refactor(ext/tls): Implement required functionality for later SNI support (#23686)

Precursor to #23236 This implements the SNI features, but uses private symbols to avoid exposing the functionality at this time. Note that to properly test this feature, we need to add a way for `connectTls` to specify a hostname. This is something that should be pushed into that API at a later time as well. ```ts Deno.test( { permissions: { net: true, read: true } }, async function listenResolver() { let sniRequests = []; const listener = Deno.listenTls({ hostname: "localhost", port: 0, [resolverSymbol]: (sni: string) => { sniRequests.push(sni); return { cert, key, }; }, }); { const conn = await Deno.connectTls({ hostname: "localhost", [serverNameSymbol]: "server-1", port: listener.addr.port, }); const [_handshake, serverConn] = await Promise.all([ conn.handshake(), listener.accept(), ]); conn.close(); serverConn.close(); } { const conn = await Deno.connectTls({ hostname: "localhost", [serverNameSymbol]: "server-2", port: listener.addr.port, }); const [_handshake, serverConn] = await Promise.all([ conn.handshake(), listener.accept(), ]); conn.close(); serverConn.close(); } assertEquals(sniRequests, ["server-1", "server-2"]); listener.close(); }, ); ``` --------- Signed-off-by: Matt Mastracci <matthew@mastracci.com>
author: Matt Mastracci <matthew@mastracci.com> 2024-05-09 10:54:47 -0600
committer: GitHub <noreply@github.com> 2024-05-09 10:54:47 -0600
commit: 684377c92c88877d97c522bcc4cd6a4175277dfb (patch)
tree: 192e84a3f3daceb5bd47d787eedba32416dcba3c /ext/kv/remote.rs
parent: dc29986ae591425f4a653a7155d41d75fbf7931a (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/ext/kv/remote.rs b/ext/kv/remote.rs
index 88127fc8f..9d5e099c7 100644
--- a/ext/kv/remote.rs
+++ b/ext/kv/remote.rs
@@ -16,7 +16,7 @@ use deno_fetch::CreateHttpClientOptions;
 use deno_tls::rustls::RootCertStore;
 use deno_tls::Proxy;
 use deno_tls::RootCertStoreProvider;
-use deno_tls::TlsKey;
+use deno_tls::TlsKeys;
 use denokv_remote::MetadataEndpoint;
 use denokv_remote::Remote;
 use url::Url;
@@ -27,7 +27,7 @@ pub struct HttpOptions {
   pub root_cert_store_provider: Option<Arc<dyn RootCertStoreProvider>>,
   pub proxy: Option<Proxy>,
   pub unsafely_ignore_certificate_errors: Option<Vec<String>>,
-  pub client_cert_chain_and_key: Option<TlsKey>,
+  pub client_cert_chain_and_key: TlsKeys,
 }
 
 impl HttpOptions {
@@ -135,7 +135,11 @@ impl<P: RemoteDbHandlerPermissions + 'static> DatabaseHandler
         unsafely_ignore_certificate_errors: options
           .unsafely_ignore_certificate_errors
           .clone(),
-        client_cert_chain_and_key: options.client_cert_chain_and_key.clone(),
+        client_cert_chain_and_key: options
+          .client_cert_chain_and_key
+          .clone()
+          .try_into()
+          .unwrap(),
         pool_max_idle_per_host: None,
         pool_idle_timeout: None,
         http1: false,
author	Matt Mastracci <matthew@mastracci.com>	2024-05-09 10:54:47 -0600
committer	GitHub <noreply@github.com>	2024-05-09 10:54:47 -0600
commit	684377c92c88877d97c522bcc4cd6a4175277dfb (patch)
tree	192e84a3f3daceb5bd47d787eedba32416dcba3c /ext/kv/remote.rs
parent	dc29986ae591425f4a653a7155d41d75fbf7931a (diff)