split tls client/server/self signed
This commit is contained in:
parent
ff803fd4ef
commit
9bfc9ac33e
|
@ -39,9 +39,9 @@ use tokio::time::{sleep};
|
|||
use tracing_subscriber::util::SubscriberInitExt;
|
||||
|
||||
use tracing_subscriber::fmt::format::FmtSpan;
|
||||
use solana_lite_rpc_quic_forward_proxy::outbound::validator_identity::ValidatorIdentity;
|
||||
use solana_lite_rpc_quic_forward_proxy::proxy::QuicForwardProxy;
|
||||
use solana_lite_rpc_quic_forward_proxy::tls_config_provicer::SelfSignedTlsConfigProvider;
|
||||
use solana_lite_rpc_quic_forward_proxy::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
|
||||
use solana_lite_rpc_quic_forward_proxy::validator_identity::ValidatorIdentity;
|
||||
use solana_lite_rpc_services::tpu_utils::quic_proxy_connection_manager::QuicProxyConnectionManager;
|
||||
|
||||
#[derive(Copy, Clone, Debug)]
|
||||
|
|
|
@ -9,7 +9,8 @@ use solana_sdk::packet::PACKET_DATA_SIZE;
|
|||
use tokio::sync::mpsc::Sender;
|
||||
use crate::proxy_request_format::TpuForwardingRequest;
|
||||
use crate::shared::ForwardPacket;
|
||||
use crate::tls_config_provider::{ProxyTlsConfigProvider, SelfSignedTlsConfigProvider};
|
||||
use crate::tls_config_provider_server::ProxyTlsConfigProvider;
|
||||
use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
|
||||
use crate::util::FALLBACK_TIMEOUT;
|
||||
|
||||
// TODO tweak this value - solana server sets 256
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
// lib definition is only required for 'quic-forward-proxy-integration-test' to work
|
||||
|
||||
mod quic_util;
|
||||
pub mod tls_config_provider;
|
||||
pub mod tls_config_provider_client;
|
||||
pub mod tls_config_provider_server;
|
||||
pub mod tls_self_signed_pair_generator;
|
||||
pub mod proxy;
|
||||
pub mod validator_identity;
|
||||
pub mod proxy_request_format;
|
||||
|
|
|
@ -5,13 +5,15 @@ use dotenv::dotenv;
|
|||
use log::info;
|
||||
use crate::cli::{Args, get_identity_keypair};
|
||||
use crate::proxy::QuicForwardProxy;
|
||||
use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
|
||||
|
||||
pub use tls_config_provider::SelfSignedTlsConfigProvider;
|
||||
use crate::validator_identity::ValidatorIdentity;
|
||||
|
||||
|
||||
pub mod quic_util;
|
||||
pub mod tls_config_provider;
|
||||
pub mod tls_config_provider_client;
|
||||
pub mod tls_config_provider_server;
|
||||
pub mod tls_self_signed_pair_generator;
|
||||
pub mod proxy;
|
||||
pub mod proxy_request_format;
|
||||
pub mod cli;
|
||||
|
|
|
@ -7,7 +7,7 @@ use anyhow::{anyhow, bail, Context};
|
|||
use log::{debug, error, info, trace};
|
||||
use crate::inbound::proxy_listener;
|
||||
use crate::outbound::tx_forward::tx_forwarder;
|
||||
use crate::tls_config_provider::{ProxyTlsConfigProvider, SelfSignedTlsConfigProvider};
|
||||
use crate::tls_self_signed_pair_generator::SelfSignedTlsConfigProvider;
|
||||
use crate::util::AnyhowJoinHandle;
|
||||
use crate::validator_identity::ValidatorIdentity;
|
||||
|
||||
|
|
|
@ -13,8 +13,8 @@ use tokio::io::AsyncWriteExt;
|
|||
use crate::proxy_request_format::TpuForwardingRequest;
|
||||
use crate::tpu_quic_connection_utils::SkipServerVerification;
|
||||
use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
|
||||
use crate::tls_config_provider::ProxyTlsConfigProvider;
|
||||
|
||||
use crate::tls_config_provider_server::ProxyTlsConfigProvider;
|
||||
use crate::tls_config_provider_client::TpuCLientTlsConfigProvider;
|
||||
use crate::util::AnyhowJoinHandle;
|
||||
|
||||
pub struct QuicTestClient {
|
||||
|
@ -25,7 +25,7 @@ pub struct QuicTestClient {
|
|||
impl QuicTestClient {
|
||||
pub async fn new_with_endpoint(
|
||||
proxy_addr: SocketAddr,
|
||||
tls_config: &impl ProxyTlsConfigProvider
|
||||
tls_config: &impl TpuCLientTlsConfigProvider
|
||||
) -> anyhow::Result<Self> {
|
||||
let client_crypto = tls_config.get_client_tls_crypto_config();
|
||||
let mut endpoint = quinn::Endpoint::client("0.0.0.0:0".parse().unwrap())?;
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
use std::sync::atomic::{AtomicU32, Ordering};
|
||||
use rcgen::generate_simple_self_signed;
|
||||
use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
|
||||
use crate::tpu_quic_connection_utils::SkipServerVerification;
|
||||
use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
|
||||
|
||||
// TODO integrate with tpu_service + quic_connection_utils
|
||||
|
||||
pub trait TpuCLientTlsConfigProvider {
|
||||
|
||||
fn get_client_tls_crypto_config(&self) -> ClientConfig;
|
||||
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
use std::sync::atomic::{AtomicU32, Ordering};
|
||||
use rcgen::generate_simple_self_signed;
|
||||
use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
|
||||
use crate::tpu_quic_connection_utils::SkipServerVerification;
|
||||
use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
|
||||
|
||||
// TODO integrate with tpu_service + quic_connection_utils
|
||||
|
||||
pub trait ProxyTlsConfigProvider {
|
||||
|
||||
fn get_server_tls_crypto_config(&self) -> ServerConfig;
|
||||
|
||||
}
|
|
@ -3,26 +3,21 @@ use rcgen::generate_simple_self_signed;
|
|||
use rustls::{Certificate, ClientConfig, PrivateKey, ServerConfig};
|
||||
use crate::tpu_quic_connection_utils::SkipServerVerification;
|
||||
use crate::quic_util::ALPN_TPU_FORWARDPROXY_PROTOCOL_ID;
|
||||
|
||||
// TODO integrate with tpu_service + quic_connection_utils
|
||||
|
||||
pub trait ProxyTlsConfigProvider {
|
||||
|
||||
fn get_client_tls_crypto_config(&self) -> ClientConfig;
|
||||
fn get_server_tls_crypto_config(&self) -> ServerConfig;
|
||||
|
||||
}
|
||||
use crate::tls_config_provider_client::TpuCLientTlsConfigProvider;
|
||||
use crate::tls_config_provider_server::ProxyTlsConfigProvider;
|
||||
|
||||
impl ProxyTlsConfigProvider for SelfSignedTlsConfigProvider {
|
||||
fn get_client_tls_crypto_config(&self) -> ClientConfig {
|
||||
self.client_crypto.clone()
|
||||
}
|
||||
|
||||
fn get_server_tls_crypto_config(&self) -> ServerConfig {
|
||||
self.server_crypto.clone()
|
||||
}
|
||||
}
|
||||
|
||||
impl TpuCLientTlsConfigProvider for SelfSignedTlsConfigProvider {
|
||||
fn get_client_tls_crypto_config(&self) -> ClientConfig {
|
||||
self.client_crypto.clone()
|
||||
}
|
||||
}
|
||||
|
||||
pub struct SelfSignedTlsConfigProvider {
|
||||
hostnames: Vec<String>,
|
||||
certificate: Certificate,
|
||||
|
@ -85,3 +80,4 @@ impl SelfSignedTlsConfigProvider {
|
|||
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue