drop actix-tls dependency

Cargo.toml

@@ -21,5 +21,4 @@ actix-codec = { path = "actix-net/actix-codec" }
 actix-connect = { path = "actix-net/actix-connect" }
 actix-rt = { path = "actix-net/actix-rt" }
 actix-macros = { path = "actix-net/actix-macros" }
-actix-tls = { path = "actix-net/actix-tls" }
 bytestring = { path = "actix-net/string" }

actix-net/actix-tls/CHANGES.md

@@ -1,19 +0,0 @@
-# Changes
-
-## [1.0.0] - 2019-12-11
-
-* 1.0.0 release
-
-## [1.0.0-alpha.3] - 2019-12-07
-
-### Changed
-
-* Migrate to tokio 0.2
-
-* Enable rustls acceptor service
-
-* Enable native-tls acceptor service
-
-## [1.0.0-alpha.1] - 2019-12-02
-
-* Split openssl accetor from actix-server package

actix-net/actix-tls/Cargo.toml

@@ -1,59 +0,0 @@
-[package]
-name = "actix-tls"
-version = "1.0.0"
-authors = ["Nikolay Kim <fafhrd91@gmail.com>"]
-description = "Actix tls services"
-keywords = ["network", "framework", "async", "futures"]
-homepage = "https://actix.rs"
-repository = "https://github.com/actix/actix-net.git"
-documentation = "https://docs.rs/actix-tls/"
-categories = ["network-programming", "asynchronous"]
-license = "MIT/Apache-2.0"
-edition = "2018"
-
-[package.metadata.docs.rs]
-features = ["openssl", "rustls", "nativetls"]
-
-[lib]
-name = "actix_tls"
-path = "src/lib.rs"
-
-[features]
-default = []
-
-# openssl
-openssl = ["open-ssl", "tokio-openssl"]
-
-# rustls
-rustls = ["rust-tls", "webpki", "webpki-roots", "tokio-rustls"]
-
-# nativetls
-nativetls = ["native-tls", "tokio-tls"]
-
-[dependencies]
-actix-service = "1.0.0"
-actix-codec = "0.2.0"
-actix-utils = "1.0.0"
-actix-rt = "1.0.0"
-derive_more = "0.99.2"
-either = "1.5.2"
-futures = "0.3.1"
-log = "0.4"
-
-# openssl
-open-ssl = { version="0.10", package = "openssl", optional = true }
-tokio-openssl = { version = "0.4.0", optional = true }
-
-# rustls
-rust-tls = { version = "0.16.0", package = "rustls", optional = true }
-webpki = { version = "0.21", optional = true }
-webpki-roots = { version = "0.17", optional = true }
-tokio-rustls = { version = "0.12.0", optional = true }
-
-# native-tls
-native-tls = { version="0.2", optional = true }
-tokio-tls = { version="0.3", optional = true }
-
-[dev-dependencies]
-bytes = "0.5"
-actix-testing = { version="1.0.0" }

actix-net/actix-tls/LICENSE-APACHE

@@ -1 +0,0 @@
-../LICENSE-APACHE

actix-net/actix-tls/LICENSE-MIT

@@ -1 +0,0 @@
-../LICENSE-MIT

actix-net/actix-tls/src/lib.rs

@@ -1,39 +0,0 @@
-//! SSL Services
-#![deny(rust_2018_idioms, warnings)]
-#![allow(clippy::type_complexity)]
-
-use std::sync::atomic::{AtomicUsize, Ordering};
-
-use actix_utils::counter::Counter;
-
-#[cfg(feature = "openssl")]
-pub mod openssl;
-
-#[cfg(feature = "rustls")]
-pub mod rustls;
-
-#[cfg(feature = "nativetls")]
-pub mod nativetls;
-
-/// Sets the maximum per-worker concurrent ssl connection establish process.
-///
-/// All listeners will stop accepting connections when this limit is
-/// reached. It can be used to limit the global SSL CPU usage.
-///
-/// By default max connections is set to a 256.
-pub fn max_concurrent_ssl_connect(num: usize) {
-    MAX_CONN.store(num, Ordering::Relaxed);
-}
-
-pub(crate) static MAX_CONN: AtomicUsize = AtomicUsize::new(256);
-
-thread_local! {
-    static MAX_CONN_COUNTER: Counter = Counter::new(MAX_CONN.load(Ordering::Relaxed));
-}
-
-/// Ssl error combinded with service error.
-#[derive(Debug)]
-pub enum SslError<E1, E2> {
-    Ssl(E1),
-    Service(E2),
-}

