YGGverse/aquatic
1
0
Fork 0
mirror of https://github.com/YGGverse/aquatic.git synced 2026-04-02 02:35:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

aquatic_http glommio: modify tls config and file parsing

Browse source
This commit is contained in:
Joakim Frostegård 2021-10-26 19:38:37 +02:00
parent 02735ba2ff
commit 7fd2d4c42e
3 changed files with 42 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

34
aquatic_http/src/lib/glommio/network.rs
View file

@ -37,11 +37,11 @@ struct Connection {
pub async fn run_socket_worker(
config: Config,
tls_config: Arc<rustls::ServerConfig>,
request_mesh_builder: MeshBuilder<(ConnectionId, Request), Partial>,
response_mesh_builder: MeshBuilder<(ConnectionId, Response), Partial>,
num_bound_sockets: Arc<AtomicUsize>,
) {
let tls_config = Arc::new(create_tls_config(&config));
let config = Rc::new(config);
let listener = TcpListener::bind(config.network.address).expect("bind socket");
@ -174,35 +174,3 @@ impl Connection {
Request::from_bytes(&request_bytes[..]).map_err(|err| anyhow::anyhow!("{:?}", err))
}
}
fn create_tls_config(
config: &Config,
) -> rustls::ServerConfig {
let mut certs = Vec::new();
let mut private_key = None;
use std::iter;
use rustls_pemfile::{Item, read_one};
let pemfile = Vec::new();
let mut reader = BufReader::new(&pemfile[..]);
for item in iter::from_fn(|| read_one(&mut reader).transpose()) {
match item.unwrap() {
Item::X509Certificate(cert) => {
certs.push(rustls::Certificate(cert));
},
Item::RSAKey(key) | Item::PKCS8Key(key) => {
if private_key.is_none(){
private_key = Some(rustls::PrivateKey(key));
}
}
}
}
rustls::ServerConfig::builder()
.with_safe_defaults()
.with_no_client_auth()
.with_single_cert(certs, private_key.expect("no private key"))
.expect("bad certificate/key")
}