RubyGems - itsi-server - Versions diffs - 0.1.1 → 0.1.13 - Mend

itsi-server 0.1.1 → 0.1.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of itsi-server might be problematic. Click here for more details.

Files changed (143) hide show

data/ext/itsi_server/src/server/listener.rs CHANGED Viewed

@@ -1,61 +1,184 @@
 use super::bind::{Bind, BindAddress};
-use super::transfer_protocol::TransferProtocol;
-use hyper_util::rt::TokioIo;
-use itsi_error::Result;
+use super::bind_protocol::BindProtocol;
+use super::io_stream::IoStream;
+use super::serve_strategy::single_mode::RunningPhase;
+use super::tls::ItsiTlsAcceptor;
+use itsi_error::{ItsiError, Result};
 use itsi_tracing::info;
 use socket2::{Domain, Protocol, Socket, Type};
-use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
-use std::pin::Pin;
+use std::fmt::Display;
+use std::net::{IpAddr, SocketAddr, TcpListener};
+use std::os::fd::{AsRawFd, FromRawFd, RawFd};
 use std::sync::Arc;
-use std::{os::unix::net::UnixListener as StdUnixListener, path::PathBuf};
-use tokio::net::{unix, TcpListener, TcpStream, UnixListener, UnixStream};
+use std::{os::unix::net::UnixListener, path::PathBuf};
+use tokio::net::TcpListener as TokioTcpListener;
+use tokio::net::UnixListener as TokioUnixListener;
+use tokio::net::{unix, TcpStream, UnixStream};
+use tokio::sync::watch::Receiver;
 use tokio_rustls::TlsAcceptor;
-pub(crate) trait IoStream:
-    tokio::io::AsyncRead + tokio::io::AsyncWrite + Send + Unpin
-{
-}
-impl<T: tokio::io::AsyncRead + tokio::io::AsyncWrite + Send + Unpin> IoStream for T {}
+use tokio_stream::StreamExt;
+use tracing::error;
 pub(crate) enum Listener {
     Tcp(TcpListener),
-    TcpTls((TcpListener, TlsAcceptor)),
+    TcpTls((TcpListener, ItsiTlsAcceptor)),
     Unix(UnixListener),
-    UnixTls((UnixListener, TlsAcceptor)),
+    UnixTls((UnixListener, ItsiTlsAcceptor)),
 }
-enum Stream {
-    TcpStream((TcpStream, SocketAddr)),
-    UnixStream((UnixStream, unix::SocketAddr)),
+pub(crate) enum TokioListener {
+    Tcp(TokioTcpListener),
+    TcpTls(TokioTcpListener, ItsiTlsAcceptor),
+    Unix(TokioUnixListener),
+    UnixTls(TokioUnixListener, ItsiTlsAcceptor),
 }
-#[derive(Clone, Debug)]
-pub enum SockAddr {
-    Tcp(Arc<SocketAddr>),
-    Unix(Arc<unix::SocketAddr>),
+#[derive(Debug, Clone)]
+pub struct ListenerInfo {
+    pub host: String,
+    pub port: u16,
+    pub scheme: String,
 }
-impl std::fmt::Display for SockAddr {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+impl TokioListener {
+    pub fn listener_info(&self) -> ListenerInfo {
         match self {
-            SockAddr::Tcp(socket_addr) => write!(f, "{}", socket_addr.ip().to_canonical()),
-            SockAddr::Unix(socket_addr) => match socket_addr.as_pathname() {
-                Some(path) => write!(f, "{:?}", path),
-                None => write!(f, ""),
+            TokioListener::Tcp(listener) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .ip()
+                    .to_canonical()
+                    .to_string(),
+                port: listener.local_addr().unwrap().port(),
+                scheme: "http".to_string(),
+            },
+            TokioListener::TcpTls(listener, _) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .ip()
+                    .to_canonical()
+                    .to_string(),
+                port: listener.local_addr().unwrap().port(),
+                scheme: "https".to_string(),
+            },
+            TokioListener::Unix(listener) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .as_pathname()
+                    .unwrap()
+                    .to_str()
+                    .unwrap()
+                    .to_owned(),
+                port: 0,
+                scheme: "unix".to_string(),
+            },
+            TokioListener::UnixTls(listener, _) => ListenerInfo {
+                host: listener
+                    .local_addr()
+                    .unwrap()
+                    .as_pathname()
+                    .unwrap()
+                    .to_str()
+                    .unwrap()
+                    .to_owned(),
+                port: 0,
+                scheme: "ssl".to_string(),
             },
         }
     }
-}
-impl Listener {
-    pub(crate) async fn accept(&self) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
+    pub(crate) async fn accept(&self) -> Result<IoStream> {
         match self {
-            Listener::Tcp(listener) => Listener::accept_tcp(listener).await,
-            Listener::TcpTls((listener, acceptor)) => {
-                Listener::accept_tls(listener, acceptor).await
+            TokioListener::Tcp(listener) => TokioListener::accept_tcp(listener).await,
+            TokioListener::TcpTls(listener, acceptor) => {
+                TokioListener::accept_tls(listener, acceptor).await
+            }
+            TokioListener::Unix(listener) => TokioListener::accept_unix(listener).await,
+            TokioListener::UnixTls(listener, acceptor) => {
+                TokioListener::accept_unix_tls(listener, acceptor).await
+            }
+        }
+    }
+    async fn accept_tcp(listener: &TokioTcpListener) -> Result<IoStream> {
+        let tcp_stream = listener.accept().await?;
+        Self::to_tokio_io(Stream::TcpStream(tcp_stream), None).await
+    }
+    pub async fn spawn_state_task(&self, mut shutdown_receiver: Receiver<RunningPhase>) {
+        if let TokioListener::TcpTls(
+            _,
+            ItsiTlsAcceptor::Automatic(_acme_acceptor, state, _server_config),
+        ) = self
+        {
+            let mut state = state.lock().await;
+            loop {
+                tokio::select! {
+                  stream_event = StreamExt::next(&mut *state) => {
+                      match stream_event {
+                        Some(event) => info!("ACME Event: {:?}", event),
+                        None => error!("Received no acme event"),
+                      }
+                  },
+                  _ = shutdown_receiver.changed() => {
+                      break;
+                  }
+                }
             }
-            Listener::Unix(stream) => Listener::accept_unix(stream).await,
-            Listener::UnixTls((listener, acceptor)) => {
-                Listener::accept_unix_tls(listener, acceptor).await
+        }
+    }
+    async fn accept_tls(
+        listener: &TokioTcpListener,
+        acceptor: &ItsiTlsAcceptor,
+    ) -> Result<IoStream> {
+        let tcp_stream = listener.accept().await?;
+        match acceptor {
+            ItsiTlsAcceptor::Manual(tls_acceptor) => {
+                Self::to_tokio_io(Stream::TcpStream(tcp_stream), Some(tls_acceptor)).await
+            }
+            ItsiTlsAcceptor::Automatic(acme_acceptor, _, rustls_config) => {
+                let accept_future = acme_acceptor.accept(tcp_stream.0);
+                match accept_future.await {
+                    Ok(None) => Err(ItsiError::Pass()),
+                    Ok(Some(start_handshake)) => {
+                        let tls_stream = start_handshake.into_stream(rustls_config.clone()).await?;
+                        Ok(IoStream::TcpTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Tcp(Arc::new(tcp_stream.1)),
+                        })
+                    }
+                    Err(error) => {
+                        error!(error = format!("{:?}", error));
+                        Err(ItsiError::Pass())
+                    }
+                }
+            }
+        }
+    }
+    async fn accept_unix(listener: &TokioUnixListener) -> Result<IoStream> {
+        let unix_stream = listener.accept().await?;
+        Self::to_tokio_io(Stream::UnixStream(unix_stream), None).await
+    }
+    async fn accept_unix_tls(
+        listener: &TokioUnixListener,
+        acceptor: &ItsiTlsAcceptor,
+    ) -> Result<IoStream> {
+        let unix_stream = listener.accept().await?;
+        match acceptor {
+            ItsiTlsAcceptor::Manual(tls_acceptor) => {
+                Self::to_tokio_io(Stream::UnixStream(unix_stream), Some(tls_acceptor)).await
+            }
+            ItsiTlsAcceptor::Automatic(_, _, _) => {
+                error!("Automatic TLS not supported on Unix sockets");
+                Err(ItsiError::UnsupportedProtocol(
+                    "Automatic TLS on Unix Sockets".to_owned(),
+                ))
             }
         }
     }
@@ -63,156 +186,233 @@ impl Listener {
     async fn to_tokio_io(
         input_stream: Stream,
         tls_acceptor: Option<&TlsAcceptor>,
-    ) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
+    ) -> Result<IoStream> {
         match tls_acceptor {
             Some(acceptor) => match input_stream {
                 Stream::TcpStream((tcp_stream, socket_address)) => {
                     match acceptor.accept(tcp_stream).await {
-                        Ok(tls_stream) => Ok((
-                            TokioIo::new(Box::pin(tls_stream) as Pin<Box<dyn IoStream>>),
-                            SockAddr::Tcp(Arc::new(socket_address)),
-                        )),
+                        Ok(tls_stream) => Ok(IoStream::TcpTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Tcp(Arc::new(socket_address)),
+                        }),
                         Err(err) => Err(err.into()),
                     }
                 }
                 Stream::UnixStream((unix_stream, socket_address)) => {
                     match acceptor.accept(unix_stream).await {
-                        Ok(tls_stream) => Ok((
-                            TokioIo::new(Box::pin(tls_stream) as Pin<Box<dyn IoStream>>),
-                            SockAddr::Unix(Arc::new(socket_address)),
-                        )),
+                        Ok(tls_stream) => Ok(IoStream::UnixTls {
+                            stream: tls_stream,
+                            addr: SockAddr::Unix(Arc::new(socket_address)),
+                        }),
                         Err(err) => Err(err.into()),
                     }
                 }
             },
             None => match input_stream {
-                Stream::TcpStream((tcp_stream, socket_address)) => Ok((
-                    TokioIo::new(Box::pin(tcp_stream) as Pin<Box<dyn IoStream>>),
-                    SockAddr::Tcp(Arc::new(socket_address)),
-                )),
-                Stream::UnixStream((unix_stream, socket_address)) => Ok((
-                    TokioIo::new(Box::pin(unix_stream) as Pin<Box<dyn IoStream>>),
-                    SockAddr::Unix(Arc::new(socket_address)),
-                )),
+                Stream::TcpStream((tcp_stream, socket_address)) => Ok(IoStream::Tcp {
+                    stream: tcp_stream,
+                    addr: SockAddr::Tcp(Arc::new(socket_address)),
+                }),
+                Stream::UnixStream((unix_stream, socket_address)) => Ok(IoStream::Unix {
+                    stream: unix_stream,
+                    addr: SockAddr::Unix(Arc::new(socket_address)),
+                }),
             },
         }
     }
+}
-    async fn accept_tcp(
-        listener: &TcpListener,
-    ) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
-        let tcp_stream = listener.accept().await?;
-        Self::to_tokio_io(Stream::TcpStream(tcp_stream), None).await
-    }
-    async fn accept_tls(
-        listener: &TcpListener,
-        acceptor: &TlsAcceptor,
-    ) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
-        let tcp_stream = listener.accept().await?;
-        Self::to_tokio_io(Stream::TcpStream(tcp_stream), Some(acceptor)).await
-    }
+enum Stream {
+    TcpStream((TcpStream, SocketAddr)),
+    UnixStream((UnixStream, unix::SocketAddr)),
+}
-    async fn accept_unix(
-        listener: &UnixListener,
-    ) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
-        let unix_stream = listener.accept().await?;
-        Self::to_tokio_io(Stream::UnixStream(unix_stream), None).await
+#[derive(Clone, Debug)]
+pub enum SockAddr {
+    Tcp(Arc<SocketAddr>),
+    Unix(Arc<unix::SocketAddr>),
+}
+impl std::fmt::Display for SockAddr {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            SockAddr::Tcp(socket_addr) => write!(f, "{}", socket_addr.ip().to_canonical()),
+            SockAddr::Unix(socket_addr) => match socket_addr.as_pathname() {
+                Some(path) => write!(f, "{:?}", path),
+                None => write!(f, ""),
+            },
+        }
     }
+}
+impl Display for Listener {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Listener::Tcp(listener) | Listener::TcpTls((listener, _)) => write!(
+                f,
+                "{}",
+                listener
+                    .local_addr()
+                    .map(|addr| addr.to_string())
+                    .unwrap_or_else(|_| "".to_string())
+            ),
-    async fn accept_unix_tls(
-        listener: &UnixListener,
-        acceptor: &TlsAcceptor,
-    ) -> Result<(TokioIo<Pin<Box<dyn IoStream>>>, SockAddr)> {
