Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2025-12-25 04:36:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

cli: use openssl for all crypto-related activities

Browse Source 
For compliance with SDL and MSFT crypto standards. Right now this uses
our forks of russh and secret-service. russh seems amenable to getting
this merged (https://github.com/warp-tech/russh/pull/52) but TBD about
the secret-service crate.

Fixes https://github.com/microsoft/vscode-internalbacklog/issues/3158
This commit is contained in:
Connor Peet
2022-10-13 08:59:20 -07:00
parent 8991187c38
commit a2dd71c0fe
3 changed files with 603 additions and 728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1315
cli/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

8
cli/Cargo.toml
View File

@@ -39,7 +39,7 @@ serde_bytes = "0.11.5"
chrono = { version = "0.4", features = ["serde"] }
gethostname = "0.2.3"
libc = "0.2"
tunnels = { git = "https://github.com/connor4312/dev-tunnels", branch = "host-relay", features = ["connections", "vendored-openssl"] }
tunnels = { git = "https://github.com/microsoft/dev-tunnels", rev = "3870e9133dfb9557774521bb447827f19b26e55d", default-features = false, features = ["connections", "vendored-openssl"] }
keyring = "1.1"
dialoguer = "0.10"
hyper = "0.14"
@@ -56,6 +56,12 @@ windows-service = "0.5"
[target.'cfg(target_os = "linux")'.dependencies]
tar = { version = "0.4" }
[patch.crates-io]
russh = { git = "https://github.com/microsoft/vscode-russh", branch = "main" }
russh-cryptovec = { git = "https://github.com/microsoft/vscode-russh", branch = "main" }
russh-keys = { git = "https://github.com/microsoft/vscode-russh", branch = "main" }
secret-service = { git = "https://github.com/microsoft/vscode-secret-service-rs", rev = "ccef335714cdf3744ff85f812b8fba5b6194dcfa" }
[profile.release]
strip = true
lto = true

8
cli/src/tunnels/dev_tunnels.rs
View File

@@ -19,7 +19,7 @@ use serde::{Deserialize, Serialize};
use std::sync::{Arc, Mutex};
use std::time::Duration;
use tokio::sync::{mpsc, watch};
use tunnels::connections::{ForwardedPortConnection, HostRelay};
use tunnels::connections::{ForwardedPortConnection, RelayTunnelHost};
use tunnels::contracts::{
Tunnel, TunnelPort, TunnelRelayTunnelEndpoint, PORT_TOKEN, TUNNEL_PROTOCOL_AUTO,
};
@@ -607,7 +607,7 @@ impl DevTunnels {
struct ActiveTunnelManager {
close_tx: Option<mpsc::Sender<()>>,
endpoint_rx: watch::Receiver<Option<Result<TunnelRelayTunnelEndpoint, WrappedError>>>,
relay: Arc<tokio::sync::Mutex<HostRelay>>,
relay: Arc<tokio::sync::Mutex<RelayTunnelHost>>,
}
impl ActiveTunnelManager {
@@ -620,7 +620,7 @@ impl ActiveTunnelManager {
let (endpoint_tx, endpoint_rx) = watch::channel(None);
let (close_tx, close_rx) = mpsc::channel(1);
let relay = Arc::new(tokio::sync::Mutex::new(HostRelay::new(locator, mgmt)));
let relay = Arc::new(tokio::sync::Mutex::new(RelayTunnelHost::new(locator, mgmt)));
let relay_spawned = relay.clone();
tokio::spawn(async move {
@@ -719,7 +719,7 @@ impl ActiveTunnelManager {
async fn spawn_tunnel(
log: log::Logger,
relay: Arc<tokio::sync::Mutex<HostRelay>>,
relay: Arc<tokio::sync::Mutex<RelayTunnelHost>>,
mut close_rx: mpsc::Receiver<()>,
endpoint_tx: watch::Sender<Option<Result<TunnelRelayTunnelEndpoint, WrappedError>>>,
access_token_provider: impl AccessTokenProvider + 'static,