From 8e1a0e78d1a0c0ed616d3f8d7f3b6e78e5e6168e Mon Sep 17 00:00:00 2001 From: Jonas Berlin Date: Mon, 28 Oct 2024 11:22:46 +0200 Subject: [PATCH 01/69] feat: Promote `rpxy-lib/sticky-cookie` to top-level feature .. and fix compile warnings when disabled --- rpxy-bin/Cargo.toml | 13 ++++++------- .../src/backend/load_balance/load_balance_main.rs | 2 -- rpxy-lib/src/backend/load_balance/mod.rs | 2 ++ rpxy-lib/src/message_handler/handler_main.rs | 4 ++-- rpxy-lib/src/message_handler/utils_headers.rs | 4 +++- 5 files changed, 13 insertions(+), 12 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 50173fe..aa0b7b7 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -13,10 +13,10 @@ publish.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] -# default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] -default = ["http3-quinn", "cache", "rustls-backend", "acme"] -# default = ["http3-s2n", "cache", "rustls-backend", "acme"] +# default = ["http3-quinn", "cache", "rustls-backend", "acme", "sticky-cookie", "post-quantum"] +# default = ["http3-s2n", "cache", "rustls-backend", "acme", "sticky-cookie", "post-quantum"] +default = ["http3-quinn", "cache", "rustls-backend", "acme", "sticky-cookie"] +# default = ["http3-s2n", "cache", "rustls-backend", "acme", "sticky-cookie"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] native-tls-backend = ["rpxy-lib/native-tls-backend"] @@ -25,11 +25,10 @@ webpki-roots = ["rpxy-lib/webpki-roots"] cache = ["rpxy-lib/cache"] acme = ["rpxy-lib/acme", "rpxy-acme"] post-quantum = ["rpxy-lib/post-quantum"] +sticky-cookie = ["rpxy-lib/sticky-cookie"] [dependencies] -rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ - "sticky-cookie", -] } +rpxy-lib = { path = "../rpxy-lib/", default-features = false } mimalloc = { version = "*", default-features = false } anyhow = "1.0.91" diff --git a/rpxy-lib/src/backend/load_balance/load_balance_main.rs b/rpxy-lib/src/backend/load_balance/load_balance_main.rs index 0b3eff8..9cce980 100644 --- a/rpxy-lib/src/backend/load_balance/load_balance_main.rs +++ b/rpxy-lib/src/backend/load_balance/load_balance_main.rs @@ -131,6 +131,4 @@ impl LoadBalance { pub struct LoadBalanceContext { #[cfg(feature = "sticky-cookie")] pub sticky_cookie: StickyCookie, - #[cfg(not(feature = "sticky-cookie"))] - pub sticky_cookie: (), } diff --git a/rpxy-lib/src/backend/load_balance/mod.rs b/rpxy-lib/src/backend/load_balance/mod.rs index 38d312b..c32ca65 100644 --- a/rpxy-lib/src/backend/load_balance/mod.rs +++ b/rpxy-lib/src/backend/load_balance/mod.rs @@ -4,6 +4,7 @@ mod load_balance_sticky; #[cfg(feature = "sticky-cookie")] mod sticky_cookie; +#[cfg(feature = "sticky-cookie")] use super::upstream::Upstream; use thiserror::Error; @@ -16,6 +17,7 @@ pub use load_balance_sticky::LoadBalanceStickyBuilder; pub use sticky_cookie::{StickyCookie, StickyCookieValue}; /// Result type for load balancing +#[cfg(feature = "sticky-cookie")] type LoadBalanceResult = std::result::Result; /// Describes things that can go wrong in the Load Balance #[derive(Debug, Error)] diff --git a/rpxy-lib/src/message_handler/handler_main.rs b/rpxy-lib/src/message_handler/handler_main.rs index 4b324df..2b803a8 100644 --- a/rpxy-lib/src/message_handler/handler_main.rs +++ b/rpxy-lib/src/message_handler/handler_main.rs @@ -6,7 +6,7 @@ use super::{ utils_request::InspectParseHost, }; use crate::{ - backend::{BackendAppManager, LoadBalanceContext}, + backend::BackendAppManager, error::*, forwarder::{ForwardRequest, Forwarder}, globals::Globals, @@ -25,7 +25,7 @@ use tokio::io::copy_bidirectional; /// Context object to handle sticky cookies at HTTP message handler pub(super) struct HandlerContext { #[cfg(feature = "sticky-cookie")] - pub(super) context_lb: Option, + pub(super) context_lb: Option, #[cfg(not(feature = "sticky-cookie"))] pub(super) context_lb: Option<()>, } diff --git a/rpxy-lib/src/message_handler/utils_headers.rs b/rpxy-lib/src/message_handler/utils_headers.rs index d058f88..afe6463 100644 --- a/rpxy-lib/src/message_handler/utils_headers.rs +++ b/rpxy-lib/src/message_handler/utils_headers.rs @@ -3,7 +3,7 @@ use crate::{ backend::{UpstreamCandidates, UpstreamOption}, log::*, }; -use anyhow::{anyhow, ensure, Result}; +use anyhow::{anyhow, Result}; use bytes::BufMut; use http::{header, HeaderMap, HeaderName, HeaderValue, Uri}; use std::{borrow::Cow, net::SocketAddr}; @@ -22,6 +22,8 @@ pub(super) fn takeout_sticky_cookie_lb_context( headers: &mut HeaderMap, expected_cookie_name: &str, ) -> Result> { + use anyhow::ensure; + let mut headers_clone = headers.clone(); match headers_clone.entry(header::COOKIE) { From bbba70f47c0afc3dc5b4c2e50483e4f847e5e5aa Mon Sep 17 00:00:00 2001 From: Lyamc Date: Sat, 12 Apr 2025 14:54:31 -0600 Subject: [PATCH 02/69] Update .gitmodules to use HTTPS instead of SSH --- .gitmodules | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.gitmodules b/.gitmodules index a8c5d14..b2635b4 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,10 +1,10 @@ [submodule "submodules/rusty-http-cache-semantics"] - path = submodules/rusty-http-cache-semantics - url = git@github.com:junkurihara/rusty-http-cache-semantics.git + path = submodules/rusty-http-cache-semantics + url = https://github.com/junkurihara/rusty-http-cache-semantics.git [submodule "submodules/rustls-acme"] - path = submodules/rustls-acme - url = git@github.com:junkurihara/rustls-acme.git + path = submodules/rustls-acme + url = https://github.com/junkurihara/rustls-acme.git [submodule "submodules/s2n-quic"] - path = submodules/s2n-quic - url = git@github.com:junkurihara/s2n-quic.git - branch = rustls-pq + path = submodules/s2n-quic + url = https://github.com/junkurihara/s2n-quic.git + branch = rustls-pq From 7438f70381b3ee1b385b840bdf750084c8d5fad2 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 1 May 2025 09:43:43 +0900 Subject: [PATCH 03/69] deps --- Cargo.lock | 36 ++++++++++++++++++------------------ rpxy-lib/Cargo.toml | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a81530c..1efc653 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1032,9 +1032,9 @@ checksum = "74721d007512d0cb3338cd20f0654ac913920061a4c4d0d8708edb3f2a698c0c" [[package]] name = "hashbrown" -version = "0.15.2" +version = "0.15.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" +checksum = "84b26c544d002229e640969970a2e74021aadf6e2f96372b9c58eff97de08eb3" dependencies = [ "allocator-api2", "equivalent", @@ -1747,9 +1747,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.107" +version = "0.9.108" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8288979acd84749c744a9014b4382d42b8f7b2592847b5afb2ed29e5d16ede07" +checksum = "e145e1651e858e820e4860f7b9c5e169bc1d8ce1c86043be79fa7b7634821847" dependencies = [ "cc", "libc", @@ -1914,9 +1914,9 @@ dependencies = [ [[package]] name = "quinn-udp" -version = "0.5.11" +version = "0.5.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "541d0f57c6ec747a90738a52741d3221f7960e8ac2f0ff4b1a63680e033b4ab5" +checksum = "ee4e529991f949c5e25755532370b8af5d114acae52326361d68d47af64aa842" dependencies = [ "cfg_aliases", "libc", @@ -2233,9 +2233,9 @@ dependencies = [ [[package]] name = "rustix" -version = "1.0.5" +version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d97817398dd4bb2e6da002002db259209759911da105da92bec29ccb12cf58bf" +checksum = "c71e83d6afe7ff64890ec6b71d6a69bb8a610ab78ce364b3352876bb4c801266" dependencies = [ "bitflags", "errno", @@ -2641,9 +2641,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.8" +version = "0.10.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" dependencies = [ "cfg-if", "cpufeatures", @@ -2727,9 +2727,9 @@ dependencies = [ [[package]] name = "synstructure" -version = "0.13.1" +version = "0.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" +checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2" dependencies = [ "proc-macro2", "quote", @@ -2745,7 +2745,7 @@ dependencies = [ "fastrand", "getrandom 0.3.2", "once_cell", - "rustix 1.0.5", + "rustix 1.0.7", "windows-sys 0.59.0", ] @@ -2755,7 +2755,7 @@ version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "45c6481c4829e4cc63825e62c49186a34538b7b2750b73b266581ffb612fb5ed" dependencies = [ - "rustix 1.0.5", + "rustix 1.0.7", "windows-sys 0.59.0", ] @@ -3238,18 +3238,18 @@ dependencies = [ [[package]] name = "webpki-root-certs" -version = "0.26.9" +version = "0.26.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "180d2741b6115c3d906577e6533ad89472d48d96df00270fccb78233073d77f7" +checksum = "c99403924bc5f23afefc319b8ac67ed0e50669f6e52a413314cccb1fdbc93ba0" dependencies = [ "rustls-pki-types", ] [[package]] name = "webpki-roots" -version = "0.26.9" +version = "0.26.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29aad86cec885cafd03e8305fd727c418e970a521322c91688414d5b8efba16b" +checksum = "37493cadf42a2a939ed404698ded7fb378bf301b5011f973361779a3a74f8c93" dependencies = [ "rustls-pki-types", ] diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 8cfad09..7e96bd4 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -109,7 +109,7 @@ socket2 = { version = "0.5.9", features = ["all"], optional = true } # cache http-cache-semantics = { path = "../submodules/rusty-http-cache-semantics", default-features = false, optional = true } lru = { version = "0.14.0", optional = true } -sha2 = { version = "0.10.8", default-features = false, optional = true } +sha2 = { version = "0.10.9", default-features = false, optional = true } # cookie handling for sticky cookie chrono = { version = "0.4.41", default-features = false, features = [ From 67e78041b416b4688afdf4e9617e1dc84fe9e65a Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 6 May 2025 23:51:04 +0900 Subject: [PATCH 04/69] deps --- Cargo.lock | 74 +++++++++++++++++++++++++++---------------- rpxy-acme/Cargo.toml | 6 ++-- rpxy-bin/Cargo.toml | 2 +- rpxy-certs/Cargo.toml | 6 ++-- rpxy-lib/Cargo.toml | 4 +-- 5 files changed, 55 insertions(+), 37 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1efc653..8bae735 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -275,7 +275,7 @@ dependencies = [ "log", "rustls-pki-types", "thiserror 1.0.69", - "webpki-roots", + "webpki-roots 0.26.11", ] [[package]] @@ -406,9 +406,9 @@ checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" [[package]] name = "cc" -version = "1.2.20" +version = "1.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04da6a0d40b948dfc4fa8f5bbf402b0fc1a64a28dbf7d12ffd683550f2c1b63a" +checksum = "8691782945451c1c383942c4874dbe63814f61cb57ef773cda2972682b7bb3c0" dependencies = [ "jobserver", "libc", @@ -978,9 +978,9 @@ checksum = "a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2" [[package]] name = "h2" -version = "0.4.9" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75249d144030531f8dee69fe9cea04d3edf809a017ae445e2abdff6629e86633" +checksum = "a9421a676d1b147b16b82c9225157dc629087ef8ec4d5e2960f9437a90dac0a5" dependencies = [ "atomic-waker", "bytes", @@ -1172,7 +1172,7 @@ dependencies = [ "tokio", "tokio-rustls", "tower-service", - "webpki-roots", + "webpki-roots 0.26.11", ] [[package]] @@ -1492,9 +1492,9 @@ dependencies = [ [[package]] name = "libm" -version = "0.2.13" +version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9627da5196e5d8ed0b0495e61e518847578da83483c37288316d9b2e03a7f72" +checksum = "a25169bd5913a4b437588a7e3d127cd6e90127b60e0ffbd834a38f1599e016b8" [[package]] name = "libmimalloc-sys" @@ -2246,9 +2246,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.26" +version = "0.23.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df51b5869f3a441595eac5e8ff14d486ff285f7b8c0df8770e49c3b56351f0f0" +checksum = "730944ca083c1c233a75c09f199e973ca499344a2b7ba9e755c457e86fb4a321" dependencies = [ "aws-lc-rs", "log", @@ -2280,7 +2280,7 @@ dependencies = [ "serde", "serde_json", "thiserror 2.0.12", - "webpki-roots", + "webpki-roots 0.26.11", "x509-parser", ] @@ -2316,9 +2316,9 @@ dependencies = [ [[package]] name = "rustls-platform-verifier" -version = "0.5.2" +version = "0.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4937d110d34408e9e5ad30ba0b0ca3b6a8a390f8db3636db60144ac4fa792750" +checksum = "19787cda76408ec5404443dc8b31795c87cd8fec49762dc75fa727740d34acc1" dependencies = [ "core-foundation 0.10.0", "core-foundation-sys", @@ -2331,7 +2331,7 @@ dependencies = [ "rustls-webpki", "security-framework 3.2.0", "security-framework-sys", - "webpki-root-certs", + "webpki-root-certs 0.26.11", "windows-sys 0.59.0", ] @@ -2352,9 +2352,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.1" +version = "0.103.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fef8b8769aaccf73098557a87cd1816b4f9c7c16811c9c77142aa695c16f2c03" +checksum = "7149975849f1abb3832b246010ef62ccc80d3a76169517ada7188252b9cfb437" dependencies = [ "aws-lc-rs", "ring", @@ -2513,9 +2513,9 @@ dependencies = [ [[package]] name = "s2n-tls" -version = "0.3.17" +version = "0.3.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2a05886fe90b529c7ffef6b8b5542e26e21e3b0e66612673395c7ecedde0e30" +checksum = "e1c2355bbfcccc93a61d56a8e8b8a22325a5c68b693ddeba904a5aa293cc66c8" dependencies = [ "errno", "hex", @@ -2526,9 +2526,9 @@ dependencies = [ [[package]] name = "s2n-tls-sys" -version = "0.3.17" +version = "0.3.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c69b480e275a5c3016307c589f2f71bbf9ea21c102e7ce3c19316d908bf0c21f" +checksum = "65818edc12b815a4b2140a6a031f6e5fe3a59b31c28d7f01835b9aa38654f81f" dependencies = [ "aws-lc-rs", "cc", @@ -2867,9 +2867,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.44.2" +version = "1.45.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48" +checksum = "2513ca694ef9ede0fb23fe71a4ee4107cb102b9dc1930f6d0fd77aae068ae165" dependencies = [ "backtrace", "bytes", @@ -3238,18 +3238,36 @@ dependencies = [ [[package]] name = "webpki-root-certs" -version = "0.26.10" +version = "0.26.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c99403924bc5f23afefc319b8ac67ed0e50669f6e52a413314cccb1fdbc93ba0" +checksum = "75c7f0ef91146ebfb530314f5f1d24528d7f0767efbfd31dce919275413e393e" +dependencies = [ + "webpki-root-certs 1.0.0", +] + +[[package]] +name = "webpki-root-certs" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01a83f7e1a9f8712695c03eabe9ed3fbca0feff0152f33f12593e5a6303cb1a4" dependencies = [ "rustls-pki-types", ] [[package]] name = "webpki-roots" -version = "0.26.10" +version = "0.26.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37493cadf42a2a939ed404698ded7fb378bf301b5011f973361779a3a74f8c93" +checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9" +dependencies = [ + "webpki-roots 1.0.0", +] + +[[package]] +name = "webpki-roots" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2853738d1cc4f2da3a225c18ec6c3721abb31961096e9dbf5ab35fa88b19cfdb" dependencies = [ "rustls-pki-types", ] @@ -3506,9 +3524,9 @@ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" [[package]] name = "winnow" -version = "0.7.7" +version = "0.7.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6cb8234a863ea0e8cd7284fcdd4f145233eb00fee02bbdd9861aec44e6477bc5" +checksum = "d9fb597c990f03753e08d3c29efbfcf2019a003b4bf4ba19225c158e1549f0f3" dependencies = [ "memchr", ] diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index f33fd19..a10395a 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -24,15 +24,15 @@ aws-lc-rs = { version = "1.13.0", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" -rustls = { version = "0.23.26", default-features = false, features = [ +rustls = { version = "0.23.27", default-features = false, features = [ "std", "aws_lc_rs", ] } -rustls-platform-verifier = { version = "0.5.2" } +rustls-platform-verifier = { version = "0.5.3" } rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, features = [ "aws-lc-rs", ] } rustls-post-quantum = { version = "0.2.2", optional = true } -tokio = { version = "1.44.2", default-features = false } +tokio = { version = "1.45.0", default-features = false } tokio-util = { version = "0.7.15", default-features = false } tokio-stream = { version = "0.1.17", default-features = false } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 16c6916..6e52772 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -35,7 +35,7 @@ libmimalloc-sys = { version = "=0.1.40" } anyhow = "1.0.98" ahash = "0.8.11" serde = { version = "1.0.219", default-features = false, features = ["derive"] } -tokio = { version = "1.44.2", default-features = false, features = [ +tokio = { version = "1.45.0", default-features = false, features = [ "net", "rt-multi-thread", "time", diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 2bad8fc..712d31a 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -22,12 +22,12 @@ derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.12" } hot_reload = { version = "0.1.9" } async-trait = { version = "0.1.88" } -rustls = { version = "0.23.26", default-features = false, features = [ +rustls = { version = "0.23.27", default-features = false, features = [ "std", "aws_lc_rs", ] } rustls-pemfile = { version = "2.2.0" } -rustls-webpki = { version = "0.103.1", default-features = false, features = [ +rustls-webpki = { version = "0.103.2", default-features = false, features = [ "std", "aws-lc-rs", ] } @@ -35,7 +35,7 @@ rustls-post-quantum = { version = "0.2.2", optional = true } x509-parser = { version = "0.17.0" } [dev-dependencies] -tokio = { version = "1.44.2", default-features = false, features = [ +tokio = { version = "1.45.0", default-features = false, features = [ "rt-multi-thread", "macros", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 7e96bd4..f7520a4 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -41,7 +41,7 @@ ahash = "0.8.11" bytes = "1.10.1" derive_builder = "0.20.2" futures = { version = "0.3.31", features = ["alloc", "async-await"] } -tokio = { version = "1.44.2", default-features = false, features = [ +tokio = { version = "1.45.0", default-features = false, features = [ "net", "rt-multi-thread", "time", @@ -80,7 +80,7 @@ hyper-rustls = { version = "0.27.5", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.9" -rustls = { version = "0.23.26", default-features = false } +rustls = { version = "0.23.27", default-features = false } rustls-post-quantum = { version = "0.2.2", optional = true } tokio-rustls = { version = "0.26.2", features = ["early-data"] } From 9e743b0dca4fbb24d301572ac17288f93e4f60c8 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 7 May 2025 11:22:30 +0900 Subject: [PATCH 05/69] wip: h3-0.0.8 --- Cargo.lock | 24 +++++++++++++++++++----- rpxy-lib/Cargo.toml | 4 ++-- rpxy-lib/src/error.rs | 7 +++++-- rpxy-lib/src/proxy/proxy_h3.rs | 15 ++++++++++----- 4 files changed, 36 insertions(+), 14 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8bae735..46120eb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1000,6 +1000,20 @@ name = "h3" version = "0.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7dfb059a4f28a66f186ed16ad912d142f490676acba59353831d7cb45a96b0d3" +dependencies = [ + "bytes", + "fastrand", + "futures-util", + "http", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "h3" +version = "0.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10872b55cfb02a821b69dc7cf8dc6a71d6af25eb9a79662bec4a9d016056b3be" dependencies = [ "bytes", "fastrand", @@ -1012,13 +1026,13 @@ dependencies = [ [[package]] name = "h3-quinn" -version = "0.0.9" +version = "0.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d482318ae94198fc8e3cbb0b7ba3099c865d744e6ec7c62039ca7b6b6c66fbf" +checksum = "8b2e732c8d91a74731663ac8479ab505042fbf547b9a207213ab7fbcbfc4f8b4" dependencies = [ "bytes", "futures", - "h3", + "h3 0.0.8", "quinn", "tokio", "tokio-util", @@ -2159,7 +2173,7 @@ dependencies = [ "futures", "futures-channel", "futures-util", - "h3", + "h3 0.0.8", "h3-quinn", "hot_reload", "http", @@ -2443,7 +2457,7 @@ version = "0.1.0" dependencies = [ "bytes", "futures", - "h3", + "h3 0.0.7", "s2n-quic", "tracing", ] diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index f7520a4..6b1c76d 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -92,8 +92,8 @@ tracing = { version = "0.1.41" } # http/3 quinn = { version = "0.11.7", optional = true } -h3 = { version = "0.0.7", features = ["tracing"], optional = true } -h3-quinn = { version = "0.0.9", optional = true } +h3 = { version = "0.0.8", features = ["tracing"], optional = true } +h3-quinn = { version = "0.0.10", optional = true } s2n-quic = { version = "1.57.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } diff --git a/rpxy-lib/src/error.rs b/rpxy-lib/src/error.rs index 20470ed..4554cb7 100644 --- a/rpxy-lib/src/error.rs +++ b/rpxy-lib/src/error.rs @@ -37,8 +37,11 @@ pub enum RpxyError { // http/3 errors #[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))] - #[error("H3 error: {0}")] - H3Error(#[from] h3::Error), + #[error("h3 connection error: {0}")] + H3ConnectionError(#[from] h3::error::ConnectionError), + #[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))] + #[error("h3 connection error: {0}")] + H3StreamError(#[from] h3::error::StreamError), // #[cfg(feature = "http3-s2n")] // #[error("H3 error: {0}")] // H3Error(#[from] s2n_quic_h3::h3::Error), diff --git a/rpxy-lib/src/proxy/proxy_h3.rs b/rpxy-lib/src/proxy/proxy_h3.rs index 3d5143f..acfe07d 100644 --- a/rpxy-lib/src/proxy/proxy_h3.rs +++ b/rpxy-lib/src/proxy/proxy_h3.rs @@ -49,12 +49,17 @@ where } Err(e) => { warn!("HTTP/3 error on accept incoming connection: {}", e); - match e.get_error_level() { - h3::error::ErrorLevel::ConnectionError => break, - h3::error::ErrorLevel::StreamError => continue, - } + break; } - Ok(Some((req, stream))) => { + // Ok(Some((req, stream))) => { + Ok(Some(req_resolver)) => { + let (req, stream) = match req_resolver.resolve_request().await { + Ok((req, stream)) => (req, stream), + Err(e) => { + warn!("HTTP/3 error on resolve request in stream: {}", e); + continue; + } + }; // We consider the connection count separately from the stream count. // Max clients for h1/h2 = max 'stream' for h3. let request_count = self.globals.request_count.clone(); From df3792f87f97a69e1d074f3a8884dbd43fcf9593 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 7 May 2025 12:33:58 +0900 Subject: [PATCH 06/69] deps: h3-0.0.8 --- Cargo.lock | 20 +++----------------- rpxy-bin/Cargo.toml | 4 ++-- submodules/s2n-quic | 2 +- 3 files changed, 6 insertions(+), 20 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 46120eb..e0ab8a1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -995,20 +995,6 @@ dependencies = [ "tracing", ] -[[package]] -name = "h3" -version = "0.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7dfb059a4f28a66f186ed16ad912d142f490676acba59353831d7cb45a96b0d3" -dependencies = [ - "bytes", - "fastrand", - "futures-util", - "http", - "pin-project-lite", - "tokio", -] - [[package]] name = "h3" version = "0.0.8" @@ -1032,7 +1018,7 @@ checksum = "8b2e732c8d91a74731663ac8479ab505042fbf547b9a207213ab7fbcbfc4f8b4" dependencies = [ "bytes", "futures", - "h3 0.0.8", + "h3", "quinn", "tokio", "tokio-util", @@ -2173,7 +2159,7 @@ dependencies = [ "futures", "futures-channel", "futures-util", - "h3 0.0.8", + "h3", "h3-quinn", "hot_reload", "http", @@ -2457,7 +2443,7 @@ version = "0.1.0" dependencies = [ "bytes", "futures", - "h3 0.0.7", + "h3", "s2n-quic", "tracing", ] diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 6e52772..911aadb 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -13,8 +13,8 @@ publish.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] -# default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] +# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] +default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] native-tls-backend = ["rpxy-lib/native-tls-backend"] diff --git a/submodules/s2n-quic b/submodules/s2n-quic index f9d0c4f..4ef7425 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit f9d0c4feb83160b6fe66fe34da76c443fc2b381c +Subproject commit 4ef74256bcf8d04e218d88bb72856da332d3e8c2 From 500ab56c10b5dd581e94b97f8e969f1480d7852e Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 7 May 2025 12:37:24 +0900 Subject: [PATCH 07/69] fix default --- rpxy-bin/Cargo.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 911aadb..6e52772 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -13,8 +13,8 @@ publish.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] -default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] +default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] +# default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] native-tls-backend = ["rpxy-lib/native-tls-backend"] From 50442376887cf277f5793a9994e1e6cfad801f20 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 7 May 2025 18:59:38 +0900 Subject: [PATCH 08/69] deps --- Cargo.lock | 12 ++++++------ submodules/s2n-quic | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e0ab8a1..a5a0f29 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -316,9 +316,9 @@ dependencies = [ [[package]] name = "backtrace" -version = "0.3.74" +version = "0.3.75" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" +checksum = "6806a6321ec58106fea15becdad98371e28d92ccbc7c8f1b3b6dd724fe8f1002" dependencies = [ "addr2line", "cfg-if", @@ -1492,9 +1492,9 @@ dependencies = [ [[package]] name = "libm" -version = "0.2.14" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a25169bd5913a4b437588a7e3d127cd6e90127b60e0ffbd834a38f1599e016b8" +checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de" [[package]] name = "libmimalloc-sys" @@ -3524,9 +3524,9 @@ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" [[package]] name = "winnow" -version = "0.7.9" +version = "0.7.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9fb597c990f03753e08d3c29efbfcf2019a003b4bf4ba19225c158e1549f0f3" +checksum = "c06928c8748d81b05c9be96aad92e1b6ff01833332f281e8cfca3be4b35fc9ec" dependencies = [ "memchr", ] diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 4ef7425..a4e601d 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 4ef74256bcf8d04e218d88bb72856da332d3e8c2 +Subproject commit a4e601db45c1de09a088ca3c021e73c32760dfb7 From 669e2bf00b2f8c35312373c9423536f17d004129 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 7 May 2025 20:01:03 +0900 Subject: [PATCH 09/69] chore: refactor dockerfile-slim --- docker/Dockerfile-slim | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/Dockerfile-slim b/docker/Dockerfile-slim index b58a408..b0ef5b1 100644 --- a/docker/Dockerfile-slim +++ b/docker/Dockerfile-slim @@ -5,7 +5,7 @@ LABEL maintainer="Jun Kurihara" ARG TARGETARCH ARG CARGO_FEATURES -ENV CARGO_FEATURES ${CARGO_FEATURES} +ENV CARGO_FEATURES=${CARGO_FEATURES} RUN if [ $TARGETARCH = "amd64" ]; then \ echo "x86_64" > /arch; \ @@ -22,7 +22,7 @@ WORKDIR /tmp COPY . /tmp/ -ENV RUSTFLAGS "-C link-arg=-s" +ENV RUSTFLAGS="-C link-arg=-s" RUN echo "Building rpxy from source" && \ cargo update && \ @@ -34,7 +34,7 @@ RUN echo "Building rpxy from source" && \ FROM --platform=$TARGETPLATFORM alpine:latest AS runner LABEL maintainer="Jun Kurihara" -ENV RUNTIME_DEPS logrotate ca-certificates su-exec +ENV RUNTIME_DEPS="logrotate ca-certificates su-exec" RUN apk add --no-cache ${RUNTIME_DEPS} && \ update-ca-certificates && \ From b558c882f3f2c7fb8dc458c90f38d86906252967 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 May 2025 22:05:39 +0000 Subject: [PATCH 10/69] chore(deps): bump ahash from 0.8.11 to 0.8.12 Bumps [ahash](https://github.com/tkaitchuck/ahash) from 0.8.11 to 0.8.12. - [Release notes](https://github.com/tkaitchuck/ahash/releases) - [Commits](https://github.com/tkaitchuck/ahash/commits) --- updated-dependencies: - dependency-name: ahash dependency-version: 0.8.12 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 38 +++++++++----------------------------- rpxy-acme/Cargo.toml | 2 +- rpxy-bin/Cargo.toml | 2 +- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- 5 files changed, 13 insertions(+), 33 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a5a0f29..9bf59ab 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -19,15 +19,15 @@ checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" [[package]] name = "ahash" -version = "0.8.11" +version = "0.8.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +checksum = "5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75" dependencies = [ "cfg-if", - "getrandom 0.2.16", + "getrandom 0.3.2", "once_cell", "version_check", - "zerocopy 0.7.35", + "zerocopy", ] [[package]] @@ -1842,7 +1842,7 @@ version = "0.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" dependencies = [ - "zerocopy 0.8.25", + "zerocopy", ] [[package]] @@ -2380,7 +2380,7 @@ version = "0.57.0" dependencies = [ "byteorder", "bytes", - "zerocopy 0.8.25", + "zerocopy", ] [[package]] @@ -2402,7 +2402,7 @@ dependencies = [ "s2n-quic-tls-default", "s2n-quic-transport", "tokio", - "zerocopy 0.8.25", + "zerocopy", "zeroize", ] @@ -2422,7 +2422,7 @@ dependencies = [ "pin-project-lite", "s2n-codec", "subtle", - "zerocopy 0.8.25", + "zerocopy", ] [[package]] @@ -3602,33 +3602,13 @@ dependencies = [ "synstructure", ] -[[package]] -name = "zerocopy" -version = "0.7.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" -dependencies = [ - "zerocopy-derive 0.7.35", -] - [[package]] name = "zerocopy" version = "0.8.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a1702d9583232ddb9174e01bb7c15a2ab8fb1bc6f227aa1233858c351a3ba0cb" dependencies = [ - "zerocopy-derive 0.8.25", -] - -[[package]] -name = "zerocopy-derive" -version = "0.7.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" -dependencies = [ - "proc-macro2", - "quote", - "syn", + "zerocopy-derive", ] [[package]] diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index a10395a..cb7a5a2 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -15,7 +15,7 @@ post-quantum = ["rustls-post-quantum"] [dependencies] url = { version = "2.5.4" } -ahash = "0.8.11" +ahash = "0.8.12" thiserror = "2.0.12" tracing = "0.1.41" async-trait = "0.1.88" diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 6e52772..a99de63 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -33,7 +33,7 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ mimalloc = { version = "=0.1.44", default-features = false } libmimalloc-sys = { version = "=0.1.40" } anyhow = "1.0.98" -ahash = "0.8.11" +ahash = "0.8.12" serde = { version = "1.0.219", default-features = false, features = ["derive"] } tokio = { version = "1.45.0", default-features = false, features = [ "net", diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 712d31a..90b15e6 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -16,7 +16,7 @@ post-quantum = ["rustls-post-quantum"] http3 = [] [dependencies] -ahash = { version = "0.8.11" } +ahash = { version = "0.8.12" } tracing = { version = "0.1.41" } derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.12" } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 6b1c76d..3b14531 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -37,7 +37,7 @@ post-quantum = [ [dependencies] rand = "0.9.1" -ahash = "0.8.11" +ahash = "0.8.12" bytes = "1.10.1" derive_builder = "0.20.2" futures = { version = "0.3.31", features = ["alloc", "async-await"] } From bbde3ff4f3826deaff113a1e9dba70df4dd06637 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 May 2025 22:05:50 +0000 Subject: [PATCH 11/69] chore(deps): bump aws-lc-rs from 1.13.0 to 1.13.1 Bumps [aws-lc-rs](https://github.com/aws/aws-lc-rs) from 1.13.0 to 1.13.1. - [Release notes](https://github.com/aws/aws-lc-rs/releases) - [Commits](https://github.com/aws/aws-lc-rs/compare/v1.13.0...v1.13.1) --- updated-dependencies: - dependency-name: aws-lc-rs dependency-version: 1.