Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide a try_bind_with_graceful_shutdown method to TlsServer. #717

Merged
merged 2 commits into from May 5, 2023
Merged

Provide a try_bind_with_graceful_shutdown method to TlsServer. #717

merged 2 commits into from May 5, 2023

Conversation

jnicholls
Copy link
Contributor

  • Provide a try_bind_with_graceful_shutdown method to TlsServer in order to have fallible semantics rather than panics when a TLS configuration fails.
  • Add panic warnings to the docs of each method on Server and TlsServer that could panic, where it was missing.

Fixes #680

Side notes:

  • I'm not entirely sure under what circumstances a lot of these methods need to take in an Into<SocketAddr> + 'static rather than just an Into<SocketAddr>, as well as returning a Future<Output = ()> + 'static rather than just a Future<Output = ()>. There are no tests to show a difference in behavior in terms of what contexts a static lifetime is warranted. Removing all forms of + 'static and we compile all tests and they all pass. Likewise with the signal parameters being + Send + 'static...this doesn't seem necessary because hyper's with_graceful_shutdown does not require Send + 'static semantics. Can we just remove all of these extra trait & lifetime bounds?
  • Some of the API interface is inconsistent imho.
    • try_bind doesn't return a Result but instead returns nothing and just does a tracing event. It should behave like bind and call try_bind_ephemeral and return a Result<impl Future<Output = ()>, crate::Error>
    • Some docs, like in Server::bind say they return a Future but they don't, they wait on the future, but are an async fn and so technically they do return a future, but one that awaits on the inner server future. It's kind of a confusing interface to passersby that do not understand the distinction even though they are technically the same. Should we re-write these methods to be regular functions and return an explicit Future just to be consistent?

@beyond-identity-gitops
Provide a try_bind_with_graceful_shutdown method to the TlsServer in …
4b111a7 
…order to have fallible semantics rather than panics when a TLS configuration fails.
@jxs jxs added the waiting-on-reviewer Awaiting review from the assignee but also interested parties. label Jun 29, 2021
@macladson macladson mentioned this pull request Oct 4, 2021
Closed
bors bot pushed a commit to sigp/lighthouse that referenced this pull request Oct 12, 2021
@macladson
Add TLS capability to the beacon node HTTP API (#2668)
a73d698 
Currently, the beacon node has no ability to serve the HTTP API over TLS.
Adding this functionality would be helpful for certain use cases, such as when you need a validator client to connect to a backup beacon node which is outside your local network, and the use of an SSH tunnel or reverse proxy would be inappropriate.

## Proposed Changes

- Add three new CLI flags to the beacon node
  - `--http-enable-tls`: enables TLS
  - `--http-tls-cert`: to specify the path to the certificate file
  - `--http-tls-key`: to specify the path to the key file
- Update the HTTP API to optionally use `warp`'s [`TlsServer`](https://docs.rs/warp/0.3.1/warp/struct.TlsServer.html) depending on the presence of the `--http-enable-tls` flag
- Update tests and docs
- Use a custom branch for `warp` to ensure proper error handling

## Additional Info

Serving the API over TLS should currently be considered experimental. The reason for this is that it uses code from an [unmerged PR](seanmonstar/warp#717). This commit provides the `try_bind_with_graceful_shutdown` method to `warp`, which is helpful for controlling error flow when the TLS configuration is invalid (cert/key files don't exist, incorrect permissions, etc). 
I've implemented the same code in my [branch here](https://github.com/macladson/warp/tree/tls).

Once the code has been reviewed and merged upstream into `warp`, we can remove the dependency on my branch and the feature can be considered more stable.

Currently, the private key file must not be password-protected in order to be read into Lighthouse.
@macladson
Copy link

Is there any progress on this? Would love to see this merged.
If there's anything I can do anything to help, let me know

@jnicholls
Copy link
Contributor Author

@seanmonstar Any thoughts on this one? I'm gonna close it if it's ignored any longer. Thanks.

seanmonstar
seanmonstar approved these changes May 5, 2023
View reviewed changes
Copy link
Owner

@seanmonstar seanmonstar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds useful, thanks!

@seanmonstar seanmonstar enabled auto-merge (squash) May 5, 2023 11:48
@seanmonstar seanmonstar merged commit 4c1f7ba into seanmonstar:master May 5, 2023
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@seanmonstar seanmonstar seanmonstar approved these changes

Assignees
No one assigned
Labels
waiting-on-reviewer Awaiting review from the assignee but also interested parties.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Missing function: warp::TlsServer::try_bind_with_graceful_shutdown
5 participants
@jnicholls @macladson @seanmonstar @jxs @beyond-identity-gitops