1
0
Fork 0
mirror of https://github.com/actix/actix-web.git synced 2025-01-11 17:55:38 +00:00

fix ssl config for client connector

This commit is contained in:
Nikolay Kim 2018-09-27 22:15:38 -07:00
parent d0fc9d7b99
commit 4b59ae2476
2 changed files with 56 additions and 29 deletions

View file

@ -16,13 +16,16 @@ use http::{Error as HttpError, HttpTryFrom, Uri};
use tokio_io::{AsyncRead, AsyncWrite}; use tokio_io::{AsyncRead, AsyncWrite};
use tokio_timer::Delay; use tokio_timer::Delay;
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
use { use {
openssl::ssl::{Error as SslError, SslConnector, SslMethod}, openssl::ssl::{Error as SslError, SslConnector, SslMethod},
tokio_openssl::SslConnectorExt, tokio_openssl::SslConnectorExt,
}; };
#[cfg(all(feature = "tls", not(feature = "alpn")))] #[cfg(all(
feature = "tls",
not(any(feature = "alpn", feature = "ssl", feature = "rust-tls"))
))]
use { use {
native_tls::{Error as SslError, TlsConnector as NativeTlsConnector}, native_tls::{Error as SslError, TlsConnector as NativeTlsConnector},
tokio_tls::TlsConnector as SslConnector, tokio_tls::TlsConnector as SslConnector,
@ -30,7 +33,7 @@ use {
#[cfg(all( #[cfg(all(
feature = "rust-tls", feature = "rust-tls",
not(any(feature = "alpn", feature = "tls")) not(any(feature = "alpn", feature = "tls", feature = "ssl"))
))] ))]
use { use {
rustls::ClientConfig, std::io::Error as SslError, std::sync::Arc, rustls::ClientConfig, std::io::Error as SslError, std::sync::Arc,
@ -39,11 +42,16 @@ use {
#[cfg(all( #[cfg(all(
feature = "rust-tls", feature = "rust-tls",
not(any(feature = "alpn", feature = "tls")) not(any(feature = "alpn", feature = "tls", feature = "ssl"))
))] ))]
type SslConnector = Arc<ClientConfig>; type SslConnector = Arc<ClientConfig>;
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))] #[cfg(not(any(
feature = "alpn",
feature = "ssl",
feature = "tls",
feature = "rust-tls",
)))]
type SslConnector = (); type SslConnector = ();
use server::IoStream; use server::IoStream;
@ -150,7 +158,12 @@ pub enum ClientConnectorError {
SslIsNotSupported, SslIsNotSupported,
/// SSL error /// SSL error
#[cfg(any(feature = "tls", feature = "alpn", feature = "rust-tls"))] #[cfg(any(
feature = "tls",
feature = "alpn",
feature = "ssl",
feature = "rust-tls",
))]
#[fail(display = "{}", _0)] #[fail(display = "{}", _0)]
SslError(#[cause] SslError), SslError(#[cause] SslError),
@ -247,19 +260,22 @@ impl SystemService for ClientConnector {}
impl Default for ClientConnector { impl Default for ClientConnector {
fn default() -> ClientConnector { fn default() -> ClientConnector {
let connector = { let connector = {
#[cfg(all(feature = "alpn"))] #[cfg(all(any(feature = "alpn", feature = "ssl")))]
{ {
SslConnector::builder(SslMethod::tls()).unwrap().build() SslConnector::builder(SslMethod::tls()).unwrap().build()
} }
#[cfg(all(feature = "tls", not(feature = "alpn")))] #[cfg(all(
feature = "tls",
not(any(feature = "alpn", feature = "ssl", feature = "rust-tls"))
))]
{ {
NativeTlsConnector::builder().build().unwrap().into() NativeTlsConnector::builder().build().unwrap().into()
} }
#[cfg(all( #[cfg(all(
feature = "rust-tls", feature = "rust-tls",
not(any(feature = "alpn", feature = "tls")) not(any(feature = "alpn", feature = "tls", feature = "ssl"))
))] ))]
{ {
let mut config = ClientConfig::new(); let mut config = ClientConfig::new();
@ -269,7 +285,12 @@ impl Default for ClientConnector {
Arc::new(config) Arc::new(config)
} }
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))] #[cfg(not(any(
feature = "alpn",
feature = "ssl",
feature = "tls",
feature = "rust-tls",
)))]
{ {
() ()
} }
@ -280,7 +301,7 @@ impl Default for ClientConnector {
} }
impl ClientConnector { impl ClientConnector {
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
/// Create `ClientConnector` actor with custom `SslConnector` instance. /// Create `ClientConnector` actor with custom `SslConnector` instance.
/// ///
/// By default `ClientConnector` uses very a simple SSL configuration. /// By default `ClientConnector` uses very a simple SSL configuration.
@ -325,7 +346,7 @@ impl ClientConnector {
#[cfg(all( #[cfg(all(
feature = "rust-tls", feature = "rust-tls",
not(any(feature = "alpn", feature = "tls")) not(any(feature = "alpn", feature = "ssl", feature = "tls"))
))] ))]
/// Create `ClientConnector` actor with custom `SslConnector` instance. /// Create `ClientConnector` actor with custom `SslConnector` instance.
/// ///
@ -376,7 +397,7 @@ impl ClientConnector {
#[cfg(all( #[cfg(all(
feature = "tls", feature = "tls",
not(any(feature = "alpn", feature = "rust-tls")) not(any(feature = "ssl", feature = "alpn", feature = "rust-tls"))
))] ))]
/// Create `ClientConnector` actor with custom `SslConnector` instance. /// Create `ClientConnector` actor with custom `SslConnector` instance.
/// ///
@ -714,7 +735,7 @@ impl ClientConnector {
act.release_key(&key2); act.release_key(&key2);
() ()
}).and_then(move |res, act, _| { }).and_then(move |res, act, _| {
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
match res { match res {
Err(err) => { Err(err) => {
let _ = waiter.tx.send(Err(err.into())); let _ = waiter.tx.send(Err(err.into()));
@ -756,7 +777,7 @@ impl ClientConnector {
} }
} }
#[cfg(all(feature = "tls", not(feature = "alpn")))] #[cfg(all(feature = "tls", not(any(feature = "alpn", feature = "ssl"))))]
match res { match res {
Err(err) => { Err(err) => {
let _ = waiter.tx.send(Err(err.into())); let _ = waiter.tx.send(Err(err.into()));
@ -800,7 +821,7 @@ impl ClientConnector {
#[cfg(all( #[cfg(all(
feature = "rust-tls", feature = "rust-tls",
not(any(feature = "alpn", feature = "tls")) not(any(feature = "alpn", feature = "ssl", feature = "tls"))
))] ))]
match res { match res {
Err(err) => { Err(err) => {
@ -844,7 +865,12 @@ impl ClientConnector {
} }
} }
#[cfg(not(any(feature = "alpn", feature = "tls", feature = "rust-tls")))] #[cfg(not(any(
feature = "alpn",
feature = "ssl",
feature = "tls",
feature = "rust-tls"
)))]
match res { match res {
Err(err) => { Err(err) => {
let _ = waiter.tx.send(Err(err.into())); let _ = waiter.tx.send(Err(err.into()));

