docker/pgcat
1
0
Fork 0
mirror of https://github.com/postgresml/pgcat.git synced 2026-03-26 10:26:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support EC and PKCS8 private keys (#316)

Browse Source 
* Support EC and PKCS8 private keys

* Use iter instead of infinite loop in `load_keys` fn
This commit is contained in:
Tommy Chen
2023-02-15 00:30:47 +08:00
committed by GitHub
parent bf6efde8cc
commit 9830c18315
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/tls.rs
View File

@@ -1,6 +1,7 @@
// Stream wrapper. // Stream wrapper.
use rustls_pemfile::{certs, rsa_private_keys}; use rustls_pemfile::{certs, read_one, Item};
use std::iter;
use std::path::Path; use std::path::Path;
use std::sync::Arc; use std::sync::Arc;
use tokio_rustls::rustls::{self, Certificate, PrivateKey}; use tokio_rustls::rustls::{self, Certificate, PrivateKey};
@@ -17,9 +18,17 @@ pub fn load_certs(path: &Path) -> std::io::Result<Vec<Certificate>> {
} }
pub fn load_keys(path: &Path) -> std::io::Result<Vec<PrivateKey>> { pub fn load_keys(path: &Path) -> std::io::Result<Vec<PrivateKey>> {
rsa_private_keys(&mut std::io::BufReader::new(std::fs::File::open(path)?)) let mut rd = std::io::BufReader::new(std::fs::File::open(path)?);
.map_err(|_| std::io::Error::new(std::io::ErrorKind::InvalidInput, "invalid key"))
.map(|mut keys| keys.drain(..).map(PrivateKey).collect()) iter::from_fn(|| read_one(&mut rd).transpose())
.filter_map(|item| match item {
Err(err) => Some(Err(err)),
Ok(Item::RSAKey(key)) => Some(Ok(PrivateKey(key))),
Ok(Item::ECKey(key)) => Some(Ok(PrivateKey(key))),
Ok(Item::PKCS8Key(key)) => Some(Ok(PrivateKey(key))),
_ => None,
})
.collect()
} }
pub struct Tls { pub struct Tls {