tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

changed how to support multiple domains and support client authentication directly by rustls using split server_config

Browse source
This commit is contained in:
Jun Kurihara 2022-10-14 22:45:13 +09:00
commit 512690fce5
No known key found for this signature in database
GPG key ID: 48ADFD173ED22B03
11 changed files with 218 additions and 184 deletions
Download patch file Download diff file Expand all files Collapse all files

4
TODO.md
View file

@ -9,5 +9,7 @@
- Documentation
- Client certificate
- support intermediate certificate. Currently, only supports client certificates directly signed by root CA.
- split rustls::server::ServerConfig for SNIs
- Currently, we took the following approach (caveats)
- For Http2 and 1.1, prepare `rustls::ServerConfig` for each domain name and hence client CA cert is set for each one.
- For Http3, use aggregated `rustls::ServerConfig` for multiple domain names except for ones requiring client-auth. So, if a domain name is set with client authentication, http3 doesn't work for the domain.
- etc.