Additional changes to upgrade to rustls 0.23

n0-computer · matheus23 · Aug 7, 2024 · Jan 11, 2024 · Jan 11, 2024 · Jan 11, 2024
commit d51d68ccb267861dbe91d7294a4b4f23c65540f4
diff --git a/Cargo.toml b/Cargo.toml
@@ -25,10 +25,10 @@ x509-parser = "0.15"
 chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
 url = "2.2.2"
 async-trait = "0.1.53"
-rustls = "0.22"
+rustls = { version = "0.23", default-features = false, features = ["ring"] }
 
 tokio = { version = "1.20.1", default-features = false }
-tokio-rustls = { version = "0.25" }
+tokio-rustls = { version = "0.26" }
 reqwest = { version = "0.12", default-features = false, features = ["rustls-tls"] }
 
 # Axum

diff --git a/examples/high_level.rs b/examples/high_level.rs
@@ -56,7 +56,7 @@ async fn main() {
     unreachable!()
 }
 
-const HELLO: &'static [u8] = br#"HTTP/1.1 200 OK
+const HELLO: &[u8] = br#"HTTP/1.1 200 OK
 Content-Length: 10
 Content-Type: text/plain; charset=utf-8
 

diff --git a/examples/low_level.rs b/examples/low_level.rs
@@ -42,7 +42,6 @@ async fn main() {
         .directory_lets_encrypt(args.prod)
         .state();
     let rustls_config = ServerConfig::builder()
-        .with_safe_defaults()
         .with_no_client_auth()
         .with_cert_resolver(state.resolver());
     let acceptor = state.acceptor();
@@ -81,7 +80,7 @@ async fn serve(acceptor: AcmeAcceptor, rustls_config: Arc<ServerConfig>, port: u
     }
 }
 
-const HELLO: &'static [u8] = br#"HTTP/1.1 200 OK
+const HELLO: &[u8] = br#"HTTP/1.1 200 OK
 Content-Length: 10
 Content-Type: text/plain; charset=utf-8
 

diff --git a/src/https_helper.rs b/src/https_helper.rs
@@ -1,8 +1,8 @@
 use rustls::{pki_types::InvalidDnsNameError, ClientConfig};
-use thiserror::Error;
 use std::sync::Arc;
+use thiserror::Error;
 
-pub use reqwest::{Request, Response};
+pub use reqwest::Response;
 
 #[derive(Copy, Clone)]
 pub enum Method {

diff --git a/src/state.rs b/src/state.rs
@@ -7,9 +7,9 @@ use chrono::{DateTime, TimeZone, Utc};
 use futures::future::try_join_all;
 use futures::{ready, FutureExt, Stream};
 use rcgen::{CertificateParams, DistinguishedName, RcgenError, PKCS_ECDSA_P256_SHA256};
-use rustls::{sign::CertifiedKey, crypto::ring::sign::any_ecdsa_type};
 use rustls::pki_types::CertificateDer as RustlsCertificate;
 use rustls::pki_types::{PrivateKeyDer, PrivatePkcs8KeyDer};
+use rustls::{crypto::ring::sign::any_ecdsa_type, sign::CertifiedKey};
 use std::convert::Infallible;
 use std::fmt::Debug;
 use std::future::Future;
@@ -28,6 +28,7 @@ pub fn after(d: std::time::Duration) -> Timer {
     Box::pin(tokio::time::sleep(d))
 }
 
+#[allow(clippy::type_complexity)]
 pub struct AcmeState<EC: Debug = Infallible, EA: Debug = EC> {
     config: Arc<AcmeConfig<EC, EA>>,
     resolver: Arc<ResolvesServerCertAcme>,
@@ -166,10 +167,8 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeState<EC, EA> {
             Ok(pk) => pk,
             Err(_) => return Err(CertParseError::InvalidPrivateKey),
         };
-        let cert_chain: Vec<RustlsCertificate> = pems
-            .into_iter()
-            .map(|p| p.into_contents().into())
-            .collect();
+        let cert_chain: Vec<RustlsCertificate> =
+            pems.into_iter().map(|p| p.into_contents().into()).collect();
         let validity = match parse_x509_certificate(cert_chain[0].as_ref()) {
             Ok((_, cert)) => {
                 let validity = cert.validity();