Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Start work on handling TLS for the RPC endpoint

Browse source
This commit is contained in:
Max Brunsfeld 2021-07-06 16:27:57 -07:00
parent 59fe0549cc
commit 193c704875
6 changed files with 114 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

76
Cargo.lock generated
View file

@ -215,6 +215,18 @@ dependencies = [
"event-listener", "event-listener",
] ]
[[package]]
name = "async-native-tls"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e9e7a929bd34c68a82d58a4de7f86fffdaf97fb2af850162a7bb19dd7269b33"
dependencies = [
"async-std",
"native-tls",
"thiserror",
"url",
]
[[package]] [[package]]
name = "async-net" name = "async-net"
version = "1.5.0" version = "1.5.0"
@ -1931,9 +1943,9 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55"
[[package]] [[package]]
name = "libc" name = "libc"
version = "0.2.86" version = "0.2.97"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b7282d924be3275cec7f6756ff4121987bc6481325397dde6ba3e7802b1a8b1c" checksum = "12b8adadd720df158f4d70dfe7ccc6adb0472d7c55ca83445f6a5ab3e36f8fb6"
[[package]] [[package]]
name = "libflate" name = "libflate"
@ -2142,6 +2154,24 @@ version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a"
[[package]]
name = "native-tls"
version = "0.2.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8d96b2e1c8da3957d58100b09f102c6d9cfdfced01b7ec5a8974044bb09dbd4"
dependencies = [
"lazy_static",
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
"security-framework",
"security-framework-sys",
"tempfile",
]
[[package]] [[package]]
name = "nb-connect" name = "nb-connect"
version = "1.0.3" version = "1.0.3"
@ -2288,6 +2318,20 @@ version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]]
name = "openssl"
version = "0.10.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "549430950c79ae24e6d02e0b7404534ecf311d94cc9f861e9e4020187d13d885"
dependencies = [
"bitflags 1.2.1",
"cfg-if 1.0.0",
"foreign-types",
"libc",
"once_cell",
"openssl-sys",
]
[[package]] [[package]]
name = "openssl-probe" name = "openssl-probe"
version = "0.1.4" version = "0.1.4"
@ -2296,9 +2340,9 @@ checksum = "28988d872ab76095a6e6ac88d99b54fd267702734fd7ffe610ca27f533ddb95a"
[[package]] [[package]]
name = "openssl-sys" name = "openssl-sys"
version = "0.9.63" version = "0.9.65"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6b0d6fb7d80f877617dfcb014e605e2b5ab2fb0afdf27935219bb6bd984cb98" checksum = "7a7907e3bfa08bb85105209cdfcb6c63d109f8f6c1ed6ca318fff5c1853fbc1d"
dependencies = [ dependencies = [
"autocfg 1.0.1", "autocfg 1.0.1",
"cc", "cc",
@ -3194,6 +3238,29 @@ version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b"
[[package]]
name = "security-framework"
version = "2.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23a2ac85147a3a11d77ecf1bc7166ec0b92febfa4461c37944e180f319ece467"
dependencies = [
"bitflags 1.2.1",
"core-foundation",
"core-foundation-sys",
"libc",
"security-framework-sys",
]
[[package]]
name = "security-framework-sys"
version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7e4effb91b4b8b6fb7732e670b6cee160278ff8e6bf485c7805d9e319d76e284"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]] [[package]]
name = "semver" name = "semver"
version = "0.9.0" version = "0.9.0"
@ -4312,6 +4379,7 @@ version = "0.1.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"arrayvec", "arrayvec",
"async-native-tls",
"cargo-bundle", "cargo-bundle",
"crossbeam-channel", "crossbeam-channel",
"ctor", "ctor",

1
Cargo.toml
View file

@ -9,6 +9,7 @@ tree-sitter = { git = "https://github.com/tree-sitter/tree-sitter", rev = "d7277
cocoa = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" } cocoa = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" }
cocoa-foundation = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" } cocoa-foundation = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" }
core-foundation = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" } core-foundation = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" }
core-foundation-sys = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" }
core-graphics = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" } core-graphics = { git = "https://github.com/servo/core-foundation-rs", rev = "025dcb3c0d1ef01530f57ef65f3b1deb948f5737" }
[profile.dev] [profile.dev]

30
zed-rpc/src/peer.rs
View file

@ -1,7 +1,11 @@
use crate::proto::{self, EnvelopedMessage, MessageStream, RequestMessage}; use crate::proto::{self, EnvelopedMessage, MessageStream, RequestMessage};
use anyhow::{anyhow, Context, Result}; use anyhow::{anyhow, Context, Result};
use async_lock::{Mutex, RwLock}; use async_lock::{Mutex, RwLock};
use futures::{future::BoxFuture, AsyncRead, AsyncWrite, FutureExt}; use futures::{
future::BoxFuture,
io::{ReadHalf, WriteHalf},
AsyncRead, AsyncReadExt, AsyncWrite, FutureExt,
};
use postage::{ use postage::{
mpsc, mpsc,
prelude::{Sink, Stream}, prelude::{Sink, Stream},
@ -72,13 +76,13 @@ struct Connection {
response_channels: ResponseChannels, response_channels: ResponseChannels,
} }
pub struct ConnectionHandler<Conn> { pub struct ConnectionHandler<ReadConn, WriteConn> {
peer: Arc<Peer>, peer: Arc<Peer>,
connection_id: ConnectionId, connection_id: ConnectionId,
response_channels: ResponseChannels, response_channels: ResponseChannels,
outgoing_rx: mpsc::Receiver<proto::Envelope>, outgoing_rx: mpsc::Receiver<proto::Envelope>,
reader: MessageStream<Conn>, reader: MessageStream<ReadConn>,
writer: MessageStream<Conn>, writer: MessageStream<WriteConn>,
} }
type ResponseChannels = Arc<Mutex<HashMap<u32, mpsc::Sender<proto::Envelope>>>>; type ResponseChannels = Arc<Mutex<HashMap<u32, mpsc::Sender<proto::Envelope>>>>;
@ -131,9 +135,12 @@ impl Peer {
pub async fn add_connection<Conn>( pub async fn add_connection<Conn>(
self: &Arc<Self>, self: &Arc<Self>,
conn: Conn, conn: Conn,
) -> (ConnectionId, ConnectionHandler<Conn>) ) -> (
ConnectionId,
ConnectionHandler<ReadHalf<Conn>, WriteHalf<Conn>>,
)
where where
Conn: Clone + AsyncRead + AsyncWrite + Unpin + Send + 'static, Conn: AsyncRead + AsyncWrite + Unpin + Send + 'static,
{ {
let connection_id = ConnectionId( let connection_id = ConnectionId(
self.next_connection_id self.next_connection_id
@ -145,13 +152,15 @@ impl Peer {
next_message_id: Default::default(), next_message_id: Default::default(),
response_channels: Default::default(), response_channels: Default::default(),
}; };
let (read_conn, write_conn) = conn.split();
let handler = ConnectionHandler { let handler = ConnectionHandler {
peer: self.clone(), peer: self.clone(),
connection_id, connection_id,
response_channels: connection.response_channels.clone(), response_channels: connection.response_channels.clone(),
outgoing_rx, outgoing_rx,
reader: MessageStream::new(conn.clone()), reader: MessageStream::new(read_conn),
writer: MessageStream::new(conn), writer: MessageStream::new(write_conn),
}; };
self.connections self.connections
.write() .write()
@ -291,9 +300,10 @@ impl Peer {
} }
} }
impl<Conn> ConnectionHandler<Conn> impl<ReadConn, WriteConn> ConnectionHandler<ReadConn, WriteConn>
where where
Conn: Clone + AsyncRead + AsyncWrite + Unpin + Send + 'static, ReadConn: AsyncRead + Unpin + Send + 'static,
WriteConn: AsyncWrite + Unpin + Send + 'static,
{ {
pub async fn run(mut self) -> Result<()> { pub async fn run(mut self) -> Result<()> {
loop { loop {

1
zed/Cargo.toml
View file

@ -31,6 +31,7 @@ ignore = "0.4"
lazy_static = "1.4.0" lazy_static = "1.4.0"
libc = "0.2" libc = "0.2"
log = "0.4" log = "0.4"
async-native-tls = "0.3"
num_cpus = "1.13.0" num_cpus = "1.13.0"
parking_lot = "0.11.1" parking_lot = "0.11.1"
postage = { version="0.4.1", features=["futures-traits"] } postage = { version="0.4.1", features=["futures-traits"] }

20
zed/src/rpc.rs
View file

@ -115,13 +115,22 @@ impl Client {
access_token: String, access_token: String,
executor: &Arc<Background>, executor: &Arc<Background>,
) -> surf::Result<()> { ) -> surf::Result<()> {
// TODO - If the `ZED_SERVER_URL` uses https, then wrap this stream in
// a TLS stream using `native-tls`.
let stream = smol::net::TcpStream::connect(&address).await?; let stream = smol::net::TcpStream::connect(&address).await?;
log::info!("connected to rpc address {}", address);
let (connection_id, handler) = self.peer.add_connection(stream).await; let connection_id = if ZED_SERVER_URL.starts_with("https") {
executor.spawn(handler.run()).detach(); let host = address.split(':').next().unwrap();
let stream = async_native_tls::connect(host, stream)
.await
.context("failed to establish TLS connection")?;
let (conn_id, handler) = self.peer.add_connection(stream).await;
executor.spawn(handler.run()).detach();
conn_id
} else {
let (conn_id, handler) = self.peer.add_connection(stream).await;
executor.spawn(handler.run()).detach();
conn_id
};
log::info!("connected to rpc address {}", address);
let auth_response = self let auth_response = self
.peer .peer
@ -138,6 +147,7 @@ impl Client {
Err(anyhow!("failed to authenticate with RPC server"))?; Err(anyhow!("failed to authenticate with RPC server"))?;
} }
log::info!("authenticated rpc connection as user {}", user_id);
self.state.write().await.connection_id = Some(connection_id); self.state.write().await.connection_id = Some(connection_id);
Ok(()) Ok(())
} }

7
zed/src/workspace.rs
View file

@ -6,6 +6,7 @@ use crate::{
language::LanguageRegistry, language::LanguageRegistry,
rpc, rpc,
settings::Settings, settings::Settings,
util::SurfResultExt as _,
worktree::{File, Worktree}, worktree::{File, Worktree},
AppState, AppState,
}; };
@ -684,7 +685,9 @@ impl Workspace {
let platform = cx.platform(); let platform = cx.platform();
let task = cx.spawn(|this, mut cx| async move { let task = cx.spawn(|this, mut cx| async move {
rpc.log_in_and_connect(&cx).await?; rpc.log_in_and_connect(&cx)
.await
.context("failed to establish rpc connection")?;
let share_task = this.update(&mut cx, |this, cx| { let share_task = this.update(&mut cx, |this, cx| {
let worktree = this.worktrees.iter().next()?; let worktree = this.worktrees.iter().next()?;
@ -705,7 +708,7 @@ impl Workspace {
cx.spawn(|_, _| async move { cx.spawn(|_, _| async move {
if let Err(e) = task.await { if let Err(e) = task.await {
log::error!("sharing failed: {}", e); log::error!("sharing failed: {:?}", e);
} }
}) })
.detach(); .detach();