Introduce dynamic TLS resolvers.

This commit introduces the ability to dynamically select a TLS configuration based on the client's TLS hello via the new `Resolver` trait. In support of this, it also makes the following changes: * Added `Authority::set_port()`. * `UdsListener` is now `UnixListener`. * `Bindable` removed in favor of new `Bind`. * All built-in listeners now implement `Bind<&Rocket>`. * `Connection` requires `AsyncRead + AsyncWrite`. * The `Debug` impl for `Endpoint` displays the underlying address. * `Listener` must be `Sized`. * The TLS listener was moved to `tls::TlsListener`. * The preview `quic` listener no longer implements `Listener`. * Added `TlsConfig::server_config()`. * Added `race` future helpers. * Added `Rocket::launch_with()`, `Rocket::bind_launch()`. * Added a default `client.pem` to the TLS example. * Various unnecessary listener `Config` structures removed. In addition, the testbench was revamped to support more scenarios. This resulted in the following issues being found and fixed: * Fix an issue where the logger would ignore color requests. * Clarified docs for `mtls::Certificate` guard. * Improved error messages on listener misconfiguration. Resolves #2730. Resolves #2363. Closes #2748. Closes #2683. Closes #2577.
rwf2 · Apr 17, 2024 · 7cc818c · 7cc818c
1 parent 60f3cd5
commit 7cc818c
Show file tree

Hide file tree

Showing 45 changed files with 1,627 additions and 710 deletions.
diff --git a/contrib/dyn_templates/src/lib.rs b/contrib/dyn_templates/src/lib.rs
@@ -117,6 +117,8 @@
 //! to an `Object` (a dictionary) value. The [`context!`] macro can be used to
 //! create inline `Serialize`-able context objects.
 //!
+//! [`Serialize`]: rocket::serde::Serialize
+//!
 //! ```rust
 //! # #[macro_use] extern crate rocket;
 //! use rocket::serde::Serialize;
@@ -165,7 +167,7 @@
 //! builds, template reloading is disabled to improve performance and cannot be
 //! enabled.
 //!
-//! [attached]: Rocket::attach()
+//! [attached]: rocket::Rocket::attach()
 //!
 //! ### Metadata and Rendering to `String`
 //!

diff --git a/contrib/dyn_templates/src/template.rs b/contrib/dyn_templates/src/template.rs
@@ -140,11 +140,12 @@ impl Template {
     }
 
     /// Render the template named `name` with the context `context`. The
-    /// `context` is typically created using the [`context!`] macro, but it can
-    /// be of any type that implements `Serialize`, such as `HashMap` or a
-    /// custom `struct`.
+    /// `context` is typically created using the [`context!()`](crate::context!)
+    /// macro, but it can be of any type that implements `Serialize`, such as
+    /// `HashMap` or a custom `struct`.
     ///
-    /// To render a template directly into a string, use [`Metadata::render()`].
+    /// To render a template directly into a string, use
+    /// [`Metadata::render()`](crate::Metadata::render()).
     ///
     /// # Examples
     ///
@@ -291,8 +292,8 @@ impl Sentinel for Template {
 /// A macro to easily create a template rendering context.
 ///
 /// Invocations of this macro expand to a value of an anonymous type which
-/// implements [`serde::Serialize`]. Fields can be literal expressions or
-/// variables captured from a surrounding scope, as long as all fields implement
+/// implements [`Serialize`]. Fields can be literal expressions or variables
+/// captured from a surrounding scope, as long as all fields implement
 /// `Serialize`.
 ///
 /// # Examples

diff --git a/contrib/sync_db_pools/lib/tests/shutdown.rs b/contrib/sync_db_pools/lib/tests/shutdown.rs
@@ -1,5 +1,5 @@
-#[cfg(all(feature = "diesel_sqlite_pool"))]
 #[cfg(test)]
+#[cfg(all(feature = "diesel_sqlite_pool"))]
 mod sqlite_shutdown_test {
     use rocket::{async_test, Build, Rocket};
     use rocket_sync_db_pools::database;

diff --git a/core/http/src/uri/authority.rs b/core/http/src/uri/authority.rs
@@ -185,7 +185,7 @@ impl<'a> Authority<'a> {
         self.host.from_cow_source(&self.source)
     }
 
