Skip to content
This repository has been archived by the owner on Aug 29, 2024. It is now read-only.

Add an example for a SSL server #67

Open
postmodern opened this issue Sep 25, 2023 · 9 comments
Open

Add an example for a SSL server #67

postmodern opened this issue Sep 25, 2023 · 9 comments

Comments

@postmodern
Copy link
Contributor

I think it would be beneficial to add an example of how to start a SSL/TLS server using custom SSL certificate and private key files. It appears that Async::IO::Endpoint.ssl accepts a ssl_context keyword argument. Is that how you create a custom SSL/TLS server? Or is there another way to pass in the SSL certificate and key information?

@ioquatix
Copy link
Member

Not sure if this helps, but there are examples of how to configure SSL certificates here: https://github.com/socketry/sus-fixtures-openssl/tree/main/test/sus/fixtures/openssl

They can be used like this: https://github.com/socketry/async-http/blob/main/test/async/http/ssl.rb

Does that help?

@ioquatix
Copy link
Member

As an aside, I'd prefer if we had less OpenSSL specific methods of constructing SSL connections - as there are multiple implementations of SSL and they basically just need the right certificates. Because we depend specifically on the OpenSSL context interface, we depend on OpenSSL itself.

@marek22k
Copy link

marek22k commented Sep 29, 2023

I would also be interested in such an example - especially if it is also possible to apply StartSSL. (without creating an OpenSSL instance myself). If there is no support for StartSSL yet, I would make a feature request.

@ioquatix
Copy link
Member

For Ruby 3.1+ using Async 2, async-io has diminishing relevance.

By the time Ruby 3.0 is EOL, this gem will also be EOL.

I don't think we should continue to extend this gem for new features, as it was originally designed as a shim for Ruby's IO classes.

In that case, my suggestion is we fix any deficiencies in Ruby's core IO classes.

@marek22k
Copy link

That means the recommendation now for Ruby 3.1 and higher is not to use async-io anymore, but the native Ruby library? Will other async gems also be EOL then?

@ioquatix
Copy link
Member

That means the recommendation now for Ruby 3.1 and higher is not to use async-io anymore, but the native Ruby library?

You can continue to use it.

We may make a final "Ruby 3.1" shim update which basically replaces all the wrappers with native IO.

Other Async gems will become compatible with raw IO. Some parts like Async::IO::Stream may continue to live on as there is no equivalent in pure Ruby.

Extracting the endpoint functionality is going on here: https://github.com/socketry/io-endpoint

@postmodern
Copy link
Contributor Author

For Ruby 3.1+ using Async 2, async-io has diminishing relevance.

By the time Ruby 3.0 is EOL, this gem will also be EOL.

Wow I was unaware of this. Since I have some WIP gems that use async-io as a dependency, is there an upgrade guide for async-io to Async 2?

@postmodern
Copy link
Contributor Author

I managed to create a simple SSL server example:

#!/usr/bin/env ruby

require 'async'
require 'async/io'
require 'async/io/stream'

key_file = File.join(__dir__,'key.pem')
cert_file = File.join(__dir__,'cert.crt')

ssl_context = OpenSSL::SSL::SSLContext.new
ssl_context.key = OpenSSL::PKey::RSA.new(File.read(key_file))
ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(cert_file))

endpoint = Async::IO::Endpoint.ssl('localhost',5678, ssl_context: ssl_context)

Async do |async|
	endpoint.accept do |peer|
		stream = Async::IO::Stream.new(peer)

		stream.puts "Hello!"

		while line = stream.read_partial
			puts "Received: #{line}"
		end
	end
end

@ioquatix should I submit a PR or post it Discussions?

@ioquatix
Copy link
Member

Please feel free to contribute it into the examples directory with a working client and server.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants