From efeb5065aefef2ce74912bfd55691270ced93f6f Mon Sep 17 00:00:00 2001 From: Elvis Pranskevichus Date: Mon, 19 Feb 2024 15:10:32 -0800 Subject: [PATCH 01/21] Update `env_logger` dependency --- api-test/Cargo.toml | 2 +- examples/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index 9172c5f..22b86ae 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -17,7 +17,7 @@ travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch [dependencies] tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } log = "0.4" -env_logger = "0.5" +env_logger = "0.11.2" anyhow = "1.0.44" pem = "0.8.3" diff --git a/examples/Cargo.toml b/examples/Cargo.toml index d0e7854..ce6e52b 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -42,7 +42,7 @@ runtime-tokio = [ ] [dev-dependencies] -env_logger = { version = "0.5", default-features = false } +env_logger = { version = "0.11.2", default-features = false } cfg-if = "0.1" tokio = { version = "1.2.0", features = ["net"] } From df7f61620c37957caf07d33cfc3897366b0b8f03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 21:22:22 +0200 Subject: [PATCH 02/21] Nix flake for a dev shell --- .envrc | 1 + .gitignore | 2 ++ flake.lock | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 46 +++++++++++++++++++++++++++++ 4 files changed, 134 insertions(+) create mode 100644 .envrc create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..ce1bbe9 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake 'path:.' diff --git a/.gitignore b/.gitignore index 5ee368e..28003b5 100644 --- a/.gitignore +++ b/.gitignore @@ -7,5 +7,7 @@ Cargo.lock **/*.iml .idea +.code .*.swp +.direnv/ diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..8738776 --- /dev/null +++ b/flake.lock @@ -0,0 +1,85 @@ +{ + "nodes": { + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "rust-analyzer-src": [] + }, + "locked": { + "lastModified": 1708928609, + "narHash": "sha256-LcXC2NP/TzHMmJThZGG1e+7rht5HeuZK5WOirIDg+lU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "e928fb6b5179ebd032c19afac5c461ccc0b6de55", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1709816690, + "narHash": "sha256-ugzGLZd+LPVigd8psiEpHokxsA6a3kXkVvkpH125FmM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "00f00e0663ee05d58b8f9bdc937018409d49d48a", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "fenix": "fenix", + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..7e3f683 --- /dev/null +++ b/flake.nix @@ -0,0 +1,46 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs"; + flake-parts.url = "github:hercules-ci/flake-parts"; + + # provides rust toolchain + fenix = { + url = "github:nix-community/fenix"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.rust-analyzer-src.follows = ""; + }; + + }; + + outputs = inputs@{ flake-parts, fenix, ... }: + flake-parts.lib.mkFlake {inherit inputs;} { + systems = ["x86_64-linux" "x86_64-darwin" "aarch64-darwin"]; + perSystem = { config, system, pkgs, ... }: + let + fenix_pkgs = fenix.packages.${system}; + + rustToolchain = (fenix_pkgs.complete.withComponents [ + "cargo" + "clippy" + "rust-src" + "rustc" + "rustfmt" + "rust-analyzer" + ]); + + in { + devShells.default = pkgs.mkShell { + buildInputs = [ + pkgs.openssl + pkgs.pkg-config + rustToolchain + ] + ++ pkgs.lib.optional pkgs.stdenv.isDarwin [ + pkgs.libiconv + pkgs.darwin.apple_sdk.frameworks.CoreServices + pkgs.darwin.apple_sdk.frameworks.SystemConfiguration + ]; + }; + }; + }; +} From 349509062825528ac1e107e4a02b7dd243038127 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 21:32:25 +0200 Subject: [PATCH 03/21] Rename to the forked edgedb repo --- README.md | 6 +----- api-test/Cargo.toml | 12 ++++++------ api-test/README.md | 6 ++---- api/Cargo.toml | 8 ++++---- api/README.md | 6 ++---- api/src/lib.rs | 14 +++++++------- examples/Cargo.toml | 12 ++++++------ impl-native-tls/Cargo.toml | 18 +++++++++--------- impl-native-tls/README.md | 6 ++---- impl-native-tls/examples/client.rs | 2 +- impl-not-tls/Cargo.toml | 14 +++++++------- impl-not-tls/README.md | 6 ++---- impl-openssl/Cargo.toml | 18 +++++++++--------- impl-openssl/README.md | 6 ++---- impl-openssl/examples/client.rs | 2 +- impl-openssl/tests/test.rs | 2 +- impl-rustls/Cargo.toml | 18 +++++++++--------- impl-rustls/README.md | 6 ++---- impl-rustls/examples/client.rs | 2 +- impl-rustls/examples/server.rs | 2 +- impl-rustls/tests/test.rs | 12 ++++++------ impl-security-framework/Cargo.toml | 20 ++++++++++---------- impl-security-framework/README.md | 6 ++---- impl-stub/Cargo.toml | 14 +++++++------- impl-stub/README.md | 6 ++---- impl-stub/src/lib.rs | 2 +- impl-stub/tests/version.rs | 2 +- interop/Cargo.toml | 16 ++++++++-------- test-cert-gen/Cargo.toml | 2 +- test-cert-gen/README.md | 4 ---- test-cert-gen/src/bin/gen-certs-here.rs | 2 +- 31 files changed, 114 insertions(+), 138 deletions(-) diff --git a/README.md b/README.md index 68cc0a2..091504a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,3 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) - # One TLS API to rule them all Supports: @@ -35,7 +31,7 @@ Supports: ## Example -[download-rust-lang-org.rs](https://github.com/stepancheg/rust-tls-api/blob/master/examples/examples/download-rust-lang-org.rs#L66) +[download-rust-lang-org.rs](https://github.com/edgedb/rust-tls-api/blob/master/examples/examples/download-rust-lang-org.rs#L66) contains the implementation of simple TLS client downloading rust-lang.org, which is invoked with four backends. diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index 22b86ae..f170bcf 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-test" +name = "tls-api-test-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,10 +12,10 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } log = "0.4" env_logger = "0.11.2" anyhow = "1.0.44" @@ -27,7 +27,7 @@ untrusted = "0.6.*" tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -test-cert-gen = { path = "../test-cert-gen", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] diff --git a/api-test/README.md b/api-test/README.md index be2f782..8be3504 100644 --- a/api-test/README.md +++ b/api-test/README.md @@ -1,8 +1,6 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-test-2 -# tls-api-test +*This is a fork of [tls-api-test](https://crates.io/crates/tls-api-test) with updated dependencies.* Test implementation the all tls-api implementations. diff --git a/api/Cargo.toml b/api/Cargo.toml index f769453..686a8d6 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api" +name = "tls-api-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" readme = "../README.md" keywords = ["tls"] edition = "2018" @@ -13,7 +13,7 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] pem = "0.8.3" diff --git a/api/README.md b/api/README.md index 1e10b0f..66f98bb 100644 --- a/api/README.md +++ b/api/README.md @@ -1,8 +1,6 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-2 -# tls-api +*This is a fork of [tls-api](https://crates.io/crates/tls-api) with updated dependencies.* Implementation neutral common denominator TLS API. diff --git a/api/src/lib.rs b/api/src/lib.rs index aa4a8f0..4f4db57 100644 --- a/api/src/lib.rs +++ b/api/src/lib.rs @@ -15,11 +15,11 @@ //! //! ``` //! # { #![cfg(feature = "runtime-tokio")] -//! use tls_api::{TlsConnector, TlsConnectorBuilder}; +//! use tls_api_2::{TlsConnector, TlsConnectorBuilder}; //! // or async_std::net::TcpStream; //! use tokio::net::TcpStream; -//! # use tls_api::runtime::AsyncWriteExt; -//! # use tls_api::runtime::AsyncReadExt; +//! # use tls_api_2::runtime::AsyncWriteExt; +//! # use tls_api_2::runtime::AsyncReadExt; //! //! async fn download_rust_lang_org() -> anyhow::Result> { //! let stream = TcpStream::connect(("rust-lang.org", 443)).await?; @@ -36,11 +36,11 @@ //! //! ``` //! # { #![cfg(feature = "runtime-tokio")] -//! use tls_api::TlsConnectorType; +//! use tls_api_2::TlsConnectorType; //! // or async_std::net::TcpStream; //! use tokio::net::TcpStream; -//! # use tls_api::runtime::AsyncWriteExt; -//! # use tls_api::runtime::AsyncReadExt; +//! # use tls_api_2::runtime::AsyncWriteExt; +//! # use tls_api_2::runtime::AsyncReadExt; //! //! async fn download_rust_lang_org(connector_type: &dyn TlsConnectorType) -> anyhow::Result> { //! let stream = TcpStream::connect(("rust-lang.org", 443)).await?; @@ -54,7 +54,7 @@ //! ``` //! //! Have a look at working example invoking all implementation -//! [on GitHub](https://github.com/stepancheg/rust-tls-api/blob/master/examples/examples/download-rust-lang-org.rs#L66). +//! [on GitHub](https://github.com/edgedb/rust-tls-api/blob/master/examples/examples/download-rust-lang-org.rs#L66). //! //! There are also two fake implementations: //! * `tls-api-stub` crate which returns an error on any operations, useful to check code compiles diff --git a/examples/Cargo.toml b/examples/Cargo.toml index ce6e52b..b3a4dd8 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -4,7 +4,7 @@ version = "0.0.0" authors = ["Carl Lerche ", "Alex Crichton "] license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api" +repository = "https://github.com/edgedb/rust-tls-api" description = """ Example of tls-api """ @@ -13,14 +13,14 @@ publish = false edition = "2018" [dependencies] -tls-api = { path = "../api", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", default-features = false } tokio = { version = "1.2.0", features = ["full"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -tls-api-native-tls = { path = "../impl-native-tls", default-features = false } -tls-api-rustls = { path = "../impl-rustls", default-features = false } -tls-api-security-framework = { path = "../impl-security-framework", default-features = false } -tls-api-openssl = { path = "../impl-openssl", default-features = false } +tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls-2", default-features = false } +tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls-2", default-features = false } +tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework-2", default-features = false } +tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl-2", default-features = false } [features] default = ["runtime-tokio"] diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index 55d12be..ec6d4f7 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-native-tls" +name = "tls-api-native-tls-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over native-tls crate" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,7 +12,7 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] native-tls = { version ="0.2", features = ["alpn"] } @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] @@ -32,8 +32,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-native-tls/README.md b/impl-native-tls/README.md index db2b651..5de91b5 100644 --- a/impl-native-tls/README.md +++ b/impl-native-tls/README.md @@ -1,5 +1,3 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-native-tls-2 -# tls-api-native-tls +*This is a fork of [tls-api-native-tls](https://crates.io/crates/tls-api-native-tls) with updated dependencies.* diff --git a/impl-native-tls/examples/client.rs b/impl-native-tls/examples/client.rs index de9b3d5..5203860 100644 --- a/impl-native-tls/examples/client.rs +++ b/impl-native-tls/examples/client.rs @@ -15,7 +15,7 @@ async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); println!("TCP connected"); - let mut builder = tls_api_native_tls::TlsConnector::builder().unwrap(); + let mut builder = tls_api_native_tls_2::TlsConnector::builder().unwrap(); builder .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index 88901f2..12334f6 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-not-tls" +name = "tls-api-not-tls-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,10 +12,10 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } @@ -23,7 +23,7 @@ anyhow = "1.0.44" thiserror = "1.0.30" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] @@ -31,4 +31,4 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-not-tls/README.md b/impl-not-tls/README.md index 292b0f1..b9f5c89 100644 --- a/impl-not-tls/README.md +++ b/impl-not-tls/README.md @@ -1,8 +1,6 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-not-tls-2 -# tls-api-not-tls +*This is a fork of [tls-api-not-tls](https://crates.io/crates/tls-api-not-tls) with updated dependencies.* Implementation which returns the (wrapped) socket in `connect` and `accept` operations. No TLS. diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index 091b470..d53981b 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-openssl" +name = "tls-api-openssl-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over openssl crate" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] build = "build.rs" edition = "2018" @@ -13,20 +13,20 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] # To implement OpenSSL version check in build.rs openssl-sys = { version = "0.9.43" } openssl = { version = "0.10.20", features = ["v102", "v110"] } -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-openssl/README.md b/impl-openssl/README.md index 5f978af..a7e08f7 100644 --- a/impl-openssl/README.md +++ b/impl-openssl/README.md @@ -1,7 +1,5 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-openssl-2 -# tls-api-openssl +*This is a fork of [tls-api-openssl](https://crates.io/crates/tls-api-openssl) with updated dependencies.* Implementation of `tls-api` over [openssl](https://crates.io/crates/openssl) crate. diff --git a/impl-openssl/examples/client.rs b/impl-openssl/examples/client.rs index bf4c2c2..4a20677 100644 --- a/impl-openssl/examples/client.rs +++ b/impl-openssl/examples/client.rs @@ -11,7 +11,7 @@ use tokio::net::TcpStream; async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); - let mut builder = tls_api_openssl::TlsConnector::builder().unwrap(); + let mut builder = tls_api_openssl_2::TlsConnector::builder().unwrap(); builder .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-openssl/tests/test.rs b/impl-openssl/tests/test.rs index e91e406..1a54b54 100644 --- a/impl-openssl/tests/test.rs +++ b/impl-openssl/tests/test.rs @@ -1,6 +1,6 @@ #[test] fn connect_bad_hostname() { - tls_api_test::connect_bad_hostname::(|err| { + tls_api_test::connect_bad_hostname::(|err| { let debug = format!("{:?}", err); assert!(debug.contains("certificate verify failed"), "{}", debug); }); diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index 979ab07..83c4593 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-rustls" +name = "tls-api-rustls-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,7 +12,7 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] rustls = { version = "0.20.0", features = ["dangerous_configuration"] } @@ -23,10 +23,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-rustls/README.md b/impl-rustls/README.md index 3de1f44..2b42a2a 100644 --- a/impl-rustls/README.md +++ b/impl-rustls/README.md @@ -1,7 +1,5 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-rustls-2 -# tls-api-rustls +*This is a fork of [tls-api-rustls](https://crates.io/crates/tls-api-rustls) with updated dependencies.* Implementation of tls-api over [rustls](https://crates.io/crates/rustls). diff --git a/impl-rustls/examples/client.rs b/impl-rustls/examples/client.rs index 06f4630..18a4156 100644 --- a/impl-rustls/examples/client.rs +++ b/impl-rustls/examples/client.rs @@ -13,7 +13,7 @@ async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); println!("TCP connected"); - let mut builder = tls_api_rustls::TlsConnector::builder().unwrap(); + let mut builder = tls_api_rustls_2::TlsConnector::builder().unwrap(); builder .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-rustls/examples/server.rs b/impl-rustls/examples/server.rs index 759138f..ec6392e 100644 --- a/impl-rustls/examples/server.rs +++ b/impl-rustls/examples/server.rs @@ -15,7 +15,7 @@ async fn run() { let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()); let builder = - tls_api_rustls::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); + tls_api_rustls_2::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); let acceptor = builder.build().unwrap(); #[allow(unused_mut)] diff --git a/impl-rustls/tests/test.rs b/impl-rustls/tests/test.rs index 1c3fa8b..07754f8 100644 --- a/impl-rustls/tests/test.rs +++ b/impl-rustls/tests/test.rs @@ -2,7 +2,7 @@ use std::io; #[test] fn connect_bad_hostname() { - tls_api_test::connect_bad_hostname::(|err| { + tls_api_test::connect_bad_hostname::(|err| { let err: io::Error = err.downcast().expect("io::Error"); let err: &rustls::Error = err .get_ref() @@ -20,24 +20,24 @@ fn connect_bad_hostname() { #[test] fn connect_bad_hostname_ignored() { - tls_api_test::connect_bad_hostname_ignored::() + tls_api_test::connect_bad_hostname_ignored::() } #[test] fn client_server_der() { - tls_api_test::test_client_server_der::( + tls_api_test::test_client_server_der::( ); } #[test] fn client_server_pkcs12() { tls_api_test::test_client_server_pkcs12::< - tls_api_rustls::TlsConnector, - tls_api_rustls::TlsAcceptor, + tls_api_rustls_2::TlsConnector, + tls_api_rustls_2::TlsAcceptor, >(); } #[test] fn alpn() { - tls_api_test::test_alpn::(); + tls_api_test::test_alpn::(); } diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index 1a0b01a..48ff92a 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-security-framework" +name = "tls-api-security-framework-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,7 +12,7 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] tokio = { version = "1.2.0", features = [], optional = true } @@ -21,11 +21,11 @@ void = "1.0.2" anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } -tls-api-stub = { path = "../impl-stub", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "=0.10.0-pre", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] security-framework = { version = "2.9.2", features = ["alpn"] } @@ -46,8 +46,8 @@ runtime-tokio = [ ] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-security-framework/README.md b/impl-security-framework/README.md index ed16f36..0a0ecd1 100644 --- a/impl-security-framework/README.md +++ b/impl-security-framework/README.md @@ -1,7 +1,5 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +# tls-api-security-framework-2 -# tls-api-security-framework +*This is a fork of [tls-api-security-framework](https://crates.io/crates/tls-api-security-framework) with updated dependencies.* tls-api implementation over security-framework crate. diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index 3e80569..21fb83c 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "tls-api-stub" +name = "tls-api-stub-2" version = "0.10.0-pre" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation that returns error on any operation" license = "MIT/Apache-2.0" -repository = "https://github.com/stepancheg/rust-tls-api/" +repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" @@ -12,7 +12,7 @@ edition = "2018" bench = false [badges] -travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" } +travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] void = "1.0.2" @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } [features] default = ["runtime-tokio"] @@ -32,4 +32,4 @@ runtime-async-std = ["tokio", "tls-api/runtime-async-std", "tls-api-test/runtime runtime-tokio = ["async-std", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } diff --git a/impl-stub/README.md b/impl-stub/README.md index ef90abe..7eeec11 100644 --- a/impl-stub/README.md +++ b/impl-stub/README.md @@ -1,8 +1,6 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) +## tls-api-stub-2 -## tls-api-stub +*This is a fork of [tls-api-stub](https://crates.io/crates/tls-api-stub) with updated dependencies.* Stub implementation of tls-api. All operations return an error. diff --git a/impl-stub/src/lib.rs b/impl-stub/src/lib.rs index e900ee9..4d4e659 100644 --- a/impl-stub/src/lib.rs +++ b/impl-stub/src/lib.rs @@ -5,7 +5,7 @@ //! Can be useful when you need a type parameter of type e. g. `TlsConnector`: //! //! ``` -//! use tls_api_stub::TlsConnector; +//! use tls_api_stub_2::TlsConnector; //! //! let no_connector: Option = None; //! ``` diff --git a/impl-stub/tests/version.rs b/impl-stub/tests/version.rs index 505fb62..ec1bb1b 100644 --- a/impl-stub/tests/version.rs +++ b/impl-stub/tests/version.rs @@ -1,4 +1,4 @@ #[test] fn version() { - tls_api_test::test_version::(); + tls_api_test::test_version::(); } diff --git a/interop/Cargo.toml b/interop/Cargo.toml index a63a630..eb763eb 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "interop" version = "0.0.0" -authors = ["Stepan Koltsov "] +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] publish = false edition = "2018" description = "Test different implementations compatible with each other" @@ -15,10 +15,10 @@ runtime-async-std = ["tls-api-test/runtime-async-std", "tls-api-openssl/runtime- runtime-tokio = ["tls-api-test/runtime-tokio", "tls-api-openssl/runtime-tokio", "tls-api-rustls/runtime-tokio", "tls-api-native-tls/runtime-tokio"] [dependencies] -tls-api = { path = "../api", default-features = false } -tls-api-test = { path = "../api-test", default-features = false } -tls-api-openssl = { path = "../impl-openssl", default-features = false } -tls-api-rustls = { path = "../impl-rustls", default-features = false } -tls-api-native-tls = { path = "../impl-native-tls", default-features = false } -tls-api-security-framework = { path = "../impl-security-framework", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", default-features = false } +tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl-2", default-features = false } +tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls-2", default-features = false } +tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls-2", default-features = false } +tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework-2", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", default-features = false } diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index 57c3bad..a8ced36 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "test-cert-gen" +name = "test-cert-gen-2" version = "0.10.0-pre" authors = ["Stiopa Koltsov "] edition = "2018" diff --git a/test-cert-gen/README.md b/test-cert-gen/README.md index 09ceb5f..c5209e6 100644 --- a/test-cert-gen/README.md +++ b/test-cert-gen/README.md @@ -1,7 +1,3 @@ -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI) -[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE) -[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api) - # test-cert-gen Utility to generate certificates for tests. diff --git a/test-cert-gen/src/bin/gen-certs-here.rs b/test-cert-gen/src/bin/gen-certs-here.rs index 85365a4..1033557 100644 --- a/test-cert-gen/src/bin/gen-certs-here.rs +++ b/test-cert-gen/src/bin/gen-certs-here.rs @@ -1,7 +1,7 @@ use std::fs; fn main() { - let keys = test_cert_gen::gen_keys(); + let keys = test_cert_gen_2::gen_keys(); println!("writing server cert to server.pem"); fs::write("server.pem", keys.server.cert_and_key.to_pem_incorrect()).unwrap(); From b5a0b9713a24a67b90e8eafef9ecfa363bb5d251 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 21:48:32 +0200 Subject: [PATCH 04/21] Clippy lints --- api-test/build.rs | 2 +- api-test/src/gen.rs | 2 +- api-test/src/gen_rustc_nightly.rs | 2 +- api/src/acceptor.rs | 14 +++++++------- api/src/acceptor_box.rs | 10 +++++----- api/src/connector.rs | 6 +++--- api/src/connector_box.rs | 12 ------------ api/src/thread_local_context.rs | 2 +- test-cert-gen/src/cert.rs | 4 ++-- test-cert-gen/src/lib.rs | 6 +++--- 10 files changed, 24 insertions(+), 36 deletions(-) diff --git a/api-test/build.rs b/api-test/build.rs index 61f68c7..f2063b7 100644 --- a/api-test/build.rs +++ b/api-test/build.rs @@ -16,7 +16,7 @@ fn export_rustc_cfg() { let rustc = env::var("RUSTC").expect("RUSTC unset"); let mut child = process::Command::new(rustc) - .args(&["--version"]) + .args(["--version"]) .stdin(process::Stdio::null()) .stdout(process::Stdio::piped()) .spawn() diff --git a/api-test/src/gen.rs b/api-test/src/gen.rs index 6a26bd2..0281f9b 100644 --- a/api-test/src/gen.rs +++ b/api-test/src/gen.rs @@ -78,7 +78,7 @@ fn bench_1_dyn(b: &mut test::Bencher) { /// Called from impl crates to generate the common set of tests pub fn gen_tests_and_benches() { - let crate_name = env::var("CARGO_PKG_NAME").unwrap().replace("-", "_"); + let crate_name = env::var("CARGO_PKG_NAME").unwrap().replace('-', "_"); let out_dir = env::var("OUT_DIR").unwrap(); diff --git a/api-test/src/gen_rustc_nightly.rs b/api-test/src/gen_rustc_nightly.rs index 317c9f3..5eb1555 100644 --- a/api-test/src/gen_rustc_nightly.rs +++ b/api-test/src/gen_rustc_nightly.rs @@ -17,7 +17,7 @@ pub fn gen_rustc_nightly() { let rustc = env::var("RUSTC").expect("RUSTC unset"); let mut child = process::Command::new(rustc) - .args(&["--version"]) + .args(["--version"]) .stdin(process::Stdio::null()) .stdout(process::Stdio::piped()) .spawn() diff --git a/api/src/acceptor.rs b/api/src/acceptor.rs index 5c863f7..fb7c0a1 100644 --- a/api/src/acceptor.rs +++ b/api/src/acceptor.rs @@ -138,10 +138,10 @@ pub trait TlsAcceptor: Sized + Sync + Send + 'static { /// and the stream is ready to send and receive. /// /// This version of `accept` returns a stream parameterized by the underlying socket type. - fn accept_with_socket<'a, S>( - &'a self, + fn accept_with_socket( + &self, stream: S, - ) -> BoxFuture<'a, anyhow::Result>> + ) -> BoxFuture<'_, anyhow::Result>> where S: AsyncSocket + fmt::Debug + Unpin; @@ -153,10 +153,10 @@ pub trait TlsAcceptor: Sized + Sync + Send + 'static { /// This version of `accept` returns a stream parameterized by the underlying socket type. /// /// Practically, [`accept`](Self::accept) is usually enough. - fn accept_impl_tls_stream<'a, S>( - &'a self, + fn accept_impl_tls_stream( + &self, stream: S, - ) -> BoxFuture<'a, anyhow::Result> + ) -> BoxFuture<'_, anyhow::Result> where S: AsyncSocket; @@ -169,7 +169,7 @@ pub trait TlsAcceptor: Sized + Sync + Send + 'static { /// might be useful to obtain some TLS implementation-specific data. /// /// Practically, [`accept`](Self::accept) is usually enough. - fn accept<'a, S>(&'a self, stream: S) -> BoxFuture<'a, anyhow::Result> + fn accept(&self, stream: S) -> BoxFuture<'_, anyhow::Result> where S: AsyncSocket + fmt::Debug + Unpin, { diff --git a/api/src/acceptor_box.rs b/api/src/acceptor_box.rs index fff546b..46aabef 100644 --- a/api/src/acceptor_box.rs +++ b/api/src/acceptor_box.rs @@ -162,7 +162,7 @@ impl TlsAcceptorBuilderBox { trait TlsAcceptorDyn: Send + Sync + 'static { fn type_dyn(&self) -> &'static dyn TlsAcceptorType; - fn accept<'a>(&'a self, socket: AsyncSocketBox) -> BoxFuture<'a, anyhow::Result>; + fn accept(&self, socket: AsyncSocketBox) -> BoxFuture<'_, anyhow::Result>; } impl TlsAcceptorDyn for A { @@ -170,7 +170,7 @@ impl TlsAcceptorDyn for A { A::TYPE_DYN } - fn accept<'a>(&'a self, socket: AsyncSocketBox) -> BoxFuture<'a, anyhow::Result> { + fn accept(&self, socket: AsyncSocketBox) -> BoxFuture<'_, anyhow::Result> { self.accept(socket) } } @@ -198,10 +198,10 @@ impl TlsAcceptorBox { /// /// This operation returns a future which is resolved when the negotiation is complete, /// and the stream is ready to send and receive. - pub fn accept<'a, S: AsyncSocket>( - &'a self, + pub fn accept( + &self, socket: S, - ) -> BoxFuture<'a, anyhow::Result> { + ) -> BoxFuture<'_, anyhow::Result> { self.0.accept(AsyncSocketBox::new(socket)) } } diff --git a/api/src/connector.rs b/api/src/connector.rs index afdc0f9..7d31252 100644 --- a/api/src/connector.rs +++ b/api/src/connector.rs @@ -106,10 +106,10 @@ pub trait TlsConnector: Sized + Sync + Send + 'static { /// Connect using default settings. /// /// Shortcut. - fn connect_default<'a, S>( - domain: &'a str, + fn connect_default( + domain: &str, stream: S, - ) -> BoxFuture<'a, anyhow::Result> + ) -> BoxFuture<'_, anyhow::Result> where S: AsyncSocket, { diff --git a/api/src/connector_box.rs b/api/src/connector_box.rs index f489546..4f03b1a 100644 --- a/api/src/connector_box.rs +++ b/api/src/connector_box.rs @@ -71,8 +71,6 @@ impl TlsConnectorType for TlsConnectorTypeImpl { // Connector builder. trait TlsConnectorBuilderDyn: Send + 'static { - fn type_dyn(&self) -> &'static dyn TlsConnectorType; - fn set_alpn_protocols(&mut self, protocols: &[&[u8]]) -> anyhow::Result<()>; fn set_verify_hostname(&mut self, verify: bool) -> anyhow::Result<()>; @@ -83,10 +81,6 @@ trait TlsConnectorBuilderDyn: Send + 'static { } impl TlsConnectorBuilderDyn for C { - fn type_dyn(&self) -> &'static dyn TlsConnectorType { - ::TYPE_DYN - } - fn set_alpn_protocols(&mut self, protocols: &[&[u8]]) -> anyhow::Result<()> { self.set_alpn_protocols(protocols) } @@ -138,8 +132,6 @@ impl TlsConnectorBuilderBox { // Connector. trait TlsConnectorDyn: Send + Sync + 'static { - fn type_dyn(&self) -> &'static dyn TlsConnectorType; - fn connect<'a>( &'a self, domain: &'a str, @@ -148,10 +140,6 @@ trait TlsConnectorDyn: Send + Sync + 'static { } impl TlsConnectorDyn for C { - fn type_dyn(&self) -> &'static dyn TlsConnectorType { - C::TYPE_DYN - } - fn connect<'a>( &'a self, domain: &'a str, diff --git a/api/src/thread_local_context.rs b/api/src/thread_local_context.rs index 43f4878..0a75d7e 100644 --- a/api/src/thread_local_context.rs +++ b/api/src/thread_local_context.rs @@ -3,7 +3,7 @@ use std::ptr; use std::task::Context; thread_local! { - pub static CONTEXT: Cell<*mut ()> = Cell::new(ptr::null_mut()); + pub static CONTEXT: Cell<*mut ()> = const { Cell::new(ptr::null_mut()) }; } struct RestoreOnDrop(*mut ()); diff --git a/test-cert-gen/src/cert.rs b/test-cert-gen/src/cert.rs index b3f661c..eee5bcd 100644 --- a/test-cert-gen/src/cert.rs +++ b/test-cert-gen/src/cert.rs @@ -37,7 +37,7 @@ impl Cert { }) .collect(); if certs.len() == 1 { - return certs.swap_remove(0); + certs.swap_remove(0) } else if certs.len() > 1 { panic!("PEM file contains {} certificates", certs.len()); } else if count != 0 { @@ -100,7 +100,7 @@ impl PrivateKey { }) .collect(); if keys.len() == 1 { - return keys.swap_remove(0); + keys.swap_remove(0) } else if keys.len() > 1 { panic!("PEM file contains {} private keys", keys.len()); } else if count != 0 { diff --git a/test-cert-gen/src/lib.rs b/test-cert-gen/src/lib.rs index af99da9..2117cee 100644 --- a/test-cert-gen/src/lib.rs +++ b/test-cert-gen/src/lib.rs @@ -249,7 +249,7 @@ pub fn gen_keys() -> Keys { /// Generate keys pub fn keys() -> &'static Keys { - static KEYS: Lazy = Lazy::new(|| gen_keys()); + static KEYS: Lazy = Lazy::new(gen_keys); &KEYS } @@ -346,7 +346,7 @@ mod test { let server_pem = temp_dir.path().join("server.pem"); fs::write(&ca_pem, keys.client.ca.to_pem()).unwrap(); - fs::write(&server_pem, &keys.server.cert_and_key.to_pem_incorrect()).unwrap(); + fs::write(&server_pem, keys.server.cert_and_key.to_pem_incorrect()).unwrap(); // error is, what does it mean? // ``` @@ -378,7 +378,7 @@ mod test { let client = temp_dir.path().join("client"); let server = temp_dir.path().join("server.pem"); - fs::write(&client, keys.client.ca.get_der()).unwrap(); + fs::write(client, keys.client.ca.get_der()).unwrap(); fs::write(&server, keys.server.cert_and_key.to_pem_incorrect()).unwrap(); let port = 1234; From 442a806cedada5c7d6f3135491afbe770ae61557 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 21:51:31 +0200 Subject: [PATCH 05/21] Update trivial dependencies - `webpki-roots` - `cfg-if` - `winapi` - `untrusted` - `pem` --- api-test/Cargo.toml | 3 +-- api/Cargo.toml | 2 +- api/src/openssl.rs | 25 +++++++++------------ examples/Cargo.toml | 4 ++-- impl-rustls/Cargo.toml | 2 +- impl-rustls/examples/server.rs | 2 +- impl-rustls/src/connector.rs | 8 +++---- test-cert-gen/Cargo.toml | 2 +- test-cert-gen/src/cert.rs | 40 +++++++++++++++------------------- test-cert-gen/src/lib.rs | 16 +++++++------- 10 files changed, 46 insertions(+), 58 deletions(-) diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index f170bcf..80b14ad 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -20,9 +20,8 @@ log = "0.4" env_logger = "0.11.2" anyhow = "1.0.44" -pem = "0.8.3" +pem = "3.0.4" webpki = "0.22.0" -untrusted = "0.6.*" tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } diff --git a/api/Cargo.toml b/api/Cargo.toml index 686a8d6..1cc4cbc 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -16,7 +16,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -pem = "0.8.3" +pem = "3.0.4" tempfile = "3.3.0" anyhow = "1.0.44" thiserror = "1.0.30" diff --git a/api/src/openssl.rs b/api/src/openssl.rs index 794bed4..e47ff51 100644 --- a/api/src/openssl.rs +++ b/api/src/openssl.rs @@ -17,15 +17,10 @@ pub(crate) fn der_to_pkcs12(cert: &[u8], key: &[u8]) -> anyhow::Result<(Vec, let passphrase = "tls-api-123"; let pem_data = pem::encode_many(&[ - pem::Pem { - tag: "CERTIFICATE".to_owned(), - contents: cert.to_owned(), - }, - pem::Pem { - // Technically it can be non-RSA PRIVATE KEY - tag: "RSA PRIVATE KEY".to_owned(), - contents: key.to_owned(), - }, + pem::Pem::new("CERTIFICATE", cert.to_vec()), + + // Technically it can be non-RSA PRIVATE KEY + pem::Pem::new("RSA PRIVATE KEY", key.to_vec()), ]); fs::write(&cert_file, pem_data)?; @@ -84,25 +79,25 @@ pub(crate) fn pkcs12_to_der(pkcs12: &[u8], passphrase: &str) -> anyhow::Result<( } let cert_pem = fs::read_to_string(cert_pem_file)?; - let pems = pem::parse_many(cert_pem); + let pems = pem::parse_many(cert_pem)?; let mut certificates: Vec> = pems .iter() - .flat_map(|p| match p.tag.as_str() { - "CERTIFICATE" => Some(p.contents.clone()), + .flat_map(|p| match p.tag() { + "CERTIFICATE" => Some(p.contents().to_vec()), _ => None, }) .collect(); let mut keys: Vec> = pems .iter() - .flat_map(|p| match p.tag.as_str() { - "PRIVATE KEY" | "RSA PRIVATE KEY" => Some(p.contents.clone()), + .flat_map(|p| match p.tag() { + "PRIVATE KEY" | "RSA PRIVATE KEY" => Some(p.contents().to_vec()), _ => None, }) .collect(); if keys.len() != 1 || certificates.len() != 1 { return Err( crate::CommonError::PemFromPkcs12ContainsNotSingleCertKeyPair( - pems.iter().map(|p| p.tag.clone()).collect(), + pems.iter().map(|p| p.tag().to_string()).collect(), ) .into(), ); diff --git a/examples/Cargo.toml b/examples/Cargo.toml index b3a4dd8..ba5f638 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -43,7 +43,7 @@ runtime-tokio = [ [dev-dependencies] env_logger = { version = "0.11.2", default-features = false } -cfg-if = "0.1" +cfg-if = "1.0.0" tokio = { version = "1.2.0", features = ["net"] } [target.'cfg(all(not(target_os = "macos"), not(windows), not(target_os = "ios")))'.dev-dependencies] @@ -58,4 +58,4 @@ advapi32-sys = "0.2" crypt32-sys = "0.2" kernel32-sys = "0.2" schannel = "0.1" -winapi = "0.2" +winapi = "0.3.9" diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index 83c4593..f97528e 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -17,7 +17,7 @@ travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = " [dependencies] rustls = { version = "0.20.0", features = ["dangerous_configuration"] } webpki = "0.22.0" -webpki-roots = "0.22.0" +webpki-roots = "0.26.1" tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" diff --git a/impl-rustls/examples/server.rs b/impl-rustls/examples/server.rs index ec6392e..8841d6f 100644 --- a/impl-rustls/examples/server.rs +++ b/impl-rustls/examples/server.rs @@ -12,7 +12,7 @@ use test_cert_gen::pem_to_cert_key_pair; use tls_api::runtime::AsyncWriteExt; async fn run() { - let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()); + let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()).unwrap(); let builder = tls_api_rustls_2::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); diff --git a/impl-rustls/src/connector.rs b/impl-rustls/src/connector.rs index 9c9b24c..9881a4d 100644 --- a/impl-rustls/src/connector.rs +++ b/impl-rustls/src/connector.rs @@ -145,11 +145,11 @@ impl tls_api::TlsConnector for TlsConnector { fn builder() -> anyhow::Result { let mut roots = rustls::RootCertStore::empty(); - roots.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| { + roots.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| { rustls::OwnedTrustAnchor::from_subject_spki_name_constraints( - ta.subject, - ta.spki, - ta.name_constraints, + ta.subject.as_ref(), + ta.subject_public_key_info.as_ref(), + ta.name_constraints.as_ref().map(|x| x.as_ref()), ) })); let config = rustls::ClientConfig::builder() diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index a8ced36..9cee305 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -11,5 +11,5 @@ bench = false [dependencies] tempfile = "3.3.0" -pem = "0.8.3" +pem = "3.0.4" once_cell = "1.10.0" diff --git a/test-cert-gen/src/cert.rs b/test-cert-gen/src/cert.rs index eee5bcd..d8d10e8 100644 --- a/test-cert-gen/src/cert.rs +++ b/test-cert-gen/src/cert.rs @@ -26,18 +26,18 @@ impl Cert { } /// Construct from PEM-DER-encoded. - pub fn from_pem(cert_der_pem: impl AsRef<[u8]>) -> Cert { - let pem = pem::parse_many(cert_der_pem.as_ref()); + pub fn from_pem(cert_der_pem: impl AsRef<[u8]>) -> Result { + let pem = pem::parse_many(cert_der_pem.as_ref())?; let count = pem.len(); let mut certs: Vec = pem .into_iter() - .flat_map(|p| match p.tag == "CERTIFICATE" { - true => Some(Self::from_der(p.contents)), + .flat_map(|p| match p.tag() == "CERTIFICATE" { + true => Some(Self::from_der(p.contents())), false => None, }) .collect(); if certs.len() == 1 { - certs.swap_remove(0) + Ok(certs.swap_remove(0)) } else if certs.len() > 1 { panic!("PEM file contains {} certificates", certs.len()); } else if count != 0 { @@ -59,10 +59,7 @@ impl Cert { /// Convert a certificate to PEM format. pub fn to_pem(&self) -> String { - pem::encode(&pem::Pem { - tag: "CERTIFICATE".to_owned(), - contents: self.0.clone(), - }) + pem::encode(&pem::Pem::new("CERTIFICATE", self.0.to_vec())) } } @@ -89,18 +86,18 @@ impl PrivateKey { /// Construct a private key from PEM text file. /// /// This operation returns an error if PEM file contains zero or more than one certificate. - pub fn from_pem(key_pem: impl AsRef<[u8]>) -> PrivateKey { - let pem = pem::parse_many(key_pem.as_ref()); + pub fn from_pem(key_pem: impl AsRef<[u8]>) -> Result { + let pem = pem::parse_many(key_pem.as_ref())?; let count = pem.len(); let mut keys: Vec = pem .into_iter() - .flat_map(|p| match p.tag.as_ref() { - "PRIVATE KEY" | "RSA PRIVATE KEY" => Some(Self::from_der(p.contents)), + .flat_map(|p| match p.tag() { + "PRIVATE KEY" | "RSA PRIVATE KEY" => Some(Self::from_der(p.contents())), _ => None, }) .collect(); if keys.len() == 1 { - keys.swap_remove(0) + Ok(keys.swap_remove(0)) } else if keys.len() > 1 { panic!("PEM file contains {} private keys", keys.len()); } else if count != 0 { @@ -121,25 +118,22 @@ impl PrivateKey { /// without verifying that the private key is actually RSA. #[doc(hidden)] pub fn to_pem_incorrect(&self) -> String { - pem::encode(&pem::Pem { - tag: "RSA PRIVATE KEY".to_owned(), - contents: self.0.clone(), - }) + pem::encode(&pem::Pem::new("RSA PRIVATE KEY", self.0.clone())) } } /// Parse PEM file into a pair of certificate and private key. -pub fn pem_to_cert_key_pair(pem: &[u8]) -> (Cert, PrivateKey) { - let entries = pem::parse_many(pem); +pub fn pem_to_cert_key_pair(pem: &[u8]) -> Result<(Cert, PrivateKey), pem::PemError> { + let entries = pem::parse_many(pem)?; if entries.len() != 2 { panic!( "PEM file should contain certificate and private key entries, got {} entries", entries.len() ); } - let cert = Cert::from_pem(pem); - let key = PrivateKey::from_pem(pem); - (cert, key) + let cert = Cert::from_pem(pem)?; + let key = PrivateKey::from_pem(pem)?; + Ok((cert, key)) } /// DER-encoded diff --git a/test-cert-gen/src/lib.rs b/test-cert-gen/src/lib.rs index 2117cee..81ac7a9 100644 --- a/test-cert-gen/src/lib.rs +++ b/test-cert-gen/src/lib.rs @@ -107,12 +107,12 @@ fn gen_root_ca() -> CertAndPrivateKey { let cert = fs::read_to_string(&certfile).unwrap(); let key = fs::read_to_string(&keyfile).unwrap(); - assert_eq!(1, pem::parse_many(cert.as_bytes()).len()); - assert_eq!(1, pem::parse_many(key.as_bytes()).len()); + assert_eq!(1, pem::parse_many(cert.as_bytes()).unwrap().len()); + assert_eq!(1, pem::parse_many(key.as_bytes()).unwrap().len()); CertAndPrivateKey { - cert: Cert::from_pem(&cert), - key: PrivateKey::from_pem(&key), + cert: Cert::from_pem(&cert).unwrap(), + key: PrivateKey::from_pem(&key).unwrap(), } } @@ -220,12 +220,12 @@ fn gen_cert_for_domain(domain: &str, ca: &CertAndPrivateKey) -> CertAndPrivateKe let cert = fs::read_to_string(&cert_path).unwrap(); // verify - assert_eq!(1, pem::parse_many(cert.as_bytes()).len()); - assert_eq!(1, pem::parse_many(key.as_bytes()).len()); + assert_eq!(1, pem::parse_many(cert.as_bytes()).unwrap().len()); + assert_eq!(1, pem::parse_many(key.as_bytes()).unwrap().len()); CertAndPrivateKey { - cert: Cert::from_pem(&cert), - key: PrivateKey::from_pem(&key), + cert: Cert::from_pem(&cert).unwrap(), + key: PrivateKey::from_pem(&key).unwrap(), } } From 1df0dbd64f5611e9fe9221698385bfc8ff2f4665 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 21:52:00 +0200 Subject: [PATCH 06/21] Shutdown TLS streams When I tried updating to latest version of rustls, I've noticed the following test failure: ``` rustls::Custom { kind: UnexpectedEof, error: "peer closed connection without sending TLS close_notify: https://docs.rs/rustls/latest/rustls/manual/_03_howto/index.html#unexpected-eof" } ``` This is happening because in [rustls 0.21.2](https://github.com/rustls/rustls/releases/tag/v%2F0.21.2), they started differentiating between "unexpected and expected EOF in `Stream` and `StreamOwned`". This follows TLS standard, as the close_notify message must be sent before closing the connection. We weren't doing that I our test cases so they failed. But even when I added `AsyncWrite::poll_shutdown(socket).await` to the tests, they were still failing, since we weren't propagating this call to the underlying sync TLS streams, but just calling `.flush()`. The problem here was that there is no sync equivalent to `AsyncWrite::shutdown`. My solution was to add a new trait `WriteShutdown` that all sync TLS streams must implement. It turns out that OpenSSL, native TLS and rustls all have shutdown methods that they are expecting to be called. --- This is a breaking change, because there are streams that previous versions deemed correct, but newer versions would return an error on. This is fixes [vulnerability to truncation attacks](https://docs.rs/rustls/latest/rustls/manual/_03_howto/index.html#unexpected-eof). --- api-test/src/alpn.rs | 1 + api-test/src/client_server.rs | 1 + api-test/src/client_server_dyn.rs | 1 + api-test/src/google.rs | 13 +++++- api/src/async_as_sync.rs | 45 ++++++++++++++++++- impl-native-tls/src/handshake.rs | 6 ++- impl-native-tls/src/stream.rs | 71 ++++++++++++++++++++++++++--- impl-openssl/src/handshake.rs | 6 ++- impl-openssl/src/stream.rs | 75 ++++++++++++++++++++++++++++--- impl-rustls/src/rustls_utils.rs | 12 +++++ 10 files changed, 210 insertions(+), 21 deletions(-) diff --git a/api-test/src/alpn.rs b/api-test/src/alpn.rs index 286bad4..8178a7d 100644 --- a/api-test/src/alpn.rs +++ b/api-test/src/alpn.rs @@ -73,6 +73,7 @@ where assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + t!(socket.shutdown().await); }; block_on(f); }); diff --git a/api-test/src/client_server.rs b/api-test/src/client_server.rs index 6f7fa4e..b8b7b95 100644 --- a/api-test/src/client_server.rs +++ b/api-test/src/client_server.rs @@ -58,6 +58,7 @@ where assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + t!(socket.shutdown().await); }; block_on(future); }) diff --git a/api-test/src/client_server_dyn.rs b/api-test/src/client_server_dyn.rs index 3f9c961..9c9142a 100644 --- a/api-test/src/client_server_dyn.rs +++ b/api-test/src/client_server_dyn.rs @@ -51,6 +51,7 @@ async fn test_client_server_dyn_impl( assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + t!(socket.shutdown().await); }; block_on(future); }) diff --git a/api-test/src/google.rs b/api-test/src/google.rs index e3e6201..5f8fed5 100644 --- a/api-test/src/google.rs +++ b/api-test/src/google.rs @@ -31,7 +31,18 @@ async fn test_google_impl() { t!(tls_stream.write_all(b"GET / HTTP/1.0\r\n\r\n").await); let mut result = vec![]; - t!(tls_stream.read_to_end(&mut result).await); + let res = tls_stream.read_to_end(&mut result).await; + + // Google will not send close_notify and just close the connection. + // This means that they are not confirming to TLS exactly, that connections to google.com + // are vulnerable to truncation attacks and that we need to suppress error about this here. + match res { + Ok(_) => {} + Err(e) + if e.to_string() + .contains("peer closed connection without sending TLS close_notify") => {} + Err(e) => panic!("{}", e), + } println!("{}", String::from_utf8_lossy(&result)); assert!( diff --git a/api/src/async_as_sync.rs b/api/src/async_as_sync.rs index 7c8b9fa..66b681b 100644 --- a/api/src/async_as_sync.rs +++ b/api/src/async_as_sync.rs @@ -119,7 +119,7 @@ where /// API-implementation of wrapper stream. /// /// Wrapped object is always [`AsyncIoAsSyncIo`]. - type SyncWrapper: Read + Write + Unpin + Send + 'static; + type SyncWrapper: Read + Write + WriteShutdown + Unpin + Send + 'static; /// Which crates imlpements this? fn impl_info() -> ImplInfo; @@ -137,6 +137,47 @@ where fn get_alpn_protocol(w: &Self::SyncWrapper) -> anyhow::Result>>; } +/// Notify the writer that there will be no more data written. +/// In context of TLS providers, this is great time to send notify_close message. +pub trait WriteShutdown: Write { + /// Initiates or attempts to shut down this writer, returning when + /// the I/O connection has completely shut down. + /// + /// For example this is suitable for implementing shutdown of a + /// TLS connection or calling `TcpStream::shutdown` on a proxied connection. + /// Protocols sometimes need to flush out final pieces of data or otherwise + /// perform a graceful shutdown handshake, reading/writing more data as + /// appropriate. This method is the hook for such protocols to implement the + /// graceful shutdown logic. + /// + /// This `shutdown` method is required by implementers of the + /// `AsyncWrite` trait. Wrappers typically just want to proxy this call + /// through to the wrapped type, and base types will typically implement + /// shutdown logic here or just return `Ok(().into())`. Note that if you're + /// wrapping an underlying `AsyncWrite` a call to `shutdown` implies that + /// transitively the entire stream has been shut down. After your wrapper's + /// shutdown logic has been executed you should shut down the underlying + /// stream. + /// + /// Invocation of a `shutdown` implies an invocation of `flush`. Once this + /// method returns it implies that a flush successfully happened + /// before the shutdown happened. That is, callers don't need to call + /// `flush` before calling `shutdown`. They can rely that by calling + /// `shutdown` any pending buffered data will be written out. + /// + /// # Errors + /// + /// This function can return normal I/O errors through `Err`, described + /// above. Additionally this method may also render the underlying + /// `Write::write` method no longer usable (e.g. will return errors in the + /// future). It's recommended that once `shutdown` is called the + /// `write` method is no longer called. + fn shutdown(&mut self) -> Result<(), io::Error> { + self.flush()?; + Ok(()) + } +} + /// Implementation of `TlsStreamImpl` for APIs using synchronous I/O. pub struct TlsStreamOverSyncIo where @@ -270,7 +311,7 @@ where #[cfg(feature = "runtime-tokio")] fn poll_shutdown(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { self.get_mut() - .with_context_sync_to_async(cx, |stream| stream.stream.flush()) + .with_context_sync_to_async(cx, |stream| stream.stream.shutdown()) } #[cfg(feature = "runtime-async-std")] diff --git a/impl-native-tls/src/handshake.rs b/impl-native-tls/src/handshake.rs index e585a73..c4dde43 100644 --- a/impl-native-tls/src/handshake.rs +++ b/impl-native-tls/src/handshake.rs @@ -11,6 +11,8 @@ use tls_api::async_as_sync::AsyncIoAsSyncIo; use tls_api::spi::save_context; use tls_api::AsyncSocket; +use crate::stream::NativeTlsStream; + pub(crate) enum HandshakeFuture { Initial(F, AsyncIoAsSyncIo), MidHandshake(native_tls::MidHandshakeTlsStream>), @@ -36,7 +38,7 @@ where match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(stream))); + return Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))); } Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); @@ -48,7 +50,7 @@ where }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(stream))); + return Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))); } Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); diff --git a/impl-native-tls/src/stream.rs b/impl-native-tls/src/stream.rs index d89faf0..eb6ad3e 100644 --- a/impl-native-tls/src/stream.rs +++ b/impl-native-tls/src/stream.rs @@ -1,15 +1,18 @@ -use native_tls::TlsStream as native_tls_TlsStream; use std::fmt; +use std::io; +use std::io::Read; +use std::io::Write; use std::marker::PhantomData; use tls_api::async_as_sync::AsyncIoAsSyncIo; use tls_api::async_as_sync::AsyncWrapperOps; use tls_api::async_as_sync::TlsStreamOverSyncIo; +use tls_api::async_as_sync::WriteShutdown; use tls_api::spi_async_socket_impl_delegate; use tls_api::spi_tls_stream_over_sync_io_wrapper; use tls_api::AsyncSocket; use tls_api::ImplInfo; -spi_tls_stream_over_sync_io_wrapper!(TlsStream, native_tls_TlsStream); +spi_tls_stream_over_sync_io_wrapper!(TlsStream, NativeTlsStream); #[derive(Debug)] pub(crate) struct AsyncWrapperOpsImpl(PhantomData<(S, A)>) @@ -22,25 +25,79 @@ where S: fmt::Debug + Unpin + Send + 'static, A: AsyncSocket, { - type SyncWrapper = native_tls::TlsStream>; + type SyncWrapper = NativeTlsStream>; fn impl_info() -> ImplInfo { crate::info() } fn debug(w: &Self::SyncWrapper) -> &dyn fmt::Debug { - w + &w.0 } fn get_mut(w: &mut Self::SyncWrapper) -> &mut AsyncIoAsSyncIo { - w.get_mut() + w.0.get_mut() } fn get_ref(w: &Self::SyncWrapper) -> &AsyncIoAsSyncIo { - w.get_ref() + w.0.get_ref() } fn get_alpn_protocol(w: &Self::SyncWrapper) -> anyhow::Result>> { - w.negotiated_alpn().map_err(anyhow::Error::new) + w.0.negotiated_alpn().map_err(anyhow::Error::new) + } +} + +pub(crate) struct NativeTlsStream(pub(crate) native_tls::TlsStream); + +impl Write for NativeTlsStream { + fn write(&mut self, buf: &[u8]) -> io::Result { + self.0.write(buf) + } + + fn flush(&mut self) -> io::Result<()> { + self.0.flush() + } + + fn write_vectored(&mut self, bufs: &[io::IoSlice<'_>]) -> io::Result { + self.0.write_vectored(bufs) + } + + fn write_all(&mut self, buf: &[u8]) -> io::Result<()> { + self.0.write_all(buf) + } + + fn write_fmt(&mut self, fmt: fmt::Arguments<'_>) -> io::Result<()> { + self.0.write_fmt(fmt) + } +} + +impl WriteShutdown for NativeTlsStream { + fn shutdown(&mut self) -> Result<(), io::Error> { + self.flush()?; + self.0.shutdown()?; + Ok(()) + } +} + +impl Read for NativeTlsStream { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + self.0.read(buf) + } + + fn read_vectored(&mut self, bufs: &mut [io::IoSliceMut<'_>]) -> io::Result { + self.0.read_vectored(bufs) + } + + fn read_to_end(&mut self, buf: &mut Vec) -> io::Result { + self.0.read_to_end(buf) + } + + fn read_to_string(&mut self, buf: &mut String) -> io::Result { + self.0.read_to_string(buf) + } + + fn read_exact(&mut self, buf: &mut [u8]) -> io::Result<()> { + self.0.read_exact(buf) } } diff --git a/impl-openssl/src/handshake.rs b/impl-openssl/src/handshake.rs index fa70224..f91a9ef 100644 --- a/impl-openssl/src/handshake.rs +++ b/impl-openssl/src/handshake.rs @@ -11,6 +11,8 @@ use tls_api::async_as_sync::AsyncIoAsSyncIo; use tls_api::spi::save_context; use tls_api::AsyncSocket; +use crate::stream::OpenSSLStream; + pub(crate) enum HandshakeFuture { Initial(F, AsyncIoAsSyncIo), MidHandshake(openssl::ssl::MidHandshakeSslStream>), @@ -36,7 +38,7 @@ where match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(stream))); + return Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))); } Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); @@ -51,7 +53,7 @@ where }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(stream))); + return Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))); } Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); diff --git a/impl-openssl/src/stream.rs b/impl-openssl/src/stream.rs index c22390a..8e4d9fe 100644 --- a/impl-openssl/src/stream.rs +++ b/impl-openssl/src/stream.rs @@ -1,4 +1,7 @@ use std::fmt; +use std::io; +use std::io::Read; +use std::io::Write; use std::marker::PhantomData; use openssl::ssl::SslRef; @@ -6,17 +9,18 @@ use openssl::ssl::SslStream; use tls_api::async_as_sync::AsyncIoAsSyncIo; use tls_api::async_as_sync::AsyncWrapperOps; use tls_api::async_as_sync::TlsStreamOverSyncIo; +use tls_api::async_as_sync::WriteShutdown; use tls_api::spi_async_socket_impl_delegate; use tls_api::spi_tls_stream_over_sync_io_wrapper; use tls_api::AsyncSocket; use tls_api::ImplInfo; -spi_tls_stream_over_sync_io_wrapper!(TlsStream, SslStream); +spi_tls_stream_over_sync_io_wrapper!(TlsStream, OpenSSLStream); impl TlsStream { /// Get the [`SslRef`] object for the stream. pub fn get_ssl_ref(&self) -> &SslRef { - self.0.stream.ssl() + self.0.stream.0.ssl() } } @@ -31,25 +35,82 @@ where S: fmt::Debug + Unpin + Send + 'static, A: AsyncSocket, { - type SyncWrapper = openssl::ssl::SslStream>; + type SyncWrapper = OpenSSLStream>; fn debug(w: &Self::SyncWrapper) -> &dyn fmt::Debug { - w + &w.0 } fn get_mut(w: &mut Self::SyncWrapper) -> &mut AsyncIoAsSyncIo { - w.get_mut() + w.0.get_mut() } fn get_ref(w: &Self::SyncWrapper) -> &AsyncIoAsSyncIo { - w.get_ref() + w.0.get_ref() } fn get_alpn_protocol(w: &Self::SyncWrapper) -> anyhow::Result>> { - Ok(w.ssl().selected_alpn_protocol().map(Vec::from)) + Ok(w.0.ssl().selected_alpn_protocol().map(Vec::from)) } fn impl_info() -> ImplInfo { crate::into() } } + +pub(crate) struct OpenSSLStream(pub(crate) SslStream); + +impl Write for OpenSSLStream { + fn write(&mut self, buf: &[u8]) -> io::Result { + self.0.write(buf) + } + + fn flush(&mut self) -> io::Result<()> { + self.0.flush() + } + + fn write_vectored(&mut self, bufs: &[io::IoSlice<'_>]) -> io::Result { + self.0.write_vectored(bufs) + } + + fn write_all(&mut self, buf: &[u8]) -> io::Result<()> { + self.0.write_all(buf) + } + + fn write_fmt(&mut self, fmt: fmt::Arguments<'_>) -> io::Result<()> { + self.0.write_fmt(fmt) + } +} + +impl WriteShutdown for OpenSSLStream { + fn shutdown(&mut self) -> Result<(), io::Error> { + self.flush()?; + self.0.shutdown().map_err(|e| { + e.into_io_error() + .unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)) + })?; + Ok(()) + } +} + +impl Read for OpenSSLStream { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + self.0.read(buf) + } + + fn read_vectored(&mut self, bufs: &mut [io::IoSliceMut<'_>]) -> io::Result { + self.0.read_vectored(bufs) + } + + fn read_to_end(&mut self, buf: &mut Vec) -> io::Result { + self.0.read_to_end(buf) + } + + fn read_to_string(&mut self, buf: &mut String) -> io::Result { + self.0.read_to_string(buf) + } + + fn read_exact(&mut self, buf: &mut [u8]) -> io::Result<()> { + self.0.read_exact(buf) + } +} diff --git a/impl-rustls/src/rustls_utils.rs b/impl-rustls/src/rustls_utils.rs index 305a0e6..a935a41 100644 --- a/impl-rustls/src/rustls_utils.rs +++ b/impl-rustls/src/rustls_utils.rs @@ -7,6 +7,7 @@ use std::io::IoSlice; use std::io::IoSliceMut; use std::io::Read; use std::io::Write; +use tls_api::async_as_sync::WriteShutdown; pub enum RustlsSessionRef<'a> { Client(&'a ClientConnection), @@ -102,6 +103,17 @@ impl Write for RustlsStream { } } +impl WriteShutdown for RustlsStream { + fn shutdown(&mut self) -> Result<(), io::Error> { + match self { + RustlsStream::Server(s) => s.conn.send_close_notify(), + RustlsStream::Client(s) => s.conn.send_close_notify(), + } + self.flush()?; + Ok(()) + } +} + impl Read for RustlsStream { fn read(&mut self, buf: &mut [u8]) -> io::Result { match self { From ad5d2a35f84759809fbc0fb7e6c2e9eaf6289d0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 22:01:28 +0200 Subject: [PATCH 07/21] Update `rustls` dependency --- impl-rustls/Cargo.toml | 2 +- impl-rustls/src/acceptor.rs | 9 ++-- impl-rustls/src/connector.rs | 80 ++++++++++++++++++++++++------------ impl-rustls/tests/test.rs | 4 +- 4 files changed, 61 insertions(+), 34 deletions(-) diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index f97528e..cb1e236 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -rustls = { version = "0.20.0", features = ["dangerous_configuration"] } +rustls = { version = "0.23.5" } webpki = "0.22.0" webpki-roots = "0.26.1" tokio = { version = "1.2.0", features = [], optional = true } diff --git a/impl-rustls/src/acceptor.rs b/impl-rustls/src/acceptor.rs index c389a83..7f057ba 100644 --- a/impl-rustls/src/acceptor.rs +++ b/impl-rustls/src/acceptor.rs @@ -1,3 +1,4 @@ +use std::convert::TryFrom; use std::sync::Arc; use rustls::StreamOwned; @@ -79,11 +80,13 @@ impl tls_api::TlsAcceptor for TlsAcceptor { } fn builder_from_der_key(cert: &[u8], key: &[u8]) -> anyhow::Result { - let cert = rustls::Certificate(cert.to_vec()); + let cert = rustls::pki_types::CertificateDer::from(cert.to_vec()); let config = rustls::ServerConfig::builder() - .with_safe_defaults() .with_no_client_auth() - .with_single_cert(vec![cert], rustls::PrivateKey(key.to_vec())) + .with_single_cert( + vec![cert], + rustls::pki_types::PrivateKeyDer::try_from(key.to_vec()).map_err(|x| anyhow::anyhow!(x))? + ) .map_err(anyhow::Error::new)?; Ok(TlsAcceptorBuilder(config)) } diff --git a/impl-rustls/src/connector.rs b/impl-rustls/src/connector.rs index 9881a4d..6732c9b 100644 --- a/impl-rustls/src/connector.rs +++ b/impl-rustls/src/connector.rs @@ -1,6 +1,10 @@ use std::convert::TryFrom; use std::sync::Arc; +use rustls::crypto::aws_lc_rs; +use rustls::crypto::verify_tls12_signature; +use rustls::crypto::verify_tls13_signature; +use rustls::crypto::WebPkiSupportedAlgorithms; use rustls::StreamOwned; use tls_api::async_as_sync::AsyncIoAsSyncIo; @@ -39,25 +43,56 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { fn set_verify_hostname(&mut self, verify: bool) -> anyhow::Result<()> { if !verify { - struct NoCertificateVerifier; + #[derive(Debug)] + struct NoCertificateServerVerifier { + supported: WebPkiSupportedAlgorithms, + } - impl rustls::client::ServerCertVerifier for NoCertificateVerifier { + impl rustls::client::danger::ServerCertVerifier for NoCertificateServerVerifier { fn verify_server_cert( &self, - _end_entity: &rustls::Certificate, - _intermediates: &[rustls::Certificate], - _server_name: &rustls::ServerName, - _scts: &mut dyn Iterator, + _end_entity: &rustls::pki_types::CertificateDer<'_>, + _intermediates: &[rustls::pki_types::CertificateDer<'_>], + _server_name: &rustls::pki_types::ServerName<'_>, _ocsp_response: &[u8], - _now: std::time::SystemTime, - ) -> Result { - Ok(rustls::client::ServerCertVerified::assertion()) + _now: rustls::pki_types::UnixTime, + ) -> Result + { + Ok(rustls::client::danger::ServerCertVerified::assertion()) + } + + fn verify_tls12_signature( + &self, + message: &[u8], + cert: &rustls::pki_types::CertificateDer<'_>, + dss: &rustls::DigitallySignedStruct, + ) -> Result + { + verify_tls12_signature(message, cert, dss, &self.supported) + } + + fn verify_tls13_signature( + &self, + message: &[u8], + cert: &rustls::pki_types::CertificateDer<'_>, + dss: &rustls::DigitallySignedStruct, + ) -> Result + { + verify_tls13_signature(message, cert, dss, &self.supported) + } + + fn supported_verify_schemes(&self) -> Vec { + self.supported.supported_schemes() } } + let no_cert_verifier = NoCertificateServerVerifier { + supported: aws_lc_rs::default_provider().signature_verification_algorithms, + }; + self.config .dangerous() - .set_certificate_verifier(Arc::new(NoCertificateVerifier)); + .set_certificate_verifier(Arc::new(no_cert_verifier)); self.verify_hostname = false; } else { if !self.verify_hostname { @@ -69,8 +104,8 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } fn add_root_certificate(&mut self, cert: &[u8]) -> anyhow::Result<()> { - let cert = rustls::Certificate(cert.to_vec()); - self.root_store.add(&cert).map_err(anyhow::Error::new)?; + let cert = rustls::pki_types::CertificateDer::from(cert); + self.root_store.add(cert).map_err(anyhow::Error::new)?; Ok(()) } @@ -78,14 +113,12 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { let mut config = self.config; if !self.root_store.is_empty() { let mut new_config = rustls::ClientConfig::builder() - .with_safe_defaults() .with_root_certificates(self.root_store) .with_no_client_auth(); new_config.alpn_protocols = config.alpn_protocols; - new_config.session_storage = config.session_storage; + new_config.resumption = config.resumption; new_config.max_fragment_size = config.max_fragment_size; new_config.client_auth_cert_resolver = config.client_auth_cert_resolver; - new_config.enable_tickets = config.enable_tickets; new_config.enable_sni = config.enable_sni; new_config.key_log = config.key_log; new_config.enable_early_data = config.enable_early_data; @@ -106,10 +139,10 @@ impl TlsConnector { where S: AsyncSocket, { - let dns_name = rustls::ServerName::try_from(domain); - let dns_name = match dns_name.map_err(|_| anyhow::Error::new(webpki::InvalidDnsNameError)) { - Ok(dns_name) => dns_name, - Err(e) => return BoxFuture::new(async { Err(e) }), + let dns_name = rustls::pki_types::ServerName::try_from(domain); + let dns_name = match dns_name { + Ok(dns_name) => dns_name.to_owned(), + Err(e) => return BoxFuture::new(async { Err(anyhow::anyhow!(e)) }), }; let conn = rustls::ClientConnection::new(self.config.clone(), dns_name); let conn = match conn.map_err(|e| anyhow::Error::new(e)) { @@ -145,15 +178,8 @@ impl tls_api::TlsConnector for TlsConnector { fn builder() -> anyhow::Result { let mut roots = rustls::RootCertStore::empty(); - roots.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| { - rustls::OwnedTrustAnchor::from_subject_spki_name_constraints( - ta.subject.as_ref(), - ta.subject_public_key_info.as_ref(), - ta.name_constraints.as_ref().map(|x| x.as_ref()), - ) - })); + roots.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); let config = rustls::ClientConfig::builder() - .with_safe_defaults() .with_root_certificates(roots) .with_no_client_auth(); Ok(TlsConnectorBuilder { diff --git a/impl-rustls/tests/test.rs b/impl-rustls/tests/test.rs index 07754f8..51f4f67 100644 --- a/impl-rustls/tests/test.rs +++ b/impl-rustls/tests/test.rs @@ -10,9 +10,7 @@ fn connect_bad_hostname() { .downcast_ref() .expect("rustls::TLSError"); match err { - rustls::Error::InvalidCertificateData(e) => { - assert_eq!(e, "invalid peer certificate: CertNotValidForName"); - } + rustls::Error::InvalidCertificate(rustls::CertificateError::NotValidForName) => {}, err => panic!("wrong error: {:?}", err), } }); From d2f968933dd752a3517258f369b5994ab4745056 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 22:01:55 +0200 Subject: [PATCH 08/21] Format --- api/src/acceptor_box.rs | 5 +---- api/src/connector.rs | 5 +---- api/src/openssl.rs | 1 - impl-rustls/examples/server.rs | 3 ++- impl-rustls/src/acceptor.rs | 3 ++- impl-rustls/tests/test.rs | 8 +++++--- 6 files changed, 11 insertions(+), 14 deletions(-) diff --git a/api/src/acceptor_box.rs b/api/src/acceptor_box.rs index 46aabef..21cc17e 100644 --- a/api/src/acceptor_box.rs +++ b/api/src/acceptor_box.rs @@ -198,10 +198,7 @@ impl TlsAcceptorBox { /// /// This operation returns a future which is resolved when the negotiation is complete, /// and the stream is ready to send and receive. - pub fn accept( - &self, - socket: S, - ) -> BoxFuture<'_, anyhow::Result> { + pub fn accept(&self, socket: S) -> BoxFuture<'_, anyhow::Result> { self.0.accept(AsyncSocketBox::new(socket)) } } diff --git a/api/src/connector.rs b/api/src/connector.rs index 7d31252..8b16df6 100644 --- a/api/src/connector.rs +++ b/api/src/connector.rs @@ -106,10 +106,7 @@ pub trait TlsConnector: Sized + Sync + Send + 'static { /// Connect using default settings. /// /// Shortcut. - fn connect_default( - domain: &str, - stream: S, - ) -> BoxFuture<'_, anyhow::Result> + fn connect_default(domain: &str, stream: S) -> BoxFuture<'_, anyhow::Result> where S: AsyncSocket, { diff --git a/api/src/openssl.rs b/api/src/openssl.rs index e47ff51..0a3160d 100644 --- a/api/src/openssl.rs +++ b/api/src/openssl.rs @@ -18,7 +18,6 @@ pub(crate) fn der_to_pkcs12(cert: &[u8], key: &[u8]) -> anyhow::Result<(Vec, let pem_data = pem::encode_many(&[ pem::Pem::new("CERTIFICATE", cert.to_vec()), - // Technically it can be non-RSA PRIVATE KEY pem::Pem::new("RSA PRIVATE KEY", key.to_vec()), ]); diff --git a/impl-rustls/examples/server.rs b/impl-rustls/examples/server.rs index 8841d6f..d3cf87a 100644 --- a/impl-rustls/examples/server.rs +++ b/impl-rustls/examples/server.rs @@ -12,7 +12,8 @@ use test_cert_gen::pem_to_cert_key_pair; use tls_api::runtime::AsyncWriteExt; async fn run() { - let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()).unwrap(); + let (cert, key) = + pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()).unwrap(); let builder = tls_api_rustls_2::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); diff --git a/impl-rustls/src/acceptor.rs b/impl-rustls/src/acceptor.rs index 7f057ba..c3462fc 100644 --- a/impl-rustls/src/acceptor.rs +++ b/impl-rustls/src/acceptor.rs @@ -85,7 +85,8 @@ impl tls_api::TlsAcceptor for TlsAcceptor { .with_no_client_auth() .with_single_cert( vec![cert], - rustls::pki_types::PrivateKeyDer::try_from(key.to_vec()).map_err(|x| anyhow::anyhow!(x))? + rustls::pki_types::PrivateKeyDer::try_from(key.to_vec()) + .map_err(|x| anyhow::anyhow!(x))?, ) .map_err(anyhow::Error::new)?; Ok(TlsAcceptorBuilder(config)) diff --git a/impl-rustls/tests/test.rs b/impl-rustls/tests/test.rs index 51f4f67..8672a71 100644 --- a/impl-rustls/tests/test.rs +++ b/impl-rustls/tests/test.rs @@ -10,7 +10,7 @@ fn connect_bad_hostname() { .downcast_ref() .expect("rustls::TLSError"); match err { - rustls::Error::InvalidCertificate(rustls::CertificateError::NotValidForName) => {}, + rustls::Error::InvalidCertificate(rustls::CertificateError::NotValidForName) => {} err => panic!("wrong error: {:?}", err), } }); @@ -23,8 +23,10 @@ fn connect_bad_hostname_ignored() { #[test] fn client_server_der() { - tls_api_test::test_client_server_der::( - ); + tls_api_test::test_client_server_der::< + tls_api_rustls_2::TlsConnector, + tls_api_rustls_2::TlsAcceptor, + >(); } #[test] From 37cd21294cd54eb014c5d48438a1175a85c056be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Tue, 7 May 2024 22:06:04 +0200 Subject: [PATCH 09/21] Update version --- README.md | 2 ++ api-test/Cargo.toml | 6 +++--- api/Cargo.toml | 2 +- impl-native-tls/Cargo.toml | 12 ++++++------ impl-not-tls/Cargo.toml | 8 ++++---- impl-openssl/Cargo.toml | 12 ++++++------ impl-rustls/Cargo.toml | 12 ++++++------ impl-security-framework/Cargo.toml | 14 +++++++------- impl-stub/Cargo.toml | 8 ++++---- test-cert-gen/Cargo.toml | 2 +- 10 files changed, 40 insertions(+), 38 deletions(-) diff --git a/README.md b/README.md index 091504a..af763f3 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # One TLS API to rule them all +*This is a fork of [tls-api](https://crates.io/crates/tls-api) with updated dependencies.* + Supports: * **tokio** and **async-std** * **rustls**, **native-tls**, **openssl**, **security-framework** diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index 80b14ad..d34e97c 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-test-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" license = "MIT/Apache-2.0" @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } log = "0.4" env_logger = "0.11.2" anyhow = "1.0.44" @@ -26,7 +26,7 @@ webpki = "0.22.0" tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] diff --git a/api/Cargo.toml b/api/Cargo.toml index 1cc4cbc..b4fa2ab 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" license = "MIT/Apache-2.0" diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index ec6d4f7..b060663 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-native-tls-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over native-tls crate" license = "MIT/Apache-2.0" @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -32,8 +32,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index 12334f6..12de583 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-not-tls-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." license = "MIT/Apache-2.0" @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } @@ -23,7 +23,7 @@ anyhow = "1.0.44" thiserror = "1.0.30" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -31,4 +31,4 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index d53981b..e424c2b 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-openssl-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over openssl crate" license = "MIT/Apache-2.0" @@ -19,14 +19,14 @@ travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = " # To implement OpenSSL version check in build.rs openssl-sys = { version = "0.9.43" } openssl = { version = "0.10.20", features = ["v102", "v110"] } -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index cb1e236..abf899a 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-rustls-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" license = "MIT/Apache-2.0" @@ -23,10 +23,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index 48ff92a..ead1448 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-security-framework-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" license = "MIT/Apache-2.0" @@ -21,11 +21,11 @@ void = "1.0.2" anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } -tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] security-framework = { version = "2.9.2", features = ["alpn"] } @@ -46,8 +46,8 @@ runtime-tokio = [ ] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index 21fb83c..dba6ae4 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-stub-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation that returns error on any operation" license = "MIT/Apache-2.0" @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "1.0.30" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.10.0-pre", default-features = false } +tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -32,4 +32,4 @@ runtime-async-std = ["tokio", "tls-api/runtime-async-std", "tls-api-test/runtime runtime-tokio = ["async-std", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.10.0-pre", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index 9cee305..d56f8c9 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "test-cert-gen-2" -version = "0.10.0-pre" +version = "0.11.0" authors = ["Stiopa Koltsov "] edition = "2018" description = "Utility to generate certificates for tests (e. g. for TLS)" From 42adc372a457e1bb7e6ecb4d484d632c2172f70b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Thu, 29 Aug 2024 09:44:58 +0200 Subject: [PATCH 10/21] Make rustls not use default features --- impl-rustls/Cargo.toml | 4 ++-- impl-rustls/src/connector.rs | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index abf899a..e0b4d6b 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tls-api-rustls-2" -version = "0.11.0" +version = "0.11.1" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" license = "MIT/Apache-2.0" @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -rustls = { version = "0.23.5" } +rustls = { version = "0.23.5", default-features = false, features = ["std"] } webpki = "0.22.0" webpki-roots = "0.26.1" tokio = { version = "1.2.0", features = [], optional = true } diff --git a/impl-rustls/src/connector.rs b/impl-rustls/src/connector.rs index 6732c9b..be5965b 100644 --- a/impl-rustls/src/connector.rs +++ b/impl-rustls/src/connector.rs @@ -1,7 +1,6 @@ use std::convert::TryFrom; use std::sync::Arc; -use rustls::crypto::aws_lc_rs; use rustls::crypto::verify_tls12_signature; use rustls::crypto::verify_tls13_signature; use rustls::crypto::WebPkiSupportedAlgorithms; @@ -87,7 +86,7 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } let no_cert_verifier = NoCertificateServerVerifier { - supported: aws_lc_rs::default_provider().signature_verification_algorithms, + supported: rustls::crypto::CryptoProvider::get_default().unwrap().signature_verification_algorithms, }; self.config From 21b70a18916fe198044e34719231de84f7ccf9e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:06:17 +0100 Subject: [PATCH 11/21] test: fix a few breakages --- flake.nix | 1 + interop/Cargo.toml | 2 ++ 2 files changed, 3 insertions(+) diff --git a/flake.nix b/flake.nix index 7e3f683..135e932 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,7 @@ buildInputs = [ pkgs.openssl pkgs.pkg-config + pkgs.cargo-nextest rustToolchain ] ++ pkgs.lib.optional pkgs.stdenv.isDarwin [ diff --git a/interop/Cargo.toml b/interop/Cargo.toml index eb763eb..b5a7a34 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -22,3 +22,5 @@ tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustl tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls-2", default-features = false } tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework-2", default-features = false } test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", default-features = false } + +rustls = { version = "0.23.5", default-features = false, features = ["ring", "tls12"] } From fee9cfe51039a96ba4b3bf113f4f23f0770df2ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:09:34 +0100 Subject: [PATCH 12/21] chore: apply clippy lints --- api/src/acceptor.rs | 4 ++-- api/src/connector.rs | 4 ++-- ci-gen/src/main.rs | 12 ++++++------ impl-native-tls/examples/client.rs | 2 +- impl-native-tls/src/acceptor.rs | 8 ++++---- impl-native-tls/src/connector.rs | 2 +- impl-native-tls/src/handshake.rs | 12 ++++++------ impl-not-tls/src/acceptor.rs | 13 ++++--------- impl-not-tls/src/connector.rs | 4 ++-- impl-openssl/examples/client.rs | 2 +- impl-openssl/src/acceptor.rs | 10 +++++----- impl-openssl/src/connector.rs | 2 +- impl-openssl/src/handshake.rs | 16 ++++++++-------- impl-rustls/examples/client.rs | 2 +- impl-rustls/examples/server.rs | 2 +- impl-rustls/src/acceptor.rs | 12 ++++++------ impl-rustls/src/connector.rs | 12 +++++------- impl-rustls/src/handshake.rs | 6 +++--- impl-security-framework/src/acceptor.rs | 8 ++++---- impl-security-framework/src/connector.rs | 2 +- impl-stub/src/acceptor.rs | 10 +++------- impl-stub/src/connector.rs | 12 +++++------- 22 files changed, 72 insertions(+), 85 deletions(-) diff --git a/api/src/acceptor.rs b/api/src/acceptor.rs index fb7c0a1..2f7ef47 100644 --- a/api/src/acceptor.rs +++ b/api/src/acceptor.rs @@ -180,7 +180,7 @@ pub trait TlsAcceptor: Sized + Sync + Send + 'static { /// Common part of all connectors. Poor man replacement for HKT. #[macro_export] macro_rules! spi_acceptor_common { - () => { + ($stream: ty) => { fn accept_with_socket<'a, S>( &'a self, stream: S, @@ -189,7 +189,7 @@ macro_rules! spi_acceptor_common { S: $crate::AsyncSocket, { $crate::BoxFuture::new(async move { - let crate_tls_stream: crate::TlsStream = self.accept_impl(stream).await?; + let crate_tls_stream: $stream = self.accept_impl(stream).await?; Ok($crate::TlsStreamWithSocket::new(crate_tls_stream)) }) } diff --git a/api/src/connector.rs b/api/src/connector.rs index 8b16df6..6fe1bda 100644 --- a/api/src/connector.rs +++ b/api/src/connector.rs @@ -174,7 +174,7 @@ pub trait TlsConnector: Sized + Sync + Send + 'static { /// Common part of all connectors. Poor man replacement for HKT. #[macro_export] macro_rules! spi_connector_common { - () => { + ($stream: ty) => { fn connect_with_socket<'a, S>( &'a self, domain: &'a str, @@ -184,7 +184,7 @@ macro_rules! spi_connector_common { S: $crate::AsyncSocket, { $crate::BoxFuture::new(async move { - let crate_tls_stream: crate::TlsStream = + let crate_tls_stream: $stream = self.connect_impl(domain, stream).await?; Ok($crate::TlsStreamWithSocket::new(crate_tls_stream)) }) diff --git a/ci-gen/src/main.rs b/ci-gen/src/main.rs index b03d83e..fed1165 100644 --- a/ci-gen/src/main.rs +++ b/ci-gen/src/main.rs @@ -80,11 +80,12 @@ const WINDOWS: Os = Os { fn cargo_doc_job() -> Job { let os = LINUX; - let mut steps = Vec::new(); - steps.push(cargo_cache()); - steps.push(checkout_sources()); - steps.push(rust_install_toolchain(RustToolchain::Stable)); - steps.push(cargo_doc("cargo doc", "")); + let steps = vec![ + cargo_cache(), + checkout_sources(), + rust_install_toolchain(RustToolchain::Stable), + cargo_doc("cargo doc", ""), + ]; Job { id: "cargo-doc".to_owned(), name: "cargo doc".to_owned(), @@ -113,7 +114,6 @@ fn jobs() -> Vec { runs_on: os.ghwf, env: vec![("RUST_BACKTRACE".to_owned(), "1".to_owned())], steps: steps(rt, os, channel), - ..Default::default() }); } } diff --git a/impl-native-tls/examples/client.rs b/impl-native-tls/examples/client.rs index 5203860..8719a4a 100644 --- a/impl-native-tls/examples/client.rs +++ b/impl-native-tls/examples/client.rs @@ -17,7 +17,7 @@ async fn run() { let mut builder = tls_api_native_tls_2::TlsConnector::builder().unwrap(); builder - .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) + .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); // builder.add_root_certificate(Cert::Der(X509Cert::new(fs::read("/Users/nga/devel/left/rust-security-framework/security-framework/test/server.der").unwrap()))).unwrap(); // builder.builder.danger_accept_invalid_certs(true); diff --git a/impl-native-tls/src/acceptor.rs b/impl-native-tls/src/acceptor.rs index bd27c18..47502d0 100644 --- a/impl-native-tls/src/acceptor.rs +++ b/impl-native-tls/src/acceptor.rs @@ -31,10 +31,10 @@ impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { } impl TlsAcceptor { - fn accept_impl<'a, S>( - &'a self, + fn accept_impl( + &self, stream: S, - ) -> impl Future>> + 'a + ) -> impl Future>> + '_ where S: AsyncSocket, { @@ -69,5 +69,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { ))) } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-native-tls/src/connector.rs b/impl-native-tls/src/connector.rs index ff98587..0718578 100644 --- a/impl-native-tls/src/connector.rs +++ b/impl-native-tls/src/connector.rs @@ -101,5 +101,5 @@ impl tls_api::TlsConnector for TlsConnector { }) } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } diff --git a/impl-native-tls/src/handshake.rs b/impl-native-tls/src/handshake.rs index c4dde43..667ba3b 100644 --- a/impl-native-tls/src/handshake.rs +++ b/impl-native-tls/src/handshake.rs @@ -38,26 +38,26 @@ where match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))); + Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))) } Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); - return Poll::Pending; + Poll::Pending } Err(native_tls::HandshakeError::Failure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e))) + Poll::Ready(Err(anyhow::Error::new(e))) } }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))); + Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))) } Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); - return Poll::Pending; + Poll::Pending } Err(native_tls::HandshakeError::Failure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e))) + Poll::Ready(Err(anyhow::Error::new(e))) } }, HandshakeFuture::Done => panic!("Future must not be polled after ready"), diff --git a/impl-not-tls/src/acceptor.rs b/impl-not-tls/src/acceptor.rs index df9507b..a53d8d1 100644 --- a/impl-not-tls/src/acceptor.rs +++ b/impl-not-tls/src/acceptor.rs @@ -1,5 +1,3 @@ -use std::future::Future; - use std::fmt; use tls_api::spi_acceptor_common; use tls_api::AsyncSocket; @@ -22,21 +20,18 @@ impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { } fn build(self) -> anyhow::Result { - Ok(TlsAcceptor(self.0)) + Ok(TlsAcceptor(())) } } pub struct TlsAcceptor(pub ()); impl TlsAcceptor { - fn accept_impl<'a, S>( - &'a self, - stream: S, - ) -> impl Future>> + 'a + async fn accept_impl(&self, stream: S) -> anyhow::Result> where S: AsyncSocket + fmt::Debug + Unpin, { - async { Ok(crate::stream::TlsStream(stream)) } + Ok(crate::stream::TlsStream(stream)) } } @@ -59,5 +54,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { crate::info() } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-not-tls/src/connector.rs b/impl-not-tls/src/connector.rs index a0fe4e0..461fbe8 100644 --- a/impl-not-tls/src/connector.rs +++ b/impl-not-tls/src/connector.rs @@ -31,7 +31,7 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } fn build(self) -> anyhow::Result { - Ok(TlsConnector(self.0)) + Ok(TlsConnector(())) } } @@ -72,5 +72,5 @@ impl tls_api::TlsConnector for TlsConnector { Ok(TlsConnectorBuilder(())) } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } diff --git a/impl-openssl/examples/client.rs b/impl-openssl/examples/client.rs index 4a20677..435d4ab 100644 --- a/impl-openssl/examples/client.rs +++ b/impl-openssl/examples/client.rs @@ -13,7 +13,7 @@ async fn run() { let mut builder = tls_api_openssl_2::TlsConnector::builder().unwrap(); builder - .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) + .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); let connector = builder.build().unwrap(); connector.connect("localhost", socket).await.unwrap(); diff --git a/impl-openssl/src/acceptor.rs b/impl-openssl/src/acceptor.rs index e011af7..9f0cfbe 100644 --- a/impl-openssl/src/acceptor.rs +++ b/impl-openssl/src/acceptor.rs @@ -17,7 +17,7 @@ pub struct TlsAcceptor(pub openssl::ssl::SslAcceptor); fn to_openssl_pkcs12(pkcs12: &[u8], passphrase: &str) -> anyhow::Result { let pkcs12 = openssl::pkcs12::Pkcs12::from_der(pkcs12)?; - Ok(pkcs12.parse(passphrase).context("Parse passphrase")?) + pkcs12.parse(passphrase).context("Parse passphrase") } impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { @@ -53,10 +53,10 @@ impl TlsAcceptorBuilder { } impl TlsAcceptor { - fn accept_impl<'a, S>( - &'a self, + fn accept_impl( + &self, stream: S, - ) -> impl Future>> + 'a + ) -> impl Future>> + '_ where S: AsyncSocket, { @@ -128,5 +128,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { Ok(TlsAcceptorBuilder(builder)) } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-openssl/src/connector.rs b/impl-openssl/src/connector.rs index f156d89..63cd3b5 100644 --- a/impl-openssl/src/connector.rs +++ b/impl-openssl/src/connector.rs @@ -111,5 +111,5 @@ impl tls_api::TlsConnector for TlsConnector { }) } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } diff --git a/impl-openssl/src/handshake.rs b/impl-openssl/src/handshake.rs index f91a9ef..236ed4b 100644 --- a/impl-openssl/src/handshake.rs +++ b/impl-openssl/src/handshake.rs @@ -38,32 +38,32 @@ where match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))); + Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))) } Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); - return Poll::Pending; + Poll::Pending } Err(openssl::ssl::HandshakeError::Failure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e.into_error()))) + Poll::Ready(Err(anyhow::Error::new(e.into_error()))) } Err(openssl::ssl::HandshakeError::SetupFailure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e))) + Poll::Ready(Err(anyhow::Error::new(e))) } }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { Ok(stream) => { - return Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))); + Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))) } Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); - return Poll::Pending; + Poll::Pending } Err(openssl::ssl::HandshakeError::Failure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e.into_error()))) + Poll::Ready(Err(anyhow::Error::new(e.into_error()))) } Err(openssl::ssl::HandshakeError::SetupFailure(e)) => { - return Poll::Ready(Err(anyhow::Error::new(e))) + Poll::Ready(Err(anyhow::Error::new(e))) } }, HandshakeFuture::Done => panic!("Future must not be polled after ready"), diff --git a/impl-rustls/examples/client.rs b/impl-rustls/examples/client.rs index 18a4156..4313faa 100644 --- a/impl-rustls/examples/client.rs +++ b/impl-rustls/examples/client.rs @@ -15,7 +15,7 @@ async fn run() { let mut builder = tls_api_rustls_2::TlsConnector::builder().unwrap(); builder - .add_root_certificate(&Cert::from_der(fs::read("ca.der").unwrap()).get_der()) + .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); let connector = builder.build().unwrap(); println!("connector ready"); diff --git a/impl-rustls/examples/server.rs b/impl-rustls/examples/server.rs index d3cf87a..d7423b1 100644 --- a/impl-rustls/examples/server.rs +++ b/impl-rustls/examples/server.rs @@ -25,7 +25,7 @@ async fn run() { let socket = listener.accept().await.unwrap().0; let mut socket = acceptor.accept(socket).await.unwrap(); - socket.write(b"hello\n").await.unwrap(); + socket.write_all(b"hello\n").await.unwrap(); } fn main() { diff --git a/impl-rustls/src/acceptor.rs b/impl-rustls/src/acceptor.rs index c3462fc..496a794 100644 --- a/impl-rustls/src/acceptor.rs +++ b/impl-rustls/src/acceptor.rs @@ -23,7 +23,7 @@ impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { type Underlying = rustls::ServerConfig; fn set_alpn_protocols(&mut self, protocols: &[&[u8]]) -> anyhow::Result<()> { - self.0.alpn_protocols = protocols.into_iter().map(|p| p.to_vec()).collect(); + self.0.alpn_protocols = protocols.iter().map(|p| p.to_vec()).collect(); Ok(()) } @@ -37,15 +37,15 @@ impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { } impl TlsAcceptor { - pub fn accept_impl<'a, S>( - &'a self, + pub fn accept_impl( + &self, stream: S, - ) -> impl Future>> + 'a + ) -> impl Future>> + '_ where S: AsyncSocket, { let conn = rustls::ServerConnection::new(self.0.clone()); - let conn = match conn.map_err(|e| anyhow::Error::new(e)) { + let conn = match conn.map_err(anyhow::Error::new) { Ok(conn) => conn, Err(e) => return BoxFuture::new(async { Err(e) }), }; @@ -92,5 +92,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { Ok(TlsAcceptorBuilder(config)) } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-rustls/src/connector.rs b/impl-rustls/src/connector.rs index be5965b..e005c29 100644 --- a/impl-rustls/src/connector.rs +++ b/impl-rustls/src/connector.rs @@ -36,7 +36,7 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } fn set_alpn_protocols(&mut self, protocols: &[&[u8]]) -> anyhow::Result<()> { - self.config.alpn_protocols = protocols.into_iter().map(|p: &&[u8]| p.to_vec()).collect(); + self.config.alpn_protocols = protocols.iter().map(|p: &&[u8]| p.to_vec()).collect(); Ok(()) } @@ -93,10 +93,8 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { .dangerous() .set_certificate_verifier(Arc::new(no_cert_verifier)); self.verify_hostname = false; - } else { - if !self.verify_hostname { - return Err(crate::Error::VerifyHostnameTrue.into()); - } + } else if !self.verify_hostname { + return Err(crate::Error::VerifyHostnameTrue.into()); } Ok(()) @@ -144,7 +142,7 @@ impl TlsConnector { Err(e) => return BoxFuture::new(async { Err(anyhow::anyhow!(e)) }), }; let conn = rustls::ClientConnection::new(self.config.clone(), dns_name); - let conn = match conn.map_err(|e| anyhow::Error::new(e)) { + let conn = match conn.map_err(anyhow::Error::new) { Ok(conn) => conn, Err(e) => return BoxFuture::new(async { Err(e) }), }; @@ -188,5 +186,5 @@ impl tls_api::TlsConnector for TlsConnector { }) } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } diff --git a/impl-rustls/src/handshake.rs b/impl-rustls/src/handshake.rs index 0f40138..69b2f47 100644 --- a/impl-rustls/src/handshake.rs +++ b/impl-rustls/src/handshake.rs @@ -34,13 +34,13 @@ where assert!(stream.0.stream.is_handshaking()); match stream.0.stream.complete_io() { Ok(_) => { - return Poll::Ready(Ok(stream)); + Poll::Ready(Ok(stream)) } Err(e) if e.kind() == io::ErrorKind::WouldBlock => { *self_mut = HandshakeFuture::MidHandshake(stream); - return Poll::Pending; + Poll::Pending } - Err(e) => return Poll::Ready(Err(anyhow::Error::new(e))), + Err(e) => Poll::Ready(Err(anyhow::Error::new(e))), } } HandshakeFuture::Done => panic!("Future must not be polled after ready"), diff --git a/impl-security-framework/src/acceptor.rs b/impl-security-framework/src/acceptor.rs index dc05553..dd80dd5 100644 --- a/impl-security-framework/src/acceptor.rs +++ b/impl-security-framework/src/acceptor.rs @@ -71,10 +71,10 @@ fn pkcs12_to_sf_objects( } impl TlsAcceptor { - fn accept_impl<'a, S>( - &'a self, + fn accept_impl( + &self, stream: S, - ) -> impl Future>> + 'a + ) -> impl Future>> + '_ where S: AsyncSocket, { @@ -125,5 +125,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { } } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-security-framework/src/connector.rs b/impl-security-framework/src/connector.rs index 67cca3d..43a06d4 100644 --- a/impl-security-framework/src/connector.rs +++ b/impl-security-framework/src/connector.rs @@ -127,5 +127,5 @@ impl tls_api::TlsConnector for TlsConnector { } } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } diff --git a/impl-stub/src/acceptor.rs b/impl-stub/src/acceptor.rs index 6628697..afb0b8f 100644 --- a/impl-stub/src/acceptor.rs +++ b/impl-stub/src/acceptor.rs @@ -6,7 +6,6 @@ use tls_api::AsyncSocketBox; use tls_api::ImplInfo; use crate::Error; -use std::future::Future; /// Non-instantiatable. pub struct TlsAcceptorBuilder(Void); @@ -32,14 +31,11 @@ impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { } impl TlsAcceptor { - fn accept_impl<'a, S>( - &'a self, - _stream: S, - ) -> impl Future>> + 'a + async fn accept_impl(&self, _stream: S) -> anyhow::Result> where S: AsyncSocket, { - async { Err(anyhow::Error::new(Error)) } + Err(anyhow::Error::new(Error)) } } @@ -62,5 +58,5 @@ impl tls_api::TlsAcceptor for TlsAcceptor { crate::info() } - spi_acceptor_common!(); + spi_acceptor_common!(crate::TlsStream); } diff --git a/impl-stub/src/connector.rs b/impl-stub/src/connector.rs index 6c16ab4..e5b7211 100644 --- a/impl-stub/src/connector.rs +++ b/impl-stub/src/connector.rs @@ -6,7 +6,7 @@ use tls_api::ImplInfo; use void::Void; use crate::Error; -use std::future::Future; + /// Non-instantiatable. pub struct TlsConnectorBuilder(Void); @@ -40,16 +40,14 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } impl TlsConnector { - fn connect_impl<'a, S>( + async fn connect_impl<'a, S>( &'a self, _domain: &'a str, _stream: S, - ) -> impl Future>> + 'a + ) -> anyhow::Result> where S: AsyncSocket, - { - async { Err(anyhow::Error::new(Error)) } - } + { Err(anyhow::Error::new(Error)) } } impl tls_api::TlsConnector for TlsConnector { @@ -73,5 +71,5 @@ impl tls_api::TlsConnector for TlsConnector { Err(anyhow::Error::new(Error)) } - spi_connector_common!(); + spi_connector_common!(crate::TlsStream); } From c0ab441f0b1ff5ad6fd4902476276e99bdf62110 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:19:54 +0100 Subject: [PATCH 13/21] chore!: update thiserror to 2 --- api/Cargo.toml | 2 +- impl-native-tls/Cargo.toml | 2 +- impl-not-tls/Cargo.toml | 2 +- impl-openssl/Cargo.toml | 2 +- impl-rustls/Cargo.toml | 2 +- impl-security-framework/Cargo.toml | 2 +- impl-stub/Cargo.toml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/api/Cargo.toml b/api/Cargo.toml index b4fa2ab..23a06df 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -19,7 +19,7 @@ travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = " pem = "3.0.4" tempfile = "3.3.0" anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" # Note technically there's no dependency on async-std futures-util = { version = "0.3.1", features = ["io"], optional = true } diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index b060663..3ebbdcb 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -19,7 +19,7 @@ native-tls = { version ="0.2", features = ["alpn"] } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index 12de583..c285d9a 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -20,7 +20,7 @@ tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" # this is needed until package-features is stabelized (issue #5364) tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index e424c2b..14a7f2e 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -23,7 +23,7 @@ tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" # this is needed until package-features is stabelized (issue #5364) tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index e0b4d6b..497b7f2 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -21,7 +21,7 @@ webpki-roots = "0.26.1" tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index ead1448..a344f69 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -19,7 +19,7 @@ tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } void = "1.0.2" anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "=0.11.0", default-features = false } diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index dba6ae4..403d18b 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -19,7 +19,7 @@ void = "1.0.2" tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" -thiserror = "1.0.30" +thiserror = "2" tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } From 8c87cf4866d6ee4c0a0c93a1401d2c7c8ebcd224 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:27:44 +0100 Subject: [PATCH 14/21] chore!: update security-framework to 3 --- examples/Cargo.toml | 2 +- impl-security-framework/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/Cargo.toml b/examples/Cargo.toml index ba5f638..11ac265 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -51,7 +51,7 @@ openssl = "0.10.20" [target.'cfg(any(target_os = "macos", target_os = "ios"))'.dev-dependencies] -security-framework = { version = "2.9.2", features = ["alpn"] } +security-framework = { version = "3.0.1", features = ["alpn"] } [target.'cfg(windows)'.dev-dependencies] advapi32-sys = "0.2" diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index a344f69..2e3c6d0 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -28,7 +28,7 @@ tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "= tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] -security-framework = { version = "2.9.2", features = ["alpn"] } +security-framework = { version = "3.0.1", features = ["alpn"] } [features] default = ["runtime-tokio"] From 9a25528bd6238ab7aead7e6b08b172722c41836f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:32:56 +0100 Subject: [PATCH 15/21] test: cleanup test configs --- api-test/build.rs | 14 -------- api-test/src/benches.rs | 2 +- api-test/src/gen.rs | 2 -- api-test/src/gen_rustc_nightly.rs | 39 ---------------------- api-test/src/lib.rs | 6 +--- impl-native-tls/benches/generated.rs | 7 ++-- impl-native-tls/tests/generated.rs | 3 -- impl-openssl/benches/generated.rs | 5 +-- impl-openssl/tests/generated.rs | 3 -- impl-rustls/benches/generated.rs | 5 +-- impl-rustls/tests/generated.rs | 3 -- impl-security-framework/tests/generated.rs | 3 -- interop/tests/alpn.rs | 4 --- interop/tests/client_server.rs | 4 --- 14 files changed, 6 insertions(+), 94 deletions(-) delete mode 100644 api-test/src/gen_rustc_nightly.rs diff --git a/api-test/build.rs b/api-test/build.rs index f2063b7..bf9c463 100644 --- a/api-test/build.rs +++ b/api-test/build.rs @@ -2,16 +2,6 @@ use std::env; use std::io::Read; use std::process; -// % rustc +stable --version -// rustc 1.26.0 (a77568041 2018-05-07) -// % rustc +beta --version -// rustc 1.27.0-beta.1 (03fb2f447 2018-05-09) -// % rustc +nightly --version -// rustc 1.27.0-nightly (acd3871ba 2018-05-10) -fn version_is_nightly(version: &str) -> bool { - version.contains("nightly") -} - fn export_rustc_cfg() { let rustc = env::var("RUSTC").expect("RUSTC unset"); @@ -31,10 +21,6 @@ fn export_rustc_cfg() { .read_to_string(&mut rustc_version) .expect("read_to_string"); assert!(child.wait().expect("wait").success()); - - if version_is_nightly(&rustc_version) { - println!("cargo:rustc-cfg=rustc_nightly"); - } } fn main() { diff --git a/api-test/src/benches.rs b/api-test/src/benches.rs index 5403a2b..e91c96a 100644 --- a/api-test/src/benches.rs +++ b/api-test/src/benches.rs @@ -1,4 +1,4 @@ -#![cfg(all(rustc_nightly, feature = "runtime-tokio"))] +#![cfg(feature = "runtime-tokio")] use std::thread; diff --git a/api-test/src/gen.rs b/api-test/src/gen.rs index 0281f9b..fc918cb 100644 --- a/api-test/src/gen.rs +++ b/api-test/src/gen.rs @@ -91,6 +91,4 @@ pub fn gen_tests_and_benches() { let g = format!("// {}generated\n\n{}", "@", g); fs::write(format!("{}/benches_generated.rs", out_dir), g).unwrap(); - - crate::gen_rustc_nightly(); } diff --git a/api-test/src/gen_rustc_nightly.rs b/api-test/src/gen_rustc_nightly.rs deleted file mode 100644 index 5eb1555..0000000 --- a/api-test/src/gen_rustc_nightly.rs +++ /dev/null @@ -1,39 +0,0 @@ -use std::env; -use std::io::Read; -use std::process; - -// % rustc +stable --version -// rustc 1.26.0 (a77568041 2018-05-07) -// % rustc +beta --version -// rustc 1.27.0-beta.1 (03fb2f447 2018-05-09) -// % rustc +nightly --version -// rustc 1.27.0-nightly (acd3871ba 2018-05-10) -fn version_is_nightly(version: &str) -> bool { - version.contains("nightly") -} - -// TODO: move into a separate crate -pub fn gen_rustc_nightly() { - let rustc = env::var("RUSTC").expect("RUSTC unset"); - - let mut child = process::Command::new(rustc) - .args(["--version"]) - .stdin(process::Stdio::null()) - .stdout(process::Stdio::piped()) - .spawn() - .expect("spawn rustc"); - - let mut rustc_version = String::new(); - - child - .stdout - .as_mut() - .expect("stdout") - .read_to_string(&mut rustc_version) - .expect("read_to_string"); - assert!(child.wait().expect("wait").success()); - - if version_is_nightly(&rustc_version) { - println!("cargo:rustc-cfg=rustc_nightly"); - } -} diff --git a/api-test/src/lib.rs b/api-test/src/lib.rs index 9cee46f..5172e97 100644 --- a/api-test/src/lib.rs +++ b/api-test/src/lib.rs @@ -4,12 +4,11 @@ //! //! Probably you don't need this crate outside of `rust-tls-api` repository. -#![cfg_attr(rustc_nightly, feature(test))] +#![feature(test)] #[macro_use] extern crate log; -#[cfg(rustc_nightly)] extern crate test; use std::any; @@ -36,9 +35,6 @@ pub use version::test_version; mod gen; pub use gen::gen_tests_and_benches; -mod gen_rustc_nightly; -pub(crate) use gen_rustc_nightly::gen_rustc_nightly; - use tls_api::TlsAcceptor; use tls_api::TlsAcceptorBox; use tls_api::TlsAcceptorBuilder; diff --git a/impl-native-tls/benches/generated.rs b/impl-native-tls/benches/generated.rs index 6dd2433..2a1b29d 100644 --- a/impl-native-tls/benches/generated.rs +++ b/impl-native-tls/benches/generated.rs @@ -1,7 +1,4 @@ -#![cfg(all(rustc_nightly, feature = "runtime-tokio"))] +#![cfg(feature = "runtime-tokio")] #![feature(test)] -include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); - -#[bench] // Tell Idea this file is a bench -fn dummy(_b: &mut test::Bencher) {} +include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); \ No newline at end of file diff --git a/impl-native-tls/tests/generated.rs b/impl-native-tls/tests/generated.rs index cf4875f..10cd833 100644 --- a/impl-native-tls/tests/generated.rs +++ b/impl-native-tls/tests/generated.rs @@ -1,4 +1 @@ include!(concat!(env!("OUT_DIR"), "/tests_generated.rs")); - -#[test] // Tell Idea this file is a test -fn dummy() {} diff --git a/impl-openssl/benches/generated.rs b/impl-openssl/benches/generated.rs index 6dd2433..0bef365 100644 --- a/impl-openssl/benches/generated.rs +++ b/impl-openssl/benches/generated.rs @@ -1,7 +1,4 @@ -#![cfg(all(rustc_nightly, feature = "runtime-tokio"))] +#![cfg(feature = "runtime-tokio")] #![feature(test)] include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); - -#[bench] // Tell Idea this file is a bench -fn dummy(_b: &mut test::Bencher) {} diff --git a/impl-openssl/tests/generated.rs b/impl-openssl/tests/generated.rs index cf4875f..10cd833 100644 --- a/impl-openssl/tests/generated.rs +++ b/impl-openssl/tests/generated.rs @@ -1,4 +1 @@ include!(concat!(env!("OUT_DIR"), "/tests_generated.rs")); - -#[test] // Tell Idea this file is a test -fn dummy() {} diff --git a/impl-rustls/benches/generated.rs b/impl-rustls/benches/generated.rs index 6dd2433..0bef365 100644 --- a/impl-rustls/benches/generated.rs +++ b/impl-rustls/benches/generated.rs @@ -1,7 +1,4 @@ -#![cfg(all(rustc_nightly, feature = "runtime-tokio"))] +#![cfg(feature = "runtime-tokio")] #![feature(test)] include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); - -#[bench] // Tell Idea this file is a bench -fn dummy(_b: &mut test::Bencher) {} diff --git a/impl-rustls/tests/generated.rs b/impl-rustls/tests/generated.rs index cf4875f..10cd833 100644 --- a/impl-rustls/tests/generated.rs +++ b/impl-rustls/tests/generated.rs @@ -1,4 +1 @@ include!(concat!(env!("OUT_DIR"), "/tests_generated.rs")); - -#[test] // Tell Idea this file is a test -fn dummy() {} diff --git a/impl-security-framework/tests/generated.rs b/impl-security-framework/tests/generated.rs index cf4875f..10cd833 100644 --- a/impl-security-framework/tests/generated.rs +++ b/impl-security-framework/tests/generated.rs @@ -1,4 +1 @@ include!(concat!(env!("OUT_DIR"), "/tests_generated.rs")); - -#[test] // Tell Idea this file is a test -fn dummy() {} diff --git a/interop/tests/alpn.rs b/interop/tests/alpn.rs index 430427d..efc23f4 100644 --- a/interop/tests/alpn.rs +++ b/interop/tests/alpn.rs @@ -1,8 +1,4 @@ //! Invoke `tls_api_test::alpn` with various implementations -// Dummy test to help Idea regognise this file is a test -#[test] -fn dummy() {} - // All permutations. include!(concat!(env!("OUT_DIR"), "/alpn.rs")); diff --git a/interop/tests/client_server.rs b/interop/tests/client_server.rs index 1f47559..076e7f9 100644 --- a/interop/tests/client_server.rs +++ b/interop/tests/client_server.rs @@ -1,8 +1,4 @@ //! Invoke `tls_api_test::server` with various implementations -// Dummy test to help Idea regognise this file is a test -#[test] -fn dummy() {} - // All permutations. include!(concat!(env!("OUT_DIR"), "/client_server.rs")); From 04137b0f018142c1cbc117bf6e267342de186623 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:34:27 +0100 Subject: [PATCH 16/21] chore: rename back to original crate name --- api-test/Cargo.toml | 6 +++--- api-test/README.md | 2 +- api/Cargo.toml | 2 +- api/README.md | 2 +- examples/Cargo.toml | 10 +++++----- impl-native-tls/Cargo.toml | 12 ++++++------ impl-native-tls/README.md | 2 +- impl-native-tls/examples/client.rs | 2 +- impl-not-tls/Cargo.toml | 8 ++++---- impl-not-tls/README.md | 2 +- impl-openssl/Cargo.toml | 12 ++++++------ impl-openssl/README.md | 2 +- impl-openssl/examples/client.rs | 2 +- impl-openssl/tests/test.rs | 2 +- impl-rustls/Cargo.toml | 12 ++++++------ impl-rustls/README.md | 2 +- impl-rustls/examples/client.rs | 2 +- impl-rustls/examples/server.rs | 2 +- impl-rustls/tests/test.rs | 14 +++++++------- impl-security-framework/Cargo.toml | 14 +++++++------- impl-security-framework/README.md | 2 +- impl-stub/Cargo.toml | 8 ++++---- impl-stub/README.md | 2 +- impl-stub/tests/version.rs | 2 +- interop/Cargo.toml | 14 +++++++------- test-cert-gen/Cargo.toml | 2 +- test-cert-gen/src/bin/gen-certs-here.rs | 2 +- 27 files changed, 72 insertions(+), 72 deletions(-) diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index d34e97c..4fa88c9 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-test-2" +name = "tls-api-test" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } log = "0.4" env_logger = "0.11.2" anyhow = "1.0.44" @@ -26,7 +26,7 @@ webpki = "0.22.0" tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] diff --git a/api-test/README.md b/api-test/README.md index 8be3504..2261786 100644 --- a/api-test/README.md +++ b/api-test/README.md @@ -1,4 +1,4 @@ -# tls-api-test-2 +# tls-api-test *This is a fork of [tls-api-test](https://crates.io/crates/tls-api-test) with updated dependencies.* diff --git a/api/Cargo.toml b/api/Cargo.toml index 23a06df..611e86a 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-2" +name = "tls-api" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API without implementation" diff --git a/api/README.md b/api/README.md index 66f98bb..523da2d 100644 --- a/api/README.md +++ b/api/README.md @@ -1,4 +1,4 @@ -# tls-api-2 +# tls-api *This is a fork of [tls-api](https://crates.io/crates/tls-api) with updated dependencies.* diff --git a/examples/Cargo.toml b/examples/Cargo.toml index 11ac265..fc8b98f 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -13,14 +13,14 @@ publish = false edition = "2018" [dependencies] -tls-api = { path = "../api", package = "tls-api-2", default-features = false } +tls-api = { path = "../api", package = "tls-api", default-features = false } tokio = { version = "1.2.0", features = ["full"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls-2", default-features = false } -tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls-2", default-features = false } -tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework-2", default-features = false } -tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl-2", default-features = false } +tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls", default-features = false } +tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls", default-features = false } +tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework", default-features = false } +tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl", default-features = false } [features] default = ["runtime-tokio"] diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index 3ebbdcb..240cf40 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-native-tls-2" +name = "tls-api-native-tls" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over native-tls crate" @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -32,8 +32,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-native-tls/README.md b/impl-native-tls/README.md index 5de91b5..73e4c62 100644 --- a/impl-native-tls/README.md +++ b/impl-native-tls/README.md @@ -1,3 +1,3 @@ -# tls-api-native-tls-2 +# tls-api-native-tls *This is a fork of [tls-api-native-tls](https://crates.io/crates/tls-api-native-tls) with updated dependencies.* diff --git a/impl-native-tls/examples/client.rs b/impl-native-tls/examples/client.rs index 8719a4a..ebd21a3 100644 --- a/impl-native-tls/examples/client.rs +++ b/impl-native-tls/examples/client.rs @@ -15,7 +15,7 @@ async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); println!("TCP connected"); - let mut builder = tls_api_native_tls_2::TlsConnector::builder().unwrap(); + let mut builder = tls_api_native_tls::TlsConnector::builder().unwrap(); builder .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index c285d9a..029b4e1 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-not-tls-2" +name = "tls-api-not-tls" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." @@ -15,7 +15,7 @@ bench = false travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } [dependencies] -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } @@ -23,7 +23,7 @@ anyhow = "1.0.44" thiserror = "2" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -31,4 +31,4 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-not-tls/README.md b/impl-not-tls/README.md index b9f5c89..f951d21 100644 --- a/impl-not-tls/README.md +++ b/impl-not-tls/README.md @@ -1,4 +1,4 @@ -# tls-api-not-tls-2 +# tls-api-not-tls *This is a fork of [tls-api-not-tls](https://crates.io/crates/tls-api-not-tls) with updated dependencies.* diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index 14a7f2e..dfe5db4 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-openssl-2" +name = "tls-api-openssl" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over openssl crate" @@ -19,14 +19,14 @@ travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = " # To implement OpenSSL version check in build.rs openssl-sys = { version = "0.9.43" } openssl = { version = "0.10.20", features = ["v102", "v110"] } -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-openssl/README.md b/impl-openssl/README.md index a7e08f7..dea2c98 100644 --- a/impl-openssl/README.md +++ b/impl-openssl/README.md @@ -1,4 +1,4 @@ -# tls-api-openssl-2 +# tls-api-openssl *This is a fork of [tls-api-openssl](https://crates.io/crates/tls-api-openssl) with updated dependencies.* diff --git a/impl-openssl/examples/client.rs b/impl-openssl/examples/client.rs index 435d4ab..28d3be3 100644 --- a/impl-openssl/examples/client.rs +++ b/impl-openssl/examples/client.rs @@ -11,7 +11,7 @@ use tokio::net::TcpStream; async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); - let mut builder = tls_api_openssl_2::TlsConnector::builder().unwrap(); + let mut builder = tls_api_openssl::TlsConnector::builder().unwrap(); builder .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-openssl/tests/test.rs b/impl-openssl/tests/test.rs index 1a54b54..e91e406 100644 --- a/impl-openssl/tests/test.rs +++ b/impl-openssl/tests/test.rs @@ -1,6 +1,6 @@ #[test] fn connect_bad_hostname() { - tls_api_test::connect_bad_hostname::(|err| { + tls_api_test::connect_bad_hostname::(|err| { let debug = format!("{:?}", err); assert!(debug.contains("certificate verify failed"), "{}", debug); }); diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index 497b7f2..338186f 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-rustls-2" +name = "tls-api-rustls" version = "0.11.1" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" @@ -23,10 +23,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -34,8 +34,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-rustls/README.md b/impl-rustls/README.md index 2b42a2a..ead8fad 100644 --- a/impl-rustls/README.md +++ b/impl-rustls/README.md @@ -1,4 +1,4 @@ -# tls-api-rustls-2 +# tls-api-rustls *This is a fork of [tls-api-rustls](https://crates.io/crates/tls-api-rustls) with updated dependencies.* diff --git a/impl-rustls/examples/client.rs b/impl-rustls/examples/client.rs index 4313faa..12e1871 100644 --- a/impl-rustls/examples/client.rs +++ b/impl-rustls/examples/client.rs @@ -13,7 +13,7 @@ async fn run() { let socket = TcpStream::connect(("127.0.0.1", 4433)).await.unwrap(); println!("TCP connected"); - let mut builder = tls_api_rustls_2::TlsConnector::builder().unwrap(); + let mut builder = tls_api_rustls::TlsConnector::builder().unwrap(); builder .add_root_certificate(Cert::from_der(fs::read("ca.der").unwrap()).get_der()) .unwrap(); diff --git a/impl-rustls/examples/server.rs b/impl-rustls/examples/server.rs index d7423b1..cf28bab 100644 --- a/impl-rustls/examples/server.rs +++ b/impl-rustls/examples/server.rs @@ -16,7 +16,7 @@ async fn run() { pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()).unwrap(); let builder = - tls_api_rustls_2::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); + tls_api_rustls::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap(); let acceptor = builder.build().unwrap(); #[allow(unused_mut)] diff --git a/impl-rustls/tests/test.rs b/impl-rustls/tests/test.rs index 8672a71..228f419 100644 --- a/impl-rustls/tests/test.rs +++ b/impl-rustls/tests/test.rs @@ -2,7 +2,7 @@ use std::io; #[test] fn connect_bad_hostname() { - tls_api_test::connect_bad_hostname::(|err| { + tls_api_test::connect_bad_hostname::(|err| { let err: io::Error = err.downcast().expect("io::Error"); let err: &rustls::Error = err .get_ref() @@ -18,26 +18,26 @@ fn connect_bad_hostname() { #[test] fn connect_bad_hostname_ignored() { - tls_api_test::connect_bad_hostname_ignored::() + tls_api_test::connect_bad_hostname_ignored::() } #[test] fn client_server_der() { tls_api_test::test_client_server_der::< - tls_api_rustls_2::TlsConnector, - tls_api_rustls_2::TlsAcceptor, + tls_api_rustls::TlsConnector, + tls_api_rustls::TlsAcceptor, >(); } #[test] fn client_server_pkcs12() { tls_api_test::test_client_server_pkcs12::< - tls_api_rustls_2::TlsConnector, - tls_api_rustls_2::TlsAcceptor, + tls_api_rustls::TlsConnector, + tls_api_rustls::TlsAcceptor, >(); } #[test] fn alpn() { - tls_api_test::test_alpn::(); + tls_api_test::test_alpn::(); } diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index 2e3c6d0..e1e794f 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-security-framework-2" +name = "tls-api-security-framework" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation over rustls crate" @@ -21,11 +21,11 @@ void = "1.0.2" anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } -tls-api-stub = { path = "../impl-stub", package = "tls-api-stub-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } +tls-api-stub = { path = "../impl-stub", package = "tls-api-stub", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] security-framework = { version = "3.0.1", features = ["alpn"] } @@ -46,8 +46,8 @@ runtime-tokio = [ ] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-security-framework/README.md b/impl-security-framework/README.md index 0a0ecd1..73ec207 100644 --- a/impl-security-framework/README.md +++ b/impl-security-framework/README.md @@ -1,4 +1,4 @@ -# tls-api-security-framework-2 +# tls-api-security-framework *This is a fork of [tls-api-security-framework](https://crates.io/crates/tls-api-security-framework) with updated dependencies.* diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index 403d18b..77d9dd8 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "tls-api-stub-2" +name = "tls-api-stub" version = "0.11.0" authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] description = "TLS API implementation that returns error on any operation" @@ -21,10 +21,10 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api-2", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } # this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } [features] default = ["runtime-tokio"] @@ -32,4 +32,4 @@ runtime-async-std = ["tokio", "tls-api/runtime-async-std", "tls-api-test/runtime runtime-tokio = ["async-std", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } diff --git a/impl-stub/README.md b/impl-stub/README.md index 7eeec11..737dd6d 100644 --- a/impl-stub/README.md +++ b/impl-stub/README.md @@ -1,4 +1,4 @@ -## tls-api-stub-2 +## tls-api-stub *This is a fork of [tls-api-stub](https://crates.io/crates/tls-api-stub) with updated dependencies.* diff --git a/impl-stub/tests/version.rs b/impl-stub/tests/version.rs index ec1bb1b..505fb62 100644 --- a/impl-stub/tests/version.rs +++ b/impl-stub/tests/version.rs @@ -1,4 +1,4 @@ #[test] fn version() { - tls_api_test::test_version::(); + tls_api_test::test_version::(); } diff --git a/interop/Cargo.toml b/interop/Cargo.toml index b5a7a34..b9974ca 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -15,12 +15,12 @@ runtime-async-std = ["tls-api-test/runtime-async-std", "tls-api-openssl/runtime- runtime-tokio = ["tls-api-test/runtime-tokio", "tls-api-openssl/runtime-tokio", "tls-api-rustls/runtime-tokio", "tls-api-native-tls/runtime-tokio"] [dependencies] -tls-api = { path = "../api", package = "tls-api-2", default-features = false } -tls-api-test = { path = "../api-test", package = "tls-api-test-2", default-features = false } -tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl-2", default-features = false } -tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls-2", default-features = false } -tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls-2", default-features = false } -tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework-2", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", default-features = false } +tls-api = { path = "../api", package = "tls-api", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", default-features = false } +tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl", default-features = false } +tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls", default-features = false } +tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls", default-features = false } +tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", default-features = false } rustls = { version = "0.23.5", default-features = false, features = ["ring", "tls12"] } diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index d56f8c9..f66a2a5 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "test-cert-gen-2" +name = "test-cert-gen" version = "0.11.0" authors = ["Stiopa Koltsov "] edition = "2018" diff --git a/test-cert-gen/src/bin/gen-certs-here.rs b/test-cert-gen/src/bin/gen-certs-here.rs index 1033557..85365a4 100644 --- a/test-cert-gen/src/bin/gen-certs-here.rs +++ b/test-cert-gen/src/bin/gen-certs-here.rs @@ -1,7 +1,7 @@ use std::fs; fn main() { - let keys = test_cert_gen_2::gen_keys(); + let keys = test_cert_gen::gen_keys(); println!("writing server cert to server.pem"); fs::write("server.pem", keys.server.cert_and_key.to_pem_incorrect()).unwrap(); From 9199ac0dd680665b3ee875ada10d96f3a92bdaad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:43:20 +0100 Subject: [PATCH 17/21] chore: update usage of openssl pkcs12 --- impl-openssl/src/acceptor.rs | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/impl-openssl/src/acceptor.rs b/impl-openssl/src/acceptor.rs index 9f0cfbe..5d558b7 100644 --- a/impl-openssl/src/acceptor.rs +++ b/impl-openssl/src/acceptor.rs @@ -1,4 +1,4 @@ -use openssl::pkcs12::ParsedPkcs12; +use openssl::pkcs12::ParsedPkcs12_2; use tls_api::async_as_sync::AsyncIoAsSyncIo; use tls_api::spi_acceptor_common; @@ -15,9 +15,9 @@ pub struct TlsAcceptorBuilder(pub openssl::ssl::SslAcceptorBuilder); pub struct TlsAcceptor(pub openssl::ssl::SslAcceptor); -fn to_openssl_pkcs12(pkcs12: &[u8], passphrase: &str) -> anyhow::Result { +fn to_openssl_pkcs12(pkcs12: &[u8], passphrase: &str) -> anyhow::Result { let pkcs12 = openssl::pkcs12::Pkcs12::from_der(pkcs12)?; - pkcs12.parse(passphrase).context("Parse passphrase") + pkcs12.parse2(passphrase).context("Parse passphrase") } impl tls_api::TlsAcceptorBuilder for TlsAcceptorBuilder { @@ -110,7 +110,15 @@ impl tls_api::TlsAcceptor for TlsAcceptor { .map_err(anyhow::Error::new)?; let pkcs12 = to_openssl_pkcs12(pkcs12, passphrase)?; - if let Some(chain) = pkcs12.chain { + + if let Some(cert) = &pkcs12.cert { + builder.set_certificate(cert).map_err(anyhow::Error::new)?; + } + if let Some(pkey) = &pkcs12.pkey { + builder.set_private_key(pkey).map_err(anyhow::Error::new)?; + } + + if let Some(chain) = pkcs12.ca { for x509 in chain { builder .add_extra_chain_cert(x509) @@ -118,13 +126,6 @@ impl tls_api::TlsAcceptor for TlsAcceptor { } } - builder - .set_certificate(&pkcs12.cert) - .map_err(anyhow::Error::new)?; - builder - .set_private_key(&pkcs12.pkey) - .map_err(anyhow::Error::new)?; - Ok(TlsAcceptorBuilder(builder)) } From fe2b82c19a592daf65f80391ec4fbe0b3e8598a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 13:59:36 +0100 Subject: [PATCH 18/21] chore: v0.12 & cleanup cargo config --- Cargo.toml | 7 +++++ README.md | 9 +++++-- api-test/Cargo.toml | 17 +++++------- api/Cargo.toml | 13 ++++----- examples/Cargo.toml | 2 +- impl-native-tls/Cargo.toml | 22 ++++++---------- impl-not-tls/Cargo.toml | 20 +++++--------- impl-openssl/Cargo.toml | 24 +++++++---------- impl-rustls/Cargo.toml | 42 ++++++++++++++---------------- impl-security-framework/Cargo.toml | 32 +++++++++-------------- impl-stub/Cargo.toml | 20 +++++--------- interop/Cargo.toml | 22 ++++++++-------- test-cert-gen/Cargo.toml | 8 +++--- 13 files changed, 106 insertions(+), 132 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index a499c24..dca30d7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,4 +14,11 @@ members = [ "test-cert-gen", ] +[workspace.package] +version = "0.12.0" +authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +license = "MIT/Apache-2.0" +repository = "https://github.com/edgedb/rust-tls-api/" +edition = "2018" + [patch.crates-io] diff --git a/README.md b/README.md index af763f3..d361e14 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # One TLS API to rule them all -*This is a fork of [tls-api](https://crates.io/crates/tls-api) with updated dependencies.* - Supports: * **tokio** and **async-std** * **rustls**, **native-tls**, **openssl**, **security-framework** @@ -70,3 +68,10 @@ which is invoked with four backends. * only works on Apple * does not support server side ALPN + + +## Crate maintenance + +This set of crates is currently maintained by the team of EdgeDB. +It has initially been written by + diff --git a/api-test/Cargo.toml b/api-test/Cargo.toml index 4fa88c9..764dd61 100644 --- a/api-test/Cargo.toml +++ b/api-test/Cargo.toml @@ -1,21 +1,18 @@ [package] name = "tls-api-test" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API without implementation" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", default-features = false } log = "0.4" env_logger = "0.11.2" anyhow = "1.0.44" @@ -26,7 +23,7 @@ webpki = "0.22.0" tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", default-features = false } [features] default = ["runtime-tokio"] diff --git a/api/Cargo.toml b/api/Cargo.toml index 611e86a..f92ef4d 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -1,20 +1,17 @@ [package] name = "tls-api" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API without implementation" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" readme = "../README.md" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] pem = "3.0.4" tempfile = "3.3.0" diff --git a/examples/Cargo.toml b/examples/Cargo.toml index fc8b98f..e93a01a 100644 --- a/examples/Cargo.toml +++ b/examples/Cargo.toml @@ -3,7 +3,7 @@ name = "tls-api-examples" version = "0.0.0" authors = ["Carl Lerche ", "Alex Crichton "] -license = "MIT/Apache-2.0" +license = { workspace = true } repository = "https://github.com/edgedb/rust-tls-api" description = """ Example of tls-api diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index 240cf40..a5c7a99 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -1,19 +1,16 @@ [package] name = "tls-api-native-tls" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } description = "TLS API implementation over native-tls crate" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] native-tls = { version ="0.2", features = ["alpn"] } tokio = { version = "1.2.0", features = [], optional = true } @@ -21,10 +18,7 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } - -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", default-features = false } [features] default = ["runtime-tokio"] @@ -32,8 +26,8 @@ runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/run runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } +test-cert-gen = { path = "../test-cert-gen", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index 029b4e1..cd8b3c0 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -1,34 +1,28 @@ [package] name = "tls-api-not-tls" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", package = "tls-api", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } - [features] default = ["runtime-tokio"] runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test", default-features = false } diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index dfe5db4..37a3232 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -1,41 +1,35 @@ [package] name = "tls-api-openssl" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API implementation over openssl crate" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] build = "build.rs" -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] # To implement OpenSSL version check in build.rs openssl-sys = { version = "0.9.43" } openssl = { version = "0.10.20", features = ["v102", "v110"] } -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", default-features = false } tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } - [features] default = ["runtime-tokio"] runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } +test-cert-gen = { path = "../test-cert-gen", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index 338186f..98047e2 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,41 +1,39 @@ [package] name = "tls-api-rustls" -version = "0.11.1" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API implementation over rustls crate" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] -rustls = { version = "0.23.5", default-features = false, features = ["std"] } -webpki = "0.22.0" +rustls = { version = "0.23.5", default-features = false, features = ["std"] } +webpki = "0.22.0" webpki-roots = "0.26.1" -tokio = { version = "1.2.0", features = [], optional = true } -async-std = { version = "1.9.0", features = ["attributes"], optional = true } -anyhow = "1.0.44" -thiserror = "2" - -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } +tokio = { version = "1.2.0", features = [], optional = true } +async-std = { version = "1.9.0", features = ["attributes"], optional = true } +anyhow = "1.0.44" +thiserror = "2" -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", default-features = false } [features] default = ["runtime-tokio"] -runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] +runtime-async-std = [ + "async-std", + "tls-api/runtime-async-std", + "tls-api-test/runtime-async-std", +] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } +test-cert-gen = { path = "../test-cert-gen", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index e1e794f..e58868a 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -1,31 +1,25 @@ [package] name = "tls-api-security-framework" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API implementation over rustls crate" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] -tokio = { version = "1.2.0", features = [], optional = true } +tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -void = "1.0.2" -anyhow = "1.0.44" +void = "1.0.2" +anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } -tls-api-stub = { path = "../impl-stub", package = "tls-api-stub", version = "=0.11.0", default-features = false } - -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", default-features = false } +tls-api-stub = { path = "../impl-stub", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] security-framework = { version = "3.0.1", features = ["alpn"] } @@ -46,8 +40,8 @@ runtime-tokio = [ ] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } +test-cert-gen = { path = "../test-cert-gen", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index 77d9dd8..592635d 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -1,19 +1,16 @@ [package] name = "tls-api-stub" -version = "0.11.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } description = "TLS API implementation that returns error on any operation" -license = "MIT/Apache-2.0" -repository = "https://github.com/edgedb/rust-tls-api/" keywords = ["tls"] -edition = "2018" [lib] bench = false -[badges] -travis-ci = { repository = "https://github.com/edgedb/rust-tls-api/", branch = "master" } - [dependencies] void = "1.0.2" tokio = { version = "1.2.0", features = [], optional = true } @@ -21,10 +18,7 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", package = "tls-api", version = "=0.11.0", default-features = false } - -# this is needed until package-features is stabelized (issue #5364) -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api = { path = "../api", default-features = false } [features] default = ["runtime-tokio"] @@ -32,4 +26,4 @@ runtime-async-std = ["tokio", "tls-api/runtime-async-std", "tls-api-test/runtime runtime-tokio = ["async-std", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", version = "=0.11.0", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } diff --git a/interop/Cargo.toml b/interop/Cargo.toml index b9974ca..006278b 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -1,10 +1,10 @@ [package] name = "interop" -version = "0.0.0" -authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] -publish = false -edition = "2018" description = "Test different implementations compatible with each other" +publish = false + +authors = { workspace = true } +edition = { workspace = true } [lib] bench = false @@ -15,12 +15,12 @@ runtime-async-std = ["tls-api-test/runtime-async-std", "tls-api-openssl/runtime- runtime-tokio = ["tls-api-test/runtime-tokio", "tls-api-openssl/runtime-tokio", "tls-api-rustls/runtime-tokio", "tls-api-native-tls/runtime-tokio"] [dependencies] -tls-api = { path = "../api", package = "tls-api", default-features = false } -tls-api-test = { path = "../api-test", package = "tls-api-test", default-features = false } -tls-api-openssl = { path = "../impl-openssl", package = "tls-api-openssl", default-features = false } -tls-api-rustls = { path = "../impl-rustls", package = "tls-api-rustls", default-features = false } -tls-api-native-tls = { path = "../impl-native-tls", package = "tls-api-native-tls", default-features = false } -tls-api-security-framework = { path = "../impl-security-framework", package = "tls-api-security-framework", default-features = false } -test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen", default-features = false } +tls-api = { path = "../api", default-features = false } +tls-api-test = { path = "../api-test", default-features = false } +tls-api-openssl = { path = "../impl-openssl", default-features = false } +tls-api-rustls = { path = "../impl-rustls", default-features = false } +tls-api-native-tls = { path = "../impl-native-tls", default-features = false } +tls-api-security-framework = { path = "../impl-security-framework", default-features = false } +test-cert-gen = { path = "../test-cert-gen", default-features = false } rustls = { version = "0.23.5", default-features = false, features = ["ring", "tls12"] } diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index f66a2a5..7dca9a8 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -1,10 +1,10 @@ [package] name = "test-cert-gen" -version = "0.11.0" -authors = ["Stiopa Koltsov "] -edition = "2018" description = "Utility to generate certificates for tests (e. g. for TLS)" -license = "MIT/Apache-2.0" +version = { workspace = true } +authors = { workspace = true } +edition = { workspace = true } +license = { workspace = true } [lib] bench = false From c9ecca77957210e797b38911773f8db6b0b284d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 14:20:00 +0100 Subject: [PATCH 19/21] fix: TLS close notify over async-std --- .envrc | 1 - .gitignore | 2 ++ api-test/src/alpn.rs | 5 +++++ api-test/src/client_server.rs | 5 +++++ api-test/src/client_server_dyn.rs | 5 +++++ api-test/src/lib.rs | 3 +++ api/src/async_as_sync.rs | 2 +- api/src/socket_box.rs | 1 + api/src/stream.rs | 1 + api/src/stream_with_socket.rs | 1 + 10 files changed, 24 insertions(+), 2 deletions(-) delete mode 100644 .envrc diff --git a/.envrc b/.envrc deleted file mode 100644 index ce1bbe9..0000000 --- a/.envrc +++ /dev/null @@ -1 +0,0 @@ -use flake 'path:.' diff --git a/.gitignore b/.gitignore index 28003b5..71e6ab2 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,8 @@ Cargo.lock **/*.iml .idea .code +.vscode +.envrc .*.swp .direnv/ diff --git a/api-test/src/alpn.rs b/api-test/src/alpn.rs index 8178a7d..7cf144a 100644 --- a/api-test/src/alpn.rs +++ b/api-test/src/alpn.rs @@ -73,7 +73,12 @@ where assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + + #[cfg(feature = "runtime-tokio")] t!(socket.shutdown().await); + + #[cfg(feature = "runtime-async-std")] + t!(socket.close().await); }; block_on(f); }); diff --git a/api-test/src/client_server.rs b/api-test/src/client_server.rs index b8b7b95..b52449d 100644 --- a/api-test/src/client_server.rs +++ b/api-test/src/client_server.rs @@ -58,7 +58,12 @@ where assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + + #[cfg(feature="runtime-tokio")] t!(socket.shutdown().await); + + #[cfg(feature="runtime-async-std")] + t!(socket.close().await); }; block_on(future); }) diff --git a/api-test/src/client_server_dyn.rs b/api-test/src/client_server_dyn.rs index 9c9142a..6a27f4e 100644 --- a/api-test/src/client_server_dyn.rs +++ b/api-test/src/client_server_dyn.rs @@ -51,7 +51,12 @@ async fn test_client_server_dyn_impl( assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); + + #[cfg(feature="runtime-tokio")] t!(socket.shutdown().await); + + #[cfg(feature="runtime-async-std")] + t!(socket.close().await); }; block_on(future); }) diff --git a/api-test/src/lib.rs b/api-test/src/lib.rs index 5172e97..50485e4 100644 --- a/api-test/src/lib.rs +++ b/api-test/src/lib.rs @@ -145,6 +145,7 @@ where )) } +#[allow(dead_code)] fn new_acceptor_from_der_keys() -> A { new_acceptor_builder_from_der_keys::().build().unwrap() } @@ -163,6 +164,7 @@ fn new_acceptor_builder_dyn_from_der_keys(acceptor: &dyn TlsAcceptorType) -> Tls t!(acceptor.builder_from_der_key(keys.cert.get_der(), keys.key.get_der())) } +#[allow(dead_code)] fn new_acceptor_dyn_from_der_keys(acceptor: &dyn TlsAcceptorType) -> TlsAcceptorBox { new_acceptor_builder_dyn_from_der_keys(acceptor) .build() @@ -239,6 +241,7 @@ fn new_connector_builder_dyn_with_root_ca( connector } +#[allow(dead_code)] fn new_connector_dyn_with_root_ca(connector: &dyn TlsConnectorType) -> TlsConnectorBox { new_connector_builder_dyn_with_root_ca(connector) .build() diff --git a/api/src/async_as_sync.rs b/api/src/async_as_sync.rs index 66b681b..ebbd1bd 100644 --- a/api/src/async_as_sync.rs +++ b/api/src/async_as_sync.rs @@ -317,7 +317,7 @@ where #[cfg(feature = "runtime-async-std")] fn poll_close(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll> { self.get_mut() - .with_context_sync_to_async(cx, |stream| stream.stream.flush()) + .with_context_sync_to_async(cx, |stream| stream.stream.shutdown()) } } diff --git a/api/src/socket_box.rs b/api/src/socket_box.rs index 926ea5f..ba33610 100644 --- a/api/src/socket_box.rs +++ b/api/src/socket_box.rs @@ -41,6 +41,7 @@ impl AsyncSocketBox { Pin::new(&mut self.get_mut().0) } + #[allow(dead_code)] fn deref_for_impl_socket(&self) -> &dyn AsyncSocket { &self.0 } diff --git a/api/src/stream.rs b/api/src/stream.rs index 1a726cd..61ce1e9 100644 --- a/api/src/stream.rs +++ b/api/src/stream.rs @@ -26,6 +26,7 @@ impl TlsStream { Pin::new(&mut self.get_mut().0) } + #[allow(dead_code)] fn deref_for_impl_socket(&self) -> &dyn AsyncSocket { &self.0 } diff --git a/api/src/stream_with_socket.rs b/api/src/stream_with_socket.rs index a769897..95eeaa2 100644 --- a/api/src/stream_with_socket.rs +++ b/api/src/stream_with_socket.rs @@ -92,6 +92,7 @@ impl TlsStreamWithSocket { Pin::new(&mut *self.get_mut().0) } + #[allow(dead_code)] fn deref_for_impl_socket(&self) -> &dyn TlsStreamWithUpcastDyn { &*self.0 } From ddaa78c34577b1ea9982dda59c490bf4bcbf1cff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 14:21:02 +0100 Subject: [PATCH 20/21] chore: fmt --- api-test/src/client_server.rs | 6 +++--- api-test/src/client_server_dyn.rs | 6 +++--- api/src/connector.rs | 3 +-- impl-native-tls/benches/generated.rs | 2 +- impl-native-tls/src/handshake.rs | 8 ++------ impl-openssl/src/handshake.rs | 8 ++------ impl-rustls/src/connector.rs | 4 +++- impl-rustls/src/handshake.rs | 4 +--- impl-rustls/tests/test.rs | 6 ++---- impl-stub/src/connector.rs | 5 +++-- 10 files changed, 21 insertions(+), 31 deletions(-) diff --git a/api-test/src/client_server.rs b/api-test/src/client_server.rs index b52449d..7d63ef4 100644 --- a/api-test/src/client_server.rs +++ b/api-test/src/client_server.rs @@ -58,11 +58,11 @@ where assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); - - #[cfg(feature="runtime-tokio")] + + #[cfg(feature = "runtime-tokio")] t!(socket.shutdown().await); - #[cfg(feature="runtime-async-std")] + #[cfg(feature = "runtime-async-std")] t!(socket.close().await); }; block_on(future); diff --git a/api-test/src/client_server_dyn.rs b/api-test/src/client_server_dyn.rs index 6a27f4e..42fc8bc 100644 --- a/api-test/src/client_server_dyn.rs +++ b/api-test/src/client_server_dyn.rs @@ -51,11 +51,11 @@ async fn test_client_server_dyn_impl( assert_eq!(&buf, b"hello"); t!(socket.write_all(b"world").await); - - #[cfg(feature="runtime-tokio")] + + #[cfg(feature = "runtime-tokio")] t!(socket.shutdown().await); - #[cfg(feature="runtime-async-std")] + #[cfg(feature = "runtime-async-std")] t!(socket.close().await); }; block_on(future); diff --git a/api/src/connector.rs b/api/src/connector.rs index 6fe1bda..11360eb 100644 --- a/api/src/connector.rs +++ b/api/src/connector.rs @@ -184,8 +184,7 @@ macro_rules! spi_connector_common { S: $crate::AsyncSocket, { $crate::BoxFuture::new(async move { - let crate_tls_stream: $stream = - self.connect_impl(domain, stream).await?; + let crate_tls_stream: $stream = self.connect_impl(domain, stream).await?; Ok($crate::TlsStreamWithSocket::new(crate_tls_stream)) }) } diff --git a/impl-native-tls/benches/generated.rs b/impl-native-tls/benches/generated.rs index 2a1b29d..0bef365 100644 --- a/impl-native-tls/benches/generated.rs +++ b/impl-native-tls/benches/generated.rs @@ -1,4 +1,4 @@ #![cfg(feature = "runtime-tokio")] #![feature(test)] -include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); \ No newline at end of file +include!(concat!(env!("OUT_DIR"), "/benches_generated.rs")); diff --git a/impl-native-tls/src/handshake.rs b/impl-native-tls/src/handshake.rs index 667ba3b..9bd166a 100644 --- a/impl-native-tls/src/handshake.rs +++ b/impl-native-tls/src/handshake.rs @@ -37,9 +37,7 @@ where let self_mut = self.get_mut(); match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { - Ok(stream) => { - Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))) - } + Ok(stream) => Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))), Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); Poll::Pending @@ -49,9 +47,7 @@ where } }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { - Ok(stream) => { - Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))) - } + Ok(stream) => Poll::Ready(Ok(crate::TlsStream::new(NativeTlsStream(stream)))), Err(native_tls::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); Poll::Pending diff --git a/impl-openssl/src/handshake.rs b/impl-openssl/src/handshake.rs index 236ed4b..be2da66 100644 --- a/impl-openssl/src/handshake.rs +++ b/impl-openssl/src/handshake.rs @@ -37,9 +37,7 @@ where let self_mut = self.get_mut(); match mem::replace(self_mut, HandshakeFuture::Done) { HandshakeFuture::Initial(f, stream) => match f(stream) { - Ok(stream) => { - Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))) - } + Ok(stream) => Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))), Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); Poll::Pending @@ -52,9 +50,7 @@ where } }, HandshakeFuture::MidHandshake(stream) => match stream.handshake() { - Ok(stream) => { - Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))) - } + Ok(stream) => Poll::Ready(Ok(crate::TlsStream::new(OpenSSLStream(stream)))), Err(openssl::ssl::HandshakeError::WouldBlock(mid)) => { *self_mut = HandshakeFuture::MidHandshake(mid); Poll::Pending diff --git a/impl-rustls/src/connector.rs b/impl-rustls/src/connector.rs index e005c29..2453589 100644 --- a/impl-rustls/src/connector.rs +++ b/impl-rustls/src/connector.rs @@ -86,7 +86,9 @@ impl tls_api::TlsConnectorBuilder for TlsConnectorBuilder { } let no_cert_verifier = NoCertificateServerVerifier { - supported: rustls::crypto::CryptoProvider::get_default().unwrap().signature_verification_algorithms, + supported: rustls::crypto::CryptoProvider::get_default() + .unwrap() + .signature_verification_algorithms, }; self.config diff --git a/impl-rustls/src/handshake.rs b/impl-rustls/src/handshake.rs index 69b2f47..211a972 100644 --- a/impl-rustls/src/handshake.rs +++ b/impl-rustls/src/handshake.rs @@ -33,9 +33,7 @@ where // sanity check assert!(stream.0.stream.is_handshaking()); match stream.0.stream.complete_io() { - Ok(_) => { - Poll::Ready(Ok(stream)) - } + Ok(_) => Poll::Ready(Ok(stream)), Err(e) if e.kind() == io::ErrorKind::WouldBlock => { *self_mut = HandshakeFuture::MidHandshake(stream); Poll::Pending diff --git a/impl-rustls/tests/test.rs b/impl-rustls/tests/test.rs index 228f419..75b967f 100644 --- a/impl-rustls/tests/test.rs +++ b/impl-rustls/tests/test.rs @@ -23,10 +23,8 @@ fn connect_bad_hostname_ignored() { #[test] fn client_server_der() { - tls_api_test::test_client_server_der::< - tls_api_rustls::TlsConnector, - tls_api_rustls::TlsAcceptor, - >(); + tls_api_test::test_client_server_der::( + ); } #[test] diff --git a/impl-stub/src/connector.rs b/impl-stub/src/connector.rs index e5b7211..fc11bcc 100644 --- a/impl-stub/src/connector.rs +++ b/impl-stub/src/connector.rs @@ -7,7 +7,6 @@ use void::Void; use crate::Error; - /// Non-instantiatable. pub struct TlsConnectorBuilder(Void); /// Non-instantiatable. @@ -47,7 +46,9 @@ impl TlsConnector { ) -> anyhow::Result> where S: AsyncSocket, - { Err(anyhow::Error::new(Error)) } + { + Err(anyhow::Error::new(Error)) + } } impl tls_api::TlsConnector for TlsConnector { From f27611fd8062c93a6dcdc4acdc57684fd0a3bbf5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alja=C5=BE=20Mur=20Er=C5=BEen?= Date: Mon, 25 Nov 2024 14:32:04 +0100 Subject: [PATCH 21/21] chore: cleanup cargo configs --- Cargo.toml | 1 + api-test/Cargo.toml | 11 +++++---- api-test/README.md | 2 -- api/Cargo.toml | 6 ++--- api/README.md | 2 -- ci-gen/Cargo.toml | 10 +++++--- impl-native-tls/Cargo.toml | 31 +++++++++++++---------- impl-native-tls/README.md | 2 +- impl-not-tls/Cargo.toml | 21 ++++++++++------ impl-not-tls/README.md | 2 -- impl-openssl/Cargo.toml | 33 ++++++++++++++----------- impl-openssl/README.md | 4 +-- impl-rustls/Cargo.toml | 13 +++++----- impl-rustls/README.md | 4 +-- impl-security-framework/Cargo.toml | 15 +++++------ impl-security-framework/README.md | 4 +-- impl-stub/Cargo.toml | 9 ++++--- impl-stub/README.md | 2 -- interop/Cargo.toml | 7 ++---- test-cert-gen/Cargo.toml | 7 ++++-- test-cert-gen/src/bin/gen-certs-here.rs | 2 +- 21 files changed, 99 insertions(+), 89 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index dca30d7..137c46c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -20,5 +20,6 @@ authors = ["Stepan Koltsov ", "Aljaž Mur Eržen "] -edition = "2018" publish = false +version = { workspace = true } +authors = { workspace = true } +license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } +keywords = { workspace = true } + [dependencies] gh-actions-gen = { git = "https://github.com/stepancheg/gh-actions-gen", rev = "d5fb8ab2a784391794afff6f213a8a4eaf522838" } #gh-actions-gen = { path = "../../gh-actions-gen/gh-actions-gen" } diff --git a/impl-native-tls/Cargo.toml b/impl-native-tls/Cargo.toml index a5c7a99..0b0ef1b 100644 --- a/impl-native-tls/Cargo.toml +++ b/impl-native-tls/Cargo.toml @@ -1,33 +1,38 @@ [package] name = "tls-api-native-tls" +description = "TLS API implementation over native-tls crate" + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } -description = "TLS API implementation over native-tls crate" -keywords = ["tls"] -edition = "2018" +edition = { workspace = true } +keywords = { workspace = true } [lib] bench = false [dependencies] -native-tls = { version ="0.2", features = ["alpn"] } -tokio = { version = "1.2.0", features = [], optional = true } -async-std = { version = "1.9.0", features = ["attributes"], optional = true } -anyhow = "1.0.44" -thiserror = "2" +native-tls = { version = "0.2", features = ["alpn"] } +tokio = { version = "1.2.0", features = [], optional = true } +async-std = { version = "1.9.0", features = ["attributes"], optional = true } +anyhow = "1.0.44" +thiserror = "2" -tls-api = { path = "../api", default-features = false } +tls-api = { path = "../api", version = "0.12.0", default-features = false } [features] default = ["runtime-tokio"] -runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] +runtime-async-std = [ + "async-std", + "tls-api/runtime-async-std", + "tls-api-test/runtime-async-std", +] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "0.12.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-native-tls/README.md b/impl-native-tls/README.md index 73e4c62..957a318 100644 --- a/impl-native-tls/README.md +++ b/impl-native-tls/README.md @@ -1,3 +1,3 @@ # tls-api-native-tls -*This is a fork of [tls-api-native-tls](https://crates.io/crates/tls-api-native-tls) with updated dependencies.* +Implementation of [`tls-api`](https://crates.io/crates/tls-api) over [native-tls](https://crates.io/crates/native-tls) crate. diff --git a/impl-not-tls/Cargo.toml b/impl-not-tls/Cargo.toml index cd8b3c0..640b6f6 100644 --- a/impl-not-tls/Cargo.toml +++ b/impl-not-tls/Cargo.toml @@ -1,28 +1,33 @@ [package] name = "tls-api-not-tls" +description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } edition = { workspace = true } -description = "TLS API implementation which returns plain sockets. This is NOT TLS implementation." -keywords = ["tls"] +keywords = { workspace = true } [lib] bench = false [dependencies] -tls-api = { path = "../api", package = "tls-api", default-features = false } +tls-api = { path = "../api", version = "0.12.0", default-features = false } -tokio = { version = "1.2.0", features = [], optional = true } +tokio = { version = "1.2.0", features = [], optional = true } async-std = { version = "1.9.0", features = ["attributes"], optional = true } -anyhow = "1.0.44" -thiserror = "2" +anyhow = "1.0.44" +thiserror = "2" [features] default = ["runtime-tokio"] -runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] +runtime-async-std = [ + "async-std", + "tls-api/runtime-async-std", + "tls-api-test/runtime-async-std", +] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", package = "tls-api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-not-tls/README.md b/impl-not-tls/README.md index f951d21..21518cf 100644 --- a/impl-not-tls/README.md +++ b/impl-not-tls/README.md @@ -1,7 +1,5 @@ # tls-api-not-tls -*This is a fork of [tls-api-not-tls](https://crates.io/crates/tls-api-not-tls) with updated dependencies.* - Implementation which returns the (wrapped) socket in `connect` and `accept` operations. No TLS. Might be useful in writing tests or something. diff --git a/impl-openssl/Cargo.toml b/impl-openssl/Cargo.toml index 37a3232..ba3a72c 100644 --- a/impl-openssl/Cargo.toml +++ b/impl-openssl/Cargo.toml @@ -1,35 +1,40 @@ [package] name = "tls-api-openssl" +description = "TLS API implementation over openssl crate" +build = "build.rs" + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } edition = { workspace = true } -description = "TLS API implementation over openssl crate" -keywords = ["tls"] -build = "build.rs" +keywords = { workspace = true } [lib] bench = false [dependencies] # To implement OpenSSL version check in build.rs -openssl-sys = { version = "0.9.43" } -openssl = { version = "0.10.20", features = ["v102", "v110"] } -tls-api = { path = "../api", default-features = false } -tokio = { version = "1.2.0", features = [], optional = true } -async-std = { version = "1.9.0", features = ["attributes"], optional = true } -anyhow = "1.0.44" -thiserror = "2" +openssl-sys = { version = "0.9.43" } +openssl = { version = "0.10.20", features = ["v102", "v110"] } +tls-api = { path = "../api", version = "0.12.0", default-features = false } +tokio = { version = "1.2.0", features = [], optional = true } +async-std = { version = "1.9.0", features = ["attributes"], optional = true } +anyhow = "1.0.44" +thiserror = "2" [features] default = ["runtime-tokio"] -runtime-async-std = ["async-std", "tls-api/runtime-async-std", "tls-api-test/runtime-async-std"] +runtime-async-std = [ + "async-std", + "tls-api/runtime-async-std", + "tls-api-test/runtime-async-std", +] runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "0.12.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-openssl/README.md b/impl-openssl/README.md index dea2c98..18dc0d8 100644 --- a/impl-openssl/README.md +++ b/impl-openssl/README.md @@ -1,5 +1,3 @@ # tls-api-openssl -*This is a fork of [tls-api-openssl](https://crates.io/crates/tls-api-openssl) with updated dependencies.* - -Implementation of `tls-api` over [openssl](https://crates.io/crates/openssl) crate. +Implementation of [`tls-api`](https://crates.io/crates/tls-api) over [openssl](https://crates.io/crates/openssl) crate. diff --git a/impl-rustls/Cargo.toml b/impl-rustls/Cargo.toml index 98047e2..a44952f 100644 --- a/impl-rustls/Cargo.toml +++ b/impl-rustls/Cargo.toml @@ -1,12 +1,13 @@ [package] name = "tls-api-rustls" +description = "TLS API implementation over rustls crate" + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } edition = { workspace = true } -description = "TLS API implementation over rustls crate" -keywords = ["tls"] +keywords = { workspace = true } [lib] bench = false @@ -20,7 +21,7 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", default-features = false } +tls-api = { path = "../api", version = "0.12.0", default-features = false } [features] default = ["runtime-tokio"] @@ -32,8 +33,8 @@ runtime-async-std = [ runtime-tokio = ["tokio", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "0.12.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-rustls/README.md b/impl-rustls/README.md index ead8fad..40dd79c 100644 --- a/impl-rustls/README.md +++ b/impl-rustls/README.md @@ -1,5 +1,3 @@ # tls-api-rustls -*This is a fork of [tls-api-rustls](https://crates.io/crates/tls-api-rustls) with updated dependencies.* - -Implementation of tls-api over [rustls](https://crates.io/crates/rustls). +Implementation of [`tls-api`](https://crates.io/crates/tls-api) over [rustls](https://crates.io/crates/rustls) crate. \ No newline at end of file diff --git a/impl-security-framework/Cargo.toml b/impl-security-framework/Cargo.toml index e58868a..49b0695 100644 --- a/impl-security-framework/Cargo.toml +++ b/impl-security-framework/Cargo.toml @@ -1,12 +1,13 @@ [package] name = "tls-api-security-framework" +description = "TLS API implementation over rustls crate" + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } edition = { workspace = true } -description = "TLS API implementation over rustls crate" -keywords = ["tls"] +keywords = { workspace = true } [lib] bench = false @@ -18,8 +19,8 @@ void = "1.0.2" anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", default-features = false } -tls-api-stub = { path = "../impl-stub", default-features = false } +tls-api = { path = "../api", version = "0.12.0", default-features = false } +tls-api-stub = { path = "../impl-stub", version = "0.12.0", default-features = false } [target."cfg(any(target_os = \"macos\", target_os = \"ios\"))".dependencies] security-framework = { version = "3.0.1", features = ["alpn"] } @@ -40,8 +41,8 @@ runtime-tokio = [ ] [dev-dependencies] -tls-api-test = { path = "../api-test", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", version = "0.12.0", default-features = false } [build-dependencies] -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-security-framework/README.md b/impl-security-framework/README.md index 73ec207..8cde69c 100644 --- a/impl-security-framework/README.md +++ b/impl-security-framework/README.md @@ -1,5 +1,3 @@ # tls-api-security-framework -*This is a fork of [tls-api-security-framework](https://crates.io/crates/tls-api-security-framework) with updated dependencies.* - -tls-api implementation over security-framework crate. +Implementation of [`tls-api`](https://crates.io/crates/tls-api) over [security-framework](https://crates.io/crates/security-framework) crate. diff --git a/impl-stub/Cargo.toml b/impl-stub/Cargo.toml index 592635d..c671b2a 100644 --- a/impl-stub/Cargo.toml +++ b/impl-stub/Cargo.toml @@ -1,12 +1,13 @@ [package] name = "tls-api-stub" +description = "TLS API implementation that returns error on any operation" + version = { workspace = true } authors = { workspace = true } license = { workspace = true } repository = { workspace = true } edition = { workspace = true } -description = "TLS API implementation that returns error on any operation" -keywords = ["tls"] +keywords = { workspace = true } [lib] bench = false @@ -18,7 +19,7 @@ async-std = { version = "1.9.0", features = ["attributes"], optional = true } anyhow = "1.0.44" thiserror = "2" -tls-api = { path = "../api", default-features = false } +tls-api = { path = "../api", version = "0.12.0", default-features = false } [features] default = ["runtime-tokio"] @@ -26,4 +27,4 @@ runtime-async-std = ["tokio", "tls-api/runtime-async-std", "tls-api-test/runtime runtime-tokio = ["async-std", "tls-api/runtime-tokio", "tls-api-test/runtime-tokio"] [dev-dependencies] -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", version = "0.12.0", default-features = false } diff --git a/impl-stub/README.md b/impl-stub/README.md index 737dd6d..56feaf8 100644 --- a/impl-stub/README.md +++ b/impl-stub/README.md @@ -1,7 +1,5 @@ ## tls-api-stub -*This is a fork of [tls-api-stub](https://crates.io/crates/tls-api-stub) with updated dependencies.* - Stub implementation of tls-api. All operations return an error. Useful when you need an implementation of type like `TlsConnector`, diff --git a/interop/Cargo.toml b/interop/Cargo.toml index 006278b..fb905df 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -3,9 +3,6 @@ name = "interop" description = "Test different implementations compatible with each other" publish = false -authors = { workspace = true } -edition = { workspace = true } - [lib] bench = false @@ -16,11 +13,11 @@ runtime-tokio = ["tls-api-test/runtime-tokio", "tls-api-openssl/runtime-tokio", [dependencies] tls-api = { path = "../api", default-features = false } -tls-api-test = { path = "../api-test", default-features = false } +tls-api-test = { path = "../api-test", package = "tls-api-test-2", default-features = false } tls-api-openssl = { path = "../impl-openssl", default-features = false } tls-api-rustls = { path = "../impl-rustls", default-features = false } tls-api-native-tls = { path = "../impl-native-tls", default-features = false } tls-api-security-framework = { path = "../impl-security-framework", default-features = false } -test-cert-gen = { path = "../test-cert-gen", default-features = false } +test-cert-gen = { path = "../test-cert-gen", package = "test-cert-gen-2", default-features = false } rustls = { version = "0.23.5", default-features = false, features = ["ring", "tls12"] } diff --git a/test-cert-gen/Cargo.toml b/test-cert-gen/Cargo.toml index 7dca9a8..6ea9f60 100644 --- a/test-cert-gen/Cargo.toml +++ b/test-cert-gen/Cargo.toml @@ -1,10 +1,13 @@ [package] -name = "test-cert-gen" +name = "test-cert-gen-2" description = "Utility to generate certificates for tests (e. g. for TLS)" + version = { workspace = true } authors = { workspace = true } -edition = { workspace = true } license = { workspace = true } +repository = { workspace = true } +edition = { workspace = true } +keywords = { workspace = true } [lib] bench = false diff --git a/test-cert-gen/src/bin/gen-certs-here.rs b/test-cert-gen/src/bin/gen-certs-here.rs index 85365a4..1033557 100644 --- a/test-cert-gen/src/bin/gen-certs-here.rs +++ b/test-cert-gen/src/bin/gen-certs-here.rs @@ -1,7 +1,7 @@ use std::fs; fn main() { - let keys = test_cert_gen::gen_keys(); + let keys = test_cert_gen_2::gen_keys(); println!("writing server cert to server.pem"); fs::write("server.pem", keys.server.cert_and_key.to_pem_incorrect()).unwrap();