feat: Add Deno.dialTLS()

Co-authored-by: Bartek Iwańczuk <[email protected]>

Author: 2 people

Cargo.lock

@@ -56,6 +56,8 @@ tokio-rustls = "0.10.0"
 tokio-threadpool = "0.1.15"
 url = "1.7.2"
 utime = "0.2.1"
+webpki = "0.21.0"
+webpki-roots = "0.17.0"
 
 [target.'cfg(windows)'.dependencies]
 winapi = "0.3.8"

cli/Cargo.toml

@@ -20,6 +20,7 @@ mod random;
 mod repl;
 mod resources;
 mod timers;
+mod tls;
 mod workers;
 
 // Warning! These values are duplicated in the TypeScript code (js/dispatch.ts),
@@ -81,6 +82,7 @@ pub const OP_TRUNCATE: OpId = 54;
 pub const OP_MAKE_TEMP_DIR: OpId = 55;
 pub const OP_CWD: OpId = 56;
 pub const OP_FETCH_ASSET: OpId = 57;
+pub const OP_DIAL_TLS: OpId = 58;
 
 pub fn dispatch(
   state: &ThreadSafeState,
@@ -300,6 +302,9 @@ pub fn dispatch(
       control,
       zero_copy,
     ),
+    OP_DIAL_TLS => {
+      dispatch_json::dispatch(tls::op_dial_tls, state, control, zero_copy)
+    }
     _ => panic!("bad op_id"),
   };
 

cli/ops/mod.rs

@@ -0,0 +1,76 @@
+// Copyright 2018-2019 the Deno authors. All rights reserved. MIT license.
+use super::dispatch_json::{Deserialize, JsonOp, Value};
+use crate::resolve_addr::resolve_addr;
+use crate::resources;
+use crate::state::ThreadSafeState;
+use deno::*;
+use futures::Future;
+use std;
+use std::convert::From;
+use std::sync::Arc;
+use tokio;
+use tokio::net::TcpStream;
+use tokio_rustls::{rustls::ClientConfig, TlsConnector};
+use webpki;
+use webpki::DNSNameRef;
+use webpki_roots;
+
+#[derive(Deserialize)]
+struct DialTLSArgs {
+  hostname: String,
+  port: u16,
+}
+
+pub fn op_dial_tls(
+  state: &ThreadSafeState,
+  args: Value,
+  _zero_copy: Option<PinnedBuf>,
+) -> Result<JsonOp, ErrBox> {
+  let args: DialTLSArgs = serde_json::from_value(args)?;
+
+  // TODO(ry) Using format! is suboptimal here. Better would be if
+  // state.check_net and resolve_addr() took hostname and port directly.
+  let address = format!("{}:{}", args.hostname, args.port);
+
+  state.check_net(&address)?;
+
+  let mut domain = args.hostname;
+  if domain.is_empty() {
+    domain.push_str("localhost");
+  }
+
+  let op = resolve_addr(&address).and_then(move |addr| {
+    TcpStream::connect(&addr)
+      .and_then(move |tcp_stream| {
+        let local_addr = tcp_stream.local_addr()?;
+        let remote_addr = tcp_stream.peer_addr()?;
+        let mut config = ClientConfig::new();
+        config
+          .root_store
+          .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
+
+        let tls_connector = TlsConnector::from(Arc::new(config));
+        Ok((tls_connector, tcp_stream, local_addr, remote_addr))
+      })
+      .map_err(ErrBox::from)
+      .and_then(
+        move |(tls_connector, tcp_stream, local_addr, remote_addr)| {
+          let dnsname = DNSNameRef::try_from_ascii_str(&domain)
+            .expect("Invalid DNS lookup");
+          tls_connector
+            .connect(dnsname, tcp_stream)
+            .map_err(ErrBox::from)
+            .and_then(move |tls_stream| {
+              let tls_stream_resource = resources::add_tls_stream(tls_stream);
+              futures::future::ok(json!({
+                "rid": tls_stream_resource.rid,
+                "localAddr": local_addr.to_string(),
+                "remoteAddr": remote_addr.to_string(),
+              }))
+            })
+        },
+      )
+  });
+
+  Ok(JsonOp::Async(Box::new(op)))
+}