LCOV - code coverage report
Current view: top level - proxy/src/tls - client_config.rs (source / functions) Coverage Total Hit
Test: 07bee600374ccd486c69370d0972d9035964fe68.info Lines: 38.7 % 31 12
Test Date: 2025-02-20 13:11:02 Functions: 50.0 % 4 2

            Line data    Source code
       1              : use std::sync::Arc;
       2              : 
       3              : use anyhow::bail;
       4              : use rustls::crypto::ring;
       5              : 
       6            0 : pub(crate) fn load_certs() -> anyhow::Result<Arc<rustls::RootCertStore>> {
       7            0 :     let der_certs = rustls_native_certs::load_native_certs();
       8            0 : 
       9            0 :     if !der_certs.errors.is_empty() {
      10            0 :         bail!("could not parse certificates: {:?}", der_certs.errors);
      11            0 :     }
      12            0 : 
      13            0 :     let mut store = rustls::RootCertStore::empty();
      14            0 :     store.add_parsable_certificates(der_certs.certs);
      15            0 :     Ok(Arc::new(store))
      16            0 : }
      17              : 
      18              : /// Loads the root certificates and constructs a client config suitable for connecting to the neon compute.
      19              : /// This function is blocking.
      20            0 : pub fn compute_client_config_with_root_certs() -> anyhow::Result<rustls::ClientConfig> {
      21            0 :     Ok(
      22            0 :         rustls::ClientConfig::builder_with_provider(Arc::new(ring::default_provider()))
      23            0 :             .with_safe_default_protocol_versions()
      24            0 :             .expect("ring should support the default protocol versions")
      25            0 :             .with_root_certificates(load_certs()?)
      26            0 :             .with_no_client_auth(),
      27              :     )
      28            0 : }
      29              : 
      30              : #[cfg(test)]
      31           28 : pub fn compute_client_config_with_certs(
      32           28 :     certs: impl IntoIterator<Item = rustls::pki_types::CertificateDer<'static>>,
      33           28 : ) -> rustls::ClientConfig {
      34           28 :     let mut store = rustls::RootCertStore::empty();
      35           28 :     store.add_parsable_certificates(certs);
      36           28 : 
      37           28 :     rustls::ClientConfig::builder_with_provider(Arc::new(ring::default_provider()))
      38           28 :         .with_safe_default_protocol_versions()
      39           28 :         .expect("ring should support the default protocol versions")
      40           28 :         .with_root_certificates(store)
      41           28 :         .with_no_client_auth()
      42           28 : }
        

Generated by: LCOV version 2.1-beta