* Changed the default rust client to use TLS for both plain text and TLS servers.

Author: DobromirM

client/swimos_client/src/lib.rs

@@ -42,7 +42,7 @@ use swimos_remote::net::plain::TokioPlainTextNetworking;
 use swimos_remote::net::ClientConnections;
 use swimos_runtime::downlink::{DownlinkOptions, DownlinkRuntimeConfig};
 #[cfg(feature = "tls")]
-use swimos_tls::{ClientConfig as TlsConfig, RustlsClientNetworking, TlsError};
+use swimos_tls::{ClientConfig as TlsConfig, RustTlsClientNetworking, TlsError};
 use swimos_utilities::trigger;
 use swimos_utilities::trigger::promise;
 use tokio::sync::mpsc;
@@ -106,7 +106,7 @@ impl SwimClientBuilder {
         let SwimClientBuilder { config } = self;
         Ok(open_client(
             config,
-            RustlsClientNetworking::try_from_config(Arc::new(Resolver::new().await), tls_config)?,
+            RustTlsClientNetworking::try_from_config(Arc::new(Resolver::new().await), tls_config)?,
         )
         .await)
     }

runtime/swimos_remote/src/net/plain.rs

@@ -71,13 +71,13 @@ impl ClientConnections for TokioPlainTextNetworking {
         .boxed()
     }
 
-    fn lookup(&self, host: String, port: u16) -> BoxFuture<'static, IoResult<Vec<SocketAddr>>> {
-        self.resolver.resolve(host, port)
-    }
-
     fn dns_resolver(&self) -> BoxDnsResolver {
         Box::new(self.resolver.clone())
     }
+
+    fn lookup(&self, host: String, port: u16) -> BoxFuture<'static, IoResult<Vec<SocketAddr>>> {
+        self.resolver.resolve(host, port)
+    }
 }
 
 impl ServerConnections for TokioPlainTextNetworking {

runtime/swimos_tls/src/lib.rs

@@ -22,4 +22,4 @@ pub use config::{
 };
 pub use errors::TlsError;
 pub use maybe::MaybeTlsStream;
-pub use net::{RustlsClientNetworking, RustlsListener, RustlsNetworking, RustlsServerNetworking};
+pub use net::{RustNetworking, RustTlsClientNetworking, RustTlsListener, RustTlsServerNetworking};

runtime/swimos_tls/src/net/client.rs

@@ -29,14 +29,14 @@ use crate::{config::ClientConfig, errors::TlsError, maybe::MaybeTlsStream};
 
 /// [`ClientConnections`] implementation that supports opening both secure and insecure connections.
 #[derive(Clone)]
-pub struct RustlsClientNetworking {
+pub struct RustTlsClientNetworking {
     resolver: Arc<Resolver>,
     connector: TlsConnector,
 }
 
-impl RustlsClientNetworking {
+impl RustTlsClientNetworking {
     pub fn new(resolver: Arc<Resolver>, connector: TlsConnector) -> Self {
-        RustlsClientNetworking {
+        RustTlsClientNetworking {
             resolver,
             connector,
         }
@@ -75,11 +75,11 @@ impl RustlsClientNetworking {
             .with_no_client_auth();
 
         let connector = TlsConnector::from(Arc::new(config));
-        Ok(RustlsClientNetworking::new(resolver, connector))
+        Ok(RustTlsClientNetworking::new(resolver, connector))
     }
 }
 
-impl ClientConnections for RustlsClientNetworking {
+impl ClientConnections for RustTlsClientNetworking {
     type ClientSocket = MaybeTlsStream;
 
     fn try_open(
@@ -104,7 +104,7 @@ impl ClientConnections for RustlsClientNetworking {
                 };
                 async move {
                     let stream = TcpStream::connect(addr).await?;
-                    let RustlsClientNetworking { connector, .. } = self;
+                    let RustTlsClientNetworking { connector, .. } = self;
 
                     let client = connector.connect(domain?, stream).await.map_err(|err| {
                         let tls_err = TlsError::HandshakeFailed(err);

runtime/swimos_tls/src/net/mod.rs

@@ -19,11 +19,13 @@ mod tests;
 
 use std::{net::SocketAddr, sync::Arc};
 
