diff --git a/Cargo.toml b/Cargo.toml index c7eb933..737cd56 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "rustls-channel-resolver" description = "A simple single-cert channel-ish rustls resolver for live-reloading certificate files" -version = "0.1.0" +version = "0.2.0" license = "AGPL-3.0" authors = ["asonix "] repository = "https://git.asonix.dog/asonix/rustls-resolver" @@ -13,10 +13,10 @@ edition = "2021" [dependencies] nanorand = "0.7.0" -rustls = "0.21" +rustls = "0.22" [dev-dependencies] -actix-web = { version = "4.4.1", features = ["rustls-0_21"] } +actix-web = { version = "4.4.1", features = ["rustls-0_22"] } criterion = "0.5" rustls-pemfile = "2.0.0" tokio = { version = "1.35.1", features = ["fs"] } diff --git a/benches/parallel_access.rs b/benches/parallel_access.rs index 7c2d182..e3bf8bc 100644 --- a/benches/parallel_access.rs +++ b/benches/parallel_access.rs @@ -15,7 +15,6 @@ fn prepare_key() -> CertifiedKey { let certfile = std::fs::File::open("./out/example.crt").unwrap(); let mut reader = BufReader::new(certfile); let certs = rustls_pemfile::certs(&mut reader) - .map(|res| res.map(|c| rustls::Certificate(c.to_vec()))) .collect::, _>>() .unwrap(); @@ -23,9 +22,7 @@ fn prepare_key() -> CertifiedKey { let mut reader = BufReader::new(keyfile); let private_key = rustls_pemfile::private_key(&mut reader).unwrap().unwrap(); - let private_key = - rustls::sign::any_supported_type(&rustls::PrivateKey(Vec::from(private_key.secret_der()))) - .unwrap(); + let private_key = rustls::crypto::ring::sign::any_supported_type(&private_key).unwrap(); CertifiedKey::new(certs, private_key) } diff --git a/examples/demo.rs b/examples/demo.rs index 8a7bfc9..bc58391 100644 --- a/examples/demo.rs +++ b/examples/demo.rs @@ -29,12 +29,11 @@ async fn main() -> Result<(), Box> { }); let server_config = rustls::ServerConfig::builder() - .with_safe_defaults() .with_no_client_auth() .with_cert_resolver(rx); HttpServer::new(|| App::new().route("/", web::get().to(index))) - .bind_rustls_021("0.0.0.0:8443", server_config)? + .bind_rustls_0_22("0.0.0.0:8443", server_config)? .bind("0.0.0.0:8080")? .run() .await?; @@ -46,17 +45,14 @@ async fn main() -> Result<(), Box> { async fn read_key() -> Result, Box> { let cert_bytes = tokio::fs::read("./out/example.crt").await?; - let certs = rustls_pemfile::certs(&mut cert_bytes.as_slice()) - .map(|res| res.map(|c| rustls::Certificate(c.to_vec()))) - .collect::, _>>()?; + let certs = rustls_pemfile::certs(&mut cert_bytes.as_slice()).collect::, _>>()?; let key_bytes = tokio::fs::read("./out/example.key").await?; let Some(private_key) = rustls_pemfile::private_key(&mut key_bytes.as_slice())? else { return Ok(None); }; - let private_key = - rustls::sign::any_supported_type(&rustls::PrivateKey(Vec::from(private_key.secret_der())))?; + let private_key = rustls::crypto::ring::sign::any_supported_type(&private_key)?; Ok(Some(rustls::sign::CertifiedKey::new(certs, private_key))) } diff --git a/src/lib.rs b/src/lib.rs index 6e9190f..10f9315 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -128,6 +128,14 @@ impl ChannelResolver { } } +impl std::fmt::Debug for ChannelResolver { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + f.debug_struct("ChannelResolver") + .field("locks", &format!("[Lock; {SHARDS}]")) + .finish() + } +} + impl rustls::server::ResolvesServerCert for ChannelResolver { fn resolve(&self, _: rustls::server::ClientHello) -> Option> { Some(self.read())