diff --git a/Cargo.lock b/Cargo.lock index 97a83cc5d..793face2a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2524,7 +2524,7 @@ checksum = "55ac459de2512911e4b674ce33cf20befaba382d05b62b008afc1c8b57cbf181" dependencies = [ "futures-core", "futures-sink", - "spin 0.9.8", + "spin", ] [[package]] @@ -6392,7 +6392,7 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls-pemfile 2.1.1", + "rustls-pemfile 2.1.2", "serde 1.0.197", "serde_json", "serde_urlencoded", @@ -6421,21 +6421,6 @@ dependencies = [ "subtle", ] -[[package]] -name = "ring" -version = "0.16.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" -dependencies = [ - "cc", - "libc", - "once_cell", - "spin 0.5.2", - "untrusted 0.7.1", - "web-sys", - "winapi", -] - [[package]] name = "ring" version = "0.17.8" @@ -6446,8 +6431,8 @@ dependencies = [ "cfg-if", "getrandom 0.2.12", "libc", - "spin 0.9.8", - "untrusted 0.9.0", + "spin", + "untrusted", "windows-sys 0.52.0", ] @@ -6499,7 +6484,7 @@ dependencies = [ "futures-util", "log", "rustls-native-certs", - "rustls-pemfile 2.1.1", + "rustls-pemfile 2.1.2", "rustls-webpki 0.102.2", "thiserror", "tokio", @@ -6623,18 +6608,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "rustls" -version = "0.20.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b80e3dec595989ea8510028f30c408a4630db12c9cbb8de34203b89d6577e99" -dependencies = [ - "log", - "ring 0.16.20", - "sct", - "webpki", -] - [[package]] name = "rustls" version = "0.21.10" @@ -6642,7 +6615,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" dependencies = [ "log", - "ring 0.17.8", + "ring", "rustls-webpki 0.101.7", "sct", ] @@ -6654,7 +6627,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "99008d7ad0bbbea527ec27bddbc0e432c5b87d8175178cee68d2eec9c4a1813c" dependencies = [ "log", - "ring 0.17.8", + "ring", "rustls-pki-types", "rustls-webpki 0.102.2", "subtle", @@ -6668,21 +6641,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f1fb85efa936c42c6d5fc28d2629bb51e4b2f4b8a5211e297d599cc5a093792" dependencies = [ "openssl-probe", - "rustls-pemfile 2.1.1", + "rustls-pemfile 2.1.2", "rustls-pki-types", "schannel", "security-framework", ] -[[package]] -name = "rustls-pemfile" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ee86d63972a7c661d1536fefe8c3c8407321c3df668891286de28abcd087360" -dependencies = [ - "base64 0.13.1", -] - [[package]] name = "rustls-pemfile" version = "1.0.4" @@ -6694,19 +6658,19 @@ dependencies = [ [[package]] name = "rustls-pemfile" -version = "2.1.1" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f48172685e6ff52a556baa527774f61fcaa884f59daf3375c62a3f1cd2549dab" +checksum = "29993a25686778eb88d4189742cd713c9bce943bc54251a33509dc63cbacf73d" dependencies = [ - "base64 0.21.7", + "base64 0.22.0", "rustls-pki-types", ] [[package]] name = "rustls-pki-types" -version = "1.4.1" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ecd36cc4259e3e4514335c4a138c6b43171a8d61d8f5c9348f9fc7529416f247" +checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d" [[package]] name = "rustls-webpki" @@ -6714,8 +6678,8 @@ version = "0.101.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" dependencies = [ - "ring 0.17.8", - "untrusted 0.9.0", + "ring", + "untrusted", ] [[package]] @@ -6724,9 +6688,9 @@ version = "0.102.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "faaa0a62740bedb9b2ef5afa303da42764c012f743917351dc9a237ea1663610" dependencies = [ - "ring 0.17.8", + "ring", "rustls-pki-types", - "untrusted 0.9.0", + "untrusted", ] [[package]] @@ -6797,8 +6761,8 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" dependencies = [ - "ring 0.17.8", - "untrusted 0.9.0", + "ring", + "untrusted", ] [[package]] @@ -7311,12 +7275,6 @@ dependencies = [ "smallvec", ] -[[package]] -name = "spin" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" - [[package]] name = "spin" version = "0.9.8" @@ -7944,6 +7902,7 @@ dependencies = [ "ctrlc", "dirs 4.0.0", "futures", + "http 1.1.0", "indexmap 1.9.3", "ipnet", "outbound-http", @@ -7951,6 +7910,8 @@ dependencies = [ "outbound-mysql", "outbound-pg", "outbound-redis", + "rustls-pemfile 2.1.2", + "rustls-pki-types", "sanitize-filename", "serde 1.0.197", "serde_json", @@ -7969,6 +7930,7 @@ dependencies = [ "spin-loader", "spin-manifest", "spin-outbound-networking", + "spin-serde", "spin-sqlite", "spin-sqlite-inproc", "spin-sqlite-libsql", @@ -8004,7 +7966,9 @@ dependencies = [ "num_cpus", "outbound-http", "percent-encoding", - "rustls-pemfile 0.3.0", + "rustls 0.22.3", + "rustls-pemfile 2.1.2", + "rustls-pki-types", "serde 1.0.197", "serde_json", "spin-app", @@ -8018,13 +7982,14 @@ dependencies = [ "terminal", "tls-listener", "tokio", - "tokio-rustls 0.23.4", + "tokio-rustls 0.25.0", "tracing", "url", "wasi-common", "wasmtime", "wasmtime-wasi", "wasmtime-wasi-http", + "webpki-roots 0.26.1", ] [[package]] @@ -8632,17 +8597,6 @@ dependencies = [ "whoami", ] -[[package]] -name = "tokio-rustls" -version = "0.23.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" -dependencies = [ - "rustls 0.20.9", - "tokio", - "webpki", -] - [[package]] name = "tokio-rustls" version = "0.24.1" @@ -9126,12 +9080,6 @@ version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861" -[[package]] -name = "untrusted" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" - [[package]] name = "untrusted" version = "0.9.0" @@ -10165,16 +10113,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki" -version = "0.22.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed63aea5ce73d0ff405984102c42de94fc55a6b75765d621c65262469b3c9b53" -dependencies = [ - "ring 0.17.8", - "untrusted 0.9.0", -] - [[package]] name = "webpki-roots" version = "0.25.4" diff --git a/crates/trigger-http/Cargo.toml b/crates/trigger-http/Cargo.toml index 3104f5378..4bc4e6d16 100644 --- a/crates/trigger-http/Cargo.toml +++ b/crates/trigger-http/Cargo.toml @@ -20,7 +20,9 @@ http-body-util = { workspace = true } indexmap = "1" outbound-http = { path = "../outbound-http" } percent-encoding = "2" -rustls-pemfile = "0.3.0" +rustls = { version = "0.22.0" } +rustls-pemfile = "2.1.2" +rustls-pki-types = "1.7" serde = { version = "1.0", features = ["derive"] } serde_json = "1" spin-app = { path = "../app" } @@ -33,13 +35,14 @@ spin-world = { path = "../world" } terminal = { path = "../terminal" } tls-listener = { version = "0.10.0", features = ["rustls"] } tokio = { version = "1.23", features = ["full"] } -tokio-rustls = { version = "0.23.2" } +tokio-rustls = { version = "0.25.0" } url = "2.4.1" tracing = { workspace = true } wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasmtime-wasi-http = { workspace = true } wasi-common-preview1 = { workspace = true } +webpki-roots = { version = "0.26.0" } [dev-dependencies] criterion = { version = "0.3.5", features = ["async_tokio"] } diff --git a/crates/trigger-http/src/handler.rs b/crates/trigger-http/src/handler.rs index 828d758d3..4ff4aa398 100644 --- a/crates/trigger-http/src/handler.rs +++ b/crates/trigger-http/src/handler.rs @@ -48,6 +48,14 @@ impl HttpExecutor for HttpHandlerExecutor { set_http_origin_from_request(&mut store, engine.clone(), self, &req); + // set the client tls options for the current component_id. + // The OutboundWasiHttpHandler in this file is only used + // when making http-request from a http-trigger component. + // The outbound http requests from other triggers such as Redis + // uses OutboundWasiHttpHandler defined in spin_core crate. + store.as_mut().data_mut().as_mut().client_tls_opts = + engine.get_client_tls_opts(component_id); + let resp = match ty { HandlerType::Spin => { Self::execute_spin(store, instance, base, route_match, req, client_addr) diff --git a/crates/trigger-http/src/lib.rs b/crates/trigger-http/src/lib.rs index d0fb7ae7f..c5c5f066c 100644 --- a/crates/trigger-http/src/lib.rs +++ b/crates/trigger-http/src/lib.rs @@ -7,6 +7,7 @@ mod wagi; use std::{ collections::HashMap, + error::Error, io::IsTerminal, net::{Ipv4Addr, SocketAddr, ToSocketAddrs}, path::PathBuf, @@ -17,7 +18,7 @@ use std::{ use anyhow::{Context, Result}; use async_trait::async_trait; use clap::Args; -use http::{header::HOST, uri::Scheme, HeaderValue, StatusCode, Uri}; +use http::{header::HOST, uri::Authority, uri::Scheme, HeaderValue, StatusCode, Uri}; use http_body_util::BodyExt; use hyper::{ body::{Bytes, Incoming}, @@ -38,15 +39,17 @@ use spin_http::{ use spin_outbound_networking::{ is_service_chaining_host, parse_service_chaining_target, AllowedHostsConfig, OutboundUrl, }; -use spin_trigger::{TriggerAppEngine, TriggerExecutor, TriggerInstancePre}; +use spin_trigger::{ParsedClientTlsOpts, TriggerAppEngine, TriggerExecutor, TriggerInstancePre}; use tokio::{ io::{AsyncRead, AsyncWrite}, - net::TcpListener, + net::{TcpListener, TcpStream}, task, + time::timeout, }; + use tracing::{field::Empty, log, Instrument}; use wasmtime_wasi_http::{ - bindings::wasi::http::types::ErrorCode, + bindings::wasi::http::{types, types::ErrorCode}, body::{HyperIncomingBody as Body, HyperOutgoingBody}, types::HostFutureIncomingResponse, HttpError, HttpResult, @@ -583,6 +586,8 @@ struct ChainedRequestHandler { pub struct HttpRuntimeData { origin: Option, chained_handler: Option, + // Optional mapping of authority and TLS options for the current component + client_tls_opts: Option>, /// The hosts this app is allowed to make outbound requests to allowed_hosts: AllowedHostsConfig, } @@ -727,12 +732,13 @@ impl OutboundWasiHttpHandler for HttpRuntimeData { } } + let client_tls_opts = (data.as_ref()).client_tls_opts.clone(); + // TODO: This is a temporary workaround to make sure that outbound task is instrumented. // Once Wasmtime gives us the ability to do the spawn ourselves we can just call .instrument // and won't have to do this workaround. let response_handle = async move { - let res = - wasmtime_wasi_http::types::default_send_request_handler(request, config).await; + let res = send_request_handler(request, config, client_tls_opts).await; if let Ok(res) = &res { tracing::Span::current() .record("http.response.status_code", res.resp.status().as_u16()); @@ -752,6 +758,238 @@ enum NotFoundRouteKind { WellKnown, } +/// This is a fork of wasmtime_wasi_http::default_send_request_handler function +/// forked from bytecodealliance/wasmtime commit-sha 29a76b68200fcfa69c8fb18ce6c850754279a05b +/// This fork provides the ability to configure client cert auth for mTLS +pub async fn send_request_handler( + mut request: hyper::Request, + wasmtime_wasi_http::types::OutgoingRequestConfig { + use_tls, + connect_timeout, + first_byte_timeout, + between_bytes_timeout, + }: wasmtime_wasi_http::types::OutgoingRequestConfig, + client_tls_opts: Option>, +) -> Result { + let authority_str = if let Some(authority) = request.uri().authority() { + if authority.port().is_some() { + authority.to_string() + } else { + let port = if use_tls { 443 } else { 80 }; + format!("{}:{port}", authority) + } + } else { + return Err(types::ErrorCode::HttpRequestUriInvalid); + }; + + let authority = &authority_str.parse::().unwrap(); + + let tcp_stream = timeout(connect_timeout, TcpStream::connect(&authority_str)) + .await + .map_err(|_| types::ErrorCode::ConnectionTimeout)? + .map_err(|e| match e.kind() { + std::io::ErrorKind::AddrNotAvailable => { + dns_error("address not available".to_string(), 0) + } + + _ => { + if e.to_string() + .starts_with("failed to lookup address information") + { + dns_error("address not available".to_string(), 0) + } else { + types::ErrorCode::ConnectionRefused + } + } + })?; + + let (mut sender, worker) = if use_tls { + #[cfg(any(target_arch = "riscv64", target_arch = "s390x"))] + { + return Err( + wasmtime_wasi_http::bindings::http::types::ErrorCode::InternalError(Some( + "unsupported architecture for SSL".to_string(), + )), + ); + } + + #[cfg(not(any(target_arch = "riscv64", target_arch = "s390x")))] + { + use rustls::pki_types::ServerName; + let config = + get_client_tls_config_for_authority(authority, client_tls_opts).map_err(|e| { + wasmtime_wasi_http::bindings::http::types::ErrorCode::InternalError(Some( + format!( + "failed to configure client tls config for authority. error: {}", + e + ), + )) + })?; + let connector = tokio_rustls::TlsConnector::from(std::sync::Arc::new(config)); + let mut parts = authority_str.split(':'); + let host = parts.next().unwrap_or(&authority_str); + let domain = ServerName::try_from(host) + .map_err(|e| { + tracing::warn!("dns lookup error: {e:?}"); + dns_error("invalid dns name".to_string(), 0) + })? + .to_owned(); + let stream = connector.connect(domain, tcp_stream).await.map_err(|e| { + tracing::warn!("tls protocol error: {e:?}"); + types::ErrorCode::TlsProtocolError + })?; + let stream = TokioIo::new(stream); + + let (sender, conn) = timeout( + connect_timeout, + hyper::client::conn::http1::handshake(stream), + ) + .await + .map_err(|_| types::ErrorCode::ConnectionTimeout)? + .map_err(hyper_request_error)?; + + let worker = wasmtime_wasi::runtime::spawn(async move { + match conn.await { + Ok(()) => {} + // TODO: shouldn't throw away this error and ideally should + // surface somewhere. + Err(e) => tracing::warn!("dropping error {e}"), + } + }); + + (sender, worker) + } + } else { + let tcp_stream = TokioIo::new(tcp_stream); + let (sender, conn) = timeout( + connect_timeout, + // TODO: we should plumb the builder through the http context, and use it here + hyper::client::conn::http1::handshake(tcp_stream), + ) + .await + .map_err(|_| types::ErrorCode::ConnectionTimeout)? + .map_err(hyper_request_error)?; + + let worker = wasmtime_wasi::runtime::spawn(async move { + match conn.await { + Ok(()) => {} + // TODO: same as above, shouldn't throw this error away. + Err(e) => tracing::warn!("dropping error {e}"), + } + }); + + (sender, worker) + }; + + // at this point, the request contains the scheme and the authority, but + // the http packet should only include those if addressing a proxy, so + // remove them here, since SendRequest::send_request does not do it for us + *request.uri_mut() = http::Uri::builder() + .path_and_query( + request + .uri() + .path_and_query() + .map(|p| p.as_str()) + .unwrap_or("/"), + ) + .build() + .expect("comes from valid request"); + + let resp = timeout(first_byte_timeout, sender.send_request(request)) + .await + .map_err(|_| types::ErrorCode::ConnectionReadTimeout)? + .map_err(hyper_request_error)? + .map(|body| body.map_err(hyper_request_error).boxed()); + + Ok(wasmtime_wasi_http::types::IncomingResponse { + resp, + worker: Some(worker), + between_bytes_timeout, + }) +} + +fn get_client_tls_config_for_authority( + authority: &Authority, + client_tls_opts: Option>, +) -> Result { + // derived from https://github.com/tokio-rs/tls/blob/master/tokio-rustls/examples/client/src/main.rs + let ca_webpki_roots = rustls::RootCertStore { + roots: webpki_roots::TLS_SERVER_ROOTS.into(), + }; + + #[allow(clippy::mutable_key_type)] + let client_tls_opts = match client_tls_opts { + Some(opts) => opts, + _ => { + return Ok(rustls::ClientConfig::builder() + .with_root_certificates(ca_webpki_roots) + .with_no_client_auth()); + } + }; + + let client_tls_opts_for_host = match client_tls_opts.get(authority) { + Some(opts) => opts, + _ => { + return Ok(rustls::ClientConfig::builder() + .with_root_certificates(ca_webpki_roots) + .with_no_client_auth()); + } + }; + + let mut root_cert_store = if client_tls_opts_for_host.ca_webpki_roots { + ca_webpki_roots + } else { + rustls::RootCertStore::empty() + }; + + if let Some(custom_root_ca) = &client_tls_opts_for_host.custom_root_ca { + for cer in custom_root_ca { + match root_cert_store.add(cer.to_owned()) { + Ok(_) => {} + Err(e) => { + return Err(anyhow::anyhow!( + "failed to add custom cert to root_cert_store. error: {}", + e + )); + } + } + } + } + + match ( + &client_tls_opts_for_host.cert_chain, + &client_tls_opts_for_host.private_key, + ) { + (Some(cert_chain), Some(private_key)) => Ok(rustls::ClientConfig::builder() + .with_root_certificates(root_cert_store) + .with_client_auth_cert(cert_chain.to_owned(), private_key.clone_key())?), + _ => Ok(rustls::ClientConfig::builder() + .with_root_certificates(root_cert_store) + .with_no_client_auth()), + } +} + +/// Translate a [`hyper::Error`] to a wasi-http `ErrorCode` in the context of a request. +pub fn hyper_request_error(err: hyper::Error) -> ErrorCode { + // If there's a source, we might be able to extract a wasi-http error from it. + if let Some(cause) = err.source() { + if let Some(err) = cause.downcast_ref::() { + return err.clone(); + } + } + + tracing::warn!("hyper request error: {err:?}"); + + ErrorCode::HttpProtocolError +} + +pub fn dns_error(rcode: String, info_code: u16) -> ErrorCode { + ErrorCode::DnsError(wasmtime_wasi_http::bindings::http::types::DnsErrorPayload { + rcode: Some(rcode), + info_code: Some(info_code), + }) +} + #[cfg(test)] mod tests { use anyhow::Result; diff --git a/crates/trigger-http/src/testdata/invalid-cert.pem b/crates/trigger-http/src/testdata/invalid-cert.pem new file mode 100644 index 000000000..f1a952b9c --- /dev/null +++ b/crates/trigger-http/src/testdata/invalid-cert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIBkjCCATegAwIBAgIIEOURVvWgx1AwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY +azNzLWNsaWVudC1jYUAxNzE3NzgwNTIwMB4XDTI0MDYwNzE3MTUyMFoXDTI1MDYw +NzE3MTUyMFowMDEXMBUGA1UEChMOc3lzdGVtOm1hc3RlcnMxFTATBgNVBAMTDHN5 +c3RlbTphZG1pbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFGE/CVuauj8kmde +i4AagSJ5GYgGnL0eF55ItiXrKSjMmsIf/N8EyeamxQfWPKVk/1xhH7cS9GcQgNe6 +XrRvmLyjSDBGMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAf +BgNVHSMEGDAWgBRpihySeW3DafmU1cw6LMnQCQDD4jAKBggqhkjOPQQDAgNJADBG +AiEA/db1wb4mVrqJVctqbPU9xd0bXzJx7cBDzpWgPP9ISfkCIQDNyuskAkXvUMHH +F73/GJnh8Bt2H38qyzThM8nlR9v1eQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBdjCCAR2gAwIBAgIBADAKBggqhkjOPQQDAjAjMSEwHwYDVQQDDBhrM3MtY2xp +ZW50LWNhQDE3MTc3ODA1MjAwHhcNMjQwNjA3MTcxNTIwWhcNMzQwNjA1MTcxNTIw +WjAjMSEwHwYDVQQDDBhrM3MtY2xpZW50LWNhQDE3MTc3ODA1MjAwWTATBgcqhkjO +PQIBBggqhkjOPQMBBwNCAASozciE0YGl8ak3G0Ll1riwXSScfpK0QRle/cFizdlA +HgDowBssBcla0/2a/eWabxqTPzsZH0cVhL7Tialoj8GNo0IwQDAOBgNVHQ8BAf8E +BAMCAqQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUaYocknltw2n5lNXMOizJ +0AkAw+IwCgYIKoZIzj0EAwIDRwAwRAIgR8YcLA8cH4qAMDRPDsJqLaw4GJFkgjwV +TCrMgyUxSvACIBwyklgm7mgHcC5WM9CqmliAGZJyV0xRPZBK01POrNf0 diff --git a/crates/trigger-http/src/testdata/invalid-private-key.pem b/crates/trigger-http/src/testdata/invalid-private-key.pem new file mode 100644 index 000000000..39d7e59ee --- /dev/null +++ b/crates/trigger-http/src/testdata/invalid-private-key.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIA+FBtmKJbd8wBGOWeuJQfHiCKjjXF8ywEPrvj8S1N3VoAoGCCqGSM49 +AwEHoUQDQgAEUYT8JW5q6PySZ16LgBqBInkZiAacvR4Xnki2JespKMyawh/83wTJ +5qbFB9Y8pWT/XGEftxL0ZxCA17petG+YvA== +-----END EC PRIVATE KEY- \ No newline at end of file diff --git a/crates/trigger-http/src/testdata/valid-cert.pem b/crates/trigger-http/src/testdata/valid-cert.pem new file mode 100644 index 000000000..e75166d0e --- /dev/null +++ b/crates/trigger-http/src/testdata/valid-cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIBkjCCATegAwIBAgIIEOURVvWgx1AwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY +azNzLWNsaWVudC1jYUAxNzE3NzgwNTIwMB4XDTI0MDYwNzE3MTUyMFoXDTI1MDYw +NzE3MTUyMFowMDEXMBUGA1UEChMOc3lzdGVtOm1hc3RlcnMxFTATBgNVBAMTDHN5 +c3RlbTphZG1pbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFGE/CVuauj8kmde +i4AagSJ5GYgGnL0eF55ItiXrKSjMmsIf/N8EyeamxQfWPKVk/1xhH7cS9GcQgNe6 +XrRvmLyjSDBGMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAf +BgNVHSMEGDAWgBRpihySeW3DafmU1cw6LMnQCQDD4jAKBggqhkjOPQQDAgNJADBG +AiEA/db1wb4mVrqJVctqbPU9xd0bXzJx7cBDzpWgPP9ISfkCIQDNyuskAkXvUMHH +F73/GJnh8Bt2H38qyzThM8nlR9v1eQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBdjCCAR2gAwIBAgIBADAKBggqhkjOPQQDAjAjMSEwHwYDVQQDDBhrM3MtY2xp +ZW50LWNhQDE3MTc3ODA1MjAwHhcNMjQwNjA3MTcxNTIwWhcNMzQwNjA1MTcxNTIw +WjAjMSEwHwYDVQQDDBhrM3MtY2xpZW50LWNhQDE3MTc3ODA1MjAwWTATBgcqhkjO +PQIBBggqhkjOPQMBBwNCAASozciE0YGl8ak3G0Ll1riwXSScfpK0QRle/cFizdlA +HgDowBssBcla0/2a/eWabxqTPzsZH0cVhL7Tialoj8GNo0IwQDAOBgNVHQ8BAf8E +BAMCAqQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUaYocknltw2n5lNXMOizJ +0AkAw+IwCgYIKoZIzj0EAwIDRwAwRAIgR8YcLA8cH4qAMDRPDsJqLaw4GJFkgjwV +TCrMgyUxSvACIBwyklgm7mgHcC5WM9CqmliAGZJyV0xRPZBK01POrNf0 +-----END CERTIFICATE----- \ No newline at end of file diff --git a/crates/trigger-http/src/testdata/valid-private-key.pem b/crates/trigger-http/src/testdata/valid-private-key.pem new file mode 100644 index 000000000..2820fbed2 --- /dev/null +++ b/crates/trigger-http/src/testdata/valid-private-key.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIA+FBtmKJbd8wBGOWeuJQfHiCKjjXF8ywEPrvj8S1N3VoAoGCCqGSM49 +AwEHoUQDQgAEUYT8JW5q6PySZ16LgBqBInkZiAacvR4Xnki2JespKMyawh/83wTJ +5qbFB9Y8pWT/XGEftxL0ZxCA17petG+YvA== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/crates/trigger-http/src/tls.rs b/crates/trigger-http/src/tls.rs index cb2ea0af6..d0486c50e 100644 --- a/crates/trigger-http/src/tls.rs +++ b/crates/trigger-http/src/tls.rs @@ -1,4 +1,4 @@ -use rustls_pemfile::{certs, pkcs8_private_keys}; +use rustls_pemfile::private_key; use std::{ fs, io, path::{Path, PathBuf}, @@ -19,28 +19,123 @@ impl TlsConfig { // Creates a TLS acceptor from server config. pub(super) fn server_config(&self) -> anyhow::Result { let certs = load_certs(&self.cert_path)?; - let mut keys = load_keys(&self.key_path)?; + let private_key = load_key(&self.key_path)?; let cfg = rustls::ServerConfig::builder() - .with_safe_defaults() .with_no_client_auth() - .with_single_cert(certs, keys.remove(0)) + .with_single_cert(certs, private_key) .map_err(|e| anyhow::anyhow!("{}", e))?; Ok(Arc::new(cfg).into()) } } -// Loads public certificate from file. -fn load_certs(path: impl AsRef) -> io::Result> { - certs(&mut io::BufReader::new(fs::File::open(path)?)) - .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid cert")) - .map(|mut certs| certs.drain(..).map(rustls::Certificate).collect()) +// load_certs parse and return the certs from the provided file +pub fn load_certs( + path: impl AsRef, +) -> io::Result>> { + rustls_pemfile::certs(&mut io::BufReader::new(fs::File::open(path).map_err( + |err| { + io::Error::new( + io::ErrorKind::InvalidInput, + format!("failed to read cert file {:?}", err), + ) + }, + )?)) + .collect() } -// Loads private key from file. -fn load_keys(path: impl AsRef) -> io::Result> { - pkcs8_private_keys(&mut io::BufReader::new(fs::File::open(path)?)) - .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid key")) - .map(|mut keys| keys.drain(..).map(rustls::PrivateKey).collect()) +// parse and return the first private key from the provided file +pub fn load_key(path: impl AsRef) -> io::Result> { + private_key(&mut io::BufReader::new(fs::File::open(path).map_err( + |err| { + io::Error::new( + io::ErrorKind::InvalidInput, + format!("failed to read private key file {:?}", err), + ) + }, + )?)) + .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid private key")) + .transpose() + .ok_or_else(|| { + io::Error::new( + io::ErrorKind::InvalidInput, + "private key file contains no private keys", + ) + })? +} + +#[cfg(test)] +mod tests { + use super::*; + + fn testdatadir() -> PathBuf { + let mut path = PathBuf::from(env!("CARGO_MANIFEST_DIR")); + path.push("src"); + path.push("testdata"); + + path + } + + #[test] + fn test_read_non_existing_cert() { + let mut path = testdatadir(); + path.push("non-existing-file.pem"); + + let certs = load_certs(path); + assert!(certs.is_err()); + assert_eq!(certs.err().unwrap().to_string(), "failed to read cert file Os { code: 2, kind: NotFound, message: \"No such file or directory\" }"); + } + + #[test] + fn test_read_invalid_cert() { + let mut path = testdatadir(); + path.push("invalid-cert.pem"); + + let certs = load_certs(path); + assert!(certs.is_err()); + assert_eq!( + certs.err().unwrap().to_string(), + "section end \"-----END CERTIFICATE-----\" missing" + ); + } + + #[test] + fn test_read_valid_cert() { + let mut path = testdatadir(); + path.push("valid-cert.pem"); + + let certs = load_certs(path); + assert!(certs.is_ok()); + assert_eq!(certs.unwrap().len(), 2); + } + + #[test] + fn test_read_non_existing_private_key() { + let mut path = testdatadir(); + path.push("non-existing-file.pem"); + + let keys = load_key(path); + assert!(keys.is_err()); + assert_eq!(keys.err().unwrap().to_string(), "failed to read private key file Os { code: 2, kind: NotFound, message: \"No such file or directory\" }"); + } + + #[test] + fn test_read_invalid_private_key() { + let mut path = testdatadir(); + path.push("invalid-private-key.pem"); + + let keys = load_key(path); + assert!(keys.is_err()); + assert_eq!(keys.err().unwrap().to_string(), "invalid private key"); + } + + #[test] + fn test_read_valid_private_key() { + let mut path = testdatadir(); + path.push("valid-private-key.pem"); + + let keys = load_key(path); + assert!(keys.is_ok()); + } } diff --git a/crates/trigger/Cargo.toml b/crates/trigger/Cargo.toml index b9d392024..164a265aa 100644 --- a/crates/trigger/Cargo.toml +++ b/crates/trigger/Cargo.toml @@ -22,13 +22,17 @@ dirs = "4" futures = "0.3" indexmap = "1" ipnet = "2.9.0" +http = "1.0.0" outbound-http = { path = "../outbound-http" } outbound-redis = { path = "../outbound-redis" } outbound-mqtt = { path = "../outbound-mqtt" } outbound-pg = { path = "../outbound-pg" } outbound-mysql = { path = "../outbound-mysql" } +rustls-pemfile = "2.1.2" +rustls-pki-types = "1.7.0" spin-common = { path = "../common" } spin-expressions = { path = "../expressions" } +spin-serde = { path = "../serde" } spin-key-value = { path = "../key-value" } spin-key-value-azure = { path = "../key-value-azure" } spin-key-value-redis = { path = "../key-value-redis" } diff --git a/crates/trigger/src/lib.rs b/crates/trigger/src/lib.rs index d0cb6536d..6f3cb1d9f 100644 --- a/crates/trigger/src/lib.rs +++ b/crates/trigger/src/lib.rs @@ -8,6 +8,7 @@ use std::{collections::HashMap, marker::PhantomData}; use anyhow::{Context, Result}; pub use async_trait::async_trait; +use http::uri::Authority; use runtime_config::llm::LLmOptions; use serde::de::DeserializeOwned; @@ -17,7 +18,7 @@ use spin_core::{ StoreBuilder, WasiVersion, }; -pub use crate::runtime_config::RuntimeConfig; +pub use crate::runtime_config::{ParsedClientTlsOpts, RuntimeConfig}; #[async_trait] pub trait TriggerExecutor: Sized + Send + Sync { @@ -236,7 +237,15 @@ impl TriggerExecutorBuilder { // Run trigger executor Executor::new( - TriggerAppEngine::new(engine, app_name, app, self.hooks, &prepared_resolver).await?, + TriggerAppEngine::new( + engine, + app_name, + app, + self.hooks, + &prepared_resolver, + runtime_config.client_tls_opts()?, + ) + .await?, ) .await } @@ -283,6 +292,8 @@ pub struct TriggerAppEngine { component_instance_pres: HashMap, // Resolver for value template expressions resolver: std::sync::Arc, + // Map of { Component ID -> Map of { Authority -> ParsedClientTlsOpts} } + client_tls_opts: HashMap>, } impl TriggerAppEngine { @@ -294,6 +305,7 @@ impl TriggerAppEngine { app: OwnedApp, hooks: Vec>, resolver: &std::sync::Arc, + client_tls_opts: HashMap>, ) -> Result where ::TriggerConfig: DeserializeOwned, @@ -345,6 +357,7 @@ impl TriggerAppEngine { trigger_configs: trigger_configs.into_iter().map(|(_, v)| v).collect(), component_instance_pres, resolver: resolver.clone(), + client_tls_opts, }) } @@ -425,6 +438,13 @@ impl TriggerAppEngine { }) } + pub fn get_client_tls_opts( + &self, + component_id: &str, + ) -> Option> { + self.client_tls_opts.get(&component_id.to_string()).cloned() + } + pub fn resolve_template( &self, template: &spin_expressions::Template, diff --git a/crates/trigger/src/runtime_config.rs b/crates/trigger/src/runtime_config.rs index 7dfbe8a98..539939902 100644 --- a/crates/trigger/src/runtime_config.rs +++ b/crates/trigger/src/runtime_config.rs @@ -1,3 +1,4 @@ +pub mod client_tls; pub mod key_value; pub mod llm; pub mod sqlite; @@ -11,6 +12,7 @@ use std::{ }; use anyhow::{Context, Result}; +use http::uri::Authority; use serde::Deserialize; use spin_common::ui::quoted_path; use spin_sqlite::Connection; @@ -18,6 +20,7 @@ use spin_sqlite::Connection; use crate::TriggerHooks; use self::{ + client_tls::{load_certs, load_key, ClientTlsOpts}, key_value::{KeyValueStore, KeyValueStoreOpts}, llm::LlmComputeOpts, sqlite::SqliteDatabaseOpts, @@ -26,7 +29,6 @@ use self::{ pub const DEFAULT_STATE_DIR: &str = ".spin"; const DEFAULT_LOGS_DIR: &str = "logs"; - /// RuntimeConfig