tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor

Browse source
This commit is contained in:
Jun Kurihara 2023-07-12 19:11:30 +09:00
commit f2327778f6
No known key found for this signature in database
GPG key ID: 48ADFD173ED22B03
5 changed files with 23 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/cert_reader.rs → src/cert_file_reader.rs
View file

@ -1,4 +1,4 @@
use crate::{log::*, proxy::CertsAndKeys}; use crate::{certs::CertsAndKeys, log::*};
use rustls::{Certificate, PrivateKey}; use rustls::{Certificate, PrivateKey};
use std::{ use std::{
fs::File, fs::File,

17
src/certs.rs Normal file
View file

@ -0,0 +1,17 @@
use async_trait::async_trait;
use rustls::{Certificate, PrivateKey};
/// Certificates and private keys in rustls loaded from files
#[derive(Debug, PartialEq, Eq, Clone)]
pub struct CertsAndKeys {
pub certs: Vec<Certificate>,
pub cert_keys: Vec<PrivateKey>,
pub client_ca_certs: Option<Vec<Certificate>>,
}
#[async_trait]
// Trait to read certs and keys anywhere from KVS, file, sqlite, etc.
pub trait ReadCerts {
type Error;
async fn read_crypto_source(&self) -> Result<CertsAndKeys, Self::Error>;
}

3
src/main.rs
View file

@ -6,7 +6,8 @@ use tikv_jemallocator::Jemalloc;
static GLOBAL: Jemalloc = Jemalloc; static GLOBAL: Jemalloc = Jemalloc;
mod backend; mod backend;
mod cert_reader; mod cert_file_reader;
mod certs;
mod config; mod config;
mod constants; mod constants;
mod error; mod error;

13
src/proxy/crypto_service.rs
View file

@ -1,5 +1,6 @@
use crate::{ use crate::{
cert_reader::read_certs_and_keys, // TODO: Trait defining read_certs_and_keys and add struct implementing the trait to backend when build backend cert_file_reader::read_certs_and_keys, // TODO: Trait defining read_certs_and_keys and add struct implementing the trait to backend when build backend
certs::CertsAndKeys,
globals::Globals, globals::Globals,
log::*, log::*,
utils::ServerNameBytesExp, utils::ServerNameBytesExp,
@ -10,7 +11,7 @@ use rustc_hash::{FxHashMap as HashMap, FxHashSet as HashSet};
use rustls::{ use rustls::{
server::ResolvesServerCertUsingSni, server::ResolvesServerCertUsingSni,
sign::{any_supported_type, CertifiedKey}, sign::{any_supported_type, CertifiedKey},
Certificate, OwnedTrustAnchor, PrivateKey, RootCertStore, ServerConfig, OwnedTrustAnchor, RootCertStore, ServerConfig,
}; };
use std::{io, sync::Arc}; use std::{io, sync::Arc};
use x509_parser::prelude::*; use x509_parser::prelude::*;
@ -21,14 +22,6 @@ pub struct CryptoReloader {
globals: Arc<Globals>, globals: Arc<Globals>,
} }
/// Certificates and private keys in rustls loaded from files
#[derive(Debug, PartialEq, Eq, Clone)]
pub struct CertsAndKeys {
pub certs: Vec<Certificate>,
pub cert_keys: Vec<PrivateKey>,
pub client_ca_certs: Option<Vec<Certificate>>,
}
pub type SniServerCryptoMap = HashMap<ServerNameBytesExp, Arc<ServerConfig>>; pub type SniServerCryptoMap = HashMap<ServerNameBytesExp, Arc<ServerConfig>>;
pub struct ServerCrypto { pub struct ServerCrypto {
// For Quic/HTTP3, only servers with no client authentication // For Quic/HTTP3, only servers with no client authentication

1
src/proxy/mod.rs
View file

@ -5,5 +5,4 @@ mod proxy_h3;
mod proxy_main; mod proxy_main;
mod proxy_tls; mod proxy_tls;
pub use crypto_service::CertsAndKeys;
pub use proxy_main::{Proxy, ProxyBuilder, ProxyBuilderError}; pub use proxy_main::{Proxy, ProxyBuilder, ProxyBuilderError};