CA

2025-08-22 17:31:54 +03:00
parent 0a38af1b66
commit 00309149d4
39 changed files with 3001 additions and 84 deletions
--- a/flumi/Scripts/CertificateManager.gd
+++ b/flumi/Scripts/CertificateManager.gd
@@ -0,0 +1,49 @@
+extends RefCounted
+class_name CertificateManager
+
+static var trusted_ca_certificates: Array[String] = []
+static var ca_cache: Dictionary = {}
+
+static func fetch_cert_via_http(url: String) -> String:
+	var http_request = HTTPRequest.new()
+	
+	var main_scene = Engine.get_main_loop().current_scene
+	if not main_scene:
+		return ""
+	
+	main_scene.add_child(http_request)
+	
+	var error = http_request.request(url)
+	if error != OK:
+		http_request.queue_free()
+		return ""
+	
+	var response = await http_request.request_completed
+	http_request.queue_free()
+	
+	var result = response[0]
+	var response_code = response[1]
+	var body = response[3]
+	
+	if result != HTTPRequest.RESULT_SUCCESS or response_code != 200:
+		return ""
+	
+	return body.get_string_from_utf8()
+
+static func initialize():
+	load_builtin_ca()
+	print("📋 Certificate Manager initialized with ", trusted_ca_certificates.size(), " trusted CAs")
+
+static func load_builtin_ca():
+	var ca_file = FileAccess.open("res://Assets/gurted-ca.crt", FileAccess.READ)
+	if ca_file:
+		var ca_cert_pem = ca_file.get_as_text()
+		ca_file.close()
+		
+		if not ca_cert_pem.is_empty():
+			trusted_ca_certificates.append(ca_cert_pem)
+			print("✅ Loaded built-in GURT CA certificate")
+		else:
+			print("⚠️ Built-in CA certificate not yet configured")
+	else:
+		print("❌ Could not load built-in CA certificate")
--- a/flumi/Scripts/CertificateManager.gd.uid
+++ b/flumi/Scripts/CertificateManager.gd.uid
@@ -0,0 +1 @@
+uid://bhnsb8ttn6f7n
--- a/flumi/Scripts/GurtProtocol.gd
+++ b/flumi/Scripts/GurtProtocol.gd
@@ -141,6 +141,9 @@ static func fetch_dns_post_working(server: String, path: String, json_data: Stri
 		var local_result = {}
 		var client = GurtProtocolClient.new()
 		
+		for ca_cert in CertificateManager.trusted_ca_certificates:
+			client.add_ca_certificate(ca_cert)
+		
 		if not client.create_client(10):
 			local_result = {"error": "Failed to create client"}
 		else:
@@ -191,6 +194,9 @@ static func fetch_dns_post_working(server: String, path: String, json_data: Stri
 static func fetch_content_via_gurt(ip: String, path: String = "/") -> Dictionary:	
 	var client = GurtProtocolClient.new()
 	
+	for ca_cert in CertificateManager.trusted_ca_certificates:
+		client.add_ca_certificate(ca_cert)
+	
 	if not client.create_client(30):
 		return {"error": "Failed to create GURT client"}
 	
@@ -219,6 +225,9 @@ static func fetch_content_via_gurt_direct(address: String, path: String = "/") -
 		var local_result = {}
 		var client = GurtProtocolClient.new()
 		
+		for ca_cert in CertificateManager.trusted_ca_certificates:
+			client.add_ca_certificate(ca_cert)
+		
 		if not client.create_client(10):
 			local_result = {"error": "Failed to create GURT client"}
 		else:
--- a/flumi/Scripts/Utils/Lua/Network.gd
+++ b/flumi/Scripts/Utils/Lua/Network.gd
@@ -53,7 +53,7 @@ static func _lua_fetch_handler(vm: LuauVM) -> int:
 	if not has_user_agent:
 		headers_array.append("User-Agent: " + UserAgent.get_user_agent())
 	
-	var response_data = make_http_request(url, method, headers_array, body)
+	var response_data = await make_http_request(url, method, headers_array, body)
 	
 	# Create response object with actual data
 	vm.lua_newtable()
@@ -127,7 +127,7 @@ static func _response_ok_handler(vm: LuauVM) -> int:

 static func make_http_request(url: String, method: String, headers: PackedStringArray, body: String) -> Dictionary:
 	if url.begins_with("gurt://"):
-		return make_gurt_request(url, method, headers, body)
+		return await make_gurt_request(url, method, headers, body)
 	var http_client = HTTPClient.new()
 	var response_data = {
 		"status": 0,
@@ -282,13 +282,24 @@ static func make_gurt_request(url: String, method: String, headers: PackedString
 		"body": ""
 	}
 	
-	# Reuse existing client or create new one
-	if _gurt_client == null:
-		_gurt_client = GurtProtocolClient.new()
-		if not _gurt_client.create_client(10):
-			response_data.status = 0
-			response_data.status_text = "Connection Failed"
-			return response_data
+	var domain_part = url.replace("gurt://", "")
+	if domain_part.contains("/"):
+		domain_part = domain_part.split("/")[0]
+	if domain_part.contains(":"):
+		domain_part = domain_part.split(":")[0]
+	
+	if _gurt_client != null:
+		_gurt_client.disconnect()
+	
+	_gurt_client = GurtProtocolClient.new()
+	
+	for ca_cert in CertificateManager.trusted_ca_certificates:
+		_gurt_client.add_ca_certificate(ca_cert)
+	
+	if not _gurt_client.create_client(10):
+		response_data.status = 0
+		response_data.status_text = "Connection Failed"
+		return response_data
 	
 	var client = _gurt_client
 	
--- a/flumi/Scripts/main.gd
+++ b/flumi/Scripts/main.gd
@@ -53,6 +53,8 @@ func _ready():
 	ProjectSettings.set_setting("display/window/size/min_height", MIN_SIZE.y)
 	DisplayServer.window_set_min_size(MIN_SIZE)
 	
+	CertificateManager.initialize()
+	
 	call_deferred("render")

 var current_domain = ""  # Store current domain for display