From 575497137175cfcce8bfb86e34bfed35d4ef68ee Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 11:34:11 -0500 Subject: [PATCH 01/27] add tls crypto provider feature --- tonic/Cargo.toml | 81 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 56 insertions(+), 25 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 15f3dc49e..a78ddac1a 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -26,29 +26,55 @@ version = "0.12.3" codegen = ["dep:async-trait"] gzip = ["dep:flate2"] zstd = ["dep:zstd"] -default = ["transport", "codegen", "prost"] +default = ["transport", "codegen", "prost", "tls-ring"] prost = ["dep:prost"] -tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] -tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. +tls = [ + "dep:rustls-pemfile", + "dep:tokio-rustls", + "dep:tokio", + "tokio?/rt", + "tokio?/macros", +] +tls-roots = [ + "tls-native-roots", +] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"] tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"] +tls-ring = ["tls", "tokio-rustls?/ring"] +tls-aws-lc = ["tls", "tokio-rustls?/aws-lc-rs"] router = ["dep:axum", "dep:tower", "tower?/util"] server = [ "router", "dep:async-stream", "dep:h2", - "dep:hyper", "hyper?/server", - "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto", + "dep:hyper", + "hyper?/server", + "dep:hyper-util", + "hyper-util?/service", + "hyper-util?/server-auto", "dep:socket2", - "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time", + "dep:tokio", + "tokio?/macros", + "tokio?/net", + "tokio?/time", "tokio-stream/net", - "dep:tower", "tower?/util", "tower?/limit", + "dep:tower", + "tower?/util", + "tower?/limit", ] channel = [ - "dep:hyper", "hyper?/client", - "dep:hyper-util", "hyper-util?/client-legacy", - "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util", - "dep:tokio", "tokio?/time", + "dep:hyper", + "hyper?/client", + "dep:hyper-util", + "hyper-util?/client-legacy", + "dep:tower", + "tower?/balance", + "tower?/buffer", + "tower?/discover", + "tower?/limit", + "tower?/util", + "dep:tokio", + "tokio?/time", "dep:hyper-timeout", ] transport = ["server", "channel"] @@ -69,36 +95,41 @@ percent-encoding = "2.1" pin-project = "1.0.11" tower-layer = "0.3" tower-service = "0.3" -tokio-stream = {version = "0.1.16", default-features = false} +tokio-stream = { version = "0.1.16", default-features = false } # prost -prost = {version = "0.13", default-features = false, features = ["std"], optional = true} +prost = { version = "0.13", default-features = false, features = [ + "std", +], optional = true } # codegen -async-trait = {version = "0.1.13", optional = true} +async-trait = { version = "0.1.13", optional = true } # transport -async-stream = {version = "0.3", optional = true} -h2 = {version = "0.4", optional = true} -hyper = {version = "1", features = ["http1", "http2"], optional = true} +async-stream = { version = "0.3", optional = true } +h2 = { version = "0.4", optional = true } +hyper = { version = "1", features = ["http1", "http2"], optional = true } hyper-util = { version = "0.1.4", features = ["tokio"], optional = true } socket2 = { version = "0.5", optional = true, features = ["all"] } -tokio = {version = "1", default-features = false, optional = true} -tower = {version = "0.4.7", default-features = false, optional = true} -axum = {version = "0.7", default-features = false, optional = true} +tokio = { version = "1", default-features = false, optional = true } +tower = { version = "0.4.7", default-features = false, optional = true } +axum = { version = "0.7", default-features = false, optional = true } # rustls rustls-pemfile = { version = "2.0", optional = true } rustls-native-certs = { version = "0.8", optional = true } -tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12", "ring"], optional = true } +tokio-rustls = { version = "0.26", default-features = false, features = [ + "logging", + "tls12", +], optional = true } webpki-roots = { version = "0.26", optional = true } # compression -flate2 = {version = "1.0", optional = true} +flate2 = { version = "1.0", optional = true } zstd = { version = "0.13.0", optional = true } # channel -hyper-timeout = {version = "0.5", optional = true} +hyper-timeout = { version = "0.5", optional = true } [dev-dependencies] bencher = "0.1.5" @@ -106,8 +137,8 @@ quickcheck = "1.0" quickcheck_macros = "1.0" rand = "0.8" static_assertions = "1.0" -tokio = {version = "1.0", features = ["rt", "macros"]} -tower = {version = "0.4.7", features = ["full"]} +tokio = { version = "1.0", features = ["rt", "macros"] } +tower = { version = "0.4.7", features = ["full"] } [package.metadata.docs.rs] all-features = true From 645d6dca3785f6da36de4977af60b7d74494e08e Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 13:10:29 -0500 Subject: [PATCH 02/27] fix features --- tonic/Cargo.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index a78ddac1a..66a140911 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -26,7 +26,7 @@ version = "0.12.3" codegen = ["dep:async-trait"] gzip = ["dep:flate2"] zstd = ["dep:zstd"] -default = ["transport", "codegen", "prost", "tls-ring"] +default = ["transport", "codegen", "prost"] prost = ["dep:prost"] tls = [ "dep:rustls-pemfile", @@ -40,8 +40,8 @@ tls-roots = [ ] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"] tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"] -tls-ring = ["tls", "tokio-rustls?/ring"] -tls-aws-lc = ["tls", "tokio-rustls?/aws-lc-rs"] +tls-ring = ["tls", "tokio-rustls/ring"] +tls-aws-lc = ["tls", "tokio-rustls/aws-lc-rs"] router = ["dep:axum", "dep:tower", "tower?/util"] server = [ "router", From 4cd649b4127b08a451a7f76e0c3ce308aa03039f Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 13:34:07 -0500 Subject: [PATCH 03/27] fix --- tonic/Cargo.toml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 66a140911..ace4bb536 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -34,14 +34,21 @@ tls = [ "dep:tokio", "tokio?/rt", "tokio?/macros", + "tokio-rustls/ring", ] tls-roots = [ "tls-native-roots", ] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"] tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"] -tls-ring = ["tls", "tokio-rustls/ring"] -tls-aws-lc = ["tls", "tokio-rustls/aws-lc-rs"] +tls-aws-lc = [ + "dep:rustls-pemfile", + "dep:tokio-rustls", + "dep:tokio", + "tokio?/rt", + "tokio?/macros", + "tokio-rustls/aws-lc-rs", +] router = ["dep:axum", "dep:tower", "tower?/util"] server = [ "router", From 3fe5c268f342dc746f9c79cb94a4673080a8bf96 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 14:53:18 -0500 Subject: [PATCH 04/27] fix --- tonic/Cargo.toml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index ace4bb536..2cb36c7e5 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -36,11 +36,6 @@ tls = [ "tokio?/macros", "tokio-rustls/ring", ] -tls-roots = [ - "tls-native-roots", -] # Deprecated. Please use `tls-native-roots` instead. -tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"] -tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"] tls-aws-lc = [ "dep:rustls-pemfile", "dep:tokio-rustls", @@ -49,6 +44,11 @@ tls-aws-lc = [ "tokio?/macros", "tokio-rustls/aws-lc-rs", ] +tls-roots = [ + "tls-native-roots", +] # Deprecated. Please use `tls-native-roots` instead. +tls-native-roots = ["channel", "dep:rustls-native-certs"] +tls-webpki-roots = ["channel", "dep:webpki-roots"] router = ["dep:axum", "dep:tower", "tower?/util"] server = [ "router", From 843c6c1bbe39d89ca0d5278da50f14bf227cc42a Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 14:59:43 -0500 Subject: [PATCH 05/27] add tls-aws-lc to conditional compilation --- tonic/src/request.rs | 4 +-- tonic/src/transport/channel/endpoint.rs | 14 +++++----- tonic/src/transport/channel/mod.rs | 4 +-- .../transport/channel/service/connector.rs | 27 ++++++++++--------- tonic/src/transport/channel/service/mod.rs | 4 +-- tonic/src/transport/mod.rs | 8 +++--- tonic/src/transport/server/conn.rs | 12 ++++----- tonic/src/transport/server/incoming.rs | 8 +++--- tonic/src/transport/server/mod.rs | 22 +++++++-------- tonic/src/transport/server/service/io.rs | 22 +++++++-------- tonic/src/transport/server/service/mod.rs | 4 +-- tonic/src/transport/service/mod.rs | 2 +- 12 files changed, 67 insertions(+), 64 deletions(-) diff --git a/tonic/src/request.rs b/tonic/src/request.rs index 592d71576..ca6d38277 100644 --- a/tonic/src/request.rs +++ b/tonic/src/request.rs @@ -218,7 +218,7 @@ impl Request { .get::() .and_then(|i| i.local_addr()); - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] let addr = addr.or_else(|| { self.extensions() .get::>() @@ -240,7 +240,7 @@ impl Request { .get::() .and_then(|i| i.remote_addr()); - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] let addr = addr.or_else(|| { self.extensions() .get::>() diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs index b760e1ee9..246ecb530 100644 --- a/tonic/src/transport/channel/endpoint.rs +++ b/tonic/src/transport/channel/endpoint.rs @@ -1,8 +1,8 @@ -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use super::service::TlsConnector; use super::service::{self, Executor, SharedExec}; use super::Channel; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use super::ClientTlsConfig; use crate::transport::Error; use bytes::Bytes; @@ -23,7 +23,7 @@ pub struct Endpoint { pub(crate) timeout: Option, pub(crate) concurrency_limit: Option, pub(crate) rate_limit: Option<(u64, Duration)>, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(crate) tls: Option, pub(crate) buffer_size: Option, pub(crate) init_stream_window_size: Option, @@ -49,7 +49,7 @@ impl Endpoint { D::Error: Into, { let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?; - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) { return me.tls_config(ClientTlsConfig::new().with_enabled_roots()); } @@ -244,7 +244,7 @@ impl Endpoint { } /// Configures TLS for the endpoint. - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result { Ok(Endpoint { tls: Some( @@ -320,7 +320,7 @@ impl Endpoint { pub(crate) fn connector(&self, c: C) -> service::Connector { service::Connector::new( c, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] self.tls.clone(), ) } @@ -445,7 +445,7 @@ impl From for Endpoint { concurrency_limit: None, rate_limit: None, timeout: None, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: None, buffer_size: None, init_stream_window_size: None, diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs index ed8d22275..f04f826e1 100644 --- a/tonic/src/transport/channel/mod.rs +++ b/tonic/src/transport/channel/mod.rs @@ -2,11 +2,11 @@ mod endpoint; pub(crate) mod service; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] mod tls; pub use endpoint::Endpoint; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use tls::ClientTlsConfig; use self::service::{Connection, DynamicServiceStream, Executor, SharedExec}; diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs index cf28cdef7..9ab659d2f 100644 --- a/tonic/src/transport/channel/service/connector.rs +++ b/tonic/src/transport/channel/service/connector.rs @@ -1,30 +1,33 @@ use super::BoxedIo; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use super::TlsConnector; use crate::transport::channel::BoxFuture; use crate::ConnectError; use http::Uri; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use std::fmt; use std::task::{Context, Poll}; use hyper::rt; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use hyper_util::rt::TokioIo; use tower_service::Service; pub(crate) struct Connector { inner: C, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option, } impl Connector { - pub(crate) fn new(inner: C, #[cfg(feature = "tls")] tls: Option) -> Self { + pub(crate) fn new( + inner: C, + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option, + ) -> Self { Self { inner, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls, } } @@ -48,10 +51,10 @@ where } fn call(&mut self, uri: Uri) -> Self::Future { - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] let tls = self.tls.clone(); - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] let is_https = uri.scheme_str() == Some("https"); let connect = self.inner.call(uri); @@ -59,7 +62,7 @@ where async { let io = connect.await?; - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] if is_https { return if let Some(tls) = tls { let io = tls.connect(TokioIo::new(io)).await?; @@ -78,11 +81,11 @@ where } /// Error returned when trying to connect to an HTTPS endpoint without TLS enabled. -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] #[derive(Debug)] pub(crate) struct HttpsUriWithoutTlsSupport(()); -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] impl fmt::Display for HttpsUriWithoutTlsSupport { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "Connecting to HTTPS without TLS enabled") @@ -90,5 +93,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport { } // std::error::Error only requires a type to impl Debug and Display -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] impl std::error::Error for HttpsUriWithoutTlsSupport {} diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs index cd481e9a4..f329fee75 100644 --- a/tonic/src/transport/channel/service/mod.rs +++ b/tonic/src/transport/channel/service/mod.rs @@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector; mod executor; pub(super) use self::executor::{Executor, SharedExec}; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] mod tls; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(super) use self::tls::TlsConnector; diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs index c81208d0e..e9a53bba3 100644 --- a/tonic/src/transport/mod.rs +++ b/tonic/src/transport/mod.rs @@ -96,7 +96,7 @@ pub mod server; mod error; mod service; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] mod tls; #[doc(inline)] @@ -109,15 +109,15 @@ pub use self::server::Server; /// Deprecated. Please use [`crate::status::TimeoutExpired`] instead. pub use crate::status::TimeoutExpired; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use self::tls::Certificate; pub use hyper::{body::Body, Uri}; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use tokio_rustls::rustls::pki_types::CertificateDer; #[cfg(all(feature = "channel", feature = "tls"))] pub use self::channel::ClientTlsConfig; #[cfg(all(feature = "server", feature = "tls"))] pub use self::server::ServerTlsConfig; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use self::tls::Identity; diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs index f0fee4fc3..9e53fe8da 100644 --- a/tonic/src/transport/server/conn.rs +++ b/tonic/src/transport/server/conn.rs @@ -1,11 +1,11 @@ use std::net::SocketAddr; use tokio::net::TcpStream; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use std::sync::Arc; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use tokio_rustls::rustls::pki_types::CertificateDer; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use tokio_rustls::server::TlsStream; /// Trait that connected IO resources implement and use to produce info about the connection. @@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream { fn connect_info(&self) -> Self::ConnectInfo {} } -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] impl Connected for TlsStream where T: Connected, @@ -128,14 +128,14 @@ where /// See [`Connected`] for more details. /// /// [ext]: crate::Request::extensions -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] #[derive(Debug, Clone)] pub struct TlsConnectInfo { inner: T, certs: Option>>>, } -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] impl TlsConnectInfo { /// Get a reference to the underlying connection info. pub fn get_ref(&self) -> &T { diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs index e55c6a171..37ea313f8 100644 --- a/tonic/src/transport/server/incoming.rs +++ b/tonic/src/transport/server/incoming.rs @@ -16,7 +16,7 @@ use tokio_stream::{Stream, StreamExt}; use tracing::warn; use super::service::ServerIo; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use super::service::TlsAcceptor; #[cfg(not(feature = "tls"))] @@ -42,7 +42,7 @@ where } } -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(crate) fn tcp_incoming( incoming: impl Stream>, tls: Option, @@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into) -> ControlFlow( incoming: &mut (impl Stream> + Unpin), tasks: &mut tokio::task::JoinSet, crate::Error>>, @@ -147,7 +147,7 @@ where } } -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] enum SelectOutput { Incoming(A), Io(ServerIo), diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs index 62006e1a6..ef7554fc4 100644 --- a/tonic/src/transport/server/mod.rs +++ b/tonic/src/transport/server/mod.rs @@ -3,7 +3,7 @@ mod conn; mod incoming; mod service; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] mod tls; #[cfg(unix)] mod unix; @@ -19,13 +19,13 @@ use hyper_util::{ server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec}, service::TowerToHyperService, }; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use tls::ServerTlsConfig; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use conn::TlsConnectInfo; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use self::service::TlsAcceptor; #[cfg(unix)] @@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo; pub use incoming::TcpIncoming; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use crate::transport::Error; use self::service::{RecoverError, ServerIo}; @@ -86,7 +86,7 @@ pub struct Server { trace_interceptor: Option, concurrency_limit: Option, timeout: Option, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option, init_stream_window_size: Option, init_connection_window_size: Option, @@ -110,7 +110,7 @@ impl Default for Server { trace_interceptor: None, concurrency_limit: None, timeout: None, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: None, init_stream_window_size: None, init_connection_window_size: None, @@ -154,7 +154,7 @@ impl Server { impl Server { /// Configure TLS for this server. - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result { Ok(Server { tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?), @@ -509,7 +509,7 @@ impl Server { trace_interceptor: self.trace_interceptor, concurrency_limit: self.concurrency_limit, timeout: self.timeout, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: self.tls, init_stream_window_size: self.init_stream_window_size, init_connection_window_size: self.init_connection_window_size, @@ -570,7 +570,7 @@ impl Server { let incoming = incoming::tcp_incoming( incoming, - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] self.tls, ); let mut svc = MakeSvc { @@ -1041,7 +1041,7 @@ where request.extensions_mut().insert(inner.clone()); } tower::util::Either::B(inner) => { - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] { request.extensions_mut().insert(inner.clone()); request.extensions_mut().insert(inner.get_ref().clone()); diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs index e4588abe7..343419fd3 100644 --- a/tonic/src/transport/server/service/io.rs +++ b/tonic/src/transport/server/service/io.rs @@ -4,18 +4,18 @@ use std::io::IoSlice; use std::pin::Pin; use std::task::{Context, Poll}; use tokio::io::{AsyncRead, AsyncWrite, ReadBuf}; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use tokio_rustls::server::TlsStream; pub(crate) enum ServerIo { Io(IO), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] TlsIo(Box>), } use tower::util::Either; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] type ServerIoConnectInfo = Either<::ConnectInfo, as Connected>::ConnectInfo>; @@ -27,7 +27,7 @@ impl ServerIo { Self::Io(io) } - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(in crate::transport) fn new_tls_io(io: TlsStream) -> Self { Self::TlsIo(Box::new(io)) } @@ -38,7 +38,7 @@ impl ServerIo { { match self { Self::Io(io) => Either::A(io.connect_info()), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Either::B(io.connect_info()), } } @@ -55,7 +55,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_read(cx, buf), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf), } } @@ -72,7 +72,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write(cx, buf), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf), } } @@ -80,7 +80,7 @@ where fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_flush(cx), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Pin::new(io).poll_flush(cx), } } @@ -88,7 +88,7 @@ where fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_shutdown(cx), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx), } } @@ -100,7 +100,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs), } } @@ -108,7 +108,7 @@ where fn is_write_vectored(&self) -> bool { match self { Self::Io(io) => io.is_write_vectored(), - #[cfg(feature = "tls")] + #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] Self::TlsIo(io) => io.is_write_vectored(), } } diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs index 5043339e4..1ab4255b5 100644 --- a/tonic/src/transport/server/service/mod.rs +++ b/tonic/src/transport/server/service/mod.rs @@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo; mod recover_error; pub(crate) use self::recover_error::RecoverError; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] mod tls; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(crate) use self::tls::TlsAcceptor; diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs index 7f1e3fcae..f507ffe5e 100644 --- a/tonic/src/transport/service/mod.rs +++ b/tonic/src/transport/service/mod.rs @@ -1,5 +1,5 @@ pub(crate) mod grpc_timeout; -#[cfg(feature = "tls")] +#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub(crate) mod tls; pub(crate) use self::grpc_timeout::GrpcTimeout; From 6bb3a9ccb0cbe3bd58bd22ebaa911f09746f8084 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 15:30:09 -0500 Subject: [PATCH 06/27] fix conditional compilation --- tonic/src/transport/server/incoming.rs | 2 +- tonic/src/transport/server/mod.rs | 2 +- tonic/src/transport/server/service/io.rs | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs index 37ea313f8..0e73181cb 100644 --- a/tonic/src/transport/server/incoming.rs +++ b/tonic/src/transport/server/incoming.rs @@ -19,7 +19,7 @@ use super::service::ServerIo; #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] use super::service::TlsAcceptor; -#[cfg(not(feature = "tls"))] +#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] pub(crate) fn tcp_incoming( incoming: impl Stream>, ) -> impl Stream, crate::Error>> diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs index ef7554fc4..3cd7876a4 100644 --- a/tonic/src/transport/server/mod.rs +++ b/tonic/src/transport/server/mod.rs @@ -1047,7 +1047,7 @@ where request.extensions_mut().insert(inner.get_ref().clone()); } - #[cfg(not(feature = "tls"))] + #[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] { // just a type check to make sure we didn't forget to // insert this into the extensions diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs index 343419fd3..f0fba2354 100644 --- a/tonic/src/transport/server/service/io.rs +++ b/tonic/src/transport/server/service/io.rs @@ -19,7 +19,7 @@ use tower::util::Either; type ServerIoConnectInfo = Either<::ConnectInfo, as Connected>::ConnectInfo>; -#[cfg(not(feature = "tls"))] +#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] type ServerIoConnectInfo = Either<::ConnectInfo, ()>; impl ServerIo { From da565a03f1c3738008334ad136f9b75667cdb05b Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 15:32:55 -0500 Subject: [PATCH 07/27] fix conditional compilation --- tonic/src/request.rs | 8 ++++---- tonic/src/transport/mod.rs | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tonic/src/request.rs b/tonic/src/request.rs index ca6d38277..f22d10f3d 100644 --- a/tonic/src/request.rs +++ b/tonic/src/request.rs @@ -1,15 +1,15 @@ use crate::metadata::{MetadataMap, MetadataValue}; #[cfg(feature = "server")] use crate::transport::server::TcpConnectInfo; -#[cfg(all(feature = "server", feature = "tls"))] +#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] use crate::transport::server::TlsConnectInfo; use http::Extensions; #[cfg(feature = "server")] use std::net::SocketAddr; -#[cfg(all(feature = "server", feature = "tls"))] +#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] use std::sync::Arc; use std::time::Duration; -#[cfg(all(feature = "server", feature = "tls"))] +#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] use tokio_rustls::rustls::pki_types::CertificateDer; use tokio_stream::Stream; @@ -256,7 +256,7 @@ impl Request { /// and is mostly used for mTLS. This currently only returns /// `Some` on the server side of the `transport` server with /// TLS enabled connections. - #[cfg(all(feature = "server", feature = "tls"))] + #[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] pub fn peer_certs(&self) -> Option>>> { self.extensions() .get::>() diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs index e9a53bba3..d98c1c729 100644 --- a/tonic/src/transport/mod.rs +++ b/tonic/src/transport/mod.rs @@ -117,7 +117,7 @@ pub use tokio_rustls::rustls::pki_types::CertificateDer; #[cfg(all(feature = "channel", feature = "tls"))] pub use self::channel::ClientTlsConfig; -#[cfg(all(feature = "server", feature = "tls"))] +#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] pub use self::server::ServerTlsConfig; #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] pub use self::tls::Identity; From 0185ddbe4ad9bc24d9b0bef92d7dd731317ab51a Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:31:31 -0500 Subject: [PATCH 08/27] revert formatting --- tonic/Cargo.toml | 45 ++++++++++++++++++++------------------------- 1 file changed, 20 insertions(+), 25 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 2cb36c7e5..f14d1a706 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -102,41 +102,36 @@ percent-encoding = "2.1" pin-project = "1.0.11" tower-layer = "0.3" tower-service = "0.3" -tokio-stream = { version = "0.1.16", default-features = false } +tokio-stream = {version = "0.1.16", default-features = false} # prost -prost = { version = "0.13", default-features = false, features = [ - "std", -], optional = true } +prost = {version = "0.13", default-features = false, features = ["std"], optional = true} # codegen -async-trait = { version = "0.1.13", optional = true } +async-trait = {version = "0.1.13", optional = true} # transport -async-stream = { version = "0.3", optional = true } -h2 = { version = "0.4", optional = true } -hyper = { version = "1", features = ["http1", "http2"], optional = true } -hyper-util = { version = "0.1.4", features = ["tokio"], optional = true } -socket2 = { version = "0.5", optional = true, features = ["all"] } -tokio = { version = "1", default-features = false, optional = true } -tower = { version = "0.4.7", default-features = false, optional = true } -axum = { version = "0.7", default-features = false, optional = true } +async-stream = {version = "0.3", optional = true} +h2 = {version = "0.4", optional = true} +hyper = {version = "1", features = ["http1", "http2"], optional = true} +hyper-util = {version = "0.1.4", features = ["tokio"], optional = true} +socket2 = {version = "0.5", optional = true, features = ["all"]} +tokio = {version = "1", default-features = false, optional = true} +tower = {version = "0.4.7", default-features = false, optional = true} +axum = {version = "0.7", default-features = false, optional = true} # rustls -rustls-pemfile = { version = "2.0", optional = true } -rustls-native-certs = { version = "0.8", optional = true } -tokio-rustls = { version = "0.26", default-features = false, features = [ - "logging", - "tls12", -], optional = true } -webpki-roots = { version = "0.26", optional = true } +rustls-pemfile = {version = "2.0", optional = true} +rustls-native-certs = {version = "0.8", optional = true} +tokio-rustls = {version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true} +webpki-roots = {version = "0.26", optional = true} # compression -flate2 = { version = "1.0", optional = true } -zstd = { version = "0.13.0", optional = true } +flate2 = {version = "1.0", optional = true} +zstd = {version = "0.13.0", optional = true} # channel -hyper-timeout = { version = "0.5", optional = true } +hyper-timeout = {version = "0.5", optional = true} [dev-dependencies] bencher = "0.1.5" @@ -144,8 +139,8 @@ quickcheck = "1.0" quickcheck_macros = "1.0" rand = "0.8" static_assertions = "1.0" -tokio = { version = "1.0", features = ["rt", "macros"] } -tower = { version = "0.4.7", features = ["full"] } +tokio = {version = "1.0", features = ["rt", "macros"]} +tower = {version = "0.4.7", features = ["full"]} [package.metadata.docs.rs] all-features = true From 065faf4393e0c665d00409031351f65195f0105b Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:36:23 -0500 Subject: [PATCH 09/27] revert formatting --- tonic/Cargo.toml | 54 ++++--------------- .../transport/channel/service/connector.rs | 5 +- 2 files changed, 12 insertions(+), 47 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index f14d1a706..9a15067a1 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,25 +28,9 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = [ - "dep:rustls-pemfile", - "dep:tokio-rustls", - "dep:tokio", - "tokio?/rt", - "tokio?/macros", - "tokio-rustls/ring", -] -tls-aws-lc = [ - "dep:rustls-pemfile", - "dep:tokio-rustls", - "dep:tokio", - "tokio?/rt", - "tokio?/macros", - "tokio-rustls/aws-lc-rs", -] -tls-roots = [ - "tls-native-roots", -] # Deprecated. Please use `tls-native-roots` instead. +tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/ring"] +tls-aws-lc = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/aws-lc-rs"] +tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["channel", "dep:rustls-native-certs"] tls-webpki-roots = ["channel", "dep:webpki-roots"] router = ["dep:axum", "dep:tower", "tower?/util"] @@ -54,34 +38,18 @@ server = [ "router", "dep:async-stream", "dep:h2", - "dep:hyper", - "hyper?/server", - "dep:hyper-util", - "hyper-util?/service", - "hyper-util?/server-auto", + "dep:hyper", "hyper?/server", + "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto", "dep:socket2", - "dep:tokio", - "tokio?/macros", - "tokio?/net", - "tokio?/time", + "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time", "tokio-stream/net", - "dep:tower", - "tower?/util", - "tower?/limit", + "dep:tower", "tower?/util", "tower?/limit", ] channel = [ - "dep:hyper", - "hyper?/client", - "dep:hyper-util", - "hyper-util?/client-legacy", - "dep:tower", - "tower?/balance", - "tower?/buffer", - "tower?/discover", - "tower?/limit", - "tower?/util", - "dep:tokio", - "tokio?/time", + "dep:hyper", "hyper?/client", + "dep:hyper-util", "hyper-util?/client-legacy", + "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util", + "dep:tokio", "tokio?/time", "dep:hyper-timeout", ] transport = ["server", "channel"] diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs index 9ab659d2f..c7ecf8d50 100644 --- a/tonic/src/transport/channel/service/connector.rs +++ b/tonic/src/transport/channel/service/connector.rs @@ -21,10 +21,7 @@ pub(crate) struct Connector { } impl Connector { - pub(crate) fn new( - inner: C, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option, - ) -> Self { + pub(crate) fn new(inner: C, #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option) -> Self { Self { inner, #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] From 3dfae60bc1241a2df88846020a0ad598c5a9b099 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:42:51 -0500 Subject: [PATCH 10/27] add tls-any and deprecate tls --- tonic/Cargo.toml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 9a15067a1..38451a873 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,8 +28,10 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/ring"] -tls-aws-lc = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/aws-lc-rs"] +tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] +tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. +tls-ring = ["tls-any", "tokio-rustls/ring"] +tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"] tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["channel", "dep:rustls-native-certs"] tls-webpki-roots = ["channel", "dep:webpki-roots"] From a01b67e11ca41f7a2926f034d3804da737cbf5c5 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:43:39 -0500 Subject: [PATCH 11/27] formatting --- tonic/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 38451a873..ccdfc267b 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,8 +28,8 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. +tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] tls-ring = ["tls-any", "tokio-rustls/ring"] tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"] tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. From c9c833cff95ad71f513d0400c49769a966ae9dac Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:45:22 -0500 Subject: [PATCH 12/27] revert formatting --- tonic/Cargo.