diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dbf98b6..bea96a3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,8 @@ -on: [push, pull_request] +on: + push: + branches: + - main + pull_request: name: Build diff --git a/Cargo.toml b/Cargo.toml index 1c21fdb..acd9fe6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -37,14 +37,14 @@ tokio = { version = "1.24.2", features = ["rt"] } tokio-rustls = "0.24.0" tokio-tungstenite = "0.20.0" tokio-util = { version = "0.7.0", features = ["io"], optional = true } -tracing = { version = "0.1.21", features = ["log"] } +tracing = { version = "0.1.23", features = ["log"] } [dev-dependencies] async-http-proxy = { version = "1.2.5", features = ["runtime-tokio"] } criterion = { version = "0.5.0", features = ["async_tokio"] } reqwest = "0.11.10" rustls-native-certs = "0.6.2" -rustls-pemfile = "1.0.0" +rustls-pemfile = "2.0.0" tls-listener = { version = "0.8.0", features = ["rustls", "hyper-h1", "hyper-h2"] } tokio = { version = "1.24.2", features = ["full"] } tokio-native-tls = "0.3.1" diff --git a/benches/certificate_authorities.rs b/benches/certificate_authorities.rs index f1eba6a..b9692d8 100644 --- a/benches/certificate_authorities.rs +++ b/benches/certificate_authorities.rs @@ -18,13 +18,18 @@ fn build_rcgen_ca(cache_size: u64) -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, cache_size) diff --git a/benches/proxy.rs b/benches/proxy.rs index b71a19c..468a6bf 100644 --- a/benches/proxy.rs +++ b/benches/proxy.rs @@ -31,13 +31,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/examples/log.rs b/examples/log.rs index c5abb83..f4c81ca 100644 --- a/examples/log.rs +++ b/examples/log.rs @@ -51,13 +51,18 @@ async fn main() { let mut ca_cert_bytes: &[u8] = include_bytes!("ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/examples/noop.rs b/examples/noop.rs index 52f8354..7041487 100644 --- a/examples/noop.rs +++ b/examples/noop.rs @@ -17,13 +17,18 @@ async fn main() { let mut ca_cert_bytes: &[u8] = include_bytes!("ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/src/certificate_authority/rcgen_authority.rs b/src/certificate_authority/rcgen_authority.rs index 6f412c9..e9adba5 100644 --- a/src/certificate_authority/rcgen_authority.rs +++ b/src/certificate_authority/rcgen_authority.rs @@ -28,13 +28,18 @@ use tracing::debug; /// let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// let private_key = rustls::PrivateKey( /// pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// .next() /// .unwrap() -/// .remove(0), +/// .expect("Failed to parse private key") +/// .secret_pkcs8_der() +/// .to_vec(), /// ); /// let ca_cert = rustls::Certificate( /// pemfile::certs(&mut ca_cert_bytes) +/// .next() /// .unwrap() -/// .remove(0), +/// .expect("Failed to parse CA certificate") +/// .to_vec(), /// ); /// /// let ca = RcgenAuthority::new(private_key, ca_cert, 1_000).unwrap(); @@ -159,13 +164,18 @@ mod tests { let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, cache_size).unwrap() diff --git a/src/proxy/builder.rs b/src/proxy/builder.rs index ecabec7..6e74085 100644 --- a/src/proxy/builder.rs +++ b/src/proxy/builder.rs @@ -31,13 +31,18 @@ use tokio_tungstenite::Connector; /// # let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// # let private_key = rustls::PrivateKey( /// # pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse private key") -/// # .remove(0), +/// # .secret_pkcs8_der() +/// # .to_vec(), /// # ); /// # let ca_cert = rustls::Certificate( /// # pemfile::certs(&mut ca_cert_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse CA certificate") -/// # .remove(0), +/// # .to_vec(), /// # ); /// # /// # let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/src/proxy/mod.rs b/src/proxy/mod.rs index 07445c0..1777096 100644 --- a/src/proxy/mod.rs +++ b/src/proxy/mod.rs @@ -34,13 +34,18 @@ pub use builder::ProxyBuilder; /// # let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// # let private_key = rustls::PrivateKey( /// # pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse private key") -/// # .remove(0), +/// # .secret_pkcs8_der() +/// # .to_vec(), /// # ); /// # let ca_cert = rustls::Certificate( /// # pemfile::certs(&mut ca_cert_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse CA certificate") -/// # .remove(0), +/// # .to_vec(), /// # ); /// # /// # let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/tests/common/mod.rs b/tests/common/mod.rs index 1a1cf80..38c0cfc 100644 --- a/tests/common/mod.rs +++ b/tests/common/mod.rs @@ -130,7 +130,13 @@ fn rustls_client_config() -> rustls::ClientConfig { } let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); - let ca_cert = rustls::Certificate(pemfile::certs(&mut ca_cert_bytes).unwrap().remove(0)); + let ca_cert = rustls::Certificate( + pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() + .expect("Failed to parse CA certificate") + .to_vec(), + ); roots.add(&ca_cert).unwrap(); diff --git a/tests/rcgen_ca.rs b/tests/rcgen_ca.rs index 576677c..a417b7b 100644 --- a/tests/rcgen_ca.rs +++ b/tests/rcgen_ca.rs @@ -9,13 +9,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/tests/websocket.rs b/tests/websocket.rs index cff6451..d821beb 100644 --- a/tests/websocket.rs +++ b/tests/websocket.rs @@ -15,13 +15,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000)