Merge pull request #218 from wiomoc/master

Adding native_tls support

Author: housleyjk

Cargo.toml

@@ -39,6 +39,10 @@ version = "1.0.18"
 optional = true
 version = "0.9"
 
+[dependencies.native-tls]
+optional = true
+version = "0.1.5"
+
 [dev-dependencies]
 clap = "2.31.2"
 env_logger = "0.5.6"
@@ -52,3 +56,4 @@ permessage-deflate = [
     "libc",
 ]
 ssl = ["openssl"]
+nativetls = ["native-tls"]

src/connection.rs

@@ -12,6 +12,8 @@ use url;
 
 #[cfg(feature = "ssl")]
 use openssl::ssl::HandshakeError;
+#[cfg(feature = "nativetls")]
+use native_tls::HandshakeError;
 
 use frame::Frame;
 use handler::Handler;
@@ -146,7 +148,7 @@ where
         }
     }
 
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     pub fn encrypt(&mut self) -> Result<()> {
         let sock = self.socket().try_clone()?;
         let ssl_stream = match self.endpoint {
@@ -159,6 +161,7 @@ where
                 self.socket = Stream::tls_live(stream);
                 Ok(())
             }
+            #[cfg(feature = "ssl")]
             Err(Error {
                 kind: Kind::SslHandshake(handshake_err),
                 details,
@@ -171,6 +174,19 @@ where
                     Ok(())
                 }
             },
+            #[cfg(feature = "nativetls")]
+            Err(Error {
+                kind: Kind::SslHandshake(handshake_err),
+                details,
+            }) => match handshake_err {
+                HandshakeError::Failure(_) => {
+                    Err(Error::new(Kind::SslHandshake(handshake_err), details))
+                }
+                HandshakeError::Interrupted(mid) => {
+                    self.socket = Stream::tls(mid);
+                    Ok(())
+                }
+            },
             Err(e) => Err(e),
         }
     }
@@ -196,7 +212,7 @@ where
     }
 
     // Resetting may be necessary in order to try all possible addresses for a server
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     pub fn reset(&mut self) -> Result<()> {
         // if self.is_client() {
         if let Client(ref url) = self.endpoint {
@@ -215,6 +231,7 @@ where
                                 self.socket = Stream::tls_live(stream);
                                 Ok(())
                             }
+                            #[cfg(feature = "ssl")]
                             Err(Error {
                                 kind: Kind::SslHandshake(handshake_err),
                                 details,
@@ -227,6 +244,19 @@ where
                                     Ok(())
                                 }
                             },
+                            #[cfg(feature = "nativetls")]
+                            Err(Error {
+                                kind: Kind::SslHandshake(handshake_err),
+                                details,
+                            }) => match handshake_err {
+                                HandshakeError::Failure(_) => {
+                                    Err(Error::new(Kind::SslHandshake(handshake_err), details))
+                                }
+                                HandshakeError::Interrupted(mid) => {
+                                    self.socket = Stream::tls(mid);
+                                    Ok(())
+                                }
+                            },
                             Err(e) => Err(e),
                         }
                     } else {
@@ -253,7 +283,7 @@ where
         }
     }
 
-    #[cfg(not(feature = "ssl"))]
+    #[cfg(not(any(feature = "ssl", feature = "nativetls")))]
     pub fn reset(&mut self) -> Result<()> {
         if self.is_client() {
             if let Connecting(ref mut req, ref mut res) = self.state {

src/deflate/extension.rs

@@ -2,6 +2,8 @@ use std::mem::replace;
 
 #[cfg(feature = "ssl")]
 use openssl::ssl::SslStream;
+#[cfg(feature = "nativetls")]
+use native_tls::TlsStream as SslStream;
 use url;
 
 use frame::Frame;
@@ -10,7 +12,7 @@ use handshake::{Handshake, Request, Response};
 use message::Message;
 use protocol::{CloseCode, OpCode};
 use result::{Error, Kind, Result};
-#[cfg(feature = "ssl")]
+#[cfg(any(feature = "ssl", feature = "nativetls"))]
 use util::TcpStream;
 use util::{Timeout, Token};
 
@@ -546,7 +548,7 @@ impl<H: Handler> Handler for DeflateHandler<H> {
     }
 
     #[inline]
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     fn upgrade_ssl_client(
         &mut self,
         stream: TcpStream,
@@ -556,7 +558,7 @@ impl<H: Handler> Handler for DeflateHandler<H> {
     }
 
     #[inline]
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     fn upgrade_ssl_server(&mut self, stream: TcpStream) -> Result<SslStream<TcpStream>> {
         self.inner.upgrade_ssl_server(stream)
     }

src/handler.rs

@@ -1,6 +1,8 @@
 use log::Level::Error as ErrorLevel;
 #[cfg(feature = "ssl")]
 use openssl::ssl::{SslConnectorBuilder, SslMethod, SslStream};
+#[cfg(feature = "nativetls")]
+use native_tls::{TlsConnector, TlsStream as SslStream};
 use url;
 
 use frame::Frame;
@@ -10,7 +12,7 @@ use protocol::CloseCode;
 use result::{Error, Kind, Result};
 use util::{Timeout, Token};
 
-#[cfg(feature = "ssl")]
+#[cfg(any(feature = "ssl", feature = "nativetls"))]
 use util::TcpStream;
 
 /// The core trait of this library.
@@ -304,12 +306,32 @@ pub trait Handler {
         connector.connect(domain, stream).map_err(Error::from)
     }
 
+    #[inline]
+    #[cfg(feature = "nativetls")]
+    fn upgrade_ssl_client(
+        &mut self,
+        stream: TcpStream,
+        url: &url::Url,
+    ) -> Result<SslStream<TcpStream>> {
+        let domain = url.domain().ok_or(Error::new(
+            Kind::Protocol,
+            format!("Unable to parse domain from {}. Needed for SSL.", url),
+        ))?;
+        let connector = TlsConnector::builder().and_then(|builder| builder.build())
+            .map_err(|e| {
+                Error::new(
+                    Kind::Internal,
+                    format!("Failed to upgrade client to SSL: {}", e),
+                )
+            })?;
+        connector.connect(domain, stream).map_err(Error::from)
+    }
     /// A method for wrapping a server TcpStream with Ssl Authentication machinery
     ///
     /// Override this method to customize how the connection is encrypted. By default
     /// this method is not implemented.
     #[inline]
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     fn upgrade_ssl_server(&mut self, _: TcpStream) -> Result<SslStream<TcpStream>> {
         unimplemented!()
     }

src/io.rs

@@ -13,6 +13,8 @@ use url::Url;
 
 #[cfg(feature = "ssl")]
 use openssl::ssl::Error as SslError;
+#[cfg(feature = "native_tls")]
+use native_tls::Error as SslError;
 
 use super::Settings;
 use communication::{Command, Sender, Signal};
@@ -142,7 +144,7 @@ where
         }
     }
 
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     pub fn connect(&mut self, poll: &mut Poll, url: Url) -> Result<()> {
         let settings = self.settings;
 
@@ -211,6 +213,7 @@ where
         if will_encrypt {
             while let Err(ssl_error) = self.connections[tok.into()].encrypt() {
                 match ssl_error.kind {
+                    #[cfg(feature = "ssl")]
                     Kind::Ssl(SslError::Stream(ref io_error)) => {
                         if let Some(errno) = io_error.raw_os_error() {
                             if errno == CONNECTION_REFUSED {
@@ -225,6 +228,17 @@ where
                             }
                         }
                     }
+                    #[cfg(feature = "nativetls")]
+                    Kind::Ssl(_) => {
+                        if let Err(reset_error) = self.connections[tok.into()].reset() {
+                            trace!(
+                                "Encountered error while trying to reset connection: {:?}",
+                                reset_error
+                            );
+                        } else {
+                            continue;
+                        }
+                    }
                     _ => (),
                 }
                 self.connections[tok.into()].error(ssl_error);
@@ -250,7 +264,7 @@ where
             })
     }
 
-    #[cfg(not(feature = "ssl"))]
+    #[cfg(not(any(feature = "ssl", feature = "nativetls")))]
     pub fn connect(&mut self, poll: &mut Poll, url: Url) -> Result<()> {
         let settings = self.settings;
 
@@ -340,7 +354,7 @@ where
             })
     }
 
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     pub fn accept(&mut self, poll: &mut Poll, sock: TcpStream) -> Result<()> {
         let factory = &mut self.factory;
         let settings = self.settings;
@@ -396,7 +410,7 @@ where
             })
     }
 
-    #[cfg(not(feature = "ssl"))]
+    #[cfg(not(any(feature = "ssl", feature = "nativetls")))]
     pub fn accept(&mut self, poll: &mut Poll, sock: TcpStream) -> Result<()> {
         let factory = &mut self.factory;
         let settings = self.settings;

src/lib.rs

@@ -10,6 +10,8 @@ extern crate mio;
 extern crate mio_extras;
 #[cfg(feature = "ssl")]
 extern crate openssl;
+#[cfg(feature = "nativetls")]
+extern crate native_tls;
 extern crate rand;
 extern crate sha1;
 extern crate slab;

src/result.rs

@@ -10,7 +10,9 @@ use httparse;
 use mio;
 #[cfg(feature = "ssl")]
 use openssl::ssl::{Error as SslError, HandshakeError as SslHandshakeError};
-#[cfg(feature = "ssl")]
+#[cfg(feature = "nativetls")]
+use native_tls::{Error as SslError, HandshakeError as SslHandshakeError};
+#[cfg(any(feature = "ssl", feature = "nativetls"))]
 type HandshakeError = SslHandshakeError<mio::tcp::TcpStream>;
 
 use communication::Command;
@@ -51,10 +53,10 @@ pub enum Kind {
     /// the queue may relieve the situation.
     Queue(mio::channel::SendError<Command>),
     /// Indicates a failure to perform SSL encryption.
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     Ssl(SslError),
     /// Indicates a failure to perform SSL encryption.
-    #[cfg(feature = "ssl")]
+    #[cfg(any(feature = "ssl", feature = "nativetls"))]
     SslHandshake(HandshakeError),
     /// A custom error kind for use by applications. This error kind involves extra overhead
     /// because it will allocate the memory on the heap. The WebSocket ignores such errors by
@@ -116,9 +118,9 @@ impl StdError for Error {
             Kind::Encoding(ref err) => err.description(),
             Kind::Io(ref err) => err.description(),
             Kind::Http(_) => "Unable to parse HTTP",
-            #[cfg(feature = "ssl")]
+            #[cfg(any(feature = "ssl", feature = "nativetls"))]
             Kind::Ssl(ref err) => err.description(),
-            #[cfg(feature = "ssl")]
+            #[cfg(any(feature = "ssl", feature = "nativetls"))]
             Kind::SslHandshake(ref err) => err.description(),
             Kind::Queue(_) => "Unable to send signal on event loop",
             Kind::Custom(ref err) => err.description(),
@@ -129,9 +131,9 @@ impl StdError for Error {
         match self.kind {
             Kind::Encoding(ref err) => Some(err),
             Kind::Io(ref err) => Some(err),
-            #[cfg(feature = "ssl")]
+            #[cfg(any(feature = "ssl", feature = "nativetls"))]
             Kind::Ssl(ref err) => Some(err),
-            #[cfg(feature = "ssl")]
+            #[cfg(any(feature = "ssl", feature = "nativetls"))]
             Kind::SslHandshake(ref err) => err.cause(),
             Kind::Custom(ref err) => Some(err.as_ref()),
             _ => None,
@@ -178,14 +180,14 @@ impl From<Utf8Error> for Error {
     }
 }
 
-#[cfg(feature = "ssl")]
+#[cfg(any(feature = "ssl", feature = "nativetls"))]
 impl From<SslError> for Error {
     fn from(err: SslError) -> Error {
         Error::new(Kind::Ssl(err), "")
     }
 }
 
-#[cfg(feature = "ssl")]
+#[cfg(any(feature = "ssl", feature = "nativetls"))]
 impl From<HandshakeError> for Error {
     fn from(err: HandshakeError) -> Error {
         Error::new(Kind::SslHandshake(err), "")