allows multiple sources of runtime configuration to be /// queried uniformly. #[derive(Debug, Default)] @@ -182,6 +184,58 @@ impl RuntimeConfig { } } + // returns the client tls options in form of nested + // HashMap of { Component ID -> HashMap of { Host -> ParsedClientTlsOpts} } + pub fn client_tls_opts( + &self, + ) -> Result>> { + let mut components_map: HashMap> = + HashMap::new(); + + // if available, use the existing client tls opts value for a given component-id and host-authority + // to ensure first-one wins incase of duplicate options + fn use_existing_if_available( + existing_opts: Option<&HashMap>, + host: Authority, + newopts: ParsedClientTlsOpts, + ) -> (Authority, ParsedClientTlsOpts) { + match existing_opts { + None => (host, newopts), + Some(opts) => match opts.get(&host) { + Some(existing_opts_for_component_and_host) => { + (host, existing_opts_for_component_and_host.to_owned()) + } + None => (host, newopts), + }, + } + } + + for opt_layer in self.opts_layers() { + for opts in &opt_layer.client_tls_opts { + let parsed = parse_client_tls_opts(opts).context("parsing client tls options")?; + for component_id in &opts.component_ids { + let existing_opts_for_component = components_map.get(component_id.as_ref()); + #[allow(clippy::mutable_key_type)] + let hostmap = parsed + .hosts + .clone() + .into_iter() + .map(|host| { + use_existing_if_available( + existing_opts_for_component, + host, + parsed.clone(), + ) + }) + .collect::>(); + components_map.insert(component_id.to_string(), hostmap); + } + } + } + + Ok(components_map) + } + /// Returns an iterator of RuntimeConfigOpts in order of decreasing precedence fn opts_layers(&self) -> impl Iterator { std::iter::once(&self.overrides).chain(self.files.iter().rev()) @@ -216,6 +270,9 @@ pub struct RuntimeConfigOpts { #[serde(skip)] pub file_path: Option, + + #[serde(rename = "client_tls", default)] + pub client_tls_opts: Vec, } impl RuntimeConfigOpts { @@ -501,6 +558,204 @@ mod tests { Ok(()) } + fn to_component_id(inp: &str) -> spin_serde::KebabId { + spin_serde::KebabId::try_from(inp.to_string()).expect("parse component id into kebab id") + } + + #[test] + fn test_parsing_valid_hosts_in_client_tls_opts() { + let input = ClientTlsOpts { + component_ids: vec![to_component_id("component-id-foo")], + hosts: vec!["fermyon.com".to_string(), "fermyon.com:5443".to_string()], + ca_roots_file: None, + cert_chain_file: None, + private_key_file: None, + ca_webpki_roots: None, + }; + + let parsed = parse_client_tls_opts(&input); + assert!(parsed.is_ok()); + assert_eq!(parsed.unwrap().hosts.len(), 2) + } + + #[test] + fn test_parsing_empty_hosts_in_client_tls_opts() { + let input = ClientTlsOpts { + component_ids: vec![to_component_id("component-id-foo")], + hosts: vec!["".to_string(), "fermyon.com:5443".to_string()], + ca_roots_file: None, + cert_chain_file: None, + private_key_file: None, + ca_webpki_roots: None, + }; + + let parsed = parse_client_tls_opts(&input); + assert!(parsed.is_err()); + assert_eq!( + "failed to parse uri ''. error: InvalidUri(Empty)", + parsed.unwrap_err().to_string() + ) + } + + #[test] + fn test_parsing_invalid_hosts_in_client_tls_opts() { + let input = ClientTlsOpts { + component_ids: vec![to_component_id("component-id-foo")], + hosts: vec!["perc%ent:443".to_string(), "fermyon.com:5443".to_string()], + ca_roots_file: None, + cert_chain_file: None, + private_key_file: None, + ca_webpki_roots: None, + }; + + let parsed = parse_client_tls_opts(&input); + assert!(parsed.is_err()); + assert_eq!( + "failed to parse uri 'perc%ent:443'. error: InvalidUri(InvalidAuthority)", + parsed.unwrap_err().to_string() + ) + } + + #[test] + fn test_parsing_multiple_client_tls_opts() { + let custom_root_ca = r#" +-----BEGIN CERTIFICATE----- +MIIBeDCCAR2gAwIBAgIBADAKBggqhkjOPQQDAjAjMSEwHwYDVQQDDBhrM3Mtc2Vy +dmVyLWNhQDE3MTc3ODA1MjAwHhcNMjQwNjA3MTcxNTIwWhcNMzQwNjA1MTcxNTIw +WjAjMSEwHwYDVQQDDBhrM3Mtc2VydmVyLWNhQDE3MTc3ODA1MjAwWTATBgcqhkjO +PQIBBggqhkjOPQMBBwNCAAQnhGmz/r5E+ZBgkg/kpeSliS4LjMFaeFNM3C0SUksV +cVDbymRZt+D2loVpSIn9PnBHUIiR9kz+cmWJaJDhcY6Ho0IwQDAOBgNVHQ8BAf8E +BAMCAqQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUzXLACkzCDPAXXERIxQim +NdG07zEwCgYIKoZIzj0EAwIDSQAwRgIhALwsHX2R7a7GXfgmn7h8rNRRvlQwyRaG +9hyv0a1cyJr2AiEA8+2vF0CZ/S0MG6rT0Y6xZ+iqi/vhcDnmBhJCxx2rwAI= +-----END CERTIFICATE----- +"#; + let mut custom_root_ca_file = NamedTempFile::new().expect("temp file for custom root ca"); + custom_root_ca_file + .write_all(custom_root_ca.as_bytes()) + .expect("write custom root ca file"); + + let runtimeconfig_data = format!( + r#" +[[client_tls]] +hosts = ["localhost:6551"] +component_ids = ["component-no1"] +[[client_tls]] +hosts = ["localhost:6551"] +component_ids = ["component-no2"] +ca_roots_file = "{}" +"#, + custom_root_ca_file.path().to_str().unwrap() + ); + + let mut config = RuntimeConfig::new(None); + merge_config_toml(&mut config, toml::from_str(&runtimeconfig_data).unwrap()); + + let client_tls_opts = config.client_tls_opts(); + assert!(client_tls_opts.is_ok()); + + //assert that component level mapping works as expected + let client_tls_opts_ok = client_tls_opts.as_ref().unwrap(); + + // assert for component-no1 + assert!(client_tls_opts_ok + .get(&"component-no1".to_string()) + .is_some()); + + #[allow(clippy::mutable_key_type)] + let component_no1_client_tls_opts = client_tls_opts_ok + .get(&"component-no1".to_string()) + .expect("get opts for component-no1"); + assert!(component_no1_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .is_some()); + + let component_no1_host_client_tls_opts = component_no1_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .unwrap(); + assert!(component_no1_host_client_tls_opts.custom_root_ca.is_none()); + + // assert for component-no2 + assert!(client_tls_opts_ok + .get(&"component-no2".to_string()) + .is_some()); + + #[allow(clippy::mutable_key_type)] + let component_no2_client_tls_opts = client_tls_opts_ok + .get(&"component-no2".to_string()) + .expect("get opts for component-no2"); + assert!(component_no2_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .is_some()); + + let component_no2_host_client_tls_opts = component_no2_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .unwrap(); + assert!(component_no2_host_client_tls_opts.custom_root_ca.is_some()) + } + + #[test] + fn test_parsing_multiple_overlapping_client_tls_opts() { + let custom_root_ca = r#" +-----BEGIN CERTIFICATE----- +MIIBeDCCAR2gAwIBAgIBADAKBggqhkjOPQQDAjAjMSEwHwYDVQQDDBhrM3Mtc2Vy +dmVyLWNhQDE3MTc3ODA1MjAwHhcNMjQwNjA3MTcxNTIwWhcNMzQwNjA1MTcxNTIw +WjAjMSEwHwYDVQQDDBhrM3Mtc2VydmVyLWNhQDE3MTc3ODA1MjAwWTATBgcqhkjO +PQIBBggqhkjOPQMBBwNCAAQnhGmz/r5E+ZBgkg/kpeSliS4LjMFaeFNM3C0SUksV +cVDbymRZt+D2loVpSIn9PnBHUIiR9kz+cmWJaJDhcY6Ho0IwQDAOBgNVHQ8BAf8E +BAMCAqQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUzXLACkzCDPAXXERIxQim +NdG07zEwCgYIKoZIzj0EAwIDSQAwRgIhALwsHX2R7a7GXfgmn7h8rNRRvlQwyRaG +9hyv0a1cyJr2AiEA8+2vF0CZ/S0MG6rT0Y6xZ+iqi/vhcDnmBhJCxx2rwAI= +-----END CERTIFICATE----- +"#; + let mut custom_root_ca_file = NamedTempFile::new().expect("temp file for custom root ca"); + custom_root_ca_file + .write_all(custom_root_ca.as_bytes()) + .expect("write custom root ca file"); + + let runtimeconfig_data = format!( + r#" +[[client_tls]] +hosts = ["localhost:6551"] +component_ids = ["component-no1"] +[[client_tls]] +hosts = ["localhost:6551"] +component_ids = ["component-no1"] +ca_roots_file = "{}" +"#, + custom_root_ca_file.path().to_str().unwrap() + ); + + let mut config = RuntimeConfig::new(None); + merge_config_toml(&mut config, toml::from_str(&runtimeconfig_data).unwrap()); + + let client_tls_opts = config.client_tls_opts(); + assert!(client_tls_opts.is_ok()); + + //assert that component level mapping works as expected + let client_tls_opts_ok = client_tls_opts.as_ref().unwrap(); + + // assert for component-no1 + assert!(client_tls_opts_ok + .get(&"component-no1".to_string()) + .is_some()); + + #[allow(clippy::mutable_key_type)] + let component_no1_client_tls_opts = client_tls_opts_ok + .get(&"component-no1".to_string()) + .expect("get opts for component-no1"); + assert!(component_no1_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .is_some()); + + let component_no1_host_client_tls_opts = component_no1_client_tls_opts + .get(&"localhost:6551".parse::().unwrap()) + .unwrap(); + + // verify that the last client_tls block wins for same component-id and host combination + assert!(component_no1_host_client_tls_opts.custom_root_ca.is_none()); + } + fn merge_config_toml(config: &mut RuntimeConfig, value: toml::Value) { let data = toml::to_vec(&value).expect("encode toml"); let mut file = NamedTempFile::new().expect("temp file"); @@ -515,3 +770,69 @@ mod tests { } } } + +// parsed client tls options +#[derive(Debug, Clone)] +pub struct ParsedClientTlsOpts { + pub components: Vec, + pub hosts: Vec, + pub custom_root_ca: Option>>, + pub cert_chain: Option>>, + pub private_key: Option>>, + pub ca_webpki_roots: bool, +} + +fn parse_client_tls_opts(inp: &ClientTlsOpts) -> Result { + let custom_root_ca = match &inp.ca_roots_file { + Some(path) => Some(load_certs(path).context("loading custom root ca")?), + None => None, + }; + + let cert_chain = match &inp.cert_chain_file { + Some(file) => Some(load_certs(file).context("loading client tls certs")?), + None => None, + }; + + let private_key = match &inp.private_key_file { + Some(file) => { + let privatekey = load_key(file).context("loading private key")?; + Some(Arc::from(privatekey)) + } + None => None, + }; + + let parsed_hosts: Vec = inp + .hosts + .clone() + .into_iter() + .map(|s| { + s.parse::() + .map_err(|e| anyhow::anyhow!("failed to parse uri '{}'. error: {:?}", s, e)) + }) + .collect::, anyhow::Error>>()?; + + let custom_root_ca_provided = custom_root_ca.is_some(); + + // use_ca_webpki_roots is true if + // 1. ca_webpki_roots is explicitly true in runtime config OR + // 2. custom_root_ca is not provided + // + // if custom_root_ca is provided, use_ca_webpki_roots defaults to false + let ca_webpki_roots = inp.ca_webpki_roots.unwrap_or(!custom_root_ca_provided); + + let parsed_component_ids: Vec = inp + .component_ids + .clone() + .into_iter() + .map(|s| s.to_string()) + .collect(); + + Ok(ParsedClientTlsOpts { + hosts: parsed_hosts, + components: parsed_component_ids, + custom_root_ca, + cert_chain, + private_key, + ca_webpki_roots, + }) +} diff --git a/crates/trigger/src/runtime_config/client_tls.rs b/crates/trigger/src/runtime_config/client_tls.rs new file mode 100644 index 000000000..59390841e --- /dev/null +++ b/crates/trigger/src/runtime_config/client_tls.rs @@ -0,0 +1,50 @@ +use anyhow::Context; +use rustls_pemfile::private_key; +use std::io; +use std::{ + fs, + path::{Path, PathBuf}, +}; + +#[derive(Debug, serde::Deserialize)] +#[serde(rename_all = "snake_case", tag = "type")] +pub struct ClientTlsOpts { + pub component_ids: Vec, + pub hosts: Vec, + pub ca_roots_file: Option, + pub cert_chain_file: Option, + pub private_key_file: Option, + pub ca_webpki_roots: Option, +} + +// load_certs parse and return the certs from the provided file +pub fn load_certs( + path: impl AsRef, +) -> io::Result>> { + rustls_pemfile::certs(&mut io::BufReader::new(fs::File::open(path).map_err( + |err| { + io::Error::new( + io::ErrorKind::InvalidInput, + format!("failed to read cert file {:?}", err), + ) + }, + )?)) + .collect::>>>() +} + +// load_keys parse and return the first private key from the provided file +pub fn load_key( + path: impl AsRef, +) -> anyhow::Result> { + private_key(&mut io::BufReader::new( + fs::File::open(path).context("loading private key")?, + )) + .map_err(|_| anyhow::anyhow!("invalid input")) + .transpose() + .ok_or_else(|| { + io::Error::new( + io::ErrorKind::InvalidInput, + "private key file contains no private keys", + ) + })? +} diff --git a/examples/spin-timer/Cargo.lock b/examples/spin-timer/Cargo.lock index 60dfbe4b4..e78d13851 100644 --- a/examples/spin-timer/Cargo.lock +++ b/examples/spin-timer/Cargo.lock @@ -17,18 +17,6 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" -[[package]] -name = "aes" -version = "0.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" -dependencies = [ - "cfg-if", - "cipher 0.3.0", - "cpufeatures", - "opaque-debug", -] - [[package]] name = "aes" version = "0.8.4" @@ -36,7 +24,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" dependencies = [ "cfg-if", - "cipher 0.4.4", + "cipher", "cpufeatures", ] @@ -202,12 +190,11 @@ dependencies = [ [[package]] name = "async-channel" -version = "2.2.1" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "136d4d23bcc79e27423727b36823d86233aad06dfea531837b038394d11e9928" +checksum = "89b47800b0be77592da0afd425cc03468052844aff33b84e33cc696f64e77b6a" dependencies = [ "concurrent-queue", - "event-listener 5.3.0", "event-listener-strategy 0.5.2", "futures-core", "pin-project-lite", @@ -228,9 +215,9 @@ dependencies = [ [[package]] name = "async-executor" -version = "1.11.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b10202063978b3351199d68f8b22c4e47e4b1b822f8d43fd862d5ea8c006b29a" +checksum = "c8828ec6e544c02b0d6691d21ed9f9218d0384a82542855073c2a3f58304aaf0" dependencies = [ "async-task", "concurrent-queue", @@ -333,7 +320,7 @@ version = "2.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a53fc6301894e04a92cb2584fedde80cb25ba8e02d9dc39d4a87d036e22f397d" dependencies = [ - "async-channel 2.2.1", + "async-channel 2.3.1", "async-io 2.3.2", "async-lock 3.3.0", "async-signal", @@ -459,7 +446,7 @@ dependencies = [ "percent-encoding", "pin-project-lite", "rustversion", - "serde 1.0.196", + "serde 1.0.203", "sync_wrapper", "tower", "tower-layer", @@ -502,7 +489,7 @@ dependencies = [ "rand 0.8.5", "reqwest 0.11.24", "rustc_version", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "time", "url", @@ -528,7 +515,7 @@ dependencies = [ "rand 0.8.5", "reqwest 0.12.4", "rustc_version", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "time", "tracing", @@ -548,7 +535,7 @@ dependencies = [ "futures", "hmac", "log", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "thiserror", @@ -570,7 +557,7 @@ dependencies = [ "futures", "oauth2", "pin-project", - "serde 1.0.196", + "serde 1.0.203", "time", "tracing", "tz-rs", @@ -587,7 +574,7 @@ dependencies = [ "async-trait", "azure_core 0.20.0", "futures", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "time", ] @@ -694,29 +681,21 @@ dependencies = [ ] [[package]] -name = "block-modes" -version = "0.8.1" +name = "block-padding" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2cb03d1bed155d89dce0f845b7899b18a9a163e148fd004e1c28421a783e2d8e" +checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93" dependencies = [ - "block-padding", - "cipher 0.3.0", + "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "blocking" -version = "1.6.0" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "495f7104e962b7356f0aeb34247aca1fe7d2e783b346582db7f2904cb5717e88" +checksum = "703f41c54fc768e63e091340b424302bb1c29ef4aa0c7f10fe849dfb114d29ea" dependencies = [ - "async-channel 2.2.1", - "async-lock 3.3.0", + "async-channel 2.3.1", "async-task", "futures-io", "futures-lite 2.3.0", @@ -729,7 +708,7 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9dd6407f73a9b8b6162d8a2ef999fe6afd7cc15902ebf42c5cd296addf17e0ad" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -740,9 +719,9 @@ checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec" [[package]] name = "bytemuck" -version = "1.14.3" +version = "1.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2ef034f05691a48569bd920a96c81b9d91bbad1ab5ac7c4616c1f6ef36cb79f" +checksum = "b236fc92302c97ed75b38da1f4917b5cdda4984745740f153a5d3059e48d725e" [[package]] name = "byteorder" @@ -756,7 +735,7 @@ version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -799,7 +778,7 @@ dependencies = [ "log", "rand 0.8.5", "reqwest 0.11.24", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "tar", @@ -885,6 +864,15 @@ dependencies = [ "winx", ] +[[package]] +name = "cbc" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6" +dependencies = [ + "cipher", +] + [[package]] name = "cc" version = "1.0.99" @@ -911,6 +899,12 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "cfg_aliases" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e" + [[package]] name = "chrono" version = "0.4.38" @@ -920,19 +914,10 @@ dependencies = [ "android-tzdata", "iana-time-zone", "js-sys", - "num-traits 0.2.18", - "serde 1.0.196", + "num-traits 0.2.19", + "serde 1.0.203", "wasm-bindgen", - "windows-targets 0.52.5", -] - -[[package]] -name = "cipher" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7" -dependencies = [ - "generic-array", + "windows-targets 0.52.4", ] [[package]] @@ -1088,7 +1073,7 @@ dependencies = [ "lazy_static 1.4.0", "nom 5.1.3", "rust-ini", - "serde 1.0.196", + "serde 1.0.203", "serde-hjson", "serde_json", "toml 0.5.11", @@ -1221,7 +1206,7 @@ version = "0.109.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a8cfdc315e5d18997093e040a8d234bea1ac1e118a716d3e30f40d449e78207b" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", "serde_derive", ] @@ -1365,11 +1350,11 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.4.2" +version = "3.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b467862cc8610ca6fc9a1532d7777cee0804e678ab45410897b9396495994a0b" +checksum = "672465ae37dc1bc6380a6547a8883d5dd397b0f1faaad4f265726cc7042a5345" dependencies = [ - "nix 0.27.1", + "nix 0.28.0", "windows-sys 0.52.0", ] @@ -1470,7 +1455,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4" dependencies = [ "powerfmt", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -1649,7 +1634,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "31951f49556e34d90ed28342e1df7e1cb7a229c4cab0aecc627b5d91edd41d07" dependencies = [ "base64 0.21.7", - "serde 1.0.196", + "serde 1.0.203", "serde_json", ] @@ -1734,19 +1719,19 @@ dependencies = [ [[package]] name = "enumflags2" -version = "0.7.9" +version = "0.7.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3278c9d5fb675e0a51dabcf4c0d355f692b064171535ba72361be1528a9d8e8d" +checksum = "d232db7f5956f3f14313dc2f87985c58bd2c695ce124c8cdd984e08e15ac133d" dependencies = [ "enumflags2_derive", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] name = "enumflags2_derive" -version = "0.7.9" +version = "0.7.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" +checksum = "de0d48a183585823424a4ce1aa132d174a6a81bd540895822eb4c8373a8e49e8" dependencies = [ "proc-macro2", "quote", @@ -1869,9 +1854,9 @@ checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" [[package]] name = "fd-lock" -version = "4.0.1" +version = "4.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b93f7a0db71c99f68398f80653ed05afb0b00e062e1a20c7ff849c4edfabbbcc" +checksum = "7e5768da2206272c81ef0b5e951a41862938a6070da63bcea197899942d3b947" dependencies = [ "cfg-if", "rustix 0.38.31", @@ -2119,7 +2104,7 @@ dependencies = [ "bitflags 2.4.2", "debugid", "fxhash", - "serde 1.0.196", + "serde 1.0.203", "serde_json", ] @@ -2275,7 +2260,7 @@ checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" dependencies = [ "ahash", "allocator-api2", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -2338,15 +2323,6 @@ dependencies = [ "digest", ] -[[package]] -name = "home" -version = "0.5.