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index ccdfc267b..f7f9d0262 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -84,8 +84,8 @@ async-trait = {version = "0.1.13", optional = true} async-stream = {version = "0.3", optional = true} h2 = {version = "0.4", optional = true} hyper = {version = "1", features = ["http1", "http2"], optional = true} -hyper-util = {version = "0.1.4", features = ["tokio"], optional = true} -socket2 = {version = "0.5", optional = true, features = ["all"]} +hyper-util = { version = "0.1.4", features = ["tokio"], optional = true } +socket2 = { version = "0.5", optional = true, features = ["all"] } tokio = {version = "1", default-features = false, optional = true} tower = {version = "0.4.7", default-features = false, optional = true} axum = {version = "0.7", default-features = false, optional = true} From f7b40008bc1ea03fd6b0808959411a8b88a77cd1 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:46:33 -0500 Subject: [PATCH 13/27] revert formatting --- tonic/Cargo.toml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index f7f9d0262..4e4f53f8e 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -91,14 +91,14 @@ tower = {version = "0.4.7", default-features = false, optional = true} axum = {version = "0.7", default-features = false, optional = true} # rustls -rustls-pemfile = {version = "2.0", optional = true} -rustls-native-certs = {version = "0.8", optional = true} -tokio-rustls = {version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true} -webpki-roots = {version = "0.26", optional = true} +rustls-pemfile = { version = "2.0", optional = true } +rustls-native-certs = { version = "0.8", optional = true } +tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true } +webpki-roots = { version = "0.26", optional = true } # compression flate2 = {version = "1.0", optional = true} -zstd = {version = "0.13.0", optional = true} +zstd = { version = "0.13.0", optional = true } # channel hyper-timeout = {version = "0.5", optional = true} From 91f6f3bd5562906284fede7833bd0479f39710bf Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 16 Oct 2024 16:50:44 -0500 Subject: [PATCH 14/27] clean up #[cfg(..)] --- tonic/src/request.rs | 12 +++++----- tonic/src/transport/channel/endpoint.rs | 14 +++++------ tonic/src/transport/channel/mod.rs | 4 ++-- .../transport/channel/service/connector.rs | 24 +++++++++---------- tonic/src/transport/channel/service/mod.rs | 4 ++-- tonic/src/transport/mod.rs | 12 +++++----- tonic/src/transport/server/conn.rs | 12 +++++----- tonic/src/transport/server/incoming.rs | 10 ++++---- tonic/src/transport/server/mod.rs | 24 +++++++++---------- tonic/src/transport/server/service/io.rs | 24 +++++++++---------- tonic/src/transport/server/service/mod.rs | 4 ++-- tonic/src/transport/service/mod.rs | 2 +- 12 files changed, 73 insertions(+), 73 deletions(-) diff --git a/tonic/src/request.rs b/tonic/src/request.rs index f22d10f3d..09f08555b 100644 --- a/tonic/src/request.rs +++ b/tonic/src/request.rs @@ -1,15 +1,15 @@ use crate::metadata::{MetadataMap, MetadataValue}; #[cfg(feature = "server")] use crate::transport::server::TcpConnectInfo; -#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] +#[cfg(all(feature = "server", feature = "tls-any"))] use crate::transport::server::TlsConnectInfo; use http::Extensions; #[cfg(feature = "server")] use std::net::SocketAddr; -#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] +#[cfg(all(feature = "server", feature = "tls-any"))] use std::sync::Arc; use std::time::Duration; -#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] +#[cfg(all(feature = "server", feature = "tls-any"))] use tokio_rustls::rustls::pki_types::CertificateDer; use tokio_stream::Stream; @@ -218,7 +218,7 @@ impl Request { .get::() .and_then(|i| i.local_addr()); - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] let addr = addr.or_else(|| { self.extensions() .get::>() @@ -240,7 +240,7 @@ impl Request { .get::() .and_then(|i| i.remote_addr()); - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] let addr = addr.or_else(|| { self.extensions() .get::>() @@ -256,7 +256,7 @@ impl Request { /// and is mostly used for mTLS. This currently only returns /// `Some` on the server side of the `transport` server with /// TLS enabled connections. - #[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] + #[cfg(all(feature = "server", feature = "tls-any"))] pub fn peer_certs(&self) -> Option>>> { self.extensions() .get::>() diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs index 246ecb530..49695491c 100644 --- a/tonic/src/transport/channel/endpoint.rs +++ b/tonic/src/transport/channel/endpoint.rs @@ -1,8 +1,8 @@ -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use super::service::TlsConnector; use super::service::{self, Executor, SharedExec}; use super::Channel; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use super::ClientTlsConfig; use crate::transport::Error; use bytes::Bytes; @@ -23,7 +23,7 @@ pub struct Endpoint { pub(crate) timeout: Option, pub(crate) concurrency_limit: Option, pub(crate) rate_limit: Option<(u64, Duration)>, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] pub(crate) tls: Option, pub(crate) buffer_size: Option, pub(crate) init_stream_window_size: Option, @@ -49,7 +49,7 @@ impl Endpoint { D::Error: Into, { let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?; - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) { return me.tls_config(ClientTlsConfig::new().with_enabled_roots()); } @@ -244,7 +244,7 @@ impl Endpoint { } /// Configures TLS for the endpoint. - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result { Ok(Endpoint { tls: Some( @@ -320,7 +320,7 @@ impl Endpoint { pub(crate) fn connector(&self, c: C) -> service::Connector { service::Connector::new( c, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] self.tls.clone(), ) } @@ -445,7 +445,7 @@ impl From for Endpoint { concurrency_limit: None, rate_limit: None, timeout: None, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls: None, buffer_size: None, init_stream_window_size: None, diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs index f04f826e1..e8ada742d 100644 --- a/tonic/src/transport/channel/mod.rs +++ b/tonic/src/transport/channel/mod.rs @@ -2,11 +2,11 @@ mod endpoint; pub(crate) mod service; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] mod tls; pub use endpoint::Endpoint; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use tls::ClientTlsConfig; use self::service::{Connection, DynamicServiceStream, Executor, SharedExec}; diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs index c7ecf8d50..8e1ee4887 100644 --- a/tonic/src/transport/channel/service/connector.rs +++ b/tonic/src/transport/channel/service/connector.rs @@ -1,30 +1,30 @@ use super::BoxedIo; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use super::TlsConnector; use crate::transport::channel::BoxFuture; use crate::ConnectError; use http::Uri; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use std::fmt; use std::task::{Context, Poll}; use hyper::rt; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use hyper_util::rt::TokioIo; use tower_service::Service; pub(crate) struct Connector { inner: C, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls: Option, } impl Connector { - pub(crate) fn new(inner: C, #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option) -> Self { + pub(crate) fn new(inner: C, #[cfg(feature = "tls-any")] tls: Option) -> Self { Self { inner, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls, } } @@ -48,10 +48,10 @@ where } fn call(&mut self, uri: Uri) -> Self::Future { - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] let tls = self.tls.clone(); - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] let is_https = uri.scheme_str() == Some("https"); let connect = self.inner.call(uri); @@ -59,7 +59,7 @@ where async { let io = connect.await?; - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] if is_https { return if let Some(tls) = tls { let io = tls.connect(TokioIo::new(io)).await?; @@ -78,11 +78,11 @@ where } /// Error returned when trying to connect to an HTTPS endpoint without TLS enabled. -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] #[derive(Debug)] pub(crate) struct HttpsUriWithoutTlsSupport(()); -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] impl fmt::Display for HttpsUriWithoutTlsSupport { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "Connecting to HTTPS without TLS enabled") @@ -90,5 +90,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport { } // std::error::Error only requires a type to impl Debug and Display -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] impl std::error::Error for HttpsUriWithoutTlsSupport {} diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs index f329fee75..f186e5552 100644 --- a/tonic/src/transport/channel/service/mod.rs +++ b/tonic/src/transport/channel/service/mod.rs @@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector; mod executor; pub(super) use self::executor::{Executor, SharedExec}; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] mod tls; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub(super) use self::tls::TlsConnector; diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs index d98c1c729..7e67c9be4 100644 --- a/tonic/src/transport/mod.rs +++ b/tonic/src/transport/mod.rs @@ -96,7 +96,7 @@ pub mod server; mod error; mod service; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] mod tls; #[doc(inline)] @@ -109,15 +109,15 @@ pub use self::server::Server; /// Deprecated. Please use [`crate::status::TimeoutExpired`] instead. pub use crate::status::TimeoutExpired; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use self::tls::Certificate; pub use hyper::{body::Body, Uri}; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use tokio_rustls::rustls::pki_types::CertificateDer; -#[cfg(all(feature = "channel", feature = "tls"))] +#[cfg(all(feature = "channel", feature = "tls-any"))] pub use self::channel::ClientTlsConfig; -#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))] +#[cfg(all(feature = "server", feature = "tls-any"))] pub use self::server::ServerTlsConfig; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use self::tls::Identity; diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs index 9e53fe8da..b6ef75d30 100644 --- a/tonic/src/transport/server/conn.rs +++ b/tonic/src/transport/server/conn.rs @@ -1,11 +1,11 @@ use std::net::SocketAddr; use tokio::net::TcpStream; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use std::sync::Arc; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use tokio_rustls::rustls::pki_types::CertificateDer; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use tokio_rustls::server::TlsStream; /// Trait that connected IO