Struct ServerConfigProvider

Source

pub struct ServerConfigProvider { /* private fields */ }

Expand description

Holds the current ServerConfig and refreshes it from an async stream.

Internally uses ArcSwap<ServerConfig> to provide lock-free, atomic swaps of the active TLS configuration. Call get_config to obtain an Arc<ServerConfig> for acceptors or handshakes.

Liveness of the underlying stream can be checked via stream_healthy.

§Concurrency

Reads get_config() are wait-free and do not block updates. Updates occur on a background task that listens to the user-provided stream.

§Backoff & Recovery

When the stream ends or errors, the provider:

Marks itself unhealthy,
Rebuilds the stream via the builder,
Retries with exponential backoff starting at 10ms and capping at 10s,
Resets backoff after a successful re-establishment.

§Examples

let config_stream_builder =
    SpiffeServerConfigStream::builder(vec!["example.org".try_into().unwrap()]);
let config_provider = ServerConfigProvider::start(config_stream_builder)
    .await
    .unwrap();
let listener = tokio::net::TcpListener::bind("127.0.0.1:3000")
    .await
    .unwrap();

loop {
    let (stream, _) = listener.accept().await.unwrap();

    let acceptor =
        tokio_rustls::LazyConfigAcceptor::new(rustls::server::Acceptor::default(), stream);
    tokio::pin!(acceptor);

    let config_provider = config_provider.clone();
    match acceptor.as_mut().await {
        Ok(start) => {
            tokio::spawn(async move {
                if !config_provider.stream_healthy() {
                    warn!(
                        "config provider does not have healthy stream; TLS config may be out of date"
                    );
                }
                let config = config_provider.get_config();
                match start.into_stream(config).await {
                    Ok(stream) => { /* serve some app (e.g. hyper, tower, axum) */ },
                    Err(err) => { /* handle error */ }
                }
            })
        }
        Err(_) => { /* handle error */ }
    }
}

Implementations§

Source §

impl ServerConfigProvider

Source

pub async fn start(builder: B) -> Result<Arc<Self>, ServerConfigStreamError>
where B: ServerConfigStreamBuilder + Send + 'static,

Initializes the provider and spawn the background refresh task.

This awaits the first item from the builder’s stream to seed the internal configuration. It then spawns a task that continuously reads subsequent updates, atomically swapping them into place.

On stream failure or completion, the task attempts to rebuild the stream using exponential backoff (initial 10ms, max 10s, doubling).

Returns an Arc<ServerConfigProvider>

§Errors

ServerConfigStreamError::EmptyStream: the initial stream yielded no item.
ServerConfigStreamError::StreamBuilderError: building the stream failed.
ServerConfigStreamError variants wrapping errors from your builder or rustls.

Source

pub fn stream_healthy(&self) -> bool

Returns whether the stream is currently healthy.

This flag is set to false when the stream errors or ends, and set back to true after a successful rebuild.

Source

pub fn get_config(&self) -> Arc<ServerConfig>

Get the current ServerConfig.

This is a cheap, lock-free read that loads the internal ArcSwap<ServerConfig> into an Arc<ServerConfig> Callers can hold onto the returned Arc<ServerConfig> as long as needed; updates will affect future calls, not the already-held value.