feat: Remove the FFI stuff and hopefully allow directTLS

This commit is contained in:
PapaTutuWawa 2022-11-08 14:22:12 +01:00
parent 3414e2ca2e
commit d00d0e35b0
12 changed files with 76 additions and 509 deletions

View File

@ -30,13 +30,7 @@
useGoogleTVAddOns = false;
};
pinnedJDK = pkgs.jdk;
mbedsock = pkgs.callPackage ./packages/mbedsock.nix {};
in {
packages = {
inherit mbedsock;
};
devShell = pkgs.mkShell {
buildInputs = with pkgs; [
flutter pinnedJDK android.platform-tools dart # Flutter/Android
@ -59,13 +53,10 @@
pkg-config
xorg.libX11
xorg.xorgproto
# moxxmpp_socket
mbedtls
];
CPATH = "${pkgs.xorg.libX11.dev}/include:${pkgs.xorg.xorgproto}/include";
LD_LIBRARY_PATH = with pkgs; lib.makeLibraryPath [ atk cairo epoxy gdk-pixbuf glib gtk3 harfbuzz pango mbedtls mbedsock ];
LD_LIBRARY_PATH = with pkgs; lib.makeLibraryPath [ atk cairo epoxy gdk-pixbuf glib gtk3 harfbuzz pango ];
ANDROID_HOME = (toString ./.) + "/.android/sdk";
JAVA_HOME = pinnedJDK;

View File

@ -3,7 +3,7 @@ project(mbedsock VERSION 1.0.0 LANGUAGES C)
add_library(mbedsock SHARED mbedsock.c mbedsock.h mbedsock.def)
target_include_directories(mbedsock PUBLIC ${MBEDTLS_ROOT_DIR}/include)
target_link_libraries(mbedsock mbedtls mbedx509 mbedcrypto)
target_link_libraries(mbedsock mbedtls mbedx509 mbedcrypto pthread)
link_directories(${MBEDTLS_ROOT_DIR}/lib)
set_target_properties(mbedsock PROPERTIES

View File

@ -35,7 +35,7 @@ int mbedsock_ctx_new(struct mbedsock_ctx *ctx, const char *capath) {
if((ret = mbedtls_x509_crt_parse_path(&ctx->chain, capath)) < 0 )
return ret;
return 0;
}
@ -58,6 +58,7 @@ int mbedsock_new(struct mbedsock_ctx *ctx, struct mbedsock *sock) {
return ret;
sock->secure = false;
sock->read_cb = NULL;
return 0;
}
@ -186,3 +187,54 @@ int mbedsock_read(struct mbedsock *sock, unsigned char *buf, int len) {
bool mbedsock_is_secure(struct mbedsock *sock) {
return sock->secure;
}
void mbedsock_set_read_cb(struct mbedsock *sock, void (*read_cb)(int)) {
sock->read_cb = read_cb;
}
struct mbedsock_thread_data {
struct mbedsock *sock;
unsigned char *buf;
int len;
};
void _mbedsock_read_loop(void *args) {
struct mbedsock_thread_data *data = (struct mbedsock_thread_data *) args;
struct mbedsock *sock = data->sock;
unsigned char *buf = data->buf;
int len = data->len;
int result = 1;
printf("args2: %p\n", args);
printf("bufptr2: %p\n", buf);
printf("len: %d\n", len);
free(data);
while (true) {
result = mbedsock_read(sock, buf, len);
sock->read_cb(result);
if (result <= 0)
break;
}
pthread_exit(NULL);
}
int mbedsock_run_read_loop(struct mbedsock *sock, unsigned char *buf, int len) {
if (sock->read_cb == NULL)
return -1;
sock->read_cb(42);
struct mbedsock_thread_data *data = malloc(sizeof(struct mbedsock_thread_data));
data->sock = sock;
data->buf = buf;
data->len = len;
printf("bufptr: %p\n", buf);
printf("args: %p\n", &data);
pthread_create(&sock->thread, NULL, &_mbedsock_read_loop, (void *) data);
return 0;
}

View File

@ -7,6 +7,7 @@
#include "mbedtls/ctr_drbg.h"
#include <stdbool.h>
#include <pthread.h>
#define SSL_PERS "moxxmpp_socket"
#define SSL_PERS_LEN sizeof(SSL_PERS)/sizeof(char)
@ -29,6 +30,12 @@ struct mbedsock {
mbedtls_ssl_config conf;
mbedtls_net_context server_fd;
// The thread the socket runs in
pthread_t thread;
// The callback function when the read loop is running
void (*read_cb)(int);
// Indicates whether the socket is secured using TLS (true) or not (false).
bool secure;
};
@ -106,4 +113,8 @@ int mbedsock_read(struct mbedsock *sock, unsigned char *buf, int len);
bool mbedsock_is_secure(struct mbedsock *sock);
void mbedsock_set_read_cb(struct mbedsock *sock, void (*read_cb)(int));
int mbedsock_run_read_loop(struct mbedsock *sock, unsigned char *buf, int len);
#endif // __MBEDSOCK_H__

View File

@ -1,5 +1,4 @@
# This is a generated file; do not edit or check into version control.
integration_test=/nix/store/8gcfk0g1lg8gccd9kv3rzj910w9pz1kj-flutter-3.3.3-unwrapped/packages/integration_test/
moxdns=/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns-0.1.4/
moxdns_android=/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_android-0.1.4/
moxdns_linux=/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_linux-0.1.4/

View File

@ -1 +1 @@
{"info":"This is a generated file; do not edit or check into version control.","plugins":{"ios":[{"name":"integration_test","path":"/nix/store/8gcfk0g1lg8gccd9kv3rzj910w9pz1kj-flutter-3.3.3-unwrapped/packages/integration_test/","native_build":true,"dependencies":[]}],"android":[{"name":"integration_test","path":"/nix/store/8gcfk0g1lg8gccd9kv3rzj910w9pz1kj-flutter-3.3.3-unwrapped/packages/integration_test/","native_build":true,"dependencies":[]},{"name":"moxdns_android","path":"/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_android-0.1.4/","native_build":true,"dependencies":[]}],"macos":[],"linux":[{"name":"moxdns_linux","path":"/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_linux-0.1.4/","native_build":true,"dependencies":[]}],"windows":[],"web":[]},"dependencyGraph":[{"name":"integration_test","dependencies":[]},{"name":"moxdns","dependencies":["moxdns_android","moxdns_linux"]},{"name":"moxdns_android","dependencies":["moxdns"]},{"name":"moxdns_linux","dependencies":["moxdns"]}],"date_created":"2022-11-08 12:16:15.896518","version":"3.3.3"}
{"info":"This is a generated file; do not edit or check into version control.","plugins":{"ios":[],"android":[{"name":"moxdns_android","path":"/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_android-0.1.4/","native_build":true,"dependencies":[]}],"macos":[],"linux":[{"name":"moxdns_linux","path":"/home/alexander/.pub-cache/hosted/git.polynom.me%47api%47packages%47Moxxy%47pub%47/moxdns_linux-0.1.4/","native_build":true,"dependencies":[]}],"windows":[],"web":[]},"dependencyGraph":[{"name":"moxdns","dependencies":["moxdns_android","moxdns_linux"]},{"name":"moxdns_android","dependencies":["moxdns"]},{"name":"moxdns_linux","dependencies":["moxdns"]}],"date_created":"2022-11-08 14:21:52.966343","version":"3.3.3"}

View File

@ -1,49 +0,0 @@
import 'dart:convert';
import 'dart:io';
import 'dart:typed_data';
import 'package:moxxmpp_socket/src/ssl.dart';
void main(List<String> argv) async {
if (argv.length < 2) {
print('Usage: test_wrong_host.dart server-addr host-name');
exit(1);
}
final server = argv[0];
final hostname = argv[1];
final port = argv.length == 3 ? argv[2] : '5223';
final ctx = MbedSockCtx('/etc/ssl/certs/');
final sock = MbedSock(ctx);
print('Connecting to $server:$port while indicating $hostname...');
final done = sock.connectSecure(
server,
port,
alpn: 'xmpp-client',
hostname: hostname,
);
print('Success? $done');
print('Secure? ${sock.isSecure()}');
final write = sock.write(
"<?xml version='1.0'?><stream:stream to='$hostname' version='1.0' xml:lang='en' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'>"
);
print('Write: $write');
Uint8List? read = Uint8List(0);
do {
read = sock.read();
if (read != null) {
final str = utf8.decode(read);
print('Read: $str');
} else {
print('Read: Null');
}
} while (read != null);
sock.free();
ctx.free();
print('OKAY');
}

View File

@ -1,293 +0,0 @@
// AUTO GENERATED FILE, DO NOT EDIT.
//
// Generated by `package:ffigen`.
import 'dart:ffi' as ffi;
class NativeLibrary {
/// Holds the symbol lookup function.
final ffi.Pointer<T> Function<T extends ffi.NativeType>(String symbolName)
_lookup;
/// The symbols are looked up in [dynamicLibrary].
NativeLibrary(ffi.DynamicLibrary dynamicLibrary)
: _lookup = dynamicLibrary.lookup;
/// The symbols are looked up with [lookup].
NativeLibrary.fromLookup(
ffi.Pointer<T> Function<T extends ffi.NativeType>(String symbolName)
lookup)
: _lookup = lookup;
int mbedsock_ctx_new(
ffi.Pointer<mbedsock_ctx> ctx,
ffi.Pointer<ffi.Int8> capath,
) {
return _mbedsock_ctx_new(
ctx,
capath,
);
}
late final _mbedsock_ctx_newPtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock_ctx>,
ffi.Pointer<ffi.Int8>)>>('mbedsock_ctx_new');
late final _mbedsock_ctx_new = _mbedsock_ctx_newPtr.asFunction<
int Function(ffi.Pointer<mbedsock_ctx>, ffi.Pointer<ffi.Int8>)>();
ffi.Pointer<mbedsock_ctx> mbedsock_ctx_new_ex(
ffi.Pointer<ffi.Int8> capath,
) {
return _mbedsock_ctx_new_ex(
capath,
);
}
late final _mbedsock_ctx_new_exPtr = _lookup<
ffi.NativeFunction<
ffi.Pointer<mbedsock_ctx> Function(
ffi.Pointer<ffi.Int8>)>>('mbedsock_ctx_new_ex');
late final _mbedsock_ctx_new_ex = _mbedsock_ctx_new_exPtr
.asFunction<ffi.Pointer<mbedsock_ctx> Function(ffi.Pointer<ffi.Int8>)>();
int mbedsock_new(
ffi.Pointer<mbedsock_ctx> ctx,
ffi.Pointer<mbedsock> sock,
) {
return _mbedsock_new(
ctx,
sock,
);
}
late final _mbedsock_newPtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock_ctx>,
ffi.Pointer<mbedsock>)>>('mbedsock_new');
late final _mbedsock_new = _mbedsock_newPtr.asFunction<
int Function(ffi.Pointer<mbedsock_ctx>, ffi.Pointer<mbedsock>)>();
ffi.Pointer<mbedsock> mbedsock_new_ex(
ffi.Pointer<mbedsock_ctx> ctx,
) {
return _mbedsock_new_ex(
ctx,
);
}
late final _mbedsock_new_exPtr = _lookup<
ffi.NativeFunction<
ffi.Pointer<mbedsock> Function(
ffi.Pointer<mbedsock_ctx>)>>('mbedsock_new_ex');
late final _mbedsock_new_ex = _mbedsock_new_exPtr
.asFunction<ffi.Pointer<mbedsock> Function(ffi.Pointer<mbedsock_ctx>)>();
void mbedsock_free(
ffi.Pointer<mbedsock> sock,
) {
return _mbedsock_free(
sock,
);
}
late final _mbedsock_freePtr =
_lookup<ffi.NativeFunction<ffi.Void Function(ffi.Pointer<mbedsock>)>>(
'mbedsock_free');
late final _mbedsock_free =
_mbedsock_freePtr.asFunction<void Function(ffi.Pointer<mbedsock>)>();
void mbedsock_free_ex(
ffi.Pointer<mbedsock> sock,
) {
return _mbedsock_free_ex(
sock,
);
}
late final _mbedsock_free_exPtr =
_lookup<ffi.NativeFunction<ffi.Void Function(ffi.Pointer<mbedsock>)>>(
'mbedsock_free_ex');
late final _mbedsock_free_ex =
_mbedsock_free_exPtr.asFunction<void Function(ffi.Pointer<mbedsock>)>();
void mbedsock_ctx_free(
ffi.Pointer<mbedsock_ctx> ctx,
) {
return _mbedsock_ctx_free(
ctx,
);
}
late final _mbedsock_ctx_freePtr =
_lookup<ffi.NativeFunction<ffi.Void Function(ffi.Pointer<mbedsock_ctx>)>>(
'mbedsock_ctx_free');
late final _mbedsock_ctx_free = _mbedsock_ctx_freePtr
.asFunction<void Function(ffi.Pointer<mbedsock_ctx>)>();
void mbedsock_ctx_free_ex(
ffi.Pointer<mbedsock_ctx> ctx,
) {
return _mbedsock_ctx_free_ex(
ctx,
);
}
late final _mbedsock_ctx_free_exPtr =
_lookup<ffi.NativeFunction<ffi.Void Function(ffi.Pointer<mbedsock_ctx>)>>(
'mbedsock_ctx_free_ex');
late final _mbedsock_ctx_free_ex = _mbedsock_ctx_free_exPtr
.asFunction<void Function(ffi.Pointer<mbedsock_ctx>)>();
int mbedsock_do_handshake(
ffi.Pointer<mbedsock> sock,
ffi.Pointer<ffi.Int8> alpn,
ffi.Pointer<ffi.Int8> sni,
) {
return _mbedsock_do_handshake(
sock,
alpn,
sni,
);
}
late final _mbedsock_do_handshakePtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>>('mbedsock_do_handshake');
late final _mbedsock_do_handshake = _mbedsock_do_handshakePtr.asFunction<
int Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>();
int mbedsock_connect_secure(
ffi.Pointer<mbedsock> sock,
ffi.Pointer<ffi.Int8> host,
ffi.Pointer<ffi.Int8> port,
ffi.Pointer<ffi.Int8> alpn,
ffi.Pointer<ffi.Int8> sni,
) {
return _mbedsock_connect_secure(
sock,
host,
port,
alpn,
sni,
);
}
late final _mbedsock_connect_securePtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(
ffi.Pointer<mbedsock>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>>('mbedsock_connect_secure');
late final _mbedsock_connect_secure = _mbedsock_connect_securePtr.asFunction<
int Function(
ffi.Pointer<mbedsock>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>();
int mbedsock_connect(
ffi.Pointer<mbedsock> sock,
ffi.Pointer<ffi.Int8> host,
ffi.Pointer<ffi.Int8> port,
) {
return _mbedsock_connect(
sock,
host,
port,
);
}
late final _mbedsock_connectPtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>>('mbedsock_connect');
late final _mbedsock_connect = _mbedsock_connectPtr.asFunction<
int Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Int8>,
ffi.Pointer<ffi.Int8>)>();
int mbedsock_write(
ffi.Pointer<mbedsock> sock,
ffi.Pointer<ffi.Uint8> data,
int len,
) {
return _mbedsock_write(
sock,
data,
len,
);
}
late final _mbedsock_writePtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Uint8>,
ffi.Int32)>>('mbedsock_write');
late final _mbedsock_write = _mbedsock_writePtr.asFunction<
int Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Uint8>, int)>();
int mbedsock_read(
ffi.Pointer<mbedsock> sock,
ffi.Pointer<ffi.Uint8> buf,
int len,
) {
return _mbedsock_read(
sock,
buf,
len,
);
}
late final _mbedsock_readPtr = _lookup<
ffi.NativeFunction<
ffi.Int32 Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Uint8>,
ffi.Int32)>>('mbedsock_read');
late final _mbedsock_read = _mbedsock_readPtr.asFunction<
int Function(ffi.Pointer<mbedsock>, ffi.Pointer<ffi.Uint8>, int)>();
int mbedsock_is_secure(
ffi.Pointer<mbedsock> sock,
) {
return _mbedsock_is_secure(
sock,
);
}
late final _mbedsock_is_securePtr =
_lookup<ffi.NativeFunction<ffi.Int32 Function(ffi.Pointer<mbedsock>)>>(
'mbedsock_is_secure');
late final _mbedsock_is_secure =
_mbedsock_is_securePtr.asFunction<int Function(ffi.Pointer<mbedsock>)>();
}
class mbedsock_ctx extends ffi.Struct {
@ffi.Int32()
external int entropy;
@ffi.Int32()
external int ctr_drbg;
@ffi.Int32()
external int chain;
}
class mbedsock extends ffi.Struct {
@ffi.Int32()
external int ssl;
@ffi.Int32()
external int conf;
@ffi.Int32()
external int server_fd;
@ffi.Int32()
external int secure;
}
const String SSL_PERS = 'moxxmpp_socket';
const int SSL_PERS_LEN = 15;

View File

@ -59,10 +59,18 @@ class TCPSocketWrapper extends BaseSocketWrapper {
try {
_log.finest('Attempting secure connection to ${srv.target}:${srv.port}...');
_ignoreSocketClosure = true;
_socket = await SecureSocket.connect(
// Workaround: We cannot set the SNI directly when using SecureSocket.connect.
// instead, we connect using a regular socket and then secure it. This allows
// us to set the SNI to whatever we want.
final sock = await Socket.connect(
srv.target,
srv.port,
timeout: const Duration(seconds: 5),
);
_socket = await SecureSocket.secure(
sock,
host: domain,
supportedProtocols: const [ xmppClientALPNId ],
onBadCertificate: (cert) => _onBadCertificate(cert, domain),
);

View File

@ -1,124 +0,0 @@
import 'dart:convert';
import 'dart:ffi';
import 'dart:io';
import 'dart:typed_data';
import 'package:ffi/ffi.dart';
import 'package:path/path.dart' as path;
import 'package:moxxmpp_socket/src/generated/ffi.dart' as libmbedsock;
//final libPath = path.join(Directory.current.path, 'libmbedsock.so');
final lib = libmbedsock.NativeLibrary(DynamicLibrary.open('libmbedsock.so'));
class MbedSockCtx {
late Pointer<libmbedsock.mbedsock_ctx> _ctxPtr;
MbedSockCtx(String caPath) {
final caPathNative = caPath.toNativeUtf8();
_ctxPtr = lib.mbedsock_ctx_new_ex(caPathNative.cast());
malloc.free(caPathNative);
}
void free() {
lib.mbedsock_ctx_free_ex(_ctxPtr);
}
Pointer<libmbedsock.mbedsock_ctx> get ctx => _ctxPtr;
}
class MbedSock {
late Pointer<libmbedsock.mbedsock> _sock;
late Pointer<Uint8> _readBuf;
late Pointer<Uint8> _writeBuf;
MbedSock(MbedSockCtx ctx) {
_sock = lib.mbedsock_new_ex(ctx.ctx);
_readBuf = malloc.call<Uint8>(2048);
_writeBuf = malloc.call<Uint8>(2048);
}
bool connect(String host, int port) {
final nativeHost = host.toNativeUtf8();
final nativePort = port.toString().toNativeUtf8();
final ret = lib.mbedsock_connect(_sock, nativeHost.cast(), nativePort.cast());
malloc
..free(nativeHost)
..free(nativePort);
return ret == 0;
}
bool connectSecure(String host, String port, {String? alpn, String? hostname}) {
final nativeHost = host.toNativeUtf8();
final nativePort = port.toNativeUtf8();
final nativeAlpn = alpn != null ? alpn.toNativeUtf8() : nullptr;
final nativeHostname = hostname != null ? hostname.toNativeUtf8() : nullptr;
final ret = lib.mbedsock_connect_secure(
_sock,
nativeHost.cast(),
nativePort.cast(),
nativeAlpn.cast(),
nativeHostname.cast(),
);
malloc
..free(nativeHost)
..free(nativePort);
if (alpn != null) {
malloc.free(nativeAlpn);
}
if (hostname != null) {
malloc.free(nativeHostname);
}
print(ret);
return ret == 0;
}
bool isSecure() {
return lib.mbedsock_is_secure(_sock) == 1;
}
int write(String data) {
final rawData = utf8.encode(data);
// TODO: Buffer the write
assert(rawData.length <= 2048);
_writeBuf.asTypedList(2048).setAll(0, rawData);
return lib.mbedsock_write(
_sock,
_writeBuf,
rawData.length,
);
}
Uint8List? read() {
final result = lib.mbedsock_read(
_sock,
_readBuf,
2048,
);
// TODO: Buffer the read
assert(result <= 2048);
if (result < 0) {
print('Socket error');
return null;
} else if (result == 0) {
print('Socket closed');
return null;
} else {
return _readBuf.asTypedList(result) as Uint8List;
}
}
void free() {
lib.mbedsock_free_ex(_sock);
malloc.free(_readBuf);
malloc.free(_writeBuf);
}
}

View File

@ -9,7 +9,6 @@ environment:
flutter: '>=2.13.0-0.1'
dependencies:
ffi:
logging: 1.0.2
moxdns:
hosted: https://git.polynom.me/api/packages/Moxxy/pub
@ -17,20 +16,8 @@ dependencies:
moxxmpp:
hosted: https://git.polynom.me/api/packages/Moxxy/pub
version: 0.1.0
path: 1.8.2
dev_dependencies:
integration_test:
sdk: flutter
ffigen: ^4.1.2
lints: ^2.0.0
test: ^1.16.0
very_good_analysis: ^3.0.1
ffigen:
output: 'lib/src/generated/ffi.dart'
llvm-path:
- '/nix/store/zq6966rjlmmwjym4jlnymjwwgjhcgryz-clang-11.1.0-lib'
headers:
entry-points:
- ../mbedsock/mbedsock.h

View File

@ -1,15 +0,0 @@
{
stdenv, cmake, pkg-config
, mbedtls
}:
stdenv.mkDerivation {
pname = "mbedsock";
version = "0.1.1";
src = ./mbedsock;
cmakeFlags = [ "-DMBEDTLS_ROOT_DIR=${mbedtls}" ];
buildInputs = [ cmake mbedtls pkg-config ];
}