From ff72cbf9a96bcbc7e1fc9eb609269fbf254cce29 Mon Sep 17 00:00:00 2001 From: yuluo Date: Thu, 11 Apr 2024 00:45:27 +0800 Subject: [PATCH] For linux platform, add rustls support --- Cargo.lock | 164 ++++++++++++++++++++++++++++++++--- libs/hbb_common/Cargo.toml | 15 ++-- libs/hbb_common/src/proxy.rs | 40 +++++++-- libs/hbb_common/src/tcp.rs | 3 +- 4 files changed, 197 insertions(+), 25 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 575d70c4b..7d5e93419 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -501,6 +501,32 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "aws-lc-rs" +version = "1.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f379c4e505c0692333bd90a334baa234990faa06bdabefd3261f765946aa920" +dependencies = [ + "aws-lc-sys", + "mirai-annotations", + "paste", + "zeroize", +] + +[[package]] +name = "aws-lc-sys" +version = "0.14.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68aa3d613f42dbf301dbbcaf3dc260805fd33ffd95f6d290ad7231a9e5d877a7" +dependencies = [ + "bindgen 0.69.4", + "cmake", + "dunce", + "fs_extra", + "libc", + "paste", +] + [[package]] name = "backtrace" version = "0.3.69" @@ -528,6 +554,12 @@ version = "0.21.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "35636a1494ede3b646cc98f74f8e62c773a38a659ebc777a2cf26b9b74171df9" +[[package]] +name = "base64" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" + [[package]] name = "base64ct" version = "1.6.0" @@ -622,6 +654,29 @@ dependencies = [ "syn 2.0.55", ] +[[package]] +name = "bindgen" +version = "0.69.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a00dc851838a2120612785d195287475a3ac45514741da670b735818822129a0" +dependencies = [ + "bitflags 2.4.1", + "cexpr", + "clang-sys", + "itertools 0.12.1", + "lazy_static", + "lazycell", + "log", + "prettyplease", + "proc-macro2 1.0.79", + "quote 1.0.35", + "regex", + "rustc-hash", + "shlex", + "syn 2.0.55", + "which", +] + [[package]] name = "bit_field" version = "0.10.2" @@ -1807,6 +1862,12 @@ version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "56899898ce76aaf4a0f24d914c97ea6ed976d42fec6ad33fcbb0a1103e07b2b0" +[[package]] +name = "dunce" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56ce8c6da7551ec6c462cbaf3bfbc75131ebbfa1c944aeaa9dab51ca1c5f0c3b" + [[package]] name = "dylib_virtual_display" version = "0.1.0" @@ -2211,6 +2272,12 @@ dependencies = [ "time 0.1.45", ] +[[package]] +name = "fs_extra" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" + [[package]] name = "fuchsia-cprng" version = "0.1.1" @@ -2579,7 +2646,7 @@ checksum = "41486a26d1366a8032b160b59065a59fb528530a46a49f627e7048fb8c064039" dependencies = [ "anyhow", "heck 0.3.3", - "itertools", + "itertools 0.9.0", "proc-macro-crate 0.1.5", "proc-macro-error", "proc-macro2 1.0.79", @@ -2917,7 +2984,7 @@ version = "0.1.0" dependencies = [ "anyhow", "backtrace", - "base64", + "base64 0.22.0", "bytes", "chrono", "confy", @@ -2941,6 +3008,7 @@ dependencies = [ "quinn", "rand 0.8.5", "regex", + "rustls-pki-types", "serde 1.0.190", "serde_derive", "serde_json 1.0.107", @@ -2950,11 +3018,13 @@ dependencies = [ "thiserror", "tokio", "tokio-native-tls", + "tokio-rustls 0.26.0", "tokio-socks", "tokio-util", "toml 0.7.8", "url", "uuid", + "webpki-roots 0.26.1", "winapi 0.3.9", "zstd 0.13.0", ] @@ -3116,7 +3186,7 @@ dependencies = [ "hyper", "rustls 0.21.10", "tokio", - "tokio-rustls", + "tokio-rustls 0.24.1", ] [[package]] @@ -3312,6 +3382,15 @@ dependencies = [ "either", ] +[[package]] +name = "itertools" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "0.3.4" @@ -3805,6 +3884,12 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "mirai-annotations" +version = "1.