diff options
| author | Sean Michael Wykes <sean.wykes@nascent.com.br> | 2021-08-25 09:25:12 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-25 14:25:12 +0200 |
| commit | dccf4cbe36d66140f9e35a6ee755c3c440d745f9 (patch) | |
| tree | af3114696f1649d77474f69cd3361d58aea34275 /ext/net/ops_tls.rs | |
| parent | 5d814a4c244d489b4ae51002a0cf1d3c2fe16058 (diff) | |
feat(fetch): mTLS client certificates for fetch() (#11721)
This commit adds support for specifying client certificates when using fetch, by means of `Deno.createHttpClient`.
Diffstat (limited to 'ext/net/ops_tls.rs')
| -rw-r--r-- | ext/net/ops_tls.rs | 52 |
1 files changed, 2 insertions, 50 deletions
diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs index b89cc4005..58b6147cb 100644 --- a/ext/net/ops_tls.rs +++ b/ext/net/ops_tls.rs @@ -37,9 +37,8 @@ use deno_core::RcRef; use deno_core::Resource; use deno_core::ResourceId; use deno_tls::create_client_config; -use deno_tls::rustls::internal::pemfile::certs; -use deno_tls::rustls::internal::pemfile::pkcs8_private_keys; -use deno_tls::rustls::internal::pemfile::rsa_private_keys; +use deno_tls::load_certs; +use deno_tls::load_private_keys; use deno_tls::rustls::Certificate; use deno_tls::rustls::ClientConfig; use deno_tls::rustls::ClientSession; @@ -58,7 +57,6 @@ use std::cell::RefCell; use std::convert::From; use std::fs::File; use std::io; -use std::io::BufRead; use std::io::BufReader; use std::io::ErrorKind; use std::ops::Deref; @@ -862,58 +860,12 @@ where }) } -fn load_certs(reader: &mut dyn BufRead) -> Result<Vec<Certificate>, AnyError> { - let certs = certs(reader) - .map_err(|_| custom_error("InvalidData", "Unable to decode certificate"))?; - - if certs.is_empty() { - let e = custom_error("InvalidData", "No certificates found in cert file"); - return Err(e); - } - - Ok(certs) -} - fn load_certs_from_file(path: &str) -> Result<Vec<Certificate>, AnyError> { let cert_file = File::open(path)?; let reader = &mut BufReader::new(cert_file); load_certs(reader) } -fn key_decode_err() -> AnyError { - custom_error("InvalidData", "Unable to decode key") -} - -fn key_not_found_err() -> AnyError { - custom_error("InvalidData", "No keys found in key file") -} - -/// Starts with -----BEGIN RSA PRIVATE KEY----- -fn load_rsa_keys(mut bytes: &[u8]) -> Result<Vec<PrivateKey>, AnyError> { - let keys = rsa_private_keys(&mut bytes).map_err(|_| key_decode_err())?; - Ok(keys) -} - -/// Starts with -----BEGIN PRIVATE KEY----- -fn load_pkcs8_keys(mut bytes: &[u8]) -> Result<Vec<PrivateKey>, AnyError> { - let keys = pkcs8_private_keys(&mut bytes).map_err(|_| key_decode_err())?; - Ok(keys) -} - -fn load_private_keys(bytes: &[u8]) -> Result<Vec<PrivateKey>, AnyError> { - let mut keys = load_rsa_keys(bytes)?; - - if keys.is_empty() { - keys = load_pkcs8_keys(bytes)?; - } - - if keys.is_empty() { - return Err(key_not_found_err()); - } - - Ok(keys) -} - fn load_private_keys_from_file( path: &str, ) -> Result<Vec<PrivateKey>, AnyError> { |