public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 6/8] move tools::http to proxmox_http
Date: Fri, 14 May 2021 15:44:55 +0200	[thread overview]
Message-ID: <20210514134457.1447930-20-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20210514134457.1447930-1-f.gruenbichler@proxmox.com>

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---

Notes:
    requires proxmox patch #7-9

 Cargo.toml                      |   2 +-
 src/client/http_client.rs       |   7 +-
 src/tools.rs                    |   1 -
 src/tools/http.rs               | 197 --------------------------------
 src/tools/simple_http_client.rs |   6 +-
 5 files changed, 8 insertions(+), 205 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index df649c1b..73bd4240 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -57,7 +57,7 @@ proxmox = { version = "0.11.4", features = [ "sortable-macro", "api-macro" ] }
 #proxmox = { git = "git://git.proxmox.com/git/proxmox", version = "0.1.2", features = [ "sortable-macro", "api-macro" ] }
 #proxmox = { path = "../proxmox/proxmox", features = [ "sortable-macro", "api-macro" ] }
 proxmox-fuse = "0.1.1"
-proxmox-http = { version = "0.1.0", path = "../proxmox/proxmox-http", features = [ "http-helpers", "websocket" ] }
+proxmox-http = { version = "0.1.0", path = "../proxmox/proxmox-http", features = [ "client", "http-helpers", "websocket" ] }
 pxar = { version = "0.10.1", features = [ "tokio-io" ] }
 #pxar = { path = "../pxar", features = [ "tokio-io" ] }
 regex = "1.2"
diff --git a/src/client/http_client.rs b/src/client/http_client.rs
index 056f30e5..4c548481 100644
--- a/src/client/http_client.rs
+++ b/src/client/http_client.rs
@@ -20,6 +20,9 @@ use proxmox::{
     tools::fs::{file_get_json, replace_file, CreateOptions},
 };
 
+use proxmox_http::http::client::HttpsConnector;
+use proxmox_http::http::helpers::build_authority;
+
 use super::pipe_to_stream::PipeToSendStream;
 use crate::api2::types::{Authid, Userid};
 use crate::tools::{
@@ -27,10 +30,6 @@ use crate::tools::{
     BroadcastFuture,
     DEFAULT_ENCODE_SET,
     PROXMOX_BACKUP_TCP_KEEPALIVE_TIME,
-    http::{
-        build_authority,
-        HttpsConnector,
-    },
 };
 
 /// Timeout used for several HTTP operations that are expected to finish quickly but may block in
diff --git a/src/tools.rs b/src/tools.rs
index 8a1d0bc7..eb9a9fd0 100644
--- a/src/tools.rs
+++ b/src/tools.rs
@@ -31,7 +31,6 @@ pub mod disks;
 pub mod format;
 pub mod fs;
 pub mod fuse_loop;
-pub mod http;
 
 mod simple_http_client;
 pub use simple_http_client::SimpleHttp;
diff --git a/src/tools/http.rs b/src/tools/http.rs
index b99d26a1..dba8dc98 100644
--- a/src/tools/http.rs
+++ b/src/tools/http.rs
@@ -20,200 +20,3 @@ use tokio_openssl::SslStream;
 
 use proxmox::sys::linux::socket::set_tcp_keepalive;
 use proxmox_http::http::{MaybeTlsStream, ProxyConfig};
-
-// Build a http::uri::Authority ("host:port"), use '[..]' around IPv6 addresses
-pub(crate) fn build_authority(host: &str, port: u16) -> Result<Authority, Error> {
-    let bytes = host.as_bytes();
-    let len = bytes.len();
-    let authority = if len > 3 && bytes.contains(&b':') && bytes[0] != b'[' && bytes[len-1] != b']' {
-        format!("[{}]:{}", host, port).parse()?
-    } else {
-        format!("{}:{}", host, port).parse()?
-    };
-    Ok(authority)
-}
-
-#[derive(Clone)]
-pub struct HttpsConnector {
-    connector: HttpConnector,
-    ssl_connector: Arc<SslConnector>,
-    proxy: Option<ProxyConfig>,
-    tcp_keepalive: u32,
-}
-
-impl HttpsConnector {
-    pub fn with_connector(mut connector: HttpConnector, ssl_connector: SslConnector, tcp_keepalive: u32) -> Self {
-        connector.enforce_http(false);
-        Self {
-            connector,
-            ssl_connector: Arc::new(ssl_connector),
-            proxy: None,
-            tcp_keepalive,
-        }
-    }
-
-    pub fn set_proxy(&mut self, proxy: ProxyConfig) {
-        self.proxy = Some(proxy);
-    }
-
-    async fn secure_stream(
-        tcp_stream: TcpStream,
-        ssl_connector: &SslConnector,
-        host: &str,
-    ) -> Result<MaybeTlsStream<TcpStream>, Error> {
-        let config = ssl_connector.configure()?;
-        let mut conn: SslStream<TcpStream> = SslStream::new(config.into_ssl(host)?, tcp_stream)?;
-        Pin::new(&mut conn).connect().await?;
-        Ok(MaybeTlsStream::Secured(conn))
-    }
-
-    fn parse_status_line(status_line: &str) -> Result<(), Error> {
-        if !(status_line.starts_with("HTTP/1.1 200") || status_line.starts_with("HTTP/1.0 200")) {
-            bail!("proxy connect failed - invalid status: {}", status_line)
-        }
-        Ok(())
-    }
-
-    async fn parse_connect_response<R: AsyncRead +  Unpin>(
-        stream: &mut R,
-    ) -> Result<(), Error> {
-
-        let mut data: Vec<u8> = Vec::new();
-        let mut buffer = [0u8; 256];
-        const END_MARK: &[u8; 4] = b"\r\n\r\n";
-
-        'outer: loop {
-            let n = stream.read(&mut buffer[..]).await?;
-            if n == 0 { break; }
-            let search_start = if data.len() > END_MARK.len() { data.len() - END_MARK.len() + 1 } else { 0 };
-            data.extend(&buffer[..n]);
-            if data.len() >= END_MARK.len() {
-                if let Some(pos) = data[search_start..].windows(END_MARK.len()).position(|w| w == END_MARK) {
-                    let response = String::from_utf8_lossy(&data);
-                    let status_line = match response.split("\r\n").next() {
-                        Some(status) => status,
-                        None => bail!("missing newline"),
-                    };
-                    Self::parse_status_line(status_line)?;
-
-                    if pos != data.len() - END_MARK.len() {
-                        bail!("unexpected data after connect response");
-                    }
-                    break 'outer;
-                }
-            }
-            if data.len() > 1024*32 { // max 32K (random chosen limit)
-                bail!("too many bytes");
-            }
-        }
-        Ok(())
-    }
-}
-
-impl hyper::service::Service<Uri> for HttpsConnector {
-    type Response = MaybeTlsStream<TcpStream>;
-    type Error = Error;
-    #[allow(clippy::type_complexity)]
-    type Future = Pin<Box<dyn Future<Output = Result<Self::Response, Self::Error>> + Send + 'static>>;
-
-    fn poll_ready(&mut self, ctx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
-        self.connector
-            .poll_ready(ctx)
-            .map_err(|err| err.into())
-    }
-
-    fn call(&mut self, dst: Uri) -> Self::Future {
-        let mut connector = self.connector.clone();
-        let ssl_connector = Arc::clone(&self.ssl_connector);
-        let is_https = dst.scheme() == Some(&http::uri::Scheme::HTTPS);
-        let host = match dst.host() {
-            Some(host) => host.to_owned(),
-            None => {
-                return futures::future::err(format_err!("missing URL scheme")).boxed();
-            }
-        };
-        let port = dst.port_u16().unwrap_or(if is_https { 443 } else { 80 });
-        let keepalive = self.tcp_keepalive;
-
-        if let Some(ref proxy) = self.proxy {
-
-            let use_connect = is_https || proxy.force_connect;
-
-            let proxy_authority = match build_authority(&proxy.host, proxy.port) {
-                Ok(authority) => authority,
-                Err(err) => return futures::future::err(err).boxed(),
-            };
-
-            let proxy_uri = match Uri::builder()
-                .scheme("http")
-                .authority(proxy_authority.as_str())
-                .path_and_query("/")
-                .build()
-            {
-                Ok(uri) => uri,
-                Err(err) => return futures::future::err(err.into()).boxed(),
-            };
-
-            let authorization = proxy.authorization.clone();
-
-            if use_connect {
-                async move {
-
-                    let mut tcp_stream = connector
-                        .call(proxy_uri)
-                        .await
-                        .map_err(|err| format_err!("error connecting to {} - {}", proxy_authority, err))?;
-
-                    let _ = set_tcp_keepalive(tcp_stream.as_raw_fd(), keepalive);
-
-                    let mut connect_request = format!("CONNECT {0}:{1} HTTP/1.1\r\n", host, port);
-                    if let Some(authorization) = authorization {
-                        connect_request.push_str(&format!(
-                            "Proxy-Authorization: Basic {}\r\n",
-                            base64::encode(authorization),
-                        ));
-                    }
-                    connect_request.push_str(&format!("Host: {0}:{1}\r\n\r\n", host, port));
-
-                    tcp_stream.write_all(connect_request.as_bytes()).await?;
-                    tcp_stream.flush().await?;
-
-                    Self::parse_connect_response(&mut tcp_stream).await?;
-
-                    if is_https {
-                        Self::secure_stream(tcp_stream, &ssl_connector, &host).await
-                    } else {
-                        Ok(MaybeTlsStream::Normal(tcp_stream))
-                    }
-                }.boxed()
-            } else {
-               async move {
-                   let tcp_stream = connector
-                       .call(proxy_uri)
-                       .await
-                       .map_err(|err| format_err!("error connecting to {} - {}", proxy_authority, err))?;
-
-                   let _ = set_tcp_keepalive(tcp_stream.as_raw_fd(), keepalive);
-
-                   Ok(MaybeTlsStream::Proxied(tcp_stream))
-               }.boxed()
-            }
-        } else {
-            async move {
-                let dst_str = dst.to_string(); // for error messages
-                let tcp_stream = connector
-                    .call(dst)
-                    .await
-                    .map_err(|err| format_err!("error connecting to {} - {}", dst_str, err))?;
-
-                let _ = set_tcp_keepalive(tcp_stream.as_raw_fd(), keepalive);
-
-                if is_https {
-                    Self::secure_stream(tcp_stream, &ssl_connector, &host).await
-                } else {
-                    Ok(MaybeTlsStream::Normal(tcp_stream))
-                }
-            }.boxed()
-        }
-    }
-}
diff --git a/src/tools/simple_http_client.rs b/src/tools/simple_http_client.rs
index 729711c8..fa3eadf4 100644
--- a/src/tools/simple_http_client.rs
+++ b/src/tools/simple_http_client.rs
@@ -7,10 +7,12 @@ use http::{Request, Response, HeaderValue};
 use openssl::ssl::{SslConnector, SslMethod};
 use futures::*;
 
-use proxmox_http::http::ProxyConfig;
+use proxmox_http::http::{
+    ProxyConfig,
+    client::HttpsConnector,
+};
 
 use crate::tools::PROXMOX_BACKUP_TCP_KEEPALIVE_TIME;
-use crate::tools::http::HttpsConnector;
 
 /// Asyncrounous HTTP client implementation
 pub struct SimpleHttp {
-- 
2.20.1





  parent reply	other threads:[~2021-05-14 13:46 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-14 13:44 [pbs-devel] [PATCH proxmox(-backup) 00/21] pull HTTP code into proxmox/proxmox-http Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 01/13] proxmox: add missing +router -> futures dep Fabian Grünbichler
2021-05-17  8:22   ` [pbs-devel] applied: " Dietmar Maurer
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 02/13] meta: add empty proxmox-http sub-crate Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 03/13] http: takeover websocket feature from proxmox Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 04/13] http: make clippy happy Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 05/13] proxmox: takeover socket helper from proxmox_backup Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 06/13] http: takeover MaybeTlsStream " Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 07/13] http: takeover build_authority helper " Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 08/13] http: takeover ProxyConfig " Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 09/13] http: takeover tools::http " Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 10/13] http: takeover simple HTTP client " Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 11/13] http: make clippy happy Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 12/13] http: rustfmt Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox 13/13] http: update d/control Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 1/8] move websocket to new 'proxmox_http' crate Fabian Grünbichler
2021-05-17  8:35   ` [pbs-devel] applied: " Dietmar Maurer
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 2/8] refactor: move socket helper to proxmox crate Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 3/8] move MaybeTlsStream wrapper to proxmox_http Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 4/8] HttpsConnector: make keepalive configurable Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 5/8] move ProxyConfig to proxmox_http Fabian Grünbichler
2021-05-14 13:44 ` Fabian Grünbichler [this message]
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 7/8] SimpleHttp: factor out product-specific bits Fabian Grünbichler
2021-05-14 13:44 ` [pbs-devel] [PATCH proxmox-backup 8/8] move SimpleHttp to proxmox_http Fabian Grünbichler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210514134457.1447930-20-f.gruenbichler@proxmox.com \
    --to=f.gruenbichler@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal