sigul_pesign_bridge/
lib.rs

1// SPDX-License-Identifier: MIT
2// Copyright (c) Microsoft Corporation.
3
4#![doc = include_str!("../README.md")]
5
6#[doc(hidden)]
7pub mod cli;
8pub mod config;
9pub(crate) mod pesign;
10mod service;
11
12use std::path::PathBuf;
13
14use anyhow::Context as AnyhowContext;
15#[doc(hidden)]
16pub use service::listen;
17
18/// Unifying structure for the CLI options and configuration file.
19#[derive(Debug, Clone)]
20#[doc(hidden)]
21pub struct Context {
22    pub(crate) runtime_directory: PathBuf,
23    pub(crate) config: config::Config,
24    pub(crate) sigul_client: siguldry::v1::client::Client,
25}
26
27impl Context {
28    pub fn new(config: config::Config, runtime_directory: PathBuf) -> anyhow::Result<Self> {
29        // if multiple runtime directories were provided, we don't know which to use so panic for now.
30        if runtime_directory
31            .to_str()
32            .ok_or(anyhow::anyhow!(
33                "runtime_directory must be valid unicode characters"
34            ))?
35            .contains(':')
36        {
37            return Err(anyhow::anyhow!(
38                "Multiple RuntimeDirectories are not supported"
39            ));
40        }
41
42        let tls_config = siguldry::v1::client::TlsConfig::new(
43            &config.sigul.client_certificate,
44            &config.sigul.private_key,
45            None, // The expectation is the key is encrypted via systemd
46            &config.sigul.ca_certificate,
47        )
48        .context("Failed to create OpenSSL TLS configuration")?;
49        let sigul_client = siguldry::v1::client::Client::new(
50            tls_config,
51            config.sigul.bridge_hostname.clone(),
52            config.sigul.bridge_port,
53            config.sigul.server_hostname.clone(),
54            config.sigul.sigul_user_name.clone(),
55        );
56
57        Ok(Self {
58            runtime_directory,
59            config,
60            sigul_client,
61        })
62    }
63}