k2v-client: Add support for native TLS library #560
5 changed files with 121 additions and 10 deletions
97
Cargo.lock
generated
97
Cargo.lock
generated
|
@ -292,6 +292,7 @@ dependencies = [
|
|||
"http-body",
|
||||
"hyper",
|
||||
"hyper-rustls 0.22.1",
|
||||
"hyper-tls",
|
||||
"lazy_static",
|
||||
"pin-project-lite",
|
||||
"tokio",
|
||||
|
@ -956,6 +957,21 @@ version = "1.0.7"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
|
||||
|
||||
[[package]]
|
||||
name = "foreign-types"
|
||||
version = "0.3.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
|
||||
dependencies = [
|
||||
"foreign-types-shared",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "foreign-types-shared"
|
||||
version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
|
||||
|
||||
[[package]]
|
||||
name = "form_urlencoded"
|
||||
version = "1.1.0"
|
||||
|
@ -1661,6 +1677,19 @@ dependencies = [
|
|||
"tokio-io-timeout",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "hyper-tls"
|
||||
version = "0.5.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905"
|
||||
dependencies = [
|
||||
"bytes",
|
||||
"hyper",
|
||||
"native-tls",
|
||||
"tokio",
|
||||
"tokio-native-tls",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "iana-time-zone"
|
||||
version = "0.1.53"
|
||||
|
@ -1836,6 +1865,7 @@ dependencies = [
|
|||
"garage_util",
|
||||
"http",
|
||||
"hyper-rustls 0.23.2",
|
||||
"hyper-tls",
|
||||
"log",
|
||||
"rusoto_core",
|
||||
"rusoto_credential",
|
||||
|
@ -2187,6 +2217,24 @@ version = "0.8.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a"
|
||||
|
||||
[[package]]
|
||||
name = "native-tls"
|
||||
version = "0.2.11"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "07226173c32f2926027b63cce4bcd8076c3552846cbe7925f3aaffeac0a3b92e"
|
||||
dependencies = [
|
||||
"lazy_static",
|
||||
"libc",
|
||||
"log",
|
||||
"openssl",
|
||||
"openssl-probe",
|
||||
"openssl-sys",
|
||||
"schannel",
|
||||
"security-framework",
|
||||
"security-framework-sys",
|
||||
"tempfile",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "netapp"
|
||||
version = "0.5.2"
|
||||
|
@ -2357,12 +2405,50 @@ version = "0.3.0"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
|
||||
|
||||
[[package]]
|
||||
name = "openssl"
|
||||
version = "0.10.52"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "01b8574602df80f7b85fdfc5392fa884a4e3b3f4f35402c070ab34c3d3f78d56"
|
||||
dependencies = [
|
||||
"bitflags",
|
||||
"cfg-if",
|
||||
"foreign-types",
|
||||
"libc",
|
||||
"once_cell",
|
||||
"openssl-macros",
|
||||
"openssl-sys",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "openssl-macros"
|
||||
version = "0.1.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "openssl-probe"
|
||||
version = "0.1.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
|
||||
|
||||
[[package]]
|
||||
name = "openssl-sys"
|
||||
version = "0.9.87"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8e17f59264b2809d77ae94f0e1ebabc434773f370d6ca667bd223ea10e06cc7e"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"libc",
|
||||
"pkg-config",
|
||||
"vcpkg",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "opentelemetry"
|
||||
version = "0.17.0"
|
||||
|
@ -2971,6 +3057,7 @@ dependencies = [
|
|||
"http",
|
||||
"hyper",
|
||||
"hyper-rustls 0.23.2",
|
||||
"hyper-tls",
|
||||
"lazy_static",
|
||||
"log",
|
||||
"rusoto_credential",
|
||||
|
@ -3739,6 +3826,16 @@ dependencies = [
|
|||
"syn",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tokio-native-tls"
|
||||
version = "0.3.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
|
||||
dependencies = [
|
||||
"native-tls",
|
||||
"tokio",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tokio-rustls"
|
||||
version = "0.22.0"
|
||||
|
|
|
@ -37,19 +37,19 @@ api_bind_addr = "<ip>:<port>"
|
|||
Please select a port number that is not already in use by another API
|
||||
endpoint (S3 api, admin API) or by the RPC server.
|
||||
|
||||
We provide an early-stage K2V client library for Rust which can be imported by adding the following to your `Cargo.toml` file:
|
||||
We provide an early-stage K2V client library for Rust which can be imported by adding the following to your `Cargo.toml` file (enable either `tls-native` or `tls-rustls`):
|
||||
|
||||
```toml
|
||||
k2v-client = { git = "https://git.deuxfleurs.fr/Deuxfleurs/garage.git" }
|
||||
k2v-client = { git = "https://git.deuxfleurs.fr/Deuxfleurs/garage.git", features = ["tls-rustls"] }
|
||||
```
|
||||
|
||||
There is also a simple CLI utility which can be built from source in the
|
||||
following way:
|
||||
following way (enable either `tls-native` or `tls-rustls`):
|
||||
|
||||
```sh
|
||||
git clone https://git.deuxfleurs.fr/Deuxfleurs/garage.git
|
||||
cd garage/src/k2v-client
|
||||
cargo build --features cli --bin k2v-cli
|
||||
cargo build --features cli,tls-rustls --bin k2v-cli
|
||||
```
|
||||
|
||||
The CLI utility is self-documented, run `k2v-cli --help` to learn how to use
|
||||
|
|
|
@ -59,7 +59,7 @@ opentelemetry-otlp = { version = "0.10", optional = true }
|
|||
prometheus = { version = "0.13", optional = true }
|
||||
|
||||
[dev-dependencies]
|
||||
aws-sdk-s3 = "0.19"
|
||||
aws-sdk-s3 = { version = "0.19", default-features = false, features = ["rt-tokio"] }
|
||||
chrono = "0.4"
|
||||
http = "0.2"
|
||||
hmac = "0.12"
|
||||
|
@ -95,6 +95,6 @@ telemetry-otlp = [ "opentelemetry-otlp" ]
|
|||
# exactly one of them should be enabled.
|
||||
|
||||
# Use bundled libsqlite instead of linking against system-provided.
|
||||
bundled-libs = [ "garage_db/bundled-libs" ]
|
||||
# Link against system-provided libsodium and libzstd.
|
||||
system-libs = [ "garage_block/system-libs", "garage_rpc/system-libs", "sodiumoxide/use-pkg-config" ]
|
||||
bundled-libs = [ "garage_db/bundled-libs", "aws-sdk-s3/rustls" ]
|
||||
# Link against system-provided libsodium, libzstd and TLS library.
|
||||
system-libs = [ "garage_block/system-libs", "garage_rpc/system-libs", "sodiumoxide/use-pkg-config", "aws-sdk-s3/native-tls" ]
|
||||
|
|
|
@ -12,10 +12,11 @@ readme = "../../README.md"
|
|||
base64 = "0.21"
|
||||
http = "0.2"
|
||||
log = "0.4"
|
||||
rusoto_core = { version = "0.48.0", default-features = false, features = ["rustls"] }
|
||||
rusoto_core = { version = "0.48.0", default-features = false }
|
||||
rusoto_credential = "0.48.0"
|
||||
rusoto_signature = "0.48.0"
|
||||
hyper-rustls = { version = "0.23", default-features = false, features = [ "http1", "http2", "tls12" ] }
|
||||
hyper-rustls = { version = "0.23", default-features = false, features = [ "http1", "http2", "tls12" ], optional = true }
|
||||
hyper-tls = { version = "0.5.0", optional = true }
|
||||
serde = "1.0"
|
||||
serde_json = "1.0"
|
||||
thiserror = "1.0"
|
||||
|
@ -28,6 +29,9 @@ garage_util = { version = "0.8.2", path = "../util", optional = true }
|
|||
|
||||
[features]
|
||||
cli = ["clap", "tokio/fs", "tokio/io-std", "garage_util"]
|
||||
# tls-native and tls-rustls are mutually exclusive.
|
||||
tls-native = ["rusoto_core/native-tls", "hyper-tls"]
|
||||
tls-rustls = ["rusoto_core/rustls", "hyper-rustls"]
|
||||
|
||||
[lib]
|
||||
path = "lib.rs"
|
||||
|
|
|
@ -19,6 +19,12 @@ mod error;
|
|||
|
||||
pub use error::Error;
|
||||
|
||||
#[cfg(all(feature = "tls-native", feature = "tls-rustls"))]
|
||||
compile_error!("Features \"tls-native\" and \"tls-rustls\" are mutually exclusive.");
|
||||
|
||||
#[cfg(not(any(feature = "tls-native", feature = "tls-rustls")))]
|
||||
compile_error!("Either feature \"tls-native\" or \"tls-rustls\" must be enabled for this crate.");
|
||||
|
||||
const DEFAULT_TIMEOUT: Duration = Duration::from_secs(5);
|
||||
const DEFAULT_POLL_TIMEOUT: Duration = Duration::from_secs(300);
|
||||
const SERVICE: &str = "k2v";
|
||||
|
@ -40,12 +46,16 @@ impl K2vClient {
|
|||
creds: AwsCredentials,
|
||||
user_agent: Option<String>,
|
||||
) -> Result<Self, Error> {
|
||||
#[cfg(feature = "tls-rustls")]
|
||||
let connector = hyper_rustls::HttpsConnectorBuilder::new()
|
||||
.with_native_roots()
|
||||
.https_or_http()
|
||||
.enable_http1()
|
||||
.enable_http2()
|
||||
.build();
|
||||
#[cfg(feature = "tls-native")]
|
||||
let connector = hyper_tls::HttpsConnector::new();
|
||||
|
||||
let mut client = HttpClient::from_connector(connector);
|
||||
if let Some(ua) = user_agent {
|
||||
client.local_agent_prepend(ua);
|
||||
|
|
Loading…
Reference in a new issue