itsi-server 0.1.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Cargo.lock +4487 -0
- data/Cargo.toml +7 -0
- data/README.md +6 -0
- data/Rakefile +7 -4
- data/exe/itsi +152 -46
- data/ext/itsi_acme/Cargo.toml +86 -0
- data/ext/itsi_acme/examples/high_level.rs +63 -0
- data/ext/itsi_acme/examples/high_level_warp.rs +52 -0
- data/ext/itsi_acme/examples/low_level.rs +87 -0
- data/ext/itsi_acme/examples/low_level_axum.rs +66 -0
- data/ext/itsi_acme/src/acceptor.rs +81 -0
- data/ext/itsi_acme/src/acme.rs +354 -0
- data/ext/itsi_acme/src/axum.rs +86 -0
- data/ext/itsi_acme/src/cache.rs +39 -0
- data/ext/itsi_acme/src/caches/boxed.rs +80 -0
- data/ext/itsi_acme/src/caches/composite.rs +69 -0
- data/ext/itsi_acme/src/caches/dir.rs +106 -0
- data/ext/itsi_acme/src/caches/mod.rs +11 -0
- data/ext/itsi_acme/src/caches/no.rs +78 -0
- data/ext/itsi_acme/src/caches/test.rs +136 -0
- data/ext/itsi_acme/src/config.rs +172 -0
- data/ext/itsi_acme/src/https_helper.rs +69 -0
- data/ext/itsi_acme/src/incoming.rs +142 -0
- data/ext/itsi_acme/src/jose.rs +161 -0
- data/ext/itsi_acme/src/lib.rs +142 -0
- data/ext/itsi_acme/src/resolver.rs +59 -0
- data/ext/itsi_acme/src/state.rs +424 -0
- data/ext/itsi_error/Cargo.toml +3 -0
- data/ext/itsi_error/src/lib.rs +98 -24
- data/ext/itsi_error/target/debug/build/clang-sys-da71b0344e568175/out/common.rs +355 -0
- data/ext/itsi_error/target/debug/build/clang-sys-da71b0344e568175/out/dynamic.rs +276 -0
- data/ext/itsi_error/target/debug/build/clang-sys-da71b0344e568175/out/macros.rs +49 -0
- data/ext/itsi_error/target/debug/build/rb-sys-49f554618693db24/out/bindings-0.9.110-mri-arm64-darwin23-3.4.2.rs +8865 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-1mmt5sux7jb0i/s-h510z7m8v9-0bxu7yd.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-2vn3jey74oiw0/s-h5113n0e7e-1v5qzs6.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-37uv9dicz7awp/s-h510ykifhe-0tbnep2.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-37uv9dicz7awp/s-h510yyocpj-0tz7ug7.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-37uv9dicz7awp/s-h510z0xc8g-14ol18k.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-3g5qf4y7d54uj/s-h5113n0e7d-1trk8on.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-3lpfftm45d3e2/s-h510z7m8r3-1pxp20o.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-3o4qownhl3d7n/s-h510ykifek-1uxasnk.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-3o4qownhl3d7n/s-h510yyocki-11u37qm.lock +0 -0
- data/ext/itsi_error/target/debug/incremental/itsi_error-3o4qownhl3d7n/s-h510z0xc93-0pmy0zm.lock +0 -0
- data/ext/itsi_instrument_entry/Cargo.toml +15 -0
- data/ext/itsi_instrument_entry/src/lib.rs +31 -0
- data/ext/itsi_rb_helpers/Cargo.toml +3 -0
- data/ext/itsi_rb_helpers/src/heap_value.rs +139 -0
- data/ext/itsi_rb_helpers/src/lib.rs +141 -10
- data/ext/itsi_rb_helpers/target/debug/build/clang-sys-da71b0344e568175/out/common.rs +355 -0
- data/ext/itsi_rb_helpers/target/debug/build/clang-sys-da71b0344e568175/out/dynamic.rs +276 -0
- data/ext/itsi_rb_helpers/target/debug/build/clang-sys-da71b0344e568175/out/macros.rs +49 -0
- data/ext/itsi_rb_helpers/target/debug/build/rb-sys-eb9ed4ff3a60f995/out/bindings-0.9.110-mri-arm64-darwin23-3.4.2.rs +8865 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-040pxg6yhb3g3/s-h5113n7a1b-03bwlt4.lock +0 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-131g1u4dzkt1a/s-h51113xnh3-1eik1ip.lock +0 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-131g1u4dzkt1a/s-h5111704jj-0g4rj8x.lock +0 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-1q2d3drtxrzs5/s-h5113n79yl-0bxcqc5.lock +0 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-374a9h7ovycj0/s-h51113xoox-10de2hp.lock +0 -0
- data/ext/itsi_rb_helpers/target/debug/incremental/itsi_rb_helpers-374a9h7ovycj0/s-h5111704w7-0vdq7gq.lock +0 -0
- data/ext/itsi_scheduler/Cargo.toml +24 -0
- data/ext/itsi_scheduler/src/itsi_scheduler/io_helpers.rs +56 -0
- data/ext/itsi_scheduler/src/itsi_scheduler/io_waiter.rs +44 -0
- data/ext/itsi_scheduler/src/itsi_scheduler/timer.rs +44 -0
- data/ext/itsi_scheduler/src/itsi_scheduler.rs +314 -0
- data/ext/itsi_scheduler/src/lib.rs +39 -0
- data/ext/itsi_server/Cargo.lock +2956 -0
- data/ext/itsi_server/Cargo.toml +75 -14
- data/ext/itsi_server/extconf.rb +1 -1
- data/ext/itsi_server/src/default_responses/html/401.html +68 -0
- data/ext/itsi_server/src/default_responses/html/403.html +68 -0
- data/ext/itsi_server/src/default_responses/html/404.html +68 -0
- data/ext/itsi_server/src/default_responses/html/413.html +71 -0
- data/ext/itsi_server/src/default_responses/html/429.html +68 -0
- data/ext/itsi_server/src/default_responses/html/500.html +71 -0
- data/ext/itsi_server/src/default_responses/html/502.html +71 -0
- data/ext/itsi_server/src/default_responses/html/503.html +68 -0
- data/ext/itsi_server/src/default_responses/html/504.html +69 -0
- data/ext/itsi_server/src/default_responses/html/index.html +238 -0
- data/ext/itsi_server/src/default_responses/json/401.json +6 -0
- data/ext/itsi_server/src/default_responses/json/403.json +6 -0
- data/ext/itsi_server/src/default_responses/json/404.json +6 -0
- data/ext/itsi_server/src/default_responses/json/413.json +6 -0
- data/ext/itsi_server/src/default_responses/json/429.json +6 -0
- data/ext/itsi_server/src/default_responses/json/500.json +6 -0
- data/ext/itsi_server/src/default_responses/json/502.json +6 -0
- data/ext/itsi_server/src/default_responses/json/503.json +6 -0
- data/ext/itsi_server/src/default_responses/json/504.json +6 -0
- data/ext/itsi_server/src/default_responses/mod.rs +11 -0
- data/ext/itsi_server/src/env.rs +43 -0
- data/ext/itsi_server/src/lib.rs +133 -40
- data/ext/itsi_server/src/prelude.rs +2 -0
- data/ext/itsi_server/src/ruby_types/itsi_body_proxy/big_bytes.rs +109 -0
- data/ext/itsi_server/src/ruby_types/itsi_body_proxy/mod.rs +143 -0
- data/ext/itsi_server/src/ruby_types/itsi_grpc_call.rs +344 -0
- data/ext/itsi_server/src/ruby_types/itsi_grpc_response_stream/mod.rs +264 -0
- data/ext/itsi_server/src/ruby_types/itsi_http_request.rs +362 -0
- data/ext/itsi_server/src/ruby_types/itsi_http_response.rs +391 -0
- data/ext/itsi_server/src/ruby_types/itsi_server/file_watcher.rs +233 -0
- data/ext/itsi_server/src/ruby_types/itsi_server/itsi_server_config.rs +565 -0
- data/ext/itsi_server/src/ruby_types/itsi_server.rs +86 -0
- data/ext/itsi_server/src/ruby_types/mod.rs +48 -0
- data/ext/itsi_server/src/server/binds/bind.rs +204 -0
- data/ext/itsi_server/src/server/binds/bind_protocol.rs +37 -0
- data/ext/itsi_server/src/server/binds/listener.rs +444 -0
- data/ext/itsi_server/src/server/binds/mod.rs +4 -0
- data/ext/itsi_server/src/server/binds/tls/locked_dir_cache.rs +132 -0
- data/ext/itsi_server/src/server/binds/tls.rs +278 -0
- data/ext/itsi_server/src/server/byte_frame.rs +32 -0
- data/ext/itsi_server/src/server/http_message_types.rs +97 -0
- data/ext/itsi_server/src/server/io_stream.rs +105 -0
- data/ext/itsi_server/src/server/lifecycle_event.rs +12 -0
- data/ext/itsi_server/src/server/middleware_stack/middleware.rs +170 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/allow_list.rs +63 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/auth_api_key.rs +94 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/auth_basic.rs +94 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/auth_jwt.rs +343 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/cache_control.rs +151 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/compression.rs +316 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/cors.rs +301 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/csp.rs +193 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/deny_list.rs +64 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/error_response/default_responses.rs +192 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/error_response.rs +171 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/etag.rs +198 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/header_interpretation.rs +82 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/intrusion_protection.rs +209 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/log_requests.rs +82 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/max_body.rs +47 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/mod.rs +116 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/proxy.rs +411 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/rate_limit.rs +142 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/redirect.rs +55 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/request_headers.rs +54 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/response_headers.rs +51 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/ruby_app.rs +126 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/static_assets.rs +187 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/static_response.rs +55 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/string_rewrite.rs +173 -0
- data/ext/itsi_server/src/server/middleware_stack/middlewares/token_source.rs +31 -0
- data/ext/itsi_server/src/server/middleware_stack/mod.rs +381 -0
- data/ext/itsi_server/src/server/mod.rs +13 -5
- data/ext/itsi_server/src/server/process_worker.rs +247 -0
- data/ext/itsi_server/src/server/redirect_type.rs +26 -0
- data/ext/itsi_server/src/server/request_job.rs +11 -0
- data/ext/itsi_server/src/server/serve_strategy/cluster_mode.rs +354 -0
- data/ext/itsi_server/src/server/serve_strategy/mod.rs +30 -0
- data/ext/itsi_server/src/server/serve_strategy/single_mode.rs +481 -0
- data/ext/itsi_server/src/server/signal.rs +77 -0
- data/ext/itsi_server/src/server/size_limited_incoming.rs +107 -0
- data/ext/itsi_server/src/server/thread_worker.rs +479 -0
- data/ext/itsi_server/src/services/cache_store.rs +74 -0
- data/ext/itsi_server/src/services/itsi_http_service.rs +257 -0
- data/ext/itsi_server/src/services/mime_types.rs +1416 -0
- data/ext/itsi_server/src/services/mod.rs +6 -0
- data/ext/itsi_server/src/services/password_hasher.rs +83 -0
- data/ext/itsi_server/src/services/rate_limiter.rs +580 -0
- data/ext/itsi_server/src/services/static_file_server.rs +1340 -0
- data/ext/itsi_tracing/Cargo.toml +5 -0
- data/ext/itsi_tracing/src/lib.rs +366 -7
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-0994n8rpvvt9m/s-h510hfz1f6-1kbycmq.lock +0 -0
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-0bob7bf4yq34i/s-h5113125h5-0lh4rag.lock +0 -0
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-2fcodulrxbbxo/s-h510h2infk-0hp5kjw.lock +0 -0
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-2iak63r1woi1l/s-h510h2in4q-0kxfzw1.lock +0 -0
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-2kk4qj9gn5dg2/s-h5113124kv-0enwon2.lock +0 -0
- data/ext/itsi_tracing/target/debug/incremental/itsi_tracing-2mwo0yas7dtw4/s-h510hfz1ha-1udgpei.lock +0 -0
- data/lib/itsi/http_request/response_status_shortcodes.rb +76 -0
- data/lib/itsi/http_request.rb +218 -0
- data/lib/itsi/http_response.rb +42 -0
- data/lib/itsi/passfile.rb +108 -0
- data/lib/itsi/server/config/config_helpers.rb +105 -0
- data/lib/itsi/server/config/dsl.rb +211 -0
- data/lib/itsi/server/config/known_paths/KitchensinkDirectories.txt +2346 -0
- data/lib/itsi/server/config/known_paths/Randomfiles.txt +24 -0
- data/lib/itsi/server/config/known_paths/UnixDotfiles.txt +52 -0
- data/lib/itsi/server/config/known_paths/backdoors/ASP_CommonBackdoors.txt +29 -0
- data/lib/itsi/server/config/known_paths/backdoors/bot_control_panels.txt +1668 -0
- data/lib/itsi/server/config/known_paths/backdoors/shells.txt +1167 -0
- data/lib/itsi/server/config/known_paths/cgi/CGI_HTTP_POST.txt +7 -0
- data/lib/itsi/server/config/known_paths/cgi/CGI_HTTP_POST_Windows.txt +6 -0
- data/lib/itsi/server/config/known_paths/cgi/CGI_Microsoft.txt +79 -0
- data/lib/itsi/server/config/known_paths/cgi/CGI_XPlatform.txt +3948 -0
- data/lib/itsi/server/config/known_paths/cms/README.md +5 -0
- data/lib/itsi/server/config/known_paths/cms/drupal_plugins.txt +6320 -0
- data/lib/itsi/server/config/known_paths/cms/drupal_themes.txt +828 -0
- data/lib/itsi/server/config/known_paths/cms/joomla_plugins.txt +224 -0
- data/lib/itsi/server/config/known_paths/cms/joomla_themes.txt +30 -0
- data/lib/itsi/server/config/known_paths/cms/php-nuke.txt +2142 -0
- data/lib/itsi/server/config/known_paths/cms/wordpress.txt +1566 -0
- data/lib/itsi/server/config/known_paths/cms/wp_common_theme_files.txt +46 -0
- data/lib/itsi/server/config/known_paths/cms/wp_plugins.txt +13366 -0
- data/lib/itsi/server/config/known_paths/cms/wp_plugins_full.txt +68662 -0
- data/lib/itsi/server/config/known_paths/cms/wp_plugins_top225.txt +225 -0
- data/lib/itsi/server/config/known_paths/cms/wp_themes.readme +12 -0
- data/lib/itsi/server/config/known_paths/cms/wp_themes.txt +7336 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/3CharExtBrute.txt +17576 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/CommonWebExtensions.txt +80 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/Extensions.Backup.txt +14 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/Extensions.Common.txt +865 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/Extensions.Compressed.txt +186 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/Extensions.Mostcommon.txt +30 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/Extensions.Skipfish.txt +93 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/WordlistSkipfish.txt +1918 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/copy_of.txt +8 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-directories-lowercase.txt +56180 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-directories.txt +62290 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-extensions-lowercase.txt +2367 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-extensions.txt +2450 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-files-lowercase.txt +35323 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-files.txt +37037 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-words-lowercase.txt +107982 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-large-words.txt +119600 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-directories-lowercase.txt +26593 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-directories.txt +30009 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-extensions-lowercase.txt +1233 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-extensions.txt +1289 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-files-lowercase.txt +16243 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-files.txt +17128 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-words-lowercase.txt +56293 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-medium-words.txt +63087 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-directories-lowercase.txt +17776 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-directories.txt +20122 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-extensions-lowercase.txt +914 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-extensions.txt +963 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-files-lowercase.txt +10848 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-files.txt +11424 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-words-lowercase.txt +38267 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/raft-small-words.txt +43003 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/spanish.txt +445 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/test_demo.txt +36 -0
- data/lib/itsi/server/config/known_paths/filename-dirname-bruteforce/upload_variants.txt +44 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/Logins.txt +71 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/cfm.txt +294 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/html.txt +295 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/jsp.txt +294 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/php.txt +294 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/windows-asp.txt +294 -0
- data/lib/itsi/server/config/known_paths/login-file-locations/windows-aspx.txt +294 -0
- data/lib/itsi/server/config/known_paths/password-file-locations/Passwords.txt +47 -0
- data/lib/itsi/server/config/known_paths/php/PHP.txt +30 -0
- data/lib/itsi/server/config/known_paths/php/PHP_CommonBackdoors.txt +5 -0
- data/lib/itsi/server/config/known_paths/proxy-conf.txt +31 -0
- data/lib/itsi/server/config/known_paths/tftp.txt +79 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/ADFS.txt +86 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/AdobeXML.txt +16 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Apache.txt +101 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/ApacheTomcat.txt +47 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Apache_Axis.txt +16 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/ColdFusion.txt +111 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/FatwireCMS.txt +390 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Frontpage.txt +38 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/HP_System_Mgmt_Homepage.txt +239 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/HTTP_POST_Microsoft.txt +2 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Hyperion.txt +578 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/IIS.txt +187 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/JBoss.txt +5 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/JRun.txt +13 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/JavaServlets_Common.txt +3 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Joomla_exploitable.txt +1937 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/LotusNotes.txt +206 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Netware.txt +18 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Oracle9i.txt +60 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/OracleAppServer.txt +192 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/README.md +6 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Ruby_Rails.txt +121 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/SAP.txt +463 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Sharepoint.txt +1707 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/SiteMinder.txt +19 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/SunAppServerGlassfish.txt +51 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/SuniPlanet.txt +35 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Vignette.txt +73 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Weblogic.txt +160 -0
- data/lib/itsi/server/config/known_paths/webservers-appservers/Websphere.txt +366 -0
- data/lib/itsi/server/config/known_paths/wellknown-rfc5785.txt +30 -0
- data/lib/itsi/server/config/known_paths.rb +20 -0
- data/lib/itsi/server/config/middleware/_index.md +56 -0
- data/lib/itsi/server/config/middleware/allow_list.md +46 -0
- data/lib/itsi/server/config/middleware/allow_list.rb +42 -0
- data/lib/itsi/server/config/middleware/auth_api_key.md +90 -0
- data/lib/itsi/server/config/middleware/auth_api_key.rb +51 -0
- data/lib/itsi/server/config/middleware/auth_basic.md +45 -0
- data/lib/itsi/server/config/middleware/auth_basic.rb +44 -0
- data/lib/itsi/server/config/middleware/auth_jwt.md +82 -0
- data/lib/itsi/server/config/middleware/auth_jwt.rb +38 -0
- data/lib/itsi/server/config/middleware/cache_control.md +78 -0
- data/lib/itsi/server/config/middleware/cache_control.rb +45 -0
- data/lib/itsi/server/config/middleware/cidr_to_regex.rb +50 -0
- data/lib/itsi/server/config/middleware/compression.md +50 -0
- data/lib/itsi/server/config/middleware/compression.rb +37 -0
- data/lib/itsi/server/config/middleware/cors.md +93 -0
- data/lib/itsi/server/config/middleware/cors.rb +32 -0
- data/lib/itsi/server/config/middleware/csp.md +37 -0
- data/lib/itsi/server/config/middleware/csp.rb +44 -0
- data/lib/itsi/server/config/middleware/deny_list.md +45 -0
- data/lib/itsi/server/config/middleware/deny_list.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/_index.md +159 -0
- data/lib/itsi/server/config/middleware/endpoint/controller.md +186 -0
- data/lib/itsi/server/config/middleware/endpoint/controller.rb +33 -0
- data/lib/itsi/server/config/middleware/endpoint/delete.md +12 -0
- data/lib/itsi/server/config/middleware/endpoint/delete.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/endpoint.rb +99 -0
- data/lib/itsi/server/config/middleware/endpoint/get.md +12 -0
- data/lib/itsi/server/config/middleware/endpoint/get.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/http_request.md +44 -0
- data/lib/itsi/server/config/middleware/endpoint/http_response.md +39 -0
- data/lib/itsi/server/config/middleware/endpoint/patch.md +12 -0
- data/lib/itsi/server/config/middleware/endpoint/patch.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/post.md +12 -0
- data/lib/itsi/server/config/middleware/endpoint/post.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/put.md +12 -0
- data/lib/itsi/server/config/middleware/endpoint/put.rb +42 -0
- data/lib/itsi/server/config/middleware/endpoint/schemas.md +122 -0
- data/lib/itsi/server/config/middleware/error_response.md +61 -0
- data/lib/itsi/server/config/middleware/error_response.rb +36 -0
- data/lib/itsi/server/config/middleware/etag.md +59 -0
- data/lib/itsi/server/config/middleware/etag.rb +27 -0
- data/lib/itsi/server/config/middleware/grpc.md +172 -0
- data/lib/itsi/server/config/middleware/grpc.rb +54 -0
- data/lib/itsi/server/config/middleware/intrusion_protection.md +124 -0
- data/lib/itsi/server/config/middleware/intrusion_protection.rb +61 -0
- data/lib/itsi/server/config/middleware/location.md +107 -0
- data/lib/itsi/server/config/middleware/location.rb +99 -0
- data/lib/itsi/server/config/middleware/log_requests.md +65 -0
- data/lib/itsi/server/config/middleware/log_requests.rb +31 -0
- data/lib/itsi/server/config/middleware/max_body.md +18 -0
- data/lib/itsi/server/config/middleware/max_body.rb +21 -0
- data/lib/itsi/server/config/middleware/proxy.md +62 -0
- data/lib/itsi/server/config/middleware/proxy.rb +41 -0
- data/lib/itsi/server/config/middleware/rackup_file.md +54 -0
- data/lib/itsi/server/config/middleware/rackup_file.rb +44 -0
- data/lib/itsi/server/config/middleware/rate_limit.md +126 -0
- data/lib/itsi/server/config/middleware/rate_limit.rb +34 -0
- data/lib/itsi/server/config/middleware/rate_limit_store.rb +25 -0
- data/lib/itsi/server/config/middleware/redirect.md +55 -0
- data/lib/itsi/server/config/middleware/redirect.rb +25 -0
- data/lib/itsi/server/config/middleware/request_headers.md +34 -0
- data/lib/itsi/server/config/middleware/request_headers.rb +24 -0
- data/lib/itsi/server/config/middleware/response_headers.md +33 -0
- data/lib/itsi/server/config/middleware/response_headers.rb +25 -0
- data/lib/itsi/server/config/middleware/run.md +60 -0
- data/lib/itsi/server/config/middleware/run.rb +43 -0
- data/lib/itsi/server/config/middleware/static_assets.md +73 -0
- data/lib/itsi/server/config/middleware/static_assets.rb +87 -0
- data/lib/itsi/server/config/middleware/static_response.md +44 -0
- data/lib/itsi/server/config/middleware/static_response.rb +29 -0
- data/lib/itsi/server/config/middleware/string_rewrite.md +67 -0
- data/lib/itsi/server/config/middleware/token_source.rb +32 -0
- data/lib/itsi/server/config/middleware.rb +13 -0
- data/lib/itsi/server/config/option.rb +14 -0
- data/lib/itsi/server/config/options/_index.md +37 -0
- data/lib/itsi/server/config/options/auto_reload_config.md +13 -0
- data/lib/itsi/server/config/options/auto_reload_config.rb +41 -0
- data/lib/itsi/server/config/options/bind.md +71 -0
- data/lib/itsi/server/config/options/bind.rb +26 -0
- data/lib/itsi/server/config/options/certificates.md +65 -0
- data/lib/itsi/server/config/options/daemonize.md +14 -0
- data/lib/itsi/server/config/options/daemonize.rb +19 -0
- data/lib/itsi/server/config/options/fiber_scheduler.md +34 -0
- data/lib/itsi/server/config/options/fiber_scheduler.rb +21 -0
- data/lib/itsi/server/config/options/header_read_timeout.md +17 -0
- data/lib/itsi/server/config/options/header_read_timeout.rb +19 -0
- data/lib/itsi/server/config/options/hooks/_index.md +11 -0
- data/lib/itsi/server/config/options/hooks/after_fork.md +13 -0
- data/lib/itsi/server/config/options/hooks/after_fork.rb +28 -0
- data/lib/itsi/server/config/options/hooks/after_memory_limit_reached.md +14 -0
- data/lib/itsi/server/config/options/hooks/after_memory_limit_reached.rb +28 -0
- data/lib/itsi/server/config/options/hooks/after_start.md +12 -0
- data/lib/itsi/server/config/options/hooks/after_start.rb +28 -0
- data/lib/itsi/server/config/options/hooks/before_fork.md +13 -0
- data/lib/itsi/server/config/options/hooks/before_fork.rb +28 -0
- data/lib/itsi/server/config/options/hooks/before_restart.md +12 -0
- data/lib/itsi/server/config/options/hooks/before_restart.rb +28 -0
- data/lib/itsi/server/config/options/hooks/before_shutdown.md +12 -0
- data/lib/itsi/server/config/options/hooks/before_shutdown.rb +28 -0
- data/lib/itsi/server/config/options/include.md +20 -0
- data/lib/itsi/server/config/options/include.rb +36 -0
- data/lib/itsi/server/config/options/listen_backlog.md +11 -0
- data/lib/itsi/server/config/options/listen_backlog.rb +19 -0
- data/lib/itsi/server/config/options/log_format.md +18 -0
- data/lib/itsi/server/config/options/log_format.rb +19 -0
- data/lib/itsi/server/config/options/log_level.md +34 -0
- data/lib/itsi/server/config/options/log_level.rb +20 -0
- data/lib/itsi/server/config/options/log_target.md +38 -0
- data/lib/itsi/server/config/options/log_target.rb +19 -0
- data/lib/itsi/server/config/options/log_target_filters.md +17 -0
- data/lib/itsi/server/config/options/log_target_filters.rb +19 -0
- data/lib/itsi/server/config/options/multithreaded_reactor.md +27 -0
- data/lib/itsi/server/config/options/multithreaded_reactor.rb +24 -0
- data/lib/itsi/server/config/options/nodelay.md +16 -0
- data/lib/itsi/server/config/options/nodelay.rb +19 -0
- data/lib/itsi/server/config/options/oob_gc_responses_threshold.md +19 -0
- data/lib/itsi/server/config/options/oob_gc_responses_threshold.rb +18 -0
- data/lib/itsi/server/config/options/pin_worker_cores.md +17 -0
- data/lib/itsi/server/config/options/pin_worker_cores.rb +19 -0
- data/lib/itsi/server/config/options/preload.md +21 -0
- data/lib/itsi/server/config/options/preload.rb +18 -0
- data/lib/itsi/server/config/options/recv_buffer_size.md +15 -0
- data/lib/itsi/server/config/options/recv_buffer_size.rb +19 -0
- data/lib/itsi/server/config/options/redirect_http_to_https.md +21 -0
- data/lib/itsi/server/config/options/redirect_http_to_https.rb +30 -0
- data/lib/itsi/server/config/options/request_timeout.md +23 -0
- data/lib/itsi/server/config/options/request_timeout.rb +19 -0
- data/lib/itsi/server/config/options/reuse_address.md +16 -0
- data/lib/itsi/server/config/options/reuse_address.rb +19 -0
- data/lib/itsi/server/config/options/reuse_port.md +16 -0
- data/lib/itsi/server/config/options/reuse_port.rb +19 -0
- data/lib/itsi/server/config/options/scheduler_threads.md +34 -0
- data/lib/itsi/server/config/options/scheduler_threads.rb +17 -0
- data/lib/itsi/server/config/options/shutdown_timeout.md +17 -0
- data/lib/itsi/server/config/options/shutdown_timeout.rb +19 -0
- data/lib/itsi/server/config/options/stream_body.md +32 -0
- data/lib/itsi/server/config/options/stream_body.rb +18 -0
- data/lib/itsi/server/config/options/threads.md +44 -0
- data/lib/itsi/server/config/options/threads.rb +17 -0
- data/lib/itsi/server/config/options/watch.md +16 -0
- data/lib/itsi/server/config/options/watch.rb +28 -0
- data/lib/itsi/server/config/options/worker_memory_limit.md +22 -0
- data/lib/itsi/server/config/options/worker_memory_limit.rb +18 -0
- data/lib/itsi/server/config/options/workers.md +42 -0
- data/lib/itsi/server/config/options/workers.rb +17 -0
- data/lib/itsi/server/config/typed_struct.rb +242 -0
- data/lib/itsi/server/config.rb +289 -0
- data/lib/itsi/server/default_app/default_app.rb +34 -0
- data/lib/itsi/server/default_app/index.html +115 -0
- data/lib/itsi/server/default_config/Itsi.rb +107 -0
- data/lib/itsi/server/grpc/grpc_call.rb +246 -0
- data/lib/itsi/server/grpc/grpc_interface.rb +107 -0
- data/lib/itsi/server/grpc/reflection/v1/reflection_pb.rb +26 -0
- data/lib/itsi/server/grpc/reflection/v1/reflection_services_pb.rb +122 -0
- data/lib/itsi/server/rack/handler/itsi.rb +27 -0
- data/lib/itsi/server/rack_interface.rb +94 -0
- data/lib/itsi/server/route_tester.rb +157 -0
- data/lib/itsi/server/scheduler_interface.rb +21 -0
- data/lib/itsi/server/scheduler_mode.rb +10 -0
- data/lib/itsi/server/signal_trap.rb +33 -0
- data/lib/itsi/server/typed_handlers/param_parser.rb +196 -0
- data/lib/itsi/server/typed_handlers/source_parser.rb +56 -0
- data/lib/itsi/server/typed_handlers.rb +25 -0
- data/lib/itsi/server/version.rb +1 -1
- data/lib/itsi/server.rb +265 -9
- data/lib/itsi/standard_headers.rb +86 -0
- data/lib/ruby_lsp/itsi/addon.rb +129 -0
- data/lib/shell_completions/completions.rb +26 -0
- metadata +454 -28
- data/CHANGELOG.md +0 -5
- data/CODE_OF_CONDUCT.md +0 -132
- data/LICENSE.txt +0 -21
- data/ext/itsi_server/src/request/itsi_request.rs +0 -143
- data/ext/itsi_server/src/request/mod.rs +0 -1
- data/ext/itsi_server/src/server/bind.rs +0 -138
- data/ext/itsi_server/src/server/itsi_ca/itsi_ca.crt +0 -32
- data/ext/itsi_server/src/server/itsi_ca/itsi_ca.key +0 -52
- data/ext/itsi_server/src/server/itsi_server.rs +0 -182
- data/ext/itsi_server/src/server/listener.rs +0 -218
- data/ext/itsi_server/src/server/tls.rs +0 -138
- data/ext/itsi_server/src/server/transfer_protocol.rs +0 -23
- data/ext/itsi_server/src/stream_writer/mod.rs +0 -21
- data/lib/itsi/request.rb +0 -39
data/Cargo.toml
ADDED
data/README.md
CHANGED
data/Rakefile
CHANGED
|
@@ -3,11 +3,14 @@
|
|
|
3
3
|
require "bundler/gem_tasks"
|
|
4
4
|
require "minitest/test_task"
|
|
5
5
|
|
|
6
|
-
Minitest::TestTask.create
|
|
7
6
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
7
|
+
Minitest::TestTask.create(:test) do |t|
|
|
8
|
+
t.libs << 'test'
|
|
9
|
+
t.libs << 'lib'
|
|
10
|
+
t.warning = false
|
|
11
|
+
t.test_globs = ['test/**/*.rb']
|
|
12
|
+
t.test_prelude = 'require "helpers/test_helper.rb"'
|
|
13
|
+
end
|
|
11
14
|
|
|
12
15
|
require "rb_sys/extensiontask"
|
|
13
16
|
|
data/exe/itsi
CHANGED
|
@@ -1,59 +1,117 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "itsi/server"
|
|
4
5
|
require "optparse"
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
COMMANDS = {
|
|
9
|
+
"init" => "Initialize a new Itsi.rb server configuration file",
|
|
10
|
+
"status" => "Show the status of the server",
|
|
11
|
+
"start" => "Start the Itsi server",
|
|
12
|
+
"serve" => "Start the Itsi server",
|
|
13
|
+
"stop" => "Stop the server",
|
|
14
|
+
"reload" => "Reload the server",
|
|
15
|
+
"restart" => "Restart the server",
|
|
16
|
+
"test" => "Test config file validity",
|
|
17
|
+
"add_worker" => "Add a new worker to the server cluster",
|
|
18
|
+
"remove_worker" => "Remove a worker from the server cluster",
|
|
19
|
+
"routes" => "Print the routes of the server",
|
|
20
|
+
"passfile" => "Manage hashed users and passwords in a passfile (like .htpasswd). [add, echo, remove, list]",
|
|
21
|
+
"secret" => "Generate a new secret for use in a JWT verifier",
|
|
22
|
+
"test_route" => "Test which route a request will be routed to",
|
|
23
|
+
"static" => "Serve static assets in the given directory"
|
|
18
24
|
}
|
|
19
25
|
|
|
20
|
-
|
|
26
|
+
Itsi::Server::Config.prep_reexec!
|
|
27
|
+
|
|
28
|
+
options = {}
|
|
21
29
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
opts.banner = "Usage: script.rb [options]"
|
|
30
|
+
parser = OptionParser.new do |opts|
|
|
31
|
+
opts.banner = "Usage: itsi [COMMAND] [options]"
|
|
25
32
|
|
|
26
|
-
opts.on("-
|
|
33
|
+
opts.on("-C", "--config CONFIG_FILE", String, "Itsi Configuration file to use (default: Itsi.rb)") do |config_file|
|
|
34
|
+
options[:config_file] = config_file
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
opts.on("-w", "--workers WORKERS", Integer, "Number of workers") do |w|
|
|
27
38
|
options[:workers] = w
|
|
28
39
|
end
|
|
29
40
|
|
|
30
|
-
opts.on("-
|
|
41
|
+
opts.on("-d", "--daemonize", "Run the process as a daemon") do
|
|
42
|
+
options[:daemonize] = true
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
opts.on("-t", "--threads THREADS", Integer, "Number of threads (default: 1)") do |t|
|
|
31
46
|
options[:threads] = t
|
|
32
47
|
end
|
|
33
48
|
|
|
34
|
-
opts.on("-
|
|
35
|
-
options[:
|
|
49
|
+
opts.on("--[no-]multithreaded-reactor", "Use a multithreaded reactor") do |mtr|
|
|
50
|
+
options[:multithreaded_reactor] = mtr
|
|
36
51
|
end
|
|
37
52
|
|
|
38
|
-
opts.on("-
|
|
39
|
-
options[:
|
|
53
|
+
opts.on("-r", "--rackup_file FILE", String, "Rackup file to use (default: config.ru)") do |rf|
|
|
54
|
+
options[:rackup_file] = rf
|
|
40
55
|
end
|
|
41
56
|
|
|
42
|
-
opts.on("-
|
|
43
|
-
"
|
|
44
|
-
options[:
|
|
57
|
+
opts.on("--worker-memory-limit MEMORY_LIMIT", Integer,
|
|
58
|
+
"Memory limit for each worker (default: None). If this limit is breached the worker is gracefully restarted") do |ml|
|
|
59
|
+
options[:worker_memory_limit] = ml
|
|
45
60
|
end
|
|
46
61
|
|
|
47
|
-
opts.on("
|
|
48
|
-
|
|
62
|
+
opts.on("-f", "--fiber_scheduler [CLASS_NAME]", String,
|
|
63
|
+
"Scheduler class to use (default: nil). Provide blank or true to use Itsi::Scheduler, or a classname to use an alternative scheduler") do |scheduler_class|
|
|
64
|
+
if scheduler_class.nil? || scheduler_class == "true"
|
|
65
|
+
options[:scheduler_class] = "Itsi::Scheduler"
|
|
66
|
+
elsif scheduler_class == "false"
|
|
67
|
+
options.delete(:scheduler_class)
|
|
68
|
+
else
|
|
69
|
+
options[:scheduler_class] = scheduler_class
|
|
70
|
+
end
|
|
49
71
|
end
|
|
50
72
|
|
|
51
|
-
opts.on("
|
|
52
|
-
|
|
73
|
+
opts.on("--preload [true, false, :bundle_group_name]", String, " Toggle preloading the application") do |preload|
|
|
74
|
+
if preload == "true"
|
|
75
|
+
options[:preload] = true
|
|
76
|
+
elsif preload == "false"
|
|
77
|
+
options[:preload] = false
|
|
78
|
+
else
|
|
79
|
+
# Not supported yet
|
|
80
|
+
end
|
|
53
81
|
end
|
|
54
82
|
|
|
55
|
-
opts.on("-
|
|
56
|
-
|
|
83
|
+
opts.on("-b", "--bind BIND", String,
|
|
84
|
+
"Bind address (default: http://0.0.0.0:3000). You can specify this flag multiple times to bind to multiple addresses.") do |bind|
|
|
85
|
+
options[:binds] ||= []
|
|
86
|
+
options[:binds] << bind
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
opts.on("-c", "--cert_path CERT_PATH", String,
|
|
90
|
+
"Path to the SSL certificate file (must follow a --bind option). You can specify this flag multiple times.") do |cp|
|
|
91
|
+
raise OptionParser::InvalidOption, "--cert_path must follow a --bind" if options[:binds].empty?
|
|
92
|
+
|
|
93
|
+
require "uri"
|
|
94
|
+
|
|
95
|
+
# Modify the last bind entry to add/update the cert query parameter
|
|
96
|
+
uri = URI.parse("http://#{options[:binds].last}") # Ensure valid URI parsing
|
|
97
|
+
params = URI.decode_www_form(uri.query.to_s).to_h
|
|
98
|
+
params["cert"] = cp
|
|
99
|
+
query_string = params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
100
|
+
options[:binds][-1] = "#{uri.host}?#{query_string}"
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
opts.on("-k", "--key_path KEY_PATH", String,
|
|
104
|
+
"Path to the SSL key file (must follow a --bind option). You can specify this flag multiple times.") do |kp|
|
|
105
|
+
raise OptionParser::InvalidOption, "--key_path must follow a --bind" if options[:binds].empty?
|
|
106
|
+
|
|
107
|
+
require "uri"
|
|
108
|
+
|
|
109
|
+
# Modify the last bind entry to add/update the key query parameter
|
|
110
|
+
uri = URI.parse("http://#{options[:binds].last}") # Ensure valid URI parsing
|
|
111
|
+
params = URI.decode_www_form(uri.query.to_s).to_h
|
|
112
|
+
params["key"] = kp
|
|
113
|
+
query_string = params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
114
|
+
options[:binds][-1] = "#{uri.host}?#{query_string}"
|
|
57
115
|
end
|
|
58
116
|
|
|
59
117
|
opts.on("--shutdown_timeout SHUTDOWN_TIMEOUT", String,
|
|
@@ -61,24 +119,72 @@ OptionParser.new do |opts|
|
|
|
61
119
|
options[:shutdown_timeout] = shutdown_timeout
|
|
62
120
|
end
|
|
63
121
|
|
|
64
|
-
|
|
65
|
-
|
|
122
|
+
|
|
123
|
+
opts.on("--stream-body", TrueClass, "Stream body frames (default: false for best compatibility)") do |stream_body|
|
|
124
|
+
options[:stream_body] = stream_body
|
|
66
125
|
end
|
|
67
126
|
|
|
68
|
-
opts.on("--help", "Show this help message") do
|
|
127
|
+
opts.on("-h", "--help", "Show this help message") do
|
|
69
128
|
puts opts
|
|
129
|
+
puts "COMMAND: "
|
|
130
|
+
COMMANDS.each do |command, description|
|
|
131
|
+
puts " #{command} - #{description}"
|
|
132
|
+
end
|
|
70
133
|
exit
|
|
71
134
|
end
|
|
72
|
-
end.parse!
|
|
73
135
|
|
|
74
|
-
|
|
75
|
-
|
|
136
|
+
opts.on("--reexec PARAMS", String, "Reexec the server with the given parameters") do |params|
|
|
137
|
+
options[:reexec] = params
|
|
138
|
+
end
|
|
76
139
|
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
140
|
+
opts.on("--listeners LISTENERS", String, "Listeners for reexec") do |listeners|
|
|
141
|
+
options[:listeners] = listeners
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
opts.on("--passfile PASSFILE", String, "Passfile") do |passfile|
|
|
145
|
+
options[:passfile] = passfile
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
opts.on("--algorithm ALGORITHM", String, "Algorithm for password hashing") do |algorithm|
|
|
149
|
+
options[:algorithm] = algorithm
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
opts.on("-dDIR", "--dir=DIR", "(For use with secret) Save keys/secret to DIR instead of printing") do |d|
|
|
153
|
+
options[:save_dir] = d
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
opts.on("-v", "--version", "Show version") do
|
|
157
|
+
puts "Itsi version #{Itsi::Server::VERSION}"
|
|
158
|
+
exit(0)
|
|
159
|
+
end
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
if ENV['COMP_LINE'] || ARGV.include?('--completion')
|
|
163
|
+
puts COMMANDS.keys
|
|
164
|
+
exit
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
parser.parse!
|
|
168
|
+
|
|
169
|
+
case (command = ARGV.shift)
|
|
170
|
+
when *COMMANDS.keys
|
|
171
|
+
required_arity = Itsi::Server.method(command).parameters&.select{|c| c.first == :req }&.length&.succ || 2
|
|
172
|
+
case required_arity
|
|
173
|
+
when 1 then Itsi::Server.send(command)
|
|
174
|
+
when 2 then Itsi::Server.send(command, options)
|
|
175
|
+
else
|
|
176
|
+
if ARGV.length != required_arity - 2
|
|
177
|
+
puts "Command #{command} requires #{required_arity - 2} subcommands. "
|
|
178
|
+
exit(0)
|
|
179
|
+
end
|
|
180
|
+
Itsi::Server.send(command, options, *ARGV)
|
|
181
|
+
end
|
|
182
|
+
when nil
|
|
183
|
+
Itsi::Server.start(options)
|
|
184
|
+
else
|
|
185
|
+
puts "Invalid command #{command}.\n"
|
|
186
|
+
puts "COMMAND: "
|
|
187
|
+
COMMANDS.each do |command, description|
|
|
188
|
+
puts " #{command} - #{description}"
|
|
189
|
+
end
|
|
190
|
+
end
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
[package]
|
|
2
|
+
name = "itsi_acme"
|
|
3
|
+
version = "0.1.0"
|
|
4
|
+
authors = [
|
|
5
|
+
"wouterkem <wc@pico.net.nz>",
|
|
6
|
+
"dignifiedquire <me@dignifiedquire.com>",
|
|
7
|
+
"Florian Uekermann <florian@uekermann.me>",
|
|
8
|
+
]
|
|
9
|
+
edition = "2018"
|
|
10
|
+
description = "Automatic TLS certificate management using rustls, specifically for itsi"
|
|
11
|
+
license = "Apache-2.0 OR MIT"
|
|
12
|
+
repository = "https://github.com/n0-computer/tokio-rustls-acme"
|
|
13
|
+
documentation = "https://docs.rs/tokio-rustls-acme"
|
|
14
|
+
keywords = ["acme", "rustls", "tls", "letsencrypt"]
|
|
15
|
+
categories = ["asynchronous", "cryptography", "network-programming"]
|
|
16
|
+
|
|
17
|
+
[dependencies]
|
|
18
|
+
futures = "0.3.21"
|
|
19
|
+
rcgen = "0.13"
|
|
20
|
+
serde_json = "1.0.81"
|
|
21
|
+
serde = { version = "1.0.137", features = ["derive"] }
|
|
22
|
+
ring = { version = "0.17.0", features = ["std"] }
|
|
23
|
+
base64 = "0.22"
|
|
24
|
+
log = "0.4.17"
|
|
25
|
+
webpki-roots = "0.26"
|
|
26
|
+
pem = "3.0"
|
|
27
|
+
thiserror = "2.0"
|
|
28
|
+
x509-parser = "0.16"
|
|
29
|
+
chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
|
|
30
|
+
async-trait = "0.1.53"
|
|
31
|
+
rustls = { version = "0.23", default-features = false, features = ["ring"] }
|
|
32
|
+
time = "0.3.36" # force the transitive dependency to a more recent minimal version. The build fails with 0.3.20
|
|
33
|
+
|
|
34
|
+
tokio = { version = "1.20.1", default-features = false }
|
|
35
|
+
tokio-rustls = { version = "0.26", default-features = false, features = [
|
|
36
|
+
"tls12",
|
|
37
|
+
] }
|
|
38
|
+
reqwest = { version = "0.12", default-features = false, features = [
|
|
39
|
+
"rustls-tls",
|
|
40
|
+
] }
|
|
41
|
+
|
|
42
|
+
# Axum
|
|
43
|
+
axum-server = { version = "0.7", features = ["tokio-rustls"], optional = true }
|
|
44
|
+
|
|
45
|
+
[dependencies.proc-macro2]
|
|
46
|
+
# This is a transitive dependency, we specify it to make sure we have
|
|
47
|
+
# a recent-enough version so that -Z minimal-versions crate resolution
|
|
48
|
+
# works.
|
|
49
|
+
version = "1.0.78"
|
|
50
|
+
|
|
51
|
+
[dependencies.num-bigint]
|
|
52
|
+
# This is a transitive dependency, we specify it to make sure we have
|
|
53
|
+
# a recent-enough version so that -Z minimal-versions crate resolution
|
|
54
|
+
# works.
|
|
55
|
+
version = "0.4.4"
|
|
56
|
+
|
|
57
|
+
[dev-dependencies]
|
|
58
|
+
simple_logger = "5.0"
|
|
59
|
+
structopt = "0.3.26"
|
|
60
|
+
clap = { version = "4", features = ["derive"] }
|
|
61
|
+
axum = "0.7"
|
|
62
|
+
tokio = { version = "1.19.2", features = ["full"] }
|
|
63
|
+
tokio-stream = { version = "0.1.9", features = ["net"] }
|
|
64
|
+
tokio-util = { version = "0.7.3", features = ["compat"] }
|
|
65
|
+
warp = "0.3"
|
|
66
|
+
|
|
67
|
+
[package.metadata.docs.rs]
|
|
68
|
+
all-features = true
|
|
69
|
+
rustdoc-args = ["--cfg", "doc_auto_cfg"]
|
|
70
|
+
|
|
71
|
+
[features]
|
|
72
|
+
default = []
|
|
73
|
+
axum = ["dep:axum-server"]
|
|
74
|
+
|
|
75
|
+
[[example]]
|
|
76
|
+
name = "low_level_axum"
|
|
77
|
+
required-features = ["axum"]
|
|
78
|
+
|
|
79
|
+
[[example]]
|
|
80
|
+
name = "high_level_warp"
|
|
81
|
+
|
|
82
|
+
[[example]]
|
|
83
|
+
name = "high_level"
|
|
84
|
+
|
|
85
|
+
[[example]]
|
|
86
|
+
name = "low_level"
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
use clap::Parser;
|
|
2
|
+
use itsi_acme::caches::DirCache;
|
|
3
|
+
use itsi_acme::AcmeConfig;
|
|
4
|
+
use std::net::Ipv6Addr;
|
|
5
|
+
use std::path::PathBuf;
|
|
6
|
+
use tokio::io::AsyncWriteExt;
|
|
7
|
+
use tokio_stream::wrappers::TcpListenerStream;
|
|
8
|
+
use tokio_stream::StreamExt;
|
|
9
|
+
|
|
10
|
+
#[derive(Parser, Debug)]
|
|
11
|
+
struct Args {
|
|
12
|
+
/// Domains
|
|
13
|
+
#[clap(short, required = true)]
|
|
14
|
+
domains: Vec<String>,
|
|
15
|
+
|
|
16
|
+
/// Contact info
|
|
17
|
+
#[clap(short)]
|
|
18
|
+
email: Vec<String>,
|
|
19
|
+
|
|
20
|
+
/// Cache directory
|
|
21
|
+
#[clap(short)]
|
|
22
|
+
cache: Option<PathBuf>,
|
|
23
|
+
|
|
24
|
+
/// Use Let's Encrypt production environment
|
|
25
|
+
/// (see https://letsencrypt.org/docs/staging-environment/)
|
|
26
|
+
#[clap(long)]
|
|
27
|
+
prod: bool,
|
|
28
|
+
|
|
29
|
+
#[clap(short, long, default_value = "443")]
|
|
30
|
+
port: u16,
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
#[tokio::main]
|
|
34
|
+
async fn main() {
|
|
35
|
+
simple_logger::init_with_level(log::Level::Info).unwrap();
|
|
36
|
+
let args = Args::parse();
|
|
37
|
+
|
|
38
|
+
let tcp_listener = tokio::net::TcpListener::bind((Ipv6Addr::UNSPECIFIED, args.port))
|
|
39
|
+
.await
|
|
40
|
+
.unwrap();
|
|
41
|
+
let tcp_incoming = TcpListenerStream::new(tcp_listener);
|
|
42
|
+
|
|
43
|
+
let mut tls_incoming = AcmeConfig::new(args.domains)
|
|
44
|
+
.contact(args.email.iter().map(|e| format!("mailto:{}", e)))
|
|
45
|
+
.cache_option(args.cache.clone().map(DirCache::new))
|
|
46
|
+
.directory_lets_encrypt(args.prod)
|
|
47
|
+
.incoming(tcp_incoming, Vec::new());
|
|
48
|
+
|
|
49
|
+
while let Some(tls) = tls_incoming.next().await {
|
|
50
|
+
let mut tls = tls.unwrap();
|
|
51
|
+
tokio::spawn(async move {
|
|
52
|
+
tls.write_all(HELLO).await.unwrap();
|
|
53
|
+
tls.shutdown().await.unwrap();
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
unreachable!()
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
const HELLO: &[u8] = br#"HTTP/1.1 200 OK
|
|
60
|
+
Content-Length: 10
|
|
61
|
+
Content-Type: text/plain; charset=utf-8
|
|
62
|
+
|
|
63
|
+
Hello Tls!"#;
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
use clap::Parser;
|
|
2
|
+
use itsi_acme::caches::DirCache;
|
|
3
|
+
use itsi_acme::AcmeConfig;
|
|
4
|
+
use std::net::Ipv6Addr;
|
|
5
|
+
use std::path::PathBuf;
|
|
6
|
+
use tokio_stream::wrappers::TcpListenerStream;
|
|
7
|
+
use warp::Filter;
|
|
8
|
+
|
|
9
|
+
#[derive(Parser, Debug)]
|
|
10
|
+
struct Args {
|
|
11
|
+
/// Domains
|
|
12
|
+
#[clap(short, required = true)]
|
|
13
|
+
domains: Vec<String>,
|
|
14
|
+
|
|
15
|
+
/// Contact info
|
|
16
|
+
#[clap(short)]
|
|
17
|
+
email: Vec<String>,
|
|
18
|
+
|
|
19
|
+
/// Cache directory
|
|
20
|
+
#[clap(short)]
|
|
21
|
+
cache: Option<PathBuf>,
|
|
22
|
+
|
|
23
|
+
/// Use Let's Encrypt production environment
|
|
24
|
+
/// (see https://letsencrypt.org/docs/staging-environment/)
|
|
25
|
+
#[clap(long)]
|
|
26
|
+
prod: bool,
|
|
27
|
+
|
|
28
|
+
#[clap(short, long, default_value = "443")]
|
|
29
|
+
port: u16,
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
#[tokio::main]
|
|
33
|
+
async fn main() {
|
|
34
|
+
simple_logger::init_with_level(log::Level::Info).unwrap();
|
|
35
|
+
let args = Args::parse();
|
|
36
|
+
|
|
37
|
+
let tcp_listener = tokio::net::TcpListener::bind((Ipv6Addr::UNSPECIFIED, args.port))
|
|
38
|
+
.await
|
|
39
|
+
.unwrap();
|
|
40
|
+
let tcp_incoming = TcpListenerStream::new(tcp_listener);
|
|
41
|
+
|
|
42
|
+
let tls_incoming = AcmeConfig::new(args.domains)
|
|
43
|
+
.contact(args.email.iter().map(|e| format!("mailto:{}", e)))
|
|
44
|
+
.cache_option(args.cache.clone().map(DirCache::new))
|
|
45
|
+
.directory_lets_encrypt(args.prod)
|
|
46
|
+
.incoming(tcp_incoming, Vec::new());
|
|
47
|
+
|
|
48
|
+
let route = warp::any().map(|| "Hello Tls!");
|
|
49
|
+
warp::serve(route).run_incoming(tls_incoming).await;
|
|
50
|
+
|
|
51
|
+
unreachable!()
|
|
52
|
+
}
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
use clap::Parser;
|
|
2
|
+
use itsi_acme::caches::DirCache;
|
|
3
|
+
use itsi_acme::{AcmeAcceptor, AcmeConfig};
|
|
4
|
+
use rustls::ServerConfig;
|
|
5
|
+
use std::net::Ipv6Addr;
|
|
6
|
+
use std::path::PathBuf;
|
|
7
|
+
use std::sync::Arc;
|
|
8
|
+
use tokio::io::AsyncWriteExt;
|
|
9
|
+
use tokio_stream::StreamExt;
|
|
10
|
+
|
|
11
|
+
#[derive(Parser, Debug)]
|
|
12
|
+
struct Args {
|
|
13
|
+
/// Domains
|
|
14
|
+
#[clap(short, required = true)]
|
|
15
|
+
domains: Vec<String>,
|
|
16
|
+
|
|
17
|
+
/// Contact info
|
|
18
|
+
#[clap(short)]
|
|
19
|
+
email: Vec<String>,
|
|
20
|
+
|
|
21
|
+
/// Cache directory
|
|
22
|
+
#[clap(short)]
|
|
23
|
+
cache: Option<PathBuf>,
|
|
24
|
+
|
|
25
|
+
/// Use Let's Encrypt production environment
|
|
26
|
+
/// (see https://letsencrypt.org/docs/staging-environment/)
|
|
27
|
+
#[clap(long)]
|
|
28
|
+
prod: bool,
|
|
29
|
+
|
|
30
|
+
#[clap(short, long, default_value = "443")]
|
|
31
|
+
port: u16,
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
#[tokio::main]
|
|
35
|
+
async fn main() {
|
|
36
|
+
simple_logger::init_with_level(log::Level::Info).unwrap();
|
|
37
|
+
let args = Args::parse();
|
|
38
|
+
|
|
39
|
+
let mut state = AcmeConfig::new(args.domains)
|
|
40
|
+
.contact(args.email.iter().map(|e| format!("mailto:{}", e)))
|
|
41
|
+
.cache_option(args.cache.clone().map(DirCache::new))
|
|
42
|
+
.directory_lets_encrypt(args.prod)
|
|
43
|
+
.state();
|
|
44
|
+
let rustls_config = ServerConfig::builder()
|
|
45
|
+
.with_no_client_auth()
|
|
46
|
+
.with_cert_resolver(state.resolver());
|
|
47
|
+
let acceptor = state.acceptor();
|
|
48
|
+
|
|
49
|
+
tokio::spawn(async move {
|
|
50
|
+
loop {
|
|
51
|
+
match state.next().await.unwrap() {
|
|
52
|
+
Ok(ok) => log::info!("event: {:?}", ok),
|
|
53
|
+
Err(err) => log::error!("error: {:?}", err),
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
serve(acceptor, Arc::new(rustls_config), args.port).await;
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
async fn serve(acceptor: AcmeAcceptor, rustls_config: Arc<ServerConfig>, port: u16) {
|
|
62
|
+
let listener = tokio::net::TcpListener::bind((Ipv6Addr::UNSPECIFIED, port))
|
|
63
|
+
.await
|
|
64
|
+
.unwrap();
|
|
65
|
+
loop {
|
|
66
|
+
let tcp = listener.accept().await.unwrap().0;
|
|
67
|
+
let rustls_config = rustls_config.clone();
|
|
68
|
+
let accept_future = acceptor.accept(tcp);
|
|
69
|
+
|
|
70
|
+
tokio::spawn(async move {
|
|
71
|
+
match accept_future.await.unwrap() {
|
|
72
|
+
None => log::info!("received TLS-ALPN-01 validation request"),
|
|
73
|
+
Some(start_handshake) => {
|
|
74
|
+
let mut tls = start_handshake.into_stream(rustls_config).await.unwrap();
|
|
75
|
+
tls.write_all(HELLO).await.unwrap();
|
|
76
|
+
tls.shutdown().await.unwrap();
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
const HELLO: &[u8] = br#"HTTP/1.1 200 OK
|
|
84
|
+
Content-Length: 10
|
|
85
|
+
Content-Type: text/plain; charset=utf-8
|
|
86
|
+
|
|
87
|
+
Hello Tls!"#;
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
use axum::{routing::get, Router};
|
|
2
|
+
use clap::Parser;
|
|
3
|
+
use itsi_acme::caches::DirCache;
|
|
4
|
+
use itsi_acme::AcmeConfig;
|
|
5
|
+
use rustls::ServerConfig;
|
|
6
|
+
use std::net::{Ipv6Addr, SocketAddr};
|
|
7
|
+
use std::path::PathBuf;
|
|
8
|
+
use std::sync::Arc;
|
|
9
|
+
use tokio_stream::StreamExt;
|
|
10
|
+
|
|
11
|
+
#[derive(Parser, Debug)]
|
|
12
|
+
struct Args {
|
|
13
|
+
/// Domains
|
|
14
|
+
#[clap(short, required = true)]
|
|
15
|
+
domains: Vec<String>,
|
|
16
|
+
|
|
17
|
+
/// Contact info
|
|
18
|
+
#[clap(short)]
|
|
19
|
+
email: Vec<String>,
|
|
20
|
+
|
|
21
|
+
/// Cache directory
|
|
22
|
+
#[clap(short)]
|
|
23
|
+
cache: Option<PathBuf>,
|
|
24
|
+
|
|
25
|
+
/// Use Let's Encrypt production environment
|
|
26
|
+
/// (see https://letsencrypt.org/docs/staging-environment/)
|
|
27
|
+
#[clap(long)]
|
|
28
|
+
prod: bool,
|
|
29
|
+
|
|
30
|
+
#[clap(short, long, default_value = "443")]
|
|
31
|
+
port: u16,
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
#[tokio::main]
|
|
35
|
+
async fn main() {
|
|
36
|
+
simple_logger::init_with_level(log::Level::Info).unwrap();
|
|
37
|
+
let args = Args::parse();
|
|
38
|
+
|
|
39
|
+
let mut state = AcmeConfig::new(args.domains)
|
|
40
|
+
.contact(args.email.iter().map(|e| format!("mailto:{}", e)))
|
|
41
|
+
.cache_option(args.cache.clone().map(DirCache::new))
|
|
42
|
+
.directory_lets_encrypt(args.prod)
|
|
43
|
+
.state();
|
|
44
|
+
let rustls_config = ServerConfig::builder()
|
|
45
|
+
.with_no_client_auth()
|
|
46
|
+
.with_cert_resolver(state.resolver());
|
|
47
|
+
let acceptor = state.axum_acceptor(Arc::new(rustls_config));
|
|
48
|
+
|
|
49
|
+
tokio::spawn(async move {
|
|
50
|
+
loop {
|
|
51
|
+
match state.next().await.unwrap() {
|
|
52
|
+
Ok(ok) => log::info!("event: {:?}", ok),
|
|
53
|
+
Err(err) => log::error!("error: {:?}", err),
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
let app = Router::new().route("/", get(|| async { "Hello Tls!" }));
|
|
59
|
+
|
|
60
|
+
let addr = SocketAddr::from((Ipv6Addr::UNSPECIFIED, args.port));
|
|
61
|
+
axum_server::bind(addr)
|
|
62
|
+
.acceptor(acceptor)
|
|
63
|
+
.serve(app.into_make_service())
|
|
64
|
+
.await
|
|
65
|
+
.unwrap();
|
|
66
|
+
}
|