tokio_rustls_acme/
acceptor.rs

1use crate::acme::ACME_TLS_ALPN_NAME;
2use crate::ResolvesServerCertAcme;
3use rustls::server::Acceptor;
4use rustls::ServerConfig;
5use std::future::Future;
6use std::io;
7use std::pin::Pin;
8use std::sync::Arc;
9use std::task::{Context, Poll};
10use tokio::io::{AsyncRead, AsyncWrite};
11use tokio_rustls::{Accept, LazyConfigAcceptor, StartHandshake};
12
13#[derive(Clone)]
14pub struct AcmeAcceptor {
15    config: Arc<ServerConfig>,
16}
17
18impl AcmeAcceptor {
19    pub(crate) fn new(resolver: Arc<ResolvesServerCertAcme>) -> Self {
20        let mut config = ServerConfig::builder()
21            .with_no_client_auth()
22            .with_cert_resolver(resolver);
23        config.alpn_protocols.push(ACME_TLS_ALPN_NAME.to_vec());
24        Self {
25            config: Arc::new(config),
26        }
27    }
28    pub fn accept<IO: AsyncRead + AsyncWrite + Unpin>(&self, io: IO) -> AcmeAccept<IO> {
29        AcmeAccept::new(io, self.config.clone())
30    }
31}
32
33pub struct AcmeAccept<IO: AsyncRead + AsyncWrite + Unpin> {
34    acceptor: LazyConfigAcceptor<IO>,
35    config: Arc<ServerConfig>,
36    validation_accept: Option<Accept<IO>>,
37}
38
39impl<IO: AsyncRead + AsyncWrite + Unpin> AcmeAccept<IO> {
40    pub(crate) fn new(io: IO, config: Arc<ServerConfig>) -> Self {
41        Self {
42            acceptor: LazyConfigAcceptor::new(Acceptor::default(), io),
43            config,
44            validation_accept: None,
45        }
46    }
47}
48
49impl<IO: AsyncRead + AsyncWrite + Unpin> Future for AcmeAccept<IO> {
50    type Output = io::Result<Option<StartHandshake<IO>>>;
51
52    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
53        loop {
54            if let Some(validation_accept) = &mut self.validation_accept {
55                return match Pin::new(validation_accept).poll(cx) {
56                    Poll::Ready(Ok(_)) => Poll::Ready(Ok(None)),
57                    Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
58                    Poll::Pending => Poll::Pending,
59                };
60            }
61
62            return match Pin::new(&mut self.acceptor).poll(cx) {
63                Poll::Ready(Ok(handshake)) => {
64                    let is_validation = handshake
65                        .client_hello()
66                        .alpn()
67                        .into_iter()
68                        .flatten()
69                        .eq([ACME_TLS_ALPN_NAME]);
70                    if is_validation {
71                        self.validation_accept = Some(handshake.into_stream(self.config.clone()));
72                        continue;
73                    }
74                    Poll::Ready(Ok(Some(handshake)))
75                }
76                Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
77                Poll::Pending => Poll::Pending,
78            };
79        }
80    }
81}