takproto 0.4.2

Rust library for TAK (Team Awareness Kit) Protocol - send CoT messages to TAK servers with mTLS support
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

//! Test by manually trusting the server's self-signed certificate
//!
//! This extracts the server cert and adds it to the trust store,
//! avoiding the need for danger_accept_invalid_certs.

use takproto::{TakClient, TlsConfig};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let args: Vec<String> = std::env::args().collect();
    if args.len() < 5 {
        eprintln!("Usage: {} <server:port> <server_name> <p12_file> <password>", args[0]);
        std::process::exit(1);
    }

    let server_addr = &args[1];
    let server_name = &args[2];
    let p12_file = &args[3];
    let password = &args[4];

    println!("===================================================");
    println!("Alternative Approach: Extract and Trust Server Cert");
    println!("===================================================");
    println!("\nTo use this approach, you need to:");
    println!("1. Extract the server's certificate:");
    println!("   openssl s_client -connect {} -showcerts < /dev/null 2>/dev/null | \\", server_addr);
    println!("   openssl x509 -outform PEM > server_cert.pem");
    println!();
    println!("2. Add the server cert to your P12 trust store, OR");
    println!("3. Use a custom CA bundle that includes the server cert");
    println!();
    println!("For now, this is just a suggestion for a workaround.");
    println!("The real fix is to make danger_accept_invalid_certs work properly.");

    // This is just documentation - actual implementation would need
    // TlsConfigBuilder to support adding additional trusted certificates

    Ok(())
}