Try with rustls

trunk
Alona EM 2022-01-11 03:15:46 +00:00
parent 7791a63b1f
commit 98cc51d860
7 changed files with 119 additions and 18 deletions

10
Cargo.lock generated
View File

@ -302,6 +302,7 @@ dependencies = [
"anyhow", "anyhow",
"rustls 0.20.2", "rustls 0.20.2",
"trust-dns-resolver", "trust-dns-resolver",
"uuid",
"webpki-roots 0.22.2", "webpki-roots 0.22.2",
] ]
@ -740,6 +741,15 @@ dependencies = [
"percent-encoding", "percent-encoding",
] ]
[[package]]
name = "uuid"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7"
dependencies = [
"getrandom",
]
[[package]] [[package]]
name = "wasi" name = "wasi"
version = "0.10.2+wasi-snapshot-preview1" version = "0.10.2+wasi-snapshot-preview1"

View File

@ -9,6 +9,7 @@ edition = "2021"
anyhow = "1.0.52" anyhow = "1.0.52"
rustls = "0.20.2" rustls = "0.20.2"
trust-dns-resolver = { version = "0.20.3", features = ["dns-over-rustls"] } trust-dns-resolver = { version = "0.20.3", features = ["dns-over-rustls"] }
uuid = { version = "0.8.2", features = ["v4"] }
webpki-roots = "0.22.2" webpki-roots = "0.22.2"
[features] [features]

BIN
cert.der Normal file

Binary file not shown.

34
cert.pem Normal file
View File

@ -0,0 +1,34 @@
-----BEGIN CERTIFICATE-----
MIIF2zCCA8OgAwIBAgIURpfIXSwLAPxhV6n+0+UjlOPY6O4wDQYJKoZIhvcNAQEL
BQAwfTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEZha2UxDTALBgNVBAcMBEZha2Ux
DTALBgNVBAoMBEZha2UxDTALBgNVBAsMBEZha2UxETAPBgNVBAMMCHRlc3Rjb3Nt
MR8wHQYJKoZIhvcNAQkBFhBmYWtlQGV4YW1wbGUuY29tMB4XDTIyMDExMDE5NTY1
NloXDTMyMDEwODE5NTY1NlowfTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEZha2Ux
DTALBgNVBAcMBEZha2UxDTALBgNVBAoMBEZha2UxDTALBgNVBAsMBEZha2UxETAP
BgNVBAMMCHRlc3Rjb3NtMR8wHQYJKoZIhvcNAQkBFhBmYWtlQGV4YW1wbGUuY29t
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApOvSNXKfiebuQeXd/pKz
JHAr1+kEtaZJ3v1pQnn90+vShjsYUNy9in0wag/WOfPIMBwOVH60r4s3+U4jZ+s5
EZdlRvhIYPTM4FXVaPtXybOMRWJyS4/ZZjznGtxkYrlhFiI1zEdBXcgdj8Gb3/L9
oognfavDHlex8DkouQnFf0tg1EOZja6ZKho384U/Go3Ic9Y7MZ4Nz9KCFIOT8BWw
gPREUgpG3fTHWRIh3q6aLJKBuoxzmJNGXgim1HosDqzcRZwPMqTRoynyy3/AVcAV
AKX2Cu8F+yIIzarnFPBehKT+yQJ9iG/bjvn6VSVN3i2JBYhBE0hPN9XfCFS6CLVN
jN+UHNwQIkO80lEA9l9tgybQKux1l3VuhswYkyUgpo2kpFOQfd25JWQinPiY7hcT
uQE4E+dxKQk16UqHn4VWsFxtqfdSFPKGbVLP+HKWXyY1OyUu1T7HatWuOU7E4j57
GzMW1L3fPaMp2ffZHtrDkGFaj2Cvy+BC0XOmAHd/grSbDHM1AwR7Q4+xLu+vyOMz
sGahITWTqfXtxlzRRcVqmga3QjWDbvnouiqKZsq6eqB0LchL7IfAYqBVjvTRnZkn
q8gNOh45TLYeiFjIF+qV4fwvyH69bwN8JnF7t+6bRGag5ouY7UsqAZ1zYpD8Fe6g
gDoo9T4ZHcJTqv8rRbpAEOsCAwEAAaNTMFEwHQYDVR0OBBYEFOG1DQYCTZrz6Zlg
jALTpMV//FVvMB8GA1UdIwQYMBaAFOG1DQYCTZrz6ZlgjALTpMV//FVvMA8GA1Ud
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBACe7jM2GxzYRh7YPxFRoldyY
pAHPLRTGf7Ye+poiC8wdu94WJN60bFfvoCPIR+ZN2/KnCTDHr7C2ZdoVhLFe9/wS
qmlDISIOTfEU9yeMcPAeC+GzanHVuwckNrUNZAQzWp0m5Kvgm/NL+5xIBkh1Y8R1
BaL9XW2Kb4pvfYgjBCz57vrfOe4M8Bpxv2kIZ6e+yNGxWr7scHK2N3rEEfehDfMu
ntGGSeDJ7keF6EwhsyuHYi1xrq0b3gRrUPewspxHsRCvXRlA9bSsEBeS6HyLPwq+
bPVNRWCIfUp38GrL9GkOQNc8rKmjBV6mTrYdSRNLOCHgP0AFoCGWRBZan1KXPlqG
8FJIVthjkShjiyXy7eoaQ3fb9+T1wzBQuUchziU2IEOL//vyA30aNvMn8C4XBOyD
NwYQS7zxRWFhgqYxr4umoQMVkeWhyO11em3ugMMN6sI43S9S2+Pnh8oSPTpGsfqD
lLikJHxjI9zueZdX68dHx/mfuIUo85gP1x6q4U/8GkI4NnxZSvETycsFBVLAgY79
IBWTqQyA9CiT3vIcCTNE6PXvOg5+t/6ooe+XfpdQKvZGhDuduLrGiK9MN7HMjEi1
ZTtrIiXu0coY4AXFT/6SQbb4ZaQ+97Oc49EYi+GYI9m5jNZU+loMT+0O9eyXOo/v
yPTFWAiof8wFX9XiL1Yb
-----END CERTIFICATE-----

BIN
cert.pfx Normal file

Binary file not shown.

52
key.pem Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCk69I1cp+J5u5B
5d3+krMkcCvX6QS1pkne/WlCef3T69KGOxhQ3L2KfTBqD9Y588gwHA5UfrSvizf5
TiNn6zkRl2VG+Ehg9MzgVdVo+1fJs4xFYnJLj9lmPOca3GRiuWEWIjXMR0FdyB2P
wZvf8v2iiCd9q8MeV7HwOSi5CcV/S2DUQ5mNrpkqGjfzhT8ajchz1jsxng3P0oIU
g5PwFbCA9ERSCkbd9MdZEiHerposkoG6jHOYk0ZeCKbUeiwOrNxFnA8ypNGjKfLL
f8BVwBUApfYK7wX7IgjNqucU8F6EpP7JAn2Ib9uO+fpVJU3eLYkFiEETSE831d8I
VLoItU2M35Qc3BAiQ7zSUQD2X22DJtAq7HWXdW6GzBiTJSCmjaSkU5B93bklZCKc
+JjuFxO5ATgT53EpCTXpSoefhVawXG2p91IU8oZtUs/4cpZfJjU7JS7VPsdq1a45
TsTiPnsbMxbUvd89oynZ99ke2sOQYVqPYK/L4ELRc6YAd3+CtJsMczUDBHtDj7Eu
76/I4zOwZqEhNZOp9e3GXNFFxWqaBrdCNYNu+ei6Kopmyrp6oHQtyEvsh8BioFWO
9NGdmSeryA06HjlMth6IWMgX6pXh/C/Ifr1vA3wmcXu37ptEZqDmi5jtSyoBnXNi
kPwV7qCAOij1PhkdwlOq/ytFukAQ6wIDAQABAoICAF6HPImeFYu5bb8fvkp4U24D
TV4IFcb4dUb3ASo1OiQJ+zUtEhbnL0z9zI4+XZACBzBsJFqR9YbYyVCAVRLvZFqM
6GPxU6sfJX9AM35k8kCORUxPzSs6XGWZau2efXuIvfktyqA4B2N1nFwVoP6QDIjo
eZoypTfzE+6ZFJpa23THA80mohDvjqLvPDq8mRrjQY4DsRITgd8ozZ5sfJMUG4MO
f0p20X/PGaQYHInCkmQR5YHDl05Qu/iSBO2sySvwMKFFfgCNMAvRs3So2NlNq7wf
ZBOIRWlYbKtV1fXOgJ6O4+rbHpDhbHtbFP1Q0H0UpIEjRAmFXMKoN5pS1f6/zJ6S
xPIDDgCn+xiyDQs6ZLazquGS8p3B8gb5En6jGrJGStU5XXXTFUOfeh6FOi4wuWIl
eD2Tx1ezgrXnVJERwgRHCtktNr/vm8PLPUmHq3tzT+6nKUN1cyjuE+MowGHlrpt1
KkQpW/ur33tFXEN45kVZPCMFlTfzPYxVUKUoFZbWSy2AzLa1XVsxMncqrOkSshjO
rHSEX2WIbRMkQ57usIHnFPuHVriy8vFbpCbVkplSAxZBGK0ns4b+PCGrmdgsdhfu
Eqh5Hmxt4V9baVgjMzQwB826bBveQRZh0/dHaVCPEtGt5OF/QPbd+zDQSjvkqV0E
Np2sW09A7lXkXvugd2xBAoIBAQDQkyMgWUHzVR4oBaC7RNsrBtkrhKXtnEF69laH
SmSygKVYvnlZggaS/Fmr7OURk9GnFTNhPURcZIPI+JXQ0OPEDQFetlOzeDvGX87a
fuDtTzd/9Z4SPM/SR8e0vhgdiO1UWJ4TgxblqVM2SLUDj4sqx6hOjkPA6+qDrFeb
fn6CcjL5ERuf1RFTQLPD5vHtHNoBvOuxBRUXui5inxpj6FL2HwVfeTu3BKL4zkC9
CykBQtP5U629+yEdQPoxvDtm9XH5BCxCVCnsSJgni/PeR0yZ4oRl6sq9M44k/b3E
cO3YYms6OYLgkNfxmUyCLO8pEBxtie17EMoYlmISc8LdLZIDAoIBAQDKa6qY2TnZ
omPl/eNl16+kG2QkTZiMs9CfVUUOaYjOs9LmFZne/2/NREM/2t9EM2theu8NwtlX
uP0x40TfAAwMs9rkAq5rtagcF3rgmMs9iXPhr+Npjx1O7rVyo4RwDS+rukB0VFIV
uL4dn/IwHSk6KXxj4exh0RXANXOWjb2XzIVTQI7Bmxj5zeYvw5SH78burs/b7SJL
eDzWaW5l2NoN500woyEfNbuOKe+Fe8AMa+Bj+x6XY551BScKswDVmvTk2mUJ1f73
bfylFfPSOFfq5wdKq0op5jVvA8MvbCvrCrWmUzwLxU9MJ59J+F4XEDOCxqdZh3GJ
3IhzGncsNwT5AoIBAQCtNQM+oeD6yfy5D7Ni0NOQ76b5VLbWk6RtEJTa1RS6h8rH
36W2hxwehCGTfK7d4fuA3UJFxjM25uHpy0XemxoKfSJeHNt1dqttGbMWD7eKWvaj
9LzIOGf9IE7f8dzk6gjsuorLeVlSb0MDGW34/wN7C0LhuZLaaw/dOQmnv2wft+ZM
n8BpAu/YSyr9zJOrbQI93z17S9UwVxSeIbIwtYXvjeNQXcURP3B3XhC07MeonG6b
5rmpwxrEyGj9VGugHMQBH04B5xLJfZ+dd8OVG3CpekqouEqUxHOOlIk60O0zfMe/
GnNtOduabsvybo5Nc2uoK5pjUJYDxR68ZBW2x1kxAoIBAQCExx0viAZPgRsAaYr5
agLXpfQJcDDp0qW9bmSO8KEB3akwreiyA2JmBioKv9qGVShR2B7pKvAAf+LuD4NE
uDYvOucRe8TH+G/ehXRf0To4EmrGFucYff0eoqy5FxOvoKatgc33wLvbbcSfkCSA
dRBvC3mB11eETm9zFlzM3AsKgOjP1GAQFVnLuskMecF7bchTFq5YN/OwB534k04M
VrOqPRhAGDGI1GlD9rQcHjG6tCSL0NSfP4RYhFm4xfR9KVkMqUlvq0TFLwtzirPW
KIlbF9KLo1JRq6VPPeuRtuYUFoFTKfQQUIwUi0UMc3Pcsw7m8MIjkxnh8Zw7zJdx
lGGZAoIBABL4uQTpSEEybo7A2DufWxBTII6howGNBrE8iBYvr/dRv2vzJTNraTHB
cqJiAtTkKhL/2/46x4SizOGi5fCtvrSKCGhA8PFjiFYxKkot23SvWkZzaBRft25J
cVbt/44jDcIKbeLLmUJZ+eZEyU00PjTP1/1WxRLU1h4xmyjObW1Xp9W5vzlVEb7x
mp8tBI7pnFwC4OZd1rB1C3Y/OafwW4m1bp6t1wYQd6iS4DU6YCYfTWjySrDNLzMN
nZJkxHmcjfcFSajgG/rgPffxDIGMLEqLIgrRZvckmxXI52kkFIka3MIuXmb97Pfd
i+VOI1c9EUtr4NnRNVqcz8dqjoCdjSY=
-----END PRIVATE KEY-----

View File

@ -5,37 +5,33 @@ use std::{
sync::Arc, sync::Arc,
}; };
use anyhow::{bail, Result}; use anyhow::{bail, Context, Result};
use rustls::{ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, StreamOwned}; use rustls::{ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, StreamOwned};
use trust_dns_resolver::{ use trust_dns_resolver::{
config::{ResolverConfig, ResolverOpts}, config::{ResolverConfig, ResolverOpts},
Resolver, Resolver,
}; };
use uuid::Uuid;
fn main() -> Result<()> { fn main() -> Result<()> {
let (port, host) = resolve_dns("daeken.dev")?; let (port, host) = resolve_dns("daeken.dev")?;
dbg!(port); dbg!(&port);
dbg!(host); dbg!(&host);
let (port, host) = (443, "example.com".to_owned());
let tls_conf = Arc::new(make_tls_config()); let tls_conf = Arc::new(make_tls_config());
let mut tls_conn = make_tls_connection(tls_conf, &host, port)?; let mut tls_conn = make_tls_connection(tls_conf, &host, port)
.with_context(|| format!("Can't connect to {}:{}", host, port))?;
tls_conn.write_all( // let uuid =// Uuid::new_v4();
concat!(
"GET / HTTP/1.1\r\n",
"Host: example.com\r\n",
"Connection: close\r\n",
"\r\n"
)
.as_bytes(),
)?;
let mut pt = Vec::new(); let uuid = [b'a'; 16];
tls_conn.read_to_end(&mut pt)?; dbg!(&uuid);
println!("{}", String::from_utf8(pt)?); tls_conn.write_all(&uuid).context("Can't write UUID")?;
let mut serv_uuid = [0; 16];
tls_conn.read_exact(&mut serv_uuid)?;
dbg!(serv_uuid);
Ok(()) Ok(())
} }
@ -76,6 +72,14 @@ fn make_tls_config() -> ClientConfig {
ta.name_constraints, ta.name_constraints,
) )
})); }));
let cert_dir = include_bytes!("../cert.der");
assert_eq!(
root_store.add_parsable_certificates(&[cert_dir.to_vec()]),
(1, 0)
);
let config = rustls::ClientConfig::builder() let config = rustls::ClientConfig::builder()
.with_safe_defaults() .with_safe_defaults()
.with_root_certificates(root_store) .with_root_certificates(root_store)