aquatic_ws: add setting for using tls; update TODO

TODO.md

@@ -2,10 +2,8 @@
 
 ## aquatic_ws
 * network
-  * actually run tls. maybe add config fields for number of tls and non-tls
-    workers, then run that amount of each. or add tls section to config, with
-    bool key use_tls and the tls cert things, then use that for all workers
   * test tls!
+  * handle tls certificate parse errors etc better
   * send/recv buffer size config
   * limit ws message sizes?
 * test

aquatic_ws/src/lib/config.rs

@@ -22,6 +22,9 @@ pub struct Config {
 pub struct NetworkConfig {
     /// Bind to this address
     pub address: SocketAddr,
+    pub use_tls: bool,
+    pub tls_pkcs12_path: String,
+    pub tls_pkcs12_password: String,
     /// Maximum number of torrents to accept in scrape request
     pub max_scrape_torrents: usize, // FIXME: should this really be in NetworkConfig?
     /// Maximum number of offers to accept in announce request
@@ -30,8 +33,6 @@ pub struct NetworkConfig {
     pub peer_announce_interval: usize, // FIXME: should this really be in NetworkConfig?
     pub poll_event_capacity: usize,
     pub poll_timeout_milliseconds: u64,
-    pub pkcs12_path: String,
-    pub pkcs12_password: String,
 }
 
 
@@ -87,13 +88,14 @@ impl Default for NetworkConfig {
     fn default() -> Self {
         Self {
             address: SocketAddr::from(([127, 0, 0, 1], 3000)),
+            use_tls: false,
+            tls_pkcs12_path: "".into(),
+            tls_pkcs12_password: "".into(),
             max_scrape_torrents: 255, // FIXME: what value is reasonable?
             max_offers: 10,
             peer_announce_interval: 120,
             poll_event_capacity: 4096,
             poll_timeout_milliseconds: 50,
-            pkcs12_path: "".into(),
-            pkcs12_password: "".into(),
         }
     }
 }

aquatic_ws/src/lib/lib.rs

@@ -35,7 +35,6 @@ pub fn run(config: Config){
                 i,
                 in_message_sender,
                 out_message_receiver,
-                false
             );
         });
     }

aquatic_ws/src/lib/network/mod.rs

@@ -25,7 +25,6 @@ pub fn run_socket_worker(
     socket_worker_index: usize,
     in_message_sender: InMessageSender,
     out_message_receiver: OutMessageReceiver,
-    use_tls: bool
 ){
     let poll_timeout = Duration::from_millis(
         config.network.poll_timeout_milliseconds
@@ -39,7 +38,7 @@ pub fn run_socket_worker(
         .register(&mut listener, Token(0), Interest::READABLE)
         .unwrap();
 
-    let opt_tls_acceptor = if use_tls {
+    let opt_tls_acceptor = if config.network.use_tls {
         Some(create_tls_acceptor(&config))
     } else {
         None

aquatic_ws/src/lib/network/utils.rs

@@ -40,14 +40,14 @@ pub fn create_tls_acceptor(
     config: &Config,
 ) -> TlsAcceptor {
     let mut identity_bytes = Vec::new();
-    let mut file = File::open(&config.network.pkcs12_path)
+    let mut file = File::open(&config.network.tls_pkcs12_path)
         .expect("open pkcs12 file");
 
     file.read_to_end(&mut identity_bytes).expect("read pkcs12 file");
 
     let identity = Identity::from_pkcs12(
         &mut identity_bytes,
-        &config.network.pkcs12_password
+        &config.network.tls_pkcs12_password
     ).expect("create pkcs12 identity");
 
     let acceptor = TlsAcceptor::new(identity)