mirrors/ntex
1
0
Fork 0
mirror of https://github.com/ntex-rs/ntex.git synced 2025-04-04 13:27:39 +03:00
Code Issues Projects Releases Packages Wiki Activity

Refactor ntex-connect (#314)

Browse source
This commit is contained in:
Nikolay Kim 2024-03-24 15:33:08 +01:00 committed by GitHub
parent 5414e2096a
commit baabcff4a6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
35 changed files with 446 additions and 437 deletions
Download patch file Download diff file Expand all files Collapse all files

23
ntex-connect/Cargo.toml
View file

@ -19,10 +19,10 @@ path = "src/lib.rs"
default = []
# openssl
openssl = ["tls-openssl", "ntex-tls/openssl"]
openssl = ["ntex-tls/openssl", "tls_openssl"]
# rustls support
rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls"]
rustls = ["ntex-tls/rustls", "tls_rust"]
# tokio runtime
tokio = ["ntex-net/tokio"]
@ -34,26 +34,15 @@ glommio = ["ntex-net/glommio"]
async-std = ["ntex-net/async-std"]
[dependencies]
ntex-service = "2.0.0"
ntex-io = "1.0.0"
ntex-tls = "1.0.0"
ntex-util = "1.0.0"
ntex-bytes = "0.1.21"
ntex-http = "0.1"
ntex-rt = "0.4.7"
ntex-net = "1.0.0"
ntex-net = "1.0"
ntex-tls = "1.1"
log = "0.4"
thiserror = "1.0"
# openssl
tls-openssl = { version="0.10", package = "openssl", optional = true }
tls_openssl = { version = "0.10", package = "openssl", optional = true }
# rustls
tls-rustls = { version = "0.23", package = "rustls", optional = true }
webpki-roots = { version = "0.26", optional = true }
[dev-dependencies]
rand = "0.8"
env_logger = "0.11"
ntex = { version = "1", features = ["tokio"] }
tls_rust = { version = "0.23", package = "rustls", optional = true }

34
ntex-connect/src/lib.rs
View file

@ -1,34 +1,22 @@
//! Tcp connector service
#![deny(rust_2018_idioms, unreachable_pub, missing_debug_implementations)]
mod error;
mod message;
mod resolve;
mod service;
mod uri;
#[cfg(feature = "openssl")]
pub mod openssl;
pub mod openssl {
pub use ntex_tls::openssl::{SslConnector as Connector, SslFilter};
pub use tls_openssl::ssl::{
Error as SslError, HandshakeError, SslConnector, SslMethod,
};
}
#[cfg(feature = "rustls")]
pub mod rustls;
pub use self::error::ConnectError;
pub use self::message::{Address, Connect};
pub use self::resolve::Resolver;
pub use self::service::Connector;
use ntex_io::Io;
/// Resolve and connect to remote host
pub async fn connect<T, U>(message: U) -> Result<Io, ConnectError>
where
T: Address,
Connect<T>: From<U>,
{
Connector::new().connect(message).await
pub mod rustls {
pub use ntex_tls::rustls::{TlsClientFilter, TlsConnector as Connector};
pub use tls_rust::{pki_types::ServerName, ClientConfig};
}
pub use ntex_net::connect::{connect, Address, Connect, ConnectError, Connector, Resolver};
#[allow(unused_imports)]
#[doc(hidden)]
pub mod net {

2
ntex-net/CHANGES.md
View file

@ -1,5 +1,5 @@
# Changes
## [1.0.0] - 2024-03-23
## [1.0.0] - 2024-03-25
* Move to separate crate

14
ntex-net/Cargo.toml
View file

@ -28,10 +28,20 @@ glommio = ["ntex-rt/glommio", "ntex-glommio"]
async-std = ["ntex-rt/async-std", "ntex-async-std"]
[dependencies]
ntex-service = "2.0"
ntex-bytes = "0.1.24"
ntex-io = "1.0.0"
ntex-rt = "0.4.7"
ntex-http = "0.1"
ntex-io = "1.0"
ntex-rt = "0.4.11"
ntex-util = "1.0"
ntex-tokio = { version = "0.4.0", optional = true }
ntex-glommio = { version = "0.4.0", optional = true }
ntex-async-std = { version = "0.4.0", optional = true }
log = "0.4"
thiserror = "1.0"
[dev-dependencies]
env_logger = "0.11"
ntex = { version = "1", features = ["tokio"] }

113
ntex-net/src/compat.rs Normal file
View file

@ -0,0 +1,113 @@
//! Utility for async runtime abstraction
#[cfg(feature = "tokio")]
pub use ntex_tokio::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(unix, feature = "tokio"))]
pub use ntex_tokio::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
feature = "async-std",
not(feature = "tokio"),
not(feature = "glommio")
))]
pub use ntex_async_std::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(
unix,
feature = "async-std",
not(feature = "tokio"),
not(feature = "glommio")
))]
pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
feature = "glommio",
not(feature = "tokio"),
not(feature = "async-std")
))]
pub use ntex_glommio::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(
unix,
feature = "glommio",
not(feature = "tokio"),
not(feature = "async-std")
))]
pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
not(feature = "tokio"),
not(feature = "async-std"),
not(feature = "glommio")
))]
mod no_rt {
use ntex_io::Io;
/// Opens a TCP connection to a remote host.
pub async fn tcp_connect(_: std::net::SocketAddr) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
/// Opens a TCP connection to a remote host and use specified memory pool.
pub async fn tcp_connect_in(
_: std::net::SocketAddr,
_: ntex_bytes::PoolRef,
) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Opens a unix stream connection.
pub async fn unix_connect<'a, P>(_: P) -> std::io::Result<Io>
where
P: AsRef<std::path::Path> + 'a,
{
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Opens a unix stream connection and specified memory pool.
pub async fn unix_connect_in<'a, P>(_: P, _: ntex_bytes::PoolRef) -> std::io::Result<Io>
where
P: AsRef<std::path::Path> + 'a,
{
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
/// Convert std TcpStream to tokio's TcpStream
pub fn from_tcp_stream(_: std::net::TcpStream) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Convert std UnixStream to tokio's UnixStream
pub fn from_unix_stream(_: std::os::unix::net::UnixStream) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
}
#[cfg(all(
not(feature = "tokio"),
not(feature = "async-std"),
not(feature = "glommio")
))]
pub use no_rt::*;

0
ntex-connect/src/error.rs → ntex-net/src/connect/error.rs
View file

0
ntex-connect/src/message.rs → ntex-net/src/connect/message.rs
View file

22
ntex-net/src/connect/mod.rs Normal file
View file

@ -0,0 +1,22 @@
//! Tcp connector service
mod error;
mod message;
mod resolve;
mod service;
mod uri;
pub use self::error::ConnectError;
pub use self::message::{Address, Connect};
pub use self::resolve::Resolver;
pub use self::service::Connector;
use ntex_io::Io;
/// Resolve and connect to remote host
pub async fn connect<T, U>(message: U) -> Result<Io, ConnectError>
where
T: Address,
Connect<T>: From<U>,
{
Connector::new().connect(message).await
}

2
ntex-connect/src/resolve.rs → ntex-net/src/connect/resolve.rs
View file

@ -4,7 +4,7 @@ use ntex_rt::spawn_blocking;
use ntex_service::{Service, ServiceCtx, ServiceFactory};
use ntex_util::future::Either;
use crate::{Address, Connect, ConnectError};
use super::{Address, Connect, ConnectError};
#[derive(Copy)]
/// DNS Resolver Service

7
ntex-connect/src/service.rs → ntex-net/src/connect/service.rs
View file

@ -6,7 +6,8 @@ use ntex_io::{types, Io};
use ntex_service::{Service, ServiceCtx, ServiceFactory};
use ntex_util::future::{BoxFuture, Either};
use crate::{net::tcp_connect_in, Address, Connect, ConnectError, Resolver};
use super::{Address, Connect, ConnectError, Resolver};
use crate::tcp_connect_in;
#[derive(Copy)]
pub struct Connector<T> {
@ -249,11 +250,11 @@ mod tests {
.unwrap(),
server.addr(),
]);
let result = crate::connect(msg).await;
let result = crate::connect::connect(msg).await;
assert!(result.is_ok());
let msg = Connect::new(server.addr());
let result = crate::connect(msg).await;
let result = crate::connect::connect(msg).await;
assert!(result.is_ok());
}
}

0
ntex-connect/src/uri.rs → ntex-net/src/connect/uri.rs
View file

117
ntex-net/src/lib.rs
View file

@ -1,117 +1,10 @@
//! Utility for async runtime abstraction
#![deny(rust_2018_idioms, unreachable_pub, missing_debug_implementations)]
mod compat;
pub mod connect;
pub use ntex_io::Io;
pub use ntex_rt::spawn;
pub use ntex_rt::{spawn, spawn_blocking};
#[cfg(feature = "tokio")]
pub use ntex_tokio::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(unix, feature = "tokio"))]
pub use ntex_tokio::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
feature = "async-std",
not(feature = "tokio"),
not(feature = "glommio")
))]
pub use ntex_async_std::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(
unix,
feature = "async-std",
not(feature = "tokio"),
not(feature = "glommio")
))]
pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
feature = "glommio",
not(feature = "tokio"),
not(feature = "async-std")
))]
pub use ntex_glommio::{from_tcp_stream, tcp_connect, tcp_connect_in};
#[cfg(all(
unix,
feature = "glommio",
not(feature = "tokio"),
not(feature = "async-std")
))]
pub use ntex_async_std::{from_unix_stream, unix_connect, unix_connect_in};
#[cfg(all(
not(feature = "tokio"),
not(feature = "async-std"),
not(feature = "glommio")
))]
mod no_rt {
use ntex_io::Io;
/// Opens a TCP connection to a remote host.
pub async fn tcp_connect(_: std::net::SocketAddr) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
/// Opens a TCP connection to a remote host and use specified memory pool.
pub async fn tcp_connect_in(
_: std::net::SocketAddr,
_: ntex_bytes::PoolRef,
) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Opens a unix stream connection.
pub async fn unix_connect<'a, P>(_: P) -> std::io::Result<Io>
where
P: AsRef<std::path::Path> + 'a,
{
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Opens a unix stream connection and specified memory pool.
pub async fn unix_connect_in<'a, P>(_: P, _: ntex_bytes::PoolRef) -> std::io::Result<Io>
where
P: AsRef<std::path::Path> + 'a,
{
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
/// Convert std TcpStream to tokio's TcpStream
pub fn from_tcp_stream(_: std::net::TcpStream) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
#[cfg(unix)]
/// Convert std UnixStream to tokio's UnixStream
pub fn from_unix_stream(_: std::os::unix::net::UnixStream) -> std::io::Result<Io> {
Err(std::io::Error::new(
std::io::ErrorKind::Other,
"runtime is not configure",
))
}
}
#[cfg(all(
not(feature = "tokio"),
not(feature = "async-std"),
not(feature = "glommio")
))]
pub use no_rt::*;
pub use self::compat::*;

2
ntex-server/CHANGES.md
View file

@ -1,5 +1,5 @@
# Changes
## [0.1.0] - 2024-03-xx
## [0.1.0] - 2024-03-24
* Release

6
ntex-tls/CHANGES.md
View file

@ -1,5 +1,11 @@
# Changes
## [1.1.0] - 2024-03-24
* Move tls connectors from ntex-connect
* Upgrade to rustls 0.23
## [1.0.0] - 2024-01-09
* Release

8
ntex-tls/Cargo.toml
View file

@ -26,9 +26,11 @@ rustls = ["tls_rust"]
[dependencies]
ntex-bytes = "0.1.21"
ntex-io = "1.0.0"
ntex-util = "1.0.0"
ntex-service = "2.0.0"
ntex-io = "1.0"
ntex-util = "1.0"
ntex-service = "2.0"
ntex-net = "1.0"
log = "0.4"
# openssl

3
ntex-tls/examples/rustls-client.rs
View file

@ -9,7 +9,8 @@ async fn main() -> io::Result<()> {
env_logger::init();
// rustls config
let cert_store = RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
let cert_store =
RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
let config = ClientConfig::builder()
.with_root_certificates(cert_store)
.with_no_client_auth();

4
ntex-tls/examples/rustls-server.rs
View file

@ -17,7 +17,9 @@ async fn main() -> io::Result<()> {
&mut BufReader::new(File::open("../ntex-tls/examples/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("../ntex-tls/examples/key.pem").unwrap());
let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let cert_chain = rustls_pemfile::certs(cert_file)
.collect::<Result<Vec<_>, _>>()
.unwrap();
let tls_config = Arc::new(
ServerConfig::builder()
.with_no_client_auth()

44
ntex-connect/src/openssl.rs → ntex-tls/src/openssl/connect.rs
View file

@ -1,24 +1,22 @@
use std::{fmt, io};
pub use ntex_tls::openssl::SslFilter;
pub use tls_openssl::ssl::{Error as SslError, HandshakeError, SslConnector, SslMethod};
use ntex_bytes::PoolId;
use ntex_io::{Io, Layer};
use ntex_net::connect::{Address, Connect, ConnectError, Connector as BaseConnector};
use ntex_service::{Pipeline, Service, ServiceCtx, ServiceFactory};
use ntex_tls::openssl::connect as connect_io;
use tls_openssl::ssl::SslConnector as BaseSslConnector;
use super::{Address, Connect, ConnectError, Connector as BaseConnector};
use super::{connect as connect_io, SslFilter};
pub struct Connector<T> {
pub struct SslConnector<T> {
connector: Pipeline<BaseConnector<T>>,
openssl: SslConnector,
openssl: BaseSslConnector,
}
impl<T: Address> Connector<T> {
impl<T: Address> SslConnector<T> {
/// Construct new OpensslConnectService factory
pub fn new(connector: SslConnector) -> Self {
Connector {
pub fn new(connector: BaseSslConnector) -> Self {
SslConnector {
connector: BaseConnector::default().into(),
openssl: connector,
}
@ -43,7 +41,7 @@ impl<T: Address> Connector<T> {
}
}
impl<T: Address> Connector<T> {
impl<T: Address> SslConnector<T> {
/// Resolve and connect to remote host
pub async fn connect<U>(&self, message: U) -> Result<Io<Layer<SslFilter>>, ConnectError>
where
@ -79,28 +77,28 @@ impl<T: Address> Connector<T> {
}
}
impl<T> Clone for Connector<T> {
impl<T> Clone for SslConnector<T> {
fn clone(&self) -> Self {
Connector {
Self {
connector: self.connector.clone(),
openssl: self.openssl.clone(),
}
}
}
impl<T> fmt::Debug for Connector<T> {
impl<T> fmt::Debug for SslConnector<T> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_struct("Connector(openssl)")
f.debug_struct("SslConnector(openssl)")
.field("connector", &self.connector)
.field("openssl", &self.openssl)
.finish()
}
}
impl<T: Address, C> ServiceFactory<Connect<T>, C> for Connector<T> {
impl<T: Address, C> ServiceFactory<Connect<T>, C> for SslConnector<T> {
type Response = Io<Layer<SslFilter>>;
type Error = ConnectError;
type Service = Connector<T>;
type Service = SslConnector<T>;
type InitError = ();
async fn create(&self, _: C) -> Result<Self::Service, Self::InitError> {
@ -108,7 +106,7 @@ impl<T: Address, C> ServiceFactory<Connect<T>, C> for Connector<T> {
}
}
impl<T: Address> Service<Connect<T>> for Connector<T> {
impl<T: Address> Service<Connect<T>> for SslConnector<T> {
type Response = Io<Layer<SslFilter>>;
type Error = ConnectError;
@ -123,6 +121,8 @@ impl<T: Address> Service<Connect<T>> for Connector<T> {
#[cfg(test)]
mod tests {
use tls_openssl::ssl::SslMethod;
use super::*;
#[ntex::test]
@ -131,14 +131,16 @@ mod tests {
ntex::service::fn_service(|_| async { Ok::<_, ()>(()) })
});
let ssl = SslConnector::builder(SslMethod::tls()).unwrap();
let factory = Connector::new(ssl.build()).memory_pool(PoolId::P5).clone();
let ssl = BaseSslConnector::builder(SslMethod::tls()).unwrap();
let factory = SslConnector::new(ssl.build())
.memory_pool(PoolId::P5)
.clone();
let srv = factory.pipeline(&()).await.unwrap();
let result = srv
.call(Connect::new("").set_addr(Some(server.addr())))
.await;
assert!(result.is_err());
assert!(format!("{:?}", srv).contains("Connector"));
assert!(format!("{:?}", srv).contains("SslConnector"));
}
}

