Commit Graph

52 Commits

Author SHA1 Message Date
Sergio Benitez 51d4ed4394 Update 'h3' and 's2n_quic' dependencies. 2024-08-16 16:12:12 -07:00
Sergio Benitez 926e06ef3c Finalize 'tracing' migration.
This commit complete the migration to 'tracing' for all logging. Below
is a summary of all relevant commits, including this one:

Log improvements:
  - All log (trace) messages are structured which means they contain fields
    that can formatted by any subscriber.
  - Logging can be disabled entirely by disabling the default `trace` feature.
  - Routes and catchers now contain location (file/line) information.
  - Two log format kinds: pretty and compact via ROCKET_LOG_FORMAT
  - Coloring is not disabled globally. Thus applications can color even if
    Rocket is configured not to.
  - Rocket is more conservative about 'warn' and 'error' messages, reserving
    those log levels for messages useful in production.
  - Errors from guards logged by codegen now use the 'Display' implementation of
    those errors when one exists.
  - Secrets are never logged, even when directly asked for.

New features:
  - Many Rocket types know how to trace themselves via a new `Trace` trait.
  - `Either` types can now be used in `uri!()` calls.
  - A `RequestIdLayer` tags all requests with a unique ID.

Breaking changes to configuration:
  - `Config::log_level` is of type `Option<Level>`. `None` disables tracing.
  - `log_level` now uses the traditional log level names: "off", "error",
    "warn", "info", "debug", "trace", or 0-5. This replace the Rocket-specific
    "normal", "debug", "critical".
  - A new option, `log_format`, which is either `compact` or `pretty`,
    determines how Rocket's tracing subscriber log trace messages.

Breaking changes:
  - Hidden `rocket::Either` is now publicly available at `rocket::either::Either`.
  - `rocket::Error` no longer panics when dropped.
  - `main` generated by `#[launch]` returns an `ExitCode`.
  - `FromParam` `Err` now always returns the actual error as opposed to the
    string that failed to parse. To recover the original string, use `Either<T,
    &str>`, where `T: FromParam`, as a parameter guard.
  - Many types that implemented `Display` now instead implement `Trace`.
  - `Error::pretty_print()` was removed. Use `Error::trace()` via `Trace` impl.

Internal improvements:
  - Made more space in CI machines for tasks.
  - Cleaned up testbench code using `inventory`.

Resolves #21.
2024-06-03 15:02:44 -07:00
Sergio Benitez 45264de8c9 Allow dynamic selection of log format. 2024-06-03 14:39:20 -07:00
Sergio Benitez b12b7f27d7 Remove old 'log' macros. Color via subscriber.
This commit:
  - Removes painting outside trace subscriber in core.
  - Removes all non-subscriber uses of yansi.
  - Removes all uses of old log macros.
  - Fix trace exports.
2024-06-03 14:39:12 -07:00
Sergio Benitez ff6da900a0 Migrate to 'tracing' for logging.
This commit:
  - Remove all traces of 'log'.
  - Send all logs unedited via tracing.
  - Parses and propagate log_level.
  - Implements an initial formatting subscriber.

Co-authored-by: Eliza Weisman <eliza@buoyant.io>
Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
2024-06-03 14:32:01 -07:00
Sergio Benitez 836e64fec3 Rename 'Rocket::configure()' to 'reconfigure()'. 2024-04-25 14:47:43 -07:00
Sergio Benitez 7c50a58c99 Fix TLS example for updated bind interface. 2024-04-22 17:57:34 -07:00
Sergio Benitez 7cc818cd85 Introduce dynamic TLS resolvers.
This commit introduces the ability to dynamically select a TLS
configuration based on the client's TLS hello via the new `Resolver`
trait. In support of this, it also makes the following changes:

  * Added `Authority::set_port()`.
  * `UdsListener` is now `UnixListener`.
  * `Bindable` removed in favor of new `Bind`.
  * All built-in listeners now implement `Bind<&Rocket>`.
  * `Connection` requires `AsyncRead + AsyncWrite`.
  * The `Debug` impl for `Endpoint` displays the underlying address.
  * `Listener` must be `Sized`.
  * The TLS listener was moved to `tls::TlsListener`.
  * The preview `quic` listener no longer implements `Listener`.
  * Added `TlsConfig::server_config()`.
  * Added `race` future helpers.
  * Added `Rocket::launch_with()`, `Rocket::bind_launch()`.
  * Added a default `client.pem` to the TLS example.
  * Various unnecessary listener `Config` structures removed.

In addition, the testbench was revamped to support more scenarios. This
resulted in the following issues being found and fixed:

  * Fix an issue where the logger would ignore color requests.
  * Clarified docs for `mtls::Certificate` guard.
  * Improved error messages on listener misconfiguration.

Resolves #2730.
Resolves #2363.
Closes #2748.
Closes #2683.
Closes #2577.
2024-04-16 23:50:28 -07:00
Sergio Benitez edce8bd656 Use default 'CryptoProvider' for all TLS ops.
Prior to this commit, some TLS related operations used 'ring' even when
a different default 'CryptoProvider' was installed. This commit fixes
that by refactoring 'TlsConfig' such that all utility methods are
required to use the default 'CryptoProvider'.

This commit also cleans up code related to the rustls 0.23 update.
2024-03-31 11:46:56 -07:00
Abdullah Alyan ce92c5dd76 Update rustls to 0.23. Support 'CryptoProvider's.
This commit updates rustls to 0.23 and adds support for custom
'CryptoProvider's installable via 'CryptoProvider::install_default()'.
In particular, this enables using `aws-lc-rs` for cryptography related
operation in TLS. The 'TLS' example was updated to test use of
'aws-lc-rs' on Unix.
2024-03-31 11:46:56 -07:00
Sergio Benitez 02011a1307 Clean up codebase: fix reasonable clippy warnings.
This commit is a codebase-wide cleanup driven by clippy warnings. In
addition to fixing every reasonable warning, the following new
functionality was introduced:

  * `Accept::new()` now takes any `T: Into<QMediaType>` iterator.
  * `TempFile::is_empty()` was added.
  * `HeaderMap` now implements `IntoIterator`.

This commit makes the following breaking changes:

  * The `IntoCollection` trait is gone. Generics previously bound by the
    trait are now bound by `IntoIterator`. This affects:
    - `Accept::new()`
    - `ContentType::with_params()`
    - `Permission::{allow, allowed}()`
  * `MediaType`, `QMediaType`, and `Allow` implement `IntoIterator`,
    enabling most existing code to continue working without change.
  * The inherent `HeaderMap::into_iter()` method was removed.
  * The `Ok` variant in ErrorKind::Liftoff` is now `Box<Rocket<Orbit>>`.
2024-03-20 00:47:38 -07:00
Sergio Benitez 1619bbbddc Support QUIC and HTTP/3.
This commit adds support for HTTP/3 and QUIC under a disabled-by-default
feature `http3-preview`. The current implementation depends on modified
versions of h3 and s2n-quic-h3 which will need to be upstreamed and
published before a release is possible.

During the course of development various facets of Rocket's internal
connection handling and recent listener APIs were improved. The complete
list of changes included in this PR is:

  * A `shutdown` module was introduced.
  * `config::Shutdown` was renamed to `ShutdownConfig` and moved to
    `shutdown` while being re-exported from `config`.
  * `ListenerAddr` is now called `Endpoint`. Various methods which
    previously referred to "addresses" now refer to "endpoints".
  * `Rocket::endpoint()` was renamed to `Rocket::endpoints()` and now
    returns an iterator over the endpoints Rocket is listening on.
  * `Endpoint` acquired various query utility methods.
  * The `{set_}remote()` methods now take/produce `Endpoint`s.
  * `TlsBindable` only accepts single-phase internal interfaces.
  * Bind error messages include candidate endpoint info when possible.
  * The warning message when a secret key is not configured now includes
    information about its effect on private cookies.

Internal changes include:

  * Config module tests were moved to `config/tests.rs`.
  * The cancellable I/O implementation was significantly simplified.
  * The `TripWire` implementation was simplified.
  * Individual shutdown stages can now be awaited on via `Stages`.
  * The `Shield` implementation was simplified.

Resolves #2723.
2024-03-18 20:23:22 -07:00
Sergio Benitez 7c702a5b01 Update yansi to 1.0.1. 2024-03-14 15:26:03 -07:00
Sergio Benitez fd294049c7 Update to hyper 1. Enable custom + unix listeners.
This commit completely rewrites Rocket's HTTP serving. In addition to
significant internal cleanup, this commit introduces the following major
features:

  * Support for custom, external listeners in the `listener` module.

    The new `listener` module contains new `Bindable`, `Listener`, and
    `Connection` traits which enable composable, external
    implementations of connection listeners. Rocket can launch on any
    `Listener`, or anything that can be used to create a listener
    (`Bindable`), via a new `launch_on()` method.

