diff --git a/src/connect.rs b/src/connect.rs index cba5506..9e26f0b 100644 --- a/src/connect.rs +++ b/src/connect.rs @@ -2,8 +2,6 @@ use crate::server::Server; use lan_mouse_ipc::{ClientHandle, DEFAULT_PORT}; use lan_mouse_proto::{ProtoEvent, MAX_EVENT_SIZE}; use local_channel::mpsc::{channel, Receiver, Sender}; -use rustls::pki_types::CertificateDer; -use sha2::{Digest, Sha256}; use std::{ collections::{HashMap, HashSet}, io, @@ -37,12 +35,6 @@ pub(crate) enum LanMouseConnectionError { NotConnected, } -type VerifyPeerCertificateFn = Arc< - dyn (Fn(&[Vec], &[CertificateDer<'static>]) -> Result<(), webrtc_dtls::Error>) - + Send - + Sync, ->; - async fn connect( addr: SocketAddr, ) -> Result<(Arc, SocketAddr), LanMouseConnectionError> { @@ -50,31 +42,10 @@ async fn connect( let conn = Arc::new(UdpSocket::bind("0.0.0.0:0").await?); conn.connect(addr).await?; let certificate = Certificate::generate_self_signed(["localhost".to_owned()])?; - let verify_peer_certificate: Option = Some(Arc::new( - |certs: &[Vec], _chains: &[CertificateDer<'static>]| { - let fingerprints = certs - .into_iter() - .map(|cert| { - let mut hash = Sha256::new(); - hash.update(cert); - let bytes = hash - .finalize() - .iter() - .map(|x| format!("{x:02x}")) - .collect::>(); - let fingerprint = bytes.join(":").to_lowercase(); - fingerprint - }) - .collect::>(); - log::info!("fingerprints: {fingerprints:?}"); - Ok(()) - }, - )); let config = Config { certificates: vec![certificate], insecure_skip_verify: true, extended_master_secret: ExtendedMasterSecretType::Require, - verify_peer_certificate, ..Default::default() }; let dtls_conn = DTLSConn::new(conn, config, true, None).await?; diff --git a/src/listen.rs b/src/listen.rs index 365718b..a67c4f9 100644 --- a/src/listen.rs +++ b/src/listen.rs @@ -1,6 +1,8 @@ use futures::{Stream, StreamExt}; use lan_mouse_proto::{ProtoEvent, MAX_EVENT_SIZE}; use local_channel::mpsc::{channel, Receiver, Sender}; +use rustls::pki_types::CertificateDer; +use sha2::{Digest, Sha256}; use std::{net::SocketAddr, rc::Rc, sync::Arc, time::Duration}; use thiserror::Error; use tokio::{ @@ -29,15 +31,42 @@ pub(crate) struct LanMouseListener { conns: Rc)>>>, } +type VerifyPeerCertificateFn = Arc< + dyn (Fn(&[Vec], &[CertificateDer<'static>]) -> Result<(), webrtc_dtls::Error>) + + Send + + Sync, +>; + impl LanMouseListener { pub(crate) async fn new(port: u16) -> Result { let (listen_tx, listen_rx) = channel(); let listen_addr = SocketAddr::new("0.0.0.0".parse().expect("invalid ip"), port); let certificate = Certificate::generate_self_signed(["localhost".to_owned()])?; + let verify_peer_certificate: Option = Some(Arc::new( + |certs: &[Vec], _chains: &[CertificateDer<'static>]| { + let fingerprints = certs + .into_iter() + .map(|cert| { + let mut hash = Sha256::new(); + hash.update(cert); + let bytes = hash + .finalize() + .iter() + .map(|x| format!("{x:02x}")) + .collect::>(); + let fingerprint = bytes.join(":").to_lowercase(); + fingerprint + }) + .collect::>(); + log::info!("fingerprints: {fingerprints:?}"); + Ok(()) + }, + )); let cfg = Config { certificates: vec![certificate], extended_master_secret: ExtendedMasterSecretType::Require, + verify_peer_certificate, ..Default::default() };