wip builder stub
This commit is contained in:
Jun Kurihara
parent
e18fafe4e6
commit
b168d1cdc5
3 changed files with 33 additions and 1 deletions
|
|
@ -12,4 +12,7 @@ pub enum RpxyCertError {
|
|||
/// Error when parsing client CA certificates: No client certificate found
|
||||
#[error("No client certificate found")]
|
||||
NoClientCert,
|
||||
/// Error for hot reload certificate reloader
|
||||
#[error("Certificate reload error: {0}")]
|
||||
CertificateReloadError(#[from] hot_reload::ReloaderError<crate::server_crypto::ServerCryptoBase>),
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,9 +8,37 @@ mod server_crypto;
|
|||
mod log {
|
||||
pub(crate) use tracing::{debug, error, info, warn};
|
||||
}
|
||||
|
||||
/* ------------------------------------------------ */
|
||||
pub use crate::{
|
||||
certs::SingleServerCertsKeys,
|
||||
crypto_source::{CryptoFileSource, CryptoFileSourceBuilder, CryptoFileSourceBuilderError, CryptoSource},
|
||||
server_crypto::{ServerCrypto, ServerNameBytes, ServerNameCryptoMap},
|
||||
};
|
||||
|
||||
use crate::{error::*, reloader_service::CryptoReloader, server_crypto::ServerCryptoBase};
|
||||
use hot_reload::{ReloaderReceiver, ReloaderService};
|
||||
|
||||
/* ------------------------------------------------ */
|
||||
/// Constants TODO: define from outside
|
||||
const CERTS_WATCH_DELAY_SECS: u32 = 60;
|
||||
const LOAD_CERTS_ONLY_WHEN_UPDATED: bool = true;
|
||||
|
||||
/* ------------------------------------------------ */
|
||||
/// Result type inner of certificate reloader service
|
||||
type ReloaderServiceResultInner = (
|
||||
ReloaderService<CryptoReloader, ServerCryptoBase>,
|
||||
ReloaderReceiver<ServerCryptoBase>,
|
||||
);
|
||||
/// Build certificate reloader service
|
||||
pub async fn build_cert_reloader() -> Result<ReloaderServiceResultInner, RpxyCertError>
|
||||
// where
|
||||
// T: CryptoSource + Clone + Send + Sync + 'static,
|
||||
{
|
||||
// TODO: fix later
|
||||
let source = rustc_hash::FxHashMap::default();
|
||||
|
||||
let (cert_reloader_service, cert_reloader_rx) =
|
||||
ReloaderService::<CryptoReloader, ServerCryptoBase>::new(&source, CERTS_WATCH_DELAY_SECS, !LOAD_CERTS_ONLY_WHEN_UPDATED)
|
||||
.await?;
|
||||
Ok((cert_reloader_service, cert_reloader_rx))
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ use std::sync::Arc;
|
|||
/// TODO: support for not only `CryptoFileSource` but also other type of sources
|
||||
type DynCryptoSource = dyn CryptoSource<Error = RpxyCertError> + Send + Sync + 'static;
|
||||
|
||||
#[derive(Clone)]
|
||||
/// Reloader service for certificates and keys for TLS
|
||||
pub struct CryptoReloader {
|
||||
inner: HashMap<ServerNameBytes, Arc<Box<DynCryptoSource>>>,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue