diff --git a/ntex-connect/Cargo.toml b/ntex-connect/Cargo.toml index 2c29c281..126ccfa0 100644 --- a/ntex-connect/Cargo.toml +++ b/ntex-connect/Cargo.toml @@ -19,10 +19,10 @@ path = "src/lib.rs" default = [] # openssl -openssl = ["tls-openssl", "ntex-tls/openssl"] +openssl = ["ntex-tls/openssl", "tls_openssl"] # rustls support -rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls"] +rustls = ["ntex-tls/rustls", "tls_rust"] # tokio runtime tokio = ["ntex-net/tokio"] @@ -34,26 +34,15 @@ glommio = ["ntex-net/glommio"] async-std = ["ntex-net/async-std"] [dependencies] -ntex-service = "2.0.0" ntex-io = "1.0.0" -ntex-tls = "1.0.0" -ntex-util = "1.0.0" -ntex-bytes = "0.1.21" -ntex-http = "0.1" -ntex-rt = "0.4.7" -ntex-net = "1.0.0" +ntex-net = "1.0" +ntex-tls = "1.1" log = "0.4" thiserror = "1.0" # openssl -tls-openssl = { version="0.10", package = "openssl", optional = true } +tls_openssl = { version = "0.10", package = "openssl", optional = true } # rustls -tls-rustls = { version = "0.23", package = "rustls", optional = true } -webpki-roots = { version = "0.26", optional = true } - -[dev-dependencies] -rand = "0.8" -env_logger = "0.11" -ntex = { version = "1", features = ["tokio"] } +tls_rust = { version = "0.23", package = "rustls", optional = true } diff --git a/ntex-connect/src/lib.rs b/ntex-connect/src/lib.rs index 42242e51..9daf6423 100644 --- a/ntex-connect/src/lib.rs +++ b/ntex-connect/src/lib.rs @@ -1,34 +1,22 @@ //! Tcp connector service #![deny(rust_2018_idioms, unreachable_pub, missing_debug_implementations)] -mod error; -mod message; -mod resolve; -mod service; -mod uri; - #[cfg(feature = "openssl")] -pub mod openssl; +pub mod openssl { + pub use ntex_tls::openssl::{SslConnector as Connector, SslFilter}; + pub use tls_openssl::ssl::{ + Error as SslError, HandshakeError, SslConnector, SslMethod, + }; +} #[cfg(feature = "rustls")] -pub mod rustls; - -pub use self::error::ConnectError; -pub use self::message::{Address, Connect}; -pub use self::resolve::Resolver; -pub use self::service::Connector; - -use ntex_io::Io; - -/// Resolve and connect to remote host -pub async fn connect(message: U) -> Result -where - T: Address, - Connect: From, -{ - Connector::new().connect(message).await +pub mod rustls { + pub use ntex_tls::rustls::{TlsClientFilter, TlsConnector as Connector}; + pub use tls_rust::{pki_types::ServerName, ClientConfig}; } +pub use ntex_net::connect::{connect, Address, Connect, ConnectError, Connector, Resolver}; + #[allow(unused_imports)] #[doc(hidden)] pub mod net { diff --git a/ntex-net/CHANGES.md b/ntex-net/CHANGES.md index d6149b4f..2b426acd 100644 --- a/ntex-net/CHANGES.md +++ b/ntex-net/CHANGES.md @@ -1,5 +1,5 @@ # Changes -## [1.0.0] - 2024-03-23 +## [1.0.0] - 2024-03-25 * Move to separate crate diff --git a/ntex-net/Cargo.toml b/ntex-net/Cargo.toml index 0c77cb51..685a4cab 100644 --- a/ntex-net/Cargo.toml +++ b/ntex-net/Cargo.toml @@ -28,10 +28,20 @@ glommio = ["ntex-rt/glommio", "ntex-glommio"] async-std = ["ntex-rt/async-std", "ntex-async-std"] [dependencies] +ntex-service = "2.0" ntex-bytes = "0.1.24" -ntex-io = "1.0.0" -ntex-rt = "0.4.7" +ntex-http = "0.1" +ntex-io = "1.0" +ntex-rt = "0.4.11" +ntex-util = "1.0" ntex-tokio = { version = "0.4.0", optional = true } ntex-glommio = { version = "0.4.0", optional = true } ntex-async-std = { version = "0.4.0", optional = true } + +log = "0.4" +thiserror = "1.0" + +[dev-dependencies] +env_logger = "0.11" +ntex = { version = "1", features = ["tokio"] } diff --git a/ntex-net/src/compat.rs b/ntex-net/src/compat.rs new file mode 100644 index 00000000..e2def1ba --- /dev/null +++ b/ntex-net/src/compat.rs @@ -0,0 +1,113 @@ +//! Utility for async runtime abstraction + +#[cfg(feature = "tokio")] +pub use ntex_tokio::{from_tcp_stream, tcp_connect, tcp_connect_in}; + +#[cfg(all(unix, feature = "tokio"))] +pub use ntex_tokio::{from_unix_stream, unix_connect, unix_connect_in}; + +#[cfg(all( + feature = "async-std", + not(feature = "tokio"), + not(feature = "glommio") +))] +pub use ntex_async_std::{from_tcp_stream, tcp_connect, tcp_connect_in}; + +#[cfg(all( + unix, + feature = "async-std", + not(feature = "tokio"), + not(feature = "glommio") +))] +pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in}; + +#[cfg(all( + feature = "glommio", + not(feature = "tokio"), + not(feature = "async-std") +))] +pub use ntex_glommio::{from_tcp_stream, tcp_connect, tcp_connect_in}; + +#[cfg(all( + unix, + feature = "glommio", + not(feature = "tokio"), + not(feature = "async-std") +))] +pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in}; + +#[cfg(all( + not(feature = "tokio"), + not(feature = "async-std"), + not(feature = "glommio") +))] +mod no_rt { + use ntex_io::Io; + + /// Opens a TCP connection to a remote host. + pub async fn tcp_connect(_: std::net::SocketAddr) -> std::io::Result { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } + + /// Opens a TCP connection to a remote host and use specified memory pool. + pub async fn tcp_connect_in( + _: std::net::SocketAddr, + _: ntex_bytes::PoolRef, + ) -> std::io::Result { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } + + #[cfg(unix)] + /// Opens a unix stream connection. + pub async fn unix_connect<'a, P>(_: P) -> std::io::Result + where + P: AsRef + 'a, + { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } + + #[cfg(unix)] + /// Opens a unix stream connection and specified memory pool. + pub async fn unix_connect_in<'a, P>(_: P, _: ntex_bytes::PoolRef) -> std::io::Result + where + P: AsRef + 'a, + { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } + + /// Convert std TcpStream to tokio's TcpStream + pub fn from_tcp_stream(_: std::net::TcpStream) -> std::io::Result { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } + + #[cfg(unix)] + /// Convert std UnixStream to tokio's UnixStream + pub fn from_unix_stream(_: std::os::unix::net::UnixStream) -> std::io::Result { + Err(std::io::Error::new( + std::io::ErrorKind::Other, + "runtime is not configure", + )) + } +} + +#[cfg(all( + not(feature = "tokio"), + not(feature = "async-std"), + not(feature = "glommio") +))] +pub use no_rt::*; diff --git a/ntex-connect/src/error.rs b/ntex-net/src/connect/error.rs similarity index 100% rename from ntex-connect/src/error.rs rename to ntex-net/src/connect/error.rs diff --git a/ntex-connect/src/message.rs b/ntex-net/src/connect/message.rs similarity index 100% rename from ntex-connect/src/message.rs rename to ntex-net/src/connect/message.rs diff --git a/ntex-net/src/connect/mod.rs b/ntex-net/src/connect/mod.rs new file mode 100644 index 00000000..00e97d07 --- /dev/null +++ b/ntex-net/src/connect/mod.rs @@ -0,0 +1,22 @@ +//! Tcp connector service +mod error; +mod message; +mod resolve; +mod service; +mod uri; + +pub use self::error::ConnectError; +pub use self::message::{Address, Connect}; +pub use self::resolve::Resolver; +pub use self::service::Connector; + +use ntex_io::Io; + +/// Resolve and connect to remote host +pub async fn connect(message: U) -> Result +where + T: Address, + Connect: From, +{ + Connector::new().connect(message).await +} diff --git a/ntex-connect/src/resolve.rs b/ntex-net/src/connect/resolve.rs similarity index 99% rename from ntex-connect/src/resolve.rs rename to ntex-net/src/connect/resolve.rs index 02afa309..74d115ca 100644 --- a/ntex-connect/src/resolve.rs +++ b/ntex-net/src/connect/resolve.rs @@ -4,7 +4,7 @@ use ntex_rt::spawn_blocking; use ntex_service::{Service, ServiceCtx, ServiceFactory}; use ntex_util::future::Either; -use crate::{Address, Connect, ConnectError}; +use super::{Address, Connect, ConnectError}; #[derive(Copy)] /// DNS Resolver Service diff --git a/ntex-connect/src/service.rs b/ntex-net/src/connect/service.rs similarity index 97% rename from ntex-connect/src/service.rs rename to ntex-net/src/connect/service.rs index 5316c73b..083a3638 100644 --- a/ntex-connect/src/service.rs +++ b/ntex-net/src/connect/service.rs @@ -6,7 +6,8 @@ use ntex_io::{types, Io}; use ntex_service::{Service, ServiceCtx, ServiceFactory}; use ntex_util::future::{BoxFuture, Either}; -use crate::{net::tcp_connect_in, Address, Connect, ConnectError, Resolver}; +use super::{Address, Connect, ConnectError, Resolver}; +use crate::tcp_connect_in; #[derive(Copy)] pub struct Connector { @@ -249,11 +250,11 @@ mod tests { .unwrap(), server.addr(), ]); - let result = crate::connect(msg).await; + let result = crate::connect::connect(msg).await; assert!(result.is_ok()); let msg = Connect::new(server.addr()); - let result = crate::connect(msg).await; + let result = crate::connect::connect(msg).await; assert!(result.is_ok()); } } diff --git a/ntex-connect/src/uri.rs b/ntex-net/src/connect/uri.rs similarity index 100% rename from ntex-connect/src/uri.rs rename to ntex-net/src/connect/uri.rs diff --git a/ntex-net/src/lib.rs b/ntex-net/src/lib.rs index 36632c15..60a57add 100644 --- a/ntex-net/src/lib.rs +++ b/ntex-net/src/lib.rs @@ -1,117 +1,10 @@ //! Utility for async runtime abstraction #![deny(rust_2018_idioms, unreachable_pub, missing_debug_implementations)] +mod compat; +pub mod connect; + pub use ntex_io::Io; -pub use ntex_rt::spawn; +pub use ntex_rt::{spawn, spawn_blocking}; -#[cfg(feature = "tokio")] -pub use ntex_tokio::{from_tcp_stream, tcp_connect, tcp_connect_in}; - -#[cfg(all(unix, feature = "tokio"))] -pub use ntex_tokio::{from_unix_stream, unix_connect, unix_connect_in}; - -#[cfg(all( - feature = "async-std", - not(feature = "tokio"), - not(feature = "glommio") -))] -pub use ntex_async_std::{from_tcp_stream, tcp_connect, tcp_connect_in}; - -#[cfg(all( - unix, - feature = "async-std", - not(feature = "tokio"), - not(feature = "glommio") -))] -pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in}; - -#[cfg(all( - feature = "glommio", - not(feature = "tokio"), - not(feature = "async-std") -))] -pub use ntex_glommio::{from_tcp_stream, tcp_connect, tcp_connect_in}; - -#[cfg(all( - unix, - feature = "glommio", - not(feature = "tokio"), - not(feature = "async-std") -))] -pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in}; - -#[cfg(all( - not(feature = "tokio"), - not(feature = "async-std"), - not(feature = "glommio") -))] -mod no_rt { - use ntex_io::Io; - - /// Opens a TCP connection to a remote host. - pub async fn tcp_connect(_: std::net::SocketAddr) -> std::io::Result { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } - - /// Opens a TCP connection to a remote host and use specified memory pool. - pub async fn tcp_connect_in( - _: std::net::SocketAddr, - _: ntex_bytes::PoolRef, - ) -> std::io::Result { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } - - #[cfg(unix)] - /// Opens a unix stream connection. - pub async fn unix_connect<'a, P>(_: P) -> std::io::Result - where - P: AsRef + 'a, - { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } - - #[cfg(unix)] - /// Opens