From 91fdc5576dac112b146467f236312ebc6f505a11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Piyush=20=E0=A4=AE=E0=A4=BF=E0=A4=B6=E0=A5=8D=E0=A4=B0?= Date: Tue, 28 Feb 2023 18:21:05 +0530 Subject: [PATCH] Updated gif api and using rustls for ssl&tls --- Cargo.lock | 147 ++++++++++++++++++++++++++++++++++++++++++++++------ Cargo.toml | 5 +- src/main.rs | 56 +++++++++++++------- 3 files changed, 172 insertions(+), 36 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a883485..c4c8fd7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -69,10 +69,11 @@ dependencies = [ "futures-util", "http", "log", - "openssl", - "tokio-openssl", + "rustls", + "tokio-rustls", "trust-dns-proto", "trust-dns-resolver", + "webpki", ] [[package]] @@ -109,7 +110,7 @@ dependencies = [ "actix-threadpool", "actix-tls", "actix-utils", - "base64", + "base64 0.13.0", "bitflags", "brotli2", "bytes 0.5.6", @@ -269,8 +270,10 @@ dependencies = [ "actix-service", "actix-utils", "futures-util", - "openssl", - "tokio-openssl", + "rustls", + "tokio-rustls", + "webpki", + "webpki-roots", ] [[package]] @@ -321,9 +324,9 @@ dependencies = [ "fxhash", "log", "mime", - "openssl", "pin-project 1.0.10", "regex", + "rustls", "serde", "serde_json", "serde_urlencoded", @@ -450,16 +453,16 @@ dependencies = [ "actix-http", "actix-rt", "actix-service", - "base64", + "base64 0.13.0", "bytes 0.5.6", "cfg-if 1.0.0", "derive_more", "futures-core", "log", "mime", - "openssl", "percent-encoding", "rand 0.7.3", + "rustls", "serde", "serde_json", "serde_urlencoded", @@ -496,12 +499,24 @@ version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4521f3e3d031370679b3b140beb36dfe4801b09ac77e30c61941f97df3ef28b" +[[package]] +name = "base64" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff" + [[package]] name = "base64" version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" +[[package]] +name = "base64" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" + [[package]] name = "bitflags" version = "1.3.2" @@ -1197,6 +1212,15 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" +[[package]] +name = "js-sys" +version = "0.3.55" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cc9ffccd38c451a86bf13657df244e9c3f37493cce8e5e21e940963777acc84" +dependencies = [ + "wasm-bindgen", +] + [[package]] name = "kernel32-sys" version = "0.2.2" @@ -1242,9 +1266,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.14" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ "cfg-if 1.0.0", ] @@ -1269,12 +1293,15 @@ dependencies = [ "actix-web", "actix-web-actors", "actix-web-middleware-redirect-https", - "base64", + "base64 0.13.0", "clap", "env_logger", "lazy_static", + "log", "openssl", "rand 0.8.4", + "rustls", + "rustls-pemfile", "serde", "serde_json", "sha2", @@ -1788,6 +1815,21 @@ dependencies = [ "quick-error", ] +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin", + "untrusted", + "web-sys", + "winapi 0.3.9", +] + [[package]] name = "rustc-demangle" version = "0.1.21" @@ -1812,6 +1854,28 @@ dependencies = [ "semver 1.0.4", ] +[[package]] +name = "rustls" +version = "0.18.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d1126dcf58e93cee7d098dbda643b5f92ed724f1f6a63007c1116eed6700c81" +dependencies = [ + "base64 0.12.3", + "log", + "ring", + "sct", + "webpki", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b" +dependencies = [ + "base64 0.21.0", +] + [[package]] name = "ryu" version = "1.0.9" @@ -1833,6 +1897,16 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "sct" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b362b83898e0e69f38515b82ee15aa80636befe47c3b6d3d89a911e78fc228ce" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "semver" version = "0.9.0" @@ -1968,6 +2042,12 @@ dependencies = [ "winapi 0.3.9", ] +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + [[package]] name = "standback" version = "0.2.17" @@ -2196,13 +2276,15 @@ dependencies = [ ] [[package]] -name = "tokio-openssl" -version = "0.4.0" +name = "tokio-rustls" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c4b08c5f4208e699ede3df2520aca2e82401b2de33f45e96696a074480be594" +checksum = "e12831b255bcfa39dc0436b01e19fea231a37db570686c06ee72c423479f889a" dependencies = [ - "openssl", + "futures-core", + "rustls", "tokio 0.2.25", + "webpki", ] [[package]] @@ -2355,6 +2437,12 @@ dependencies = [ "void", ] +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + [[package]] name = "url" version = "2.2.2" @@ -2489,6 +2577,35 @@ version = "0.2.78" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0237232789cf037d5480773fe568aac745bfe2afbc11a863e97901780a6b47cc" +[[package]] +name = "web-sys" +version = "0.3.55" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38eb105f1c59d9eaa6b5cdc92b859d85b926e82cb2e0945cd0c9259faa6fe9fb" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki" +version = "0.21.