-        let unix_stream = listener.accept().await?;
-        Self::to_tokio_io(Stream::UnixStream(unix_stream), Some(acceptor)).await
+            Listener::Unix(listener) | Listener::UnixTls((listener, _)) => write!(
+                f,
+                "{}",
+                listener
+                    .local_addr()
+                    .map(|addr| addr
+                        .as_pathname()
+                        .map(|path| path.to_str().unwrap_or("").to_owned())
+                        .unwrap_or_default())
+                    .unwrap_or_else(|_| "".to_string())
+            ),
+        }
     }
+}
-    pub(crate) fn scheme(&self) -> String {
+impl Listener {
+    pub fn into_tokio_listener(self) -> TokioListener {
         match self {
-            Listener::Tcp(_) => "http".to_string(),
-            Listener::TcpTls(_) => "https".to_string(),
-            Listener::Unix(_) => "http".to_string(),
-            Listener::UnixTls(_) => "https".to_string(),
+            Listener::Tcp(listener) => {
+                TokioListener::Tcp(TokioTcpListener::from_std(listener).unwrap())
+            }
+            Listener::TcpTls((listener, acceptor)) => TokioListener::TcpTls(
+                TokioTcpListener::from_std(listener).unwrap(),
+                acceptor.clone(),
+            ),
+            Listener::Unix(listener) => {
+                TokioListener::Unix(TokioUnixListener::from_std(listener).unwrap())
+            }
+            Listener::UnixTls((listener, acceptor)) => TokioListener::UnixTls(
+                TokioUnixListener::from_std(listener).unwrap(),
+                acceptor.clone(),
+            ),
         }
     }
-    pub(crate) fn port(&self) -> u16 {
+    /// Handover information when using exec to hand over the listener to a replacement process.
+    pub fn handover(&self) -> Result<(String, i32)> {
         match self {
-            Listener::Tcp(listener) => listener.local_addr().unwrap().port(),
-            Listener::TcpTls((listener, _)) => listener.local_addr().unwrap().port(),
-            Listener::Unix(_) => 0,
-            Listener::UnixTls(_) => 0,
+            Listener::Tcp(listener) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("tcp://{}:{}", addr.ip().to_canonical(), addr.port()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::TcpTls((listener, _)) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("tcp://{}:{}", addr.ip().to_canonical(), addr.port()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::Unix(listener) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("unix://{}", addr.as_pathname().unwrap().to_str().unwrap()),
+                    listener.as_raw_fd(),
+                ))
+            }
+            Listener::UnixTls((listener, _)) => {
+                let addr = listener.local_addr()?;
+                Ok((
+                    format!("unix://{}", addr.as_pathname().unwrap().to_str().unwrap()),
+                    listener.as_raw_fd(),
+                ))
+            }
         }
     }
-    pub(crate) fn host(&self) -> String {
-        match self {
-            Listener::Tcp(listener) => listener.local_addr().unwrap().ip().to_string(),
-            Listener::TcpTls((listener, _)) => listener.local_addr().unwrap().ip().to_string(),
-            Listener::Unix(_) => "unix".to_string(),
-            Listener::UnixTls(_) => "unix".to_string(),
-        }
+    pub fn inherit_fd(bind: Bind, fd: RawFd) -> Result<Self> {
+        let bound = match bind.address {
+            BindAddress::Ip(_) => match bind.protocol {
+                BindProtocol::Http => Listener::Tcp(revive_tcp_socket(fd)?),
+                BindProtocol::Https => {
+                    let tcp_listener = revive_tcp_socket(fd)?;
+                    Listener::TcpTls((tcp_listener, bind.tls_config.unwrap()))
+                }
+                _ => unreachable!(),
+            },
+            BindAddress::UnixSocket(_) => match bind.tls_config {
+                Some(tls_config) => Listener::UnixTls((revive_unix_socket(fd)?, tls_config)),
+                None => Listener::Unix(revive_unix_socket(fd)?),
+            },
+        };
+        Ok(bound)
     }
 }
-impl From<Bind> for Listener {
-    fn from(bind: Bind) -> Self {
-        match bind.address {
