Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support hyper-rustls along with hyper v1 #137

Merged
merged 2 commits into from
Jan 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 30 additions & 31 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,35 +44,35 @@ jobs:
platform: linux/arm64
tags-suffix: "-s2n"

# - target: "gnu"
# build-feature: "-native-roots"
# platform: linux/amd64
# tags-suffix: "-native-roots"

# - target: "gnu"
# build-feature: "-native-roots"
# platform: linux/arm64
# tags-suffix: "-native-roots"

# - target: "musl"
# build-feature: "-native-roots"
# platform: linux/amd64
# tags-suffix: "-slim-native-roots"

# - target: "musl"
# build-feature: "-native-roots"
# platform: linux/arm64
# tags-suffix: "-slim-native-roots"

# - target: "gnu"
# build-feature: "-s2n-native-roots"
# platform: linux/amd64
# tags-suffix: "-s2n-native-roots"

# - target: "gnu"
# build-feature: "-s2n-native-roots"
# platform: linux/arm64
# tags-suffix: "-s2n-native-roots"
- target: "gnu"
build-feature: "-webpki-roots"
platform: linux/amd64
tags-suffix: "-webpki-roots"

- target: "gnu"
build-feature: "-webpki-roots"
platform: linux/arm64
tags-suffix: "-webpki-roots"

- target: "musl"
build-feature: "-webpki-roots"
platform: linux/amd64
tags-suffix: "-slim-webpki-roots"

- target: "musl"
build-feature: "-webpki-roots"
platform: linux/arm64
tags-suffix: "-slim-webpki-roots"

- target: "gnu"
build-feature: "-s2n-webpki-roots"
platform: linux/amd64
tags-suffix: "-s2n-webpki-roots"

- target: "gnu"
build-feature: "-s2n-webpki-roots"
platform: linux/arm64
tags-suffix: "-s2n-webpki-roots"

steps:
- run: "echo 'The relese triggering workflows passed'"
Expand All @@ -81,10 +81,9 @@ jobs:
id: "set-env"
run: |
if [ ${{ matrix.platform }} == 'linux/amd64' ]; then PLATFORM_MAP="x86_64"; else PLATFORM_MAP="aarch64"; fi
if [ ${{ github.ref_name == 'develop' && github.event.client_payload.pull_request.head == 'develop' && github.event.client_payload.pull_request.base == 'main' }} || ${{ github.ref_name == 'main' }}]; then BUILD_NAME=""; else BUILD_NAME="-nightly"; fi
if [ ${{ github.ref_name }} == 'main' ]; then BUILD_IMG="latest"; else BUILD_IMG="nightly"; fi
echo "build_img=${BUILD_IMG}" >> $GITHUB_OUTPUT
echo "target_name=rpxy${BUILD_NAME}-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}${{ matrix.build-feature }}" >> $GITHUB_OUTPUT
echo "target_name=rpxy-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}${{ matrix.build-feature }}" >> $GITHUB_OUTPUT

- name: "docker pull and extract binary from docker image"
id: "extract-binary"
Expand Down
74 changes: 37 additions & 37 deletions .github/workflows/release_docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
- target: "s2n"
dockerfile: ./docker/Dockerfile
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,native-tls-backend"
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,rustls-backend"
"ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
platforms: linux/amd64,linux/arm64
tags-suffix: "-s2n"
Expand All @@ -54,42 +54,42 @@ jobs:
jqtype/rpxy:s2n
ghcr.io/junkurihara/rust-rpxy:s2n

# - target: "native-roots"
# dockerfile: ./docker/Dockerfile
# platforms: linux/amd64,linux/arm64
# build-args: |
# "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots"
# tags-suffix: "-native-roots"
# # Aliases must be used only for release builds
# aliases: |
# jqtype/rpxy:native-roots
# ghcr.io/junkurihara/rust-rpxy:native-roots

# - target: "slim-native-roots"
# dockerfile: ./docker/Dockerfile-slim
# build-args: |
# "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots"
# build-contexts: |
# messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
# messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
# platforms: linux/amd64,linux/arm64
# tags-suffix: "-slim-native-roots"
# # Aliases must be used only for release builds
# aliases: |
# jqtype/rpxy:slim-native-roots
# ghcr.io/junkurihara/rust-rpxy:slim-native-roots