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9be0862c1b3f26a88803c4a49de6889c10e608b3ee9344e6ef5b45fb37ad3d1" + [[package]] name = "mouce" version = "0.2.1" @@ -4621,7 +4706,7 @@ version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9a4a0cfc5fb21a09dc6af4bf834cf10d4a32fccd9e2ea468c4b1751a097487aa" dependencies = [ - "base64", + "base64 0.21.5", "indexmap 1.9.3", "line-wrap", "quick-xml", @@ -5232,7 +5317,7 @@ version = "0.11.23" source = "git+https://github.com/rustdesk-org/reqwest" dependencies = [ "async-compression", - "base64", + "base64 0.21.5", "bytes", "encoding_rs", "futures-core", @@ -5261,14 +5346,14 @@ dependencies = [ "system-configuration", "tokio", "tokio-native-tls", - "tokio-rustls", + "tokio-rustls 0.24.1", "tokio-util", "tower-service", "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots", + "webpki-roots 0.25.3", "winreg 0.50.0", ] @@ -5414,7 +5499,7 @@ dependencies = [ "arboard", "async-process", "async-trait", - "base64", + "base64 0.21.5", "bytes", "cc", "cfg-if 1.0.0", @@ -5575,10 +5660,25 @@ checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" dependencies = [ "log", "ring 0.17.5", - "rustls-webpki", + "rustls-webpki 0.101.7", "sct", ] +[[package]] +name = "rustls" +version = "0.23.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c4d6d8ad9f2492485e13453acbb291dd08f64441b6609c491f1c2cd2c6b4fe1" +dependencies = [ + "aws-lc-rs", + "log", + "once_cell", + "rustls-pki-types", + "rustls-webpki 0.102.2", + "subtle", + "zeroize", +] + [[package]] name = "rustls-native-certs" version = "0.6.3" @@ -5597,9 +5697,15 @@ version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2" dependencies = [ - "base64", + "base64 0.21.5", ] +[[package]] +name = "rustls-pki-types" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecd36cc4259e3e4514335c4a138c6b43171a8d61d8f5c9348f9fc7529416f247" + [[package]] name = "rustls-webpki" version = "0.101.7" @@ -5610,6 +5716,18 @@ dependencies = [ "untrusted 0.9.0", ] +[[package]] +name = "rustls-webpki" +version = "0.102.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "faaa0a62740bedb9b2ef5afa303da42764c012f743917351dc9a237ea1663610" +dependencies = [ + "aws-lc-rs", + "ring 0.17.5", + "rustls-pki-types", + "untrusted 0.9.0", +] + [[package]] name = "rustversion" version = "1.0.14" @@ -6461,6 +6579,17 @@ dependencies = [ "tokio", ] +[[package]] +name = "tokio-rustls" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" +dependencies = [ + "rustls 0.23.4", + "rustls-pki-types", + "tokio", +] + [[package]] name = "tokio-socks" version = "0.5.1-2" @@ -7153,6 +7282,15 @@ version = "0.25.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1778a42e8b3b90bff8d0f5032bf22250792889a5cdc752aa0020c84abe3aaf10" +[[package]] +name = "webpki-roots" +version = "0.26.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3de34ae270483955a94f4b21bdaaeb83d508bb84a01435f393818edb0012009" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "weezl" version = "0.1.7" @@ -7924,6 +8062,12 @@ dependencies = [ "syn 2.0.55", ] +[[package]] +name = "zeroize" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" + [[package]] name = "zip" version = "0.6.6" diff --git a/libs/hbb_common/Cargo.toml b/libs/hbb_common/Cargo.toml index 79d3c8ba1..b4819dde7 100644 --- a/libs/hbb_common/Cargo.toml +++ b/libs/hbb_common/Cargo.toml @@ -40,14 +40,19 @@ toml = "0.7" uuid = { version = "1.3", features = ["v4"] } # crash, versions >= 0.29.1 are affected by #GuillaumeGomez/sysinfo/1052 sysinfo = { git = "https://github.com/rustdesk-org/sysinfo" } -thiserror = "1.0.30" -httparse = "1.5.1" -base64 = "0.21.5" -url = "2.2.2" -tokio-native-tls ="0.3.1" +thiserror = "1.0" +httparse = "1.5" +base64 = "0.22" +url = "2.2" [target.'cfg(not(any(target_os = "android", target_os = "ios")))'.dependencies] mac_address = "1.1" machine-uid = { git = "https://github.com/21pages/machine-uid" } +[target.'cfg(not(any(target_os = "macos", target_os = "windows")))'.dependencies] +tokio-rustls = "0.26" +webpki-roots = "0.26" +rustls-pki-types = "1.4" +[target.'cfg(any(target_os = "macos", target_os = "windows"))'.dependencies] +tokio-native-tls ="0.3" [features] quic = [] diff --git a/libs/hbb_common/src/proxy.rs b/libs/hbb_common/src/proxy.rs index 83e109eb8..1fe41b593 100644 --- a/libs/hbb_common/src/proxy.rs +++ b/libs/hbb_common/src/proxy.rs @@ -1,15 +1,13 @@ +use std::convert::TryFrom; use std::io::{Error as IoError}; - use std::net::{SocketAddr, ToSocketAddrs}; - +use std::sync::Arc; use base64::Engine; use base64::engine::general_purpose; - use httparse::{EMPTY_HEADER, Error as HttpParseError, Response}; use log::{info}; use thiserror::Error as ThisError; use tokio::io::{AsyncRead, AsyncWrite, AsyncWriteExt, BufStream}; -use tokio_native_tls::{native_tls, TlsConnector, TlsStream}; use tokio_socks::{IntoTargetAddr}; use tokio_socks::tcp::Socks5Stream; use tokio_util::codec::Framed; @@ -18,6 +16,11 @@ use crate::config::Socks5Server; use crate::{ResultType}; use crate::bytes_codec::BytesCodec; use crate::tcp::{DynTcpStream, FramedStream}; +#[cfg(any(target_os = "windows", target_os = "macos"))] +use tokio_native_tls::{native_tls, TlsConnector, TlsStream}; +#[cfg(not(any(target_os = "windows", target_os = "macos")))] +use tokio_rustls::{rustls, TlsConnector, client::TlsStream }; +use rustls_pki_types; #[derive(Debug, ThisError)] pub enum ProxyError { @@ -389,15 +392,36 @@ impl Proxy { }; } - + #[cfg(any(target_os = "windows", target_os = "macos"))] pub async fn https_connect<'a, Input, T>(self, io: Input, target: T) -> Result>, ProxyError> where Input: AsyncRead + AsyncWrite + Unpin, T: IntoTargetAddr<'a> { + let tls_connector = TlsConnector::from(native_tls::TlsConnector::new()?); + let stream = tls_connector.connect(&self.intercept.get_domain()?, io).await?; + self.http_connect(stream, target).await + } - // tls 进行握手 - let tls_connector = TlsConnector::from(native_tls::TlsConnector::new().unwrap()); - let stream = tls_connector.connect(&self.intercept.get_domain()?, io).await.unwrap(); + #[cfg(not(any(target_os = "windows", target_os = "macos")))] + pub async fn https_connect<'a, Input, T>(self, io: Input, target: T) -> Result>, ProxyError> + where + Input: AsyncRead + AsyncWrite + Unpin, + T: IntoTargetAddr<'a> { + let root_store = rustls::RootCertStore { + roots: webpki_roots::TLS_SERVER_ROOTS.into(), + }; + + let config = rustls::ClientConfig::builder() + .with_root_certificates(root_store) + .with_no_client_auth(); + let url_domain = self.intercept.get_domain()?; + + let domain = rustls_pki_types::ServerName::try_from(url_domain.as_str()) + .map_err(|e| ProxyError::AddressResolutionFailed(e.to_string()))? + .to_owned(); + + let tls_connector = TlsConnector::from(Arc::new(config)); + let stream = tls_connector.connect(domain, io).await?; self.http_connect(stream, target).await } diff --git a/libs/hbb_common/src/tcp.rs b/libs/hbb_common/src/tcp.rs index bcc98c118..5514fd046 100644 --- a/libs/hbb_common/src/tcp.rs +++ b/libs/hbb_common/src/tcp.rs @@ -14,12 +14,11 @@ use std::{ pin::Pin, task::{Context, Poll}, }; -use log::info; use tokio::{ io::{AsyncRead, AsyncWrite, ReadBuf}, net::{lookup_host, TcpListener, TcpSocket, ToSocketAddrs}, }; -use tokio_socks::{tcp::Socks5Stream, IntoTargetAddr, ToProxyAddrs}; +use tokio_socks::IntoTargetAddr; use tokio_util::codec::Framed; use crate::config::Socks5Server; use crate::proxy::Proxy;