From f2c73dab0c4b88a6a309c7524e09acd6cdd072cf Mon Sep 17 00:00:00 2001 From: Jesse Luehrs Date: Fri, 11 Oct 2019 15:16:47 -0400 Subject: add tls support to the server --- Cargo.lock | 161 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Cargo.toml | 2 + src/cmd/server.rs | 131 ++++++++++++++++++++++++++++++++++++++------ src/server.rs | 130 ++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 400 insertions(+), 24 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 96817c3..2c4165d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -123,6 +123,20 @@ dependencies = [ "bitflags 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "core-foundation" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "core-foundation-sys 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "core-foundation-sys" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "crossbeam-deque" version = "0.7.1" @@ -277,6 +291,19 @@ name = "fnv" version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "foreign-types-shared 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "fuchsia-cprng" version = "0.1.1" @@ -427,6 +454,23 @@ dependencies = [ "ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "native-tls" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", + "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", + "openssl 0.10.25 (registry+https://github.com/rust-lang/crates.io-index)", + "openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", + "openssl-sys 0.9.51 (registry+https://github.com/rust-lang/crates.io-index)", + "schannel 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)", + "security-framework 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", + "security-framework-sys 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", + "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "net2" version = "0.2.33" @@ -455,6 +499,36 @@ dependencies = [ "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "openssl" +version = "0.10.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "bitflags 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", + "foreign-types 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", + "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", + "openssl-sys 0.9.51 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "openssl-probe" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" + +[[package]] +name = "openssl-sys" +version = "0.9.51" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "autocfg 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "cc 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", + "pkg-config 0.3.16 (registry+https://github.com/rust-lang/crates.io-index)", + "vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "parking_lot" version = "0.9.0" @@ -479,6 +553,11 @@ dependencies = [ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "pkg-config" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "ppv-lite86" version = "0.2.5" @@ -677,6 +756,14 @@ name = "regex-syntax" version = "0.6.12" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "remove_dir_all" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "rustc-demangle" version = "0.1.16" @@ -690,11 +777,39 @@ dependencies = [ "semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "schannel" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "scopeguard" version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "security-framework" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "core-foundation 0.6.4 (registry+https://github.com/rust-lang/crates.io-index)", + "core-foundation-sys 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", + "security-framework-sys 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "security-framework-sys" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "core-foundation-sys 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "semver" version = "0.9.0" @@ -719,12 +834,14 @@ dependencies = [ "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "mio 0.6.19 (registry+https://github.com/rust-lang/crates.io-index)", + "native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", "rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)", "ratelimit_meter 5.0.0 (registry+https://github.com/rust-lang/crates.io-index)", "snafu 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", "tokio 0.1.22 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-pty-process 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-signal 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-tls 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", "twoway 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -793,6 +910,19 @@ dependencies = [ "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "tempfile" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)", + "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)", + "remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "termcolor" version = "1.0.5" @@ -985,6 +1115,16 @@ dependencies = [ "tokio-executor 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "tokio-tls" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", + "native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "tokio-udp" version = "0.1.5" @@ -1048,6 +1188,11 @@ dependencies = [ "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "vcpkg" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "vec_map" version = "0.8.1" @@ -1130,6 +1275,8 @@ dependencies = [ "checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" "checksum clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9" "checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f" +"checksum core-foundation 0.6.4 (registry+https://github.com/rust-lang/crates.io-index)" = "25b9e03f145fd4f2bf705e07b900cd41fc636598fe5dc452fd0db1441c3f496d" +"checksum core-foundation-sys 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)" = "e7ca8a5221364ef15ce201e8ed2f609fc312682a8f4e0e3d4aa5879764e0fa3b" "checksum crossbeam-deque 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b18cd2e169ad86297e6bc0ad9aa679aee9daa4f19e8163860faf7c164e4f5a71" "checksum crossbeam-epoch 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "fedcd6772e37f3da2a9af9bf12ebe046c0dfe657992377b4df982a2b54cd37a9" "checksum crossbeam-queue 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7c979cd6cfe72335896575c6b5688da489e420d36a27a0b9eb0c73db574b4a4b" @@ -1146,6 +1293,8 @@ dependencies = [ "checksum env_logger 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "39ecdb7dd54465526f0a56d666e3b2dd5f3a218665a030b6e4ad9e70fa95d8fa" "checksum evmap 6.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "6fdb60074c9b82c91f8702fa5351b85d22b668dae7f73bf06b44a09bc372380f" "checksum fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3" +"checksum foreign-types 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +"checksum foreign-types-shared 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" "checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" "checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" "checksum fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" @@ -1165,12 +1314,17 @@ dependencies = [ "checksum mio 0.6.19 (registry+https://github.com/rust-lang/crates.io-index)" = "83f51996a3ed004ef184e16818edc51fadffe8e7ca68be67f9dee67d84d0ff23" "checksum mio-uds 0.6.7 (registry+https://github.com/rust-lang/crates.io-index)" = "966257a94e196b11bb43aca423754d87429960a768de9414f3691d6957abf125" "checksum miow 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "8c1f2f3b1cf331de6896aabf6e9d55dca90356cc9960cca7eaaf408a355ae919" +"checksum native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "4b2df1a4c22fd44a62147fd8f13dd0f95c9d8ca7b2610299b2a2f9cf8964274e" "checksum net2 0.2.33 (registry+https://github.com/rust-lang/crates.io-index)" = "42550d9fb7b6684a6d404d9fa7250c2eb2646df731d1c06afc06dcee9e1bcf88" "checksum nodrop 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)" = "2f9667ddcc6cc8a43afc9b7917599d7216aa09c463919ea32c59ed6cac8bc945" "checksum nonzero_ext 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "db1b4163932b207be6e3a06412aed4d84cca40dc087419f231b3a38cba2ca8e9" "checksum num_cpus 1.10.1 (registry+https://github.com/rust-lang/crates.io-index)" = "bcef43580c035376c0705c42792c294b66974abbfd2789b511784023f71f3273" +"checksum openssl 0.10.25 (registry+https://github.com/rust-lang/crates.io-index)" = "2f372b2b53ce10fb823a337aaa674e3a7d072b957c6264d0f4ff0bd86e657449" +"checksum openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de" +"checksum openssl-sys 0.9.51 (registry+https://github.com/rust-lang/crates.io-index)" = "ba24190c8f0805d3bd2ce028f439fe5af1d55882bbe6261bed1dbc93b50dd6b1" "checksum parking_lot 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "f842b1982eb6c2fe34036a4fbfb06dd185a3f5c8edfaacdf7d1ea10b07de6252" "checksum parking_lot_core 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)" = "b876b1b9e7ac6e1a74a6da34d25c42e17e8862aa409cbbbdcfc8d86c6f3bc62b" +"checksum pkg-config 0.3.16 (registry+https://github.com/rust-lang/crates.io-index)" = "72d5370d90f49f70bd033c3d75e87fc529fbfff9d6f7cccef07d6170079d91ea" "checksum ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "e3cbf9f658cdb5000fcf6f362b8ea2ba154b9f146a61c7a20d647034c6b6561b" "checksum proc-macro2 0.4.30 (registry+https://github.com/rust-lang/crates.io-index)" = "cf3d2011ab5c909338f7887f4fc896d35932e29146c12c8d01da6b22a80ba759" "checksum quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9274b940887ce9addde99c4eee6b5c44cc494b182b97e73dc8ffdcb3397fd3f0" @@ -1194,9 +1348,13 @@ dependencies = [ "checksum redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)" = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84" "checksum regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dc220bd33bdce8f093101afe22a037b8eb0e5af33592e6a9caafff0d4cb81cbd" "checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716" +"checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e" "checksum rustc-demangle 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" "checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" +"checksum schannel 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "87f550b06b6cba9c8b8be3ee73f391990116bf527450d2556e9b9ce263b9a021" "checksum scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b42e15e59b18a828bbf5c58ea01debb36b9b096346de35d941dcb89009f24a0d" +"checksum security-framework 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "eee63d0f4a9ec776eeb30e220f0bc1e092c3ad744b2a379e3993070364d3adc2" +"checksum security-framework-sys 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "9636f8989cbf61385ae4824b98c1aaa54c994d7d8b41f11c601ed799f0549a56" "checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" "checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" "checksum signal-hook 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4f61c4d59f3aaa9f61bba6450a9b80ba48362fd7d651689e7a10c453b1f6dc68" @@ -1207,6 +1365,7 @@ dependencies = [ "checksum snafu-derive 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "624e94bd38e471f67883b467711e7a7ad7dbe284f5fb7e661dc8a671fc5b26a0" "checksum strsim 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" "checksum syn 0.15.44 (registry+https://github.com/rust-lang/crates.io-index)" = "9ca4b3b69a77cbe1ffc9e198781b7acb0c7365a883670e8f1c1bc66fba79a5c5" +"checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9" "checksum termcolor 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)" = "96d6098003bde162e4277c70665bd87c326f5a0c3f3fbfb285787fa482d54e6e" "checksum textwrap 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" "checksum thread_local 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)" = "c6b53e329000edc2b34dbe8545fd20e55a333362d0a321909685a19bd28c3f1b" @@ -1223,6 +1382,7 @@ dependencies = [ "checksum tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "1d14b10654be682ac43efee27401d792507e30fd8d26389e1da3b185de2e4119" "checksum tokio-threadpool 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "2bd2c6a3885302581f4401c82af70d792bb9df1700e7437b0aeb4ada94d5388c" "checksum tokio-timer 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "f2106812d500ed25a4f38235b9cae8f78a09edf43203e16e59c3b769a342a60e" +"checksum tokio-tls 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "354b8cd83825b3c20217a9dc174d6a0c67441a2fae5c41bcb1ea6679f6ae0f7c" "checksum tokio-udp 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "f02298505547f73e60f568359ef0d016d5acd6e830ab9bc7c4a5b3403440121b" "checksum tokio-uds 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "037ffc3ba0e12a0ab4aca92e5234e0dedeb48fddf6ccd260f1f150a36a9f2445" "checksum twoway 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "766345ed3891b291d01af307cd3ad2992a4261cb6c0c7e665cd3e01cf379dd24" @@ -1230,6 +1390,7 @@ dependencies = [ "checksum unicode-width 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "7007dbd421b92cc6e28410fe7362e2e0a2503394908f417b68ec8d1c364c4e20" "checksum unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" "checksum uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)" = "90dbc611eb48397705a6b0f6e917da23ae517e4d127123d2cf7674206627d32a" +"checksum vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "33dd455d0f96e90a75803cfeb7f948768c08d70a6de9a8d2362461935698bf95" "checksum vec_map 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "05c78687fb1a80548ae3250346c3db86a80a7cdd77bda190189f2d0a0987c81a" "checksum wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b89c3ce4ce14bdc6fb6beaf9ec7928ca331de5df7e5ea278375642a2f478570d" "checksum winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a" diff --git a/Cargo.toml b/Cargo.toml index d64c9d7..f4f9316 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -12,12 +12,14 @@ env_logger = "0.7" futures = "0.1" log = "0.4" mio = "0.6" +native-tls = "0.2" rand = "0.7" ratelimit_meter = "5" snafu = { version = "0.5", features = ["futures-01"] } tokio = "0.1" tokio-pty-process = "0.4" tokio-signal = "0.2" +tokio-tls = "0.2" twoway = "0.2" uuid = { version = "0.7", features = ["v4"] } diff --git a/src/cmd/server.rs b/src/cmd/server.rs index db3ae96..0633a77 100644 --- a/src/cmd/server.rs +++ b/src/cmd/server.rs @@ -1,6 +1,9 @@ use futures::future::Future as _; use futures::stream::Stream as _; +use snafu::futures01::stream::StreamExt as _; +use snafu::futures01::FutureExt as _; use snafu::ResultExt as _; +use std::io::Read as _; #[derive(Debug, snafu::Snafu)] pub enum Error { @@ -19,6 +22,38 @@ pub enum Error { input: String, source: std::num::ParseIntError, }, + + #[snafu(display("failed to accept: {}", source))] + Acceptor { source: tokio::io::Error }, + + #[snafu(display( + "failed to send accepted socket to server thread: {}", + source + ))] + SocketChannel { + source: tokio::sync::mpsc::error::TrySendError, + }, + + #[snafu(display("failed to send accepted socket to server thread"))] + TlsSocketChannel { + // XXX tokio_tls::Accept doesn't implement Debug or Display + // source: tokio::sync::mpsc::error::TrySendError>, + }, + + #[snafu(display("failed to run server: {}", source))] + Server { source: crate::server::Error }, + + #[snafu(display("failed to open identity file: {}", source))] + OpenIdentityFile { source: std::io::Error }, + + #[snafu(display("failed to read identity file: {}", source))] + ReadIdentityFile { source: std::io::Error }, + + #[snafu(display("failed to parse identity file: {}", source))] + ParseIdentity { source: native_tls::Error }, + + #[snafu(display("failed to create tls acceptor: {}", source))] + CreateAcceptor { source: native_tls::Error }, } pub type Result = std::result::Result; @@ -40,6 +75,11 @@ pub fn cmd<'a, 'b>(app: clap::App<'a, 'b>) -> clap::App<'a, 'b> { .long("read-timeout") .takes_value(true), ) + .arg( + clap::Arg::with_name("tls-identity-file") + .long("tls-identity-file") + .takes_value(true), + ) } pub fn run<'a>(matches: &clap::ArgMatches<'a>) -> super::Result<()> { @@ -70,34 +110,91 @@ pub fn run<'a>(matches: &clap::ArgMatches<'a>) -> super::Result<()> { .context(super::Server) }, )?; - run_impl(address, buffer_size, read_timeout).context(super::Server) + let tls_identity_file = matches.value_of("tls-identity-file"); + run_impl(address, buffer_size, read_timeout, tls_identity_file) + .context(super::Server) } fn run_impl( address: std::net::SocketAddr, buffer_size: usize, read_timeout: std::time::Duration, + tls_identity_file: Option<&str>, ) -> Result<()> { + let (acceptor, server) = + if let Some(tls_identity_file) = tls_identity_file { + create_server_tls( + address, + buffer_size, + read_timeout, + tls_identity_file, + )? + } else { + create_server(address, buffer_size, read_timeout)? + }; + tokio::run(futures::future::lazy(move || { + tokio::spawn(server.map_err(|e| { + eprintln!("{}", e); + })); + + acceptor.map_err(|e| { + eprintln!("{}", e); + }) + })); + Ok(()) +} + +fn create_server( + address: std::net::SocketAddr, + buffer_size: usize, + read_timeout: std::time::Duration, +) -> Result<( + Box + Send>, + Box + Send>, +)> { let (mut sock_w, sock_r) = tokio::sync::mpsc::channel(100); let listener = tokio::net::TcpListener::bind(&address).context(Bind)?; let acceptor = listener .incoming() - .map_err(|e| { - eprintln!("accept failed: {}", e); - }) - .for_each(move |sock| { - sock_w.try_send(sock).map_err(|e| { - eprintln!("sending socket to manager thread failed: {}", e); - }) - }); + .context(Acceptor) + .for_each(move |sock| sock_w.try_send(sock).context(SocketChannel)); + let server = + crate::server::Server::new(buffer_size, read_timeout, sock_r) + .context(Server); + Ok((Box::new(acceptor), Box::new(server))) +} - tokio::run(futures::future::lazy(move || { - let server = - crate::server::Server::new(buffer_size, read_timeout, sock_r) - .map_err(|e| eprintln!("{}", e)); - tokio::spawn(server); +fn create_server_tls( + address: std::net::SocketAddr, + buffer_size: usize, + read_timeout: std::time::Duration, + tls_identity_file: &str, +) -> Result<( + Box + Send>, + Box + Send>, +)> { + let (mut sock_w, sock_r) = tokio::sync::mpsc::channel(100); + let listener = tokio::net::TcpListener::bind(&address).context(Bind)?; - acceptor - })); - Ok(()) + let mut file = + std::fs::File::open(tls_identity_file).context(OpenIdentityFile)?; + let mut identity = vec![]; + file.read_to_end(&mut identity).context(ReadIdentityFile)?; + let identity = native_tls::Identity::from_pkcs12(&identity, "") + .context(ParseIdentity)?; + let acceptor = + native_tls::TlsAcceptor::new(identity).context(CreateAcceptor)?; + let acceptor = tokio_tls::TlsAcceptor::from(acceptor); + + let acceptor = + listener.incoming().context(Acceptor).for_each(move |sock| { + let sock = acceptor.accept(sock); + sock_w + .try_send(sock) + .map_err(|_| Error::TlsSocketChannel {}) + }); + let server = + crate::server::TlsServer::new(buffer_size, read_timeout, sock_r) + .context(Server); + Ok((Box::new(acceptor), Box::new(server))) } diff --git a/src/server.rs b/src/server.rs index 95152d7..a93a057 100644 --- a/src/server.rs +++ b/src/server.rs @@ -697,18 +697,15 @@ impl fn poll_new_connections( &mut self, ) -> Result> { - match self.sock_stream.poll() { - Ok(futures::Async::Ready(Some(conn))) => { + match self.sock_stream.poll()? { + futures::Async::Ready(Some(conn)) => { self.connections.insert(conn.id.to_string(), conn); Ok(crate::component_future::Poll::DidWork) } - Ok(futures::Async::Ready(None)) => { - Err(Error::SocketChannelClosed) - } - Ok(futures::Async::NotReady) => { + futures::Async::Ready(None) => Err(Error::SocketChannelClosed), + futures::Async::NotReady => { Ok(crate::component_future::Poll::NotReady) } - Err(e) => Err(e), } } @@ -803,6 +800,125 @@ impl } } +#[allow(clippy::module_name_repetitions)] +pub struct TlsServer { + server: Server>, + sock_r: + tokio::sync::mpsc::Receiver>, + sock_w: tokio::sync::mpsc::Sender< + tokio_tls::TlsStream, + >, + accepting_sockets: Vec>, +} + +impl TlsServer { + pub fn new( + buffer_size: usize, + read_timeout: std::time::Duration, + sock_r: tokio::sync::mpsc::Receiver< + tokio_tls::Accept, + >, + ) -> Self { + let (tls_sock_w, tls_sock_r) = tokio::sync::mpsc::channel(100); + Self { + server: Server::new(buffer_size, read_timeout, tls_sock_r), + sock_r, + sock_w: tls_sock_w, + accepting_sockets: vec![], + } + } +} + +impl TlsServer { + const POLL_FNS: &'static [&'static dyn for<'a> Fn( + &'a mut Self, + ) -> Result< + crate::component_future::Poll<()>, + >] = &[ + &Self::poll_new_connections, + &Self::poll_handshake_connections, + &Self::poll_server, + ]; + + fn poll_new_connections( + &mut self, + ) -> Result> { + match self.sock_r.poll().context(SocketChannelReceive)? { + futures::Async::Ready(Some(sock)) => { + self.accepting_sockets.push(sock); + Ok(crate::component_future::Poll::DidWork) + } + futures::Async::Ready(None) => Err(Error::SocketChannelClosed), + futures::Async::NotReady => { + Ok(crate::component_future::Poll::NotReady) + } + } + } + + fn poll_handshake_connections( + &mut self, + ) -> Result> { + let mut did_work = false; + let mut not_ready = false; + + let mut i = 0; + while i < self.accepting_sockets.len() { + let sock = self.accepting_sockets.get_mut(i).unwrap(); + match sock.poll() { + Ok(futures::Async::Ready(sock)) => { + self.accepting_sockets.swap_remove(i); + self.sock_w.try_send(sock).unwrap_or_else(|e| { + log::warn!( + "failed to send connected tls socket: {}", + e + ); + }); + did_work = true; + continue; + } + Ok(futures::Async::NotReady) => { + not_ready = true; + } + Err(e) => { + log::warn!("failed to accept tls connection: {}", e); + self.accepting_sockets.swap_remove(i); + continue; + } + } + i += 1; + } + + if did_work { + Ok(crate::component_future::Poll::DidWork) + } else if not_ready { + Ok(crate::component_future::Poll::NotReady) + } else { + Ok(crate::component_future::Poll::NothingToDo) + } + } + + fn poll_server(&mut self) -> Result> { + match self.server.poll()? { + futures::Async::Ready(()) => { + Ok(crate::component_future::Poll::DidWork) + } + futures::Async::NotReady => { + Ok(crate::component_future::Poll::NotReady) + } + } + } +} + +#[must_use = "futures do nothing unless polled"] +impl futures::future::Future for TlsServer { + type Item = (); + type Error = Error; + + fn poll(&mut self) -> futures::Poll { + crate::component_future::poll_future(self, Self::POLL_FNS) + } +} + fn log_message(id: &str, message: &crate::protocol::Message) { match message { crate::protocol::Message::TerminalOutput { data } => { -- cgit v1.2.3-54-g00ecf