From 1b2ea1690da0db09722ea3bfa5fed7146060cee8 Mon Sep 17 00:00:00 2001 From: FranciscaOrtegaG Date: Wed, 14 Aug 2024 13:11:17 -0400 Subject: [PATCH] doing : tcp tls implementation --- Cargo.lock | 24 ++++++++++++++++++++++++ Cargo.toml | 4 +++- src/client/client_connection.rs | 5 ----- src/client/tcp_connection.rs | 20 +++++++++++++++++++- 4 files changed, 46 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 64a19790..fce33c97 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -394,14 +394,17 @@ dependencies = [ "hex", "hmac", "lru", + "openssl", "rand 0.8.5", "rust-crypto", "rustls", "sha2", "thiserror", "tokio 1.38.0", + "tokio-rustls", "tokio-stream", "tokio-tls", + "webpki", ] [[package]] @@ -1335,6 +1338,17 @@ dependencies = [ "syn", ] +[[package]] +name = "tokio-rustls" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" +dependencies = [ + "rustls", + "rustls-pki-types", + "tokio 1.38.0", +] + [[package]] name = "tokio-stream" version = "0.1.15" @@ -1459,6 +1473,16 @@ version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" +[[package]] +name = "webpki" +version = "0.22.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed63aea5ce73d0ff405984102c42de94fc55a6b75765d621c65262469b3c9b53" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "which" version = "4.4.2" diff --git a/Cargo.toml b/Cargo.toml index 8ba50ff5..f88c0de6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -23,6 +23,8 @@ base64 = "0.22.1" tokio-tls = "0.3.1" lru = "0.12.3" rustls = "0.23.12" - +openssl = "0.10.66" +tokio-rustls = "0.26.0" +webpki = "0.22.4" [lib] doctest = false diff --git a/src/client/client_connection.rs b/src/client/client_connection.rs index 83394220..f43106e4 100644 --- a/src/client/client_connection.rs +++ b/src/client/client_connection.rs @@ -3,11 +3,6 @@ use std::net::IpAddr; use tokio::time::Duration; use super::client_error::ClientError; -use tokio::net::TcpStream; -use tokio_rustls::rustls::{ClientConfig, ServerName}; -use tokio_rustls::TlsConnector; -use std::sync::Arc; -use webpki::DNSNameRef; use async_trait::async_trait; diff --git a/src/client/tcp_connection.rs b/src/client/tcp_connection.rs index cc76e959..0df8ca02 100644 --- a/src/client/tcp_connection.rs +++ b/src/client/tcp_connection.rs @@ -5,6 +5,7 @@ use crate::message::rdata::a_rdata::ARdata; use crate::message::resource_record::ResourceRecord; use super::client_error::ClientError; use async_trait::async_trait; +use webpki::DNSNameRef; use std::io::Error as IoError; use std::io::ErrorKind; use tokio::io::AsyncWriteExt; @@ -14,6 +15,10 @@ use std::net::IpAddr; use std::net::SocketAddr; use tokio::time::Duration; use tokio::time::timeout; +use tokio_rustls::rustls::ClientConfig; +use tokio_rustls::TlsConnector; +use std::sync::Arc; +use webpki::DnsNameRef; #[derive(Clone, Copy, Debug, PartialEq, Eq)] pub struct ClientTCPConnection { @@ -46,7 +51,7 @@ impl ClientConnection for ClientTCPConnection { let conn_timeout: Duration = self.get_timeout(); let bytes: Vec = dns_query.to_bytes(); - let server_addr:SocketAddr = SocketAddr::new(self.get_server_addr(), 53); + let server_addr:SocketAddr = SocketAddr::new(self.get_server_addr(), 853); // let mut stream: TcpStream = TcpStream::connect_timeout(&server_addr,timeout)?; let conn_task = TcpStream::connect(&server_addr); @@ -60,6 +65,19 @@ impl ClientConnection for ClientTCPConnection { let tcp_bytes_length: [u8; 2] = [(msg_length >> 8) as u8, msg_length as u8]; let full_msg: Vec = [&tcp_bytes_length, bytes.as_slice()].concat(); + //get domain name + let server_name = dns_query.get_question().get_qname().get_name(); + let dns_name = DnsNameRef::try_from_ascii_str(&server_name); + if dns_name.is_err() { + return Err(ClientError::Io(IoError::new(ErrorKind::InvalidInput, format!("Error: invalid domain name"))).into()); + } + + let mut config = ClientConfig::builder(); + config.root_hint_subjects.add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS); + let config = Arc::new(config); + + let dns_name = dns_name.unwrap(); + let connector = TlsConnector::from(Arc::new(config)); // stream.set_read_timeout(Some(timeout))?; //-> Se hace con tokio // stream.write(&full_msg)?;