mirror of
https://github.com/tokio-rs/axum.git
synced 2024-10-23 17:36:39 +02:00
Add low level OpenSSL example (#1828)
Co-authored-by: David Pedersen <david.pdrsn@gmail.com>
This commit is contained in:
Firstyear
GitHub
parent
2c1dde7c07
commit
e7eda0e416
4 changed files with 154 additions and 0 deletions
16
examples/low-level-openssl/Cargo.toml
Normal file
16
examples/low-level-openssl/Cargo.toml
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
[package]
|
||||
name = "example-low-level-openssl"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
publish = false
|
||||
|
||||
[dependencies]
|
||||
axum = { path = "../../axum" }
|
||||
futures-util = "0.3"
|
||||
hyper = { version = "0.14", features = ["full"] }
|
||||
openssl = "0.10"
|
||||
tokio = { version = "1", features = ["full"] }
|
||||
tokio-openssl = "0.6"
|
||||
tower = { version = "0.4", features = ["make"] }
|
||||
tracing = "0.1"
|
||||
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
||||
22
examples/low-level-openssl/self_signed_certs/cert.pem
Normal file
22
examples/low-level-openssl/self_signed_certs/cert.pem
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDkzCCAnugAwIBAgIUXVYkRCrM/ge03DVymDtXCuybp7gwDQYJKoZIhvcNAQEL
|
||||
BQAwWTELMAkGA1UEBhMCVVMxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
|
||||
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MB4X
|
||||
DTIxMDczMTE0MjIxMloXDTIyMDczMTE0MjIxMlowWTELMAkGA1UEBhMCVVMxEzAR
|
||||
BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5
|
||||
IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEA02V5ZjmqLB/VQwTarrz/35qsa83L+DbAoa0001+jVmmC+G9Nufi0
|
||||
daroFWj/Uicv2fZWETU8JoZKUrX4BK9og5cg5rln/CtBRWCUYIwRgY9R/CdBGPn4
|
||||
kp+XkSJaCw74ZIyLy/Zfux6h8ES1m9YRnBza+s7U+ImRBRf4MRPtXQ3/mqJxAZYq
|
||||
dOnKnvssRyD2qutgVTAxwMUvJWIivRhRYDj7WOpS4CEEeQxP1iH1/T5P7FdtTGdT
|
||||
bVBABCA8JhL96uFGPpOYHcM/7R5EIA3yZ5FNg931QzoDITjtXGtQ6y9/l/IYkWm6
|
||||
J67RWcN0IoTsZhz0WNU4gAeslVtJLofn8QIDAQABo1MwUTAdBgNVHQ4EFgQUzFnK
|
||||
NfS4LAYuKeWwHbzooER0yZ0wHwYDVR0jBBgwFoAUzFnKNfS4LAYuKeWwHbzooER0
|
||||
yZ0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAk4O+e9jia59W
|
||||
ZwetN4GU7OWcYhmOgSizRSs6u7mTfp62LDMt96WKU3THksOnZ44HnqWQxsSfdFVU
|
||||
XJD12tjvVU8Z4FWzQajcHeemUYiDze8EAh6TnxnUcOrU8IcwiKGxCWRY/908jnWg
|
||||
+MMscfMCMYTRdeTPqD8fGzAlUCtmyzH6KLE3s4Oo/r5+NR+Uvrwpdvb7xe0MwwO9
|
||||
Q/zR4N8ep/HwHVEObcaBofE1ssZLksX7ZgCP9wMgXRWpNAtC5EWxMbxYjBfWFH24
|
||||
