Skip to content

Upgraded rustls ecosystem to rustls 0.22 #1312

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 21, 2024
Merged

Upgraded rustls ecosystem to rustls 0.22 #1312

merged 1 commit into from
Feb 21, 2024

Conversation

davidv1992
Copy link
Member

No description provided.

@codecov Codecov
Copy link

codecov bot commented Jan 19, 2024
edited
Loading

Codecov Report

Attention: 37 lines in your changes are missing coverage. Please review.

Comparison is base (46df8de) 83.06% compared to head (565d21c) 83.08%.
Report is 7 commits behind head on main.

❗ Current head 565d21c differs from pull request most recent head 3dcbeff. Consider uploading reports for the commit 3dcbeff to get more accurate results

Files Patch % Lines
nts-pool-ke/src/lib.rs 0.00% 27 Missing ⚠️
ntp-proto/src/tls_utils.rs 70.00% 9 Missing ⚠️
ntpd/src/daemon/keyexchange.rs 98.48% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1312      +/-   ##
==========================================
+ Coverage   83.06%   83.08%   +0.01%     
==========================================
  Files          61       61              
  Lines       18123    18103      -20     
==========================================
- Hits        15053    15040      -13     
+ Misses       3070     3063       -7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

paolobarbolini
paolobarbolini reviewed Jan 20, 2024
View reviewed changes
Copy link

@paolobarbolini paolobarbolini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋. As I was checking out the project I stumbled on this PR and found a rustls-pemfile v2 abstraction you could use to avoid having to match on the certificate type.

nts-pool-ke/src/lib.rs Outdated
@@ -572,14 +568,14 @@ async fn supported_algorithms_request(

fn private_key_from_bufread(
mut reader: impl BufRead,
) -> std::io::Result<Option<rustls::PrivateKey>> {
) -> std::io::Result<Option<rustls::pki_types::PrivateKeyDer<'static>>> {
use rustls_pemfile::Item;

loop {
match rustls_pemfile::read_one(&mut reader)? {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should be possible to replace this manual match implementation with rustls_pemfile::private_key

ntpd/src/daemon/keyexchange.rs Outdated
Comment on lines 550 to 557
loop {
match rustls_pemfile::read_one(&mut reader)? {
Some(Item::RSAKey(key)) => return Ok(Some(rustls::PrivateKey(key))),
Some(Item::PKCS8Key(key)) => return Ok(Some(rustls::PrivateKey(key))),
Some(Item::ECKey(key)) => return Ok(Some(rustls::PrivateKey(key))),
Some(Item::Pkcs1Key(key)) => return Ok(Some(key.into())),
Some(Item::Pkcs8Key(key)) => return Ok(Some(key.into())),
Some(Item::Sec1Key(key)) => return Ok(Some(key.into())),
None => break,
_ => {}
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here

@davidv1992
Copy link
Member Author

Thank you for the suggestion, I have incorporated it in the current version.

@davidv1992
Copy link
Member Author

@plugwash in what time frame would this upgrade work for debian packaging, given the fact that the new rustls version isn't backwards compatible?

@davidv1992
Copy link
Member Author

@sylvestre @plugwash Should we wait with merging this for a while or is this upgrade not going to be a problem within debian?

@plugwash
Copy link

Don't worry too much about us, we can always revert stuff until we are ready.

@davidv1992 davidv1992 marked this pull request as ready for review February 15, 2024 07:26
@rnijveld rnijveld added this pull request to the merge queue Feb 21, 2024
Merged via the queue into main with commit 98747f2 Feb 21, 2024
@rnijveld rnijveld deleted the upgrade-rustls branch February 21, 2024 08:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paolobarbolini paolobarbolini paolobarbolini left review comments

@rnijveld rnijveld rnijveld approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@davidv1992 @plugwash @rnijveld @paolobarbolini