mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
Update all network-related dependencies to the latest versions (#34630)
* Update all network-related dependencies to the latest versions: * rustls * hyper * http * headers * tungstenite * async-tungstenite Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix panics with 1xx responses in WPT tests. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Use reported response length when calculating available ranges. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Remove unreachable match arm. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Clean up commented fragments in blob and file handlers. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Remove unreachable match arm. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix clippy warning. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Cleanup. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix up unit tests for dependency upgrades. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * Update aws-lc-sys to fix Windows builds. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Use ring instead of aws-lc-sys. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * embedding: Require embedder to initialize a rustls CryptoProvider. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * Disable aws-lc-rs pending OhOS build fixes. Signed-off-by: Josh Matthews <josh@joshmatthews.net> --------- Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
parent
270df6e263
commit
76e0a1872b
25 changed files with 1342 additions and 1050 deletions
|
@ -21,7 +21,9 @@ use headers::{
|
|||
};
|
||||
use http::header::{self, HeaderMap, HeaderName, HeaderValue};
|
||||
use http::{Method, StatusCode};
|
||||
use hyper::{Body, Request as HyperRequest, Response as HyperResponse};
|
||||
use http_body_util::combinators::BoxBody;
|
||||
use hyper::body::{Bytes, Incoming};
|
||||
use hyper::{Request as HyperRequest, Response as HyperResponse};
|
||||
use mime::{self, Mime};
|
||||
use net::fetch::cors_cache::CorsCache;
|
||||
use net::fetch::methods::{self, CancellationListener, FetchContext};
|
||||
|
@ -41,13 +43,12 @@ use net_traits::{
|
|||
};
|
||||
use servo_arc::Arc as ServoArc;
|
||||
use servo_url::ServoUrl;
|
||||
use tokio_test::block_on;
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::http_loader::{expect_devtools_http_request, expect_devtools_http_response};
|
||||
use crate::{
|
||||
create_embedder_proxy, create_http_state, fetch, fetch_with_context, fetch_with_cors_cache,
|
||||
make_server, make_ssl_server, new_fetch_context, DEFAULT_USER_AGENT,
|
||||
make_body, make_server, make_ssl_server, new_fetch_context, DEFAULT_USER_AGENT,
|
||||
};
|
||||
|
||||
// TODO write a struct that impls Handler for storing test values
|
||||
|
@ -55,9 +56,11 @@ use crate::{
|
|||
#[test]
|
||||
fn test_fetch_response_is_not_network_error() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -89,9 +92,11 @@ fn test_fetch_on_bad_port_is_network_error() {
|
|||
#[test]
|
||||
fn test_fetch_response_body_matches_const_message() {
|
||||
static MESSAGE: &'static [u8] = b"Hello World!";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -191,7 +196,7 @@ fn test_fetch_blob() {
|
|||
expected: bytes.to_vec(),
|
||||
};
|
||||
|
||||
block_on(methods::fetch(&mut request, &mut target, &context));
|
||||
crate::HANDLE.block_on(methods::fetch(&mut request, &mut target, &context));
|
||||
|
||||
let fetch_response = receiver.recv().unwrap();
|
||||
assert!(!fetch_response.is_network_error());
|
||||
|
@ -285,38 +290,41 @@ fn test_fetch_bogus_scheme() {
|
|||
fn test_cors_preflight_fetch() {
|
||||
static ACK: &'static [u8] = b"ACK";
|
||||
let state = Arc::new(AtomicUsize::new(0));
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
if request.method() == Method::OPTIONS && state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.get(header::REFERER)
|
||||
.unwrap()
|
||||
.to_str()
|
||||
.unwrap()
|
||||
.contains("a.html"));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = ACK.to_vec().into();
|
||||
}
|
||||
};
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
if request.method() == Method::OPTIONS &&
|
||||
state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.get(header::REFERER)
|
||||
.unwrap()
|
||||
.to_str()
|
||||
.unwrap()
|
||||
.contains("a.html"));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = make_body(ACK.to_vec());
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let target_url = url.clone().join("a.html").unwrap();
|
||||
|
@ -340,34 +348,37 @@ fn test_cors_preflight_cache_fetch() {
|
|||
let state = Arc::new(AtomicUsize::new(0));
|
||||
let counter = state.clone();
|
||||
let mut cache = CorsCache::default();
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
if request.method() == Method::OPTIONS && state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlMaxAge::from(Duration::new(6000, 0)));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = ACK.to_vec().into();
|
||||
}
|
||||
};
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
if request.method() == Method::OPTIONS &&
|
||||
state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlMaxAge::from(Duration::new(6000, 0)));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = make_body(ACK.to_vec());
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url, Referrer::NoReferrer).build();
|
||||
|
@ -403,31 +414,34 @@ fn test_cors_preflight_cache_fetch() {
