mirror of
https://github.com/signalapp/libsignal.git
synced 2024-09-20 20:03:07 +02:00
Allow specifying certificates when creating CdsiEndpointConnection
This commit is contained in:
parent
e7e9ae5860
commit
931691ffcf
@ -62,10 +62,24 @@ impl<T: TransportConnector> CdsiEndpointConnection<SingleRouteThrottlingConnecti
|
||||
cdsi: CdsiEndpoint<'static>,
|
||||
connect_timeout: Duration,
|
||||
transport_connector: T,
|
||||
) -> Self {
|
||||
Self::with_certs(
|
||||
cdsi,
|
||||
connect_timeout,
|
||||
transport_connector,
|
||||
RootCertificates::Signal,
|
||||
)
|
||||
}
|
||||
|
||||
pub fn with_certs(
|
||||
cdsi: CdsiEndpoint<'static>,
|
||||
connect_timeout: Duration,
|
||||
transport_connector: T,
|
||||
certs: RootCertificates,
|
||||
) -> Self {
|
||||
Self {
|
||||
connection_manager: SingleRouteThrottlingConnectionManager::new(
|
||||
cdsi.direct_connection(),
|
||||
cdsi.direct_connection().with_certs(certs),
|
||||
connect_timeout,
|
||||
),
|
||||
connector: WebSocketClientConnector::new(
|
||||
|
@ -96,6 +96,11 @@ impl ConnectionParams {
|
||||
decorators.push(decorator);
|
||||
self
|
||||
}
|
||||
|
||||
pub fn with_certs(mut self, certs: RootCertificates) -> Self {
|
||||
self.certs = certs;
|
||||
self
|
||||
}
|
||||
}
|
||||
|
||||
impl HttpRequestDecoratorSeq {
|
||||
@ -167,7 +172,7 @@ impl TransportConnector for TcpSslTransportConnector {
|
||||
)
|
||||
.await?;
|
||||
|
||||
let ssl_config = client_ssl_connector_builder(connection_params.certs.clone(), alpn)?
|
||||
let ssl_config = Self::builder(connection_params.certs.clone(), alpn)?
|
||||
.build()
|
||||
.configure()?;
|
||||
|
||||
@ -179,6 +184,15 @@ impl TransportConnector for TcpSslTransportConnector {
|
||||
}
|
||||
}
|
||||
|
||||
impl TcpSslTransportConnector {
|
||||
fn builder(certs: RootCertificates, alpn: &[u8]) -> Result<SslConnectorBuilder, NetError> {
|
||||
let mut ssl = SslConnector::builder(SslMethod::tls_client())?;
|
||||
ssl.set_verify_cert_store(certs.try_into()?)?;
|
||||
ssl.set_alpn_protos(alpn)?;
|
||||
Ok(ssl)
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) async fn connect_tcp(
|
||||
dns_resolver: &DnsResolver,
|
||||
host: &str,
|
||||
@ -197,16 +211,6 @@ pub(crate) async fn connect_tcp(
|
||||
Err(NetError::TcpConnectionFailed)
|
||||
}
|
||||
|
||||
pub(crate) fn client_ssl_connector_builder(
|
||||
certs: RootCertificates,
|
||||
alpn: &[u8],
|
||||
) -> Result<SslConnectorBuilder, NetError> {
|
||||
let mut ssl = SslConnector::builder(SslMethod::tls_client())?;
|
||||
ssl.set_verify_cert_store(certs.try_into()?)?;
|
||||
ssl.set_alpn_protos(alpn)?;
|
||||
Ok(ssl)
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
pub(crate) mod test {
|
||||
use hyper::Request;
|
||||
|
Loading…
Reference in New Issue
Block a user