Skip to main content

ReloadableResolver

tako_rs_server

Struct ReloadableResolver 

Source 
pub struct ReloadableResolver { /* private fields */ }
Available on crate feature tls only.
Expand description

A ResolvesServerCert whose backing rustls::sign::CertifiedKey can be swapped at runtime via ReloadableResolver::reload_from_pem.

Backed by arc_swap::ArcSwap, the swap is atomic and lock-free on the hot path (one Arc clone per TLS handshake). Use it via TlsCert::resolver and keep the returned Arc so callers can trigger reloads from anywhere (file watcher, signal handler, admin endpoint, …).

§Example

use std::sync::Arc;
use tako_rs_server::{ReloadableResolver, Server, TlsCert};

let resolver = Arc::new(ReloadableResolver::from_pem("cert.pem", "key.pem")?);
let cert = TlsCert::resolver(resolver.clone());
let server = Server::builder().tls(cert).build();
// Later, after a cert rotation:
resolver.reload_from_pem("cert.pem", "key.pem")?;

Implementations§

Source§

impl ReloadableResolver

Source

pub fn from_pem(cert_path: &str, key_path: &str) -> Result<Self>

Construct from on-disk PEM files.

Source

pub fn reload_from_pem(&self, cert_path: &str, key_path: &str) -> Result<()>

Atomically swap to a new cert + key loaded from the given PEM files.

Hot-path TLS handshakes pick up the new cert on the next resolve call without dropping any in-flight session.

Source

pub fn reload(&self, ck: CertifiedKey)

Atomically swap to a pre-built rustls::sign::CertifiedKey.

Trait Implementations§

Source§

impl Debug for ReloadableResolver

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl ResolvesServerCert for ReloadableResolver

Source§

fn resolve(&self, _client_hello: ClientHello<'_>) -> Option<Arc<CertifiedKey>>

Choose a certificate chain and matching key given simplified ClientHello information. Read more
Source§

fn only_raw_public_keys(&self) -> bool

Return true when the server only supports raw public keys.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more