[swift-server-dev] HTTP API proposal for TLS integration

Gelareh Taban gtaban at us.ibm.com
Mon Oct 30 11:41:39 CDT 2017 


Hi all,

As part of PR#78 for TLS integration into HTTP,
https://github.com/swift-server/http/pull/78, I had to update the HTTP API
and would like to ask for feedback.

The TLS code sits in:
https://github.com/gtaban/security.git  		// protocol definitions and
data types
https://github.com/gtaban/TLSService.git	// implementation using OpenSSL
on Linux and SecureTransport on macOS

The proposed HTTP API changes are in HTTPServing protocol:

     /// Start the HTTP server on the given `port`, using `handler` to
process incoming requests
 -    func start(port: Int, handler: @escaping HTTPRequestHandler) throws

 +    func start(port: Int, tls: TLSConfiguration?, handler: @escaping
HTTPRequestHandler) throws


and HTTPServer class `start()` function:

 -    public func start(port: Int = 0, handler: @escaping
HTTPRequestHandler) throws {
 -        try server.start(port: port, handler: handler)

 +    public func start(port: Int = 0, tls: TLSConfiguration? = nil,
handler: @escaping HTTPRequestHandler) throws {
 +        try server.start(port: port, tlsConfig: tls, handler: handler)

TLSConfiguration is a struct defined in:
https://github.com/gtaban/security/blob/master/Sources/ServerSecurity/TLSConfiguration.swift

which stores TLS parameters that are needed to configure a TLS connection.
These include credentials (certificates and passwords) and cipher suites.


There is a corresponding change in PoCSocket/PoCSocketSimpleServer.swift
`start()` to pass in the configuration.

The way that the proposed APIs would get uses can be seen in
Tests/HTTPTests/TLSServerTests.swift.

        let config = createCASignedTLSConfig()

        // HTTP
        try server.start(port: 0, handler: simpleHelloWebApp.handle)

        // HTTPS
        try server.start(port: 0, tls: config, handler:
simpleHelloWebApp.handle)


Regards,
Gelareh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.swift.org/pipermail/swift-server-dev/attachments/20171030/d82e01c7/attachment.html>

More information about the swift-server-dev mailing list