From ca5ed43b5ded7a3c948616e7bd5720d0497cd9cc Mon Sep 17 00:00:00 2001 From: Firstyear Date: Fri, 28 Apr 2023 19:36:47 +1000 Subject: [PATCH] Correctly prevent start up when https sockets in use (#1579) --- server/core/src/https/mod.rs | 42 +++++++++++++++++++++++++----------- server/core/src/lib.rs | 3 ++- 2 files changed, 32 insertions(+), 13 deletions(-) diff --git a/server/core/src/https/mod.rs b/server/core/src/https/mod.rs index 7637caa38..ad16877a1 100644 --- a/server/core/src/https/mod.rs +++ b/server/core/src/https/mod.rs @@ -13,6 +13,7 @@ use compact_jwt::{Jws, JwsSigner, JwsUnverified, JwsValidator}; use kanidmd_lib::prelude::*; use kanidmd_lib::status::StatusActor; use serde::Serialize; +use tide::listener::{Listener, ToListener}; use tide_compress::CompressMiddleware; use tide_openssl::TlsListener; use tracing::{error, info}; @@ -315,8 +316,7 @@ pub fn generate_integrity_hash(filename: String) -> Result { } } -// TODO: Add request limits. -pub fn create_https_server( +pub async fn create_https_server( address: String, domain: String, // opt_tls_params: Option, @@ -856,7 +856,6 @@ pub fn create_https_server( // routemap_route.at("/").mapped_get(&mut routemap, do_routemap); // === End routes - // Create listener? let handle = match opt_tls_params { Some(tls_param) => { let tlsl = TlsListener::build() @@ -867,11 +866,18 @@ pub fn create_https_server( .map_err(|e| { error!("Failed to build TLS Listener -> {:?}", e); })?; - /* - let x = Box::new(tls_param.build()); - let x_ref = Box::leak(x); - let tlsl = TlsListener::new(address, x_ref); - */ + + let mut listener = tlsl.to_listener().map_err(|e| { + error!("Failed to convert to Listener -> {:?}", e); + })?; + + if let Err(e) = listener.bind(tserver).await { + error!( + "Failed to start server listener on address {:?} -> {:?}", + &address, e + ); + return Err(()); + } tokio::spawn(async move { tokio::select! { @@ -880,10 +886,10 @@ pub fn create_https_server( CoreAction::Shutdown => {}, } } - server_result = tserver.listen(tlsl) => { + server_result = listener.accept() => { if let Err(e) = server_result { error!( - "Failed to start server listener on address {:?} -> {:?}", + "Failed to accept via listener on address {:?} -> {:?}", &address, e ); } @@ -894,6 +900,18 @@ pub fn create_https_server( } None => { // Create without https + let mut listener = (&address).to_listener().map_err(|e| { + error!("Failed to convert to Listener -> {:?}", e); + })?; + + if let Err(e) = listener.bind(tserver).await { + error!( + "Failed to start server listener on address {:?} -> {:?}", + &address, e + ); + return Err(()); + } + tokio::spawn(async move { tokio::select! { Ok(action) = rx.recv() => { @@ -901,10 +919,10 @@ pub fn create_https_server( CoreAction::Shutdown => {}, } } - server_result = tserver.listen(&address) => { + server_result = listener.accept() => { if let Err(e) = server_result { error!( - "Failed to start server listener on address {:?} -> {:?}", + "Failed to accept via listener on address {:?} -> {:?}", &address, e ); } diff --git a/server/core/src/lib.rs b/server/core/src/lib.rs index 0406a6f17..a2c2075ec 100644 --- a/server/core/src/lib.rs +++ b/server/core/src/lib.rs @@ -801,7 +801,8 @@ pub async fn create_server_core( server_write_ref, server_read_ref, broadcast_tx.subscribe(), - )?; + ) + .await?; admin_info!("ready to rock! 🪨 "); Some(h)