Refactor module into and relocate the no-op tls module

cloudflare · Aug 30, 2024 · 1b9e8ee · 1b9e8ee
1 parent d8f3ffa
commit 1b9e8ee
Show file tree

Hide file tree

Showing 19 changed files with 837 additions and 16 deletions.
diff --git a/.bleep b/.bleep
@@ -1 +1 @@
-b01a9bc71ff892b2fdbb47f6bb3f9eac88907435
+aadd07a5b3064b0fbdf57c8c02a5ef7b65b5fc03
diff --git a/pingora-core/Cargo.toml b/pingora-core/Cargo.toml
@@ -79,6 +79,7 @@ jemallocator = "0.5"
 
 [features]
 default = ["openssl"]
-openssl = ["pingora-openssl"]
-boringssl = ["pingora-boringssl"]
-patched_http1 = []
+openssl = ["pingora-openssl", "some_tls"]
+boringssl = ["pingora-boringssl", "some_tls"]
+patched_http1 = []
+some_tls = []
diff --git a/pingora-core/src/connectors/http/mod.rs b/pingora-core/src/connectors/http/mod.rs
@@ -95,6 +95,7 @@ impl Connector {
 }
 
 #[cfg(test)]
+#[cfg(feature = "some_tls")]
 mod tests {
     use super::*;
     use crate::protocols::http::v1::client::HttpSession as Http1Session;

diff --git a/pingora-core/src/connectors/http/v1.rs b/pingora-core/src/connectors/http/v1.rs
@@ -103,6 +103,7 @@ mod tests {
     }
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_connect_tls() {
         let connector = Connector::new(None);
         let peer = HttpPeer::new(("1.1.1.1", 443), true, "one.one.one.one".into());

diff --git a/pingora-core/src/connectors/http/v2.rs b/pingora-core/src/connectors/http/v2.rs
@@ -460,6 +460,7 @@ mod tests {
     use crate::upstreams::peer::HttpPeer;
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_connect_h2() {
         let connector = Connector::new(None);
         let mut peer = HttpPeer::new(("1.1.1.1", 443), true, "one.one.one.one".into());
@@ -472,6 +473,7 @@ mod tests {
     }
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_connect_h1() {
         let connector = Connector::new(None);
         let mut peer = HttpPeer::new(("1.1.1.1", 443), true, "one.one.one.one".into());
@@ -497,6 +499,7 @@ mod tests {
     }
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_h2_single_stream() {
         let connector = Connector::new(None);
         let mut peer = HttpPeer::new(("1.1.1.1", 443), true, "one.one.one.one".into());
@@ -528,6 +531,7 @@ mod tests {
     }
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_h2_multiple_stream() {
         let connector = Connector::new(None);
         let mut peer = HttpPeer::new(("1.1.1.1", 443), true, "one.one.one.one".into());

diff --git a/pingora-core/src/connectors/mod.rs b/pingora-core/src/connectors/mod.rs
@@ -365,6 +365,7 @@ fn test_reusable_stream(stream: &mut Stream) -> bool {
 }
 
 #[cfg(test)]
+#[cfg(feature = "some_tls")]
 mod tests {
     use pingora_error::ErrorType;
 

diff --git a/pingora-core/src/connectors/tls.rs b/pingora-core/src/connectors/tls.rs
@@ -17,8 +17,8 @@ use pingora_error::{Error, ErrorType::*, OrErr, Result};
 use std::sync::{Arc, Once};
 
 use super::ConnectorOptions;
-use crate::protocols::ssl::client::handshake;
-use crate::protocols::ssl::SslStream;
+use crate::protocols::tls::client::handshake;
+use crate::protocols::tls::SslStream;
 use crate::protocols::IO;
 use crate::tls::ext::{
     add_host, clear_error_stack, ssl_add_chain_cert, ssl_set_groups_list,

diff --git a/pingora-core/src/lib.rs b/pingora-core/src/lib.rs
@@ -58,8 +58,8 @@ pub use pingora_boringssl as tls;
 #[cfg(all(not(feature = "boringssl"), feature = "openssl"))]
 pub use pingora_openssl as tls;
 
-#[cfg(all(not(feature = "boringssl"), not(feature = "openssl")))]
-pub mod tls;
+#[cfg(not(feature = "some_tls"))]
+pub use protocols::tls::dummy_tls as tls;
 
 pub mod prelude {
     pub use crate::server::configuration::Opt;

diff --git a/pingora-core/src/listeners/mod.rs b/pingora-core/src/listeners/mod.rs
@@ -26,7 +26,7 @@ use std::{fs::Permissions, sync::Arc};
 use l4::{ListenerEndpoint, Stream as L4Stream};
 use tls::Acceptor;
 
-pub use crate::protocols::ssl::server::TlsAccept;
+pub use crate::protocols::tls::server::TlsAccept;
 pub use l4::{ServerAddress, TcpSocketOptions};
 pub use tls::{TlsSettings, ALPN};
 
@@ -213,6 +213,7 @@ mod test {
     }
 
     #[tokio::test]
+    #[cfg(feature = "some_tls")]
     async fn test_listen_tls() {
         use tokio::io::AsyncReadExt;
 

diff --git a/pingora-core/src/listeners/tls.rs b/pingora-core/src/listeners/tls.rs
@@ -16,14 +16,14 @@ use log::debug;
 use pingora_error::{ErrorType, OrErr, Result};
 use std::ops::{Deref, DerefMut};
 
-use crate::protocols::ssl::{
+use crate::protocols::tls::{
     server::{handshake, handshake_with_callback, TlsAcceptCallbacks},
     SslStream,
 };
 use crate::protocols::IO;
 use crate::tls::ssl::{SslAcceptor, SslAcceptorBuilder, SslFiletype, SslMethod};
 
-pub use crate::protocols::ssl::ALPN;
+pub use crate::protocols::tls::ALPN;
 
 pub const TLS_CONF_ERR: ErrorType = ErrorType::Custom("TLSConfigError");
 

diff --git a/pingora-core/src/protocols/digest.rs b/pingora-core/src/protocols/digest.rs
@@ -22,7 +22,7 @@ use once_cell::sync::OnceCell;
 use super::l4::ext::{get_recv_buf, get_tcp_info, TCP_INFO};
 use super::l4::socket::SocketAddr;
 use super::raw_connect::ProxyDigest;
-use super::ssl::digest::SslDigest;
+use super::tls::digest::SslDigest;
 
 /// The information can be extracted from a connection
 #[derive(Clone, Debug, Default)]

diff --git a/pingora-core/src/protocols/mod.rs b/pingora-core/src/protocols/mod.rs
@@ -18,14 +18,14 @@ mod digest;
 pub mod http;
 pub mod l4;
 pub mod raw_connect;
-pub mod ssl;
+pub mod tls;
 
 pub use digest::{
     Digest, GetProxyDigest, GetSocketDigest, GetTimingDigest, ProtoDigest, SocketDigest,
     TimingDigest,
 };
 pub use l4::ext::TcpKeepalive;
-pub use ssl::ALPN;
+pub use tls::ALPN;
 
 use async_trait::async_trait;
 use std::fmt::Debug;
@@ -53,7 +53,7 @@ pub trait Ssl {
     }
 
     /// Return the [`ssl::SslDigest`] for logging
-    fn get_ssl_digest(&self) -> Option<Arc<ssl::SslDigest>> {
+    fn get_ssl_digest(&self) -> Option<Arc<tls::SslDigest>> {
         None
     }
 

diff --git a/pingora-core/src/protocols/ssl/client.rs → pingora-core/src/protocols/tls/client.rs b/pingora-core/src/protocols/ssl/client.rs → pingora-core/src/protocols/tls/client.rs
diff --git a/pingora-core/src/protocols/ssl/digest.rs → pingora-core/src/protocols/tls/digest.rs b/pingora-core/src/protocols/ssl/digest.rs → pingora-core/src/protocols/tls/digest.rs
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		b01a9bc71ff892b2fdbb47f6bb3f9eac88907435
		aadd07a5b3064b0fbdf57c8c02a5ef7b65b5fc03