1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
use crate::context::ctx;
use crate::R;
use std::sync::Arc;
pub const DEFAULT_IDLE_TIMEOUT_MSEC: u64 = 30_000;
pub const DEFAULT_KEEP_ALIVE_INTERVAL_MSEC: u32 = 10_000;
pub fn new_client_cfg(peer_cert_der: &[u8]) -> R<quinn::ClientConfig> {
let peer_cert = quinn::Certificate::from_der(peer_cert_der)?;
let mut peer_cfg_builder = {
let mut client_cfg = quinn::ClientConfig::default();
client_cfg.transport = Arc::new(new_transport_cfg(None, None));
quinn::ClientConfigBuilder::new(client_cfg)
};
let _ = peer_cfg_builder.add_certificate_authority(peer_cert)?;
Ok(peer_cfg_builder.build())
}
pub fn new_our_cfg(
idle_timeout_msec: u64,
keep_alive_interval_msec: u32,
our_cert: quinn::Certificate,
our_key: quinn::PrivateKey,
) -> R<quinn::ServerConfig> {
let mut our_cfg_builder = {
let mut our_cfg = quinn::ServerConfig::default();
our_cfg.transport = Arc::new(new_transport_cfg(
Some(idle_timeout_msec),
Some(keep_alive_interval_msec),
));
quinn::ServerConfigBuilder::new(our_cfg)
};
let _ = our_cfg_builder
.certificate(quinn::CertificateChain::from_certs(vec![our_cert]), our_key)?
.use_stateless_retry(true);
Ok(our_cfg_builder.build())
}
fn new_transport_cfg(
idle_timeout_msec: Option<u64>,
keep_alive_interval_msec: Option<u32>,
) -> quinn::TransportConfig {
let mut transport_cfg = quinn::TransportConfig::default();
transport_cfg.idle_timeout = idle_timeout_msec.unwrap_or_else(|| ctx(|c| c.idle_timeout_msec));
transport_cfg.keep_alive_interval =
keep_alive_interval_msec.unwrap_or_else(|| ctx(|c| c.keep_alive_interval_msec));
transport_cfg
}