actix-net/actix-tls/src/nativetls.rs

@@ -1,114 +0,0 @@
-use std::marker::PhantomData;
-use std::task::{Context, Poll};
-
-use actix_codec::{AsyncRead, AsyncWrite};
-use actix_service::{Service, ServiceFactory};
-use actix_utils::counter::Counter;
-use futures::future::{self, FutureExt, LocalBoxFuture, TryFutureExt};
-pub use native_tls::Error;
-pub use tokio_tls::{TlsAcceptor, TlsStream};
-
-use crate::MAX_CONN_COUNTER;
-
-/// Support `SSL` connections via native-tls package
-///
-/// `tls` feature enables `NativeTlsAcceptor` type
-pub struct NativeTlsAcceptor<T> {
-    acceptor: TlsAcceptor,
-    io: PhantomData<T>,
-}
-
-impl<T> NativeTlsAcceptor<T>
-where
-    T: AsyncRead + AsyncWrite + Unpin,
-{
-    /// Create `NativeTlsAcceptor` instance
-    #[inline]
-    pub fn new(acceptor: TlsAcceptor) -> Self {
-        NativeTlsAcceptor {
-            acceptor,
-            io: PhantomData,
-        }
-    }
-}
-
-impl<T> Clone for NativeTlsAcceptor<T> {
-    #[inline]
-    fn clone(&self) -> Self {
-        Self {
-            acceptor: self.acceptor.clone(),
-            io: PhantomData,
-        }
-    }
-}
-
-impl<T> ServiceFactory for NativeTlsAcceptor<T>
-where
-    T: AsyncRead + AsyncWrite + Unpin + 'static,
-{
-    type Request = T;
-    type Response = TlsStream<T>;
-    type Error = Error;
-    type Service = NativeTlsAcceptorService<T>;
-
-    type Config = ();
-    type InitError = ();
-    type Future = future::Ready<Result<Self::Service, Self::InitError>>;
-
-    fn new_service(&self, _: ()) -> Self::Future {
-        MAX_CONN_COUNTER.with(|conns| {
-            future::ok(NativeTlsAcceptorService {
-                acceptor: self.acceptor.clone(),
-                conns: conns.clone(),
-                io: PhantomData,
-            })
-        })
-    }
-}
-
-pub struct NativeTlsAcceptorService<T> {
-    acceptor: TlsAcceptor,
-    io: PhantomData<T>,
-    conns: Counter,
-}
-
-impl<T> Clone for NativeTlsAcceptorService<T> {
-    fn clone(&self) -> Self {
-        Self {
-            acceptor: self.acceptor.clone(),
-            io: PhantomData,
-            conns: self.conns.clone(),
-        }
-    }
-}
-
-impl<T> Service for NativeTlsAcceptorService<T>
-where
-    T: AsyncRead + AsyncWrite + Unpin + 'static,
-{
-    type Request = T;
-    type Response = TlsStream<T>;
-    type Error = Error;
-    type Future = LocalBoxFuture<'static, Result<TlsStream<T>, Error>>;
-
-    fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
-        if self.conns.available(cx) {
-            Poll::Ready(Ok(()))
-        } else {
-            Poll::Pending
-        }
-    }
-
-    fn call(&mut self, req: Self::Request) -> Self::Future {
-        let guard = self.conns.get();
-        let this = self.clone();
-        async move { this.acceptor.accept(req).await }
-            .map_ok(move |io| {
-                // Required to preserve `CounterGuard` until `Self::Future`
-                // is completely resolved.
-                let _ = guard;
-                io
-            })
-            .boxed_local()
-    }
-}

ntex/Cargo.toml

@@ -24,10 +24,10 @@ path = "src/lib.rs"
 default = []
 
 # openssl
-openssl = ["actix-tls/openssl", "actix-connect/openssl", "open-ssl"]
+openssl = ["actix-connect/openssl", "open-ssl", "tokio-openssl"]
 
 # rustls support
-rustls = ["actix-tls/rustls", "actix-connect/rustls", "rust-tls"]
+rustls = ["actix-connect/rustls", "rust-tls", "webpki", "webpki-roots", "tokio-rustls"]
 
