From ee07a9e233b9d0bf8a18600eec6bd775b1d67075 Mon Sep 17 00:00:00 2001 From: Swanand Mulay <73115739+swanandx@users.noreply.github.com> Date: Tue, 20 Feb 2024 17:57:21 +0530 Subject: [PATCH] feat(rumqttd): add Sec1Key and ignore non key items (#802) --- rumqttd/src/link/bridge.rs | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/rumqttd/src/link/bridge.rs b/rumqttd/src/link/bridge.rs index cc3089473..0c6b193be 100644 --- a/rumqttd/src/link/bridge.rs +++ b/rumqttd/src/link/bridge.rs @@ -15,6 +15,9 @@ use tokio::{ time::{sleep, sleep_until, Instant}, }; +#[cfg(feature = "use-rustls")] +use rustls_pemfile::Item; + #[cfg(feature = "use-rustls")] use tokio_rustls::{ rustls::{ @@ -23,6 +26,7 @@ use tokio_rustls::{ }, TlsConnector, }; + use tracing::*; use crate::{ @@ -189,6 +193,7 @@ async fn network_connect( } } } + #[cfg(feature = "use-rustls")] pub async fn tls_connect>( host: &str, @@ -216,12 +221,14 @@ pub async fn tls_connect>( let certs = rustls_pemfile::certs(&mut BufReader::new(Cursor::new(fs::read(certs_path)?))) .collect::, _>>()?; - let key = match rustls_pemfile::read_one(&mut BufReader::new(Cursor::new(fs::read( - key_path, - )?)))? { - Some(rustls_pemfile::Item::Pkcs1Key(key)) => key.into(), - Some(rustls_pemfile::Item::Pkcs8Key(key)) => key.into(), - None | Some(_) => return Err(BridgeError::NoValidCertInChain), + let key = loop { + match rustls_pemfile::read_one(&mut BufReader::new(Cursor::new(fs::read(key_path)?)))? { + Some(Item::Pkcs1Key(key)) => break key.into(), + Some(Item::Pkcs8Key(key)) => break key.into(), + Some(Item::Sec1Key(key)) => break key.into(), + None => return Err(BridgeError::NoValidCertInChain), + _ => {} + }; }; config.with_client_auth_cert(certs, key)?