2019-10-01 15:00:49 +00:00
|
|
|
#![cfg(feature = "early-data")]
|
|
|
|
|
2020-04-03 14:16:23 +00:00
|
|
|
use futures_util::{future, future::Future, ready};
|
2021-09-28 17:01:37 +00:00
|
|
|
use rustls::RootCertStore;
|
|
|
|
use std::convert::TryFrom;
|
2020-02-27 23:32:52 +00:00
|
|
|
use std::io::{self, BufRead, BufReader, Cursor};
|
2019-10-01 15:00:49 +00:00
|
|
|
use std::net::SocketAddr;
|
2020-02-27 23:32:52 +00:00
|
|
|
use std::pin::Pin;
|
|
|
|
use std::process::{Child, Command, Stdio};
|
2019-10-01 15:00:49 +00:00
|
|
|
use std::sync::Arc;
|
2020-02-27 23:32:52 +00:00
|
|
|
use std::task::{Context, Poll};
|
2023-02-19 00:40:05 +00:00
|
|
|
use std::thread;
|
2019-10-01 15:00:49 +00:00
|
|
|
use std::time::Duration;
|
2021-10-05 08:43:54 +00:00
|
|
|
use tokio::io::{split, AsyncRead, AsyncWriteExt, ReadBuf};
|
2019-10-01 15:00:49 +00:00
|
|
|
use tokio::net::TcpStream;
|
2021-10-05 08:43:54 +00:00
|
|
|
use tokio::sync::oneshot;
|
2020-10-16 10:26:32 +00:00
|
|
|
use tokio::time::sleep;
|
2021-09-28 17:01:37 +00:00
|
|
|
use tokio_rustls::{
|
|
|
|
client::TlsStream,
|
|
|
|
rustls::{self, ClientConfig, OwnedTrustAnchor},
|
|
|
|
TlsConnector,
|
|
|
|
};
|
2019-10-01 15:00:49 +00:00
|
|
|
|
|
|
|
struct Read1<T>(T);
|
|
|
|
|
|
|
|
impl<T: AsyncRead + Unpin> Future for Read1<T> {
|
|
|
|
type Output = io::Result<()>;
|
|
|
|
|
|
|
|
fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
|
|
|
|
let mut buf = [0];
|
2021-10-05 08:43:54 +00:00
|
|
|
let mut buf = ReadBuf::new(&mut buf);
|
|
|
|
|
2019-10-01 15:00:49 +00:00
|
|
|
ready!(Pin::new(&mut self.0).poll_read(cx, &mut buf))?;
|
2021-10-05 08:43:54 +00:00
|
|
|
|
|
|
|
if buf.filled().is_empty() {
|
|
|
|
Poll::Ready(Ok(()))
|
|
|
|
} else {
|
2023-02-19 00:40:05 +00:00
|
|
|
cx.waker().wake_by_ref();
|
2021-10-05 08:43:54 +00:00
|
|
|
Poll::Pending
|
|
|
|
}
|
2019-10-01 15:00:49 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-27 23:32:52 +00:00
|
|
|
async fn send(
|
|
|
|
config: Arc<ClientConfig>,
|
|
|
|
addr: SocketAddr,
|
|
|
|
data: &[u8],
|
|
|
|
) -> io::Result<TlsStream<TcpStream>> {
|
|
|
|
let connector = TlsConnector::from(config).early_data(true);
|
2019-10-01 15:00:49 +00:00
|
|
|
let stream = TcpStream::connect(&addr).await?;
|
2023-02-19 00:40:05 +00:00
|
|
|
let domain = rustls::ServerName::try_from("foobar.com").unwrap();
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2021-10-05 08:43:54 +00:00
|
|
|
let stream = connector.connect(domain, stream).await?;
|
|
|
|
let (mut rd, mut wd) = split(stream);
|
|
|
|
let (notify, wait) = oneshot::channel();
|
|
|
|
|
|
|
|
let j = tokio::spawn(async move {
|
|
|
|
// read to eof
|
|
|
|
//
|
|
|
|
// see https://www.mail-archive.com/openssl-users@openssl.org/msg84451.html
|
|
|
|
let mut read_task = Read1(&mut rd);
|
|
|
|
let mut notify = Some(notify);
|
|
|
|
|
|
|
|
// read once, then write
|
|
|
|
//
|
|
|
|
// this is a regression test, see https://github.com/tokio-rs/tls/issues/54
|
|
|
|
future::poll_fn(|cx| {
|
|
|
|
let ret = Pin::new(&mut read_task).poll(cx)?;
|
|
|
|
assert_eq!(ret, Poll::Pending);
|
|
|
|
|
|
|
|
notify.take().unwrap().send(()).unwrap();
|
|
|
|
|
|
|
|
Poll::Ready(Ok(())) as Poll<io::Result<_>>
|
|
|
|
})
|
|
|
|
.await?;
|
|
|
|
|
|
|
|
match read_task.await {
|
|
|
|
Ok(()) => (),
|
|
|
|
Err(ref err) if err.kind() == io::ErrorKind::UnexpectedEof => (),
|
2022-11-04 21:11:05 +00:00
|
|
|
Err(err) => return Err(err),
|
2021-10-05 08:43:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(rd) as io::Result<_>
|
|
|
|
});
|
|
|
|
|
|
|
|
wait.await.unwrap();
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2021-10-05 08:43:54 +00:00
|
|
|
wd.write_all(data).await?;
|
|
|
|
wd.flush().await?;
|
|
|
|
wd.shutdown().await?;
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2021-10-05 08:43:54 +00:00
|
|
|
let rd: tokio::io::ReadHalf<_> = j.await??;
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2021-10-05 08:43:54 +00:00
|
|
|
Ok(rd.unsplit(wd))
|
2019-10-01 15:00:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
struct DropKill(Child);
|
|
|
|
|
|
|
|
impl Drop for DropKill {
|
|
|
|
fn drop(&mut self) {
|
|
|
|
self.0.kill().unwrap();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-30 15:44:26 +00:00
|
|
|
async fn wait_for_server(addr: &str) {
|
|
|
|
let tries = 10;
|
|
|
|
for i in 0..tries {
|
|
|
|
if let Ok(_) = TcpStream::connect(addr).await {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
sleep(Duration::from_millis(i * 100)).await;
|
|
|
|
}
|
|
|
|
panic!("failed to connect to {:?} after {} tries", addr, tries)
|
|
|
|
}
|
|
|
|
|
2019-10-01 15:00:49 +00:00
|
|
|
#[tokio::test]
|
|
|
|
async fn test_0rtt() -> io::Result<()> {
|
2023-03-30 15:44:26 +00:00
|
|
|
let server_port = 12354;
|
2019-10-01 15:00:49 +00:00
|
|
|
let mut handle = Command::new("openssl")
|
|
|
|
.arg("s_server")
|
|
|
|
.arg("-early_data")
|
|
|
|
.arg("-tls1_3")
|
2022-11-04 21:11:05 +00:00
|
|
|
.args(["-cert", "./tests/end.cert"])
|
|
|
|
.args(["-key", "./tests/end.rsa"])
|
2023-03-30 15:44:26 +00:00
|
|
|
.args(["-port", &server_port.to_string()])
|
2020-02-24 19:42:22 +00:00
|
|
|
.stdin(Stdio::piped())
|
2019-10-01 15:00:49 +00:00
|
|
|
.stdout(Stdio::piped())
|
|
|
|
.spawn()
|
|
|
|
.map(DropKill)?;
|
|
|
|
|
|
|
|
// wait openssl server
|
2023-03-30 15:44:26 +00:00
|
|
|
wait_for_server(format!("127.0.0.1:{}", server_port).as_str()).await;
|
2019-10-01 15:00:49 +00:00
|
|
|
|
|
|
|
let mut chain = BufReader::new(Cursor::new(include_str!("end.chain")));
|
2021-09-28 17:01:37 +00:00
|
|
|
let certs = rustls_pemfile::certs(&mut chain).unwrap();
|
2022-11-04 21:11:05 +00:00
|
|
|
let trust_anchors = certs.iter().map(|cert| {
|
|
|
|
let ta = webpki::TrustAnchor::try_from_cert_der(&cert[..]).unwrap();
|
|
|
|
OwnedTrustAnchor::from_subject_spki_name_constraints(
|
|
|
|
ta.subject,
|
|
|
|
ta.spki,
|
|
|
|
ta.name_constraints,
|
|
|
|
)
|
|
|
|
});
|
2021-09-28 17:01:37 +00:00
|
|
|
let mut root_store = RootCertStore::empty();
|
2022-11-04 21:11:05 +00:00
|
|
|
root_store.add_server_trust_anchors(trust_anchors);
|
2021-09-28 17:01:37 +00:00
|
|
|
let mut config = rustls::ClientConfig::builder()
|
|
|
|
.with_safe_default_cipher_suites()
|
|
|
|
.with_safe_default_kx_groups()
|
|
|
|
.with_protocol_versions(&[&rustls::version::TLS13])
|
|
|
|
.unwrap()
|
|
|
|
.with_root_certificates(root_store)
|
|
|
|
.with_no_client_auth();
|
2019-10-01 15:00:49 +00:00
|
|
|
config.enable_early_data = true;
|
|
|
|
let config = Arc::new(config);
|
2023-03-30 15:44:26 +00:00
|
|
|
let addr = SocketAddr::from(([127, 0, 0, 1], server_port));
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2023-02-19 00:40:05 +00:00
|
|
|
// workaround: write to openssl s_server standard input periodically, to
|
|
|
|
// get it unstuck on Windows
|
|
|
|
let stdin = handle.0.stdin.take().unwrap();
|
|
|
|
thread::spawn(move || {
|
|
|
|
let mut stdin = stdin;
|
|
|
|
loop {
|
|
|
|
thread::sleep(std::time::Duration::from_secs(5));
|
|
|
|
std::io::Write::write_all(&mut stdin, b"\n").unwrap();
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
2019-10-01 15:00:49 +00:00
|
|
|
let io = send(config.clone(), addr, b"hello").await?;
|
|
|
|
assert!(!io.get_ref().1.is_early_data_accepted());
|
|
|
|
|
|
|
|
let io = send(config, addr, b"world!").await?;
|
|
|
|
assert!(io.get_ref().1.is_early_data_accepted());
|
|
|
|
|
|
|
|
let stdout = handle.0.stdout.as_mut().unwrap();
|
|
|
|
let mut lines = BufReader::new(stdout).lines();
|
|
|
|
|
2020-02-27 23:32:52 +00:00
|
|
|
let has_msg1 = lines.by_ref().any(|line| line.unwrap().contains("hello"));
|
|
|
|
let has_msg2 = lines.by_ref().any(|line| line.unwrap().contains("world!"));
|
2019-10-01 15:00:49 +00:00
|
|
|
|
2020-01-11 17:06:15 +00:00
|
|
|
assert!(has_msg1 && has_msg2);
|
2019-10-10 17:24:27 +00:00
|
|
|
|
2019-10-01 15:00:49 +00:00
|
|
|
Ok(())
|
|
|
|
}
|