pueue-lib 0.31.0

The shared library to work with the Pueue client and daemon.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

//! Socket handling is platform specific code.
//!
//! The submodules of this module represent the different implementations for
//! each supported platform.
//! Depending on the target, the respective platform is read and loaded into this scope.

#[cfg(not(target_os = "windows"))]
use std::path::PathBuf;
use std::sync::Arc;

use async_trait::async_trait;
use rustls::{ClientConfig, RootCertStore, pki_types::CertificateDer};
use tokio::{
    io::{AsyncRead, AsyncWrite},
    net::TcpStream,
};
use tokio_rustls::TlsConnector;

use crate::error::Error;
#[cfg(feature = "settings")]
use crate::{settings::Shared, tls::load_certificate};

/// Shared socket logic
#[cfg_attr(not(target_os = "windows"), path = "unix.rs")]
#[cfg_attr(target_os = "windows", path = "windows.rs")]
mod platform;
pub use platform::*;

/// A new trait, which can be used to represent Unix- and TcpListeners. \
/// This is necessary to easily write generic functions where both types can be used.
#[async_trait]
pub trait Listener: Sync + Send {
    async fn accept<'a>(&'a self) -> Result<GenericStream, Error>;
}

/// Convenience type, so we don't have type write `Box<dyn Listener>` all the time.
pub type GenericListener = Box<dyn Listener>;
/// Convenience type, so we don't have type write `Box<dyn Stream>` all the time. \
/// This also prevents name collisions, since `Stream` is imported in many preludes.
pub type GenericStream = Box<dyn Stream>;

/// Describe how a client should connect to the daemon.
pub enum ConnectionSettings<'a> {
    #[cfg(not(target_os = "windows"))]
    UnixSocket { path: PathBuf },
    TlsTcpSocket {
        host: String,
        port: String,
        certificate: CertificateDer<'a>,
    },
}

/// Convenience conversion from [Shared] to [ConnectionSettings].
#[cfg(feature = "settings")]
impl TryFrom<Shared> for ConnectionSettings<'_> {
    type Error = crate::error::Error;

    fn try_from(value: Shared) -> Result<Self, Self::Error> {
        // Unix socket handling
        #[cfg(not(target_os = "windows"))]
        {
            if value.use_unix_socket {
                return Ok(ConnectionSettings::UnixSocket {
                    path: value.unix_socket_path()?,
                });
            }
        }

        let cert = load_certificate(&value.daemon_cert())?;
        Ok(ConnectionSettings::TlsTcpSocket {
            host: value.host,
            port: value.port,
            certificate: cert,
        })
    }
}

pub trait Stream: AsyncRead + AsyncWrite + Unpin + Send {}
impl Stream for tokio_rustls::server::TlsStream<TcpStream> {}
impl Stream for tokio_rustls::client::TlsStream<TcpStream> {}

/// Initialize our client [TlsConnector]. \
/// 1. Trust our own CA. ONLY our own CA.
/// 2. Set the client certificate and key
pub async fn get_tls_connector(cert: CertificateDer<'_>) -> Result<TlsConnector, Error> {
    // Only trust server-certificates signed with our own CA.
    let mut cert_store = RootCertStore::empty();
    cert_store.add(cert).map_err(|err| {
        Error::CertificateFailure(format!("Failed to build RootCertStore: {err}"))
    })?;

    let config: ClientConfig = ClientConfig::builder()
        .with_root_certificates(cert_store)
        .with_no_client_auth();

    Ok(TlsConnector::from(Arc::new(config)))
}