1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
use openssl; use self::openssl::{ pkey::{PKey, Private}, ssl::{SslConnector, SslConnectorBuilder, SslMethod}, x509::X509, }; use crate::errors::*; use std::fmt; #[derive(Clone)] pub struct TlsConfig(SslConnector); pub struct TlsConfigBuilder(SslConnectorBuilder); impl TlsConfigBuilder { pub fn new() -> Result<TlsConfigBuilder, NatsError> { Ok(TlsConfigBuilder(SslConnector::builder(SslMethod::tls())?)) } pub fn add_root_certificate(&mut self, cert: X509) -> Result<&mut Self, NatsError> { self.0.cert_store_mut().add_cert(cert)?; Ok(self) } pub fn add_client_certificate( &mut self, cert: &X509, key: &PKey<Private>, ) -> Result<&mut Self, NatsError> { { let ctx = &mut self.0; ctx.set_certificate(cert)?; ctx.set_private_key(key)?; ctx.check_private_key()?; } Ok(self) } pub fn build(self) -> TlsConfig { TlsConfig(self.0.build()) } } impl TlsConfig { pub fn into_connector(self) -> SslConnector { self.0 } } impl fmt::Debug for TlsConfig { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "TlsConfig {{}}") } }