pierre/tcp-over-http
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Remove redundant code

Browse Source
This commit is contained in:
Pierre HUBERT
2022-08-31 15:00:41 +02:00
parent 3cbbd72a14
commit c063cdcef6
10 changed files with 78 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tcp_relay_server/Cargo.toml
View File

@ -16,5 +16,4 @@ serde = { version = "1.0.144", features = ["derive"] }
tokio = { version = "1", features = ["full"] }
futures = "0.3.24"
rustls = "0.20.6"
rustls-pemfile = "1.0.1"
webpki = "0.22.0"

33
tcp_relay_server/src/main.rs
View File

@ -1,14 +1,10 @@
use std::fs::File;
use std::io::BufReader;
use std::sync::Arc;
use actix_web::web::Data;
use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer, Responder};
use clap::Parser;
use rustls::{Certificate, PrivateKey};
use rustls_pemfile::{certs, read_one, Item};
use base::RelayedPort;
use base::{cert_utils, RelayedPort};
use tcp_relay_server::relay_ws::relay_ws;
use tcp_relay_server::server_config::ServerConfig;
use tcp_relay_server::tls_cert_client_verifier::CustomCertClientVerifier;
@ -80,29 +76,16 @@ async fn main() -> std::io::Result<()> {
// Load TLS configuration, if any
let tls_config = if let (Some(cert), Some(key)) = (&args.tls_cert, &args.tls_key) {
// Load TLS certificate & private key
let cert_file = &mut BufReader::new(File::open(cert).unwrap());
let key_file = &mut BufReader::new(File::open(key).unwrap());
let cert_file = std::fs::read(cert).expect("Failed to read certificate file");
let key_file = std::fs::read(key).expect("Failed to read server private key");
// Get certificates chain
let cert_chain = certs(cert_file)
.unwrap()
.into_iter()
.map(Certificate)
.collect();
let cert_chain =
cert_utils::parse_pem_certificates(&cert_file).expect("Failed to extract certificates");
// Get private key
let key = match read_one(key_file).expect("Failed to read private key!") {
None => {
log::error!("Failed to extract private key!");
panic!();
}
Some(Item::PKCS8Key(key)) => key,
Some(Item::RSAKey(key)) => key,
_ => {
log::error!("Unsupported private key type!");
panic!();
}
};
let key =
cert_utils::parse_pem_private_key(&key_file).expect("Failed to extract private key!");
let config = rustls::ServerConfig::builder().with_safe_defaults();
@ -113,7 +96,7 @@ async fn main() -> std::io::Result<()> {
};
let config = config
.with_single_cert(cert_chain, PrivateKey(key))
.with_single_cert(cert_chain, key)
.expect("Failed to load TLS certificate!");
Some(config)

18
tcp_relay_server/src/tls_cert_client_verifier.rs
View File

@ -1,11 +1,10 @@
use std::fs::File;
use std::io::BufReader;
use std::sync::Arc;
use std::time::SystemTime;
use rustls::server::{AllowAnyAuthenticatedClient, ClientCertVerified, ClientCertVerifier};
use rustls::{Certificate, DistinguishedNames, Error, RootCertStore};
use rustls_pemfile::certs;
use base::cert_utils::parse_pem_certificates;
use crate::server_config::ServerConfig;
@ -19,16 +18,11 @@ impl CustomCertClientVerifier {
.tls_client_auth_root_cert
.as_deref()
.expect("No root certificates for client authentication provided!");
let cert_file = &mut BufReader::new(
File::open(cert_path)
.expect("Failed to read root certificates for client authentication!"),
);
let cert_file = std::fs::read(cert_path)
.expect("Failed to read root certificates for client authentication!");
let root_certs = certs(cert_file)
.unwrap()
.into_iter()
.map(Certificate)
.collect::<Vec<_>>();
let root_certs = parse_pem_certificates(&cert_file)
.expect("Failed to read root certificates for server authentication!");
if root_certs.is_empty() {
log::error!("No certificates found for client authentication!");