feat: ⚗️ experiment: rustls

2024-04-15 03:38:03 +03:00 · 2024-04-15 03:38:03 +03:00 · 68a280fc80
commit 68a280fc80
parent 0f31fd54ea
6 changed files with 82 additions and 10 deletions
--- a/streamer/Cargo.toml
+++ b/streamer/Cargo.toml
@ -10,5 +10,7 @@ brotli = "5.0.0"
 cpal = "0.15.3"
 futures-util = { version = "0.3.30", features = ["futures-sink", "sink"] }
 ringbuf = "0.3.3"
+rustls-pemfile = "2.1.2"
 tokio = { version = "1.36.0", features = ["full"] }
-tokio-tungstenite = "0.21.0"
+tokio-rustls = "0.25.0"
+tokio-tungstenite = { version = "0.21.0", features = ["__rustls-tls"] }
--- a/streamer/src/streaming.rs
+++ b/streamer/src/streaming.rs
@ -1,18 +1,48 @@
-use std::{io::Write, time::Duration};
+use std::{
+    fs::File,
+    io::{self, BufReader, Write},
+    sync::Arc,
+    time::Duration,
+};

 use brotli::CompressorWriter;
 use futures_util::SinkExt;
 use ringbuf::HeapRb;
 use tokio::sync::broadcast::{channel, Receiver, Sender};
-use tokio_tungstenite::{tungstenite::Message, WebSocketStream};
+use tokio_rustls::rustls::{pki_types::CertificateDer, ClientConfig, RootCertStore};
+use tokio_tungstenite::{tungstenite::Message, Connector, WebSocketStream};

 use crate::BUFFER_LENGTH;
 const MAX_TOLERATED_MESSAGE_COUNT: usize = 10;

 pub async fn start(sound_stream_consumer: Receiver<f32>) {
-    let connect_addr = "ws://192.168.1.2:2525";
+    let connect_addr = "wss://192.168.1.2:2525";
+
+    let certs: io::Result<Vec<CertificateDer<'static>>> = rustls_pemfile::certs(
+        &mut BufReader::new(File::open("certificates/cert.pem").unwrap()),
+    )
+    .collect();
+    let certs = certs.unwrap();
+    let mut root_cert_store = RootCertStore::empty();
+    for cert in certs {
+        root_cert_store.add(cert).unwrap();
+    }
+
+    let config = ClientConfig::builder()
+        .with_root_certificates(root_cert_store)
+        .with_no_client_auth();
+
+    let connector = Connector::Rustls(Arc::new(config));
+
    let ws_stream;
-    match tokio_tungstenite::connect_async(connect_addr).await {
+    match tokio_tungstenite::connect_async_tls_with_config(
+        connect_addr,
+        None,
+        false,
+        Some(connector),
+    )
+    .await
+    {
        Ok(ws_stream_connected) => ws_stream = ws_stream_connected.0,
        Err(_) => {
            return;