CA

2025-08-22 17:31:54 +03:00
parent 0a38af1b66
commit 00309149d4
39 changed files with 3001 additions and 84 deletions
--- a/flumi/.claude/settings.local.json
+++ b/flumi/.claude/settings.local.json
@@ -1,10 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "WebSearch",
-      "WebFetch(domain:github.com)"
-    ],
-    "deny": [],
-    "ask": []
-  }
-}
--- a/flumi/Assets/gurted-ca.crt
+++ b/flumi/Assets/gurted-ca.crt
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFHDCCAwSgAwIBAgIBATANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJVUzEX
+MBUGA1UECgwOR3VydGVkIE5ldHdvcmsxFzAVBgNVBAMMDkd1cnRlZCBSb290IENB
+MB4XDTI1MDgyMTE1MjgyM1oXDTM1MDgxOTE1MjgyM1owPzELMAkGA1UEBhMCVVMx
+FzAVBgNVBAoMDkd1cnRlZCBOZXR3b3JrMRcwFQYDVQQDDA5HdXJ0ZWQgUm9vdCBD
+QTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANYNLAnXNo8x9qzJbAwT
+dDVC40XSfEVIBPWX4yBEKMSKefcUQy2ZBqzBSVVeig7q7OEPm29sL0XbSgxPN8nH
+Pkg8ZfKhsDIuHGLeZbt1NAvc4mlMUHY5ebTMUaopldNJlKAKOJ+Xh6XHF3Tl4d3D
+HnkdQv4s0wdfbI8Dem8G+JoqMu5Cn1BJcoB6vmmwH6/Fkq7qEdVe3WfKWflBQ7qk
+rmj3hrKjKG62EsQKF+4JVPWY7RVG8rJukABakRndCKCM9te+XTIeollL/WvIcY4p
+Ctf+6/p7FcnWQrDdcGwFmWpVj/SHGzgCi0PfTsI8V3vpCyBzIc2rZJvpLH8ndfUI
+fNzYCAiRA4HUoXbyTvpMxJ3io4q9VZKuJ5mbe50NlJ/oiX2wFvosm5OMHUAk4tNJ
+64jQLHTVrI/O+TKbLebKH9xEUCFOJpQX4rz4nzyRRdzM3C4qDZ4UTz3hAMeBus79
+jJtZj26T2O7zYweihWhPFkatvick66aDhD5jeQLnPp/w4mY4iuZMf3tb2L+Py/BR
+k8LHg9xTFL79lwpelwbLSVOdLXXQXSRDx6eF0qG4dDALAlbEBYCrK8wjQqvH3/Fg
+EJbG9RTgywi6UgAy+jVdYFtW5+2No1HTyqELzq0OeOInzJf1xVM8IAP1KFkQF3V2
+ofIc4Uz4fF2mOpzJeeOkBKU1AgMBAAGjIzAhMA8GA1UdEwEB/wQFMAMBAf8wDgYD
+VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQCkIajpq/McB5w8S2CdC4IF
+x63BQ2Zje8PAd0LjbtHulH4RoZQzW8+hHJgb13KfOg0MLZ7iEy0gSS/D2eF4uJpd
+NKgT8ZuG1v+e/OWsxRoonNpopz2dHt8qstRiqRlKZ1/45pXNwAM+ztWuRR2AIHB1
+bSStCShLArdB80/42OXK7Uq1CzNN8ikw4JKKdU+JP4TrCLIBNlDYq5hcFCjb+6f2
+fmJ5+VjZVx3yXV281Q1K2enMo0ACzPiD+1hgnms144hhbBqyP7rrQcnN/Z0Vq65U
+nFNQT5yU6KYuyPbajYxtpr7jKwJDsPJMa0pOW4H93IN0+jdqIk5vr8zE7PHztOIp
+KB+gMyTbeWx6hVmf6eRDVd56uibS5s+QrESQ6FWjO2Ns73qg9/vhW81JtTQ5NRF9
+YSKy3YHIKN3+bmUPOVp6rhb+xU2QaI7CQxjXlDt3Y3+evFe2oGyG/N439z09+az5
+A1J4f5mWP4+n/t8k75Z6PuVpOAUsiklJIcTOpRnYRlW+U+md94MsYD60ITWSgiad
+A7Uu3uoyS+wN8W1yNmPaVci2L19rgKc9ZMXCPFj6x6QiiR6fG7/7M8WGOR6Lx1n0
+9DcYTpcbYAdSufUSUtd9isjR1jzTHeIYQ9rRfdlQaOw3lnIVG0H9wVSBcAzMeSnd
+tUnu0gVTdnuUfjO1Te86fA==
+-----END CERTIFICATE-----
--- a/flumi/Scripts/CertificateManager.gd
+++ b/flumi/Scripts/CertificateManager.gd
@@ -0,0 +1,49 @@
+extends RefCounted
+class_name CertificateManager
+
+static var trusted_ca_certificates: Array[String] = []
+static var ca_cache: Dictionary = {}
+
+static func fetch_cert_via_http(url: String) -> String:
+	var http_request = HTTPRequest.new()
+	
+	var main_scene = Engine.get_main_loop().current_scene
+	if not main_scene:
+		return ""
+	
+	main_scene.add_child(http_request)
+	
+	var error = http_request.request(url)
+	if error != OK:
+		http_request.queue_free()
+		return ""
+	
+	var response = await http_request.request_completed
+	http_request.queue_free()
+	
+	var result = response[0]
+	var response_code = response[1]
+	var body = response[3]
+	
+	if result != HTTPRequest.RESULT_SUCCESS or response_code != 200:
+		return ""
+	
+	return body.get_string_from_utf8()
+
+static func initialize():
+	load_builtin_ca()
+	print("📋 Certificate Manager initialized with ", trusted_ca_certificates.size(), " trusted CAs")
+
+static func load_builtin_ca():
+	var ca_file = FileAccess.open("res://Assets/gurted-ca.crt", FileAccess.READ)
+	if ca_file:
+		var ca_cert_pem = ca_file.get_as_text()
+		ca_file.close()
+		
+		if not ca_cert_pem.is_empty():
+			trusted_ca_certificates.append(ca_cert_pem)
+			print("✅ Loaded built-in GURT CA certificate")
+		else:
+			print("⚠️ Built-in CA certificate not yet configured")
+	else:
+		print("❌ Could not load built-in CA certificate")
--- a/flumi/Scripts/CertificateManager.gd.uid
+++ b/flumi/Scripts/CertificateManager.gd.uid
@@ -0,0 +1 @@
+uid://bhnsb8ttn6f7n
--- a/flumi/Scripts/GurtProtocol.gd
+++ b/flumi/Scripts/GurtProtocol.gd
@@ -141,6 +141,9 @@ static func fetch_dns_post_working(server: String, path: String, json_data: Stri
 		var local_result = {}
 		var client = GurtProtocolClient.new()
 		
+		for ca_cert in CertificateManager.trusted_ca_certificates:
+			client.add_ca_certificate(ca_cert)
+		
 		if not client.create_client(10):
 			local_result = {"error": "Failed to create client"}
 		else:
@@ -191,6 +194,9 @@ static func fetch_dns_post_working(server: String, path: String, json_data: Stri
 static func fetch_content_via_gurt(ip: String, path: String = "/") -> Dictionary:	
 	var client = GurtProtocolClient.new()
 	
+	for ca_cert in CertificateManager.trusted_ca_certificates:
+		client.add_ca_certificate(ca_cert)
+	
 	if not client.create_client(30):
 		return {"error": "Failed to create GURT client"}
 	
@@ -219,6 +225,9 @@ static func fetch_content_via_gurt_direct(address: String, path: String = "/") -
 		var local_result = {}
 		var client = GurtProtocolClient.new()
 		
+		for ca_cert in CertificateManager.trusted_ca_certificates:
+			client.add_ca_certificate(ca_cert)
+		
 		if not client.create_client(10):
 			local_result = {"error": "Failed to create GURT client"}
 		else:
--- a/flumi/Scripts/Utils/Lua/Network.gd
+++ b/flumi/Scripts/Utils/Lua/Network.gd
@@ -53,7 +53,7 @@ static func _lua_fetch_handler(vm: LuauVM) -> int:
 	if not has_user_agent:
 		headers_array.append("User-Agent: " + UserAgent.get_user_agent())
 	
-	var response_data = make_http_request(url, method, headers_array, body)
+	var response_data = await make_http_request(url, method, headers_array, body)
 	
 	# Create response object with actual data
 	vm.lua_newtable()
@@ -127,7 +127,7 @@ static func _response_ok_handler(vm: LuauVM) -> int:

 static func make_http_request(url: String, method: String, headers: PackedStringArray, body: String) -> Dictionary:
 	if url.begins_with("gurt://"):
-		return make_gurt_request(url, method, headers, body)
+		return await make_gurt_request(url, method, headers, body)
 	var http_client = HTTPClient.new()
 	var response_data = {
 		"status": 0,
@@ -282,13 +282,24 @@ static func make_gurt_request(url: String, method: String, headers: PackedString
 		"body": ""
 	}
 	
-	# Reuse existing client or create new one
-	if _gurt_client == null:
-		_gurt_client = GurtProtocolClient.new()
-		if not _gurt_client.create_client(10):
-			response_data.status = 0
-			response_data.status_text = "Connection Failed"
-			return response_data
+	var domain_part = url.replace("gurt://", "")
+	if domain_part.contains("/"):
+		domain_part = domain_part.split("/")[0]
+	if domain_part.contains(":"):
+		domain_part = domain_part.split(":")[0]
+	
+	if _gurt_client != null:
+		_gurt_client.disconnect()
+	
+	_gurt_client = GurtProtocolClient.new()
+	
+	for ca_cert in CertificateManager.trusted_ca_certificates:
+		_gurt_client.add_ca_certificate(ca_cert)
+	
+	if not _gurt_client.create_client(10):
+		response_data.status = 0
+		response_data.status_text = "Connection Failed"
+		return response_data
 	
 	var client = _gurt_client
 	
--- a/flumi/Scripts/main.gd
+++ b/flumi/Scripts/main.gd
@@ -53,6 +53,8 @@ func _ready():
 	ProjectSettings.set_setting("display/window/size/min_height", MIN_SIZE.y)
 	DisplayServer.window_set_min_size(MIN_SIZE)
 	
+	CertificateManager.initialize()
+	
 	call_deferred("render")

 var current_domain = ""  # Store current domain for display
--- a/flumi/addons/gdluau/bin/windows/~gdluau.windows.template_debug.x86_64.dll
+++ b/flumi/addons/gdluau/bin/windows/~gdluau.windows.template_debug.x86_64.dll
--- a/flumi/addons/godot-flexbox/bin/windows/~godot-flexbox.windows.template_release.double.x86_64.dll
+++ b/flumi/addons/godot-flexbox/bin/windows/~godot-flexbox.windows.template_release.double.x86_64.dll
--- a/flumi/addons/gurt-protocol/bin/windows/gurt_godot.dll
+++ b/flumi/addons/gurt-protocol/bin/windows/gurt_godot.dll
--- a/flumi/addons/gurt-protocol/bin/windows/~gurt_godot.dll
+++ b/flumi/addons/gurt-protocol/bin/windows/~gurt_godot.dll