refactor

2023-07-12 19:11:30 +09:00 · 2023-07-12 19:11:30 +09:00 · f2327778f6
commit f2327778f6
parent 7311dbc68e
5 changed files with 23 additions and 13 deletions
--- a/src/cert_file_reader.rs
+++ b/src/cert_file_reader.rs
@ -1,4 +1,4 @@
-use crate::{log::*, proxy::CertsAndKeys};
+use crate::{certs::CertsAndKeys, log::*};
 use rustls::{Certificate, PrivateKey};
 use std::{
  fs::File,
--- a/src/certs.rs
+++ b/src/certs.rs
@ -0,0 +1,17 @@
+use async_trait::async_trait;
+use rustls::{Certificate, PrivateKey};
+
+/// Certificates and private keys in rustls loaded from files
+#[derive(Debug, PartialEq, Eq, Clone)]
+pub struct CertsAndKeys {
+  pub certs: Vec<Certificate>,
+  pub cert_keys: Vec<PrivateKey>,
+  pub client_ca_certs: Option<Vec<Certificate>>,
+}
+
+#[async_trait]
+// Trait to read certs and keys anywhere from KVS, file, sqlite, etc.
+pub trait ReadCerts {
+  type Error;
+  async fn read_crypto_source(&self) -> Result<CertsAndKeys, Self::Error>;
+}
--- a/src/main.rs
+++ b/src/main.rs
@ -6,7 +6,8 @@ use tikv_jemallocator::Jemalloc;
 static GLOBAL: Jemalloc = Jemalloc;

 mod backend;
-mod cert_reader;
+mod cert_file_reader;
+mod certs;
 mod config;
 mod constants;
 mod error;
--- a/src/proxy/crypto_service.rs
+++ b/src/proxy/crypto_service.rs
@ -1,5 +1,6 @@
 use crate::{
-  cert_reader::read_certs_and_keys, // TODO: Trait defining read_certs_and_keys and add struct implementing the trait to backend when build backend
+  cert_file_reader::read_certs_and_keys, // TODO: Trait defining read_certs_and_keys and add struct implementing the trait to backend when build backend
+  certs::CertsAndKeys,
  globals::Globals,
  log::*,
  utils::ServerNameBytesExp,
@ -10,7 +11,7 @@ use rustc_hash::{FxHashMap as HashMap, FxHashSet as HashSet};
 use rustls::{
  server::ResolvesServerCertUsingSni,
  sign::{any_supported_type, CertifiedKey},
-  Certificate, OwnedTrustAnchor, PrivateKey, RootCertStore, ServerConfig,
+  OwnedTrustAnchor, RootCertStore, ServerConfig,
 };
 use std::{io, sync::Arc};
 use x509_parser::prelude::*;
@ -21,14 +22,6 @@ pub struct CryptoReloader {
  globals: Arc<Globals>,
 }

-/// Certificates and private keys in rustls loaded from files
-#[derive(Debug, PartialEq, Eq, Clone)]
-pub struct CertsAndKeys {
-  pub certs: Vec<Certificate>,
-  pub cert_keys: Vec<PrivateKey>,
-  pub client_ca_certs: Option<Vec<Certificate>>,
-}
-
 pub type SniServerCryptoMap = HashMap<ServerNameBytesExp, Arc<ServerConfig>>;
 pub struct ServerCrypto {
  // For Quic/HTTP3, only servers with no client authentication
--- a/src/proxy/mod.rs
+++ b/src/proxy/mod.rs
@ -5,5 +5,4 @@ mod proxy_h3;
 mod proxy_main;
 mod proxy_tls;

-pub use crypto_service::CertsAndKeys;
 pub use proxy_main::{Proxy, ProxyBuilder, ProxyBuilderError};