Skip to content

Commit

Permalink
feat(rumqttd): add Sec1Key and ignore non key items (#802)
Browse files Browse the repository at this point in the history
  • Loading branch information
swanandx authored Feb 20, 2024
1 parent baa9341 commit ee07a9e
Showing 1 changed file with 13 additions and 6 deletions.
19 changes: 13 additions & 6 deletions rumqttd/src/link/bridge.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ use tokio::{
time::{sleep, sleep_until, Instant},
};

#[cfg(feature = "use-rustls")]
use rustls_pemfile::Item;

#[cfg(feature = "use-rustls")]
use tokio_rustls::{
rustls::{
Expand All @@ -23,6 +26,7 @@ use tokio_rustls::{
},
TlsConnector,
};

use tracing::*;

use crate::{
Expand Down Expand Up @@ -189,6 +193,7 @@ async fn network_connect<P: Protocol>(
}
}
}

#[cfg(feature = "use-rustls")]
pub async fn tls_connect<P: AsRef<Path>>(
host: &str,
Expand Down Expand Up @@ -216,12 +221,14 @@ pub async fn tls_connect<P: AsRef<Path>>(
let certs = rustls_pemfile::certs(&mut BufReader::new(Cursor::new(fs::read(certs_path)?)))
.collect::<Result<Vec<_>, _>>()?;

let key = match rustls_pemfile::read_one(&mut BufReader::new(Cursor::new(fs::read(
key_path,
)?)))? {
Some(rustls_pemfile::Item::Pkcs1Key(key)) => key.into(),
Some(rustls_pemfile::Item::Pkcs8Key(key)) => key.into(),
None | Some(_) => return Err(BridgeError::NoValidCertInChain),
let key = loop {
match rustls_pemfile::read_one(&mut BufReader::new(Cursor::new(fs::read(key_path)?)))? {
Some(Item::Pkcs1Key(key)) => break key.into(),
Some(Item::Pkcs8Key(key)) => break key.into(),
Some(Item::Sec1Key(key)) => break key.into(),
None => return Err(BridgeError::NoValidCertInChain),
_ => {}
};
};

config.with_client_auth_cert(certs, key)?
Expand Down

0 comments on commit ee07a9e

Please sign in to comment.