a unix stream connection and specified memory pool. - pub async fn unix_connect_in<'a, P>(_: P, _: ntex_bytes::PoolRef) -> std::io::Result - where - P: AsRef + 'a, - { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } - - /// Convert std TcpStream to tokio's TcpStream - pub fn from_tcp_stream(_: std::net::TcpStream) -> std::io::Result { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } - - #[cfg(unix)] - /// Convert std UnixStream to tokio's UnixStream - pub fn from_unix_stream(_: std::os::unix::net::UnixStream) -> std::io::Result { - Err(std::io::Error::new( - std::io::ErrorKind::Other, - "runtime is not configure", - )) - } -} - -#[cfg(all( - not(feature = "tokio"), - not(feature = "async-std"), - not(feature = "glommio") -))] -pub use no_rt::*; +pub use self::compat::*; diff --git a/ntex-server/CHANGES.md b/ntex-server/CHANGES.md index 255226c7..12d0bde6 100644 --- a/ntex-server/CHANGES.md +++ b/ntex-server/CHANGES.md @@ -1,5 +1,5 @@ # Changes -## [0.1.0] - 2024-03-xx +## [0.1.0] - 2024-03-24 * Release diff --git a/ntex-tls/CHANGES.md b/ntex-tls/CHANGES.md index 21535618..42e57bfb 100644 --- a/ntex-tls/CHANGES.md +++ b/ntex-tls/CHANGES.md @@ -1,5 +1,11 @@ # Changes +## [1.1.0] - 2024-03-24 + +* Move tls connectors from ntex-connect + +* Upgrade to rustls 0.23 + ## [1.0.0] - 2024-01-09 * Release diff --git a/ntex-tls/Cargo.toml b/ntex-tls/Cargo.toml index 1e4ce57b..7eee8781 100644 --- a/ntex-tls/Cargo.toml +++ b/ntex-tls/Cargo.toml @@ -26,9 +26,11 @@ rustls = ["tls_rust"] [dependencies] ntex-bytes = "0.1.21" -ntex-io = "1.0.0" -ntex-util = "1.0.0" -ntex-service = "2.0.0" +ntex-io = "1.0" +ntex-util = "1.0" +ntex-service = "2.0" +ntex-net = "1.0" + log = "0.4" # openssl diff --git a/ntex-tls/examples/rustls-client.rs b/ntex-tls/examples/rustls-client.rs index 881f9b15..9e021488 100644 --- a/ntex-tls/examples/rustls-client.rs +++ b/ntex-tls/examples/rustls-client.rs @@ -9,7 +9,8 @@ async fn main() -> io::Result<()> { env_logger::init(); // rustls config - let cert_store = RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); + let cert_store = + RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); let config = ClientConfig::builder() .with_root_certificates(cert_store) .with_no_client_auth(); diff --git a/ntex-tls/examples/rustls-server.rs b/ntex-tls/examples/rustls-server.rs index 2cb2e150..445cffec 100644 --- a/ntex-tls/examples/rustls-server.rs +++ b/ntex-tls/examples/rustls-server.rs @@ -17,7 +17,9 @@ async fn main() -> io::Result<()> { &mut BufReader::new(File::open("../ntex-tls/examples/cert.pem").unwrap()); let key_file = &mut BufReader::new(File::open("../ntex-tls/examples/key.pem").unwrap()); let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); + let cert_chain = rustls_pemfile::certs(cert_file) + .collect::, _>>() + .unwrap(); let tls_config = Arc::new( ServerConfig::builder() .with_no_client_auth() diff --git a/ntex-connect/src/openssl.rs b/ntex-tls/src/openssl/connect.rs similarity index 77% rename from ntex-connect/src/openssl.rs rename to ntex-tls/src/openssl/connect.rs index c4ec608d..b8ccb9ff 100644 --- a/ntex-connect/src/openssl.rs +++ b/ntex-tls/src/openssl/connect.rs @@ -1,24 +1,22 @@ use std::{fmt, io}; -pub use ntex_tls::openssl::SslFilter; -pub use tls_openssl::ssl::{Error as SslError, HandshakeError, SslConnector, SslMethod}; - use ntex_bytes::PoolId; use ntex_io::{Io, Layer}; +use ntex_net::connect::{Address, Connect, ConnectError, Connector as BaseConnector}; use ntex_service::{Pipeline, Service, ServiceCtx, ServiceFactory}; -use ntex_tls::openssl::connect as connect_io; +use tls_openssl::ssl::SslConnector as BaseSslConnector; -use super::{Address, Connect, ConnectError, Connector as BaseConnector}; +use super::{connect as connect_io, SslFilter}; -pub struct Connector { +pub struct SslConnector { connector: Pipeline>, - openssl: SslConnector, + openssl: BaseSslConnector, } -impl Connector { +impl SslConnector { /// Construct new OpensslConnectService factory - pub fn new(connector: SslConnector) -> Self { - Connector { + pub fn new(connector: BaseSslConnector) -> Self { + SslConnector { connector: BaseConnector::default().into(), openssl: connector, } @@ -43,7 +41,7 @@ impl Connector { } } -impl Connector { +impl SslConnector { /// Resolve and connect to remote host pub async fn connect(&self, message: U) -> Result>, ConnectError> where @@ -79,28 +77,28 @@ impl Connector { } } -impl Clone for Connector { +impl Clone for SslConnector { fn clone(&self) -> Self { - Connector { + Self { connector: self.connector.clone(), openssl: self.openssl.clone(), } } } -impl fmt::Debug for Connector { +impl fmt::Debug for SslConnector { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("Connector(openssl)") + f.debug_struct("SslConnector(openssl)") .field("connector", &self.connector) .field("openssl", &self.openssl) .finish() } } -impl ServiceFactory, C> for Connector { +impl ServiceFactory, C> for SslConnector { type Response = Io>; type Error = ConnectError; - type Service = Connector; + type Service = SslConnector; type InitError = (); async fn create(&self, _: C) -> Result { @@ -108,7 +106,7 @@ impl ServiceFactory, C> for Connector { } } -impl Service> for Connector { +impl Service> for SslConnector { type Response = Io>; type Error = ConnectError; @@ -123,6 +121,8 @@ impl Service> for Connector { #[cfg(test)] mod tests { + use tls_openssl::ssl::SslMethod; + use super::*; #[ntex::test] @@ -131,14 +131,16 @@ mod tests { ntex::service::fn_service(|_| async { Ok::<_, ()>(()) }) }); - let ssl = SslConnector::builder(SslMethod::tls()).unwrap(); - let factory = Connector::new(ssl.build()).memory_pool(PoolId::P5).clone(); + let ssl = BaseSslConnector::builder(SslMethod::tls()).unwrap(); + let factory = SslConnector::new(ssl.build()) + .memory_pool(PoolId::P5) + .clone(); let srv = factory.pipeline(&()).await.unwrap(); let result = srv .call(Connect::new("").set_addr(Some(server.addr()))) .await; assert!(result.is_err()); - assert!(format!("{:?}", srv).contains("Connector")); + assert!(format!("{:?}", srv).contains("SslConnector")); } } diff --git a/ntex-tls/src/openssl/mod.rs b/ntex-tls/src/openssl/mod.rs index eb75375c..8bbb5917 100644 --- a/ntex-tls/src/openssl/mod.rs +++ b/ntex-tls/src/openssl/mod.rs @@ -8,6 +8,9 @@ use tls_openssl::x509::X509; use crate::{PskIdentity, Servername}; +mod connect; +pub use self::connect::SslConnector; + mod accept; pub use self::accept::{SslAcceptor, SslAcceptorService}; diff --git a/ntex-tls/src/rustls/client.rs b/ntex-tls/src/rustls/client.rs index 082eea64..0cd0be84 100644 --- a/ntex-tls/src/rustls/client.rs +++ b/ntex-tls/src/rustls/client.rs @@ -64,11 +64,17 @@ impl FilterLayer for TlsClientFilter { buf.with_dst(|dst| { loop { let mut cursor = io::Cursor::new(&src); - let n = session.read_tls(&mut cursor)?; + let n = match session.read_tls(&mut cursor) { + Ok(n) => n, + Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => { + break + } + Err(err) => return Err(err), + }; src.split_to(n); let state = session .process_new_packets() - .map_err(|e| io::Error::new(io::ErrorKind::Other, e))?; + .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; let new_b = state.plaintext_bytes_to_read(); if new_b > 0 { @@ -92,18 +98,26 @@ impl FilterLayer for TlsClientFilter { fn process_write_buf(&self, buf: &WriteBuf<'_>) -> io::Result<()> { buf.with_src(|src| { if let Some(src) = src { - let mut session = self.session.borrow_mut(); let mut io = Wrapper(buf); + let mut session = self.session.borrow_mut(); - loop { + 'outer: loop { if !src.is_empty() { src.split_to(session.writer().write(src)?); - } - if session.wants_write() { - session.complete_io(&mut io)?; } else { break; } + while session.wants_write() { + match session.write_tls(&mut io) { + Ok(0) => continue 'outer, + Ok(_) => continue, + Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => { + break + } + Err(err) => return Err(err), + } + } + break; } } Ok(()) diff --git a/ntex-connect/src/rustls.rs b/ntex-tls/src/rustls/connect.rs similarity index 78% rename from ntex-connect/src/rustls.rs rename to ntex-tls/src/rustls/connect.rs index 5ffc9803..8398ed35 100644 --- a/ntex-connect/src/rustls.rs +++ b/ntex-tls/src/rustls/connect.rs @@ -1,32 +1,31 @@ use std::{fmt, io, sync::Arc}; -pub use ntex_tls::rustls::TlsClientFilter; -pub use tls_rustls::{pki_types::ServerName, ClientConfig}; - use ntex_bytes::PoolId; use ntex_io::{Io, Layer}; +use ntex_net::connect::{Address, Connect, ConnectError, Connector as BaseConnector}; use ntex_service::{Pipeline, Service, ServiceCtx, ServiceFactory}; +use tls_rust::{pki_types::ServerName, ClientConfig}; -use super::{Address, Connect, ConnectError, Connector as BaseConnector}; +use super::TlsClientFilter; /// Rustls connector factory -pub struct Connector { +pub struct TlsConnector { connector: Pipeline>, config: Arc, } -impl From> for Connector { +impl From> for TlsConnector { fn from(config: Arc) -> Self { - Connector { + TlsConnector { config, connector: BaseConnector::default().into(), } } } -impl Connector { +impl TlsConnector { pub fn new(config: ClientConfig) -> Self { - Connector { + TlsConnector { config: Arc::new(config), connector: BaseConnector::default().into(), } @@ -50,7 +49,7 @@ impl Connector { } } -impl Connector { +impl TlsConnector { /// Resolve and connect to remote host pub async fn connect( &self, @@ -83,7 +82,7 @@ impl Connector { } } -impl Clone for Connector { +impl Clone for TlsConnector { fn clone(&self) -> Self { Self { config: self.config.clone(), @@ -92,18 +91,18 @@ impl Clone for Connector { } } -impl fmt::Debug for Connector { +impl fmt::Debug for TlsConnector { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("Connector(rustls)") + f.debug_struct("TlsConnector(rustls)") .field("connector", &self.connector) .finish() } } -impl ServiceFactory, C> for Connector { +impl ServiceFactory, C> for TlsConnector { type Response = Io>; type Error = ConnectError; - type Service = Connector; + type Service = TlsConnector; type InitError = (); async fn create(&self, _: C) -> Result { @@ -111,7 +110,7 @@ impl ServiceFactory, C> for Connector { } } -impl Service> for Connector { +impl Service> for TlsConnector { type Response = Io>; type Error = ConnectError; @@ -126,7 +125,7 @@ impl Service> for Connector { #[cfg(test)] mod tests { - use tls_rustls::RootCertStore; + use tls_rust::RootCertStore; use super::*; use ntex_util::future::lazy; @@ -137,12 +136,13 @@ mod tests { ntex::service::fn_service(|_| async { Ok::<_, ()>(()) }) }); - let cert_store = RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); + let cert_store = + RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); let config = ClientConfig::builder() .with_root_certificates(cert_store) .with_no_client_auth(); - let _ = Connector::<&'static str>::new(config.clone()).clone(); - let factory = Connector::from(Arc::new(config)) + let _ = TlsConnector::<&'static str>::new(config.clone()).clone(); + let factory = TlsConnector::from(Arc::new(config)) .memory_pool(PoolId::P5) .clone(); diff --git a/ntex-tls/src/rustls/mod.rs b/ntex-tls/src/rustls/mod.rs index d9b9636c..1d1ef685 100644 --- a/ntex-tls/src/rustls/mod.rs +++ b/ntex-tls/src/rustls/mod.rs @@ -6,10 +6,12 @@ use tls_rust::pki_types::CertificateDer; mod accept; mod client; +mod connect; mod server; -pub use accept::{TlsAcceptor, TlsAcceptorService}; +pub use self::accept::{TlsAcceptor, TlsAcceptorService}; pub use self::client::TlsClientFilter; +pub use self::connect::TlsConnector; pub use self::server::TlsServerFilter; /// Connection's peer cert diff --git a/ntex-tls/src/rustls/server.rs b/ntex-tls/src/rustls/server.rs index c84d43d0..27bbb0e2 100644 --- a/ntex-tls/src/rustls/server.rs +++ b/ntex-tls/src/rustls/server.rs @@ -72,11 +72,17 @@ impl FilterLayer for TlsServerFilter { buf.with_dst(|dst| { loop { let mut cursor = io::Cursor::new(&src); - let n = session.read_tls(&mut cursor)?; + let n = match session.read_tls(&mut cursor) { + Ok(n) => n, + Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => { + break + } + Err(err) => return Err(err), + }; src.split_to(n); let state = session .process_new_packets() - .map_err(|e| io::Error::new(io::ErrorKind::Other, e))?; + .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; let new_b = state.plaintext_bytes_to_read(); if new_b > 0 { @@ -100,18 +106,26 @@ impl FilterLayer for TlsServerFilter { fn process_write_buf(&self, buf: &WriteBuf<'_>) -> io::Result<()> { buf.with_src(|src| { if let Some(src) = src { - let mut session = self.session.borrow_mut(); let mut io = Wrapper(buf); + let mut session = self.session.borrow_mut(); - loop { + 'outer: loop { if !src.is_empty() { src.split_to(session.writer().write(src)?); - } - if session.wants_write() { - session.complete_io(&mut io)?; } else { break; } + while session.wants_write() { + match session.write_tls(&mut io) { + Ok(0) => continue 'outer, + Ok(_) => continue, + Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => { + break + } + Err(err) => return Err(err), + } + } + break; } } Ok(()) diff --git a/ntex/CHANGES.md b/ntex/CHANGES.md index ada05a3d..ecbf0e38 100644 --- a/ntex/CHANGES.md +++ b/ntex/CHANGES.md @@ -1,11 +1,13 @@ # Changes -## [1.2.0] - 2024-03-xx +## [1.2.0] - 2024-03-24 * Refactor server workers management * Move ntex::server to separate crate +* Use ntex-net + ## [1.1.2] - 2024-03-12 * Update ntex-h2 diff --git a/ntex/Cargo.toml b/ntex/Cargo.toml index 1dd6fca5..60fdd75e 100644 --- a/ntex/Cargo.toml +++ b/ntex/Cargo.toml @@ -24,10 +24,10 @@ path = "src/lib.rs" default = [] # openssl -openssl = ["tls-openssl", "ntex-tls/openssl", "ntex-connect/openssl"] +openssl = ["tls-openssl", "ntex-tls/openssl"] # rustls support -rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls", "ntex-connect/rustls"] +rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls"] # enable compressison support compress = ["flate2", "brotli2"] @@ -49,7 +49,6 @@ async-std = ["ntex-net/async-std"] [dependencies] ntex-codec = "0.6.2" -ntex-connect = "1.1.0" ntex-http = "0.1.12" ntex-router = "0.5.3" ntex-service = "2.0.1" diff --git a/ntex/src/http/client/connector.rs b/ntex/src/http/client/connector.rs index f82c2d1e..7f63d5ad 100644 --- a/ntex/src/http/client/connector.rs +++ b/ntex/src/http/client/connector.rs @@ -11,10 +11,10 @@ use crate::{http::Uri, io::IoBoxed}; use super::{connection::Connection, error::ConnectError, pool::ConnectionPool, Connect}; #[cfg(feature = "openssl")] -use crate::connect::openssl::SslConnector; +use tls_openssl::ssl::SslConnector as OpensslConnector; #[cfg(feature = "rustls")] -use crate::connect::rustls::ClientConfig; +use tls_rustls::ClientConfig; type BoxedConnector = boxed::BoxService, IoBoxed, ConnectError>; @@ -68,9 +68,9 @@ impl Connector { #[cfg(feature = "openssl")] { - use crate::connect::openssl::SslMethod; + use tls_openssl::ssl::SslMethod; - let mut ssl = SslConnector::builder(SslMethod::tls()).unwrap(); + let mut ssl = OpensslConnector::builder(SslMethod::tls()).unwrap(); let _ = ssl .set_alpn_protos(b"\x02h2\x08http/1.1") .map_err(|e| log::error!("Cannot set ALPN protocol: {:?}", e)); @@ -111,18 +111,18 @@ impl Connector { #[cfg(feature = "openssl")] /// Use openssl connector for secured connections. - pub fn openssl(self, connector: SslConnector) -> Self { - use crate::connect::openssl::Connector; + pub fn openssl(self, connector: OpensslConnector) -> Self { + use crate::connect::openssl::SslConnector; - self.secure_connector(Connector::new(connector)) + self.secure_connector(SslConnector::new(connector)) } #[cfg(feature = "rustls")] /// Use rustls connector for secured connections. pub fn rustls(self, connector: ClientConfig) -> Self { - use crate::connect::rustls::Connector; + use crate::connect::rustls::TlsConnector; - self.secure_connector(Connector::new(connector)) + self.secure_connector(TlsConnector::new(connector)) } /// Set total number of simultaneous connections per type of scheme. diff --git a/ntex/src/http/client/error.rs b/ntex/src/http/client/error.rs index e7ef3119..e7ea15b3 100644 --- a/ntex/src/http/client/error.rs +++ b/ntex/src/http/client/error.rs @@ -5,7 +5,7 @@ use serde_json::error::Error as JsonError; use thiserror::Error; #[cfg(feature = "openssl")] -use crate::connect::openssl::{HandshakeError, SslError}; +use tls_openssl::ssl::{Error as SslError, HandshakeError}; use crate::http::error::{DecodeError, EncodeError, HttpError, PayloadError}; use crate::util::Either; diff --git a/ntex/src/lib.rs b/ntex/src/lib.rs index 564d7f33..c45b3596 100644 --- a/ntex/src/lib.rs +++ b/ntex/src/lib.rs @@ -47,7 +47,25 @@ pub mod codec { pub mod connect { //! Tcp connector service - pub use ntex_connect::*; + pub use ntex_net::connect::*; + + #[cfg(feature = "openssl")] + pub mod openssl { + pub use ntex_tls::openssl::{SslConnector, SslFilter}; + + #[doc(hidden)] + #[deprecated] + pub use ntex_tls::openssl::SslConnector as Connector; + } + + #[cfg(feature = "rustls")] + pub mod rustls { + pub use ntex_tls::rustls::{TlsClientFilter, TlsConnector}; + + #[doc(hidden)] + #[deprecated] + pub use ntex_tls::rustls::TlsConnector as Connector; + } } pub mod router { diff --git a/ntex/src/ws/client.rs b/ntex/src/ws/client.rs index f047fb2c..69dfc812 100644 --- a/ntex/src/ws/client.rs +++ b/ntex/src/ws/client.rs @@ -533,7 +533,7 @@ where /// Use openssl connector. pub fn openssl( &mut self, - connector: openssl::SslConnector, + connector: tls_openssl::ssl::SslConnector, ) -> WsClientBuilder, openssl::Connector> { self.connector(openssl::Connector::new(connector)) } @@ -542,7 +542,7 @@ where /// Use rustls connector. pub fn rustls( &mut self, - config: std::sync::Arc, + config: std::sync::Arc, ) -> WsClientBuilder, rustls::Connector> { self.connector(rustls::Connector::from(config)) } diff --git a/ntex/tests/connect.rs b/ntex/tests/connect.rs index 451ccc59..0a8aeaa9 100644 --- a/ntex/tests/connect.rs +++ b/ntex/tests/connect.rs @@ -1,4 +1,4 @@ -use std::{io, rc::Rc, sync::Arc}; +use std::{io, rc::Rc}; use ntex::codec::BytesCodec; use ntex::connect::Connect; @@ -6,6 +6,9 @@ use ntex::io::{types::PeerAddr, Io}; use ntex::service::{chain_factory, fn_service, Pipeline, ServiceFactory}; use ntex::{server::build_test_server, server::test_server, time, util::Bytes}; +#[cfg(feature = "rustls")] +mod rustls_utils; + #[cfg(feature = "openssl")] fn ssl_acceptor() -> tls_openssl::ssl::SslAcceptor { use tls_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod}; @@ -21,67 +24,6 @@ fn ssl_acceptor() -> tls_openssl::ssl::SslAcceptor { builder.build() } -#[cfg(feature = "rustls")] -use tls_rustls::ServerConfig; - -#[cfg(feature = "rustls")] -fn tls_acceptor() -> Arc { - use std::fs::File; - use std::io::BufReader; - - let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap()); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); - let key = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let config = ServerConfig::builder() - .with_no_client_auth() - .with_single_cert(cert_chain, key) - .unwrap(); - Arc::new(config) -} - -mod danger { - use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime}; - - #[derive(Debug)] - pub struct NoCertificateVerification {} - - impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification { - fn verify_server_cert( - &self, - _end_entity: &CertificateDer<'_>, - _certs: &[CertificateDer<'_>], - _hostname: &ServerName<'_>, - _ocsp: &[u8], - _now: UnixTime, - ) -> Result { - Ok(tls_rustls::client::danger::ServerCertVerified::assertion()) - } - - fn verify_tls12_signature( - &self, - _message: &[u8], - _cert: &CertificateDer<'_>, - _dss: &tls_rustls::DigitallySignedStruct, - ) -> Result { - Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) - } - - fn verify_tls13_signature( - &self, - _message: &[u8], - _cert: &CertificateDer<'_>, - _dss: &tls_rustls::DigitallySignedStruct, - ) -> Result { - Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) - } - - fn supported_verify_schemes(&self) -> Vec { - vec![] - } - } -} - #[cfg(feature = "openssl")] #[ntex::test] async fn test_openssl_string() { @@ -187,13 +129,13 @@ async fn test_openssl_read_before_error() { } #[cfg(feature = "rustls")] +#[ignore] #[ntex::test] async fn test_rustls_string() { + use std::{fs::File, io::BufReader}; + use ntex::{io::types::HttpProtocol, server::rustls}; use ntex_tls::{rustls::PeerCert, rustls::PeerCertChain}; - use std::fs::File; - use std::io::BufReader; - use tls_rustls::ClientConfig; let srv = test_server(|| { chain_factory( @@ -204,7 +146,12 @@ async fn test_rustls_string() { }) .map_init_err(|_| ()), ) - .and_then(rustls::TlsAcceptor::new(tls_acceptor())) + .and_then( + rustls::TlsAcceptor::new(rustls_utils::tls_acceptor_arc()).map_err(|e| { + log::error!("tls negotiation is failed: {:?}", e); + e + }), + ) .and_then( fn_service(|io: Io<_>| async move { assert!(io.query::().as_ref().is_none()); @@ -219,12 +166,9 @@ async fn test_rustls_string() { ) }); - let config = ClientConfig::builder() - .dangerous() - .with_custom_certificate_verifier(Arc::new(danger::NoCertificateVerification {})) - .with_no_client_auth(); - - let conn = Pipeline::new(ntex::connect::rustls::Connector::new(config)); + let conn = Pipeline::new(ntex::connect::rustls::Connector::new( + rustls_utils::tls_connector(), + )); let addr = format!("localhost:{}", srv.addr().port()); let io = conn.call(addr.into()).await.unwrap(); assert_eq!(io.query::().get().unwrap(), srv.addr().into()); @@ -233,7 +177,9 @@ async fn test_rustls_string() { HttpProtocol::Http1 ); let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); + let cert_chain = rustls_pemfile::certs(cert_file) + .collect::, _>>() + .unwrap(); assert_eq!