rust/greptimedb
1
0
Fork 0
mirror of https://github.com/GreptimeTeam/greptimedb.git synced 2025-12-22 22:20:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: simplify tls key read code (#5856)

Browse Source
This commit is contained in:
Ning Sun
2025-04-09 16:50:43 +08:00
committed by GitHub
parent 746b4e2369
commit 2ebe005e3c
1 changed files with 9 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/servers/src/tls.rs
View File

@@ -22,7 +22,7 @@ use std::sync::{Arc, RwLock};
use common_telemetry::{error, info};
use notify::{EventKind, RecursiveMode, Watcher};
use rustls::ServerConfig;
use rustls_pemfile::{certs, pkcs8_private_keys, rsa_private_keys};
use rustls_pemfile::{certs, read_one, Item};
use rustls_pki_types::{CertificateDer, PrivateKeyDer};
use serde::{Deserialize, Serialize};
use snafu::ResultExt;
@@ -94,29 +94,14 @@ impl TlsOption {
.collect::<std::result::Result<Vec<CertificateDer>, IoError>>()
.context(InternalIoSnafu)?;
let key = {
let mut pkcs8 = pkcs8_private_keys(&mut BufReader::new(
File::open(&self.key_path).context(InternalIoSnafu)?,
))
.map(|key| key.map(PrivateKeyDer::from))
.collect::<std::result::Result<Vec<PrivateKeyDer>, IoError>>()
.context(InternalIoSnafu)?;
if !pkcs8.is_empty() {
pkcs8.remove(0)
} else {
let mut rsa = rsa_private_keys(&mut BufReader::new(
File::open(&self.key_path).context(InternalIoSnafu)?,
))
.map(|key| key.map(PrivateKeyDer::from))
.collect::<std::result::Result<Vec<PrivateKeyDer>, IoError>>()
.context(InternalIoSnafu)?;
if !rsa.is_empty() {
rsa.remove(0)
} else {
return Err(IoError::new(ErrorKind::InvalidInput, "invalid key"))
.context(InternalIoSnafu);
}
let mut key_reader = BufReader::new(File::open(&self.key_path).context(InternalIoSnafu)?);
let key = match read_one(&mut key_reader).context(InternalIoSnafu)? {
Some(Item::Pkcs1Key(key)) => PrivateKeyDer::from(key),
Some(Item::Pkcs8Key(key)) => PrivateKeyDer::from(key),
Some(Item::Sec1Key(key)) => PrivateKeyDer::from(key),
_ => {
return Err(IoError::new(ErrorKind::InvalidInput, "invalid key"))
.context(InternalIoSnafu);
}
};