Skip to main content

SharedTlsProfiles

dynomite::net::tls

Struct SharedTlsProfiles

pub struct SharedTlsProfiles { /* private fields */ }

Expand description

Reloadable wrapper around TlsProfileMap.

Holds an Arc<parking_lot::RwLock<TlsProfileMap>> so the inbound listener (via Self::build_sni_acceptor) and every outbound peer supervisor can pick up cert / key / CA changes without rebinding sockets or rebuilding their tokio_rustls::TlsAcceptor. The resolver returned by Self::build_sni_acceptor reads the inner map on every handshake.

Clone is Arc-cheap.

§Examples

use std::collections::BTreeMap;
use dynomite::net::tls::{SharedTlsProfiles, TlsProfileMap};
let map = TlsProfileMap::build(None, BTreeMap::new()).unwrap();
let shared = SharedTlsProfiles::from_map(map);
assert!(shared.is_empty());

Implementations§

impl SharedTlsProfiles

pub fn from_map(map: TlsProfileMap) -> Self

Wrap an existing TlsProfileMap in a shared cell.

pub fn replace(&self, map: TlsProfileMap)

Atomically replace the inner profile map.

Subsequent handshakes (and outbound dials that consult Self::client_config_for_dc) observe the new material; already-negotiated TLS sessions are not affected.

pub fn is_empty(&self) -> bool

True when the wrapped map is empty (peer plane plaintext).

pub fn client_config_for_dc(&self, dc: &str) -> Option<Arc<ClientConfig>>

Per-DC client config, with the legacy default as fallback. Reads the inner map at call time.

pub fn requires_client_auth(&self) -> bool

True when at least one wrapped profile pins a CA bundle.

pub fn dc_names(&self) -> Vec<String>

Names of the DCs with explicit per-DC entries (sorted).

pub fn build_sni_acceptor(&self) -> Result<Option<TlsAcceptor>, TlsError>

Build a SIGHUP-aware tokio_rustls::TlsAcceptor.

The acceptor’s underlying ServerConfig holds a resolver that re-reads the wrapped Arc<parking_lot::RwLock<TlsProfileMap>> on every handshake, so Self::replace takes effect on the next inbound connection without rebinding the listener.

Returns None when the inner map is empty (caller stays plaintext).

§Errors

Returns TlsError::Rustls when rustls rejects the assembled root store or the verifier (e.g. a CA cert the loader missed).

Trait Implementations§

impl Clone for SharedTlsProfiles

fn clone(&self) -> SharedTlsProfiles

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for SharedTlsProfiles

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Default for SharedTlsProfiles

fn default() -> SharedTlsProfiles

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for SharedTlsProfiles

impl !RefUnwindSafe for SharedTlsProfiles

impl Send for SharedTlsProfiles

impl Sync for SharedTlsProfiles

impl Unpin for SharedTlsProfiles

impl UnsafeUnpin for SharedTlsProfiles

impl !UnwindSafe for SharedTlsProfiles

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> FutureExt for T

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
where ST: ?Sized, DT: ?Sized,

impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
where ST: ?Sized, DT: ?Sized,

impl<T> Read<Exclusive, BecauseExclusive> for T
where T: ?Sized,