|
|||
fn test_cors_preflight_fetch_network_error() {
|
||||
static ACK: &'static [u8] = b"ACK";
|
||||
let state = Arc::new(AtomicUsize::new(0));
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
if request.method() == Method::OPTIONS && state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = ACK.to_vec().into();
|
||||
}
|
||||
};
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
if request.method() == Method::OPTIONS &&
|
||||
state.clone().fetch_add(1, Ordering::SeqCst) == 0
|
||||
{
|
||||
assert!(request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_METHOD));
|
||||
assert!(!request
|
||||
.headers()
|
||||
.contains_key(header::ACCESS_CONTROL_REQUEST_HEADERS));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowCredentials);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowMethods::from_iter(vec![Method::GET]));
|
||||
} else {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
*response.body_mut() = make_body(ACK.to_vec());
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url, Referrer::NoReferrer).build();
|
||||
|
@ -443,18 +457,20 @@ fn test_cors_preflight_fetch_network_error() {
|
|||
#[test]
|
||||
fn test_fetch_response_is_basic_filtered() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::SET_COOKIE, HeaderValue::from_static(""));
|
||||
// this header is obsoleted, so hyper doesn't implement it, but it's still covered by the spec
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static("set-cookie2"),
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::SET_COOKIE, HeaderValue::from_static(""));
|
||||
// this header is obsoleted, so hyper doesn't implement it, but it's still covered by the spec
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static("set-cookie2"),
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -476,47 +492,49 @@ fn test_fetch_response_is_basic_filtered() {
|
|||
#[test]
|
||||
fn test_fetch_response_is_cors_filtered() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
// this is mandatory for the Cors Check to pass
|
||||
// TODO test using different url encodings with this value ie. punycode
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
// this is mandatory for the Cors Check to pass
|
||||
// TODO test using different url encodings with this value ie. punycode
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowOrigin::ANY);
|
||||
|
||||
// these are the headers that should be kept after filtering
|
||||
response.headers_mut().typed_insert(CacheControl::new());
|
||||
response.headers_mut().insert(
|
||||
header::CONTENT_LANGUAGE,
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(ContentType::from(mime::TEXT_HTML));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(Expires::from(SystemTime::now() + Duration::new(86400, 0)));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(LastModified::from(SystemTime::now()));
|
||||
response.headers_mut().typed_insert(Pragma::no_cache());
|
||||
// these are the headers that should be kept after filtering
|
||||
response.headers_mut().typed_insert(CacheControl::new());
|
||||
response.headers_mut().insert(
|
||||
header::CONTENT_LANGUAGE,
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(ContentType::from(mime::TEXT_HTML));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(Expires::from(SystemTime::now() + Duration::new(86400, 0)));
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(LastModified::from(SystemTime::now()));
|
||||
response.headers_mut().typed_insert(Pragma::no_cache());
|
||||
|
||||
// these headers should not be kept after filtering, even though they are given a pass
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::SET_COOKIE, HeaderValue::from_static(""));
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static("set-cookie2"),
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowHeaders::from_iter(vec![
|
||||
HeaderName::from_static("set-cookie"),
|
||||
// these headers should not be kept after filtering, even though they are given a pass
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::SET_COOKIE, HeaderValue::from_static(""));
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static("set-cookie2"),
|
||||
]));
|
||||
HeaderValue::from_bytes(&vec![]).unwrap(),
|
||||
);
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(AccessControlAllowHeaders::from_iter(vec![
|
||||
HeaderName::from_static("set-cookie"),
|
||||
HeaderName::from_static("set-cookie2"),
|
||||
]));
|
||||
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
// an origin mis-match will stop it from defaulting to a basic filtered response
|
||||
|
@ -546,9 +564,11 @@ fn test_fetch_response_is_cors_filtered() {
|
|||
#[test]
|
||||
fn test_fetch_response_is_opaque_filtered() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
// an origin mis-match will fall through to an Opaque filtered response
|
||||
|
@ -577,24 +597,26 @@ fn test_fetch_response_is_opaque_filtered() {
|
|||
#[test]
|
||||
fn test_fetch_response_is_opaque_redirect_filtered() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
|
||||
if redirects == 1 {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
}
|
||||
};
|
||||
if redirects == 1 {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
}
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
|
@ -626,9 +648,11 @@ fn test_fetch_with_local_urls_only() {
|
|||
// If flag `local_urls_only` is set, fetching a non-local URL must result in network error.
|
||||
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, server_url) = make_server(handler);
|
||||
|
||||
let do_fetch = |url: ServoUrl| {
|
||||
|
@ -661,9 +685,11 @@ fn test_fetch_with_local_urls_only() {
|
|||
#[test]
|
||||
fn test_fetch_with_hsts() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
|
||||
let (server, url) = make_ssl_server(handler);
|
||||
|
||||
|
@ -710,14 +736,16 @@ fn test_fetch_with_hsts() {
|
|||
|
||||
#[test]
|
||||
fn test_load_adds_host_to_hsts_list_when_url_is_https() {
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(StrictTransportSecurity::excluding_subdomains(
|
||||
Duration::from_secs(31536000),
|
||||
));
|
||||
*response.body_mut() = b"Yay!".to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
response
|
||||
.headers_mut()
|
||||
.typed_insert(StrictTransportSecurity::excluding_subdomains(
|
||||
Duration::from_secs(31536000),
|
||||
));
|
||||
*response.body_mut() = make_body(b"Yay!".to_vec());
|
||||
};
|
||||
|
||||
let (server, mut url) = make_ssl_server(handler);
|
||||
url.as_mut_url().set_scheme("https").unwrap();
|
||||
|
@ -772,9 +800,11 @@ fn test_load_adds_host_to_hsts_list_when_url_is_https() {
|
|||
|
||||
#[test]
|
||||
fn test_fetch_self_signed() {
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = b"Yay!".to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(b"Yay!".to_vec());
|
||||
};
|
||||
|
||||
let (server, mut url) = make_ssl_server(handler);
|
||||
url.as_mut_url().set_scheme("https").unwrap();
|
||||
|
@ -834,9 +864,11 @@ fn test_fetch_self_signed() {
|
|||
#[test]
|
||||
fn test_fetch_with_sri_network_error() {
|
||||
static MESSAGE: &'static [u8] = b"alert('Hello, Network Error');";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -858,9 +890,11 @@ fn test_fetch_with_sri_network_error() {
|
|||
#[test]
|
||||
fn test_fetch_with_sri_sucess() {
|
||||
static MESSAGE: &'static [u8] = b"alert('Hello, world.');";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -888,18 +922,20 @@ fn test_fetch_blocked_nosniff() {
|
|||
const HEADER: &'static str = "x-content-type-options";
|
||||
const VALUE: &'static [u8] = b"nosniff";
|
||||
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let mime_header = ContentType::from(mime.clone());
|
||||
response.headers_mut().typed_insert(mime_header);
|
||||
assert!(response.headers().contains_key(header::CONTENT_TYPE));
|
||||
// Add the nosniff header
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static(HEADER),
|
||||
HeaderValue::from_bytes(VALUE).unwrap(),
|
||||
);
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
let mime_header = ContentType::from(mime.clone());
|
||||
response.headers_mut().typed_insert(mime_header);
|
||||
assert!(response.headers().contains_key(header::CONTENT_TYPE));
|
||||
// Add the nosniff header
|
||||
response.headers_mut().insert(
|
||||
HeaderName::from_static(HEADER),
|
||||
HeaderValue::from_bytes(VALUE).unwrap(),
|
||||
);
|
||||
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
|
@ -926,25 +962,27 @@ fn test_fetch_blocked_nosniff() {
|
|||
}
|
||||
|
||||
fn setup_server_and_fetch(message: &'static [u8], redirect_cap: u32) -> Response {
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
|
||||
if redirects >= redirect_cap {
|
||||
*response.body_mut() = message.to_vec().into();
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
let url = format!("{redirects}", redirects = redirects + 1);
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_str(&url).unwrap());
|
||||
}
|
||||
};
|
||||
if redirects >= redirect_cap {
|
||||
*response.body_mut() = make_body(message.to_vec());
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
let url = format!("{redirects}", redirects = redirects + 1);
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_str(&url).unwrap());
|
||||
}
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
|
@ -997,44 +1035,46 @@ fn test_fetch_redirect_updates_method_runner(
|
|||
method: Method,
|
||||
) {
|
||||
let handler_method = method.clone();
|
||||
let handler_tx = Arc::new(Mutex::new(tx));
|
||||
let handler_tx = Arc::new(tx);
|
||||
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
|
||||
let mut test_pass = true;
|
||||
let mut test_pass = true;
|
||||
|
||||
if redirects == 0 {
|
||||
*response.status_mut() = StatusCode::TEMPORARY_REDIRECT;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
} else if redirects == 1 {
|
||||
// this makes sure that the request method does't change from the wrong status code
|
||||
if handler_method != Method::GET && request.method() == Method::GET {
|
||||
if redirects == 0 {
|
||||
*response.status_mut() = StatusCode::TEMPORARY_REDIRECT;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
} else if redirects == 1 {
|
||||
// this makes sure that the request method does't change from the wrong status code
|
||||
if handler_method != Method::GET && request.method() == Method::GET {
|
||||
test_pass = false;
|
||||
}
|
||||
*response.status_mut() = status_code;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("2"));
|
||||
} else if request.method() != Method::GET {
|
||||
test_pass = false;
|
||||
}
|
||||
*response.status_mut() = status_code;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("2"));
|
||||
} else if request.method() != Method::GET {
|
||||
test_pass = false;
|
||||
}
|
||||
|
||||
// the first time this handler is reached, nothing is being tested, so don't send anything
|
||||
if redirects > 0 {
|
||||
handler_tx.lock().unwrap().send(test_pass).unwrap();
|
||||
}
|
||||
};
|
||||
// the first time this handler is reached, nothing is being tested, so don't send anything
|
||||
if redirects > 0 {
|
||||
handler_tx.send(test_pass).unwrap();
|
||||
}
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
let (server, url) = crate::make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
.origin(url.origin())
|
||||
|
@ -1114,9 +1154,11 @@ fn response_is_done(response: &Response) -> bool {
|
|||
#[test]
|
||||
fn test_fetch_async_returns_complete_response() {
|
||||
static MESSAGE: &'static [u8] = b"this message should be retrieved in full";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -1131,9 +1173,11 @@ fn test_fetch_async_returns_complete_response() {
|
|||
#[test]
|
||||
fn test_opaque_filtered_fetch_async_returns_complete_response() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
// an origin mis-match will fall through to an Opaque filtered response
|
||||
|
@ -1149,24 +1193,26 @@ fn test_opaque_filtered_fetch_async_returns_complete_response() {
|
|||
#[test]
|
||||
fn test_opaque_redirect_filtered_fetch_async_returns_complete_response() {
|
||||
static MESSAGE: &'static [u8] = b"";
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
let handler =
|
||||
move |request: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
let redirects = request
|
||||
.uri()
|
||||
.path()
|
||||
.split("/")
|
||||
.collect::<String>()
|
||||
.parse::<u32>()
|
||||
.unwrap_or(0);
|
||||
|
||||
if redirects == 1 {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
}
|
||||
};
|
||||
if redirects == 1 {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::FOUND;
|
||||
response
|
||||
.headers_mut()
|
||||
.insert(header::LOCATION, HeaderValue::from_static("1"));
|
||||
}
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
|
@ -1186,9 +1232,11 @@ fn test_opaque_redirect_filtered_fetch_async_returns_complete_response() {
|
|||
#[cfg(not(target_os = "windows"))]
|
||||
fn test_fetch_with_devtools() {
|
||||
static MESSAGE: &'static [u8] = b"Yay!";
|
||||
let handler = move |_: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
*response.body_mut() = MESSAGE.to_vec().into();
|
||||
};
|
||||
let handler =
|
||||
move |_: HyperRequest<Incoming>,
|
||||
response: &mut HyperResponse<BoxBody<Bytes, hyper::Error>>| {
|
||||
*response.body_mut() = make_body(MESSAGE.to_vec());
|
||||
};
|
||||
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -30,11 +30,13 @@ use crossbeam_channel::{unbounded, Sender};
|
|||
use devtools_traits::DevtoolsControlMsg;
|
||||
use embedder_traits::{EmbedderProxy, EmbedderReceiver, EventLoopWaker};
|
||||
use futures::future::ready;
|
||||
use futures::StreamExt;
|
||||
use hyper::server::conn::Http;
|
||||
use hyper::server::Server as HyperServer;
|
||||
use hyper::service::{make_service_fn, service_fn};
|
||||
use hyper::{Body, Request as HyperRequest, Response as HyperResponse};
|
||||
use http_body_util::combinators::BoxBody;
|
||||
use http_body_util::{BodyExt, Empty, Full};
|
||||
use hyper::body::{Bytes, Incoming};
|
||||
use hyper::server::conn::http1;
|
||||
use hyper::service::service_fn;
|
||||
use hyper::{Request as HyperRequest, Response as HyperResponse};
|
||||
use hyper_util::rt::tokio::TokioIo;
|
||||
use net::connector::{create_http_client, create_tls_config};
|
||||
use net::fetch::cors_cache::CorsCache;
|
||||
use net::fetch::methods::{self, CancellationListener, FetchContext};
|
||||
|
@ -46,30 +48,26 @@ use net_traits::filemanager_thread::FileTokenCheck;
|
|||
use net_traits::request::Request;
|
||||
use net_traits::response::Response;
|
||||
use net_traits::{FetchTaskTarget, ResourceFetchTiming, ResourceTimingType};
|
||||
use rustls::{self, Certificate, PrivateKey};
|
||||
use rustls_pemfile::{certs, pkcs8_private_keys};
|
||||
use rustls_pki_types::{CertificateDer, PrivateKeyDer};
|
||||
use servo_arc::Arc as ServoArc;
|
||||
use servo_url::ServoUrl;
|
||||
use tokio::net::{TcpListener, TcpStream};
|
||||
use tokio::runtime::{Builder, Runtime};
|
||||
use tokio_rustls::{self, TlsAcceptor};
|
||||
use tokio_stream::wrappers::TcpListenerStream;
|
||||
use tokio_test::block_on;
|
||||
|
||||
pub static HANDLE: LazyLock<Mutex<Runtime>> = LazyLock::new(|| {
|
||||
Mutex::new(
|
||||
Builder::new_multi_thread()
|
||||
.enable_io()
|
||||
.worker_threads(10)
|
||||
.build()
|
||||
.unwrap(),
|
||||
)
|
||||
pub static HANDLE: LazyLock<Runtime> = LazyLock::new(|| {
|
||||
Builder::new_multi_thread()
|
||||
.enable_io()
|
||||
.worker_threads(10)
|
||||
.build()
|
||||
.unwrap()
|
||||
});
|
||||
|
||||
const DEFAULT_USER_AGENT: &'static str = "Such Browser. Very Layout. Wow.";
|
||||
|
||||
struct FetchResponseCollector {
|
||||
sender: Sender<Response>,
|
||||
sender: Option<tokio::sync::oneshot::Sender<Response>>,
|
||||
}
|
||||
|
||||
fn create_embedder_proxy() -> EmbedderProxy {
|
||||
|
@ -149,6 +147,8 @@ fn receive_credential_prompt_msgs(
|
|||
}
|
||||
|
||||
fn create_http_state(fc: Option<EmbedderProxy>) -> HttpState {
|
||||
let _ = rustls::crypto::ring::default_provider().install_default();
|
||||
|
||||
let override_manager = net::connector::CertificateErrorOverrideManager::new();
|
||||
HttpState {
|
||||
hsts_list: RwLock::new(net::hsts::HstsList::default()),
|
||||
|
@ -197,7 +197,7 @@ impl FetchTaskTarget for FetchResponseCollector {
|
|||
fn process_response_chunk(&mut self, _: &Request, _: Vec<u8>) {}
|
||||
/// Fired when the response is fully fetched
|
||||
fn process_response_eof(&mut self, _: &Request, response: &Response) {
|
||||
let _ = self.sender.send(response.clone());
|
||||
let _ = self.sender.take().unwrap().send(response.clone());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -206,18 +206,22 @@ fn fetch(request: &mut Request, dc: Option<Sender<DevtoolsControlMsg>>) -> Respo
|
|||
}
|
||||
|
||||
fn fetch_with_context(request: &mut Request, mut context: &mut FetchContext) -> Response {
|
||||
let (sender, receiver) = unbounded();
|
||||
let mut target = FetchResponseCollector { sender: sender };
|
||||
block_on(async move {
|
||||
let (sender, receiver) = tokio::sync::oneshot::channel();
|
||||
let mut target = FetchResponseCollector {
|
||||
sender: Some(sender),
|
||||
};
|
||||
HANDLE.block_on(async move {
|
||||
methods::fetch(request, &mut target, &mut context).await;
|
||||
receiver.recv().unwrap()
|
||||
receiver.await.unwrap()
|
||||
})
|
||||
}
|
||||
|
||||
fn fetch_with_cors_cache(request: &mut Request, cache: &mut CorsCache) -> Response {
|
||||
let (sender, receiver) = unbounded();
|
||||
let mut target = FetchResponseCollector { sender: sender };
|
||||
block_on(async move {
|
||||
let (sender, receiver) = tokio::sync::oneshot::channel();
|
||||
let mut target = FetchResponseCollector {
|
||||
sender: Some(sender),
|
||||
};
|
||||
HANDLE.block_on(async move {
|
||||
methods::fetch_with_cors_cache(
|
||||
request,
|
||||
cache,
|
||||
|
@ -225,13 +229,13 @@ fn fetch_with_cors_cache(request: &mut Request, cache: &mut CorsCache) -> Respon
|
|||
&mut new_fetch_context(None, None, None),
|
||||
)
|
||||
.await;
|
||||
receiver.recv().unwrap()
|
||||
receiver.await.unwrap()
|
||||
})
|
||||
}
|
||||
|
||||
pub(crate) struct Server {
|
||||
pub close_channel: tokio::sync::oneshot::Sender<()>,
|
||||
pub certificates: Option<Vec<Certificate>>,
|
||||
pub certificates: Option<Vec<CertificateDer<'static>>>,
|
||||
}
|
||||
|
||||
impl Server {
|
||||
|
@ -242,34 +246,59 @@ impl Server {
|
|||
|
||||
fn make_server<H>(handler: H) -> (Server, ServoUrl)
|
||||
where
|
||||
H: Fn(HyperRequest<Body>, &mut HyperResponse<Body>) + Send + Sync + 'static,
|
||||
H: Fn(HyperRequest<Incoming>, &mut HyperResponse<BoxBody<Bytes, hyper::Error>>)
|
||||
+ Send
|
||||
+ Sync
|
||||
+ 'static,
|
||||
{
|
||||
let handler = Arc::new(handler);
|
||||
|
||||
let listener = StdTcpListener::bind("0.0.0.0:0").unwrap();
|
||||
listener.set_nonblocking(true).unwrap();
|
||||
let listener = HANDLE.block_on(async move { TcpListener::from_std(listener).unwrap() });
|
||||
|
||||
let url_string = format!("http://localhost:{}", listener.local_addr().unwrap().port());
|
||||
let url = ServoUrl::parse(&url_string).unwrap();
|
||||
let (tx, rx) = tokio::sync::oneshot::channel::<()>();
|
||||
|
||||
let graceful = hyper_util::server::graceful::GracefulShutdown::new();
|
||||
|
||||
let (tx, mut rx) = tokio::sync::oneshot::channel::<()>();
|
||||
let server = async move {
|
||||
HyperServer::from_tcp(listener)
|
||||
.unwrap()
|
||||
.serve(make_service_fn(move |_| {
|
||||
let handler = handler.clone();
|
||||
ready(Ok::<_, Infallible>(service_fn(
|
||||
move |req: HyperRequest<Body>| {
|
||||
let mut response = HyperResponse::new(Vec::<u8>::new().into());
|
||||
handler(req, &mut response);
|
||||
ready(Ok::<_, Infallible>(response))
|
||||
},
|
||||
)))
|
||||
}))
|
||||
.with_graceful_shutdown(async move {
|
||||
rx.await.ok();
|
||||
})
|
||||
.await
|
||||
.expect("Could not start server");
|
||||
loop {
|
||||
let stream = tokio::select! {
|
||||
stream = listener.accept() => stream.unwrap().0,
|
||||
_val = &mut rx => {
|
||||
let _ = graceful.shutdown();
|
||||
break;
|
||||
}
|
||||
};
|
||||
|
||||
let handler = handler.clone();
|
||||
|
||||
let stream = stream.into_std().unwrap();
|
||||
stream
|
||||
.set_read_timeout(Some(std::time::Duration::new(5, 0)))
|
||||
.unwrap();
|
||||
let stream = TcpStream::from_std(stream).unwrap();
|
||||
|
||||
let http = http1::Builder::new();
|
||||
let conn = http.serve_connection(
|
||||
TokioIo::new(stream),
|
||||
service_fn(move |req: HyperRequest<Incoming>| {
|
||||
let mut response =
|
||||
HyperResponse::new(Empty::new().map_err(|_| unreachable!()).boxed());
|
||||
handler(req, &mut response);
|
||||
ready(Ok::<_, Infallible>(response))
|
||||
}),
|
||||
);
|
||||
let conn = graceful.watch(conn);
|
||||
HANDLE.spawn(async move {
|
||||
let _ = conn.await;
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
HANDLE.lock().unwrap().spawn(server);
|
||||
let _ = HANDLE.spawn(server);
|
||||
(
|
||||
Server {
|
||||
close_channel: tx,
|
||||
|
@ -281,37 +310,40 @@ where
|
|||
|
||||
/// Given a path to a file containing PEM certificates, load and parse them into
|
||||
/// a vector of RusTLS [Certificate]s.
|
||||
fn load_certificates_from_pem(path: &PathBuf) -> std::io::Result<Vec<Certificate>> {
|
||||
fn load_certificates_from_pem(path: &PathBuf) -> std::io::Result<Vec<CertificateDer<'static>>> {
|
||||
let file = File::open(path)?;
|
||||
let mut reader = BufReader::new(file);
|
||||
let certs = certs(&mut reader)?;
|
||||
Ok(certs.into_iter().map(Certificate).collect())
|
||||
certs(&mut reader).collect::<Result<Vec<_>, _>>()
|
||||
}
|
||||
|
||||
/// Given a path to a file containing PEM keys, load and parse them into
|
||||
/// a vector of RusTLS [PrivateKey]s.
|
||||
fn load_private_key_from_file(path: &PathBuf) -> Result<PrivateKey, Box<dyn std::error::Error>> {
|
||||
fn load_private_key_from_file(
|
||||
path: &PathBuf,
|
||||
) -> Result<PrivateKeyDer<'static>, Box<dyn std::error::Error>> {
|
||||
let file = File::open(&path)?;
|
||||
let mut reader = BufReader::new(file);
|
||||
let mut keys = pkcs8_private_keys(&mut reader)?;
|
||||
let mut keys = pkcs8_private_keys(&mut reader).collect::<Result<Vec<_>, _>>()?;
|
||||
|
||||
match keys.len() {
|
||||
0 => Err(format!("No PKCS8-encoded private key found in {path:?}").into()),
|
||||
1 => Ok(PrivateKey(keys.remove(0))),
|
||||
1 => Ok(PrivateKeyDer::try_from(keys.remove(0))?),
|
||||
_ => Err(format!("More than one PKCS8-encoded private key found in {path:?}").into()),
|
||||
}
|
||||
}
|
||||
|
||||
fn make_ssl_server<H>(handler: H) -> (Server, ServoUrl)
|
||||
where
|
||||
H: Fn(HyperRequest<Body>, &mut HyperResponse<Body>) + Send + Sync + 'static,
|
||||
H: Fn(HyperRequest<Incoming>, &mut HyperResponse<BoxBody<Bytes, hyper::Error>>)
|
||||
+ Send
|
||||
+ Sync
|
||||
+ 'static,
|
||||
{
|
||||
let handler = Arc::new(handler);
|
||||
let listener = StdTcpListener::bind("[::0]:0").unwrap();
|
||||
let listener = HANDLE
|
||||
.lock()
|
||||
.unwrap()
|
||||
.block_on(async move { TcpListener::from_std(listener).unwrap() });
|
||||
listener.set_nonblocking(true).unwrap();
|
||||
let listener = HANDLE.block_on(async move { TcpListener::from_std(listener).unwrap() });
|
||||
|
||||
let url_string = format!("http://localhost:{}", listener.local_addr().unwrap().port());
|
||||
let url = ServoUrl::parse(&url_string).unwrap();
|
||||
|
||||
|
@ -325,27 +357,20 @@ where
|
|||
let key = load_private_key_from_file(&key_path).expect("Invalid key");
|
||||
|
||||
let config = rustls::ServerConfig::builder()
|
||||
.with_safe_defaults()
|
||||
.with_no_client_auth()
|
||||
.with_single_cert(certificates.clone(), key)
|
||||
.map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err))
|
||||
.expect("Could not create rustls ServerConfig");
|
||||
let acceptor = TlsAcceptor::from(Arc::new(config));
|
||||
|
||||
let mut listener = TcpListenerStream::new(listener);
|
||||
let (tx, mut rx) = tokio::sync::oneshot::channel::<()>();
|
||||
let server = async move {
|
||||
loop {
|
||||
let stream = tokio::select! {
|
||||
stream = listener.next() => stream,
|
||||
stream = listener.accept() => stream.unwrap().0,
|
||||
_ = &mut rx => break
|
||||
};
|
||||
|
||||
let stream = match stream {
|
||||
Some(stream) => stream.expect("Could not accept stream: "),
|
||||
_ => break,
|
||||
};
|
||||
|
||||
let stream = stream.into_std().unwrap();
|
||||
stream
|
||||
.set_read_timeout(Some(std::time::Duration::new(5, 0)))
|
||||
|
@ -363,11 +388,12 @@ where
|
|||
},
|
||||
};
|
||||
|
||||
let _ = Http::new()
|
||||
let _ = http1::Builder::new()
|
||||
.serve_connection(
|
||||
stream,
|
||||
service_fn(move |req: HyperRequest<Body>| {
|
||||
let mut response = HyperResponse::new(Body::empty());
|
||||
TokioIo::new(stream),
|
||||
service_fn(move |req: HyperRequest<Incoming>| {
|
||||
let mut response =
|
||||
HyperResponse::new(Empty::new().map_err(|_| unreachable!()).boxed());
|
||||
handler(req, &mut response);
|
||||
ready(Ok::<_, Infallible>(response))
|
||||
}),
|
||||
|
@ -376,7 +402,7 @@ where
|
|||
}
|
||||
};
|
||||
|
||||
HANDLE.lock().unwrap().spawn(server);
|
||||
HANDLE.spawn(server);
|
||||
|
||||
(
|
||||
Server {
|
||||
|
@ -386,3 +412,9 @@ where
|
|||
url,
|
||||
)
|
||||
}
|
||||
|
||||
pub fn make_body(bytes: Vec<u8>) -> BoxBody<Bytes, hyper::Error> {
|
||||
Full::new(Bytes::from(bytes))
|
||||
.map_err(|_| unreachable!())
|
||||
.boxed()
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue