From d7379bd10b19ac0aa8778b89c9d41a2538d5f5d3 Mon Sep 17 00:00:00 2001
From: Nikolay Kim <fafhrd91@gmail.com>
Date: Tue, 2 Oct 2018 13:41:33 -0700
Subject: [PATCH] update server ssl tests; upgrade rustls

---
 CHANGES.md           |   1 +
 Cargo.toml           |   4 +-
 tests/identity.pfx   | Bin 0 -> 5549 bytes
 tests/test_server.rs | 146 ++++++++++++++++++++++++++++++++++++++-----
 4 files changed, 133 insertions(+), 18 deletions(-)
 create mode 100644 tests/identity.pfx

diff --git a/CHANGES.md b/CHANGES.md
index a55ef7ec2..3c55c3f64 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -23,6 +23,7 @@
 
 * Correct usage of `no_http2` flag in `bind_*` methods. #519
 
+
 ## [0.7.8] - 2018-09-17
 
 ### Added
diff --git a/Cargo.toml b/Cargo.toml
index cedb38da3..46719d709 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -118,8 +118,8 @@ openssl = { version="0.10", optional = true }
 tokio-openssl = { version="0.2", optional = true }
 
 #rustls
-rustls = { version = "^0.13.1", optional = true }
-tokio-rustls = { version = "^0.7.2", optional = true }
+rustls = { version = "0.14", optional = true }
+tokio-rustls = { version = "0.8", optional = true }
 webpki = { version = "0.18", optional = true }
 webpki-roots = { version = "0.15", optional = true }
 
diff --git a/tests/identity.pfx b/tests/identity.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..946e3b8b8ae10e19a11e7ac6eead66b12fff0014
GIT binary patch
literal 5549
zcmY+GRZtv&vTbn*Fa-DD5S(Fv;O=h0gF_fx!{8nycyM=jcXvr}cXtMNxH(n#z4P8j
zS68jQyT2EE0A2|kEIfMvo;?yO<4>8N_ZYCqu-O54MhF3T`v0&tdjMMWe<P&q05rdU
z$O{e@=HGJtZvx9siuB=sKcK@Ru>%lL7KUFAFV5{u;owkU`~uKqm}O*fBSo5RVYIG`
zPAKF6ePO1*(FhW)-QpFAvtO?cVWGD0hs0WO4>qy>9T48E19Q`LuD0r#V<$Vj_c2yp
z)4}gHs(AF<^Bo{R_`YId+=%k!c;why`_I0GXxv)FEmD)RG7Vs?g`z@xC^k*0+`Ps8
zZQH$QkvVVeOE(P8=<tocQl{ALJK=G%c!6%Radke_oSsD2YrI(w#Svi|@4SRHuk|)9
z<25N#;tqJ4mE(OlL+ZL~G1nH2cF$tI<uU6h1g$(*O4h{jSDzYMrUO>g*0kvj|2!A!
zCaUuJ^XO0NPlE$=oQRK9ti`Ic7JJnq;osnZ4OA`G7m{<wUYu^kprS)^z!bmg(O#fn
z5Il<hu9~eAl0X01sLowIzLUJ4Z)1A6%aGm<=lo5sKYnQ-2frRda;>`HKP{cH&`YLS
z&7cXaq1TKaOG&uTJqqY25!-%6M82yrFSuJv{`JhJUOE4ZMT1J%h8u3pSuQ$qle0}C
z2}0Lk)3OpsFm1yeJ1|XW9gt0oX1PIiJ+HG_ccQbIH}C6hb|aPpRO(@Rt|u~DJIX%l
zC+^x;>&_>s!^v1hwDp-biu2rspT|oc!3;MUJ>ui2i(Lamzq&B9OCcN`j&N`^wTcd1
z`DFH$T83h&1Ws&{N(khR##{-N3RSG@_ZPyM3S<g~9C#sWPO?rX4rYZVE2Lj$aKGzp
zfG+4AvP}rv&UH7IDbutn6smH<j)leRJj>Q_TAXRRqyV#LUkE0&kEvE8Y61{fKJ+Y=
z$eQ*1oOaeF^Z9A#-r@E7LmI)arBxsyT>V+(Ruq)&tBqzOi1sjBwNjPe_jraq(=2r^
zB|%@2bxrAnZr&d!&MNXZn&!iHPAs)aINufHy*7>&8Ap}7vY+Ji590{9Gq+KBpjkN0
zeCWDYHbCrNc%062ljm(+!6eM>ku}@T8$$TYjIT%~Y3z>YH2FxhEJ6lUL_#W3!=?ks
zFo969*bgk}a!GRqXMSjjgd&?6Y%hBVuhL~74jyLlXNnJzvi?lWEo_HD7ZkXXB+vYf
z**da2rqVV>3tDz^j`grt{G5Ye8`Q@KgQelPxGF%zLkZ=m7<JH4Rc7P=0K4)^sN|x1
z$1>N>eor9pQmK6B$F&s9TaFeP0w?b5Q2p`A;be~m;x!mwj;I4ye%g!Op2Z^tb4S}i
z#o}zOP0;F#mw3YEF_5DmxuBJQ{MZN!`^i6PwkgfA(n$bs9PQx6aZB5p$2&d$+`VjO
zsH)tO=SExUR825&T#?}~JqR<A$$<TV)u#v^zkHAVLV%a6v*(w*T4aZG+}4;v<GGep
z9ofLZUn*@dZ1|A67zu5Nf3SKc=78u++oi*PPImzkv5UrolMw%iU)|>Db1{y6YsTMn
zYINH#Ru0n1kxJc|=rVjd@`uh*nzIv3n@lt8^$P6GC5xIW1?7XLu5&GtX$Ho%rp5@a
z<;*{8D{Rd@ocNX}STxWU(2moCw*4dI^{&Hcc<xc?NsxxBOAo}gRb+Hs`Zlq2k_22s
z^$-o#<74Y(%Xq15!kAg3-&K-o8|CM=6xlL{u&YwxacnfYW_+UJQzN7k3^`G%;C0p}
zJTAI*Ob*Rh0h|L|k6Alfghr}EHQ)>PIwaXF^%V^P@gTFF*ow(`z_5$lNR7B+?<1E>
zULlb}pDx~mAAb5{pg@(IH|PW09Pz6r7!}<9>(fAn8=3nRL|EV^f5o-!1D@`uY_E0=
zXWciaPcKF60&?K+MAnU0gz}SuZb>wVAeRY>Lz9(&Zu_rB_JiKSV8HOqO3;vSD41G~
zIYpO4JcJ5K0+;O6x0VlNvNY%;v*XCt2V>-|%pxixP0jfH+xE<?R^*Q=a%wb++d(3a
z=P|0}5U#$!C&qx2{VpQ6#j4QR+|K8@$9{Zj@E*7o8dZ(&2kL87=dx7di(W4yq%Z_k
zr-kw%XHeCI5TQ%l#n<wD&W5k}ePV-=CHq!@j4CN(2WWDa-o~&CPiFMSJK7$j6hACD
zuJfKVxkm5GfhU|ET@Yyr^nZp%Gl*F(a7PAzV%ckHP?^X5JitRk@+KH-5>^8^D3ZXs
zS4AQ;$|oz)t4F{7(j7F7l{R}lJhwq)ekCh$|7`g4CXbIghAm6OSZ1L&K5-Y1w$mQa
z_MBdP-vu45dbf@y=ls^2$D{4YS(f+0N}W49&$hLSRWl_WZB<Rzd0Cj0!&#j@hrxLa
zoS7p%wF3Dq#|8%kRU#K-)hQ)i8z5e}3~#8~JM#xD;FdVZf4_#6*nV_Q(A)QanuRf4
zng<icr%$(6GjK`|<50yxzCQ%r-(9EbJ{T$W#8voXiA=giCfO;5=>;uN`i7GQSU2{>
z%tc5FX16D4Hc<O1MN*pi>~M^2Q-}r|Th>@2!HT<`AbzLpW6XWl;-{}i)bscjNo9~Z
zt>K*BFR$SlC#sBVi?$v)Y?HUyl)E2s`8W6ZXD9n+OhlM3@csT_+o|7G5+{-kChNBE
zGoihxT`ld2`0D_n8Kx;B37<NwSo|51Zi7R<j0xP{Q`i>>D}D7${tb4|NGV4*rXJY<
zrP!d-L?ATkL~#^D#VB&5mZjsJsQ(E>4kqY74x%)7DdB0tEho2OB+t;4_6jhwgA|cO
znS?z?-;5Y{h$UXY8kALQOM~}sKX{KB4C#6j4aK&Q<H$-98Rh!^i5f;b4Bb&ZCfv^i
z@v?1XKW}NyEAZ`O-m6d@{}{t~eM8m$q+~-vI_90VQ-sAGmJtBBmg<ssZ6;&0c<CuU
z75Ph3DsfEFL<bn%3m)B4FFu!L(tuTnT&z>k9w{6xr6GoWSrQBZ-V^FUe|IuEu|!Ho
zP~_-_Q3K`aH^E3h7qd#rjmRUmA*<D&wf)7$c%8s~#%~!)R|&|ODdQ|X6nxOR`Z5OB
z@PSzJcU@(o=A2fbmG(&szsqFnBpq51$Tdr{$Kw@0l1q$VC1=oXZ^o#z=E#sd(ETp+
zqf;j#BHB3x!?(`-UNyCbgp^j9yF*1a6yTaS4`HK03#1U_&yf@`VeGS+&3dSy$6D|s
zZ{~h0#k)zG>ZPMaLSD!4zIf>se1cE%=z*bSCvx#B3|QUR$0#m9GAZ3L&y-$F1DIC&
zT8gc<4SckFy#eY%&9U^Kz5>cD`L{z)t6x+lxMS@K!T}DzX*QtVExm3-I%(wjkMP#>
z1(Cx)JgRslsAW|p`13(`X}#T<>eipuNW4PA4R2-@N+Vc&(y87pk_BSeS+d6)P$^TP
z`?$x%WPFPWh9eb*vW#gb#gty{p~gAkXo)>T5Uf}c#r*~bw?jGhA9M7i8I5Xoby}f^
z^p4Qzi_ghn7*)HR6CmO5t+f(DYnCA3GX_!BFzYWFViu9Jn~Rh{W4lS>Ien~yruGbu
z>(;O4jayyFSMEP1yQ9A{eQ^Hh(X@0+auu!ON=}-efn0d?U5LMh$zI#vo9nqvQ$058
z0%`dSn#OpIe|FctVo1fv^b^C(=MqC(usOYfc9zoBNAJEY_F!S;aKK8MEaXZ2?J0*q
z%9PBkwW53|md4e|UjFDs!BwW$KTztoZy9^)QA!(U)itkV!h$GWP*eYJRt+x@x5V%i
z1J7`#SEWSE_@>C3i32lz2g3U@e}8X+mAz+L`pS5%*YB7Dxr&GE<kszB;o=u%#4cou
zk-jP8-D6RQY0UM*Dcu*(6~Iur{a{RhzTo8&QOab3y5uiXGOMe2vZ}USx>4t*>KB6I
zE-@2=x9^2U&Ux`Z5<+-#U+{a@#CzMU?Leqv9AhmP6iaWp>Oq!NsxHbS=EW1!zJLz{
zMUGYEB7n6q3Er#o<|Z`u0MwrUN4&EGP-_taP%Ho8(tlHkg!X?l`~xi9ztHX<wEF+-
z9R5FcPOex-HrZnd{EwagJC|9GpmV8VO9=ft0U_y2J*2igzNd9-u^70EU~vZL3Dha&
z%vjw@&_voHBUMZ>DeK*m&V~nDC|pLVujbH(b=fk1EfnQhXPjX1C48B*(7^BO>cFO~
zAH*SPpf#PD###N!E<uxcQ<XE@oGjiBEM}Evz^}XzUr!Q=P9;$8uv*ZTMAlWq9r-a$
zHwx!sPoYrhyK5&&e4dmuA=NY=qN!qd8Sht2Xj>9oD!h87(U5h5>lHJLd?LymUDW$S
z^HqD#EbaAcgn)aq3MVH(f*KmTMjHO5dW|_+katLspc=S!v^H3wli*n6ojf^qf3K=y
zKr%Yay%^*Xvh0;}J@-TW@bcRzax<}Q<a5IJX<8m)A6C}Q-F+t{)t3r&IBqIG!g$oR
z{`1>{(@FjI+hfy@)|L*hscS(TttTvz_%Nv+(<UfakZ<RGMz!9>z8GGr?Ic>si}%oD
zjS`B@EE+;f!(VuH>B7DBvpXijW%<{YjhQlo9fhwvuO{nH%@)BNiq<1`YY&2FCcm1v
z)V&H!Kcj^3Bt0y%<<fbrs-wG5CIc<wlytHQcK(co)R4(3BR0OekiDzFV3T%G$+oVT
z#$m41$o(X=<FNLE#+pA1fVbqtSqBcWzg7{I1m16?<=gg2hdIEx;3woH(@zy#op0BL
zVj|8PIjeCt{G^QwD%+^_i@J4i<bw6*M8(JB)=uac4$~`C#4wrlikwmi=H>I%;IH=P
zJ41oky-lS{I9?XOY~Id^5UX<7RGwt!+GLyLENxHkj-snrrD9wg(faIi6I{jBh1go{
zM*ViN9ui7wip-=5;2)#r3!%>8z?BacE<1_@ALhkFNVIX%-ABNFWSr=jiLQ6%-{KRS
zW<AP^P@<r-ptb@M>wq<$wd1t!5~>t;g)EsTUt{vq;Fq-VE-~ml6ZXxgTNfUz_@@T7
zjsLv05k4~6I(7sOoX;Me9Mx*!2n`*&G62*4lL#e<aCyIg5;YDee$F;xWu>RXMj)}#
zKr96@p5g@T(q@%oV#NRfPt?05WUo1wQk&aO{Pmwj7rdpbg<eVgo)QF|xr03YYpQjY
zR5&QpOjcMS=gH$|L*P2aO&CcvpB1DY3oa#;`?FyuMQ|AdaL|8TqQ+H1mMeW`5?Q#u
z83N1Bx9^A-m_@H7TlYi!CS_xk<NTsPSy{&V<%3;ejCiTxAuTg~C}*R#Mz2NG9F0j_
zQEKfT5XI`Pi7?ZND;|rbOm|V|vNk_wpd(u)E&JK3q1K$~A@{R0W0xM~L}@#jCJnMc
z&Ee41fx#!8l_e3*hI0HCA2(0Sw>cv6`Z78Sujv^Cw!}t9r`^Lc8t$WvLza7iBfkmc
