Skip to content

Commit

Permalink
sui-http: provide peer certs via a PeerCertificates type
Browse files Browse the repository at this point in the history
  • Loading branch information
@bmwill
bmwill committed Jan 6, 2025
1 parent 8ba5956 commit 1f55d11
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 13 deletions.
25 changes: 13 additions & 12 deletions crates/sui-http/src/connection_info.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,15 @@ pub type ConnectionId = usize;
#[derive(Debug)]
pub struct ConnectionInfo<A>(Arc<Inner<A>>);

#[derive(Clone, Debug)]
pub struct PeerCertificates(Arc<Vec<tokio_rustls::rustls::pki_types::CertificateDer<'static>>>);

impl PeerCertificates {
pub fn peer_certs(&self) -> &[tokio_rustls::rustls::pki_types::CertificateDer<'static>] {
self.0.as_ref()
}
}

impl<A> ConnectionInfo<A> {
pub(crate) fn new(
address: A,
Expand All @@ -22,7 +31,7 @@ impl<A> ConnectionInfo<A> {
Self(Arc::new(Inner {
address,
time_established: std::time::Instant::now(),
peer_certificates,
peer_certificates: peer_certificates.map(PeerCertificates),
graceful_shutdown_token,
}))
}
Expand All @@ -37,16 +46,8 @@ impl<A> ConnectionInfo<A> {
self.0.time_established
}

pub fn peer_certificates(
&self,
) -> Option<&[tokio_rustls::rustls::pki_types::CertificateDer<'static>]> {
self.0.peer_certificates.as_deref().map(AsRef::as_ref)
}

pub(crate) fn peer_certs_owned(
&self,
) -> Option<Arc<Vec<tokio_rustls::rustls::pki_types::CertificateDer<'static>>>> {
self.0.peer_certificates.clone()
pub fn peer_certificates(&self) -> Option<&PeerCertificates> {
self.0.peer_certificates.as_ref()
}

/// A stable identifier for this connection
Expand All @@ -67,7 +68,7 @@ struct Inner<A = std::net::SocketAddr> {
// Time that the connection was established
time_established: std::time::Instant,

peer_certificates: Option<Arc<Vec<tokio_rustls::rustls::pki_types::CertificateDer<'static>>>>,
peer_certificates: Option<PeerCertificates>,
graceful_shutdown_token: tokio_util::sync::CancellationToken,
}

Expand Down
3 changes: 2 additions & 1 deletion crates/sui-http/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ pub use listener::ListenerExt;
pub use connection_info::ConnectInfo;
pub use connection_info::ConnectionId;
pub use connection_info::ConnectionInfo;
pub use connection_info::PeerCertificates;

pub(crate) type BoxError = Box<dyn std::error::Error + Send + Sync>;
/// h2 alpn in plain format for rustls.
Expand Down Expand Up @@ -310,7 +311,7 @@ where
local_addr: self.local_addr.clone(),
remote_addr: connection_info.remote_address().clone(),
};
let peer_certificates = connection_info.peer_certs_owned();
let peer_certificates = connection_info.peer_certificates().cloned();
let hyper_io = hyper_util::rt::TokioIo::new(io);

let hyper_svc = TowerToHyperService::new(self.service.clone().map_request(
Expand Down

0 comments on commit 1f55d11

Please sign in to comment.