Mirrored_Repos/veloren
1
0
Fork 0
mirror of https://gitlab.com/veloren/veloren.git synced 2024-08-30 18:12:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove quic_files server setting

Browse Source 
(cherry picked from commit 38339d90ceb87008bbb0ce31ad4e28350213a401)
This commit is contained in:
protheory8 2021-10-15 11:45:55 +00:00 committed by Marcel Märtens
parent 89580eba8c
commit 7148737252
3 changed files with 92 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
server-cli/src/main.rs
View File

@ -18,7 +18,7 @@ use crate::{
use common::{clock::Clock, consts::MIN_RECOMMENDED_TOKIO_THREADS}; use common::{clock::Clock, consts::MIN_RECOMMENDED_TOKIO_THREADS};
use common_base::span; use common_base::span;
use core::sync::atomic::{AtomicUsize, Ordering}; use core::sync::atomic::{AtomicUsize, Ordering};
use server::{persistence::DatabaseSettings, Event, Input, Server}; use server::{persistence::DatabaseSettings, settings::Protocol, Event, Input, Server};
use std::{ use std::{
io, io,
sync::{atomic::AtomicBool, mpsc, Arc}, sync::{atomic::AtomicBool, mpsc, Arc},
@ -158,7 +158,7 @@ fn main() -> io::Result<()> {
server_settings.auth_server_address = None; server_settings.auth_server_address = None;
} }
let protocols_and_addresses = server_settings.protocols_and_addresses.clone(); let protocols_and_addresses = server_settings.gameserver_protocols.clone();
let metrics_port = &server_settings.metrics_address.port(); let metrics_port = &server_settings.metrics_address.port();
// Create server // Create server
let mut server = Server::new( let mut server = Server::new(
@ -170,14 +170,23 @@ fn main() -> io::Result<()> {
) )
.expect("Failed to create server instance!"); .expect("Failed to create server instance!");
for (_, addr) in protocols_and_addresses { for protocol in protocols_and_addresses {
info!( match protocol {
?addr, Protocol::Tcp { address } => {
?metrics_port, info!(?address, "TCP socket is ready to accept connections.");
"Server is ready to accept connections." },
); Protocol::Quic {
address,
cert_file_path: _,
key_file_path: _,
} => {
info!(?address, "QUIC socket is ready to accept connections.");
},
}
} }
info!(?metrics_port, "Server is ready to accept connections.");
let mut shutdown_coordinator = ShutdownCoordinator::new(Arc::clone(&sigusr1_signal)); let mut shutdown_coordinator = ShutdownCoordinator::new(Arc::clone(&sigusr1_signal));
// Set up an fps clock // Set up an fps clock

107
server/src/lib.rs
View File

@ -466,64 +466,67 @@ impl Server {
.await .await
}); });
let quic_server_config = if let Some(quic) = &settings.quic_files {
use rustls_pemfile::Item;
use std::fs;
match || -> Result<_, Box<dyn std::error::Error>> {
let key = fs::read(&quic.key)?;
let key = if quic.key.extension().map_or(false, |x| x == "der") {
rustls::PrivateKey(key)
} else {
debug!("convert pem key to der");
let key = rustls_pemfile::read_all(&mut key.as_slice())?
.into_iter()
.find_map(|item| match item {
Item::RSAKey(v) | Item::PKCS8Key(v) => Some(v),
Item::X509Certificate(_) => None,
})
.ok_or("No valid pem key in file")?;
rustls::PrivateKey(key)
};
let cert_chain = fs::read(&quic.cert)?;
let cert_chain = if quic.cert.extension().map_or(false, |x| x == "der") {
vec![rustls::Certificate(cert_chain)]
} else {
debug!("convert pem cert to der");
let certs = rustls_pemfile::certs(&mut cert_chain.as_slice())?;
certs.into_iter().map(rustls::Certificate).collect()
};
let server_config = quinn::ServerConfig::with_single_cert(cert_chain, key)?;
Ok(server_config)
}() {
Ok(server_config) => Some(server_config),
Err(e) => {
error!(?e, ?settings.quic_files, "Failed to load the TLS certificate, running without QUIC");
None
},
}
} else {
None
};
let mut printed_quic_warning = false; let mut printed_quic_warning = false;
for (protocol, address) in &settings.protocols_and_addresses { for protocol in &settings.gameserver_protocols {
match protocol { match protocol {
Protocol::Tcp => { Protocol::Tcp { address } => {
runtime.block_on(network.listen(ListenAddr::Tcp(*address)))?; runtime.block_on(network.listen(ListenAddr::Tcp(*address)))?;
}, },
Protocol::Quic => { Protocol::Quic {
if let Some(server_config) = &quic_server_config { address,
runtime.block_on( cert_file_path,
network.listen(ListenAddr::Quic(*address, server_config.clone())), key_file_path,
)?; } => {
use rustls_pemfile::Item;
use std::fs;
if !printed_quic_warning { match || -> Result<_, Box<dyn std::error::Error>> {
warn!( let key = fs::read(&key_file_path)?;
"QUIC is enabled. This is experimental and not recommended in \ let key = if key_file_path.extension().map_or(false, |x| x == "der") {
production" rustls::PrivateKey(key)
} else {
debug!("convert pem key to der");
let key = rustls_pemfile::read_all(&mut key.as_slice())?
.into_iter()
.find_map(|item| match item {
Item::RSAKey(v) | Item::PKCS8Key(v) => Some(v),
Item::X509Certificate(_) => None,
})
.ok_or("No valid pem key in file")?;
rustls::PrivateKey(key)
};
let cert_chain = fs::read(&cert_file_path)?;
let cert_chain = if cert_file_path.extension().map_or(false, |x| x == "der")
{
vec![rustls::Certificate(cert_chain)]
} else {
debug!("convert pem cert to der");
let certs = rustls_pemfile::certs(&mut cert_chain.as_slice())?;
certs.into_iter().map(rustls::Certificate).collect()
};
let server_config = quinn::ServerConfig::with_single_cert(cert_chain, key)?;
Ok(server_config)
}() {
Ok(server_config) => {
runtime.block_on(
network.listen(ListenAddr::Quic(*address, server_config.clone())),
)?;
if !printed_quic_warning {
warn!(
"QUIC is enabled. This is experimental and not recommended in \
production"
);
printed_quic_warning = true;
}
},
Err(e) => {
error!(
?e,
"Failed to load the TLS certificate, running without QUIC {}",
*address
); );
printed_quic_warning = true; },
}
} }
}, },
} }

40
server/src/settings.rs
View File

@ -65,10 +65,16 @@ impl ServerBattleMode {
} }
} }
#[derive(Debug, Clone, Copy, Serialize, Deserialize)] #[derive(Debug, Clone, Serialize, Deserialize)]
pub enum Protocol { pub enum Protocol {
Quic, Quic {
Tcp, address: SocketAddr,
cert_file_path: PathBuf,
key_file_path: PathBuf,
},
Tcp {
address: SocketAddr,
},
} }
#[derive(Clone, Debug, Serialize, Deserialize)] #[derive(Clone, Debug, Serialize, Deserialize)]
@ -97,10 +103,9 @@ impl CalendarMode {
#[derive(Clone, Debug, Serialize, Deserialize)] #[derive(Clone, Debug, Serialize, Deserialize)]
#[serde(default)] #[serde(default)]
pub struct Settings { pub struct Settings {
pub protocols_and_addresses: Vec<(Protocol, SocketAddr)>, pub gameserver_protocols: Vec<Protocol>,
pub metrics_address: SocketAddr, pub metrics_address: SocketAddr,
pub auth_server_address: Option<String>, pub auth_server_address: Option<String>,
pub quic_files: Option<X509FilePair>,
pub max_players: usize, pub max_players: usize,
pub world_seed: u32, pub world_seed: u32,
pub battle_mode: ServerBattleMode, pub battle_mode: ServerBattleMode,
@ -127,19 +132,16 @@ pub struct Settings {
impl Default for Settings { impl Default for Settings {
fn default() -> Self { fn default() -> Self {
Self { Self {
protocols_and_addresses: vec![ gameserver_protocols: vec![
( Protocol::Tcp {
Protocol::Tcp, address: SocketAddr::from((Ipv6Addr::UNSPECIFIED, 14004)),
SocketAddr::from((Ipv6Addr::UNSPECIFIED, 14004)), },
), Protocol::Tcp {
( address: SocketAddr::from((Ipv4Addr::UNSPECIFIED, 14004)),
Protocol::Tcp, },
SocketAddr::from((Ipv4Addr::UNSPECIFIED, 14004)),
),
], ],
metrics_address: SocketAddr::from((Ipv4Addr::LOCALHOST, 14005)), metrics_address: SocketAddr::from((Ipv4Addr::LOCALHOST, 14005)),
auth_server_address: Some("https://auth.veloren.net".into()), auth_server_address: Some("https://auth.veloren.net".into()),
quic_files: None,
world_seed: DEFAULT_WORLD_SEED, world_seed: DEFAULT_WORLD_SEED,
server_name: "Veloren Alpha".into(), server_name: "Veloren Alpha".into(),
max_players: 100, max_players: 100,
@ -212,19 +214,17 @@ impl Settings {
Self { Self {
// BUG: theoretically another process can grab the port between here and server // BUG: theoretically another process can grab the port between here and server
// creation, however the time window is quite small. // creation, however the time window is quite small.
protocols_and_addresses: vec![( gameserver_protocols: vec![Protocol::Tcp {
Protocol::Tcp, address: SocketAddr::from((
SocketAddr::from((
Ipv4Addr::LOCALHOST, Ipv4Addr::LOCALHOST,
pick_unused_port().expect("Failed to find unused port!"), pick_unused_port().expect("Failed to find unused port!"),
)), )),
)], }],
metrics_address: SocketAddr::from(( metrics_address: SocketAddr::from((
Ipv4Addr::LOCALHOST, Ipv4Addr::LOCALHOST,
pick_unused_port().expect("Failed to find unused port!"), pick_unused_port().expect("Failed to find unused port!"),
)), )),
auth_server_address: None, auth_server_address: None,
quic_files: None,
// If loading the default map file, make sure the seed is also default. // If loading the default map file, make sure the seed is also default.
world_seed: if load.map_file.is_some() { world_seed: if load.map_file.is_some() {
load.world_seed load.world_seed