zDDY9Tit~6VzqS0L=Ayqpm%buj8Ag(=8<}4__o+jk*7sRDS~t>ecLxvu9W`08b;!5*
zVykt!s+BvMXq)=q=y6Z4d=}r*-a;}j-*Qyy?4M4cOLy-!>N4}f4H%^$+ju=$d;iJ7
zPw8!Js)`{-TTglxv%Sm^K45gm#!5u2ni5W%dv9_+kEJG*<)*><xngWvT%q>LnTIO3
zP6HOD&&FrUjtF+byLCKHD-ACb%_vi{l0xPj|E3=MNnc)wn90{jb#I)vL$jsxtHlPu
zCN(WOd)y*If;(Pc2D_T*H8TGC6#FjyA&L=1eB$U<lhpYqstACZK6|_+T=^AbMcMB%
z;$fj+EG3J-yAI}&_Lu|3TLGdynU=$o+hm*xjfHlZI_#kJ<uLjDp`}G`L8ks?@Vl0T
z$sY*h5?@H?f*CZ0^2p7<?v)d`MR8AH`g&4Zr8o%9=Wg<?QKdE|)YnakIu|o6_+#sb
zG!}!FE#k_no-WXX_c)1>3^IK?5o$tR7-J`4e7hlpb7w~C+Agyessj{qzudSzQHf)p
zE3bG;_o5JE@|R;^XOzYSMRqL`ey<Y8iYa%2R1&(H?BkO*T8z)rAb);gJh#gX5ti>&
z7cxd^&=J@~sxSdNJ~4`WKG3Pf5(-q%1&@Bp@h^T2p}7IVJL}{Ir#}ZYrY(`qOdx+V
z!4-keXG9fPwZ72Z>0InsQ!U51)YwT!#5(o7Q73y)O7Vj^xant+Mw#45BH$9?B1vV-
zK-S5Bmx_T9S^3JTc)fx@Q&R72RSU{u74roB{&3hlzknbj{dy%m?DxD5GH*40Tk$q;
zDxcEj{-~XXePd<mz+@a5;%H370y|0-VbiWFa&rKtlgsBO=LX9`ovlbO3hhT!kX0!|
zR(|aP>Pnzs!=S2lkV$IweaW8lBM@z7iZlAu5N%pYus=+D*DQyFs=GYfXl#{yYa^Ur
z^wdzws}mB6Y~FeN1FIrbx)Pe=LH~}x^wgbl7Mnn)HlS|~MKWejJ*=#vF+_%p7!)FC
z*>GliQit=X=~)<^UO-kl>$hKAhy@PbN%T6E8AFDRIPqP?3nKbu9SC1*x-_q%oa>un
z)jigLjSg;Ie=Sf4&{X0(O6asc*}f}KP)&dmbcEmjIu<#h|51e3-$TXpM$ACpy4wx^
z7~&b%^6mSNlP@DXnZzWuf4O5+N;qfkl$8#UJw?Z-lL=nl=k*Qj5K!X_jNe5*ceN|1
zJO(G;HL??jza#IvW7CL&O%M}9wD`Q<7M?twO`H?+^WCB~JG8Y<yVo)FoSYLoVhzTr
zn%kZXP}x1VM8<D4^C_EXmoiHgIPAGg07GrqBv5_+SW!y`)k#DGp)W3+1PPp@m|?rT
z2P1im@a79wZSgjKchNJ+s&33tLlp)2o$W*2Vk2H!7x?daFz<7x`!6B5^iEQ0Cp&TG
z_X<*57T`rdAn{e3Wtz1w(bvavD{VAc8v!VfQMDIU709K(_r5T^vdC|`1j7ZAT3z+2
zqeTkwPdFuWr~<RkxRMkXsEfrLk2dwwk$zi>5`NHaesh58pW(2{G0QEPc8si#*pBZg
zbmb#%Lx#-6A2aE}_`5AxI8xhZ#FL@NXPYMwK!#-*abrgDL>W=V)NBx_S5!i=ATh~B
zoT!rujGkse$2dK9!A$E8ILE})=TNqjus$Y5VZgwNlvHx9Q@B&7X378MKMHcNc9XmD
z{1dA1N8T7+{i%3V@mO!?q$Lgg=zTVwG9vk)dN9s4cwe<Xc|OH1MdBH4olwI{%sZyo
z915gmr~bcohKdKoN5Camk@C;)Ua@vGSl3fnL<p2hGkanOvQx67A|WyX;Ngf7Vg8ju
k3%59j-4NuxyRtGbXdiaw5K$3OmX~O=@LUm8|6^(Y1MVT8O8@`>

literal 0
HcmV?d00001

diff --git a/tests/test_server.rs b/tests/test_server.rs
index 9c17fd665..240a5ddc0 100644
--- a/tests/test_server.rs
+++ b/tests/test_server.rs
@@ -15,8 +15,12 @@ extern crate tokio_current_thread as current_thread;
 extern crate tokio_reactor;
 extern crate tokio_tcp;
 
+#[cfg(feature = "tls")]
+extern crate native_tls;
 #[cfg(feature = "ssl")]
 extern crate openssl;
+#[cfg(feature = "rust-tls")]
+extern crate rustls;
 
 use std::io::{Read, Write};
 use std::sync::Arc;
@@ -890,10 +894,13 @@ fn test_brotli_encoding_large() {
     assert_eq!(bytes, Bytes::from(data));
 }
 
-#[cfg(all(feature = "brotli", future = "ssl"))]
+#[cfg(all(feature = "brotli", feature = "ssl"))]
 #[test]
-fn test_ssl_brotli_encoding_large() {
-    use openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
+fn test_brotli_encoding_large_ssl() {
+    use actix::{Actor, System};
+    use openssl::ssl::{
+        SslAcceptor, SslConnector, SslFiletype, SslMethod, SslVerifyMode,
+    };
     // load ssl keys
     let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
     builder
@@ -904,7 +911,7 @@ fn test_ssl_brotli_encoding_large() {
         .unwrap();
 
     let data = STR.repeat(10);
-    let mut srv = test::TestServer::build().ssl(builder).start(|app| {
+    let srv = test::TestServer::build().ssl(builder).start(|app| {
         app.handler(|req: &HttpRequest| {
             req.body()
                 .and_then(|bytes: Bytes| {
@@ -914,28 +921,39 @@ fn test_ssl_brotli_encoding_large() {
                 }).responder()
         })
     });
+    let mut rt = System::new("test");
 
+    // client connector
+    let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
+    builder.set_verify(SslVerifyMode::NONE);
+    let conn = client::ClientConnector::with_connector(builder.build()).start();
+
+    // body
     let mut e = BrotliEncoder::new(Vec::new(), 5);
     e.write_all(data.as_ref()).unwrap();
     let enc = e.finish().unwrap();
 
     // client request
-    let request = srv
-        .post()
+    let request = client::ClientRequest::build()
+        .uri(srv.url("/"))
+        .method(http::Method::POST)
         .header(http::header::CONTENT_ENCODING, "br")
+        .with_connector(conn)
         .body(enc)
         .unwrap();
-    let response = srv.execute(request.send()).unwrap();
+    let response = rt.block_on(request.send()).unwrap();
     assert!(response.status().is_success());
 
     // read response
-    let bytes = srv.execute(response.body()).unwrap();
+    let bytes = rt.block_on(response.body()).unwrap();
     assert_eq!(bytes, Bytes::from(data));
 }
 
-#[cfg(future = "rust-ssl")]
+#[cfg(all(feature = "rust-tls", feature = "ssl"))]
 #[test]
 fn test_reading_deflate_encoding_large_random_ssl() {
+    use actix::{Actor, System};
+    use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
     use rustls::internal::pemfile::{certs, rsa_private_keys};
     use rustls::{NoClientAuth, ServerConfig};
     use std::fs::File;
@@ -954,7 +972,7 @@ fn test_reading_deflate_encoding_large_random_ssl() {
         .take(160_000)
         .collect::<String>();
 
-    let mut srv = test::TestServer::build().rustls(config).start(|app| {
+    let srv = test::TestServer::build().rustls(config).start(|app| {
         app.handler(|req: &HttpRequest| {
             req.body()
                 .and_then(|bytes: Bytes| {
@@ -965,25 +983,120 @@ fn test_reading_deflate_encoding_large_random_ssl() {
         })
     });
 
+    let mut rt = System::new("test");
+
+    // client connector
+    let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
+    builder.set_verify(SslVerifyMode::NONE);
+    let conn = client::ClientConnector::with_connector(builder.build()).start();
+
+    // encode data
     let mut e = ZlibEncoder::new(Vec::new(), Compression::default());
     e.write_all(data.as_ref()).unwrap();
     let enc = e.finish().unwrap();
 
     // client request
-    let request = srv
-        .post()
+    let request = client::ClientRequest::build()
+        .uri(srv.url("/"))
+        .method(http::Method::POST)
         .header(http::header::CONTENT_ENCODING, "deflate")
+        .with_connector(conn)
         .body(enc)
         .unwrap();
-    let response = srv.execute(request.send()).unwrap();
+    let response = rt.block_on(request.send()).unwrap();
     assert!(response.status().is_success());
 
     // read response
-    let bytes = srv.execute(response.body()).unwrap();
+    let bytes = rt.block_on(response.body()).unwrap();
     assert_eq!(bytes.len(), data.len());
     assert_eq!(bytes, Bytes::from(data));
 }
 
+#[cfg(all(feature = "tls", feature = "ssl"))]
+#[test]
+fn test_reading_deflate_encoding_large_random_tls() {
+    use native_tls::{Identity, TlsAcceptor};
+    use openssl::ssl::{
+        SslAcceptor, SslConnector, SslFiletype, SslMethod, SslVerifyMode,
+    };
+    use std::fs::File;
+    use std::sync::mpsc;
+
+    use actix::{Actor, System};
+    let (tx, rx) = mpsc::channel();
+
+    // load ssl keys
+    let mut file = File::open("tests/identity.pfx").unwrap();
+    let mut identity = vec![];
+    file.read_to_end(&mut identity).unwrap();
+    let identity = Identity::from_pkcs12(&identity, "1").unwrap();
+    let acceptor = TlsAcceptor::new(identity).unwrap();
+
+    // load ssl keys
+    let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
+    builder
+        .set_private_key_file("tests/key.pem", SslFiletype::PEM)
+        .unwrap();
+    builder
+        .set_certificate_chain_file("tests/cert.pem")
+        .unwrap();
+
+    let data = rand::thread_rng()
+        .sample_iter(&Alphanumeric)
+        .take(160_000)
+        .collect::<String>();
+
+    let addr = test::TestServer::unused_addr();
+    thread::spawn(move || {
+        System::run(move || {
+            server::new(|| {
+                App::new().handler("/", |req: &HttpRequest| {
+                    req.body()
+                        .and_then(|bytes: Bytes| {
+                            Ok(HttpResponse::Ok()
+                                .content_encoding(http::ContentEncoding::Identity)
+                                .body(bytes))
+                        }).responder()
+                })
+            }).bind_tls(addr, acceptor)
+            .unwrap()
+            .start();
+            let _ = tx.send(System::current());
+        });
+    });
+    let sys = rx.recv().unwrap();
+
+    let mut rt = System::new("test");
+
+    // client connector
+    let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
+    builder.set_verify(SslVerifyMode::NONE);
+    let conn = client::ClientConnector::with_connector(builder.build()).start();
+
+    // encode data
+    let mut e = ZlibEncoder::new(Vec::new(), Compression::default());
+    e.write_all(data.as_ref()).unwrap();
+    let enc = e.finish().unwrap();
+
+    // client request
+    let request = client::ClientRequest::build()
+        .uri(format!("https://{}/", addr))
+        .method(http::Method::POST)
+        .header(http::header::CONTENT_ENCODING, "deflate")
+        .with_connector(conn)
+        .body(enc)
+        .unwrap();
+    let response = rt.block_on(request.send()).unwrap();
+    assert!(response.status().is_success());
+
+    // read response
+    let bytes = rt.block_on(response.body()).unwrap();
+    assert_eq!(bytes.len(), data.len());
+    assert_eq!(bytes, Bytes::from(data));
+
+    let _ = sys.stop();
+}
+
 #[test]
 fn test_h2() {
     let srv = test::TestServer::new(|app| app.handler(|_| HttpResponse::Ok().body(STR)));
@@ -1160,7 +1273,6 @@ fn test_slow_request() {
     let (tx, rx) = mpsc::channel();
 
     let addr = test::TestServer::unused_addr();
-
     thread::spawn(move || {
         System::run(move || {
             let srv = server::new(|| {
@@ -1282,5 +1394,7 @@ fn test_ssl_handshake_timeout() {
     let mut stream = net::TcpStream::connect(addr).unwrap();
     let mut data = String::new();
     let _ = stream.read_to_string(&mut data);
-    assert!(data.is_empty())
+    assert!(data.is_empty());
+
+    let _ = sys.stop();
 }