Fix formatting

README.md

@@ -259,6 +259,7 @@ sudo kill -HUP $(pidof trusttunnel_endpoint)
 ```
 
 This will:
+
 - Reload `hosts.toml` (TLS certificate and hostname settings)
 - Reload `credentials.toml` (client usernames, passwords, and connection limits)
 - Apply changes atomically without dropping existing connections

endpoint/src/main.rs

@@ -427,16 +427,14 @@ fn main() {
                 if let Some(ref creds_path) = credentials_file_path {
                     info!("Reloading credentials");
                     match settings::load_clients_from_file(creds_path) {
-                        Ok(clients) => {
-                            match core.reload_credentials(&clients, listen_address) {
-                                Ok(()) => {
-                                    info!("Credentials are successfully reloaded");
-                                }
-                                Err(e) => {
-                                    error!("Failed to apply new credentials: {}", e);
-                                }
+                        Ok(clients) => match core.reload_credentials(&clients, listen_address) {
+                            Ok(()) => {
+                                info!("Credentials are successfully reloaded");
                             }
-                        }
+                            Err(e) => {
+                                error!("Failed to apply new credentials: {}", e);
+                            }
+                        },
                         Err(e) => {
                             error!("Failed to reload credentials file: {}", e);
                         }

lib/src/core.rs

@@ -1,3 +1,4 @@
+use crate::authentication::registry_based::RegistryBasedAuthenticator;
 use crate::connection_limiter::ConnectionLimiter;
 use crate::direct_forwarder::DirectForwarder;
 use crate::forwarder::Forwarder;
@@ -20,7 +21,6 @@ use crate::{
     authentication, http_ping_handler, http_speedtest_handler, log_id, log_utils, metrics,
     net_utils, reverse_proxy, rules, settings, tls_demultiplexer, tunnel,
 };
-use crate::authentication::registry_based::RegistryBasedAuthenticator;
 use socket2::{Domain, Protocol as SockProtocol, SockRef, Socket, Type};
 use std::io;
 use std::io::ErrorKind;
@@ -249,15 +249,26 @@ impl Core {
             ));
         }
 
-        let new_authenticator: Option<Arc<dyn authentication::Authenticator>> = if !clients.is_empty() {
-            Some(Arc::new(RegistryBasedAuthenticator::new(clients)))
-        } else {
-            None
-        };
+        let new_authenticator: Option<Arc<dyn authentication::Authenticator>> =
+            if !clients.is_empty() {
+                Some(Arc::new(RegistryBasedAuthenticator::new(clients)))
+            } else {
+                None
+            };
 
-        let new_limiter = if self.context.settings.default_max_http2_conns_per_client.is_some()
-            || self.context.settings.default_max_http3_conns_per_client.is_some()
-            || clients.iter().any(|c| c.max_http2_conns.is_some() || c.max_http3_conns.is_some())
+        let new_limiter = if self
+            .context
+            .settings
+            .default_max_http2_conns_per_client
+            .is_some()
+            || self
+                .context
+                .settings
+                .default_max_http3_conns_per_client
+                .is_some()
+            || clients
+                .iter()
+                .any(|c| c.max_http2_conns.is_some() || c.max_http3_conns.is_some())
         {
             Some(Arc::new(ConnectionLimiter::new(
                 clients,

lib/src/settings.rs

@@ -1427,7 +1427,7 @@ where
 }
 
 thread_local! {
-    static CREDENTIALS_FILE_PATH: RefCell<Option<String>> = RefCell::new(None);
+    static CREDENTIALS_FILE_PATH: RefCell<Option<String>> = const { RefCell::new(None) };
 }
 
 pub fn load_clients_from_file(path: &str) -> Result<Vec<Client>, String> {

lib/src/tunnel.rs

@@ -200,11 +200,7 @@ impl Tunnel {
                     .auth_info()
                     .map(|x| x.map(authentication::Source::into_owned));
                 let authenticator = context.authenticator.read().unwrap().clone();
-                let forwarder_auth = match (
-                    auth_info,
-                    authentication_policy,
-                    authenticator,
-                ) {
+                let forwarder_auth = match (auth_info, authentication_policy, authenticator) {
                     (Ok(Some(source)), _, Some(ref authenticator)) => {
                         match authenticator.authenticate(&source, &log_id) {
                             Status::Pass => Some(source),

lib/tests/credential_reload.rs

@@ -18,10 +18,9 @@ password = "initial_pass"
     .unwrap();
     credentials_file.flush().unwrap();
 
-    let initial_clients = trusttunnel::settings::load_clients_from_file(
-        credentials_file.path().to_str().unwrap(),
-    )
-    .unwrap();
+    let initial_clients =
+        trusttunnel::settings::load_clients_from_file(credentials_file.path().to_str().unwrap())
+            .unwrap();
 
     assert_eq!(initial_clients.len(), 1);
     assert_eq!(initial_clients[0].username, "initial_user");