mirror of https://github.com/rwf2/Rocket.git
Update 'h3' and 's2n_quic' dependencies.
This commit is contained in:
parent
faa0543c3d
commit
51d4ed4394
|
@ -33,7 +33,7 @@ uuid = ["uuid_", "rocket_http/uuid"]
|
||||||
tls = ["rustls", "tokio-rustls", "rustls-pemfile"]
|
tls = ["rustls", "tokio-rustls", "rustls-pemfile"]
|
||||||
mtls = ["tls", "x509-parser"]
|
mtls = ["tls", "x509-parser"]
|
||||||
tokio-macros = ["tokio/macros"]
|
tokio-macros = ["tokio/macros"]
|
||||||
trace = ["tracing-subscriber", "tinyvec", "thread_local", "rustls?/logging", "tokio-rustls?/logging", "multer/log"]
|
trace = ["tracing-subscriber", "tinyvec", "thread_local", "rustls?/logging", "tokio-rustls?/logging", "multer/log", "s2n-quic-h3?/tracing"]
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
# Optional serialization dependencies.
|
# Optional serialization dependencies.
|
||||||
|
@ -128,7 +128,7 @@ optional = true
|
||||||
|
|
||||||
[dependencies.s2n-quic-h3]
|
[dependencies.s2n-quic-h3]
|
||||||
git = "https://github.com/SergioBenitez/s2n-quic-h3.git"
|
git = "https://github.com/SergioBenitez/s2n-quic-h3.git"
|
||||||
rev = "865fd25"
|
rev = "7aa3be0"
|
||||||
optional = true
|
optional = true
|
||||||
|
|
||||||
[target.'cfg(unix)'.dependencies]
|
[target.'cfg(unix)'.dependencies]
|
||||||
|
|
|
@ -48,10 +48,10 @@ pub struct QuicListener {
|
||||||
tls: TlsConfig,
|
tls: TlsConfig,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct H3Stream(H3Conn);
|
pub struct H3Stream(H3Conn, quic::connection::Result<SocketAddr>);
|
||||||
|
|
||||||
pub struct H3Connection {
|
pub struct H3Connection {
|
||||||
pub(crate) handle: quic::connection::Handle,
|
pub(crate) remote: quic::connection::Result<SocketAddr>,
|
||||||
pub(crate) parts: http::request::Parts,
|
pub(crate) parts: http::request::Parts,
|
||||||
pub(crate) tx: QuicTx,
|
pub(crate) tx: QuicTx,
|
||||||
pub(crate) rx: QuicRx,
|
pub(crate) rx: QuicRx,
|
||||||
|
@ -104,9 +104,10 @@ impl QuicListener {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn connect(&self, accept: quic::Connection) -> io::Result<H3Stream> {
|
pub async fn connect(&self, accept: quic::Connection) -> io::Result<H3Stream> {
|
||||||
|
let remote = accept.remote_addr();
|
||||||
let quic_conn = quic_h3::Connection::new(accept);
|
let quic_conn = quic_h3::Connection::new(accept);
|
||||||
let conn = H3Conn::new(quic_conn).await.map_err(io::Error::other)?;
|
let conn = H3Conn::new(quic_conn).await.map_err(io::Error::other)?;
|
||||||
Ok(H3Stream(conn))
|
Ok(H3Stream(conn, remote))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn endpoint(&self) -> io::Result<Endpoint> {
|
pub fn endpoint(&self) -> io::Result<Endpoint> {
|
||||||
|
@ -116,7 +117,7 @@ impl QuicListener {
|
||||||
|
|
||||||
impl H3Stream {
|
impl H3Stream {
|
||||||
pub async fn accept(&mut self) -> io::Result<Option<H3Connection>> {
|
pub async fn accept(&mut self) -> io::Result<Option<H3Connection>> {
|
||||||
let handle = self.0.inner.conn.handle().clone();
|
let remote = self.1.clone();
|
||||||
let ((parts, _), (tx, rx)) = match self.0.accept().await {
|
let ((parts, _), (tx, rx)) = match self.0.accept().await {
|
||||||
Ok(Some((req, stream))) => (req.into_parts(), stream.split()),
|
Ok(Some((req, stream))) => (req.into_parts(), stream.split()),
|
||||||
Ok(None) => return Ok(None),
|
Ok(None) => return Ok(None),
|
||||||
|
@ -129,7 +130,7 @@ impl H3Stream {
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok(Some(H3Connection { handle, parts, tx: QuicTx(tx), rx: QuicRx(rx) }))
|
Ok(Some(H3Connection { remote, parts, tx: QuicTx(tx), rx: QuicRx(rx) }))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -158,8 +159,7 @@ impl QuicTx {
|
||||||
// FIXME: Expose certificates when possible.
|
// FIXME: Expose certificates when possible.
