wreq-rb 0.3.0

data/vendor/wreq/src/client/conn/proxy/socks.rs

@@ -0,0 +1,233 @@
+use std::{
+    borrow::Cow,
+    task::{Context, Poll},
+};
+
+use bytes::Bytes;
+use http::Uri;
+use tokio::io::{AsyncRead, AsyncWrite};
+use tokio_socks::{
+    TargetAddr,
+    tcp::{Socks4Stream, Socks5Stream},
+};
+use tower::Service;
+
+use super::Tunneling;
+use crate::{
+    dns::{GaiResolver, InternalResolve, Name},
+    error::BoxError,
+    ext::UriExt,
+};
+
+#[derive(Debug)]
+pub enum SocksError {
+    ConnectFailed(BoxError),
+    DnsResolveFailure(BoxError),
+    Socks(tokio_socks::Error),
+    Io(std::io::Error),
+    Utf8(std::str::Utf8Error),
+    DnsFailure,
+    MissingHost,
+}
+
+impl std::fmt::Display for SocksError {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str("SOCKS error: ")?;
+
+        match self {
+            Self::ConnectFailed(e) => {
+                f.write_fmt(format_args!("failed to create underlying connection: {e}"))
+            }
+            Self::Socks(e) => f.write_fmt(format_args!("error during SOCKS handshake: {e}")),
+            Self::Io(e) => f.write_fmt(format_args!("io error during SOCKS handshake: {e}")),
+            Self::Utf8(e) => f.write_fmt(format_args!(
+                "invalid UTF-8 during SOCKS authentication: {e}"
+            )),
+            Self::DnsResolveFailure(e) => {
+                f.write_fmt(format_args!("failed to resolve DNS for SOCKS target: {e}"))
+            }
+            Self::DnsFailure => f.write_str("could not resolve to acceptable address type"),
+            Self::MissingHost => f.write_str("missing destination host"),
+        }
+    }
+}
+
+impl std::error::Error for SocksError {}
+
+impl From<std::io::Error> for SocksError {
+    fn from(err: std::io::Error) -> Self {
+        Self::Io(err)
+    }
+}
+
+impl From<std::str::Utf8Error> for SocksError {
+    fn from(err: std::str::Utf8Error) -> Self {
+        Self::Utf8(err)
+    }
+}
+
+impl From<tokio_socks::Error> for SocksError {
+    fn from(err: tokio_socks::Error) -> Self {
+        Self::Socks(err)
+    }
+}
+
+/// Represents the SOCKS protocol version.
+#[derive(Clone, Copy)]
+#[repr(u8)]
+pub enum Version {
+    V4,
+    V5,
+}
+
+/// Represents the DNS resolution strategy for SOCKS connections.
+#[derive(Clone, Copy)]
+#[repr(u8)]
+pub enum DnsResolve {
+    Local,
+    Remote,
+}
+
+/// A connector that establishes connections through a SOCKS proxy.
+pub struct SocksConnector<C, R = GaiResolver> {
+    inner: C,
+    resolver: R,
+    proxy_dst: Uri,
+    auth: Option<(Bytes, Bytes)>,
+    version: Version,
+    dns_resolve: DnsResolve,
+}
+
+impl<C, R> SocksConnector<C, R>
+where
+    R: InternalResolve + Clone,
+{
+    /// Create a new SOCKS connector with the given inner service.
+    ///
+    /// This wraps an underlying connector, and stores the address of a
+    /// SOCKS proxy server.
+    ///
+    /// A `SocksConnector` can then be called with any destination. The `proxy_dst` passed to
+    /// `call` will not be used to create the underlying connection, but will
+    /// be used in a SOCKS handshake sent to the proxy destination.
+    pub fn new_with_resolver(proxy_dst: Uri, inner: C, resolver: R) -> Self {
+        SocksConnector {
+            inner,
+            resolver,
+            proxy_dst,
+            version: Version::V5,
+            dns_resolve: DnsResolve::Local,
+            auth: None,
+        }
+    }
+
+    /// Sets the authentication credentials for the SOCKS proxy connection.
+    #[inline]
+    pub fn set_auth(&mut self, auth: Option<(Bytes, Bytes)>) {
+        self.auth = auth;
+    }
+
+    /// Sets whether to use the SOCKS5 protocol for the proxy connection.
+    #[inline]
+    pub fn set_version(&mut self, version: Version) {
+        self.version = version;
+    }
+
+    /// Sets whether to resolve DNS locally or let the proxy handle DNS resolution.
+    #[inline]
+    pub fn set_dns_mode(&mut self, dns_resolve: DnsResolve) {
+        self.dns_resolve = dns_resolve;
+    }
+}
+
+impl<C, R> Service<Uri> for SocksConnector<C, R>
+where
+    C: Service<Uri>,
+    C::Future: Send + 'static,
+    C::Response: AsyncRead + AsyncWrite + Unpin + Send + 'static,
+    C::Error: Into<BoxError>,
+    R: InternalResolve + Clone + Send + 'static,
+    <R as InternalResolve>::Future: Send + 'static,
+{
+    type Response = C::Response;
+    type Error = SocksError;
+    type Future = Tunneling<C::Future, C::Response, Self::Error>;
+
+    #[inline]
+    fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
+        self.inner
+            .poll_ready(cx)
+            .map_err(Into::into)
+            .map_err(SocksError::ConnectFailed)
+    }
+
+    fn call(&mut self, dst: Uri) -> Self::Future {
+        let connecting = self.inner.call(self.proxy_dst.clone());
+
+        let version = self.version;
+        let dns_resolve = self.dns_resolve;
+        let auth = self.auth.clone();
+        let mut resolver = self.resolver.clone();
+
+        let fut = async move {
+            let host = dst.host().ok_or(SocksError::MissingHost)?;
+            let port = dst.port_or_default();
+
+            // Attempt to tcp connect to the proxy server.
+            // This will return a `tokio::net::TcpStream` if successful.
+            let socket = connecting
+                .await
+                .map_err(Into::into)
+                .map_err(SocksError::ConnectFailed)?;
+
+            // Resolve the target address using the provided resolver.
+            let target_addr = match dns_resolve {
+                DnsResolve::Local => {
+                    let mut socket_addr = resolver
+                        .resolve(Name::new(host.into()))
+                        .await
+                        .map(|mut s| s.next())
+                        .transpose()
+                        .ok_or(SocksError::DnsFailure)?
+                        .map_err(Into::into)
+                        .map_err(SocksError::DnsResolveFailure)?;
+                    socket_addr.set_port(port);
+                    TargetAddr::Ip(socket_addr)
+                }
+                DnsResolve::Remote => TargetAddr::Domain(Cow::Borrowed(host), port),
+            };
+
+            match version {
+                Version::V4 => {
+                    // For SOCKS4, we connect directly to the target address.
+                    let stream = Socks4Stream::connect_with_socket(socket, target_addr).await?;
+                    Ok(stream.into_inner())
+                }
+                Version::V5 => {
+                    // For SOCKS5, we need to handle authentication if provided.
+                    // The `auth` is an optional tuple of (username, password).
+                    let stream = match auth {
+                        Some((username, password)) => {
+                            let username = std::str::from_utf8(&username)?;
+                            let password = std::str::from_utf8(&password)?;
+                            Socks5Stream::connect_with_password_and_socket(
+                                socket,
+                                target_addr,
+                                username,
+                                password,
+                            )
+                            .await?
+                        }
+                        None => Socks5Stream::connect_with_socket(socket, target_addr).await?,
+                    };
+                    Ok(stream.into_inner())
+                }
+            }
+        };
+
+        Tunneling {
+            fut: Box::pin(fut),
+            _marker: Default::default(),
+        }
+    }
+}

data/vendor/wreq/src/client/conn/proxy/tunnel.rs

@@ -0,0 +1,260 @@
+use std::{
+    io,
+    marker::{PhantomData, Unpin},
+    pin::Pin,
+    task::{self, Poll, ready},
+};
+
+use http::{HeaderMap, HeaderValue, Uri};
+use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
+use tower::Service;
+
+use super::Tunneling;
+use crate::{error::BoxError, ext::UriExt};
+
+/// Tunnel Proxy via HTTP CONNECT
+///
+/// This is a connector that can be used by the `Client`. It wraps
+/// another connector, and after getting an underlying connection, it creates
+/// an HTTP CONNECT tunnel over it.
+#[derive(Debug)]
+pub struct TunnelConnector<C> {
+    headers: Headers,
+    inner: C,
+    proxy_dst: Uri,
+}
+
+#[derive(Clone, Debug)]
+enum Headers {
+    Empty,
+    Auth(HeaderValue),
+    Extra(HeaderMap),
+}
+
+#[derive(Debug)]
+pub enum TunnelError {
+    ConnectFailed(BoxError),
+    Io(std::io::Error),
+    MissingHost,
+    ProxyAuthRequired,
+    ProxyHeadersTooLong,
+    TunnelUnexpectedEof,
+    TunnelUnsuccessful,
+}
+
+impl<C> TunnelConnector<C> {
+    /// Create a new tunnel connector.
+    ///
+    /// This wraps an underlying connector, and stores the address of a
+    /// tunneling proxy server.
+    ///
+    /// A `TunnelConnector` can then be called with any destination. The `proxy_dst` passed to
+    /// `call` will not be used to create the underlying connection, but will
+    /// be used in an HTTP CONNECT request sent to the proxy destination.
+    pub fn new(proxy_dst: Uri, connector: C) -> Self {
+        Self {
+            headers: Headers::Empty,
+            inner: connector,
+            proxy_dst,
+        }
+    }
+
+    /// Add `proxy-authorization` header value to the CONNECT request.
+    pub fn with_auth(mut self, mut auth: HeaderValue) -> Self {
+        // just in case the user forgot
+        auth.set_sensitive(true);
+        match self.headers {
+            Headers::Empty => {
+                self.headers = Headers::Auth(auth);
+            }
+            Headers::Auth(ref mut existing) => {
+                *existing = auth;
+            }
+            Headers::Extra(ref mut extra) => {
+                extra.insert(http::header::PROXY_AUTHORIZATION, auth);
+            }
+        }
+
+        self
+    }
+
+    /// Add extra headers to be sent with the CONNECT request.
+    ///
+    /// If existing headers have been set, these will be merged.
+    pub fn with_headers(mut self, mut headers: HeaderMap) -> Self {
+        match self.headers {
+            Headers::Empty => {
+                self.headers = Headers::Extra(headers);
+            }
+            Headers::Auth(auth) => {
+                headers
+                    .entry(http::header::PROXY_AUTHORIZATION)
+                    .or_insert(auth);
+                self.headers = Headers::Extra(headers);
+            }
+            Headers::Extra(ref mut extra) => {
+                extra.extend(headers);
+            }
+        }
+
+        self
+    }
+}
+
+impl<C> Service<Uri> for TunnelConnector<C>
+where
+    C: Service<Uri>,
+    C::Future: Send + 'static,
+    C::Response: AsyncRead + AsyncWrite + Unpin + Send + 'static,
+    C::Error: Into<BoxError>,
+{
+    type Response = C::Response;
+    type Error = TunnelError;
+    type Future = Tunneling<C::Future, C::Response, Self::Error>;
+
+    #[inline]
+    fn poll_ready(&mut self, cx: &mut task::Context<'_>) -> Poll<Result<(), Self::Error>> {
+        self.inner
+            .poll_ready(cx)
+            .map_err(Into::into)
+            .map_err(TunnelError::ConnectFailed)
+    }
+
+    fn call(&mut self, dst: Uri) -> Self::Future {
+        let connecting = self.inner.call(self.proxy_dst.clone());
+        let headers = self.headers.clone();
+
+        Tunneling {
+            fut: Box::pin(async move {
+                let conn = connecting
+                    .await
+                    .map_err(Into::into)
+                    .map_err(TunnelError::ConnectFailed)?;
+                tunnel(
+                    conn,
+                    dst.host().ok_or(TunnelError::MissingHost)?,
+                    dst.port_or_default(),
+                    &headers,
+                )
+                .await
+            }),
+            _marker: PhantomData,
+        }
+    }
+}
+
+async fn tunnel<T>(mut conn: T, host: &str, port: u16, headers: &Headers) -> Result<T, TunnelError>
+where
+    T: AsyncRead + AsyncWrite + Unpin,
+{
+    let mut buf = format!(
+        "\
+         CONNECT {host}:{port} HTTP/1.1\r\n\
+         Host: {host}:{port}\r\n\
+         "
+    )
+    .into_bytes();
+
+    match headers {
+        Headers::Auth(auth) => {
+            buf.extend_from_slice(b"Proxy-Authorization: ");
+            buf.extend_from_slice(auth.as_bytes());
+            buf.extend_from_slice(b"\r\n");
+        }
+        Headers::Extra(extra) => {
+            for (name, value) in extra {
+                buf.extend_from_slice(name.as_str().as_bytes());
+                buf.extend_from_slice(b": ");
+                buf.extend_from_slice(value.as_bytes());
+                buf.extend_from_slice(b"\r\n");
+            }
+        }
+        Headers::Empty => (),
+    }
+
+    // headers end
+    buf.extend_from_slice(b"\r\n");
+
+    write_all(&mut conn, &buf).await.map_err(TunnelError::Io)?;
+
+    let mut buf = [0; 8192];
+    let mut pos = 0;
+
+    loop {
+        let n = read(&mut conn, &mut buf[pos..])
+            .await
+            .map_err(TunnelError::Io)?;
+
+        if n == 0 {
+            return Err(TunnelError::TunnelUnexpectedEof);
+        }
+        pos += n;
+
+        let recvd = &buf[..pos];
+        if recvd.starts_with(b"HTTP/1.1 200") || recvd.starts_with(b"HTTP/1.0 200") {
+            if recvd.ends_with(b"\r\n\r\n") {
+                return Ok(conn);
+            }
+            if pos == buf.len() {
+                return Err(TunnelError::ProxyHeadersTooLong);
+            }
+        // else read more
+        } else if recvd.starts_with(b"HTTP/1.1 407") {
+            return Err(TunnelError::ProxyAuthRequired);
+        } else {
+            return Err(TunnelError::TunnelUnsuccessful);
+        }
+    }
+}
+
+async fn read<T>(io: &mut T, buf: &mut [u8]) -> io::Result<usize>
+where
+    T: AsyncRead + Unpin,
+{
+    std::future::poll_fn(move |cx| {
+        let mut buf = ReadBuf::new(buf);
+        ready!(Pin::new(&mut *io).poll_read(cx, &mut buf))?;
+        Poll::Ready(Ok(buf.filled().len()))
+    })
+    .await
+}
+
+async fn write_all<T>(io: &mut T, buf: &[u8]) -> io::Result<()>
+where
+    T: AsyncWrite + Unpin,
+{
+    let mut n = 0;
+    std::future::poll_fn(move |cx| {
+        while n < buf.len() {
+            n += ready!(Pin::new(&mut *io).poll_write(cx, &buf[n..])?);
+        }
+        Poll::Ready(Ok(()))
+    })
+    .await
+}
+
+impl std::fmt::Display for TunnelError {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str("tunnel error: ")?;
+
+        f.write_str(match self {
+            TunnelError::MissingHost => "missing destination host",
+            TunnelError::ProxyAuthRequired => "proxy authorization required",
+            TunnelError::ProxyHeadersTooLong => "proxy response headers too long",
+            TunnelError::TunnelUnexpectedEof => "unexpected end of file",
+            TunnelError::TunnelUnsuccessful => "unsuccessful",
+            TunnelError::ConnectFailed(_) => "failed to create underlying connection",
+            TunnelError::Io(_) => "io error establishing tunnel",
+        })
+    }
+}
+
+impl std::error::Error for TunnelError {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        match self {
+            TunnelError::Io(e) => Some(e),
+            TunnelError::ConnectFailed(e) => Some(&**e),
+            _ => None,
+        }
+    }
+}

data/vendor/wreq/src/client/conn/proxy.rs

@@ -0,0 +1,39 @@
+//! Proxy helpers
+
+#[cfg(feature = "socks")]
+pub mod socks;
+pub mod tunnel;
+
+use std::{
+    marker::PhantomData,
+    pin::Pin,
+    task::{Context, Poll},
+};
+
+use pin_project_lite::pin_project;
+
+pin_project! {
+    // Not publicly exported (so missing_docs doesn't trigger).
+    //
+    // We return this `Future` instead of the `Pin<Box<dyn Future>>` directly
+    // so that users don't rely on it fitting in a `Pin<Box<dyn Future>>` slot
+    // (and thus we can change the type in the future).
+    #[must_use = "futures do nothing unless polled"]
+    pub struct Tunneling<Fut, T, E> {
+        #[pin]
+        fut: Pin<Box<dyn Future<Output = Result<T, E>> + Send>>,
+        _marker: PhantomData<Fut>,
+    }
+}
+
+impl<F, T, E1, E2> Future for Tunneling<F, T, E2>
+where
+    F: Future<Output = Result<T, E1>>,
+{
+    type Output = Result<T, E2>;
+
+    #[inline]
+    fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
+        self.project().fut.poll(cx)
+    }
+}

data/vendor/wreq/src/client/conn/tls_info.rs

@@ -0,0 +1,98 @@
+use bytes::Bytes;
+use tokio::net::TcpStream;
+#[cfg(unix)]
+use tokio::net::UnixStream;
+use tokio_boring2::SslStream;
+
+use crate::tls::{TlsInfo, conn::MaybeHttpsStream};
+
+/// A trait for extracting TLS information from a connection.
+///
+/// Implementors can provide access to peer certificate data or other TLS-related metadata.
+/// For non-TLS connections, this typically returns `None`.
+pub trait TlsInfoFactory {
+    fn tls_info(&self) -> Option<TlsInfo>;
+}
+
+fn extract_tls_info<S>(ssl_stream: &SslStream<S>) -> TlsInfo {
+    let ssl = ssl_stream.ssl();
+    TlsInfo {
+        peer_certificate: ssl
+            .peer_certificate()
+            .and_then(|cert| cert.to_der().ok())
+            .map(Bytes::from),
+        peer_certificate_chain: ssl.peer_cert_chain().map(|chain| {
+            chain
+                .iter()
+                .filter_map(|cert| cert.to_der().ok())
+                .map(Bytes::from)
+                .collect()
+        }),
+    }
+}
+
+// ===== impl TcpStream =====
+
+impl TlsInfoFactory for TcpStream {
+    fn tls_info(&self) -> Option<TlsInfo> {
+        None
+    }
+}
+
+impl TlsInfoFactory for SslStream<TcpStream> {
+    #[inline]
+    fn tls_info(&self) -> Option<TlsInfo> {
+        Some(extract_tls_info(self))
+    }
+}
+
+impl TlsInfoFactory for MaybeHttpsStream<TcpStream> {
+    fn tls_info(&self) -> Option<TlsInfo> {
+        match self {
+            MaybeHttpsStream::Https(tls) => tls.tls_info(),
+            MaybeHttpsStream::Http(_) => None,
+        }
+    }
+}
+
+impl TlsInfoFactory for SslStream<MaybeHttpsStream<TcpStream>> {
+    #[inline]
+    fn tls_info(&self) -> Option<TlsInfo> {
+        Some(extract_tls_info(self))
+    }
+}
+
+// ===== impl UnixStream =====
+
+#[cfg(unix)]
+impl TlsInfoFactory for UnixStream {
+    fn tls_info(&self) -> Option<TlsInfo> {
+        None
+    }
+}
+
+#[cfg(unix)]
+impl TlsInfoFactory for SslStream<UnixStream> {
+    #[inline]
+    fn tls_info(&self) -> Option<TlsInfo> {
+        Some(extract_tls_info(self))
+    }
+}
+
+#[cfg(unix)]
+impl TlsInfoFactory for MaybeHttpsStream<UnixStream> {
+    fn tls_info(&self) -> Option<TlsInfo> {
+        match self {
+            MaybeHttpsStream::Https(tls) => tls.tls_info(),
+            MaybeHttpsStream::Http(_) => None,
+        }
+    }
+}
+
+#[cfg(unix)]
+impl TlsInfoFactory for SslStream<MaybeHttpsStream<UnixStream>> {
+    #[inline]
+    fn tls_info(&self) -> Option<TlsInfo> {
+        Some(extract_tls_info(self))
+    }
+}

data/vendor/wreq/src/client/conn/uds.rs

@@ -0,0 +1,44 @@
+use std::{
+    io,
+    path::Path,
+    pin::Pin,
+    sync::Arc,
+    task::{Context, Poll},
+};
+
+use http::Uri;
+use tokio::net::UnixStream;
+
+use super::{Connected, Connection};
+
+type ConnectResult = io::Result<UnixStream>;
+type BoxConnecting = Pin<Box<dyn Future<Output = ConnectResult> + Send>>;
+
+#[derive(Clone)]
+pub struct UnixConnector(pub(crate) Arc<Path>);
+
+impl tower::Service<Uri> for UnixConnector {
+    type Response = UnixStream;
+    type Error = io::Error;
+    type Future = BoxConnecting;
+
+    #[inline]
+    fn poll_ready(&mut self, _cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
+        Poll::Ready(Ok(()))
+    }
+
+    fn call(&mut self, _: Uri) -> Self::Future {
+        let fut = UnixStream::connect(self.0.clone());
+        Box::pin(async move {
+            let io = fut.await?;
+            Ok::<_, io::Error>(io)
+        })
+    }
+}
+
+impl Connection for UnixStream {
+    #[inline]
+    fn connected(&self) -> Connected {
+        Connected::new()
+    }
+}