parent
f2e10001c0
commit
e80a0f3a89
3 changed files with 28 additions and 1 deletions
|
@ -145,6 +145,8 @@ port = 6697
|
|||
password = ""
|
||||
use_ssl = true
|
||||
cert_path = "cert.der"
|
||||
client_cert_path = "client.der"
|
||||
client_cert_pass = "password"
|
||||
encoding = "UTF-8"
|
||||
channels = ["#rust", "#haskell", "#fake"]
|
||||
umodes = "+RB-x"
|
||||
|
|
|
@ -6,7 +6,7 @@ use std::io::Read;
|
|||
use encoding::EncoderTrap;
|
||||
use encoding::label::encoding_from_whatwg_label;
|
||||
use futures::{Async, Poll, Future, Sink, StartSend, Stream};
|
||||
use native_tls::{Certificate, TlsConnector};
|
||||
use native_tls::{Certificate, TlsConnector, Pkcs12};
|
||||
use tokio_core::reactor::Handle;
|
||||
use tokio_core::net::{TcpStream, TcpStreamNew};
|
||||
use tokio_io::AsyncRead;
|
||||
|
@ -135,6 +135,15 @@ impl Connection {
|
|||
builder.add_root_certificate(cert)?;
|
||||
info!("Added {} to trusted certificates.", cert_path);
|
||||
}
|
||||
if let Some(client_cert_path) = config.client_cert_path() {
|
||||
let client_cert_pass = config.client_cert_pass();
|
||||
let mut file = File::open(client_cert_path)?;
|
||||
let mut client_cert_data = vec![];
|
||||
file.read_to_end(&mut client_cert_data)?;
|
||||
let pkcs12_archive = Pkcs12::from_der(&client_cert_data, &client_cert_pass)?;
|
||||
builder.identity(pkcs12_archive)?;
|
||||
info!("Using {} for client certificate authentication.", client_cert_path);
|
||||
}
|
||||
let connector = builder.build()?;
|
||||
let stream = Box::new(TcpStream::connect(&config.socket_addr()?, handle).map_err(|e| {
|
||||
let res: error::IrcError = e.into();
|
||||
|
|
|
@ -88,6 +88,10 @@ pub struct Config {
|
|||
pub use_ssl: Option<bool>,
|
||||
/// The path to the SSL certificate for this server in DER format.
|
||||
pub cert_path: Option<String>,
|
||||
/// The path to a SSL certificate to use for CertFP client authentication in DER format.
|
||||
pub client_cert_path: Option<String>,
|
||||
/// The password for the certificate to use in CertFP authentication.
|
||||
pub client_cert_pass: Option<String>,
|
||||
/// The encoding type used for this connection.
|
||||
/// This is typically UTF-8, but could be something else.
|
||||
pub encoding: Option<String>,
|
||||
|
@ -419,6 +423,16 @@ impl Config {
|
|||
self.cert_path.as_ref().map(|s| &s[..])
|
||||
}
|
||||
|
||||
/// Gets the path to the client authentication certificate in DER format if specified.
|
||||
pub fn client_cert_path(&self) -> Option<&str> {
|
||||
self.client_cert_path.as_ref().map(|s| &s[..])
|
||||
}
|
||||
|
||||
/// Gets the password to the client authentication certificate.
|
||||
pub fn client_cert_pass(&self) -> &str {
|
||||
self.client_cert_pass.as_ref().map_or("", |s| &s[..])
|
||||
}
|
||||
|
||||
/// Gets the encoding to use for this connection. This requires the encode feature to work.
|
||||
/// This defaults to UTF-8 when not specified.
|
||||
pub fn encoding(&self) -> &str {
|
||||
|
@ -557,6 +571,8 @@ mod test {
|
|||
port: Some(6667),
|
||||
use_ssl: Some(false),
|
||||
cert_path: None,
|
||||
client_cert_path: None,
|
||||
client_cert_pass: None,
|
||||
encoding: Some(format!("UTF-8")),
|
||||
channels: Some(vec![format!("#test"), format!("#test2")]),
|
||||
channel_keys: None,
|
||||
|
|
Loading…
Reference in a new issue