diff --git a/Cargo.lock b/Cargo.lock index b4b056563..7192a25b9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -23,6 +23,18 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234" +[[package]] +name = "ahash" +version = "0.8.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", + "zerocopy", +] + [[package]] name = "aho-corasick" version = "1.1.3" @@ -32,6 +44,12 @@ dependencies = [ "memchr", ] +[[package]] +name = "allocator-api2" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c6cb57a04249c6480766f7f7cef5467412af1490f8d1e243141daddada3264f" + [[package]] name = "android-tzdata" version = "0.1.1" @@ -185,15 +203,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" -[[package]] -name = "block-buffer" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] - [[package]] name = "block-buffer" version = "0.10.4" @@ -250,11 +259,12 @@ dependencies = [ [[package]] name = "cipher" -version = "0.2.5" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" dependencies = [ - "generic-array", + "crypto-common", + "inout", ] [[package]] @@ -288,6 +298,15 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f" +[[package]] +name = "core2" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b49ba7ef1ad6107f8824dbe97de947cbaac53c44e7f9756a1fba0d37c1eec505" +dependencies = [ + "memchr", +] + [[package]] name = "cpufeatures" version = "0.2.12" @@ -322,16 +341,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "crypto-mac" -version = "0.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bff07008ec701e8028e2ceb8f83f0e4274ee62bd2dbdc4fefff2e9a91824081a" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "cryptoki" version = "0.3.0" @@ -389,6 +398,21 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "dary_heap" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7762d17f1241643615821a8455a0b2c3e803784b058693d990b11f2dce25a0ca" + +[[package]] +name = "deranged" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4" +dependencies = [ + "powerfmt", +] + [[package]] name = "derivative" version = "2.2.0" @@ -412,22 +436,13 @@ version = "0.1.13" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" -[[package]] -name = "digest" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" -dependencies = [ - "generic-array", -] - [[package]] name = "digest" version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ - "block-buffer 0.10.4", + "block-buffer", "crypto-common", "subtle", ] @@ -528,11 +543,11 @@ dependencies = [ [[package]] name = "error-chain" -version = "0.11.0" +version = "0.12.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff511d5dc435d703f4971bc399647c9bc38e20cb41452e3b9feb4765419ed3f3" +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" dependencies = [ - "backtrace", + "version_check", ] [[package]] @@ -560,11 +575,10 @@ dependencies = [ [[package]] name = "fern" -version = "0.5.9" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e69ab0d5aca163e388c3a49d284fed6c3d0810700e77c5ae2756a50ec1a4daaa" +checksum = "d9f0c14694cbd524c8720dd69b0e3179344f04ebb5f90f2e4a440c6ea3b2f1ee" dependencies = [ - "chrono", "log", "syslog", ] @@ -615,21 +629,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "futures" -version = "0.3.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0" -dependencies = [ - "futures-channel", - "futures-core", - "futures-executor", - "futures-io", - "futures-sink", - "futures-task", - "futures-util", -] - [[package]] name = "futures-channel" version = "0.3.30" @@ -646,23 +645,6 @@ version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" -[[package]] -name = "futures-executor" -version = "0.3.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a576fc72ae164fca6b9db127eaa9a9dda0d61316034f33a0a0d4eda41f02b01d" -dependencies = [ - "futures-core", - "futures-task", - "futures-util", -] - -[[package]] -name = "futures-io" -version = "0.3.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" - [[package]] name = "futures-macro" version = "0.3.30" @@ -692,13 +674,10 @@ version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" dependencies = [ - "futures-channel", "futures-core", - "futures-io", "futures-macro", "futures-sink", "futures-task", - "memchr", "pin-project-lite", "pin-utils", "slab", @@ -723,7 +702,7 @@ dependencies = [ "cfg-if", "js-sys", "libc", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "wasm-bindgen", ] @@ -757,6 +736,10 @@ name = "hashbrown" version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +dependencies = [ + "ahash", + "allocator-api2", +] [[package]] name = "heck" @@ -787,21 +770,22 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "hmac" -version = "0.10.1" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" dependencies = [ - "crypto-mac", - "digest 0.9.0", + "digest", ] [[package]] -name = "hmac" -version = "0.12.1" +name = "hostname" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +checksum = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867" dependencies = [ - "digest 0.10.7", + "libc", + "match_cfg", + "winapi", ] [[package]] @@ -1055,6 +1039,15 @@ dependencies = [ "hashbrown", ] +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + [[package]] name = "instant" version = "0.1.13" @@ -1174,7 +1167,7 @@ name = "krill" version = "0.14.5-dev" dependencies = [ "backoff", - "base64 0.13.1", + "base64 0.22.1", "basic-cookies", "bytes", "chrono", @@ -1183,7 +1176,6 @@ dependencies = [ "cryptoki-sys", "fern", "fslock", - "futures", "futures-util", "hex", "hyper", @@ -1191,7 +1183,6 @@ dependencies = [ "jmespatch", "kmip-protocol", "kvx", - "libc", "libflate", "log", "once_cell", @@ -1338,21 +1329,25 @@ checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" [[package]] name = "libflate" -version = "1.4.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ff4ae71b685bbad2f2f391fe74f6b7659a34871c08b210fdc039e43bee07d18" +checksum = "45d9dfdc14ea4ef0900c1cddbc8dcd553fbaacd8a4a282cf4018ae9dd04fb21e" dependencies = [ "adler32", + "core2", "crc32fast", + "dary_heap", "libflate_lz77", ] [[package]] name = "libflate_lz77" -version = "1.2.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a52d3a8bfc85f250440e4424db7d857e241a3aebbbe301f3eb606ab15c39acbf" +checksum = "e6e0d73b369f386f1c44abd9c570d5318f55ccde816ff4b562fa452e5182863d" dependencies = [ + "core2", + "hashbrown", "rle-decode-fast", ] @@ -1410,6 +1405,12 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d" +[[package]] +name = "match_cfg" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffbee8634e0d45d258acb448e7eaab3fce7a0a467395d4d9f228e3c1f01fb2e4" + [[package]] name = "matchers" version = "0.0.1" @@ -1437,7 +1438,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf" dependencies = [ "cfg-if", - "digest 0.10.7", + "digest", ] [[package]] @@ -1454,9 +1455,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" [[package]] name = "miniz_oxide" -version = "0.7.3" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87dfd01fe195c66b572b37921ad8803d010623c0aca821bea2302239d155cdae" +checksum = "b8a240ddb74feaf34a79a7add65a741f3167852fba007066dcac1ca548d89c08" dependencies = [ "adler", ] @@ -1468,7 +1469,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" dependencies = [ "libc", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "windows-sys 0.48.0", ] @@ -1505,6 +1506,12 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-conv" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" + [[package]] name = "num-integer" version = "0.1.46" @@ -1533,6 +1540,15 @@ dependencies = [ "libc", ] +[[package]] +name = "num_threads" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c7398b9c8b70908f6371f47ed36737907c87c52af34c268fed0bf0ceb92ead9" +dependencies = [ + "libc", +] + [[package]] name = "oauth2" version = "4.4.2" @@ -1547,7 +1563,7 @@ dependencies = [ "serde", "serde_json", "serde_path_to_error", - "sha2 0.10.8", + "sha2", "thiserror", "url", ] @@ -1567,12 +1583,6 @@ version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" -[[package]] -name = "opaque-debug" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" - [[package]] name = "openidconnect" version = "2.5.1" @@ -1703,11 +1713,12 @@ dependencies = [ [[package]] name = "pbkdf2" -version = "0.7.5" +version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf916dd32dd26297907890d99dc2740e33f6bd9073965af4ccff2967962f5508" +checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" dependencies = [ - "crypto-mac", + "digest", + "hmac", ] [[package]] @@ -1829,11 +1840,11 @@ dependencies = [ "byteorder", "bytes", "fallible-iterator", - "hmac 0.12.1", + "hmac", "md-5", "memchr", "rand", - "sha2 0.10.8", + "sha2", "stringprep", ] @@ -1851,6 +1862,12 @@ dependencies = [ "serde_json", ] +[[package]] +name = "powerfmt" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -2116,12 +2133,13 @@ checksum = "3582f63211428f83597b51b2ddb88e2a91a9d52d12831f9d08f5e624e8977422" [[package]] name = "rpassword" -version = "5.0.1" +version = "7.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffc936cf8a7ea60c58f030fd36a612a48f440610214dc54bc36431f9ea0c3efb" +checksum = "80472be3c897911d0137b2d2b9055faf6eeac5b14e324073d83bc17b191d7e3f" dependencies = [ "libc", - "winapi", + "rtoolbox", + "windows-sys 0.48.0", ] [[package]] @@ -2141,6 +2159,16 @@ dependencies = [ "uuid", ] +[[package]] +name = "rtoolbox" +version = "0.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c247d24e63230cdb56463ae328478bd5eac8b8faa8c69461a77e8e323afac90e" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + [[package]] name = "rustc-demangle" version = "0.1.24" @@ -2214,9 +2242,9 @@ checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f" [[package]] name = "salsa20" -version = "0.7.2" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "399f290ffc409596022fce5ea5d4138184be4784f2b28c62c59f0d8389059a15" +checksum = "97a22f5af31f73a954c10289c93e8a50cc23d971e80ee446f1f6f7137a088213" dependencies = [ "cipher", ] @@ -2256,14 +2284,13 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "scrypt" -version = "0.6.5" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19230d10daad7f163d8c1fc8edf84fbe52ac71c2ebe5adf3f763aa1557b843e3" +checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" dependencies = [ - "hmac 0.10.1", "pbkdf2", "salsa20", - "sha2 0.9.9", + "sha2", ] [[package]] @@ -2374,6 +2401,15 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_spanned" +version = "0.6.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79e674e01f999af37c49f70a6ede167a8a60b2503e56c5599532a65baa5969a0" +dependencies = [ + "serde", +] + [[package]] name = "serde_urlencoded" version = "0.7.1" @@ -2408,19 +2444,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "sha2" -version = "0.9.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" -dependencies = [ - "block-buffer 0.9.0", - "cfg-if", - "cpufeatures", - "digest 0.9.0", - "opaque-debug", -] - [[package]] name = "sha2" version = "0.10.8" @@ -2429,7 +2452,7 @@ checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.7", + "digest", ] [[package]] @@ -2547,9 +2570,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" [[package]] name = "subtle" -version = "2.4.1" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" [[package]] name = "syn" @@ -2592,11 +2615,12 @@ dependencies = [ [[package]] name = "syslog" -version = "4.0.1" +version = "6.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0641142b4081d3d44beffa4eefd7346a228cdf91ed70186db2ca2cef762d327" +checksum = "dfc7e95b5b795122fafe6519e27629b5ab4232c73ebb2428f568e82b1a457ad3" dependencies = [ "error-chain", + "hostname", "libc", "log", "time", @@ -2693,13 +2717,35 @@ dependencies = [ [[package]] name = "time" -version = "0.1.45" +version = "0.3.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" +checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" dependencies = [ + "deranged", + "itoa", "libc", - "wasi 0.10.0+wasi-snapshot-preview1", - "winapi", + "num-conv", + "num_threads", + "powerfmt", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3" + +[[package]] +name = "time-macros" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" +dependencies = [ + "num-conv", + "time-core", ] [[package]] @@ -2826,11 +2872,36 @@ dependencies = [ [[package]] name = "toml" -version = "0.5.11" +version = "0.8.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" +checksum = "6f49eb2ab21d2f26bd6db7bf383edc527a7ebaee412d17af4d40fdccd442f335" dependencies = [ "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4badfd56924ae69bcc9039335b2e017639ce3f9b001c393c1b2d1ef846ce2cbf" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.22.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f21c7aaf97f1bd9ca9d4f9e73b0a6c74bd5afef56f2bc931943a6e1c37e04e38" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", ] [[package]] @@ -3071,12 +3142,6 @@ dependencies = [ "try-lock", ] -[[package]] -name = "wasi" -version = "0.10.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -3355,6 +3420,15 @@ version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +[[package]] +name = "winnow" +version = "0.6.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59b5e5f6c299a3c7890b876a2a587f3115162487e704907d9b6cd29473052ba1" +dependencies = [ + "memchr", +] + [[package]] name = "winreg" version = "0.50.0" @@ -3401,6 +3475,26 @@ dependencies = [ "synstructure", ] +[[package]] +name = "zerocopy" +version = "0.7.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae87e3fcd617500e5d106f0380cf7b77f3c6092aae37191433159dda23cfb087" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.66", +] + [[package]] name = "zerofrom" version = "0.1.4" diff --git a/Cargo.toml b/Cargo.toml index 1efc322e9..f3cdc0b13 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,46 +22,45 @@ exclude = [ [dependencies] backoff = { version = "0.4.0", optional = true } -base64 = "^0.13" -basic-cookies = { version = "^0.1", optional = true } +base64 = "0.22.1" +basic-cookies = { version = "0.1", optional = true } bytes = "1" -chrono = { version = "^0.4", features = ["serde"] } -clap = "^2.33" +chrono = { version = "0.4", features = ["serde"] } +clap = "2.33" cryptoki = { version = "^0.3", optional = true } cryptoki-sys = { version = "=0.1.4", optional = true } # pin cryptoki-sys because of compilation issues on various systems -fern = { version = "^0.5", features = ["syslog-4"] } -futures = "^0.3" -futures-util = "^0.3" +fern = { version = "0.6.2", features = ["syslog-6"] } +futures-util = "0.3" fslock = "0.2.1" -hex = "^0.4" +hex = "0.4" hyper = { version = "^0.14", features = ["server"] } intervaltree = "0.2.6" -jmespatch = { version = "^0.3", features = ["sync"], optional = true } +jmespatch = { version = "0.3", features = ["sync"], optional = true } kmip = { version = "0.4.2", package = "kmip-protocol", features = [ "tls-with-openssl" ], optional = true } kvx = { version = "0.9.3", features = ["macros"] } -libflate = "^1" -log = "^0.4" -once_cell = { version = "^1.7.2", optional = true } -openidconnect = { version = "^2.0.0", optional = true, default_features = false } -openssl = { version = "^0.10", features = ["v110"] } -oso = { version = "^0.12", optional = true, default_features = false } +libflate = "2.1.0" +log = "0.4" +once_cell = { version = "1.7.2", optional = true } +openidconnect = { version = "2.0.0", optional = true, default_features = false } +openssl = { version = "0.10", features = ["v110"] } +oso = { version = "0.12", optional = true, default_features = false } r2d2 = { version = "0.8.9", optional = true } -rand = "^0.8" +rand = "0.8" regex = { version = "1.5.5", optional = true, default_features = false, features = [ "std" ] } reqwest = { version = "0.11", features = ["json"] } -rpassword = { version = "^5.0", optional = true } +rpassword = { version = "7.3.1", optional = true } #rpki = { version = "0.18.0", features = ["ca", "compat", "rrdp"] } rpki = { git = "https://github.com/nLnetLabs/rpki-rs", features = [ "ca", "compat", "rrdp" ] } rustls-pemfile = "1.0.4" -scrypt = { version = "^0.6", optional = true, default-features = false } -serde = { version = "^1.0", features = ["derive", "rc"] } -serde_json = "^1.0" +scrypt = { version = "0.11", optional = true, default-features = false } +serde = { version = "1.0", features = ["derive", "rc"] } +serde_json = "1.0" tokio = { version = "1", features = [ "macros", "rt", "rt-multi-thread", "signal", "time" ] } tokio-rustls = "0.24.1" -toml = "^0.5" +toml = "0.8.14" unicode-normalization = { version = "^0.1", optional = true } url = { version = "2.3.1", features = ["serde"] } -urlparse = { version = "^0.7", optional = true } +urlparse = { version = "0.7", optional = true } uuid = { version = "1.1", features = ["v4"] } # Disable compiler optimizations for the pkcs11 crate because otherwise with a release build the @@ -72,8 +71,7 @@ uuid = { version = "1.1", features = ["v4"] } # opt-level = 0 [target.'cfg(unix)'.dependencies] -libc = "^0.2" -syslog = "^4.0" +syslog = "6.1.1" [features] default = ["multi-user", "hsm"] @@ -99,15 +97,15 @@ all = ["multi-user", "rta", "static-openssl"] hsm-tests-kmip = ["hsm"] hsm-tests-pkcs11 = ["hsm"] +[dev-dependencies] +regex = "1.5.5" +urlparse = "0.7" + # Make sure that Krill crashes on panics, rather than losing threads and # limping on in a bad state. [profile.release] panic = "abort" -[dev-dependencies] -regex = "1.5.5" -urlparse = "^0.7" - # ------------------------------------------------------------------------------ # START DEBIAN PACKAGING # diff --git a/src/cli/client.rs b/src/cli/client.rs index 2249bbd5a..969091b06 100644 --- a/src/cli/client.rs +++ b/src/cli/client.rs @@ -580,7 +580,7 @@ impl KrillClient { config.push_str(hsm_add_on); } - let mut c: Config = toml::from_slice(config.as_ref()).map_err(Error::init)?; + let mut c: Config = toml::from_str(&config).map_err(Error::init)?; c.process().map_err(Error::init)?; Ok(ApiResponse::GenericBody(config)) @@ -592,7 +592,9 @@ impl KrillClient { let (password_hash, salt) = { use scrypt::scrypt; - let password = rpassword::read_password_from_tty(Some("Enter the password to hash: ")).unwrap(); + let password = rpassword::prompt_password( + "Enter the password to hash: " + ).unwrap(); // The scrypt-js NPM documentation (https://www.npmjs.com/package/scrypt-js) says: // "TL;DR - either only allow ASCII characters in passwords, or use @@ -602,7 +604,10 @@ impl KrillClient { let user_id = details.id().nfkc().collect::(); let password = password.trim().nfkc().collect::(); - let params = scrypt::Params::new(PW_HASH_LOG_N, PW_HASH_R, PW_HASH_P).unwrap(); + let params = scrypt::Params::new( + PW_HASH_LOG_N, PW_HASH_R, PW_HASH_P, + scrypt::Params::RECOMMENDED_LEN, + ).unwrap(); // hash twice with two different salts // hash first with a salt the client browser knows how to construct based on the users id and a site diff --git a/src/commons/api/ca.rs b/src/commons/api/ca.rs index 10991d316..fcc6aab7c 100644 --- a/src/commons/api/ca.rs +++ b/src/commons/api/ca.rs @@ -8,6 +8,8 @@ use std::str::FromStr; use std::sync::Arc; use std::{fmt, str}; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; use bytes::Bytes; use chrono::{Duration, TimeZone, Utc}; use rpki::ca::publication::{PublishDelta, PublishDeltaElement}; @@ -1062,8 +1064,14 @@ pub struct ParentStatusIssuingCert { impl From<&SigningCert> for ParentStatusIssuingCert { fn from(signing: &SigningCert) -> Self { - let cert = base64::encode(signing.cert().to_captured().as_slice()); - let cert_pem = format!("-----BEGIN CERTIFICATE-----\n{}\n-----END CERTIFICATE-----\n", cert); + let cert = BASE64_ENGINE.encode( + signing.cert().to_captured().as_slice() + ); + let cert_pem = format!( + "-----BEGIN CERTIFICATE-----\n\ + {cert}\n\ + -----END CERTIFICATE-----\n", + ); ParentStatusIssuingCert { uri: signing.url().clone(), @@ -1080,8 +1088,14 @@ pub struct ParentStatusCert { impl From<&IssuedCert> for ParentStatusCert { fn from(issued: &IssuedCert) -> Self { - let cert = base64::encode(issued.cert().to_captured().as_slice()); - let cert_pem = format!("-----BEGIN CERTIFICATE-----\n{}\n-----END CERTIFICATE-----\n", cert); + let cert = BASE64_ENGINE.encode( + issued.cert().to_captured().as_slice() + ); + let cert_pem = format!( + "-----BEGIN CERTIFICATE-----\n\ + {cert}\n\ + -----END CERTIFICATE-----\n", + ); ParentStatusCert { uri: issued.uri().clone(), cert_pem, diff --git a/src/commons/crypto/signing/signers/pkcs11/signer.rs b/src/commons/crypto/signing/signers/pkcs11/signer.rs index 8310b8668..a03cec9e1 100644 --- a/src/commons/crypto/signing/signers/pkcs11/signer.rs +++ b/src/commons/crypto/signing/signers/pkcs11/signer.rs @@ -1415,10 +1415,7 @@ mod tests { slot = -1234 "#; let err = toml::from_str::(config_str).unwrap_err(); - assert_eq!( - err.to_string(), - "not a valid PKCS#11 slot ID for key `slot` at line 3 column 20" - ) + assert!(err.to_string().contains("not a valid PKCS#11 slot ID")) } #[test] diff --git a/src/commons/crypto/signing/signers/softsigner.rs b/src/commons/crypto/signing/signers/softsigner.rs index 2d78f84c7..30734e354 100644 --- a/src/commons/crypto/signing/signers/softsigner.rs +++ b/src/commons/crypto/signing/signers/softsigner.rs @@ -5,6 +5,8 @@ use std::{ sync::{Arc, RwLock}, }; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; use bytes::Bytes; use openssl::{ hash::MessageDigest, @@ -259,7 +261,7 @@ impl Serialize for OpenSslKeyPair { { let bytes: Vec = self.pkey.as_ref().private_key_to_der().map_err(ser::Error::custom)?; - base64::encode(bytes).serialize(s) + BASE64_ENGINE.encode(bytes).serialize(s) } } @@ -300,11 +302,15 @@ impl OpenSslKeyPair { } fn from_base64(base64: &str) -> Result { - let bytes = base64::decode(base64).map_err(|_| SignerError::other("Cannot parse private key base64"))?; + let bytes = BASE64_ENGINE.decode(base64).map_err(|_| { + SignerError::other("Cannot parse private key base64") + })?; PKey::private_key_from_der(&bytes) .map(|pkey| OpenSslKeyPair { pkey }) - .map_err(|e| SignerError::Other(format!("Invalid private key: {}", e))) + .map_err(|e| { + SignerError::Other(format!("Invalid private key: {}", e)) + }) } } diff --git a/src/commons/util/ext_serde.rs b/src/commons/util/ext_serde.rs index 4281091a1..33d02c5fb 100644 --- a/src/commons/util/ext_serde.rs +++ b/src/commons/util/ext_serde.rs @@ -5,6 +5,8 @@ use std::{ }; use bytes::Bytes; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; use log::LevelFilter; use serde::{de, Deserialize, Deserializer, Serialize, Serializer}; use syslog::Facility; @@ -18,7 +20,7 @@ where D: Deserializer<'de>, { let some = String::deserialize(d)?; - let dec = base64::decode(some).map_err(de::Error::custom)?; + let dec = BASE64_ENGINE.decode(some).map_err(de::Error::custom)?; Ok(Bytes::from(dec)) } @@ -26,7 +28,7 @@ pub fn ser_bytes(b: &Bytes, s: S) -> Result where S: Serializer, { - base64::encode(b).serialize(s) + BASE64_ENGINE.encode(b).serialize(s) } //------------ AsBlocks ------------------------------------------------------ diff --git a/src/daemon/auth/common/session.rs b/src/daemon/auth/common/session.rs index f97fe0c33..3a098df38 100644 --- a/src/daemon/auth/common/session.rs +++ b/src/daemon/auth/common/session.rs @@ -4,6 +4,9 @@ use std::{ time::{Duration, SystemTime, UNIX_EPOCH}, }; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; + use crate::{ commons::{api::Token, error::Error, KrillResult}, daemon::auth::common::crypt::{self, CryptState, NonceState}, @@ -194,7 +197,7 @@ impl LoginSessionCache { let unencrypted_bytes = session_json_str.as_bytes(); let encrypted_bytes = (self.encrypt_fn)(&crypt_state.key, unencrypted_bytes, &crypt_state.nonce)?; - let token = Token::from(base64::encode(encrypted_bytes)); + let token = Token::from(BASE64_ENGINE.encode(encrypted_bytes)); self.cache_session(&token, &session); Ok(token) @@ -208,7 +211,9 @@ impl LoginSessionCache { trace!("Session cache miss, deserializing..."); } - let bytes = base64::decode(token.as_ref().as_bytes()).map_err(|err| { + let bytes = BASE64_ENGINE.decode( + token.as_ref().as_bytes() + ).map_err(|err| { debug!("Invalid bearer token: cannot decode: {}", err); Error::ApiInvalidCredentials("Invalid bearer token".to_string()) })?; diff --git a/src/daemon/auth/providers/config_file/provider.rs b/src/daemon/auth/providers/config_file/provider.rs index 36544ae87..f9d12e988 100644 --- a/src/daemon/auth/providers/config_file/provider.rs +++ b/src/daemon/auth/providers/config_file/provider.rs @@ -1,5 +1,7 @@ use std::{collections::HashMap, sync::Arc}; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; use unicode_normalization::UnicodeNormalization; use crate::{ @@ -85,7 +87,7 @@ impl ConfigFileAuthProvider { fn get_auth(&self, request: &hyper::Request) -> Option { let header = request.headers().get(hyper::http::header::AUTHORIZATION)?; let auth = header.to_str().ok()?.strip_prefix("Basic ")?; - let auth = base64::decode(auth).ok()?; + let auth = BASE64_ENGINE.decode(auth).ok()?; let auth = String::from_utf8(auth).ok()?; let (username, password) = auth.split_once(':')?; @@ -143,7 +145,10 @@ impl ConfigFileAuthProvider { // hash twice with two different salts // legacy hashing strategy to be compatible with lagosta - let params = scrypt::Params::new(PW_HASH_LOG_N, PW_HASH_R, PW_HASH_P).unwrap(); + let params = scrypt::Params::new( + PW_HASH_LOG_N, PW_HASH_R, PW_HASH_P, + scrypt::Params::RECOMMENDED_LEN, + ).unwrap(); let weak_salt = format!("krill-lagosta-{username}"); let weak_salt = weak_salt.nfkc().collect::(); diff --git a/src/daemon/auth/providers/openid_connect/provider.rs b/src/daemon/auth/providers/openid_connect/provider.rs index 464ee375a..71253337d 100644 --- a/src/daemon/auth/providers/openid_connect/provider.rs +++ b/src/daemon/auth/providers/openid_connect/provider.rs @@ -31,6 +31,8 @@ use std::{ use tokio::sync::{RwLock, RwLockReadGuard}; +use base64::engine::Engine as _; +use base64::engine::general_purpose::URL_SAFE_NO_PAD as URL_BASE64_ENGINE; use basic_cookies::Cookie; use hyper::header::{HeaderValue, SET_COOKIE}; use jmespatch as jmespath; @@ -852,7 +854,7 @@ impl OpenIDConnectAuthProvider { fn verify_csrf_token(&self, state: String, csrf_token_hash: String) -> KrillResult<()> { let request_csrf_hash = sha256(state.as_bytes()); - match base64::decode_config(csrf_token_hash, base64::URL_SAFE_NO_PAD) { + match URL_BASE64_ENGINE.decode(&csrf_token_hash) { Ok(cookie_csrf_hash) if request_csrf_hash == cookie_csrf_hash => Ok(()), Ok(cookie_csrf_hash) => Err(Self::internal_error( "OpenID Connect: CSRF token mismatch", @@ -1312,12 +1314,12 @@ impl OpenIDConnectAuthProvider { // in reversed positions. let csrf_token = CsrfToken::new_random(); let csrf_token_hash = sha256(csrf_token.secret().as_bytes()); - let csrf_token_hash_b64_str = base64::encode_config(csrf_token_hash, base64::URL_SAFE_NO_PAD); + let csrf_token_hash_b64_str = URL_BASE64_ENGINE.encode(csrf_token_hash); let mut request = conn.client.authorize_url( AuthenticationFlow::::AuthorizationCode, || csrf_token, - || Nonce::new(base64::encode_config(nonce_hash, base64::URL_SAFE_NO_PAD)), + || Nonce::new(URL_BASE64_ENGINE.encode(nonce_hash)), ); // This unwrap is safe as we check in new() that the OpenID Connect @@ -1502,7 +1504,9 @@ impl OpenIDConnectAuthProvider { // claim is actually the hash of the original nonce, as per // the advice in the OpenID Core 1.0 spec. See: // https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes - let nonce_hash = Nonce::new(base64::encode_config(sha256(nonce.as_bytes()), base64::URL_SAFE_NO_PAD)); + let nonce_hash = Nonce::new( + URL_BASE64_ENGINE.encode(sha256(nonce.as_bytes())) + ); let id_token_claims = self.get_token_id_claims(&token_response, nonce_hash).await?; diff --git a/src/daemon/config.rs b/src/daemon/config.rs index 5049f07ae..23849b921 100644 --- a/src/daemon/config.rs +++ b/src/daemon/config.rs @@ -1433,7 +1433,7 @@ impl Config { } pub fn read_config(file: &str) -> Result { - let mut v = Vec::new(); + let mut v = String::new(); let mut f = File::open(file).map_err(|e| { KrillIoError::new( format!( @@ -1443,10 +1443,10 @@ impl Config { e, ) })?; - f.read_to_end(&mut v) + f.read_to_string(&mut v) .map_err(|e| KrillIoError::new(format!("Could not read config file '{}'", file), e))?; - toml::from_slice(v.as_slice()) + toml::from_str(&v) .map_err(|e| ConfigError::Other(format!("Error parsing config file: {}, error: {}", file, e))) } @@ -1501,12 +1501,11 @@ impl Config { .map(ToString::to_string) }) .unwrap_or_else(|| String::from("krill")); - let pid = unsafe { libc::getpid() }; let formatter = syslog::Formatter3164 { facility, hostname: None, process, - pid, + pid: std::process::id(), }; let logger = syslog::unix(formatter.clone()) .or_else(|_| syslog::tcp(formatter.clone(), ("127.0.0.1", 601))) @@ -1853,8 +1852,8 @@ mod tests { fn should_set_correct_log_levels() { use log::Level as LL; - fn void_logger_from_krill_config(config_bytes: &[u8]) -> Box { - let c: Config = toml::from_slice(config_bytes).unwrap(); + fn void_logger_from_krill_config(config: &str) -> Box { + let c: Config = toml::from_str(config).unwrap(); let void_output = fern::Output::writer(Box::new(io::sink()), ""); let (_, void_logger) = c.fern_logger().chain(void_output).into_log(); void_logger @@ -1894,7 +1893,9 @@ mod tests { // for each important Krill config log level for config_level in &["error", "warn"] { // build a logger for that config - let log = void_logger_from_krill_config(format!(r#"log_level = "{}""#, config_level).as_bytes()); + let log = void_logger_from_krill_config( + &format!(r#"log_level = "{config_level}""#) + ); // for all log levels for log_msg_level in &[LL::Error, LL::Warn, LL::Info, LL::Debug, LL::Trace] { @@ -1926,7 +1927,9 @@ mod tests { // for each Krill config log level we want to test for config_level in &["info", "debug", "trace"] { // build a logger for that config - let log = void_logger_from_krill_config(format!(r#"log_level = "{}""#, config_level).as_bytes()); + let log = void_logger_from_krill_config( + &format!(r#"log_level = "{config_level}""#) + ); // for each level of interest that messages could be logged at for log_msg_level in &[LL::Info, LL::Debug, LL::Trace] { @@ -1971,7 +1974,9 @@ mod tests { // for each Krill config log level we want to test for config_level in &["debug", "trace"] { // build a logger for that config - let log = void_logger_from_krill_config(format!(r#"log_level = "{}""#, config_level).as_bytes()); + let log = void_logger_from_krill_config( + &format!(r#"log_level = "{config_level}""#) + ); // for each level of interest that messages could be logged at for log_msg_level in &[LL::Debug, LL::Trace] { diff --git a/src/daemon/http/auth.rs b/src/daemon/http/auth.rs index 3e274e5b8..5e4704c1e 100644 --- a/src/daemon/http/auth.rs +++ b/src/daemon/http/auth.rs @@ -24,9 +24,16 @@ pub fn url_encode>(s: S) -> Result { fn build_auth_redirect_location(user: LoggedInUser) -> Result { use std::collections::HashMap; - fn b64_encode_attributes_with_mapped_error(a: &HashMap) -> Result { - Ok(base64::encode( - serde_json::to_string(a).map_err(|err| Error::custom(err.to_string()))?, + fn b64_encode_attributes_with_mapped_error( + a: &HashMap + ) -> Result { + use base64::engine::Engine as _; + use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; + + Ok(BASE64_ENGINE.encode( + serde_json::to_string(a).map_err(|err| { + Error::custom(err.to_string()) + })?, )) } diff --git a/src/daemon/http/server.rs b/src/daemon/http/server.rs index 40ee3c1fd..a45982ed0 100644 --- a/src/daemon/http/server.rs +++ b/src/daemon/http/server.rs @@ -13,6 +13,8 @@ use std::{ sync::Arc, }; +use base64::engine::Engine as _; +use base64::engine::general_purpose::STANDARD as BASE64_ENGINE; use bytes::Bytes; use serde::Serialize; @@ -367,7 +369,7 @@ pub fn render_error_redirect(err: Error) -> RoutingResult { err )) })?; - let b64 = base64::encode(json); + let b64 = BASE64_ENGINE.encode(json); let location = format!("/ui/login?error={}", b64); Ok(HttpResponse::found(&location)) } diff --git a/src/daemon/http/tls.rs b/src/daemon/http/tls.rs index 548ff26ba..3c465c368 100644 --- a/src/daemon/http/tls.rs +++ b/src/daemon/http/tls.rs @@ -25,7 +25,7 @@ use std::{ task::{Context, Poll}, }; -use futures::ready; +use futures_util::ready; use tokio::io::{AsyncRead, AsyncWrite}; use tokio_rustls::rustls::{Certificate, KeyLogFile, ServerConfig}; diff --git a/src/daemon/krillserver.rs b/src/daemon/krillserver.rs index 3d96ed8ec..45527bc18 100644 --- a/src/daemon/krillserver.rs +++ b/src/daemon/krillserver.rs @@ -4,7 +4,7 @@ use std::{collections::HashMap, path::PathBuf, str::FromStr, sync::Arc}; use bytes::Bytes; use chrono::Duration; -use futures::future::try_join_all; +use futures_util::future::try_join_all; use rpki::{ ca::{ diff --git a/src/ta/config.rs b/src/ta/config.rs index 9fa50b4ca..36528e80e 100644 --- a/src/ta/config.rs +++ b/src/ta/config.rs @@ -118,20 +118,24 @@ pub struct Config { impl Config { pub fn parse(file_path: &str) -> Result { - let mut v = Vec::new(); + let mut v = String::new(); let mut file = File::open(file_path) .map_err(|e| ConfigError::Other(format!("Could not read config file '{}': {}", file_path, e)))?; - file.read_to_end(&mut v) + file.read_to_string(&mut v) .map_err(|e| ConfigError::Other(format!("Could not read config file '{}': {}", file_path, e)))?; - Self::parse_slice(v.as_slice()) + Self::parse_str(&v) } - fn parse_slice(slice: &[u8]) -> Result { + fn parse_str(s: &str) -> Result { let mut config: Config = - toml::from_slice(slice).map_err(|e| ConfigError::Other(format!("Error parsing config file: {}", e)))?; + toml::from_str(s).map_err(|err| { + ConfigError::Other( + format!("Error parsing config file: {err}") + ) + })?; config.resolve_signers(); // ignore init errors @@ -315,7 +319,7 @@ mod tests { fn initialise_default_signers() { test::test_in_memory(|_storage_uri| { let config_string = include_str!("../../test-resources/ta/ta.conf"); - let config = Config::parse_slice(config_string.as_bytes()).unwrap(); + let config = Config::parse_str(config_string).unwrap(); config.signer().unwrap(); }) }