From b3115897d1556a35857d1040278b79bedfa5c9fd Mon Sep 17 00:00:00 2001 From: Joseph Birr-Pixton Date: Sun, 1 Nov 2020 11:50:37 +0000 Subject: [PATCH] rustfmt tlsclient.rs and tlsserver.rs Requires rustfmt v2.0 or later, for chain_width support. --- .rustfmt.toml | 1 + rustls-mio/examples/tlsclient.rs | 143 +++++++++++++++++++------------ rustls-mio/examples/tlsserver.rs | 137 ++++++++++++++++++----------- 3 files changed, 176 insertions(+), 105 deletions(-) create mode 100644 .rustfmt.toml diff --git a/.rustfmt.toml b/.rustfmt.toml new file mode 100644 index 00000000..e70b64a4 --- /dev/null +++ b/.rustfmt.toml @@ -0,0 +1 @@ +chain_width=40 diff --git a/rustls-mio/examples/tlsclient.rs b/rustls-mio/examples/tlsclient.rs index 6dc546ba..5613688e 100644 --- a/rustls-mio/examples/tlsclient.rs +++ b/rustls-mio/examples/tlsclient.rs @@ -1,15 +1,15 @@ -use std::sync::{Arc, Mutex}; use std::process; +use std::sync::{Arc, Mutex}; use mio; use mio::net::TcpStream; +use std::collections; +use std::fs; +use std::io; +use std::io::{BufReader, Read, Write}; use std::net::SocketAddr; use std::str; -use std::io; -use std::fs; -use std::collections; -use std::io::{Read, Write, BufReader}; use env_logger; @@ -18,10 +18,10 @@ extern crate serde_derive; use docopt::Docopt; +use ct_logs; use rustls; use webpki; use webpki_roots; -use ct_logs; use rustls::Session; @@ -37,7 +37,11 @@ struct TlsClient { } impl TlsClient { - fn new(sock: TcpStream, hostname: webpki::DNSNameRef<'_>, cfg: Arc) -> TlsClient { + fn new( + sock: TcpStream, + hostname: webpki::DNSNameRef<'_>, + cfg: Arc, + ) -> TlsClient { TlsClient { socket: sock, closing: false, @@ -67,7 +71,9 @@ impl TlsClient { fn read_source_to_end(&mut self, rd: &mut dyn io::Read) -> io::Result { let mut buf = Vec::new(); let len = rd.read_to_end(&mut buf)?; - self.tls_session.write_all(&buf).unwrap(); + self.tls_session + .write_all(&buf) + .unwrap(); Ok(len) } @@ -75,7 +81,9 @@ impl TlsClient { fn do_read(&mut self) { // Read TLS data. This fails if the underlying TCP connection // is broken. - let rc = self.tls_session.read_tls(&mut self.socket); + let rc = self + .tls_session + .read_tls(&mut self.socket); if rc.is_err() { let error = rc.unwrap_err(); if error.kind() == io::ErrorKind::WouldBlock { @@ -109,9 +117,13 @@ impl TlsClient { // // Read it and then write it to stdout. let mut plaintext = Vec::new(); - let rc = self.tls_session.read_to_end(&mut plaintext); + let rc = self + .tls_session + .read_to_end(&mut plaintext); if !plaintext.is_empty() { - io::stdout().write_all(&plaintext).unwrap(); + io::stdout() + .write_all(&plaintext) + .unwrap(); } // If that fails, the peer might have started a clean TLS-level @@ -126,19 +138,25 @@ impl TlsClient { } fn do_write(&mut self) { - self.tls_session.write_tls(&mut self.socket).unwrap(); + self.tls_session + .write_tls(&mut self.socket) + .unwrap(); } /// Registers self as a 'listener' in mio::Registry fn register(&mut self, registry: &mio::Registry) { let interest = self.event_set(); - registry.register(&mut self.socket, CLIENT, interest).unwrap(); + registry + .register(&mut self.socket, CLIENT, interest) + .unwrap(); } /// Reregisters self as a 'listener' in mio::Registry. fn reregister(&mut self, registry: &mio::Registry) { let interest = self.event_set(); - registry.reregister(&mut self.socket, CLIENT, interest).unwrap(); + registry + .reregister(&mut self.socket, CLIENT, interest) + .unwrap(); } /// Use wants_read/wants_write to register for different mio-level @@ -203,15 +221,15 @@ impl PersistCache { /// If we have a filename, save the cache contents to it. fn save(&self) { - use rustls::internal::msgs::codec::Codec; use rustls::internal::msgs::base::PayloadU16; + use rustls::internal::msgs::codec::Codec; if self.filename.is_none() { return; } - let mut file = fs::File::create(self.filename.as_ref().unwrap()) - .expect("cannot open cache file"); + let mut file = + fs::File::create(self.filename.as_ref().unwrap()).expect("cannot open cache file"); for (key, val) in self.cache.lock().unwrap().iter() { let mut item = Vec::new(); @@ -225,8 +243,8 @@ impl PersistCache { /// We have a filename, so replace the cache contents from it. fn load(&self) { - use rustls::internal::msgs::codec::{Codec, Reader}; use rustls::internal::msgs::base::PayloadU16; + use rustls::internal::msgs::codec::{Codec, Reader}; let mut file = match fs::File::open(self.filename.as_ref().unwrap()) { Ok(f) => f, @@ -235,8 +253,7 @@ impl PersistCache { let mut data = Vec::new(); file.read_to_end(&mut data).unwrap(); - let mut cache = self.cache.lock() - .unwrap(); + let mut cache = self.cache.lock().unwrap(); cache.clear(); let mut rd = Reader::init(&data); @@ -251,7 +268,8 @@ impl PersistCache { impl rustls::StoresClientSessions for PersistCache { /// put: insert into in-memory cache, and perhaps persist to disk. fn put(&self, key: Vec, value: Vec) -> bool { - self.cache.lock() + self.cache + .lock() .unwrap() .insert(key, value); self.save(); @@ -260,9 +278,11 @@ impl rustls::StoresClientSessions for PersistCache { /// get: from in-memory cache fn get(&self, key: &[u8]) -> Option> { - self.cache.lock() + self.cache + .lock() .unwrap() - .get(key).cloned() + .get(key) + .cloned() } } @@ -374,7 +394,10 @@ fn lookup_versions(versions: &[String]) -> Vec { let version = match vname.as_ref() { "1.2" => rustls::ProtocolVersion::TLSv1_2, "1.3" => rustls::ProtocolVersion::TLSv1_3, - _ => panic!("cannot look up version '{}', valid are '1.2' and '1.3'", vname), + _ => panic!( + "cannot look up version '{}', valid are '1.2' and '1.3'", + vname + ), }; out.push(version); } @@ -400,7 +423,8 @@ fn load_key_and_cert(config: &mut rustls::ClientConfig, keyfile: &str, certsfile let certs = load_certs(certsfile); let privkey = load_private_key(keyfile); - config.set_single_client_cert(certs, privkey) + config + .set_single_client_cert(certs, privkey) .expect("invalid certificate or private key"); } @@ -412,11 +436,13 @@ mod danger { pub struct NoCertificateVerification {} impl rustls::ServerCertVerifier for NoCertificateVerification { - fn verify_server_cert(&self, - _roots: &rustls::RootCertStore, - _presented_certs: &[rustls::Certificate], - _dns_name: webpki::DNSNameRef<'_>, - _ocsp: &[u8]) -> Result { + fn verify_server_cert( + &self, + _roots: &rustls::RootCertStore, + _presented_certs: &[rustls::Certificate], + _dns_name: webpki::DNSNameRef<'_>, + _ocsp: &[u8], + ) -> Result { Ok(rustls::ServerCertVerified::assertion()) } } @@ -425,8 +451,7 @@ mod danger { #[cfg(feature = "dangerous_configuration")] fn apply_dangerous_options(args: &Args, cfg: &mut rustls::ClientConfig) { if args.flag_insecure { - cfg - .dangerous() + cfg.dangerous() .set_certificate_verifier(Arc::new(danger::NoCertificateVerification {})); } } @@ -456,11 +481,14 @@ fn make_config(args: &Args) -> Arc { let certfile = fs::File::open(&cafile).expect("Cannot open CA file"); let mut reader = BufReader::new(certfile); - config.root_store + config + .root_store .add_pem_file(&mut reader) .unwrap(); } else { - config.root_store.add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS); + config + .root_store + .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS); config.ct_logs = Some(&ct_logs::LOGS); } @@ -474,23 +502,28 @@ fn make_config(args: &Args) -> Arc { let persist = Arc::new(PersistCache::new(&args.flag_cache)); - config.set_protocols(&args.flag_proto - .iter() - .map(|proto| proto.as_bytes().to_vec()) - .collect::>()[..]); + config.set_protocols( + &args + .flag_proto + .iter() + .map(|proto| proto.as_bytes().to_vec()) + .collect::>()[..], + ); config.set_persistence(persist); config.set_mtu(&args.flag_mtu); apply_dangerous_options(args, &mut config); if args.flag_auth_key.is_some() || args.flag_auth_certs.is_some() { - load_key_and_cert(&mut config, - args.flag_auth_key - .as_ref() - .expect("must provide --auth-key with --auth-certs"), - args.flag_auth_certs - .as_ref() - .expect("must provide --auth-certs with --auth-key")); + load_key_and_cert( + &mut config, + args.flag_auth_key + .as_ref() + .expect("must provide --auth-key with --auth-certs"), + args.flag_auth_certs + .as_ref() + .expect("must provide --auth-certs with --auth-key"), + ); } Arc::new(config) @@ -523,23 +556,27 @@ fn main() { let mut tlsclient = TlsClient::new(sock, dns_name, config); if args.flag_http { - let httpreq = format!("GET / HTTP/1.0\r\nHost: {}\r\nConnection: \ + let httpreq = format!( + "GET / HTTP/1.0\r\nHost: {}\r\nConnection: \ close\r\nAccept-Encoding: identity\r\n\r\n", - args.arg_hostname); - tlsclient.write_all(httpreq.as_bytes()).unwrap(); + args.arg_hostname + ); + tlsclient + .write_all(httpreq.as_bytes()) + .unwrap(); } else { let mut stdin = io::stdin(); - tlsclient.read_source_to_end(&mut stdin).unwrap(); + tlsclient + .read_source_to_end(&mut stdin) + .unwrap(); } - let mut poll = mio::Poll::new() - .unwrap(); + let mut poll = mio::Poll::new().unwrap(); let mut events = mio::Events::with_capacity(32); tlsclient.register(poll.registry()); loop { - poll.poll(&mut events, None) - .unwrap(); + poll.poll(&mut events, None).unwrap(); for ev in events.iter() { tlsclient.ready(&ev); diff --git a/rustls-mio/examples/tlsserver.rs b/rustls-mio/examples/tlsserver.rs index 5d45fa56..96249ac8 100644 --- a/rustls-mio/examples/tlsserver.rs +++ b/rustls-mio/examples/tlsserver.rs @@ -6,11 +6,11 @@ use mio::net::{TcpListener, TcpStream}; #[macro_use] extern crate log; +use std::collections::HashMap; use std::fs; use std::io; +use std::io::{BufReader, Read, Write}; use std::net; -use std::io::{Write, Read, BufReader}; -use std::collections::HashMap; #[macro_use] extern crate serde_derive; @@ -21,8 +21,10 @@ use env_logger; use rustls; -use rustls::{RootCertStore, Session, NoClientAuth, AllowAnyAuthenticatedClient, - AllowAnyAnonymousOrAuthenticatedClient}; +use rustls::{ + AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient, NoClientAuth, + RootCertStore, Session, +}; // Token for our listening socket. const LISTENER: mio::Token = mio::Token(0); @@ -76,11 +78,15 @@ impl TlsServer { let mut connection = Connection::new(socket, token, mode, tls_session); connection.register(registry); - self.connections.insert(token, connection); + self.connections + .insert(token, connection); } Err(ref err) if err.kind() == io::ErrorKind::WouldBlock => return Ok(()), Err(err) => { - println!("encountered error while accepting connection; err={:?}", err); + println!( + "encountered error while accepting connection; err={:?}", + err + ); return Err(err); } } @@ -147,11 +153,12 @@ fn try_read(r: io::Result) -> io::Result> { } impl Connection { - fn new(socket: TcpStream, - token: mio::Token, - mode: ServerMode, - tls_session: rustls::ServerSession) - -> Connection { + fn new( + socket: TcpStream, + token: mio::Token, + mode: ServerMode, + tls_session: rustls::ServerSession, + ) -> Connection { let back = open_back(&mode); Connection { socket, @@ -181,7 +188,9 @@ impl Connection { } if self.closing { - let _ = self.socket.shutdown(net::Shutdown::Both); + let _ = self + .socket + .shutdown(net::Shutdown::Both); self.close_back(); self.closed = true; self.deregister(registry); @@ -194,14 +203,17 @@ impl Connection { fn close_back(&mut self) { if self.back.is_some() { let back = self.back.as_mut().unwrap(); - back.shutdown(net::Shutdown::Both).unwrap(); + back.shutdown(net::Shutdown::Both) + .unwrap(); } self.back = None; } fn do_tls_read(&mut self) { // Read some TLS data. - let rc = self.tls_session.read_tls(&mut self.socket); + let rc = self + .tls_session + .read_tls(&mut self.socket); if rc.is_err() { let err = rc.unwrap_err(); @@ -276,7 +288,9 @@ impl Connection { self.closing = true; } Some(len) => { - self.tls_session.write_all(&buf[..len]).unwrap(); + self.tls_session + .write_all(&buf[..len]) + .unwrap(); } None => {} }; @@ -292,13 +306,18 @@ impl Connection { self.send_http_response_once(); } ServerMode::Forward(_) => { - self.back.as_mut().unwrap().write_all(buf).unwrap(); + self.back + .as_mut() + .unwrap() + .write_all(buf) + .unwrap(); } } } fn send_http_response_once(&mut self) { - let response = b"HTTP/1.0 200 OK\r\nConnection: close\r\n\r\nHello world from rustls tlsserver\r\n"; + let response = + b"HTTP/1.0 200 OK\r\nConnection: close\r\n\r\nHello world from rustls tlsserver\r\n"; if !self.sent_http_response { self.tls_session .write_all(response) @@ -309,7 +328,8 @@ impl Connection { } fn tls_write(&mut self) -> io::Result { - self.tls_session.write_tls(&mut self.socket) + self.tls_session + .write_tls(&mut self.socket) } fn do_tls_write_and_handle_error(&mut self) { @@ -323,33 +343,36 @@ impl Connection { fn register(&mut self, registry: &mio::Registry) { let event_set = self.event_set(); - registry.register(&mut self.socket, - self.token, - event_set) + registry + .register(&mut self.socket, self.token, event_set) .unwrap(); if self.back.is_some() { - registry.register(self.back.as_mut().unwrap(), - self.token, - mio::Interest::READABLE) + registry + .register( + self.back.as_mut().unwrap(), + self.token, + mio::Interest::READABLE, + ) .unwrap(); } } fn reregister(&mut self, registry: &mio::Registry) { let event_set = self.event_set(); - registry.reregister(&mut self.socket, - self.token, - event_set) + registry + .reregister(&mut self.socket, self.token, event_set) .unwrap(); } fn deregister(&mut self, registry: &mio::Registry) { - registry.deregister(&mut self.socket) + registry + .deregister(&mut self.socket) .unwrap(); if self.back.is_some() { - registry.deregister(self.back.as_mut().unwrap()) + registry + .deregister(self.back.as_mut().unwrap()) .unwrap(); } } @@ -374,8 +397,7 @@ impl Connection { } } -const USAGE: &'static str = - " +const USAGE: &'static str = " Runs a TLS server on :PORT. The default PORT is 443. `echo' mode means the server echoes received data on each connection. @@ -480,7 +502,10 @@ fn lookup_versions(versions: &[String]) -> Vec { let version = match vname.as_ref() { "1.2" => rustls::ProtocolVersion::TLSv1_2, "1.3" => rustls::ProtocolVersion::TLSv1_3, - _ => panic!("cannot look up version '{}', valid are '1.2' and '1.3'", vname), + _ => panic!( + "cannot look up version '{}', valid are '1.2' and '1.3'", + vname + ), }; out.push(version); } @@ -496,16 +521,14 @@ fn load_certs(filename: &str) -> Vec { fn load_private_key(filename: &str) -> rustls::PrivateKey { let rsa_keys = { - let keyfile = fs::File::open(filename) - .expect("cannot open private key file"); + let keyfile = fs::File::open(filename).expect("cannot open private key file"); let mut reader = BufReader::new(keyfile); rustls::internal::pemfile::rsa_private_keys(&mut reader) .expect("file contains invalid rsa private key") }; let pkcs8_keys = { - let keyfile = fs::File::open(filename) - .expect("cannot open private key file"); + let keyfile = fs::File::open(filename).expect("cannot open private key file"); let mut reader = BufReader::new(keyfile); rustls::internal::pemfile::pkcs8_private_keys(&mut reader) .expect("file contains invalid pkcs8 private key (encrypted keys not supported)") @@ -552,10 +575,19 @@ fn make_config(args: &Args) -> Arc { let mut config = rustls::ServerConfig::new(client_auth); config.key_log = Arc::new(rustls::KeyLogFile::new()); - let certs = load_certs(args.flag_certs.as_ref().expect("--certs option missing")); - let privkey = load_private_key(args.flag_key.as_ref().expect("--key option missing")); + let certs = load_certs( + args.flag_certs + .as_ref() + .expect("--certs option missing"), + ); + let privkey = load_private_key( + args.flag_key + .as_ref() + .expect("--key option missing"), + ); let ocsp = load_ocsp(&args.flag_ocsp); - config.set_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![]) + config + .set_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![]) .expect("bad certificates/private key"); if !args.flag_suite.is_empty() { @@ -574,10 +606,13 @@ fn make_config(args: &Args) -> Arc { config.ticketer = rustls::Ticketer::new(); } - config.set_protocols(&args.flag_proto - .iter() - .map(|proto| proto.as_bytes().to_vec()) - .collect::>()[..]); + config.set_protocols( + &args + .flag_proto + .iter() + .map(|proto| proto.as_bytes().to_vec()) + .collect::>()[..], + ); Arc::new(config) } @@ -603,11 +638,9 @@ fn main() { let config = make_config(&args); let mut listener = TcpListener::bind(addr).expect("cannot listen on port"); - let mut poll = mio::Poll::new() - .unwrap(); - poll.registry().register(&mut listener, - LISTENER, - mio::Interest::READABLE) + let mut poll = mio::Poll::new().unwrap(); + poll.registry() + .register(&mut listener, LISTENER, mio::Interest::READABLE) .unwrap(); let mode = if args.cmd_echo { @@ -622,16 +655,16 @@ fn main() { let mut events = mio::Events::with_capacity(256); loop { - poll.poll(&mut events, None) - .unwrap(); + poll.poll(&mut events, None).unwrap(); for event in events.iter() { match event.token() { LISTENER => { - tlsserv.accept(poll.registry()) + tlsserv + .accept(poll.registry()) .expect("error accepting socket"); } - _ => tlsserv.conn_event(poll.registry(), &event) + _ => tlsserv.conn_event(poll.registry(), &event), } } }