Initial commit
This commit is contained in:
11
bonknet_client/Cargo.toml
Normal file
11
bonknet_client/Cargo.toml
Normal file
@@ -0,0 +1,11 @@
|
||||
[package]
|
||||
name = "bonknet_client"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
||||
tokio = { version = "1", features = ["full"] }
|
||||
tokio-rustls = "0.25.0"
|
||||
rustls-pemfile = "2.0.0"
|
||||
67
bonknet_client/src/main.rs
Normal file
67
bonknet_client/src/main.rs
Normal file
@@ -0,0 +1,67 @@
|
||||
use std::io::{BufReader, Error, ErrorKind};
|
||||
use std::sync::Arc;
|
||||
use rustls_pemfile::{Item, read_one};
|
||||
use tokio::io::{AsyncBufReadExt, AsyncWriteExt, split};
|
||||
use tokio::net::TcpStream;
|
||||
use tokio_rustls::rustls::{ClientConfig, RootCertStore};
|
||||
use tokio_rustls::rustls::pki_types::{CertificateDer, PrivatePkcs8KeyDer, ServerName};
|
||||
use tokio_rustls::TlsConnector;
|
||||
|
||||
fn load_cert(filename: &str) -> std::io::Result<CertificateDer> {
|
||||
let cert_file = std::fs::File::open(filename).unwrap();
|
||||
let mut buf = std::io::BufReader::new(cert_file);
|
||||
if let Item::X509Certificate(cert) = read_one(&mut buf).unwrap().unwrap() {
|
||||
Ok(cert)
|
||||
} else {
|
||||
eprintln!("File {} doesn't contain a X509 Certificate", filename);
|
||||
Err(Error::new(ErrorKind::InvalidInput, "no x509 cert"))
|
||||
}
|
||||
}
|
||||
|
||||
fn load_prkey(filename: &str) -> std::io::Result<PrivatePkcs8KeyDer> {
|
||||
let prkey_file = std::fs::File::open(filename).unwrap();
|
||||
let mut buf = BufReader::new(prkey_file);
|
||||
if let Item::Pkcs8Key(pkey) = read_one(&mut buf).unwrap().unwrap() {
|
||||
Ok(pkey)
|
||||
} else {
|
||||
eprintln!("File {} doesn't contain a Pkcs8 Private Key", filename);
|
||||
Err(Error::new(ErrorKind::InvalidInput, "no pkcs8key"))
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() -> std::io::Result<()> {
|
||||
// Root certs to verify the server is the right one
|
||||
let mut server_root_cert_store = RootCertStore::empty();
|
||||
let server_root_cert_der = load_cert("server_root_cert.pem").unwrap();
|
||||
server_root_cert_store.add(server_root_cert_der).unwrap();
|
||||
// Auth Cert to send the server who am I
|
||||
let root_client_cert = load_cert("client_root_cert.pem").unwrap();
|
||||
let client_cert = load_cert("client_cert.pem").unwrap();
|
||||
let client_prkey = load_prkey("client_key.pem").unwrap();
|
||||
// Load TLS Config
|
||||
let tlsconfig = ClientConfig::builder()
|
||||
.with_root_certificates(server_root_cert_store)
|
||||
// .with_no_client_auth();
|
||||
.with_client_auth_cert(vec![client_cert, root_client_cert], client_prkey.into())
|
||||
.unwrap();
|
||||
let connector = TlsConnector::from(Arc::new(tlsconfig));
|
||||
let dnsname = ServerName::try_from("localhost").unwrap();
|
||||
|
||||
let stream = TcpStream::connect("localhost:6379").await?;
|
||||
let stream = connector.connect(dnsname, stream).await?;
|
||||
let (mut rd,mut tx) = split(stream);
|
||||
|
||||
tokio::spawn(async move {
|
||||
let mut stdout = tokio::io::stdout();
|
||||
tokio::io::copy(&mut rd, &mut stdout).await.unwrap();
|
||||
});
|
||||
|
||||
let mut reader = tokio::io::BufReader::new(tokio::io::stdin()).lines();
|
||||
|
||||
while let Some(line) = reader.next_line().await.unwrap() {
|
||||
tx.write_all(line.as_bytes()).await.unwrap();
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
Reference in New Issue
Block a user