  * Support for Unix domain socket listeners out of the box.

    The default listener backwards compatibly supports listening on Unix
    domain sockets. To do so, configure an `address` of
    `unix:path/to/socket` and optional set `reuse` to `true` (the
    default) or `false` which controls whether Rocket will handle
    creating and deleting the unix domain socket.

In addition to these new features, this commit makes the following major
improvements:

  * Rocket now depends on hyper 1.

  * Rocket no longer depends on hyper to handle connections. This allows
    us to handle more connection failure conditions which results in an
    overall more robust server with fewer dependencies.

  * Logic to work around hyper's inability to reference incoming request
    data in the response results in a 15% performance improvement.

  * `Client`s can be marked secure with `Client::{un}tracked_secure()`,
    allowing Rocket to treat local connections as running under TLS.

  * The `macros` feature of `tokio` is no longer used by Rocket itself.
    Dependencies can take advantage of this reduction in compile-time
    cost by disabling the new default feature `tokio-macros`.

  * A new `TlsConfig::validate()` method allows checking a TLS config.

  * New `TlsConfig::{certs,key}_reader()`,
    `MtlsConfig::ca_certs_reader()` methods return `BufReader`s, which
    allow reading the configured certs and key directly.

  * A new `NamedFile::open_with()` constructor allows specifying
    `OpenOptions`.

These improvements resulted in the following breaking changes:

  * The MSRV is now 1.74.
  * `hyper` is no longer exported from `rocket::http`.
  * `IoHandler::io` takes `Box<Self>` instead of `Pin<Box<Self>>`.
    - Use `Box::into_pin(self)` to recover the previous type.
  * `Response::upgrade()` now returns an `&mut dyn IoHandler`, not
    `Pin<& mut _>`.
  * `Config::{address,port,tls,mtls}` methods have been removed.
    - Use methods on `Rocket::endpoint()` instead.
  * `TlsConfig` was moved to `tls::TlsConfig`.
  * `MutualTls` was renamed and moved to `mtls::MtlsConfig`.
  * `ErrorKind::TlsBind` was removed.
  * The second field of `ErrorKind::Shutdown` was removed.
  * `{Local}Request::{set_}remote()` methods take/return an `Endpoint`.
  * `Client::new()` was removed; it was previously deprecated.

Internally, the following major changes were made:

  * A new `async_bound` attribute macro was introduced to allow setting
    bounds on futures returned by `async fn`s in traits while
    maintaining good docs.

  * All utility functionality was moved to a new `util` module.

Resolves #2671.
Resolves #1070.
2024-01-29 22:38:55 -08:00
Sergio Benitez 9c2b74b23c Upgrade 'rustls' to '0.22'.
In the process, the following improvements were also made:

  * Error messages related to TLS were improved.
  * 'Redirector' in 'tls' example was improved.
2023-12-15 16:50:08 -08:00
Sergio Benitez 5d31ad4efb Update 'cookie' to 0.18. 2023-09-28 23:50:29 -07:00
Sergio Benitez a82508b403 Set 'Secure' cookie flag by default under TLS.
If TLS is enabled and active, Rocket will now set the `Secure` cookie
attribute by default.

Resolves #2425.
2023-04-05 13:15:24 -07:00
Sergio Benitez aa6ad7030a Allow setting mTLS certificates on local 'Client'.
This allows testing with client certificates.

Co-authored-by: Brett Buford <blbuford@gmail.com>
2023-03-31 11:13:40 -07:00
Sergio Benitez 7155ad229a Add HTTP to HTTPs redirector to TLS example. 2023-03-26 17:57:31 -07:00
Sergio Benitez 0a0f540988 Support TLS keys in SEC1 format. 2023-03-23 14:57:54 -07:00
Sergio Benitez daa157f872 Ignore data before TLS key encapsulation boundary.
Resolves #2281.

Co-authored-by: Julian Büttner <me@julianbuettner.dev>
2023-03-23 14:57:54 -07:00
Konrad Borowski 4d258739f5 Migrate Rocket to Rust 2021 edition. 2022-04-19 18:35:38 -07:00
Sergio Benitez 677790d639 Bring back generated TLS keys, used by tests. 2021-07-09 16:35:09 -07:00
Sergio Benitez bbc36ba27f Initial implementation of mTLS.
Co-authored-by: Howard Su <howard0su@gmail.com>
Co-authored-by: Mikail Bagishov <bagishov.mikail@yandex.ru>
2021-07-09 00:05:20 -07:00
Sergio Benitez 71823915db Don't store example keys and certs in repository. 2021-07-07 12:16:12 -07:00
Sergio Benitez ad36b769bc Rename 'rocket::ignite()' to 'rocket::build()'.
...because loading up a Rocket while it's ignited is a bad idea.

More seriously, because 'Rocket.ignite()' will become an "execute
everything up to here" method.
2021-04-08 01:07:52 -07:00
Sergio Benitez 50c9e88cf9 Completely revamp, redo examples.
The new examples directory...

  * Contains a `README.md` explaining each example.
  * Consolidates examples into more complete chunks.
  * Is just better.

Resolves #1447.
2021-04-07 23:09:05 -07:00
Sergio Benitez b24e53454a Generate CA cert in 'gen_certs.sh'. 2021-03-17 18:25:06 -07:00
Abdullah Alyan af48d1f2e6 Support more TLS key types in PKCS format.
Closes #1449.
Resolves #1461.
2021-03-17 18:23:15 -07:00
Sergio Benitez 17dd8dafd0 Move examples to their own workspace.
This allows us to test all of the "core" crates (and the guide) by
testing the root workspace, and all of the examples by testing in the
examples workspace.
2021-03-09 21:57:30 -08:00
Sergio Benitez 5d9035ddc1 Keep an op-log for sync 'CookieJar'.
In brief, this commit:

  * Updates to the latest upstream 'cookie', fixing a memory leak.
  * Make changes to 'CookieJar' observable only through 'pending()'.
  * Deprecates 'Client::new()' in favor of 'Client::tracked()'.
  * Makes 'dispatch()' on tracked 'Client's synchronize on cookies.
  * Makes 'Client::untracked()' actually untracked.

This commit updates to the latest 'cookie' which removes support for
'Sync' cookie jars. Instead of relying on 'cookie', this commit
implements an op-log based 'CookieJar' which internally keeps track of
changes. The API is such that changes are only observable through
specialized '_pending()' methods.
2020-10-14 21:37:16 -07:00
Sergio Benitez adc79016cd Rearrange top-level exports. Use '#[launch]'.
This commits makes the following high-level changes:

  * 'ShutdownHandle' is renamed to 'Shutdown'.
  * 'Rocket::shutdown_handle()' is renamed to 'Rocket::shutdown()'.
  * '#[launch]` is preferred to '#[rocket::launch]'.
  * Various docs phrasings are improved.
  * Fixed various broken links in docs.

This commits rearranges top-level exports as follows:

  * 'shutdown' module is no longer exported.
  * 'Shutdown' is exported from the crate root.
  * 'Outcome' is not longer exported from the root.
  * 'Handler', 'ErrorHandler' are no longer exported from the root.
2020-07-22 16:10:02 -07:00
Sergio Benitez 62355b424f Remove use of stable 'proc_macro_hygiene' feature. 2020-07-11 10:48:08 -07:00
Jeb Rosen 06975bfaea Use the blocking testing API everywhere.
Co-authored-by: Sergio Benitez <sb@sergio.bz>
2020-07-11 09:24:30 -07:00
Sergio Benitez 03127f4dae Add blocking variant of 'local'.
This commit adds the 'local::blocking' module and moves the existing
asynchronous testing to 'local::asynchronous'. It also includes several
changes to improve the local API, bringing it to parity (and beyond)
with master. These changes are:

  * 'LocalRequest' implements 'Clone'.
  * 'LocalResponse' doesn't implement 'DerefMut<Target=Response>'.
    Instead, direct methods on the type, such as 'into_string()', can
    be used to read the 'Response'.
  * 'Response::body()' returns an '&ResponseBody' as opposed to '&mut
    ResponseBody', which is returned by a new 'Response::body_mut()'.
  * '&ResponseBody' implements 'known_size()` to retrieve a body's size,
    if it is known.

Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
2020-07-11 09:24:30 -07:00
Sergio Benitez 12308b403f Add '#[rocket::launch]' attribute.
The attribute is applied everywhere it can be across the codebase and is
the newly preferred method for launching an application. This commit
also makes '#[rocket::main]` stricter by warning when it is applied to
functions other than 'main'.
2020-07-11 09:24:29 -07:00
Jeb Rosen bc1b90cbdb Add '#[rocket::main]' attribute and make 'launch()' an 'async fn'.
'#[rocket::main]' works like '#[rocket::async_test]', but it uses
tokio's multithreaded scheduler.
2020-07-11 09:24:29 -07:00
Jeb Rosen b0238e5110 Make 'Fairing::on_attach()' async.
This transitively requires that 'Rocket::inspect()', 'Client::new()',
and 'Client::untracked()' also become async.
2020-07-11 09:24:29 -07:00
Jacob Pratt cd6a80c230 Implement an API to request a graceful shutdown.
Additionally listen for Ctrl-C as a shutdown signal by default.
2020-07-11 09:24:28 -07:00
Jeb Rosen 560f0977d3 Revamp testing system for async.
* body_string_wait and body_bytes_wait are removed; use `.await` instead
* `dispatch()` is now an async fn and must be .await-ed
* Add `#[rocket::async_test]` macro, similar in purpose to `tokio::test`
* Tests now use either `rocket::async_test(async { })` or
  `#[rocket::async_test]` in order to `.await` the futures returned
  from `dispatch()` and `body_{string,bytes}()`
* Update 'test.sh' to reflect the tests that should be passing.

Broken:

* Cloned dispatch and mut_dispatch() with a live previous response now both fail, due to a (partial) check for mutable aliasing in LocalRequest.
* Some tests are still failing and need example-specific changes.
2020-07-11 09:24:28 -07:00
Jacob Pratt e44c5896b8 Remove stabilized 'async_await' feature gate and update the minimum nightly version. 2020-07-11 09:24:28 -07:00
Jeb Rosen bc404f1f6d Use 'body_string_wait' in all example tests. 2020-07-11 09:24:28 -07:00
Jeb Rosen 5d439bafc0 Convert core to async and add support for async routes.
Minimum rustc bump required for rust-lang/rust#61775
2020-07-11 09:24:28 -07:00
Jeb Rosen 3e4f8453ce Remove use of the 'decl_macro' feature.
Also removes one internal use in the 'typed-uris' codegen test.
2019-07-19 11:39:56 -07:00
Jeb Rosen d9f989a496 Migrate all examples to Rust 2018. 2019-06-25 11:30:43 -07:00
Sergio Benitez 2839aca8ce Update features for latest nightly. 2018-10-09 04:31:09 -07:00
Sergio Benitez 61f107f550 Reimplement route attribute as a proc-macro.
This commits also implement the query reform from #608. It also consists
of many, many breaking changes. Among them are:

  * Query parts in route paths use new query reform syntax.
  * Routing for queries is now lenient.
    - Default ranking has changed to reflect query reform.
  * Format routing matching has been fixed.
    - Routes with formats matching "accept" will always collide.
    - Routes with formats matching "content-type" require requests to
      have an equivalent content-type header to match.
    - Requests with imprecise content-types are treated as not having a
      content-type.
  * Generated routes and catchers respect visibility modifiers.
  * Raw getter methods from request were renamed and retooled.
    - In particular, the index parameter is based on segments in the
      route path, not dynamic parameters.
  * The method-based attributes no longer accept a keyed 'path'.
  * The 'rocket_codegen' crate is gone and will no longer be public.
  * The 'FormItems' iterator emits values of type 'FormItem'.
    - The internal form items' string can no longer be retrieved.
  * In general, routes are more strictly validated.
  * Logging from codegen now funnels through logging infrastructure.
  * Routing has been optimized by caching routing metadata.

Resolves #93.
Resolves #608.
Resolves #693.
Resolves #476.
2018-10-09 04:18:04 -07:00
jeb 8e779610c4 Reimplement 'routes!' and 'catchers!' as proc-macros. 2018-09-16 18:52:23 -07:00
Sergio Benitez f171dc9d09 Reorganize repository.
The directory structure has changed to better isolate crates serving
core and contrib. The new directory structure is:

  contrib/
    lib/ - the contrib library
  core/
    lib/ - the core Rocket library
    codegen/ - the "compile extension" codegen library
    codegen_next/ - the new proc-macro library
  examples/ - unchanged
  scripts/ - unchanged
  site/ - unchanged

This commit also removes the following files:

  appveyor.yml - AppVeyor (Rust on Windows) is far too spotty for use
  rustfmt.toml - rustfmt is, unfortunately, not mature enough for use

Finally, all example Cargo crates were marked with 'publish = false'.
2018-06-03 18:44:38 +02:00
Sergio Benitez 084481a84e Initial implementation of typed URIs.
This is a breaking change. All Rocket applications using code
generation must now additionally declare usage of the 'decl_macro'
feature.
2017-09-14 22:10:25 -07:00