Browse Source

Stop using the `Error` struct from `acme_common` in tacd

rel #83
pull/100/head
Rodolphe Bréard 1 year ago
parent
commit
e9522df9ef
  1. 28
      Cargo.lock
  2. 2
      tacd/Cargo.toml
  3. 21
      tacd/src/main.rs
  4. 10
      tacd/src/openssl_server.rs

28
Cargo.lock

@ -119,6 +119,12 @@ dependencies = [
"windows-sys 0.48.0",
]
[[package]]
name = "anyhow"
version = "1.0.71"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"
[[package]]
name = "async-channel"
version = "1.8.0"
@ -1413,9 +1419,11 @@ name = "tacd"
version = "0.21.0"
dependencies = [
"acme_common",
"anyhow",
"clap",
"log",
"openssl",
"thiserror",
]
[[package]]
@ -1441,6 +1449,26 @@ dependencies = [
"winapi-util",
]
[[package]]
name = "thiserror"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "time"
version = "0.3.22"

2
tacd/Cargo.toml

@ -21,6 +21,8 @@ openssl_vendored = ["crypto_openssl", "acme_common/openssl_vendored"]
[dependencies]
acme_common = { path = "../acme_common" }
anyhow = "1.0"
clap = { version = "4.0", features = ["string"] }
log = "0.4"
openssl = "0.10"
thiserror = "1.0"

21
tacd/src/main.rs

@ -4,9 +4,9 @@ mod openssl_server;
#[cfg(feature = "crypto_openssl")]
use crate::openssl_server::start as server_start;
use acme_common::crypto::{get_lib_name, get_lib_version, HashFunction, KeyType, X509Certificate};
use acme_common::error::Error;
use acme_common::logs::{set_log_system, DEFAULT_LOG_LEVEL};
use acme_common::{clean_pid_file, to_idna};
use anyhow::{anyhow, Result};
use clap::builder::PossibleValuesParser;
use clap::{Arg, ArgAction, ArgMatches, Command};
use log::{debug, error, info};
@ -21,7 +21,7 @@ const DEFAULT_CRT_KEY_TYPE: KeyType = KeyType::EcdsaP256;
const DEFAULT_CRT_DIGEST: HashFunction = HashFunction::Sha256;
const ALPN_ACME_PROTO_NAME: &[u8] = b"\x0aacme-tls/1";
fn read_line(path: Option<&String>) -> Result<String, Error> {
fn read_line(path: Option<&String>) -> Result<String> {
let mut input = String::new();
match path {
Some(p) => File::open(p)?.read_to_string(&mut input)?,
@ -31,7 +31,7 @@ fn read_line(path: Option<&String>) -> Result<String, Error> {
Ok(line)
}
fn get_acme_value(cnf: &ArgMatches, opt: &str, opt_file: &str) -> Result<String, Error> {
fn get_acme_value(cnf: &ArgMatches, opt: &str, opt_file: &str) -> Result<String> {
match cnf.get_one::<String>(opt) {
Some(v) => Ok(v.to_string()),
None => {
@ -46,27 +46,32 @@ fn get_acme_value(cnf: &ArgMatches, opt: &str, opt_file: &str) -> Result<String,
}
}
fn init(cnf: &ArgMatches) -> Result<(), Error> {
fn init(cnf: &ArgMatches) -> Result<()> {
acme_common::init_server(
cnf.get_flag("foreground"),
cnf.get_one::<String>("pid-file").map(|e| e.as_str()),
);
let domain = get_acme_value(cnf, "domain", "domain-file")?;
let domain = to_idna(&domain)?;
let domain = to_idna(&domain).map_err(|e| anyhow!(e))?;
let ext = get_acme_value(cnf, "acme-ext", "acme-ext-file")?;
let listen_addr = cnf
.get_one::<String>("listen")
.map(|e| e.as_str())
.unwrap_or(DEFAULT_LISTEN_ADDR);
let crt_signature_alg = match cnf.get_one::<&str>("crt-signature-alg") {
Some(alg) => alg.parse()?,
Some(alg) => alg
.parse()
.map_err(|e: acme_common::error::Error| anyhow!(e))?,
None => DEFAULT_CRT_KEY_TYPE,
};
let crt_digest = match cnf.get_one::<&str>("crt-digest") {
Some(alg) => alg.parse()?,
Some(alg) => alg
.parse()
.map_err(|e: acme_common::error::Error| anyhow!(e))?,
None => DEFAULT_CRT_DIGEST,
};
let (pk, cert) = X509Certificate::from_acme_ext(&domain, &ext, crt_signature_alg, crt_digest)?;
let (pk, cert) = X509Certificate::from_acme_ext(&domain, &ext, crt_signature_alg, crt_digest)
.map_err(|e| anyhow!(e))?;
info!("starting {APP_NAME} on {listen_addr} for {domain}");
server_start(listen_addr, &cert, &pk)?;
Ok(())

10
tacd/src/openssl_server.rs

@ -1,5 +1,5 @@
use acme_common::crypto::{KeyPair, X509Certificate};
use acme_common::error::Error;
use anyhow::{bail, Result};
use log::debug;
use openssl::ssl::{self, AlpnError, SslAcceptor, SslMethod};
use std::net::TcpListener;
@ -29,11 +29,7 @@ macro_rules! listen_and_accept {
};
}
pub fn start(
listen_addr: &str,
certificate: &X509Certificate,
key_pair: &KeyPair,
) -> Result<(), Error> {
pub fn start(listen_addr: &str, certificate: &X509Certificate, key_pair: &KeyPair) -> Result<()> {
let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls())?;
acceptor.set_alpn_select_callback(|_, client| {
debug!("ALPN negociation");
@ -51,5 +47,5 @@ pub fn start(
debug!("listening on {listen_addr}");
listen_and_accept!(TcpListener, listen_addr, acceptor);
}
Err("main thread loop unexpectedly exited".into())
bail!("main thread loop unexpectedly exited")
}
Loading…
Cancel
Save