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" -dependencies = [ - "windows-sys 0.52.0", -] - [[package]] name = "http" version = "0.2.11" @@ -2425,7 +2401,7 @@ dependencies = [ "infer", "pin-project-lite", "rand 0.7.3", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "serde_qs", "serde_urlencoded", @@ -2649,7 +2625,7 @@ checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg", "hashbrown 0.12.3", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -2660,7 +2636,7 @@ checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" dependencies = [ "equivalent", "hashbrown 0.14.3", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -2687,6 +2663,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ + "block-padding", "generic-array", ] @@ -2820,9 +2797,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.68" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "406cda4b368d531c842222cf9d2600a9a4acce8d29423695379c6868a143a9ee" +checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" dependencies = [ "wasm-bindgen", ] @@ -2837,7 +2814,7 @@ dependencies = [ "crypto-common", "digest", "hmac", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", ] @@ -2952,7 +2929,7 @@ dependencies = [ "hyper-rustls 0.25.0", "libsql-hrana", "libsql-sqlite3-parser", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "thiserror", "tokio", @@ -2970,14 +2947,14 @@ dependencies = [ "base64 0.21.7", "bytes", "prost", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] name = "libsql-sqlite3-parser" -version = "0.11.0" +version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "600b1fc036f15466a4293adbf82d1c3ac7a22b865b5d501db325adeb8a116063" +checksum = "095d2cf702a5c9c152e48b369f69da30cc44351fa9432621dd8976834abc1752" dependencies = [ "bitflags 2.4.2", "cc", @@ -3043,7 +3020,7 @@ dependencies = [ "llm-gptneox", "llm-llama", "llm-mpt", - "serde 1.0.196", + "serde 1.0.203", "tracing", ] @@ -3060,7 +3037,7 @@ dependencies = [ "partial_sort", "rand 0.8.5", "regex", - "serde 1.0.196", + "serde 1.0.203", "serde_bytes", "thiserror", "tokenizers", @@ -3124,7 +3101,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7553f60d113c9cdc6a5402456a31cd9a273bef79f6f16d8a4f7b4bedf5f754b2" dependencies = [ "anyhow", - "num-traits 0.2.18", + "num-traits 0.2.19", "rand 0.8.5", "thiserror", ] @@ -3399,7 +3376,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "878c2a1f1c70e5724fa28f101ca787b6a7e8ad5c5e4ae4ca3b0fa4a419fa9075" dependencies = [ "monostate-impl", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -3442,7 +3419,7 @@ dependencies = [ "percent-encoding", "pin-project", "rand 0.8.5", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "socket2 0.5.5", "thiserror", @@ -3471,11 +3448,11 @@ dependencies = [ "flate2", "lazy_static 1.4.0", "num-bigint", - "num-traits 0.2.18", + "num-traits 0.2.19", "rand 0.8.5", "regex", "saturating", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha1 0.10.6", "sha2", @@ -3518,12 +3495,13 @@ dependencies = [ [[package]] name = "nix" -version = "0.27.1" +version = "0.28.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" +checksum = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4" dependencies = [ "bitflags 2.4.2", "cfg-if", + "cfg_aliases", "libc", ] @@ -3569,27 +3547,26 @@ dependencies = [ [[package]] name = "num" -version = "0.4.1" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b05180d69e3da0e530ba2a1dae5110317e49e3b7f3d41be227dc5f92e49ee7af" +checksum = "35bd024e8b2ff75562e5f34e7f4905839deb4b22955ef5e73d2fea1b9813cb23" dependencies = [ "num-bigint", "num-complex", "num-integer", "num-iter", "num-rational", - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] name = "num-bigint" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "608e7659b5c3d7cba262d894801b9ec9d00de989e8a82bd4bef91d08da45cdc0" +checksum = "c165a9ab64cf766f73521c0dd2cfdff64f488b8f0b3e621face3462d3db536d7" dependencies = [ - "autocfg", "num-integer", - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3598,7 +3575,7 @@ version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3613,7 +3590,7 @@ version = "0.1.46" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3624,7 +3601,7 @@ checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf" dependencies = [ "autocfg", "num-integer", - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3635,7 +3612,7 @@ checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824" dependencies = [ "num-bigint", "num-integer", - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3644,14 +3621,14 @@ version = "0.1.43" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] name = "num-traits" -version = "0.2.18" +version = "0.2.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" dependencies = [ "autocfg", ] @@ -3692,7 +3669,7 @@ dependencies = [ "getrandom 0.2.12", "http 0.2.11", "rand 0.8.5", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "serde_path_to_error", "sha2", @@ -3737,7 +3714,7 @@ dependencies = [ "olpc-cjson", "regex", "reqwest 0.12.4", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "thiserror", @@ -3755,7 +3732,7 @@ dependencies = [ "anyhow", "chrono", "oci-distribution", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "tokio", @@ -3769,7 +3746,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d637c9c15b639ccff597da8f4fa968300651ad2f1e968aefc3b4927a6fb2027a" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", "serde_json", "unicode-normalization", ] @@ -3802,12 +3779,6 @@ dependencies = [ "pkg-config", ] -[[package]] -name = "opaque-debug" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" - [[package]] name = "openssl" version = "0.10.64" @@ -3842,9 +3813,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-sys" -version = "0.9.101" +version = "0.9.102" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dda2b0f344e78efc2facf7d195d098df0dd72151b26ab98da807afc26c198dff" +checksum = "c597637d56fbc83893a35eb0dd04b2b8e7a50c91e64e9493e398b5df4fb45fa2" dependencies = [ "cc", "libc", @@ -3954,7 +3925,7 @@ version = "2.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68f19d67e5a2795c94e73e0bb1cc1a7edeb2e28efd39e2e1c9b7a40c1108b11c" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -3963,7 +3934,7 @@ version = "4.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a76df7075c7d4d01fdcb46c912dd17fba5b60c78ea480b475f2b6ab6f666584e" dependencies = [ - "num-traits 0.2.18", + "num-traits 0.2.19", ] [[package]] @@ -4196,7 +4167,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1030c719b0ec2a2d25a5df729d6cff1acf3cc230bf766f4f97833591f7577b90" dependencies = [ "base64 0.21.7", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -4223,7 +4194,7 @@ dependencies = [ "pbjson-build", "prost", "prost-build", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -4245,7 +4216,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b8fcc794035347fb64beda2d3b462595dd2753e3f268d89c5aae77e8cf2c310" dependencies = [ "base64 0.21.7", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -4314,18 +4285,18 @@ dependencies = [ [[package]] name = "pin-project" -version = "1.1.4" +version = "1.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0302c4a0442c456bd56f841aee5c3bfd17967563f6fadc9ceb9f9c23cf3807e0" +checksum = "b6bf43b791c5b9e34c3d182969b4abb522f9343702850a2e57f460d00d09b4b3" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.4" +version = "1.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "266c042b60c9c76b8d53061e52b2e0d1116abc57cefc8c5cd671619a56ac3690" +checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", @@ -4410,7 +4381,7 @@ checksum = "a55c51ee6c0db07e68448e336cf8ea4131a620edefebf9893e759b2d793420f8" dependencies = [ "cobs", "embedded-io", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -4544,9 +4515,9 @@ dependencies = [ [[package]] name = "prost" -version = "0.12.3" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "146c289cda302b98a28d40c8b3b90498d6e526dd24ac2ecea73e4e491685b94a" +checksum = "deb1435c188b76130da55f17a466d252ff7b1418b2ad3e037d127b94e3411f29" dependencies = [ "bytes", "prost-derive", @@ -4554,13 +4525,13 @@ dependencies = [ [[package]] name = "prost-build" -version = "0.12.3" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c55e02e35260070b6f716a2423c2ff1c3bb1642ddca6f99e1f26d06268a0e2d2" +checksum = "22505a5c94da8e3b7c2996394d1c933236c4d743e81a410bcca4e6989fc066a4" dependencies = [ "bytes", - "heck 0.4.1", - "itertools 0.11.0", + "heck 0.5.0", + "itertools 0.12.1", "log", "multimap", "once_cell", @@ -4571,17 +4542,16 @@ dependencies = [ "regex", "syn 2.0.48", "tempfile", - "which", ] [[package]] name = "prost-derive" -version = "0.12.3" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "efb6c9a1dd1def8e2124d17e83a20af56f1570d6c2d2bd9e266ccb768df3840e" +checksum = "81bddcdb20abf9501610992b6759a4c888aef7d1a7247ef75e2404275ac24af1" dependencies = [ "anyhow", - "itertools 0.11.0", + "itertools 0.12.1", "proc-macro2", "quote", "syn 2.0.48", @@ -4602,9 +4572,9 @@ dependencies = [ [[package]] name = "prost-types" -version = "0.12.3" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "193898f59edcf43c26227dcd4c8427f00d99d61e95dcde58dabd49fa291d470e" +checksum = "9091c90b0a32608e984ff2fa4091273cbdd755d54935c51d520887f4a1dbd5b0" dependencies = [ "prost", ] @@ -4656,7 +4626,7 @@ dependencies = [ "config", "directories", "petgraph", - "serde 1.0.196", + "serde 1.0.203", "serde-value", "tint", ] @@ -4838,13 +4808,13 @@ dependencies = [ [[package]] name = "regex" -version = "1.10.3" +version = "1.