mirror of
https://github.com/actix/actix-web.git
synced 2025-01-11 17:55:38 +00:00
fix ssl config for client connector
This commit is contained in:
parent
d0fc9d7b99
commit
4b59ae2476
2 changed files with 56 additions and 29 deletions
|
@ -16,13 +16,16 @@ use http::{Error as HttpError, HttpTryFrom, Uri};
|
||||||
use tokio_io::{AsyncRead, AsyncWrite};
|
use tokio_io::{AsyncRead, AsyncWrite};
|
||||||
use tokio_timer::Delay;
|
use tokio_timer::Delay;
|
||||||
|
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
use {
|
use {
|
||||||
openssl::ssl::{Error as SslError, SslConnector, SslMethod},
|
openssl::ssl::{Error as SslError, SslConnector, SslMethod},
|
||||||
tokio_openssl::SslConnectorExt,
|
tokio_openssl::SslConnectorExt,
|
||||||
};
|
};
|
||||||
|
|
||||||
#[cfg(all(feature = "tls", not(feature = "alpn")))]
|
#[cfg(all(
|
||||||
|
feature = "tls",
|
||||||
|
not(any(feature = "alpn", feature = "ssl", feature = "rust-tls"))
|
||||||
|
))]
|
||||||
use {
|
use {
|
||||||
native_tls::{Error as SslError, TlsConnector as NativeTlsConnector},
|
native_tls::{Error as SslError, TlsConnector as NativeTlsConnector},
|
||||||
tokio_tls::TlsConnector as SslConnector,
|
tokio_tls::TlsConnector as SslConnector,
|
||||||
|
@ -30,7 +33,7 @@ use {
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "rust-tls",
|
feature = "rust-tls",
|
||||||
not(any(feature = "alpn", feature = "tls"))
|
not(any(feature = "alpn", feature = "tls", feature = "ssl"))
|
||||||
))]
|
))]
|
||||||
use {
|
use {
|
||||||
rustls::ClientConfig, std::io::Error as SslError, std::sync::Arc,
|
rustls::ClientConfig, std::io::Error as SslError, std::sync::Arc,
|
||||||
|
@ -39,11 +42,16 @@ use {
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "rust-tls",
|
feature = "rust-tls",
|
||||||
not(any(feature = "alpn", feature = "tls"))
|
not(any(feature = "alpn", feature = "tls", feature = "ssl"))
|
||||||
))]
|
))]
|
||||||
type SslConnector = Arc<ClientConfig>;
|
type SslConnector = Arc<ClientConfig>;
|
||||||
|
|
||||||
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))]
|
#[cfg(not(any(
|
||||||
|
feature = "alpn",
|
||||||
|
feature = "ssl",
|
||||||
|
feature = "tls",
|
||||||
|
feature = "rust-tls",
|
||||||
|
)))]
|
||||||
type SslConnector = ();
|
type SslConnector = ();
|
||||||
|
|
||||||
use server::IoStream;
|
use server::IoStream;
|
||||||
|
@ -150,7 +158,12 @@ pub enum ClientConnectorError {
|
||||||
SslIsNotSupported,
|
SslIsNotSupported,
|
||||||
|
|
||||||
/// SSL error
|
/// SSL error
|
||||||
#[cfg(any(feature = "tls", feature = "alpn", feature = "rust-tls"))]
|
#[cfg(any(
|
||||||
|
feature = "tls",
|
||||||
|
feature = "alpn",
|
||||||
|
feature = "ssl",
|
||||||
|
feature = "rust-tls",
|
||||||
|
))]
|
||||||
#[fail(display = "{}", _0)]
|
#[fail(display = "{}", _0)]
|
||||||
SslError(#[cause] SslError),
|
SslError(#[cause] SslError),
|
||||||
|
|
||||||
|
@ -247,19 +260,22 @@ impl SystemService for ClientConnector {}
|
||||||
impl Default for ClientConnector {
|
impl Default for ClientConnector {
|
||||||
fn default() -> ClientConnector {
|
fn default() -> ClientConnector {
|
||||||
let connector = {
|
let connector = {
|
||||||
#[cfg(all(feature = "alpn"))]
|
#[cfg(all(any(feature = "alpn", feature = "ssl")))]
|
||||||
{
|
{
|
||||||
SslConnector::builder(SslMethod::tls()).unwrap().build()
|
SslConnector::builder(SslMethod::tls()).unwrap().build()
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(all(feature = "tls", not(feature = "alpn")))]
|
#[cfg(all(
|
||||||
|
feature = "tls",
|
||||||
|
not(any(feature = "alpn", feature = "ssl", feature = "rust-tls"))
|
||||||
|
))]
|
||||||
{
|
{
|
||||||
NativeTlsConnector::builder().build().unwrap().into()
|
NativeTlsConnector::builder().build().unwrap().into()
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "rust-tls",
|
feature = "rust-tls",
|
||||||
not(any(feature = "alpn", feature = "tls"))
|
not(any(feature = "alpn", feature = "tls", feature = "ssl"))
|
||||||
))]
|
))]
|
||||||
{
|
{
|
||||||
let mut config = ClientConfig::new();
|
let mut config = ClientConfig::new();
|
||||||
|
@ -269,7 +285,12 @@ impl Default for ClientConnector {
|
||||||
Arc::new(config)
|
Arc::new(config)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))]
|
#[cfg(not(any(
|
||||||
|
feature = "alpn",
|
||||||
|
feature = "ssl",
|
||||||
|
feature = "tls",
|
||||||
|
feature = "rust-tls",
|
||||||
|
)))]
|
||||||
{
|
{
|
||||||
()
|
()
|
||||||
}
|
}
|
||||||
|
@ -280,7 +301,7 @@ impl Default for ClientConnector {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl ClientConnector {
|
impl ClientConnector {
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
||||||
///
|
///
|
||||||
/// By default `ClientConnector` uses very a simple SSL configuration.
|
/// By default `ClientConnector` uses very a simple SSL configuration.
|
||||||
|
@ -325,7 +346,7 @@ impl ClientConnector {
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "rust-tls",
|
feature = "rust-tls",
|
||||||
not(any(feature = "alpn", feature = "tls"))
|
not(any(feature = "alpn", feature = "ssl", feature = "tls"))
|
||||||
))]
|
))]
|
||||||
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
||||||
///
|
///
|
||||||
|
@ -376,7 +397,7 @@ impl ClientConnector {
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "tls",
|
feature = "tls",
|
||||||
not(any(feature = "alpn", feature = "rust-tls"))
|
not(any(feature = "ssl", feature = "alpn", feature = "rust-tls"))
|
||||||
))]
|
))]
|
||||||
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
/// Create `ClientConnector` actor with custom `SslConnector` instance.
|
||||||
///
|
///
|
||||||
|
@ -714,7 +735,7 @@ impl ClientConnector {
|
||||||
act.release_key(&key2);
|
act.release_key(&key2);
|
||||||
()
|
()
|
||||||
}).and_then(move |res, act, _| {
|
}).and_then(move |res, act, _| {
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
match res {
|
match res {
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
let _ = waiter.tx.send(Err(err.into()));
|
let _ = waiter.tx.send(Err(err.into()));
|
||||||
|
@ -756,7 +777,7 @@ impl ClientConnector {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(all(feature = "tls", not(feature = "alpn")))]
|
#[cfg(all(feature = "tls", not(any(feature = "alpn", feature = "ssl"))))]
|
||||||
match res {
|
match res {
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
let _ = waiter.tx.send(Err(err.into()));
|
let _ = waiter.tx.send(Err(err.into()));
|
||||||
|
@ -800,7 +821,7 @@ impl ClientConnector {
|
||||||
|
|
||||||
#[cfg(all(
|
#[cfg(all(
|
||||||
feature = "rust-tls",
|
feature = "rust-tls",
|
||||||
not(any(feature = "alpn", feature = "tls"))
|
not(any(feature = "alpn", feature = "ssl", feature = "tls"))
|
||||||
))]
|
))]
|
||||||
match res {
|
match res {
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
|
@ -844,7 +865,12 @@ impl ClientConnector {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))]
|
#[cfg(not(any(
|
||||||
|
feature = "alpn",
|
||||||
|
feature = "ssl",
|
||||||
|
feature = "tls",
|
||||||
|
feature = "rust-tls"
|
||||||
|
)))]
|
||||||
match res {
|
match res {
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
let _ = waiter.tx.send(Err(err.into()));
|
let _ = waiter.tx.send(Err(err.into()));
|
||||||
|
|
25
src/test.rs
25
src/test.rs
|
@ -13,12 +13,10 @@ use http::{HeaderMap, HttpTryFrom, Method, Uri, Version};
|
||||||
use net2::TcpBuilder;
|
use net2::TcpBuilder;
|
||||||
use tokio::runtime::current_thread::Runtime;
|
use tokio::runtime::current_thread::Runtime;
|
||||||
|
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
use openssl::ssl::SslAcceptorBuilder;
|
use openssl::ssl::SslAcceptorBuilder;
|
||||||
#[cfg(feature = "rust-tls")]
|
#[cfg(feature = "rust-tls")]
|
||||||
use rustls::ServerConfig;
|
use rustls::ServerConfig;
|
||||||
#[cfg(feature = "alpn")]
|
|
||||||
use server::OpensslAcceptor;
|
|
||||||
|
|
||||||
use application::{App, HttpApplication};
|
use application::{App, HttpApplication};
|
||||||
use body::Binary;
|
use body::Binary;
|
||||||
|
@ -136,7 +134,7 @@ impl TestServer {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_conn() -> Addr<ClientConnector> {
|
fn get_conn() -> Addr<ClientConnector> {
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