View file

@ -13,12 +13,10 @@ use http::{HeaderMap, HttpTryFrom, Method, Uri, Version};
use net2::TcpBuilder; use net2::TcpBuilder;
use tokio::runtime::current_thread::Runtime; use tokio::runtime::current_thread::Runtime;
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
use openssl::ssl::SslAcceptorBuilder; use openssl::ssl::SslAcceptorBuilder;
#[cfg(feature = "rust-tls")] #[cfg(feature = "rust-tls")]
use rustls::ServerConfig; use rustls::ServerConfig;
#[cfg(feature = "alpn")]
use server::OpensslAcceptor;
use application::{App, HttpApplication}; use application::{App, HttpApplication};
use body::Binary; use body::Binary;
@ -136,7 +134,7 @@ impl TestServer {
} }
fn get_conn() -> Addr<ClientConnector> { fn get_conn() -> Addr<ClientConnector> {
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
{ {
use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode}; use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
@ -144,7 +142,10 @@ impl TestServer {
builder.set_verify(SslVerifyMode::NONE); builder.set_verify(SslVerifyMode::NONE);
ClientConnector::with_connector(builder.build()).start() ClientConnector::with_connector(builder.build()).start()
} }
#[cfg(all(feature = "rust-tls", not(feature = "alpn")))] #[cfg(all(
feature = "rust-tls",
not(any(feature = "alpn", feature = "ssl"))
))]
{ {
use rustls::ClientConfig; use rustls::ClientConfig;
use std::fs::File; use std::fs::File;
@ -154,7 +155,7 @@ impl TestServer {
config.root_store.add_pem_file(pem_file).unwrap(); config.root_store.add_pem_file(pem_file).unwrap();
ClientConnector::with_connector(config).start() ClientConnector::with_connector(config).start()
} }
#[cfg(not(any(feature = "alpn", feature = "rust-tls")))] #[cfg(not(any(feature = "alpn", feature = "ssl", feature = "rust-tls")))]
{ {
ClientConnector::default().start() ClientConnector::default().start()
} }
@ -263,7 +264,7 @@ where
F: Fn() -> S + Send + Clone + 'static, F: Fn() -> S + Send + Clone + 'static,
{ {
state: F, state: F,
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
ssl: Option<SslAcceptorBuilder>, ssl: Option<SslAcceptorBuilder>,
#[cfg(feature = "rust-tls")] #[cfg(feature = "rust-tls")]
rust_ssl: Option<ServerConfig>, rust_ssl: Option<ServerConfig>,
@ -277,14 +278,14 @@ where
pub fn new(state: F) -> TestServerBuilder<S, F> { pub fn new(state: F) -> TestServerBuilder<S, F> {
TestServerBuilder { TestServerBuilder {
state, state,
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
ssl: None, ssl: None,
#[cfg(feature = "rust-tls")] #[cfg(feature = "rust-tls")]
rust_ssl: None, rust_ssl: None,
} }
} }
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
/// Create ssl server /// Create ssl server
pub fn ssl(mut self, ssl: SslAcceptorBuilder) -> Self { pub fn ssl(mut self, ssl: SslAcceptorBuilder) -> Self {
self.ssl = Some(ssl); self.ssl = Some(ssl);
@ -308,7 +309,7 @@ where
let mut has_ssl = false; let mut has_ssl = false;
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
{ {
has_ssl = has_ssl || self.ssl.is_some(); has_ssl = has_ssl || self.ssl.is_some();
} }
@ -335,12 +336,12 @@ where
tx.send((System::current(), addr, TestServer::get_conn())) tx.send((System::current(), addr, TestServer::get_conn()))
.unwrap(); .unwrap();
#[cfg(feature = "alpn")] #[cfg(any(feature = "alpn", feature = "ssl"))]
{ {
let ssl = self.ssl.take(); let ssl = self.ssl.take();
if let Some(ssl) = ssl { if let Some(ssl) = ssl {
let tcp = net::TcpListener::bind(addr).unwrap(); let tcp = net::TcpListener::bind(addr).unwrap();
srv = srv.listen_with(tcp, OpensslAcceptor::new(ssl).unwrap()); srv = srv.listen_ssl(tcp, ssl).unwrap();
} }
} }
#[cfg(feature = "rust-tls")] #[cfg(feature = "rust-tls")]