pub struct TlsState {
pub intercept_ca: CertAuthority,
pub connector: TlsConnector,
pub config: TlsConfig,
pub secrets: SecretsConfig,
/* private fields */
}Expand description
Shared TLS interception state.
Holds the CA, per-domain certificate cache, upstream TLS connectors,
and configuration. Shared across all TLS proxy tasks via Arc.
Fields§
§intercept_ca: CertAuthorityInterception CA for signing per-domain certs presented to the guest.
connector: TlsConnectorDefault TLS connector for upstream (real server) connections.
config: TlsConfigTLS configuration.
secrets: SecretsConfigSecrets configuration for placeholder substitution.
Implementations§
Source§impl TlsState
impl TlsState
Sourcepub fn new(config: TlsConfig, secrets: SecretsConfig) -> Self
pub fn new(config: TlsConfig, secrets: SecretsConfig) -> Self
Create TLS state from configuration.
CA resolution order:
- User-provided paths (
config.intercept_ca.cert_path+config.intercept_ca.key_path) - Microsandbox home TLS path (
$MSB_HOME/tlsor~/.microsandbox/tls) - Auto-generate and persist to the microsandbox home TLS path
Sourcepub fn get_or_generate_cert(
&self,
domain: &str,
) -> Result<Arc<DomainCert>, DomainCertError>
pub fn get_or_generate_cert( &self, domain: &str, ) -> Result<Arc<DomainCert>, DomainCertError>
Get or generate a certificate for the given domain.
Sourcepub fn should_bypass(&self, sni: &str) -> bool
pub fn should_bypass(&self, sni: &str) -> bool
Check if a domain should bypass TLS interception.
Sourcepub fn upstream_connector_for(&self, sni: &str) -> &TlsConnector
pub fn upstream_connector_for(&self, sni: &str) -> &TlsConnector
Select the upstream connector for the given server name.
Sourcepub fn ca_cert_pem(&self) -> Vec<u8> ⓘ
pub fn ca_cert_pem(&self) -> Vec<u8> ⓘ
Get the CA certificate PEM bytes for guest installation.
Auto Trait Implementations§
impl !Freeze for TlsState
impl !RefUnwindSafe for TlsState
impl !UnwindSafe for TlsState
impl Send for TlsState
impl Sync for TlsState
impl Unpin for TlsState
impl UnsafeUnpin for TlsState
Blanket Implementations§
Source§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
Source§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more