// I'm not sure where I got this module from, but it's probably from the // quinn examples, so the license should be okay. use std::{ net::SocketAddr, sync::Arc, time::Duration, }; use quinn::{ ClientConfig, Endpoint, ServerConfig, }; /// Constructs a QUIC endpoint configured for use a client only. /// /// ## Args /// /// - server_certs: list of trusted certificates. #[allow(unused)] pub fn make_client_endpoint( bind_addr: SocketAddr, server_certs: &[&[u8]], ) -> anyhow::Result { let mut client_cfg = configure_client (server_certs)?; let mut transport = quinn::TransportConfig::default (); transport.keep_alive_interval (Some (Duration::from_millis (5_000))); client_cfg.transport_config (Arc::new (transport)); let mut endpoint = Endpoint::client (bind_addr)?; endpoint.set_default_client_config (client_cfg); Ok(endpoint) } /// Constructs a QUIC endpoint configured to listen for incoming connections /// on a certain address and port. /// /// ## Returns /// /// - a stream of incoming QUIC connections /// - server certificate serialized into DER format #[allow(unused)] pub fn make_server_endpoint(bind_addr: SocketAddr) -> anyhow::Result<(Endpoint, Vec)> { let (server_config, server_cert) = configure_server()?; let endpoint = Endpoint::server (server_config, bind_addr)?; Ok((endpoint, server_cert)) } /// Builds default quinn client config and trusts given certificates. /// /// ## Args /// /// - server_certs: a list of trusted certificates in DER format. fn configure_client (server_certs: &[&[u8]]) -> anyhow::Result { let mut certs = rustls::RootCertStore::empty (); for cert in server_certs { certs.add (&rustls::Certificate (cert.to_vec ()))?; } Ok (ClientConfig::with_root_certificates (certs)) } /// Returns default server configuration along with its certificate. #[allow(clippy::field_reassign_with_default)] // https://github.com/rust-lang/rust-clippy/issues/6527 fn configure_server () -> anyhow::Result<(ServerConfig, Vec)> { let cert = rcgen::generate_simple_self_signed(vec!["localhost".into()]).unwrap(); let cert_der = cert.serialize_der().unwrap(); let priv_key = cert.serialize_private_key_der(); let priv_key = rustls::PrivateKey (priv_key); let cert_chain = vec! [rustls::Certificate (cert_der.clone ())]; let mut server_config = ServerConfig::with_single_cert (cert_chain, priv_key)?; Arc::get_mut (&mut server_config.transport) .unwrap () .max_concurrent_uni_streams (0_u8.into ()); Ok ((server_config, cert_der)) }