search

FlorianUekermann / rustls-acme

Apache License 2.0
136 stars 27 forks source link

Please implement `Debug` for `AcmeAcceptor` #48

Closed joshtriplett closed 11 months ago

joshtriplett commented 11 months ago

Please consider providing a Debug implementation for AcmeAcceptor, to make it possible to #[derive(Debug)] for a struct containing AcmeAcceptor.

FlorianUekermann commented 11 months ago

Will do. However, as a low-level API user, you may want to skip AcmeAcceptor and do it like this: https://github.com/FlorianUekermann/rustls-acme/blob/main/examples/low_level_async_rustls.rs

I would like to AcmeAcceptor in favor of the approach in that example, which also solves your async/futures-rustls problem from #46 (I just haven't gotten around to adding some helper functions to make the slightly verbose bits a little more convenient).

joshtriplett commented 11 months ago

@FlorianUekermann I ended up doing this, for trillium-acme (and accepting the use of futures-rustls): https://github.com/trillium-rs/trillium/pull/377/files#diff-902678dccdaf31ecba2b5681427a8ea78425590bda68b8a3b937e49db415e57e

Is there a better way to do that that doesn't use AcmeAcceptor?

FlorianUekermann commented 10 months ago

If you don't care about futures-rustls vs async-rustls anymore, using AcmeAcceptor gets you there with the less code, but it's no different under the hood than doing it like this: https://github.com/FlorianUekermann/rustls-acme/blob/main/examples/low_level_async_rustls.rs

The benefit of the latter solution is that whether you use futures-rustls, async-rustls or anything else is your choice. The only difference is that you have to check yourself if an incoming connection is a tls-alpn-01 validation attempt or not, by looking at the client hello (the if in the example above). If it's a validation attempt you just use another resolver/rustls-config to accept the request. That's all there is to AcmeAcceptor.

As I mentioned, I'll probably deprecate AcmeAcceptor, but whether you avoid using it now doesn't matter unless you benefit from avoiding futures-rustls.

joshtriplett commented 10 months ago

@FlorianUekermann I realize that I could do what AcmeAcceptor does by hand, but it's nice to have the higher-level handling and not have to check the incoming connection to see if it's a challenge. Perhaps there's another high-level API that would make that even easier with even less verbose code, but AcmeAcceptor seems easier than doing it by hand.

FlorianUekermann commented 10 months ago

Yes, the low-level API without AcmeAcceptor is a bit verbose. I added some helper functions/methods and updated all low-level examples accordingly. Maybe that helps a bit.

https://github.com/FlorianUekermann/rustls-acme/blob/main/examples/low_level.rs