mirror of
https://github.com/actix/actix-web.git
synced 2024-11-14 04:41:15 +00:00
103 lines
3.2 KiB
Rust
103 lines
3.2 KiB
Rust
#![cfg(feature = "rustls")]
|
|
use std::sync::atomic::{AtomicUsize, Ordering};
|
|
use std::sync::Arc;
|
|
|
|
use actix_http::HttpService;
|
|
use actix_http_test::test_server;
|
|
use actix_service::{map_config, pipeline_factory, ServiceFactoryExt};
|
|
use actix_web::http::Version;
|
|
use actix_web::{dev::AppConfig, web, App, HttpResponse};
|
|
use futures_util::future::ok;
|
|
use open_ssl::ssl::{SslAcceptor, SslFiletype, SslMethod, SslVerifyMode};
|
|
use rust_tls::ClientConfig;
|
|
|
|
#[allow(unused)]
|
|
fn ssl_acceptor() -> SslAcceptor {
|
|
// load ssl keys
|
|
let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
|
|
builder.set_verify_callback(SslVerifyMode::NONE, |_, _| true);
|
|
builder
|
|
.set_private_key_file("../tests/key.pem", SslFiletype::PEM)
|
|
.unwrap();
|
|
builder
|
|
.set_certificate_chain_file("../tests/cert.pem")
|
|
.unwrap();
|
|
builder.set_alpn_select_callback(|_, protos| {
|
|
const H2: &[u8] = b"\x02h2";
|
|
if protos.windows(3).any(|window| window == H2) {
|
|
Ok(b"h2")
|
|
} else {
|
|
Err(open_ssl::ssl::AlpnError::NOACK)
|
|
}
|
|
});
|
|
builder.set_alpn_protos(b"\x02h2").unwrap();
|
|
builder.build()
|
|
}
|
|
|
|
mod danger {
|
|
pub struct NoCertificateVerification {}
|
|
|
|
impl rust_tls::ServerCertVerifier for NoCertificateVerification {
|
|
fn verify_server_cert(
|
|
&self,
|
|
_roots: &rust_tls::RootCertStore,
|
|
_presented_certs: &[rust_tls::Certificate],
|
|
_dns_name: webpki::DNSNameRef<'_>,
|
|
_ocsp: &[u8],
|
|
) -> Result<rust_tls::ServerCertVerified, rust_tls::TLSError> {
|
|
Ok(rust_tls::ServerCertVerified::assertion())
|
|
}
|
|
}
|
|
}
|
|
|
|
// TODO: why is test ignored
|
|
// #[actix_rt::test]
|
|
async fn _test_connection_reuse_h2() {
|
|
let num = Arc::new(AtomicUsize::new(0));
|
|
let num2 = num.clone();
|
|
|
|
let srv = test_server(move || {
|
|
let num2 = num2.clone();
|
|
pipeline_factory(move |io| {
|
|
num2.fetch_add(1, Ordering::Relaxed);
|
|
ok(io)
|
|
})
|
|
.and_then(
|
|
HttpService::build()
|
|
.h2(map_config(
|
|
App::new()
|
|
.service(web::resource("/").route(web::to(HttpResponse::Ok))),
|
|
|_| AppConfig::default(),
|
|
))
|
|
.openssl(ssl_acceptor())
|
|
.map_err(|_| ()),
|
|
)
|
|
})
|
|
.await;
|
|
|
|
// disable ssl verification
|
|
let mut config = ClientConfig::new();
|
|
let protos = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
|
|
config.set_protocols(&protos);
|
|
config
|
|
.dangerous()
|
|
.set_certificate_verifier(Arc::new(danger::NoCertificateVerification {}));
|
|
|
|
let client = awc::Client::builder()
|
|
.connector(awc::Connector::new().rustls(Arc::new(config)).finish())
|
|
.finish();
|
|
|
|
// req 1
|
|
let request = client.get(srv.surl("/")).send();
|
|
let response = request.await.unwrap();
|
|
assert!(response.status().is_success());
|
|
|
|
// req 2
|
|
let req = client.post(srv.surl("/"));
|
|
let response = req.send().await.unwrap();
|
|
assert!(response.status().is_success());
|
|
assert_eq!(response.version(), Version::HTTP_2);
|
|
|
|
// one connection
|
|
assert_eq!(num.load(Ordering::Relaxed), 1);
|
|
}
|