refactor

src/proxy/backend.rs

@@ -99,8 +99,15 @@ impl Backend {
   }
   pub async fn update_server_config(&self) -> io::Result<()> {
     debug!("Update TLS server config");
-    let certs_path = self.tls_cert_path.as_ref().unwrap();
+    let (certs_path, certs_keys_path) =
-    let certs_keys_path = self.tls_cert_key_path.as_ref().unwrap();
+      if let (Some(c), Some(k)) = (self.tls_cert_path.as_ref(), self.tls_cert_key_path.as_ref()) {
+        (c, k)
+      } else {
+        return Err(io::Error::new(
+          io::ErrorKind::Other,
+          "Invalid certs and keys paths",
+        ));
+      };
     let certs: Vec<_> = {
       let certs_path_str = certs_path.display().to_string();
       let mut reader = BufReader::new(File::open(certs_path).map_err(|e| {

src/proxy/proxy_tls.rs

@@ -34,18 +34,18 @@ where
     loop {
       select! {
         tcp_cnx = tcp_listener.accept().fuse() => {
-          if tcp_cnx.is_err() {
+          // First check SNI
+          let rustls_acceptor = rustls::server::Acceptor::new();
+          if tcp_cnx.is_err() || rustls_acceptor.is_err() {
             continue;
           }
           let (raw_stream, _client_addr) = tcp_cnx.unwrap();
-
+          let acceptor = tokio_rustls::LazyConfigAcceptor::new(rustls_acceptor.unwrap(), raw_stream).await;
-          // First check SNI
-          let rustls_acceptor = rustls::server::Acceptor::new().unwrap();
-          let acceptor = tokio_rustls::LazyConfigAcceptor::new(rustls_acceptor, raw_stream).await;
           if acceptor.is_err() {
             continue;
           }
           let start = acceptor.unwrap();
+
           let client_hello = start.client_hello();
           debug!("SNI in ClientHello: {:?}", client_hello.server_name());
           // Find server config for given SNI