rustls-config-stream 0.2.0

Async stream backed Rustls ServerConfig and ClientConfig providers for cert/root hot-reload
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

# rustls-config-stream

[![Crates.io Version](https://img.shields.io/crates/v/rustls-config-stream)](https://crates.io/crates/rustls-config-stream)
[![Tests](https://github.com/dsykes16/rustls-config-stream/actions/workflows/test.yml/badge.svg)](https://github.com/dsykes16/rustls-config-stream/actions/workflows/test.yml)
[![codecov](https://codecov.io/gh/dsykes16/rustls-config-stream/graph/badge.svg?token=SJFGDZMV3J)](https://codecov.io/gh/dsykes16/rustls-config-stream)
[![Crates.io License](https://img.shields.io/crates/l/rustls-config-stream)](https://github.com/dsykes16/rustls-config-stream/blob/main/LICENSE)
[![dependency status](https://deps.rs/repo/github/dsykes16/rustls-config-stream/status.svg)](https://deps.rs/repo/github/dsykes16/rustls-config-stream)
[![CodeFactor](https://www.codefactor.io/repository/github/dsykes16/rustls-config-stream/badge)](https://www.codefactor.io/repository/github/dsykes16/rustls-config-stream)

[`rustls::ServerConfig`] and [`rustls::ClientConfig`] providers backed async streams.

This module exposes a [`ServerConfigProvider`] and [`ClientConfigProvider`].
Both function identically, holding the current config in an
[`ArcSwap`](arc_swap::ArcSwap), providing a `get_config()` method to load the
current config as a standard [`Arc`](std::sync::Arc), and storing a new config
when it arrives from a user-supplied stream via a [`ServerConfigStreamBuilder`]
or [`ClientConfigStreamBuilder`].

The background task performs exponential backoff (10ms -> 10s, doubling)
when the stream fails, and attempts to re-create the stream via the builder.

## Usage

- Implement [`ServerConfigStreamBuilder`] to produce a stream of fresh
  `ServerConfig` instances (e.g. reading from disk, a secret store, or
  watching a certificate manager).
- Start the provider with [`ServerConfigProvider::start`].
- Use [`ServerConfigProvider::get_config`] wherever you need the current
  config (e.g. inside an acceptor loop).
- Optionally monitor liveness via [`ServerConfigProvider::stream_healthy`].
- [`ClientConfigProvider`] works identically, only for [`rustls::ClientConfig`]
  instead of [`rustls::ServerConfig`].

## Tracing

If the `tracing` feature is enabled, the provider will emit diagnostics
(debug/info/error) about updates and reconnection attempts.