diff --git a/Cargo.lock b/Cargo.lock index 22c15ea4154d..cae12bff8554 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4847,9 +4847,9 @@ dependencies = [ [[package]] name = "poem" -version = "1.0.21" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a70978aaae37dc18bbd43e5ed31cfd665a79a07bba612477eb808520eb5b1dde" +checksum = "ab3fde11180e1e5c1585b90776c410b200dd9a157300c9e7dd16b25a6b1ea1dd" dependencies = [ "async-trait", "base64 0.13.0", diff --git a/common/base/Cargo.toml b/common/base/Cargo.toml index 456f1fd730ce..5c5ace452eec 100644 --- a/common/base/Cargo.toml +++ b/common/base/Cargo.toml @@ -25,7 +25,7 @@ pprof = { version = "0.5", features = ["flamegraph", "protobuf"] } tokio = { version = "1.13.0", features = ["macros", "rt", "rt-multi-thread", "sync", "fs", "signal"] } uuid = { version = "0.8", features = ["serde", "v4"] } serde = { version = "1.0", features = ["derive"] } -poem = { version = "1.0.21", features = ["tls"] } +poem = { version = "1.0.23", features = ["rustls"] } [dev-dependencies] diff --git a/common/base/src/http_shutdown_handlers.rs b/common/base/src/http_shutdown_handlers.rs index 5624e08f221e..626fc0873bbc 100644 --- a/common/base/src/http_shutdown_handlers.rs +++ b/common/base/src/http_shutdown_handlers.rs @@ -20,9 +20,10 @@ use common_tracing::tracing; use futures::FutureExt; use poem::listener::Acceptor; use poem::listener::AcceptorExt; +use poem::listener::IntoTlsConfigStream; use poem::listener::Listener; +use poem::listener::RustlsConfig; use poem::listener::TcpListener; -use poem::listener::TlsConfig; use poem::Endpoint; use tokio::sync::oneshot; use tokio::task::JoinHandle; @@ -45,7 +46,7 @@ impl HttpShutdownHandler { pub async fn start_service( &mut self, listening: String, - tls_config: Option, + tls_config: Option, ep: impl Endpoint + 'static, ) -> Result { assert!(self.join_handle.is_none()); @@ -65,13 +66,12 @@ impl HttpShutdownHandler { if let Some(tls_config) = tls_config { acceptor = acceptor - .tls(tls_config) - .map_err(|err| { + .rustls(tls_config.into_stream().map_err(|err| { ErrorCode::TLSConfigurationFailure(format!( "Cannot build TLS config for http service, cause {}", err )) - })? + })?) .boxed(); } diff --git a/metasrv/Cargo.toml b/metasrv/Cargo.toml index ceac5495191f..15dade74291a 100644 --- a/metasrv/Cargo.toml +++ b/metasrv/Cargo.toml @@ -69,7 +69,7 @@ tonic = { version = "0.6.0", features = ["tls"]} sha2 = "0.9.8" uuid = { version = "0.8", features = ["serde", "v4"] } -poem = { version = "1.0.21", features = ["tls"] } +poem = { version = "1.0.23", features = ["rustls"] } [dev-dependencies] common-meta-api = {path = "../common/meta/api" } diff --git a/metasrv/src/api/http_service.rs b/metasrv/src/api/http_service.rs index 03ad29c36c7e..fb083bb18045 100644 --- a/metasrv/src/api/http_service.rs +++ b/metasrv/src/api/http_service.rs @@ -17,7 +17,7 @@ use common_base::HttpShutdownHandler; use common_base::Stoppable; use common_exception::Result; use poem::get; -use poem::listener::TlsConfig; +use poem::listener::RustlsConfig; use poem::Endpoint; use poem::EndpointExt; use poem::Route; @@ -52,12 +52,12 @@ impl HttpService { .data(self.cfg.clone()) } - fn build_tls(config: &Config) -> Result { + fn build_tls(config: &Config) -> Result { let conf = config.clone(); let tls_cert = conf.admin_tls_server_cert; let tls_key = conf.admin_tls_server_key; - let cfg = TlsConfig::new() + let cfg = RustlsConfig::new() .cert(std::fs::read(tls_cert.as_str())?) .key(std::fs::read(tls_key.as_str())?); Ok(cfg) diff --git a/query/Cargo.toml b/query/Cargo.toml index a81dc41f2497..0233c67ac760 100644 --- a/query/Cargo.toml +++ b/query/Cargo.toml @@ -56,7 +56,7 @@ sqlparser = { git = "https://github.com/datafuse-extras/sqlparser-rs", rev = "ec ahash = "0.7.6" async-compat = "0.2.1" async-trait = "0.1" -poem = { version = "1.0.21", features = ["tls"] } +poem = { version = "1.0.23", features = ["rustls"] } bumpalo = "3.8.0" byteorder = "1" bytes = "1" diff --git a/query/src/api/http_service.rs b/query/src/api/http_service.rs index f79501681c5b..b8d091b42150 100644 --- a/query/src/api/http_service.rs +++ b/query/src/api/http_service.rs @@ -17,7 +17,7 @@ use std::path::Path; use common_exception::Result; use poem::get; -use poem::listener::TlsConfig; +use poem::listener::RustlsConfig; use poem::Endpoint; use poem::EndpointExt; use poem::Route; @@ -61,8 +61,8 @@ impl HttpService { .data(self.sessions.get_conf().clone()) } - fn build_tls(config: &Config) -> Result { - let mut cfg = TlsConfig::new() + fn build_tls(config: &Config) -> Result { + let mut cfg = RustlsConfig::new() .cert(std::fs::read(&config.query.api_tls_server_cert.as_str())?) .key(std::fs::read(&config.query.api_tls_server_key.as_str())?); if Path::new(&config.query.api_tls_server_root_ca_cert).exists() { diff --git a/query/src/common/service/http_shutdown_handles.rs b/query/src/common/service/http_shutdown_handles.rs index d42c65e97063..f3c1c2ec1be8 100644 --- a/query/src/common/service/http_shutdown_handles.rs +++ b/query/src/common/service/http_shutdown_handles.rs @@ -21,9 +21,10 @@ use common_exception::Result; use futures::FutureExt; use poem::listener::Acceptor; use poem::listener::AcceptorExt; +use poem::listener::IntoTlsConfigStream; use poem::listener::Listener; +use poem::listener::RustlsConfig; use poem::listener::TcpListener; -use poem::listener::TlsConfig; use poem::Endpoint; pub struct HttpShutdownHandler { @@ -44,7 +45,7 @@ impl HttpShutdownHandler { pub async fn start_service( &mut self, listening: SocketAddr, - tls_config: Option, + tls_config: Option, ep: impl Endpoint + 'static, ) -> Result { assert!(self.join_handle.is_none()); @@ -64,13 +65,12 @@ impl HttpShutdownHandler { if let Some(tls_config) = tls_config { acceptor = acceptor - .tls(tls_config) - .map_err(|err| { + .rustls(tls_config.into_stream().map_err(|err| { ErrorCode::TLSConfigurationFailure(format!( "Cannot build TLS config for http service, cause {}", err )) - })? + })?) .boxed(); }