From 6fb41a47a64ae19ef4ea89f28f7a87410db294d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 21:01:20 +0000 Subject: [PATCH 1/4] chore(deps): update rustls-pemfile requirement from 1.0.0 to 2.0.0 Updates the requirements on [rustls-pemfile](https://github.com/rustls/pemfile) to permit the latest version. - [Release notes](https://github.com/rustls/pemfile/releases) - [Commits](https://github.com/rustls/pemfile/compare/v/1.0.0...v/2.0.0) --- updated-dependencies: - dependency-name: rustls-pemfile dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 1c21fdb..169ccfc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -44,7 +44,7 @@ async-http-proxy = { version = "1.2.5", features = ["runtime-tokio"] } criterion = { version = "0.5.0", features = ["async_tokio"] } reqwest = "0.11.10" rustls-native-certs = "0.6.2" -rustls-pemfile = "1.0.0" +rustls-pemfile = "2.0.0" tls-listener = { version = "0.8.0", features = ["rustls", "hyper-h1", "hyper-h2"] } tokio = { version = "1.24.2", features = ["full"] } tokio-native-tls = "0.3.1" From 33a7fead9218ea1ba5497d9c3edef4d345e26191 Mon Sep 17 00:00:00 2001 From: omjadas Date: Fri, 1 Dec 2023 15:05:01 +1100 Subject: [PATCH 2/4] chore: update rustls-pemfile usage --- benches/certificate_authorities.rs | 9 +++++++-- benches/proxy.rs | 9 +++++++-- examples/log.rs | 9 +++++++-- examples/noop.rs | 9 +++++++-- src/certificate_authority/rcgen_authority.rs | 18 ++++++++++++++---- src/proxy/builder.rs | 9 +++++++-- src/proxy/mod.rs | 9 +++++++-- tests/common/mod.rs | 8 +++++++- tests/rcgen_ca.rs | 9 +++++++-- tests/websocket.rs | 9 +++++++-- 10 files changed, 77 insertions(+), 21 deletions(-) diff --git a/benches/certificate_authorities.rs b/benches/certificate_authorities.rs index f1eba6a..b9692d8 100644 --- a/benches/certificate_authorities.rs +++ b/benches/certificate_authorities.rs @@ -18,13 +18,18 @@ fn build_rcgen_ca(cache_size: u64) -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, cache_size) diff --git a/benches/proxy.rs b/benches/proxy.rs index b71a19c..468a6bf 100644 --- a/benches/proxy.rs +++ b/benches/proxy.rs @@ -31,13 +31,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/examples/log.rs b/examples/log.rs index c5abb83..f4c81ca 100644 --- a/examples/log.rs +++ b/examples/log.rs @@ -51,13 +51,18 @@ async fn main() { let mut ca_cert_bytes: &[u8] = include_bytes!("ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/examples/noop.rs b/examples/noop.rs index 52f8354..7041487 100644 --- a/examples/noop.rs +++ b/examples/noop.rs @@ -17,13 +17,18 @@ async fn main() { let mut ca_cert_bytes: &[u8] = include_bytes!("ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/src/certificate_authority/rcgen_authority.rs b/src/certificate_authority/rcgen_authority.rs index 6f412c9..e9adba5 100644 --- a/src/certificate_authority/rcgen_authority.rs +++ b/src/certificate_authority/rcgen_authority.rs @@ -28,13 +28,18 @@ use tracing::debug; /// let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// let private_key = rustls::PrivateKey( /// pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// .next() /// .unwrap() -/// .remove(0), +/// .expect("Failed to parse private key") +/// .secret_pkcs8_der() +/// .to_vec(), /// ); /// let ca_cert = rustls::Certificate( /// pemfile::certs(&mut ca_cert_bytes) +/// .next() /// .unwrap() -/// .remove(0), +/// .expect("Failed to parse CA certificate") +/// .to_vec(), /// ); /// /// let ca = RcgenAuthority::new(private_key, ca_cert, 1_000).unwrap(); @@ -159,13 +164,18 @@ mod tests { let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, cache_size).unwrap() diff --git a/src/proxy/builder.rs b/src/proxy/builder.rs index ecabec7..6e74085 100644 --- a/src/proxy/builder.rs +++ b/src/proxy/builder.rs @@ -31,13 +31,18 @@ use tokio_tungstenite::Connector; /// # let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// # let private_key = rustls::PrivateKey( /// # pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse private key") -/// # .remove(0), +/// # .secret_pkcs8_der() +/// # .to_vec(), /// # ); /// # let ca_cert = rustls::Certificate( /// # pemfile::certs(&mut ca_cert_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse CA certificate") -/// # .remove(0), +/// # .to_vec(), /// # ); /// # /// # let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/src/proxy/mod.rs b/src/proxy/mod.rs index 07445c0..1777096 100644 --- a/src/proxy/mod.rs +++ b/src/proxy/mod.rs @@ -34,13 +34,18 @@ pub use builder::ProxyBuilder; /// # let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); /// # let private_key = rustls::PrivateKey( /// # pemfile::pkcs8_private_keys(&mut private_key_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse private key") -/// # .remove(0), +/// # .secret_pkcs8_der() +/// # .to_vec(), /// # ); /// # let ca_cert = rustls::Certificate( /// # pemfile::certs(&mut ca_cert_bytes) +/// # .next() +/// # .unwrap() /// # .expect("Failed to parse CA certificate") -/// # .remove(0), +/// # .to_vec(), /// # ); /// # /// # let ca = RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/tests/common/mod.rs b/tests/common/mod.rs index 1a1cf80..38c0cfc 100644 --- a/tests/common/mod.rs +++ b/tests/common/mod.rs @@ -130,7 +130,13 @@ fn rustls_client_config() -> rustls::ClientConfig { } let mut ca_cert_bytes: &[u8] = include_bytes!("../../examples/ca/hudsucker.cer"); - let ca_cert = rustls::Certificate(pemfile::certs(&mut ca_cert_bytes).unwrap().remove(0)); + let ca_cert = rustls::Certificate( + pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() + .expect("Failed to parse CA certificate") + .to_vec(), + ); roots.add(&ca_cert).unwrap(); diff --git a/tests/rcgen_ca.rs b/tests/rcgen_ca.rs index 576677c..a417b7b 100644 --- a/tests/rcgen_ca.rs +++ b/tests/rcgen_ca.rs @@ -9,13 +9,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000) diff --git a/tests/websocket.rs b/tests/websocket.rs index cff6451..d821beb 100644 --- a/tests/websocket.rs +++ b/tests/websocket.rs @@ -15,13 +15,18 @@ fn build_ca() -> RcgenAuthority { let mut ca_cert_bytes: &[u8] = include_bytes!("../examples/ca/hudsucker.cer"); let private_key = rustls::PrivateKey( pemfile::pkcs8_private_keys(&mut private_key_bytes) + .next() + .unwrap() .expect("Failed to parse private key") - .remove(0), + .secret_pkcs8_der() + .to_vec(), ); let ca_cert = rustls::Certificate( pemfile::certs(&mut ca_cert_bytes) + .next() + .unwrap() .expect("Failed to parse CA certificate") - .remove(0), + .to_vec(), ); RcgenAuthority::new(private_key, ca_cert, 1_000) From 478e7358111ad4bff57a4141291b65579d3490f0 Mon Sep 17 00:00:00 2001 From: omjadas Date: Fri, 1 Dec 2023 15:16:44 +1100 Subject: [PATCH 3/4] chore(deps): update tracing --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 169ccfc..acd9fe6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -37,7 +37,7 @@ tokio = { version = "1.24.2", features = ["rt"] } tokio-rustls = "0.24.0" tokio-tungstenite = "0.20.0" tokio-util = { version = "0.7.0", features = ["io"], optional = true } -tracing = { version = "0.1.21", features = ["log"] } +tracing = { version = "0.1.23", features = ["log"] } [dev-dependencies] async-http-proxy = { version = "1.2.5", features = ["runtime-tokio"] } From dcff4dc1d271b140459a4b6dc9b4f64831405ce7 Mon Sep 17 00:00:00 2001 From: omjadas Date: Fri, 1 Dec 2023 15:26:09 +1100 Subject: [PATCH 4/4] ci: only run CI for pushes on main branch --- .github/workflows/build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dbf98b6..bea96a3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,8 @@ -on: [push, pull_request] +on: + push: + branches: + - main + pull_request: name: Build