From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 08/12] tokio 1.0: update to new tokio-openssl interface
Date: Tue, 12 Jan 2021 14:58:22 +0100 [thread overview]
Message-ID: <20210112135830.2798301-13-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20210112135830.2798301-1-f.gruenbichler@proxmox.com>
connect/accept are now happening on pinned SslStreams
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
Notes:
there might be further potential to improve error handling now?
src/bin/proxmox-backup-proxy.rs | 27 ++++++++++++++++++++++-----
src/server/rest.rs | 4 ++--
src/tools/async_io.rs | 2 +-
src/tools/http.rs | 11 +++++------
4 files changed, 30 insertions(+), 14 deletions(-)
diff --git a/src/bin/proxmox-backup-proxy.rs b/src/bin/proxmox-backup-proxy.rs
index 16450244..c8eb237c 100644
--- a/src/bin/proxmox-backup-proxy.rs
+++ b/src/bin/proxmox-backup-proxy.rs
@@ -167,7 +167,7 @@ fn accept_connections(
mut listener: tokio::net::TcpListener,
acceptor: Arc<openssl::ssl::SslAcceptor>,
debug: bool,
-) -> tokio::sync::mpsc::Receiver<Result<tokio_openssl::SslStream<tokio::net::TcpStream>, Error>> {
+) -> tokio::sync::mpsc::Receiver<Result<std::pin::Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>, Error>> {
const MAX_PENDING_ACCEPTS: usize = 1024;
@@ -185,7 +185,24 @@ fn accept_connections(
sock.set_nodelay(true).unwrap();
let _ = set_tcp_keepalive(sock.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
let acceptor = Arc::clone(&acceptor);
- let mut sender = sender.clone();
+
+ let ssl = match openssl::ssl::Ssl::new(acceptor.context()) {
+ Ok(ssl) => ssl,
+ Err(err) => {
+ eprintln!("failed to create Ssl object from Acceptor context - {}", err);
+ continue;
+ },
+ };
+ let stream = match tokio_openssl::SslStream::new(ssl, sock) {
+ Ok(stream) => stream,
+ Err(err) => {
+ eprintln!("failed to create SslStream using ssl and connection socket - {}", err);
+ continue;
+ },
+ };
+
+ let mut stream = Box::pin(stream);
+ let sender = sender.clone();
if Arc::strong_count(&accept_counter) > MAX_PENDING_ACCEPTS {
eprintln!("connection rejected - to many open connections");
@@ -195,13 +212,13 @@ fn accept_connections(
let accept_counter = accept_counter.clone();
tokio::spawn(async move {
let accept_future = tokio::time::timeout(
- Duration::new(10, 0), tokio_openssl::accept(&acceptor, sock));
+ Duration::new(10, 0), stream.as_mut().accept());
let result = accept_future.await;
match result {
- Ok(Ok(connection)) => {
- if let Err(_) = sender.send(Ok(connection)).await {
+ Ok(Ok(())) => {
+ if let Err(_) = sender.send(Ok(stream)).await {
if debug {
eprintln!("detect closed connection channel");
}
diff --git a/src/server/rest.rs b/src/server/rest.rs
index 04bdc5f9..c30d1c92 100644
--- a/src/server/rest.rs
+++ b/src/server/rest.rs
@@ -65,7 +65,7 @@ impl RestServer {
}
}
-impl tower_service::Service<&tokio_openssl::SslStream<tokio::net::TcpStream>> for RestServer {
+impl tower_service::Service<&Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>> for RestServer {
type Response = ApiService;
type Error = Error;
type Future = Pin<Box<dyn Future<Output = Result<ApiService, Error>> + Send>>;
@@ -74,7 +74,7 @@ impl tower_service::Service<&tokio_openssl::SslStream<tokio::net::TcpStream>> fo
Poll::Ready(Ok(()))
}
- fn call(&mut self, ctx: &tokio_openssl::SslStream<tokio::net::TcpStream>) -> Self::Future {
+ fn call(&mut self, ctx: &Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>) -> Self::Future {
match ctx.get_ref().peer_addr() {
Err(err) => {
future::err(format_err!("unable to get peer address - {}", err)).boxed()
diff --git a/src/tools/async_io.rs b/src/tools/async_io.rs
index 3a5a6c9a..997c02fa 100644
--- a/src/tools/async_io.rs
+++ b/src/tools/async_io.rs
@@ -74,7 +74,7 @@ impl<L: AsyncWrite + Unpin, R: AsyncWrite + Unpin> AsyncWrite for EitherStream<L
// we need this for crate::client::http_client:
impl Connection for EitherStream<
tokio::net::TcpStream,
- tokio_openssl::SslStream<tokio::net::TcpStream>,
+ Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>,
> {
fn connected(&self) -> hyper::client::connect::Connected {
match self {
diff --git a/src/tools/http.rs b/src/tools/http.rs
index 130aa381..47d6e1f6 100644
--- a/src/tools/http.rs
+++ b/src/tools/http.rs
@@ -3,6 +3,7 @@ use lazy_static::lazy_static;
use std::task::{Context, Poll};
use std::os::unix::io::AsRawFd;
use std::collections::HashMap;
+use std::pin::Pin;
use hyper::{Uri, Body};
use hyper::client::{Client, HttpConnector};
@@ -101,7 +102,7 @@ impl HttpsConnector {
type MaybeTlsStream = EitherStream<
tokio::net::TcpStream,
- tokio_openssl::SslStream<tokio::net::TcpStream>,
+ Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>,
>;
impl hyper::service::Service<Uri> for HttpsConnector {
@@ -123,10 +124,6 @@ impl hyper::service::Service<Uri> for HttpsConnector {
.scheme()
.ok_or_else(|| format_err!("missing URL scheme"))?
== "https";
- let host = dst
- .host()
- .ok_or_else(|| format_err!("missing hostname in destination url?"))?
- .to_string();
let config = this.ssl_connector.configure();
let dst_str = dst.to_string(); // for error messages
@@ -139,7 +136,9 @@ impl hyper::service::Service<Uri> for HttpsConnector {
let _ = set_tcp_keepalive(conn.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
if is_https {
- let conn = tokio_openssl::connect(config?, &host, conn).await?;
+ let conn: tokio_openssl::SslStream<tokio::net::TcpStream> = tokio_openssl::SslStream::new(config?.into_ssl(&dst_str)?, conn)?;
+ let mut conn = Box::pin(conn);
+ conn.as_mut().connect().await?;
Ok(MaybeTlsStream::Right(conn))
} else {
Ok(MaybeTlsStream::Left(conn))
--
2.20.1
next prev parent reply other threads:[~2021-01-12 13:59 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-12 13:58 [pbs-devel] [PATCH-SERIES 0/20] update to tokio 1.0 and friends Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox 1/4] Cargo.toml: update to tokio 1.0 Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox 2/4] update to rustyline 7 Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox 3/4] update to tokio 1.0 Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox 4/4] tokio 1.0: drop TimeoutFutureExt Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 01/12] update to tokio 1.0 Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 02/12] tokio 1.0: delay -> sleep Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 03/12] proxmox XXX: use tokio::time::timeout directly Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 04/12] tokio 1.0: AsyncRead/Seek with ReadBuf Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 05/12] tokio: adapt to 1.0 runtime changes Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 06/12] tokio: adapt to 1.0 process:Child changes Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 07/12] tokio 1.0: use ReceiverStream from tokio-stream Fabian Grünbichler
2021-01-12 13:58 ` Fabian Grünbichler [this message]
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 09/12] tokio 1.0: update to new Signal interface Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 10/12] hyper: use new hyper::upgrade Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 11/12] examples: unify h2 examples Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-backup 12/12] cleanup: remove unnecessary 'mut' and '.clone()' Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH proxmox-fuse] update to tokio 1.0 Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [PATCH pxar 1/3] " Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [RFC pxar 2/3] clippy: use matches! instead of match Fabian Grünbichler
2021-01-12 13:58 ` [pbs-devel] [RFC pxar 3/3] remove futures-io feature Fabian Grünbichler
2021-01-12 14:42 ` Wolfgang Bumiller
2021-01-12 14:52 ` [pbs-devel] [PATCH-SERIES 0/20] update to tokio 1.0 and friends Wolfgang Bumiller
2021-01-14 13:39 ` [pbs-devel] [PATCH proxmox 1/3] fix u2f example Fabian Grünbichler
2021-01-14 13:39 ` [pbs-devel] [PATCH proxmox-backup] proxmox XXX: adapt to moved ParameterSchema Fabian Grünbichler
2021-01-14 13:39 ` [pbs-devel] [PATCH proxmox 2/3] move ParameterSchema from router to schema Fabian Grünbichler
2021-01-14 13:39 ` [pbs-devel] [PATCH proxmox 3/3] build: add autopkgtest target Fabian Grünbichler
2021-01-14 13:41 ` [pbs-devel] [PATCH pxar 1/2] fix example Fabian Grünbichler
2021-01-14 13:41 ` [pbs-devel] [PATCH pxar 2/2] build: fix --no-default-features Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210112135830.2798301-13-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox