rustls_acme/
acceptor.rs

1use crate::acme::ACME_TLS_ALPN_NAME;
2use crate::{crypto_provider, is_tls_alpn_challenge, ResolvesServerCertAcme};
3use core::fmt;
4use futures::prelude::*;
5use futures_rustls::rustls::server::Acceptor;
6use futures_rustls::rustls::ServerConfig;
7use futures_rustls::{Accept, LazyConfigAcceptor, StartHandshake};
8use std::io;
9use std::pin::Pin;
10use std::sync::Arc;
11use std::task::{Context, Poll};
12
13#[derive(Clone)]
14pub struct AcmeAcceptor {
15    config: Arc<ServerConfig>,
16}
17
18impl AcmeAcceptor {
19    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
20    #[deprecated(note = "please use high-level API via `AcmeState::incoming()` instead or refer to updated low-level API examples")]
21    pub(crate) fn new(resolver: Arc<ResolvesServerCertAcme>) -> Self {
22        let mut config = ServerConfig::builder_with_provider(crypto_provider().into())
23            .with_safe_default_protocol_versions()
24            .unwrap()
25            .with_no_client_auth()
26            .with_cert_resolver(resolver.clone());
27        config.alpn_protocols.push(ACME_TLS_ALPN_NAME.to_vec());
28        Self { config: Arc::new(config) }
29    }
30    pub fn accept<IO: AsyncRead + AsyncWrite + Unpin>(&self, io: IO) -> AcmeAccept<IO> {
31        AcmeAccept::new(io, self.config.clone())
32    }
33}
34
35impl fmt::Debug for AcmeAcceptor {
36    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
37        f.debug_struct("AcmeAcceptor").finish_non_exhaustive()
38    }
39}
40
41pub struct AcmeAccept<IO: AsyncRead + AsyncWrite + Unpin> {
42    acceptor: LazyConfigAcceptor<IO>,
43    config: Arc<ServerConfig>,
44    validation_accept: Option<Accept<IO>>,
45}
46
47impl<IO: AsyncRead + AsyncWrite + Unpin> AcmeAccept<IO> {
48    pub(crate) fn new(io: IO, config: Arc<ServerConfig>) -> Self {
49        Self {
50            acceptor: LazyConfigAcceptor::new(Acceptor::default(), io),
51            config,
52            validation_accept: None,
53        }
54    }
55}
56
57impl<IO: AsyncRead + AsyncWrite + Unpin> Future for AcmeAccept<IO> {
58    type Output = io::Result<Option<StartHandshake<IO>>>;
59
60    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
61        loop {
62            if let Some(validation_accept) = &mut self.validation_accept {
63                return match Pin::new(validation_accept).poll(cx) {
64                    Poll::Ready(Ok(_)) => Poll::Ready(Ok(None)),
65                    Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
66                    Poll::Pending => Poll::Pending,
67                };
68            }
69
70            return match Pin::new(&mut self.acceptor).poll(cx) {
71                Poll::Ready(Ok(handshake)) => {
72                    if is_tls_alpn_challenge(&handshake.client_hello()) {
73                        self.validation_accept = Some(handshake.into_stream(self.config.clone()));
74                        continue;
75                    }
76                    Poll::Ready(Ok(Some(handshake)))
77                }
78                Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
79                Poll::Pending => Poll::Pending,
80            };
81        }
82    }
83}
rustls_acme/acceptor.rs

rustls_acme/
acceptor.rs