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 8 ++++---- rpxy-acme/Cargo.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a5a0f29..914c3e2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -292,9 +292,9 @@ checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" [[package]] name = "aws-lc-rs" -version = "1.13.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19b756939cb2f8dc900aa6dcd505e6e2428e9cae7ff7b028c49e3946efa70878" +checksum = "93fcc8f365936c834db5514fc45aee5b1202d677e6b40e48468aaaa8183ca8c7" dependencies = [ "aws-lc-sys", "untrusted 0.7.1", @@ -303,9 +303,9 @@ dependencies = [ [[package]] name = "aws-lc-sys" -version = "0.28.2" +version = "0.29.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfa9b6986f250236c27e5a204062434a773a13243d2ffc2955f37bdba4c5c6a1" +checksum = "61b1d86e7705efe1be1b569bab41d4fa1e14e220b60a160f78de2db687add079" dependencies = [ "bindgen", "cc", diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index a10395a..73c44d9 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -20,7 +20,7 @@ thiserror = "2.0.12" tracing = "0.1.41" async-trait = "0.1.88" base64 = "0.22.1" -aws-lc-rs = { version = "1.13.0", default-features = false, features = [ +aws-lc-rs = { version = "1.13.1", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" From 31b6817e2328c240d359fe7f10c4c804247d8585 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 9 May 2025 11:39:51 +0900 Subject: [PATCH 12/69] deps: s2n-quic --- Cargo.lock | 171 +++++++++++++++++++------------------------- rpxy-lib/Cargo.toml | 6 +- submodules/s2n-quic | 2 +- 3 files changed, 78 insertions(+), 101 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ca8f3c2..0ee23d9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1237,21 +1237,22 @@ dependencies = [ [[package]] name = "icu_collections" -version = "1.5.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db2fa452206ebee18c4b5c2274dbf1de17008e874b4dc4f0aea9d01ca79e4526" +checksum = "200072f5d0e3614556f94a9930d5dc3e0662a652823904c3a75dc3b0af7fee47" dependencies = [ "displaydoc", + "potential_utf", "yoke", "zerofrom", "zerovec", ] [[package]] -name = "icu_locid" -version = "1.5.0" +name = "icu_locale_core" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13acbb8371917fc971be86fc8057c41a64b521c184808a698c02acc242dbf637" +checksum = "0cde2700ccaed3872079a65fb1a78f6c0a36c91570f28755dda67bc8f7d9f00a" dependencies = [ "displaydoc", "litemap", @@ -1260,31 +1261,11 @@ dependencies = [ "zerovec", ] -[[package]] -name = "icu_locid_transform" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01d11ac35de8e40fdeda00d9e1e9d92525f3f9d887cdd7aa81d727596788b54e" -dependencies = [ - "displaydoc", - "icu_locid", - "icu_locid_transform_data", - "icu_provider", - "tinystr", - "zerovec", -] - -[[package]] -name = "icu_locid_transform_data" -version = "1.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7515e6d781098bf9f7205ab3fc7e9709d34554ae0b21ddbcb5febfa4bc7df11d" - [[package]] name = "icu_normalizer" -version = "1.5.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19ce3e0da2ec68599d193c93d088142efd7f9c5d6fc9b803774855747dc6a84f" +checksum = "436880e8e18df4d7bbc06d58432329d6458cc84531f7ac5f024e93deadb37979" dependencies = [ "displaydoc", "icu_collections", @@ -1292,67 +1273,54 @@ dependencies = [ "icu_properties", "icu_provider", "smallvec", - "utf16_iter", - "utf8_iter", - "write16", "zerovec", ] [[package]] name = "icu_normalizer_data" -version = "1.5.1" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5e8338228bdc8ab83303f16b797e177953730f601a96c25d10cb3ab0daa0cb7" +checksum = "00210d6893afc98edb752b664b8890f0ef174c8adbb8d0be9710fa66fbbf72d3" [[package]] name = "icu_properties" -version = "1.5.1" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93d6020766cfc6302c15dbbc9c8778c37e62c14427cb7f6e601d849e092aeef5" +checksum = "2549ca8c7241c82f59c80ba2a6f415d931c5b58d24fb8412caa1a1f02c49139a" dependencies = [ "displaydoc", "icu_collections", - "icu_locid_transform", + "icu_locale_core", "icu_properties_data", "icu_provider", - "tinystr", + "potential_utf", + "zerotrie", "zerovec", ] [[package]] name = "icu_properties_data" -version = "1.5.1" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85fb8799753b75aee8d2a21d7c14d9f38921b54b3dbda10f5a3c7a7b82dba5e2" +checksum = "8197e866e47b68f8f7d95249e172903bec06004b18b2937f1095d40a0c57de04" [[package]] name = "icu_provider" -version = "1.5.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ed421c8a8ef78d3e2dbc98a973be2f3770cb42b606e3ab18d6237c4dfde68d9" +checksum = "03c80da27b5f4187909049ee2d72f276f0d9f99a42c306bd0131ecfe04d8e5af" dependencies = [ "displaydoc", - "icu_locid", - "icu_provider_macros", + "icu_locale_core", "stable_deref_trait", "tinystr", "writeable", "yoke", "zerofrom", + "zerotrie", "zerovec", ] -[[package]] -name = "icu_provider_macros" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "ident_case" version = "1.0.1" @@ -1372,9 +1340,9 @@ dependencies = [ [[package]] name = "idna_adapter" -version = "1.2.0" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "daca1df1c957320b2cf139ac61e7bd64fed304c5040df000a745aa1de3b4ef71" +checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344" dependencies = [ "icu_normalizer", "icu_properties", @@ -1520,9 +1488,9 @@ checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" [[package]] name = "litemap" -version = "0.7.5" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23fb14cb19457329c82206317a5663005a4d404783dc74f4252769b0d5f42856" +checksum = "241eaef5fd12c88705a01fc1066c48c4b36e0dd4377dcdc7ec3942cea7a69956" [[package]] name = "log" @@ -1830,6 +1798,15 @@ dependencies = [ "windows-sys 0.59.0", ] +[[package]] +name = "potential_utf" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5a7c30837279ca13e7c867e9e40053bc68740f988cb07f7ca6df43cc734b585" +dependencies = [ + "zerovec", +] + [[package]] name = "powerfmt" version = "0.2.0" @@ -2307,11 +2284,12 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.11.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c" +checksum = "229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79" dependencies = [ "web-time", + "zeroize", ] [[package]] @@ -2376,7 +2354,7 @@ checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" [[package]] name = "s2n-codec" -version = "0.57.0" +version = "0.58.0" dependencies = [ "byteorder", "bytes", @@ -2385,7 +2363,7 @@ dependencies = [ [[package]] name = "s2n-quic" -version = "1.57.0" +version = "1.58.0" dependencies = [ "bytes", "cfg-if", @@ -2408,7 +2386,7 @@ dependencies = [ [[package]] name = "s2n-quic-core" -version = "0.57.0" +version = "0.58.0" dependencies = [ "atomic-waker", "byteorder", @@ -2427,7 +2405,7 @@ dependencies = [ [[package]] name = "s2n-quic-crypto" -version = "0.57.0" +version = "0.58.0" dependencies = [ "aws-lc-rs", "cfg-if", @@ -2450,7 +2428,7 @@ dependencies = [ [[package]] name = "s2n-quic-platform" -version = "0.57.0" +version = "0.58.0" dependencies = [ "cfg-if", "futures", @@ -2463,7 +2441,7 @@ dependencies = [ [[package]] name = "s2n-quic-rustls" -version = "0.57.0" +version = "0.58.0" dependencies = [ "bytes", "rustls", @@ -2476,7 +2454,7 @@ dependencies = [ [[package]] name = "s2n-quic-tls" -version = "0.57.0" +version = "0.58.0" dependencies = [ "bytes", "errno", @@ -2489,7 +2467,7 @@ dependencies = [ [[package]] name = "s2n-quic-tls-default" -version = "0.57.0" +version = "0.58.0" dependencies = [ "s2n-quic-rustls", "s2n-quic-tls", @@ -2497,7 +2475,7 @@ dependencies = [ [[package]] name = "s2n-quic-transport" -version = "0.57.0" +version = "0.58.0" dependencies = [ "bytes", "futures-channel", @@ -2513,9 +2491,9 @@ dependencies = [ [[package]] name = "s2n-tls" -version = "0.3.18" +version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1c2355bbfcccc93a61d56a8e8b8a22325a5c68b693ddeba904a5aa293cc66c8" +checksum = "821c6c037686bbc60273f3c4af20012eecbe5e9b1c4ac3d7f766a1f2464681bf" dependencies = [ "errno", "hex", @@ -2526,9 +2504,9 @@ dependencies = [ [[package]] name = "s2n-tls-sys" -version = "0.3.18" +version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65818edc12b815a4b2140a6a031f6e5fe3a59b31c28d7f01835b9aa38654f81f" +checksum = "6a755df740916e2fc0aaf99c6fc0e519028702a75bff018b6b55a735eada406a" dependencies = [ "aws-lc-rs", "cc", @@ -2842,9 +2820,9 @@ dependencies = [ [[package]] name = "tinystr" -version = "0.7.6" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9117f5d4db391c1cf6927e7bea3db74b9a1c1add8f7eda9ffd5364f40f57b82f" +checksum = "5d4f6d1145dcb577acf783d4e601bc1d76a13337bb54e6233add580b07344c8b" dependencies = [ "displaydoc", "zerovec", @@ -3092,12 +3070,6 @@ dependencies = [ "percent-encoding", ] -[[package]] -name = "utf16_iter" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8232dd3cdaed5356e0f716d285e4b40b932ac434100fe9b7e0e8e935b9e6246" - [[package]] name = "utf8_iter" version = "1.0.4" @@ -3540,17 +3512,11 @@ dependencies = [ "bitflags", ] -[[package]] -name = "write16" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1890f4022759daae28ed4fe62859b1236caebfc61ede2f63ed4e695f3f6d936" - [[package]] name = "writeable" -version = "0.5.5" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51" +checksum = "ea2f10b9bb0928dfb1b42b65e1f9e36f7f54dbdf08457afefb38afcdec4fa2bb" [[package]] name = "x509-parser" @@ -3580,9 +3546,9 @@ dependencies = [ [[package]] name = "yoke" -version = "0.7.5" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "120e6aef9aa629e3d4f52dc8cc43a015c7724194c97dfaf45180d2daf2b77f40" +checksum = "5f41bb01b8226ef4bfd589436a297c53d118f65921786300e427be8d487695cc" dependencies = [ "serde", "stable_deref_trait", @@ -3592,9 +3558,9 @@ dependencies = [ [[package]] name = "yoke-derive" -version = "0.7.5" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154" +checksum = "38da3c9736e16c5d3c8c597a9aaa5d1fa565d0532ae05e27c24aa62fb32c0ab6" dependencies = [ "proc-macro2", "quote", @@ -3664,10 +3630,21 @@ dependencies = [ ] [[package]] -name = "zerovec" -version = "0.10.4" +name = "zerotrie" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa2b893d79df23bfb12d5461018d408ea19dfafe76c2c7ef6d4eba614f8ff079" +checksum = "36f0bbd478583f79edad978b407914f61b2972f5af6fa089686016be8f9af595" +dependencies = [ + "displaydoc", + "yoke", + "zerofrom", +] + +[[package]] +name = "zerovec" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a05eb080e015ba39cc9e23bbe5e7fb04d5fb040350f99f34e338d5fdd294428" dependencies = [ "yoke", "zerofrom", @@ -3676,9 +3653,9 @@ dependencies = [ [[package]] name = "zerovec-derive" -version = "0.10.3" +version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" +checksum = "5b96237efa0c878c64bd89c436f661be4e46b2f3eff1ebb976f7ef2321d2f58f" dependencies = [ "proc-macro2", "quote", diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 3b14531..5d0b400 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -94,11 +94,11 @@ tracing = { version = "0.1.41" } quinn = { version = "0.11.7", optional = true } h3 = { version = "0.0.8", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.10", optional = true } -s2n-quic = { version = "1.57.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ +s2n-quic = { version = "1.58.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } -s2n-quic-core = { version = "0.57.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } -s2n-quic-rustls = { version = "0.57.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } +s2n-quic-core = { version = "0.58.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } +s2n-quic-rustls = { version = "0.58.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } s2n-quic-h3 = { path = "../submodules/s2n-quic/quic/s2n-quic-h3/", features = [ "tracing", ], optional = true } diff --git a/submodules/s2n-quic b/submodules/s2n-quic index a4e601d..3e9b3f2 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit a4e601db45c1de09a088ca3c021e73c32760dfb7 +Subproject commit 3e9b3f2f499626acbf1d697aa8f58095b6585ce3 From 80d980541e0762ec29cdc743f295f9985df7231d Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Mon, 12 May 2025 00:46:38 +0900 Subject: [PATCH 13/69] deps --- Cargo.lock | 69 +++++++++++++++++++++++++++++++++++-------- rpxy-bin/Cargo.toml | 4 +-- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- 4 files changed, 61 insertions(+), 16 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0ee23d9..eda3fd1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -392,6 +392,12 @@ version = "3.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf" +[[package]] +name = "bytemuck" +version = "1.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9134a6ef01ce4b366b50689c94f82c14bc72bc5d0386829828a2e2752ef7958c" + [[package]] name = "byteorder" version = "1.5.0" @@ -468,18 +474,18 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.37" +version = "4.5.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eccb054f56cbd38340b380d4a8e69ef1f02f1af43db2f0cc817a4774d80ae071" +checksum = "ed93b9805f8ba930df42c2590f05453d5ec36cbb85d018868a5b24d31f6ac000" dependencies = [ "clap_builder", ] [[package]] name = "clap_builder" -version = "4.5.37" +version = "4.5.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "efd9466fac8543255d3b1fcad4762c5e116ffe808c8a3043d4263cd4fd4862a2" +checksum = "379026ff283facf611b0ea629334361c4211d1b12ee01024eec1591133b04120" dependencies = [ "anstream", "anstyle", @@ -755,6 +761,18 @@ dependencies = [ "pin-project-lite", ] +[[package]] +name = "fastbloom" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27cea6e7f512d43b098939ff4d5a5d6fe3db07971e1d05176fe26c642d33f5b8" +dependencies = [ + "getrandom 0.3.2", + "rand 0.9.1", + "siphasher", + "wide", +] + [[package]] name = "fastrand" version = "2.3.0" @@ -1507,6 +1525,12 @@ dependencies = [ "hashbrown", ] +[[package]] +name = "lru-slab" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154" + [[package]] name = "matchers" version = "0.1.0" @@ -1849,9 +1873,9 @@ checksum = "1190fd18ae6ce9e137184f207593877e70f39b015040156b1e05081cdfe3733a" [[package]] name = "quinn" -version = "0.11.7" +version = "0.11.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3bd15a6f2967aef83887dcb9fec0014580467e33720d073560cf015a5683012" +checksum = "626214629cda6781b6dc1d316ba307189c85ba657213ce642d9c77670f8202c8" dependencies = [ "bytes", "cfg_aliases", @@ -1870,12 +1894,14 @@ dependencies = [ [[package]] name = "quinn-proto" -version = "0.11.11" +version = "0.11.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcbafbbdbb0f638fe3f35f3c56739f77a8a1d070cb25603226c83339b391472b" +checksum = "49df843a9161c85bb8aae55f101bc0bac8bcafd637a620d9122fd7e0b2f7422e" dependencies = [ "bytes", + "fastbloom", "getrandom 0.3.2", + "lru-slab", "rand 0.9.1", "ring", "rustc-hash 2.1.1", @@ -2330,9 +2356,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.2" +version = "0.103.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7149975849f1abb3832b246010ef62ccc80d3a76169517ada7188252b9cfb437" +checksum = "e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435" dependencies = [ "aws-lc-rs", "ring", @@ -2513,6 +2539,15 @@ dependencies = [ "libc", ] +[[package]] +name = "safe_arch" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96b02de82ddbe1b636e6170c21be622223aea188ef2e139be0a5b219ec215323" +dependencies = [ + "bytemuck", +] + [[package]] name = "same-file" version = "1.0.6" @@ -2589,9 +2624,9 @@ dependencies = [ [[package]] name = "serde_ignored" -version = "0.1.11" +version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "566da67d80e92e009728b3731ff0e5360cb181432b8ca73ea30bb1d170700d76" +checksum = "b516445dac1e3535b6d658a7b528d771153dfb272ed4180ca4617a20550365ff" dependencies = [ "serde", ] @@ -3256,6 +3291,16 @@ dependencies = [ "rustix 0.38.44", ] +[[package]] +name = "wide" +version = "0.7.