apple/swift-nio-extras
1
0
Fork 0
mirror of https://github.com/apple/swift-nio-extras.git synced 2025-05-14 08:52:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Rename targets and move around some code

Browse Source 
bla
This commit is contained in:
Gus Cairo 2025-05-02 14:26:18 +01:00
parent ef889248dc
commit ca5962e07b
4 changed files with 51 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Package.swift
View File

@ -258,7 +258,7 @@ var targets: [PackageDescription.Target] = [
swiftSettings: strictConcurrencySettings swiftSettings: strictConcurrencySettings
), ),
.target( .target(
name: "NIOCertificateHotReloading", name: "NIOCertificateReloading",
dependencies: [ dependencies: [
.product(name: "NIOCore", package: "swift-nio"), .product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOSSL", package: "swift-nio-ssl"), .product(name: "NIOSSL", package: "swift-nio-ssl"),
@ -269,9 +269,9 @@ var targets: [PackageDescription.Target] = [
swiftSettings: strictConcurrencySettings swiftSettings: strictConcurrencySettings
), ),
.testTarget( .testTarget(
name: "NIOCertificateHotReloadingTests", name: "NIOCertificateReloadingTests",
dependencies: [ dependencies: [
"NIOCertificateHotReloading", "NIOCertificateReloading",
.product(name: "NIOCore", package: "swift-nio"), .product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOSSL", package: "swift-nio-ssl"), .product(name: "NIOSSL", package: "swift-nio-ssl"),
.product(name: "X509", package: "swift-certificates"), .product(name: "X509", package: "swift-certificates"),
@ -292,7 +292,7 @@ let package = Package(
.library(name: "NIOHTTPTypesHTTP2", targets: ["NIOHTTPTypesHTTP2"]), .library(name: "NIOHTTPTypesHTTP2", targets: ["NIOHTTPTypesHTTP2"]),
.library(name: "NIOResumableUpload", targets: ["NIOResumableUpload"]), .library(name: "NIOResumableUpload", targets: ["NIOResumableUpload"]),
.library(name: "NIOHTTPResponsiveness", targets: ["NIOHTTPResponsiveness"]), .library(name: "NIOHTTPResponsiveness", targets: ["NIOHTTPResponsiveness"]),
.library(name: "NIOCertificateHotReloading", targets: ["NIOCertificateHotReloading"]), .library(name: "NIOCertificateReloading", targets: ["NIOCertificateReloading"]),
], ],
dependencies: [ dependencies: [
.package(url: "https://github.com/apple/swift-nio.git", from: "2.81.0"), .package(url: "https://github.com/apple/swift-nio.git", from: "2.81.0"),

42
Sources/NIOCertificateReloading/CertificateReloader.swift Normal file
View File

@ -0,0 +1,42 @@
//===----------------------------------------------------------------------===//
//
// This source file is part of the SwiftNIO open source project
//
// Copyright (c) 2025 Apple Inc. and the SwiftNIO project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of SwiftNIO project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//
import NIOSSL
/// A protocol that defines a certificate reloader.
///
/// A certificate reloader is a service that can provide you with updated versions of a certificate and private key pair, in
/// the form of a `NIOSSLContextConfigurationOverride`, which will be used when performing a TLS handshake in NIO.
/// Each implementation can choose how to observe for changes, but they all require an ``sslContextConfigurationOverride``
/// to be exposed.
@available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *)
public protocol CertificateReloader: Sendable {
/// A `NIOSSLContextConfigurationOverride` that will be used as part of the NIO application's TLS configuration.
/// Its certificate and private key will be kept up-to-date via whatever mechanism the specific ``CertificateReloader``
/// implementation provides.
var sslContextConfigurationOverride: NIOSSLContextConfigurationOverride { get }
}
extension TLSConfiguration {
/// Configure a ``CertificateReloader`` to observe updates for the certificate and key pair used.
/// - Parameter reloader: A ``CertificateReloader`` to watch for certificate and key pair updates.
/// - Returns: A `TLSConfiguration` that reloads the certificate and key used in its SSL handshake.
@available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *)
mutating public func setCertificateReloader(_ reloader: some CertificateReloader) -> Self {
self.sslContextCallback = { _, promise in
promise.succeed(reloader.sslContextConfigurationOverride)
}
return self
}
}

35
Sources/NIOCertificateHotReloading/NIOCertificateHotReloading.swift → Sources/NIOCertificateReloading/TimedCertificateReloader.swift
View File

@ -26,20 +26,6 @@ import FoundationEssentials
import Foundation import Foundation
#endif #endif
/// A protocol that defines a certificate reloader.
///
/// A certificate reloader is a service that can provide you with updated versions of a certificate and private key pair, in
/// the form of a `NIOSSLContextConfigurationOverride`, which will be used when performing a TLS handshake in NIO.
/// Each implementation can choose how to observe for changes, but they all require an ``sslContextConfigurationOverride``
/// to be exposed.
@available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *)
public protocol CertificateReloader: Sendable {
/// A `NIOSSLContextConfigurationOverride` that will be used as part of the NIO application's TLS configuration.
/// Its certificate and private key will be kept up-to-date via whatever mechanism the specific ``CertificateReloader``
/// implementation provides.
var sslContextConfigurationOverride: NIOSSLContextConfigurationOverride { get async }
}
/// A ``TimedCertificateReloader`` is an implementation of a ``CertificateReloader``, where the certificate and private /// A ``TimedCertificateReloader`` is an implementation of a ``CertificateReloader``, where the certificate and private
/// key pair is updated at a fixed interval from the file path or memory location configured. /// key pair is updated at a fixed interval from the file path or memory location configured.
/// ///
@ -218,10 +204,10 @@ public struct TimedCertificateReloader: CertificateReloader {
private func reloadPair() { private func reloadPair() {
if let certificateBytes = self.loadCertificate(), if let certificateBytes = self.loadCertificate(),
let keyBytes = self.loadPrivateKey(), let keyBytes = self.loadPrivateKey(),
let certificate = self.parseCertificate(from: certificateBytes), let certificate = self.parseCertificate(from: certificateBytes),
let key = self.parsePrivateKey(from: keyBytes), let key = self.parsePrivateKey(from: keyBytes),
key.publicKey.isValidSignature(certificate.signature, for: certificate) key.publicKey.isValidSignature(certificate.signature, for: certificate)
{ {
self.attemptToUpdatePair(certificate: certificate, key: key) self.attemptToUpdatePair(certificate: certificate, key: key)
} }
@ -302,18 +288,5 @@ public struct TimedCertificateReloader: CertificateReloader {
} }
} }
extension TLSConfiguration {
/// Configure a ``CertificateReloader`` to observe updates for the certificate and key pair used.
/// - Parameter reloader: A ``CertificateReloader`` to watch for certificate and key pair updates.
/// - Returns: A `TLSConfiguration` that reloads the certificate and key used in its SSL handshake.
@available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *)
mutating public func setCertificateReloader(_ reloader: some CertificateReloader) -> Self {
self.sslContextCallback = { _, promise in
promise.completeWithTask { await reloader.sslContextConfigurationOverride }
}
return self
}
}
@available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *) @available(macOS 11.0, iOS 14, tvOS 14, watchOS 7, *)
extension TimedCertificateReloader: Service {} extension TimedCertificateReloader: Service {}

2
Tests/NIOCertificateHotReloadingTests/NIOCertificateHotReloadingTests.swift → Tests/NIOCertificateReloadingTests/TimedCertificateReloaderTests.swift
View File

@ -13,7 +13,7 @@
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
@preconcurrency import Crypto @preconcurrency import Crypto
import NIOCertificateHotReloading import NIOCertificateReloading
import NIOConcurrencyHelpers import NIOConcurrencyHelpers
import NIOSSL import NIOSSL
import SwiftASN1 import SwiftASN1