fDJlBMiGJWg8HHcxK7wQhFh+fuyNzE+xEWPsI9VL1zDftd9x8/QsOagyEOnY8Vxr
|
||||
AopvZ09uEQ==
|
||||
-----END CERTIFICATE-----
|
||||
28
examples/low-level-openssl/self_signed_certs/key.pem
Normal file
28
examples/low-level-openssl/self_signed_certs/key.pem
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDTZXlmOaosH9VD
|
||||
BNquvP/fmqxrzcv4NsChrTTTX6NWaYL4b025+LR1qugVaP9SJy/Z9lYRNTwmhkpS
|
||||
tfgEr2iDlyDmuWf8K0FFYJRgjBGBj1H8J0EY+fiSn5eRIloLDvhkjIvL9l+7HqHw
|
||||
RLWb1hGcHNr6ztT4iZEFF/gxE+1dDf+aonEBlip06cqe+yxHIPaq62BVMDHAxS8l
|
||||
YiK9GFFgOPtY6lLgIQR5DE/WIfX9Pk/sV21MZ1NtUEAEIDwmEv3q4UY+k5gdwz/t
|
||||
HkQgDfJnkU2D3fVDOgMhOO1ca1DrL3+X8hiRabonrtFZw3QihOxmHPRY1TiAB6yV
|
||||
W0kuh+fxAgMBAAECggEADltu8k1qTFLhJgsXWxTFAAe+PBgfCT2WuaRM2So+qqjB
|
||||
12Of0MieYPt5hbK63HaC3nfHgqWt7yPhulpXfOH45C8IcgMXl93MMg0MJr58leMI
|
||||
+2ojFrIrerHSFm5R1TxwDEwrVm/mMowzDWFtQCc6zPJ8wNn5RuP48HKfTZ3/2fjw
|
||||
zEjSwPO2wFMfo1EJNTjlI303lFbdFBs67NaX6puh30M7Tn+gznHKyO5a7F57wkIt
|
||||
fkgnEy/sgMedQlwX7bRpUoD6f0fZzV8Qz4cHFywtYErczZJh3VGitJoO/VCIDdty
|
||||
RPXOAqVDd7EpP1UUehZlKVWZ0OZMEfRgKbRCel5abQKBgQDwgwrIQ5+BiZv6a0VT
|
||||
ETeXB+hRbvBinRykNo/RvLc3j1enRh9/zO/ShadZIXgOAiM1Jnr5Gp8KkNGca6K1
|
||||
myhtad7xYPODYzNXXp6T1OPgZxHZLIYzVUj6ypXeV64Te5ZiDaJ1D49czsq+PqsQ
|
||||
XRcgBJSNpFtDFiXWpjXWfx8PxwKBgQDhAnLY5Sl2eeQo+ud0MvjwftB/mN2qCzJY
|
||||
5AlQpRI4ThWxJgGPuHTR29zVa5iWNYuA5LWrC1y/wx+t5HKUwq+5kxvs+npYpDJD
|
||||
ZX/w0Glc6s0Jc/mFySkbw9B2LePedL7lRF5OiAyC6D106Sc9V2jlL4IflmOzt4CD
|
||||
ZTNbLtC6hwKBgHfIzBXxl/9sCcMuqdg1Ovp9dbcZCaATn7ApfHd5BccmHQGyav27
|
||||
k7XF2xMJGEHhzqcqAxUNrSgV+E9vTBomrHvRvrd5Ec7eGTPqbBA0d0nMC5eeFTh7
|
||||
wV0miH20LX6Gjt9G6yJiHYSbeV5G1+vOcTYBEft5X/qJjU7aePXbWh0BAoGBAJlV
|
||||
5tgCCuhvFloK6fHYzqZtdT6O+PfpW20SMXrgkvMF22h2YvgDFrDwqKRUB47NfHzg
|
||||
3yBpxNH1ccA5/w97QO8w3gX3h6qicpJVOAPusu6cIBACFZfjRv1hyszOZwvw+Soa
|
||||
Fj5kHkqTY1YpkREPYS9V2dIW1Wjic1SXgZDw7VM/AoGAP/cZ3ZHTSCDTFlItqy5C
|
||||
rIy2AiY0WJsx+K0qcvtosPOOwtnGjWHb1gdaVdfX/IRkSsX4PAOdnsyidNC5/l/m
|
||||
y8oa+5WEeGFclWFhr4dnTA766o8HrM2UjIgWWYBF2VKdptGnHxFeJWFUmeQC/xeW
|
||||
w37pCS7ykL+7gp7V0WShYsw=
|
||||
-----END PRIVATE KEY-----
|
||||
88
examples/low-level-openssl/src/main.rs
Normal file
88
examples/low-level-openssl/src/main.rs
Normal file
|
|
@ -0,0 +1,88 @@
|
|||
use openssl::ssl::{Ssl, SslAcceptor, SslFiletype, SslMethod};
|
||||
use tokio_openssl::SslStream;
|
||||
|
||||
use axum::{extract::ConnectInfo, routing::get, Router};
|
||||
use futures_util::future::poll_fn;
|
||||
use hyper::server::{
|
||||
accept::Accept,
|
||||
conn::{AddrIncoming, Http},
|
||||
};
|
||||
use std::{net::SocketAddr, path::PathBuf, pin::Pin, sync::Arc};
|
||||
use tokio::net::TcpListener;
|
||||
use tower::MakeService;
|
||||
|
||||
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() {
|
||||
tracing_subscriber::registry()
|
||||
.with(
|
||||
tracing_subscriber::EnvFilter::try_from_default_env()
|
||||
.unwrap_or_else(|_| "example_low_level_openssl=debug".into()),
|
||||
)
|
||||
.with(tracing_subscriber::fmt::layer())
|
||||
.init();
|
||||
|
||||
let mut tls_builder = SslAcceptor::mozilla_modern_v5(SslMethod::tls()).unwrap();
|
||||
|
||||
tls_builder
|
||||
.set_certificate_file(
|
||||
PathBuf::from(env!("CARGO_MANIFEST_DIR"))
|
||||
.join("self_signed_certs")
|
||||
.join("cert.pem"),
|
||||
SslFiletype::PEM,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
tls_builder
|
||||
.set_private_key_file(
|
||||
PathBuf::from(env!("CARGO_MANIFEST_DIR"))
|
||||
.join("self_signed_certs")
|
||||
.join("key.pem"),
|
||||
SslFiletype::PEM,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
tls_builder.check_private_key().unwrap();
|
||||
|
||||
let acceptor = tls_builder.build();
|
||||
|
||||
let listener = TcpListener::bind("127.0.0.1:3000").await.unwrap();
|
||||
let mut listener = AddrIncoming::from_listener(listener).unwrap();
|
||||
|
||||
let protocol = Arc::new(Http::new());
|
||||
|
||||
let mut app = Router::new()
|
||||
.route("/", get(handler))
|
||||
.into_make_service_with_connect_info::<SocketAddr>();
|
||||
|
||||
tracing::info!("listening on https://localhost:3000");
|
||||
|
||||
loop {
|
||||
let stream = poll_fn(|cx| Pin::new(&mut listener).poll_accept(cx))
|
||||
.await
|
||||
.unwrap()
|
||||
.unwrap();
|
||||
|
||||
let acceptor = acceptor.clone();
|
||||
|
||||
let protocol = protocol.clone();
|
||||
|
||||
let svc = app.make_service(&stream);
|
||||
|
||||
tokio::spawn(async move {
|
||||
let ssl = Ssl::new(acceptor.context()).unwrap();
|
||||
let mut tls_stream = SslStream::new(ssl, stream).unwrap();
|
||||
|
||||
SslStream::accept(Pin::new(&mut tls_stream)).await.unwrap();
|
||||
|
||||
let _ = protocol
|
||||
.serve_connection(tls_stream, svc.await.unwrap())
|
||||
.await;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
async fn handler(ConnectInfo(addr): ConnectInfo<SocketAddr>) -> String {
|
||||
addr.to_string()
|
||||
}
|
||||
Loading…
Reference in a new issue