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41b5576b9a81633f3e8df296ce0063042a73507636cbe956c61133dd7034ab22" +dependencies = [ + "bytemuck", + "safe_arch", +] + [[package]] name = "winapi" version = "0.3.9" diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index a99de63..a0664ac 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -47,10 +47,10 @@ async-trait = "0.1.88" futures-util = { version = "0.3.31", default-features = false } # config -clap = { version = "4.5.37", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.5.38", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8.22", default-features = false, features = ["parse"] } hot_reload = "0.1.9" -serde_ignored = "0.1.11" +serde_ignored = "0.1.12" # logging tracing = { version = "0.1.41" } diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 90b15e6..3ccbc19 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -27,7 +27,7 @@ rustls = { version = "0.23.27", default-features = false, features = [ "aws_lc_rs", ] } rustls-pemfile = { version = "2.2.0" } -rustls-webpki = { version = "0.103.2", default-features = false, features = [ +rustls-webpki = { version = "0.103.3", default-features = false, features = [ "std", "aws-lc-rs", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 5d0b400..2457bfc 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -91,7 +91,7 @@ rpxy-acme = { path = "../rpxy-acme/", default-features = false, optional = true tracing = { version = "0.1.41" } # http/3 -quinn = { version = "0.11.7", optional = true } +quinn = { version = "0.11.8", optional = true } h3 = { version = "0.0.8", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.10", optional = true } s2n-quic = { version = "1.58.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ From 102b4964dc0d05cebe9a6f40449aab3d8d400ea1 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 13 May 2025 14:50:22 +0900 Subject: [PATCH 14/69] deps --- submodules/s2n-quic | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 3e9b3f2..6af2c33 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 3e9b3f2f499626acbf1d697aa8f58095b6585ce3 +Subproject commit 6af2c33b89f5dc6a314e2b2bb957225853ceb4d1 From 4761439338861dfd662c24d36d24989f75431846 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 13 May 2025 19:28:48 +0900 Subject: [PATCH 15/69] refactor --- Cargo.lock | 96 +++++++++++++++---- rpxy-bin/src/error.rs | 2 +- rpxy-certs/src/server_crypto.rs | 2 +- rpxy-lib/src/backend/backend_main.rs | 2 +- .../backend/load_balance/load_balance_main.rs | 2 +- .../load_balance/load_balance_sticky.rs | 4 +- rpxy-lib/src/backend/load_balance/mod.rs | 2 +- .../src/backend/load_balance/sticky_cookie.rs | 7 +- rpxy-lib/src/backend/upstream.rs | 4 +- rpxy-lib/src/forwarder/cache/mod.rs | 2 +- rpxy-lib/src/forwarder/client.rs | 4 +- rpxy-lib/src/hyper_ext/body_incoming_like.rs | 2 +- rpxy-lib/src/hyper_ext/body_type.rs | 2 +- rpxy-lib/src/hyper_ext/mod.rs | 2 +- rpxy-lib/src/hyper_ext/watch.rs | 2 +- .../src/message_handler/canonical_address.rs | 5 +- .../src/message_handler/synthetic_response.rs | 2 +- rpxy-lib/src/message_handler/utils_headers.rs | 4 +- rpxy-lib/src/message_handler/utils_request.rs | 4 +- rpxy-lib/src/proxy/proxy_main.rs | 2 +- 20 files changed, 104 insertions(+), 48 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index eda3fd1..da1d618 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -24,7 +24,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75" dependencies = [ "cfg-if", - "getrandom 0.3.2", + "getrandom 0.3.3", "once_cell", "version_check", "zerocopy", @@ -412,9 +412,9 @@ checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" [[package]] name = "cc" -version = "1.2.21" +version = "1.2.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8691782945451c1c383942c4874dbe63814f61cb57ef773cda2972682b7bb3c0" +checksum = "32db95edf998450acc7881c932f94cd9b05c87b4b2599e8bab064753da4acfd1" dependencies = [ "jobserver", "libc", @@ -767,7 +767,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "27cea6e7f512d43b098939ff4d5a5d6fe3db07971e1d05176fe26c642d33f5b8" dependencies = [ - "getrandom 0.3.2", + "getrandom 0.3.3", "rand 0.9.1", "siphasher", "wide", @@ -970,9 +970,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73fea8450eea4bac3940448fb7ae50d91f034f941199fcd9d909a5a07aa455f0" +checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4" dependencies = [ "cfg-if", "js-sys", @@ -1434,7 +1434,7 @@ version = "0.1.33" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "38f262f097c174adebe41eb73d66ae9c06b2844fb0da69969647bbddd9b0538a" dependencies = [ - "getrandom 0.3.2", + "getrandom 0.3.3", "libc", ] @@ -1468,12 +1468,12 @@ checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa" [[package]] name = "libloading" -version = "0.8.6" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" +checksum = "6a793df0d7afeac54f95b471d3af7f0d4fb975699f972341a4b76988d49cdf0c" dependencies = [ "cfg-if", - "windows-targets 0.52.6", + "windows-targets 0.53.0", ] [[package]] @@ -1900,7 +1900,7 @@ checksum = "49df843a9161c85bb8aae55f101bc0bac8bcafd637a620d9122fd7e0b2f7422e" dependencies = [ "bytes", "fastbloom", - "getrandom 0.3.2", + "getrandom 0.3.3", "lru-slab", "rand 0.9.1", "ring", @@ -2002,7 +2002,7 @@ version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38" dependencies = [ - "getrandom 0.3.2", + "getrandom 0.3.3", ] [[package]] @@ -2751,12 +2751,12 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.19.1" +version = "3.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7437ac7763b9b123ccf33c338a5cc1bac6f69b45a136c19bdd8a65e3916435bf" +checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1" dependencies = [ "fastrand", - "getrandom 0.3.2", + "getrandom 0.3.3", "once_cell", "rustix 1.0.7", "windows-sys 0.59.0", @@ -3442,13 +3442,29 @@ dependencies = [ "windows_aarch64_gnullvm 0.52.6", "windows_aarch64_msvc 0.52.6", "windows_i686_gnu 0.52.6", - "windows_i686_gnullvm", + "windows_i686_gnullvm 0.52.6", "windows_i686_msvc 0.52.6", "windows_x86_64_gnu 0.52.6", "windows_x86_64_gnullvm 0.52.6", "windows_x86_64_msvc 0.52.6", ] +[[package]] +name = "windows-targets" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1e4c7e8ceaaf9cb7d7507c974735728ab453b67ef8f18febdd7c11fe59dca8b" +dependencies = [ + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", +] + [[package]] name = "windows_aarch64_gnullvm" version = "0.42.2" @@ -3461,6 +3477,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + [[package]] name = "windows_aarch64_msvc" version = "0.42.2" @@ -3473,6 +3495,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + [[package]] name = "windows_i686_gnu" version = "0.42.2" @@ -3485,12 +3513,24 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + [[package]] name = "windows_i686_gnullvm" version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + [[package]] name = "windows_i686_msvc" version = "0.42.2" @@ -3503,6 +3543,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + [[package]] name = "windows_x86_64_gnu" version = "0.42.2" @@ -3515,6 +3561,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + [[package]] name = "windows_x86_64_gnullvm" version = "0.42.2" @@ -3527,6 +3579,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + [[package]] name = "windows_x86_64_msvc" version = "0.42.2" @@ -3539,6 +3597,12 @@ version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" + [[package]] name = "winnow" version = "0.7.10" diff --git a/rpxy-bin/src/error.rs b/rpxy-bin/src/error.rs index 9751fb5..adb0969 100644 --- a/rpxy-bin/src/error.rs +++ b/rpxy-bin/src/error.rs @@ -1,2 +1,2 @@ #[allow(unused)] -pub use anyhow::{anyhow, bail, ensure, Context}; +pub use anyhow::{Context, anyhow, bail, ensure}; diff --git a/rpxy-certs/src/server_crypto.rs b/rpxy-certs/src/server_crypto.rs index 9a15c5a..a3282cc 100644 --- a/rpxy-certs/src/server_crypto.rs +++ b/rpxy-certs/src/server_crypto.rs @@ -1,9 +1,9 @@ use crate::{certs::SingleServerCertsKeys, error::*, log::*}; use ahash::HashMap; use rustls::{ + RootCertStore, ServerConfig, crypto::CryptoProvider, server::{ResolvesServerCertUsingSni, WebPkiClientVerifier}, - RootCertStore, ServerConfig, }; use std::sync::Arc; diff --git a/rpxy-lib/src/backend/backend_main.rs b/rpxy-lib/src/backend/backend_main.rs index 1ac49cb..af05704 100644 --- a/rpxy-lib/src/backend/backend_main.rs +++ b/rpxy-lib/src/backend/backend_main.rs @@ -1,8 +1,8 @@ use crate::{ + AppConfig, AppConfigList, error::*, log::*, name_exp::{ByteName, ServerName}, - AppConfig, AppConfigList, }; use ahash::HashMap; use derive_builder::Builder; diff --git a/rpxy-lib/src/backend/load_balance/load_balance_main.rs b/rpxy-lib/src/backend/load_balance/load_balance_main.rs index 0db21dd..6d14572 100644 --- a/rpxy-lib/src/backend/load_balance/load_balance_main.rs +++ b/rpxy-lib/src/backend/load_balance/load_balance_main.rs @@ -7,8 +7,8 @@ pub use super::{ use derive_builder::Builder; use rand::Rng; use std::sync::{ - atomic::{AtomicUsize, Ordering}, Arc, + atomic::{AtomicUsize, Ordering}, }; /// Constants to specify a load balance option diff --git a/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs b/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs index 46ac74e..93fc2ba 100644 --- a/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs +++ b/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs @@ -1,7 +1,7 @@ use super::{ + Upstream, load_balance_main::{LoadBalanceContext, LoadBalanceWithPointer, PointerToUpstream}, sticky_cookie::StickyCookieConfig, - Upstream, }; use crate::{constants::STICKY_COOKIE_NAME, log::*}; use ahash::HashMap; @@ -9,8 +9,8 @@ use derive_builder::Builder; use std::{ borrow::Cow, sync::{ - atomic::{AtomicUsize, Ordering}, Arc, + atomic::{AtomicUsize, Ordering}, }, }; diff --git a/rpxy-lib/src/backend/load_balance/mod.rs b/rpxy-lib/src/backend/load_balance/mod.rs index 38d312b..b77f72c 100644 --- a/rpxy-lib/src/backend/load_balance/mod.rs +++ b/rpxy-lib/src/backend/load_balance/mod.rs @@ -8,7 +8,7 @@ use super::upstream::Upstream; use thiserror::Error; pub use load_balance_main::{ - load_balance_options, LoadBalance, LoadBalanceContext, LoadBalanceRandomBuilder, LoadBalanceRoundRobinBuilder, + LoadBalance, LoadBalanceContext, LoadBalanceRandomBuilder, LoadBalanceRoundRobinBuilder, load_balance_options, }; #[cfg(feature = "sticky-cookie")] pub use load_balance_sticky::LoadBalanceStickyBuilder; diff --git a/rpxy-lib/src/backend/load_balance/sticky_cookie.rs b/rpxy-lib/src/backend/load_balance/sticky_cookie.rs index 28572b5..cad603c 100644 --- a/rpxy-lib/src/backend/load_balance/sticky_cookie.rs +++ b/rpxy-lib/src/backend/load_balance/sticky_cookie.rs @@ -91,12 +91,7 @@ impl<'a> StickyCookieBuilder { self } /// Set the meta information of sticky cookie - pub fn info( - &mut self, - domain: impl Into>, - path: impl Into>, - duration_secs: i64, - ) -> &mut Self { + pub fn info(&mut self, domain: impl Into>, path: impl Into>, duration_secs: i64) -> &mut Self { let info = StickyCookieInfoBuilder::default() .domain(domain) .path(path) diff --git a/rpxy-lib/src/backend/upstream.rs b/rpxy-lib/src/backend/upstream.rs index 353db99..4699b5b 100644 --- a/rpxy-lib/src/backend/upstream.rs +++ b/rpxy-lib/src/backend/upstream.rs @@ -1,7 +1,7 @@ #[cfg(feature = "sticky-cookie")] use super::load_balance::LoadBalanceStickyBuilder; use super::load_balance::{ - load_balance_options as lb_opts, LoadBalance, LoadBalanceContext, LoadBalanceRandomBuilder, LoadBalanceRoundRobinBuilder, + LoadBalance, LoadBalanceContext, LoadBalanceRandomBuilder, LoadBalanceRoundRobinBuilder, load_balance_options as lb_opts, }; // use super::{BytesName, LbContext, PathNameBytesExp, UpstreamOption}; use super::upstream_opts::UpstreamOption; @@ -13,7 +13,7 @@ use crate::{ }; use ahash::{HashMap, HashSet}; #[cfg(feature = "sticky-cookie")] -use base64::{engine::general_purpose, Engine as _}; +use base64::{Engine as _, engine::general_purpose}; use derive_builder::Builder; #[cfg(feature = "sticky-cookie")] use sha2::{Digest, Sha256}; diff --git a/rpxy-lib/src/forwarder/cache/mod.rs b/rpxy-lib/src/forwarder/cache/mod.rs index 076eaa3..8856bc0 100644 --- a/rpxy-lib/src/forwarder/cache/mod.rs +++ b/rpxy-lib/src/forwarder/cache/mod.rs @@ -2,4 +2,4 @@ mod cache_error; mod cache_main; pub use cache_error::CacheError; -pub(crate) use cache_main::{get_policy_if_cacheable, RpxyCache}; +pub(crate) use cache_main::{RpxyCache, get_policy_if_cacheable}; diff --git a/rpxy-lib/src/forwarder/client.rs b/rpxy-lib/src/forwarder/client.rs index 292be06..45597bc 100644 --- a/rpxy-lib/src/forwarder/client.rs +++ b/rpxy-lib/src/forwarder/client.rs @@ -9,13 +9,13 @@ use async_trait::async_trait; use http::{Request, Response, Version}; use hyper::body::{Body, Incoming}; use hyper_util::client::legacy::{ - connect::{Connect, HttpConnector}, Client, + connect::{Connect, HttpConnector}, }; use std::sync::Arc; #[cfg(feature = "cache")] -use super::cache::{get_policy_if_cacheable, RpxyCache}; +use super::cache::{RpxyCache, get_policy_if_cacheable}; #[async_trait] /// Definition of the forwarder that simply forward requests from downstream client to upstream app servers. diff --git a/rpxy-lib/src/hyper_ext/body_incoming_like.rs b/rpxy-lib/src/hyper_ext/body_incoming_like.rs index 1a86409..844b0bd 100644 --- a/rpxy-lib/src/hyper_ext/body_incoming_like.rs +++ b/rpxy-lib/src/hyper_ext/body_incoming_like.rs @@ -1,7 +1,7 @@ use super::watch; use crate::error::*; use futures_channel::{mpsc, oneshot}; -use futures_util::{stream::FusedStream, Future, Stream}; +use futures_util::{Future, Stream, stream::FusedStream}; use http::HeaderMap; use hyper::body::{Body, Bytes, Frame, SizeHint}; use std::{ diff --git a/rpxy-lib/src/hyper_ext/body_type.rs b/rpxy-lib/src/hyper_ext/body_type.rs index ca44756..5d39fb4 100644 --- a/rpxy-lib/src/hyper_ext/body_type.rs +++ b/rpxy-lib/src/hyper_ext/body_type.rs @@ -1,7 +1,7 @@ use super::body::IncomingLike; use crate::error::RpxyError; use futures::channel::mpsc::UnboundedReceiver; -use http_body_util::{combinators, BodyExt, Empty, Full, StreamBody}; +use http_body_util::{BodyExt, Empty, Full, StreamBody, combinators}; use hyper::body::{Body, Bytes, Frame, Incoming}; use std::pin::Pin; diff --git a/rpxy-lib/src/hyper_ext/mod.rs b/rpxy-lib/src/hyper_ext/mod.rs index a4c5196..4f68cc5 100644 --- a/rpxy-lib/src/hyper_ext/mod.rs +++ b/rpxy-lib/src/hyper_ext/mod.rs @@ -12,5 +12,5 @@ pub(crate) mod rt { #[allow(unused)] pub(crate) mod body { pub(crate) use super::body_incoming_like::IncomingLike; - pub(crate) use super::body_type::{empty, full, BoxBody, RequestBody, ResponseBody, UnboundedStreamBody}; + pub(crate) use super::body_type::{BoxBody, RequestBody, ResponseBody, UnboundedStreamBody, empty, full}; } diff --git a/rpxy-lib/src/hyper_ext/watch.rs b/rpxy-lib/src/hyper_ext/watch.rs index d5e1c7e..14f5650 100644 --- a/rpxy-lib/src/hyper_ext/watch.rs +++ b/rpxy-lib/src/hyper_ext/watch.rs @@ -7,8 +7,8 @@ use futures_util::task::AtomicWaker; use std::sync::{ - atomic::{AtomicUsize, Ordering}, Arc, + atomic::{AtomicUsize, Ordering}, }; use std::task; diff --git a/rpxy-lib/src/message_handler/canonical_address.rs b/rpxy-lib/src/message_handler/canonical_address.rs index 32dad78..d29177d 100644 --- a/rpxy-lib/src/message_handler/canonical_address.rs +++ b/rpxy-lib/src/message_handler/canonical_address.rs @@ -44,10 +44,7 @@ mod tests { } #[test] fn ipv6_to_canonical() { - let socket = SocketAddr::new( - IpAddr::V6(Ipv6Addr::new(0x2001, 0x0db8, 0, 0, 0, 0, 0xdead, 0xbeef)), - 8080, - ); + let socket = SocketAddr::new(IpAddr::V6(Ipv6Addr::new(0x2001, 0x0db8, 0, 0, 0, 0, 0xdead, 0xbeef)), 8080); assert_eq!