resources implement and use to produce info about the connection. @@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream { fn connect_info(&self) -> Self::ConnectInfo {} } -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] impl Connected for TlsStream where T: Connected, @@ -128,14 +128,14 @@ where /// See [`Connected`] for more details. /// /// [ext]: crate::Request::extensions -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] #[derive(Debug, Clone)] pub struct TlsConnectInfo { inner: T, certs: Option>>>, } -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] impl TlsConnectInfo { /// Get a reference to the underlying connection info. pub fn get_ref(&self) -> &T { diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs index 0e73181cb..8a2a5d7c9 100644 --- a/tonic/src/transport/server/incoming.rs +++ b/tonic/src/transport/server/incoming.rs @@ -16,10 +16,10 @@ use tokio_stream::{Stream, StreamExt}; use tracing::warn; use super::service::ServerIo; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use super::service::TlsAcceptor; -#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] +#[cfg(not(feature = "tls-any"))] pub(crate) fn tcp_incoming( incoming: impl Stream>, ) -> impl Stream, crate::Error>> @@ -42,7 +42,7 @@ where } } -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub(crate) fn tcp_incoming( incoming: impl Stream>, tls: Option, @@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into) -> ControlFlow( incoming: &mut (impl Stream> + Unpin), tasks: &mut tokio::task::JoinSet, crate::Error>>, @@ -147,7 +147,7 @@ where } } -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] enum SelectOutput { Incoming(A), Io(ServerIo), diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs index 3cd7876a4..8b5d70bc7 100644 --- a/tonic/src/transport/server/mod.rs +++ b/tonic/src/transport/server/mod.rs @@ -3,7 +3,7 @@ mod conn; mod incoming; mod service; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] mod tls; #[cfg(unix)] mod unix; @@ -19,13 +19,13 @@ use hyper_util::{ server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec}, service::TowerToHyperService, }; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use tls::ServerTlsConfig; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub use conn::TlsConnectInfo; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use self::service::TlsAcceptor; #[cfg(unix)] @@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo; pub use incoming::TcpIncoming; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use crate::transport::Error; use self::service::{RecoverError, ServerIo}; @@ -86,7 +86,7 @@ pub struct Server { trace_interceptor: Option, concurrency_limit: Option, timeout: Option, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls: Option, init_stream_window_size: Option, init_connection_window_size: Option, @@ -110,7 +110,7 @@ impl Default for Server { trace_interceptor: None, concurrency_limit: None, timeout: None, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls: None, init_stream_window_size: None, init_connection_window_size: None, @@ -154,7 +154,7 @@ impl Server { impl Server { /// Configure TLS for this server. - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result { Ok(Server { tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?), @@ -509,7 +509,7 @@ impl Server { trace_interceptor: self.trace_interceptor, concurrency_limit: self.concurrency_limit, timeout: self.timeout, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] tls: self.tls, init_stream_window_size: self.init_stream_window_size, init_connection_window_size: self.init_connection_window_size, @@ -570,7 +570,7 @@ impl Server { let incoming = incoming::tcp_incoming( incoming, - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] self.tls, ); let mut svc = MakeSvc { @@ -1041,13 +1041,13 @@ where request.extensions_mut().insert(inner.clone()); } tower::util::Either::B(inner) => { - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] { request.extensions_mut().insert(inner.clone()); request.extensions_mut().insert(inner.get_ref().clone()); } - #[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] + #[cfg(not(feature = "tls-any"))] { // just a type check to make sure we didn't forget to // insert this into the extensions diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs index f0fba2354..80f9b9d34 100644 --- a/tonic/src/transport/server/service/io.rs +++ b/tonic/src/transport/server/service/io.rs @@ -4,22 +4,22 @@ use std::io::IoSlice; use std::pin::Pin; use std::task::{Context, Poll}; use tokio::io::{AsyncRead, AsyncWrite, ReadBuf}; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] use tokio_rustls::server::TlsStream; pub(crate) enum ServerIo { Io(IO), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] TlsIo(Box>), } use tower::util::Either; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] type ServerIoConnectInfo = Either<::ConnectInfo, as Connected>::ConnectInfo>; -#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))] +#[cfg(not(feature = "tls-any"))] type ServerIoConnectInfo = Either<::ConnectInfo, ()>; impl ServerIo { @@ -27,7 +27,7 @@ impl ServerIo { Self::Io(io) } - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] pub(in crate::transport) fn new_tls_io(io: TlsStream) -> Self { Self::TlsIo(Box::new(io)) } @@ -38,7 +38,7 @@ impl ServerIo { { match self { Self::Io(io) => Either::A(io.connect_info()), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Either::B(io.connect_info()), } } @@ -55,7 +55,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_read(cx, buf), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf), } } @@ -72,7 +72,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write(cx, buf), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf), } } @@ -80,7 +80,7 @@ where fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_flush(cx), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Pin::new(io).poll_flush(cx), } } @@ -88,7 +88,7 @@ where fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_shutdown(cx), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx), } } @@ -100,7 +100,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs), } } @@ -108,7 +108,7 @@ where fn is_write_vectored(&self) -> bool { match self { Self::Io(io) => io.is_write_vectored(), - #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] + #[cfg(feature = "tls-any")] Self::TlsIo(io) => io.is_write_vectored(), } } diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs index 1ab4255b5..d24cf99c6 100644 --- a/tonic/src/transport/server/service/mod.rs +++ b/tonic/src/transport/server/service/mod.rs @@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo; mod recover_error; pub(crate) use self::recover_error::RecoverError; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] mod tls; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub(crate) use self::tls::TlsAcceptor; diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs index f507ffe5e..bf4ea3fe9 100644 --- a/tonic/src/transport/service/mod.rs +++ b/tonic/src/transport/service/mod.rs @@ -1,5 +1,5 @@ pub(crate) mod grpc_timeout; -#[cfg(any(feature = "tls", feature = "tls-aws-lc"))] +#[cfg(feature = "tls-any")] pub(crate) mod tls; pub(crate) use self::grpc_timeout::GrpcTimeout; From ea4b2c3225f08a52bd6aa1af324af43a609680a9 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:03:41 -0500 Subject: [PATCH 15/27] tests pass --- tests/integration_tests/Cargo.toml | 1 + tests/integration_tests/tests/connection.rs | 1 + 2 files changed, 2 insertions(+) diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml index 238fe374d..74f83a323 100644 --- a/tests/integration_tests/Cargo.toml +++ b/tests/integration_tests/Cargo.toml @@ -11,6 +11,7 @@ version = "0.1.0" [dependencies] bytes = "1.0" prost = "0.13" +rustls = {version = "*", features = ["ring"]} tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]} tonic = {path = "../../tonic"} tracing-subscriber = {version = "0.3"} diff --git a/tests/integration_tests/tests/connection.rs b/tests/integration_tests/tests/connection.rs index 841600bcf..65eb2810c 100644 --- a/tests/integration_tests/tests/connection.rs +++ b/tests/integration_tests/tests/connection.rs @@ -28,6 +28,7 @@ async fn connect_returns_err() { #[tokio::test] async fn connect_handles_tls() { + rustls::crypto::ring::default_provider().install_default().unwrap(); TestClient::connect("https://example.com").await.unwrap(); } From 423e84dd477568d8f6bb9cbe42483dd62a93865b Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:06:15 -0500 Subject: [PATCH 16/27] update workflow for new features --- .github/workflows/CI.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 57ffa443d..1726de984 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -62,10 +62,13 @@ jobs: - uses: taiki-e/install-action@cargo-udeps - uses: taiki-e/install-action@protoc - uses: Swatinem/rust-cache@v2 - - run: cargo hack udeps --workspace --exclude-features tls --each-feature - - run: cargo udeps --package tonic --features tls,transport - - run: cargo udeps --package tonic --features tls,server - - run: cargo udeps --package tonic --features tls,channel + - run: cargo hack udeps --workspace --exclude-features tls-ring,tls-aws-lc --each-feature + - run: cargo udeps --package tonic --features tls-ring,transport + - run: cargo udeps --package tonic --features tls-ring,server + - run: cargo udeps --package tonic --features tls-ring,channel + - run: cargo udeps --package tonic --features tls-aws-lc,transport + - run: cargo udeps --package tonic --features tls-aws-lc,server + - run: cargo udeps --package tonic --features tls-aws-lc,channel check: runs-on: ${{ matrix.os }} From 649d12d6434e707e4ec58382681441f74c3b0248 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:10:10 -0500 Subject: [PATCH 17/27] internal feature flag --- tonic/Cargo.toml | 86 +++++++++++++------ tonic/src/request.rs | 12 +-- tonic/src/transport/channel/endpoint.rs | 14 +-- tonic/src/transport/channel/mod.rs | 4 +- .../transport/channel/service/connector.rs | 24 +++--- tonic/src/transport/channel/service/mod.rs | 4 +- tonic/src/transport/mod.rs | 12 +-- tonic/src/transport/server/conn.rs | 12 +-- tonic/src/transport/server/incoming.rs | 10 +-- tonic/src/transport/server/mod.rs | 24 +++--- tonic/src/transport/server/service/io.rs | 24 +++--- tonic/src/transport/server/service/mod.rs | 4 +- tonic/src/transport/service/mod.rs | 2 +- 13 files changed, 132 insertions(+), 100 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 4e4f53f8e..c3ba85735 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,11 +28,22 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. -tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] -tls-ring = ["tls-any", "tokio-rustls/ring"] -tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"] -tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. +tls = [ + "_tls-any", + "tls-ring", +] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. +_tls-any = [ + "dep:rustls-pemfile", + "dep:tokio-rustls", + "dep:tokio", + "tokio?