wip builder stub
This commit is contained in:
Jun Kurihara
parent
e18fafe4e6
commit
b168d1cdc5
3 changed files with 33 additions and 1 deletions
|
|
@ -12,4 +12,7 @@ pub enum RpxyCertError {
|
||||||
/// Error when parsing client CA certificates: No client certificate found
|
/// Error when parsing client CA certificates: No client certificate found
|
||||||
#[error("No client certificate found")]
|
#[error("No client certificate found")]
|
||||||
NoClientCert,
|
NoClientCert,
|
||||||
|
/// Error for hot reload certificate reloader
|
||||||
|
#[error("Certificate reload error: {0}")]
|
||||||
|
CertificateReloadError(#[from] hot_reload::ReloaderError<crate::server_crypto::ServerCryptoBase>),
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -8,9 +8,37 @@ mod server_crypto;
|
||||||
mod log {
|
mod log {
|
||||||
pub(crate) use tracing::{debug, error, info, warn};
|
pub(crate) use tracing::{debug, error, info, warn};
|
||||||
}
|
}
|
||||||
|
/* ------------------------------------------------ */
|
||||||
pub use crate::{
|
pub use crate::{
|
||||||
certs::SingleServerCertsKeys,
|
certs::SingleServerCertsKeys,
|
||||||
crypto_source::{CryptoFileSource, CryptoFileSourceBuilder, CryptoFileSourceBuilderError, CryptoSource},
|
crypto_source::{CryptoFileSource, CryptoFileSourceBuilder, CryptoFileSourceBuilderError, CryptoSource},
|
||||||
server_crypto::{ServerCrypto, ServerNameBytes, ServerNameCryptoMap},
|
server_crypto::{ServerCrypto, ServerNameBytes, ServerNameCryptoMap},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
use crate::{error::*, reloader_service::CryptoReloader, server_crypto::ServerCryptoBase};
|
||||||
|
use hot_reload::{ReloaderReceiver, ReloaderService};
|
||||||
|
|
||||||
|
/* ------------------------------------------------ */
|
||||||
|
/// Constants TODO: define from outside
|
||||||
|
const CERTS_WATCH_DELAY_SECS: u32 = 60;
|
||||||
|
const LOAD_CERTS_ONLY_WHEN_UPDATED: bool = true;
|
||||||
|
|
||||||
|
/* ------------------------------------------------ */
|
||||||
|
/// Result type inner of certificate reloader service
|
||||||
|
type ReloaderServiceResultInner = (
|
||||||
|
ReloaderService<CryptoReloader, ServerCryptoBase>,
|
||||||
|
ReloaderReceiver<ServerCryptoBase>,
|
||||||
|
);
|
||||||
|
/// Build certificate reloader service
|
||||||
|
pub async fn build_cert_reloader() -> Result<ReloaderServiceResultInner, RpxyCertError>
|
||||||
|
// where
|
||||||
|
// T: CryptoSource + Clone + Send + Sync + 'static,
|
||||||
|
{
|
||||||
|
// TODO: fix later
|
||||||
|
let source = rustc_hash::FxHashMap::default();
|
||||||
|
|
||||||
|
let (cert_reloader_service, cert_reloader_rx) =
|
||||||
|
ReloaderService::<CryptoReloader, ServerCryptoBase>::new(&source, CERTS_WATCH_DELAY_SECS, !LOAD_CERTS_ONLY_WHEN_UPDATED)
|
||||||
|
.await?;
|
||||||
|
Ok((cert_reloader_service, cert_reloader_rx))
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@ use std::sync::Arc;
|
||||||
/// TODO: support for not only `CryptoFileSource` but also other type of sources
|
/// TODO: support for not only `CryptoFileSource` but also other type of sources
|
||||||
type DynCryptoSource = dyn CryptoSource<Error = RpxyCertError> + Send + Sync + 'static;
|
type DynCryptoSource = dyn CryptoSource<Error = RpxyCertError> + Send + Sync + 'static;
|
||||||
|
|
||||||
|
#[derive(Clone)]
|
||||||
/// Reloader service for certificates and keys for TLS
|
/// Reloader service for certificates and keys for TLS
|
||||||
pub struct CryptoReloader {
|
pub struct CryptoReloader {
|
||||||
inner: HashMap<ServerNameBytes, Arc<Box<DynCryptoSource>>>,
|
inner: HashMap<ServerNameBytes, Arc<Box<DynCryptoSource>>>,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue