tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #229 from junkurihara/develop

Browse source 
0.9.6
This commit is contained in:
Jun Kurihara 2025-01-06 19:19:28 +09:00 committed by GitHub
commit 5fdbc2186e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 42 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

9
CHANGELOG.md
View file

@ -1,6 +1,13 @@
# CHANGELOG
## 0.9.6 or 0.10.0 (Unreleased)
## 0.9.7 or 0.10.0 (Unreleased)
## 0.9.6
### Improvement
- Feat: Change the default hashing algorithm for internal hashmaps and hashsets from FxHash to aHash. This change is to improve the security against HashDos attacks for colliding domain names and paths, and to improve the speed of hash operations for string keys (c.f., [the performance comparison](https://github.com/tkaitchuck/aHash/blob/master/compare/readme.md)).
- Deps and refactor
## 0.9.5

2
Cargo.toml
View file

@ -1,5 +1,5 @@
[workspace.package]
version = "0.9.5"
version = "0.9.6"
authors = ["Jun Kurihara"]
homepage = "https://github.com/junkurihara/rust-rpxy"
repository = "https://github.com/junkurihara/rust-rpxy"

10
rpxy-acme/Cargo.toml
View file

@ -15,12 +15,12 @@ post-quantum = ["rustls-post-quantum"]
[dependencies]
url = { version = "2.5.4" }
rustc-hash = "2.1.0"
thiserror = "2.0.6"
ahash = "0.8.11"
thiserror = "2.0.9"
tracing = "0.1.41"
async-trait = "0.1.83"
async-trait = "0.1.84"
base64 = "0.22.1"
aws-lc-rs = { version = "1.11.1", default-features = false, features = [
aws-lc-rs = { version = "1.12.0", default-features = false, features = [
"aws-lc-sys",
] }
blocking = "1.6.1"
@ -28,7 +28,7 @@ rustls = { version = "0.23.20", default-features = false, features = [
"std",
"aws_lc_rs",
] }
rustls-platform-verifier = { version = "0.4.0" }
rustls-platform-verifier = { version = "0.5.0" }
rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, features = [
"aws-lc-rs",
] }

2
rpxy-acme/src/manager.rs
View file

@ -4,7 +4,7 @@ use crate::{
error::RpxyAcmeError,
log::*,
};
use rustc_hash::FxHashMap as HashMap;
use ahash::HashMap;
use rustls::ServerConfig;
use rustls_acme::AcmeConfig;
use std::{path::PathBuf, sync::Arc};

8
rpxy-bin/Cargo.toml
View file

@ -30,9 +30,9 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [
] }
mimalloc = { version = "*", default-features = false }
anyhow = "1.0.94"
rustc-hash = "2.1.0"
serde = { version = "1.0.216", default-features = false, features = ["derive"] }
anyhow = "1.0.95"
ahash = "0.8.11"
serde = { version = "1.0.217", default-features = false, features = ["derive"] }
tokio = { version = "1.42.0", default-features = false, features = [
"net",
"rt-multi-thread",
@ -41,7 +41,7 @@ tokio = { version = "1.42.0", default-features = false, features = [
"macros",
] }
tokio-util = { version = "0.7.13", default-features = false }
async-trait = "0.1.83"
async-trait = "0.1.84"
futures-util = { version = "0.3.31", default-features = false }
# config

2
rpxy-bin/src/config/parse.rs
View file

@ -1,10 +1,10 @@
use super::toml::ConfigToml;
use crate::error::{anyhow, ensure};
use ahash::HashMap;
use clap::{Arg, ArgAction};
use hot_reload::{ReloaderReceiver, ReloaderService};
use rpxy_certs::{build_cert_reloader, CryptoFileSourceBuilder, CryptoReloader, ServerCryptoBase};
use rpxy_lib::{AppConfig, AppConfigList, ProxyConfig};
use rustc_hash::FxHashMap as HashMap;
#[cfg(feature = "acme")]
use rpxy_acme::{AcmeManager, ACME_DIR_URL, ACME_REGISTRY_PATH};

4
rpxy-bin/src/config/toml.rs
View file

@ -3,8 +3,8 @@ use crate::{
error::{anyhow, ensure},
log::warn,
};
use ahash::HashMap;
use rpxy_lib::{reexports::Uri, AppConfig, ProxyConfig, ReverseProxyConfig, TlsConfig, UpstreamUri};
use rustc_hash::FxHashMap as HashMap;
use serde::Deserialize;
use std::{fs, net::SocketAddr};
use tokio::time::Duration;
@ -232,7 +232,7 @@ impl ConfigToml {
// Check unused fields during deserialization
let t = toml::de::Deserializer::new(&config_str);
let mut unused = rustc_hash::FxHashSet::default();
let mut unused = ahash::HashSet::default();
let res = serde_ignored::deserialize(t, |path| {
unused.insert(path.to_string());

6
rpxy-certs/Cargo.toml
View file

@ -16,12 +16,12 @@ post-quantum = ["rustls-post-quantum"]
http3 = []
[dependencies]
rustc-hash = { version = "2.1.0" }
ahash = { version = "0.8.11" }
tracing = { version = "0.1.41" }
derive_builder = { version = "0.20.2" }
thiserror = { version = "2.0.6" }
thiserror = { version = "2.0.9" }
hot_reload = { version = "0.1.8" }
async-trait = { version = "0.1.83" }
async-trait = { version = "0.1.84" }
rustls = { version = "0.23.20", default-features = false, features = [
"std",
"aws_lc_rs",

2
rpxy-certs/src/certs.rs
View file

@ -1,5 +1,5 @@
use crate::error::*;
use rustc_hash::FxHashMap as HashMap;
use ahash::HashMap;
use rustls::{crypto::aws_lc_rs::sign::any_supported_type, pki_types, sign::CertifiedKey};
use std::sync::Arc;
use x509_parser::prelude::*;

2
rpxy-certs/src/lib.rs
View file

@ -10,8 +10,8 @@ mod log {
}
use crate::{error::*, log::*, reloader_service::DynCryptoSource};
use ahash::HashMap;
use hot_reload::{ReloaderReceiver, ReloaderService};
use rustc_hash::FxHashMap as HashMap;
use rustls::crypto::CryptoProvider;
use std::sync::Arc;

2
rpxy-certs/src/reloader_service.rs
View file

@ -4,9 +4,9 @@ use crate::{
log::*,
server_crypto::{ServerCryptoBase, ServerNameBytes},
};
use ahash::HashMap;
use async_trait::async_trait;
use hot_reload::{Reload, ReloaderError};
use rustc_hash::FxHashMap as HashMap;
use std::sync::Arc;
/* ------------------------------------------------ */

2
rpxy-certs/src/server_crypto.rs
View file

@ -1,5 +1,5 @@
use crate::{certs::SingleServerCertsKeys, error::*, log::*};
use rustc_hash::FxHashMap as HashMap;
use ahash::HashMap;
use rustls::{
crypto::CryptoProvider,
server::{ResolvesServerCertUsingSni, WebPkiClientVerifier},

12
rpxy-lib/Cargo.toml
View file

@ -37,7 +37,7 @@ post-quantum = [
[dependencies]
rand = "0.8.5"
rustc-hash = "2.1.0"
ahash = "0.8.11"
bytes = "1.9.0"
derive_builder = "0.20.2"
futures = { version = "0.3.31", features = ["alloc", "async-await"] }
@ -51,16 +51,16 @@ tokio = { version = "1.42.0", default-features = false, features = [
] }
tokio-util = { version = "0.7.13", default-features = false }
pin-project-lite = "0.2.15"
async-trait = "0.1.83"
async-trait = "0.1.84"
# Error handling
anyhow = "1.0.94"
thiserror = "2.0.6"
anyhow = "1.0.95"
thiserror = "2.0.9"
# http for both server and client
http = "1.2.0"
http-body-util = "0.1.2"
hyper = { version = "1.5.1", default-features = false }
hyper = { version = "1.5.2", default-features = false }
hyper-util = { version = "0.1.10", features = ["full"] }
futures-util = { version = "0.3.31", default-features = false }
futures-channel = { version = "0.3.31", default-features = false }
@ -70,7 +70,7 @@ hyper-tls = { version = "0.6.0", features = [
"alpn",
"vendored",
], optional = true }
hyper-rustls = { version = "0.27.3", default-features = false, features = [
hyper-rustls = { version = "0.27.5", default-features = false, features = [
"aws-lc-rs",
"http1",
"http2",

2
rpxy-lib/src/backend/backend_main.rs
View file

@ -4,8 +4,8 @@ use crate::{
name_exp::{ByteName, ServerName},
AppConfig, AppConfigList,
};
use ahash::HashMap;
use derive_builder::Builder;
use rustc_hash::FxHashMap as HashMap;
use std::borrow::Cow;
use super::upstream::PathManager;

2
rpxy-lib/src/backend/load_balance/load_balance_sticky.rs
View file

@ -4,8 +4,8 @@ use super::{
Upstream,
};
use crate::{constants::STICKY_COOKIE_NAME, log::*};
use ahash::HashMap;
use derive_builder::Builder;
use rustc_hash::FxHashMap as HashMap;
use std::{
borrow::Cow,
sync::{

2
rpxy-lib/src/backend/upstream.rs
View file

@ -11,10 +11,10 @@ use crate::{
log::*,
name_exp::{ByteName, PathName},
};
use ahash::{HashMap, HashSet};
#[cfg(feature = "sticky-cookie")]
use base64::{engine::general_purpose, Engine as _};
use derive_builder::Builder;
use rustc_hash::{FxHashMap as HashMap, FxHashSet as HashSet};
#[cfg(feature = "sticky-cookie")]
use sha2::{Digest, Sha256};
use std::borrow::Cow;

2
rpxy-lib/src/globals.rs
View file

@ -20,7 +20,7 @@ pub struct Globals {
#[cfg(feature = "acme")]
/// ServerConfig used for only ACME challenge for ACME domains
pub server_configs_acme_challenge: std::sync::Arc<rustc_hash::FxHashMap<String, std::sync::Arc<rustls::ServerConfig>>>,
pub server_configs_acme_challenge: std::sync::Arc<ahash::HashMap<String, std::sync::Arc<rustls::ServerConfig>>>,
}
/// Configuration parameters for proxy transport and request handlers

2
rpxy-lib/src/lib.rs
View file

@ -48,7 +48,7 @@ pub struct RpxyOptions {
#[cfg(feature = "acme")]
/// ServerConfig used for only ACME challenge for ACME domains
pub server_configs_acme_challenge: Arc<rustc_hash::FxHashMap<String, Arc<rustls::ServerConfig>>>,
pub server_configs_acme_challenge: Arc<ahash::HashMap<String, Arc<rustls::ServerConfig>>>,
}
/// Entrypoint that creates and spawns tasks of reverse proxy services

3
rpxy-lib/src/proxy/mod.rs
View file

@ -14,12 +14,11 @@ use crate::{
name_exp::ServerName,
};
use hyper_util::server::{self, conn::auto::Builder as ConnectionBuilder};
use rustc_hash::FxHashMap as HashMap;
use rustls::ServerConfig;
use std::sync::Arc;
/// SNI to ServerConfig map type
pub type SniServerCryptoMap = HashMap<ServerName, Arc<ServerConfig>>;
pub type SniServerCryptoMap = std::collections::HashMap<ServerName, Arc<ServerConfig>, ahash::RandomState>;
pub(crate) use proxy_main::Proxy;

2
rpxy-lib/src/proxy/proxy_main.rs
View file

@ -294,7 +294,7 @@ where
let map = server_config.individual_config_map.clone().iter().map(|(k,v)| {
let server_name = ServerName::from(k.as_slice());
(server_name, v.clone())
}).collect::<rustc_hash::FxHashMap<_,_>>();
}).collect::<std::collections::HashMap<_,_,ahash::RandomState>>();
server_crypto_map = Some(Arc::new(map));
}
}