Proxmox-Port/proxmox
1
0
Fork 0
forked from proxmox-mirrors/proxmox
Code Pull Requests Activity

rest-server: tls-acceptor: allow setting cipher suite and list

Browse Source 
just pass the strings to openssl

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller 2023-01-30 10:19:46 +01:00
parent 6873926dea
commit b4bb3feef3
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
proxmox-rest-server/src/connection.rs
View File

@ -34,13 +34,16 @@ enum Tls {
/// A builder for an `SslAcceptor` which can be configured either with certificates (or path to PEM /// A builder for an `SslAcceptor` which can be configured either with certificates (or path to PEM
/// files), or otherwise builds a self-signed certificate on the fly (mostly useful during /// files), or otherwise builds a self-signed certificate on the fly (mostly useful during
/// development). /// development).
#[derive(Default)]
pub struct TlsAcceptorBuilder { pub struct TlsAcceptorBuilder {
tls: Option<Tls>, tls: Option<Tls>,
cipher_suites: Option<String>,
cipher_list: Option<String>,
} }
impl TlsAcceptorBuilder { impl TlsAcceptorBuilder {
pub fn new() -> Self { pub fn new() -> Self {
Self { tls: None } Self::default()
} }
pub fn certificate(mut self, key: PKey<Private>, cert: X509) -> Self { pub fn certificate(mut self, key: PKey<Private>, cert: X509) -> Self {
@ -57,6 +60,16 @@ impl TlsAcceptorBuilder {
self self
} }
pub fn cipher_suites(mut self, suites: String) -> Self {
self.cipher_suites = Some(suites);
self
}
pub fn cipher_list(mut self, list: String) -> Self {
self.cipher_list = Some(list);
self
}
pub fn build(self) -> Result<SslAcceptor, Error> { pub fn build(self) -> Result<SslAcceptor, Error> {
let mut acceptor = SslAcceptor::mozilla_intermediate_v5(SslMethod::tls()).unwrap(); let mut acceptor = SslAcceptor::mozilla_intermediate_v5(SslMethod::tls()).unwrap();