/rt", + "tokio?/macros", +] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` +tls-ring = ["_tls-any", "tokio-rustls/ring"] +tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"] +tls-roots = [ + "tls-native-roots", +] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["channel", "dep:rustls-native-certs"] tls-webpki-roots = ["channel", "dep:webpki-roots"] router = ["dep:axum", "dep:tower", "tower?/util"] @@ -40,18 +51,34 @@ server = [ "router", "dep:async-stream", "dep:h2", - "dep:hyper", "hyper?/server", - "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto", + "dep:hyper", + "hyper?/server", + "dep:hyper-util", + "hyper-util?/service", + "hyper-util?/server-auto", "dep:socket2", - "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time", + "dep:tokio", + "tokio?/macros", + "tokio?/net", + "tokio?/time", "tokio-stream/net", - "dep:tower", "tower?/util", "tower?/limit", + "dep:tower", + "tower?/util", + "tower?/limit", ] channel = [ - "dep:hyper", "hyper?/client", - "dep:hyper-util", "hyper-util?/client-legacy", - "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util", - "dep:tokio", "tokio?/time", + "dep:hyper", + "hyper?/client", + "dep:hyper-util", + "hyper-util?/client-legacy", + "dep:tower", + "tower?/balance", + "tower?/buffer", + "tower?/discover", + "tower?/limit", + "tower?/util", + "dep:tokio", + "tokio?/time", "dep:hyper-timeout", ] transport = ["server", "channel"] @@ -72,36 +99,41 @@ percent-encoding = "2.1" pin-project = "1.0.11" tower-layer = "0.3" tower-service = "0.3" -tokio-stream = {version = "0.1.16", default-features = false} +tokio-stream = { version = "0.1.16", default-features = false } # prost -prost = {version = "0.13", default-features = false, features = ["std"], optional = true} +prost = { version = "0.13", default-features = false, features = [ + "std", +], optional = true } # codegen -async-trait = {version = "0.1.13", optional = true} +async-trait = { version = "0.1.13", optional = true } # transport -async-stream = {version = "0.3", optional = true} -h2 = {version = "0.4", optional = true} -hyper = {version = "1", features = ["http1", "http2"], optional = true} +async-stream = { version = "0.3", optional = true } +h2 = { version = "0.4", optional = true } +hyper = { version = "1", features = ["http1", "http2"], optional = true } hyper-util = { version = "0.1.4", features = ["tokio"], optional = true } socket2 = { version = "0.5", optional = true, features = ["all"] } -tokio = {version = "1", default-features = false, optional = true} -tower = {version = "0.4.7", default-features = false, optional = true} -axum = {version = "0.7", default-features = false, optional = true} +tokio = { version = "1", default-features = false, optional = true } +tower = { version = "0.4.7", default-features = false, optional = true } +axum = { version = "0.7", default-features = false, optional = true } # rustls rustls-pemfile = { version = "2.0", optional = true } rustls-native-certs = { version = "0.8", optional = true } -tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true } +tokio-rustls = { version = "0.26", default-features = false, features = [ + "logging", + "tls12", +], optional = true } webpki-roots = { version = "0.26", optional = true } # compression -flate2 = {version = "1.0", optional = true} +flate2 = { version = "1.0", optional = true } zstd = { version = "0.13.0", optional = true } # channel -hyper-timeout = {version = "0.5", optional = true} +hyper-timeout = { version = "0.5", optional = true } [dev-dependencies] bencher = "0.1.5" @@ -109,8 +141,8 @@ quickcheck = "1.0" quickcheck_macros = "1.0" rand = "0.8" static_assertions = "1.0" -tokio = {version = "1.0", features = ["rt", "macros"]} -tower = {version = "0.4.7", features = ["full"]} +tokio = { version = "1.0", features = ["rt", "macros"] } +tower = { version = "0.4.7", features = ["full"] } [package.metadata.docs.rs] all-features = true diff --git a/tonic/src/request.rs b/tonic/src/request.rs index 09f08555b..531f42653 100644 --- a/tonic/src/request.rs +++ b/tonic/src/request.rs @@ -1,15 +1,15 @@ use crate::metadata::{MetadataMap, MetadataValue}; #[cfg(feature = "server")] use crate::transport::server::TcpConnectInfo; -#[cfg(all(feature = "server", feature = "tls-any"))] +#[cfg(all(feature = "server", feature = "_tls-any"))] use crate::transport::server::TlsConnectInfo; use http::Extensions; #[cfg(feature = "server")] use std::net::SocketAddr; -#[cfg(all(feature = "server", feature = "tls-any"))] +#[cfg(all(feature = "server", feature = "_tls-any"))] use std::sync::Arc; use std::time::Duration; -#[cfg(all(feature = "server", feature = "tls-any"))] +#[cfg(all(feature = "server", feature = "_tls-any"))] use tokio_rustls::rustls::pki_types::CertificateDer; use tokio_stream::Stream; @@ -218,7 +218,7 @@ impl Request { .get::() .and_then(|i| i.local_addr()); - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] let addr = addr.or_else(|| { self.extensions() .get::>() @@ -240,7 +240,7 @@ impl Request { .get::() .and_then(|i| i.remote_addr()); - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] let addr = addr.or_else(|| { self.extensions() .get::>() @@ -256,7 +256,7 @@ impl Request { /// and is mostly used for mTLS. This currently only returns /// `Some` on the server side of the `transport` server with /// TLS enabled connections. - #[cfg(all(feature = "server", feature = "tls-any"))] + #[cfg(all(feature = "server", feature = "_tls-any"))] pub fn peer_certs(&self) -> Option>>> { self.extensions() .get::>() diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs index 49695491c..e612a080d 100644 --- a/tonic/src/transport/channel/endpoint.rs +++ b/tonic/src/transport/channel/endpoint.rs @@ -1,8 +1,8 @@ -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use super::service::TlsConnector; use super::service::{self, Executor, SharedExec}; use super::Channel; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use super::ClientTlsConfig; use crate::transport::Error; use bytes::Bytes; @@ -23,7 +23,7 @@ pub struct Endpoint { pub(crate) timeout: Option, pub(crate) concurrency_limit: Option, pub(crate) rate_limit: Option<(u64, Duration)>, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] pub(crate) tls: Option, pub(crate) buffer_size: Option, pub(crate) init_stream_window_size: Option, @@ -49,7 +49,7 @@ impl Endpoint { D::Error: Into, { let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?; - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) { return me.tls_config(ClientTlsConfig::new().with_enabled_roots()); } @@ -244,7 +244,7 @@ impl Endpoint { } /// Configures TLS for the endpoint. - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result { Ok(Endpoint { tls: Some( @@ -320,7 +320,7 @@ impl Endpoint { pub(crate) fn connector(&self, c: C) -> service::Connector { service::Connector::new( c, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] self.tls.clone(), ) } @@ -445,7 +445,7 @@ impl From for Endpoint { concurrency_limit: None, rate_limit: None, timeout: None, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls: None, buffer_size: None, init_stream_window_size: None, diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs index e8ada742d..3294dbe95 100644 --- a/tonic/src/transport/channel/mod.rs +++ b/tonic/src/transport/channel/mod.rs @@ -2,11 +2,11 @@ mod endpoint; pub(crate) mod service; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] mod tls; pub use endpoint::Endpoint; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use tls::ClientTlsConfig; use self::service::{Connection, DynamicServiceStream, Executor, SharedExec}; diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs index 8e1ee4887..02da88f72 100644 --- a/tonic/src/transport/channel/service/connector.rs +++ b/tonic/src/transport/channel/service/connector.rs @@ -1,30 +1,30 @@ use super::BoxedIo; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use super::TlsConnector; use crate::transport::channel::BoxFuture; use crate::ConnectError; use http::Uri; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use std::fmt; use std::task::{Context, Poll}; use hyper::rt; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use hyper_util::rt::TokioIo; use tower_service::Service; pub(crate) struct Connector { inner: C, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls: Option, } impl Connector { - pub(crate) fn new(inner: C, #[cfg(feature = "tls-any")] tls: Option) -> Self { + pub(crate) fn new(inner: C, #[cfg(feature = "_tls-any")] tls: Option) -> Self { Self { inner, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls, } } @@ -48,10 +48,10 @@ where } fn call(&mut self, uri: Uri) -> Self::Future { - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] let tls = self.tls.clone(); - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] let is_https = uri.scheme_str() == Some("https"); let connect = self.inner.call(uri); @@ -59,7 +59,7 @@ where async { let io = connect.await?; - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] if is_https { return if let Some(tls) = tls { let io = tls.connect(TokioIo::new(io)).await?; @@ -78,11 +78,11 @@ where } /// Error returned when trying to connect to an HTTPS endpoint without TLS enabled. -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] #[derive(Debug)] pub(crate) struct HttpsUriWithoutTlsSupport(()); -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] impl fmt::Display for HttpsUriWithoutTlsSupport { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "Connecting to HTTPS without TLS enabled") @@ -90,5 +90,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport { } // std::error::Error only requires a type to impl Debug and Display -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] impl std::error::Error for HttpsUriWithoutTlsSupport {} diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs index f186e5552..c94104f4f 100644 --- a/tonic/src/transport/channel/service/mod.rs +++ b/tonic/src/transport/channel/service/mod.rs @@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector; mod executor; pub(super) use self::executor::{Executor, SharedExec}; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] mod tls; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub(super) use self::tls::TlsConnector; diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs index 7e67c9be4..a75ce9d49 100644 --- a/tonic/src/transport/mod.rs +++ b/tonic/src/transport/mod.rs @@ -96,7 +96,7 @@ pub mod server; mod error; mod service; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] mod tls; #[doc(inline)] @@ -109,15 +109,15 @@ pub use self::server::Server; /// Deprecated. Please use [`crate::status::TimeoutExpired`] instead. pub use crate::status::TimeoutExpired; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use self::tls::Certificate; pub use hyper::{body::Body, Uri}; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use