3
ntex-tls/src/openssl/mod.rs
View file

@ -8,6 +8,9 @@ use tls_openssl::x509::X509;
use crate::{PskIdentity, Servername};
mod connect;
pub use self::connect::SslConnector;
mod accept;
pub use self::accept::{SslAcceptor, SslAcceptorService};

28
ntex-tls/src/rustls/client.rs
View file

@ -64,11 +64,17 @@ impl FilterLayer for TlsClientFilter {
buf.with_dst(|dst| {
loop {
let mut cursor = io::Cursor::new(&src);
let n = session.read_tls(&mut cursor)?;
let n = match session.read_tls(&mut cursor) {
Ok(n) => n,
Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => {
break
}
Err(err) => return Err(err),
};
src.split_to(n);
let state = session
.process_new_packets()
.map_err(|e| io::Error::new(io::ErrorKind::Other, e))?;
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
let new_b = state.plaintext_bytes_to_read();
if new_b > 0 {
@ -92,18 +98,26 @@ impl FilterLayer for TlsClientFilter {
fn process_write_buf(&self, buf: &WriteBuf<'_>) -> io::Result<()> {
buf.with_src(|src| {
if let Some(src) = src {
let mut session = self.session.borrow_mut();
let mut io = Wrapper(buf);
let mut session = self.session.borrow_mut();
loop {
'outer: loop {
if !src.is_empty() {
src.split_to(session.writer().write(src)?);
}
if session.wants_write() {
session.complete_io(&mut io)?;
} else {
break;
}
while session.wants_write() {
match session.write_tls(&mut io) {
Ok(0) => continue 'outer,
Ok(_) => continue,
Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => {
break
}
Err(err) => return Err(err),
}
}
break;
}
}
Ok(())

40
ntex-connect/src/rustls.rs → ntex-tls/src/rustls/connect.rs
View file

@ -1,32 +1,31 @@
use std::{fmt, io, sync::Arc};
pub use ntex_tls::rustls::TlsClientFilter;
pub use tls_rustls::{pki_types::ServerName, ClientConfig};
use ntex_bytes::PoolId;
use ntex_io::{Io, Layer};
use ntex_net::connect::{Address, Connect, ConnectError, Connector as BaseConnector};
use ntex_service::{Pipeline, Service, ServiceCtx, ServiceFactory};
use tls_rust::{pki_types::ServerName, ClientConfig};
use super::{Address, Connect, ConnectError, Connector as BaseConnector};
use super::TlsClientFilter;
/// Rustls connector factory
pub struct Connector<T> {
pub struct TlsConnector<T> {
connector: Pipeline<BaseConnector<T>>,
config: Arc<ClientConfig>,
}
impl<T: Address> From<Arc<ClientConfig>> for Connector<T> {
impl<T: Address> From<Arc<ClientConfig>> for TlsConnector<T> {
fn from(config: Arc<ClientConfig>) -> Self {
Connector {
TlsConnector {
config,
connector: BaseConnector::default().into(),
}
}
}
impl<T: Address> Connector<T> {
impl<T: Address> TlsConnector<T> {
pub fn new(config: ClientConfig) -> Self {
Connector {
TlsConnector {
config: Arc::new(config),
connector: BaseConnector::default().into(),
}
@ -50,7 +49,7 @@ impl<T: Address> Connector<T> {
}
}
impl<T: Address> Connector<T> {
impl<T: Address> TlsConnector<T> {
/// Resolve and connect to remote host
pub async fn connect<U>(
&self,
@ -83,7 +82,7 @@ impl<T: Address> Connector<T> {
}
}
impl<T> Clone for Connector<T> {
impl<T> Clone for TlsConnector<T> {
fn clone(&self) -> Self {
Self {
config: self.config.clone(),
@ -92,18 +91,18 @@ impl<T> Clone for Connector<T> {
}
}
impl<T> fmt::Debug for Connector<T> {
impl<T> fmt::Debug for TlsConnector<T> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_struct("Connector(rustls)")
f.debug_struct("TlsConnector(rustls)")
.field("connector", &self.connector)
.finish()
}
}
impl<T: Address, C> ServiceFactory<Connect<T>, C> for Connector<T> {
impl<T: Address, C> ServiceFactory<Connect<T>, C> for TlsConnector<T> {
type Response = Io<Layer<TlsClientFilter>>;
type Error = ConnectError;
type Service = Connector<T>;
type Service = TlsConnector<T>;
type InitError = ();
async fn create(&self, _: C) -> Result<Self::Service, Self::InitError> {
@ -111,7 +110,7 @@ impl<T: Address, C> ServiceFactory<Connect<T>, C> for Connector<T> {
}
}
impl<T: Address> Service<Connect<T>> for Connector<T> {
impl<T: Address> Service<Connect<T>> for TlsConnector<T> {
type Response = Io<Layer<TlsClientFilter>>;
type Error = ConnectError;
@ -126,7 +125,7 @@ impl<T: Address> Service<Connect<T>> for Connector<T> {
#[cfg(test)]
mod tests {
use tls_rustls::RootCertStore;
use tls_rust::RootCertStore;
use super::*;
use ntex_util::future::lazy;
@ -137,12 +136,13 @@ mod tests {
ntex::service::fn_service(|_| async { Ok::<_, ()>(()) })
});
let cert_store = RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
let cert_store =
RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
let config = ClientConfig::builder()
.with_root_certificates(cert_store)
.with_no_client_auth();
let _ = Connector::<&'static str>::new(config.clone()).clone();
let factory = Connector::from(Arc::new(config))
let _ = TlsConnector::<&'static str>::new(config.clone()).clone();
let factory = TlsConnector::from(Arc::new(config))
.memory_pool(PoolId::P5)
.clone();

