From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 124F19B8D9 for ; Tue, 21 Nov 2023 11:09:24 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id EDB42611A for ; Tue, 21 Nov 2023 11:08:53 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 21 Nov 2023 11:08:52 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id BC6C440E4D for ; Tue, 21 Nov 2023 11:08:52 +0100 (CET) From: Max Carrara To: pbs-devel@lists.proxmox.com Date: Tue, 21 Nov 2023 11:08:43 +0100 Message-Id: <20231121100846.216207-1-m.carrara@proxmox.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.069 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] [PATCH v4 proxmox, proxmox-backup 0/3] Add support for HTTP to HTTPS redirection X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2023 10:09:24 -0000 This patch series adds support for redirecting HTTP requests to HTTPS. This is done by peeking into the incoming TCP stream's buffer in order to check whether the client initiates a TLS handshake or not. Secure and insecure connections are then sent along separate channels, allowing them to be handled by different `hyper::Server`s (if so desired). Finally, `proxmox-backup-proxy` is adapted correspondingly, making it a little more convenient to access PBS via its web interface. This is v4 of the original series, with feedback on the previous series [0] incorporated. [0]: https://lists.proxmox.com/pipermail/pbs-devel/2023-October/006919.html proxmox: Max Carrara (2): rest-server: Refactor `AcceptBuilder`, provide support for optional TLS rest-server: Add `Redirector` proxmox-rest-server/src/connection.rs | 373 ++++++++++++++++++++------ proxmox-rest-server/src/lib.rs | 2 +- proxmox-rest-server/src/rest.rs | 73 +++++ 3 files changed, 361 insertions(+), 87 deletions(-) proxmox-backup: Max Carrara (1): proxy: redirect HTTP requests to HTTPS src/bin/proxmox-backup-proxy.rs | 41 ++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 8 deletions(-) -- 2.39.2