From 8adecba7e5854307cb893006d31860bf98af2d18 Mon Sep 17 00:00:00 2001
From: Dom <dom@itsallbroken.com>
Date: Sat, 5 Oct 2019 21:11:24 +0100
Subject: [PATCH 1/2] transport: no crash after bad TLS handshake

Prevents the server exiting after a bad TLS handshake / error during
accept(). Instead the connection is dropped and the server continues to
serve new clients.

Previously an error would bubble up from the TLS library (tested with
rustls) and cause hyper to exit with:

	[src/main.rs:85] &e = Error(
		Server,
		Error(
			Accept,
			Custom {
				kind: InvalidData,
				error: CorruptMessage,
			},
		),
	)
---
 tonic/src/transport/server.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tonic/src/transport/server.rs b/tonic/src/transport/server.rs
index 34cd32711..3c979f022 100644
--- a/tonic/src/transport/server.rs
+++ b/tonic/src/transport/server.rs
@@ -207,7 +207,10 @@ impl Server {
                 #[cfg(feature = "tls")]
                 {
                     if let Some(tls) = &self.tls {
-                        let io = tls.connect(stream.into_inner()).await?;
+                        let io = match tls.connect(stream.into_inner()).await {
+                            Ok(io) => io,
+                            Err(_) => continue,
+                        };
                         yield BoxedIo::new(io);
                         continue;
                     }

From f15e24b099faa9169cea6c5ea9ba9013264ecea1 Mon Sep 17 00:00:00 2001
From: Dom <dom@itsallbroken.com>
Date: Sun, 6 Oct 2019 22:32:46 +0100
Subject: [PATCH 2/2] transport: add tracing error for TLS handshake failure

Co-Authored-By: Lucio Franco <luciofranco14@gmail.com>
---
 tonic/src/transport/server.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tonic/src/transport/server.rs b/tonic/src/transport/server.rs
index 3c979f022..9878a2b0f 100644
--- a/tonic/src/transport/server.rs
+++ b/tonic/src/transport/server.rs
@@ -28,6 +28,8 @@ use tower::{
     ServiceBuilder,
 };
 use tower_make::MakeService;
+#[cfg(feature = "tls")]
+use tracing::error;
 
 type BoxService = tower::util::BoxService<Request<Body>, Response<BoxBody>, crate::Error>;
 type Interceptor = Arc<dyn Layer<BoxService, Service = BoxService> + Send + Sync + 'static>;
@@ -209,7 +211,10 @@ impl Server {
                     if let Some(tls) = &self.tls {
                         let io = match tls.connect(stream.into_inner()).await {
                             Ok(io) => io,
-                            Err(_) => continue,
+                            Err(error) => {
+                                error!(message = "Unable to accept incoming connection.", %error);
+                                continue
+                            },
                         };
                         yield BoxedIo::new(io);
                         continue;