chore(deps): update rustls and ureq

Signed-off-by: Richard Zak <[email protected]>
enarx · Aug 25, 2023 · 965157f · 965157f
1 parent f4b0ef2
commit 965157f
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 27 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -37,7 +37,7 @@ cap-async-std = { version = "0.26.1", default-features = true, features = ["fs_u
 clap = { version = "4.3.24", default-features = false, features = ["derive", "error-context", "help", "std", "usage", "wrap_help"] }
 confargs = { version = "0.1.3", default-features = false }
 futures = { version = "0.3.28", default-features = false }
-futures-rustls = { version = "0.22.1", default-features = false }
+futures-rustls = { version = "0.24.0", default-features = false }
 headers = { version = "0.3.7", default-features = false }
 http = { version = "0.2.9", default-features = false }
 http-types = { version = "2.12.0", default-features = false }
@@ -49,7 +49,7 @@ once_cell = { version = "1.18.0", default-features = false }
 openidconnect = { version = "2.5.1", default-features = false }
 rand = { version = "0.8.5", default-features = false }
 rsa = { version = "0.8.2", default-features = false }
-rustls = { version = "0.20.8", default-features = false }
+rustls = { version = "0.21.0", default-features = false }
 rustls-pemfile = { version = "1.0.3", default-features = false }
 semver = { version = "1.0.18", default-features = false }
 serde = { version = "1.0.185", default-features = false }
@@ -61,7 +61,7 @@ tower = { version = "0.4.12", default-features = false }
 tower-http = { version = "0.3.5", default-features = false }
 tracing = { version = "0.1.37", default-features = false, features = ["release_max_level_debug"] }
 tracing-subscriber = { version = "0.3.17", default-features = false, features = ["ansi", "env-filter", "std", "tracing-log", "json"] }
-ureq = { version = "2.6.2", default-features = false }
+ureq = { version = "2.7.1", default-features = false }
 url = { version = "2.2.2", default-features = false }
 uuid = { version = "1.4.1", default-features = false, features = ["v4"] }
 walkdir = { version = "2.3.3", default-features = false }

diff --git a/crates/client/src/lib.rs b/crates/client/src/lib.rs
@@ -208,19 +208,17 @@ impl<S: Scope> ClientBuilder<S> {
                 roots
             } else {
                 let mut root_store = RootCertStore::empty();
-                root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(
-                    |ta| {
-                        OwnedTrustAnchor::from_subject_spki_name_constraints(
-                            ta.subject,
-                            ta.spki,
-                            ta.name_constraints,
-                        )
-                    },
-                ));
+                root_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
+                    OwnedTrustAnchor::from_subject_spki_name_constraints(
+                        ta.subject,
+                        ta.spki,
+                        ta.name_constraints,
+                    )
+                }));
                 root_store
             });
         let tls = if let Some((cert, key)) = self.credentials {
-            tls.with_single_cert(cert, key)?
+            tls.with_client_auth_cert(cert, key)?
         } else {
             tls.with_no_client_auth()
         };

diff --git a/crates/server/src/auth/tls.rs b/crates/server/src/auth/tls.rs
@@ -3,6 +3,7 @@
 
 use std::io::BufRead;
 use std::ops::Deref;
+use std::sync::Arc;
 
 use anyhow::{anyhow, bail, Context};
 use rustls::server::AllowAnyAnonymousOrAuthenticatedClient;
@@ -79,7 +80,7 @@ impl Config {
 
         ServerConfig::builder()
             .with_safe_defaults()
-            .with_client_cert_verifier(client_verifier)
+            .with_client_cert_verifier(Arc::new(client_verifier))
             .with_single_cert(certs, key)
             .context("invalid server certificate key")
             .map(Self)

diff --git a/crates/server/src/builder.rs b/crates/server/src/builder.rs
@@ -2,6 +2,7 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 
 use super::{handle, App, Store, TlsConfig};
+use std::ops::Deref;
 
 use anyhow::{anyhow, Context};
 use async_std::fs::File;
@@ -116,7 +117,7 @@ impl<S: AsRef<Path>> Builder<S> {
                     )
                     .into_make_service(),
             ),
-            tls: TlsAcceptor::from(Arc::new(tls.into())),
+            tls: TlsAcceptor::from(Arc::new(tls.deref().clone())),
         })
     }
 }