tokio_rustls_acme2/
acceptor.rs

1use crate::acme::ACME_TLS_ALPN_NAME;
2use crate::{crypto_provider, is_tls_alpn_challenge, ResolvesServerCertAcme};
3use core::fmt;
4use std::future::Future;
5use std::io;
6use std::pin::Pin;
7use std::sync::Arc;
8use std::task::{Context, Poll};
9use tokio::io::{AsyncRead, AsyncWrite};
10use tokio_rustls::rustls::server::Acceptor;
11use tokio_rustls::rustls::ServerConfig;
12use tokio_rustls::{Accept, LazyConfigAcceptor, StartHandshake};
13
14#[derive(Clone)]
15pub struct AcmeAcceptor {
16    config: Arc<ServerConfig>,
17}
18
19impl AcmeAcceptor {
20    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
21    #[deprecated(note = "please use high-level API via `AcmeState::incoming()` instead or refer to updated low-level API examples")]
22    pub(crate) fn new(resolver: Arc<ResolvesServerCertAcme>) -> Self {
23        let mut config = ServerConfig::builder_with_provider(crypto_provider().into())
24            .with_safe_default_protocol_versions()
25            .unwrap()
26            .with_no_client_auth()
27            .with_cert_resolver(resolver.clone());
28        config.alpn_protocols.push(ACME_TLS_ALPN_NAME.to_vec());
29        Self { config: Arc::new(config) }
30    }
31    pub fn accept<IO: AsyncRead + AsyncWrite + Unpin>(&self, io: IO) -> AcmeAccept<IO> {
32        AcmeAccept::new(io, self.config.clone())
33    }
34}
35
36impl fmt::Debug for AcmeAcceptor {
37    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
38        f.debug_struct("AcmeAcceptor").finish_non_exhaustive()
39    }
40}
41
42pub struct AcmeAccept<IO: AsyncRead + AsyncWrite + Unpin> {
43    acceptor: LazyConfigAcceptor<IO>,
44    config: Arc<ServerConfig>,
45    validation_accept: Option<Accept<IO>>,
46}
47
48impl<IO: AsyncRead + AsyncWrite + Unpin> AcmeAccept<IO> {
49    pub(crate) fn new(io: IO, config: Arc<ServerConfig>) -> Self {
50        Self {
51            acceptor: LazyConfigAcceptor::new(Acceptor::default(), io),
52            config,
53            validation_accept: None,
54        }
55    }
56}
57
58impl<IO: AsyncRead + AsyncWrite + Unpin> Future for AcmeAccept<IO> {
59    type Output = io::Result<Option<StartHandshake<IO>>>;
60
61    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
62        loop {
63            if let Some(validation_accept) = &mut self.validation_accept {
64                return match Pin::new(validation_accept).poll(cx) {
65                    Poll::Ready(Ok(_)) => Poll::Ready(Ok(None)),
66                    Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
67                    Poll::Pending => Poll::Pending,
68                };
69            }
70
71            return match Pin::new(&mut self.acceptor).poll(cx) {
72                Poll::Ready(Ok(handshake)) => {
73                    if is_tls_alpn_challenge(&handshake.client_hello()) {
74                        self.validation_accept = Some(handshake.into_stream(self.config.clone()));
75                        continue;
76                    }
77                    Poll::Ready(Ok(Some(handshake)))
78                }
79                Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
80                Poll::Pending => Poll::Pending,
81            };
82        }
83    }
84}
tokio_rustls_acme2/acceptor.rs

tokio_rustls_acme2/
acceptor.rs
