# Locate app at / or e.g. /certcheck
# APP_ROOT=/
+
+# Default is error
+# RUST_LOG=info
"libc",
]
+[[package]]
+name = "anstream"
+version = "0.6.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "301af1932e46185686725e0fad2f8f2aa7da69dd70bf6ecc44d6b703844a3933"
+dependencies = [
+ "anstyle",
+ "anstyle-parse",
+ "anstyle-query",
+ "anstyle-wincon",
+ "colorchoice",
+ "is_terminal_polyfill",
+ "utf8parse",
+]
+
+[[package]]
+name = "anstyle"
+version = "1.0.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "862ed96ca487e809f1c8e5a8447f6ee2cf102f846893800b20cebdf541fc6bbd"
+
+[[package]]
+name = "anstyle-parse"
+version = "0.2.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2"
+dependencies = [
+ "utf8parse",
+]
+
+[[package]]
+name = "anstyle-query"
+version = "1.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6c8bdeb6047d8983be085bab0ba1472e6dc604e7041dbf6fcd5e71523014fae9"
+dependencies = [
+ "windows-sys 0.59.0",
+]
+
+[[package]]
+name = "anstyle-wincon"
+version = "3.0.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "403f75924867bb1033c59fbf0797484329750cfbe3c4325cd33127941fabc882"
+dependencies = [
+ "anstyle",
+ "once_cell_polyfill",
+ "windows-sys 0.59.0",
+]
+
[[package]]
name = "anyhow"
version = "1.0.98"
"libloading",
]
+[[package]]
+name = "colorchoice"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75"
+
[[package]]
name = "core-foundation-sys"
version = "0.8.7"
"log",
]
+[[package]]
+name = "env_filter"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "186e05a59d4c50738528153b83b0b0194d3a29507dfec16eccd4b342903397d0"
+dependencies = [
+ "log",
+ "regex",
+]
+
+[[package]]
+name = "env_logger"
+version = "0.11.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c863f0904021b108aa8b2f55046443e6b1ebde8fd4a15c399893aae4fa069f"
+dependencies = [
+ "anstream",
+ "anstyle",
+ "env_filter",
+ "jiff",
+ "log",
+]
+
[[package]]
name = "equivalent"
version = "1.0.2"
"libc",
]
+[[package]]
+name = "is_terminal_polyfill"
+version = "1.70.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf"
+
[[package]]
name = "itertools"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
+[[package]]
+name = "jiff"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be1f93b8b1eb69c77f24bbb0afdf66f54b632ee39af40ca21c4365a1d7347e49"
+dependencies = [
+ "jiff-static",
+ "log",
+ "portable-atomic",
+ "portable-atomic-util",
+ "serde",
+]
+
+[[package]]
+name = "jiff-static"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03343451ff899767262ec32146f6d559dd759fdadf42ff0e227c7c48f72594b4"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
[[package]]
name = "js-sys"
version = "0.3.77"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d"
+[[package]]
+name = "once_cell_polyfill"
+version = "1.70.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4895175b425cb1f87721b59f0f286c2092bd4af812243672510e1ac53e2e0ad"
+
[[package]]
name = "parking_lot"
version = "0.12.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
+[[package]]
+name = "portable-atomic"
+version = "1.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f84267b20a16ea918e43c6a88433c2d54fa145c92a811b5b047ccbe153674483"
+
+[[package]]
+name = "portable-atomic-util"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d8a2f0d8d040d7848a709caf78912debcc3f33ee4b3cac47d73d1e1069e83507"
+dependencies = [
+ "portable-atomic",
+]
+
[[package]]
name = "potential_utf"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
+[[package]]
+name = "utf8parse"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821"
+
[[package]]
name = "vcpkg"
version = "0.2.15"
"askama",
"axum",
"dotenvy",
+ "env_logger",
"futures",
+ "log",
"sequoia-openpgp",
"serde",
"serde_yml",
askama = "0.14.0"
axum = "0.8.4"
dotenvy = "0.15.7"
+env_logger = "0.11.8"
futures = "0.3.31"
+log = "0.4.27"
sequoia-openpgp = "2.0.0"
serde = { version = "1.0.219", features = ["derive"] }
serde_yml = "0.0.12"
use askama::Template;
use axum::extract::State;
-use axum::http::StatusCode;
+use axum::http::{HeaderMap, StatusCode};
use axum::response::{Html,IntoResponse};
use axum::Form;
+use log::{error,info};
use sequoia_openpgp::parse::stream::{Verifier, VerifierBuilder};
use sequoia_openpgp::parse::Parse;
use sequoia_openpgp::policy::StandardPolicy;
type CheckResponse = (StatusCode, Html<std::string::String>);
fn error_response(code: StatusCode, error: String) -> CheckResponse {
+ error!("Error: {}", error);
(code, Html(ShowCheckFormTemplate{
url: None,
message: None,
}
pub async fn check_canary_result(
+ headers: HeaderMap,
state: State<AppState>,
Form(form_data): Form<CheckCanaryFormData>,
) -> CheckResponse {
-
let Some(uri) = form_data.checkurl else {
return error_response(StatusCode::BAD_REQUEST,
"URI missing from form data".to_string());
};
+ info!("IP {:?} ... Checking canary at {}", headers.get("X-Forwarded-For"), uri);
match ureq::get(uri.clone()).call() {
Ok(mut resp) =>
match resp.body_mut().read_to_string() {
- Ok(signed_message) => do_verify(signed_message,state.certs.clone(), uri,state).await,
+ Ok(signed_message) => {
+ info!("Received canary with message string {}...",
+ &signed_message[0..20]);
+ return do_verify(signed_message,state.certs.clone(), uri,state).await;
+ },
Err(e) =>
error_response(StatusCode::BAD_REQUEST,
format!("Error decoding signed message to string: {}",e))
fn decode_message_bytes(content: Vec<u8>, helper: Helper, url: String, State(state): State<AppState>) -> CheckResponse {
match String::from_utf8(content) {
- Ok(content) => (StatusCode::OK,Html(ShowCheckFormTemplate{
- url: Some(url),
- message: Some(content),
- error: None,
- key_fingerprint: helper.get_fingerprint(),
- key_description: helper.get_description(),
- post_target: Some(state.app_root),
- }.render().unwrap())),
+ Ok(content) => {
+ info!("Good signature from {:?} ({:?})",
+ helper.get_fingerprint(),
+ helper.get_description());
+
+ (StatusCode::OK,Html(ShowCheckFormTemplate{
+ url: Some(url),
+ message: Some(content),
+ error: None,
+ key_fingerprint: helper.get_fingerprint(),
+ key_description: helper.get_description(),
+ post_target: Some(state.app_root),
+ }.render().unwrap()))},
_ => error_response(StatusCode::BAD_REQUEST,
"Unable to decode signed doc into UTF-8".to_string())
}
use axum::{routing::{get,post}, Router};
use axum::serve;
+use log::info;
use serde::Deserialize;
use std::{collections::HashMap, fs::{read_dir, File}};
use std::net::SocketAddr;
#[tokio::main]
async fn main() -> Result<(),Box<dyn std::error::Error>> {
-
+
// set config values. real env vars will take precedence over vars in .env
let _ = dotenvy::dotenv();
+
+ // load env before init logger so we get RUST_LOG
+ env_logger::init();
+ info!("Starting waterslager");
+
let bind_host = match dotenvy::var("BIND_HOST") {
Ok(val) => val,
Err(_) => "127.0.0.1".to_string()
Ok(val) => val,
Err(_) => "/".to_string()
};
+ info!("App root is {}",app_root);
+ info!("Will listen on {}:{}", bind_host, bind_port);
let certs = load_certs_from_fs().await.unwrap();
+ info!("Loaded {} certs from trust/", certs.len());
let app_state = AppState{
certs,
projects / waterslager.git / commitdiff