1
0
mirror of https://github.com/fafhrd91/actix-web synced 2025-01-18 05:41:50 +01:00

bump connect and tls versions (#1655)

This commit is contained in:
Rob Ede 2020-09-09 09:20:54 +01:00 committed by GitHub
parent c54d73e0bb
commit 9d0534999d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 60 additions and 49 deletions

View File

@ -9,10 +9,14 @@
* Update actix-codec and actix-utils dependencies. [#1634]
* `FormConfig` and `JsonConfig` configurations are now also considered when set
using `App::data`. [#1641]
* `HttpServer::maxconn` is renamed to the more expressive `HttpServer::max_connections`. [#1655]
* `HttpServer::maxconnrate` is renamed to the more expressive
`HttpServer::max_connection_rate`. [#1655]
[#1639]: https://github.com/actix/actix-web/pull/1639
[#1641]: https://github.com/actix/actix-web/pull/1641
[#1634]: https://github.com/actix/actix-web/pull/1634
[#1655]: https://github.com/actix/actix-web/pull/1655
## 3.0.0-beta.3 - 2020-08-17
### Changed

View File

@ -74,7 +74,7 @@ actix-server = "1.0.0"
actix-testing = "1.0.0"
actix-macros = "0.1.0"
actix-threadpool = "0.3.1"
actix-tls = "2.0.0-alpha.2"
actix-tls = "2.0.0"
actix-web-codegen = "0.3.0-beta.1"
actix-http = "2.0.0-beta.3"

View File

@ -36,6 +36,10 @@
It will need `middleware::normalize::TrailingSlash` when being constructed with `NormalizePath::new(...)`,
or for an easier migration you can replace `wrap(middleware::NormalizePath)` with `wrap(middleware::NormalizePath::default())`.
* `HttpServer::maxconn` is renamed to the more expressive `HttpServer::max_connections`.
* `HttpServer::maxconnrate` is renamed to the more expressive `HttpServer::max_connection_rate`.
## 2.0.0
* `HttpServer::start()` renamed to `HttpServer::run()`. It also possible to

View File

@ -42,11 +42,11 @@ actors = ["actix"]
[dependencies]
actix-service = "1.0.5"
actix-codec = "0.3.0"
actix-connect = "2.0.0-alpha.4"
actix-connect = "2.0.0"
actix-utils = "2.0.0"
actix-rt = "1.0.0"
actix-threadpool = "0.3.1"
actix-tls = { version = "2.0.0-alpha.2", optional = true }
actix-tls = { version = "2.0.0", optional = true }
actix = { version = "0.10.0-alpha.1", optional = true }
base64 = "0.12"
@ -87,9 +87,9 @@ flate2 = { version = "1.0.13", optional = true }
[dev-dependencies]
actix-server = "1.0.1"
actix-connect = { version = "2.0.0-alpha.4", features = ["openssl"] }
actix-connect = { version = "2.0.0", features = ["openssl"] }
actix-http-test = { version = "2.0.0-alpha.1", features = ["openssl"] }
actix-tls = { version = "2.0.0-alpha.2", features = ["openssl"] }
actix-tls = { version = "2.0.0", features = ["openssl"] }
criterion = "0.3"
env_logger = "0.7"
serde_derive = "1.0"

View File

@ -98,7 +98,7 @@ mod openssl {
use super::*;
use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
use actix_tls::{openssl::HandshakeError, SslError};
use actix_tls::{openssl::HandshakeError, TlsError};
impl<S, B, X, U> H1Service<SslStream<TcpStream>, S, B, X, U>
where
@ -126,19 +126,19 @@ mod openssl {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<HandshakeError<TcpStream>, DispatchError>,
Error = TlsError<HandshakeError<TcpStream>, DispatchError>,
InitError = (),
> {
pipeline_factory(
Acceptor::new(acceptor)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(|io: SslStream<TcpStream>| {
let peer_addr = io.get_ref().peer_addr().ok();
ok((io, peer_addr))
})
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}
@ -147,7 +147,7 @@ mod openssl {
mod rustls {
use super::*;
use actix_tls::rustls::{Acceptor, ServerConfig, TlsStream};
use actix_tls::SslError;
use actix_tls::TlsError;
use std::{fmt, io};
impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>
@ -176,19 +176,19 @@ mod rustls {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<io::Error, DispatchError>,
Error = TlsError<io::Error, DispatchError>,
InitError = (),
> {
pipeline_factory(
Acceptor::new(config)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(|io: TlsStream<TcpStream>| {
let peer_addr = io.get_ref().0.peer_addr().ok();
ok((io, peer_addr))
})
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}

View File

@ -97,7 +97,7 @@ where
mod openssl {
use actix_service::{fn_factory, fn_service};
use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
use actix_tls::{openssl::HandshakeError, SslError};
use actix_tls::{openssl::HandshakeError, TlsError};
use super::*;
@ -117,12 +117,12 @@ mod openssl {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<HandshakeError<TcpStream>, DispatchError>,
Error = TlsError<HandshakeError<TcpStream>, DispatchError>,
InitError = S::InitError,
> {
pipeline_factory(
Acceptor::new(acceptor)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(fn_factory(|| {
@ -131,7 +131,7 @@ mod openssl {
ok((io, peer_addr))
}))
}))
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}
@ -140,7 +140,7 @@ mod openssl {
mod rustls {
use super::*;
use actix_tls::rustls::{Acceptor, ServerConfig, TlsStream};
use actix_tls::SslError;
use actix_tls::TlsError;
use std::io;
impl<S, B> H2Service<TlsStream<TcpStream>, S, B>
@ -159,7 +159,7 @@ mod rustls {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<io::Error, DispatchError>,
Error = TlsError<io::Error, DispatchError>,
InitError = S::InitError,
> {
let protos = vec!["h2".to_string().into()];
@ -167,7 +167,7 @@ mod rustls {
pipeline_factory(
Acceptor::new(config)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(fn_factory(|| {
@ -176,7 +176,7 @@ mod rustls {
ok((io, peer_addr))
}))
}))
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}

View File

@ -195,7 +195,7 @@ where
mod openssl {
use super::*;
use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
use actix_tls::{openssl::HandshakeError, SslError};
use actix_tls::{openssl::HandshakeError, TlsError};
impl<S, B, X, U> HttpService<SslStream<TcpStream>, S, B, X, U>
where
@ -226,12 +226,12 @@ mod openssl {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<HandshakeError<TcpStream>, DispatchError>,
Error = TlsError<HandshakeError<TcpStream>, DispatchError>,
InitError = (),
> {
pipeline_factory(
Acceptor::new(acceptor)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(|io: SslStream<TcpStream>| {
@ -247,7 +247,7 @@ mod openssl {
let peer_addr = io.get_ref().peer_addr().ok();
ok((io, proto, peer_addr))
})
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}
@ -256,7 +256,7 @@ mod openssl {
mod rustls {
use super::*;
use actix_tls::rustls::{Acceptor, ServerConfig, Session, TlsStream};
use actix_tls::SslError;
use actix_tls::TlsError;
use std::io;
impl<S, B, X, U> HttpService<TlsStream<TcpStream>, S, B, X, U>
@ -288,7 +288,7 @@ mod rustls {
Config = (),
Request = TcpStream,
Response = (),
Error = SslError<io::Error, DispatchError>,
Error = TlsError<io::Error, DispatchError>,
InitError = (),
> {
let protos = vec!["h2".to_string().into(), "http/1.1".to_string().into()];
@ -296,7 +296,7 @@ mod rustls {
pipeline_factory(
Acceptor::new(config)
.map_err(SslError::Ssl)
.map_err(TlsError::Tls)
.map_init_err(|_| panic!()),
)
.and_then(|io: TlsStream<TcpStream>| {
@ -312,7 +312,7 @@ mod rustls {
let peer_addr = io.get_ref().0.peer_addr().ok();
ok((io, proto, peer_addr))
})
.and_then(self.map_err(SslError::Service))
.and_then(self.map_err(TlsError::Service))
}
}
}

View File

@ -57,13 +57,13 @@ open-ssl = { version = "0.10", package = "openssl", optional = true }
rust-tls = { version = "0.18.0", package = "rustls", optional = true, features = ["dangerous_configuration"] }
[dev-dependencies]
actix-connect = { version = "2.0.0-alpha.4", features = ["openssl"] }
actix-connect = { version = "2.0.0", features = ["openssl"] }
actix-web = { version = "3.0.0-beta.2", features = ["openssl"] }
actix-http = { version = "2.0.0-beta.3", features = ["openssl"] }
actix-http-test = { version = "2.0.0-alpha.1", features = ["openssl"] }
actix-utils = "2.0.0"
actix-server = "1.0.0"
actix-tls = { version = "2.0.0-alpha.2", features = ["openssl", "rustls"] }
actix-tls = { version = "2.0.0", features = ["openssl", "rustls"] }
brotli2 = "0.3.2"
flate2 = "1.0.13"
futures-util = { version = "0.3.5", default-features = false }

View File

@ -17,7 +17,7 @@ digraph {
"actix-utils" -> { "actix-service" "actix-rt" "actix-codec" }
"actix-tracing" -> { "actix-service" }
"actix-tls" -> { "actix-service" "actix-codec" "actix-utils" "actix-rt" }
"actix-tls" -> { "actix-service" "actix-codec" "actix-utils" }
"actix-testing" -> { "actix-rt" "actix-macros" "actix-server" "actix-service" }
"actix-server" -> { "actix-service" "actix-rt" "actix-codec" "actix-utils" }
"actix-rt" -> { "actix-macros" "actix-threadpool" }

View File

@ -22,7 +22,7 @@ digraph {
"actix-utils" -> { "actix-service" "actix-rt" "actix-codec" }
"actix-tracing" -> { "actix-service" }
"actix-tls" -> { "actix-service" "actix-codec" "actix-utils" "actix-rt" }
"actix-tls" -> { "actix-service" "actix-codec" "actix-utils" }
"actix-testing" -> { "actix-rt" "actix-macros" "actix-server" "actix-service" }
"actix-server" -> { "actix-service" "actix-rt" "actix-codec" "actix-utils" }
"actix-rt" -> { "actix-macros" "actix-threadpool" }

View File

@ -122,23 +122,23 @@ where
/// Sets the maximum per-worker number of concurrent connections.
///
/// All socket listeners will stop accepting connections when this limit is reached
/// for each worker.
/// All socket listeners will stop accepting connections when this limit is reached for
/// each worker.
///
/// By default max connections is set to a 25k.
pub fn maxconn(mut self, num: usize) -> Self {
pub fn max_connections(mut self, num: usize) -> Self {
self.builder = self.builder.maxconn(num);
self
}
/// Sets the maximum per-worker concurrent connection establish process.
///
/// All listeners will stop accepting connections when this limit is reached. It
/// can be used to limit the global SSL CPU usage.
/// All listeners will stop accepting connections when this limit is reached. It can be used to
/// limit the global TLS CPU usage.
///
/// By default max connections is set to a 256.
pub fn maxconnrate(self, num: usize) -> Self {
actix_tls::max_concurrent_ssl_connect(num);
pub fn max_connection_rate(self, num: usize) -> Self {
actix_tls::max_concurrent_tls_connect(num);
self
}
@ -375,19 +375,20 @@ where
addr: A,
) -> io::Result<Vec<net::TcpListener>> {
let mut err = None;
let mut succ = false;
let mut success = false;
let mut sockets = Vec::new();
for addr in addr.to_socket_addrs()? {
match create_tcp_listener(addr, self.backlog) {
Ok(lst) => {
succ = true;
success = true;
sockets.push(lst);
}
Err(e) => err = Some(e),
}
}
if !succ {
if !success {
if let Some(e) = err.take() {
Err(e)
} else {
@ -575,17 +576,19 @@ fn create_tcp_listener(
#[cfg(feature = "openssl")]
/// Configure `SslAcceptorBuilder` with custom server flags.
fn openssl_acceptor(mut builder: SslAcceptorBuilder) -> io::Result<SslAcceptor> {
builder.set_alpn_select_callback(|_, protos| {
builder.set_alpn_select_callback(|_, protocols| {
const H2: &[u8] = b"\x02h2";
const H11: &[u8] = b"\x08http/1.1";
if protos.windows(3).any(|window| window == H2) {
if protocols.windows(3).any(|window| window == H2) {
Ok(b"h2")
} else if protos.windows(9).any(|window| window == H11) {
} else if protocols.windows(9).any(|window| window == H11) {
Ok(b"http/1.1")
} else {
Err(AlpnError::NOACK)
}
});
builder.set_alpn_protos(b"\x08http/1.1\x02h2")?;
Ok(builder.build())

View File

@ -31,7 +31,7 @@ openssl = ["open-ssl", "awc/openssl"]
[dependencies]
actix-service = "1.0.1"
actix-codec = "0.3.0"
actix-connect = "2.0.0-alpha.4"
actix-connect = "2.0.0"
actix-utils = "2.0.0"
actix-rt = "1.0.0"
actix-server = "1.0.0"

View File

@ -22,8 +22,8 @@ async fn test_start() {
})
.workers(1)
.backlog(1)
.maxconn(10)
.maxconnrate(10)
.max_connections(10)
.max_connection_rate(10)
.keep_alive(10)
.client_timeout(5000)
.client_shutdown(0)