diff --git a/Cargo.lock b/Cargo.lock --- a/Cargo.lock +++ b/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "actix" @@ -514,9 +514,9 @@ [[package]] name = "anyhow" -version = "1.0.86" +version = "1.0.97" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" +checksum = "dcfed56ad506cb2c684a14971b8861fdc3baaaae314b9e5f9bb532cbe3ba7a4f" [[package]] name = "argon2" @@ -530,6 +530,18 @@ "password-hash", ] +[[package]] +name = "arrayref" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb" + +[[package]] +name = "arrayvec" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" + [[package]] name = "asn1-rs" version = "0.6.1" @@ -1385,9 +1397,9 @@ [[package]] name = "binstring" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e0d60973d9320722cb1206f412740e162a33b8547ea8d6be75d7cff237c7a85" +checksum = "ed79c2a8151273c70956b5e3cdfdc1ff6c1a8b9779ba59c6807d281b32ee2f86" [[package]] name = "bitflags" @@ -1410,6 +1422,17 @@ "digest 0.10.7", ] +[[package]] +name = "blake2b_simd" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06e903a20b159e944f91ec8499fe1e55651480c541ea0a584f5d967c49ad9d99" +dependencies = [ + "arrayref", + "arrayvec", + "constant_time_eq 0.3.0", +] + [[package]] name = "blob" version = "1.0.0" @@ -1686,9 +1709,9 @@ [[package]] name = "coarsetime" -version = "0.1.34" +version = "0.1.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13b3839cf01bb7960114be3ccf2340f541b6d0c81f8690b007b2b39f750f7e5d" +checksum = "91849686042de1b41cd81490edc83afbcb0abe5a9b6f2c4114f23ce8cca1bcf4" dependencies = [ "libc", "wasix", @@ -1944,9 +1967,9 @@ [[package]] name = "ct-codecs" -version = "1.1.1" +version = "1.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3b7eb4404b8195a9abb6356f4ac07d8ba267045c8d6d220ac4dc992e6cc75df" +checksum = "b916ba8ce9e4182696896f015e8a5ae6081b305f74690baa8465e35f5a142ea4" [[package]] name = "ctor" @@ -2065,7 +2088,6 @@ checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" dependencies = [ "const-oid 0.9.6", - "pem-rfc7468 0.6.0", "zeroize", ] @@ -2078,7 +2100,7 @@ "const-oid 0.9.6", "der_derive 0.7.2", "flagset", - "pem-rfc7468 0.7.0", + "pem-rfc7468", "zeroize", ] @@ -2322,7 +2344,7 @@ "generic-array", "group 0.13.0", "hkdf", - "pem-rfc7468 0.7.0", + "pem-rfc7468", "pkcs8 0.10.2", "rand_core 0.6.4", "sec1 0.7.3", @@ -2829,24 +2851,24 @@ [[package]] name = "hmac-sha1-compact" -version = "1.1.4" +version = "1.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dff9d405ec732fa3fcde87264e54a32a84956a377b3e3107de96e59b798c84a7" +checksum = "18492c9f6f9a560e0d346369b665ad2bdbc89fa9bceca75796584e79042694c3" [[package]] name = "hmac-sha256" -version = "1.1.7" +version = "1.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3688e69b38018fec1557254f64c8dc2cc8ec502890182f395dbb0aa997aa5735" +checksum = "4a8575493d277c9092b988c780c94737fb9fd8651a1001e16bee3eccfc1baedb" dependencies = [ "digest 0.10.7", ] [[package]] name = "hmac-sha512" -version = "1.1.5" +version = "1.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e4ce1f4656bae589a3fab938f9f09bf58645b7ed01a2c5f8a3c238e01a4ef78a" +checksum = "b0b3a0f572aa8389d325f5852b9e0a333a15b0f86ecccbb3fdb6e97cd86dc67c" dependencies = [ "digest 0.10.7", ] @@ -3291,12 +3313,13 @@ [[package]] name = "jwt-simple" -version = "0.11.9" +version = "0.12.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "357892bb32159d763abdea50733fadcb9a8e1c319a9aa77592db8555d05af83e" +checksum = "731011e9647a71ff4f8474176ff6ce6e0d2de87a0173f15613af3a84c3e3401a" dependencies = [ "anyhow", "binstring", + "blake2b_simd", "coarsetime", "ct-codecs", "ed25519-compact", @@ -3307,19 +3330,18 @@ "p256 0.13.2", "p384", "rand 0.8.5", - "rsa", "serde", "serde_json", - "spki 0.6.0", - "thiserror 1.0.61", + "superboring", + "thiserror 2.0.12", "zeroize", ] [[package]] name = "k256" -version = "0.13.3" +version = "0.13.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "956ff9b67e26e1a6a866cb758f12c6f8746208489e3e4a4b5580802f2f0a587b" +checksum = "f6e3919bbaa2945715f0bb6d3934a173d1e9a59ac23767fbaaef277265a7411b" dependencies = [ "cfg-if", "ecdsa 0.16.9", @@ -3904,9 +3926,9 @@ [[package]] name = "p384" -version = "0.13.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209" +checksum = "fe42f1670a52a47d448f14b6a5c61dd78fce51856e68edaa38f7ae3a46b8d6b6" dependencies = [ "ecdsa 0.16.9", "elliptic-curve 0.13.8", @@ -3987,15 +4009,6 @@ "regex", ] -[[package]] -name = "pem" -version = "1.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8" -dependencies = [ - "base64 0.13.1", -] - [[package]] name = "pem" version = "3.0.4" @@ -4006,15 +4019,6 @@ "serde", ] -[[package]] -name = "pem-rfc7468" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24d159833a9105500e0398934e205e0773f0b27529557134ecfc51c27646adac" -dependencies = [ - "base64ct", -] - [[package]] name = "pem-rfc7468" version = "0.7.0" @@ -4097,14 +4101,13 @@ [[package]] name = "pkcs1" -version = "0.4.1" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719" +checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" dependencies = [ - "der 0.6.1", - "pkcs8 0.9.0", - "spki 0.6.0", - "zeroize", + "der 0.7.9", + "pkcs8 0.10.2", + "spki 0.7.3", ] [[package]] @@ -4365,7 +4368,7 @@ "rustc-hash 2.0.0", "rustls 0.23.7", "socket2 0.5.7", - "thiserror 2.0.3", + "thiserror 2.0.12", "tokio", "tracing", ] @@ -4384,7 +4387,7 @@ "rustls 0.23.7", "rustls-pki-types", "slab", - "thiserror 2.0.3", + "thiserror 2.0.12", "tinyvec", "tracing", "web-time", @@ -4735,21 +4738,21 @@ [[package]] name = "rsa" -version = "0.7.2" +version = "0.9.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "094052d5470cbcef561cb848a7209968c9f12dfa6d668f4bca048ac5de51099c" +checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b" dependencies = [ - "byteorder", + "const-oid 0.9.6", "digest 0.10.7", "num-bigint-dig", "num-integer", - "num-iter", "num-traits", "pkcs1", - "pkcs8 0.9.0", + "pkcs8 0.10.2", "rand_core 0.6.4", - "signature 1.6.4", - "smallvec", + "sha2 0.10.8", + "signature 2.2.0", + "spki 0.7.3", "subtle", "zeroize", ] @@ -5090,9 +5093,9 @@ [[package]] name = "serde" -version = "1.0.202" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "226b61a0d411b2ba5ff6d7f73a476ac4f8bb900373459cd00fab8512828ba395" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" dependencies = [ "serde_derive", ] @@ -5110,9 +5113,9 @@ [[package]] name = "serde_derive" -version = "1.0.202" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6048858004bcff69094cd972ed40a32500f153bd3be9f716b2eed2e8217c4838" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" dependencies = [ "proc-macro2", "quote", @@ -5121,11 +5124,12 @@ [[package]] name = "serde_json" -version = "1.0.117" +version = "1.0.140" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3" +checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373" dependencies = [ "itoa", + "memchr", "ryu", "serde", ] @@ -5361,6 +5365,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" +[[package]] +name = "superboring" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "515cce34a781d7250b8a65706e0f2a5b99236ea605cb235d4baed6685820478f" +dependencies = [ + "getrandom 0.2.15", + "hmac-sha256", + "hmac-sha512", + "rand 0.8.5", + "rsa", +] + [[package]] name = "syn" version = "1.0.109" @@ -5474,11 +5491,11 @@ [[package]] name = "thiserror" -version = "2.0.3" +version = "2.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c006c85c7651b3cf2ada4584faa36773bd07bac24acfb39f3c431b36d7e667aa" +checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708" dependencies = [ - "thiserror-impl 2.0.3", + "thiserror-impl 2.0.12", ] [[package]] @@ -5494,9 +5511,9 @@ [[package]] name = "thiserror-impl" -version = "2.0.3" +version = "2.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f077553d607adc1caf65430528a576c757a71ed73944b66ebb58ef2bbd243568" +checksum = "7f7cf42b4507d8ea322120659672cf1b9dbb93f8f2d4ecfd6e51350ff5b17a1d" dependencies = [ "proc-macro2", "quote", @@ -6384,20 +6401,20 @@ [[package]] name = "web-push" -version = "0.10.1" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b5c5c6deab45e8820b77c9c8ae168f1ded4595767c746584bb67b9100f2b71d" +checksum = "d5c305b9ee2993ab68b7744b13ef32231d83600dd879ac8183b4c76ae31d28ac" dependencies = [ "async-trait", - "base64 0.13.1", "chrono", + "ct-codecs", "ece", "http 0.2.12", "hyper 0.14.28", "hyper-tls", "jwt-simple", "log", - "pem 1.1.1", + "pem 3.0.4", "sec1_decode", "serde", "serde_derive", diff --git a/services/tunnelbroker/Cargo.toml b/services/tunnelbroker/Cargo.toml --- a/services/tunnelbroker/Cargo.toml +++ b/services/tunnelbroker/Cargo.toml @@ -31,7 +31,7 @@ chrono = { workspace = true } uuid = { workspace = true, features = ["v4"] } jsonwebtoken = "9.3.0" -web-push = { version = "0.10", features = [ +web-push = { version = "0.11.0", features = [ "hyper-client", ], default-features = false } reqwest = { workspace = true, features = ["json", "native-tls", "rustls-tls"] } diff --git a/services/tunnelbroker/src/notifs/web_push/mod.rs b/services/tunnelbroker/src/notifs/web_push/mod.rs --- a/services/tunnelbroker/src/notifs/web_push/mod.rs +++ b/services/tunnelbroker/src/notifs/web_push/mod.rs @@ -28,10 +28,8 @@ impl WebPushClient { pub fn new(config: &WebPushConfig) -> Result { let inner_client = HyperWebPushClient::new(); - let signature_builder = VapidSignatureBuilder::from_base64_no_sub( - &config.private_key, - web_push::URL_SAFE_NO_PAD, - )?; + let signature_builder = + VapidSignatureBuilder::from_base64_no_sub(&config.private_key)?; Ok(WebPushClient { _config: config.clone(), inner_client, @@ -58,8 +56,8 @@ tokio::time::timeout(PUSH_SERVICE_REQUEST_TIMEOUT, response_future) .await - .map_err(|err| { - error::Error::WebPush(web_push::WebPushError::Other(err.to_string())) + .map_err(|_err| { + error::Error::WebPush(web_push::WebPushError::Unspecified) })??; Ok(()) diff --git a/services/tunnelbroker/src/websockets/session.rs b/services/tunnelbroker/src/websockets/session.rs --- a/services/tunnelbroker/src/websockets/session.rs +++ b/services/tunnelbroker/src/websockets/session.rs @@ -653,7 +653,8 @@ if let Err(NotifsWebPushError(web_push_error)) = &result { if matches!( web_push_error, - WebPushError::EndpointNotValid | WebPushError::EndpointNotFound + WebPushError::EndpointNotValid(_) + | WebPushError::EndpointNotFound(_) ) { if let Err(e) = self .invalidate_device_token(notif.device_id, device_token.clone())