smol-rs
/
smol
mirror of https://github.com/smol-rs/smol
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #47 from stjepang/ace/certs 

Fix crashes in simple-server
This commit is contained in:
Stjepan Glavina 2020-04-28 04:35:12 -07:00 committed by GitHub
parent 1772ebe795 4a04d23cc4
commit 2921602606
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 42 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -108,10 +108,12 @@ My personal crate recommendation list:
## TLS certificate
Some code examples are using TLS for authentication. The repository
contains a self-signed certificate usable for testing. It should *not*
be used for real world scenarios. Browsers and tools like curl will
show this certificate as insecure. In browsers, accept the security
prompt or use `curl -k` on the command line to bypass security warnings.
contains a self-signed certificate usable for testing, but it should **not**
be used for real-world scenarios. Browsers and tools like curl will
show this certificate as insecure.
In browsers, accept the security prompt or use `curl -k` on the
command line to bypass security warnings.
The certificate file was generated using
[minica](https://github.com/jsha/minica) and

23
examples/async-h1-server.rs
View File

@ -9,9 +9,9 @@
//! Open in the browser any of these addresses:
//!
//! - http://localhost:8000/
//! - https://localhost:8001/ (you'll need to import the TLS certificate first!)
//! - https://localhost:8001/ (accept the security prompt in the browser)
//!
//! Refer to `README.md` to see how to import or generate the TLS certificate.
//! Refer to `README.md` to see how to the TLS certificate was generated.
use std::net::TcpListener;
use std::thread;
@ -55,13 +55,16 @@ async fn listen(listener: Async<TcpListener>, tls: Option<TlsAcceptor>) -> Resul
}
Some(tls) => {
// In case of HTTPS, establish a secure TLS connection first.
let stream = tls.accept(stream).await;
if let Err(e) = stream {
println!("Failed to establish secure TLS connection: {:#?}", e);
continue;
};
let stream = Arc::new(Mutex::new(stream.unwrap()));
Task::spawn(async move { async_h1::accept(&host, stream, serve).await })
match tls.accept(stream).await {
Ok(stream) => {
let stream = Arc::new(Mutex::new(stream));
Task::spawn(async move { async_h1::accept(&host, stream, serve).await })
}
Err(err) => {
println!("Failed to establish secure TLS connection: {:#?}", err);
continue;
}
}
}
};
@ -72,7 +75,7 @@ async fn listen(listener: Async<TcpListener>, tls: Option<TlsAcceptor>) -> Resul
fn main() -> Result<()> {
// Initialize TLS with the local certificate, private key, and password.
let identity = Identity::from_pkcs12(include_bytes!("../identity.pfx"), "password")?;
let identity = Identity::from_pkcs12(include_bytes!("identity.pfx"), "password")?;
let tls = TlsAcceptor::from(native_tls::TlsAcceptor::new(identity)?);
// Create an executor thread pool.

0
certificate.pem → examples/certificate.pem
View File

15
examples/hyper-server.rs
View File

@ -9,9 +9,9 @@
//! Open in the browser any of these addresses:
//!
//! - http://localhost:8000/
//! - https://localhost:8001/ (you'll need to import the TLS certificate first!)
//! - https://localhost:8001/ (accept the security prompt in the browser)
//!
//! Refer to `README.md` to see how to import or generate the TLS certificate.
//! Refer to `README.md` to see how to the TLS certificate was generated.
use std::io;
use std::net::{Shutdown, TcpListener, TcpStream};
@ -29,7 +29,7 @@ use smol::{Async, Task};
/// Serves a request and returns a response.
async fn serve(req: Request<Body>, host: String) -> Result<Response<Body>> {
println!("Serving {}{}", host, req.uri());
Ok(Response::new(Body::from("Hello World!")))
Ok(Response::new(Body::from("Hello from hyper!")))
}
/// Listens for incoming connections and serves them.
@ -55,7 +55,7 @@ async fn listen(listener: Async<TcpListener>, tls: Option<TlsAcceptor>) -> Resul
fn main() -> Result<()> {
// Initialize TLS with the local certificate, private key, and password.
let identity = Identity::from_pkcs12(include_bytes!("../identity.pfx"), "password")?;
let identity = Identity::from_pkcs12(include_bytes!("identity.pfx"), "password")?;
let tls = TlsAcceptor::from(native_tls::TlsAcceptor::new(identity)?);
// Create an executor thread pool.
@ -111,9 +111,10 @@ impl hyper::server::accept::Accept for SmolListener {
// In case of HTTPS, start establishing a secure TLS connection.
let tls = tls.clone();
SmolStream::Handshake(Box::pin(async move {
tls.accept(stream)
.await
.map_err(|err| io::Error::new(io::ErrorKind::Other, Box::new(err)))
tls.accept(stream).await.map_err(|err| {
println!("Failed to establish secure TLS connection: {:#?}", err);
io::Error::new(io::ErrorKind::Other, Box::new(err))
})
}))
}
};

0
identity.pfx → examples/identity.pfx
View File

19
examples/simple-server.rs
View File

@ -9,9 +9,9 @@
//! Open in the browser any of these addresses:
//!
//! - http://localhost:8000/
//! - https://localhost:8001/ (you'll need to import the TLS certificate first!)
//! - https://localhost:8001/ (accept the security prompt in the browser)
//!
//! Refer to `README.md` to see how to import or generate the TLS certificate.
//! Refer to `README.md` to see how to the TLS certificate was generated.
use std::net::{TcpListener, TcpStream};
use std::thread;
@ -40,11 +40,14 @@ async fn serve(mut stream: Async<TcpStream>, tls: Option<TlsAcceptor>) -> Result
println!("Serving https://{}", stream.get_ref().local_addr()?);
// In case of HTTPS, establish a secure TLS connection first.
let mut stream = tls.accept(stream).await?;
stream.write_all(RESPONSE).await?;
stream.flush().await?;
stream.close().await?;
match tls.accept(stream).await {
Ok(mut stream) => {
stream.write_all(RESPONSE).await?;
stream.flush().await?;
stream.close().await?;
}
Err(err) => println!("Failed to establish secure TLS connection: {:#?}", err),
}
}
}
Ok(())
@ -69,7 +72,7 @@ async fn listen(listener: Async<TcpListener>, tls: Option<TlsAcceptor>) -> Resul
fn main() -> Result<()> {
// Initialize TLS with the local certificate, private key, and password.
let identity = Identity::from_pkcs12(include_bytes!("../identity.pfx"), "password")?;
let identity = Identity::from_pkcs12(include_bytes!("identity.pfx"), "password")?;
let tls = TlsAcceptor::from(native_tls::TlsAcceptor::new(identity)?);
// Create an executor thread pool.

2
examples/tls-client.rs
View File

@ -24,7 +24,7 @@ use smol::Async;
fn main() -> Result<()> {
// Initialize TLS with the local certificate.
let mut builder = native_tls::TlsConnector::builder();
builder.add_root_certificate(Certificate::from_pem(include_bytes!("../certificate.pem"))?);
builder.add_root_certificate(Certificate::from_pem(include_bytes!("certificate.pem"))?);
let tls = TlsConnector::from(builder);
smol::run(async {

2
examples/tls-server.rs
View File

@ -29,7 +29,7 @@ async fn echo(stream: TlsStream<Async<TcpStream>>) -> Result<()> {
fn main() -> Result<()> {
// Initialize TLS with the local certificate, private key, and password.
let identity = Identity::from_pkcs12(include_bytes!("../identity.pfx"), "password")?;
let identity = Identity::from_pkcs12(include_bytes!("identity.pfx"), "password")?;
let tls = TlsAcceptor::from(native_tls::TlsAcceptor::new(identity)?);
smol::run(async {

2
examples/websocket-client.rs
View File

@ -53,7 +53,7 @@ async fn connect(addr: &str, tls: TlsConnector) -> Result<(WsStream, Response)>
fn main() -> Result<()> {
// Initialize TLS with the local certificate.
let mut builder = native_tls::TlsConnector::builder();
builder.add_root_certificate(Certificate::from_pem(include_bytes!("../certificate.pem"))?);
builder.add_root_certificate(Certificate::from_pem(include_bytes!("certificate.pem"))?);
let tls = TlsConnector::from(builder);
smol::run(async {

2
examples/websocket-server.rs
View File

@ -61,7 +61,7 @@ async fn listen(listener: Async<TcpListener>, tls: Option<TlsAcceptor>) -> Resul
fn main() -> Result<()> {
// Initialize TLS with the local certificate, private key, and password.
let identity = Identity::from_pkcs12(include_bytes!("../identity.pfx"), "password")?;
let identity = Identity::from_pkcs12(include_bytes!("identity.pfx"), "password")?;
let tls = TlsAcceptor::from(native_tls::TlsAcceptor::new(identity)?);
// Create an executor thread pool.