +27,8 @@ rustls = ["rustls-0_20"]
 rustls-0_20 = ["tls-rustls-0_20", "actix-http/rustls-0_20", "awc/rustls-0_20"]
 # TLS via Rustls v0.21
 rustls-0_21 = ["tls-rustls-0_21", "actix-http/rustls-0_21", "awc/rustls-0_21"]
+# TLS via Rustls v0.22
+rustls-0_22 = ["tls-rustls-0_22", "actix-http/rustls-0_22", "awc/rustls-0_22-webpki-roots"]

 # TLS via OpenSSL
 openssl = ["tls-openssl", "actix-http/openssl", "awc/openssl"]
@ -50,4 +52,5 @@ serde_urlencoded = "0.7"
 tls-openssl = { package = "openssl", version = "0.10.55", optional = true }
 tls-rustls-0_20 = { package = "rustls", version = "0.20", optional = true }
 tls-rustls-0_21 = { package = "rustls", version = "0.21", optional = true }
+tls-rustls-0_22 = { package = "rustls", version = "0.22", optional = true }
 tokio = { version = "1.24.2", features = ["sync"] }
--- a/actix-test/src/lib.rs
+++ b/actix-test/src/lib.rs
@ -143,6 +143,8 @@ where
        StreamType::Rustls020(_) => true,
        #[cfg(feature = "rustls-0_21")]
        StreamType::Rustls021(_) => true,
+        #[cfg(feature = "rustls-0_22")]
+        StreamType::Rustls022(_) => true,
    };

    // run server in separate orphaned thread
@ -327,6 +329,48 @@ where
                            .rustls_021(config.clone())
                    }),
                },
+                #[cfg(feature = "rustls-0_22")]
+                StreamType::Rustls022(config) => match cfg.tp {
+                    HttpVer::Http1 => builder.listen("test", tcp, move || {
+                        let app_cfg =
+                            AppConfig::__priv_test_new(false, local_addr.to_string(), local_addr);
+
+                        let fac = factory()
+                            .into_factory()
+                            .map_err(|err| err.into().error_response());
+
+                        HttpService::build()
+                            .client_request_timeout(timeout)
+                            .h1(map_config(fac, move |_| app_cfg.clone()))
+                            .rustls_0_22(config.clone())
+                    }),
+                    HttpVer::Http2 => builder.listen("test", tcp, move || {
+                        let app_cfg =
+                            AppConfig::__priv_test_new(false, local_addr.to_string(), local_addr);
+
+                        let fac = factory()
+                            .into_factory()
+                            .map_err(|err| err.into().error_response());
+
+                        HttpService::build()
+                            .client_request_timeout(timeout)
+                            .h2(map_config(fac, move |_| app_cfg.clone()))
+                            .rustls_0_22(config.clone())
+                    }),
+                    HttpVer::Both => builder.listen("test", tcp, move || {
+                        let app_cfg =
+                            AppConfig::__priv_test_new(false, local_addr.to_string(), local_addr);
+
+                        let fac = factory()
+                            .into_factory()
+                            .map_err(|err| err.into().error_response());
+
+                        HttpService::build()
+                            .client_request_timeout(timeout)
+                            .finish(map_config(fac, move |_| app_cfg.clone()))
+                            .rustls_0_22(config.clone())
+                    }),
+                },
            }
            .expect("test server could not be created");

@ -401,6 +445,8 @@ enum StreamType {
    Rustls020(tls_rustls_0_20::ServerConfig),
    #[cfg(feature = "rustls-0_21")]
    Rustls021(tls_rustls_0_21::ServerConfig),
+    #[cfg(feature = "rustls-0_22")]
+    Rustls022(tls_rustls_0_22::ServerConfig),
 }

 /// Create default test server config.
@ -424,7 +470,7 @@ impl Default for TestServerConfig {
 }

 impl TestServerConfig {
-    /// Create default server configuration
+    /// Constructs default server configuration.
    pub(crate) fn new() -> TestServerConfig {
        TestServerConfig {
            tp: HttpVer::Both,
@ -435,40 +481,63 @@ impl TestServerConfig {
        }
    }

-    /// Accept HTTP/1.1 only.
+    /// Accepts HTTP/1.1 only.
    pub fn h1(mut self) -> Self {
        self.tp = HttpVer::Http1;
        self
    }

-    /// Accept HTTP/2 only.
+    /// Accepts HTTP/2 only.
    pub fn h2(mut self) -> Self {
        self.tp = HttpVer::Http2;
        self
    }

-    /// Accept secure connections via OpenSSL.
+    /// Accepts secure connections via OpenSSL.
    #[cfg(feature = "openssl")]
    pub fn openssl(mut self, acceptor: openssl::ssl::SslAcceptor) -> Self {
        self.stream = StreamType::Openssl(acceptor);
        self
    }

-    /// Accept secure connections via Rustls.
+    #[doc(hidden)]
+    #[deprecated(note = "Renamed to `rustls_0_20()`.")]
    #[cfg(feature = "rustls-0_20")]
    pub fn rustls(mut self, config: tls_rustls_0_20::ServerConfig) -> Self {
        self.stream = StreamType::Rustls020(config);
        self
    }

-    /// Accept secure connections via Rustls.
+    /// Accepts secure connections via Rustls v0.20.
+    #[cfg(feature = "rustls-0_20")]
+    pub fn rustls_0_20(mut self, config: tls_rustls_0_20::ServerConfig) -> Self {
+        self.stream = StreamType::Rustls020(config);
+        self
+    }
+
+    #[doc(hidden)]
+    #[deprecated(note = "Renamed to `rustls_0_21()`.")]
    #[cfg(feature = "rustls-0_21")]
    pub fn rustls_021(mut self, config: tls_rustls_0_21::ServerConfig) -> Self {
        self.stream = StreamType::Rustls021(config);
        self
    }

-    /// Set client timeout for first request.
+    /// Accepts secure connections via Rustls v0.21.
+    #[cfg(feature = "rustls-0_21")]
+    pub fn rustls_0_21(mut self, config: tls_rustls_0_21::ServerConfig) -> Self {
+        self.stream = StreamType::Rustls021(config);
+        self
+    }
+
+    /// Accepts secure connections via Rustls v0.22.
+    #[cfg(feature = "rustls-0_22")]
+    pub fn rustls_0_22(mut self, config: tls_rustls_0_22::ServerConfig) -> Self {
+        self.stream = StreamType::Rustls022(config);
+        self
+    }
+
+    /// Sets client timeout for first request.
    pub fn client_request_timeout(mut self, dur: Duration) -> Self {
        self.client_request_timeout = dur;
        self