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b62dbe01f0b06f9d8dc7d49e05a0785f153b00b2c227856282f671e0318c9b15" +checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" dependencies = [ "aho-corasick 1.1.2", "memchr", - "regex-automata 0.4.5", + "regex-automata 0.4.7", "regex-syntax 0.8.2", ] @@ -4859,9 +4829,9 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.5" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bb987efffd3c6d0d8f5f89510bb458559eab11e4f869acb20bf845e016259cd" +checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" dependencies = [ "aho-corasick 1.1.2", "memchr", @@ -4914,7 +4884,7 @@ dependencies = [ "pin-project-lite", "rustls 0.21.10", "rustls-pemfile 1.0.4", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "serde_urlencoded", "sync_wrapper", @@ -4959,8 +4929,8 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls-pemfile 2.1.1", - "serde 1.0.196", + "rustls-pemfile 2.1.2", + "serde 1.0.203", "serde_json", "serde_urlencoded", "sync_wrapper", @@ -5014,7 +4984,7 @@ dependencies = [ "futures-util", "log", "rustls-native-certs", - "rustls-pemfile 2.1.1", + "rustls-pemfile 2.1.2", "rustls-webpki 0.102.2", "thiserror", "tokio", @@ -5075,7 +5045,7 @@ dependencies = [ "http 0.2.11", "reqwest 0.11.24", "rustify_derive", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "serde_urlencoded", "thiserror", @@ -5159,7 +5129,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f1fb85efa936c42c6d5fc28d2629bb51e4b2f4b8a5211e297d599cc5a093792" dependencies = [ "openssl-probe", - "rustls-pemfile 2.1.1", + "rustls-pemfile 2.1.2", "rustls-pki-types", "schannel", "security-framework", @@ -5176,11 +5146,11 @@ dependencies = [ [[package]] name = "rustls-pemfile" -version = "2.1.1" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f48172685e6ff52a556baa527774f61fcaa884f59daf3375c62a3f1cd2549dab" +checksum = "29993a25686778eb88d4189742cd713c9bce943bc54251a33509dc63cbacf73d" dependencies = [ - "base64 0.21.7", + "base64 0.22.0", "rustls-pki-types", ] @@ -5293,25 +5263,25 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", "zeroize", ] [[package]] name = "secret-service" -version = "3.0.1" +version = "3.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5da1a5ad4d28c03536f82f77d9f36603f5e37d8869ac98f0a750d5b5686d8d95" +checksum = "b5204d39df37f06d1944935232fd2dfe05008def7ca599bf28c0800366c8a8f9" dependencies = [ - "aes 0.7.5", - "block-modes", + "aes", + "cbc", "futures-util", "generic-array", "hkdf", "num", "once_cell", "rand 0.8.5", - "serde 1.0.196", + "serde 1.0.203", "sha2", "zbus", ] @@ -5345,7 +5315,7 @@ version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5356,9 +5326,9 @@ checksum = "9dad3f759919b92c3068c696c15c3d17238234498bbdcc80f2c469606f948ac8" [[package]] name = "serde" -version = "1.0.196" +version = "1.0.203" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "870026e60fa08c69f064aa766c10f10b1d62db9ccd4d0abb206472bee0ce3b32" +checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" dependencies = [ "serde_derive", ] @@ -5382,7 +5352,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3a1a3341211875ef120e117ea7fd5228530ae7e7036a779fdc9117be6b3282c" dependencies = [ "ordered-float 2.10.1", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5391,14 +5361,14 @@ version = "0.11.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b8497c313fd43ab992087548117643f6fcd935cbf36f176ffda0aacf9591734" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] name = "serde_derive" -version = "1.0.196" +version = "1.0.203" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33c85360c95e7d137454dc81d9a4ed2b8efd8fbe19cee57357b32b9771fccb67" +checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", @@ -5407,13 +5377,13 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.113" +version = "1.0.117" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69801b70b1c3dac963ecb03a364ba0ceda9cf60c71cfe475e99864759c8b8a79" +checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3" dependencies = [ "itoa", "ryu", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5423,7 +5393,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "af99884400da37c88f5e9146b7f1fd0fbcae8f6eec4e9da38b67d05486f814a6" dependencies = [ "itoa", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5433,7 +5403,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c7715380eec75f029a4ef7de39a9200e0a63823176b759d055b613f5a87df6a6" dependencies = [ "percent-encoding", - "serde 1.0.196", + "serde 1.0.203", "thiserror", ] @@ -5454,7 +5424,7 @@ version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "79e674e01f999af37c49f70a6ede167a8a60b2503e56c5599532a65baa5969a0" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5466,7 +5436,7 @@ dependencies = [ "form_urlencoded", "itoa", "ryu", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5480,7 +5450,7 @@ dependencies = [ "hex", "indexmap 1.9.3", "indexmap 2.2.6", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "serde_with_macros", @@ -5508,7 +5478,7 @@ dependencies = [ "indexmap 2.2.6", "itoa", "ryu", - "serde 1.0.196", + "serde 1.0.203", "unsafe-libyaml", ] @@ -5657,7 +5627,7 @@ version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -5705,7 +5675,7 @@ dependencies = [ "anyhow", "async-trait", "ouroboros", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "spin-core", "spin-locked-app", @@ -5769,7 +5739,7 @@ dependencies = [ "async-trait", "dotenvy", "once_cell", - "serde 1.0.196", + "serde 1.0.203", "spin-locked-app", "thiserror", ] @@ -5795,7 +5765,7 @@ dependencies = [ "anyhow", "azure_data_cosmos", "futures", - "serde 1.0.196", + "serde 1.0.203", "spin-core", "spin-key-value", "tokio", @@ -5851,7 +5821,7 @@ dependencies = [ "http 0.2.11", "llm", "reqwest 0.11.24", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "spin-core", "spin-llm", @@ -5880,7 +5850,7 @@ dependencies = [ "regex", "reqwest 0.11.24", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "shellexpand 3.1.0", @@ -5906,7 +5876,7 @@ dependencies = [ "anyhow", "async-trait", "ouroboros", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "spin-serde", "thiserror", @@ -5919,7 +5889,7 @@ dependencies = [ "anyhow", "indexmap 1.9.3", "semver", - "serde 1.0.196", + "serde 1.0.203", "spin-serde", "terminal", "thiserror", @@ -5947,7 +5917,7 @@ name = "spin-serde" version = "2.7.0-pre0" dependencies = [ "base64 0.21.7", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -6023,6 +5993,7 @@ dependencies = [ "ctrlc", "dirs 4.0.0", "futures", + "http 1.1.0", "indexmap 1.9.3", "ipnet", "outbound-http", @@ -6030,8 +6001,10 @@ dependencies = [ "outbound-mysql", "outbound-pg", "outbound-redis", + "rustls-pemfile 2.1.2", + "rustls-pki-types", "sanitize-filename", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "spin-app", "spin-common", @@ -6047,6 +6020,7 @@ dependencies = [ "spin-loader", "spin-manifest", "spin-outbound-networking", + "spin-serde", "spin-sqlite", "spin-sqlite-inproc", "spin-sqlite-libsql", @@ -6074,7 +6048,7 @@ dependencies = [ "azure_security_keyvault", "dotenvy", "once_cell", - "serde 1.0.196", + "serde 1.0.203", "spin-app", "spin-core", "spin-expressions", @@ -6110,7 +6084,7 @@ checksum = "5851699c4033c63636f7ea4cf7b7c1f1bf06d0cc03cfb42e711de5a5c46cf326" dependencies = [ "base64 0.13.1", "nom 7.1.3", - "serde 1.0.196", + "serde 1.0.203", "unicode-segmentation", ] @@ -6357,7 +6331,7 @@ dependencies = [ "num-conv", "num_threads", "powerfmt", - "serde 1.0.196", + "serde 1.0.203", "time-core", "time-macros", ] @@ -6427,7 +6401,7 @@ dependencies = [ "regex", "regex-syntax 0.7.5", "reqwest 0.11.24", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "spm_precompiled", "thiserror", @@ -6600,7 +6574,7 @@ version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -6610,7 +6584,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6f49eb2ab21d2f26bd6db7bf383edc527a7ebaee412d17af4d40fdccd442f335" dependencies = [ "indexmap 2.2.6", - "serde 1.0.196", + "serde 1.0.203", "serde_spanned", "toml_datetime", "toml_edit 0.22.14", @@ -6622,7 +6596,7 @@ version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4badfd56924ae69bcc9039335b2e017639ce3f9b001c393c1b2d1ef846ce2cbf" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -6643,10 +6617,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f21c7aaf97f1bd9ca9d4f9e73b0a6c74bd5afef56f2bc931943a6e1c37e04e38" dependencies = [ "indexmap 2.2.6", - "serde 1.0.196", + "serde 1.0.203", "serde_spanned", "toml_datetime", - "winnow 0.6.0", + "winnow 0.6.13", ] [[package]] @@ -6776,7 +6750,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", "tracing-core", ] @@ -6790,7 +6764,7 @@ dependencies = [ "nu-ansi-term", "once_cell", "regex", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sharded-slab", "smallvec", @@ -6807,7 +6781,7 @@ dependencies = [ "anyhow", "clap 3.2.25", "futures", - "serde 1.0.196", + "serde 1.0.203", "spin-app", "spin-core", "spin-trigger", @@ -6952,7 +6926,7 @@ dependencies = [ "form_urlencoded", "idna", "percent-encoding", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -6995,7 +6969,7 @@ dependencies = [ "reqwest 0.11.24", "rustify", "rustify_derive", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "thiserror", "tracing", @@ -7047,7 +7021,7 @@ checksum = "6a22d3c9026f2f6a628cf386963844cdb7baea3b3419ba090c9096da114f977d" dependencies = [ "indexmap 2.2.6", "itertools 0.12.1", - "serde 1.0.196", + "serde 1.0.203", "serde_with", "thiserror", "warg-crypto", @@ -7079,7 +7053,7 @@ dependencies = [ "reqwest 0.12.4", "secrecy", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha256", "tempfile", @@ -7115,7 +7089,7 @@ dependencies = [ "p256", "rand_core 0.6.4", "secrecy", - "serde 1.0.196", + "serde 1.0.203", "sha2", "signature", "thiserror", @@ -7136,7 +7110,7 @@ dependencies = [ "prost-types", "protox", "regex", - "serde 1.0.196", + "serde 1.0.203", "warg-crypto", ] @@ -7154,7 +7128,7 @@ dependencies = [ "prost", "prost-types", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_with", "thiserror", "warg-crypto", @@ -7224,9 +7198,9 @@ checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b" [[package]] name = "wasm-bindgen" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1e124130aee3fb58c5bdd6b639a0509486b0338acaaae0c84a5124b0f588b7f" +checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -7234,9 +7208,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9e7e1900c352b609c8488ad12639a311045f40a35491fb69ba8c12f758af70b" +checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" dependencies = [ "bumpalo", "log", @@ -7249,9 +7223,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.41" +version = "0.4.