diff --git a/Cargo.lock b/Cargo.lock index 9b2c5aa6..aceb6576 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -27,7 +27,7 @@ dependencies = [ "lazy_static", "log", "parking_lot 0.10.2", - "pin-project", + "pin-project 0.4.27", "smallvec", "tokio", "tokio-util 0.2.0", @@ -52,7 +52,7 @@ dependencies = [ "log", "once_cell", "parking_lot 0.11.0", - "pin-project", + "pin-project 0.4.27", "smallvec", "tokio", "tokio-util 0.3.1", @@ -75,7 +75,7 @@ dependencies = [ name = "actix-casbin-example" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "casbin", "loge", ] @@ -106,7 +106,7 @@ dependencies = [ "futures-core", "futures-sink", "log", - "pin-project", + "pin-project 0.4.27", "tokio", "tokio-util 0.3.1", ] @@ -161,7 +161,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3e5c769e4d332bfad27f11b8139b5818c4bbddb02c385b8f16344d93ff1a8eb" dependencies = [ "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "derive_more", "futures-util", ] @@ -172,7 +172,7 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aaf0c4345c9663a2822d42602391418fd5766f269109ec6bf1784b056a9356a7" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "derive_more", "futures-util", "log", @@ -207,9 +207,9 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8035f08f194893b199f4928b40425bd727c0257cf0fcf36f4ac214968d649ec7" dependencies = [ - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "bitflags", "bytes 0.5.6", "derive_more", @@ -258,7 +258,7 @@ dependencies = [ "log", "mime", "percent-encoding", - "pin-project", + "pin-project 0.4.27", "rand", "regex", "serde 1.0.116", @@ -271,9 +271,9 @@ dependencies = [ [[package]] name = "actix-http" -version = "2.0.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05dd80ba8f27c4a34357c07e338c8f5c38f8520e6d626ca1727d8fecc41b0cab" +checksum = "404df68c297f73b8d36c9c9056404913d25905a8f80127b0e5fe147c9c4b9f02" dependencies = [ "actix 0.10.0", "actix-codec 0.3.0", @@ -283,7 +283,7 @@ dependencies = [ "actix-threadpool", "actix-tls 2.0.0", "actix-utils 2.0.0", - "base64 0.12.3", + "base64 0.13.0", "bitflags", "brotli2", "bytes 0.5.6", @@ -307,7 +307,7 @@ dependencies = [ "log", "mime", "percent-encoding", - "pin-project", + "pin-project 1.0.1", "rand", "regex", "serde 1.0.116", @@ -325,7 +325,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3263fe74cf505c6f9e18209c89fbdba5569cfd3905a7e907b42aa1c85c18fae5" dependencies = [ "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "futures-util", "serde 1.0.116", "serde_json", @@ -350,7 +350,7 @@ checksum = "774bfeb11b54bf9c857a005b8ab893293da4eaff79261a66a9200dab7f5ab6e3" dependencies = [ "actix-service", "actix-utils 2.0.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "derive_more", "futures-util", @@ -367,7 +367,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "af362615b2f93a278580d218b6485cb2afa4e7a22cbc9ab36e44ba3d79c66967" dependencies = [ "actix-rt", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "derive_more", "futures-util", @@ -381,12 +381,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6856e8adb0b1683817fc6504fed3eba36aba49bea450eb7437a0777a9adc78bc" dependencies = [ "actix 0.10.0", - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-rt", "actix-service", "actix-session", "actix-utils 2.0.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "backoff", "derive_more", "futures-util", @@ -455,7 +455,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0052435d581b5be835d11f4eb3bce417c8af18d87ddf8ace99f8e67e595882bb" dependencies = [ "futures-util", - "pin-project", + "pin-project 0.4.27", ] [[package]] @@ -465,7 +465,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cfe0c795741b7a1a6f8eb46680c5a0f6f53484d054226a7af9a86195dfc2c14d" dependencies = [ "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "derive_more", "futures-util", @@ -543,7 +543,7 @@ version = "2.0.0" dependencies = [ "actix-files 0.3.0", "actix-session", - "actix-web 3.1.0", + "actix-web 3.2.0", "diesel", "dotenv", "env_logger 0.7.1", @@ -568,7 +568,7 @@ dependencies = [ "either", "futures 0.3.6", "log", - "pin-project", + "pin-project 0.4.27", "slab", ] @@ -588,7 +588,7 @@ dependencies = [ "futures-sink", "futures-util", "log", - "pin-project", + "pin-project 0.4.27", "slab", ] @@ -619,7 +619,7 @@ dependencies = [ "log", "mime", "net2", - "pin-project", + "pin-project 0.4.27", "regex", "serde 1.0.116", "serde_json", @@ -630,12 +630,12 @@ dependencies = [ [[package]] name = "actix-web" -version = "3.1.0" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1b12fe25e11cd9ed2ef2e428427eb6178a1b363f3f7f0dab8278572f11b2da1" +checksum = "88344b7a5ef27e5e09e73565379f69273dd3e2d29e82afc381b84d170d0a5631" dependencies = [ "actix-codec 0.3.0", - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-macros", "actix-router", "actix-rt", @@ -645,7 +645,7 @@ dependencies = [ "actix-threadpool", "actix-tls 2.0.0", "actix-utils 2.0.0", - "actix-web-codegen 0.3.0", + "actix-web-codegen 0.4.0", "awc 2.0.0", "bytes 0.5.6", "derive_more", @@ -657,7 +657,7 @@ dependencies = [ "log", "mime", "openssl", - "pin-project", + "pin-project 1.0.1", "regex", "rustls", "serde 1.0.116", @@ -681,7 +681,7 @@ dependencies = [ "actix-web 2.0.0", "bytes 0.5.6", "futures 0.3.6", - "pin-project", + "pin-project 0.4.27", ] [[package]] @@ -692,12 +692,12 @@ checksum = "7f6edf3c2693e2a8c422800c87ee89a6a4eac7dd01109bc172a1093ce1f4f001" dependencies = [ "actix 0.10.0", "actix-codec 0.3.0", - "actix-http 2.0.0", - "actix-web 3.1.0", + "actix-http 2.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "futures-channel", "futures-core", - "pin-project", + "pin-project 0.4.27", ] [[package]] @@ -713,9 +713,9 @@ dependencies = [ [[package]] name = "actix-web-codegen" -version = "0.3.0" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "750ca8fb60bbdc79491991650ba5d2ae7cd75f3fc00ead51390cfe9efda0d4d8" +checksum = "ad26f77093333e0e7c6ffe54ebe3582d908a104e448723eec6d43d08b07143fb" dependencies = [ "proc-macro2 1.0.24", "quote 1.0.7", @@ -727,7 +727,7 @@ name = "actix-web-cors" version = "1.0.0" dependencies = [ "actix-cors 0.5.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.8.1", "futures 0.3.6", "serde 1.0.116", @@ -751,7 +751,7 @@ version = "1.0.0" dependencies = [ "actix 0.10.0", "actix-redis", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", "redis-async", @@ -1059,9 +1059,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b09f159aa2d1cc30d54b0e6f2a7b359d09c818193e7ddfbc166402bdab83e644" dependencies = [ "actix 0.10.0", - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-rt", - "actix-web 3.1.0", + "actix-web 3.2.0", "actix-web-actors 3.0.0", "async-graphql", "futures 0.3.6", @@ -1072,7 +1072,7 @@ dependencies = [ name = "async-graphql-demo" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "async-graphql", "async-graphql-actix-web", "slab", @@ -1216,7 +1216,7 @@ dependencies = [ name = "async_data_factory" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "num_cpus", "redis", "redis_tang", @@ -1226,7 +1226,7 @@ dependencies = [ name = "async_db" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "failure", "futures 0.3.6", @@ -1244,7 +1244,7 @@ version = "0.1.0" dependencies = [ "actix-rt", "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "env_logger 0.7.1", "futures 0.3.6", @@ -1257,7 +1257,7 @@ dependencies = [ name = "async_pg" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "config", "deadpool-postgres", "derive_more", @@ -1321,7 +1321,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "150e00c06683ab44c5f97d033950e5d87a7a042d06d77f5eecb443cbd23d0575" dependencies = [ "actix-codec 0.3.0", - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-rt", "actix-service", "base64 0.12.3", @@ -1343,7 +1343,7 @@ dependencies = [ name = "awc_examples" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", "serde 1.0.116", @@ -1356,7 +1356,7 @@ dependencies = [ name = "awc_https" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "openssl", ] @@ -1411,6 +1411,12 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff" +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + [[package]] name = "basics" version = "2.0.0" @@ -1418,7 +1424,7 @@ dependencies = [ "actix-files 0.3.0", "actix-session", "actix-utils 2.0.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -1887,7 +1893,7 @@ name = "cookie-auth" version = "2.0.0" dependencies = [ "actix-identity", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "rand", ] @@ -1897,7 +1903,7 @@ name = "cookie-session" version = "1.0.0" dependencies = [ "actix-session", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -2128,7 +2134,7 @@ dependencies = [ name = "diesel-example" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "diesel", "dotenv", "env_logger 0.7.1", @@ -2221,7 +2227,7 @@ checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0" name = "docker_sample" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", ] [[package]] @@ -2386,7 +2392,7 @@ dependencies = [ name = "error_handling" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "derive_more", "env_logger 0.7.1", "rand", @@ -2486,7 +2492,7 @@ name = "form-example" version = "1.0.0" dependencies = [ "actix-rt", - "actix-web 3.1.0", + "actix-web 3.2.0", "serde 1.0.116", ] @@ -2635,7 +2641,7 @@ dependencies = [ "futures-sink", "futures-task", "memchr", - "pin-project", + "pin-project 0.4.27", "pin-utils", "proc-macro-hack", "proc-macro-nested", @@ -2803,7 +2809,7 @@ name = "hello-world" version = "2.0.0" dependencies = [ "actix-rt", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -2888,7 +2894,7 @@ dependencies = [ name = "http-proxy" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "clap", "url", ] @@ -2942,7 +2948,7 @@ dependencies = [ "httparse", "httpdate", "itoa", - "pin-project", + "pin-project 0.4.27", "socket2", "tokio", "tower-service", @@ -3122,7 +3128,7 @@ version = "0.1.0" dependencies = [ "actix-rt", "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", "json", @@ -3134,7 +3140,7 @@ dependencies = [ name = "json_decode_error" version = "0.1.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "serde 1.0.116", ] @@ -3142,7 +3148,7 @@ dependencies = [ name = "json_error" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "failure", "serde 1.0.116", "serde_json", @@ -3152,7 +3158,7 @@ dependencies = [ name = "jsonrpc-example" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "env_logger 0.7.1", "futures 0.3.6", @@ -3181,7 +3187,7 @@ dependencies = [ name = "juniper-advanced" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "dotenv", "env_logger 0.7.1", "juniper", @@ -3199,7 +3205,7 @@ name = "juniper-example" version = "0.2.0" dependencies = [ "actix-cors 0.4.1", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "juniper", "serde 1.0.116", @@ -3476,10 +3482,10 @@ name = "middleware-example" version = "2.0.0" dependencies = [ "actix-service", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", - "pin-project", + "pin-project 0.4.27", ] [[package]] @@ -3596,7 +3602,7 @@ name = "multipart-async-std-example" version = "0.3.0" dependencies = [ "actix-multipart", - "actix-web 3.1.0", + "actix-web 3.2.0", "async-std", "futures 0.3.6", "sanitize-filename", @@ -3607,7 +3613,7 @@ name = "multipart-example" version = "0.3.0" dependencies = [ "actix-multipart", - "actix-web 3.1.0", + "actix-web 3.2.0", "futures 0.3.6", "sanitize-filename", ] @@ -3617,7 +3623,7 @@ name = "multipart-s3" version = "0.1.0" dependencies = [ "actix-multipart", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "dotenv", "futures 0.3.6", @@ -3888,7 +3894,7 @@ dependencies = [ name = "openssl-example" version = "0.2.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "openssl", ] @@ -4076,7 +4082,16 @@ version = "0.4.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2ffbc8e94b38ea3d2d8ba92aea2983b503cd75d0888d75b86bb37970b5698e15" dependencies = [ - "pin-project-internal", + "pin-project-internal 0.4.27", +] + +[[package]] +name = "pin-project" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee41d838744f60d959d7074e3afb6b35c7456d0f61cad38a24e35e6553f73841" +dependencies = [ + "pin-project-internal 1.0.1", ] [[package]] @@ -4090,6 +4105,17 @@ dependencies = [ "syn", ] +[[package]] +name = "pin-project-internal" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81a4ffa594b66bff340084d4081df649a7dc049ac8d7fc458d8e628bfbbb2f86" +dependencies = [ + "proc-macro2 1.0.24", + "quote 1.0.7", + "syn", +] + [[package]] name = "pin-project-lite" version = "0.1.10" @@ -4293,7 +4319,7 @@ version = "0.2.0" dependencies = [ "actix 0.10.0", "actix-protobuf", - "actix-web 3.1.0", + "actix-web 3.2.0", "bytes 0.5.6", "env_logger 0.7.1", "prost", @@ -4354,7 +4380,7 @@ dependencies = [ name = "r2d2-example" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "r2d2", "r2d2_sqlite", @@ -4471,12 +4497,12 @@ dependencies = [ name = "redis_session" version = "2.0.0" dependencies = [ - "actix-http 2.0.0", + "actix-http 2.1.0", "actix-redis", "actix-rt", "actix-service", "actix-session", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "rand", "serde 1.0.116", @@ -4613,7 +4639,7 @@ dependencies = [ name = "run-in-thread" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -4635,7 +4661,7 @@ dependencies = [ "log", "md5", "percent-encoding", - "pin-project", + "pin-project 0.4.27", "rusoto_credential", "rusoto_signature", "rustc_version", @@ -4657,7 +4683,7 @@ dependencies = [ "dirs 2.0.2", "futures 0.3.6", "hyper", - "pin-project", + "pin-project 0.4.27", "regex", "serde 1.0.116", "serde_json", @@ -4695,7 +4721,7 @@ dependencies = [ "log", "md5", "percent-encoding", - "pin-project", + "pin-project 0.4.27", "rusoto_credential", "rustc_version", "serde 1.0.116", @@ -4775,12 +4801,23 @@ dependencies = [ "webpki", ] +[[package]] +name = "rustls-client-cert" +version = "1.0.0" +dependencies = [ + "actix-tls 2.0.0", + "actix-web 3.2.0", + "env_logger 0.8.1", + "log", + "rustls", +] + [[package]] name = "rustls-example" version = "1.0.0" dependencies = [ "actix-files 0.3.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "rustls", ] @@ -4965,7 +5002,7 @@ dependencies = [ name = "server-sent-events" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", "tokio", @@ -5043,7 +5080,7 @@ checksum = "7fdf1b9db47230893d76faad238fd6097fd6d6a9245cd7a4d90dbd639536bbd2" name = "shutdown-server" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "futures 0.3.6", "tokio", @@ -5064,7 +5101,7 @@ name = "simple-auth-server" version = "2.0.0" dependencies = [ "actix-identity", - "actix-web 3.1.0", + "actix-web 3.2.0", "argonautica", "chrono", "derive_more", @@ -5152,7 +5189,7 @@ dependencies = [ name = "state" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -5173,7 +5210,7 @@ name = "static_index" version = "2.0.0" dependencies = [ "actix-files 0.3.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -5364,7 +5401,7 @@ dependencies = [ name = "template-askama" version = "2.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "askama", ] @@ -5372,8 +5409,8 @@ dependencies = [ name = "template-tera" version = "2.0.0" dependencies = [ - "actix-http 2.0.0", - "actix-web 3.1.0", + "actix-http 2.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "tera", ] @@ -5396,8 +5433,8 @@ dependencies = [ name = "template_handlebars" version = "1.0.0" dependencies = [ - "actix-http 2.0.0", - "actix-web 3.1.0", + "actix-http 2.1.0", + "actix-web 3.2.0", "handlebars", "serde_json", ] @@ -5407,7 +5444,7 @@ name = "template_yarte" version = "0.0.1" dependencies = [ "actix-rt", - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", "yarte", "yarte_helpers", @@ -6059,7 +6096,7 @@ dependencies = [ name = "unix-socket" version = "1.0.0" dependencies = [ - "actix-web 3.1.0", + "actix-web 3.2.0", "env_logger 0.7.1", ] @@ -6384,7 +6421,7 @@ dependencies = [ "actix 0.10.0", "actix-codec 0.3.0", "actix-files 0.3.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "actix-web-actors 3.0.0", "awc 2.0.0", "bytes 0.5.6", @@ -6397,7 +6434,7 @@ name = "websocket-autobahn" version = "2.0.0" dependencies = [ "actix 0.10.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "actix-web-actors 3.0.0", "env_logger 0.7.1", ] @@ -6424,7 +6461,7 @@ version = "2.0.0" dependencies = [ "actix 0.10.0", "actix-files 0.3.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "actix-web-actors 3.0.0", "byteorder", "bytes 0.5.6", @@ -6442,7 +6479,7 @@ dependencies = [ "actix 0.10.0", "actix-codec 0.3.0", "actix-files 0.3.0", - "actix-web 3.1.0", + "actix-web 3.2.0", "actix-web-actors 3.0.0", "byteorder", "bytes 0.5.6", diff --git a/Cargo.toml b/Cargo.toml index aa398824..9886e48d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,6 +34,7 @@ members = [ "redis-session", "run-in-thread", "rustls", + "rustls-client-cert", "shutdown-server", "server-sent-events", "simple-auth-server", diff --git a/rustls-client-cert/Cargo.toml b/rustls-client-cert/Cargo.toml new file mode 100644 index 00000000..3bd401ad --- /dev/null +++ b/rustls-client-cert/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "rustls-client-cert" +version = "1.0.0" +authors = ["Rob Ede "] +edition = "2018" + +[dependencies] +actix-tls = "2" +actix-web = { version = "3.2", features = ["rustls"] } +env_logger = "0.8" +log = "0.4" +rustls = "0.18" diff --git a/rustls-client-cert/README.md b/rustls-client-cert/README.md new file mode 100644 index 00000000..90df0aea --- /dev/null +++ b/rustls-client-cert/README.md @@ -0,0 +1,34 @@ +# Access Client Certificate (via Rustls) + +## Usage + +### Certificate + +All the self-signed certificate are in the ./certs directory, including the CA certificate +generated by [`mkcert`] that was used to create the server and client certs. + +### Server + +```sh +cd examples/rustls-client-cert +cargo run +``` + +The server runs HTTP on port 8080 and HTTPS on port 8443. + +### Providing Client Cert + +Using [HTTPie]: +```sh +# `--verify=false` used because HTTPie doesn't have an option to provide the CA cert +http https://127.0.0.1:8443/ --verify=false --cert=certs/client-cert.pem --cert-key=certs/client-key.pem +``` + +Using [cURL]: +```sh +curl https://127.0.0.1:8443/ --cacert certs/rootCA.pem --cert certs/client-cert.pem --key certs/client-key.pem +``` + +[`mkcert`]: https://github.com/FiloSottile/mkcert +[cURL]: https://curl.haxx.se/ +[HTTPie]: https://httpie.org/ diff --git a/rustls-client-cert/certs/client-cert.pem b/rustls-client-cert/certs/client-cert.pem new file mode 100644 index 00000000..10631762 --- /dev/null +++ b/rustls-client-cert/certs/client-cert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEVDCCArygAwIBAgIRAOAgy58Y3ViVpV9G8DTyKzMwDQYJKoZIhvcNAQELBQAw +bTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSEwHwYDVQQLDBhyb2JA +c29tYnJhLng1Mi5kZXYgKFJvYikxKDAmBgNVBAMMH21rY2VydCByb2JAc29tYnJh +Lng1Mi5kZXYgKFJvYikwHhcNMTkwNjAxMDAwMDAwWhcNMzAxMDI1MTczODMxWjBM +MScwJQYDVQQKEx5ta2NlcnQgZGV2ZWxvcG1lbnQgY2VydGlmaWNhdGUxITAfBgNV +BAsMGHJvYkBzb21icmEueDUyLmRldiAoUm9iKTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJsp9QFEpfEWFB3CyFTA2Rv2tUMwnpQcDtiB1hwH03EYcMlG +pEkMh1tPTK8WZo2igMJrBtP2Vf2AN0/hmFWUZV1ZEUUNXXW0QD2mHS8Rgz7nAgmq +V5XvmLLeeo2vMdw1B2qsRxCPTjbInDsZsBqv2GyXWo5/9o3PD32h4LNk3w0VyA47 +f/jdpMWlcIXQoyJJV1U1FPLf92xYZvWc9Vf/+K6mStESEpoFll+b4uqjPpwrEz9Q +KBY4eyXwhGCrjQC0+jJFNlIcbV5FgQSYd4DVMcw6SWdMeV/+VtQs+JQrENjNB3am +nJ5xpoZ7mmNDOkWg4zvoYRL6o7LtqT+8EXptzMMCAwEAAaOBjzCBjDAOBgNVHQ8B +Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAwGA1UdEwEB +/wQCMAAwHwYDVR0jBBgwFoAUfpWkO5lYpQJz4omoVdVzuuZnn80wLAYDVR0RBCUw +I4IJbG9jYWxob3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEB +CwUAA4IBgQB8ulsrStRha8SRxoPRlTNIb9WMjNl5KdZF+ePpUctBX0lFmxqn0upu +l3BoZkhMrpPRRcGlDPImuL7tfxk/IuTA6S1AEQtEHCC8WyZbq3RODPzVY6J/IOUv +H2ZwZYo0c714FyNx8igBpVSjHT6yCIeQkSQlTXsWxddToSeKYvXg8VI+M5L0DH1Y +jRb2u3GpMPdLhMqGNZPcwbLkVyMe5aj4hx334fa3uLf/CK6/5ev4+ozSNz3Qr8S7 +iPE8WXrny/qEJmTEme7eq6K/QPTC9ly3j+5Ms3Uepnk0Jez9/ksOrlbYrWXhwD0P +Nwvn3HtiYy8q1HwRw5U+LMNyh6lIyfJUsu2tRmYz1fiH74tMDFb2pjDpcmvgaSJY +eSwKksOiX1No6K980ECEkCX9iQFwD5edTCnD2lz+AVGDzZPkY/551Ohl+KMh/mFG +uZNtgjUeMh0btfc9D+PLLLHjpSMVkRMEEmtm/Zi2nKeVCAdIomFfk+EFIEOdaMyk +SUZMUFzBP+4= +-----END CERTIFICATE----- diff --git a/rustls-client-cert/certs/client-key.pem b/rustls-client-cert/certs/client-key.pem new file mode 100644 index 00000000..5ce3576f --- /dev/null +++ b/rustls-client-cert/certs/client-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCbKfUBRKXxFhQd +wshUwNkb9rVDMJ6UHA7YgdYcB9NxGHDJRqRJDIdbT0yvFmaNooDCawbT9lX9gDdP +4ZhVlGVdWRFFDV11tEA9ph0vEYM+5wIJqleV75iy3nqNrzHcNQdqrEcQj042yJw7 +GbAar9hsl1qOf/aNzw99oeCzZN8NFcgOO3/43aTFpXCF0KMiSVdVNRTy3/dsWGb1 +nPVX//iupkrREhKaBZZfm+Lqoz6cKxM/UCgWOHsl8IRgq40AtPoyRTZSHG1eRYEE +mHeA1THMOklnTHlf/lbULPiUKxDYzQd2ppyecaaGe5pjQzpFoOM76GES+qOy7ak/ +vBF6bczDAgMBAAECggEAOAzN/mlH8HDjT2TfbQ5E3z8dd2oGvsXr7vXn3DRPgxkr +FOo5ylGGS8u3jb/vx9Yd4R08WDEyGuLIGEkL+E4k17Wm8WTEkBJO6nYpMKmI2Z4l +NEyeWwE0DdkkOC5DOqLFTRlyil7aCBwro4XCAcHn0kJSagt7ivpzRBTH0MXtdRIL +L37nOInga2puSeHLOGj9W1Q0AX0EIiecqLPpCLmz+xotlevFBmlQ4iFT7xkoKH+s +NeqWEd0HTNYkYQZtZ9husDzNK4x59MKUYS1oWB8A8JKu5E4ovdb6R6LjyN/Y5lNl +3Z4Mg2DJ4iBN4DRnEBwiY8bdeqYboMNNyAbCU+nPYQKBgQDLP0lEYsdcSNF5Uv0c +fe5pUvAzyTUzVhP7LLOk2jdRxs85MNbYJkays40rROqm2+StSFgih3NpA9D1pl7f +ucJABlK9OkTtOshFSR6Q+0NomKLHhBGvYpouC2tIHjGsE/KjiQa4I1Pia72xpIWT +QK3isM2c11924RqdoJ0mpBKpOwKBgQDDb8k4U512u+exVvFQ8JEbro4oy4jsc74L +BZG6PbHZcIADKANmB15ahN3tCkDwJQ8iJYX7bmzn+8jR2HtznchgJwWN9aGtEP4C +qTmmyrJd09pMMs5W4/BucD7wJ7s32PwVUwj0nvW+BHE4LQk5td4a3VE1wj1EZ8bR ++JCK081yGQKBgQCG1vKtuvbWY70NR6CCwY1lNNAFG0z/RPE2pz57dQZUa5hZMeyn +NCWdMv/KIAupLaN1ztQh/Ej198Eu5/RzaxLTVR6ZScomtOPfC5aKyxe6keEUiqsM +91agi5TeIKIFrqpAEo1xpoZlZeNQsnyn57Y0+eU/U6eS/96fisoXs6xptwKBgQCy +loDqnsXCTR0AmbE0RFBlWlH/h1Ycs/tSeQlchanyR3JC8BqC7nLTBp0BUaBbkZHN +ozpWsuaD6jntQAQ3d1Q2QRI7Ud0ml+N1rQvIlWr+gGv3u2mATxRS5vEsZTIYa4iX +N+R0HJn0xHxtWAIZIU7Pf7QJCvEPhEFTd+8lXTxcaQKBgG5d4vG5AyYXuiKKmm+d +MM4PPMJNw3+u5G50hgI4D/1WlirP9m6HIpFouNNGoggxpBBUeokIBPsXbq/fnkq2 +uZmkAkWZeMeWHbI0lHSsE98ZTQHg36dNJ9hRHVRJ9PA2/YTSnr3WzDaaA1v5aoTv +xJyGdLlEy+RiIZCPk9RKtVc4 +-----END PRIVATE KEY----- diff --git a/rustls-client-cert/certs/rootCA-key.pem b/rustls-client-cert/certs/rootCA-key.pem new file mode 100644 index 00000000..eadccba1 --- /dev/null +++ b/rustls-client-cert/certs/rootCA-key.pem @@ -0,0 +1,40 @@ +-----BEGIN PRIVATE KEY----- +MIIG/AIBADANBgkqhkiG9w0BAQEFAASCBuYwggbiAgEAAoIBgQCrw0DmUZg1hTEK +SekUpDXhEEmVsSCNx8ciLyGn1OhvNSKDI5Chn1bnRaYKFG64A799cgaLyKh6Oi14 +09VsmPuCAwrHXfbnpy8MpVHv00p6gcFJhRSOzY3JlnfM9R5R7S1c8dEnhExYualg +p0jo0JiMNfqi4Ih6HqyKdM5JX7R1ud8e8UYRIWlR6JR2ycJGiuxr+gGf6Eifl29+ +27FINgNsAOxIsOqHFjjGxAko/TS43Kws/S97AGpNJQs14cw1/RiGmLKi3+1txGpA +DNLNEi9Z4KDDQZyOo9bbv+n/H/hKHdfONPrDXFW0XtmeJbfsziBCS00ecxZWBx6q +jRNoLCj4Hftclr98FEfTHwecx1rUl5ntfz9LPJztgRrUzpmQo414ISALv7yOn9pM +z/QO68giHEfAr/08a9ZgMUmfLYl/ymrWMnroavS5bFEkeht/aQH5oXcpSzmcrj0r +D5OZlwH5JtTbnp7bA+G6zGrFediL1aN0jIKoXcHWFjESJpGIVFMCAwEAAQKCAYAk +tysTUJPBtQPjmCL7p5Jg1rN0DRXRWMgHVZ3TG17IDsqez6Zl9gKEk03Hz9BPA3YW +YZ5mmPDyl6cKsfVoLlds1iuirEJQCFu1T01xf2/nOf9QMONRFz1cvw5CwI7HonRU +7tfvo4cSXDWJlJiwM464Qf2efXKO8CmfuxIxewS/OYkpOxfoJ4U03guGTOB7Zczd +0+YvAV8sxhkuO9Xsgqc+mf/oFfE8CRL/4f23RlDTx1ACmehhWZhffzCjRu35CG2w +8wI7UpKQvnVaQJ8hpnwYpv5lFlTvh7lYHz97VdRSGs3k3szqFbuPzRyGgnwMwRbQ +W323XuSI6euAzc9aaUP4yo56CmYP+vngn/MIAXQj3YO1snMTf+RUg4AA44r8Lemw +It8dhGA3m48eVckQv5qGlCFlAwTUhdQiuEaDRymf037sNmQLcMAXp8YXDJRpGR4F +v5bgVXrFdQlg1Q54TB58G4DOtuz9J8TyKgvhQvjFS0BC2HVWCCPR+KCxKqncF/kC +gcEA20IpdVOeuJQxr6MvhUgFPD2hrKzDdAdFL28YSSSg2vOdbdavxOQ66WpUREx5 +G1o4KUdf7Ex/z/XI0HRzZfjxAIKdpEcCebVa5HceOQsqb5RulLaflGc1sL8Lkc0c +sAsyj8QtCuYege/GgM3srF1V7Nu2oSMR2W9ZZuyDPzuwAyTkbQNsND/W2Y6REnSL +qlz2aK4BkkHHQqpjlmR/n8ejX00O1CERNUF6uRXi9ZN+wsMhBeuCRHf2bZHSD2aE +kNjnAoHBAMiLmaL/mZa0+sRPqdqldO1IOpGIn1L+NYngcQfqpTpLzB4FaYzZG/02 +7CrPrYkojXy7Fc2dUM/i4BTOAnJIAeS9DvLA/5xmv9bid76e91+8zdXGU1R3JjYN ++n7TJbcwLXpJ6+M8vX/WDj5ZknVZHiBMWqVc+LLQLhfeupP1V3fD5qWcL1NuBrbF +P+G6y230NraoRNFzx+4E97eG7TXUSgnjeoRqiRiGOW7BAC1WWe1BHcJULKi6Gq2/ +uyuMqe0ftQKBwCBwSXHyTSlBw5gYrI8reJrRA3polQI1kSbTaORpZuL95+y4NokK +uyyNbqosJj7FuklhJe/v4XkDBBLTJ7+OdRl+OZR0bQlUq33hobcOz9hyPWoDGtj5 +7BeaLDwF/JiPD4v1mjRil2Dh+JxV2w4lQPEqEHsGlT12G+P+WeyhCAlvC9yVBQ01 +5LOLRCtW0tMBrfMOy2y4DqLuUo2NkNQy1Rjkba00tzcJ2P5JHqr2h2qJM/mMPlmi +5fKQAGQG5tYHQQKBwG24cwZK8a0St2BQdY26mI55xhF5vjGaA5C7yxuZtWx/q92A ++I6m+jk/o1aI6VjxZvenI/aq61vRtOetDomX+/E5vsPx8+eOD8dxgDI6pv0qPzOG +nnDH/4/zdemNfEUNhtQxPW3F/afDZWeXehnZ+DGTlMSEaUzruUw1/76TrJdKBxb0 +rK/osqOsp5bIrCQsSQMGbSBrSCdhcGZo279ntlpSquVnpDpWtXVzArXLWMgFqFJ5 +2zU1HQOSssTQ4OdrQQKBwEjUyeaG/exb/vNzHHGTpm0qti7BEezji+nlNvSUN38u +9/eKK3m70FGhBrdB44jAtmLp4cyjQVmdluRYkZL5s4NbP+bAEAbyzCozfaU0ontJ +YTSE5W8CzQo5ayA/m4SA9uV0h8MijeItxNyveLsi2OlA04m9/peq45IGNdLHzHjm +xvm40ENrToQsRH8p8PjREipl45/xjrDG+zhGCH87+C+WOLF4BWTP0VzkTym8fX9K +nctls65dJGslcxgwD6O1rA== +-----END PRIVATE KEY----- diff --git a/rustls-client-cert/certs/rootCA.pem b/rustls-client-cert/certs/rootCA.pem new file mode 100644 index 00000000..8a3a2fd1 --- /dev/null +++ b/rustls-client-cert/certs/rootCA.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEqTCCAxGgAwIBAgIQL82W4ilLJ4cs8zMbhJ+7aTANBgkqhkiG9w0BAQsFADBt +MR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1lbnQgQ0ExITAfBgNVBAsMGHJvYkBz +b21icmEueDUyLmRldiAoUm9iKTEoMCYGA1UEAwwfbWtjZXJ0IHJvYkBzb21icmEu +eDUyLmRldiAoUm9iKTAeFw0yMDEwMjUxNzIyMzlaFw0zMDEwMjUxNjIyMzlaMG0x +HjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEhMB8GA1UECwwYcm9iQHNv +bWJyYS54NTIuZGV2IChSb2IpMSgwJgYDVQQDDB9ta2NlcnQgcm9iQHNvbWJyYS54 +NTIuZGV2IChSb2IpMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAq8NA +5lGYNYUxCknpFKQ14RBJlbEgjcfHIi8hp9TobzUigyOQoZ9W50WmChRuuAO/fXIG +i8ioejoteNPVbJj7ggMKx13256cvDKVR79NKeoHBSYUUjs2NyZZ3zPUeUe0tXPHR +J4RMWLmpYKdI6NCYjDX6ouCIeh6sinTOSV+0dbnfHvFGESFpUeiUdsnCRorsa/oB +n+hIn5dvftuxSDYDbADsSLDqhxY4xsQJKP00uNysLP0vewBqTSULNeHMNf0Yhpiy +ot/tbcRqQAzSzRIvWeCgw0GcjqPW27/p/x/4Sh3XzjT6w1xVtF7ZniW37M4gQktN +HnMWVgceqo0TaCwo+B37XJa/fBRH0x8HnMda1JeZ7X8/Szyc7YEa1M6ZkKONeCEg +C7+8jp/aTM/0DuvIIhxHwK/9PGvWYDFJny2Jf8pq1jJ66Gr0uWxRJHobf2kB+aF3 +KUs5nK49Kw+TmZcB+SbU256e2wPhusxqxXnYi9WjdIyCqF3B1hYxEiaRiFRTAgMB +AAGjRTBDMA4GA1UdDwEB/wQEAwICBDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud +DgQWBBR+laQ7mVilAnPiiahV1XO65mefzTANBgkqhkiG9w0BAQsFAAOCAYEAe3A5 +5z5JWHSXEcQI/LstAVJfiloehyhvYgcNpImlsm5A41VzMd1iWdpLY+WSKWjHKFs0 +u5Id+sGEZRHBicYDts0azH3Sklj0FrNrpRdvf8jJuMvVC1EoUFijG+V/RdL14bxq +kyp5dtxVcvtvULT+ID5vSVYBwGOBp36Fg5Qs4QOuSPkVGwjaEdJvzqb1XDLncsve +ap6ALzwOXUsN8Icrq4/GlVDX11rOnfWhNQRiWKJtin4vzxL002rPWwSsekcuLEFQ +NCBYaBBDlp4fLh2XVuB7xvKXTPm8K9hIxrTBEh8kj8p5p95DOTWpLgXuBcdXmNDV +/4NBzsWwuO3I7/ilHbH+gEsM390p056Bmv2cF0bWb+xT2vyNymhmSCn77QEmcsOF +LDqsjDc7JsQGUVIAgtM50md/QvaXxTVoAMXtSWeyK8QsC2syZqWlXiYkrwYjp+KI +6jX4EpLwKdQOzZdjgnIZvG94o5lR8cPyZlaUKVunOTvAXiT3AWeBppCk6SEH +-----END CERTIFICATE----- diff --git a/rustls-client-cert/certs/server-cert.pem b/rustls-client-cert/certs/server-cert.pem new file mode 100644 index 00000000..f0b8d19c --- /dev/null +++ b/rustls-client-cert/certs/server-cert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIESjCCArKgAwIBAgIRAKNTHdWsrKKCpKt19C/sI4UwDQYJKoZIhvcNAQELBQAw +bTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSEwHwYDVQQLDBhyb2JA +c29tYnJhLng1Mi5kZXYgKFJvYikxKDAmBgNVBAMMH21rY2VydCByb2JAc29tYnJh +Lng1Mi5kZXYgKFJvYikwHhcNMTkwNjAxMDAwMDAwWhcNMzAxMDI1MTczODM4WjBM +MScwJQYDVQQKEx5ta2NlcnQgZGV2ZWxvcG1lbnQgY2VydGlmaWNhdGUxITAfBgNV +BAsMGHJvYkBzb21icmEueDUyLmRldiAoUm9iKTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANDv0oRupAGtAl9ZZTeTwdToYh/Gtaj3bAyhQQz+dQ5GzLS3 ++Zvo3daepwnoNABoxuPwptb/jJ6Ec8rdvUiJkKb+jAuZ0vSuEqPTcgvbnqsV+7UT +8WleCUnOIY6FB+uTaLEptu5k+Pf7i3m1RqW1gRVlYcHsLuv3NBQW0bz+XUZvcirW +KVCxz2ex2aFzWXrAZEuOwMX+x+Wicd4tRfcio4mOI+jCRCsbwW0TsyWStrimcbl0 +ldbRi8DeADf3VPQCMYmcJARYsTfRwK75OFMgmD0GTi8WURWQCbTJnwzop7Famno0 +/I/Ef65Dngleb6HwG91EtEVU7QHqSXlUK41Au9kCAwEAAaOBhTCBgjAOBgNVHQ8B +Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNV +HSMEGDAWgBR+laQ7mVilAnPiiahV1XO65mefzTAsBgNVHREEJTAjgglsb2NhbGhv +c3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwDQYJKoZIhvcNAQELBQADggGBAJJ0 +7oDkVmdB/P0PX0vIn+CPmiE8IrO8stItOGlVRy9TDWFRdMpY13BOjlNY2efNU2Tz +or+lyfV7D8PiCk5q3e8sLtOlIAT32IRIrGXl5E4q7zDnOckQjZIUZwSFAFVygy4F +rPgJCS9uqz9vz086SyRD0krTM5u9yMAvG2uJLEk5oaVWAKdDRplStmMx7QQHMZ4G +iNYMDpj4dU4gkrvZeC+JKwjbSJ3hje8CZCA1atzz/5WWEt2D8Yf9tw27T/hinrMi +rrjPpEcA6C8wvHxqYpiptQC1FF5vaUyRqjF+irHgQdNUCE0nJSwAsIDW0TDiVGDD +OJKs6EYuzJ8OcWw6IFx8YNvdxZJSr8SaavrH76myHieTkqhWvjSQERUw71iUwe0q +5Nev+J2N9U7oZBTCIsD/qKOQTD9mRjJpYLnXNqEyJhzRgCA5+TQIXbTa10eo9Svg +CTkqxsixmdTKD8ZIlUPhLI9ehr0Spbt+2Xh3yAtlSrfAt5p2hgVCoxalEwWpwA== +-----END CERTIFICATE----- diff --git a/rustls-client-cert/certs/server-key.pem b/rustls-client-cert/certs/server-key.pem new file mode 100644 index 00000000..729f0d91 --- /dev/null +++ b/rustls-client-cert/certs/server-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDQ79KEbqQBrQJf +WWU3k8HU6GIfxrWo92wMoUEM/nUORsy0t/mb6N3WnqcJ6DQAaMbj8KbW/4yehHPK +3b1IiZCm/owLmdL0rhKj03IL256rFfu1E/FpXglJziGOhQfrk2ixKbbuZPj3+4t5 +tUaltYEVZWHB7C7r9zQUFtG8/l1Gb3Iq1ilQsc9nsdmhc1l6wGRLjsDF/sflonHe +LUX3IqOJjiPowkQrG8FtE7Mlkra4pnG5dJXW0YvA3gA391T0AjGJnCQEWLE30cCu ++ThTIJg9Bk4vFlEVkAm0yZ8M6KexWpp6NPyPxH+uQ54JXm+h8BvdRLRFVO0B6kl5 +VCuNQLvZAgMBAAECggEAZ8PzZVodkcd+uiQHpMZ5KWgP84AYkEXxH4SmbfGh6Ok4 +mTgVe1z3b7NzefQcf2eJ/4JxGa3pBID7kPD3JKNNd+JLYyeOIX6iO0K0DTeRYZ6V +V6UD7DSLoGADQmjHOjQHdpUlCNiU3XPMHTHuWDYAWcPz/P9zfjVTY/bBS394i5W/ +nFLHMEGD/9KETUm2Wdmu+84fhAg+gSbDOHKOmrqiRoSmBInfUEjTL22gU1hPkjWY +17i9veMGVPQeA89XYmFavgWIMHwiOD0Fom2y26OIDWDXAJf7oOoONElWF2OjiSAa +7IHl8EED/aDIt9Xyv8J9qXzkAtLPXO8vFG2Uq0/BQQKBgQD1MlCsnMVf3dck8yg6 +YwFkFHZxnFBzBPwuDoMD2OBIZcrwcBhUQo0u8M0NohgjvBB7XUrW+/5ucF9BaecC +3Rz/JwPk7oPafYVbEFGv+CeGJFKL/lq7NwF62N7EYo3N2ijYjGYiZFmxgOVEfzSd +WRSH+b6Q923lEpWoFaeFww+5HQKBgQDaJIRTr1stXXFXVj/ETJG4uT3I7qlfR7zp +/t/YHX6QnV5dFdBCEXSW41YoqvUn12Ox28nvQMDFWVkQGfAELYqkf/ozBQ9d6ee8 +3bU9V14YWaGSK1RT83cgWUtDnUjtLuk9MG+5x3EQcfq5ng6ud+Hr8ut+gz0PbLcK +gR3uTQkM7QKBgENUSarccaZdeFKBIq7FuQAOTmfsEHtFBypuebN4vj2jFhLn9QZO +MA6PuP7hX9eQMMZvW7mlALy6xq1jszeqF+hIgl0+0Z4Rkajr1kKH1fKTzsb6VVfL +RvDA1IsAtQetvEGabAFNpQOE7W/drkj2yRh9j8Km7tpUPBwnthSY95xRAoGAL5uu +oZDwxjrRhK0XJ6FKYFVVTagAoQHIEg2FDuaI+8jMkmYzWGf02QVuhVuiO3q/kE6W +iLfKGogAbwoqHs9Npc8kbMQa8XUeFVMRvfx2VbwiDgOU2OmWwyGZ0nzeMJ1/W9JZ +X+NOIretb5s2Ow+A5/zRNoAv8FDatdkuDhcT9ZUCgYBtEI9pmWYXxGfaVQErJcsS +3a8PU875sE06DiEcvooljcLp6dCmGocRQOGpSXfy3zjX4F/HZjDK+GKPg2bCirKr +nRPWf0t3DSeSyDINj+a0fg4KvYR4FcocJDzTFJh/9CrtNktqwHAqrQUSokBbW8n6 +Kj/AYLWOIXATfCrOgdoAAg== +-----END PRIVATE KEY----- diff --git a/rustls-client-cert/src/main.rs b/rustls-client-cert/src/main.rs new file mode 100644 index 00000000..902e1377 --- /dev/null +++ b/rustls-client-cert/src/main.rs @@ -0,0 +1,105 @@ +//! This example shows how to use `actix_web::HttpServer::on_connect` to access client certificates +//! pass them to a handler through request-local data. + +use std::{any::Any, env, fs::File, io::BufReader, net::SocketAddr}; + +use actix_tls::rustls::{ServerConfig, TlsStream}; +use actix_web::{ + dev::Extensions, rt::net::TcpStream, web, App, HttpResponse, HttpServer, Responder, +}; +use log::info; +use rustls::{ + internal::pemfile::{certs, pkcs8_private_keys}, + AllowAnyAnonymousOrAuthenticatedClient, Certificate, RootCertStore, Session, +}; + +const CA_CERT: &str = "certs/rootCA.pem"; +const SERVER_CERT: &str = "certs/server-cert.pem"; +const SERVER_KEY: &str = "certs/server-key.pem"; + +#[derive(Debug, Clone)] +struct ConnectionInfo { + bind: SocketAddr, + peer: SocketAddr, + ttl: Option, +} + +async fn route_whoami( + conn_info: web::ReqData, + client_cert: Option>, +) -> impl Responder { + if let Some(cert) = client_cert { + HttpResponse::Ok().body(format!("{:?}\n\n{:?}", &conn_info, &cert)) + } else { + HttpResponse::Unauthorized().body("No client certificate provided.") + } +} + +fn get_client_cert(connection: &dyn Any, data: &mut Extensions) { + if let Some(tls_socket) = connection.downcast_ref::>() { + info!("TLS on_connect"); + + let (socket, tls_session) = tls_socket.get_ref(); + + data.insert(ConnectionInfo { + bind: socket.local_addr().unwrap(), + peer: socket.peer_addr().unwrap(), + ttl: socket.ttl().ok(), + }); + + if let Some(mut certs) = tls_session.get_peer_certificates() { + info!("client certificate found"); + + // insert a `rustls::Certificate` into request data + data.insert(certs.pop().unwrap()); + } + } else if let Some(socket) = connection.downcast_ref::() { + info!("plaintext on_connect"); + + data.insert(ConnectionInfo { + bind: socket.local_addr().unwrap(), + peer: socket.peer_addr().unwrap(), + ttl: socket.ttl().ok(), + }); + } else { + unreachable!("socket should be TLS or plaintext"); + } +} + +#[actix_web::main] +async fn main() -> std::io::Result<()> { + if env::var("RUST_LOG").is_err() { + env::set_var("RUST_LOG", "info"); + } + + env_logger::init(); + + let mut cert_store = RootCertStore::empty(); + + // import CA cert + let ca_cert = &mut BufReader::new(File::open(CA_CERT)?); + cert_store + .add_pem_file(ca_cert) + .expect("root CA not added to store"); + + // set up client authentication requirements + let client_auth = AllowAnyAnonymousOrAuthenticatedClient::new(cert_store); + let mut config = ServerConfig::new(client_auth); + + // import server cert and key + let cert_file = &mut BufReader::new(File::open(SERVER_CERT)?); + let key_file = &mut BufReader::new(File::open(SERVER_KEY)?); + + let cert_chain = certs(cert_file).unwrap(); + let mut keys = pkcs8_private_keys(key_file).unwrap(); + config.set_single_cert(cert_chain, keys.remove(0)).unwrap(); + + // start server + HttpServer::new(|| App::new().default_service(web::to(route_whoami))) + .on_connect(get_client_cert) + .bind(("localhost", 8080))? + .bind_rustls(("localhost", 8443), config)? + .workers(1) + .run() + .await +} diff --git a/rustls/README.md b/rustls/README.md index 7ddf4e68..8a6be173 100644 --- a/rustls/README.md +++ b/rustls/README.md @@ -1,4 +1,4 @@ -# tls example +# TLS / HTTPS (via Rustls) ## Usage