split tls client/server/self signed

quic-forward-proxy-integration-test/tests/quic_proxy_tpu_integrationtest.rs

@@ -39,9 +39,9 @@ use tokio::time::{sleep};
 use tracing_subscriber::util::SubscriberInitExt;
 
 use tracing_subscriber::fmt::format::FmtSpan;
-use solana_lite_rpc_quic_forward_proxy::outbound::validator_identity::ValidatorIdentity;
 use solana_lite_rpc_quic_forward_proxy::proxy::QuicForwardProxy;
-use solana_lite_rpc_quic_forward_proxy::tls_config_provicer::SelfSignedTlsConfigProvider;
+use solana_lite_rpc_quic_forward_proxy::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
+use solana_lite_rpc_quic_forward_proxy::validator_identity::ValidatorIdentity;
 use solana_lite_rpc_services::tpu_utils::quic_proxy_connection_manager::QuicProxyConnectionManager;
 
 #[derive(Copy, Clone, Debug)]

quic-forward-proxy/src/inbound/proxy_listener.rs

@@ -9,7 +9,8 @@ use solana_sdk::packet::PACKET_DATA_SIZE;
 use tokio::sync::mpsc::Sender;
 use crate::proxy_request_format::TpuForwardingRequest;
 use crate::shared::ForwardPacket;
-use crate::tls_config_provider::{ProxyTlsConfigProvider, SelfSignedTlsConfigProvider};
+use crate::tls_config_provider_server::ProxyTlsConfigProvider;
+use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
 use crate::util::FALLBACK_TIMEOUT;
 
 // TODO tweak this value - solana server sets 256

quic-forward-proxy/src/lib.rs

@@ -1,7 +1,9 @@
 // lib definition is only required for 'quic-forward-proxy-integration-test' to work
 
 mod quic_util;
-pub mod tls_config_provider;
+pub mod tls_config_provider_client;
+pub mod tls_config_provider_server;
+pub mod tls_self_signed_pair_generator;
 pub mod proxy;
 pub mod validator_identity;
 pub mod proxy_request_format;

quic-forward-proxy/src/main.rs

@@ -5,13 +5,15 @@ use dotenv::dotenv;
 use log::info;
 use crate::cli::{Args, get_identity_keypair};
 use crate::proxy::QuicForwardProxy;
+use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
 
-pub use tls_config_provider::SelfSignedTlsConfigProvider;
 use crate::validator_identity::ValidatorIdentity;
 
 
 pub mod quic_util;
-pub mod tls_config_provider;
+pub mod tls_config_provider_client;
+pub mod tls_config_provider_server;
+pub mod tls_self_signed_pair_generator;
 pub mod proxy;
 pub mod proxy_request_format;
 pub mod cli;

quic-forward-proxy/src/proxy.rs

@@ -7,7 +7,7 @@ use anyhow::{anyhow, bail, Context};
 use log::{debug, error, info, trace};
 use crate::inbound::proxy_listener;
 use crate::outbound::tx_forward::tx_forwarder;
-use crate::tls_config_provider::{ProxyTlsConfigProvider, SelfSignedTlsConfigProvider};
+use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
 use crate::util::AnyhowJoinHandle;
 use crate::validator_identity::ValidatorIdentity;
 

quic-forward-proxy/src/test_client/quic_test_client.rs

@@ -13,8 +13,8 @@ use tokio::io::AsyncWriteExt;
 use crate::proxy_request_format::TpuForwardingRequest;
 use crate::tpu_quic_connection_utils::SkipServerVerification;
 use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
-use crate::tls_config_provider::ProxyTlsConfigProvider;
-
+use crate::tls_config_provider_server::ProxyTlsConfigProvider;
+use crate::tls_config_provider_client::TpuCLientTlsConfigProvider;
 use crate::util::AnyhowJoinHandle;
 
 pub struct QuicTestClient {
@@ -25,7 +25,7 @@ pub struct QuicTestClient {
 impl QuicTestClient {
     pub async fn new_with_endpoint(
         proxy_addr: SocketAddr,
-        tls_config: &impl ProxyTlsConfigProvider
+        tls_config: &impl TpuCLientTlsConfigProvider
     ) -> anyhow::Result<Self> {
         let client_crypto = tls_config.get_client_tls_crypto_config();
         let mut endpoint = quinn::Endpoint::client("0.0.0.0:0".parse().unwrap())?;

quic-forward-proxy/src/tls_config_provider_client.rs

@@ -0,0 +1,13 @@
+use std::sync::atomic::{AtomicU32, Ordering};
+use rcgen::generate_simple_self_signed;
+use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
+use crate::tpu_quic_connection_utils::SkipServerVerification;
+use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
+
+// TODO integrate with tpu_service + quic_connection_utils
+
+pub trait TpuCLientTlsConfigProvider {
+
+    fn get_client_tls_crypto_config(&self) -> ClientConfig;
+
+}

quic-forward-proxy/src/tls_config_provider_server.rs

@@ -0,0 +1,13 @@
+use std::sync::atomic::{AtomicU32, Ordering};
+use rcgen::generate_simple_self_signed;
+use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
+use crate::tpu_quic_connection_utils::SkipServerVerification;
+use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
+
+// TODO integrate with tpu_service + quic_connection_utils
+
+pub trait ProxyTlsConfigProvider {
+
+    fn get_server_tls_crypto_config(&self) -> ServerConfig;
+
+}

quic-forward-proxy/src/tls_self_signed_pair_generator.rs

@@ -3,26 +3,21 @@ use rcgen::generate_simple_self_signed;
 use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
 use crate::tpu_quic_connection_utils::SkipServerVerification;
 use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
-
-// TODO integrate with tpu_service + quic_connection_utils
-
-pub trait ProxyTlsConfigProvider {
-
-    fn get_client_tls_crypto_config(&self) -> ClientConfig;
-    fn get_server_tls_crypto_config(&self) -> ServerConfig;
-
-}
+use crate::tls_config_provider_client::TpuCLientTlsConfigProvider;
+use crate::tls_config_provider_server::ProxyTlsConfigProvider;
 
 impl ProxyTlsConfigProvider for SelfSignedTlsConfigProvider {
-    fn get_client_tls_crypto_config(&self) -> ClientConfig {
-        self.client_crypto.clone()
-    }
-
     fn get_server_tls_crypto_config(&self) -> ServerConfig {
         self.server_crypto.clone()
     }
 }
 
+impl TpuCLientTlsConfigProvider for SelfSignedTlsConfigProvider {
+    fn get_client_tls_crypto_config(&self) -> ClientConfig {
+        self.client_crypto.clone()
+    }
+}
+
 pub struct SelfSignedTlsConfigProvider {
     hostnames: Vec<String>,
     certificate: Certificate,
@@ -85,3 +80,4 @@ impl SelfSignedTlsConfigProvider {
 
 }
 
+