From 5fc64e79c913bf1884bb4daf8170931d2820bcd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=8E=E6=98=8E=E6=98=8E?= Date: Wed, 23 Dec 2020 08:28:19 +0800 Subject: [PATCH 1/4] add untrust-client example --- examples/untrust-client/Cargo.toml | 14 ++++++ examples/untrust-client/src/main.rs | 66 +++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 examples/untrust-client/Cargo.toml create mode 100644 examples/untrust-client/src/main.rs diff --git a/examples/untrust-client/Cargo.toml b/examples/untrust-client/Cargo.toml new file mode 100644 index 0000000..8b1815a --- /dev/null +++ b/examples/untrust-client/Cargo.toml @@ -0,0 +1,14 @@ +[package] +name = "untrust-client" +version = "0.1.0" +authors = ["于明明 "] +edition = "2018" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +structopt = {version = "0.3"} +async-std = "1.8.0" +async-tls = { path = "../.." } +rustls = {version="0.19.0", features=["dangerous_configuration"]} +webpki = "0.21.4" diff --git a/examples/untrust-client/src/main.rs b/examples/untrust-client/src/main.rs new file mode 100644 index 0000000..da88e69 --- /dev/null +++ b/examples/untrust-client/src/main.rs @@ -0,0 +1,66 @@ +use async_std::io; +use async_std::net::TcpStream; +use async_std::prelude::*; +use async_std::task; +use async_tls::TlsConnector; +use std::sync::Arc; +use structopt::StructOpt; + +#[derive(StructOpt)] +struct Options { + /// The host ip address to connect to + serverip: String, + + /// The host port to connect to + #[structopt(short = "p", long = "port", default_value = "443")] + port: u16, + +} + +mod danger { + + use webpki; + + pub struct NoCertificateVerification {} + + impl rustls::ServerCertVerifier for NoCertificateVerification { + fn verify_server_cert( + &self, + _roots: &rustls::RootCertStore, + _presented_certs: &[rustls::Certificate], + _dns_name: webpki::DNSNameRef<'_>, + _ocsp: &[u8], + ) -> Result { + Ok(rustls::ServerCertVerified::assertion()) + } + } +} + +fn main() -> io::Result<()> { + let options = Options::from_args(); + // Create a bare bones HTTP GET request + let http_request = format!("GET / HTTP/1.0\r\n"); + + task::block_on(async move { + let addr = format!("{}:{}", options.serverip, options.port); + + let mut config = rustls::ClientConfig::new(); + config + .dangerous() + .set_certificate_verifier(Arc::new(danger::NoCertificateVerification {})); + + let tcp_stream = TcpStream::connect(addr).await.unwrap(); + let connector = TlsConnector::from(config); + let mut tls_stream = connector.connect("any", tcp_stream).await.unwrap(); + + // We write our crafted HTTP request to it + tls_stream.write_all(http_request.as_bytes()).await?; + + // And read it all to stdout + let mut stdout = io::stdout(); + io::copy(&mut tls_stream, &mut stdout).await?; + + // Voila, we're done here! + Ok(()) + }) +} From 09bc57d8a94bda4f936fe699cfa59fc6603a101c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=8E=E6=98=8E=E6=98=8E?= Date: Sun, 30 May 2021 14:07:32 +0800 Subject: [PATCH 2/4] add dangle client in example --- README.md | 9 ++++++++ .../Cargo.toml | 4 ++-- .../src/main.rs | 23 ++++++++++++++++--- 3 files changed, 31 insertions(+), 5 deletions(-) rename examples/{untrust-client => danger_client}/Cargo.toml (81%) rename examples/{untrust-client => danger_client}/src/main.rs (67%) diff --git a/README.md b/README.md index e8f1491..2ba86df 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,15 @@ cd examples/client cargo run -- hsts.badssl.com ``` +### Danger Client Example Program + +See [examples/danger_client](examples/danger_client/src/main.rs). You can run it with: + +```sh +cd examples/danger_client +cargo run -- hsts.badssl.com +``` + ### Server Example Program See [examples/server](examples/server/src/main.rs). You can run it with: diff --git a/examples/untrust-client/Cargo.toml b/examples/danger_client/Cargo.toml similarity index 81% rename from examples/untrust-client/Cargo.toml rename to examples/danger_client/Cargo.toml index 8b1815a..8041271 100644 --- a/examples/untrust-client/Cargo.toml +++ b/examples/danger_client/Cargo.toml @@ -1,7 +1,7 @@ [package] -name = "untrust-client" +name = "danger_client" version = "0.1.0" -authors = ["于明明 "] +authors = ["Mingming Yu "] edition = "2018" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/examples/untrust-client/src/main.rs b/examples/danger_client/src/main.rs similarity index 67% rename from examples/untrust-client/src/main.rs rename to examples/danger_client/src/main.rs index da88e69..9d0753f 100644 --- a/examples/untrust-client/src/main.rs +++ b/examples/danger_client/src/main.rs @@ -14,7 +14,6 @@ struct Options { /// The host port to connect to #[structopt(short = "p", long = "port", default_value = "443")] port: u16, - } mod danger { @@ -33,13 +32,31 @@ mod danger { ) -> Result { Ok(rustls::ServerCertVerified::assertion()) } + + fn verify_tls12_signature( + &self, + _message: &[u8], + _cert: &rustls::Certificate, + _dss: &rustls::internal::msgs::handshake::DigitallySignedStruct, + ) -> Result { + Ok(rustls::HandshakeSignatureValid::assertion()) + } + + fn verify_tls13_signature( + &self, + _message: &[u8], + _cert: &rustls::Certificate, + _dss: &rustls::internal::msgs::handshake::DigitallySignedStruct, + ) -> Result { + Ok(rustls::HandshakeSignatureValid::assertion()) + } } } fn main() -> io::Result<()> { let options = Options::from_args(); // Create a bare bones HTTP GET request - let http_request = format!("GET / HTTP/1.0\r\n"); + let http_request = format!("GET / HTTP/1.0\r\n\r\n"); task::block_on(async move { let addr = format!("{}:{}", options.serverip, options.port); @@ -51,7 +68,7 @@ fn main() -> io::Result<()> { let tcp_stream = TcpStream::connect(addr).await.unwrap(); let connector = TlsConnector::from(config); - let mut tls_stream = connector.connect("any", tcp_stream).await.unwrap(); + let mut tls_stream = connector.connect("localhost", tcp_stream).await.unwrap(); // We write our crafted HTTP request to it tls_stream.write_all(http_request.as_bytes()).await?; From 4950765a8f222937f1a917d7439ce0b4f3269366 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=8E=E6=98=8E=E6=98=8E?= Date: Sun, 30 May 2021 22:29:16 +0800 Subject: [PATCH 3/4] fix unresolved import --- tests/test.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test.rs b/tests/test.rs index d0f4ffa..c6bcab3 100644 --- a/tests/test.rs +++ b/tests/test.rs @@ -1,7 +1,7 @@ use async_std::io; use async_std::net::{TcpListener, TcpStream}; use async_std::prelude::*; -use async_std::sync::channel; +use async_std::channel::bounded as channel; use async_std::task; use async_tls::{TlsAcceptor, TlsConnector}; use lazy_static::lazy_static; @@ -32,7 +32,7 @@ lazy_static! { let addr = SocketAddr::from(([127, 0, 0, 1], 0)); let listener = TcpListener::bind(&addr).await?; - send.send(listener.local_addr()?).await; + let _ = send.send(listener.local_addr()?).await; let mut incoming = listener.incoming(); while let Some(stream) = incoming.next().await { From ec7ef38b98bcfcea8cffef94fabe6dc594e0f2c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=8E=E6=98=8E=E6=98=8E?= Date: Sun, 30 May 2021 22:42:10 +0800 Subject: [PATCH 4/4] cargo fmt --- tests/test.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.rs b/tests/test.rs index c6bcab3..39ed2c0 100644 --- a/tests/test.rs +++ b/tests/test.rs @@ -1,7 +1,7 @@ +use async_std::channel::bounded as channel; use async_std::io; use async_std::net::{TcpListener, TcpStream}; use async_std::prelude::*; -use async_std::channel::bounded as channel; use async_std::task; use async_tls::{TlsAcceptor, TlsConnector}; use lazy_static::lazy_static;