1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#![doc(html_root_url = "https://docs.rs/tonic-openssl/0.1.0")]
#![warn(
missing_debug_implementations,
missing_docs,
rust_2018_idioms,
unreachable_pub
)]
use async_stream::try_stream;
use futures::{Stream, TryStream, TryStreamExt};
use openssl::ssl::SslAcceptor;
use std::{
fmt::Debug,
net::SocketAddr,
pin::Pin,
task::{Context, Poll},
};
use tokio::io::{AsyncRead, AsyncWrite};
use tonic::transport::{server::Connected, Certificate};
pub type Error = Box<dyn std::error::Error + Send + Sync + 'static>;
pub const ALPN_H2_WIRE: &[u8] = b"\x02h2";
pub fn incoming<S>(
incoming: S,
acceptor: SslAcceptor,
) -> impl Stream<Item = Result<SslStream<S::Ok>, Error>>
where
S: TryStream + Unpin,
S::Ok: AsyncRead + AsyncWrite + Send + Sync + Debug + Unpin + 'static,
S::Error: Into<crate::Error>,
{
let mut incoming = incoming;
try_stream! {
while let Some(stream) = incoming.try_next().await? {
let tls = tokio_openssl::accept(&acceptor, stream).await?;
let ssl = SslStream {
inner: tls
};
yield ssl;
}
}
}
#[derive(Debug)]
pub struct SslStream<S> {
inner: tokio_openssl::SslStream<S>,
}
impl<S: Connected> Connected for SslStream<S> {
fn remote_addr(&self) -> Option<SocketAddr> {
let tcp = self.inner.get_ref();
tcp.remote_addr()
}
fn peer_certs(&self) -> Option<Vec<Certificate>> {
let ssl = self.inner.ssl();
let certs = ssl.verified_chain()?;
let certs = certs
.iter()
.filter_map(|c| c.to_pem().ok())
.map(Certificate::from_pem)
.collect();
Some(certs)
}
}
impl<S> AsyncRead for SslStream<S>
where
S: AsyncRead + AsyncWrite + Unpin,
{
fn poll_read(
mut self: Pin<&mut Self>,
cx: &mut Context<'_>,
buf: &mut [u8],
) -> Poll<std::io::Result<usize>> {
Pin::new(&mut self.inner).poll_read(cx, buf)
}
}
impl<S> AsyncWrite for SslStream<S>
where
S: AsyncRead + AsyncWrite + Unpin,
{
fn poll_write(
mut self: Pin<&mut Self>,
cx: &mut Context<'_>,
buf: &[u8],
) -> Poll<std::io::Result<usize>> {
Pin::new(&mut self.inner).poll_write(cx, buf)
}
fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<std::io::Result<()>> {
Pin::new(&mut self.inner).poll_flush(cx)
}
fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<std::io::Result<()>> {
Pin::new(&mut self.inner).poll_shutdown(cx)
}
}