Added ability to specify SSL certificate in DER format (fixes #67).
This commit is contained in:
parent
c0af567258
commit
254f5bb048
2 changed files with 20 additions and 2 deletions
|
@ -1,5 +1,7 @@
|
||||||
//! A module providing IRC connections for use by `IrcServer`s.
|
//! A module providing IRC connections for use by `IrcServer`s.
|
||||||
|
use std::fs::File;
|
||||||
use std::{fmt, io};
|
use std::{fmt, io};
|
||||||
|
use std::io::Read;
|
||||||
use error;
|
use error;
|
||||||
use client::data::Config;
|
use client::data::Config;
|
||||||
use client::transport::{IrcTransport, LogView, Logged};
|
use client::transport::{IrcTransport, LogView, Logged};
|
||||||
|
@ -7,7 +9,7 @@ use proto::{IrcCodec, Message};
|
||||||
use encoding::{EncoderTrap};
|
use encoding::{EncoderTrap};
|
||||||
use encoding::label::encoding_from_whatwg_label;
|
use encoding::label::encoding_from_whatwg_label;
|
||||||
use futures::{Async, Poll, Future, Sink, StartSend, Stream};
|
use futures::{Async, Poll, Future, Sink, StartSend, Stream};
|
||||||
use native_tls::TlsConnector;
|
use native_tls::{Certificate, TlsConnector};
|
||||||
use tokio_core::reactor::Handle;
|
use tokio_core::reactor::Handle;
|
||||||
use tokio_core::net::{TcpStream, TcpStreamNew};
|
use tokio_core::net::{TcpStream, TcpStreamNew};
|
||||||
use tokio_io::AsyncRead;
|
use tokio_io::AsyncRead;
|
||||||
|
@ -103,7 +105,16 @@ impl Connection {
|
||||||
Ok(ConnectionFuture::Mock(config))
|
Ok(ConnectionFuture::Mock(config))
|
||||||
} else if config.use_ssl() {
|
} else if config.use_ssl() {
|
||||||
let domain = format!("{}:{}", config.server(), config.port());
|
let domain = format!("{}:{}", config.server(), config.port());
|
||||||
let connector = TlsConnector::builder()?.build()?;
|
let mut builder = TlsConnector::builder()?;
|
||||||
|
if let Some(cert_path) = config.cert_path() {
|
||||||
|
let mut file = File::open(cert_path)?;
|
||||||
|
let mut cert_data = vec![];
|
||||||
|
file.read_to_end(&mut cert_data)?;
|
||||||
|
let cert = Certificate::from_der(&cert_data)?;
|
||||||
|
builder.add_root_certificate(cert)?;
|
||||||
|
println!("Added {} to trusted certificates.", cert_path);
|
||||||
|
}
|
||||||
|
let connector = builder.build()?;
|
||||||
let stream = TcpStream::connect(&config.socket_addr(), handle)
|
let stream = TcpStream::connect(&config.socket_addr(), handle)
|
||||||
.map_err(|e| {
|
.map_err(|e| {
|
||||||
let res: error::Error = e.into();
|
let res: error::Error = e.into();
|
||||||
|
|
|
@ -33,6 +33,8 @@ pub struct Config {
|
||||||
/// Whether or not to use SSL.
|
/// Whether or not to use SSL.
|
||||||
/// Clients will automatically panic if this is enabled without SSL support.
|
/// Clients will automatically panic if this is enabled without SSL support.
|
||||||
pub use_ssl: Option<bool>,
|
pub use_ssl: Option<bool>,
|
||||||
|
/// The path to the SSL certificate for this server in DER format.
|
||||||
|
pub cert_path: Option<String>,
|
||||||
/// The encoding type used for this connection.
|
/// The encoding type used for this connection.
|
||||||
/// This is typically UTF-8, but could be something else.
|
/// This is typically UTF-8, but could be something else.
|
||||||
pub encoding: Option<String>,
|
pub encoding: Option<String>,
|
||||||
|
@ -176,6 +178,11 @@ impl Config {
|
||||||
self.use_ssl.as_ref().cloned().unwrap_or(false)
|
self.use_ssl.as_ref().cloned().unwrap_or(false)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Gets the path to the SSL certificate in DER format if specified.
|
||||||
|
pub fn cert_path(&self) -> Option<&str> {
|
||||||
|
self.cert_path.as_ref().map(|s| &s[..])
|
||||||
|
}
|
||||||
|
|
||||||
/// Gets the encoding to use for this connection. This requires the encode feature to work.
|
/// Gets the encoding to use for this connection. This requires the encode feature to work.
|
||||||
/// This defaults to UTF-8 when not specified.
|
/// This defaults to UTF-8 when not specified.
|
||||||
pub fn encoding(&self) -> &str {
|
pub fn encoding(&self) -> &str {
|
||||||
|
|
Loading…
Reference in a new issue