{
|
{
|
||||||
use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
|
use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
|
||||||
|
|
||||||
|
@ -144,7 +142,10 @@ impl TestServer {
|
||||||
builder.set_verify(SslVerifyMode::NONE);
|
builder.set_verify(SslVerifyMode::NONE);
|
||||||
ClientConnector::with_connector(builder.build()).start()
|
ClientConnector::with_connector(builder.build()).start()
|
||||||
}
|
}
|
||||||
#[cfg(all(feature = "rust-tls", not(feature = "alpn")))]
|
#[cfg(all(
|
||||||
|
feature = "rust-tls",
|
||||||
|
not(any(feature = "alpn", feature = "ssl"))
|
||||||
|
))]
|
||||||
{
|
{
|
||||||
use rustls::ClientConfig;
|
use rustls::ClientConfig;
|
||||||
use std::fs::File;
|
use std::fs::File;
|
||||||
|
@ -154,7 +155,7 @@ impl TestServer {
|
||||||
config.root_store.add_pem_file(pem_file).unwrap();
|
config.root_store.add_pem_file(pem_file).unwrap();
|
||||||
ClientConnector::with_connector(config).start()
|
ClientConnector::with_connector(config).start()
|
||||||
}
|
}
|
||||||
#[cfg(not(any(feature = "alpn", feature = "rust-tls")))]
|
#[cfg(not(any(feature = "alpn", feature = "ssl", feature = "rust-tls")))]
|
||||||
{
|
{
|
||||||
ClientConnector::default().start()
|
ClientConnector::default().start()
|
||||||
}
|
}
|
||||||
|
@ -263,7 +264,7 @@ where
|
||||||
F: Fn() -> S + Send + Clone + 'static,
|
F: Fn() -> S + Send + Clone + 'static,
|
||||||
{
|
{
|
||||||
state: F,
|
state: F,
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
ssl: Option<SslAcceptorBuilder>,
|
ssl: Option<SslAcceptorBuilder>,
|
||||||
#[cfg(feature = "rust-tls")]
|
#[cfg(feature = "rust-tls")]
|
||||||
rust_ssl: Option<ServerConfig>,
|
rust_ssl: Option<ServerConfig>,
|
||||||
|
@ -277,14 +278,14 @@ where
|
||||||
pub fn new(state: F) -> TestServerBuilder<S, F> {
|
pub fn new(state: F) -> TestServerBuilder<S, F> {
|
||||||
TestServerBuilder {
|
TestServerBuilder {
|
||||||
state,
|
state,
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
ssl: None,
|
ssl: None,
|
||||||
#[cfg(feature = "rust-tls")]
|
#[cfg(feature = "rust-tls")]
|
||||||
rust_ssl: None,
|
rust_ssl: None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
/// Create ssl server
|
/// Create ssl server
|
||||||
pub fn ssl(mut self, ssl: SslAcceptorBuilder) -> Self {
|
pub fn ssl(mut self, ssl: SslAcceptorBuilder) -> Self {
|
||||||
self.ssl = Some(ssl);
|
self.ssl = Some(ssl);
|
||||||
|
@ -308,7 +309,7 @@ where
|
||||||
|
|
||||||
let mut has_ssl = false;
|
let mut has_ssl = false;
|
||||||
|
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
{
|
{
|
||||||
has_ssl = has_ssl || self.ssl.is_some();
|
has_ssl = has_ssl || self.ssl.is_some();
|
||||||
}
|
}
|
||||||
|
@ -335,12 +336,12 @@ where
|
||||||
tx.send((System::current(), addr, TestServer::get_conn()))
|
tx.send((System::current(), addr, TestServer::get_conn()))
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
#[cfg(feature = "alpn")]
|
#[cfg(any(feature = "alpn", feature = "ssl"))]
|
||||||
{
|
{
|
||||||
let ssl = self.ssl.take();
|
let ssl = self.ssl.take();
|
||||||
if let Some(ssl) = ssl {
|
if let Some(ssl) = ssl {
|
||||||
let tcp = net::TcpListener::bind(addr).unwrap();
|
let tcp = net::TcpListener::bind(addr).unwrap();
|
||||||
srv = srv.listen_with(tcp, OpensslAcceptor::new(ssl).unwrap());
|
srv = srv.listen_ssl(tcp, ssl).unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#[cfg(feature = "rust-tls")]
|
#[cfg(feature = "rust-tls")]
|
||||||
|
|
Loading…
Reference in a new issue