Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refactor server startup APIs and Https support
The previous support for SSL was not great - you were locked into OpenSSL and had no ability to configure it the way you wanted. Hyper is going to be cutting a release soon that completely removes the built-in OpenSSL and Secure Transport functionalty in favor of external crates. While we're at it, also allow a `NetworkListener` to be manually created, and refactor the configuration a bit to avoid combinatoric blowup in methods. Closes #483 Closes #447 Closes #424
- Loading branch information
Showing
5 changed files
with
101 additions
and
129 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,41 +1,41 @@ | ||
// This requires running with: | ||
// | ||
// ```bash | ||
// cargo run --example https --features ssl | ||
// cargo run --example https --features native-tls-example | ||
// ``` | ||
// | ||
// Generate a key and certificate like so: | ||
// Generate an identity like so: | ||
// | ||
// ```bash | ||
// openssl genrsa -out localhost.key 4096 | ||
// openssl req -key localhost.key -x509 -new -days 3650 -out localhost.crt | ||
// openssl req -x509 -newkey rsa:4096 -nodes -keyout localhost.key -out localhost.crt -days 3650 | ||
// openssl pkcs12 -export -out identity.p12 -inkey localhost.key -in localhost.crt --password mypass | ||
// | ||
// ``` | ||
|
||
extern crate iron; | ||
#[cfg(feature = "native-tls-example")] | ||
extern crate hyper_native_tls; | ||
|
||
#[cfg(feature = "ssl")] | ||
#[cfg(feature = "native-tls-example")] | ||
fn main() { | ||
// Avoid unused errors due to conditional compilation ('ssl' feature is not default) | ||
use iron::status; | ||
// Avoid unused errors due to conditional compilation ('native-tls-example' feature is not default) | ||
use hyper_native_tls::NativeTlsServer; | ||
use iron::{Iron, Request, Response}; | ||
use std::path::{Path}; | ||
use std::result::{Result}; | ||
use iron::status; | ||
use std::result::Result; | ||
|
||
// openssl genrsa -out localhost.key 4096 | ||
let key = Path::new("localhost.key").to_path_buf(); | ||
// openssl req -key localhost.key -x509 -new -days 3650 -out localhost.crt | ||
let cert = Path::new("localhost.crt").to_path_buf(); | ||
let ssl = NativeTlsServer::new("identity.p12", "mypass").unwrap(); | ||
|
||
match Iron::new(|_: &mut Request| { | ||
Ok(Response::with((status::Ok, "Hello world!"))) | ||
}).https("127.0.0.1:3000", cert, key) { | ||
}).https("127.0.0.1:3000", ssl) { | ||
Result::Ok(listening) => println!("{:?}", listening), | ||
Result::Err(err) => panic!("{:?}", err), | ||
} | ||
// curl -vvvv https://127.0.0.1:3000/ -k | ||
} | ||
|
||
#[cfg(not(feature = "ssl"))] | ||
#[cfg(not(feature = "native-tls-example"))] | ||
fn main() { | ||
// We need to do this to make sure `cargo test` passes. | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters