Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Your Name
committed
Apr 4, 2024
1 parent
2bd816c
commit b55d73a
Showing
8 changed files
with
264 additions
and
232 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
# Roadmap | ||
|
||
## [0.1.16] | ||
## [0.1.17] | ||
Client authorization | ||
|
||
## [0.1.12] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,223 @@ | ||
use super::*; | ||
use tokio::time::{timeout, Duration}; | ||
//use tokio::io::{AsyncReadExt,AsyncWriteExt}; | ||
use tokio::net::TcpStream; | ||
use tokio_rustls::TlsConnector; | ||
use tokio_util::bytes::BytesMut; | ||
use tokio_util::codec::{FramedRead, FramedWrite, LengthDelimitedCodec}; | ||
|
||
use futures_util::stream::StreamExt; | ||
use futures_util::SinkExt; | ||
use tokio::io::split; | ||
use tokio::io::{ReadHalf, WriteHalf}; | ||
use tokio_rustls::rustls::ClientConfig; | ||
use tokio_rustls::rustls::RootCertStore; | ||
use serde_json::{from_slice, to_vec}; | ||
use std::sync::Arc; | ||
|
||
#[derive(Debug)] | ||
struct AllowAnyCertVerifier; | ||
|
||
impl tokio_rustls::rustls::client::danger::ServerCertVerifier for AllowAnyCertVerifier { | ||
fn verify_server_cert( | ||
&self, | ||
_end_entity: &tokio_rustls::rustls::pki_types::CertificateDer<'_>, | ||
_intermediates: &[tokio_rustls::rustls::pki_types::CertificateDer<'_>], | ||
_server_name: &tokio_rustls::rustls::pki_types::ServerName<'_>, | ||
_ocsp_response: &[u8], | ||
_now: tokio_rustls::rustls::pki_types::UnixTime, | ||
) -> Result<tokio_rustls::rustls::client::danger::ServerCertVerified, tokio_rustls::rustls::Error> | ||
{ | ||
Ok(tokio_rustls::rustls::client::danger::ServerCertVerified::assertion()) | ||
} | ||
fn verify_tls12_signature( | ||
&self, | ||
_message: &[u8], | ||
_cert: &tokio_rustls::rustls::pki_types::CertificateDer<'_>, | ||
_dss: &tokio_rustls::rustls::DigitallySignedStruct, | ||
) -> Result< | ||
tokio_rustls::rustls::client::danger::HandshakeSignatureValid, | ||
tokio_rustls::rustls::Error, | ||
> { | ||
Ok(tokio_rustls::rustls::client::danger::HandshakeSignatureValid::assertion()) | ||
} | ||
fn verify_tls13_signature( | ||
&self, | ||
_message: &[u8], | ||
_cert: &tokio_rustls::rustls::pki_types::CertificateDer<'_>, | ||
_dss: &tokio_rustls::rustls::DigitallySignedStruct, | ||
) -> Result< | ||
tokio_rustls::rustls::client::danger::HandshakeSignatureValid, | ||
tokio_rustls::rustls::Error, | ||
> { | ||
Ok(tokio_rustls::rustls::client::danger::HandshakeSignatureValid::assertion()) | ||
} | ||
fn supported_verify_schemes(&self) -> Vec<tokio_rustls::rustls::SignatureScheme> { | ||
vec![ | ||
tokio_rustls::rustls::SignatureScheme::RSA_PKCS1_SHA1, | ||
tokio_rustls::rustls::SignatureScheme::ECDSA_SHA1_Legacy, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PKCS1_SHA256, | ||
tokio_rustls::rustls::SignatureScheme::ECDSA_NISTP256_SHA256, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PKCS1_SHA384, | ||
tokio_rustls::rustls::SignatureScheme::ECDSA_NISTP384_SHA384, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PKCS1_SHA512, | ||
tokio_rustls::rustls::SignatureScheme::ECDSA_NISTP521_SHA512, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PSS_SHA256, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PSS_SHA384, | ||
tokio_rustls::rustls::SignatureScheme::RSA_PSS_SHA512, | ||
tokio_rustls::rustls::SignatureScheme::ED25519, | ||
tokio_rustls::rustls::SignatureScheme::ED448, | ||
] | ||
} | ||
} | ||
|
||
pub enum NetStream { | ||
Tls( | ||
FramedWrite<WriteHalf<tokio_rustls::client::TlsStream<TcpStream>>, LengthDelimitedCodec>, | ||
FramedRead<ReadHalf<tokio_rustls::client::TlsStream<TcpStream>>, LengthDelimitedCodec>, | ||
), | ||
Tcp( | ||
FramedWrite<WriteHalf<TcpStream>, LengthDelimitedCodec>, | ||
FramedRead<ReadHalf<TcpStream>, LengthDelimitedCodec>, | ||
), | ||
} | ||
|
||
impl From<tokio_rustls::client::TlsStream<TcpStream>> for NetStream { | ||
fn from(stream: tokio_rustls::client::TlsStream<TcpStream>) -> Self { | ||
let (reader, writer) = split(stream); | ||
Self::Tls( | ||
FramedWrite::new(writer, LengthDelimitedCodec::new()), | ||
FramedRead::new(reader, LengthDelimitedCodec::new()), | ||
) | ||
} | ||
} | ||
|
||
impl From<TcpStream> for NetStream { | ||
fn from(stream: TcpStream) -> Self { | ||
let (reader, writer) = split(stream); | ||
Self::Tcp( | ||
FramedWrite::new(writer, LengthDelimitedCodec::new()), | ||
FramedRead::new(reader, LengthDelimitedCodec::new()), | ||
) | ||
} | ||
} | ||
|
||
impl NetStream { | ||
pub async fn new(notifications_addr:&str, accept_invalid_certificates: Option<bool>)->anyhow::Result<Self> { | ||
if let Some(accept_invalid_certificates) =accept_invalid_certificates { | ||
let root_certs = RootCertStore::empty(); | ||
let mut config/*: rustls::ConfigBuilder<ClientConfig,rustls::WantsVersions>*/= ClientConfig::builder() | ||
.with_root_certificates(root_certs) | ||
.with_no_client_auth(); | ||
if accept_invalid_certificates { | ||
config | ||
.dangerous() | ||
.set_certificate_verifier(Arc::new(AllowAnyCertVerifier)); | ||
} | ||
|
||
let connector = TlsConnector::from(Arc::new(config)); | ||
let server_name = rustls::pki_types::ServerName::try_from( | ||
notifications_addr.split(":").next().unwrap(), | ||
)?; | ||
let stream = TcpStream::connect(notifications_addr).await?; | ||
let tls_stream = connector.connect(server_name.to_owned(), stream).await?; | ||
let notification_stream = NetStream::from(tls_stream); | ||
Ok(notification_stream) | ||
} else { | ||
let stream = TcpStream::connect(notifications_addr).await?; | ||
let notification_stream = NetStream::from(stream); | ||
Ok(notification_stream) | ||
} | ||
} | ||
|
||
|
||
pub async fn write(&mut self, notification_request: NotificationRequest) -> anyhow::Result<()> { | ||
let message = to_vec(¬ification_request)?; | ||
match self { | ||
Self::Tls(framed_write, _) => { | ||
framed_write | ||
.send(BytesMut::from(message.as_slice()).freeze()) | ||
.await?; | ||
} | ||
Self::Tcp(framed_write, _) => { | ||
framed_write | ||
.send(BytesMut::from(message.as_slice()).freeze()) | ||
.await?; | ||
} | ||
} | ||
Ok(()) | ||
} | ||
pub async fn read(&mut self) -> anyhow::Result<NotificationEvent> { | ||
match self { | ||
Self::Tls(_, length_delimited_stream) => { | ||
let message = length_delimited_stream.next().await; | ||
if let Some(message) = message { | ||
let message: BytesMut = message?; | ||
let message: NotificationEvent = from_slice(&message)?; | ||
Ok(message) | ||
} else { | ||
Err(anyhow::anyhow!("stream closed")) | ||
} | ||
} | ||
Self::Tcp(_, length_delimited_stream) => { | ||
let message = length_delimited_stream.next().await; | ||
if let Some(message) = message { | ||
let message: BytesMut = message?; | ||
let message: NotificationEvent = from_slice(&message)?; | ||
Ok(message) | ||
} else { | ||
Err(anyhow::anyhow!("stream closed")) | ||
} | ||
} | ||
} | ||
} | ||
pub async fn read_timeout( | ||
&mut self, | ||
timeout_duration: Duration, | ||
) -> anyhow::Result<Option<NotificationEvent>> { | ||
match timeout(timeout_duration,self.read()).await { | ||
Ok(notification)=>Ok(Some(notification?)), | ||
Err(_)=>Ok(None), | ||
} | ||
} | ||
/* | ||
#[allow(dead_code)] | ||
pub async fn read_timeout( | ||
&mut self, | ||
timeout_duration: Duration, | ||
) -> anyhow::Result<Option<NotificationEvent>> { | ||
match self { | ||
Self::Tls(_, length_delimited_stream) => { | ||
let res = timeout(timeout_duration, length_delimited_stream.next()).await; | ||
match res { | ||
Ok(message) => { | ||
if let Some(message) = message { | ||
let message: BytesMut = message?; | ||
let message: NotificationEvent = from_slice(&message)?; | ||
Ok(Some(message)) | ||
} else { | ||
Err(anyhow::anyhow!("stream closed")) | ||
} | ||
} | ||
Err(_) => Ok(None), | ||
} | ||
} | ||
Self::Tcp(_, length_delimited_stream) => { | ||
let res = timeout(timeout_duration, length_delimited_stream.next()).await; | ||
match res { | ||
Ok(message) => { | ||
if let Some(message) = message { | ||
let message: BytesMut = message?; | ||
let message: NotificationEvent = from_slice(&message)?; | ||
Ok(Some(message)) | ||
} else { | ||
Err(anyhow::anyhow!("stream closed")) | ||
} | ||
} | ||
Err(_) => Ok(None), | ||
} | ||
} | ||
} | ||
} | ||
*/ | ||
} |
Oops, something went wrong.