clippy

.github/workflows/rust.yml

@@ -20,5 +20,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - run: rustup update ${{ matrix.toolchain }} && rustup default ${{ matrix.toolchain }}
+      - run: rustup component add clippy
       - run: cargo build --verbose --no-default-features --features ${{ matrix.crypto }},${{ matrix.tokio }}
       - run: cargo test --verbose --no-default-features --features ${{ matrix.crypto }},${{ matrix.tokio }}
+      - run: cargo clippy --tests --no-default-features --features ${{ matrix.crypto }},${{ matrix.tokio }}

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rustls-acme"
-version = "0.11.1"
+version = "0.12.0"
 authors = ["Florian Uekermann <florian@uekermann.me>"]
 edition = "2018"
 description = "TLS certificate management and serving using rustls"

src/acme.rs

@@ -27,7 +27,7 @@ pub struct Account {
     pub kid: String,
 }
 
-static ALG: &'static EcdsaSigningAlgorithm = &ECDSA_P256_SHA256_FIXED_SIGNING;
+static ALG: &EcdsaSigningAlgorithm = &ECDSA_P256_SHA256_FIXED_SIGNING;
 
 impl Account {
     pub fn generate_key_pair() -> Vec<u8> {
@@ -41,7 +41,7 @@ impl Account {
         I: IntoIterator<Item = &'a S>,
     {
         let key_pair = Self::generate_key_pair();
-        Ok(Self::create_with_keypair(client_config, directory, contact, &key_pair).await?)
+        Self::create_with_keypair(client_config, directory, contact, &key_pair).await
     }
     pub async fn create_with_keypair<'a, S, I>(
         client_config: &Arc<ClientConfig>,
@@ -86,7 +86,7 @@ impl Account {
         Ok((location, body))
     }
     pub async fn new_order(&self, client_config: &Arc<ClientConfig>, domains: Vec<String>) -> Result<(String, Order), AcmeError> {
-        let domains: Vec<Identifier> = domains.into_iter().map(|d| Identifier::Dns(d)).collect();
+        let domains: Vec<Identifier> = domains.into_iter().map(Identifier::Dns).collect();
         let payload = format!("{{\"identifiers\":{}}}", serde_json::to_string(&domains)?);
         let response = self.request(client_config, &self.directory.new_order, &payload).await?;
         let url = response.0.ok_or(AcmeError::MissingHeader("Location"))?;
@@ -114,14 +114,14 @@ impl Account {
     pub async fn certificate(&self, client_config: &Arc<ClientConfig>, url: impl AsRef<str>) -> Result<String, AcmeError> {
         Ok(self.request(client_config, &url, "").await?.1)
     }
-    pub fn tls_alpn_01<'a>(&self, challenges: &'a Vec<Challenge>, domain: String) -> Result<(&'a Challenge, CertifiedKey), AcmeError> {
-        let challenge = challenges.iter().filter(|c| c.typ == ChallengeType::TlsAlpn01).next();
+    pub fn tls_alpn_01<'a>(&self, challenges: &'a [Challenge], domain: String) -> Result<(&'a Challenge, CertifiedKey), AcmeError> {
+        let challenge = challenges.iter().find(|c| c.typ == ChallengeType::TlsAlpn01);
         let challenge = match challenge {
             Some(challenge) => challenge,
             None => return Err(AcmeError::NoTlsAlpn01Challenge),
         };
         let mut params = rcgen::CertificateParams::new(vec![domain])?;
-        let key_auth = key_authorization_sha256(&self.key_pair, &*challenge.token)?;
+        let key_auth = key_authorization_sha256(&self.key_pair, &challenge.token)?;
         params.custom_extensions = vec![CustomExtension::new_acme_identifier(key_auth.as_ref())];
         let key_pair = KeyPair::generate_for(&PKCS_ECDSA_P256_SHA256)?;
         let cert = params.self_signed(&key_pair)?;