tokio_rustls::rustls::pki_types::CertificateDer; -#[cfg(all(feature = "channel", feature = "tls-any"))] +#[cfg(all(feature = "channel", feature = "_tls-any"))] pub use self::channel::ClientTlsConfig; -#[cfg(all(feature = "server", feature = "tls-any"))] +#[cfg(all(feature = "server", feature = "_tls-any"))] pub use self::server::ServerTlsConfig; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use self::tls::Identity; diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs index b6ef75d30..c626af9ce 100644 --- a/tonic/src/transport/server/conn.rs +++ b/tonic/src/transport/server/conn.rs @@ -1,11 +1,11 @@ use std::net::SocketAddr; use tokio::net::TcpStream; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use std::sync::Arc; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use tokio_rustls::rustls::pki_types::CertificateDer; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use tokio_rustls::server::TlsStream; /// Trait that connected IO resources implement and use to produce info about the connection. @@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream { fn connect_info(&self) -> Self::ConnectInfo {} } -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] impl Connected for TlsStream where T: Connected, @@ -128,14 +128,14 @@ where /// See [`Connected`] for more details. /// /// [ext]: crate::Request::extensions -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] #[derive(Debug, Clone)] pub struct TlsConnectInfo { inner: T, certs: Option>>>, } -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] impl TlsConnectInfo { /// Get a reference to the underlying connection info. pub fn get_ref(&self) -> &T { diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs index 8a2a5d7c9..f414e5048 100644 --- a/tonic/src/transport/server/incoming.rs +++ b/tonic/src/transport/server/incoming.rs @@ -16,10 +16,10 @@ use tokio_stream::{Stream, StreamExt}; use tracing::warn; use super::service::ServerIo; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use super::service::TlsAcceptor; -#[cfg(not(feature = "tls-any"))] +#[cfg(not(feature = "_tls-any"))] pub(crate) fn tcp_incoming( incoming: impl Stream>, ) -> impl Stream, crate::Error>> @@ -42,7 +42,7 @@ where } } -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub(crate) fn tcp_incoming( incoming: impl Stream>, tls: Option, @@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into) -> ControlFlow( incoming: &mut (impl Stream> + Unpin), tasks: &mut tokio::task::JoinSet, crate::Error>>, @@ -147,7 +147,7 @@ where } } -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] enum SelectOutput { Incoming(A), Io(ServerIo), diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs index 8b5d70bc7..e53c108c4 100644 --- a/tonic/src/transport/server/mod.rs +++ b/tonic/src/transport/server/mod.rs @@ -3,7 +3,7 @@ mod conn; mod incoming; mod service; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] mod tls; #[cfg(unix)] mod unix; @@ -19,13 +19,13 @@ use hyper_util::{ server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec}, service::TowerToHyperService, }; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use tls::ServerTlsConfig; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub use conn::TlsConnectInfo; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use self::service::TlsAcceptor; #[cfg(unix)] @@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo; pub use incoming::TcpIncoming; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use crate::transport::Error; use self::service::{RecoverError, ServerIo}; @@ -86,7 +86,7 @@ pub struct Server { trace_interceptor: Option, concurrency_limit: Option, timeout: Option, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls: Option, init_stream_window_size: Option, init_connection_window_size: Option, @@ -110,7 +110,7 @@ impl Default for Server { trace_interceptor: None, concurrency_limit: None, timeout: None, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls: None, init_stream_window_size: None, init_connection_window_size: None, @@ -154,7 +154,7 @@ impl Server { impl Server { /// Configure TLS for this server. - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result { Ok(Server { tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?), @@ -509,7 +509,7 @@ impl Server { trace_interceptor: self.trace_interceptor, concurrency_limit: self.concurrency_limit, timeout: self.timeout, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] tls: self.tls, init_stream_window_size: self.init_stream_window_size, init_connection_window_size: self.init_connection_window_size, @@ -570,7 +570,7 @@ impl Server { let incoming = incoming::tcp_incoming( incoming, - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] self.tls, ); let mut svc = MakeSvc { @@ -1041,13 +1041,13 @@ where request.extensions_mut().insert(inner.clone()); } tower::util::Either::B(inner) => { - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] { request.extensions_mut().insert(inner.clone()); request.extensions_mut().insert(inner.get_ref().clone()); } - #[cfg(not(feature = "tls-any"))] + #[cfg(not(feature = "_tls-any"))] { // just a type check to make sure we didn't forget to // insert this into the extensions diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs index 80f9b9d34..c9d9bf95a 100644 --- a/tonic/src/transport/server/service/io.rs +++ b/tonic/src/transport/server/service/io.rs @@ -4,22 +4,22 @@ use std::io::IoSlice; use std::pin::Pin; use std::task::{Context, Poll}; use tokio::io::{AsyncRead, AsyncWrite, ReadBuf}; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] use tokio_rustls::server::TlsStream; pub(crate) enum ServerIo { Io(IO), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] TlsIo(Box>), } use tower::util::Either; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] type ServerIoConnectInfo = Either<::ConnectInfo, as Connected>::ConnectInfo>; -#[cfg(not(feature = "tls-any"))] +#[cfg(not(feature = "_tls-any"))] type ServerIoConnectInfo = Either<::ConnectInfo, ()>; impl ServerIo { @@ -27,7 +27,7 @@ impl ServerIo { Self::Io(io) } - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] pub(in crate::transport) fn new_tls_io(io: TlsStream) -> Self { Self::TlsIo(Box::new(io)) } @@ -38,7 +38,7 @@ impl ServerIo { { match self { Self::Io(io) => Either::A(io.connect_info()), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Either::B(io.connect_info()), } } @@ -55,7 +55,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_read(cx, buf), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf), } } @@ -72,7 +72,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write(cx, buf), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf), } } @@ -80,7 +80,7 @@ where fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_flush(cx), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Pin::new(io).poll_flush(cx), } } @@ -88,7 +88,7 @@ where fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_shutdown(cx), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx), } } @@ -100,7 +100,7 @@ where ) -> Poll> { match &mut *self { Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs), } } @@ -108,7 +108,7 @@ where fn is_write_vectored(&self) -> bool { match self { Self::Io(io) => io.is_write_vectored(), - #[cfg(feature = "tls-any")] + #[cfg(feature = "_tls-any")] Self::TlsIo(io) => io.is_write_vectored(), } } diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs index d24cf99c6..b5fce0923 100644 --- a/tonic/src/transport/server/service/mod.rs +++ b/tonic/src/transport/server/service/mod.rs @@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo; mod recover_error; pub(crate) use self::recover_error::RecoverError; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] mod tls; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub(crate) use self::tls::TlsAcceptor; diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs index bf4ea3fe9..b41869c7c 100644 --- a/tonic/src/transport/service/mod.rs +++ b/tonic/src/transport/service/mod.rs @@ -1,5 +1,5 @@ pub(crate) mod grpc_timeout; -#[cfg(feature = "tls-any")] +#[cfg(feature = "_tls-any")] pub(crate) mod tls; pub(crate) use self::grpc_timeout::GrpcTimeout; From 00f31fcf83788c81d8263407b937a16a263b9a7b Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:10:45 -0500 Subject: [PATCH 18/27] revert formatting --- tonic/Cargo.toml | 82 +++++++++++++++--------------------------------- 1 file changed, 25 insertions(+), 57 deletions(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index c3ba85735..0c73c2cc1 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,22 +28,11 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = [ - "_tls-any", - "tls-ring", -] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. -_tls-any = [ - "dep:rustls-pemfile", - "dep:tokio-rustls", - "dep:tokio", - "tokio?/rt", - "tokio?/macros", -] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` +tls = ["_tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. +_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` tls-ring = ["_tls-any", "tokio-rustls/ring"] tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"] -tls-roots = [ - "tls-native-roots", -] # Deprecated. Please use `tls-native-roots` instead. +tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. tls-native-roots = ["channel", "dep:rustls-native-certs"] tls-webpki-roots = ["channel", "dep:webpki-roots"] router = ["dep:axum", "dep:tower", "tower?/util"] @@ -51,34 +40,18 @@ server = [ "router", "dep:async-stream", "dep:h2", - "dep:hyper", - "hyper?/server", - "dep:hyper-util", - "hyper-util?/service", - "hyper-util?/server-auto", + "dep:hyper", "hyper?/server", + "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto", "dep:socket2", - "dep:tokio", - "tokio?/macros", - "tokio?/net", - "tokio?/time", + "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time", "tokio-stream/net", - "dep:tower", - "tower?/util", - "tower?/limit", + "dep:tower", "tower?/util", "tower?/limit", ] channel = [ - "dep:hyper", - "hyper?/client", - "dep:hyper-util", - "hyper-util?/client-legacy", - "dep:tower", - "tower?/balance", - "tower?/buffer", - "tower?/discover", - "tower?/limit", - "tower?/util", - "dep:tokio", - "tokio?/time", + "dep:hyper", "hyper?/client", + "dep:hyper-util", "hyper-util?/client-legacy", + "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util", + "dep:tokio", "tokio?/time", "dep:hyper-timeout", ] transport = ["server", "channel"] @@ -99,41 +72,36 @@ percent-encoding = "2.1" pin-project = "1.0.11" tower-layer = "0.3" tower-service = "0.3" -tokio-stream = { version = "0.1.16", default-features = false } +tokio-stream = {version = "0.1.16", default-features = false} # prost -prost = { version = "0.13", default-features = false, features = [ - "std", -], optional = true } +prost = {version = "0.13", default-features = false, features = ["std"], optional = true} # codegen -async-trait = { version = "0.1.13", optional = true } +async-trait = {version = "0.1.13", optional = true} # transport -async-stream = { version = "0.3", optional = true } -h2 = { version = "0.4", optional = true } -hyper = { version = "1", features = ["http1", "http2"], optional = true } +async-stream = {version = "0.3", optional = true} +h2 = {version = "0.4", optional = true} +hyper = {version = "1", features = ["http1", "http2"], optional = true} hyper-util = { version = "0.1.4", features = ["tokio"], optional = true } socket2 = { version = "0.5", optional = true, features = ["all"] } -tokio = { version = "1", default-features = false, optional = true } -tower = { version = "0.4.7", default-features = false, optional = true } -axum = { version = "0.7", default-features = false, optional = true } +tokio = {version = "1", default-features = false, optional = true} +tower = {version = "0.4.7", default-features = false, optional = true} +axum = {version = "0.7", default-features = false, optional = true} # rustls rustls-pemfile = { version = "2.0", optional = true } rustls-native-certs = { version = "0.8", optional = true } -tokio-rustls = { version = "0.26", default-features = false, features = [ - "logging", - "tls12", -], optional = true } +tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true } webpki-roots = { version = "0.26", optional = true } # compression -flate2 = { version = "1.0", optional = true } +flate2 = {version = "1.0", optional = true} zstd = { version = "0.13.0", optional = true } # channel -hyper-timeout = { version = "0.5", optional = true } +hyper-timeout = {version = "0.5", optional = true} [dev-dependencies] bencher = "0.1.5" @@ -141,8 +109,8 @@ quickcheck = "1.0" quickcheck_macros = "1.0" rand = "0.8" static_assertions = "1.0" -tokio = { version = "1.0", features = ["rt", "macros"] } -tower = { version = "0.4.7", features = ["full"] } +tokio = {version = "1.0", features = ["rt", "macros"]} +tower = {version = "0.4.7", features = ["full"]} [package.metadata.docs.rs] all-features = true From 033f2218e3b3955fe8646f035b4f5fb3860669b7 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:20:05 -0500 Subject: [PATCH 19/27] update docs --- tonic/src/lib.rs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs index 2ed0d220e..1ca8c6095 100644 --- a/tonic/src/lib.rs +++ b/tonic/src/lib.rs @@ -24,8 +24,11 @@ //! - `router`: Enables the [`axum`] based service router. Enabled by default. //! - `codegen`: Enables all the required exports and optional dependencies required //! for [`tonic-build`]. Enabled by default. -//! - `tls`: Enables the [`rustls`] based TLS options for the `transport` feature. Not -//! enabled by default. +//! - `tls`: Deprecated. An alias to `tls-ring` +//! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using +//! the [`ring`] libcrypto provider. Not enabled by default. +//! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using +//! the [`aws-lc-rs`] libcrypto provider. Not enabled by default. //! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature. //! - `tls-native-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the //! [`rustls-native-certs`] crate. Not enabled by default. From 1c73ca4e2ce797c2863717cc7f6860ee95f5b25f Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 13:22:04 -0500 Subject: [PATCH 20/27] specify rustls version in tests --- tests/integration_tests/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml index 74f83a323..60c5f607f 100644 --- a/tests/integration_tests/Cargo.toml +++ b/tests/integration_tests/Cargo.toml @@ -11,7 +11,7 @@ version = "0.1.0" [dependencies] bytes = "1.0" prost = "0.13" -rustls = {version = "*", features = ["ring"]} +rustls = {version = "0.23", features = ["ring"]} tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]} tonic = {path = "../../tonic"} tracing-subscriber = {version = "0.3"} From 121fda75a7e87787ea0059a9ef779b2c714669ef Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Thu, 17 Oct 2024 17:14:56 -0500 Subject: [PATCH 21/27] tls only depends on tls-ring --- tonic/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 0c73c2cc1..71c4dd188 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,7 +28,7 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = ["_tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. +tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. _tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` tls-ring = ["_tls-any", "tokio-rustls/ring"] tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"] From 6411c3cf1ce7fc8331f0aa44453f667ac2db3607 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Fri, 18 Oct 2024 16:34:32 -0500 Subject: [PATCH 22/27] update CI + deps --- .github/workflows/CI.yml | 2 +- tests/integration_tests/Cargo.toml | 2 +- tonic/Cargo.toml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 1726de984..760629b17 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -62,7 +62,7 @@ jobs: - uses: taiki-e/install-action@cargo-udeps - uses: taiki-e/install-action@protoc - uses: Swatinem/rust-cache@v2 - - run: cargo hack udeps --workspace --exclude-features tls-ring,tls-aws-lc --each-feature + - run: cargo hack udeps --workspace --exclude-features=_tls-any,tls,tls-aws-lc,tls-ring --each-feature - run: cargo udeps --package tonic --features tls-ring,transport - run: cargo udeps --package tonic --features tls-ring,server - run: cargo udeps --package tonic --features tls-ring,channel diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml index 60c5f607f..5c829d3e7 100644 --- a/tests/integration_tests/Cargo.toml +++ b/tests/integration_tests/Cargo.toml @@ -11,7 +11,6 @@ version = "0.1.0" [dependencies] bytes = "1.0" prost = "0.13" -rustls = {version = "0.23", features = ["ring"]} tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]} tonic = {path = "../../tonic"} tracing-subscriber = {version = "0.3"} @@ -21,6 +20,7 @@ async-stream = "0.3" http = "1" http-body = "1" hyper-util = "0.1" +rustls = {version = "0.23", features = ["ring"]} tokio-stream = {version = "0.1.5", features = ["net"]} tower = {version = "0.4", features = []} tower-http = { version = "0.5", features = ["set-header", "trace"] } diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 71c4dd188..563941b00 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -33,8 +33,8 @@ _tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", tls-ring = ["_tls-any", "tokio-rustls/ring"] tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"] tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. -tls-native-roots = ["channel", "dep:rustls-native-certs"] -tls-webpki-roots = ["channel", "dep:webpki-roots"] +tls-native-roots = ["_tls-any", "channel", "dep:rustls-native-certs"] +tls-webpki-roots = ["_tls-any","channel", "dep:webpki-roots"] router = ["dep:axum", "dep:tower", "tower?/util"] server = [ "router", From 43b4214f15eba5040c2531b0a7aed2cba77849ae Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Mon, 21 Oct 2024 09:38:33 -0500 Subject: [PATCH 23/27] minor change for force push --- tonic/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 563941b00..83729e2b7 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,8 +28,8 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. _tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` +tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. tls-ring = ["_tls-any", "tokio-rustls/ring"] tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"] tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead. From e8d2de695c15eeae13fc960c5363942700ed8d54 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Tue, 22 Oct 2024 17:33:03 -0500 Subject: [PATCH 24/27] fmt --- tests/integration_tests/tests/connection.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/integration_tests/tests/connection.rs b/tests/integration_tests/tests/connection.rs index 65eb2810c..3cf15ebe0 100644 --- a/tests/integration_tests/tests/connection.rs +++ b/tests/integration_tests/tests/connection.rs @@ -28,7 +28,9 @@ async fn connect_returns_err() { #[tokio::test] async fn connect_handles_tls() { - rustls::crypto::ring::default_provider().install_default().unwrap(); + rustls::crypto::ring::default_provider() + .install_default() + .unwrap(); TestClient::connect("https://example.com").await.unwrap(); } From e8dd0f1087a346738d5c0d762e84ad4981988c7a Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Tue, 22 Oct 2024 17:33:53 -0500 Subject: [PATCH 25/27] fix docs --- tonic/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs index 58b76b083..c65cb9743 100644 --- a/tonic/src/lib.rs +++ b/tonic/src/lib.rs @@ -26,7 +26,7 @@ //! for [`tonic-build`]. Enabled by default. //! - `tls`: Deprecated. An alias to `tls-ring` //! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using -//! the [`ring`] libcrypto provider. Not enabled by default. +//! the ring libcrypto provider. Not enabled by default. //! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using //! the [`aws-lc-rs`] libcrypto provider. Not enabled by default. //! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature. From c2c736b9438eb7931f5cea7d2fdddea87f76c262 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Wed, 23 Oct 2024 11:06:12 -0500 Subject: [PATCH 26/27] fix ring docs link --- tonic/src/lib.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs index c65cb9743..1d73725e4 100644 --- a/tonic/src/lib.rs +++ b/tonic/src/lib.rs @@ -26,7 +26,7 @@ //! for [`tonic-build`]. Enabled by default. //! - `tls`: Deprecated. An alias to `tls-ring` //! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using -//! the ring libcrypto provider. Not enabled by default. +//! the [`ring`]` libcrypto provider. Not enabled by default. //! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using //! the [`aws-lc-rs`] libcrypto provider. Not enabled by default. //! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature. @@ -74,6 +74,7 @@ //! [`hyper`]: https://docs.rs/hyper //! [`tower`]: https://docs.rs/tower //! [`tonic-build`]: https://docs.rs/tonic-build +//! [`ring`]: https://docs.rs/ring //! [`tonic-examples`]: https://github.com/hyperium/tonic/tree/master/examples //! [`Codec`]: codec/trait.Codec.html //! [`Channel`]: transport/struct.Channel.html From 8daf3495c43c0ce281dfcfe7c7487c2d69288318 Mon Sep 17 00:00:00 2001 From: Jen Cecelia Reiss Date: Fri, 25 Oct 2024 13:27:19 -0500 Subject: [PATCH 27/27] Update Cargo.toml Co-authored-by: Lucio Franco --- tonic/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml index 6ccad0515..395670f8f 100644 --- a/tonic/Cargo.toml +++ b/tonic/Cargo.toml @@ -28,7 +28,7 @@ gzip = ["dep:flate2"] zstd = ["dep:zstd"] default = ["transport", "codegen", "prost"] prost = ["dep:prost"] -_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc` +_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose one of `tls-ring` or `tls-aws-lc` tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead. tls-ring = ["_tls-any", "tokio-rustls/ring"] tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]