 # enable compressison support
 compress = ["flate2", "brotli2"]
@@ -45,7 +45,6 @@ actix-connect = "1.0.1"
 actix-macros = "0.1.0"
 actix-rt = "1.0.0"
 actix-threadpool = "0.3.1"
-actix-tls = { version = "1.0.0" }
 
 base64 = "0.11"
 bitflags = "1.2"
@@ -78,8 +77,16 @@ serde_urlencoded = "0.6.1"
 url = "2.1"
 time = { version = "0.2.5", default-features = false, features = ["std"] }
 coo-kie = { version = "0.13.3", package = "cookie", optional = true }
+
+# openssl
 open-ssl = { version="0.10", package = "openssl", optional = true }
+tokio-openssl = { version = "0.4.0", optional = true }
+
+# rustls
 rust-tls = { version = "0.16.0", package = "rustls", optional = true }
+webpki = { version = "0.21", optional = true }
+webpki-roots = { version = "0.17", optional = true }
+tokio-rustls = { version = "0.12.0", optional = true }
 
 # FIXME: Remove it and use mio own uds feature once mio 0.7 is released
 mio-uds = { version = "0.6.7" }
@@ -92,7 +99,6 @@ tokio = "0.2.4"
 
 [dev-dependencies]
 actix-connect = { version = "1.0.0", features=["openssl"] }
-actix-tls = { version = "1.0.0", features=["openssl"] }
 futures = "0.3.1"
 env_logger = "0.7"
 serde_derive = "1.0"

ntex/src/http/h1/service.rs

@@ -97,8 +97,8 @@ where
 mod openssl {
     use super::*;
 
-    use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
-    use actix_tls::{openssl::HandshakeError, SslError};
+    use crate::server::openssl::{Acceptor, SslAcceptor, SslStream};
+    use crate::server::{openssl::HandshakeError, SslError};
 
     impl<S, B, X, U> H1Service<SslStream<TcpStream>, S, B, X, U>
     where
@@ -146,8 +146,8 @@ mod openssl {
 #[cfg(feature = "rustls")]
 mod rustls {
     use super::*;
-    use actix_tls::rustls::{Acceptor, ServerConfig, TlsStream};
-    use actix_tls::SslError;
+    use crate::server::rustls::{Acceptor, ServerConfig, TlsStream};
+    use crate::server::SslError;
     use std::{fmt, io};
 
     impl<S, B, X, U> H1Service<TlsStream<TcpStream>, S, B, X, U>

ntex/src/http/h2/service.rs

@@ -95,8 +95,8 @@ where
 
 #[cfg(feature = "openssl")]
 mod openssl {
-    use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
-    use actix_tls::{openssl::HandshakeError, SslError};
+    use crate::server::openssl::{Acceptor, SslAcceptor, SslStream};
+    use crate::server::{openssl::HandshakeError, SslError};
 
     use super::*;
     use crate::{fn_factory, fn_service};
@@ -139,8 +139,8 @@ mod openssl {
 #[cfg(feature = "rustls")]
 mod rustls {
     use super::*;
-    use actix_tls::rustls::{Acceptor, ServerConfig, TlsStream};
-    use actix_tls::SslError;
+    use crate::server::rustls::{Acceptor, ServerConfig, TlsStream};
+    use crate::server::SslError;
     use std::io;
 
     impl<S, B> H2Service<TlsStream<TcpStream>, S, B>

ntex/src/http/service.rs

@@ -195,8 +195,8 @@ where
 #[cfg(feature = "openssl")]
 mod openssl {
     use super::*;
-    use actix_tls::openssl::{Acceptor, SslAcceptor, SslStream};
-    use actix_tls::{openssl::HandshakeError, SslError};
+    use crate::server::openssl::{Acceptor, SslAcceptor, SslStream};
+    use crate::server::{openssl::HandshakeError, SslError};
 
     impl<S, B, X, U> HttpService<SslStream<TcpStream>, S, B, X, U>
     where
@@ -256,8 +256,8 @@ mod openssl {
 #[cfg(feature = "rustls")]
 mod rustls {
     use super::*;
-    use actix_tls::rustls::{Acceptor, ServerConfig, Session, TlsStream};
-    use actix_tls::SslError;
+    use crate::server::rustls::{Acceptor, ServerConfig, Session, TlsStream};
+    use crate::server::SslError;
     use std::io;
 
     impl<S, B, X, U> HttpService<TlsStream<TcpStream>, S, B, X, U>

ntex/src/server/mod.rs

@@ -1,5 +1,8 @@
 //! General purpose tcp server
 #![allow(clippy::type_complexity)]
+use std::sync::atomic::{AtomicUsize, Ordering};
+
+use crate::util::counter::Counter;
 
 mod accept;
 mod builder;
@@ -11,6 +14,12 @@ mod socket;
 mod test;
 mod worker;
 
+#[cfg(feature = "openssl")]
+pub mod openssl;
+
+#[cfg(feature = "rustls")]
+pub mod rustls;
+
 pub use self::builder::ServerBuilder;
 pub use self::config::{ServiceConfig, ServiceRuntime};
 pub use self::server::Server;
@@ -36,3 +45,26 @@ impl Token {
 pub fn new() -> ServerBuilder {
     ServerBuilder::default()
 }
+
+/// Sets the maximum per-worker concurrent ssl connection establish process.
+///
+/// All listeners will stop accepting connections when this limit is
+/// reached. It can be used to limit the global SSL CPU usage.
+///
+/// By default max connections is set to a 256.
+pub fn max_concurrent_ssl_accept(num: usize) {
+    MAX_CONN.store(num, Ordering::Relaxed);
+}
+
+pub(crate) static MAX_CONN: AtomicUsize = AtomicUsize::new(256);
+
+thread_local! {
+    static MAX_CONN_COUNTER: Counter = Counter::new(MAX_CONN.load(Ordering::Relaxed));
+}
+
+/// Ssl error combinded with service error.
+#[derive(Debug)]
+pub enum SslError<E1, E2> {
+    Ssl(E1),
+    Service(E2),
+}

ntex/src/server/openssl.rs

@@ -7,11 +7,12 @@ pub use open_ssl::ssl::{AlpnError, SslAcceptor, SslAcceptorBuilder};
 pub use tokio_openssl::{HandshakeError, SslStream};
 
 use actix_codec::{AsyncRead, AsyncWrite};
-use actix_service::{Service, ServiceFactory};
-use actix_utils::counter::{Counter, CounterGuard};
 use futures::future::{ok, FutureExt, LocalBoxFuture, Ready};
 
-use crate::MAX_CONN_COUNTER;
+use crate::service::{Service, ServiceFactory};
+use crate::util::counter::{Counter, CounterGuard};
+
+use super::MAX_CONN_COUNTER;
 
 /// Support `TLS` server connections via openssl package
 ///

ntex/src/server/rustls.rs

@@ -6,8 +6,6 @@ use std::sync::Arc;
 use std::task::{Context, Poll};
 
 use actix_codec::{AsyncRead, AsyncWrite};
-use actix_service::{Service, ServiceFactory};
-use actix_utils::counter::{Counter, CounterGuard};
 use futures::future::{ok, Ready};
 use tokio_rustls::{Accept, TlsAcceptor};
 
@@ -15,7 +13,10 @@ pub use rust_tls::{ServerConfig, Session};
 pub use tokio_rustls::server::TlsStream;
 pub use webpki_roots::TLS_SERVER_ROOTS;
 
-use crate::MAX_CONN_COUNTER;
+use crate::service::{Service, ServiceFactory};
+use crate::util::counter::{Counter, CounterGuard};
+
+use super::MAX_CONN_COUNTER;
 
 /// Support `SSL` connections via rustls package
 ///

ntex/src/web/error_default.rs

@@ -98,7 +98,7 @@ impl WebResponseError<DefaultError> for actix_connect::ssl::openssl::SslError {}
 #[cfg(feature = "openssl")]
 /// `InternalServerError` for `openssl::ssl::HandshakeError`
 impl<T: std::fmt::Debug + 'static> WebResponseError<DefaultError>
-    for actix_tls::openssl::HandshakeError<T>
+    for crate::server::openssl::HandshakeError<T>
 {
 }
 

ntex/src/web/server.rs

@@ -3,9 +3,9 @@ use std::sync::{Arc, Mutex};
 use std::{fmt, io, net};
 
 #[cfg(feature = "openssl")]
-use actix_tls::openssl::{AlpnError, SslAcceptor, SslAcceptorBuilder};
+use crate::server::openssl::{AlpnError, SslAcceptor, SslAcceptorBuilder};
 #[cfg(feature = "rustls")]
-use actix_tls::rustls::ServerConfig as RustlsServerConfig;
+use crate::server::rustls::ServerConfig as RustlsServerConfig;
 #[cfg(unix)]
 use futures::future::ok;
 
@@ -141,7 +141,7 @@ where
     ///
     /// By default max connections is set to a 256.
     pub fn maxconnrate(self, num: usize) -> Self {
-        actix_tls::max_concurrent_ssl_connect(num);
+        crate::server::max_concurrent_ssl_accept(num);
         self
     }