( io.query::().as_ref().unwrap().0, *cert_chain.first().unwrap() diff --git a/ntex/tests/http_awc_rustls_client.rs b/ntex/tests/http_awc_rustls_client.rs index cbe6324f..7263274c 100644 --- a/ntex/tests/http_awc_rustls_client.rs +++ b/ntex/tests/http_awc_rustls_client.rs @@ -3,7 +3,6 @@ use std::sync::atomic::{AtomicUsize, Ordering}; use std::sync::Arc; use tls_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod, SslVerifyMode}; -use tls_rustls::ClientConfig; use ntex::http::client::{Client, Connector}; use ntex::http::test::server as test_server; @@ -12,6 +11,8 @@ use ntex::service::{chain_factory, map_config, ServiceFactory}; use ntex::util::Ready; use ntex::web::{self, dev::AppConfig, App, HttpResponse}; +mod rustls_utils; + fn ssl_acceptor() -> SslAcceptor { // load ssl keys let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); @@ -34,48 +35,6 @@ fn ssl_acceptor() -> SslAcceptor { builder.build() } -mod danger { - use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime}; - - #[derive(Debug)] - pub struct NoCertificateVerification {} - - impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification { - fn verify_server_cert( - &self, - _end_entity: &CertificateDer<'_>, - _certs: &[CertificateDer<'_>], - _hostname: &ServerName<'_>, - _ocsp: &[u8], - _now: UnixTime, - ) -> Result { - Ok(tls_rustls::client::danger::ServerCertVerified::assertion()) - } - - fn verify_tls12_signature( - &self, - _message: &[u8], - _cert: &CertificateDer<'_>, - _dss: &tls_rustls::DigitallySignedStruct, - ) -> Result { - Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) - } - - fn verify_tls13_signature( - &self, - _message: &[u8], - _cert: &CertificateDer<'_>, - _dss: &tls_rustls::DigitallySignedStruct, - ) -> Result { - Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) - } - - fn supported_verify_schemes(&self) -> Vec { - vec![] - } - } -} - #[ntex::test] async fn test_connection_reuse_h2() { let num = Arc::new(AtomicUsize::new(0)); @@ -101,10 +60,7 @@ async fn test_connection_reuse_h2() { }); // disable ssl verification - let mut config = ClientConfig::builder() - .dangerous() - .with_custom_certificate_verifier(Arc::new(danger::NoCertificateVerification {})) - .with_no_client_auth(); + let mut config = rustls_utils::tls_connector(); let protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()]; config.alpn_protocols = protos; diff --git a/ntex/tests/http_server.rs b/ntex/tests/http_server.rs index 17750c2a..433a968d 100644 --- a/ntex/tests/http_server.rs +++ b/ntex/tests/http_server.rs @@ -513,9 +513,6 @@ async fn test_h1_head_binary() { #[ntex::test] async fn test_h1_head_binary2() { - std::env::set_var("RUST_LOG", "trace"); - let _ = env_logger::try_init(); - let srv = test_server(|| { HttpService::build().h1(|_| Ready::Ok::<_, io::Error>(Response::Ok().body(STR))) }); diff --git a/ntex/tests/rustls_utils.rs b/ntex/tests/rustls_utils.rs new file mode 100644 index 00000000..b7fc4c60 --- /dev/null +++ b/ntex/tests/rustls_utils.rs @@ -0,0 +1,69 @@ +#![allow(dead_code)] +use std::{fs::File, io::BufReader, sync::Arc}; + +use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime}; +use tls_rustls::ClientConfig; + +pub fn tls_connector() -> ClientConfig { + ClientConfig::builder() + .dangerous() + .with_custom_certificate_verifier(Arc::new(NoCertificateVerification {})) + .with_no_client_auth() +} + +pub fn tls_acceptor_arc() -> Arc { + Arc::new(tls_acceptor()) +} + +pub fn tls_acceptor() -> tls_rustls::ServerConfig { + let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); + let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap()); + let cert_chain = rustls_pemfile::certs(cert_file) + .map(|r| r.unwrap()) + .collect(); + let key = rustls_pemfile::private_key(key_file).unwrap().unwrap(); + tls_rustls::ServerConfig::builder() + .with_no_client_auth() + .with_single_cert(cert_chain, key) + .unwrap() +} + +#[derive(Debug)] +pub struct NoCertificateVerification {} + +impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification { + fn verify_server_cert( + &self, + _end_entity: &CertificateDer<'_>, + _certs: &[CertificateDer<'_>], + _hostname: &ServerName<'_>, + _ocsp: &[u8], + _now: UnixTime, + ) -> Result { + Ok(tls_rustls::client::danger::ServerCertVerified::assertion()) + } + + fn verify_tls12_signature( + &self, + _message: &[u8], + _cert: &CertificateDer<'_>, + _dss: &tls_rustls::DigitallySignedStruct, + ) -> Result + { + Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) + } + + fn verify_tls13_signature( + &self, + _message: &[u8], + _cert: &CertificateDer<'_>, + _dss: &tls_rustls::DigitallySignedStruct, + ) -> Result + { + Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion()) + } + + fn supported_verify_schemes(&self) -> Vec { + vec![] + } +} diff --git a/ntex/tests/web_httpserver.rs b/ntex/tests/web_httpserver.rs index 07e689aa..9853a049 100644 --- a/ntex/tests/web_httpserver.rs +++ b/ntex/tests/web_httpserver.rs @@ -4,6 +4,9 @@ use std::{sync::mpsc, thread, time::Duration}; #[cfg(feature = "openssl")] use tls_openssl::ssl::SslAcceptorBuilder; +#[cfg(feature = "rustls")] +mod rustls_utils; + use ntex::web::{self, App, HttpResponse, HttpServer}; use ntex::{rt, server::TestServer, time::sleep, time::Seconds}; @@ -128,6 +131,7 @@ async fn test_openssl() { }) }); let (srv, sys) = rx.recv().unwrap(); + thread::sleep(Duration::from_millis(100)); let client = client(); let host = format!