src/caches/dir.rs

@@ -20,7 +20,7 @@ impl<P: AsRef<Path> + Send + Sync> DirCache<P> {
             Ok(content) => Ok(Some(content)),
             Err(err) => match err.kind() {
                 ErrorKind::NotFound => Ok(None),
-                _ => Err(err.into()),
+                _ => Err(err),
             },
         }
     }
@@ -57,11 +57,11 @@ impl<P: AsRef<Path> + Send + Sync> DirCache<P> {
 impl<P: AsRef<Path> + Send + Sync> CertCache for DirCache<P> {
     type EC = std::io::Error;
     async fn load_cert(&self, domains: &[String], directory_url: &str) -> Result<Option<Vec<u8>>, Self::EC> {
-        let file_name = Self::cached_cert_file_name(&domains, directory_url);
+        let file_name = Self::cached_cert_file_name(domains, directory_url);
         self.read_if_exist(file_name).await
     }
     async fn store_cert(&self, domains: &[String], directory_url: &str, cert: &[u8]) -> Result<(), Self::EC> {
-        let file_name = Self::cached_cert_file_name(&domains, directory_url);
+        let file_name = Self::cached_cert_file_name(domains, directory_url);
         self.write(file_name, cert).await
     }
 }
@@ -70,12 +70,12 @@ impl<P: AsRef<Path> + Send + Sync> CertCache for DirCache<P> {
 impl<P: AsRef<Path> + Send + Sync> AccountCache for DirCache<P> {
     type EA = std::io::Error;
     async fn load_account(&self, contact: &[String], directory_url: &str) -> Result<Option<Vec<u8>>, Self::EA> {
-        let file_name = Self::cached_account_file_name(&contact, directory_url);
+        let file_name = Self::cached_account_file_name(contact, directory_url);
         self.read_if_exist(file_name).await
     }
 
     async fn store_account(&self, contact: &[String], directory_url: &str, account: &[u8]) -> Result<(), Self::EA> {
-        let file_name = Self::cached_account_file_name(&contact, directory_url);
+        let file_name = Self::cached_account_file_name(contact, directory_url);
         self.write(file_name, account).await
     }
 }

src/caches/no.rs

@@ -10,16 +10,16 @@ use std::sync::atomic::AtomicPtr;
 /// # use rustls_acme::caches::NoCache;
 /// # type EC = std::io::Error;
 /// # type EA = EC;
-/// let no_cache = NoCache::<EC, EA>::new();
+/// let no_cache = NoCache::<EC, EA>::default();
 /// ```
 #[derive(Copy, Clone)]
 pub struct NoCache<EC: Debug = Infallible, EA: Debug = Infallible> {
     _cert_error: PhantomData<AtomicPtr<Box<EC>>>,
     _account_error: PhantomData<AtomicPtr<Box<EA>>>,
 }
 
-impl<EC: Debug, EA: Debug> NoCache<EC, EA> {
-    pub fn new() -> Self {
+impl<EC: Debug, EA: Debug> Default for NoCache<EC, EA> {
+    fn default() -> Self {
         Self {
             _cert_error: Default::default(),
             _account_error: Default::default(),

src/caches/test.rs

@@ -14,7 +14,7 @@ use std::sync::Arc;
 /// let mut config = AcmeConfig::new(["example.com"])
 ///     .cache(DirCache::new("./cache"));
 /// if test_environment {
-///     config = config.cache(TestCache::new());
+///     config = config.cache(TestCache::default());
 /// }
 /// ```
 #[derive(Clone)]
@@ -26,8 +26,8 @@ pub struct TestCache<EC: Debug = std::io::Error, EA: Debug = std::io::Error> {
     _account_error: PhantomData<AtomicPtr<Box<EA>>>,
 }
 
-impl<EC: Debug, EA: Debug> TestCache<EC, EA> {
-    pub fn new() -> Self {
+impl<EC: Debug, EA: Debug> Default for TestCache<EC, EA> {
+    fn default() -> Self {
         let mut params = CertificateParams::default();
         let mut distinguished_name = DistinguishedName::new();
         distinguished_name.push(DnType::CountryName, "US");
@@ -49,6 +49,9 @@ impl<EC: Debug, EA: Debug> TestCache<EC, EA> {
             _account_error: Default::default(),
         }
     }
+}
+
+impl<EC: Debug, EA: Debug> TestCache<EC, EA> {
     pub fn ca_pem(&self) -> &str {
         &self.ca_pem
     }

src/config.rs

@@ -47,7 +47,7 @@ impl AcmeConfig<Infallible, Infallible> {
     /// use rustls_acme::caches::NoCache;
     /// # type EC = std::io::Error;
     /// # type EA = EC;
-    /// let config: AcmeConfig<EC, EA> = AcmeConfig::new(["example.com"]).cache(NoCache::new());
+    /// let config: AcmeConfig<EC, EA> = AcmeConfig::new(["example.com"]).cache(NoCache::default());
     /// ```
     #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     pub fn new(domains: impl IntoIterator<Item = impl AsRef<str>>) -> Self {
@@ -60,9 +60,9 @@ impl AcmeConfig<Infallible, Infallible> {
         root_store.extend(TLS_SERVER_ROOTS.iter().map(|ta| {
             let ta = ta.to_owned();
             TrustAnchor {
-                subject: ta.subject.into(),
-                subject_public_key_info: ta.subject_public_key_info.into(),
-                name_constraints: ta.name_constraints.map(Into::into),
+                subject: ta.subject,
+                subject_public_key_info: ta.subject_public_key_info,
+                name_constraints: ta.name_constraints,
             }
         }));
         let client_config = Arc::new(
@@ -77,7 +77,7 @@ impl AcmeConfig<Infallible, Infallible> {
             directory_url: LETS_ENCRYPT_STAGING_DIRECTORY.into(),
             domains: domains.into_iter().map(|s| s.as_ref().into()).collect(),
             contact: vec![],
-            cache: Box::new(NoCache::new()),
+            cache: Box::new(NoCache::default()),
         }
     }
 }
@@ -143,7 +143,7 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeConfig<EC, EA> {
     pub fn cache_option<C: 'static + Cache>(self, cache: Option<C>) -> AcmeConfig<C::EC, C::EA> {
         match cache {
             Some(cache) => self.cache(cache),
-            None => self.cache(NoCache::<C::EC, C::EA>::new()),
+            None => self.cache(NoCache::<C::EC, C::EA>::default()),
         }
     }
     pub fn state(self) -> AcmeState<EC, EA> {

src/lib.rs

@@ -105,7 +105,7 @@
 //!
 //! Thanks to [Josh Triplett](https://github.com/joshtriplett) for contributions and feedback.
 
-#![cfg_attr(doc_auto_cfg, feature(doc_auto_cfg))]
+#![cfg_attr(docsrs, feature(doc_cfg, doc_auto_cfg))]
 
 mod acceptor;
 pub mod acme;
@@ -147,9 +147,9 @@ pub(crate) fn any_ecdsa_type(
     der: &futures_rustls::pki_types::PrivateKeyDer,
 ) -> Result<std::sync::Arc<dyn futures_rustls::rustls::sign::SigningKey>, futures_rustls::rustls::Error> {
     #[cfg(all(feature = "ring", not(feature = "aws-lc-rs")))]
-    return futures_rustls::rustls::crypto::ring::sign::any_ecdsa_type(&der);
+    return futures_rustls::rustls::crypto::ring::sign::any_ecdsa_type(der);
     #[cfg(feature = "aws-lc-rs")]
-    return futures_rustls::rustls::crypto::aws_lc_rs::sign::any_ecdsa_type(&der);
+    return futures_rustls::rustls::crypto::aws_lc_rs::sign::any_ecdsa_type(der);
 }
 
 #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]

src/state.rs

@@ -22,6 +22,7 @@ use std::time::Duration;
 use thiserror::Error;
 use x509_parser::parse_x509_certificate;
 
+#[allow(clippy::type_complexity)]
 pub struct AcmeState<EC: Debug = Infallible, EA: Debug = EC> {
     config: Arc<AcmeConfig<EC, EA>>,
     resolver: Arc<ResolvesServerCertAcme>,
@@ -152,7 +153,7 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeState<EC, EA> {
             .with_no_client_auth()
             .with_cert_resolver(self.resolver());
         rustls_config.alpn_protocols.push(ACME_TLS_ALPN_NAME.to_vec());
-        return Arc::new(rustls_config);
+        Arc::new(rustls_config)
     }
     /// Creates a default [rustls::ServerConfig] for accepting regular tls connections. Use this if [crate::is_tls_alpn_challenge] returns `false`.
     /// If you need a [rustls::ServerConfig], which uses the certificates acquired by this [AcmeState],
@@ -168,7 +169,7 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeState<EC, EA> {
             .unwrap()
             .with_no_client_auth()
             .with_cert_resolver(self.resolver());
-        return Arc::new(rustls_config);
+        Arc::new(rustls_config)
     }
     pub fn new(config: AcmeConfig<EC, EA>) -> Self {
         let config = Arc::new(config);
@@ -191,7 +192,7 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeState<EC, EA> {
         }
     }
     fn parse_cert(pem: &[u8]) -> Result<(CertifiedKey, [DateTime<Utc>; 2]), CertParseError> {
-        let mut pems = pem::parse_many(&pem)?;
+        let mut pems = pem::parse_many(pem)?;
         if pems.len() < 2 {
             return Err(CertParseError::TooFewPem(pems.len()));
         }
@@ -210,6 +211,8 @@ impl<EC: 'static + Debug, EA: 'static + Debug> AcmeState<EC, EA> {
         let cert = CertifiedKey::new(cert_chain, pk);
         Ok((cert, validity))
     }
+
+    #[allow(clippy::result_large_err)]
     fn process_cert(&mut self, pem: Vec<u8>, cached: bool) -> Event<EC, EA> {
         let (cert, validity) = match (Self::parse_cert(&pem), cached) {
             (Ok(r), _) => r,