mailcrab 1.7.0

Email test server for development, written in Rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

use rcgen::{CertificateParams, DistinguishedName, DnType, KeyPair};
use rustls_pki_types::pem::PemObject;
use std::{io::BufReader, sync::Arc};
use tokio::fs;
use tokio_rustls::{
    TlsAcceptor,
    rustls::{
        self,
        pki_types::{CertificateDer, PrivateKeyDer, PrivatePkcs8KeyDer},
    },
};
use tracing::info;

use crate::error::Result;

const CERT_PATH: &str = "cert.pem";
const KEY_PATH: &str = "key.pem";

async fn load_certs<'a>() -> Option<Vec<CertificateDer<'a>>> {
    let pem_bytes = fs::read(CERT_PATH).await.ok()?;
    let mut reader = BufReader::new(&pem_bytes[..]);
    let certs: Vec<_> = CertificateDer::pem_reader_iter(&mut reader)
        .filter_map(|c| c.ok().map(|der| CertificateDer::from(der.to_vec())))
        .collect();

    if certs.is_empty() {
        None
    } else {
        info!(
            "Certificate loaded from disk:\n{}",
            String::from_utf8_lossy(&pem_bytes)
        );

        Some(certs)
    }
}

async fn load_key<'a>() -> Option<PrivatePkcs8KeyDer<'a>> {
    let pem_bytes = fs::read(KEY_PATH).await.ok()?;
    let mut reader = BufReader::new(&pem_bytes[..]);
    let der = PrivateKeyDer::from_pem_reader(&mut reader).ok()?;

    info!("Loaded key {KEY_PATH}");

    Some(PrivatePkcs8KeyDer::from(der.secret_der().to_vec()))
}

/// read or generate a certioficate + key for the SMTP server
pub(super) async fn create_tls_acceptor(name: &str) -> Result<TlsAcceptor> {
    let (certs, key) = match (load_certs().await, load_key().await) {
        (Some(cert), Some(key)) => (cert, key),
        _ => {
            info!("Generating self-signed certificate...");

            let mut cert_params = CertificateParams::default();
            let mut dis_name = DistinguishedName::new();
            dis_name.push(DnType::CommonName, name);
            cert_params.distinguished_name = dis_name;

            let key_pair = KeyPair::generate()?;
            let cert = cert_params.self_signed(&key_pair)?;

            fs::write(CERT_PATH, cert.pem()).await?;
            fs::write(KEY_PATH, key_pair.serialize_pem()).await?;

            info!("Certificate generated:\n{}", cert.pem());

            let cert = cert.der().clone();
            let key = PrivatePkcs8KeyDer::from(key_pair.serialize_der());

            (vec![cert], key)
        }
    };

    let config = rustls::ServerConfig::builder()
        .with_no_client_auth()
        .with_single_cert(certs, PrivateKeyDer::Pkcs8(key))?;

    info!("TLS configuration loaded");

    Ok(TlsAcceptor::from(Arc::new(config)))
}