Compare commits

...

2 Commits

Author SHA1 Message Date
Alona EM 3aa8364f47 Use native-tls. Get UUIDs!
This will get changed back once daeken does a properly signed cert, as native doesnt support 1.3
2022-01-11 03:45:34 +00:00
Alona EM 98cc51d860 Try with rustls 2022-01-11 03:15:46 +00:00
3 changed files with 238 additions and 58 deletions

187
Cargo.lock generated
View File

@ -19,6 +19,12 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "autocfg"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
[[package]] [[package]]
name = "base64" name = "base64"
version = "0.13.0" version = "0.13.0"
@ -55,6 +61,22 @@ version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]]
name = "core-foundation"
version = "0.9.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6888e10551bb93e424d8df1d07f1a8b4fceb0001a3a4b048bfc47554946f47b3"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]]
name = "core-foundation-sys"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc"
[[package]] [[package]]
name = "data-encoding" name = "data-encoding"
version = "2.3.2" version = "2.3.2"
@ -73,6 +95,30 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "fastrand"
version = "1.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "779d043b6a0b90cc4c0ed7ee380a6504394cee7efd7db050e3774eee387324b2"
dependencies = [
"instant",
]
[[package]]
name = "foreign-types"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
dependencies = [
"foreign-types-shared",
]
[[package]]
name = "foreign-types-shared"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
[[package]] [[package]]
name = "form_urlencoded" name = "form_urlencoded"
version = "1.0.1" version = "1.0.1"
@ -295,13 +341,32 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "native-tls"
version = "0.2.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "48ba9f7719b5a0f42f338907614285fb5fd70e53858141f69898a1fb7203b24d"
dependencies = [
"lazy_static",
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
"security-framework",
"security-framework-sys",
"tempfile",
]
[[package]] [[package]]
name = "nemicosm" name = "nemicosm"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"rustls 0.20.2", "native-tls",
"trust-dns-resolver", "trust-dns-resolver",
"uuid",
"webpki-roots 0.22.2", "webpki-roots 0.22.2",
] ]
@ -330,6 +395,39 @@ version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5" checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5"
[[package]]
name = "openssl"
version = "0.10.38"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0c7ae222234c30df141154f159066c5093ff73b63204dcda7121eb082fc56a95"
dependencies = [
"bitflags",
"cfg-if",
"foreign-types",
"libc",
"once_cell",
"openssl-sys",
]
[[package]]
name = "openssl-probe"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "28988d872ab76095a6e6ac88d99b54fd267702734fd7ffe610ca27f533ddb95a"
[[package]]
name = "openssl-sys"
version = "0.9.72"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7e46109c383602735fa0a2e48dd2b7c892b048e1bf69e5c3b1d804b7d9c203cb"
dependencies = [
"autocfg",
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]] [[package]]
name = "parking_lot" name = "parking_lot"
version = "0.11.2" version = "0.11.2"
@ -373,6 +471,12 @@ version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[[package]]
name = "pkg-config"
version = "0.3.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "58893f751c9b0412871a09abd62ecd2a00298c6c83befa223ef98c52aef40cbe"
[[package]] [[package]]
name = "ppv-lite86" name = "ppv-lite86"
version = "0.2.16" version = "0.2.16"
@ -452,6 +556,15 @@ dependencies = [
"bitflags", "bitflags",
] ]
[[package]]
name = "remove_dir_all"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7"
dependencies = [
"winapi",
]
[[package]] [[package]]
name = "resolv-conf" name = "resolv-conf"
version = "0.7.0" version = "0.7.0"
@ -486,20 +599,18 @@ dependencies = [
"base64", "base64",
"log", "log",
"ring", "ring",
"sct 0.6.1", "sct",
"webpki 0.21.4", "webpki 0.21.4",
] ]
[[package]] [[package]]
name = "rustls" name = "schannel"
version = "0.20.2" version = "0.1.19"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d37e5e2290f3e040b594b1a9e04377c2c671f1a1cfd9bfdef82106ac1c113f84" checksum = "8f05ba609c234e60bee0d547fe94a4c7e9da733d1c962cf6e59efa4cd9c8bc75"
dependencies = [ dependencies = [
"log", "lazy_static",
"ring", "winapi",
"sct 0.7.0",
"webpki 0.22.0",
] ]
[[package]] [[package]]
@ -519,13 +630,26 @@ dependencies = [
] ]
[[package]] [[package]]
name = "sct" name = "security-framework"
version = "0.7.0" version = "2.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" checksum = "525bc1abfda2e1998d152c45cf13e696f76d0a4972310b22fac1658b05df7c87"
dependencies = [ dependencies = [
"ring", "bitflags",
"untrusted", "core-foundation",
"core-foundation-sys",
"libc",
"security-framework-sys",
]
[[package]]
name = "security-framework-sys"
version = "2.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a9dd14d83160b528b7bfd66439110573efcfbe281b17fc2ca9f39f550d619c7e"
dependencies = [
"core-foundation-sys",
"libc",
] ]
[[package]] [[package]]
@ -568,6 +692,20 @@ dependencies = [
"unicode-xid", "unicode-xid",
] ]
[[package]]
name = "tempfile"
version = "3.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4"
dependencies = [
"cfg-if",
"fastrand",
"libc",
"redox_syscall",
"remove_dir_all",
"winapi",
]
[[package]] [[package]]
name = "thiserror" name = "thiserror"
version = "1.0.30" version = "1.0.30"
@ -624,7 +762,7 @@ version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bc6844de72e57df1980054b38be3a9f4702aba4858be64dd700181a8a6d0e1b6" checksum = "bc6844de72e57df1980054b38be3a9f4702aba4858be64dd700181a8a6d0e1b6"
dependencies = [ dependencies = [
"rustls 0.19.1", "rustls",
"tokio", "tokio",
"webpki 0.21.4", "webpki 0.21.4",
] ]
@ -668,7 +806,7 @@ dependencies = [
"lru-cache", "lru-cache",
"parking_lot", "parking_lot",
"resolv-conf", "resolv-conf",
"rustls 0.19.1", "rustls",
"smallvec", "smallvec",
"thiserror", "thiserror",
"tokio", "tokio",
@ -688,7 +826,7 @@ dependencies = [
"futures-io", "futures-io",
"futures-util", "futures-util",
"log", "log",
"rustls 0.19.1", "rustls",
"tokio", "tokio",
"tokio-rustls", "tokio-rustls",
"trust-dns-proto", "trust-dns-proto",
@ -740,6 +878,21 @@ dependencies = [
"percent-encoding", "percent-encoding",
] ]
[[package]]
name = "uuid"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7"
dependencies = [
"getrandom",
]
[[package]]
name = "vcpkg"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
[[package]] [[package]]
name = "wasi" name = "wasi"
version = "0.10.2+wasi-snapshot-preview1" version = "0.10.2+wasi-snapshot-preview1"

View File

@ -7,8 +7,10 @@ edition = "2021"
[dependencies] [dependencies]
anyhow = "1.0.52" anyhow = "1.0.52"
rustls = "0.20.2" native-tls = "0.2.8"
#rustls = "0.20.2"
trust-dns-resolver = { version = "0.20.3", features = ["dns-over-rustls"] } trust-dns-resolver = { version = "0.20.3", features = ["dns-over-rustls"] }
uuid = { version = "0.8.2", features = ["v4"] }
webpki-roots = "0.22.2" webpki-roots = "0.22.2"
[features] [features]

View File

@ -5,37 +5,39 @@ use std::{
sync::Arc, sync::Arc,
}; };
use anyhow::{bail, Result}; use anyhow::{bail, Context, Result};
use rustls::{ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, StreamOwned}; use native_tls::{TlsConnector, TlsConnectorBuilder};
// use rustls::{ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, StreamOwned};
use trust_dns_resolver::{ use trust_dns_resolver::{
config::{ResolverConfig, ResolverOpts}, config::{ResolverConfig, ResolverOpts},
Resolver, Resolver,
}; };
use uuid::Uuid;
fn main() -> Result<()> { fn main() -> Result<()> {
let (port, host) = resolve_dns("daeken.dev")?; let (port, host) = resolve_dns("daeken.dev")?;
dbg!(port); dbg!(&port);
dbg!(host); dbg!(&host);
let (port, host) = (443, "example.com".to_owned()); // let tls_conf = Arc::new(make_tls_config());
let mut tls_conn = make_tls_connection(&host, port)
.with_context(|| format!("Can't connect to {}:{}", host, port))?;
let tls_conf = Arc::new(make_tls_config()); // let uuid =// Uuid::new_v4();
let mut tls_conn = make_tls_connection(tls_conf, &host, port)?;
tls_conn.write_all( let uuid = [b'a'; 16];
concat!( dbg!(&uuid);
"GET / HTTP/1.1\r\n", tls_conn.write_all(&uuid).context("Can't write UUID")?;
"Host: example.com\r\n",
"Connection: close\r\n",
"\r\n"
)
.as_bytes(),
)?;
let mut pt = Vec::new(); let mut serv_uuid = [0; 16];
tls_conn.read_to_end(&mut pt)?; tls_conn.read_exact(&mut serv_uuid)?;
println!("{}", String::from_utf8(pt)?); dbg!(serv_uuid);
// Hangs ATM
let mut new = [0; 100];
let len = tls_conn.read(&mut new)?;
dbg!(&new[..len]);
Ok(()) Ok(())
} }
@ -67,34 +69,57 @@ fn make_dns_client() -> Result<Resolver> {
)?) )?)
} }
fn make_tls_config() -> ClientConfig { // fn make_tls_config() -> ClientConfig {
let mut root_store = RootCertStore::empty(); // let mut root_store = RootCertStore::empty();
root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| { // root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
OwnedTrustAnchor::from_subject_spki_name_constraints( // OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject, // ta.subject,
ta.spki, // ta.spki,
ta.name_constraints, // ta.name_constraints,
) // )
})); // }));
let config = rustls::ClientConfig::builder()
.with_safe_defaults()
.with_root_certificates(root_store)
.with_no_client_auth();
config // let cert_dir = include_bytes!("../cert.der");
}
// assert_eq!(
// root_store.add_parsable_certificates(&[cert_dir.to_vec()]),
// (1, 0)
// );
// let config = rustls::ClientConfig::builder()
// .with_safe_defaults()
// .with_root_certificates(root_store)
// .with_no_client_auth();
// config
// }
// fn make_tls_connection(
// config: Arc<ClientConfig>,
// server: &str,
// port: u16,
// ) -> Result<impl Read + Write> {
// let server_name = server.try_into()?;
// let conn = ClientConnection::new(config, server_name)?;
// let sock = TcpStream::connect((server, port))?;
// let stream = StreamOwned::new(conn, sock);
// Ok(stream)
// }
fn make_tls_connection( fn make_tls_connection(
config: Arc<ClientConfig>, // config: Arc<ClientConfig>,
server: &str, server: &str,
port: u16, port: u16,
) -> Result<impl Read + Write> { ) -> Result<impl Read + Write> {
let server_name = server.try_into()?; let connector = TlsConnector::builder()
.danger_accept_invalid_certs(true)
.build()?;
let conn = ClientConnection::new(config, server_name)?;
let sock = TcpStream::connect((server, port))?; let sock = TcpStream::connect((server, port))?;
let conn = connector.connect(server, sock)?;
let stream = StreamOwned::new(conn, sock); Ok(conn)
Ok(stream)
} }