From 8d7cf42088d52c19e39d1ef62e64e80c81485d9a Mon Sep 17 00:00:00 2001 From: Kevin Meziere Date: Thu, 8 Feb 2024 12:33:14 -0800 Subject: [PATCH 1/2] allow multiple key types --- dropshot/src/server.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dropshot/src/server.rs b/dropshot/src/server.rs index 795530cf..37ae2d93 100644 --- a/dropshot/src/server.rs +++ b/dropshot/src/server.rs @@ -518,8 +518,7 @@ impl TryFrom<&ConfigTls> for rustls::ServerConfig { .map_err(|err| { io_error(format!("failed to load certificate: {err}")) })?; - let keys = rustls_pemfile::pkcs8_private_keys(&mut key_reader) - .collect::, _>>() + let keys = rustls_pemfile::private_key(&mut key_reader) .map_err(|err| { io_error(format!("failed to load private key: {err}")) })?; From 7da42530da0aea939995d552132b1e706f508bad Mon Sep 17 00:00:00 2001 From: Kevin Meziere Date: Fri, 9 Feb 2024 13:50:37 -0800 Subject: [PATCH 2/2] Fix for lint --- dropshot/src/server.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/dropshot/src/server.rs b/dropshot/src/server.rs index 37ae2d93..14d62f0f 100644 --- a/dropshot/src/server.rs +++ b/dropshot/src/server.rs @@ -519,18 +519,19 @@ impl TryFrom<&ConfigTls> for rustls::ServerConfig { io_error(format!("failed to load certificate: {err}")) })?; let keys = rustls_pemfile::private_key(&mut key_reader) + //.collect::, _>>() .map_err(|err| { io_error(format!("failed to load private key: {err}")) })?; let mut keys_iter = keys.into_iter(); let (Some(private_key), None) = (keys_iter.next(), keys_iter.next()) else { - return Err(io_error("expected a single private key".into())); + return Err(io_error("expected a single private key".to_owned())); }; let mut cfg = rustls::ServerConfig::builder() .with_no_client_auth() - .with_single_cert(certs, private_key.into()) + .with_single_cert(certs, private_key) .expect("bad certificate/key"); cfg.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()]; Ok(cfg)