File: UniversalBootstrapSupport.swift

package info (click to toggle)
swiftlang 6.0.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,519,992 kB
  • sloc: cpp: 9,107,863; ansic: 2,040,022; asm: 1,135,751; python: 296,500; objc: 82,456; f90: 60,502; lisp: 34,951; pascal: 19,946; sh: 18,133; perl: 7,482; ml: 4,937; javascript: 4,117; makefile: 3,840; awk: 3,535; xml: 914; fortran: 619; cs: 573; ruby: 573
file content (68 lines) | stat: -rw-r--r-- 3,108 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
//===----------------------------------------------------------------------===//
//
// This source file is part of the SwiftNIO open source project
//
// Copyright (c) 2020 Apple Inc. and the SwiftNIO project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of SwiftNIO project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

import NIO

/// A TLS provider to bootstrap TLS-enabled connections with `NIOClientTCPBootstrap`.
///
/// Example:
///
///     // TLS setup.
///     let configuration = TLSConfiguration.makeClientConfiguration()
///     let sslContext = try NIOSSLContext(configuration: configuration)
///
///     // Creating the "universal bootstrap" with the `NIOSSLClientTLSProvider`.
///     let tlsProvider = NIOSSLClientTLSProvider<ClientBootstrap>(context: sslContext, serverHostname: "example.com")
///     let bootstrap = NIOClientTCPBootstrap(ClientBootstrap(group: group), tls: tlsProvider)
///
///     // Bootstrapping a connection using the "universal bootstrapping mechanism"
///     let connection = bootstrap.enableTLS()
///                          .connect(to: "example.com")
///                          .wait()
public struct NIOSSLClientTLSProvider<Bootstrap: NIOClientTCPBootstrapProtocol>: NIOClientTLSProvider {
    public typealias Bootstrap = Bootstrap

    let context: NIOSSLContext
    let serverHostname: String?
    let customVerificationCallback: NIOSSLCustomVerificationCallback?

    /// Construct the TLS provider with the necessary configuration.
    public init(context: NIOSSLContext,
                serverHostname: String?,
                customVerificationCallback: NIOSSLCustomVerificationCallback? = nil) throws {
        try serverHostname.map {
            try $0.validateSNIServerName()
        }
        self.context = context
        self.serverHostname = serverHostname
        self.customVerificationCallback = customVerificationCallback
    }

    /// Enable TLS on the bootstrap. This is not a function you will typically call as a user, it is called by
    /// `NIOClientTCPBootstrap`.
    public func enableTLS(_ bootstrap: Bootstrap) -> Bootstrap {
        // NIOSSLClientHandler.init only throws because of `malloc` error and invalid SNI hostnames. We want to crash
        // on malloc error and we pre-checked the SNI hostname in `init` so that should be impossible here.
        return bootstrap.protocolHandlers {
            if let customVerificationCallback = self.customVerificationCallback {
                return [try! NIOSSLClientHandler(context: self.context,
                                                 serverHostname: self.serverHostname,
                                                 customVerificationCallback: customVerificationCallback)]
            } else {
                return [try! NIOSSLClientHandler(context: self.context,
                                                 serverHostname: self.serverHostname)]
            }
        }
    }
}