diff options
| author | Matt Mastracci <matthew@mastracci.com> | 2024-01-16 13:51:54 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-16 21:51:54 +0100 |
| commit | 971eb0e5e836cdeaaefc25b2bab4c6a6a9f8e213 (patch) | |
| tree | b5b7abe6e08331d10c9855aff43069f357a85015 | |
| parent | ae0e7df41a15d584703f956f0e2dc91dab4aec38 (diff) | |
chore: bump rustls-tokio-stream and rustls (#21955)
| -rw-r--r-- | Cargo.lock | 4 | ||||
| -rw-r--r-- | Cargo.toml | 4 | ||||
| -rw-r--r-- | cli/tests/integration/cert_tests.rs | 15 | ||||
| -rw-r--r-- | ext/net/ops_tls.rs | 7 | ||||
| -rw-r--r-- | ext/websocket/lib.rs | 11 |
5 files changed, 25 insertions, 16 deletions
diff --git a/Cargo.lock b/Cargo.lock index 85ba214b9..5acc29dda 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4999,9 +4999,9 @@ dependencies = [ [[package]] name = "rustls-tokio-stream" -version = "0.2.17" +version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ded7a36e8ac05b8ada77a84c5ceec95361942ee9dedb60a82f93f788a791aae8" +checksum = "c9f0b619386efa23ba0955910896567698dc802cab625ea97a69e7340f986e6f" dependencies = [ "futures", "rustls", diff --git a/Cargo.toml b/Cargo.toml index 36345b656..0a5f6dcfc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -134,9 +134,9 @@ lazy-regex = "3" reqwest = { version = "=0.11.20", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json"] } # pinned because of https://github.com/seanmonstar/reqwest/pull/1955 ring = "^0.17.0" rusqlite = { version = "=0.29.0", features = ["unlock_notify", "bundled"] } -rustls = "0.21.8" +rustls = "0.21.10" rustls-pemfile = "1.0.0" -rustls-tokio-stream = "=0.2.17" +rustls-tokio-stream = "=0.2.20" rustls-webpki = "0.101.4" rustyline = "=13.0.0" webpki-roots = "0.25.2" diff --git a/cli/tests/integration/cert_tests.rs b/cli/tests/integration/cert_tests.rs index 484d053f8..6612a2fef 100644 --- a/cli/tests/integration/cert_tests.rs +++ b/cli/tests/integration/cert_tests.rs @@ -2,6 +2,7 @@ use deno_runtime::deno_net::ops_tls::TlsStream; use deno_runtime::deno_tls::rustls; +use deno_runtime::deno_tls::rustls::ClientConnection; use deno_runtime::deno_tls::rustls_pemfile; use lsp_types::Url; use std::io::BufReader; @@ -240,8 +241,11 @@ async fn listen_tls_alpn() { let tcp_stream = tokio::net::TcpStream::connect("localhost:4504") .await .unwrap(); - let mut tls_stream = - TlsStream::new_client_side(tcp_stream, cfg, hostname, None); + let mut tls_stream = TlsStream::new_client_side( + tcp_stream, + ClientConnection::new(cfg, hostname).unwrap(), + None, + ); let handshake = tls_stream.handshake().await.unwrap(); @@ -289,8 +293,11 @@ async fn listen_tls_alpn_fail() { let tcp_stream = tokio::net::TcpStream::connect("localhost:4505") .await .unwrap(); - let mut tls_stream = - TlsStream::new_client_side(tcp_stream, cfg, hostname, None); + let mut tls_stream = TlsStream::new_client_side( + tcp_stream, + ClientConnection::new(cfg, hostname).unwrap(), + None, + ); tls_stream.handshake().await.unwrap_err(); diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs index d16bface4..255c6ddbd 100644 --- a/ext/net/ops_tls.rs +++ b/ext/net/ops_tls.rs @@ -27,6 +27,7 @@ use deno_tls::create_client_config; use deno_tls::load_certs; use deno_tls::load_private_keys; use deno_tls::rustls::Certificate; +use deno_tls::rustls::ClientConnection; use deno_tls::rustls::PrivateKey; use deno_tls::rustls::ServerConfig; use deno_tls::rustls::ServerName; @@ -230,8 +231,7 @@ where let tls_config = Arc::new(tls_config); let tls_stream = TlsStream::new_client_side( tcp_stream, - tls_config, - hostname_dns, + ClientConnection::new(tls_config, hostname_dns).unwrap(), TLS_BUFFER_SIZE, ); @@ -327,8 +327,7 @@ where let tls_stream = TlsStream::new_client_side( tcp_stream, - tls_config, - hostname_dns, + ClientConnection::new(tls_config, hostname_dns).unwrap(), TLS_BUFFER_SIZE, ); diff --git a/ext/websocket/lib.rs b/ext/websocket/lib.rs index 4b544b4f8..60b0911b1 100644 --- a/ext/websocket/lib.rs +++ b/ext/websocket/lib.rs @@ -23,6 +23,7 @@ use deno_core::ToJsBuffer; use deno_net::raw::NetworkStream; use deno_tls::create_client_config; use deno_tls::rustls::ClientConfig; +use deno_tls::rustls::ClientConnection; use deno_tls::RootCertStoreProvider; use deno_tls::SocketUse; use http::header::CONNECTION; @@ -236,8 +237,7 @@ async fn handshake_http1_wss( ServerName::try_from(domain).map_err(|_| invalid_hostname(domain))?; let mut tls_connector = TlsStream::new_client_side( tcp_socket, - tls_config.into(), - dnsname, + ClientConnection::new(tls_config.into(), dnsname).unwrap(), NonZeroUsize::new(65536), ); // If we can bail on an http/1.1 ALPN mismatch here, we can avoid doing extra work @@ -261,8 +261,11 @@ async fn handshake_http2_wss( let dnsname = ServerName::try_from(domain).map_err(|_| invalid_hostname(domain))?; // We need to better expose the underlying errors here - let mut tls_connector = - TlsStream::new_client_side(tcp_socket, tls_config.into(), dnsname, None); + let mut tls_connector = TlsStream::new_client_side( + tcp_socket, + ClientConnection::new(tls_config.into(), dnsname).unwrap(), + None, + ); let handshake = tls_connector.handshake().await?; if handshake.alpn.is_none() { bail!("Didn't receive h2 alpn, aborting connection"); |