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8e38c0608262c46d4a56202ebabdeb094cef7e560ca7a226c6bf055188aa4ea" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "webpki-roots" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f20dea7535251981a9670857150d571846545088359b28e4951d350bdaf179f" +dependencies = [ + "webpki", +] + [[package]] name = "widestring" version = "0.4.3" diff --git a/Cargo.toml b/Cargo.toml index 1cec79d..c54022b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,7 +14,7 @@ keywords = ["chat", "Chatting", "Talk", "Stranger"] [dependencies] actix = "0.10" -actix-web = { version = "3", features = ["openssl"] } +actix-web = { version = "3", features = ["rustls"] } actix-web-actors = "3" actix-broker = "0.3" actix-files = "0.5" @@ -33,3 +33,6 @@ tokio = { version = "1.5", features = ['rt', 'rt-multi-thread', 'macros'] } sha2 = "0.10" base64 = "0.13" +log = "0.4.17" +rustls = "0.18.0" +rustls-pemfile = "1.0.2" diff --git a/src/main.rs b/src/main.rs index 276e884..4005875 100644 --- a/src/main.rs +++ b/src/main.rs @@ -35,8 +35,10 @@ use actix_web::{ web, App, Error, HttpRequest, HttpResponse, HttpServer, }; use actix_web_actors::ws; -use openssl::ssl::{SslAcceptor, SslAcceptorBuilder, SslConnector, SslFiletype, SslMethod}; -use std::sync::RwLock; +use log::error; +// use openssl::ssl::{SslAcceptor, SslAcceptorBuilder, SslConnector, SslFiletype, SslMethod}; +use rustls::{Certificate, NoClientAuth, PrivateKey, ServerConfig}; +use std::{fs::File, sync::RwLock}; use ws_sansad::WsSansad; mod broker_messages; @@ -53,18 +55,18 @@ lazy_static! { #[actix_web::main] async fn main() -> std::io::Result<()> { - std::env::set_var("RUST_LOG", "actix_web=info"); + std::env::set_var("RUST_LOG", "info"); env_logger::init(); let (config, config_file) = config::generate(); - + error!("Hello"); *SALT.write().unwrap() = config_file.salt; if let Some(key) = config_file.tenor_key { *TENOR_API_KEY.write().unwrap() = Some(key); } - let ssl_builder = if config_file.ssl_key.is_some() && config_file.ssl_cert.is_some() { - generate_ssl_builder(config_file.ssl_key.unwrap(), config_file.ssl_cert.unwrap()) + let rustls_server_config = if config_file.ssl_key.is_some() && config_file.ssl_cert.is_some() { + gen_rustls_server_config(config_file.ssl_key.unwrap(), config_file.ssl_cert.unwrap()) } else { None }; @@ -92,7 +94,7 @@ async fn main() -> std::io::Result<()> { app }); - if ssl_builder.is_some() && config.port_ssl.is_some() { + if rustls_server_config.is_some() && config.port_ssl.is_some() { let port = config.port.clone(); let port_ssl = config.port_ssl.clone().unwrap(); let redirect_server = HttpServer::new(move || { @@ -119,11 +121,11 @@ async fn main() -> std::io::Result<()> { }) .bind(format!("{}:{}", config.bind_address, config.port))? .run(); - + let sc = rustls_server_config.unwrap(); let server = server - .bind_openssl( + .bind_rustls( format!("{}:{}", config.bind_address, config.port_ssl.unwrap()), - ssl_builder.unwrap(), + sc, )? .run(); @@ -147,10 +149,9 @@ async fn gif(req: HttpRequest) -> Result { if pos == "_" { pos = "" } - let builder = SslConnector::builder(SslMethod::tls()).unwrap(); let client = Client::builder() - .connector(Connector::new().ssl(builder.build()).finish()) + .connector(Connector::new().finish()) .finish(); let tenor_key = TENOR_API_KEY.read().unwrap(); @@ -168,9 +169,8 @@ async fn gif(req: HttpRequest) -> Result { ) } else { format!( - "https://tenor.googleapis.com/v2/featured?key={}&limit=20&media_filter=tinygif&pos={}", - key, - pos + "https://tenor.googleapis.com/v2/featured?key={}&limit=20&media_filter=tinygif&pos={}", + key, pos ) }; @@ -187,12 +187,28 @@ async fn gif(req: HttpRequest) -> Result { .body(response)) } -fn generate_ssl_builder(key: String, cert: String) -> Option { +fn gen_rustls_server_config(key: String, cert: String) -> Option { if key != "" && cert != "" { - let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); - builder.set_private_key_file(key, SslFiletype::PEM).unwrap(); - builder.set_certificate_chain_file(cert).unwrap(); - Some(builder) + let mut br = std::io::BufReader::new(File::open(cert).unwrap()); + let certs = rustls_pemfile::certs(&mut br) + .unwrap() + .iter() + .map(|a| Certificate(a.to_owned())) + .collect::>(); + + let mut br = std::io::BufReader::new(File::open(key).unwrap()); + let private_key = rustls_pemfile::ec_private_keys(&mut br).unwrap_or( + rustls_pemfile::rsa_private_keys(&mut br) + .unwrap_or(rustls_pemfile::pkcs8_private_keys(&mut br).unwrap()), + ); + + let private_key = private_key.get(0).unwrap(); + + let private_key = PrivateKey(private_key.to_owned()); + + let mut config = ServerConfig::new(NoClientAuth::new()); + config.set_single_cert(certs, private_key).unwrap(); + Some(config) } else { None }