From a7c97cd3cc3d40f8d66a573b7bf2a5bb6a09656a Mon Sep 17 00:00:00 2001 From: Andrewmatilde Date: Mon, 30 May 2022 14:25:03 +0800 Subject: [PATCH] Add TLS support for http (#39) * add TLS support on backends Signed-off-by: andrewmatilde * support TLS Signed-off-by: andrewmatilde * fix connect Signed-off-by: andrewmatilde * fix tls config Signed-off-by: andrewmatilde * fix client Signed-off-by: andrewmatilde * fix client scheme Signed-off-by: andrewmatilde * fix client authority Signed-off-by: andrewmatilde * fix connector Signed-off-by: andrewmatilde * delete some unnecessary code Signed-off-by: andrewmatilde * fix-lock Signed-off-by: andrewmatilde * try fix loop select Signed-off-by: andrewmatilde * fmt Signed-off-by: andrewmatilde * use span Signed-off-by: andrewmatilde * fix BUG Signed-off-by: andrewmatilde * fix duplicate code. Signed-off-by: andrewmatilde * fix all Signed-off-by: andrewmatilde --- Cargo.lock | 746 ++++++++++++------ Cargo.toml | 8 +- chaos-tproxy-controller/Cargo.toml | 12 +- chaos-tproxy-controller/src/proxy/config.rs | 9 +- chaos-tproxy-controller/src/proxy/exec.rs | 2 +- .../src/proxy/net/bridge.rs | 26 +- .../src/proxy/net/routes.rs | 4 +- .../src/proxy/net/set_net.rs | 1 + chaos-tproxy-controller/src/raw_config.rs | 3 +- chaos-tproxy-proxy/Cargo.toml | 8 +- chaos-tproxy-proxy/src/proxy/http/config.rs | 16 +- .../src/proxy/http/connector.rs | 42 +- chaos-tproxy-proxy/src/proxy/http/server.rs | 180 ++++- chaos-tproxy-proxy/src/raw_config.rs | 94 ++- tests/Cargo.toml | 8 +- 15 files changed, 823 insertions(+), 336 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a7a1ee6..5e8050f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11,6 +11,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "ansi_term" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b" +dependencies = [ + "winapi", +] + [[package]] name = "ansi_term" version = "0.12.1" @@ -22,15 +31,15 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.57" +version = "1.0.43" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" +checksum = "28ae2b3dec75a406790005a200b1bd89785afc02517a00ca99ecfe093ee9e6cf" [[package]] name = "async-trait" -version = "0.1.53" +version = "0.1.51" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed6aa3524a2dfcf9fe180c51eae2b58738348d819517ceadf95789c51fff7600" +checksum = "44318e776df68115a881de9a8fd1b9e53368d7a4a5ce4cc48517da3393233a5e" dependencies = [ "proc-macro2", "quote", @@ -50,9 +59,9 @@ dependencies = [ [[package]] name = "autocfg" -version = "1.1.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" [[package]] name = "base64" @@ -71,9 +80,15 @@ dependencies = [ [[package]] name = "bitflags" -version = "1.3.2" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" + +[[package]] +name = "bumpalo" +version = "3.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +checksum = "a4a45a46ab1f2412e53d3a0ade76ffad2025804294569aae387231a0cd6e0899" [[package]] name = "byteorder" @@ -83,15 +98,15 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.1.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" +checksum = "b700ce4376041dcd0a327fd0097c41095743c4c8af8887265942faf1100bd040" [[package]] name = "cc" -version = "1.0.73" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "e70cc2f62c6ce1868963827bd677764c62d07c3d9a3e1fb1177ee1a9ab199eb2" [[package]] name = "cfg-if" @@ -111,11 +126,13 @@ dependencies = [ "chaos-tproxy-proxy", "clap", "default-net", + "derivative", "futures", "futures-util", "http", "humantime-serde", - "hyper 0.14.18 (git+https://github.com/Andrewmatilde/hyper.git)", + "hyper", + "hyper-rustls", "iproute2-rs", "iptables", "json-patch", @@ -123,6 +140,8 @@ dependencies = [ "paw", "pnet", "rtnetlink", + "rustls", + "rustls-pemfile", "serde", "serde_derive", "serde_json", @@ -133,9 +152,11 @@ dependencies = [ "system_gateway", "test-case", "tokio", + "tokio-rustls", "tracing", "tracing-subscriber 0.3.11", "uuid", + "webpki-roots", "wildmatch", ] @@ -151,11 +172,13 @@ dependencies = [ "chaos-tproxy-proxy", "clap", "default-net", + "derivative", "futures", "futures-util", "http", "humantime-serde", - "hyper 0.14.18 (registry+https://github.com/rust-lang/crates.io-index)", + "hyper", + "hyper-rustls", "iproute2-rs", "iptables", "json-patch", @@ -163,6 +186,8 @@ dependencies = [ "paw", "pnet", "rtnetlink", + "rustls", + "rustls-pemfile", "serde", "serde_derive", "serde_json", @@ -173,9 +198,11 @@ dependencies = [ "system_gateway", "tempfile", "tokio", + "tokio-rustls", "tracing", "tracing-subscriber 0.3.11", "uuid", + "webpki-roots", "wildmatch", ] @@ -190,16 +217,20 @@ dependencies = [ "bytes", "cfg-if", "clap", + "derivative", "futures", "futures-util", "http", "humantime-serde", - "hyper 0.14.18 (git+https://github.com/Andrewmatilde/hyper.git)", + "hyper", + "hyper-rustls", "iptables", "json-patch", "libc", "paw", "rtnetlink", + "rustls", + "rustls-pemfile", "serde", "serde_derive", "serde_json", @@ -209,9 +240,11 @@ dependencies = [ "structopt", "tempfile", "tokio", + "tokio-rustls", "tracing", "tracing-subscriber 0.3.11", "uuid", + "webpki-roots", "wildmatch", ] @@ -229,11 +262,11 @@ dependencies = [ [[package]] name = "clap" -version = "2.34.0" +version = "2.33.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" +checksum = "37e58ac78573c40708d45522f0d80fa2f01cc4f9b4e2bf749807255454312002" dependencies = [ - "ansi_term", + "ansi_term 0.11.0", "atty", "bitflags", "strsim", @@ -270,24 +303,32 @@ dependencies = [ ] [[package]] -name = "enum_dispatch" -version = "0.3.8" +name = "derivative" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0eb359f1476bf611266ac1f5355bc14aeca37b299d0ebccc038ee7058891c9cb" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" dependencies = [ - "once_cell", "proc-macro2", "quote", "syn", ] [[package]] -name = "fastrand" -version = "1.7.0" +name = "dtoa" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56899898ce76aaf4a0f24d914c97ea6ed976d42fec6ad33fcbb0a1103e07b2b0" + +[[package]] +name = "enum_dispatch" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3fcf0cee53519c866c09b5de1f6c56ff9d647101f81c1964fa632e148896cdf" +checksum = "0eb359f1476bf611266ac1f5355bc14aeca37b299d0ebccc038ee7058891c9cb" dependencies = [ - "instant", + "once_cell", + "proc-macro2", + "quote", + "syn", ] [[package]] @@ -308,9 +349,9 @@ dependencies = [ [[package]] name = "futures" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f73fe65f54d1e12b726f517d3e2135ca3125a437b6d998caf1962961f7172d9e" +checksum = "1adc00f486adfc9ce99f77d717836f0c5aa84965eb0b4f051f4e83f7cab53f8b" dependencies = [ "futures-channel", "futures-core", @@ -323,9 +364,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3083ce4b914124575708913bca19bfe887522d6e2e6d0952943f5eac4a74010" +checksum = "74ed2411805f6e4e3d9bc904c95d5d423b89b3b25dc0250aa74729de20629ff9" dependencies = [ "futures-core", "futures-sink", @@ -333,15 +374,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c09fd04b7e4073ac7156a9539b57a484a8ea920f79c7c675d05d289ab6110d3" +checksum = "af51b1b4a7fdff033703db39de8802c673eb91855f2e0d47dcf3bf2c0ef01f99" [[package]] name = "futures-executor" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9420b90cfa29e327d0429f19be13e7ddb68fa1cccb09d65e5706b8c7a749b8a6" +checksum = "4d0d535a57b87e1ae31437b892713aee90cd2d7b0ee48727cd11fc72ef54761c" dependencies = [ "futures-core", "futures-task", @@ -350,16 +391,18 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc4045962a5a5e935ee2fdedaa4e08284547402885ab326734432bed5d12966b" +checksum = "0b0e06c393068f3a6ef246c75cdca793d6a46347e75286933e5e75fd2fd11582" [[package]] name = "futures-macro" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33c1e13800337f4d4d7a316bf45a567dbcb6ffe087f16424852d97e97a91f512" +checksum = "c54913bae956fb8df7f4dc6fc90362aa72e69148e3f39041fbe8742d21e0ac57" dependencies = [ + "autocfg", + "proc-macro-hack", "proc-macro2", "quote", "syn", @@ -367,22 +410,23 @@ dependencies = [ [[package]] name = "futures-sink" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21163e139fa306126e6eedaf49ecdb4588f939600f0b1e770f4205ee4b7fa868" +checksum = "c0f30aaa67363d119812743aa5f33c201a7a66329f97d1a887022971feea4b53" [[package]] name = "futures-task" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57c66a976bf5909d801bbef33416c41372779507e7a6b3a5e25e4749c58f776a" +checksum = "bbe54a98670017f3be909561f6ad13e810d9a51f3f061b902062ca3da80799f2" [[package]] name = "futures-util" -version = "0.3.21" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8b7abd5d659d9b90c8cba917f6ec750a74e2dc23902ef9cd4cc8c8b22e6036a" +checksum = "67eb846bfd58e44a8481a00049e82c43e0ccb5d61f8dc071057cb19249dd4d78" dependencies = [ + "autocfg", "futures-channel", "futures-core", "futures-io", @@ -392,14 +436,16 @@ dependencies = [ "memchr", "pin-project-lite", "pin-utils", + "proc-macro-hack", + "proc-macro-nested", "slab", ] [[package]] name = "getrandom" -version = "0.2.6" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9be70c98951c83b8d2f8f60d7065fa6d5146873094452a1008da8c2f1e4205ad" +checksum = "7fcd999463524c52659517fe2cea98493cfe485d10565e7b0fb07dbba7ad2753" dependencies = [ "cfg-if", "libc", @@ -414,9 +460,9 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "h2" -version = "0.3.13" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37a82c6d637fc9515a4694bbf1cb2457b79d81ce52b3108bdeea58b07dd34a57" +checksum = "d7f3675cfef6a30c8031cf9e6493ebdc3bb3272a3fea3923c4210d1830e6a472" dependencies = [ "bytes", "fnv", @@ -457,20 +503,20 @@ dependencies = [ [[package]] name = "http" -version = "0.2.6" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31f4c6746584866f0feabcc69893c5b51beef3831656a968ed7ae254cdc4fd03" +checksum = "ff8670570af52249509a86f5e3e18a08c60b177071826898fde8997cf5f6bfbb" dependencies = [ "bytes", "fnv", - "itoa", + "itoa 1.0.1", ] [[package]] name = "http-body" -version = "0.4.4" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ff4f84919677303da5f147645dbea6b1881f368d03ac84e1dc09031ebd7b2c6" +checksum = "399c583b2979440c60be0821a6199eca73bc3c8dcd9d070d75ac726e2c6186e5" dependencies = [ "bytes", "http", @@ -479,15 +525,15 @@ dependencies = [ [[package]] name = "httparse" -version = "1.7.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6330e8a36bd8c859f3fa6d9382911fbb7147ec39807f63b923933a247240b9ba" +checksum = "acd94fdbe1d4ff688b67b04eee2e17bd50995534a61539e45adfefb45e5e5503" [[package]] name = "httpdate" -version = "1.0.2" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" +checksum = "6456b8a6c8f33fee7d958fcd1b60d55b11940a79e63ae87013e6d22e26034440" [[package]] name = "humantime" @@ -497,9 +543,9 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "humantime-serde" -version = "1.1.1" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57a3db5ea5923d99402c94e9feb261dc5ee9b4efa158b0315f788cf549cc200c" +checksum = "ac34a56cfd4acddb469cc7fff187ed5ac36f498ba085caf8bbc725e3ff474058" dependencies = [ "humantime", "serde", @@ -507,9 +553,8 @@ dependencies = [ [[package]] name = "hyper" -version = "0.14.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b26ae0a80afebe130861d90abf98e3814a4f28a4c6ffeb5ab8ebb2be311e0ef2" +version = "0.14.9" +source = "git+https://github.com/Andrewmatilde/hyper.git#4a8275dce7bb1af2ff5a7144eeb51e9e37187831" dependencies = [ "bytes", "futures-channel", @@ -520,7 +565,7 @@ dependencies = [ "http-body", "httparse", "httpdate", - "itoa", + "itoa 0.4.8", "pin-project-lite", "socket2 0.4.4", "tokio", @@ -530,33 +575,24 @@ dependencies = [ ] [[package]] -name = "hyper" -version = "0.14.18" -source = "git+https://github.com/Andrewmatilde/hyper.git#1f83dcb3354d9ea5bbf0eb31343c270218da5e84" +name = "hyper-rustls" +version = "0.23.0" +source = "git+https://github.com/Andrewmatilde/hyper-rustls.git#e6abad7b0d444e1b17a6bbfb650c622ef423ed93" dependencies = [ - "bytes", - "futures-channel", - "futures-core", - "futures-util", - "h2", "http", - "http-body", - "httparse", - "httpdate", - "itoa", - "pin-project-lite", - "socket2 0.4.4", + "hyper", + "log", + "rustls", + "rustls-native-certs", "tokio", - "tower-service", - "tracing", - "want", + "tokio-rustls", ] [[package]] name = "indexmap" -version = "1.8.1" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f647032dfaa1f8b6dc29bd3edb7bbef4861b8b8007ebb118d6db284fd59f6ee" +checksum = "bc633605454125dec4b66843673f01c7df2b89479b32e0ed634e43a91cff62a5" dependencies = [ "autocfg", "hashbrown", @@ -564,9 +600,9 @@ dependencies = [ [[package]] name = "instant" -version = "0.1.12" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +checksum = "bee0328b1209d157ef001c94dd85b4f8f64139adb0eac2659f4b08382b2f474d" dependencies = [ "cfg-if", ] @@ -608,16 +644,31 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5451d970ceaf1d94b287f060eda6c553b0bd93412986765e3274c28a89b50830" dependencies = [ "lazy_static", - "nix 0.20.0", + "nix 0.20.1", "regex", ] +[[package]] +name = "itoa" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4" + [[package]] name = "itoa" version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" +[[package]] +name = "js-sys" +version = "0.3.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "671a26f820db17c2a2750743f1dd03bafd15b98c9f30c7c2628c024c05d73397" +dependencies = [ + "wasm-bindgen", +] + [[package]] name = "json-patch" version = "0.2.6" @@ -637,9 +688,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.124" +version = "0.2.125" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21a41fed9d98f27ab1c6d161da622a4fa35e8a54a8adc24bbf3ddd0ef70b0e50" +checksum = "5916d2ae698f6de9bfb891ad7a8d65c09d232dc58cc4ac433c7da3b2fd84bc2b" [[package]] name = "linked-hash-map" @@ -649,19 +700,18 @@ checksum = "7fb9b38af92608140b86b693604b9ffcc5824240a484d1ecd4795bacb2fe88f3" [[package]] name = "lock_api" -version = "0.4.7" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" +checksum = "88943dd7ef4a2e5a4bfa2753aaab3013e34ce2533d1996fb18ef591e315e2b3b" dependencies = [ - "autocfg", "scopeguard", ] [[package]] name = "log" -version = "0.4.16" +version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6389c490849ff5bc16be905ae24bc913a9c8892e19b2341dbc175e14c341c2b8" +checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" dependencies = [ "cfg-if", ] @@ -698,34 +748,23 @@ checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" [[package]] name = "memoffset" -version = "0.6.5" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +checksum = "59accc507f1338036a0477ef61afdae33cde60840f4dfe481319ce3ad116ddf9" dependencies = [ "autocfg", ] [[package]] name = "mio" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52da4364ffb0e4fe33a9841a98a3f3014fb964045ce4f7a45a398243c8d6b0c9" +checksum = "713d550d9b44d89174e066b7a6217ae06234c10cb47819a88290d2b353c31799" dependencies = [ "libc", "log", - "miow", - "ntapi", "wasi 0.11.0+wasi-snapshot-preview1", - "winapi", -] - -[[package]] -name = "miow" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21" -dependencies = [ - "winapi", + "windows-sys", ] [[package]] @@ -795,14 +834,15 @@ dependencies = [ [[package]] name = "nix" -version = "0.20.0" +version = "0.20.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa9b4819da1bc61c0ea48b63b7bc8604064dd43013e7cc325df098d49cd7c18a" +checksum = "df8e5e343312e7fbeb2a52139114e9e702991ef9c2aea6817ff2440b35647d56" dependencies = [ "bitflags", "cc", "cfg-if", "libc", + "memoffset", ] [[package]] @@ -818,15 +858,6 @@ dependencies = [ "memoffset", ] -[[package]] -name = "ntapi" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c28774a7fd2fbb4f0babd8237ce554b73af68021b5f695a3cebd6c59bac0980f" -dependencies = [ - "winapi", -] - [[package]] name = "num-integer" version = "0.1.44" @@ -848,9 +879,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.13.1" +version = "1.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" dependencies = [ "hermit-abi", "libc", @@ -858,19 +889,25 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.10.0" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56" + +[[package]] +name = "openssl-probe" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f3e037eac156d1775da914196f0f37741a274155e34a0b7e427c35d2a2ecb9" +checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "parking_lot" -version = "0.11.2" +version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" +checksum = "6d7744ac029df22dca6284efe4e898991d28e3085c706c972bcd7da4a27a15eb" dependencies = [ "instant", "lock_api", - "parking_lot_core 0.8.5", + "parking_lot_core 0.8.3", ] [[package]] @@ -880,14 +917,14 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "87f5ec2493a61ac0506c0f4199f99070cbe83857b0337006a30f3e6719b8ef58" dependencies = [ "lock_api", - "parking_lot_core 0.9.2", + "parking_lot_core 0.9.3", ] [[package]] name = "parking_lot_core" -version = "0.8.5" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" +checksum = "fa7a782938e745763fe6907fc6ba86946d72f49fe7e21de074e08128a99fb018" dependencies = [ "cfg-if", "instant", @@ -899,9 +936,9 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.2" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "995f667a6c822200b0433ac218e05582f0e2efa1b922a3fd2fbaadc5f87bab37" +checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929" dependencies = [ "cfg-if", "libc", @@ -951,18 +988,18 @@ checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" [[package]] name = "pin-project" -version = "1.0.10" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58ad3879ad3baf4e44784bc6a718a8698867bb991f8ce24d1bcbe2cfb4c3a75e" +checksum = "576bc800220cc65dac09e99e97b08b358cfab6e17078de8dc5fee223bd2d0c08" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.0.10" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "744b6f092ba29c3650faf274db506afd39944f48420f6c86b17cfe0ee1cb36bb" +checksum = "6e8fe8163d14ce7f0cdac2e040116f22eac817edabff0be91e8aff7e9accf389" dependencies = [ "proc-macro2", "quote", @@ -971,9 +1008,9 @@ dependencies = [ [[package]] name = "pin-project-lite" -version = "0.2.8" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e280fbe77cc62c91527259e9442153f4688736748d24660126286329742b4c6c" +checksum = "8d31d11c69a6b52a174b42bdc0c30e5e11670f90788b2c471c31c1d17d449443" [[package]] name = "pin-utils" @@ -1069,6 +1106,12 @@ dependencies = [ "pnet_sys", ] +[[package]] +name = "ppv-lite86" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac74c624d6b2d21f425f752262f42188365d7b8ff1aff74c82e45136510a4857" + [[package]] name = "proc-macro-error" version = "1.0.4" @@ -1093,38 +1136,90 @@ dependencies = [ "version_check", ] +[[package]] +name = "proc-macro-hack" +version = "0.5.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" + +[[package]] +name = "proc-macro-nested" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc881b2c22681370c6a780e47af9840ef841837bc98118431d4e1868bd0c1086" + [[package]] name = "proc-macro2" -version = "1.0.37" +version = "1.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec757218438d5fda206afc041538b2f6d889286160d649a86a24d37e1235afd1" +checksum = "5c7ed8b8c7b886ea3ed7dde405212185f423ab44682667c8c6dd14aa1d9f6612" dependencies = [ "unicode-xid", ] [[package]] name = "quote" -version = "1.0.18" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1feb54ed693b93a84e14094943b84b7c4eae204c512b7ccb95ab0c66d278ad1" +checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7" dependencies = [ "proc-macro2", ] +[[package]] +name = "rand" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e7573632e6454cf6b99d7aac4ccca54be06da05aca2ef7423d22d27d4d4bcd8" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", + "rand_hc", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rand_hc" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d51e9f596de227fda2ea6c84607f5558e196eeaf43c986b724ba4fb8fdf497e7" +dependencies = [ + "rand_core", +] + [[package]] name = "redox_syscall" -version = "0.2.13" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" +checksum = "8383f39639269cde97d255a32bdb68c047337295414940c68bdd30c2e13203ff" dependencies = [ "bitflags", ] [[package]] name = "regex" -version = "1.5.5" +version = "1.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286" +checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" dependencies = [ "aho-corasick", "memchr", @@ -1155,6 +1250,21 @@ dependencies = [ "winapi", ] +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin", + "untrusted", + "web-sys", + "winapi", +] + [[package]] name = "rtnetlink" version = "0.9.1" @@ -1170,6 +1280,39 @@ dependencies = [ "tokio", ] +[[package]] +name = "rustls" +version = "0.20.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fbfeb8d0ddb84706bc597a5574ab8912817c52a397f819e5b614e2265206921" +dependencies = [ + "log", + "ring", + "sct", + "webpki", +] + +[[package]] +name = "rustls-native-certs" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50" +dependencies = [ + "openssl-probe", + "rustls-pemfile", + "schannel", + "security-framework", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7522c9de787ff061458fe9a829dc790a3f5b22dc571694fc5883f448b94d9a9" +dependencies = [ + "base64", +] + [[package]] name = "rustversion" version = "1.0.6" @@ -1178,9 +1321,19 @@ checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" [[package]] name = "ryu" -version = "1.0.9" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" + +[[package]] +name = "schannel" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f" +checksum = "8f05ba609c234e60bee0d547fe94a4c7e9da733d1c962cf6e59efa4cd9c8bc75" +dependencies = [ + "lazy_static", + "winapi", +] [[package]] name = "scopeguard" @@ -1188,20 +1341,53 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "sct" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "security-framework" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23a2ac85147a3a11d77ecf1bc7166ec0b92febfa4461c37944e180f319ece467" +dependencies = [ + "bitflags", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0160a13a177a45bfb43ce71c01580998474f556ad854dcbca936dd2841a5c556" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "serde" -version = "1.0.136" +version = "1.0.129" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce31e24b01e1e524df96f1c2fdd054405f8d7376249a5110886fb4b658484789" +checksum = "d1f72836d2aa753853178eda473a3b9d8e4eefdaf20523b919677e6de489f8f1" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.136" +version = "1.0.129" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08597e7152fcd306f41838ed3e37be9eaeed2b61c42e2117266a554fab4662f9" +checksum = "e57ae87ad533d9a56427558b516d0adac283614e347abf85b0dc0cbbf0a249f3" dependencies = [ "proc-macro2", "quote", @@ -1210,35 +1396,35 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.79" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e8d9fa5c3b304765ce1fd9c4c8a3de2c8db365a5b91be52f186efc675681d95" +checksum = "336b10da19a12ad094b59d870ebde26a45402e5b470add4b5fd03c5048a32127" dependencies = [ - "itoa", + "itoa 0.4.8", "ryu", "serde", ] [[package]] name = "serde_urlencoded" -version = "0.7.1" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +checksum = "edfa57a7f8d9c1d260a549e7224100f6c43d43f9103e06dd8b4095a9b2b43ce9" dependencies = [ "form_urlencoded", - "itoa", + "itoa 0.4.8", "ryu", "serde", ] [[package]] name = "serde_yaml" -version = "0.8.23" +version = "0.8.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4a521f2940385c165a24ee286aa8599633d162077a54bdcae2a6fd5a7bfa7a0" +checksum = "6375dbd828ed6964c3748e4ef6d18e7a175d408ffe184bca01698d0c73f915a9" dependencies = [ + "dtoa", "indexmap", - "ryu", "serde", "yaml-rust", ] @@ -1250,7 +1436,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5bcc41d18f7a1d50525d080fd3e953be87c4f9f1a974f3c21798ca00d54ec15" dependencies = [ "lazy_static", - "parking_lot 0.11.2", + "parking_lot 0.11.1", "serial_test_derive", ] @@ -1269,9 +1455,9 @@ dependencies = [ [[package]] name = "sharded-slab" -version = "0.1.4" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "900fba806f70c630b0a382d0d825e17a0f19fcd059a2ade1ff237bcddf446b31" +checksum = "740223c51853f3145fe7c90360d2d4232f2b62e3449489c207eccde818979982" dependencies = [ "lazy_static", ] @@ -1287,15 +1473,15 @@ dependencies = [ [[package]] name = "slab" -version = "0.4.6" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb703cfe953bccee95685111adeedb76fabe4e97549a58d16f03ea7b9367bb32" +checksum = "c307a32c1c5c437f38c7fd45d753050587732ba8628319fbdf12a7e289ccc590" [[package]] name = "smallvec" -version = "1.8.0" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" +checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" [[package]] name = "socket2" @@ -1318,6 +1504,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + [[package]] name = "strsim" version = "0.8.0" @@ -1326,9 +1518,9 @@ checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" [[package]] name = "structopt" -version = "0.3.26" +version = "0.3.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c6b5c64445ba8094a6ab0c3cd2ad323e07171012d9c98b0b15651daf1787a10" +checksum = "69b041cdcb67226aca307e6e7be44c8806423d83e018bd662360a93dabce4d71" dependencies = [ "clap", "lazy_static", @@ -1338,9 +1530,9 @@ dependencies = [ [[package]] name = "structopt-derive" -version = "0.4.18" +version = "0.4.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb5ae327f9cc13b68763b5749770cb9e048a99bd9dfdfa58d0cf05d5f64afe0" +checksum = "7813934aecf5f51a54775e00068c237de98489463968231a51746bbbc03f9c10" dependencies = [ "heck", "proc-macro-error", @@ -1351,9 +1543,9 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.91" +version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b683b2b825c8eef438b77c36a06dc262294da3d5a5813fac20da149241dcd44d" +checksum = "b7f58f7e8eaa0009c5fec437aabf511bd9933e4b2d7407bd05273c01a8906ea7" dependencies = [ "proc-macro2", "quote", @@ -1388,13 +1580,13 @@ source = "git+https://github.com/aruntomar/system_gateway#ec345e52f1525b5b3e453d [[package]] name = "tempfile" -version = "3.3.0" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" +checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22" dependencies = [ "cfg-if", - "fastrand", "libc", + "rand", "redox_syscall", "remove_dir_all", "winapi", @@ -1402,9 +1594,9 @@ dependencies = [ [[package]] name = "test-case" -version = "1.2.3" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e9e5f048404b43e8ae66dce036163515b6057024cf58c6377be501f250bd3c6a" +checksum = "3b114ece25254e97bf48dd4bfc2a12bad0647adacfe4cae1247a9ca6ad302cec" dependencies = [ "cfg-if", "proc-macro2", @@ -1426,16 +1618,20 @@ dependencies = [ "chaos-tproxy-proxy", "clap", "default-net", + "derivative", "futures", "futures-util", "http", "humantime-serde", - "hyper 0.14.18 (git+https://github.com/Andrewmatilde/hyper.git)", + "hyper", + "hyper-rustls", "iptables", "json-patch", "libc", "paw", "pnet", + "rustls", + "rustls-pemfile", "serde", "serde_derive", "serde_json", @@ -1446,10 +1642,12 @@ dependencies = [ "system_gateway", "tempfile", "tokio", + "tokio-rustls", "tracing", "tracing-futures", - "tracing-subscriber 0.2.25", + "tracing-subscriber 0.2.20", "uuid", + "webpki-roots", "wildmatch", ] @@ -1464,18 +1662,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.30" +version = "1.0.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" +checksum = "bd829fe32373d27f76265620b5309d0340cb8550f523c1dda251d6298069069a" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.30" +version = "1.0.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" +checksum = "0396bc89e626244658bef819e22d0cc459e795a5ebe878e6ec336d1674a8d79a" dependencies = [ "proc-macro2", "quote", @@ -1493,9 +1691,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.17.0" +version = "1.18.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2af73ac49756f3f7c01172e34a23e5d0216f6c32333757c2c61feb2bbff5a5ee" +checksum = "4903bf0427cf68dddd5aa6a93220756f8be0c34fcfa9f5e6191e103e15a31395" dependencies = [ "bytes", "libc", @@ -1522,18 +1720,29 @@ dependencies = [ "syn", ] +[[package]] +name = "tokio-rustls" +version = "0.23.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" +dependencies = [ + "rustls", + "tokio", + "webpki", +] + [[package]] name = "tokio-util" -version = "0.7.1" +version = "0.6.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0edfdeb067411dba2044da6d1cb2df793dd35add7888d73c16e3381ded401764" +checksum = "1caa0b0c8d94a049db56b5acf8cba99dc0623aab1b26d5b5f5e2d945846b3592" dependencies = [ "bytes", "futures-core", "futures-sink", + "log", "pin-project-lite", "tokio", - "tracing", ] [[package]] @@ -1544,9 +1753,9 @@ checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" [[package]] name = "tracing" -version = "0.1.34" +version = "0.1.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d0ecdcb44a79f0fe9844f0c4f33a342cbcbb5117de8001e6ba0dc2351327d09" +checksum = "09adeb8c97449311ccd28a427f96fb563e7fd31aabf994189879d9da2394b89d" dependencies = [ "cfg-if", "pin-project-lite", @@ -1556,9 +1765,9 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.20" +version = "0.1.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e65ce065b4b5c53e73bb28912318cb8c9e9ad3921f1d669eb0e68b4c8143a2b" +checksum = "c42e6fa53307c8a17e4ccd4dc81cf5ec38db9209f59b222210375b54ee40d1e2" dependencies = [ "proc-macro2", "quote", @@ -1587,9 +1796,9 @@ dependencies = [ [[package]] name = "tracing-log" -version = "0.1.3" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "78ddad33d2d10b1ed7eb9d1f518a5674713876e97e5bb9b7345a7984fbb4f922" +checksum = "a6923477a48e41c1951f1999ef8bb5a3023eb723ceadafe78ffb65dc366761e3" dependencies = [ "lazy_static", "log", @@ -1598,9 +1807,9 @@ dependencies = [ [[package]] name = "tracing-serde" -version = "0.1.3" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" +checksum = "fb65ea441fbb84f9f6748fd496cf7f63ec9af5bca94dd86456978d055e8eb28b" dependencies = [ "serde", "tracing-core", @@ -1608,11 +1817,11 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.2.25" +version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e0d2eaa99c3c2e41547cfa109e910a68ea03823cccad4a0525dcbc9b01e8c71" +checksum = "b9cbe87a2fa7e35900ce5de20220a582a9483a7063811defce79d7cbd59d4cfe" dependencies = [ - "ansi_term", + "ansi_term 0.12.1", "chrono", "lazy_static", "matchers 0.0.1", @@ -1634,7 +1843,7 @@ version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4bc28f93baff38037f64e6f43d34cfa1605f27a49c34e8a04c5e78b0babf2596" dependencies = [ - "ansi_term", + "ansi_term 0.12.1", "lazy_static", "matchers 0.1.0", "regex", @@ -1663,15 +1872,15 @@ checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" [[package]] name = "unicode-segmentation" -version = "1.9.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e8820f5d777f6224dc4be3632222971ac30164d4a258d595640799554ebfd99" +checksum = "8895849a949e7845e06bd6dc1aa51731a103c42707010a5b591c0038fb73385b" [[package]] name = "unicode-width" -version = "0.1.9" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" +checksum = "9337591893a19b88d8d87f2cec1e73fad5cdfd10e5a6f349f498ad6ea2ffb1e3" [[package]] name = "unicode-xid" @@ -1679,6 +1888,12 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + [[package]] name = "uuid" version = "0.8.2" @@ -1703,9 +1918,9 @@ checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" [[package]] name = "version_check" -version = "0.9.4" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe" [[package]] name = "want" @@ -1729,6 +1944,89 @@ version = "0.11.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" +[[package]] +name = "wasm-bindgen" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27370197c907c55e3f1a9fbe26f44e937fe6451368324e009cba39e139dc08ad" +dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53e04185bfa3a779273da532f5025e33398409573f348985af9a1cbf3774d3f4" +dependencies = [ + "bumpalo", + "lazy_static", + "log", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17cae7ff784d7e83a2fe7611cfe766ecf034111b49deb850a3dc7699c08251f5" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99ec0dc7a4756fffc231aab1b9f2f578d23cd391390ab27f952ae0c9b3ece20b" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d554b7f530dee5964d9a9468d95c1f8b8acae4f282807e7d27d4b03099a46744" + +[[package]] +name = "web-sys" +version = "0.3.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b17e741662c70c8bd24ac5c5b18de314a2c26c32bf8346ee1e6f53de919c283" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "webpki-roots" +version = "0.22.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d8de8415c823c8abd270ad483c6feeac771fad964890779f9a8cb24fbbc1bf" +dependencies = [ + "webpki", +] + [[package]] name = "wildmatch" version = "2.1.0" @@ -1772,15 +2070,15 @@ dependencies = [ [[package]] name = "windows-sys" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5acdd78cb4ba54c0045ac14f62d8f94a03d10047904ae2a40afa1e99d8f70825" +checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" dependencies = [ - "windows_aarch64_msvc 0.34.0", - "windows_i686_gnu 0.34.0", - "windows_i686_msvc 0.34.0", - "windows_x86_64_gnu 0.34.0", - "windows_x86_64_msvc 0.34.0", + "windows_aarch64_msvc 0.36.1", + "windows_i686_gnu 0.36.1", + "windows_i686_msvc 0.36.1", + "windows_x86_64_gnu 0.36.1", + "windows_x86_64_msvc 0.36.1", ] [[package]] @@ -1791,9 +2089,9 @@ checksum = "c3d027175d00b01e0cbeb97d6ab6ebe03b12330a35786cbaca5252b1c4bf5d9b" [[package]] name = "windows_aarch64_msvc" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17cffbe740121affb56fad0fc0e421804adf0ae00891205213b5cecd30db881d" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" [[package]] name = "windows_i686_gnu" @@ -1803,9 +2101,9 @@ checksum = "8793f59f7b8e8b01eda1a652b2697d87b93097198ae85f823b969ca5b89bba58" [[package]] name = "windows_i686_gnu" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2564fde759adb79129d9b4f54be42b32c89970c18ebf93124ca8870a498688ed" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" [[package]] name = "windows_i686_msvc" @@ -1815,9 +2113,9 @@ checksum = "8602f6c418b67024be2996c512f5f995de3ba417f4c75af68401ab8756796ae4" [[package]] name = "windows_i686_msvc" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9cd9d32ba70453522332c14d38814bceeb747d80b3958676007acadd7e166956" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" [[package]] name = "windows_x86_64_gnu" @@ -1827,9 +2125,9 @@ checksum = "f3d615f419543e0bd7d2b3323af0d86ff19cbc4f816e6453f36a2c2ce889c354" [[package]] name = "windows_x86_64_gnu" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cfce6deae227ee8d356d19effc141a509cc503dfd1f850622ec4b0f84428e1f4" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" [[package]] name = "windows_x86_64_msvc" @@ -1839,9 +2137,9 @@ checksum = "11d95421d9ed3672c280884da53201a5c46b7b2765ca6faf34b0d71cf34a3561" [[package]] name = "windows_x86_64_msvc" -version = "0.34.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d19538ccc21819d01deaf88d6a17eae6596a12e9aafdbb97916fb49896d89de9" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" [[package]] name = "yaml-rust" diff --git a/Cargo.toml b/Cargo.toml index 0153d67..c6204ee 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,7 +17,7 @@ members = ["chaos-tproxy-controller", "chaos-tproxy-proxy", "tests"] anyhow = "1.0" clap = "2.33.3" futures = "0.3.10" -http = "0.2.3" +http = "0.2.7" humantime-serde = "1.0" hyper = {git = "https://github.com/Andrewmatilde/hyper.git", features = ["runtime", "client", "server", "http1", "http2", "stream", "error_return"]} iptables = "0.4" @@ -44,6 +44,12 @@ bincode = "1.3.3" default-net = "0.9.0" system_gateway = {git="https://github.com/aruntomar/system_gateway"} base64 = "0.13.0" +tokio-rustls = "0.23.4" +rustls = "0.20.4" +derivative = "2.2.0" +rustls-pemfile = "1.0.0" +webpki-roots = "0.22" +hyper-rustls = { git = "https://github.com/Andrewmatilde/hyper-rustls.git", features = ["http2"] } rtnetlink = "0.9.1" iproute2-rs = {git="https://github.com/chaos-mesh/iproute2-rs.git"} futures-util = "0.3" diff --git a/chaos-tproxy-controller/Cargo.toml b/chaos-tproxy-controller/Cargo.toml index 3ec8a32..1946da9 100644 --- a/chaos-tproxy-controller/Cargo.toml +++ b/chaos-tproxy-controller/Cargo.toml @@ -15,9 +15,9 @@ path = "src/lib.rs" anyhow = "1.0" clap = "2.33.3" futures = "0.3.10" -http = "0.2.3" +http = "0.2.7" humantime-serde = "1.0" -hyper = {version = "0.14.4", features = ["runtime", "client", "server", "http1", "http2", "stream"]} +hyper = {git = "https://github.com/Andrewmatilde/hyper.git", features = ["runtime", "client", "server", "http1", "http2", "stream", "error_return"]} iptables = "0.4" libc = {version = "0.2.81", features = ["std"]} paw = "1.0" @@ -45,4 +45,10 @@ pnet = "0.28.0" default-net = "0.9.0" rtnetlink = "0.9.1" iproute2-rs = {git="https://github.com/chaos-mesh/iproute2-rs.git"} -system_gateway = {git="https://github.com/aruntomar/system_gateway"} \ No newline at end of file +system_gateway = {git="https://github.com/aruntomar/system_gateway"} +tokio-rustls = "0.23.4" +rustls = "0.20.4" +derivative = "2.2.0" +rustls-pemfile = "1.0.0" +webpki-roots = "0.22" +hyper-rustls = { git = "https://github.com/Andrewmatilde/hyper-rustls.git", features = ["http2"] } \ No newline at end of file diff --git a/chaos-tproxy-controller/src/proxy/config.rs b/chaos-tproxy-controller/src/proxy/config.rs index 2c75781..f2cacce 100644 --- a/chaos-tproxy-controller/src/proxy/config.rs +++ b/chaos-tproxy-controller/src/proxy/config.rs @@ -32,6 +32,7 @@ impl TryFrom for Config { Some(rules) => rules, None => vec![], }, + tls: raw.tls, }, }) } @@ -76,6 +77,7 @@ mod tests { safe_mode: None, interface: None, rules: None, + tls: None, listen_port: None, proxy_mark: None, @@ -92,7 +94,8 @@ mod tests { listen_port: get_free_port(None).unwrap(), safe_mode: false, interface: None, - rules: vec![] + rules: vec![], + tls: None } } ); @@ -102,6 +105,7 @@ mod tests { safe_mode: Some(true), interface: Some("ens33".parse().unwrap()), rules: None, + tls: None, listen_port: None, proxy_mark: None, @@ -118,7 +122,8 @@ mod tests { listen_port: 1027u16, safe_mode: true, interface: Some("ens33".parse().unwrap()), - rules: vec![] + rules: vec![], + tls: None } } ); diff --git a/chaos-tproxy-controller/src/proxy/exec.rs b/chaos-tproxy-controller/src/proxy/exec.rs index 33495b2..f141d7d 100644 --- a/chaos-tproxy-controller/src/proxy/exec.rs +++ b/chaos-tproxy-controller/src/proxy/exec.rs @@ -3,8 +3,8 @@ use std::path::PathBuf; use std::process::Stdio; use anyhow::Error; -use rtnetlink::{Handle, new_connection}; use chaos_tproxy_proxy::raw_config::RawConfig as ProxyRawConfig; +use rtnetlink::{new_connection, Handle}; use tokio::process::Command; use tokio::select; use tokio::sync::oneshot::{channel, Receiver, Sender}; diff --git a/chaos-tproxy-controller/src/proxy/net/bridge.rs b/chaos-tproxy-controller/src/proxy/net/bridge.rs index 9b03b6c..13b6354 100644 --- a/chaos-tproxy-controller/src/proxy/net/bridge.rs +++ b/chaos-tproxy-controller/src/proxy/net/bridge.rs @@ -5,12 +5,12 @@ use default_net; use default_net::Gateway; use pnet::datalink::NetworkInterface; use pnet::ipnetwork::{IpNetwork, Ipv4Network}; -use rtnetlink::Handle; use rtnetlink::packet::route::Nla; use rtnetlink::packet::RouteMessage; +use rtnetlink::Handle; use uuid::Uuid; -use crate::proxy::net::iptables::clear_ebtables; +use crate::proxy::net::iptables::clear_ebtables; use crate::proxy::net::routes::{del_routes_noblock, get_routes_noblock, load_routes}; #[derive(Debug, Clone)] @@ -31,7 +31,7 @@ pub struct NetEnv { } impl NetEnv { - pub async fn new(handle:&Handle) -> Self { + pub async fn new(handle: &Handle) -> Self { let interfaces = pnet::datalink::interfaces(); let prefix = loop { let key = Uuid::new_v4().to_string()[0..13].to_string(); @@ -194,12 +194,10 @@ impl NetEnv { .mac .context(format!("mac {} not found", self.veth4.clone()))? .to_string(); - execute_all(vec![ - ip_netns( - &self.netns, - arp_set(&net.ip().to_string(), &veth4_mac, &self.bridge2), - ), - ])?; + execute_all(vec![ip_netns( + &self.netns, + arp_set(&net.ip().to_string(), &veth4_mac, &self.bridge2), + )])?; let all_routes = get_routes_noblock(handle).await?; @@ -226,7 +224,7 @@ impl NetEnv { Ok(()) } - pub async fn clear_bridge(&self, handle:&mut Handle) -> Result<()> { + pub async fn clear_bridge(&self, handle: &mut Handle) -> Result<()> { let restore_dns = "cp /etc/resolv.conf.bak /etc/resolv.conf"; let cmdvv = vec![ @@ -243,9 +241,11 @@ impl NetEnv { vec![] }); - del_routes_noblock(handle, routes).await.unwrap_or_else(|e| { - tracing::error!("clear routes del_routes_noblock with error {}", e); - }); + del_routes_noblock(handle, routes) + .await + .unwrap_or_else(|e| { + tracing::error!("clear routes del_routes_noblock with error {}", e); + }); load_routes(handle, self.save_routes.clone()) .await diff --git a/chaos-tproxy-controller/src/proxy/net/routes.rs b/chaos-tproxy-controller/src/proxy/net/routes.rs index fa63301..8f962ae 100644 --- a/chaos-tproxy-controller/src/proxy/net/routes.rs +++ b/chaos-tproxy-controller/src/proxy/net/routes.rs @@ -2,8 +2,7 @@ use anyhow::{anyhow, Result}; use futures_util::future::join_all; use iproute2_rs::ip::iproute::{del_routes, get_routes, Action, IPRoute}; use rtnetlink::packet::RouteMessage; -use rtnetlink::{IpVersion, Handle}; - +use rtnetlink::{Handle, IpVersion}; pub async fn get_routes_noblock(handle: &Handle) -> Result> { let routes = get_routes(handle, IpVersion::V4).await?; @@ -45,6 +44,7 @@ pub async fn load_routes(handle: &mut Handle, msgs: Vec) -> Result mod test { use rtnetlink::new_connection; use tokio::spawn; + use crate::proxy::net::routes::{del_routes_noblock, get_routes_noblock, load_routes}; #[ignore] diff --git a/chaos-tproxy-controller/src/proxy/net/set_net.rs b/chaos-tproxy-controller/src/proxy/net/set_net.rs index 5e954ad..3dc658a 100644 --- a/chaos-tproxy-controller/src/proxy/net/set_net.rs +++ b/chaos-tproxy-controller/src/proxy/net/set_net.rs @@ -1,4 +1,5 @@ use std::option::Option::Some; + use rtnetlink::Handle; use crate::proxy::net::bridge::{bash_c, execute, execute_all, get_interface, NetEnv}; diff --git a/chaos-tproxy-controller/src/raw_config.rs b/chaos-tproxy-controller/src/raw_config.rs index 5105f40..552287c 100644 --- a/chaos-tproxy-controller/src/raw_config.rs +++ b/chaos-tproxy-controller/src/raw_config.rs @@ -1,4 +1,4 @@ -use chaos_tproxy_proxy::raw_config::RawRule; +use chaos_tproxy_proxy::raw_config::{RawRule, TLSRawConfig}; use serde::{Deserialize, Serialize}; #[derive(Debug, Eq, PartialEq, Clone, Deserialize, Serialize, Default)] @@ -8,6 +8,7 @@ pub struct RawConfig { pub safe_mode: Option, pub interface: Option, pub rules: Option>, + pub tls: Option, // Useless options now. Keep these options for upward compatible. pub listen_port: Option, diff --git a/chaos-tproxy-proxy/Cargo.toml b/chaos-tproxy-proxy/Cargo.toml index 682871b..bb29d84 100644 --- a/chaos-tproxy-proxy/Cargo.toml +++ b/chaos-tproxy-proxy/Cargo.toml @@ -9,7 +9,7 @@ edition = "2018" anyhow = "1.0" clap = "2.33.3" futures = "0.3.10" -http = "0.2.3" +http = "0.2.7" humantime-serde = "1.0" hyper = {git = "https://github.com/Andrewmatilde/hyper.git", features = ["runtime", "client", "server", "http1", "http2", "stream", "error_return"]} iptables = "0.4" @@ -34,5 +34,11 @@ bincode = "1.3.3" tempfile = "3.2.0" uuid = { version = "0.8", features = ["serde", "v4"] } base64 = "0.13.0" +tokio-rustls = "0.23.4" +rustls = "0.20.4" +derivative = "2.2.0" +rustls-pemfile = "1.0.0" +webpki-roots = "0.22" +hyper-rustls = { git = "https://github.com/Andrewmatilde/hyper-rustls.git", features = ["http2"] } rtnetlink = "0.9.1" futures-util = "0.3" \ No newline at end of file diff --git a/chaos-tproxy-proxy/src/proxy/http/config.rs b/chaos-tproxy-proxy/src/proxy/http/config.rs index c757500..537a7ae 100644 --- a/chaos-tproxy-proxy/src/proxy/http/config.rs +++ b/chaos-tproxy-proxy/src/proxy/http/config.rs @@ -1,7 +1,21 @@ +use rustls::{ClientConfig, ServerConfig}; + use crate::handler::http::rule::Rule; -#[derive(Debug, Clone)] +#[derive(Clone)] pub struct Config { + pub http_config: HTTPConfig, + pub tls_config: Option, +} + +#[derive(Clone, Debug)] +pub struct HTTPConfig { pub proxy_port: u16, pub rules: Vec, } + +#[derive(Clone)] +pub struct TLSConfig { + pub tls_client_config: ClientConfig, + pub tls_server_config: ServerConfig, +} diff --git a/chaos-tproxy-proxy/src/proxy/http/connector.rs b/chaos-tproxy-proxy/src/proxy/http/connector.rs index 37d9e0e..099b442 100644 --- a/chaos-tproxy-proxy/src/proxy/http/connector.rs +++ b/chaos-tproxy-proxy/src/proxy/http/connector.rs @@ -3,10 +3,8 @@ use std::net::SocketAddr; use std::pin::Pin; use std::task::{Context, Poll}; -use anyhow::{anyhow, Error, Result}; -use http::uri::Scheme; +use anyhow::{Error, Result}; use http::Uri; -use hyper::client::connect::dns::GaiResolver; use hyper::service::Service; use tokio::net::TcpStream; use tracing::{instrument, trace}; @@ -15,22 +13,20 @@ use crate::proxy::tcp::transparent_socket::TransparentSocket; #[derive(Debug, Clone)] pub struct HttpConnector { - resolver: GaiResolver, + target: SocketAddr, socket: TransparentSocket, } impl HttpConnector { - pub fn new(src: SocketAddr) -> Self { + pub fn new(dst: SocketAddr, src: SocketAddr) -> Self { Self { - resolver: GaiResolver::new(), + target: dst, socket: TransparentSocket::new(src), } } - async fn connect(mut self, dist: Uri) -> Result { - let addr = resolve(&mut self.resolver, &dist).await?; - trace!("resolved addr({})", dist); - Ok(self.socket.conn(addr).await?) + async fn connect(self, _: Uri) -> Result { + Ok(self.socket.conn(self.target).await?) } } @@ -43,7 +39,6 @@ impl Service for HttpConnector { #[instrument] fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll> { - futures::ready!(self.resolver.poll_ready(cx))?; trace!("connector is ready"); Poll::Ready(Ok(())) } @@ -53,28 +48,3 @@ impl Service for HttpConnector { Box::pin(self.clone().connect(dst)) } } - -/// This function resolve uri and select uri with scheme like `http://` -/// and get host addrs and dst port from Uri. -pub(crate) async fn resolve(resolver: &mut GaiResolver, dst: &Uri) -> Result { - if dst - .scheme() - .filter(|scheme| **scheme != Scheme::HTTP) - .is_some() - { - return Err(anyhow!("https connector cannot handle http request")); - } - - let host = dst - .host() - .ok_or_else(|| anyhow!("target uri has no host"))?; - let mut addrs = resolver.call(host.parse()?).await?; - let mut addr = addrs - .next() - .ok_or_else(|| anyhow!("cannot resolve {}", host))?; - - if let Some(port) = dst.port() { - addr.set_port(port.as_u16()); - } - Ok(addr) -} diff --git a/chaos-tproxy-proxy/src/proxy/http/server.rs b/chaos-tproxy-proxy/src/proxy/http/server.rs index 4c0eefc..4944db2 100644 --- a/chaos-tproxy-proxy/src/proxy/http/server.rs +++ b/chaos-tproxy-proxy/src/proxy/http/server.rs @@ -1,3 +1,4 @@ +use std::convert::TryInto; use std::future::Future; use std::matches; use std::net::SocketAddr; @@ -5,27 +6,30 @@ use std::pin::Pin; use std::sync::Arc; use std::task::{Context, Poll}; -use anyhow::Result; -use http::uri::{Scheme, Uri}; +use anyhow::{anyhow, Result}; +use derivative::Derivative; +use http::header::HOST; +use http::uri::{PathAndQuery, Scheme, Uri}; use http::StatusCode; use hyper::server::conn::Http; use hyper::service::Service; -use hyper::{Body, Client, Request, Response}; +use hyper::{client, Body, Client, Request, Response}; +use rustls::ClientConfig; use tokio::io::AsyncWriteExt; use tokio::net::TcpStream; use tokio::select; use tokio::sync::oneshot::Receiver; -use tracing::{debug, error}; +use tokio_rustls::TlsAcceptor; +use tracing::{debug, error, span, trace, Level}; use crate::handler::http::action::{apply_request_action, apply_response_action}; use crate::handler::http::rule::Target; use crate::handler::http::selector::{select_request, select_response}; -use crate::proxy::http::config::Config; +use crate::proxy::http::config::{Config, HTTPConfig}; use crate::proxy::http::connector::HttpConnector; use crate::proxy::tcp::listener::TcpListener; use crate::proxy::tcp::transparent_socket::TransparentSocket; -#[derive(Debug)] pub struct HttpServer { config: Config, } @@ -35,34 +39,85 @@ impl HttpServer { Self { config } } - pub async fn serve(&mut self, rx: Receiver<()>) -> Result<()> { - let addr = SocketAddr::from(([0, 0, 0, 0], self.config.proxy_port)); + pub async fn serve(&mut self, mut rx: Receiver<()>) -> Result<()> { + let addr = SocketAddr::from(([0, 0, 0, 0], self.config.http_config.proxy_port)); let listener = TcpListener::bind(addr)?; tracing::info!("Proxy Listening"); - select! { - _ = async { - loop { - let stream = listener.accept().await?; - let addr_remote = stream.peer_addr()?; - let addr_local = stream.local_addr()?; - tracing::debug!("Accept streaming remote={:?}, local={:?}", addr_remote, addr_local); - let config = Arc::new(self.config.clone()); - let service = HttpService::new(addr_remote, addr_local, config); - tokio::spawn(async move { - match serve_http_with_error_return(stream, &service).await{ - Ok(_)=>{} - Err(e) => {tracing::error!("{}",e);} - }; - }); + let http_config = Arc::new(self.config.http_config.clone()); + let rx_mut = &mut rx; + + loop { + let stream = select! { + stream = listener.accept() => { + stream + }, + _ = &mut *rx_mut => { + return Ok(()); + } + }?; + let addr_remote = stream.peer_addr()?; + let addr_local = stream.local_addr()?; + debug!(target : "Accept streaming", "remote={:?}, local={:?}",addr_remote, addr_local); + if let Some(tls_config) = &self.config.tls_config { + let tls_client_config = Arc::new(tls_config.tls_client_config.clone()); + let tls_server_config = Arc::new(tls_config.tls_server_config.clone()); + let service = HttpService::new( + addr_remote, + addr_local, + http_config.clone(), + Some(tls_client_config.clone()), + ); + let acceptor = TlsAcceptor::from(tls_server_config.clone()); + tokio::spawn(async move { + match serve_https(stream, &service, acceptor).await { + Ok(_) => {} + Err(e) => { + error!("{}", e); + } + }; + }); + } else { + let service = HttpService::new(addr_remote, addr_local, http_config.clone(), None); + tokio::spawn(async move { + match serve_http_with_error_return(stream, &service).await { + Ok(_) => {} + Err(e) => { + error!("{}", e); + } + }; + }); + } + } + } +} + +pub async fn serve_https( + stream: TcpStream, + service: &HttpService, + acceptor: TlsAcceptor, +) -> Result<()> { + let log_key = format!( + "{{ peer={},local={} }}", + stream.peer_addr()?, + stream.local_addr()? + ); + let mut tls_stream = acceptor.accept(stream).await?; + loop { + let (r, parts) = Http::new() + .serve_connection_with_parts(tls_stream, service.clone()) + .await; + let part_stream = match r { + Ok(()) => match parts { + Some(part) => part.io, + None => { + return Ok(()); } - #[allow(unreachable_code)] - Ok::<_, anyhow::Error>(()) - } => {}, - _ = rx => { - return Ok(()); + }, + Err(e) => { + return Err(anyhow!("{}: stream block with error: {}", log_key, e)); } }; - Ok(()) + tls_stream = part_stream; } } @@ -75,6 +130,8 @@ pub async fn serve_http_with_error_return( stream.peer_addr()?, stream.local_addr()? ); + let span = span!(Level::TRACE, "Stream", "{}", &log_key); + let _guard = span.enter(); loop { let (r, parts) = Http::new() .error_return(true) @@ -89,15 +146,15 @@ pub async fn serve_http_with_error_return( }, Err(e) => { return if e.is_parse() { - tracing::debug!("{}:Turn into tcp transfer.", log_key); + debug!("Turn into tcp transfer."); match parts { Some(mut part) => { let addr_target = part.io.local_addr()?; let addr_local = part.io.peer_addr()?; let socket = TransparentSocket::bind(addr_local)?; - tracing::debug!("{}:Bind local addrs.", log_key); + debug!("Bind local addrs."); let mut client_stream = socket.connect(addr_target).await?; - tracing::debug!("{}:Connected target addrs.", log_key); + debug!("Connected target addrs."); client_stream .write_all(part.read_buf.as_ref()) .await @@ -109,7 +166,7 @@ pub async fn serve_http_with_error_return( } } else { if !e.to_string().contains("error shutting down connection") { - tracing::info!("{}:fail to serve http: {}", log_key, e); + tracing::info!("fail to serve http: {}", e); } Ok(()) } @@ -119,19 +176,30 @@ pub async fn serve_http_with_error_return( } } -#[derive(Debug, Clone)] +#[derive(Derivative)] +#[derivative(Debug)] +#[derive(Clone)] pub struct HttpService { remote: SocketAddr, target: SocketAddr, - config: Arc, + config: Arc, + + #[derivative(Debug = "ignore")] + tls_client_config: Option>, } impl HttpService { - fn new(addr_remote: SocketAddr, addr_target: SocketAddr, config: Arc) -> Self { + fn new( + addr_remote: SocketAddr, + addr_target: SocketAddr, + config: Arc, + tls_client_config: Option>, + ) -> Self { Self { remote: addr_remote, target: addr_target, config, + tls_client_config, } } @@ -156,22 +224,48 @@ impl HttpService { let uri = request.uri().clone(); let method = request.method().clone(); let headers = request.headers().clone(); - + trace!("URI: {}", request.uri()); let mut parts = request.uri().clone().into_parts(); - parts.authority = match self.target.to_string().parse() { - Ok(o) => Some(o), - Err(_) => None, + parts.authority = match request + .headers() + .iter() + .find(|(header_name, _)| **header_name == HOST) + { + None => match self.target.to_string().parse() { + Ok(o) => Some(o), + Err(_) => None, + }, + Some((_, value)) => Some(value.as_bytes().try_into()?), }; - if parts.path_and_query.is_some() && parts.authority.is_some() && parts.scheme.is_none() { + trace!("authority: {:?}", parts.authority); + if parts.path_and_query.is_none() { + parts.path_and_query = Some(PathAndQuery::from_static("/")) + } + if self.tls_client_config.is_some() { + parts.scheme = Some(Scheme::HTTPS); + } else { parts.scheme = Some(Scheme::HTTP); } *request.uri_mut() = Uri::from_parts(parts)?; - let client = Client::builder().build(HttpConnector::new(self.remote)); + let rsp_fut = if let Some(tls_client_config) = &self.tls_client_config { + let https = hyper_rustls::HttpsConnectorBuilder::new() + .with_tls_config((**tls_client_config).clone()) + .https_only() + .enable_http1() + .enable_http2() + .wrap_connector(HttpConnector::new(self.target, self.remote)); + + let client: client::Client<_, hyper::Body> = client::Client::builder().build(https); + client.request(request) + } else { + let client = Client::builder().build(HttpConnector::new(self.target, self.remote)); + client.request(request) + }; - let mut response = match client.request(request).await { + let mut response = match rsp_fut.await { Ok(resp) => resp, Err(err) => { error!("{} : fail to forward request: {}", log_key, err); diff --git a/chaos-tproxy-proxy/src/raw_config.rs b/chaos-tproxy-proxy/src/raw_config.rs index bc2e1c6..087d948 100644 --- a/chaos-tproxy-proxy/src/raw_config.rs +++ b/chaos-tproxy-proxy/src/raw_config.rs @@ -1,11 +1,19 @@ use std::collections::HashMap; use std::convert::{TryFrom, TryInto}; +use std::fs::File; +use std::io; +use std::io::BufReader; +use std::path::PathBuf; use std::time::Duration; use anyhow::{anyhow, Error}; use http::header::{HeaderMap, HeaderName}; use http::StatusCode; +use rustls::OwnedTrustAnchor; +use rustls_pemfile::{certs, rsa_private_keys}; use serde::{Deserialize, Serialize}; +use tokio_rustls::rustls::{Certificate, PrivateKey}; +use tokio_rustls::webpki; use wildmatch::WildMatch; use crate::handler::http::action::{ @@ -14,7 +22,7 @@ use crate::handler::http::action::{ }; use crate::handler::http::rule::{Rule, Target}; use crate::handler::http::selector::Selector; -use crate::proxy::http::config::Config; +use crate::proxy::http::config::{Config, HTTPConfig, TLSConfig}; #[derive(Debug, Eq, PartialEq, Clone, Deserialize, Serialize, Default)] pub struct RawConfig { @@ -23,6 +31,14 @@ pub struct RawConfig { pub safe_mode: bool, pub interface: Option, pub rules: Vec, + pub tls: Option, +} + +#[derive(Debug, Eq, PartialEq, Clone, Deserialize, Serialize, Default)] +pub struct TLSRawConfig { + pub ca_file: Option, + pub cert_file: PathBuf, + pub key_file: PathBuf, } #[derive(Debug, Eq, PartialEq, Clone, Deserialize, Serialize)] @@ -151,16 +167,80 @@ impl TryFrom for Config { fn try_from(raw: RawConfig) -> Result { Ok(Self { - proxy_port: raw.listen_port, - rules: raw - .rules - .into_iter() - .map(TryInto::try_into) - .collect::, Self::Error>>()?, + http_config: HTTPConfig { + proxy_port: raw.listen_port, + rules: raw + .rules + .into_iter() + .map(TryInto::try_into) + .collect::, Self::Error>>()?, + }, + + tls_config: match raw.tls { + None => None, + Some(tls) => Some(tls.try_into()?), + }, }) } } +impl TryFrom for TLSConfig { + type Error = Error; + + fn try_from(raw: TLSRawConfig) -> Result { + let certs = certs(&mut BufReader::new(File::open(raw.cert_file)?)) + .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid cert")) + .map(|mut certs| certs.drain(..).map(Certificate).collect())?; + let keys: Vec = + rsa_private_keys(&mut BufReader::new(File::open(raw.key_file)?)) + .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid key")) + .map(|mut keys| keys.drain(..).map(PrivateKey).collect())?; + + if keys.is_empty() { + return Err(anyhow!("empty key")); + } + let key = keys[0].clone(); + + let mut root_cert_store = rustls::RootCertStore::empty(); + if let Some(cafile) = &raw.ca_file { + let mut pem = BufReader::new(File::open(cafile)?); + let certs = rustls_pemfile::certs(&mut pem)?; + let trust_anchors = certs.iter().map(|cert| { + let ta = webpki::TrustAnchor::try_from_cert_der(&cert[..]).unwrap(); + OwnedTrustAnchor::from_subject_spki_name_constraints( + ta.subject, + ta.spki, + ta.name_constraints, + ) + }); + root_cert_store.add_server_trust_anchors(trust_anchors); + } else { + root_cert_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map( + |ta| { + OwnedTrustAnchor::from_subject_spki_name_constraints( + ta.subject, + ta.spki, + ta.name_constraints, + ) + }, + )); + } + + let tls_config = Self { + tls_client_config: rustls::ClientConfig::builder() + .with_safe_defaults() + .with_root_certificates(root_cert_store) + .with_no_client_auth(), + tls_server_config: rustls::ServerConfig::builder() + .with_safe_defaults() + .with_no_client_auth() + .with_single_cert(certs, key) + .map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err))?, + }; + Ok(tls_config) + } +} + impl TryFrom for Rule { type Error = Error; diff --git a/tests/Cargo.toml b/tests/Cargo.toml index b4447f4..cd2db58 100644 --- a/tests/Cargo.toml +++ b/tests/Cargo.toml @@ -11,7 +11,7 @@ path = "./integrations/mod.rs" anyhow = "1.0" clap = "2.33.3" futures = "0.3.10" -http = "0.2.3" +http = "0.2.7" humantime-serde = "1.0" hyper = {git = "https://github.com/Andrewmatilde/hyper.git", features = ["runtime", "client", "server", "http1", "http2", "stream", "error_return"]} iptables = "0.4" @@ -42,3 +42,9 @@ chaos-tproxy-controller = {path = "../chaos-tproxy-controller"} pnet = "0.28.0" default-net = "0.9.0" system_gateway = {git="https://github.com/aruntomar/system_gateway"} +tokio-rustls = "0.23.4" +rustls = "0.20.4" +derivative = "2.2.0" +rustls-pemfile = "1.0.0" +webpki-roots = "0.22" +hyper-rustls = { git = "https://github.com/Andrewmatilde/hyper-rustls.git", features = ["http2"] } \ No newline at end of file