pierre/tcp-over-http
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Optimize root certificate management on client side

Browse Source
This commit is contained in:
Pierre HUBERT
2022-08-31 11:21:23 +02:00
parent 723ed5e390
commit 1b95b10553
8 changed files with 64 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tcp_relay_client/src/relay_client.rs
View File

@@ -8,7 +8,9 @@ use tokio::io::{AsyncReadExt, AsyncWriteExt};
use tokio::net::{TcpListener, TcpStream};
use tokio_tungstenite::tungstenite::Message;
pub async fn relay_client(ws_url: String, listen_address: String, root_cert: Option<Vec<u8>>) {
use crate::client_config::ClientConfig;
pub async fn relay_client(ws_url: String, listen_address: String, config: Arc<ClientConfig>) {
log::info!("Start to listen on {}", listen_address);
let listener = match TcpListener::bind(&listen_address).await {
Ok(l) => l,
@@ -22,7 +24,7 @@ pub async fn relay_client(ws_url: String, listen_address: String, root_cert: Opt
let (socket, _) = listener.accept().await
.expect("Failed to accept new connection!");
tokio::spawn(relay_connection(ws_url.clone(), socket, root_cert.clone()));
tokio::spawn(relay_connection(ws_url.clone(), socket, config.clone()));
}
}
@@ -30,14 +32,14 @@ pub async fn relay_client(ws_url: String, listen_address: String, root_cert: Opt
///
/// WS read => TCP write
/// TCP read => WS write
async fn relay_connection(ws_url: String, socket: TcpStream, root_cert: Option<Vec<u8>>) {
async fn relay_connection(ws_url: String, socket: TcpStream, conf: Arc<ClientConfig>) {
log::debug!("Connecting to {}...", ws_url);
let ws_stream = if ws_url.starts_with("wss") {
let config = rustls::ClientConfig::builder()
.with_safe_defaults();
let config = match root_cert {
let config = match conf.get_root_certificate() {
None => config.with_native_roots(),
Some(cert) => {
log::debug!("Using custom root certificates");