Skip to content

Commit 1afe234

Browse files
josecelanojosecelano
committed
feat: [#426] disable TimeoutAccceptor when TSL is enabled
TSL does work with the TimeoutAccetor. How to enabled TSL for development with: ``` [net] port = 3001 [net.tsl] ssl_cert_path = "./storage/index/lib/tls/localhost.crt" ssl_key_path = "./storage/index/lib/tls/localhost.key" ``` You can fin the certificates in `./share/tsl`. This means there is no timeout for the first client request when you use TSL. The way to test tiemouts is: 1. Open a connection using telnet: `telnet 127.0.0.1 3001` 2. Wait 5 seconds. The connection should be closed after 5 seconds. That's what the TimeoutAcceptor does. Without the TimeoutAcceptor the connection will remain open until the client closes it.
1 parent 284d235 commit 1afe234

File tree

4 files changed

+51
-1
lines changed

4 files changed

+51
-1
lines changed

share/default/config/index.development.sqlite3.toml

+1
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ url = "udp://localhost:6969"
1313
[net]
1414
port = 3001
1515

16+
# Uncomment if you want to enable TSL for development
1617
#[net.tsl]
1718
#ssl_cert_path = "./storage/index/lib/tls/localhost.crt"
1819
#ssl_key_path = "./storage/index/lib/tls/localhost.key"

share/tls/localhost.crt

+19
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDDzCCAfegAwIBAgIUQVYeAGfczJZDxiP/55P1V+hxLjgwDQYJKoZIhvcNAQEL
3+
BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI0MDUxNTE2MTUxNloXDTI0MDYx
4+
NDE2MTUxNlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
5+
AAOCAQ8AMIIBCgKCAQEAsiVY2ny8JkTXvM1FSEp47UUNZcRCpQ3/JR1KYscK4yFk
6+
t+2Fntqn7oYPFo17BU0fHZfJ/4ZFwgSCO2p41+plyAWjp9yjwA1Rgqs1eSvGceQG
7+
cWZA8nIiehTdimOqV9gSr2lUpFUPvZhvfkoKUPH8kgnSsK6Vh5AHhOtMHJrTfSHi
8+
SMyZlBMNm8XcHPI4Yc56rX56j0edQ+etmW+yF/sHxp4VuYLRg8Gy9LSBLhVYP2jb
9+
3lHjraSpC6P1OQZPg+yDIJ67LPF3Io0POQQOqahHqKNXprakWNZzGKHklx5wSycW
10+
LBBbwceEGFfoAap88czkh5RPVGkzaG9qI5nGjwT+iQIDAQABo1kwVzAUBgNVHREE
11+
DTALgglsb2NhbGhvc3QwCwYDVR0PBAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
12+
MB0GA1UdDgQWBBTNfmPhC1eBckwBVRUKFZXV94I4SDANBgkqhkiG9w0BAQsFAAOC
13+
AQEADY9Z/RPdex3uSdo8gbEKkxzLFTE/DKiOk4ynpIjEmAm3PQ5JGX1bkXQU29WB
14+
YFStue7OemFT1wCadv8xO4Y1WZdEDRAu1kAR+X30aL4hk03nOH3BOIlp972/yCjF
15+
biAqUNJ1VbQkJHjBMFl/9pdsvrO1nz8ObgJrgyszCh+UXDk+mySEeJqiGYCCoZ3x
16+
aQYnAO7+JVUgdXBmWd9BjNQAui8AwN+K5JelDecbwwh5Evykoa9Ey7W8yW23wuoK
17+
MoVnti84JiF9eK/bQSRxdP9N8bECsHUSHWMOoA7+axOq1Q1L8oe67NCiBo//s28T
18+
ZmJAlAeGXy1QqVTIslM8J+ceNQ==
19+
-----END CERTIFICATE-----

share/tls/localhost.key

+28
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyJVjafLwmRNe8
3+
zUVISnjtRQ1lxEKlDf8lHUpixwrjIWS37YWe2qfuhg8WjXsFTR8dl8n/hkXCBII7
4+
anjX6mXIBaOn3KPADVGCqzV5K8Zx5AZxZkDyciJ6FN2KY6pX2BKvaVSkVQ+9mG9+
5+
SgpQ8fySCdKwrpWHkAeE60wcmtN9IeJIzJmUEw2bxdwc8jhhznqtfnqPR51D562Z
6+
b7IX+wfGnhW5gtGDwbL0tIEuFVg/aNveUeOtpKkLo/U5Bk+D7IMgnrss8XcijQ85
7+
BA6pqEeoo1emtqRY1nMYoeSXHnBLJxYsEFvBx4QYV+gBqnzxzOSHlE9UaTNob2oj
8+
mcaPBP6JAgMBAAECggEAAPMoUB+ga3mHoqgSGaO3cMWQn91s4Php2UbPj5RorQXr
9+
IPx+71GbtVNLX5X7PjjZneg0a8yk57cQJ0TyWJIVXyET/ylptz3a7/lrbrY/Cgz8
10+
6GC8DQ7gceWelVhP1jLscgJpefpCIKfN+86uZa+EnYPdCSXXb/lQVYVhXRSJrdll
11+
1LJuNAvW88c1zXKWJ+L05H3Q+O98F/6PpEcwln0mX9Qp7QyBNjeP1B1eQc8+S6CD
12+
hgRifcY7KKdecDWh1i8haNqRUtXL7XAksesHJbxtIwaeu+8AXSQunpT2JOYFlzpy
13+
yllEDcT2s+JutBqclINWggBEn1eHtksQKNLWrTVaiQKBgQDFdp8BwWRIYji9mAx5
14+
te4dwOTj+POSm6DCi9wXssNsKdaGXFhNw3Wla2AvWZ5P/t1Z+zrvqag8sAjEl+nI
15+
7WHra3voOojDdZ1Kf6QhMQ/ZD1vm0mFa32tsRIUZ5vYP5qyXsgPEb2OE0QnKGCAM
16+
DD1X96C/CEecunQyioAOaJ+AmwKBgQDm9LvmY0rSEGe/oiBvnrYjIyHUn59FcIlU
17+
kGvTW1ynPtGT6vrOyZGDnw8uOEI00/E7YB8psdJLQ8aOgT4xUc2p7haNri/V794W
18+
hhWs2+qvDWvURSRMF0PZeV1b2bDqDB3AP2XiwaHR3MQpc1t4chNNNB5vuD0TJVrB
19+
NIXi0S41qwKBgQCR3l/17wQCyLQ7sn+8xV2ikyVDF1vveJHYRXMP+pmMZJe556u/
20+
vl1BFsIWGHDvjUm9N+7Arqa+Nhg0CjjEmj+UpnEBC4SOR2srZoE7l7+qTENKjy0l
21+
8RetAi0FBm3NL01ePj20Ncjhi35c0VeTLtN+EUqo9Bfauo4t68xPWJBDcwKBgENk
22+
3v/XsZmi1+N/t99afOO7+L9G5P8qW6iljBFc86iKGDYFt7Jn92JlI9Tk7czkm9wr
23+
rGxKS4dS+7nR1QgnStBvfX1Sevr+x9vivKh4c/8o93I1yuW5VD89vxRybcGeT4At
24+
/9kvj7zhowxFcUewYhmBP/Bx3sCbgeQnI3qQd9+JAoGAFgzLLXw5fdwjz1oz9Cwz
25+
WetpWujjMImgsD7b/7XmKeKCG82uorsaFI5rBb4eJdgJHoqaNAEkFuNdhRcuqVh1
26+
uZG02rb8HICnhPV/4wgyhf6pZEWrpmF9q4aqoH67hfrRMuVUD250px3y2Ozs77JJ
27+
c7S9s1qUr+vPk7+ywFh5xRk=
28+
-----END PRIVATE KEY-----

src/web/api/server/mod.rs

+3-1
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,9 @@ async fn start_server(
9999
match tls {
100100
Some(tls) => custom_axum::from_tcp_rustls_with_timeouts(socket, tls)
101101
.handle(handle)
102-
.acceptor(TimeoutAcceptor)
102+
// The TimeoutAcceptor is commented because TSL does not work with it.
103+
// See: https://github.com/torrust/torrust-index/issues/204
104+
//.acceptor(TimeoutAcceptor)
103105
.serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
104106
.await
105107
.expect("API server should be running"),

0 commit comments

Comments
 (0)