-    /// Returns the port part of the authority URI, if there is one.
+    /// Returns the `port` part of the authority URI, if there is one.
     ///
     /// # Example
     ///
@@ -206,6 +206,28 @@ impl<'a> Authority<'a> {
     pub fn port(&self) -> Option<u16> {
         self.port
     }
+
+    /// Set the `port` of the authority URI.
+    ///
+    /// # Example
+    ///
+    /// ```rust
+    /// # #[macro_use] extern crate rocket;
+    /// let mut uri = uri!("username:password@host:123");
+    /// assert_eq!(uri.port(), Some(123));
+    ///
+    /// uri.set_port(1024);
+    /// assert_eq!(uri.port(), Some(1024));
+    /// assert_eq!(uri, "username:password@host:1024");
+    ///
+    /// uri.set_port(None);
+    /// assert_eq!(uri.port(), None);
+    /// assert_eq!(uri, "username:password@host");
+    /// ```
+    #[inline(always)]
+    pub fn set_port<T: Into<Option<u16>>>(&mut self, port: T) {
+        self.port = port.into();
+    }
 }
 
 impl_serde!(Authority<'a>, "an authority-form URI");

diff --git a/core/lib/Cargo.toml b/core/lib/Cargo.toml
@@ -69,7 +69,7 @@ ref-swap = "0.1.2"
 parking_lot = "0.12"
 ubyte = {version = "0.10.2", features = ["serde"] }
 serde = { version = "1.0", features = ["derive"] }
-figment = { version = "0.10.13", features = ["toml", "env"] }
+figment = { version = "0.10.17", features = ["toml", "env"] }
 rand = "0.8"
 either = "1"
 pin-project-lite = "0.2"
@@ -140,5 +140,5 @@ version_check = "0.9.1"
 
 [dev-dependencies]
 tokio = { version = "1", features = ["macros", "io-std"] }
-figment = { version = "0.10", features = ["test"] }
+figment = { version = "0.10.17", features = ["test"] }
 pretty_assertions = "1"
diff --git a/core/lib/src/config/mod.rs b/core/lib/src/config/mod.rs
@@ -137,9 +137,6 @@ mod secret_key;
 #[cfg(unix)]
 pub use crate::shutdown::Sig;
 
-#[cfg(unix)]
-pub use crate::listener::unix::UdsConfig;
-
 #[cfg(feature = "secrets")]
 pub use secret_key::SecretKey;
 

diff --git a/core/lib/src/error.rs b/core/lib/src/error.rs
@@ -178,13 +178,17 @@ impl Error {
         self.mark_handled();
         match self.kind() {
             ErrorKind::Bind(ref a, ref e) => {
-                match a {
-                    Some(a) => error!("Binding to {} failed.", a.primary().underline()),
-                    None => error!("Binding to network interface failed."),
-                }
+                if let Some(e) = e.downcast_ref::<Self>() {
+                    e.pretty_print()
+                } else {
+                    match a {
+                        Some(a) => error!("Binding to {} failed.", a.primary().underline()),
+                        None => error!("Binding to network interface failed."),
+                    }
 
-                info_!("{}", e);
-                "aborting due to bind error"
+                    info_!("{}", e);
+                    "aborting due to bind error"
+                }
             }
             ErrorKind::Io(ref e) => {
                 error!("Rocket failed to launch due to an I/O error.");

diff --git a/core/lib/src/listener/bind.rs b/core/lib/src/listener/bind.rs
@@ -0,0 +1,10 @@
+use crate::listener::{Endpoint, Listener};
+
+pub trait Bind<T>: Listener + 'static {
+    type Error: std::error::Error + Send + 'static;
+
+    #[crate::async_bound(Send)]
+    async fn bind(to: T) -> Result<Self, Self::Error>;
+
+    fn bind_endpoint(to: &T) -> Result<Endpoint, Self::Error>;
+}
diff --git a/core/lib/src/listener/bindable.rs b/core/lib/src/listener/bindable.rs
diff --git a/core/lib/src/listener/connection.rs b/core/lib/src/listener/connection.rs
@@ -1,6 +1,7 @@
 use std::io;
 use std::borrow::Cow;
 
+use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::either::Either;
 
 use super::Endpoint;
@@ -9,7 +10,7 @@ use super::Endpoint;
 #[derive(Clone)]
 pub struct Certificates<'r>(Cow<'r, [der::CertificateDer<'r>]>);
 
-pub trait Connection: Send + Unpin {
+pub trait Connection: AsyncRead + AsyncWrite + Send + Unpin {
     fn endpoint(&self) -> io::Result<Endpoint>;
 
     /// DER-encoded X.509 certificate chain presented by the client, if any.