server: add Debug bound to ResolvesServerCert

This commit adds a `Debug` bound to the `ResolvesServerCert` trait in
addition to `Send` and `Sync`. Types implementing this trait are updated
to either derive `Debug` or implement it by hand as appropriate.

fuzz/fuzzers/server.rs

@@ -9,6 +9,7 @@ use rustls::{ServerConfig, ServerConnection};
 use std::io;
 use std::sync::Arc;
 
+#[derive(Debug)]
 struct Fail;
 
 impl ResolvesServerCert for Fail {

rustls/examples/internal/bogo_shim.rs

@@ -305,6 +305,7 @@ impl Debug for FixedSignatureSchemeSigningKey {
     }
 }
 
+#[derive(Debug)]
 struct FixedSignatureSchemeServerCertResolver {
     resolver: Arc<dyn server::ResolvesServerCert>,
     scheme: SignatureScheme,

rustls/src/crypto/signer.rs

@@ -31,7 +31,7 @@ pub trait Signer: Debug + Send + Sync {
 
 /// A packaged-together certificate chain, matching `SigningKey` and
 /// optional stapled OCSP response and/or SCT list.
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub struct CertifiedKey {
     /// The certificate chain.
     pub cert: Vec<CertificateDer<'static>>,

rustls/src/server/handy.rs

@@ -97,6 +97,7 @@ impl server::ProducesTickets for NeverProducesTickets {
 }
 
 /// Something which always resolves to the same cert chain.
+#[derive(Debug)]
 pub(super) struct AlwaysResolvesChain(Arc<sign::CertifiedKey>);
 
 impl AlwaysResolvesChain {
@@ -137,6 +138,7 @@ impl server::ResolvesServerCert for AlwaysResolvesChain {
 
 /// Something that resolves do different cert chains/keys based
 /// on client-supplied server name (via SNI).
+#[derive(Debug)]
 pub struct ResolvesServerCertUsingSni {
     by_name: collections::HashMap<String, Arc<sign::CertifiedKey>>,
 }

rustls/src/server/server_conn.rs

@@ -107,7 +107,7 @@ pub trait ProducesTickets: Debug + Send + Sync {
 /// For applications that use async I/O and need to do I/O to choose
 /// a certificate (for instance, fetching a certificate from a data store),
 /// the [`Acceptor`] interface is more suitable.
-pub trait ResolvesServerCert: Send + Sync {
+pub trait ResolvesServerCert: Debug + Send + Sync {
     /// Choose a certificate chain and matching key given simplified
     /// ClientHello information.
     ///

rustls/tests/api.rs

@@ -769,7 +769,7 @@ fn test_tls13_late_plaintext_alert() {
     assert_eq!(server.process_new_packets(), Err(Error::DecryptError));
 }
 
-#[derive(Default)]
+#[derive(Default, Debug)]
 struct ServerCheckCertResolve {
     expected_sni: Option<String>,
     expected_sigalgs: Option<Vec<SignatureScheme>>,
@@ -953,6 +953,7 @@ fn server_cert_resolve_reduces_sigalgs_for_ecdsa_ciphersuite() {
     );
 }
 
+#[derive(Debug)]
 struct ServerCheckNoSni {}
 
 impl ResolvesServerCert for ServerCheckNoSni {