HttpAcceptor::accept()'s HTTPS logic passes IO errors from the underlying
SSL stream directly to the caller. Furthermore, the caller uses the
EndOfFile error code to detect that the server should stop accepting
connections. This means that if the TCP connection was succesfully
accepted, but an EOF condition was detected during the handshake, the
server will stop accepting connections and quit. This allows for a
trivial denial of service attack and can happen accidentally as well.
Change HttpAcceptor::accept such that if the TCP stream underlying
the SSL stream returns an IoError error, a ConnectionAborted IoError
is returned instead. This allows distinguishing between IoErrors from
the acceptor and the stream. The original error reason is stored in the
detail field.
Implements the missing enum cases in Http* and adds a new
method to the default Server implementation to take advantage
of the new TLS support
Closes#1
- Some stray deriving -> derive changes
- use::{mod} -> use::{self}
- fmt.write -> fmt.write_str
This does not catch the last case of fmt.write_str in the
Show impl of a Header Item. This will need to be changed
separately.
- Includes ergonomic traits like IntoUrl and IntoBody, allowing easy
usage.
- Client can have a RedirectPolicy.
- Client can have a SslVerifier.
Updated benchmarks for client. (Disabled rust-http client bench since it
hangs.)
Instead, you can use an instance of a NetworkConnector with
`Request::with_connector`. This allows overloading of the NetworkStream
constructors, so that it is easy to modify how an `HttpStream` is
created, while still relying on the rest of the stream implementation.
BREAKING CHANGE
Internals have been shuffled around such that Request and Reponse are
now given only a mutable reference to the stream, instead of being
allowed to consume it. This allows the server to re-use the streams if
keep-alive is true.
A task pool is used, and the number of the threads can currently be
adjusted by using the `listen_threads()` method on Server.
[breaking-change]
Also adds an EmptyWriter, used for GET and HEAD requests,
which will return an io::ShortWrite error if the user ever tries
to write to a GET or HEAD request.
Closes#77
Server and client benchmarks show that this makes very little difference
in performance and using dynamic dispatch here is significantly more ergonomic.
This also bounds NetworkStream with Send to prevent incorrect implementations.
Allows the implementation of mock streams for testing and flexibility.
Fixes#5
This introduces a new Trait, NetworkStream, which abstracts over
the functionality provided by TcpStream so that it can be easily
mocked and extended in testing and hyper can be used for
other connection sources.
