diff --git a/back/Cargo.toml b/back/Cargo.toml index 55590ab..fcf741f 100644 --- a/back/Cargo.toml +++ b/back/Cargo.toml @@ -11,9 +11,11 @@ axum-server = { version = "0.6.0", features = ["tls-rustls"] } futures-util = "0.3.30" rand = "0.8.5" ringbuf = "0.3.3" +rustls-pemfile = "2.1.2" serde = { version = "1.0.197", features = ["derive"] } serde_json = "1.0.114" tokio = { version = "1.36.0", features = ["full"] } -tokio-tungstenite = { version = "0.21.0", features = ["rustls"] } +tokio-rustls = "0.25.0" +tokio-tungstenite = { version = "0.21.0", features = ["__rustls-tls"] } tokio-util = { version = "0.7.10", features = ["full"] } tower-http = { version = "0.5.2", features = ["full"] } diff --git a/back/src/streaming.rs b/back/src/streaming.rs index 6e13760..afd43d5 100644 --- a/back/src/streaming.rs +++ b/back/src/streaming.rs @@ -1,11 +1,28 @@ -use std::time::Duration; +use std::{ + fs::File, + io::{self, BufReader}, + sync::Arc, + time::Duration, +}; use futures_util::{SinkExt, StreamExt}; +use rustls_pemfile::{certs, pkcs8_private_keys, private_key, rsa_private_keys}; + use tokio::{ net::{TcpListener, TcpStream}, sync::broadcast::{channel, Receiver, Sender}, time::Instant, }; +use tokio_rustls::{ + rustls::{ + client::danger::DangerousClientConfig, + internal::msgs::handshake::CertificateChain, + pki_types::{CertificateDer, PrivateKeyDer}, + ClientConfig, + }, + server::TlsStream, + TlsAcceptor, +}; use tokio_tungstenite::{tungstenite::Message, WebSocketStream}; use crate::{Listener, Streamer}; @@ -19,10 +36,29 @@ pub async fn start() { let streamer_socket = TcpListener::bind("192.168.1.2:2525").await.unwrap(); let timer = Instant::now(); + let fullchain: io::Result>> = certs(&mut BufReader::new( + File::open("certificates/fullchain.pem").unwrap(), + )) + .collect(); + let fullchain = fullchain.unwrap(); + let privkey: io::Result> = pkcs8_private_keys(&mut BufReader::new( + File::open("certificates/privkey.pem").unwrap(), + )) + .next() + .unwrap() + .map(Into::into); + let privkey = privkey.unwrap(); + + let config = tokio_rustls::rustls::ServerConfig::builder() + .with_no_client_auth() + .with_single_cert(fullchain, privkey) + .unwrap(); + let acceptor = TlsAcceptor::from(Arc::new(config)); loop { match streamer_socket.accept().await { Ok((streamer_tcp, streamer_info)) => { - match tokio_tungstenite::accept_async(streamer_tcp).await { + let streamer_tcp_tls = acceptor.accept(streamer_tcp).await.unwrap(); + match tokio_tungstenite::accept_async(streamer_tcp_tls).await { Ok(ws_stream) => { println!( "New Streamer: {:#?} | {:#?}", @@ -109,7 +145,7 @@ async fn buffer_layer(mut message_consumer: Receiver, buffered_producer async fn streamer_stream( streamer: Streamer, record_producer: Sender, - mut ws_stream: WebSocketStream, + mut ws_stream: WebSocketStream>, timer: Instant, ) { loop { diff --git a/front/Cargo.toml b/front/Cargo.toml index 321e2a4..fefac4b 100644 --- a/front/Cargo.toml +++ b/front/Cargo.toml @@ -9,13 +9,14 @@ edition = "2021" anyhow = "1.0.81" brotli = "5.0.0" cpal = { version = "0.15.3", features = ["wasm-bindgen"] } -dioxus = { version = "0.5.0", features = ["web"] } +dioxus = { version = "0.5.1", features = ["web"] } futures-core = "0.3.30" futures-util = { version = "0.3.30", features = ["futures-sink", "sink"] } log = "0.4.21" reqwest = { version = "0.12.2", features = ["json"] } ringbuf = "0.3.3" serde = { version = "1.0.197", features = ["derive"] } +tokio-tungstenite = { version = "0.21.0", features = ["__rustls-tls"] } tokio-tungstenite-wasm = "0.3.1" tokio_with_wasm = "0.4.3" wasm-logger = "0.2.0" diff --git a/front/src/streaming.rs b/front/src/streaming.rs index 95c85da..0eb91de 100644 --- a/front/src/streaming.rs +++ b/front/src/streaming.rs @@ -20,6 +20,7 @@ pub async fn start_listening( if is_listening() { log::info!("Trying Sir"); let connect_addr = "ws://192.168.1.2:2424"; + let (mut stream_producer, stream_consumer); match tokio_tungstenite_wasm::connect(connect_addr).await { Ok(ws_stream) => (stream_producer, stream_consumer) = ws_stream.split(), diff --git a/streamer/Cargo.toml b/streamer/Cargo.toml index 21d3768..bffcc48 100644 --- a/streamer/Cargo.toml +++ b/streamer/Cargo.toml @@ -10,5 +10,7 @@ brotli = "5.0.0" cpal = "0.15.3" futures-util = { version = "0.3.30", features = ["futures-sink", "sink"] } ringbuf = "0.3.3" +rustls-pemfile = "2.1.2" tokio = { version = "1.36.0", features = ["full"] } -tokio-tungstenite = "0.21.0" +tokio-rustls = "0.25.0" +tokio-tungstenite = { version = "0.21.0", features = ["__rustls-tls"] } diff --git a/streamer/src/streaming.rs b/streamer/src/streaming.rs index c7bb053..b9dc127 100644 --- a/streamer/src/streaming.rs +++ b/streamer/src/streaming.rs @@ -1,18 +1,48 @@ -use std::{io::Write, time::Duration}; +use std::{ + fs::File, + io::{self, BufReader, Write}, + sync::Arc, + time::Duration, +}; use brotli::CompressorWriter; use futures_util::SinkExt; use ringbuf::HeapRb; use tokio::sync::broadcast::{channel, Receiver, Sender}; -use tokio_tungstenite::{tungstenite::Message, WebSocketStream}; +use tokio_rustls::rustls::{pki_types::CertificateDer, ClientConfig, RootCertStore}; +use tokio_tungstenite::{tungstenite::Message, Connector, WebSocketStream}; use crate::BUFFER_LENGTH; const MAX_TOLERATED_MESSAGE_COUNT: usize = 10; pub async fn start(sound_stream_consumer: Receiver) { - let connect_addr = "ws://192.168.1.2:2525"; + let connect_addr = "wss://192.168.1.2:2525"; + + let certs: io::Result>> = rustls_pemfile::certs( + &mut BufReader::new(File::open("certificates/cert.pem").unwrap()), + ) + .collect(); + let certs = certs.unwrap(); + let mut root_cert_store = RootCertStore::empty(); + for cert in certs { + root_cert_store.add(cert).unwrap(); + } + + let config = ClientConfig::builder() + .with_root_certificates(root_cert_store) + .with_no_client_auth(); + + let connector = Connector::Rustls(Arc::new(config)); + let ws_stream; - match tokio_tungstenite::connect_async(connect_addr).await { + match tokio_tungstenite::connect_async_tls_with_config( + connect_addr, + None, + false, + Some(connector), + ) + .await + { Ok(ws_stream_connected) => ws_stream = ws_stream_connected.0, Err(_) => { return;