(socket.to_canonical(), socket); } #[test] diff --git a/rpxy-lib/src/message_handler/synthetic_response.rs b/rpxy-lib/src/message_handler/synthetic_response.rs index a955a2d..41ee4c3 100644 --- a/rpxy-lib/src/message_handler/synthetic_response.rs +++ b/rpxy-lib/src/message_handler/synthetic_response.rs @@ -1,7 +1,7 @@ use super::http_result::{HttpError, HttpResult}; use crate::{ error::*, - hyper_ext::body::{empty, ResponseBody}, + hyper_ext::body::{ResponseBody, empty}, name_exp::ServerName, }; use http::{Request, Response, StatusCode, Uri}; diff --git a/rpxy-lib/src/message_handler/utils_headers.rs b/rpxy-lib/src/message_handler/utils_headers.rs index 1fa3c99..cfcadba 100644 --- a/rpxy-lib/src/message_handler/utils_headers.rs +++ b/rpxy-lib/src/message_handler/utils_headers.rs @@ -3,9 +3,9 @@ use crate::{ backend::{UpstreamCandidates, UpstreamOption}, log::*, }; -use anyhow::{anyhow, ensure, Result}; +use anyhow::{Result, anyhow, ensure}; use bytes::BufMut; -use http::{header, HeaderMap, HeaderName, HeaderValue, Uri}; +use http::{HeaderMap, HeaderName, HeaderValue, Uri, header}; use std::{borrow::Cow, net::SocketAddr}; #[cfg(feature = "sticky-cookie")] diff --git a/rpxy-lib/src/message_handler/utils_request.rs b/rpxy-lib/src/message_handler/utils_request.rs index 0a0a77c..98acdc0 100644 --- a/rpxy-lib/src/message_handler/utils_request.rs +++ b/rpxy-lib/src/message_handler/utils_request.rs @@ -2,8 +2,8 @@ use crate::{ backend::{Upstream, UpstreamCandidates, UpstreamOption}, log::*, }; -use anyhow::{anyhow, ensure, Result}; -use http::{header, uri::Scheme, Request, Version}; +use anyhow::{Result, anyhow, ensure}; +use http::{Request, Version, header, uri::Scheme}; /// Trait defining parser of hostname /// Inspect and extract hostname from either the request HOST header or request line diff --git a/rpxy-lib/src/proxy/proxy_main.rs b/rpxy-lib/src/proxy/proxy_main.rs index 5244ecf..cfc8b6e 100644 --- a/rpxy-lib/src/proxy/proxy_main.rs +++ b/rpxy-lib/src/proxy/proxy_main.rs @@ -11,7 +11,7 @@ use crate::{ message_handler::HttpMessageHandler, name_exp::ServerName, }; -use futures::{select, FutureExt}; +use futures::{FutureExt, select}; use http::{Request, Response}; use hyper::{ body::Incoming, From 57c1fd9e7e4df48983ebe97dd9ed4d198073940e Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 14 May 2025 13:28:28 +0900 Subject: [PATCH 16/69] deps --- submodules/s2n-quic | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 6af2c33..30b2a32 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 6af2c33b89f5dc6a314e2b2bb957225853ceb4d1 +Subproject commit 30b2a3229e0ddf66c7370687e63b1739fbebc542 From 47016b6d84cd062d53ba66375154bf7bfa8a645d Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 15 May 2025 10:16:28 +0900 Subject: [PATCH 17/69] deps --- submodules/s2n-quic | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 30b2a32..a7880b8 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 30b2a3229e0ddf66c7370687e63b1739fbebc542 +Subproject commit a7880b898663d35bbbf307f53b61fe9d691db2bc From 1da0d77309cad5606c4ef807c4f76c4064fd58e8 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 16 May 2025 16:31:58 +0900 Subject: [PATCH 18/69] refactor --- rpxy-lib/src/backend/backend_main.rs | 1 + rpxy-lib/src/proxy/proxy_h3.rs | 4 +- rpxy-lib/src/proxy/proxy_main.rs | 85 ++++++++++++++-------------- rpxy-lib/src/proxy/socket.rs | 17 +++--- 4 files changed, 56 insertions(+), 51 deletions(-) diff --git a/rpxy-lib/src/backend/backend_main.rs b/rpxy-lib/src/backend/backend_main.rs index af05704..5524956 100644 --- a/rpxy-lib/src/backend/backend_main.rs +++ b/rpxy-lib/src/backend/backend_main.rs @@ -26,6 +26,7 @@ pub struct BackendApp { pub https_redirection: Option, /// tls settings: mutual TLS is enabled #[builder(default)] + #[allow(unused)] pub mutual_tls: Option, } impl<'a> BackendAppBuilder { diff --git a/rpxy-lib/src/proxy/proxy_h3.rs b/rpxy-lib/src/proxy/proxy_h3.rs index acfe07d..1eed0c5 100644 --- a/rpxy-lib/src/proxy/proxy_h3.rs +++ b/rpxy-lib/src/proxy/proxy_h3.rs @@ -68,7 +68,7 @@ where h3_conn.shutdown(0).await?; break; } - debug!("Request incoming: current # {}", request_count.current()); + trace!("Request incoming: current # {}", request_count.current()); let self_inner = self.clone(); let tls_server_name_inner = tls_server_name.clone(); @@ -82,7 +82,7 @@ where warn!("HTTP/3 error on serve stream: {}", e); } request_count.decrement(); - debug!("Request processed: current # {}", request_count.current()); + trace!("Request processed: current # {}", request_count.current()); }); } } diff --git a/rpxy-lib/src/proxy/proxy_main.rs b/rpxy-lib/src/proxy/proxy_main.rs index cfc8b6e..b858072 100644 --- a/rpxy-lib/src/proxy/proxy_main.rs +++ b/rpxy-lib/src/proxy/proxy_main.rs @@ -80,7 +80,7 @@ where request_count.decrement(); return; } - debug!("Request incoming: current # {}", request_count.current()); + trace!("Request incoming: current # {}", request_count.current()); let server_clone = self.connection_builder.clone(); let message_handler_clone = self.message_handler.clone(); @@ -110,7 +110,7 @@ where } request_count.decrement(); - debug!("Request processed: current # {}", request_count.current()); + trace!("Request processed: current # {}", request_count.current()); }); } @@ -131,52 +131,55 @@ where /// Start with TLS (HTTPS) pub(super) async fn start_with_tls(&self, cancel_token: CancellationToken) -> RpxyResult<()> { + // By default, TLS listener is spawned + let join_handle_tls = self.globals.runtime_handle.spawn({ + let self_clone = self.clone(); + let cancel_token = cancel_token.clone(); + async move { + select! { + _ = self_clone.tls_listener_service().fuse() => { + error!("TCP proxy service for TLS exited"); + cancel_token.cancel(); + }, + _ = cancel_token.cancelled().fuse() => { + debug!("Cancel token is called for TLS listener"); + } + } + } + }); + #[cfg(not(any(feature = "http3-quinn", feature = "http3-s2n")))] { - self.tls_listener_service().await?; - error!("TCP proxy service for TLS exited"); + let _ = join_handle_tls.await; Ok(()) } + #[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))] { - if self.globals.proxy_config.http3 { - let jh_tls = self.globals.runtime_handle.spawn({ - let self_clone = self.clone(); - let cancel_token = cancel_token.clone(); - async move { - select! { - _ = self_clone.tls_listener_service().fuse() => { - error!("TCP proxy service for TLS exited"); - cancel_token.cancel(); - }, - _ = cancel_token.cancelled().fuse() => { - debug!("Cancel token is called for TLS listener"); - } - } - } - }); - let jh_h3 = self.globals.runtime_handle.spawn({ - let self_clone = self.clone(); - async move { - select! { - _ = self_clone.h3_listener_service().fuse() => { - error!("UDP proxy service for QUIC exited"); - cancel_token.cancel(); - }, - _ = cancel_token.cancelled().fuse() => { - debug!("Cancel token is called for QUIC listener"); - } - } - } - }); - let _ = futures::future::join(jh_tls, jh_h3).await; - - Ok(()) - } else { - self.tls_listener_service().await?; - error!("TCP proxy service for TLS exited"); - Ok(()) + // If HTTP/3 is not enabled, wait for TLS listener to finish + if !self.globals.proxy_config.http3 { + let _ = join_handle_tls.await; + return Ok(()); } + + // If HTTP/3 is enabled, spawn a task to handle HTTP/3 connections + let join_handle_h3 = self.globals.runtime_handle.spawn({ + let self_clone = self.clone(); + async move { + select! { + _ = self_clone.h3_listener_service().fuse() => { + error!("UDP proxy service for QUIC exited"); + cancel_token.cancel(); + }, + _ = cancel_token.cancelled().fuse() => { + debug!("Cancel token is called for QUIC listener"); + } + } + } + }); + let _ = futures::future::join(join_handle_tls, join_handle_h3).await; + + Ok(()) } } diff --git a/rpxy-lib/src/proxy/socket.rs b/rpxy-lib/src/proxy/socket.rs index 322b42b..fbb810d 100644 --- a/rpxy-lib/src/proxy/socket.rs +++ b/rpxy-lib/src/proxy/socket.rs @@ -16,10 +16,12 @@ pub(super) fn bind_tcp_socket(listening_on: &SocketAddr) -> RpxyResult RpxyResult Date: Fri, 16 May 2025 16:33:12 +0900 Subject: [PATCH 19/69] chore: lock --- Cargo.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index da1d618..459df62 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -360,9 +360,9 @@ dependencies = [ [[package]] name = "bitflags" -version = "2.9.0" +version = "2.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd" +checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" [[package]] name = "block-buffer" @@ -732,9 +732,9 @@ checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" [[package]] name = "errno" -version = "0.3.11" +version = "0.3.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "976dd42dc7e85965fe702eb8164f21f450704bdde31faefd6471dba214cb594e" +checksum = "cea14ef9355e3beab063703aa9dab15afd25f0667c341310c1e5274bb1d0da18" dependencies = [ "libc", "windows-sys 0.59.0", @@ -3334,9 +3334,9 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.61.0" +version = "0.61.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4763c1de310c86d75a878046489e2e5ba02c649d185f21c67d4cf8a56d098980" +checksum = "46ec44dc15085cea82cf9c78f85a9114c463a369786585ad2882d1ff0b0acf40" dependencies = [ "windows-implement", "windows-interface", @@ -3375,18 +3375,18 @@ checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38" [[package]] name = "windows-result" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c64fd11a4fd95df68efcfee5f44a294fe71b8bc6a91993e2791938abcc712252" +checksum = "4b895b5356fc36103d0f64dd1e94dfa7ac5633f1c9dd6e80fe9ec4adef69e09d" dependencies = [ "windows-link", ] [[package]] name = "windows-strings" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2ba9642430ee452d5a7aa78d72907ebe8cfda358e8cb7918a2050581322f97" +checksum = "2a7ab927b2637c19b3dbe0965e75d8f2d30bdd697a1516191cad2ec4df8fb28a" dependencies = [ "windows-link", ] From a412eb08d6d6f653a938f4d07a99d2c95a3c6475 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 16 May 2025 17:31:06 +0900 Subject: [PATCH 20/69] chore: submodule --- submodules/s2n-quic | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/s2n-quic b/submodules/s2n-quic index a7880b8..250347d 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit a7880b898663d35bbbf307f53b61fe9d691db2bc +Subproject commit 250347d34e8841a8958437f7c461513d157e1957 From 2705db6b91b69674c3ae5c514931deff8f37b5ac Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 16 May 2025 18:27:02 +0900 Subject: [PATCH 21/69] refactor handler_main --- rpxy-lib/src/lib.rs | 6 +-- rpxy-lib/src/message_handler/handler_main.rs | 54 ++++++++++---------- 2 files changed, 27 insertions(+), 33 deletions(-) diff --git a/rpxy-lib/src/lib.rs b/rpxy-lib/src/lib.rs index 72ddbd3..77c5b93 100644 --- a/rpxy-lib/src/lib.rs +++ b/rpxy-lib/src/lib.rs @@ -180,9 +180,5 @@ pub async fn entrypoint( } }); // returns the first error as the representative error - if let Some(e) = errs.next() { - return Err(e); - } - - Ok(()) + errs.next().map_or(Ok(()), |e| Err(e)) } diff --git a/rpxy-lib/src/message_handler/handler_main.rs b/rpxy-lib/src/message_handler/handler_main.rs index 9496e6a..920e55c 100644 --- a/rpxy-lib/src/message_handler/handler_main.rs +++ b/rpxy-lib/src/message_handler/handler_main.rs @@ -107,9 +107,11 @@ where let backend_app = match self.app_manager.apps.get(&server_name) { Some(backend_app) => backend_app, None => { - let Some(default_server_name) = &self.app_manager.default_server_name else { - return Err(HttpError::NoMatchingBackendApp); - }; + let default_server_name = self + .app_manager + .default_server_name + .as_ref() + .ok_or(HttpError::NoMatchingBackendApp)?; debug!("Serving by default app"); self.app_manager.apps.get(default_server_name).unwrap() } @@ -131,9 +133,7 @@ where // Find reverse proxy for given path and choose one of upstream host // Longest prefix match let path = req.uri().path(); - let Some(upstream_candidates) = backend_app.path_manager.get(path) else { - return Err(HttpError::NoUpstreamCandidates); - }; + let upstream_candidates = backend_app.path_manager.get(path).ok_or(HttpError::NoUpstreamCandidates)?; // Upgrade in request header let upgrade_in_request = extract_upgrade(req.headers()); @@ -147,19 +147,17 @@ where let req_on_upgrade = hyper::upgrade::on(&mut req); // Build request from destination information - let _context = match self.generate_request_forwarded( - &client_addr, - &listen_addr, - &mut req, - &upgrade_in_request, - upstream_candidates, - tls_enabled, - ) { - Err(e) => { - return Err(HttpError::FailedToGenerateUpstreamRequest(e.to_string())); - } - Ok(v) => v, - }; + let _context = self + .generate_request_forwarded( + &client_addr, + &listen_addr, + &mut req, + &upgrade_in_request, + upstream_candidates, + tls_enabled, + ) + .map_err(|e| HttpError::FailedToGenerateUpstreamRequest(e.to_string()))?; + debug!( "Request to be forwarded: [uri {}, method: {}, version {:?}, headers {:?}]", req.uri(), @@ -173,12 +171,12 @@ where ////////////// // Forward request to a chosen backend - let mut res_backend = match self.forwarder.request(req).await { - Ok(v) => v, - Err(e) => { - return Err(HttpError::FailedToGetResponseFromBackend(e.to_string())); - } - }; + let mut res_backend = self + .forwarder + .request(req) + .await + .map_err(|e| HttpError::FailedToGetResponseFromBackend(e.to_string()))?; + ////////////// // Process reverse proxy context generated during the forwarding request generation. #[cfg(feature = "sticky-cookie")] @@ -191,9 +189,9 @@ where if res_backend.status() != StatusCode::SWITCHING_PROTOCOLS { // Generate response to client - if let Err(e) = self.generate_response_forwarded(&mut res_backend, backend_app) { - return Err(HttpError::FailedToGenerateDownstreamResponse(e.to_string())); - } + self + .generate_response_forwarded(&mut res_backend, backend_app) + .map_err(|e| HttpError::FailedToGenerateDownstreamResponse(e.to_string()))?; return Ok(res_backend); } From e259e0b58897258d98fdb7504a1cbcbd7c5b37db Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 16 May 2025 19:30:51 +0900 Subject: [PATCH 22/69] refactor --- .../load_balance/load_balance_sticky.rs | 17 ++++---- rpxy-lib/src/backend/upstream.rs | 40 +++++++++---------- rpxy-lib/src/forwarder/cache/cache_main.rs | 16 ++++---- .../handler_manipulate_messages.rs | 24 +++++------ rpxy-lib/src/message_handler/utils_headers.rs | 15 +++---- 5 files changed, 52 insertions(+), 60 deletions(-) diff --git a/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs b/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs index 93fc2ba..4282312 100644 --- a/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs +++ b/rpxy-lib/src/backend/load_balance/load_balance_sticky.rs @@ -112,13 +112,16 @@ impl LoadBalanceWithPointer for LoadBalanceSticky { } Some(context) => { let server_id = &context.sticky_cookie.value.value; - if let Some(server_index) = self.get_server_index_from_id(server_id) { - debug!("Valid sticky cookie: id={}, index={}", server_id, server_index); - server_index - } else { - debug!("Invalid sticky cookie: id={}", server_id); - self.simple_increment_ptr() - } + self.get_server_index_from_id(server_id).map_or_else( + || { + debug!("Invalid sticky cookie: id={}", server_id); + self.simple_increment_ptr() + }, + |server_index| { + debug!