spacebar/rust-nex
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages 50 Wiki Activity Actions

feat: a lot of things(i lost track)

Browse source
This commit is contained in:
DJMrTV 2025-06-29 11:40:42 +02:00
commit 98193a58d8
42 changed files with 1207 additions and 366 deletions
Download patch file Download diff file Expand all files Collapse all files

28
src/executables/backend_server_insecure.rs
View file

@ -23,9 +23,11 @@ use tokio::net::{TcpListener, TcpSocket};
use tokio::task;
use tokio_rustls::TlsAcceptor;
use rust_nex::define_rmc_proto;
use rust_nex::executables::common::{OWN_IP_PRIVATE, SECURE_SERVER_ACCOUNT, SERVER_PORT};
use rust_nex::executables::common::{RemoteController, OWN_IP_PRIVATE, SECURE_SERVER_ACCOUNT, SERVER_PORT};
use rust_nex::executables::common::ServerCluster::{Auth, Secure};
use rust_nex::executables::common::ServerType::Backend;
use rust_nex::nex::auth_handler::AuthHandler;
use rust_nex::rmc::protocols::new_rmc_gateway_connection;
use rust_nex::rmc::protocols::{new_rmc_gateway_connection, OnlyRemote};
use rust_nex::rmc::response::ErrorCode;
use rust_nex::rmc::structures::RmcSerialize;
use rust_nex::rnex_proxy_common::ConnectionInitData;
@ -44,17 +46,21 @@ pub static SECURE_PROXY_PORT: Lazy<u16> = Lazy::new(|| {
.unwrap_or(10000)
});
static SECURE_STATION_URL: Lazy<String> = Lazy::new(|| {
format!(
"prudps:/PID=2;sid=1;stream=10;type=2;address={};port={};CID=1",
*SECURE_PROXY_ADDR, *SECURE_PROXY_PORT
)
});
#[tokio::main]
async fn main() {
setup();
let conn = rust_nex::reggie::rmc_connect_to(
"agmp-control.spfn.net",
Backend{
name: "agmp-auth-1.spfn.net".to_string(),
cluster: Auth
},
|r| Arc::new(OnlyRemote::<RemoteController>::new(r))
).await;
let conn = conn.unwrap();
let acceptor = get_configured_tls_acceptor().await;
let listen = TcpListener::bind(SocketAddrV4::new(*OWN_IP_PRIVATE, *SERVER_PORT)).await.unwrap();
@ -84,14 +90,14 @@ async fn main() {
continue;
}
};
let controller = conn.clone();
task::spawn(async move {
info!("connection to secure backend established");
new_rmc_gateway_connection(stream.into(), |_| {
Arc::new(AuthHandler {
destination_server_acct: &SECURE_SERVER_ACCOUNT,
build_name: "branch:origin/project/wup-agmj build:3_8_15_2004_0",
station_url: &SECURE_STATION_URL,
control_server: controller
})
});
});

16
src/executables/backend_server_secure.rs
View file

@ -8,12 +8,14 @@ use log::{error, info};
use tokio::net::TcpListener;
use tokio::task;
use rust_nex::common::setup;
use rust_nex::executables::common::{OWN_IP_PRIVATE, SERVER_PORT};
use rust_nex::executables::common::{RemoteController, RemoteControllerManagement, OWN_IP_PRIVATE, SERVER_PORT};
use rust_nex::executables::common::ServerCluster::Secure;
use rust_nex::executables::common::ServerType::Backend;
use rust_nex::nex::matchmake::MatchmakeManager;
use rust_nex::nex::remote_console::RemoteConsole;
use rust_nex::nex::user::User;
use rust_nex::reggie::get_configured_tls_acceptor;
use rust_nex::rmc::protocols::new_rmc_gateway_connection;
use rust_nex::rmc::protocols::{new_rmc_gateway_connection, OnlyRemote};
use rust_nex::rnex_proxy_common::ConnectionInitData;
use rust_nex::rmc::protocols::RemoteInstantiatable;
@ -22,6 +24,16 @@ use rust_nex::rmc::protocols::RemoteInstantiatable;
async fn main() {
setup();
let conn = rust_nex::reggie::rmc_connect_to(
"agmp-control.spfn.net",
Backend{
name: "agmp-secure-1.spfn.net".to_string(),
cluster: Secure
},
|r| Arc::new(OnlyRemote::<RemoteController>::new(r))
).await;
let conn = conn.unwrap();
let acceptor = get_configured_tls_acceptor().await;
let listen = TcpListener::bind(SocketAddrV4::new(*OWN_IP_PRIVATE, *SERVER_PORT)).await.unwrap();

63
src/executables/common.rs
View file

@ -1,7 +1,12 @@
use std::env;
use std::net::Ipv4Addr;
use std::net::{Ipv4Addr, SocketAddrV4};
use macros::{method_id, rmc_proto, RmcSerialize};
use once_cell::sync::Lazy;
use tonic::transport::Server;
use rust_nex::define_rmc_proto;
use rust_nex::prudp::station_url::StationUrl;
use crate::nex::account::Account;
use crate::rmc::response::ErrorCode;
pub static OWN_IP_PRIVATE: Lazy<Ipv4Addr> = Lazy::new(|| {
env::var("SERVER_IP")
@ -10,6 +15,13 @@ pub static OWN_IP_PRIVATE: Lazy<Ipv4Addr> = Lazy::new(|| {
.expect("no private ip specified")
});
pub static OWN_IP_PUBLIC: Lazy<Ipv4Addr> = Lazy::new(|| {
env::var("SERVER_IP_PUBLIC")
.ok()
.and_then(|s| s.parse().ok())
.expect("no private ip specified")
});
pub static SERVER_PORT: Lazy<u16> = Lazy::new(|| {
env::var("SERVER_PORT")
.ok()
@ -27,3 +39,52 @@ pub static AUTH_SERVER_ACCOUNT: Lazy<Account> =
Lazy::new(|| Account::new(1, "Quazal Authentication", &KERBEROS_SERVER_PASSWORD));
pub static SECURE_SERVER_ACCOUNT: Lazy<Account> =
Lazy::new(|| Account::new(2, "Quazal Rendez-Vous", &KERBEROS_SERVER_PASSWORD));
#[rmc_proto(1)]
pub trait ProxyManagement {
#[method_id(1)]
async fn update_url(&self, url: String) -> Result<(), ErrorCode>;
}
define_rmc_proto!(
proto Proxy{
ProxyManagement
}
);
#[rmc_proto(2)]
pub trait ControllerManagement {
#[method_id(1)]
async fn get_secure_proxy_url(&self) -> Result<String, ErrorCode>;
#[method_id(2)]
async fn get_secure_account(&self) -> Result<Account, ErrorCode>;
}
define_rmc_proto!(
proto Controller{
ControllerManagement
}
);
#[derive(RmcSerialize)]
#[repr(u32)]
pub enum ServerCluster{
Auth = 0,
Secure = 1
}
#[derive(RmcSerialize)]
#[repr(u32)]
pub enum ServerType{
Proxy{
addr: SocketAddrV4,
cluster: ServerCluster
} = 1,
Backend{
name: String,
cluster: ServerCluster
} = 2,
}

209
src/executables/control_server.rs Normal file
View file

@ -0,0 +1,209 @@
use std::future::Future;
use rust_nex::rmc::protocols::{LocalNoProto, RmcCallable};
use rust_nex::rmc::structures::RmcSerialize;
use std::io::Cursor;
use std::net::{Ipv4Addr, SocketAddrV4};
use macros::rmc_struct;
use rust_nex::common::setup;
use rust_nex::executables::common::{ControllerManagement, LocalController, RemoteProxy, RemoteProxyManagement, ServerCluster, ServerType, KERBEROS_SERVER_PASSWORD};
use rust_nex::prudp::station_url::StationUrl;
use rust_nex::reggie::{get_configured_tls_acceptor, TestStruct, WebStreamSocket};
use rust_nex::rmc::protocols::{new_rmc_gateway_connection, OnlyRemote};
use rust_nex::rmc::response::ErrorCode;
use rust_nex::reggie::UnitPacketRead;
use std::sync::{Arc, Weak};
use log::error;
use once_cell::sync::Lazy;
use rand::random;
use tokio::net::TcpListener;
use tokio::sync::RwLock;
use tokio::task;
use tungstenite::client;
use rust_nex::nex::account::Account;
use rust_nex::rmc::response::ErrorCode::{Core_Exception, Core_InvalidIndex};
use rust_nex::rmc::protocols::RemoteInstantiatable;
use rust_nex::util::SendingBufferConnection;
pub static AUTH_SERVER_ACCOUNT: Lazy<Account> =
Lazy::new(|| Account::new(1, "Quazal Authentication", &KERBEROS_SERVER_PASSWORD));
pub static SECURE_SERVER_ACCOUNT: Lazy<Account> =
Lazy::new(|| Account::new(2, "Quazal Rendez-Vous", &KERBEROS_SERVER_PASSWORD));
#[rmc_struct(Controller)]
struct ServerController {
insecure_proxies: RwLock<Vec<Weak<Proxy>>>,
insecure_backend_url: RwLock<String>,
secure_proxies: RwLock<Vec<Weak<Proxy>>>,
secure_backend_url: RwLock<String>,
account: Account
}
impl ServerController{
async fn update_urls(&self, cluster: ServerCluster){
let url = match cluster{
ServerCluster::Auth => {
self.insecure_backend_url.read().await
}
ServerCluster::Secure => {
self.secure_backend_url.read().await
}
}.clone();
let read_lock = match cluster{
ServerCluster::Auth => {
self.insecure_proxies.read().await
}
ServerCluster::Secure => {
self.secure_proxies.read().await
}
};
for proxy in read_lock.iter().filter_map(|v| v.upgrade()){
if let Err(e) = proxy.proxy.update_url(url.clone()).await {
error!("error whilest updating proxy url: {:?}", e);
}
}
}
}
struct Proxy{
proxy: RemoteProxy,
ip: SocketAddrV4,
controller: Arc<ServerController>
}
impl RmcCallable for Proxy{
fn rmc_call(&self, responder: &SendingBufferConnection, protocol_id: u16, method_id: u32, call_id: u32, rest: Vec<u8>) -> impl Future<Output=()> + Send {
self.controller.rmc_call(responder, protocol_id, method_id, call_id, rest)
}
}
impl ControllerManagement for ServerController {
async fn get_secure_proxy_url(&self) -> Result<String, ErrorCode> {
let proxy = self.secure_proxies.write().await;
let proxies = proxy.iter().filter_map(|v| v.upgrade());
let idx: usize = random::<usize>() % proxy.len();
// do not switch this to using regular array indexing i specifically wrote it like this as
// to have absolutely now way of panicking, we cant have the control server panicking after
// all
let Some(proxy) = proxies.clone().nth(idx).or_else(|| proxies.clone().nth(0)) else {
return Err(Core_InvalidIndex);
};
let station_url = format!(
"prudps:/PID=2;sid=1;stream=10;type=2;address={};port={};CID=1",
proxy.ip.ip(), proxy.ip.port()
);
Ok(station_url)
}
async fn get_secure_account(&self) -> Result<Account, ErrorCode> {
Ok(self.account.clone())
}
}
#[tokio::main]
async fn main() {
setup();
let socket = TcpListener::bind("0.0.0.0:10003").await.unwrap();
let acceptor = get_configured_tls_acceptor().await;
let server_controller = Arc::new(ServerController {
account: SECURE_SERVER_ACCOUNT.clone(),
secure_proxies: Default::default(),
secure_backend_url: Default::default(),
insecure_backend_url: Default::default(),
insecure_proxies: Default::default(),
});
while let Ok((stream, _sock_addr)) = socket.accept().await {
let websocket = tokio_tungstenite::accept_async(stream).await.unwrap();
let stream = WebStreamSocket::new(websocket);
let mut stream = acceptor.accept(stream).await.unwrap();
let server_controller = server_controller.clone();
tokio::spawn(async move {
let server_controller = server_controller;
let Ok(server_type) = stream.read_buffer().await else {
error!("failed to read server type");
return;
};
let Ok(server_type) = ServerType::deserialize(&mut Cursor::new(server_type)) else {
error!("failed to read server type");
return;
};
match server_type {
ServerType::Proxy{
addr,
cluster
} => {
let mut write_lock = match cluster{
ServerCluster::Auth => {
server_controller.insecure_proxies.write().await
}
ServerCluster::Secure => {
server_controller.secure_proxies.write().await
}
};
let server_controller_internal = server_controller.clone();
let remo = new_rmc_gateway_connection(stream.into(), move |r|
Arc::new(Proxy {
proxy: RemoteProxy::new(r),
ip: addr,
controller: server_controller_internal
}));
write_lock.push(Arc::downgrade(&remo));
let url = match cluster{
ServerCluster::Auth => {
server_controller.insecure_backend_url.read().await
}
ServerCluster::Secure => {
server_controller.secure_backend_url.read().await
}
}.clone();
if let Err(e) = remo.proxy.update_url(url.clone()).await {
error!("error whilest updating proxy url: {:?}", e);
}
}
ServerType::Backend{
name,
cluster
} => {
let mut url = match cluster{
ServerCluster::Auth => {
server_controller.insecure_backend_url.write().await
}
ServerCluster::Secure => {
server_controller.secure_backend_url.write().await
}
};
*url = name;
drop(url);
server_controller.update_urls(cluster).await;
new_rmc_gateway_connection(stream.into(), |_| server_controller);
}
}
});
}
}

68
src/executables/proxy_insecure.rs
View file

@ -1,13 +1,17 @@
use rust_nex::executables::common::{LocalProxy, ProxyManagement, RemoteController, OWN_IP_PUBLIC};
use std::env;
use std::ffi::CStr;
use std::io::{Read, Write};
use std::net::{Ipv4Addr, SocketAddrV4, TcpListener, TcpStream};
use std::sync::{Arc, OnceLock};
use std::time::Duration;
use bytemuck::{Pod, Zeroable};
use chacha20::{ChaCha20, Key};
use chacha20::cipher::{Iv, KeyIvInit, StreamCipher};
use log::error;
use log::{error, warn};
use macros::rmc_struct;
use once_cell::sync::Lazy;
use rsa::pkcs8::{DecodePrivateKey, DecodePublicKey, Document};
use rsa::{BigUint, Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey};
@ -16,13 +20,20 @@ use rsa::pss::BlindedSigningKey;
use rsa::signature::{RandomizedSigner, SignatureEncoding};
use sha2::Sha256;
use tokio::net::TcpSocket;
use tokio::sync::RwLock;
use tokio::task;
use tokio::time::sleep;
use rust_nex::common::setup;
use rust_nex::executables::common::{OWN_IP_PRIVATE, SERVER_PORT};
use rust_nex::executables::common::ServerCluster::Auth;
use rust_nex::executables::common::ServerType::{Backend, Proxy};
use rust_nex::prudp::packet::VirtualPort;
use rust_nex::prudp::router::Router;
use rust_nex::prudp::station_url::StationUrl;
use rust_nex::prudp::unsecure::Unsecure;
use rust_nex::reggie::{establish_tls_connection_to, UnitPacketRead, UnitPacketWrite};
use rust_nex::rmc::protocols::OnlyRemote;
use rust_nex::rmc::response::ErrorCode;
use rust_nex::rmc::structures::RmcSerialize;
use rust_nex::rnex_proxy_common::ConnectionInitData;
@ -33,30 +44,41 @@ static FORWARD_DESTINATION: Lazy<String> =
static FORWARD_DESTINATION_NAME: Lazy<String> =
Lazy::new(|| env::var("FORWARD_DESTINATION_NAME").expect("no forward destination name given"));
static RSA_PRIVKEY: Lazy<RsaPrivateKey> = Lazy::new(|| {
let path = env::var("RSA_PRIVKEY")
.expect("RSA_PRIVKEY not set");
#[rmc_struct(Proxy)]
#[derive(Default)]
struct DestinationHolder{
url: RwLock<String>
}
RsaPrivateKey::read_pkcs8_pem_file(&path)
.expect("unable to read private key")
});
impl ProxyManagement for DestinationHolder{
async fn update_url(&self, new_url: String) -> Result<(), ErrorCode> {
println!("updating url");
static RSA_PUBKEY: Lazy<RsaPublicKey> = Lazy::new(|| {
RSA_PRIVKEY.to_public_key()
});
let mut url = self.url.write().await;
static PUBKEY_ENCODED: Lazy<Document> = Lazy::new(|| {
RSA_PUBKEY.to_pkcs1_der().expect("unable to convert pubkey to der")
});
*url = new_url;
Ok(())
}
}
static RSA_SIGNKEY: Lazy<BlindedSigningKey<Sha256>> = Lazy::new(||
BlindedSigningKey::<Sha256>::new(RSA_PRIVKEY.clone())
);
#[tokio::main]
async fn main() {
setup();
let conn =
rust_nex::reggie::rmc_connect_to(
"agmp-control.spfn.net",
Proxy {
addr: SocketAddrV4::new(*OWN_IP_PUBLIC, *SERVER_PORT),
cluster: Auth
},
|r| Arc::new(DestinationHolder::default())
).await;
let dest_holder = conn.unwrap();
let (router_secure, _) = Router::new(SocketAddrV4::new(*OWN_IP_PRIVATE, *SERVER_PORT))
.await
.expect("unable to start router");
@ -76,9 +98,18 @@ async fn main() {
return;
};
let dest_holder = dest_holder.clone();
task::spawn(async move {
let dest = dest_holder.url.read().await;
if *dest == ""{
warn!("no destination set yet but connection attempted");
return;
}
let mut stream
= establish_tls_connection_to(FORWARD_DESTINATION.as_str(), FORWARD_DESTINATION_NAME.as_str()).await;
= establish_tls_connection_to(&dest, &dest).await;
if let Err(e) = stream.send_buffer(&ConnectionInitData{
prudpsock_addr: conn.socket_addr,
@ -113,6 +144,9 @@ async fn main() {
return;
}
},
_ = sleep(Duration::from_secs(10)) => {
conn.send([0,0,0,0,0].to_vec()).await;
}
}
}
});

90
src/executables/proxy_secure.rs
View file

@ -1,43 +1,65 @@
use std::env;
use std::ffi::CStr;
use std::io::{Read, Write};
use std::net::{Ipv4Addr, SocketAddrV4, TcpListener, TcpStream};
use bytemuck::{Pod, Zeroable};
use chacha20::{ChaCha20, Key};
use chacha20::cipher::{Iv, KeyIvInit, StreamCipher};
use log::error;
use once_cell::sync::Lazy;
use rsa::pkcs8::{DecodePrivateKey, DecodePublicKey, Document};
use rsa::{BigUint, Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey};
use rsa::pkcs1::EncodeRsaPublicKey;
use rsa::pss::BlindedSigningKey;
use rsa::signature::{RandomizedSigner, SignatureEncoding};
use sha2::Sha256;
use tokio::net::TcpSocket;
use std::net::SocketAddrV4;
use std::sync::Arc;
use std::time::Duration;
use futures::future::Remote;
use log::{error, warn};
use macros::rmc_struct;
use tokio::sync::RwLock;
use tokio::task;
use tokio::time::sleep;
use rust_nex::common::setup;
use rust_nex::executables::common::{OWN_IP_PRIVATE, SECURE_SERVER_ACCOUNT, SERVER_PORT};
use rust_nex::executables::common::{ProxyManagement, RemoteController, RemoteControllerManagement, OWN_IP_PRIVATE, OWN_IP_PUBLIC, SECURE_SERVER_ACCOUNT, SERVER_PORT};
use rust_nex::executables::common::ServerCluster::Auth;
use rust_nex::executables::common::ServerType::Proxy;
use rust_nex::prudp::packet::VirtualPort;
use rust_nex::prudp::router::Router;
use rust_nex::prudp::secure::Secure;
use rust_nex::prudp::unsecure::Unsecure;
use rust_nex::reggie::{establish_tls_connection_to, UnitPacketRead, UnitPacketWrite};
use rust_nex::rmc::structures::RmcSerialize;
use rust_nex::reggie::establish_tls_connection_to;
use rust_nex::rmc::response::ErrorCode;
use rust_nex::rnex_proxy_common::ConnectionInitData;
use rust_nex::executables::common::LocalProxy;
use rust_nex::reggie::UnitPacketWrite;
use rust_nex::rmc::structures::RmcSerialize;
use rust_nex::reggie::UnitPacketRead;
use rust_nex::rmc::protocols::RemoteInstantiatable;
#[rmc_struct(Proxy)]
struct DestinationHolder{
url: RwLock<String>,
controller: RemoteController
}
impl ProxyManagement for DestinationHolder{
async fn update_url(&self, new_url: String) -> Result<(), ErrorCode> {
let mut url = self.url.write().await;
*url = new_url;
Ok(())
}
}
static FORWARD_DESTINATION: Lazy<String> =
Lazy::new(|| env::var("FORWARD_DESTINATION").expect("no forward destination given"));
static FORWARD_DESTINATION_NAME: Lazy<String> =
Lazy::new(|| env::var("FORWARD_DESTINATION_NAME").expect("no forward destination name given"));
#[tokio::main]
async fn main() {
setup();
let conn =
rust_nex::reggie::rmc_connect_to(
"agmp-control.spfn.net",
Proxy {
addr: SocketAddrV4::new(*OWN_IP_PUBLIC, *SERVER_PORT),
cluster: Auth
},
|r| Arc::new(DestinationHolder{
url: Default::default(),
controller: RemoteController::new(r)
})
).await;
let dest_holder = conn.unwrap();
let (router_secure, _) = Router::new(SocketAddrV4::new(*OWN_IP_PRIVATE, *SERVER_PORT))
.await
.expect("unable to start router");
@ -45,7 +67,7 @@ async fn main() {
let mut socket_secure = router_secure
.add_socket(VirtualPort::new(1, 10), Secure(
"6f599f81",
&SECURE_SERVER_ACCOUNT
dest_holder.controller.get_secure_account().await.unwrap()
))
.await
.expect("unable to add socket");
@ -58,9 +80,18 @@ async fn main() {
return;
};
let dest_holder = dest_holder.clone();
task::spawn(async move {
let dest = dest_holder.url.read().await;
if *dest == ""{
warn!("no destination set yet but connection attempted");
return;
}
let mut stream
= establish_tls_connection_to(FORWARD_DESTINATION.as_str(), FORWARD_DESTINATION_NAME.as_str()).await;
= establish_tls_connection_to(&dest, &dest).await;
if let Err(e) = stream.send_buffer(&ConnectionInitData{
prudpsock_addr: conn.socket_addr,
@ -70,6 +101,8 @@ async fn main() {
return;
};
loop {
tokio::select! {
data = conn.recv() => {
@ -95,6 +128,9 @@ async fn main() {
return;
}
},
_ = sleep(Duration::from_secs(10)) => {
conn.send([0,0,0,0,0].to_vec()).await;
}
}
}
});