From 7e6f068b18b2fdcc8d9fe8503d245bebed0bcf4d Mon Sep 17 00:00:00 2001 From: qdequele Date: Sun, 10 May 2020 10:52:44 +0200 Subject: [PATCH] add ssl support format code remove expects and unwrap --- Cargo.lock | 339 +++++++++++++++++++++++-------- meilisearch-http/Cargo.toml | 3 +- meilisearch-http/src/main.rs | 27 ++- meilisearch-http/src/option.rs | 131 ++++++++++++ meilisearch-http/tests/common.rs | 2 + 5 files changed, 409 insertions(+), 93 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 66a76b06c..cf36e31cf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -30,8 +30,11 @@ dependencies = [ "futures", "http 0.2.1", "log", + "rustls 0.16.0", + "tokio-rustls 0.12.3", "trust-dns-proto", "trust-dns-resolver", + "webpki", ] [[package]] @@ -77,6 +80,7 @@ dependencies = [ "actix-rt", "actix-service", "actix-threadpool", + "actix-tls", "actix-utils", "base64 0.11.0", "bitflags", @@ -115,9 +119,9 @@ dependencies = [ [[package]] name = "actix-macros" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21705adc76bbe4bc98434890e73a89cd00c6015e5704a60bb6eea6c3b72316b6" +checksum = "a60f9ba7c4e6df97f3aacb14bb5c0cd7d98a49dcbaed0d7f292912ad9a6a3ed2" dependencies = [ "quote", "syn", @@ -153,21 +157,22 @@ dependencies = [ [[package]] name = "actix-server" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "582a7173c281a4f46b5aa168a11e7f37183dcb71177a39312cc2264da7a632c9" +checksum = "e6d74b464215a473c973a2d7d03a69cc10f4ce1f4b38a7659c5193dc5c675630" dependencies = [ "actix-codec", "actix-rt", "actix-service", "actix-utils", - "futures", + "futures-channel", + "futures-util", "log", "mio", "mio-uds", - "net2", "num_cpus", "slab", + "socket2", ] [[package]] @@ -182,24 +187,23 @@ dependencies = [ [[package]] name = "actix-testing" -version = "1.0.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "48494745b72d0ea8ff0cf874aaf9b622a3ee03d7081ee0c04edea4f26d32c911" +checksum = "47239ca38799ab74ee6a8a94d1ce857014b2ac36f242f70f3f75a66f691e791c" dependencies = [ "actix-macros", "actix-rt", "actix-server", "actix-service", - "futures", "log", - "net2", + "socket2", ] [[package]] name = "actix-threadpool" -version = "0.3.1" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4082192601de5f303013709ff84d81ca6a1bc4af7fb24f367a500a23c6e84e" +checksum = "91164716d956745c79dcea5e66d2aa04506549958accefcede5368c70f2fd4ff" dependencies = [ "derive_more", "futures-channel", @@ -224,6 +228,10 @@ dependencies = [ "either", "futures", "log", + "rustls 0.16.0", + "tokio-rustls 0.12.3", + "webpki", + "webpki-roots 0.17.0", ] [[package]] @@ -273,6 +281,7 @@ dependencies = [ "net2", "pin-project", "regex", + "rustls 0.16.0", "serde", "serde_json", "serde_urlencoded", @@ -282,9 +291,9 @@ dependencies = [ [[package]] name = "actix-web-codegen" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f00371942083469785f7e28c540164af1913ee7c96a4534acb9cea92c39f057" +checksum = "a71bf475cbe07281d0b3696abb48212db118e7e23219f13596ce865235ff5766" dependencies = [ "proc-macro2", "quote", @@ -302,6 +311,15 @@ dependencies = [ "syn", ] +[[package]] +name = "addr2line" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a49806b9dadc843c61e7c97e72490ad7f7220ae249012fbda9ad0609457c0543" +dependencies = [ + "gimli", +] + [[package]] name = "adler32" version = "1.0.4" @@ -310,9 +328,9 @@ checksum = "5d2e7343e7fc9de883d1b0341e0b13970f764c14101234857d2ddafa1cb1cac2" [[package]] name = "ahash" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c251dce3391a07b43218ca070203ecb8f9f520d35ab71312296a59dbceab154" +checksum = "2f3e0bf23f51883cce372d5d5892211236856e4bb37fb942e1eb135ee0f146e3" [[package]] name = "aho-corasick" @@ -355,25 +373,35 @@ checksum = "7deb0a829ca7bcfaf5da70b073a8d128619259a7be8216a355e23f00763059e5" [[package]] name = "async-std" -version = "1.5.0" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "538ecb01eb64eecd772087e5b6f7540cbc917f047727339a472dafed2185b267" +checksum = "a45cee2749d880d7066e328a7e161c7470ced883b2fd000ca4643e9f1dd5083a" dependencies = [ "crossbeam-utils", + "futures-channel", "futures-core", "futures-io", + "futures-timer", "memchr", "once_cell", "pin-project-lite", "pin-utils", "slab", + "smol", + "wasm-bindgen-futures", ] [[package]] -name = "async-trait" -version = "0.1.30" +name = "async-task" +version = "3.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da71fef07bc806586090247e971229289f64c210a278ee5ae419314eb386b31d" +checksum = "c17772156ef2829aadc587461c7753af20b7e8db1529bc66855add962a3b35d3" + +[[package]] +name = "async-trait" +version = "0.1.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26c4f3195085c36ea8d24d32b2f828d23296a9370a28aa39d111f6f16bef9f3b" dependencies = [ "proc-macro2", "quote", @@ -415,6 +443,7 @@ dependencies = [ "mime", "percent-encoding 2.1.0", "rand 0.7.3", + "rustls 0.16.0", "serde", "serde_json", "serde_urlencoded", @@ -422,24 +451,24 @@ dependencies = [ [[package]] name = "backtrace" -version = "0.3.46" +version = "0.3.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1e692897359247cc6bb902933361652380af0f1b7651ae5c5013407f30e109e" +checksum = "0df2f85c8a2abbe3b7d7e748052fdd9b76a0458fdeb16ad4223f5eca78c7c130" dependencies = [ - "backtrace-sys", + "addr2line", "cfg-if", "libc", + "object", "rustc-demangle", ] [[package]] -name = "backtrace-sys" -version = "0.1.37" +name = "base64" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fbebbe1c9d1f383a9cc7e8ccdb471b91c8d024ee9c2ca5b5346121fe8b4399" +checksum = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e" dependencies = [ - "cc", - "libc", + "byteorder", ] [[package]] @@ -534,9 +563,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.2.1" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12ae9db68ad7fac5fe51304d20f016c911539251075a214f8e663babefa35187" +checksum = "5356f1d23ee24a1f785a56d1d1a5f0fd5b0f6a0c0fb2412ce11da71649ab78f6" [[package]] name = "byte-tools" @@ -586,9 +615,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.52" +version = "1.0.54" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3d87b23d6a92cd03af510a5ade527033f6aa6fa92161e2d5863a907d4c5e31d" +checksum = "7bbb73db36c1246e9034e307d0fba23f9a2e251faa47ade70c1bd252220c8311" [[package]] name = "cfg-if" @@ -716,6 +745,20 @@ dependencies = [ "itertools", ] +[[package]] +name = "crossbeam" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69323bff1fb41c635347b8ead484a5ca6c3f11914d784170b158d8449ab07f8e" +dependencies = [ + "cfg-if", + "crossbeam-channel", + "crossbeam-deque", + "crossbeam-epoch", + "crossbeam-queue", + "crossbeam-utils", +] + [[package]] name = "crossbeam-channel" version = "0.4.2" @@ -806,9 +849,9 @@ dependencies = [ [[package]] name = "data-encoding" -version = "2.2.0" +version = "2.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11c0346158a19b3627234e15596f5e465c360fcdb97d817bcb255e0510f5a788" +checksum = "72aa14c04dfae8dd7d8a2b1cb7ca2152618cd01336dbfe704b8dcbf8d41dbd69" [[package]] name = "debugid" @@ -822,9 +865,9 @@ dependencies = [ [[package]] name = "derive_more" -version = "0.99.5" +version = "0.99.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2323f3f47db9a0e77ce7a300605d8d2098597fc451ed1a97bb1f6411bb550a7" +checksum = "2127768764f1556535c01b5326ef94bd60ff08dcfbdc544d53e69ed155610f5d" dependencies = [ "proc-macro2", "quote", @@ -866,9 +909,9 @@ checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" [[package]] name = "encoding_rs" -version = "0.8.22" +version = "0.8.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd8d03faa7fe0c1431609dfad7bbe827af30f82e1e2ae6f7ee4fca6bd764bc28" +checksum = "e8ac63f94732332f44fe654443c46f6375d1939684c17b0afb6cb56b0456e171" dependencies = [ "cfg-if", ] @@ -905,7 +948,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d371106cc88ffdfb1eabd7111e432da544f16f3e2d7bf1dfe8bf575f1df045cd" dependencies = [ "backtrace", - "version_check 0.9.1", + "version_check 0.9.2", ] [[package]] @@ -950,9 +993,9 @@ dependencies = [ [[package]] name = "fnv" -version = "1.0.6" +version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "fs_extra" @@ -1063,6 +1106,16 @@ dependencies = [ "once_cell", ] +[[package]] +name = "futures-timer" +version = "3.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c" +dependencies = [ + "gloo-timers", + "send_wrapper", +] + [[package]] name = "futures-util" version = "0.3.5" @@ -1121,6 +1174,25 @@ dependencies = [ "wasi", ] +[[package]] +name = "gimli" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcc8e0c9bce37868955864dbecd2b1ab2bdf967e6f28066d65aaac620444b65c" + +[[package]] +name = "gloo-timers" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "47204a46aaff920a1ea58b11d03dec6f704287d27561724a4631e450654a891f" +dependencies = [ + "futures-channel", + "futures-core", + "js-sys", + "wasm-bindgen", + "web-sys", +] + [[package]] name = "h2" version = "0.2.5" @@ -1198,9 +1270,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.1.12" +version = "0.1.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61565ff7aaace3525556587bd2dc31d4a07071957be715e63ce7b1eccf51a8f4" +checksum = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71" dependencies = [ "libc", ] @@ -1327,10 +1399,10 @@ dependencies = [ "futures-util", "hyper", "log", - "rustls", + "rustls 0.17.0", "rustls-native-certs", "tokio", - "tokio-rustls", + "tokio-rustls 0.13.1", "webpki", ] @@ -1356,7 +1428,7 @@ dependencies = [ "rand_xoshiro", "sized-chunks", "typenum", - "version_check 0.9.1", + "version_check 0.9.2", ] [[package]] @@ -1477,9 +1549,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "99e85c08494b21a9054e7fe1374a732aeadaff3980b6990b94bfd3a70f690005" +checksum = "3baa92041a6fec78c687fa0cc2b3fae8884f743d672cf551bed1d6dac6988d0f" [[package]] name = "linked-hash-map" @@ -1633,6 +1705,7 @@ dependencies = [ "pretty-bytes", "rand 0.7.3", "regex", + "rustls 0.16.0", "sentry", "serde", "serde_json", @@ -1833,10 +1906,16 @@ dependencies = [ ] [[package]] -name = "once_cell" -version = "1.3.1" +name = "object" +version = "0.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1c601810575c99596d4afc46f78a678c80105117c379eb3650cf99b8a21ce5b" +checksum = "9cbca9424c482ee628fa549d9c812e2cd22f1180b9222c9200fdfa6eb31aecb2" + +[[package]] +name = "once_cell" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b631f7e854af39a1739f401cf34a8a013dfe09eac4fa4dba91e9768bd28168d" [[package]] name = "oorandom" @@ -1965,18 +2044,18 @@ dependencies = [ [[package]] name = "pin-project" -version = "0.4.16" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81d480cb4e89522ccda96d0eed9af94180b7a5f93fb28f66e1fd7d68431663d1" +checksum = "edc93aeee735e60ecb40cf740eb319ff23eab1c5748abfdb5c180e4ce49f7791" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "0.4.16" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a82996f11efccb19b685b14b5df818de31c1edcee3daa256ab5775dd98e72feb" +checksum = "e58db2081ba5b4c93bd6be09c40fd36cb9193a8336c384f3b40012e531aa7e40" dependencies = [ "proc-macro2", "quote", @@ -1995,6 +2074,18 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" +[[package]] +name = "piper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b0deb65f46e873ba8aa7c6a8dbe3f23cb1bf59c339a81a1d56361dde4d66ac8" +dependencies = [ + "crossbeam-utils", + "futures-io", + "futures-sink", + "futures-util", +] + [[package]] name = "pkg-config" version = "0.3.17" @@ -2015,9 +2106,9 @@ dependencies = [ [[package]] name = "ppv-lite86" -version = "0.2.6" +version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74490b50b9fbe561ac330df47c08f3f33073d2d00c150f719147d7c54522fa1b" +checksum = "237a5ed80e274dbc66f86bd59c1e25edc039660be53194b5fe0a482e0f2612ea" [[package]] name = "pretty-bytes" @@ -2039,7 +2130,7 @@ dependencies = [ "proc-macro2", "quote", "syn", - "version_check 0.9.1", + "version_check 0.9.2", ] [[package]] @@ -2052,14 +2143,14 @@ dependencies = [ "quote", "syn", "syn-mid", - "version_check 0.9.1", + "version_check 0.9.2", ] [[package]] name = "proc-macro-hack" -version = "0.5.15" +version = "0.5.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d659fe7c6d27f25e9d80a1a094c223f5246f6a6596453e09d7229bf42750b63" +checksum = "7e0456befd48169b9f13ef0f0ad46d492cf9d2dbb918bcf38e01eed4ce3ec5e4" [[package]] name = "proc-macro-nested" @@ -2069,9 +2160,9 @@ checksum = "8e946095f9d3ed29ec38de908c22f95d9ac008e424c7bcae54c75a79c527c694" [[package]] name = "proc-macro2" -version = "1.0.12" +version = "1.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8872cf6f48eee44265156c111456a700ab3483686b3f96df4cf5481c89157319" +checksum = "1502d12e458c49a4c9cbff560d0fe0060c252bc29799ed94ca2ed4bb665a0101" dependencies = [ "unicode-xid", ] @@ -2093,9 +2184,9 @@ checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" [[package]] name = "quote" -version = "1.0.4" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c1f4b0efa5fc5e8ceb705136bfee52cfdb6a4e3509f770b478cd6ed434232a7" +checksum = "54a21852a652ad6f610c9510194f398ff6f8692e334fd1145fed931f7fbe44ea" dependencies = [ "proc-macro2", ] @@ -2275,13 +2366,13 @@ dependencies = [ "mime_guess", "percent-encoding 2.1.0", "pin-project-lite", - "rustls", + "rustls 0.17.0", "serde", "serde_json", "serde_urlencoded", "time", "tokio", - "tokio-rustls", + "tokio-rustls 0.13.1", "url", "wasm-bindgen", "wasm-bindgen-futures", @@ -2330,6 +2421,19 @@ dependencies = [ "semver", ] +[[package]] +name = "rustls" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b25a18b1bf7387f0145e7f8324e700805aade3842dd3db2e74e4cdeb4677c09e" +dependencies = [ + "base64 0.10.1", + "log", + "ring", + "sct", + "webpki", +] + [[package]] name = "rustls" version = "0.17.0" @@ -2350,7 +2454,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a75ffeb84a6bd9d014713119542ce415db3a3e4748f0bfce1e1416cd224a23a5" dependencies = [ "openssl-probe", - "rustls", + "rustls 0.17.0", "schannel", "security-framework", ] @@ -2398,6 +2502,12 @@ dependencies = [ "winapi 0.3.8", ] +[[package]] +name = "scoped-tls-hkt" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2e9d7eaddb227e8fbaaa71136ae0e1e913ca159b86c7da82f3e8f0044ad3a63" + [[package]] name = "scopeguard" version = "1.1.0" @@ -2458,6 +2568,12 @@ version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" +[[package]] +name = "send_wrapper" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f638d531eccd6e23b980caf34876660d38e265409d8e99b397ab71eb3612fad0" + [[package]] name = "sentry" version = "0.18.1" @@ -2573,9 +2689,9 @@ checksum = "2579985fda508104f7587689507983eadd6a6e84dd35d6d115361f530916fa0d" [[package]] name = "sha2" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27044adfd2e1f077f649f59deb9490d3941d674002f7d062870a60ebe9bd47a0" +checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" dependencies = [ "block-buffer", "digest", @@ -2627,6 +2743,25 @@ version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c7cb5678e1615754284ec264d9bb5b4c27d2018577fd90ac0ceb578591ed5ee4" +[[package]] +name = "smol" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "686c634ad1873fffef6aed20f180eede424fbf3bb31802394c90fd7335a661b7" +dependencies = [ + "async-task", + "crossbeam", + "futures-io", + "futures-util", + "nix", + "once_cell", + "piper", + "scoped-tls-hkt", + "slab", + "socket2", + "wepoll-binding", +] + [[package]] name = "socket2" version = "0.3.12" @@ -2677,9 +2812,9 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.19" +version = "1.0.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8e5aa70697bb26ee62214ae3288465ecec0000f05182f039b477001f08f5ae7" +checksum = "f14a640819f79b72a710c0be059dce779f9339ae046c8bef12c361d56702146f" dependencies = [ "proc-macro2", "quote", @@ -2806,9 +2941,9 @@ dependencies = [ [[package]] name = "tokio" -version = "0.2.20" +version = "0.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05c1d570eb1a36f0345a5ce9c6c6e665b70b73d11236912c0b477616aeec47b1" +checksum = "d099fa27b9702bed751524694adbe393e18b36b204da91eb1cbbbbb4a5ee2d58" dependencies = [ "bytes 0.5.4", "fnv", @@ -2840,12 +2975,24 @@ dependencies = [ [[package]] name = "tokio-rustls" -version = "0.13.0" +version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4adb8b3e5f86b707f1b54e7c15b6de52617a823608ccda98a15d3a24222f265a" +checksum = "3068d891551949b37681724d6b73666787cc63fa8e255c812a41d2513aff9775" dependencies = [ "futures-core", - "rustls", + "rustls 0.16.0", + "tokio", + "webpki", +] + +[[package]] +name = "tokio-rustls" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15cb62a0d2770787abc96e99c1cd98fcf17f94959f3af63ca85bdfb203f051b4" +dependencies = [ + "futures-core", + "rustls 0.17.0", "tokio", "webpki", ] @@ -2966,7 +3113,7 @@ version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" dependencies = [ - "version_check 0.9.1", + "version_check 0.9.2", ] [[package]] @@ -3021,7 +3168,7 @@ dependencies = [ "chunked_transfer", "lazy_static", "qstring", - "rustls", + "rustls 0.17.0", "url", "webpki", "webpki-roots 0.19.0", @@ -3110,9 +3257,9 @@ checksum = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd" [[package]] name = "version_check" -version = "0.9.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "078775d0255232fb988e6fccf26ddc9d1ac274299aaedcedce21c6f72cc533ce" +checksum = "b5a972e5669d67ba988ce3dc826706fb0a8b01471c088cb0b6110b805cc36aed" [[package]] name = "void" @@ -3235,6 +3382,15 @@ dependencies = [ "untrusted", ] +[[package]] +name = "webpki-roots" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a262ae37dd9d60f60dd473d1158f9fbebf110ba7b6a5051c8160460f6043718b" +dependencies = [ + "webpki", +] + [[package]] name = "webpki-roots" version = "0.18.0" @@ -3253,6 +3409,25 @@ dependencies = [ "webpki", ] +[[package]] +name = "wepoll-binding" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "374fff4ff9701ff8b6ad0d14bacd3156c44063632d8c136186ff5967d48999a7" +dependencies = [ + "bitflags", + "wepoll-sys", +] + +[[package]] +name = "wepoll-sys" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9082a777aed991f6769e2b654aa0cb29f1c3d615daf009829b07b66c7aff6a24" +dependencies = [ + "cc", +] + [[package]] name = "whoami" version = "0.8.1" diff --git a/meilisearch-http/Cargo.toml b/meilisearch-http/Cargo.toml index fd253e0c8..c1a5a7f22 100644 --- a/meilisearch-http/Cargo.toml +++ b/meilisearch-http/Cargo.toml @@ -22,7 +22,7 @@ actix-files = "0.2.1" actix-http = "1" actix-rt = "1" actix-service = "1.0.5" -actix-web = "2" +actix-web = { version = "2.0.0", features = ["rustls"] } actix-web-macros = "0.1.0" bytes = "0.5.4" chrono = { version = "0.4.11", features = ["serde"] } @@ -41,6 +41,7 @@ mime = "0.3.16" pretty-bytes = "0.2.2" rand = "0.7.3" regex = "1.3.6" +rustls = "0.16.0" serde = { version = "1.0.105", features = ["derive"] } serde_json = { version = "1.0.50", features = ["preserve_order"] } serde_qs = "0.5.2" diff --git a/meilisearch-http/src/main.rs b/meilisearch-http/src/main.rs index c5ac6e933..a71f431f6 100644 --- a/meilisearch-http/src/main.rs +++ b/meilisearch-http/src/main.rs @@ -7,6 +7,7 @@ use meilisearch_http::data::Data; use meilisearch_http::helpers::NormalizePath; use meilisearch_http::option::Opt; use meilisearch_http::{create_app, index_update_callback}; + use structopt::StructOpt; mod analytics; @@ -21,11 +22,11 @@ async fn main() -> Result<(), MainError> { #[cfg(all(not(debug_assertions), feature = "sentry"))] let _sentry = sentry::init(( - "https://5ddfa22b95f241198be2271aaf028653@sentry.io/3060337", - sentry::ClientOptions { - release: sentry::release_name!(), - ..Default::default() - }, + "https://5ddfa22b95f241198be2271aaf028653@sentry.io/3060337", + sentry::ClientOptions { + release: sentry::release_name!(), + ..Default::default() + }, )); match opt.env.as_ref() { @@ -62,7 +63,7 @@ async fn main() -> Result<(), MainError> { print_launch_resume(&opt, &data); - HttpServer::new(move || { + let http_server = HttpServer::new(move || { create_app(&data) .wrap( Cors::new() @@ -73,10 +74,16 @@ async fn main() -> Result<(), MainError> { .wrap(middleware::Logger::default()) .wrap(middleware::Compress::default()) .wrap(NormalizePath) - }) - .bind(opt.http_addr)? - .run() - .await?; + }); + + if let Some(config) = opt.get_ssl_config()? { + http_server + .bind_rustls(opt.http_addr, config)? + .run() + .await?; + } else { + http_server.bind(opt.http_addr)?.run().await?; + } Ok(()) } diff --git a/meilisearch-http/src/option.rs b/meilisearch-http/src/option.rs index 2746b907c..5cd001a68 100644 --- a/meilisearch-http/src/option.rs +++ b/meilisearch-http/src/option.rs @@ -1,3 +1,13 @@ +use std::io::{BufReader, Read}; +use std::path::PathBuf; +use std::sync::Arc; +use std::{error, fs}; + +use rustls::internal::pemfile::{certs, pkcs8_private_keys, rsa_private_keys}; +use rustls::{ + AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient, NoClientAuth, + RootCertStore, +}; use structopt::StructOpt; const POSSIBLE_ENV: [&str; 2] = ["development", "production"]; @@ -38,4 +48,125 @@ pub struct Opt { /// The maximum size, in bytes, of accepted JSON payloads #[structopt(long, env = "MEILI_HTTP_PAYLOAD_SIZE_LIMIT", default_value = "10485760")] // 10MB pub http_payload_size_limit: usize, + + /// Read server certificates from CERTFILE. + /// This should contain PEM-format certificates + /// in the right order (the first certificate should + /// certify KEYFILE, the last should be a root CA). + #[structopt(long, env = "MEILI_SSL_CERT_PATH", parse(from_os_str))] + pub ssl_cert_path: Option, + + /// Read private key from KEYFILE. This should be a RSA + /// private key or PKCS8-encoded private key, in PEM format. + #[structopt(long, env = "MEILI_SSL_KEY_PATH", parse(from_os_str))] + pub ssl_key_path: Option, + + /// Enable client authentication, and accept certificates + /// signed by those roots provided in CERTFILE. + #[structopt(long, env = "MEILI_SSL_AUTH_PATH", parse(from_os_str))] + pub ssl_auth_path: Option, + + /// Read DER-encoded OCSP response from OCSPFILE and staple to certificate. + /// Optional + #[structopt(long, env = "MEILI_SSL_OCSP_PATH", parse(from_os_str))] + pub ssl_ocsp_path: Option, + + /// Send a fatal alert if the client does not complete client authentication. + #[structopt(long, env = "MEILI_SSL_REQUIRE_AUTH")] + pub ssl_require_auth: bool, + + /// SSL support session resumption + #[structopt(long, env = "MEILI_SSL_RESUMPTION")] + pub ssl_resumption: bool, + + /// SSL support tickets. + #[structopt(long, env = "MEILI_SSL_TICKETS")] + pub ssl_tickets: bool, +} + +impl Opt { + pub fn get_ssl_config(&self) -> Result, Box> { + if let (Some(cert_path), Some(key_path)) = (&self.ssl_cert_path, &self.ssl_key_path) { + let client_auth = match &self.ssl_auth_path { + Some(auth_path) => { + let roots = load_certs(auth_path.to_path_buf())?; + let mut client_auth_roots = RootCertStore::empty(); + for root in roots { + client_auth_roots.add(&root).unwrap(); + } + if self.ssl_require_auth { + AllowAnyAuthenticatedClient::new(client_auth_roots) + } else { + AllowAnyAnonymousOrAuthenticatedClient::new(client_auth_roots) + } + } + None => NoClientAuth::new(), + }; + + let mut config = rustls::ServerConfig::new(client_auth); + config.key_log = Arc::new(rustls::KeyLogFile::new()); + + let certs = load_certs(cert_path.to_path_buf())?; + let privkey = load_private_key(key_path.to_path_buf())?; + let ocsp = load_ocsp(&self.ssl_ocsp_path)?; + config + .set_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![]) + .map_err(|_| "bad certificates/private key")?; + + if self.ssl_resumption { + config.set_persistence(rustls::ServerSessionMemoryCache::new(256)); + } + + if self.ssl_tickets { + config.ticketer = rustls::Ticketer::new(); + } + + Ok(Some(config)) + } else { + Ok(None) + } + } +} + +fn load_certs(filename: PathBuf) -> Result, Box> { + let certfile = fs::File::open(filename).map_err(|_| "cannot open certificate file")?; + let mut reader = BufReader::new(certfile); + Ok(certs(&mut reader).map_err(|_| "cannot read certificate file")?) +} + +fn load_private_key(filename: PathBuf) -> Result> { + let rsa_keys = { + let keyfile = + fs::File::open(filename.clone()).map_err(|_| "cannot open private key file")?; + let mut reader = BufReader::new(keyfile); + rsa_private_keys(&mut reader).map_err(|_| "file contains invalid rsa private key")? + }; + + let pkcs8_keys = { + let keyfile = fs::File::open(filename).map_err(|_| "cannot open private key file")?; + let mut reader = BufReader::new(keyfile); + pkcs8_private_keys(&mut reader) + .map_err(|_| "file contains invalid pkcs8 private key (encrypted keys not supported)")? + }; + + // prefer to load pkcs8 keys + if !pkcs8_keys.is_empty() { + Ok(pkcs8_keys[0].clone()) + } else { + assert!(!rsa_keys.is_empty()); + Ok(rsa_keys[0].clone()) + } +} + +fn load_ocsp(filename: &Option) -> Result, Box> { + let mut ret = Vec::new(); + + if let &Some(ref name) = filename { + fs::File::open(name) + .map_err(|_| "cannot open ocsp file")? + .read_to_end(&mut ret) + .map_err(|_| "cannot read oscp file")?; + } + + Ok(ret) } diff --git a/meilisearch-http/tests/common.rs b/meilisearch-http/tests/common.rs index f9800ac10..1da7a1ec4 100644 --- a/meilisearch-http/tests/common.rs +++ b/meilisearch-http/tests/common.rs @@ -31,6 +31,8 @@ impl Server { main_map_size: default_db_options.main_map_size, update_map_size: default_db_options.update_map_size, http_payload_size_limit: 10000000, + ssl_key_path: None, + ssl_cert_path:None, }; let data = Data::new(opt.clone());