|
|
|
@ -8,8 +8,8 @@ use std::{
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
use quinn::{
|
|
|
|
|
Certificate, CertificateChain, ClientConfig, ClientConfigBuilder, Endpoint, Incoming,
|
|
|
|
|
PrivateKey, ServerConfig, ServerConfigBuilder, TransportConfig,
|
|
|
|
|
ClientConfig, Endpoint, Incoming,
|
|
|
|
|
ServerConfig, TransportConfig,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/// Constructs a QUIC endpoint configured for use a client only.
|
|
|
|
@ -28,9 +28,8 @@ pub fn make_client_endpoint(
|
|
|
|
|
|
|
|
|
|
client_cfg.transport = Arc::new (transport);
|
|
|
|
|
|
|
|
|
|
let mut endpoint_builder = Endpoint::builder ();
|
|
|
|
|
endpoint_builder.default_client_config (client_cfg);
|
|
|
|
|
let (endpoint, _incoming) = endpoint_builder.bind(&bind_addr)?;
|
|
|
|
|
let mut endpoint = Endpoint::client (bind_addr)?;
|
|
|
|
|
endpoint.set_default_client_config (client_cfg);
|
|
|
|
|
Ok(endpoint)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -44,9 +43,7 @@ pub fn make_client_endpoint(
|
|
|
|
|
#[allow(unused)]
|
|
|
|
|
pub fn make_server_endpoint(bind_addr: SocketAddr) -> anyhow::Result<(Incoming, Vec<u8>)> {
|
|
|
|
|
let (server_config, server_cert) = configure_server()?;
|
|
|
|
|
let mut endpoint_builder = Endpoint::builder();
|
|
|
|
|
endpoint_builder.listen(server_config);
|
|
|
|
|
let (_endpoint, incoming) = endpoint_builder.bind(&bind_addr)?;
|
|
|
|
|
let (_endpoint, incoming) = Endpoint::server (server_config, bind_addr)?;
|
|
|
|
|
Ok((incoming, server_cert))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -55,29 +52,28 @@ pub fn make_server_endpoint(bind_addr: SocketAddr) -> anyhow::Result<(Incoming,
|
|
|
|
|
/// ## Args
|
|
|
|
|
///
|
|
|
|
|
/// - server_certs: a list of trusted certificates in DER format.
|
|
|
|
|
fn configure_client(server_certs: &[&[u8]]) -> anyhow::Result<ClientConfig> {
|
|
|
|
|
let mut cfg_builder = ClientConfigBuilder::default();
|
|
|
|
|
fn configure_client (server_certs: &[&[u8]]) -> anyhow::Result<ClientConfig> {
|
|
|
|
|
let mut certs = rustls::RootCertStore::empty ();
|
|
|
|
|
for cert in server_certs {
|
|
|
|
|
cfg_builder.add_certificate_authority(Certificate::from_der(cert)?)?;
|
|
|
|
|
certs.add (&rustls::Certificate (cert.to_vec ()))?;
|
|
|
|
|
}
|
|
|
|
|
Ok(cfg_builder.build())
|
|
|
|
|
|
|
|
|
|
Ok (ClientConfig::with_root_certificates (certs))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns default server configuration along with its certificate.
|
|
|
|
|
#[allow(clippy::field_reassign_with_default)] // https://github.com/rust-lang/rust-clippy/issues/6527
|
|
|
|
|
fn configure_server() -> anyhow::Result<(ServerConfig, Vec<u8>)> {
|
|
|
|
|
fn configure_server () -> anyhow::Result<(ServerConfig, Vec<u8>)> {
|
|
|
|
|
let cert = rcgen::generate_simple_self_signed(vec!["localhost".into()]).unwrap();
|
|
|
|
|
let cert_der = cert.serialize_der().unwrap();
|
|
|
|
|
let priv_key = cert.serialize_private_key_der();
|
|
|
|
|
let priv_key = PrivateKey::from_der(&priv_key)?;
|
|
|
|
|
|
|
|
|
|
let mut transport_config = TransportConfig::default();
|
|
|
|
|
transport_config.max_concurrent_uni_streams(0).unwrap();
|
|
|
|
|
let mut server_config = ServerConfig::default();
|
|
|
|
|
server_config.transport = Arc::new(transport_config);
|
|
|
|
|
let mut cfg_builder = ServerConfigBuilder::new(server_config);
|
|
|
|
|
let cert = Certificate::from_der(&cert_der)?;
|
|
|
|
|
cfg_builder.certificate(CertificateChain::from_certs(vec![cert]), priv_key)?;
|
|
|
|
|
|
|
|
|
|
Ok((cfg_builder.build(), cert_der))
|
|
|
|
|
let priv_key = rustls::PrivateKey (priv_key);
|
|
|
|
|
let cert_chain = vec! [rustls::Certificate (cert_der.clone ())];
|
|
|
|
|
|
|
|
|
|
let mut server_config = ServerConfig::with_single_cert (cert_chain, priv_key)?;
|
|
|
|
|
Arc::get_mut (&mut server_config.transport)
|
|
|
|
|
.unwrap ()
|
|
|
|
|
.max_concurrent_uni_streams (0_u8.into ());
|
|
|
|
|
|
|
|
|
|
Ok ((server_config, cert_der))
|
|
|
|
|
}
|
|
|
|
|