async-rustls 0.2.0

Async TLS/SSL streams using rustls
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

use async_rustls::{client::TlsStream, TlsConnector};
use futures_lite::{future, future::Future, ready};
use rustls::ClientConfig;
use smol::net::TcpStream;
use smol::prelude::*;
use smol::Timer;
use std::io::{self, BufRead, BufReader, Cursor};
use std::net::SocketAddr;
use std::pin::Pin;
use std::process::{Child, Command, Stdio};
use std::sync::Arc;
use std::task::{Context, Poll};
use std::time::Duration;

struct Read1<T>(T);

impl<T: AsyncRead + Unpin> Future for Read1<T> {
    type Output = io::Result<()>;

    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
        let mut buf = [0];
        ready!(Pin::new(&mut self.0).poll_read(cx, &mut buf))?;
        Poll::Pending
    }
}

enum Either<A, B> {
    Left(A),
    Right(B),
}

async fn send(
    config: Arc<ClientConfig>,
    addr: SocketAddr,
    data: &[u8],
) -> io::Result<TlsStream<TcpStream>> {
    let connector = TlsConnector::from(config).early_data(true);
    let stream = TcpStream::connect(&addr).await?;
    let domain = webpki::DNSNameRef::try_from_ascii_str("testserver.com").unwrap();

    let mut stream = connector.connect(domain, stream).await?;
    stream.write_all(data).await?;
    stream.flush().await?;

    {
        let stream = &mut stream;

        // sleep 1s
        //
        // see https://www.mail-archive.com/openssl-users@openssl.org/msg84451.html
        let sleep1 = Timer::after(Duration::from_secs(1));
        match future::or(
            async move { Either::Left(Read1(stream).await) },
            async move { Either::Right(sleep1.await) },
        )
        .await
        {
            Either::Right(_) => {}
            Either::Left(Err(err)) => return Err(err),
            Either::Left(Ok(_)) => unreachable!(),
        }
    }

    stream.close().await?;
    Ok(stream)
}

struct DropKill(Child);

impl Drop for DropKill {
    fn drop(&mut self) {
        self.0.kill().unwrap();
    }
}

#[test]
fn test_0rtt() -> io::Result<()> {
    smol::block_on(async {
        let mut handle = Command::new("openssl")
            .arg("s_server")
            .arg("-early_data")
            .arg("-tls1_3")
            .args(&["-cert", "./tests/end.cert"])
            .args(&["-key", "./tests/end.rsa"])
            .args(&["-port", "12354"])
            .stdin(Stdio::piped())
            .stdout(Stdio::piped())
            .spawn()
            .map(DropKill)?;

        // wait openssl server
        Timer::after(Duration::from_secs(1)).await;

        let mut config = ClientConfig::new();
        let mut chain = BufReader::new(Cursor::new(include_str!("end.chain")));
        config.root_store.add_pem_file(&mut chain).unwrap();
        config.versions = vec![rustls::ProtocolVersion::TLSv1_3];
        config.enable_early_data = true;
        let config = Arc::new(config);
        let addr = SocketAddr::from(([127, 0, 0, 1], 12354));

        let io = send(config.clone(), addr, b"hello").await?;
        assert!(!io.get_ref().1.is_early_data_accepted());

        let io = send(config, addr, b"world!").await?;
        assert!(io.get_ref().1.is_early_data_accepted());

        let stdout = handle.0.stdout.as_mut().unwrap();
        let mut lines = BufReader::new(stdout).lines();

        let has_msg1 = lines.by_ref().any(|line| line.unwrap().contains("hello"));
        let has_msg2 = lines.by_ref().any(|line| line.unwrap().contains("world!"));

        assert!(has_msg1 && has_msg2);

        Ok(())
    })
}