184 lines
5.9 KiB
Rust
184 lines
5.9 KiB
Rust
mod middleware;
|
|
mod controller;
|
|
mod codec;
|
|
mod node;
|
|
mod resource;
|
|
|
|
use std::net::SocketAddr;
|
|
use std::sync::Arc;
|
|
|
|
use anyhow::Result;
|
|
use hyper::service::service_fn;
|
|
use hyper::{Request, Response};
|
|
use hyper::server::conn::http1 as http;
|
|
use hyper::rt::{Read, Write};
|
|
use hyper_util::rt::TokioIo;
|
|
use futures::stream::{FuturesUnordered, StreamExt};
|
|
use tokio::net::TcpListener;
|
|
use tokio::sync::watch;
|
|
use tokio_rustls::TlsAcceptor;
|
|
use tokio::net::TcpStream;
|
|
use futures::future::FutureExt;
|
|
use tokio::io::{AsyncRead, AsyncWrite};
|
|
use rustls_pemfile::{certs, private_key};
|
|
|
|
use aero_user::config::{DavConfig, DavUnsecureConfig};
|
|
use aero_user::login::ArcLoginProvider;
|
|
|
|
use crate::dav::controller::Controller;
|
|
|
|
pub struct Server {
|
|
bind_addr: SocketAddr,
|
|
login_provider: ArcLoginProvider,
|
|
tls: Option<TlsAcceptor>,
|
|
}
|
|
|
|
pub fn new_unsecure(config: DavUnsecureConfig, login: ArcLoginProvider) -> Server {
|
|
Server {
|
|
bind_addr: config.bind_addr,
|
|
login_provider: login,
|
|
tls: None,
|
|
}
|
|
}
|
|
|
|
pub fn new(config: DavConfig, login: ArcLoginProvider) -> Result<Server> {
|
|
let loaded_certs = certs(&mut std::io::BufReader::new(std::fs::File::open(
|
|
config.certs,
|
|
)?))
|
|
.collect::<Result<Vec<_>, _>>()?;
|
|
let loaded_key = private_key(&mut std::io::BufReader::new(std::fs::File::open(
|
|
config.key,
|
|
)?))?
|
|
.unwrap();
|
|
|
|
let tls_config = rustls::ServerConfig::builder()
|
|
.with_no_client_auth()
|
|
.with_single_cert(loaded_certs, loaded_key)?;
|
|
let acceptor = TlsAcceptor::from(Arc::new(tls_config));
|
|
|
|
Ok(Server {
|
|
bind_addr: config.bind_addr,
|
|
login_provider: login,
|
|
tls: Some(acceptor),
|
|
})
|
|
}
|
|
|
|
trait Stream: Read + Write + Send + Unpin {}
|
|
impl<T: Unpin + AsyncRead + AsyncWrite + Send> Stream for TokioIo<T> {}
|
|
|
|
impl Server {
|
|
pub async fn run(self: Self, mut must_exit: watch::Receiver<bool>) -> Result<()> {
|
|
let tcp = TcpListener::bind(self.bind_addr).await?;
|
|
tracing::info!("DAV server listening on {:#}", self.bind_addr);
|
|
|
|
let mut connections = FuturesUnordered::new();
|
|
while !*must_exit.borrow() {
|
|
let wait_conn_finished = async {
|
|
if connections.is_empty() {
|
|
futures::future::pending().await
|
|
} else {
|
|
connections.next().await
|
|
}
|
|
};
|
|
let (socket, remote_addr) = tokio::select! {
|
|
a = tcp.accept() => a?,
|
|
_ = wait_conn_finished => continue,
|
|
_ = must_exit.changed() => continue,
|
|
};
|
|
tracing::info!("Accepted connection from {}", remote_addr);
|
|
let stream = match self.build_stream(socket).await {
|
|
Ok(v) => v,
|
|
Err(e) => {
|
|
tracing::error!(err=?e, "TLS acceptor failed");
|
|
continue
|
|
}
|
|
};
|
|
|
|
let login = self.login_provider.clone();
|
|
let conn = tokio::spawn(async move {
|
|
//@FIXME should create a generic "public web" server on which "routers" could be
|
|
//abitrarily bound
|
|
//@FIXME replace with a handler supporting http2 and TLS
|
|
|
|
match http::Builder::new().serve_connection(stream, service_fn(|req: Request<hyper::body::Incoming>| {
|
|
let login = login.clone();
|
|
tracing::info!("{:?} {:?}", req.method(), req.uri());
|
|
async {
|
|
match middleware::auth(login, req, |user, request| async { Controller::route(user, request).await }.boxed()).await {
|
|
Ok(v) => Ok(v),
|
|
Err(e) => {
|
|
tracing::error!(err=?e, "internal error");
|
|
Response::builder()
|
|
.status(500)
|
|
.body(codec::text_body("Internal error"))
|
|
},
|
|
}
|
|
}
|
|
})).await {
|
|
Err(e) => tracing::warn!(err=?e, "connection failed"),
|
|
Ok(()) => tracing::trace!("connection terminated with success"),
|
|
}
|
|
});
|
|
connections.push(conn);
|
|
}
|
|
drop(tcp);
|
|
|
|
tracing::info!("Server shutting down, draining remaining connections...");
|
|
while connections.next().await.is_some() {}
|
|
|
|
Ok(())
|
|
}
|
|
|
|
async fn build_stream(&self, socket: TcpStream) -> Result<Box<dyn Stream>> {
|
|
match self.tls.clone() {
|
|
Some(acceptor) => {
|
|
let stream = acceptor.accept(socket).await?;
|
|
Ok(Box::new(TokioIo::new(stream)))
|
|
}
|
|
None => Ok(Box::new(TokioIo::new(socket))),
|
|
}
|
|
}
|
|
}
|
|
|
|
// <D:propfind xmlns:D='DAV:' xmlns:A='http://apple.com/ns/ical/'>
|
|
// <D:prop>
|
|
// <D:getcontenttype/>
|
|
// <D:resourcetype/>
|
|
// <D:displayname/>
|
|
// <A:calendar-color/>
|
|
// </D:prop>
|
|
// </D:propfind>
|
|
|
|
|
|
// <D:propfind xmlns:D='DAV:' xmlns:A='http://apple.com/ns/ical/' xmlns:C='urn:ietf:params:xml:ns:caldav'>
|
|
// <D:prop>
|
|
// <D:resourcetype/>
|
|
// <D:owner/>
|
|
// <D:displayname/>
|
|
// <D:current-user-principal/>
|
|
// <D:current-user-privilege-set/>
|
|
// <A:calendar-color/>
|
|
// <C:calendar-home-set/>
|
|
// </D:prop>
|
|
// </D:propfind>
|
|
|
|
// <D:propfind xmlns:D='DAV:' xmlns:C='urn:ietf:params:xml:ns:caldav' xmlns:CS='http://calendarserver.org/ns/'>
|
|
// <D:prop>
|
|
// <D:resourcetype/>
|
|
// <D:owner/>
|
|
// <D:current-user-principal/>
|
|
// <D:current-user-privilege-set/>
|
|
// <D:supported-report-set/>
|
|
// <C:supported-calendar-component-set/>
|
|
// <CS:getctag/>
|
|
// </D:prop>
|
|
// </D:propfind>
|
|
|
|
// <C:calendar-multiget xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
|
|
// <D:prop>
|
|
// <D:getetag/>
|
|
// <C:calendar-data/>
|
|
// </D:prop>
|
|
// <D:href>/alice/calendar/personal/something.ics</D:href>
|
|
// </C:calendar-multiget>
|