update deps

Author: ssrlive

.github/workflows/check.yml

@@ -1,10 +1,7 @@
 name: Check
 
 on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    branches: [ "master" ]
+  [push, pull_request]
 
 env:
   CARGO_TERM_COLOR: always

Cargo.toml

@@ -35,17 +35,17 @@ serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 socks5-impl = "0.5"
 thiserror = "1.0"
-tokio = { version = "1.34", features = ["full"] }
+tokio = { version = "1.35", features = ["full"] }
 tokio-rustls = "0.24"
-tokio-tungstenite = { version = "0.20", features = ["rustls-tls-webpki-roots"] }
+tokio-tungstenite = { version = "0.21", features = ["rustls-tls-webpki-roots"] }
 trust-dns-proto = "0.23"
-tungstenite = { version = "0.20", features = ["rustls-tls-webpki-roots"] }
-url = "2.4"
+tungstenite = { version = "0.21", features = ["rustls-tls-webpki-roots"] }
+url = "2.5"
 webpki = { package = "rustls-webpki", version = "0.101", features = [
     "alloc",
     "std",
 ] }
-webpki-roots = "0.25"
+webpki-roots = "0.26"
 
 [target.'cfg(target_family="unix")'.dependencies]
 daemonize = "0.5"

src/tls.rs

@@ -1,5 +1,4 @@
-use crate::error::{Error, Result};
-use rustls_pemfile::{certs, rsa_private_keys};
+use crate::error::Result;
 use std::{
     fs::File,
     io::BufReader,
@@ -33,30 +32,28 @@ pub(crate) fn retrieve_root_cert_store_for_client(cafile: &Option<PathBuf>) -> R
         }
     }
     if !done {
-        root_cert_store.add_trust_anchors(
-            webpki_roots::TLS_SERVER_ROOTS
-                .iter()
-                .map(|ta| OwnedTrustAnchor::from_subject_spki_name_constraints(ta.subject, ta.spki, ta.name_constraints)),
-        );
+        root_cert_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
+            let name_constraints = ta.name_constraints.clone().map(|nc| nc.as_ref().to_vec());
+            OwnedTrustAnchor::from_subject_spki_name_constraints(ta.subject.as_ref(), ta.subject_public_key_info.as_ref(), name_constraints)
+        }));
     }
     Ok(root_cert_store)
 }
 
-mod danger {
-    pub struct NoCertificateVerification {}
+#[derive(Debug)]
+pub struct NoCertificateVerification {}
 
-    impl rustls::client::ServerCertVerifier for NoCertificateVerification {
-        fn verify_server_cert(
-            &self,
-            _end_entity: &rustls::Certificate,
-            _intermediates: &[rustls::Certificate],
-            _server_name: &rustls::ServerName,
-            _scts: &mut dyn Iterator<Item = &[u8]>,
-            _ocsp: &[u8],
-            _now: std::time::SystemTime,
-        ) -> Result<rustls::client::ServerCertVerified, rustls::Error> {
-            Ok(rustls::client::ServerCertVerified::assertion())
-        }
+impl rustls::client::ServerCertVerifier for NoCertificateVerification {
+    fn verify_server_cert(
+        &self,
+        _end_entity: &rustls::Certificate,
+        _intermediates: &[rustls::Certificate],
+        _server_name: &rustls::ServerName,
+        _scts: &mut dyn Iterator<Item = &[u8]>,
+        _ocsp: &[u8],
+        _now: std::time::SystemTime,
+    ) -> Result<rustls::client::ServerCertVerified, rustls::Error> {
+        Ok(rustls::client::ServerCertVerified::assertion())
     }
 }
 
@@ -69,9 +66,7 @@ pub(crate) async fn create_tls_client_stream(
         .with_safe_defaults()
         .with_root_certificates(root_cert_store)
         .with_no_client_auth();
-    config
-        .dangerous()
-        .set_certificate_verifier(Arc::new(danger::NoCertificateVerification {}));
+    config.dangerous().set_certificate_verifier(Arc::new(NoCertificateVerification {}));
     let connector = TlsConnector::from(std::sync::Arc::new(config));
 
     let stream = crate::tcp_stream::create(addr).await?;
@@ -84,13 +79,11 @@ pub(crate) async fn create_tls_client_stream(
 }
 
 pub(crate) fn server_load_certs(path: &Path) -> Result<Vec<Certificate>> {
-    certs(&mut BufReader::new(File::open(path)?))
-        .map_err(|e| Error::from(format!("Certificate error: {e}")))
-        .map(|mut certs| certs.drain(..).map(Certificate).collect())
+    let certs = rustls_pemfile::certs(&mut BufReader::new(File::open(path)?))?;
+    Ok(certs.into_iter().map(Certificate).collect())
 }
 
 pub(crate) fn server_load_keys(path: &Path) -> Result<Vec<PrivateKey>> {
-    rsa_private_keys(&mut BufReader::new(File::open(path)?))
-        .map_err(|e| Error::from(format!("PrivateKey error: {e}")))
-        .map(|mut keys| keys.drain(..).map(PrivateKey).collect())
+    let keys = rustls_pemfile::rsa_private_keys(&mut BufReader::new(File::open(path)?))?;
+    Ok(keys.into_iter().map(PrivateKey).collect())
 }