4
ntex-tls/src/rustls/mod.rs
View file

@ -6,10 +6,12 @@ use tls_rust::pki_types::CertificateDer;
mod accept;
mod client;
mod connect;
mod server;
pub use accept::{TlsAcceptor, TlsAcceptorService};
pub use self::accept::{TlsAcceptor, TlsAcceptorService};
pub use self::client::TlsClientFilter;
pub use self::connect::TlsConnector;
pub use self::server::TlsServerFilter;
/// Connection's peer cert

28
ntex-tls/src/rustls/server.rs
View file

@ -72,11 +72,17 @@ impl FilterLayer for TlsServerFilter {
buf.with_dst(|dst| {
loop {
let mut cursor = io::Cursor::new(&src);
let n = session.read_tls(&mut cursor)?;
let n = match session.read_tls(&mut cursor) {
Ok(n) => n,
Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => {
break
}
Err(err) => return Err(err),
};
src.split_to(n);
let state = session
.process_new_packets()
.map_err(|e| io::Error::new(io::ErrorKind::Other, e))?;
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
let new_b = state.plaintext_bytes_to_read();
if new_b > 0 {
@ -100,18 +106,26 @@ impl FilterLayer for TlsServerFilter {
fn process_write_buf(&self, buf: &WriteBuf<'_>) -> io::Result<()> {
buf.with_src(|src| {
if let Some(src) = src {
let mut session = self.session.borrow_mut();
let mut io = Wrapper(buf);
let mut session = self.session.borrow_mut();
loop {
'outer: loop {
if !src.is_empty() {
src.split_to(session.writer().write(src)?);
}
if session.wants_write() {
session.complete_io(&mut io)?;
} else {
break;
}
while session.wants_write() {
match session.write_tls(&mut io) {
Ok(0) => continue 'outer,
Ok(_) => continue,
Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => {
break
}
Err(err) => return Err(err),
}
}
break;
}
}
Ok(())

4
ntex/CHANGES.md
View file

@ -1,11 +1,13 @@
# Changes
## [1.2.0] - 2024-03-xx
## [1.2.0] - 2024-03-24
* Refactor server workers management
* Move ntex::server to separate crate
* Use ntex-net
## [1.1.2] - 2024-03-12
* Update ntex-h2

5
ntex/Cargo.toml
View file

@ -24,10 +24,10 @@ path = "src/lib.rs"
default = []
# openssl
openssl = ["tls-openssl", "ntex-tls/openssl", "ntex-connect/openssl"]
openssl = ["tls-openssl", "ntex-tls/openssl"]
# rustls support
rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls", "ntex-connect/rustls"]
rustls = ["tls-rustls", "webpki-roots", "ntex-tls/rustls"]
# enable compressison support
compress = ["flate2", "brotli2"]
@ -49,7 +49,6 @@ async-std = ["ntex-net/async-std"]
[dependencies]
ntex-codec = "0.6.2"
ntex-connect = "1.1.0"
ntex-http = "0.1.12"
ntex-router = "0.5.3"
ntex-service = "2.0.1"

18
ntex/src/http/client/connector.rs
View file

@ -11,10 +11,10 @@ use crate::{http::Uri, io::IoBoxed};
use super::{connection::Connection, error::ConnectError, pool::ConnectionPool, Connect};
#[cfg(feature = "openssl")]
use crate::connect::openssl::SslConnector;
use tls_openssl::ssl::SslConnector as OpensslConnector;
#[cfg(feature = "rustls")]
use crate::connect::rustls::ClientConfig;
use tls_rustls::ClientConfig;
type BoxedConnector = boxed::BoxService<TcpConnect<Uri>, IoBoxed, ConnectError>;
@ -68,9 +68,9 @@ impl Connector {
#[cfg(feature = "openssl")]
{
use crate::connect::openssl::SslMethod;
use tls_openssl::ssl::SslMethod;
let mut ssl = SslConnector::builder(SslMethod::tls()).unwrap();
let mut ssl = OpensslConnector::builder(SslMethod::tls()).unwrap();
let _ = ssl
.set_alpn_protos(b"\x02h2\x08http/1.1")
.map_err(|e| log::error!("Cannot set ALPN protocol: {:?}", e));
@ -111,18 +111,18 @@ impl Connector {
#[cfg(feature = "openssl")]
/// Use openssl connector for secured connections.
pub fn openssl(self, connector: SslConnector) -> Self {
use crate::connect::openssl::Connector;
pub fn openssl(self, connector: OpensslConnector) -> Self {
use crate::connect::openssl::SslConnector;
self.secure_connector(Connector::new(connector))
self.secure_connector(SslConnector::new(connector))
}
#[cfg(feature = "rustls")]
/// Use rustls connector for secured connections.
pub fn rustls(self, connector: ClientConfig) -> Self {
use crate::connect::rustls::Connector;
use crate::connect::rustls::TlsConnector;
self.secure_connector(Connector::new(connector))
self.secure_connector(TlsConnector::new(connector))
}
/// Set total number of simultaneous connections per type of scheme.

2
ntex/src/http/client/error.rs
View file

@ -5,7 +5,7 @@ use serde_json::error::Error as JsonError;
use thiserror::Error;
#[cfg(feature = "openssl")]
use crate::connect::openssl::{HandshakeError, SslError};
use tls_openssl::ssl::{Error as SslError, HandshakeError};
use crate::http::error::{DecodeError, EncodeError, HttpError, PayloadError};
use crate::util::Either;

20
ntex/src/lib.rs
View file

@ -47,7 +47,25 @@ pub mod codec {
pub mod connect {
//! Tcp connector service
pub use ntex_connect::*;
pub use ntex_net::connect::*;
#[cfg(feature = "openssl")]
pub mod openssl {
pub use ntex_tls::openssl::{SslConnector, SslFilter};
#[doc(hidden)]
#[deprecated]
pub use ntex_tls::openssl::SslConnector as Connector;
}
#[cfg(feature = "rustls")]
pub mod rustls {
pub use ntex_tls::rustls::{TlsClientFilter, TlsConnector};
#[doc(hidden)]
#[deprecated]
pub use ntex_tls::rustls::TlsConnector as Connector;
}
}
pub mod router {

4
ntex/src/ws/client.rs
View file

@ -533,7 +533,7 @@ where
/// Use openssl connector.
pub fn openssl(
&mut self,
connector: openssl::SslConnector,
connector: tls_openssl::ssl::SslConnector,
) -> WsClientBuilder<Layer<openssl::SslFilter>, openssl::Connector<Uri>> {
self.connector(openssl::Connector::new(connector))
}
@ -542,7 +542,7 @@ where
/// Use rustls connector.
pub fn rustls(
&mut self,
config: std::sync::Arc<rustls::ClientConfig>,
config: std::sync::Arc<tls_rustls::ClientConfig>,
) -> WsClientBuilder<Layer<rustls::TlsClientFilter>, rustls::Connector<Uri>> {
self.connector(rustls::Connector::from(config))
}

92
ntex/tests/connect.rs
View file

@ -1,4 +1,4 @@
use std::{io, rc::Rc, sync::Arc};
use std::{io, rc::Rc};
use ntex::codec::BytesCodec;
use ntex::connect::Connect;
@ -6,6 +6,9 @@ use ntex::io::{types::PeerAddr, Io};
use ntex::service::{chain_factory, fn_service, Pipeline, ServiceFactory};
use ntex::{server::build_test_server, server::test_server, time, util::Bytes};
#[cfg(feature = "rustls")]
mod rustls_utils;
#[cfg(feature = "openssl")]
fn ssl_acceptor() -> tls_openssl::ssl::SslAcceptor {
use tls_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
@ -21,67 +24,6 @@ fn ssl_acceptor() -> tls_openssl::ssl::SslAcceptor {
builder.build()
}
#[cfg(feature = "rustls")]
use tls_rustls::ServerConfig;
#[cfg(feature = "rustls")]
fn tls_acceptor() -> Arc<ServerConfig> {
use std::fs::File;
use std::io::BufReader;
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let key = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let config = ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, key)
.unwrap();
Arc::new(config)
}
mod danger {
use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime};
#[derive(Debug)]
pub struct NoCertificateVerification {}
impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_end_entity: &CertificateDer<'_>,
_certs: &[CertificateDer<'_>],
_hostname: &ServerName<'_>,
_ocsp: &[u8],
_now: UnixTime,
) -> Result<tls_rustls::client::danger::ServerCertVerified, tls_rustls::Error> {
Ok(tls_rustls::client::danger::ServerCertVerified::assertion())
}
fn verify_tls12_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error> {
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn verify_tls13_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error> {
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn supported_verify_schemes(&self) -> Vec<tls_rustls::SignatureScheme> {
vec![]
}
}
}
#[cfg(feature = "openssl")]
#[ntex::test]
async fn test_openssl_string() {
@ -187,13 +129,13 @@ async fn test_openssl_read_before_error() {
}
#[cfg(feature = "rustls")]
#[ignore]
#[ntex::test]
async fn test_rustls_string() {
use std::{fs::File, io::BufReader};
use ntex::{io::types::HttpProtocol, server::rustls};
use ntex_tls::{rustls::PeerCert, rustls::PeerCertChain};
use std::fs::File;
use std::io::BufReader;
use tls_rustls::ClientConfig;
let srv = test_server(|| {
chain_factory(
@ -204,7 +146,12 @@ async fn test_rustls_string() {
})
.map_init_err(|_| ()),
)
.and_then(rustls::TlsAcceptor::new(tls_acceptor()))
.and_then(
rustls::TlsAcceptor::new(rustls_utils::tls_acceptor_arc()).map_err(|e| {
log::error!("tls negotiation is failed: {:?}", e);
e
}),
)
.and_then(
fn_service(|io: Io<_>| async move {
assert!(io.query::<PeerCert>().as_ref().is_none());
@ -219,12 +166,9 @@ async fn test_rustls_string() {
)
});
let config = ClientConfig::builder()
.dangerous()
.with_custom_certificate_verifier(Arc::new(danger::NoCertificateVerification {}))
.with_no_client_auth();
let conn = Pipeline::new(ntex::connect::rustls::Connector::new(config));
let conn = Pipeline::new(ntex::connect::rustls::Connector::new(
rustls_utils::tls_connector(),
));
let addr = format!("localhost:{}", srv.addr().port());
let io = conn.call(addr.into()).await.unwrap();
assert_eq!(io.query::<PeerAddr>().get().unwrap(), srv.addr().into());
@ -233,7 +177,9 @@ async fn test_rustls_string() {
HttpProtocol::Http1
);
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let cert_chain = rustls_pemfile::certs(cert_file)
.collect::<Result<Vec<_>, _>>()
.unwrap();
assert_eq!(
io.query::<PeerCert>().as_ref().unwrap().0,
*cert_chain.first().unwrap()

50
ntex/tests/http_awc_rustls_client.rs
View file

@ -3,7 +3,6 @@ use std::sync::atomic::{AtomicUsize, Ordering};
use std::sync::Arc;
use tls_openssl::ssl::{SslAcceptor, SslFiletype, SslMethod, SslVerifyMode};
use tls_rustls::ClientConfig;
use ntex::http::client::{Client, Connector};
use ntex::http::test::server as test_server;
@ -12,6 +11,8 @@ use ntex::service::{chain_factory, map_config, ServiceFactory};
use ntex::util::Ready;
use ntex::web::{self, dev::AppConfig, App, HttpResponse};
mod rustls_utils;
fn ssl_acceptor() -> SslAcceptor {
// load ssl keys
let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
@ -34,48 +35,6 @@ fn ssl_acceptor() -> SslAcceptor {
builder.build()
}
mod danger {
use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime};
#[derive(Debug)]
pub struct NoCertificateVerification {}
impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_end_entity: &CertificateDer<'_>,
_certs: &[CertificateDer<'_>],
_hostname: &ServerName<'_>,
_ocsp: &[u8],
_now: UnixTime,
) -> Result<tls_rustls::client::danger::ServerCertVerified, tls_rustls::Error> {
Ok(tls_rustls::client::danger::ServerCertVerified::assertion())
}
fn verify_tls12_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error> {
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn verify_tls13_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error> {
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn supported_verify_schemes(&self) -> Vec<tls_rustls::SignatureScheme> {
vec![]
}
}
}
#[ntex::test]
async fn test_connection_reuse_h2() {
let num = Arc::new(AtomicUsize::new(0));
@ -101,10 +60,7 @@ async fn test_connection_reuse_h2() {
});
// disable ssl verification
let mut config = ClientConfig::builder()
.dangerous()
.with_custom_certificate_verifier(Arc::new(danger::NoCertificateVerification {}))
.with_no_client_auth();
let mut config = rustls_utils::tls_connector();
let protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
config.alpn_protocols = protos;

3
ntex/tests/http_server.rs
View file

@ -513,9 +513,6 @@ async fn test_h1_head_binary() {
#[ntex::test]
async fn test_h1_head_binary2() {
std::env::set_var("RUST_LOG", "trace");
let _ = env_logger::try_init();
let srv = test_server(|| {
HttpService::build().h1(|_| Ready::Ok::<_, io::Error>(Response::Ok().body(STR)))
});

69
ntex/tests/rustls_utils.rs Normal file
View file

@ -0,0 +1,69 @@
#![allow(dead_code)]
use std::{fs::File, io::BufReader, sync::Arc};
use tls_rustls::pki_types::{CertificateDer, ServerName, UnixTime};
use tls_rustls::ClientConfig;
pub fn tls_connector() -> ClientConfig {
ClientConfig::builder()
.dangerous()
.with_custom_certificate_verifier(Arc::new(NoCertificateVerification {}))
.with_no_client_auth()
}
pub fn tls_acceptor_arc() -> Arc<tls_rustls::ServerConfig> {
Arc::new(tls_acceptor())
}
pub fn tls_acceptor() -> tls_rustls::ServerConfig {
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file)
.map(|r| r.unwrap())
.collect();
let key = rustls_pemfile::private_key(key_file).unwrap().unwrap();
tls_rustls::ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, key)
.unwrap()
}
#[derive(Debug)]
pub struct NoCertificateVerification {}
impl tls_rustls::client::danger::ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_end_entity: &CertificateDer<'_>,
_certs: &[CertificateDer<'_>],
_hostname: &ServerName<'_>,
_ocsp: &[u8],
_now: UnixTime,
) -> Result<tls_rustls::client::danger::ServerCertVerified, tls_rustls::Error> {
Ok(tls_rustls::client::danger::ServerCertVerified::assertion())
}
fn verify_tls12_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error>
{
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn verify_tls13_signature(
&self,
_message: &[u8],
_cert: &CertificateDer<'_>,
_dss: &tls_rustls::DigitallySignedStruct,
) -> Result<tls_rustls::client::danger::HandshakeSignatureValid, tls_rustls::Error>
{
Ok(tls_rustls::client::danger::HandshakeSignatureValid::assertion())
}
fn supported_verify_schemes(&self) -> Vec<tls_rustls::SignatureScheme> {
vec![]
}
}

18
ntex/tests/web_httpserver.rs
View file

@ -4,6 +4,9 @@ use std::{sync::mpsc, thread, time::Duration};
#[cfg(feature = "openssl")]
use tls_openssl::ssl::SslAcceptorBuilder;
#[cfg(feature = "rustls")]
mod rustls_utils;
use ntex::web::{self, App, HttpResponse, HttpServer};
use ntex::{rt, server::TestServer, time::sleep, time::Seconds};
@ -128,6 +131,7 @@ async fn test_openssl() {
})
});
let (srv, sys) = rx.recv().unwrap();
thread::sleep(Duration::from_millis(100));
let client = client();
let host = format!("https://{}", addr);
@ -144,26 +148,14 @@ async fn test_openssl() {
#[ntex::test]
#[cfg(all(feature = "rustls", feature = "openssl"))]
async fn test_rustls() {
use std::{fs::File, io::BufReader};
use ntex::web::HttpRequest;
use tls_rustls::ServerConfig as RustlsServerConfig;
let addr = TestServer::unused_addr();
let (tx, rx) = mpsc::channel();
thread::spawn(move || {
let sys = ntex::rt::System::new("test");
// load ssl keys
let cert_file = &mut BufReader::new(File::open("./tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("./tests/key.pem").unwrap());
let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let config = RustlsServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, keys)
.unwrap();
let config = rustls_utils::tls_acceptor();
sys.run(move || {
let srv = HttpServer::new(|| {

94
ntex/tests/web_server.rs
View file

@ -18,6 +18,9 @@ use ntex::util::{ready, Bytes, Ready, Stream};
use ntex::web::{self, middleware::Compress, test};
use ntex::web::{App, BodyEncoding, HttpRequest, HttpResponse, WebResponseError};
#[cfg(feature = "rustls")]
mod rustls_utils;
const STR: &str = "Hello World Hello World Hello World Hello World Hello World \
Hello World Hello World Hello World Hello World Hello World \
Hello World Hello World Hello World Hello World Hello World \
@ -842,33 +845,20 @@ async fn test_brotli_encoding_large_openssl_h2() {
#[cfg(all(feature = "rustls", feature = "openssl"))]
#[ntex::test]
async fn test_reading_deflate_encoding_large_random_rustls() {
use std::{fs::File, io::BufReader};
use tls_rustls::ServerConfig;
let data = rand::thread_rng()
.sample_iter(&Alphanumeric)
.take(160_000)
.map(char::from)
.collect::<String>();
// load ssl keys
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let config = ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, keys)
.unwrap();
let srv = test::server_with(test::config().rustls(config), || {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
});
let srv =
test::server_with(test::config().rustls(rustls_utils::tls_acceptor()), || {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
});
// encode data
let mut e = ZlibEncoder::new(Vec::new(), Compression::default());
@ -894,33 +884,22 @@ async fn test_reading_deflate_encoding_large_random_rustls() {
#[cfg(all(feature = "rustls", feature = "openssl"))]
#[ntex::test]
async fn test_reading_deflate_encoding_large_random_rustls_h1() {
use std::fs::File;
use std::io::BufReader;
use tls_rustls::ServerConfig;
let data = rand::thread_rng()
.sample_iter(&Alphanumeric)
.take(160_000)
.map(char::from)
.collect::<String>();
// load ssl keys
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let config = ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, keys)
.unwrap();
let srv = test::server_with(test::config().rustls(config).h1(), || {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
});
let srv = test::server_with(
test::config().rustls(rustls_utils::tls_acceptor()).h1(),
|| {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
},
);
// encode data
let mut e = ZlibEncoder::new(Vec::new(), Compression::default());
@ -946,33 +925,22 @@ async fn test_reading_deflate_encoding_large_random_rustls_h1() {
#[cfg(all(feature = "rustls", feature = "openssl"))]
#[ntex::test]
async fn test_reading_deflate_encoding_large_random_rustls_h2() {
use std::{fs::File, io::BufReader};
use tls_rustls::ServerConfig;
let data = rand::thread_rng()
.sample_iter(&Alphanumeric)
.take(160_000)
.map(char::from)
.collect::<String>();
// load ssl keys
let cert_file = &mut BufReader::new(File::open("tests/cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("tests/key.pem").unwrap());
let cert_chain = rustls_pemfile::certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
let keys = rustls_pemfile::private_key(key_file).unwrap().unwrap();
let config = ServerConfig::builder()
.with_no_client_auth()
.with_single_cert(cert_chain, keys)
.unwrap();
let srv = test::server_with(test::config().rustls(config).h2(), || {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
});
let srv = test::server_with(
test::config().rustls(rustls_utils::tls_acceptor()).h2(),
|| {
App::new().service(web::resource("/").route(web::to(|bytes: Bytes| async {
HttpResponse::Ok()
.encoding(ContentEncoding::Identity)
.body(bytes)
})))
},
);
// encode data
let mut e = ZlibEncoder::new(Vec::new(), Compression::default());