Make TLS config global

2026-03-25 09:05:50 +00:00 · 2020-05-19 15:10:55 -07:00 · 2020-05-19 15:10:55 -07:00 · a165e8e142
commit a165e8e142
parent 8d09b268f9
3 changed files with 21 additions and 16 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -6,6 +6,7 @@ version = "1.0.0"
 dependencies = [
 "async-std",
 "async-tls",
+ "lazy_static",
 "rustls",
 "url",
 ]
--- a/Cargo.toml
+++ b/Cargo.toml
@ -13,6 +13,7 @@ edition = "2018"
 [dependencies]
 async-tls = "0.7.0"
 async-std = "1.5"
+lazy_static = "1.4"
 rustls = "0.17.0"
 url = "2.1"

--- a/src/main.rs
+++ b/src/main.rs
@ -5,6 +5,7 @@ use {
        task,
    },
    async_tls::{TlsAcceptor, server::TlsStream},
+    lazy_static::lazy_static,
    rustls::internal::pemfile::{certs, pkcs8_private_keys},
    std::{
        error::Error,
@ -19,37 +20,25 @@ use {
 pub type Result<T=()> = std::result::Result<T, Box<dyn Error + Send + Sync>>;

 fn main() -> Result {
-    let certs = certs(&mut BufReader::new(File::open("tests/cert.pem")?))
-        .expect("Error reading certificate file");
-    let mut keys = pkcs8_private_keys(&mut BufReader::new(File::open("tests/key.rsa")?))
-        .expect("Error reading private key file");
-
-    let mut config = rustls::ServerConfig::new(rustls::NoClientAuth::new());
-    config.set_single_cert(certs, keys.remove(0))?;
-    let acceptor = TlsAcceptor::from(Arc::new(config));
-
    let addr = "localhost:1965";

    task::block_on(async {
        let listener = TcpListener::bind(addr).await?;
        let mut incoming = listener.incoming();

-        while let Some(stream) = incoming.next().await {
-            let acceptor = acceptor.clone();
-            let stream = stream?;
+        while let Some(Ok(stream)) = incoming.next().await {
            task::spawn(async {
-                if let Err(e) = connection(acceptor, stream).await {
+                if let Err(e) = connection(stream).await {
                    eprintln!("Error: {:?}", e);
                }
            });
        }
-
        Ok(())
    })
 }

-async fn connection(acceptor: TlsAcceptor, stream: TcpStream) -> Result {
-    let mut stream = acceptor.accept(stream).await?;
+async fn connection(stream: TcpStream) -> Result {
+    let mut stream = TLS_ACCEPTOR.accept(stream).await?;
    let url = match parse_request(&mut stream).await {
        Ok(url) => url,
        Err(e) => {
@ -70,6 +59,20 @@ async fn connection(acceptor: TlsAcceptor, stream: TcpStream) -> Result {
    Ok(())
 }

+lazy_static! {
+    static ref TLS_ACCEPTOR: TlsAcceptor = {
+        let cert_file = File::open("tests/cert.pem").unwrap();
+        let certs = certs(&mut BufReader::new(cert_file)).unwrap();
+
+        let key_file = File::open("tests/key.rsa").unwrap();
+        let mut keys = pkcs8_private_keys(&mut BufReader::new(key_file)).unwrap();
+
+        let mut config = rustls::ServerConfig::new(rustls::NoClientAuth::new());
+        config.set_single_cert(certs, keys.remove(0)).unwrap();
+        TlsAcceptor::from(Arc::new(config))
+    };
+}
+
 async fn parse_request(stream: &mut TlsStream<TcpStream>) -> Result<Url> {
    let mut stream = async_std::io::BufReader::new(stream);
    let mut request = String::new();