Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(adex-cli): secure connection provided #1910

Merged
merged 12 commits into from
Aug 2, 2023
Merged

feat(adex-cli): secure connection provided #1910

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
6703079
feat(mm2_net): SlurpHttpClient trait was introduced
Jul 11, 2023
5940fb5
feat(adex-cli): adex-cli has been made able to connect over https
Jul 11, 2023
5639955
feat(adex-cli): adex-cli has been made able to connect over https
Jul 11, 2023
9ea2924
refactor: adex-cli has been made able to connect over https
Jul 11, 2023
c030f5a
fix: got rid of clippy warnings
Jul 11, 2023
7764efd
refactor: spit and polish
Jul 11, 2023
6a112a5
refactor: spit and polish trace message
Jul 17, 2023
b0a6c10
activation scheme has changed, fix tests
Jul 17, 2023
5f8349e
fix: remove cached activation_scheme before testing it
Jul 18, 2023
efd6618
spit and polish
Jul 18, 2023
b1b67c2
Merge branch 'dev' into 1873-adex-cli-https
Jul 19, 2023
d254c21
doc: fix typo in native_http.rs
rozhkovdmitrii Aug 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 75 additions & 0 deletions mm2src/adex_cli/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 4 additions & 2 deletions mm2src/adex_cli/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ derive_more = "0.99"
directories = "5.0"
env_logger = "0.7.1"
http = "0.2"
hyper = { version = "0.14.26", features = ["client", "http2", "tcp"] }
hyper-rustls = "^0.23.0"
gstuff = { version = "=0.7.4" , features = [ "nightly" ]}
inquire = "0.6"
itertools = "0.10"
Expand All @@ -23,14 +25,14 @@ mm2_net = { path = "../mm2_net" }
mm2_number = { path = "../mm2_number" }
mm2_rpc = { path = "../mm2_rpc"}
passwords = "3.1"
rpc = { path = "../mm2_bitcoin/rpc" }
rustls = { version = "^0.20.4", features = [ "dangerous_configuration" ] }
serde = "1.0"
serde_json = { version = "1", features = ["preserve_order", "raw_value"] }
sysinfo = "0.28"
tiny-bip39 = "0.8.0"
tokio = { version = "1.20", features = [ "macros" ] }
uuid = { version = "1.2.2", features = ["fast-rng", "serde", "v4"] }
rpc = { path = "../mm2_bitcoin/rpc" }

[target.'cfg(windows)'.dependencies]
winapi = { version = "0.3.3", features = ["processthreadsapi", "winnt"] }

63 changes: 59 additions & 4 deletions mm2src/adex_cli/src/transport.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
use anyhow::{anyhow, bail, Result};
use async_trait::async_trait;
use http::{HeaderMap, StatusCode};
use log::{error, warn};
use mm2_net::native_http::slurp_post_json;
use serde::{Deserialize, Serialize};

use common::log::{error, warn};
use hyper_dangerous::get_hyper_client_dangerous;
use mm2_net::native_http::SlurpHttpClient;

use crate::{error_anyhow, error_bail, warn_bail};

#[async_trait]
Expand Down Expand Up @@ -32,8 +34,10 @@ impl Transport for SlurpTransport {
OkT: for<'a> Deserialize<'a>,
ErrT: for<'a> Deserialize<'a>,
{
let data = serde_json::to_string(&req).expect("Failed to serialize enable request");
match slurp_post_json(&self.rpc_uri, data).await {
let data = serde_json::to_string(&req)
.map_err(|error| error_anyhow!("Failed to serialize data being sent: {error}"))?;
let client = get_hyper_client_dangerous()?;
match client.slurp_post_json(&self.rpc_uri, data).await {
Err(error) => error_bail!("Failed to send json: {error}"),
Ok(resp) => resp.process::<OkT, ErrT>(),
}
Expand Down Expand Up @@ -78,3 +82,54 @@ impl Response for (StatusCode, HeaderMap, Vec<u8>) {
}
}
}

mod hyper_dangerous {

use hyper::{client::HttpConnector, Body, Client};
use hyper_rustls::{HttpsConnector, HttpsConnectorBuilder};
use rustls::client::{ServerCertVerified, ServerCertVerifier};
use rustls::{RootCertStore, DEFAULT_CIPHER_SUITES, DEFAULT_VERSIONS};
use std::sync::Arc;
use std::time::SystemTime;

use super::*;

pub(super) fn get_hyper_client_dangerous() -> Result<Client<HttpsConnector<HttpConnector>>> {
let mut config = rustls::ClientConfig::builder()
.with_cipher_suites(DEFAULT_CIPHER_SUITES)
.with_safe_default_kx_groups()
.with_protocol_versions(DEFAULT_VERSIONS)
.map_err(|error| error_anyhow!("Inconsistent cipher-suite/versions selected: {error}"))?
.with_root_certificates(RootCertStore::empty())
.with_no_client_auth();

config
.dangerous()
.set_certificate_verifier(Arc::new(NoCertificateVerification {}));

let https_connector = HttpsConnectorBuilder::default()
.with_tls_config(config)
.https_or_http()
.enable_http1()
.enable_http2()
.build();

Ok(Client::builder().build::<_, Body>(https_connector))
}

struct NoCertificateVerification {}

impl ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_: &rustls::Certificate,
_: &[rustls::Certificate],
_: &rustls::ServerName,
_: &mut dyn Iterator<Item = &[u8]>,
_: &[u8],
_: SystemTime,
) -> Result<ServerCertVerified, rustls::Error> {
Ok(ServerCertVerified::assertion())
}
}
}
Loading