Merge branch 'odin' of git.hitchhiker-linux.org:jeang3nie/dory into odin
This commit is contained in:
commit
60a8e74af3
4 changed files with 41 additions and 10 deletions
|
@ -1,14 +1,14 @@
|
||||||
use super::verifier::Verifier;
|
use super::{Verifier, FingerPrintStore};
|
||||||
use crate::prelude::CertificateStore;
|
use rustls::ServerConfig;
|
||||||
use std::net::TcpStream;
|
use std::{net::TcpStream, sync::Arc};
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Builder<S: CertificateStore> {
|
pub struct Builder<S: FingerPrintStore> {
|
||||||
pub stream: Option<TcpStream>,
|
pub stream: Option<TcpStream>,
|
||||||
pub verifier: Option<Verifier<S>>,
|
pub verifier: Option<Verifier<S>>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<S: CertificateStore> Default for Builder<S> {
|
impl<S: FingerPrintStore> Default for Builder<S> {
|
||||||
fn default() -> Self {
|
fn default() -> Self {
|
||||||
Self {
|
Self {
|
||||||
stream: None,
|
stream: None,
|
||||||
|
@ -17,7 +17,7 @@ impl<S: CertificateStore> Default for Builder<S> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<S: CertificateStore> Builder<S> {
|
impl<S: FingerPrintStore + 'static> Builder<S> {
|
||||||
pub fn new() -> Self {
|
pub fn new() -> Self {
|
||||||
Self::default()
|
Self::default()
|
||||||
}
|
}
|
||||||
|
@ -32,7 +32,12 @@ impl<S: CertificateStore> Builder<S> {
|
||||||
self
|
self
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn build(self) -> super::Connection {
|
pub fn build(self) -> Result<super::Connection, rustls::Error> {
|
||||||
|
let cfg = ServerConfig::builder()
|
||||||
|
.with_safe_default_cipher_suites()
|
||||||
|
.with_safe_default_kx_groups()
|
||||||
|
.with_safe_default_protocol_versions()?
|
||||||
|
.with_client_cert_verifier(Arc::new(self.verifier.unwrap()));
|
||||||
todo!()
|
todo!()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1,2 @@
|
||||||
|
#[derive(Debug)]
|
||||||
|
pub struct Error;
|
||||||
|
|
|
@ -2,6 +2,8 @@ pub mod builder;
|
||||||
pub mod error;
|
pub mod error;
|
||||||
pub mod verifier;
|
pub mod verifier;
|
||||||
|
|
||||||
|
pub use self::{builder::Builder, error::Error, verifier::{FingerPrintStore, Verifier}};
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Connection {
|
pub struct Connection {
|
||||||
pub inner: rustls::ServerConnection,
|
pub inner: rustls::ServerConnection,
|
||||||
|
|
|
@ -1,7 +1,30 @@
|
||||||
use crate::prelude::CertificateStore;
|
use rustls::server::ClientCertVerifier;
|
||||||
|
|
||||||
|
use crate::{prelude::CertificateStore, mailuser::Mailuser};
|
||||||
use std::sync::Mutex;
|
use std::sync::Mutex;
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Verifier<S: CertificateStore> {
|
pub struct Verifier<S: FingerPrintStore> {
|
||||||
pub store: Mutex<S>,
|
pub store: Mutex<S>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub trait FingerPrintStore: Send + Sync {
|
||||||
|
fn get_mailuser(&self, fingerprint: &str) -> Option<Mailuser>;
|
||||||
|
fn insert_mailuser(&mut self, fingerprint: &str, user: &str) -> Option<Mailuser>;
|
||||||
|
fn contains_mailuser(&self, fingerprint: &str) -> bool;
|
||||||
|
}
|
||||||
|
|
||||||
|
impl<S: FingerPrintStore> ClientCertVerifier for Verifier<S> {
|
||||||
|
fn client_auth_root_subjects(&self) -> &[rustls::DistinguishedName] {
|
||||||
|
todo!()
|
||||||
|
}
|
||||||
|
|
||||||
|
fn verify_client_cert(
|
||||||
|
&self,
|
||||||
|
end_entity: &rustls::Certificate,
|
||||||
|
intermediates: &[rustls::Certificate],
|
||||||
|
now: std::time::SystemTime,
|
||||||
|
) -> Result<rustls::server::ClientCertVerified, rustls::Error> {
|
||||||
|
todo!()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue