Use custom rustls and alpn fedichatv0

Maybe this fixes a bug I'm looking at? Not sure though. It should make
the protocol more robust though

Cargo.lock

@@ -75,6 +75,28 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
 
+[[package]]
+name = "aws-lc-rs"
+version = "1.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ec2f1fc3ec205783a5da9a7e6c1509cc69dedf09a1949e412c1e18469326d00"
+dependencies = [
+ "aws-lc-sys",
+ "zeroize",
+]
+
+[[package]]
+name = "aws-lc-sys"
+version = "0.41.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a2f9779ce85b93ab6170dd940ad0169b5766ff848247aff13bb788b832fe3f4"
+dependencies = [
+ "cc",
+ "cmake",
+ "dunce",
+ "fs_extra",
+]
+
 [[package]]
 name = "base64"
 version = "0.22.1"
@@ -156,6 +178,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a1dce859f0832a7d088c4f1119888ab94ef4b5d6795d1ce05afb7fe159d79f98"
 dependencies = [
  "find-msvc-tools",
+ "jobserver",
+ "libc",
  "shlex",
 ]
 
@@ -238,6 +262,15 @@ version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c8d4a3bb8b1e0c1050499d1815f5ab16d04f0959b233085fb31653fbfc9d98f9"
 
+[[package]]
+name = "cmake"
+version = "0.1.58"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0f78a02292a74a88ac736019ab962ece0bc380e3f977bf72e376c5d78ff0678"
+dependencies = [
+ "cc",
+]
+
 [[package]]
 name = "cmov"
 version = "0.5.3"
@@ -274,6 +307,7 @@ dependencies = [
  "quinn",
  "rand 0.10.1",
  "rmp-serde",
+ "rustls",
  "serde",
  "thiserror 2.0.18",
  "time",
@@ -525,6 +559,12 @@ dependencies = [
  "syn",
 ]
 
+[[package]]
+name = "dunce"
+version = "1.0.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813"
+
 [[package]]
 name = "ed25519"
 version = "2.2.3"
@@ -607,6 +647,12 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
+[[package]]
+name = "fs_extra"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c"
+
 [[package]]
 name = "futures-channel"
 version = "0.3.32"
@@ -823,6 +869,16 @@ dependencies = [
  "syn",
 ]
 
+[[package]]
+name = "jobserver"
+version = "0.1.34"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33"
+dependencies = [
+ "getrandom 0.3.4",
+ "libc",
+]
+
 [[package]]
 name = "js-sys"
 version = "0.3.98"
@@ -1322,6 +1378,8 @@ version = "0.23.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ef86cd5876211988985292b91c96a8f2d298df24e75989a43a3c73f2d4d8168b"
 dependencies = [
+ "aws-lc-rs",
+ "log",
  "once_cell",
  "ring",
  "rustls-pki-types",
@@ -1385,6 +1443,7 @@ version = "0.103.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e"
 dependencies = [
+ "aws-lc-rs",
  "ring",
  "rustls-pki-types",
  "untrusted",

Cargo.toml

@@ -23,4 +23,5 @@ bcrypt = "0.19.1"
 time = { version = "0.3.47", features = ["serde"] }
 rand = "0.10.1"
 uuid = { version = "1.23.2", features = ["v4"] }
+rustls = "0.23.40"
 #postcard = {version = "1.1.3", features = ["use-std"]}

src/main.rs

@@ -12,6 +12,7 @@ use diesel_async::pooled_connection::AsyncDieselConnectionManager;
 use diesel_async::pooled_connection::deadpool::Pool;
 use quinn::rustls::pki_types::{PrivateKeyDer,CertificateDer,pem::PemObject};
 use quinn::Endpoint;
+use quinn::crypto::rustls::QuicServerConfig;
 use std::io;
 use std::fs;
 use std::net::{IpAddr,SocketAddr};
@@ -22,7 +23,6 @@ use serde::{Deserialize,Serialize};
 use tracing::{error,instrument,warn,debug,info,Level};
 use tokio::sync::{RwLock,broadcast,mpsc};
 
-
 use crate::config::Config;
 use crate::state::{State,StateError};
 
@@ -147,17 +147,43 @@ async fn main() -> ExitCode {
     };
 
 
-    let quinn_config = match quinn::ServerConfig::with_single_cert(certs, key){
-        Ok(val) => val,
+    let server_crypto = match rustls::ServerConfig::builder()
+        .with_no_client_auth()
+        .with_single_cert(certs, key) 
+    {
+        Ok(mut val) => {
+            val.alpn_protocols = vec![b"fedichatv0".to_vec()];
+            match QuicServerConfig::try_from(val) {
+                Ok(conf) => conf,
+                Err(e) => {
+                    error!("Unable to intialize TLS server configuration: {}",e);
+                    return ExitCode::FAILURE;
+                }
+            }
+            
+        },
         Err(e) => {
-            error!("Unable to intialize quinn server configuration: {:?}",e);
+            error!("Unable to intialize TLS server configuration: {}",e);
             return ExitCode::FAILURE;
         }
+
     };
 
+    let server_config =
+        quinn::ServerConfig::with_crypto(Arc::new(server_crypto));
+
+
+    //let quinn_config = match quinn::ServerConfig::with_single_cert(certs, key){
+    //    Ok(val) => val,
+    //    Err(e) => {
+    //        error!("Unable to intialize quinn server configuration: {:?}",e);
+    //        return ExitCode::FAILURE;
+    //    }
+    //};
+
     // Bind this endpoint to a UDP socket on the given server address.
     let endpoint = match Endpoint::server(
-        quinn_config,
+        server_config,
         SocketAddr::new(address,config.port)
     ) {
         Ok(val) => val,