mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Correctly prevent start up when https sockets in use (#1579)

Browse source
This commit is contained in:
Firstyear 2023-04-28 19:36:47 +10:00 committed by GitHub
parent 1974d27dd8
commit ca5ed43b5d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
server/core/src/https/mod.rs
View file

@ -13,6 +13,7 @@ use compact_jwt::{Jws, JwsSigner, JwsUnverified, JwsValidator};
use kanidmd_lib::prelude::*; use kanidmd_lib::prelude::*;
use kanidmd_lib::status::StatusActor; use kanidmd_lib::status::StatusActor;
use serde::Serialize; use serde::Serialize;
use tide::listener::{Listener, ToListener};
use tide_compress::CompressMiddleware; use tide_compress::CompressMiddleware;
use tide_openssl::TlsListener; use tide_openssl::TlsListener;
use tracing::{error, info}; use tracing::{error, info};
@ -315,8 +316,7 @@ pub fn generate_integrity_hash(filename: String) -> Result<String, String> {
} }
} }
// TODO: Add request limits. pub async fn create_https_server(
pub fn create_https_server(
address: String, address: String,
domain: String, domain: String,
// opt_tls_params: Option<SslAcceptorBuilder>, // opt_tls_params: Option<SslAcceptorBuilder>,
@ -856,7 +856,6 @@ pub fn create_https_server(
// routemap_route.at("/").mapped_get(&mut routemap, do_routemap); // routemap_route.at("/").mapped_get(&mut routemap, do_routemap);
// === End routes // === End routes
// Create listener?
let handle = match opt_tls_params { let handle = match opt_tls_params {
Some(tls_param) => { Some(tls_param) => {
let tlsl = TlsListener::build() let tlsl = TlsListener::build()
@ -867,11 +866,18 @@ pub fn create_https_server(
.map_err(|e| { .map_err(|e| {
error!("Failed to build TLS Listener -> {:?}", e); error!("Failed to build TLS Listener -> {:?}", e);
})?; })?;
/*
let x = Box::new(tls_param.build()); let mut listener = tlsl.to_listener().map_err(|e| {
let x_ref = Box::leak(x); error!("Failed to convert to Listener -> {:?}", e);
let tlsl = TlsListener::new(address, x_ref); })?;
*/
if let Err(e) = listener.bind(tserver).await {
error!(
"Failed to start server listener on address {:?} -> {:?}",
&address, e
);
return Err(());
}
tokio::spawn(async move { tokio::spawn(async move {
tokio::select! { tokio::select! {
@ -880,10 +886,10 @@ pub fn create_https_server(
CoreAction::Shutdown => {}, CoreAction::Shutdown => {},
} }
} }
server_result = tserver.listen(tlsl) => { server_result = listener.accept() => {
if let Err(e) = server_result { if let Err(e) = server_result {
error!( error!(
"Failed to start server listener on address {:?} -> {:?}", "Failed to accept via listener on address {:?} -> {:?}",
&address, e &address, e
); );
} }
@ -894,6 +900,18 @@ pub fn create_https_server(
} }
None => { None => {
// Create without https // Create without https
let mut listener = (&address).to_listener().map_err(|e| {
error!("Failed to convert to Listener -> {:?}", e);
})?;
if let Err(e) = listener.bind(tserver).await {
error!(
"Failed to start server listener on address {:?} -> {:?}",
&address, e
);
return Err(());
}
tokio::spawn(async move { tokio::spawn(async move {
tokio::select! { tokio::select! {
Ok(action) = rx.recv() => { Ok(action) = rx.recv() => {
@ -901,10 +919,10 @@ pub fn create_https_server(
CoreAction::Shutdown => {}, CoreAction::Shutdown => {},
} }
} }
server_result = tserver.listen(&address) => { server_result = listener.accept() => {
if let Err(e) = server_result { if let Err(e) = server_result {
error!( error!(
"Failed to start server listener on address {:?} -> {:?}", "Failed to accept via listener on address {:?} -> {:?}",
&address, e &address, e
); );
} }

3
server/core/src/lib.rs
View file

@ -801,7 +801,8 @@ pub async fn create_server_core(
server_write_ref, server_write_ref,
server_read_ref, server_read_ref,
broadcast_tx.subscribe(), broadcast_tx.subscribe(),
)?; )
.await?;
admin_info!("ready to rock! 🪨 "); admin_info!("ready to rock! 🪨 ");
Some(h) Some(h)