|
||||||
impl H3Connection {
|
impl H3Connection {
|
||||||
pub fn endpoint(&self) -> io::Result<Endpoint> {
|
pub fn endpoint(&self) -> io::Result<Endpoint> {
|
||||||
let addr = self.handle.remote_addr()?;
|
Ok(Endpoint::Quic(self.remote?).assume_tls())
|
||||||
Ok(Endpoint::Quic(addr).assume_tls())
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,9 @@
|
||||||
# directly for your browser to show connections as secure. You should NEVER use
|
# directly for your browser to show connections as secure. You should NEVER use
|
||||||
# these certificate/key pairs. They are here for DEMONSTRATION PURPOSES ONLY.
|
# these certificate/key pairs. They are here for DEMONSTRATION PURPOSES ONLY.
|
||||||
|
|
||||||
|
[default]
|
||||||
|
log_format = "compact"
|
||||||
|
|
||||||
[default.tls]
|
[default.tls]
|
||||||
certs = "private/rsa_sha256_cert.pem"
|
certs = "private/rsa_sha256_cert.pem"
|
||||||
key = "private/rsa_sha256_key.pem"
|
key = "private/rsa_sha256_key.pem"
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
|
|
||||||
use rocket::http::Status;
|
use rocket::http::Status;
|
||||||
use rocket::tracing::Level;
|
use rocket::tracing::{self, Instrument};
|
||||||
use rocket::{route, Error, Request, Data, Route, Orbit, Rocket, Ignite};
|
use rocket::{route, Error, Request, Data, Route, Orbit, Rocket, Ignite};
|
||||||
use rocket::fairing::{Fairing, Info, Kind};
|
use rocket::fairing::{Fairing, Info, Kind};
|
||||||
use rocket::response::Redirect;
|
use rocket::response::Redirect;
|
||||||
|
@ -45,16 +45,13 @@ impl Redirector {
|
||||||
pub async fn try_launch(self, config: Config) -> Result<Rocket<Ignite>, Error> {
|
pub async fn try_launch(self, config: Config) -> Result<Rocket<Ignite>, Error> {
|
||||||
use rocket::http::Method::*;
|
use rocket::http::Method::*;
|
||||||
|
|
||||||
rocket::span_info!("HTTP -> HTTPS Redirector" => {
|
|
||||||
info!(from = self.0, to = config.tls_addr.port(), "redirecting");
|
|
||||||
});
|
|
||||||
|
|
||||||
// Build a vector of routes to `redirect` on `<path..>` for each method.
|
// Build a vector of routes to `redirect` on `<path..>` for each method.
|
||||||
let redirects = [Get, Put, Post, Delete, Options, Head, Trace, Connect, Patch]
|
let redirects = [Get, Put, Post, Delete, Options, Head, Trace, Connect, Patch]
|
||||||
.into_iter()
|
.into_iter()
|
||||||
.map(|m| Route::new(m, "/<path..>", Self::redirect))
|
.map(|m| Route::new(m, "/<path..>", Self::redirect))
|
||||||
.collect::<Vec<_>>();
|
.collect::<Vec<_>>();
|
||||||
|
|
||||||
|
info!(from = self.0, to = config.tls_addr.port(), "redirecting");
|
||||||
let addr = SocketAddr::new(config.tls_addr.ip(), self.0);
|
let addr = SocketAddr::new(config.tls_addr.ip(), self.0);
|
||||||
rocket::custom(&config.server)
|
rocket::custom(&config.server)
|
||||||
.manage(config)
|
.manage(config)
|
||||||
|
@ -73,35 +70,25 @@ impl Fairing for Redirector {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[tracing::instrument(name = "HTTP -> HTTPS Redirector", skip_all)]
|
||||||
async fn on_liftoff(&self, rocket: &Rocket<Orbit>) {
|
async fn on_liftoff(&self, rocket: &Rocket<Orbit>) {
|
||||||
let Some(tls_addr) = rocket.endpoints().find_map(|e| e.tls()?.tcp()) else {
|
let Some(tls_addr) = rocket.endpoints().find_map(|e| e.tls()?.tcp()) else {
|
||||||
rocket::span_warn!("HTTP -> HTTPS Redirector" => {
|
|
||||||
warn!("Main instance is not being served over TLS/TCP.\n\
|
warn!("Main instance is not being served over TLS/TCP.\n\
|
||||||
Redirector refusing to start.");
|
Redirector refusing to start.");
|
||||||
});
|
|
||||||
|
|
||||||
return;
|
return;
|
||||||
};
|
};
|
||||||
|
|
||||||
let config = Config {
|
|
||||||
tls_addr,
|
|
||||||
server: rocket::Config {
|
|
||||||
log_level: Some(Level::ERROR),
|
|
||||||
..rocket.config().clone()
|
|
||||||
},
|
|
||||||
};
|
|
||||||
|
|
||||||
let this = *self;
|
let this = *self;
|
||||||
let shutdown = rocket.shutdown();
|
let shutdown = rocket.shutdown();
|
||||||
|
let span = tracing::info_span!("HTTP -> HTTPS Redirector");
|
||||||
|
let config = Config { tls_addr, server: rocket.config().clone() };
|
||||||
rocket::tokio::spawn(async move {
|
rocket::tokio::spawn(async move {
|
||||||
if let Err(e) = this.try_launch(config).await {
|
if let Err(e) = this.try_launch(config).await {
|
||||||
span_error!("HTTP -> HTTPS Redirector", "failed to start" => {
|
|
||||||
e.trace_error();
|
e.trace_error();
|
||||||
info!("shutting down main instance");
|
info!("shutting down main instance");
|
||||||
});
|
|
||||||
|
|
||||||
shutdown.notify();
|
shutdown.notify();
|
||||||
}
|
}
|
||||||
});
|
}.instrument(span));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue