update ws dependencies as well as http rustls dependency

2026-03-31 17:55:36 +00:00 · 2024-01-07 10:40:50 +01:00 · 2024-01-07 10:40:50 +01:00 · 3042539101
commit 3042539101
parent 071f088d8b
16 changed files with 499 additions and 295 deletions
--- a/crates/http_load_test/Cargo.toml
+++ b/crates/http_load_test/Cargo.toml
@ -21,14 +21,14 @@ aquatic_toml_config.workspace = true
 anyhow = "1"
 futures = "0.3"
 futures-lite = "1"
-futures-rustls = "0.24"
+futures-rustls = "0.25"
 hashbrown = "0.14"
 glommio = "0.8"
 log = "0.4"
 mimalloc = { version = "0.1", default-features = false }
 rand = { version = "0.8", features = ["small_rng"] }
 rand_distr = "0.4"
-rustls = { version = "0.21", default-features = false, features = ["logging", "dangerous_configuration"] } # TLS 1.2 disabled
+rustls = { version = "0.22", default-features = false, features = ["logging"] } # TLS 1.2 disabled
 serde = { version = "1", features = ["derive"] }

 [dev-dependencies]
--- a/crates/http_load_test/src/common.rs
+++ b/crates/http_load_test/src/common.rs
@ -4,7 +4,6 @@ use rand_distr::Gamma;

 pub use aquatic_http_protocol::common::*;
 pub use aquatic_http_protocol::request::*;
-pub use aquatic_http_protocol::response::*;

 #[derive(PartialEq, Eq, Clone)]
 pub struct TorrentPeer {
--- a/crates/http_load_test/src/main.rs
+++ b/crates/http_load_test/src/main.rs
@ -180,25 +180,53 @@ fn monitor_statistics(state: LoadTestState, config: &Config) {
    }
 }

+#[derive(Debug)]
 struct FakeCertificateVerifier;

-impl rustls::client::ServerCertVerifier for FakeCertificateVerifier {
+impl rustls::client::danger::ServerCertVerifier for FakeCertificateVerifier {
    fn verify_server_cert(
        &self,
-        _end_entity: &rustls::Certificate,
-        _intermediates: &[rustls::Certificate],
-        _server_name: &rustls::ServerName,
-        _scts: &mut dyn Iterator<Item = &[u8]>,
+        _end_entity: &rustls::pki_types::CertificateDer<'_>,
+        _intermediates: &[rustls::pki_types::CertificateDer<'_>],
+        _server_name: &rustls::pki_types::ServerName<'_>,
        _ocsp_response: &[u8],
-        _now: std::time::SystemTime,
-    ) -> Result<rustls::client::ServerCertVerified, rustls::Error> {
-        Ok(rustls::client::ServerCertVerified::assertion())
+        _now: rustls::pki_types::UnixTime,
+    ) -> Result<rustls::client::danger::ServerCertVerified, rustls::Error> {
+        Ok(rustls::client::danger::ServerCertVerified::assertion())
+    }
+
+    fn verify_tls12_signature(
+        &self,
+        _message: &[u8],
+        _cert: &rustls::pki_types::CertificateDer<'_>,
+        _dss: &rustls::DigitallySignedStruct,
+    ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
+        Ok(rustls::client::danger::HandshakeSignatureValid::assertion())
+    }
+
+    fn verify_tls13_signature(
+        &self,
+        _message: &[u8],
+        _cert: &rustls::pki_types::CertificateDer<'_>,
+        _dss: &rustls::DigitallySignedStruct,
+    ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
+        Ok(rustls::client::danger::HandshakeSignatureValid::assertion())
+    }
+
+    fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> {
+        vec![
+            rustls::SignatureScheme::ECDSA_NISTP384_SHA384,
+            rustls::SignatureScheme::ECDSA_NISTP256_SHA256,
+            rustls::SignatureScheme::RSA_PSS_SHA512,
+            rustls::SignatureScheme::RSA_PSS_SHA384,
+            rustls::SignatureScheme::RSA_PSS_SHA256,
+            rustls::SignatureScheme::ED25519,
+        ]
    }
 }

 fn create_tls_config() -> anyhow::Result<Arc<rustls::ClientConfig>> {
    let mut config = rustls::ClientConfig::builder()
-        .with_safe_defaults()
        .with_root_certificates(rustls::RootCertStore::empty())
        .with_no_client_auth();