+impl TryFrom<Bind> for Listener {
+    type Error = itsi_error::ItsiError;
+    fn try_from(bind: Bind) -> std::result::Result<Self, Self::Error> {
+        let bound = match bind.address {
             BindAddress::Ip(addr) => match bind.protocol {
-                TransferProtocol::Http => Listener::Tcp(
-                    TcpListener::from_std(connect_tcp_socket(addr, bind.port.unwrap())).unwrap(),
-                ),
-                TransferProtocol::Https => {
-                    let tcp_listener =
-                        TcpListener::from_std(connect_tcp_socket(addr, bind.port.unwrap()))
-                            .unwrap();
-                    let tls_acceptor = TlsAcceptor::from(Arc::new(bind.tls_config.unwrap()));
-                    Listener::TcpTls((tcp_listener, tls_acceptor))
+                BindProtocol::Http => Listener::Tcp(connect_tcp_socket(addr, bind.port.unwrap())?),
+                BindProtocol::Https => {
+                    let tcp_listener = connect_tcp_socket(addr, bind.port.unwrap())?;
+                    Listener::TcpTls((tcp_listener, bind.tls_config.unwrap()))
                 }
                 _ => unreachable!(),
             },
             BindAddress::UnixSocket(path) => match bind.tls_config {
-                Some(tls_config) => {
-                    let tls_acceptor = TlsAcceptor::from(Arc::new(tls_config));
-                    Listener::UnixTls((
-                        UnixListener::from_std(connect_unix_socket(&path)).unwrap(),
-                        tls_acceptor,
-                    ))
-                }
-                None => Listener::Unix(UnixListener::from_std(connect_unix_socket(&path)).unwrap()),
+                Some(tls_config) => Listener::UnixTls((connect_unix_socket(&path)?, tls_config)),
+                None => Listener::Unix(connect_unix_socket(&path)?),
             },
-        }
+        };
+        Ok(bound)
     }
 }
-fn connect_tcp_socket(addr: IpAddr, port: u16) -> StdTcpListener {
+fn revive_tcp_socket(fd: RawFd) -> Result<TcpListener> {
+    let socket = unsafe { Socket::from_raw_fd(fd) };
+    socket.set_reuse_port(true).ok();
+    socket.set_reuse_address(true).ok();
+    socket.set_nonblocking(true).ok();
+    socket.set_nodelay(true).ok();
+    socket.set_recv_buffer_size(262_144).ok();
+    socket.set_cloexec(true)?;
+    socket.listen(1024)?;
+    Ok(socket.into())
+}
+fn revive_unix_socket(fd: RawFd) -> Result<UnixListener> {
+    let socket = unsafe { Socket::from_raw_fd(fd) };
+    socket.set_nonblocking(true).ok();
+    socket.listen(1024)?;
+    socket.set_cloexec(true)?;
+    Ok(socket.into())
+}
+fn connect_tcp_socket(addr: IpAddr, port: u16) -> Result<TcpListener> {
     let domain = match addr {
         IpAddr::V4(_) => Domain::IPV4,
         IpAddr::V6(_) => Domain::IPV6,
     };
-    let socket = Socket::new(domain, Type::STREAM, Some(Protocol::TCP)).unwrap();
+    let socket = Socket::new(domain, Type::STREAM, Some(Protocol::TCP))?;
     let socket_address: SocketAddr = SocketAddr::new(addr, port);
-    socket.set_reuse_address(true).ok();
     socket.set_reuse_port(true).ok();
+    socket.set_reuse_address(true).ok();
     socket.set_nonblocking(true).ok();
     socket.set_nodelay(true).ok();
-    socket.set_recv_buffer_size(1_048_576).ok();
-    info!("Binding to {}", socket_address);
-    socket.bind(&socket_address.into()).unwrap();
-    socket.listen(1024).unwrap();
-    socket.into()
+    socket.set_recv_buffer_size(262_144).ok();
+    socket.set_only_v6(false).ok();
+    socket.bind(&socket_address.into())?;
+    socket.listen(1024)?;
+    Ok(socket.into())
 }
-fn connect_unix_socket(path: &PathBuf) -> StdUnixListener {
+fn connect_unix_socket(path: &PathBuf) -> Result<UnixListener> {
     let _ = std::fs::remove_file(path);
-    let socket = Socket::new(Domain::UNIX, Type::STREAM, None).unwrap();
+    let socket = Socket::new(Domain::UNIX, Type::STREAM, None)?;
     socket.set_nonblocking(true).ok();
-    let socket_address = socket2::SockAddr::unix(path).unwrap();
-    info!("Binding to {:?}", path);
-    socket.bind(&socket_address).unwrap();
-    socket.listen(1024).unwrap();
+    let socket_address = socket2::SockAddr::unix(path)?;
+    socket.bind(&socket_address)?;
+    socket.listen(1024)?;
-    socket.into()
+    Ok(socket.into())
 }