("Valid sticky cookie: id={}, index={}", server_id, server_index); + server_index + }, + ) } }; diff --git a/rpxy-lib/src/backend/upstream.rs b/rpxy-lib/src/backend/upstream.rs index 4699b5b..9760d58 100644 --- a/rpxy-lib/src/backend/upstream.rs +++ b/rpxy-lib/src/backend/upstream.rs @@ -72,27 +72,22 @@ impl PathManager { .inner .iter() .filter(|(route_bytes, _)| { - match path_name.starts_with(route_bytes) { - true => { - route_bytes.len() == 1 // route = '/', i.e., default - || match path_name.get(route_bytes.len()) { - None => true, // exact case - Some(p) => p == &b'/', // sub-path case - } - } - _ => false, + path_name.starts_with(route_bytes) && { + route_bytes.len() == 1 // route = '/', i.e., default + || path_name.get(route_bytes.len()).map_or( + true, // exact case + |p| p == &b'/' + ) // sub-path case } }) .max_by_key(|(route_bytes, _)| route_bytes.len()); - if let Some((path, u)) = matched_upstream { + matched_upstream.map(|(path, u)| { debug!( "Found upstream: {:?}", path.try_into().unwrap_or_else(|_| "".to_string()) ); - Some(u) - } else { - None - } + u + }) } } @@ -211,14 +206,15 @@ impl UpstreamCandidatesBuilder { } /// Set the activated upstream options defined in [[UpstreamOption]] pub fn options(&mut self, v: &Option>) -> &mut Self { - let opts = if let Some(opts) = v { - opts - .iter() - .filter_map(|str| UpstreamOption::try_from(str.as_str()).ok()) - .collect::>() - } else { - Default::default() - }; + let opts = v.as_ref().map_or_else( + || Default::default(), + |opts| { + opts + .iter() + .filter_map(|str| UpstreamOption::try_from(str.as_str()).ok()) + .collect::>() + }, + ); self.options = Some(opts); self } diff --git a/rpxy-lib/src/forwarder/cache/cache_main.rs b/rpxy-lib/src/forwarder/cache/cache_main.rs index 37e1fa9..784000f 100644 --- a/rpxy-lib/src/forwarder/cache/cache_main.rs +++ b/rpxy-lib/src/forwarder/cache/cache_main.rs @@ -185,9 +185,7 @@ impl RpxyCache { let cache_key = derive_cache_key_from_uri(req.uri()); // First check cache chance - let Ok(Some(cached_object)) = self.inner.get(&cache_key) else { - return None; - }; + let cached_object = self.inner.get(&cache_key).ok()??; // Secondly check the cache freshness as an HTTP message let now = SystemTime::now(); @@ -451,10 +449,10 @@ impl LruCacheManager { /// Push an entry fn push(&self, cache_key: &str, cache_object: &CacheObject) -> CacheResult> { - let Ok(mut lock) = self.inner.lock() else { + let mut lock = self.inner.lock().map_err(|_| { error!("Failed to acquire mutex lock for writing cache entry"); - return Err(CacheError::FailedToAcquiredMutexLockForCache); - }; + CacheError::FailedToAcquiredMutexLockForCache + })?; let res = Ok(lock.push(cache_key.to_string(), cache_object.clone())); // This may be inconsistent with the actual number of entries self.cnt.store(lock.len(), Ordering::Relaxed); @@ -463,10 +461,10 @@ impl LruCacheManager { /// Get an entry fn get(&self, cache_key: &str) -> CacheResult> { - let Ok(mut lock) = self.inner.lock() else { + let mut lock = self.inner.lock().map_err(|_| { error!("Mutex can't be locked for checking cache entry"); - return Err(CacheError::FailedToAcquiredMutexLockForCheck); - }; + CacheError::FailedToAcquiredMutexLockForCheck + })?; let Some(cached_object) = lock.get(cache_key) else { return Ok(None); }; diff --git a/rpxy-lib/src/message_handler/handler_manipulate_messages.rs b/rpxy-lib/src/message_handler/handler_manipulate_messages.rs index 680c6ee..dc58486 100644 --- a/rpxy-lib/src/message_handler/handler_manipulate_messages.rs +++ b/rpxy-lib/src/message_handler/handler_manipulate_messages.rs @@ -70,13 +70,15 @@ where // Add te: trailer if contained in original request let contains_te_trailers = { - if let Some(te) = req.headers().get(header::TE) { - te.as_bytes() - .split(|v| v == &b',' || v == &b' ') - .any(|x| x == "trailers".as_bytes()) - } else { - false - } + req + .headers() + .get(header::TE) + .map(|te| { + te.as_bytes() + .split(|v| v == &b',' || v == &b' ') + .any(|x| x == "trailers".as_bytes()) + }) + .unwrap_or(false) }; let original_uri = req.uri().to_string(); @@ -136,11 +138,7 @@ where let new_uri = Uri::builder() .scheme(upstream_chosen.uri.scheme().unwrap().as_str()) .authority(upstream_chosen.uri.authority().unwrap().as_str()); - let org_pq = match req.uri().path_and_query() { - Some(pq) => pq.to_string(), - None => "/".to_string(), - } - .into_bytes(); + let org_pq = req.uri().path_and_query().map(|pq| pq.as_str()).unwrap_or("/").as_bytes(); // replace some parts of path if opt_replace_path is enabled for chosen upstream let new_pq = match &upstream_candidates.replace_path { @@ -155,7 +153,7 @@ where new_pq.extend_from_slice(&org_pq[matched_path.len()..]); new_pq } - None => org_pq, + None => org_pq.to_vec(), }; *req.uri_mut() = new_uri.path_and_query(new_pq).build()?; diff --git a/rpxy-lib/src/message_handler/utils_headers.rs b/rpxy-lib/src/message_handler/utils_headers.rs index cfcadba..cab6e01 100644 --- a/rpxy-lib/src/message_handler/utils_headers.rs +++ b/rpxy-lib/src/message_handler/utils_headers.rs @@ -236,10 +236,9 @@ pub(super) fn add_forwarding_header( pub(super) fn remove_connection_header(headers: &mut HeaderMap) { if let Some(values) = headers.get(header::CONNECTION) { if let Ok(v) = values.clone().to_str() { - for m in v.split(',') { - if !m.is_empty() { - headers.remove(m.trim()); - } + let keys = v.split(',').map(|m| m.trim()).filter(|m| !m.is_empty()); + for m in keys { + headers.remove(m); } } } @@ -274,11 +273,9 @@ pub(super) fn extract_upgrade(headers: &HeaderMap) -> Option { .split(',') .any(|w| w.trim().eq_ignore_ascii_case(header::UPGRADE.as_str())) { - if let Some(u) = headers.get(header::UPGRADE) { - if let Ok(m) = u.to_str() { - debug!("Upgrade in request header: {}", m); - return Some(m.to_owned()); - } + if let Some(Ok(m)) = headers.get(header::UPGRADE).map(|u| u.to_str()) { + debug!("Upgrade in request header: {}", m); + return Some(m.to_owned()); } } } From 71f7ef2d77aee219072b6af063024f913da14416 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sat, 17 May 2025 04:17:50 +0900 Subject: [PATCH 23/69] bench --- README.md | 2 +- bench/Caddyfile | 4 +++ bench/README.md | 71 +++++++++++++++++++--------------------- bench/docker-compose.yml | 6 ++-- bench/nginx.conf | 5 ++- submodules/s2n-quic | 2 +- 6 files changed, 46 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index e114859..70b3dba 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ Supported features are summarized as follows: [^sanitization]: By default, `rpxy` provides the *TLS connection sanitization* by correctly binding a certificate used to establish a secure channel with the backend application. Specifically, it always keeps the consistency between the given SNI (server name indication) in `ClientHello` of the underlying TLS and the domain name given by the overlaid HTTP HOST header (or URL in Request line). We should note that NGINX doesn't guarantee such a consistency by default. To this end, you have to add `if` statement in the configuration file in NGINX. - This project is still *work-in-progress*. But it is already working in some production environments and serves a number of domain names. Furthermore it *significantly outperforms* NGINX and Caddy, e.g., *1.5x faster than NGINX*, in the setting of a very simple HTTP reverse-proxy scenario (See [`bench`](./bench/) directory). + This project is still *work-in-progress*. But it is already working in some production environments and serves a number of domain names. Furthermore it *significantly outperforms* NGINX and Caddy, e.g., *30% or more faster than NGINX*, in the setting of a very simple HTTP reverse-proxy scenario (See [`bench`](./bench/) directory). ## Installing/Building an Executable Binary of `rpxy` diff --git a/bench/Caddyfile b/bench/Caddyfile index 3ba1fa2..d12b122 100644 --- a/bench/Caddyfile +++ b/bench/Caddyfile @@ -2,9 +2,13 @@ auto_https off } + :80 { # Proxy everything else to Rocket reverse_proxy backend-nginx + log { + level ERROR + } } diff --git a/bench/README.md b/bench/README.md index 55ca4dd..f75b978 100644 --- a/bench/README.md +++ b/bench/README.md @@ -8,44 +8,41 @@ $ rewrk -c 512 -t 4 -d 15s -h http://localhost:8080 --pct ## Tests on `linux/arm64/v8` -Done at Jul. 15, 2023 +Done at May. 17, 2025 ### Environment -- `rpxy` commit id: `1da7e5bfb77d1ce4ee8d6cfc59b1c725556fc192` -- Docker Desktop 4.21.1 (114176) +- `rpxy` commit id: `e259e0b58897258d98fdb7504a1cbcbd7c5b37db` +- Docker Desktop 4.41.2 (191736) - ReWrk 0.3.2 -- Macbook Pro '14 (2021, M1 Max, 64GB RAM) +- MacBook Pro '14 (2021, M1 Max, 64GB RAM) The docker images of `nginx` and `caddy` for `linux/arm64/v8` are pulled from the official registry. ### Result for `rpxy`, `nginx` and `caddy` -``` ----------------------------- +```bash Benchmark on rpxy Beginning round 1... Benchmarking 512 connections @ http://localhost:8080 for 15 second(s) Latencies: Avg Stdev Min Max - 19.64ms 8.85ms 0.67ms 113.22ms + 10.62ms 4.47ms 0.47ms 73.01ms Requests: - Total: 390078 Req/Sec: 26011.25 + Total: 720148 Req/Sec: 48025.92 Transfer: - Total: 304.85 MB Transfer Rate: 20.33 MB/Sec + Total: 563.85 MB Transfer Rate: 37.60 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 79.24ms | -| 99% | 54.28ms | -| 95% | 42.50ms | -| 90% | 37.82ms | -| 75% | 31.54ms | -| 50% | 26.37ms | +| 99.9% | 54.78ms | +| 99% | 35.86ms | +| 95% | 23.09ms | +| 90% | 19.82ms | +| 75% | 16.14ms | +| 50% | 13.54ms | + --------------- + --------------- + -721 Errors: error shutting down connection: Socket is not connected (os error 57) - sleep 3 secs ---------------------------- Benchmark on nginx @@ -53,23 +50,23 @@ Beginning round 1... Benchmarking 512 connections @ http://localhost:8090 for 15 second(s) Latencies: Avg Stdev Min Max - 33.26ms 15.18ms 1.40ms 118.94ms + 14.55ms 13.05ms 0.57ms 255.24ms Requests: - Total: 230268 Req/Sec: 15356.08 + Total: 525866 Req/Sec: 35073.37 Transfer: - Total: 186.77 MB Transfer Rate: 12.46 MB/Sec + Total: 427.78 MB Transfer Rate: 28.53 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 99.91ms | -| 99% | 83.74ms | -| 95% | 70.67ms | -| 90% | 64.03ms | -| 75% | 54.32ms | -| 50% | 45.19ms | +| 99.9% | 235.17ms | +| 99% | 91.77ms | +| 95% | 48.86ms | +| 90% | 39.08ms | +| 75% | 28.78ms | +| 50% | 21.77ms | + --------------- + --------------- + -677 Errors: error shutting down connection: Socket is not connected (os error 57) +227 Errors: connection closed sleep 3 secs ---------------------------- @@ -78,23 +75,21 @@ Beginning round 1... Benchmarking 512 connections @ http://localhost:8100 for 15 second(s) Latencies: Avg Stdev Min Max - 48.51ms 50.74ms 0.34ms 554.58ms + 70.44ms 220.19ms 0.67ms 4140.08ms Requests: - Total: 157239 Req/Sec: 10485.98 + Total: 79980 Req/Sec: 5334.74 Transfer: - Total: 125.99 MB Transfer Rate: 8.40 MB/Sec + Total: 64.45 MB Transfer Rate: 4.30 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 473.82ms | -| 99% | 307.16ms | -| 95% | 212.28ms | -| 90% | 169.05ms | -| 75% | 115.92ms | -| 50% | 80.24ms | +| 99.9% | 3550.19ms | +| 99% | 1847.80ms | +| 95% | 672.82ms | +| 90% | 440.34ms | +| 75% | 224.81ms | +| 50% | 128.79ms | + --------------- + --------------- + - -708 Errors: error shutting down connection: Socket is not connected (os error 57) ``` ## Results on `linux/amd64` diff --git a/bench/docker-compose.yml b/bench/docker-compose.yml index 7b2b043..aaf800d 100644 --- a/bench/docker-compose.yml +++ b/bench/docker-compose.yml @@ -28,7 +28,7 @@ services: dockerfile: docker/Dockerfile restart: unless-stopped environment: - - LOG_LEVEL=info + - LOG_LEVEL=error # almost nolog - LOG_TO_FILE=false ports: - 127.0.0.1:8080:8080 @@ -47,7 +47,7 @@ services: tty: false privileged: true volumes: - - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro + - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro # set as almost nolog - /var/run/docker.sock:/tmp/docker.sock:ro logging: options: @@ -64,7 +64,7 @@ services: restart: unless-stopped tty: false volumes: - - ./Caddyfile:/etc/caddy/Caddyfile:ro + - ./Caddyfile:/etc/caddy/Caddyfile:ro # set as almost no log networks: bench-nw: diff --git a/bench/nginx.conf b/bench/nginx.conf index 0ef89e3..b05910a 100644 --- a/bench/nginx.conf +++ b/bench/nginx.conf @@ -31,11 +31,14 @@ # '"$request" $status $body_bytes_sent ' # '"$http_referer" "$http_user_agent" ' # '"$upstream_addr"'; -# access_log off; +access_log off; + # ssl_protocols TLSv1.2 TLSv1.3; # ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'; # ssl_prefer_server_ciphers off; # error_log /dev/stderr; +error_log /dev/null crit; + # resolver 127.0.0.11; # # HTTP 1.1 support # proxy_http_version 1.1; diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 250347d..f48dc68 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 250347d34e8841a8958437f7c461513d157e1957 +Subproject commit f48dc6846fc363ab668441ff5a471fc27199bb55 From a5ed7c9b92a45cec7d66d01d892c27d180a61915 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sat, 17 May 2025 04:32:41 +0900 Subject: [PATCH 24/69] retest with m4 pro --- README.md | 2 +- bench/README.md | 58 ++++++++++++++++++++++++------------------------- 2 files changed, 30 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 70b3dba..92fdb9b 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ Supported features are summarized as follows: [^sanitization]: By default, `rpxy` provides the *TLS connection sanitization* by correctly binding a certificate used to establish a secure channel with the backend application. Specifically, it always keeps the consistency between the given SNI (server name indication) in `ClientHello` of the underlying TLS and the domain name given by the overlaid HTTP HOST header (or URL in Request line). We should note that NGINX doesn't guarantee such a consistency by default. To this end, you have to add `if` statement in the configuration file in NGINX. - This project is still *work-in-progress*. But it is already working in some production environments and serves a number of domain names. Furthermore it *significantly outperforms* NGINX and Caddy, e.g., *30% or more faster than NGINX*, in the setting of a very simple HTTP reverse-proxy scenario (See [`bench`](./bench/) directory). + This project is still *work-in-progress*. But it is already working in some production environments and serves a number of domain names. Furthermore it *significantly outperforms* NGINX and Caddy, e.g., *30% ~ 60% or more faster than NGINX*, in the setting of a very simple HTTP reverse-proxy scenario (See [`bench`](./bench/) directory). ## Installing/Building an Executable Binary of `rpxy` diff --git a/bench/README.md b/bench/README.md index f75b978..a713931 100644 --- a/bench/README.md +++ b/bench/README.md @@ -15,7 +15,7 @@ Done at May. 17, 2025 - `rpxy` commit id: `e259e0b58897258d98fdb7504a1cbcbd7c5b37db` - Docker Desktop 4.41.2 (191736) - ReWrk 0.3.2 -- MacBook Pro '14 (2021, M1 Max, 64GB RAM) +- Mac mini (2024, M4 Pro, 64GB RAM) The docker images of `nginx` and `caddy` for `linux/arm64/v8` are pulled from the official registry. @@ -27,20 +27,20 @@ Beginning round 1... Benchmarking 512 connections @ http://localhost:8080 for 15 second(s) Latencies: Avg Stdev Min Max - 10.62ms 4.47ms 0.47ms 73.01ms + 6.90ms 3.42ms 0.78ms 80.26ms Requests: - Total: 720148 Req/Sec: 48025.92 + Total: 1107885 Req/Sec: 73866.03 Transfer: - Total: 563.85 MB Transfer Rate: 37.60 MB/Sec + Total: 867.44 MB Transfer Rate: 57.83 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 54.78ms | -| 99% | 35.86ms | -| 95% | 23.09ms | -| 90% | 19.82ms | -| 75% | 16.14ms | -| 50% | 13.54ms | +| 99.9% | 49.76ms | +| 99% | 29.57ms | +| 95% | 15.78ms | +| 90% | 13.05ms | +| 75% | 10.41ms | +| 50% | 8.72ms | + --------------- + --------------- + sleep 3 secs @@ -50,23 +50,23 @@ Beginning round 1... Benchmarking 512 connections @ http://localhost:8090 for 15 second(s) Latencies: Avg Stdev Min Max - 14.55ms 13.05ms 0.57ms 255.24ms + 11.65ms 14.04ms 0.40ms 205.93ms Requests: - Total: 525866 Req/Sec: 35073.37 + Total: 654978 Req/Sec: 43666.56 Transfer: - Total: 427.78 MB Transfer Rate: 28.53 MB/Sec + Total: 532.81 MB Transfer Rate: 35.52 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 235.17ms | -| 99% | 91.77ms | -| 95% | 48.86ms | -| 90% | 39.08ms | -| 75% | 28.78ms | -| 50% | 21.77ms | +| 99.9% | 151.00ms | +| 99% | 102.80ms | +| 95% | 62.44ms | +| 90% | 42.98ms | +| 75% | 26.44ms | +| 50% | 18.25ms | + --------------- + --------------- + -227 Errors: connection closed +512 Errors: connection closed sleep 3 secs ---------------------------- @@ -75,20 +75,20 @@ Beginning round 1... Benchmarking 512 connections @ http://localhost:8100 for 15 second(s) Latencies: Avg Stdev Min Max - 70.44ms 220.19ms 0.67ms 4140.08ms + 77.54ms 368.11ms 0.37ms 6770.73ms Requests: - Total: 79980 Req/Sec: 5334.74 + Total: 86963 Req/Sec: 5798.35 Transfer: - Total: 64.45 MB Transfer Rate: 4.30 MB/Sec + Total: 70.00 MB Transfer Rate: 4.67 MB/Sec + --------------- + --------------- + | Percentile | Avg Latency | + --------------- + --------------- + -| 99.9% | 3550.19ms | -| 99% | 1847.80ms | -| 95% | 672.82ms | -| 90% | 440.34ms | -| 75% | 224.81ms | -| 50% | 128.79ms | +| 99.9% | 5789.65ms | +| 99% | 3407.02ms | +| 95% | 1022.31ms | +| 90% | 608.17ms | +| 75% | 281.95ms | +| 50% | 149.29ms | + --------------- + --------------- + ``` From 4905d6a66298d9c60097642089e087c3f9a22d34 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Mon, 19 May 2025 15:21:07 +0900 Subject: [PATCH 25/69] refactor --- rpxy-bin/src/log.rs | 56 ++++++++++++++++++--------------------------- 1 file changed, 22 insertions(+), 34 deletions(-) diff --git a/rpxy-bin/src/log.rs b/rpxy-bin/src/log.rs index 151c94b..d194eb4 100644 --- a/rpxy-bin/src/log.rs +++ b/rpxy-bin/src/log.rs @@ -1,7 +1,7 @@ use crate::constants::{ACCESS_LOG_FILE, SYSTEM_LOG_FILE}; use rpxy_lib::log_event_names; use std::str::FromStr; -use tracing_subscriber::{fmt, prelude::*}; +use tracing_subscriber::{filter::filter_fn, fmt, prelude::*}; #[allow(unused)] pub use tracing::{debug, error, info, warn}; @@ -12,20 +12,16 @@ pub fn init_logger(log_dir_path: Option<&str>) { let level = tracing::Level::from_str(level_string.as_str()).unwrap_or(tracing::Level::INFO); match log_dir_path { - None => { - // log to stdout - init_stdio_logger(level); - } - Some(log_dir_path) => { - // log to files - println!("Activate logging to files: {log_dir_path}"); - init_file_logger(level, log_dir_path); - } + // log to stdout + None => init_stdio_logger(level), + // log to files + Some(log_dir_path) => init_file_logger(level, log_dir_path), } } -/// file logging TODO: +/// file logging fn init_file_logger(level: tracing::Level, log_dir_path: &str) { + println!("Activate logging to files: {log_dir_path}"); let log_dir_path = std::path::PathBuf::from(log_dir_path); // create the directory if it does not exist if !log_dir_path.exists() { @@ -63,12 +59,8 @@ fn init_file_logger(level: tracing::Level, log_dir_path: &str) { let reg = reg.with( system_log_base .with_writer(system_log) - .with_filter(tracing_subscriber::filter::filter_fn(move |metadata| { - (metadata - .target() - .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) - && metadata.name() != log_event_names::ACCESS_LOG - && metadata.level() <= &level) + .with_filter(filter_fn(move |metadata| { + (is_cargo_pkg(metadata) && metadata.name() != log_event_names::ACCESS_LOG && metadata.level() <= &level) || metadata.level() <= &tracing::Level::WARN.min(level) })), ); @@ -85,12 +77,8 @@ fn init_stdio_logger(level: tracing::Level) { let stdio_layer = stdio_layer .with_target(false) .compact() - .with_filter(tracing_subscriber::filter::filter_fn(move |metadata| { - (metadata - .target() - .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) - && metadata.level() <= &level) - || metadata.level() <= &tracing::Level::WARN.min(level) + .with_filter(filter_fn(move |metadata| { + (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::WARN.min(level) })); tracing_subscriber::registry().with(stdio_layer).init(); } else { @@ -101,12 +89,8 @@ fn init_stdio_logger(level: tracing::Level) { .with_thread_names(true) .with_target(true) .compact() - .with_filter(tracing_subscriber::filter::filter_fn(move |metadata| { - (metadata - .target() - .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) - && metadata.level() <= &level) - || metadata.level() <= &tracing::Level::INFO.min(level) + .with_filter(filter_fn(move |metadata| { + (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::INFO.min(level) })); tracing_subscriber::registry().with(stdio_layer).init(); }; @@ -116,11 +100,7 @@ fn init_stdio_logger(level: tracing::Level) { struct AccessLogFilter; impl tracing_subscriber::layer::Filter for AccessLogFilter { fn enabled(&self, metadata: &tracing::Metadata<'_>, _: &tracing_subscriber::layer::Context<'_, S>) -> bool { - metadata - .target() - .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) - && metadata.name().contains(log_event_names::ACCESS_LOG) - && metadata.level() <= &tracing::Level::INFO + is_cargo_pkg(metadata) && metadata.name().contains(log_event_names::ACCESS_LOG) && metadata.level() <= &tracing::Level::INFO } } @@ -137,3 +117,11 @@ where .open(path) .expect("Failed to open the log file") } + +#[inline] +/// Mached with cargo package name with `_` instead of `-` +fn is_cargo_pkg(metadata: &tracing::Metadata<'_>) -> bool { + metadata + .target() + .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) +} From b3959233a5054c2f3b2931e53ac602d903295a5f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 May 2025 22:20:37 +0000 Subject: [PATCH 26/69] chore(deps): bump hyper-util from 0.1.11 to 0.1.12 Bumps [hyper-util](https://github.com/hyperium/hyper-util) from 0.1.11 to 0.1.12. - [Release notes](https://github.com/hyperium/hyper-util/releases) - [Changelog](https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md) - [Commits](https://github.com/hyperium/hyper-util/compare/v0.1.11...v0.1.12) --- updated-dependencies: - dependency-name: hyper-util dependency-version: 0.1.12 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- rpxy-lib/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 459df62..44ae3e4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1211,9 +1211,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.11" +version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "497bbc33a26fdd4af9ed9c70d63f61cf56a938375fbb32df34db9b1cd6d643f2" +checksum = "cf9f1e950e0d9d1d3c47184416723cf29c0d1f93bd8cccf37e4beb6b44f31710" dependencies = [ "bytes", "futures-channel", diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 2457bfc..72b3541 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -61,7 +61,7 @@ thiserror = "2.0.12" http = "1.3.1" http-body-util = "0.1.3" hyper = { version = "1.6.0", default-features = false } -hyper-util = { version = "0.1.11", features = ["full"] } +hyper-util = { version = "0.1.12", features = ["full"] } futures-util = { version = "0.3.31", default-features = false } futures-channel = { version = "0.3.31", default-features = false } From 8b10a182fc00baef47395dae31d6b76fcca52e52 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 20 May 2025 12:00:30 +0900 Subject: [PATCH 27/69] lock --- Cargo.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 44ae3e4..3103f71 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -412,9 +412,9 @@ checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" [[package]] name = "cc" -version = "1.2.22" +version = "1.2.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32db95edf998450acc7881c932f94cd9b05c87b4b2599e8bab064753da4acfd1" +checksum = "5f4ac86a9e5bc1e2b3449ab9d7d3a6a405e3d1bb28d7b9be8614f55846ae3766" dependencies = [ "jobserver", "libc", @@ -1302,9 +1302,9 @@ checksum = "00210d6893afc98edb752b664b8890f0ef174c8adbb8d0be9710fa66fbbf72d3" [[package]] name = "icu_properties" -version = "2.0.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2549ca8c7241c82f59c80ba2a6f415d931c5b58d24fb8412caa1a1f02c49139a" +checksum = "016c619c1eeb94efb86809b015c58f479963de65bdb6253345c1a1276f22e32b" dependencies = [ "displaydoc", "icu_collections", @@ -1318,9 +1318,9 @@ dependencies = [ [[package]] name = "icu_properties_data" -version = "2.0.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8197e866e47b68f8f7d95249e172903bec06004b18b2937f1095d40a0c57de04" +checksum = "298459143998310acd25ffe6810ed544932242d3f07083eee1084d83a71bd632" [[package]] name = "icu_provider" @@ -3334,9 +3334,9 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.61.1" +version = "0.61.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46ec44dc15085cea82cf9c78f85a9114c463a369786585ad2882d1ff0b0acf40" +checksum = "c0fdd3ddb90610c7638aa2b3a3ab2904fb9e5cdbecc643ddb3647212781c4ae3" dependencies = [ "windows-implement", "windows-interface", @@ -3375,18 +3375,18 @@ checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38" [[package]] name = "windows-result" -version = "0.3.3" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b895b5356fc36103d0f64dd1e94dfa7ac5633f1c9dd6e80fe9ec4adef69e09d" +checksum = "56f42bd332cc6c8eac5af113fc0c1fd6a8fd2aa08a0119358686e5160d0586c6" dependencies = [ "windows-link", ] [[package]] name = "windows-strings" -version = "0.4.1" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a7ab927b2637c19b3dbe0965e75d8f2d30bdd697a1516191cad2ec4df8fb28a" +checksum = "56e6c93f3a0c3b36176cb1327a4958a0353d5d166c2a35cb268ace15e91d3b57" dependencies = [ "windows-link", ] From f3e5c478f198f501f503fb03f942021fa3784189 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 20 May 2025 21:09:20 +0900 Subject: [PATCH 28/69] refactor --- rpxy-bin/src/config/parse.rs | 136 ++++++++++++++++------------------- rpxy-bin/src/config/toml.rs | 82 ++++++++++++++++++++- rpxy-bin/src/constants.rs | 5 +- rpxy-bin/src/log.rs | 105 ++++++++++++++------------- rpxy-bin/src/main.rs | 3 +- 5 files changed, 200 insertions(+), 131 deletions(-) diff --git a/rpxy-bin/src/config/parse.rs b/rpxy-bin/src/config/parse.rs index 219abb1..d139354 100644 --- a/rpxy-bin/src/config/parse.rs +++ b/rpxy-bin/src/config/parse.rs @@ -4,18 +4,26 @@ use ahash::HashMap; use clap::Arg; use hot_reload::{ReloaderReceiver, ReloaderService}; use rpxy_certs::{CryptoFileSourceBuilder, CryptoReloader, ServerCryptoBase, build_cert_reloader}; -use rpxy_lib::{AppConfig, AppConfigList, ProxyConfig}; +use rpxy_lib::{AppConfigList, ProxyConfig}; #[cfg(feature = "acme")] use rpxy_acme::{ACME_DIR_URL, ACME_REGISTRY_PATH, AcmeManager}; -/// Parsed options +/// Parsed options from CLI +/// Options for configuring the application. +/// +/// # Fields +/// - `config_file_path`: Path to the configuration file. +/// - `log_dir_path`: Optional path to the log directory. pub struct Opts { pub config_file_path: String, pub log_dir_path: Option, } -/// Parse arg values passed from cli +/// Parses command-line arguments into an [`Opts`](rpxy-bin/src/config/parse.rs:13) struct. +/// +/// Returns a populated [`Opts`](rpxy-bin/src/config/parse.rs:13) on success, or an error if parsing fails. +/// Expects a required `--config` argument and an optional `--log-dir` argument. pub fn parse_opts() -> Result { let _ = include_str!("../../Cargo.toml"); let options = clap::command!() @@ -36,7 +44,6 @@ pub fn parse_opts() -> Result { ); let matches = options.get_matches(); - /////////////////////////////////// let config_file_path = matches.get_one::("config_file").unwrap().to_owned(); let log_dir_path = matches.get_one::("log_dir").map(|v| v.to_owned()); @@ -46,63 +53,45 @@ pub fn parse_opts() -> Result { }) } -pub fn build_settings(config: &ConfigToml) -> std::result::Result<(ProxyConfig, AppConfigList), anyhow::Error> { - // build proxy config - let proxy_config: ProxyConfig = config.try_into()?; +use super::toml::ConfigTomlExt; - // backend_apps - let apps = config.apps.clone().ok_or(anyhow!("Missing application spec"))?; - - // assertions for all backend apps - ensure!(!apps.0.is_empty(), "Wrong application spec."); - // if only https_port is specified, tls must be configured for all apps - if proxy_config.http_port.is_none() { - ensure!( - apps.0.iter().all(|(_, app)| app.tls.is_some()), - "Some apps serves only plaintext HTTP" - ); - } - // https redirection port must be configured only when both http_port and https_port are configured. - if proxy_config.https_redirection_port.is_some() { - ensure!( - proxy_config.https_port.is_some() && proxy_config.http_port.is_some(), - "https_redirection_port can be specified only when both http_port and https_port are specified" - ); - } - // https redirection can be configured if both ports are active - if !(proxy_config.https_port.is_some() && proxy_config.http_port.is_some()) { - ensure!( - apps.0.iter().all(|(_, app)| { - if let Some(tls) = app.tls.as_ref() { - tls.https_redirection.is_none() - } else { - true - } - }), - "https_redirection can be specified only when both http_port and https_port are specified" - ); - } - - // build applications - let mut app_config_list_inner = Vec::::new(); - - for (app_name, app) in apps.0.iter() { - let _server_name_string = app.server_name.as_ref().ok_or(anyhow!("No server name"))?; - let registered_app_name = app_name.to_ascii_lowercase(); - let app_config = app.build_app_config(®istered_app_name)?; - app_config_list_inner.push(app_config); - } - - let app_config_list = AppConfigList { - inner: app_config_list_inner, - default_app: config.default_app.clone().map(|v| v.to_ascii_lowercase()), // default backend application for plaintext http requests - }; - - Ok((proxy_config, app_config_list)) +/// Build proxy and app settings from config using ConfigTomlExt +pub fn build_settings(config: &ConfigToml) -> Result<(ProxyConfig, AppConfigList), anyhow::Error> { + config.validate_and_build_settings() } /* ----------------------- */ + +/// Helper to build a CryptoFileSource for an app, handling ACME if enabled +#[cfg(feature = "acme")] +fn build_tls_for_app_acme( + tls: &mut super::toml::TlsOption, + acme_option: &Option, + server_name: &str, + acme_registry_path: &str, + acme_dir_url: &str, +) -> Result<(), anyhow::Error> { + if let Some(true) = tls.acme { + ensure!(acme_option.is_some() && tls.tls_cert_key_path.is_none() && tls.tls_cert_path.is_none()); + let subdir = format!("{}/{}", acme_registry_path, server_name.to_ascii_lowercase()); + let file_name = + rpxy_acme::DirCache::cached_cert_file_name(&[server_name.to_ascii_lowercase()], acme_dir_url.to_ascii_lowercase()); + let cert_path = format!("{}/{}", subdir, file_name); + tls.tls_cert_key_path = Some(cert_path.clone()); + tls.tls_cert_path = Some(cert_path); + } + Ok(()) +} + /// Build cert map +/// Builds the certificate manager for TLS applications. +/// +/// # Arguments +/// * `config` - Reference to the parsed configuration. +/// +/// # Returns +/// Returns an option containing a tuple of certificate reloader service and receiver, or `None` if TLS is not enabled. +/// Returns an error if configuration is invalid or required fields are missing. pub async fn build_cert_manager( config: &ConfigToml, ) -> Result< @@ -139,19 +128,9 @@ pub async fn build_cert_manager( ensure!(tls.tls_cert_key_path.is_some() && tls.tls_cert_path.is_some()); #[cfg(feature = "acme")] - let tls = { - let mut tls = tls.clone(); - if let Some(true) = tls.acme { - ensure!(acme_option.is_some() && tls.tls_cert_key_path.is_none() && tls.tls_cert_path.is_none()); - // Both of tls_cert_key_path and tls_cert_path must be the same for ACME since it's a single file - let subdir = format!("{}/{}", acme_registry_path, server_name.to_ascii_lowercase()); - let file_name = - rpxy_acme::DirCache::cached_cert_file_name(&[server_name.to_ascii_lowercase()], acme_dir_url.to_ascii_lowercase()); - tls.tls_cert_key_path = Some(format!("{}/{}", subdir, file_name)); - tls.tls_cert_path = Some(format!("{}/{}", subdir, file_name)); - } - tls - }; + let mut tls = tls.clone(); + #[cfg(feature = "acme")] + build_tls_for_app_acme(&mut tls, &acme_option, server_name, acme_registry_path, acme_dir_url)?; let crypto_file_source = CryptoFileSourceBuilder::default() .tls_cert_path(tls.tls_cert_path.as_ref().unwrap()) @@ -168,24 +147,31 @@ pub async fn build_cert_manager( /* ----------------------- */ #[cfg(feature = "acme")] /// Build acme manager +/// Builds the ACME manager for automatic certificate management (enabled with the `acme` feature). +/// +/// # Arguments +/// * `config` - Reference to the parsed configuration. +/// * `runtime_handle` - Tokio runtime handle for async operations. +/// +/// # Returns +/// Returns an option containing an [`AcmeManager`](rpxy-bin/src/config/parse.rs:153) if ACME is configured, or `None` otherwise. +/// Returns an error if configuration is invalid or required fields are missing. pub async fn build_acme_manager( config: &ConfigToml, runtime_handle: tokio::runtime::Handle, ) -> Result, anyhow::Error> { let acme_option = config.experimental.as_ref().and_then(|v| v.acme.clone()); - if acme_option.is_none() { + let Some(acme_option) = acme_option else { return Ok(None); - } - let acme_option = acme_option.unwrap(); + }; - let domains = config + let domains: Vec = config .apps .as_ref() .unwrap() .0 .values() .filter_map(|app| { - // if let Some(tls) = app.tls.as_ref() { if let Some(true) = tls.acme { return Some(app.server_name.as_ref().unwrap().to_owned()); @@ -193,7 +179,7 @@ pub async fn build_acme_manager( } None }) - .collect::>(); + .collect(); if domains.is_empty() { return Ok(None); diff --git a/rpxy-bin/src/config/toml.rs b/rpxy-bin/src/config/toml.rs index b65db91..09c4353 100644 --- a/rpxy-bin/src/config/toml.rs +++ b/rpxy-bin/src/config/toml.rs @@ -4,12 +4,25 @@ use crate::{ log::warn, }; use ahash::HashMap; -use rpxy_lib::{AppConfig, ProxyConfig, ReverseProxyConfig, TlsConfig, UpstreamUri, reexports::Uri}; +use rpxy_lib::{AppConfig, AppConfigList, ProxyConfig, ReverseProxyConfig, TlsConfig, UpstreamUri, reexports::Uri}; use serde::Deserialize; use std::{fs, net::SocketAddr}; use tokio::time::Duration; #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] +/// Main configuration structure parsed from the TOML file. +/// +/// # Fields +/// - `listen_port`: Optional TCP port for HTTP. +/// - `listen_port_tls`: Optional TCP port for HTTPS/TLS. +/// - `listen_ipv6`: Enable IPv6 listening. +/// - `https_redirection_port`: Optional port for HTTP to HTTPS redirection. +/// - `tcp_listen_backlog`: Optional TCP backlog size. +/// - `max_concurrent_streams`: Optional max concurrent streams. +/// - `max_clients`: Optional max client connections. +/// - `apps`: Optional application definitions. +/// - `default_app`: Optional default application name. +/// - `experimental`: Optional experimental features. pub struct ConfigToml { pub listen_port: Option, pub listen_port_tls: Option, @@ -23,8 +36,75 @@ pub struct ConfigToml { pub experimental: Option, } +/// Extension trait for config validation and building +pub trait ConfigTomlExt { + fn validate_and_build_settings(&self) -> Result<(ProxyConfig, AppConfigList), anyhow::Error>; +} + +impl ConfigTomlExt for ConfigToml { + fn validate_and_build_settings(&self) -> Result<(ProxyConfig, AppConfigList), anyhow::Error> { + let proxy_config: ProxyConfig = self.try_into()?; + let apps = self.apps.as_ref().ok_or(anyhow!("Missing application spec"))?; + + // Ensure at least one app is defined + ensure!(!apps.0.is_empty(), "Wrong application spec."); + + // Helper: all apps have TLS + let all_apps_have_tls = apps.0.values().all(|app| app.tls.is_some()); + + // Helper: all apps have https_redirection unset + let all_apps_no_https_redirection = apps.0.values().all(|app| { + if let Some(tls) = app.tls.as_ref() { + tls.https_redirection.is_none() + } else { + true + } + }); + + if proxy_config.http_port.is_none() { + ensure!(all_apps_have_tls, "Some apps serve only plaintext HTTP"); + } + if proxy_config.https_redirection_port.is_some() { + ensure!( + proxy_config.https_port.is_some() && proxy_config.http_port.is_some(), + "https_redirection_port can be specified only when both http_port and https_port are specified" + ); + } + if !(proxy_config.https_port.is_some() && proxy_config.http_port.is_some()) { + ensure!( + all_apps_no_https_redirection, + "https_redirection can be specified only when both http_port and https_port are specified" + ); + } + + // Build AppConfigList + let mut app_config_list_inner = Vec::::new(); + for (app_name, app) in apps.0.iter() { + let _server_name_string = app.server_name.as_ref().ok_or(anyhow!("No server name"))?; + let registered_app_name = app_name.to_ascii_lowercase(); + let app_config = app.build_app_config(®istered_app_name)?; + app_config_list_inner.push(app_config); + } + let app_config_list = AppConfigList { + inner: app_config_list_inner, + default_app: self.default_app.clone().map(|v| v.to_ascii_lowercase()), + }; + + Ok((proxy_config, app_config_list)) + } +} + #[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))] #[derive(Deserialize, Debug, Default, PartialEq, Eq, Clone)] +/// HTTP/3 protocol options for server configuration. +/// +/// # Fields +/// - `alt_svc_max_age`: Optional max age for Alt-Svc header. +/// - `request_max_body_size`: Optional maximum request body size. +/// - `max_concurrent_connections`: Optional maximum concurrent connections. +/// - `max_concurrent_bidistream`: Optional maximum concurrent bidirectional streams. +/// - `max_concurrent_unistream`: Optional maximum concurrent unidirectional streams. +/// - `max_idle_timeout`: Optional maximum idle timeout in milliseconds. pub struct Http3Option { pub alt_svc_max_age: Option, pub request_max_body_size: Option, diff --git a/rpxy-bin/src/constants.rs b/rpxy-bin/src/constants.rs index 889f7d5..51d3f8d 100644 --- a/rpxy-bin/src/constants.rs +++ b/rpxy-bin/src/constants.rs @@ -1,9 +1,12 @@ +/// Default IPv4 listen addresses for the server. pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"]; +/// Default IPv6 listen addresses for the server. pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"]; +/// Delay in seconds before reloading the configuration after changes. pub const CONFIG_WATCH_DELAY_SECS: u32 = 15; #[cfg(feature = "cache")] -// Cache directory +/// Directory path for cache storage (enabled with "cache" feature). pub const CACHE_DIR: &str = "./cache"; pub(crate) const ACCESS_LOG_FILE: &str = "access.log"; diff --git a/rpxy-bin/src/log.rs b/rpxy-bin/src/log.rs index d194eb4..29e1993 100644 --- a/rpxy-bin/src/log.rs +++ b/rpxy-bin/src/log.rs @@ -8,92 +8,92 @@ pub use tracing::{debug, error, info, warn}; /// Initialize the logger with the RUST_LOG environment variable. pub fn init_logger(log_dir_path: Option<&str>) { - let level_string = std::env::var("RUST_LOG").unwrap_or_else(|_| "info".to_string()); - let level = tracing::Level::from_str(level_string.as_str()).unwrap_or(tracing::Level::INFO); + let level = std::env::var("RUST_LOG") + .ok() + .and_then(|s| tracing::Level::from_str(&s).ok()) + .unwrap_or(tracing::Level::INFO); match log_dir_path { - // log to stdout None => init_stdio_logger(level), - // log to files - Some(log_dir_path) => init_file_logger(level, log_dir_path), + Some(path) => init_file_logger(level, path), } } /// file logging fn init_file_logger(level: tracing::Level, log_dir_path: &str) { - println!("Activate logging to files: {log_dir_path}"); - let log_dir_path = std::path::PathBuf::from(log_dir_path); - // create the directory if it does not exist - if !log_dir_path.exists() { - println!("Directory does not exist, creating: {}", log_dir_path.display()); - std::fs::create_dir_all(&log_dir_path).expect("Failed to create log directory"); + println!("Activate logging to files: {}", log_dir_path); + let log_dir = std::path::Path::new(log_dir_path); + + if !log_dir.exists() { + println!("Directory does not exist, creating: {}", log_dir.display()); + std::fs::create_dir_all(log_dir).expect("Failed to create log directory"); } - let access_log_path = log_dir_path.join(ACCESS_LOG_FILE); - let system_log_path = log_dir_path.join(SYSTEM_LOG_FILE); + + let access_log_path = log_dir.join(ACCESS_LOG_FILE); + let system_log_path = log_dir.join(SYSTEM_LOG_FILE); + println!("Access log: {}", access_log_path.display()); println!("System and error log: {}", system_log_path.display()); let access_log = open_log_file(&access_log_path); let system_log = open_log_file(&system_log_path); - let reg = tracing_subscriber::registry(); - - let access_log_base = fmt::layer() + let access_layer = fmt::layer() .with_line_number(false) .with_thread_ids(false) .with_thread_names(false) .with_target(false) .with_level(false) .compact() - .with_ansi(false); - let reg = reg.with(access_log_base.with_writer(access_log).with_filter(AccessLogFilter)); + .with_ansi(false) + .with_writer(access_log) + .with_filter(AccessLogFilter); - let system_log_base = fmt::layer() + let system_layer = fmt::layer() .with_line_number(false) .with_thread_ids(false) .with_thread_names(false) .with_target(false) - .with_level(true) // with level for system log + .with_level(true) .compact() - .with_ansi(false); - let reg = reg.with( - system_log_base - .with_writer(system_log) - .with_filter(filter_fn(move |metadata| { - (is_cargo_pkg(metadata) && metadata.name() != log_event_names::ACCESS_LOG && metadata.level() <= &level) - || metadata.level() <= &tracing::Level::WARN.min(level) - })), - ); + .with_ansi(false) + .with_writer(system_log) + .with_filter(filter_fn(move |metadata| { + (is_cargo_pkg(metadata) && metadata.name() != log_event_names::ACCESS_LOG && metadata.level() <= &level) + || metadata.level() <= &tracing::Level::WARN.min(level) + })); - reg.init(); + tracing_subscriber::registry().with(access_layer).with(system_layer).init(); } /// stdio logging fn init_stdio_logger(level: tracing::Level) { - // This limits the logger to emits only this crate with any level above RUST_LOG, for included crates it will emit only ERROR (in prod)/INFO (in dev) or above level. - let stdio_layer = fmt::layer().with_level(true).with_thread_ids(false); - if level <= tracing::Level::INFO { - // in normal deployment environment - let stdio_layer = stdio_layer - .with_target(false) - .compact() - .with_filter(filter_fn(move |metadata| { - (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::WARN.min(level) - })); - tracing_subscriber::registry().with(stdio_layer).init(); - } else { - // debugging - let stdio_layer = stdio_layer + // This limits the logger to emit only this crate with any level above RUST_LOG, + // for included crates it will emit only ERROR (in prod)/INFO (in dev) or above level. + let base_layer = fmt::layer().with_level(true).with_thread_ids(false); + + let debug = level > tracing::Level::INFO; + let filter = filter_fn(move |metadata| { + if debug { + (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::INFO.min(level) + } else { + (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::WARN.min(level) + } + }); + + let stdio_layer = if debug { + base_layer .with_line_number(true) .with_target(true) .with_thread_names(true) .with_target(true) .compact() - .with_filter(filter_fn(move |metadata| { - (is_cargo_pkg(metadata) && metadata.level() <= &level) || metadata.level() <= &tracing::Level::INFO.min(level) - })); - tracing_subscriber::registry().with(stdio_layer).init(); + .with_filter(filter) + } else { + base_layer.with_target(false).compact().with_filter(filter) }; + + tracing_subscriber::registry().with(stdio_layer).init(); } /// Access log filter @@ -110,7 +110,7 @@ fn open_log_file

(path: P) -> std::fs::File where P: AsRef, { - // crate a file if it does not exist + // create a file if it does not exist std::fs::OpenOptions::new() .create(true) .append(true) @@ -119,9 +119,8 @@ where } #[inline] -/// Mached with cargo package name with `_` instead of `-` +/// Matches cargo package name with `_` instead of `-` fn is_cargo_pkg(metadata: &tracing::Metadata<'_>) -> bool { - metadata - .target() - .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) + let pkg_name = env!("CARGO_PKG_NAME").replace('-', "_"); + metadata.target().starts_with(&pkg_name) } diff --git a/rpxy-bin/src/main.rs b/rpxy-bin/src/main.rs index 822037d..860a804 100644 --- a/rpxy-bin/src/main.rs +++ b/rpxy-bin/src/main.rs @@ -71,6 +71,7 @@ struct RpxyService { } impl RpxyService { + /// Create a new RpxyService from config and runtime handle. async fn new(config_toml: &ConfigToml, runtime_handle: tokio::runtime::Handle) -> Result { let (proxy_conf, app_conf) = build_settings(config_toml).map_err(|e| anyhow!("Invalid configuration: {e}"))?; @@ -80,7 +81,7 @@ impl RpxyService { .map(|(s, r)| (Some(Arc::new(s)), Some(r))) .unwrap_or((None, None)); - Ok(RpxyService { + Ok(Self { runtime_handle: runtime_handle.clone(), proxy_conf, app_conf, From e0ab2d85fb17ba4d6036fbae2a10374a02fd4f64 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 20 May 2025 22:04:03 +0900 Subject: [PATCH 29/69] nits: refactor --- rpxy-bin/src/config/parse.rs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/rpxy-bin/src/config/parse.rs b/rpxy-bin/src/config/parse.rs index d139354..aa10795 100644 --- a/rpxy-bin/src/config/parse.rs +++ b/rpxy-bin/src/config/parse.rs @@ -1,4 +1,4 @@ -use super::toml::ConfigToml; +use super::toml::{ConfigToml, ConfigTomlExt}; use crate::error::{anyhow, ensure}; use ahash::HashMap; use clap::Arg; @@ -53,8 +53,6 @@ pub fn parse_opts() -> Result { }) } -use super::toml::ConfigTomlExt; - /// Build proxy and app settings from config using ConfigTomlExt pub fn build_settings(config: &ConfigToml) -> Result<(ProxyConfig, AppConfigList), anyhow::Error> { config.validate_and_build_settings() From 5f7772d95704c5733fe113f133b120300104e7c4 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 20 May 2025 22:33:06 +0900 Subject: [PATCH 30/69] bench: updated all bench --- bench/README.md | 123 +++++++++++++++------------------ bench/docker-compose.amd64.yml | 9 ++- bench/docker-compose.yml | 1 - bench/sozu-config.toml | 2 +- 4 files changed, 61 insertions(+), 74 deletions(-) diff --git a/bench/README.md b/bench/README.md index a713931..e14bec8 100644 --- a/bench/README.md +++ b/bench/README.md @@ -3,7 +3,7 @@ This test simply measures the performance of several reverse proxy through HTTP/1.1 by the following command using [`rewrk`](https://github.com/lnx-search/rewrk). ```sh: -$ rewrk -c 512 -t 4 -d 15s -h http://localhost:8080 --pct +rewrk -c 512 -t 4 -d 15s -h http://localhost:8080 --pct ``` ## Tests on `linux/arm64/v8` @@ -94,12 +94,12 @@ Benchmarking 512 connections @ http://localhost:8100 for 15 second(s) ## Results on `linux/amd64` -Done at Jul. 24, 2023 +Done at May 20, 2025 ### Environment - `rpxy` commit id: `7c0945a5124418aa9a1024568c1989bb77cf312f` -- Docker Desktop 4.21.1 (114176) +- Docker Desktop 4.41.2 (192736) - ReWrk 0.3.2 and Wrk 0.4.2 - iMac '27 (2020, 10-Core Intel Core i9, 128GB RAM) @@ -107,8 +107,8 @@ The docker images of `nginx` and `caddy` for `linux/amd64` were pulled from the Also, when `Sozu` is configured as an HTTP reverse proxy, it cannot handle HTTP request messages emit from `ReWrk` due to hostname parsing errors though it can correctly handle messages dispatched from `curl` and browsers. So, we additionally test using [`Wrk`](https://github.com/wg/wrk) to examine `Sozu` with the following command. -```sh: -$ wrk -c 512 -t 4 -d 15s http://localhost:8110 +```bash +wrk -c 512 -t 4 -d 15s http://localhost:8110 ```