1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
use std::path::PathBuf;
use clap::Subcommand;
use tokio::io::AsyncReadExt;
use crate::{Backend, BackendError, CustomServer};
/// Command to manage the server's certificates.
#[derive(Subcommand, Debug)]
pub enum Command {
/// Installs a self-signed certificate into the server. The server can only
/// have one global self-signed certificate. If `overwrite` is true, any
/// existing certificate will be overwritten. If `overwrite` is false and a
/// certificate already exists, an error is returned.
InstallSelfSigned {
/// If an existing certificate exists, an error will be returned unless
/// `overwrite` is true.
#[clap(short, long)]
overwrite: bool,
},
/// Installs a X.509 certificate and associated private key in PEM format.
///
/// This command reads the files `private_key` and `certificate` and
/// executes
/// [`Server::install_certificate()`](crate::CustomServer::install_certificate).
Install {
/// A private key used to generate `certificate` in the ASCII PEM format.
private_key: PathBuf,
/// The X.509 certificate chain in the ASCII PEM format.
certificate_chain: PathBuf,
},
}
impl Command {
/// Executes the command.
pub async fn execute<B: Backend>(
&self,
server: &CustomServer<B>,
) -> Result<(), BackendError<B::Error>> {
match self {
Self::InstallSelfSigned { overwrite } => {
server.install_self_signed_certificate(*overwrite).await?;
}
Self::Install {
private_key,
certificate_chain,
} => {
let mut private_key_file = tokio::fs::File::open(&private_key).await?;
let mut private_key = Vec::new();
private_key_file.read_to_end(&mut private_key).await?;
let mut certificate_chain_file = tokio::fs::File::open(&certificate_chain).await?;
let mut certificate_chain = Vec::new();
certificate_chain_file
.read_to_end(&mut certificate_chain)
.await?;
server
.install_pem_certificate(&certificate_chain, &private_key)
.await?;
}
}
Ok(())
}
}