("https://{}", addr); @@ -144,26 +148,14 @@ async fn test_openssl() { #[ntex::test] #[cfg(all(feature = "rustls", feature = "openssl"))] async fn test_rustls() { - use std::{fs::File, io::BufReader}; - use ntex::web::HttpRequest; - use tls_rustls::ServerConfig as RustlsServerConfig; let addr = TestServer::unused_addr(); let (tx, rx) = mpsc::channel(); thread::spawn(move || { let sys = ntex::rt::System::new("test"); - - // load ssl keys - let cert_file = &mut BufReader::new(File::open("./tests/cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("./tests/key.pem").unwrap()); - let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); - let config = RustlsServerConfig::builder() - .with_no_client_auth() - .with_single_cert(cert_chain, keys) - .unwrap(); + let config = rustls_utils::tls_acceptor(); sys.run(move || { let srv = HttpServer::new(|| { diff --git a/ntex/tests/web_server.rs b/ntex/tests/web_server.rs index 195628a0..bc405288 100644 --- a/ntex/tests/web_server.rs +++ b/ntex/tests/web_server.rs @@ -18,6 +18,9 @@ use ntex::util::{ready, Bytes, Ready, Stream}; use ntex::web::{self, middleware::Compress, test}; use ntex::web::{App, BodyEncoding, HttpRequest, HttpResponse, WebResponseError}; +#[cfg(feature = "rustls")] +mod rustls_utils; + const STR: &str = "Hello World Hello World Hello World Hello World Hello World \ Hello World Hello World Hello World Hello World Hello World \ Hello World Hello World Hello World Hello World Hello World \ @@ -842,33 +845,20 @@ async fn test_brotli_encoding_large_openssl_h2() { #[cfg(all(feature = "rustls", feature = "openssl"))] #[ntex::test] async fn test_reading_deflate_encoding_large_random_rustls() { - use std::{fs::File, io::BufReader}; - - use tls_rustls::ServerConfig; - let data = rand::thread_rng() .sample_iter(&Alphanumeric) .take(160_000) .map(char::from) .collect::(); - // load ssl keys - let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap()); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); - let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let config = ServerConfig::builder() - .with_no_client_auth() - .with_single_cert(cert_chain, keys) - .unwrap(); - - let srv = test::server_with(test::config().rustls(config), || { - App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { - HttpResponse::Ok() - .encoding(ContentEncoding::Identity) - .body(bytes) - }))) - }); + let srv = + test::server_with(test::config().rustls(rustls_utils::tls_acceptor()), || { + App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { + HttpResponse::Ok() + .encoding(ContentEncoding::Identity) + .body(bytes) + }))) + }); // encode data let mut e = ZlibEncoder::new(Vec::new(), Compression::default()); @@ -894,33 +884,22 @@ async fn test_reading_deflate_encoding_large_random_rustls() { #[cfg(all(feature = "rustls", feature = "openssl"))] #[ntex::test] async fn test_reading_deflate_encoding_large_random_rustls_h1() { - use std::fs::File; - use std::io::BufReader; - use tls_rustls::ServerConfig; - let data = rand::thread_rng() .sample_iter(&Alphanumeric) .take(160_000) .map(char::from) .collect::(); - // load ssl keys - let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap()); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); - let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let config = ServerConfig::builder() - .with_no_client_auth() - .with_single_cert(cert_chain, keys) - .unwrap(); - - let srv = test::server_with(test::config().rustls(config).h1(), || { - App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { - HttpResponse::Ok() - .encoding(ContentEncoding::Identity) - .body(bytes) - }))) - }); + let srv = test::server_with( + test::config().rustls(rustls_utils::tls_acceptor()).h1(), + || { + App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { + HttpResponse::Ok() + .encoding(ContentEncoding::Identity) + .body(bytes) + }))) + }, + ); // encode data let mut e = ZlibEncoder::new(Vec::new(), Compression::default()); @@ -946,33 +925,22 @@ async fn test_reading_deflate_encoding_large_random_rustls_h1() { #[cfg(all(feature = "rustls", feature = "openssl"))] #[ntex::test] async fn test_reading_deflate_encoding_large_random_rustls_h2() { - use std::{fs::File, io::BufReader}; - - use tls_rustls::ServerConfig; - let data = rand::thread_rng() .sample_iter(&Alphanumeric) .take(160_000) .map(char::from) .collect::(); - // load ssl keys - let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap()); - let cert_chain = rustls_pemfile::certs(cert_file).collect::, _>>().unwrap(); - let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap(); - let config = ServerConfig::builder() - .with_no_client_auth() - .with_single_cert(cert_chain, keys) - .unwrap(); - - let srv = test::server_with(test::config().rustls(config).h2(), || { - App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { - HttpResponse::Ok() - .encoding(ContentEncoding::Identity) - .body(bytes) - }))) - }); + let srv = test::server_with( + test::config().rustls(rustls_utils::tls_acceptor()).h2(), + || { + App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async { + HttpResponse::Ok() + .encoding(ContentEncoding::Identity) + .body(bytes) + }))) + }, + ); // encode data let mut e = ZlibEncoder::new(Vec::new(), Compression::default());