fix(core): gate RawKey TLS helpers on quinn+iroh for clean iroh-only builds (task: core/review-core)

Review of alknet-core found one issue: RawKeyCertResolver/Ed25519SigningKey/
std::path::Path were gated on #[cfg(feature = "iroh")] but only used in the
quinn TLS path — caused clippy -D warnings failures on iroh-only builds.
Re-gated to #[cfg(all(feature = "quinn", feature = "iroh"))]. All 4 feature
combinations now pass clippy -D warnings; 55 tests pass.

Review confirmed: all core types, config, auth, and endpoint implementations
are spec-conformant.
This commit is contained in:
2026-06-23 15:32:23 +00:00

View File

@@ -6,7 +6,7 @@ use std::collections::HashMap;
use std::io; use std::io;
#[cfg(any(feature = "quinn", feature = "iroh"))] #[cfg(any(feature = "quinn", feature = "iroh"))]
use std::net::SocketAddr; use std::net::SocketAddr;
#[cfg(any(feature = "quinn", feature = "iroh"))] #[cfg(feature = "quinn")]
use std::path::Path; use std::path::Path;
use std::sync::Arc; use std::sync::Arc;
#[cfg(any(feature = "quinn", feature = "iroh"))] #[cfg(any(feature = "quinn", feature = "iroh"))]
@@ -562,12 +562,12 @@ fn generate_self_signed_cert() -> Result<SelfSignedCert, EndpointError> {
}) })
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
struct RawKeyCertResolver { struct RawKeyCertResolver {
key: Arc<rustls::sign::CertifiedKey>, key: Arc<rustls::sign::CertifiedKey>,
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl RawKeyCertResolver { impl RawKeyCertResolver {
fn new(secret_key: &iroh::SecretKey) -> Self { fn new(secret_key: &iroh::SecretKey) -> Self {
let signing_key = Arc::new(Ed25519SigningKey::new(secret_key.clone())); let signing_key = Arc::new(Ed25519SigningKey::new(secret_key.clone()));
@@ -580,7 +580,7 @@ impl RawKeyCertResolver {
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl rustls::server::ResolvesServerCert for RawKeyCertResolver { impl rustls::server::ResolvesServerCert for RawKeyCertResolver {
fn resolve( fn resolve(
&self, &self,
@@ -594,27 +594,27 @@ impl rustls::server::ResolvesServerCert for RawKeyCertResolver {
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl std::fmt::Debug for RawKeyCertResolver { impl std::fmt::Debug for RawKeyCertResolver {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.debug_struct("RawKeyCertResolver").finish() f.debug_struct("RawKeyCertResolver").finish()
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
#[derive(Clone)] #[derive(Clone)]
struct Ed25519SigningKey { struct Ed25519SigningKey {
key: iroh::SecretKey, key: iroh::SecretKey,
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl std::fmt::Debug for Ed25519SigningKey { impl std::fmt::Debug for Ed25519SigningKey {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.debug_struct("Ed25519SigningKey").finish() f.debug_struct("Ed25519SigningKey").finish()
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl Ed25519SigningKey { impl Ed25519SigningKey {
fn new(key: iroh::SecretKey) -> Self { fn new(key: iroh::SecretKey) -> Self {
Self { key } Self { key }
@@ -628,7 +628,7 @@ impl Ed25519SigningKey {
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl rustls::sign::SigningKey for Ed25519SigningKey { impl rustls::sign::SigningKey for Ed25519SigningKey {
fn choose_scheme( fn choose_scheme(
&self, &self,
@@ -650,7 +650,7 @@ impl rustls::sign::SigningKey for Ed25519SigningKey {
} }
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
impl rustls::sign::Signer for Ed25519SigningKey { impl rustls::sign::Signer for Ed25519SigningKey {
fn sign(&self, message: &[u8]) -> Result<Vec<u8>, rustls::Error> { fn sign(&self, message: &[u8]) -> Result<Vec<u8>, rustls::Error> {
Ok(self.key.sign(message).to_bytes().to_vec()) Ok(self.key.sign(message).to_bytes().to_vec())
@@ -823,7 +823,7 @@ mod tests {
assert!(auth.tls_client_fingerprint.is_some()); assert!(auth.tls_client_fingerprint.is_some());
} }
#[cfg(feature = "iroh")] #[cfg(all(feature = "quinn", feature = "iroh"))]
#[test] #[test]
fn raw_key_cert_resolver_only_raw_public_keys() { fn raw_key_cert_resolver_only_raw_public_keys() {
use rustls::server::ResolvesServerCert; use rustls::server::ResolvesServerCert;