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "877b9c3f61ceea0e56331985743b13f3d25c406a7098d45180fb5f09bc19ed97" +checksum = "76bc14366121efc8dbb487ab05bcc9d346b3b5ec0eaa76e46594cabbe51762c0" dependencies = [ "cfg-if", "js-sys", @@ -7261,9 +7235,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b30af9e2d358182b5c7449424f017eba305ed32a7010509ede96cdc4696c46ed" +checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -7271,9 +7245,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66" +checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", @@ -7284,9 +7258,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.91" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838" +checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" [[package]] name = "wasm-compose" @@ -7300,7 +7274,7 @@ dependencies = [ "indexmap 2.2.6", "log", "petgraph", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_yaml", "smallvec", @@ -7354,7 +7328,7 @@ checksum = "c31b8cc0c21f46d55b0aaa419cacce1eadcf28eaebd0e1488d6a6313ee71a586" dependencies = [ "anyhow", "indexmap 2.2.6", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "spdx", @@ -7370,7 +7344,7 @@ checksum = "4d32029ce424f6d3c2b39b4419fb45a0e2d84fb0751e0c0a32b7ce8bd5d97f46" dependencies = [ "anyhow", "indexmap 2.2.6", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "spdx", @@ -7389,7 +7363,7 @@ dependencies = [ "http 1.1.0", "reqwest 0.12.4", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "thiserror", "toml 0.8.14", @@ -7412,7 +7386,7 @@ dependencies = [ "oci-distribution", "oci-wasm", "secrecy", - "serde 1.0.196", + "serde 1.0.203", "serde_json", "sha2", "thiserror", @@ -7473,7 +7447,7 @@ dependencies = [ "hashbrown 0.14.3", "indexmap 2.2.6", "semver", - "serde 1.0.196", + "serde 1.0.203", ] [[package]] @@ -7528,7 +7502,7 @@ dependencies = [ "rayon", "rustix 0.38.31", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "smallvec", @@ -7573,7 +7547,7 @@ dependencies = [ "log", "postcard", "rustix 0.38.31", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "sha2", "toml 0.8.14", @@ -7641,7 +7615,7 @@ dependencies = [ "object 0.36.0", "postcard", "rustc-demangle", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "target-lexicon", "wasm-encoder 0.209.1", @@ -7703,7 +7677,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "412463e9000e14cf6856be48628d2213c20c153e29ffc22b036980c892ea6964" dependencies = [ "cranelift-entity", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "smallvec", "wasmparser 0.209.1", @@ -7836,9 +7810,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.68" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96565907687f7aceb35bc5fc03770a8a0471d82e479f25832f54a0e3f4b28446" +checksum = "77afa9a11836342370f4817622a2f0f418b134426d91a82dfb48f532d2ec13ef" dependencies = [ "js-sys", "wasm-bindgen", @@ -7869,18 +7843,6 @@ dependencies = [ "rustls-pki-types", ] -[[package]] -name = "which" -version = "4.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7" -dependencies = [ - "either", - "home", - "once_cell", - "rustix 0.38.31", -] - [[package]] name = "whoami" version = "1.5.1" @@ -7952,11 +7914,11 @@ checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" [[package]] name = "winapi-util" -version = "0.1.8" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d4cc384e1e73b93bafa6fb4f1df8c41695c8a91cf9c4c64358067d15a7b6c6b" +checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596" dependencies = [ - "windows-sys 0.52.0", + "winapi", ] [[package]] @@ -7984,11 +7946,11 @@ dependencies = [ [[package]] name = "windows-core" -version = "0.51.1" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1f8cf84f35d2db49a46868f947758c7a1138116f7fac3bc844f43ade1292e64" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.48.5", + "windows-targets 0.52.4", ] [[package]] @@ -8006,7 +7968,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.4", ] [[package]] @@ -8026,18 +7988,17 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "7dd37b7e5ab9018759f893a1952c9420d060016fc19a472b4bb20d1bdd694d1b" dependencies = [ - "windows_aarch64_gnullvm 0.52.5", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", - "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", - "windows_x86_64_gnullvm 0.52.5", - "windows_x86_64_msvc 0.52.5", + "windows_aarch64_gnullvm 0.52.4", + "windows_aarch64_msvc 0.52.4", + "windows_i686_gnu 0.52.4", + "windows_i686_msvc 0.52.4", + "windows_x86_64_gnu 0.52.4", + "windows_x86_64_gnullvm 0.52.4", + "windows_x86_64_msvc 0.52.4", ] [[package]] @@ -8048,9 +8009,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "bcf46cf4c365c6f2d1cc93ce535f2c8b244591df96ceee75d8e83deb70a9cac9" [[package]] name = "windows_aarch64_msvc" @@ -8060,9 +8021,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "da9f259dd3bcf6990b55bffd094c4f7235817ba4ceebde8e6d11cd0c5633b675" [[package]] name = "windows_i686_gnu" @@ -8072,15 +8033,9 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" - -[[package]] -name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "b474d8268f99e0995f25b9f095bc7434632601028cf86590aea5c8a5cb7801d3" [[package]] name = "windows_i686_msvc" @@ -8090,9 +8045,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "1515e9a29e5bed743cb4415a9ecf5dfca648ce85ee42e15873c3cd8610ff8e02" [[package]] name = "windows_x86_64_gnu" @@ -8102,9 +8057,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "5eee091590e89cc02ad514ffe3ead9eb6b660aedca2183455434b93546371a03" [[package]] name = "windows_x86_64_gnullvm" @@ -8114,9 +8069,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "77ca79f2451b49fa9e2af39f0747fe999fcda4f5e241b2898624dca97a1f2177" [[package]] name = "windows_x86_64_msvc" @@ -8126,9 +8081,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "32b752e52a2da0ddfbdbcc6fceadfeede4c939ed16d13e648833a61dfb611ed8" [[package]] name = "winnow" @@ -8141,9 +8096,9 @@ dependencies = [ [[package]] name = "winnow" -version = "0.6.0" +version = "0.6.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b1dbce9e90e5404c5a52ed82b1d13fc8cfbdad85033b6f57546ffd1265f8451" +checksum = "59b5e5f6c299a3c7890b876a2a587f3115162487e704907d9b6cd29473052ba1" dependencies = [ "memchr", ] @@ -8188,7 +8143,7 @@ dependencies = [ "bitflags 2.4.2", "indexmap 2.2.6", "log", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "wasm-encoder 0.200.0", @@ -8207,7 +8162,7 @@ dependencies = [ "bitflags 2.4.2", "indexmap 2.2.6", "log", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "wasm-encoder 0.209.1", @@ -8227,7 +8182,7 @@ dependencies = [ "indexmap 2.2.6", "log", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "unicode-xid", @@ -8245,7 +8200,7 @@ dependencies = [ "indexmap 2.2.6", "log", "semver", - "serde 1.0.196", + "serde 1.0.203", "serde_derive", "serde_json", "unicode-xid", @@ -8277,12 +8232,12 @@ dependencies = [ [[package]] name = "xdg-home" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21e5a325c3cb8398ad6cf859c1135b25dd29e186679cf2da7581d9679f63b38e" +checksum = "ca91dcf8f93db085f3a0a29358cd0b9d670915468f4290e8b85d118a34211ab8" dependencies = [ "libc", - "winapi", + "windows-sys 0.52.0", ] [[package]] @@ -8296,9 +8251,9 @@ dependencies = [ [[package]] name = "yansi" -version = "1.0.0-rc.1" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1367295b8f788d371ce2dbc842c7b709c73ee1364d30351dd300ec2203b12377" +checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049" [[package]] name = "zbus" @@ -8328,7 +8283,7 @@ dependencies = [ "once_cell", "ordered-stream", "rand 0.8.5", - "serde 1.0.196", + "serde 1.0.203", "serde_repr", "sha1 0.10.6", "static_assertions", @@ -8361,7 +8316,7 @@ version = "2.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "437d738d3750bed6ca9b8d423ccc7a8eb284f6b1d6d4e225a0e4e6258d864c8d" dependencies = [ - "serde 1.0.196", + "serde 1.0.203", "static_assertions", "zvariant", ] @@ -8398,7 +8353,7 @@ version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" dependencies = [ - "aes 0.8.4", + "aes", "byteorder", "bzip2", "constant_time_eq", @@ -8487,7 +8442,7 @@ dependencies = [ "byteorder", "enumflags2", "libc", - "serde 1.0.196", + "serde 1.0.203", "static_assertions", "zvariant_derive", ]