Add servers

This commit is contained in:
Pierre HUBERT 2024-06-28 22:00:20 +02:00
parent 09f526bfb7
commit 11054385a6
7 changed files with 1302 additions and 17 deletions

File diff suppressed because it is too large Load Diff

View File

@ -14,4 +14,6 @@ openssl = { version = "0.10.64" }
openssl-sys = "0.9.102" openssl-sys = "0.9.102"
libc = "0.2.155" libc = "0.2.155"
foreign-types-shared = "0.1.1" foreign-types-shared = "0.1.1"
asn1 = "0.16" asn1 = "0.16"
actix-web = { version = "4", features = ["openssl"] }
futures = "0.3.30"

View File

@ -34,9 +34,9 @@ pub enum PKIError {
/// Certificate and private key /// Certificate and private key
pub struct CertData { pub struct CertData {
cert: X509, pub cert: X509,
key: PKey<Private>, pub key: PKey<Private>,
crl: Option<PathBuf>, pub crl: Option<PathBuf>,
} }
impl CertData { impl CertData {
@ -50,7 +50,7 @@ impl CertData {
} }
/// Load web CA /// Load web CA
fn load_web_ca() -> anyhow::Result<Self> { pub fn load_web_ca() -> anyhow::Result<Self> {
Ok(Self { Ok(Self {
cert: load_certificate_from_file(AppConfig::get().web_ca_cert_path())?, cert: load_certificate_from_file(AppConfig::get().web_ca_cert_path())?,
key: load_priv_key_from_file(AppConfig::get().web_ca_priv_key_path())?, key: load_priv_key_from_file(AppConfig::get().web_ca_priv_key_path())?,
@ -59,7 +59,7 @@ impl CertData {
} }
/// Load devices CA /// Load devices CA
fn load_devices_ca() -> anyhow::Result<Self> { pub fn load_devices_ca() -> anyhow::Result<Self> {
Ok(Self { Ok(Self {
cert: load_certificate_from_file(AppConfig::get().devices_ca_cert_path())?, cert: load_certificate_from_file(AppConfig::get().devices_ca_cert_path())?,
key: load_priv_key_from_file(AppConfig::get().devices_ca_priv_key_path())?, key: load_priv_key_from_file(AppConfig::get().devices_ca_priv_key_path())?,

View File

@ -1,3 +1,4 @@
pub mod app_config; pub mod app_config;
pub mod crypto; pub mod crypto;
pub mod server;
pub mod utils; pub mod utils;

View File

@ -1,8 +1,11 @@
use central_backend::app_config::AppConfig; use central_backend::app_config::AppConfig;
use central_backend::crypto::pki; use central_backend::crypto::pki;
use central_backend::server::{secure_server, unsecure_server};
use central_backend::utils::files_utils::create_directory_if_missing; use central_backend::utils::files_utils::create_directory_if_missing;
use futures::future;
fn main() { #[actix_web::main]
async fn main() -> std::io::Result<()> {
// Initialize OpenSSL // Initialize OpenSSL
openssl_sys::init(); openssl_sys::init();
@ -18,4 +21,12 @@ fn main() {
pki::initialize_server_ca().expect("Failed to initialize server certificate!"); pki::initialize_server_ca().expect("Failed to initialize server certificate!");
pki::refresh_crls().expect("Failed to initialize Root CA!"); pki::refresh_crls().expect("Failed to initialize Root CA!");
let s1 = secure_server();
let s2 = unsecure_server();
future::try_join(s1, s2)
.await
.expect("Failed to start servers!");
Ok(())
} }

View File

@ -0,0 +1,45 @@
use actix_web::{web, App, HttpServer};
use openssl::ssl::{SslAcceptor, SslMethod};
use crate::app_config::AppConfig;
use crate::crypto::pki;
pub mod server_controller;
/// Start unsecure (HTTP) server
pub async fn unsecure_server() -> anyhow::Result<()> {
log::info!(
"Unecure server starting to listen on {} for {}",
AppConfig::get().unsecure_listen_address,
AppConfig::get().unsecure_origin()
);
HttpServer::new(|| App::new().route("/", web::get().to(server_controller::unsecure_home)))
.bind(&AppConfig::get().unsecure_listen_address)?
.run()
.await?;
Ok(())
}
/// Start secure (HTTPS) server
pub async fn secure_server() -> anyhow::Result<()> {
let web_ca = pki::CertData::load_web_ca()?;
let server_cert = pki::CertData::load_server()?;
let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
builder.set_private_key(&server_cert.key)?;
builder.set_certificate(&server_cert.cert)?;
builder.add_extra_chain_cert(web_ca.cert)?;
log::info!(
"Secure server starting to listen on {} for {}",
AppConfig::get().listen_address,
AppConfig::get().secure_origin()
);
HttpServer::new(|| App::new().route("/", web::get().to(server_controller::secure_home)))
.bind_openssl(&AppConfig::get().listen_address, builder)?
.run()
.await?;
Ok(())
}

View File

@ -0,0 +1,13 @@
use actix_web::HttpResponse;
pub async fn unsecure_home() -> HttpResponse {
HttpResponse::Ok()
.content_type("text/plain")
.body("SolarEnergy unsecure central backend")
}
pub async fn secure_home() -> HttpResponse {
HttpResponse::Ok()
.content_type("text/plain")
.body("SolarEnergy secure central backend")
}