-pub use client::RustlsClientNetworking;
+pub use client::RustTlsClientNetworking;
+use futures::future::Either;
 use futures::TryFutureExt;
 use futures::{future::BoxFuture, FutureExt};
-pub use server::{RustlsListener, RustlsServerNetworking};
+pub use server::{RustTlsListener, RustTlsServerNetworking};
 use swimos_api::net::Scheme;
+use swimos_remote::net::plain::TokioPlainTextNetworking;
 use swimos_remote::net::{
     dns::{BoxDnsResolver, Resolver},
     ClientConnections, ConnResult, IoResult, ServerConnections,
@@ -33,9 +35,10 @@ use crate::{
     config::{CertFormat, CertificateFile, TlsConfig},
     errors::TlsError,
     maybe::MaybeTlsStream,
+    ClientConfig,
 };
 
-use self::server::MaybeRustlsListener;
+use self::server::MaybeRustTlsListener;
 
 fn load_cert_file(file: CertificateFile) -> Result<Vec<rustls::Certificate>, TlsError> {
     let CertificateFile { format, body } = file;
@@ -49,33 +52,64 @@ fn load_cert_file(file: CertificateFile) -> Result<Vec<rustls::Certificate>, Tls
     Ok(certs.into_iter().map(rustls::Certificate).collect())
 }
 
-/// Combined implementation of [`ClientConnections`] and [`ServerConnections`] that wraps both
-/// [`RustlsClientNetworking`] and [`RustlsServerNetworking`]. The server part is adapted to
+/// Combined implementation of [`ClientConnections`] and [`ServerConnections`] that wraps
+/// [`RustTlsClientNetworking`], [`RustTlsServerNetworking`] and [`TokioPlainTextNetworking`]. The server part is adapted to
 /// produce [`MaybeTlsStream`] connections so that there is a unified client/server socket type,
 /// inducing an implementation of [`super::ExternalConnections`].
 #[derive(Clone)]
-pub struct RustlsNetworking {
-    client: RustlsClientNetworking,
-    server: RustlsServerNetworking,
+pub struct RustNetworking {
+    client: RustTlsClientNetworking,
+    server: Either<TokioPlainTextNetworking, RustTlsServerNetworking>,
 }
 
-impl RustlsNetworking {
-    pub fn new(client: RustlsClientNetworking, server: RustlsServerNetworking) -> Self {
-        RustlsNetworking { client, server }
+impl RustNetworking {
+    pub fn new_plain_text(
+        client: RustTlsClientNetworking,
+        server: TokioPlainTextNetworking,
+    ) -> Self {
+        RustNetworking {
+            client,
+            server: Either::Left(server),
+        }
+    }
+
+    pub fn new_tls(client: RustTlsClientNetworking, server: RustTlsServerNetworking) -> Self {
+        RustNetworking {
+            client,
+            server: Either::Right(server),
+        }
     }
 
-    pub fn try_from_config(resolver: Arc<Resolver>, config: TlsConfig) -> Result<Self, TlsError> {
+    pub fn try_plain_text_from_config(
+        resolver: Arc<Resolver>,
+        client_config: ClientConfig,
+    ) -> Result<Self, TlsError> {
+        let client = RustTlsClientNetworking::try_from_config(resolver.clone(), client_config)?;
+        let server = TokioPlainTextNetworking::new(resolver);
+        Ok(RustNetworking {
+            client,
+            server: Either::Left(server),
+        })
+    }
+
+    pub fn try_tls_from_config(
+        resolver: Arc<Resolver>,
+        config: TlsConfig,
+    ) -> Result<Self, TlsError> {
         let TlsConfig {
             client: client_conf,
             server: server_conf,
         } = config;
-        let client = RustlsClientNetworking::try_from_config(resolver, client_conf)?;
-        let server = RustlsServerNetworking::try_from(server_conf)?;
-        Ok(RustlsNetworking { client, server })
+        let client = RustTlsClientNetworking::try_from_config(resolver, client_conf)?;
+        let server = RustTlsServerNetworking::try_from(server_conf)?;
+        Ok(RustNetworking {
+            client,
+            server: Either::Right(server),
+        })
     }
 }
 
-impl ClientConnections for RustlsNetworking {
+impl ClientConnections for RustNetworking {
     type ClientSocket = MaybeTlsStream;
 
     fn try_open(
@@ -96,18 +130,24 @@ impl ClientConnections for RustlsNetworking {
     }
 }
 
-impl ServerConnections for RustlsNetworking {
+impl ServerConnections for RustNetworking {
     type ServerSocket = MaybeTlsStream;
 
-    type ListenerType = MaybeRustlsListener;
+    type ListenerType = MaybeRustTlsListener;
 
     fn bind(
         &self,
         addr: SocketAddr,
     ) -> BoxFuture<'static, ConnResult<(SocketAddr, Self::ListenerType)>> {
-        self.server
-            .make_listener(addr)
-            .map_ok(|(addr, listener)| (addr, MaybeRustlsListener::from(listener)))
-            .boxed()
+        match &self.server {
+            Either::Left(plain_text_server) => plain_text_server
+                .bind(addr)
+                .map_ok(|(addr, listener)| (addr, MaybeRustTlsListener::from(listener)))
+                .boxed(),
+            Either::Right(tls_server) => tls_server
+                .make_listener(addr)
+                .map_ok(|(addr, listener)| (addr, MaybeRustTlsListener::from(listener)))
+                .boxed(),
+        }
     }
 }

runtime/swimos_tls/src/net/server.rs

@@ -37,37 +37,37 @@ use crate::{
 
 /// [`ServerConnections`] implementation that only supports secure connections.
 #[derive(Clone)]
-pub struct RustlsServerNetworking {
+pub struct RustTlsServerNetworking {
     acceptor: TlsAcceptor,
 }
 
 async fn accept_tls(
     acceptor: TlsAcceptor,
     addr: SocketAddr,
-) -> ConnResult<(SocketAddr, RustlsListener)> {
+) -> ConnResult<(SocketAddr, RustTlsListener)> {
     let listener = TcpListener::bind(addr).await?;
     let bound_to = listener.local_addr()?;
-    Ok((bound_to, RustlsListener { listener, acceptor }))
+    Ok((bound_to, RustTlsListener { listener, acceptor }))
 }
 
-impl RustlsServerNetworking {
+impl RustTlsServerNetworking {
     pub fn make_listener(
         &self,
         addr: SocketAddr,
-    ) -> impl Future<Output = ConnResult<(SocketAddr, RustlsListener)>> + Send + 'static {
-        let RustlsServerNetworking { acceptor } = self;
+    ) -> impl Future<Output = ConnResult<(SocketAddr, RustTlsListener)>> + Send + 'static {
+        let RustTlsServerNetworking { acceptor } = self;
         let acc = acceptor.clone();
         accept_tls(acc, addr)
     }
 }
 
-impl RustlsServerNetworking {
+impl RustTlsServerNetworking {
     pub fn new(acceptor: TlsAcceptor) -> Self {
-        RustlsServerNetworking { acceptor }
+        RustTlsServerNetworking { acceptor }
     }
 }
 
-impl TryFrom<ServerConfig> for RustlsServerNetworking {
+impl TryFrom<ServerConfig> for RustTlsServerNetworking {
     type Error = TlsError;
 
     fn try_from(config: ServerConfig) -> Result<Self, Self::Error> {
@@ -108,14 +108,14 @@ impl TryFrom<ServerConfig> for RustlsServerNetworking {
             config.key_log = Arc::new(KeyLogFile::new());
         }
         let acceptor = TlsAcceptor::from(Arc::new(config));
-        Ok(RustlsServerNetworking::new(acceptor))
+        Ok(RustTlsServerNetworking::new(acceptor))
     }
 }
 
-impl ServerConnections for RustlsServerNetworking {
+impl ServerConnections for RustTlsServerNetworking {
     type ServerSocket = TlsStream<TcpStream>;
 
-    type ListenerType = RustlsListener;
+    type ListenerType = RustTlsListener;
 
     fn bind(
         &self,
@@ -127,16 +127,16 @@ impl ServerConnections for RustlsServerNetworking {
 
 /// A listener that will listen for incoming TCP connections and attempt to negotiate a
 /// TLS connection over them.
-pub struct RustlsListener {
+pub struct RustTlsListener {
     listener: TcpListener,
     acceptor: TlsAcceptor,
 }
 
-impl Listener<TlsStream<TcpStream>> for RustlsListener {
+impl Listener<TlsStream<TcpStream>> for RustTlsListener {
     type AcceptStream = BoxListenerStream<TlsStream<TcpStream>>;
 
     fn into_stream(self) -> Self::AcceptStream {
-        let RustlsListener { listener, acceptor } = self;
+        let RustTlsListener { listener, acceptor } = self;
         tls_accept_stream(listener, acceptor).boxed()
     }
 }
@@ -226,27 +226,45 @@ fn tls_accept_stream(
     })
 }
 
-/// This wraps connections for a [`RustlsListener`] as [`crate::maybe::MaybeTlsStream`] to unify server and client
+/// This wraps connections for [`TcpListener`] and [`RustTlsListener`] as [`crate::maybe::MaybeTlsStream`] to unify server and client
 /// connection types.
-pub struct MaybeRustlsListener {
-    inner: RustlsListener,
+pub struct MaybeRustTlsListener {
+    inner: Either<TcpListener, RustTlsListener>,
 }
 
-impl From<RustlsListener> for MaybeRustlsListener {
-    fn from(inner: RustlsListener) -> Self {
-        MaybeRustlsListener { inner }
+impl From<TcpListener> for MaybeRustTlsListener {
+    fn from(inner: TcpListener) -> Self {
+        MaybeRustTlsListener {
+            inner: Either::Left(inner),
+        }
+    }
+}
+
+impl From<RustTlsListener> for MaybeRustTlsListener {
+    fn from(inner: RustTlsListener) -> Self {
+        MaybeRustTlsListener {
+            inner: Either::Right(inner),
+        }
     }
 }
 
-impl Listener<MaybeTlsStream> for MaybeRustlsListener {
+impl Listener<MaybeTlsStream> for MaybeRustTlsListener {
     type AcceptStream = BoxListenerStream<MaybeTlsStream>;
 
     fn into_stream(self) -> Self::AcceptStream {
-        let MaybeRustlsListener {
-            inner: RustlsListener { listener, acceptor },
-        } = self;
-        tls_accept_stream(listener, acceptor)
-            .map_ok(|(sock, scheme, addr)| (MaybeTlsStream::Tls(sock), scheme, addr))
-            .boxed()
+        let MaybeRustTlsListener { inner } = self;
+
+        match inner {
+            Either::Left(listener) => listener
+                .into_stream()
+                .map_ok(|(sock, scheme, addr)| (MaybeTlsStream::Plain(sock), scheme, addr))
+                .boxed(),
+
+            Either::Right(RustTlsListener { listener, acceptor }) => {
+                tls_accept_stream(listener, acceptor)
+                    .map_ok(|(sock, scheme, addr)| (MaybeTlsStream::Tls(sock), scheme, addr))
+                    .boxed()
+            }
+        }
     }
 }

runtime/swimos_tls/src/net/tests.rs

@@ -21,8 +21,8 @@ use swimos_remote::net::{
 };
 
 use crate::{
-    CertChain, CertificateFile, ClientConfig, PrivateKey, RustlsClientNetworking,
-    RustlsServerNetworking, ServerConfig,
+    CertChain, CertificateFile, ClientConfig, PrivateKey, RustTlsClientNetworking,
+    RustTlsServerNetworking, ServerConfig,
 };
 
 const CERTS_PATH: &str = "test-data/certs";
@@ -68,8 +68,8 @@ fn make_client_config() -> ClientConfig {
 #[tokio::test]
 async fn perform_handshake() {
     let server_net =
-        RustlsServerNetworking::try_from(make_server_config()).expect("Invalid server config.");
-    let client_net = RustlsClientNetworking::try_from_config(
+        RustTlsServerNetworking::try_from(make_server_config()).expect("Invalid server config.");
+    let client_net = RustTlsClientNetworking::try_from_config(
         Arc::new(Resolver::new().await),
         make_client_config(),
     )