mirror of
https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs.git
synced 2025-01-08 18:25:30 +00:00
net/quic: Drop private key type property
Use read_all helper from rustls_pemfile and drop the requirement for the user having to specify the private key type. Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/1036>
This commit is contained in:
parent
a306b1ce94
commit
97d8a79d36
3 changed files with 19 additions and 65 deletions
|
@ -7,7 +7,6 @@
|
|||
//
|
||||
// SPDX-License-Identifier: MPL-2.0
|
||||
|
||||
use super::QuicPrivateKeyType;
|
||||
use crate::utils::{
|
||||
make_socket_addr, server_endpoint, wait, WaitError, CONNECTION_CLOSE_CODE, CONNECTION_CLOSE_MSG,
|
||||
};
|
||||
|
@ -36,7 +35,6 @@ static DEFAULT_SERVER_PORT: u16 = 5000;
|
|||
*/
|
||||
const DEFAULT_ALPN: &str = "gst-quinn";
|
||||
const DEFAULT_TIMEOUT: u32 = 15;
|
||||
const DEFAULT_PRIVATE_KEY_TYPE: QuicPrivateKeyType = QuicPrivateKeyType::Pkcs8;
|
||||
const DEFAULT_SECURE_CONNECTION: bool = true;
|
||||
|
||||
static CAT: Lazy<gst::DebugCategory> = Lazy::new(|| {
|
||||
|
@ -70,7 +68,6 @@ struct Settings {
|
|||
caps: gst::Caps,
|
||||
use_datagram: bool,
|
||||
certificate_path: Option<PathBuf>,
|
||||
private_key_type: QuicPrivateKeyType,
|
||||
}
|
||||
|
||||
impl Default for Settings {
|
||||
|
@ -85,7 +82,6 @@ impl Default for Settings {
|
|||
caps: gst::Caps::new_any(),
|
||||
use_datagram: false,
|
||||
certificate_path: None,
|
||||
private_key_type: DEFAULT_PRIVATE_KEY_TYPE,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -111,8 +107,6 @@ impl GstObjectImpl for QuinnQuicSrc {}
|
|||
impl ElementImpl for QuinnQuicSrc {
|
||||
fn metadata() -> Option<&'static gst::subclass::ElementMetadata> {
|
||||
static ELEMENT_METADATA: Lazy<gst::subclass::ElementMetadata> = Lazy::new(|| {
|
||||
#[cfg(feature = "doc")]
|
||||
QuicPrivateKeyType::static_type().mark_as_plugin_api(gst::PluginAPIFlags::empty());
|
||||
gst::subclass::ElementMetadata::new(
|
||||
"Quinn QUIC Source",
|
||||
"Source/Network/QUIC",
|
||||
|
@ -218,10 +212,6 @@ impl ObjectImpl for QuinnQuicSrc {
|
|||
.blurb("Use datagram for lower latency, unreliable messaging")
|
||||
.default_value(false)
|
||||
.build(),
|
||||
glib::ParamSpecEnum::builder_with_default::<QuicPrivateKeyType>("private-key-type", DEFAULT_PRIVATE_KEY_TYPE)
|
||||
.nick("Whether PKCS8 or RSA key type is considered for private key")
|
||||
.blurb("Read given private key as PKCS8 or RSA")
|
||||
.build(),
|
||||
]
|
||||
});
|
||||
|
||||
|
@ -276,11 +266,6 @@ impl ObjectImpl for QuinnQuicSrc {
|
|||
"use-datagram" => {
|
||||
settings.use_datagram = value.get().expect("type checked upstream");
|
||||
}
|
||||
"private-key-type" => {
|
||||
settings.private_key_type = value
|
||||
.get::<QuicPrivateKeyType>()
|
||||
.expect("type checked upstream");
|
||||
}
|
||||
_ => unimplemented!(),
|
||||
}
|
||||
}
|
||||
|
@ -307,7 +292,6 @@ impl ObjectImpl for QuinnQuicSrc {
|
|||
certpath.and_then(|file| file.to_str()).to_value()
|
||||
}
|
||||
"use-datagram" => settings.use_datagram.to_value(),
|
||||
"private-key-type" => settings.private_key_type.to_value(),
|
||||
_ => unimplemented!(),
|
||||
}
|
||||
}
|
||||
|
@ -537,7 +521,6 @@ impl QuinnQuicSrc {
|
|||
let use_datagram;
|
||||
let secure_conn;
|
||||
let cert_path;
|
||||
let private_key_type;
|
||||
|
||||
{
|
||||
let settings = self.settings.lock().unwrap();
|
||||
|
@ -551,23 +534,15 @@ impl QuinnQuicSrc {
|
|||
use_datagram = settings.use_datagram;
|
||||
secure_conn = settings.secure_conn;
|
||||
cert_path = settings.certificate_path.clone();
|
||||
private_key_type = settings.private_key_type;
|
||||
}
|
||||
|
||||
let endpoint = server_endpoint(
|
||||
server_addr,
|
||||
&server_name,
|
||||
secure_conn,
|
||||
alpns,
|
||||
cert_path,
|
||||
private_key_type,
|
||||
)
|
||||
.map_err(|err| {
|
||||
WaitError::FutureError(gst::error_msg!(
|
||||
gst::ResourceError::Failed,
|
||||
["Failed to configure endpoint: {}", err]
|
||||
))
|
||||
})?;
|
||||
let endpoint = server_endpoint(server_addr, &server_name, secure_conn, alpns, cert_path)
|
||||
.map_err(|err| {
|
||||
WaitError::FutureError(gst::error_msg!(
|
||||
gst::ResourceError::Failed,
|
||||
["Failed to configure endpoint: {}", err]
|
||||
))
|
||||
})?;
|
||||
|
||||
let incoming_conn = endpoint.accept().await.unwrap();
|
||||
|
||||
|
|
|
@ -12,16 +12,6 @@ use gst::prelude::*;
|
|||
|
||||
mod imp;
|
||||
|
||||
#[derive(Debug, Eq, PartialEq, Ord, PartialOrd, Hash, Clone, Copy, glib::Enum)]
|
||||
#[repr(u32)]
|
||||
#[enum_type(name = "GstQuicPrivateKeyType")]
|
||||
pub enum QuicPrivateKeyType {
|
||||
#[enum_value(name = "PKCS8: PKCS #8 Private Key.", nick = "pkcs8")]
|
||||
Pkcs8,
|
||||
#[enum_value(name = "RSA: RSA Private Key.", nick = "rsa")]
|
||||
Rsa,
|
||||
}
|
||||
|
||||
glib::wrapper! {
|
||||
pub struct QuinnQuicSrc(ObjectSubclass<imp::QuinnQuicSrc>) @extends gst_base::BaseSrc, gst::Element, gst::Object;
|
||||
}
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
//
|
||||
// SPDX-License-Identifier: MPL-2.0
|
||||
|
||||
use crate::quinnquicsrc::QuicPrivateKeyType;
|
||||
use futures::future;
|
||||
use futures::prelude::*;
|
||||
use gst::ErrorMessage;
|
||||
|
@ -158,7 +157,6 @@ fn configure_client(secure_conn: bool, alpns: Vec<String>) -> Result<ClientConfi
|
|||
|
||||
fn read_certs_from_file(
|
||||
certificate_path: Option<PathBuf>,
|
||||
private_key_type: QuicPrivateKeyType,
|
||||
) -> Result<(Vec<rustls::Certificate>, rustls::PrivateKey), Box<dyn Error>> {
|
||||
/*
|
||||
* NOTE:
|
||||
|
@ -192,19 +190,18 @@ fn read_certs_from_file(
|
|||
let key: rustls::PrivateKey = {
|
||||
let key_file = File::open(key_file.as_path())?;
|
||||
let mut key_file_rdr = BufReader::new(key_file);
|
||||
let mut key_vec;
|
||||
|
||||
// If the file starts with "BEGIN RSA PRIVATE KEY"
|
||||
if let QuicPrivateKeyType::Rsa = private_key_type {
|
||||
key_vec = rustls_pemfile::rsa_private_keys(&mut key_file_rdr)?;
|
||||
} else {
|
||||
// If the file starts with "BEGIN PRIVATE KEY"
|
||||
key_vec = rustls_pemfile::pkcs8_private_keys(&mut key_file_rdr)?;
|
||||
let keys_iter = rustls_pemfile::read_all(&mut key_file_rdr)?;
|
||||
let key_item = keys_iter
|
||||
.into_iter()
|
||||
.next()
|
||||
.ok_or("Certificate should have at least one private key")?;
|
||||
|
||||
match key_item {
|
||||
rustls_pemfile::Item::RSAKey(key) => rustls::PrivateKey(key),
|
||||
rustls_pemfile::Item::PKCS8Key(key) => rustls::PrivateKey(key),
|
||||
_ => unimplemented!(),
|
||||
}
|
||||
|
||||
assert_eq!(key_vec.len(), 1);
|
||||
|
||||
rustls::PrivateKey(key_vec.remove(0))
|
||||
};
|
||||
|
||||
Ok((certs, key))
|
||||
|
@ -215,10 +212,9 @@ fn configure_server(
|
|||
secure_conn: bool,
|
||||
certificate_path: Option<PathBuf>,
|
||||
alpns: Vec<String>,
|
||||
private_key_type: QuicPrivateKeyType,
|
||||
) -> Result<(ServerConfig, Vec<rustls::Certificate>), Box<dyn Error>> {
|
||||
let (cert, key) = if secure_conn {
|
||||
read_certs_from_file(certificate_path, private_key_type).unwrap()
|
||||
read_certs_from_file(certificate_path).unwrap()
|
||||
} else {
|
||||
let cert = rcgen::generate_simple_self_signed(vec![server_name.into()]).unwrap();
|
||||
let cert_der = cert.serialize_der().unwrap();
|
||||
|
@ -258,15 +254,8 @@ pub fn server_endpoint(
|
|||
secure_conn: bool,
|
||||
alpns: Vec<String>,
|
||||
certificate_path: Option<PathBuf>,
|
||||
private_key_type: QuicPrivateKeyType,
|
||||
) -> Result<Endpoint, Box<dyn Error>> {
|
||||
let (server_config, _) = configure_server(
|
||||
server_name,
|
||||
secure_conn,
|
||||
certificate_path,
|
||||
alpns,
|
||||
private_key_type,
|
||||
)?;
|
||||
let (server_config, _) = configure_server(server_name, secure_conn, certificate_path, alpns)?;
|
||||
let endpoint = Endpoint::server(server_config, server_addr)?;
|
||||
|
||||
Ok(endpoint)
|
||||
|
|
Loading…
Reference in a new issue