refactor: move trait SelfsignedCertVerifier and all related to mod.rs
This commit is contained in:
parent
c6567beed7
commit
700981a5e3
5 changed files with 30 additions and 23 deletions
|
@ -5,7 +5,7 @@ use tokio::io::AsyncBufReadExt;
|
||||||
use tokio_gemini::certs::{
|
use tokio_gemini::certs::{
|
||||||
fingerprint::{self, generate_fingerprint},
|
fingerprint::{self, generate_fingerprint},
|
||||||
insecure::AllowAllCertVerifier,
|
insecure::AllowAllCertVerifier,
|
||||||
verifier::{SelfsignedCert, SelfsignedCertVerifier},
|
SelfsignedCert, SelfsignedCertVerifier,
|
||||||
};
|
};
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -147,9 +147,9 @@ impl CertVerifier {
|
||||||
impl SelfsignedCertVerifier for CertVerifier {
|
impl SelfsignedCertVerifier for CertVerifier {
|
||||||
fn verify(
|
fn verify(
|
||||||
&self,
|
&self,
|
||||||
cert: &tokio_gemini::certs::verifier::CertificateDer,
|
cert: &tokio_gemini::certs::CertificateDer,
|
||||||
host: &str,
|
host: &str,
|
||||||
_now: tokio_gemini::certs::verifier::UnixTime,
|
_now: tokio_gemini::certs::UnixTime,
|
||||||
) -> Result<bool, tokio_rustls::rustls::Error> {
|
) -> Result<bool, tokio_rustls::rustls::Error> {
|
||||||
if let Some(known_cert) = self.map.get(host) {
|
if let Some(known_cert) = self.map.get(host) {
|
||||||
// if host is found in known_hosts, compare certs
|
// if host is found in known_hosts, compare certs
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use tokio_gemini::{
|
use tokio_gemini::{
|
||||||
certs::{
|
certs::{
|
||||||
fingerprint::{generate_fingerprint, Algorithm},
|
fingerprint::{generate_fingerprint, Algorithm},
|
||||||
verifier::SelfsignedCertVerifier,
|
SelfsignedCertVerifier,
|
||||||
},
|
},
|
||||||
Client, LibError,
|
Client, LibError,
|
||||||
};
|
};
|
||||||
|
@ -38,9 +38,9 @@ struct CertVerifier;
|
||||||
impl SelfsignedCertVerifier for CertVerifier {
|
impl SelfsignedCertVerifier for CertVerifier {
|
||||||
fn verify(
|
fn verify(
|
||||||
&self,
|
&self,
|
||||||
cert: &tokio_gemini::certs::verifier::CertificateDer,
|
cert: &tokio_gemini::certs::CertificateDer,
|
||||||
host: &str,
|
host: &str,
|
||||||
_now: tokio_gemini::certs::verifier::UnixTime,
|
_now: tokio_gemini::certs::UnixTime,
|
||||||
) -> Result<bool, tokio_rustls::rustls::Error> {
|
) -> Result<bool, tokio_rustls::rustls::Error> {
|
||||||
// For real verification example with known_hosts file
|
// For real verification example with known_hosts file
|
||||||
// see examples/main.rs
|
// see examples/main.rs
|
||||||
|
|
|
@ -1,3 +1,23 @@
|
||||||
pub mod fingerprint;
|
pub mod fingerprint;
|
||||||
pub mod insecure;
|
pub mod insecure;
|
||||||
pub mod verifier;
|
|
||||||
|
pub(crate) mod verifier;
|
||||||
|
|
||||||
|
pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
|
||||||
|
|
||||||
|
use tokio_rustls::rustls;
|
||||||
|
|
||||||
|
pub trait SelfsignedCertVerifier: Send + Sync {
|
||||||
|
fn verify(
|
||||||
|
&self,
|
||||||
|
cert: &CertificateDer,
|
||||||
|
host: &str,
|
||||||
|
now: UnixTime,
|
||||||
|
) -> Result<bool, rustls::Error>;
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct SelfsignedCert {
|
||||||
|
pub algo: crate::certs::fingerprint::Algorithm,
|
||||||
|
pub fingerprint: String,
|
||||||
|
pub expires: u64,
|
||||||
|
}
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
use crate::certs::SelfsignedCertVerifier;
|
||||||
|
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
|
|
||||||
pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
|
pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
|
||||||
|
@ -7,21 +9,6 @@ use tokio_rustls::rustls::{
|
||||||
client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier},
|
client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier},
|
||||||
};
|
};
|
||||||
|
|
||||||
pub trait SelfsignedCertVerifier: Send + Sync {
|
|
||||||
fn verify(
|
|
||||||
&self,
|
|
||||||
cert: &CertificateDer,
|
|
||||||
host: &str,
|
|
||||||
now: UnixTime,
|
|
||||||
) -> Result<bool, rustls::Error>;
|
|
||||||
}
|
|
||||||
|
|
||||||
pub struct SelfsignedCert {
|
|
||||||
pub algo: super::fingerprint::Algorithm,
|
|
||||||
pub fingerprint: String,
|
|
||||||
pub expires: u64,
|
|
||||||
}
|
|
||||||
|
|
||||||
pub struct CustomCertVerifier {
|
pub struct CustomCertVerifier {
|
||||||
pub(crate) provider: Arc<rustls::crypto::CryptoProvider>,
|
pub(crate) provider: Arc<rustls::crypto::CryptoProvider>,
|
||||||
pub(crate) webpki_verifier: Option<Arc<rustls::client::WebPkiServerVerifier>>,
|
pub(crate) webpki_verifier: Option<Arc<rustls::client::WebPkiServerVerifier>>,
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
certs::verifier::{CustomCertVerifier, SelfsignedCertVerifier},
|
certs::{verifier::CustomCertVerifier, SelfsignedCertVerifier},
|
||||||
Client,
|
Client,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Add table
Reference in a new issue