Merge branch 'tls-update' into 'main'

rustls update See merge request veilid/veilid!228
2023-10-18 19:20:17 +00:00 · 2023-10-18 19:20:17 +00:00 · d87ece1c81
commit d87ece1c81
parent edd2ec20ba ee4ec02547
4 changed files with 79 additions and 71 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -294,9 +294,9 @@ dependencies = [
 [[package]]
 name = "async-executor"
-version = "1.5.4"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2c1da3ae8dabd9c00f453a329dfe1fb28da3c0a72e2478cdcd93171740c20499"
+checksum = "4b0c4a4f319e45986f347ee47fef8bf5e81c9abc3f6f58dc2391439f30df65f0"
 dependencies = [
 "async-lock",
 "async-task",
@ -452,21 +452,19 @@ dependencies = [
 [[package]]
 name = "async-task"
-version = "4.4.1"
+version = "4.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b9441c6b2fe128a7c2bf680a44c34d0df31ce09e5b7e401fcca3faa483dbc921"
+checksum = "b4eb2cdb97421e01129ccb49169d8279ed21e829929144f4a22a6e54ac549ca1"
 [[package]]
 name = "async-tls"
 version = "0.12.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
+source = "git+https://github.com/async-rs/async-tls?rev=c58588a#c58588a276e6180f3ef99f4ec3bf9176c5f0f58c"
 checksum = "cfeefd0ca297cbbb3bd34fd6b228401c2a5177038257afd751bc29f0a2da4795"
 dependencies = [
 "futures-core",
 "futures-io",
 "rustls",
 "rustls-pemfile",
 "webpki",
 "webpki-roots 0.22.6",
 ]
@ -673,9 +671,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 [[package]]
 name = "bitflags"
-version = "2.4.0"
+version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635"
+checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07"
 [[package]]
 name = "blake2"
@ -1461,7 +1459,7 @@ dependencies = [
 "hashbrown 0.14.1",
 "lock_api",
 "once_cell",
- "parking_lot_core 0.9.8",
+ "parking_lot_core 0.9.9",
 ]
 [[package]]
@ -1555,9 +1553,9 @@ checksum = "23d2f3407d9a573d666de4b5bdf10569d73ca9478087346697dcbae6244bfbcd"
 [[package]]
 name = "ed25519"
-version = "2.2.2"
+version = "2.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "60f6d271ca33075c88028be6f04d502853d63a5ece419d269c15315d4fc1cf1d"
+checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53"
 dependencies = [
 "pkcs8",
 "signature",
@ -2363,16 +2361,16 @@ dependencies = [
 [[package]]
 name = "iana-time-zone"
-version = "0.1.57"
+version = "0.1.58"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2fad5b825842d2b38bd206f3e81d6957625fd7f0a361e345c30e01a0ae2dd613"
+checksum = "8326b86b6cff230b97d0d312a6c40a60726df3332e721f72a1b035f451663b20"
 dependencies = [
 "android_system_properties",
 "core-foundation-sys",
 "iana-time-zone-haiku",
 "js-sys",
 "wasm-bindgen",
- "windows 0.48.0",
+ "windows-core",
 ]
 [[package]]
@ -2739,9 +2737,9 @@ checksum = "da2479e8c062e40bf0066ffa0bc823de0a9368974af99c9f6df941d2c231e03f"
 [[package]]
 name = "lock_api"
-version = "0.4.10"
+version = "0.4.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1cc9717a20b1bb222f333e6a92fd32f7d8a18ddc5a3191a11af45dcbf4dcd16"
+checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45"
 dependencies = [
 "autocfg",
 "scopeguard",
@ -3051,7 +3049,7 @@ version = "0.27.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053"
 dependencies = [
- "bitflags 2.4.0",
+ "bitflags 2.4.1",
 "cfg-if 1.0.0",
 "libc",
 ]
@ -3429,9 +3427,9 @@ dependencies = [
 [[package]]
 name = "parking"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e52c774a4c39359c1d1c52e43f73dd91a75a614652c825408eec30c95a9b2067"
+checksum = "bb813b8af86854136c6922af0598d719255ecb2179515e6e7730d468f05c9cae"
 [[package]]
 name = "parking_lot"
@ -3451,7 +3449,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
 dependencies = [
 "lock_api",
- "parking_lot_core 0.9.8",
+ "parking_lot_core 0.9.9",
 ]
 [[package]]
@ -3470,13 +3468,13 @@ dependencies = [
 [[package]]
 name = "parking_lot_core"
-version = "0.9.8"
+version = "0.9.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447"
+checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e"
 dependencies = [
 "cfg-if 1.0.0",
 "libc",
- "redox_syscall 0.3.5",
+ "redox_syscall 0.4.1",
 "smallvec",
 "windows-targets 0.48.5",
 ]
@ -3851,9 +3849,9 @@ dependencies = [
 [[package]]
 name = "redox_syscall"
-version = "0.3.5"
+version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29"
+checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa"
 dependencies = [
 "bitflags 1.3.2",
 ]
@ -3871,13 +3869,13 @@ dependencies = [
 [[package]]
 name = "regex"
-version = "1.10.1"
+version = "1.10.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aaac441002f822bc9705a681810a4dd2963094b9ca0ddc41cb963a4c189189ea"
+checksum = "380b951a9c5e80ddfd6136919eef32310721aa4aacd4889a8d39124b026ab343"
 dependencies = [
 "aho-corasick",
 "memchr",
- "regex-automata 0.4.2",
+ "regex-automata 0.4.3",
 "regex-syntax 0.8.2",
 ]
@ -3892,9 +3890,9 @@ dependencies = [
 [[package]]
 name = "regex-automata"
-version = "0.4.2"
+version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5011c7e263a695dc8ca064cddb722af1be54e517a280b12a5356f98366899e5d"
+checksum = "5f804c7828047e88b2d32e2d7fe5a105da8ee3264f01902f796c8e067dc2483f"
 dependencies = [
 "aho-corasick",
 "memchr",
@ -3940,9 +3938,9 @@ dependencies = [
 [[package]]
 name = "ring"
-version = "0.17.3"
+version = "0.17.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9babe80d5c16becf6594aa32ad2be8fe08498e7ae60b77de8df700e67f191d7e"
+checksum = "fce3045ffa7c981a6ee93f640b538952e155f1ae3a1a02b84547fc7a56b7059a"
 dependencies = [
 "cc",
 "getrandom",
@ -4009,7 +4007,7 @@ version = "0.29.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "549b9d036d571d42e6e85d1c1425e2ac83491075078ca9a15be021c56b1641f2"
 dependencies = [
- "bitflags 2.4.0",
+ "bitflags 2.4.1",
 "fallible-iterator",
 "fallible-streaming-iterator",
 "hashlink",
@ -4068,7 +4066,7 @@ version = "0.38.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "745ecfa778e66b2b63c88a61cb36e0eea109e803b0b86bf9879fbc77c70e86ed"
 dependencies = [
- "bitflags 2.4.0",
+ "bitflags 2.4.1",
 "errno",
 "libc",
 "linux-raw-sys 0.4.10",
@ -4077,14 +4075,14 @@ dependencies = [
 [[package]]
 name = "rustls"
-version = "0.20.9"
+version = "0.21.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b80e3dec595989ea8510028f30c408a4630db12c9cbb8de34203b89d6577e99"
+checksum = "cd8d6c9f025a446bc4d18ad9632e69aec8f287aa84499ee335599fabd20c3fd8"
 dependencies = [
 "log",
 "ring 0.16.20",
 "rustls-webpki",
 "sct",
 "webpki",
 ]
 [[package]]
@ -4096,6 +4094,16 @@ dependencies = [
 "base64 0.21.4",
 ]
 [[package]]
 name = "rustls-webpki"
 version = "0.101.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3c7d5dece342910d9ba34d259310cae3e0154b873b35408b787b59bce53d34fe"
 dependencies = [
 "ring 0.16.20",
 "untrusted 0.7.1",
 ]
 [[package]]
 name = "rustversion"
 version = "1.0.14"
@ -5499,7 +5507,7 @@ dependencies = [
 "webpki-roots 0.25.2",
 "wee_alloc",
 "winapi",
- "windows 0.51.1",
+ "windows",
 "windows-permissions",
 "ws_stream_wasm",
 "x25519-dalek",
@ -5861,7 +5869,7 @@ version = "0.22.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ed63aea5ce73d0ff405984102c42de94fc55a6b75765d621c65262469b3c9b53"
 dependencies = [
- "ring 0.17.3",
+ "ring 0.17.4",
 "untrusted 0.9.0",
 ]
@ -5967,15 +5975,6 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 [[package]]
 name = "windows"
 version = "0.48.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f"
 dependencies = [
 "windows-targets 0.48.5",
 ]
 [[package]]
 name = "windows"
 version = "0.51.1"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -12,6 +12,7 @@ resolver = "2"
 [patch.crates-io]
 cursive = { git = "https://gitlab.com/veilid/cursive.git" }
 cursive_core = { git = "https://gitlab.com/veilid/cursive.git" }
 async-tls = { git = "https://github.com/async-rs/async-tls", rev = "c58588a" }
 # For local development
 # keyvaluedb = { path = "../keyvaluedb/keyvaluedb" }
--- a/veilid-core/Cargo.toml
+++ b/veilid-core/Cargo.toml
@ -172,7 +172,7 @@ igd = { package = "veilid-igd", version = "0.1.1" }
 async-tls = "0.12.0"
 webpki = "0.22.1"
 webpki-roots = "0.25.2"
-rustls = "=0.20.9"
+rustls = "0.21.7"
 rustls-pemfile = "1.0.3"
 socket2 = { version = "0.5.4", features = ["all"] }
--- a/veilid-core/src/network_manager/types/dial_info/mod.rs
+++ b/veilid-core/src/network_manager/types/dial_info/mod.rs
@ -54,11 +54,12 @@ impl fmt::Display for DialInfo {
                    SplitUrlHost::Hostname(_) => {
                        write!(f, "wss|{}|{}", di.socket_address.ip_addr(), di.request)
                    }
-                    SplitUrlHost::IpAddr(_) => {
+                    SplitUrlHost::IpAddr(a) => {
-                        panic!(
+                        if di.socket_address.ip_addr() == a {
-                            "secure websockets can not use ip address in request: {}",
+                            write!(f, "wss|{}", di.request)
-                            di.request
+                        } else {
-                        );
+                            panic!("resolved address does not match url: {}", di.request);
                        }
                    }
                }
            }
@ -119,18 +120,23 @@ impl FromStr for DialInfo {
                }
                let url_port = split_url.port.unwrap_or(443u16);
-                let (a, rest) = rest.split_once('|').ok_or_else(|| {
+                match rest.split_once('|') {
-                    VeilidAPIError::parse_error(
+                    Some((sa, rest)) => {
-                        "DialInfo::from_str missing socket address '|' separator",
+                        let address = Address::from_str(sa)?;
                        s,
                    )
                })?;
-                let address = Address::from_str(a)?;
+                        DialInfo::try_wss(
-                DialInfo::try_wss(
+                            SocketAddress::new(address, url_port),
-                    SocketAddress::new(address, url_port),
+                            format!("wss://{}", rest),
-                    format!("wss://{}", rest),
+                        )
-                )
+                    }
                    None => {
                        let address = Address::from_str(&split_url.host.to_string())?;
                        DialInfo::try_wss(
                            SocketAddress::new(address, url_port),
                            format!("wss://{}", rest),
                        )
                    }
                }
            }
            _ => Err(VeilidAPIError::parse_error(
                "DialInfo::from_str has invalid scheme",
@ -196,11 +202,13 @@ impl DialInfo {
        if url_port != socket_address.port() {
            apibail_parse_error!("socket address port doesn't match url port", url);
        }
-        if !matches!(split_url.host, SplitUrlHost::Hostname(_)) {
+        if let SplitUrlHost::IpAddr(a) = split_url.host {
-            apibail_parse_error!(
+            if socket_address.ip_addr() != a {
-                "WSS url can not use address format, only hostname format",
+                apibail_parse_error!(
-                url
+                    format!("request address does not match socket address: {}", a),
-            );
+                    socket_address
                );
            }
        }
        Ok(Self::WSS(DialInfoWSS {
            socket_address: socket_address.canonical(),