From f287029c8a59a2d9f9413e2aa1dfb195b4c11a96 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Fri, 22 Nov 2024 13:38:14 -0500 Subject: [PATCH 1/5] apply cargo clippy --fix Similar fixes were incrementally landed on main. --- src/panic.rs | 6 +++--- src/rslice.rs | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/panic.rs b/src/panic.rs index 4b8489c9..3f2beaf7 100644 --- a/src/panic.rs +++ b/src/panic.rs @@ -40,7 +40,7 @@ impl Defaultable for rustls_tls_version {} impl Defaultable for Option {} -impl<'a> Defaultable for rustls_slice_bytes<'a> {} +impl Defaultable for rustls_slice_bytes<'_> {} impl PanicOrDefault for T { fn value() -> Self { @@ -66,7 +66,7 @@ impl PanicOrDefault for rustls_result { } } -impl<'a> PanicOrDefault for rustls_str<'a> { +impl PanicOrDefault for rustls_str<'_> { fn value() -> Self { rustls_str::from_str_unchecked("") } @@ -108,7 +108,7 @@ impl NullParameterOrDefault for rustls_io_result { } } -impl<'a> NullParameterOrDefault for rustls_str<'a> { +impl NullParameterOrDefault for rustls_str<'_> { fn value() -> Self { rustls_str::from_str_unchecked("") } diff --git a/src/rslice.rs b/src/rslice.rs index d653cef6..d9c80bca 100644 --- a/src/rslice.rs +++ b/src/rslice.rs @@ -175,7 +175,7 @@ impl<'a> TryFrom<&'a str> for rustls_str<'a> { } } -impl<'a> Default for rustls_str<'a> { +impl Default for rustls_str<'_> { fn default() -> rustls_str<'static> { Self::from_str_unchecked("") } @@ -186,7 +186,7 @@ impl<'a> Default for rustls_str<'a> { /// The string should not have any internal NUL bytes and is not NUL terminated. /// C code should not create rustls_str objects, they should only be created in Rust /// code. -impl<'a> rustls_str<'a> { +impl rustls_str<'_> { pub fn from_str_unchecked(s: &'static str) -> rustls_str<'static> { rustls_str { data: s.as_ptr() as *const _, @@ -226,7 +226,7 @@ impl<'a> rustls_str<'a> { // If the assertion about Rust code being the only creator of rustls_str objects // changes, you must change this Debug impl, since the assertion in it no longer // holds. -impl<'a> fmt::Debug for rustls_str<'a> { +impl fmt::Debug for rustls_str<'_> { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { let raw = unsafe { // Despite the use of "unsafe", we know that this is safe because: From e9480043c533f8e017fb2d9f2a9060f0216ef325 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Fri, 27 Sep 2024 10:31:39 -0400 Subject: [PATCH 2/5] tests: fix clippy::zombie_processes finding MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Nightly clippy's `clippy::zombie_processes` lint flagged the following: ``` error: spawned process is never `wait()`ed on --> tests/client_server.rs:285:26 | 285 | let mut server = self.server_opts.run_server(); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = note: consider calling `.wait()` = note: not doing so might leave behind zombie processes = note: see https://doc.rust-lang.org/stable/std/process/struct.Child.html#warning = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#zombie_processes ``` While we _do_ call `kill()` on the process, we weren't `wait()`ing it. The `Process::Child` docs have a warning: On some systems, calling wait or similar is necessary for the OS to release resources. A process that terminated but has not been waited on is still around as a “zombie”. Leaving too many zombies around may exhaust global resources (for example process IDs). So it seems it may not be sufficient on all systems to `kill()` without `wait()`. Let's add a `wait()` just to be sure. Nobody likes zombies. --- tests/client_server.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/client_server.rs b/tests/client_server.rs index d0820c2a..af7935eb 100644 --- a/tests/client_server.rs +++ b/tests/client_server.rs @@ -257,6 +257,7 @@ impl TestCase { }); server.kill().expect("failed to kill server"); + server.wait().expect("failed to wait on server"); result } } From ef6126c1627c593d21f31e33bc0add0333526fc0 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Mon, 18 Nov 2024 09:10:36 -0500 Subject: [PATCH 3/5] crypto_provider: fix clippy::question_mark finding ``` error: this `match` expression can be replaced with `?` --> src/crypto_provider.rs:466:20 | 466 | let provider = match provider_from_crate_features() { | ____________________^ 467 | | Some(provider) => provider, 468 | | None => return None, 469 | | }; | |_____^ help: try instead: `provider_from_crate_features()?` ``` --- src/crypto_provider.rs | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/crypto_provider.rs b/src/crypto_provider.rs index fc999867..9a9e3895 100644 --- a/src/crypto_provider.rs +++ b/src/crypto_provider.rs @@ -461,14 +461,9 @@ pub(crate) fn get_default_or_install_from_crate_features() -> Option provider, - None => return None, - }; - // Ignore the error resulting from us losing a race to install the default, // and accept the outcome. - let _ = provider.install_default(); + let _ = provider_from_crate_features()?.install_default(); // Safety: we can unwrap safely here knowing we've just set the default, or // lost a race to something else setting the default. From 1bd305c181483f73c28a125b5a8ff0ada378c910 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Fri, 22 Nov 2024 13:41:59 -0500 Subject: [PATCH 4/5] update MSRV 1.64 -> 1.71 This matches upstream rustls. --- .github/workflows/test.yaml | 2 +- Cargo.toml | 2 +- README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 46edb178..5c83aeec 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -25,7 +25,7 @@ jobs: - nightly # MSRV - keep in sync with what rustls and rustls-platform-verifier # consider MSRV - - 1.64.0 + - 1.71.0 os: [ ubuntu-latest ] # but only stable, clang, and aws-lc-rs on macos (slower platform) include: diff --git a/Cargo.toml b/Cargo.toml index 6d574aab..5329bd3d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,7 +9,7 @@ repository = "https://github.com/rustls/rustls-ffi" categories = ["network-programming", "cryptography"] edition = "2021" links = "rustls_ffi" -rust-version = "1.64" +rust-version = "1.71" [features] default = ["aws-lc-rs"] diff --git a/README.md b/README.md index c96dce3f..4bd51ea7 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ to provide the cryptographic primitives. # Build -You'll need to [install the Rust toolchain](https://rustup.rs/) (version 1.64 +You'll need to [install the Rust toolchain](https://rustup.rs/) (version 1.71 or above) and a C compiler (`gcc` and `clang` should both work). ## Cryptography provider From 253925a83390b79935af56b41fd54a94fce51efa Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Fri, 22 Nov 2024 13:42:58 -0500 Subject: [PATCH 5/5] rustls-ffi 0.14.1 with rustls 0.23.18 Notably this brings in a fix for an availability issue for **servers** using the `rustls_acceptor` type and associated APIs. See the upstream 0.23.18 release notes for more information. --- CHANGELOG.md | 11 +++++++++++ Cargo.lock | 10 +++++----- Cargo.toml | 4 ++-- build.rs | 2 +- 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 77c76512..05a23184 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## 0.14.1 (2024-11-22) + +This release updates to [Rustls 0.23.18][] and increases the project MSRV from +1.64 to 1.71, matching the upstream Rustls MSRV. + +Notably this brings in a fix for an availability issue for **servers** using +the `rustls_acceptor` type and associated APIs. See the upstream 0.23.18 +release notes for more information. + +[Rustls 0.23.18]: https://github.com/rustls/rustls/releases/tag/v%2F0.23.18 + ## 0.14.0 (2024-09-12) This release updates to [Rustls 0.23.13][] and changes the rustls-ffi API to allow diff --git a/Cargo.lock b/Cargo.lock index 9c7d63d6..1824e5d4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -493,9 +493,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.13" +version = "0.23.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2dabaac7466917e566adb06783a81ca48944c6898a1b08b9374106dd671f4c8" +checksum = "9c9cc1d47e243d655ace55ed38201c19ae02c148ae56412ab8750e8f0166ab7f" dependencies = [ "aws-lc-rs", "once_cell", @@ -509,7 +509,7 @@ dependencies = [ [[package]] name = "rustls-ffi" -version = "0.14.0" +version = "0.14.1" dependencies = [ "libc", "log", @@ -547,9 +547,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.7.0" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d" +checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b" [[package]] name = "rustls-platform-verifier" diff --git a/Cargo.toml b/Cargo.toml index 5329bd3d..310cf276 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rustls-ffi" -version = "0.14.0" +version = "0.14.1" license = "Apache-2.0 OR ISC OR MIT" readme = "README-crates.io.md" description = "Rustls bindings for non-Rust languages" @@ -26,7 +26,7 @@ aws-lc-rs = ["rustls/aws-lc-rs", "webpki/aws_lc_rs"] [dependencies] # Keep in sync with RUSTLS_CRATE_VERSION in build.rs -rustls = { version = "0.23.13", default-features = false, features = ["std", "tls12"] } +rustls = { version = "0.23.18", default-features = false, features = ["std", "tls12"] } pki-types = { package = "rustls-pki-types", version = "1", features = ["std"] } webpki = { package = "rustls-webpki", version = "0.102.0", default-features = false, features = ["std"] } libc = "0.2" diff --git a/build.rs b/build.rs index 7871c2d2..4e408180 100644 --- a/build.rs +++ b/build.rs @@ -8,7 +8,7 @@ use std::{env, fs, path::PathBuf}; // because doing so would require a heavy-weight deserialization lib dependency // (and it couldn't be a _dev_ dep for use in a build script) or doing brittle // by-hand parsing. -const RUSTLS_CRATE_VERSION: &str = "0.23.13"; +const RUSTLS_CRATE_VERSION: &str = "0.23.18"; fn main() { let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap());