From abba9d265b7898a22b7fb8491525c3358484b674 Mon Sep 17 00:00:00 2001 From: James Yang <26634873@qq.com> Date: Tue, 30 Jul 2024 14:53:06 +0800 Subject: [PATCH 1/4] feat: add server config cache --- rust-toolchain.toml | 2 ++ src/tls.rs | 29 ++++++++++++++++++++++++----- 2 files changed, 26 insertions(+), 5 deletions(-) create mode 100644 rust-toolchain.toml diff --git a/rust-toolchain.toml b/rust-toolchain.toml new file mode 100644 index 0000000..292fe49 --- /dev/null +++ b/rust-toolchain.toml @@ -0,0 +1,2 @@ +[toolchain] +channel = "stable" diff --git a/src/tls.rs b/src/tls.rs index 627dcb8..6616580 100644 --- a/src/tls.rs +++ b/src/tls.rs @@ -1,9 +1,22 @@ +use std::{borrow::BorrowMut, sync::LazyLock}; + +use dashmap::{try_result::TryResult, DashMap}; +use rustls::ServerConfig; + +static SERVER_CONFIG_CACHE: LazyLock> = LazyLock::new(|| DashMap::new()); + pub fn server_config( host: String, root_cert: &rcgen::CertifiedKey, h2: bool, ) -> Result { - let mut cert_params = rcgen::CertificateParams::new(vec![host]).unwrap(); + + if let TryResult::Present(config) = SERVER_CONFIG_CACHE.try_get(&host) { + let mut config = config.clone(); + return Ok(maybe_h2_config(&mut config, h2).to_owned()); + } + + let mut cert_params = rcgen::CertificateParams::new(vec![host.clone()]).unwrap(); cert_params .key_usages .push(rcgen::KeyUsagePurpose::DigitalSignature); @@ -29,11 +42,17 @@ pub fn server_config( )), ); + if let Ok(config) = &config { + SERVER_CONFIG_CACHE.insert(host, config.clone()); + } + + config.map(|mut config| maybe_h2_config(config.borrow_mut(), h2).to_owned()) +} + +fn maybe_h2_config(config: &mut ServerConfig, h2: bool) -> &ServerConfig { if h2 { - config.map(|mut server_config| { - server_config.alpn_protocols = vec!["h2".into(), "http/1.1".into()]; - server_config - }) + config.alpn_protocols = vec!["h2".into(), "http/1.1".into()]; + config } else { config } From 1890655caf2833983761d3e813a5008b7fd7e92c Mon Sep 17 00:00:00 2001 From: James Yang <26634873@qq.com> Date: Tue, 30 Jul 2024 15:15:52 +0800 Subject: [PATCH 2/4] fix: github workflow --- .github/workflows/rust.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index d54fa2f..1dd593f 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -16,6 +16,10 @@ jobs: steps: - uses: actions/checkout@v3 + - name: Set up Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable - name: Build run: cargo build --verbose - name: Run tests From 7d86f40bb92517d04fa0f1c0f27cb917126f4ff9 Mon Sep 17 00:00:00 2001 From: James Yang <26634873@qq.com> Date: Tue, 30 Jul 2024 15:19:38 +0800 Subject: [PATCH 3/4] fix: update deps --- Cargo.lock | 21 +++++++++++++++++++++ Cargo.toml | 1 + 2 files changed, 22 insertions(+) diff --git a/Cargo.lock b/Cargo.lock index 86a1c5f..cbf7004 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -423,6 +423,26 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f" +[[package]] +name = "crossbeam-utils" +version = "0.8.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" + +[[package]] +name = "dashmap" +version = "6.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "804c8821570c3f8b70230c2ba75ffa5c0f9a4189b9a432b6656c536712acae28" +dependencies = [ + "cfg-if", + "crossbeam-utils", + "hashbrown", + "lock_api", + "once_cell", + "parking_lot_core", +] + [[package]] name = "data-encoding" version = "2.6.0" @@ -742,6 +762,7 @@ dependencies = [ "axum-server", "bytes", "clap", + "dashmap", "futures", "http-body-util", "hyper", diff --git a/Cargo.toml b/Cargo.toml index d1a6537..87a117b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,6 +34,7 @@ tracing = "0.1.40" hyper-util = { version = "0.1.1", features = ["tokio"] } native-tls = { version = "0.2.12", features = ["alpn"] } thiserror = "1.0.62" +dashmap = "6.0.1" [dev-dependencies] axum = { version = "0.7.2", features = ["http2"] } From 5894762870a061bcc01621f8c8fa7ffbf5894145 Mon Sep 17 00:00:00 2001 From: James Yang <26634873@qq.com> Date: Wed, 28 Aug 2024 12:30:13 +0000 Subject: [PATCH 4/4] fix: add root_cert as cache key --- src/tls.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/tls.rs b/src/tls.rs index 6616580..786aa5b 100644 --- a/src/tls.rs +++ b/src/tls.rs @@ -3,7 +3,7 @@ use std::{borrow::BorrowMut, sync::LazyLock}; use dashmap::{try_result::TryResult, DashMap}; use rustls::ServerConfig; -static SERVER_CONFIG_CACHE: LazyLock> = LazyLock::new(|| DashMap::new()); +static SERVER_CONFIG_CACHE: LazyLock), rustls::ServerConfig>> = LazyLock::new(|| DashMap::new()); pub fn server_config( host: String, @@ -11,7 +11,7 @@ pub fn server_config( h2: bool, ) -> Result { - if let TryResult::Present(config) = SERVER_CONFIG_CACHE.try_get(&host) { + if let TryResult::Present(config) = SERVER_CONFIG_CACHE.try_get(&(host.clone(), root_cert.key_pair.serialize_der())) { let mut config = config.clone(); return Ok(maybe_h2_config(&mut config, h2).to_owned()); } @@ -43,7 +43,7 @@ pub fn server_config( ); if let Ok(config) = &config { - SERVER_CONFIG_CACHE.insert(host, config.clone()); + SERVER_CONFIG_CACHE.insert((host, root_cert.key_pair.serialize_der()), config.clone()); } config.map(|mut config| maybe_h2_config(config.borrow_mut(), h2).to_owned())