From 672f8b6541f9688f309db7e32163eeccdc16ee31 Mon Sep 17 00:00:00 2001 From: Adam Fowler Date: Tue, 11 Feb 2025 10:47:25 +0000 Subject: [PATCH] Added TLSChannelConfiguration with async callbacks --- .../TLSChannelConfiguration.swift | 21 +++++++++++++++++++ Sources/HummingbirdTLS/TLSChannel.swift | 21 +++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/Sources/HummingbirdHTTP2/TLSChannelConfiguration.swift b/Sources/HummingbirdHTTP2/TLSChannelConfiguration.swift index c1440e9d..c02c1fdd 100644 --- a/Sources/HummingbirdHTTP2/TLSChannelConfiguration.swift +++ b/Sources/HummingbirdHTTP2/TLSChannelConfiguration.swift @@ -18,6 +18,7 @@ import NIOSSL /// TLSChannel configuration public struct TLSChannelConfiguration: Sendable { public typealias CustomVerificationCallback = @Sendable ([NIOSSLCertificate], EventLoopPromise) -> Void + // Manages configuration of TLS public var tlsConfiguration: TLSConfiguration /// A custom verification callback that allows completely overriding the certificate verification logic of BoringSSL. @@ -38,6 +39,26 @@ public struct TLSChannelConfiguration: Sendable { self.tlsConfiguration = tlsConfiguration self.customVerificationCallback = customVerificationCallback } + + /// Initialize TLSChannel.Configuration + /// + /// For details on custom callback see swift-nio-ssl documentation + /// https://swiftpackageindex.com/apple/swift-nio-ssl/main/documentation/niossl/niosslcustomverificationcallback + /// - Parameters: + /// - tlsConfiguration: TLS configuration + /// - customAsyncVerificationCallback: A custom verification callback that allows completely overriding the + /// certificate verification logic of BoringSSL. + public init( + tlsConfiguration: TLSConfiguration, + customAsyncVerificationCallback: @escaping @Sendable ([NIOSSLCertificate]) async throws -> NIOSSLVerificationResult + ) { + self.tlsConfiguration = tlsConfiguration + self.customVerificationCallback = { certificates, promise in + promise.completeWithTask { + try await customAsyncVerificationCallback(certificates) + } + } + } } /// TLSChannel configuration diff --git a/Sources/HummingbirdTLS/TLSChannel.swift b/Sources/HummingbirdTLS/TLSChannel.swift index 5c33866d..f15857fc 100644 --- a/Sources/HummingbirdTLS/TLSChannel.swift +++ b/Sources/HummingbirdTLS/TLSChannel.swift @@ -95,6 +95,7 @@ extension ServerChildChannel { /// TLSChannel configuration public struct TLSChannelConfiguration: Sendable { public typealias CustomVerificationCallback = @Sendable ([NIOSSLCertificate], EventLoopPromise) -> Void + // Manages configuration of TLS public let tlsConfiguration: TLSConfiguration /// A custom verification callback that allows completely overriding the certificate verification logic of BoringSSL. @@ -115,6 +116,26 @@ public struct TLSChannelConfiguration: Sendable { self.tlsConfiguration = tlsConfiguration self.customVerificationCallback = customVerificationCallback } + + /// Initialize TLSChannel.Configuration + /// + /// For details on custom callback see swift-nio-ssl documentation + /// https://swiftpackageindex.com/apple/swift-nio-ssl/main/documentation/niossl/niosslcustomverificationcallback + /// - Parameters: + /// - tlsConfiguration: TLS configuration + /// - customAsyncVerificationCallback: A custom verification callback that allows completely overriding the + /// certificate verification logic of BoringSSL. + public init( + tlsConfiguration: TLSConfiguration, + customAsyncVerificationCallback: @escaping @Sendable ([NIOSSLCertificate]) async throws -> NIOSSLVerificationResult + ) { + self.tlsConfiguration = tlsConfiguration + self.customVerificationCallback = { certificates, promise in + promise.completeWithTask { + try await customAsyncVerificationCallback(certificates) + } + } + } } /// TLSChannel configuration