Implement manual TLS certificate loading and ServerConfig construction
- Add tls::config module with manual TLS mode support - Load PEM certificates and private keys via rustls_pemfile - Build ServerConfig with aws_lc_rs crypto provider - Restrict cipher suites per ADR-012 (4 TLS 1.2 ECDHE-AES-GCM + all TLS 1.3) - Configure protocol versions to TLS 1.2 and 1.3 only - Implement SniCertResolver for multi-domain manual mode - Unknown SNI hostname fails handshake (no default cert) - Add tempfile dev dependency for test file operations - Add 11 unit tests covering config, cipher suites, and SNI resolution
This commit is contained in:
7
Cargo.lock
generated
7
Cargo.lock
generated
@@ -1531,6 +1531,7 @@ dependencies = [
|
||||
"rustls-pki-types",
|
||||
"serde",
|
||||
"signal-hook",
|
||||
"tempfile",
|
||||
"thiserror 2.0.18",
|
||||
"tokio",
|
||||
"tokio-rustls",
|
||||
@@ -1907,15 +1908,15 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "tempfile"
|
||||
version = "3.27.0"
|
||||
version = "3.20.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd"
|
||||
checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1"
|
||||
dependencies = [
|
||||
"fastrand",
|
||||
"getrandom 0.3.4",
|
||||
"once_cell",
|
||||
"rustix",
|
||||
"windows-sys 0.61.2",
|
||||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
||||
Reference in New Issue
Block a user