diff options
| author | Sven-Hendrik Haase <svenstaro@gmail.com> | 2021-08-27 16:23:14 +0000 |
|---|---|---|
| committer | Sven-Hendrik Haase <svenstaro@gmail.com> | 2021-08-27 16:23:14 +0000 |
| commit | c79bcaae0433d4f13901540221af4e1830e1d44f (patch) | |
| tree | 4379c0c5e161b40830c3ee3571d4f5f48b307d26 | |
| parent | (cargo-release) start next development iteration 0.15.1-alpha.0 (diff) | |
| download | miniserve-c79bcaae0433d4f13901540221af4e1830e1d44f.tar.gz miniserve-c79bcaae0433d4f13901540221af4e1830e1d44f.zip | |
Conditionally enable TLS only on supported platforms
| -rw-r--r-- | Cargo.toml | 10 | ||||
| -rw-r--r-- | README.md | 1 | ||||
| -rw-r--r-- | src/args.rs | 12 | ||||
| -rw-r--r-- | src/config.rs | 36 | ||||
| -rw-r--r-- | src/main.rs | 18 |
5 files changed, 76 insertions, 1 deletions
@@ -9,6 +9,7 @@ readme = "README.md" keywords = ["serve", "http-server", "static-files", "http", "server"] categories = ["command-line-utilities", "network-programming", "web-programming::http-server"] edition = "2018" +resolver = "2" [profile.release] lto = true @@ -17,7 +18,7 @@ codegen-units = 1 panic = 'abort' [dependencies] -actix-web = { version = "3", features = ["rustls"] } +actix-web = "3" actix-files = "0.5" actix-multipart = "0.3" actix-web-httpauth = "0.5" @@ -50,7 +51,14 @@ httparse = "1" http = "0.2" bytes = "1" atty = "0.2" + +# Use rustls only on architecturs supported by ring. +# See also https://github.com/briansmith/ring/issues/1182 +# and https://github.com/briansmith/ring/issues/562 +# and https://github.com/briansmith/ring/issues/1367 +[target.'cfg(any(target_arch = "x86", target_arch = "x86_64", target_arch = "aarch64", target_arch = "arm"))'.dependencies] rustls = "0.18" +actix-web = { version = "3", features = ["rustls"] } [dev-dependencies] assert_cmd = "2" @@ -75,6 +75,7 @@ Sometimes this is just a more practical and quick way than doing things properly - Scan QR code for quick access - Shell completions - Sane and secure defaults +- TLS (for supported architectures) ## Usage diff --git a/src/args.rs b/src/args.rs index c2b2bf2..b6bb092 100644 --- a/src/args.rs +++ b/src/args.rs @@ -135,10 +135,22 @@ pub struct CliArgs { pub print_completions: Option<structopt::clap::Shell>, /// TLS certificate to use + #[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + ))] #[structopt(long = "tls-cert", requires = "tls-key")] pub tls_cert: Option<PathBuf>, /// TLS private key to use + #[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + ))] #[structopt(long = "tls-key", requires = "tls-cert")] pub tls_key: Option<PathBuf>, } diff --git a/src/config.rs b/src/config.rs index 6eeafef..66cd81a 100644 --- a/src/config.rs +++ b/src/config.rs @@ -7,6 +7,13 @@ use std::{ use anyhow::{anyhow, Context, Result}; use http::HeaderMap; + +#[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" +))] use rustls::internal::pemfile::{certs, pkcs8_private_keys}; use crate::{args::CliArgs, auth::RequiredAuth}; @@ -95,7 +102,21 @@ pub struct MiniserveConfig { pub hide_version_footer: bool, /// If set, use provided rustls config for TLS + #[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + ))] pub tls_rustls_config: Option<rustls::ServerConfig>, + + #[cfg(not(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + )))] + pub tls_rustls_config: Option<()>, } impl MiniserveConfig { @@ -131,6 +152,12 @@ impl MiniserveConfig { _ => args.port, }; + #[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + ))] let tls_rustls_server_config = if let (Some(tls_cert), Some(tls_key)) = (args.tls_cert, args.tls_key) { @@ -150,6 +177,15 @@ impl MiniserveConfig { } else { None }; + + #[cfg(not(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + )))] + let tls_rustls_server_config = None; + Ok(MiniserveConfig { verbose: args.verbose, path: args.path.unwrap_or_else(|| PathBuf::from(".")), diff --git a/src/main.rs b/src/main.rs index 1432a1a..9b3d732 100644 --- a/src/main.rs +++ b/src/main.rs @@ -227,6 +227,12 @@ async fn run(miniserve_config: MiniserveConfig) -> Result<(), ContextualError> { .default_service(web::get().to(error_404)) }); + #[cfg(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + ))] let srv = if let Some(tls_config) = miniserve_config.tls_rustls_config { srv.bind_rustls(socket_addresses.as_slice(), tls_config) .map_err(|e| ContextualError::IoError("Failed to bind server".to_string(), e))? @@ -239,6 +245,18 @@ async fn run(miniserve_config: MiniserveConfig) -> Result<(), ContextualError> { .run() }; + #[cfg(not(any( + target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64", + target_arch = "arm" + )))] + let srv = srv + .bind(socket_addresses.as_slice()) + .map_err(|e| ContextualError::IoError("Failed to bind server".to_string(), e))? + .shutdown_timeout(0) + .run(); + println!( "Serving path {path} at {addresses}", path = Color::Yellow.paint(path_string).bold(), |