# - target: "s2n-native-roots"
# dockerfile: ./docker/Dockerfile
# build-args: |
# "CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,native-roots"
# "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
# platforms: linux/amd64,linux/arm64
# tags-suffix: "-s2n-native-roots"
# # Aliases must be used only for release builds
# aliases: |
# jqtype/rpxy:s2n-native-roots
# ghcr.io/junkurihara/rust-rpxy:s2n-native-roots
- target: "webpki-roots"
dockerfile: ./docker/Dockerfile
platforms: linux/amd64,linux/arm64
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,webpki-roots"
tags-suffix: "-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:webpki-roots
ghcr.io/junkurihara/rust-rpxy:webpki-roots

- target: "slim-webpki-roots"
dockerfile: ./docker/Dockerfile-slim
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,webpki-roots"
build-contexts: |
messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
platforms: linux/amd64,linux/arm64
tags-suffix: "-slim-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:slim-webpki-roots
ghcr.io/junkurihara/rust-rpxy:slim-webpki-roots

- target: "s2n-webpki-roots"
dockerfile: ./docker/Dockerfile
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,webpki-roots"
"ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
platforms: linux/amd64,linux/arm64
tags-suffix: "-s2n-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:s2n-webpki-roots
ghcr.io/junkurihara/rust-rpxy:s2n-webpki-roots

steps:
- name: Checkout
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
- Breaking: `hyper`-1.0 for both server and client modules.
- Breaking: Remove `override_host` option in upstream options. Add a reverse option, i.e., `keep_original_host`, and the similar option `set_upstream_host`. While `keep_original_host` can be explicitly specified, `rpxy` keeps the original `host` given by the incoming request by default. Then, the original `host` header is maintained or added from the value of url request line. If `host` header needs to be overridden with the upstream host name (backend uri's host name), `set_upstream_host` has to be set. If both of `set_upstream_host` and `keep_original_host` are set, `keep_original_host` is prioritized since it is explicitly specified.
- Breaking: Introduced `native-tls-backend` feature to use the native TLS engine to access backend applications.
- Breaking: Changed the policy of the default cert store from `webpki` to the system-native store. Thus we terminated the feature `native-roots` and introduced `webpki-roots` feature to use `webpki` root cert store.
- Redesigned: Cache structure is totally redesigned with more memory-efficient way to read from cache file, and more secure way to strongly bind memory-objects with files with hash values.
- Redesigned: HTTP body handling flow is also redesigned with more memory-and-time efficient techniques without putting the whole objects on memory by using `futures::stream::Stream` and `futures::channel::mpsc`
- Refactor: lots of minor improvements
Expand Down
4 changes: 2 additions & 2 deletions docker/docker-compose-slim.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ services:
additional_contexts:
- messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
- messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
# args: # Uncomment when build with native cert store
# - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots"
# args: # Uncomment when build with webpki cert store
# - "CARGO_FEATURES=--no-default-features --features=http3-quinn,webpki-roots"
dockerfile: ./docker/Dockerfile-slim # based on alpine and build x86_64-unknown-linux-musl
platforms: # Choose your platforms
# - "linux/amd64"
Expand Down
4 changes: 2 additions & 2 deletions docker/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ services:
# args: # Uncomment when build quic-s2n version
# - "CARGO_FEATURES=--no-default-features --features=http3-s2n"
# - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
# args: # Uncomment when build with native cert store
# - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots"
# args: # Uncomment when build with webpki root store
# - "CARGO_FEATURES=--no-default-features --features=http3-quinn,webpki-roots"
dockerfile: ./docker/Dockerfile # based on ubuntu 22.04 and build x86_64-unknown-linux-gnu
platforms: # Choose your platforms
# - "linux/amd64"
Expand Down
9 changes: 4 additions & 5 deletions rpxy-bin/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "rpxy"
version = "0.7.0-alpha.1"
version = "0.7.0-alpha.2"
authors = ["Jun Kurihara"]
homepage = "https://github.com/junkurihara/rust-rpxy"
repository = "https://github.com/junkurihara/rust-rpxy"
Expand All @@ -12,14 +12,13 @@ publish = false
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[features]
default = ["http3-quinn", "cache", "native-tls-backend"]
default = ["http3-quinn", "cache", "rustls-backend"]
http3-quinn = ["rpxy-lib/http3-quinn"]
http3-s2n = ["rpxy-lib/http3-s2n"]
native-tls-backend = ["rpxy-lib/native-tls-backend"]
# Not yet implemented
rustls-backend = ["rpxy-lib/rustls-backend"]
webpki-roots = ["rpxy-lib/webpki-roots"]
cache = ["rpxy-lib/cache"]
native-roots = ["rpxy-lib/native-roots"]

[dependencies]
rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [
Expand All @@ -42,7 +41,7 @@ rustls-pemfile = "1.0.4"
mimalloc = { version = "*", default-features = false }

# config
clap = { version = "4.4.14", features = ["std", "cargo", "wrap_help"] }
clap = { version = "4.4.16", features = ["std", "cargo", "wrap_help"] }
toml = { version = "0.8.8", default-features = false, features = ["parse"] }
hot_reload = "0.1.4"

Expand Down
35 changes: 14 additions & 21 deletions rpxy-lib/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "rpxy-lib"
version = "0.7.0-alpha.1"
version = "0.7.0-alpha.2"
authors = ["Jun Kurihara"]
homepage = "https://github.com/junkurihara/rust-rpxy"
repository = "https://github.com/junkurihara/rust-rpxy"
Expand All @@ -12,7 +12,7 @@ publish = false
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[features]
default = ["http3-quinn", "sticky-cookie", "cache", "native-tls-backend"]
default = ["http3-quinn", "sticky-cookie", "cache", "rustls-backend"]
http3-quinn = ["socket2", "quinn", "h3", "h3-quinn"]
http3-s2n = [
"h3",
Expand All @@ -24,8 +24,8 @@ http3-s2n = [
cache = ["http-cache-semantics", "lru", "sha2", "base64"]
sticky-cookie = ["base64", "sha2", "chrono"]
native-tls-backend = ["hyper-tls"]
rustls-backend = [] # not implemented yet
native-roots = [] #"hyper-rustls/native-tokio"] # not implemented yet
rustls-backend = ["hyper-rustls"]
webpki-roots = ["rustls-backend", "hyper-rustls/webpki-tokio"]

[dependencies]
rand = "0.8.5"
Expand All @@ -52,28 +52,21 @@ thiserror = "1.0.56"
http = "1.0.0"
http-body-util = "0.1.0"
hyper = { version = "1.1.0", default-features = false }
# hyper-util = { version = "0.1.2", features = ["full"] }
hyper-util = { git = "https://github.com/junkurihara/hyper-util", features = [
"full",
], rev = "784109db021d076b0822ea5344a315e530831973" }
hyper-util = { version = "0.1.2", features = ["full"] }
futures-util = { version = "0.3.30", default-features = false }
futures-channel = { version = "0.3.30", default-features = false }

# http client for upstream
hyper-tls = { git = "https://github.com/junkurihara/hyper-tls", features = [
hyper-tls = { version = "0.6.0", features = [
"alpn",
"vendored",
], rev = "33dafc7251866260b66b0fc93c09f04f1923827f", optional = true }
# hyper-tls = { version = "0.6.0", features = [
# "alpn",
# "vendored",
# ], optional = true }
# hyper-rustls = { version = "0.24.2", default-features = false, features = [
# "tokio-runtime",
# "webpki-tokio",
# "http1",
# "http2",
# ] }
], optional = true }
hyper-rustls = { version = "0.26.0", default-features = false, features = [
"ring",
"native-tokio",
"http1",
"http2",
], optional = true }

# tls and cert management for server
hot_reload = "0.1.4"
Expand Down Expand Up @@ -109,7 +102,7 @@ chrono = { version = "0.4.31", default-features = false, features = [
"alloc",
"clock",
], optional = true }
base64 = { version = "0.21.6", optional = true }
base64 = { version = "0.21.7", optional = true }


[dev-dependencies]
Expand Down
4 changes: 4 additions & 0 deletions rpxy-lib/src/forwarder/cache/cache_main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ pub(crate) struct RpxyCache {
}

impl RpxyCache {
#[allow(unused)]
/// Generate cache storage
pub(crate) async fn new(globals: &Globals) -> Option<Self> {
if !globals.proxy_config.cache_enabled {
Expand Down Expand Up @@ -254,6 +255,7 @@ struct FileStore {
inner: Arc<RwLock<FileStoreInner>>,
}
impl FileStore {
#[allow(unused)]
/// Build manager
async fn new(runtime_handle: &tokio::runtime::Handle) -> Self {
Self {
Expand Down Expand Up @@ -300,6 +302,7 @@ struct FileStoreInner {
}

impl FileStoreInner {
#[allow(unused)]
/// Build new cache file manager.
/// This first creates cache file dir if not exists, and cleans up the file inside the directory.
/// TODO: Persistent cache is really difficult. `sqlite` or something like that is needed.
Expand Down Expand Up @@ -436,6 +439,7 @@ struct LruCacheManager {
}

impl LruCacheManager {
#[allow(unused)]
/// Build LruCache
fn new(cache_max_entry: usize) -> Self {
Self {
Expand Down
Loading