From 4ba0db4e9e467261256bf0aa380585c751358066 Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Fri, 15 Jul 2022 15:20:25 +0200 Subject: [PATCH] migration_tool: Switch from OpenSSL to Rustls --- Cargo.lock | 329 +++++++++++++++++++++++++----------- migration-tool/Cargo.toml | 17 +- migration-tool/src/lldap.rs | 15 +- 3 files changed, 249 insertions(+), 112 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1d6725e..013ed1d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -387,6 +387,45 @@ version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "619743e34b5ba4e9703bba34deac3427c72507c7159f5fd030aea8cac0cfe341" +[[package]] +name = "asn1-rs" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30ff05a702273012438132f449575dbc804e27b2f3cbe3069aa237d26c98fa33" +dependencies = [ + "asn1-rs-derive", + "asn1-rs-impl", + "displaydoc 0.2.3", + "nom 7.1.1", + "num-traits", + "rusticata-macros", + "thiserror", + "time 0.3.11", +] + +[[package]] +name = "asn1-rs-derive" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db8b7511298d5b7784b40b092d9e9dcd3a627a5707e4b5e507931ab0d44eeebf" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "asn1-rs-impl" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2777730b2039ac0f95f093556e61b6d26cebed5393ca6f152717777cec3a42ed" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "async-trait" version = "0.1.56" @@ -915,6 +954,12 @@ dependencies = [ "syn", ] +[[package]] +name = "data-encoding" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" + [[package]] name = "der" version = "0.4.5" @@ -925,6 +970,20 @@ dependencies = [ "crypto-bigint", ] +[[package]] +name = "der-parser" +version = "7.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe398ac75057914d7d07307bf67dc7f3f574a26783b4fc7805a20ffa9f506e82" +dependencies = [ + "asn1-rs", + "displaydoc 0.2.3", + "nom 7.1.1", + "num-bigint 0.4.3", + "num-traits", + "rusticata-macros", +] + [[package]] name = "derive_builder" version = "0.10.2" @@ -1032,6 +1091,17 @@ dependencies = [ "syn", ] +[[package]] +name = "displaydoc" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3bf95dc3f046b9da4f2d51833c0d3547d8564ef6910f5c1ed130306a75b92886" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "dotenv" version = "0.15.0" @@ -1163,21 +1233,6 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" -[[package]] -name = "foreign-types" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" -dependencies = [ - "foreign-types-shared", -] - -[[package]] -name = "foreign-types-shared" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" - [[package]] name = "form_urlencoded" version = "1.0.1" @@ -1437,13 +1492,35 @@ dependencies = [ "thiserror", ] +[[package]] +name = "graphql-parser" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2ebc8013b4426d5b81a4364c419a95ed0b404af2b82e2457de52d9348f0e474" +dependencies = [ + "combine", + "thiserror", +] + [[package]] name = "graphql_client" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a9b58571cfc3cc42c3e8ff44fc6cfbb6c0dea17ed22d20f9d8f1efc4e8209a3f" dependencies = [ - "graphql_query_derive", + "graphql_query_derive 0.10.0", + "serde", + "serde_json", +] + +[[package]] +name = "graphql_client" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fc16d75d169fddb720d8f1c7aed6413e329e1584079b9734ff07266a193f5bc" +dependencies = [ + "graphql_query_derive 0.11.0", + "reqwest", "serde", "serde_json", ] @@ -1465,13 +1542,41 @@ dependencies = [ "syn", ] +[[package]] +name = "graphql_client_codegen" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f290ecfa3bea3e8a157899dc8a1d96ee7dd6405c18c8ddd213fc58939d18a0e9" +dependencies = [ + "graphql-introspection-query", + "graphql-parser 0.4.0", + "heck 0.4.0", + "lazy_static", + "proc-macro2", + "quote", + "serde", + "serde_json", + "syn", +] + [[package]] name = "graphql_query_derive" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e56b093bfda71de1da99758b036f4cc811fd2511c8a76f75680e9ffbd2bb4251" dependencies = [ - "graphql_client_codegen", + "graphql_client_codegen 0.10.0", + "proc-macro2", + "syn", +] + +[[package]] +name = "graphql_query_derive" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a755cc59cda2641ea3037b4f9f7ef40471c329f55c1fa2db6fa0bb7ae6c1f7ce" +dependencies = [ + "graphql_client_codegen 0.11.0", "proc-macro2", "syn", ] @@ -1644,16 +1749,16 @@ dependencies = [ ] [[package]] -name = "hyper-tls" -version = "0.5.0" +name = "hyper-rustls" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac" dependencies = [ - "bytes", + "http", "hyper", - "native-tls", + "rustls 0.20.6", "tokio", - "tokio-native-tls", + "tokio-rustls 0.23.4", ] [[package]] @@ -1857,15 +1962,18 @@ dependencies = [ "lazy_static", "lber", "log", - "native-tls", "nom 2.2.1", "percent-encoding", + "ring", + "rustls 0.20.6", + "rustls-native-certs", "thiserror", "tokio", - "tokio-native-tls", + "tokio-rustls 0.23.4", "tokio-stream", "tokio-util 0.7.3", "url", + "x509-parser", ] [[package]] @@ -2018,7 +2126,7 @@ version = "0.4.0" dependencies = [ "anyhow", "chrono", - "graphql_client", + "graphql_client 0.10.0", "http", "indexmap", "jwt", @@ -2134,7 +2242,7 @@ name = "migration-tool" version = "0.3.0-alpha.1" dependencies = [ "anyhow", - "graphql_client", + "graphql_client 0.11.0", "ldap3", "lldap_auth", "rand 0.8.5", @@ -2237,24 +2345,6 @@ dependencies = [ "syn", ] -[[package]] -name = "native-tls" -version = "0.2.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd7e2f3618557f980e0b17e8856252eee3c97fa12c54dff0ca290fb6266ca4a9" -dependencies = [ - "lazy_static", - "libc", - "log", - "openssl", - "openssl-probe", - "openssl-sys", - "schannel", - "security-framework", - "security-framework-sys", - "tempfile", -] - [[package]] name = "nom" version = "2.2.1" @@ -2308,6 +2398,17 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +dependencies = [ + "autocfg 1.1.0", + "num-integer", + "num-traits", +] + [[package]] name = "num-bigint-dig" version = "0.7.0" @@ -2367,6 +2468,15 @@ dependencies = [ "libc", ] +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + [[package]] name = "object" version = "0.28.4" @@ -2376,6 +2486,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "oid-registry" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38e20717fa0541f39bd146692035c37bedfa532b3e5071b35761082407546b2a" +dependencies = [ + "asn1-rs", +] + [[package]] name = "once_cell" version = "1.12.0" @@ -2397,7 +2516,7 @@ dependencies = [ "base64", "curve25519-dalek", "digest", - "displaydoc", + "displaydoc 0.1.7", "generic-array", "generic-bytes", "hkdf", @@ -2409,51 +2528,12 @@ dependencies = [ "zeroize", ] -[[package]] -name = "openssl" -version = "0.10.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb81a6430ac911acb25fe5ac8f1d2af1b4ea8a4fdfda0f1ee4292af2e2d8eb0e" -dependencies = [ - "bitflags", - "cfg-if", - "foreign-types", - "libc", - "once_cell", - "openssl-macros", - "openssl-sys", -] - -[[package]] -name = "openssl-macros" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "openssl-probe" version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" -[[package]] -name = "openssl-sys" -version = "0.9.74" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1" -dependencies = [ - "autocfg 1.1.0", - "cc", - "libc", - "pkg-config", - "vcpkg", -] - [[package]] name = "orion" version = "0.16.1" @@ -2893,25 +2973,27 @@ dependencies = [ "http", "http-body", "hyper", - "hyper-tls", + "hyper-rustls", "ipnet", "js-sys", "lazy_static", "log", "mime", - "native-tls", "percent-encoding", "pin-project-lite", + "rustls 0.20.6", + "rustls-pemfile", "serde", "serde_json", "serde_urlencoded", "tokio", - "tokio-native-tls", + "tokio-rustls 0.23.4", "tower-service", "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", + "webpki-roots 0.22.4", "winreg", ] @@ -2986,6 +3068,15 @@ dependencies = [ "semver 1.0.12", ] +[[package]] +name = "rusticata-macros" +version = "4.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632" +dependencies = [ + "nom 7.1.1", +] + [[package]] name = "rustls" version = "0.19.1" @@ -3011,6 +3102,18 @@ dependencies = [ "webpki 0.22.0", ] +[[package]] +name = "rustls-native-certs" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50" +dependencies = [ + "openssl-probe", + "rustls-pemfile", + "schannel", + "security-framework", +] + [[package]] name = "rustls-pemfile" version = "1.0.0" @@ -3402,7 +3505,7 @@ dependencies = [ "log", "md-5", "memchr", - "num-bigint", + "num-bigint 0.3.3", "once_cell", "paste", "percent-encoding", @@ -3655,11 +3758,23 @@ dependencies = [ "libc", "standback", "stdweb", - "time-macros", + "time-macros 0.1.1", "version_check", "winapi", ] +[[package]] +name = "time" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72c91f41dcb2f096c05f0873d667dceec1087ce5bcf984ec8ffb19acddbb3217" +dependencies = [ + "itoa 1.0.2", + "libc", + "num_threads", + "time-macros 0.2.4", +] + [[package]] name = "time-macros" version = "0.1.1" @@ -3670,6 +3785,12 @@ dependencies = [ "time-macros-impl", ] +[[package]] +name = "time-macros" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" + [[package]] name = "time-macros-impl" version = "0.1.2" @@ -3729,16 +3850,6 @@ dependencies = [ "syn", ] -[[package]] -name = "tokio-native-tls" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7d995660bd2b7f8c1568414c1126076c13fbb725c40112dc0120b78eb9b717b" -dependencies = [ - "native-tls", - "tokio", -] - [[package]] name = "tokio-rustls" version = "0.22.0" @@ -4338,6 +4449,24 @@ dependencies = [ "winapi", ] +[[package]] +name = "x509-parser" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fb9bace5b5589ffead1afb76e43e34cff39cd0f3ce7e170ae0c29e53b88eb1c" +dependencies = [ + "asn1-rs", + "base64", + "data-encoding", + "der-parser", + "lazy_static", + "nom 7.1.1", + "oid-registry", + "rusticata-macros", + "thiserror", + "time 0.3.11", +] + [[package]] name = "yansi" version = "0.5.1" diff --git a/migration-tool/Cargo.toml b/migration-tool/Cargo.toml index 22ac40f..ab400f5 100644 --- a/migration-tool/Cargo.toml +++ b/migration-tool/Cargo.toml @@ -6,8 +6,6 @@ authors = ["Valentin Tolmer "] [dependencies] anyhow = "*" -graphql_client = "0.10" -ldap3 = "*" rand = "0.8" requestty = "*" serde = "1" @@ -16,8 +14,19 @@ smallvec = "*" [dependencies.lldap_auth] path = "../auth" -features = [ "opaque_client" ] +features = ["opaque_client"] + +[dependencies.graphql_client] +features = ["graphql_query_derive", "reqwest-rustls"] +default-features = false +version = "0.11" [dependencies.reqwest] version = "*" -features = [ "json", "blocking" ] +default-features = false +features = ["json", "blocking", "rustls-tls"] + +[dependencies.ldap3] +version = "*" +default-features = false +features = ["sync", "tls-rustls"] diff --git a/migration-tool/src/lldap.rs b/migration-tool/src/lldap.rs index 1a9ab2b..1ba3bd9 100644 --- a/migration-tool/src/lldap.rs +++ b/migration-tool/src/lldap.rs @@ -30,7 +30,7 @@ impl GraphQLClient { where QueryType: GraphQLQuery + 'static, { - let unwrap_graphql_response = |graphql_client::Response { data, errors }| { + let unwrap_graphql_response = |graphql_client::Response { data, errors, .. }| { data.ok_or_else(|| { anyhow!( "Errors: [{}]", @@ -69,13 +69,12 @@ pub struct User { impl User { // https://github.com/graphql-rust/graphql-client/issues/386 - #[allow(non_snake_case)] pub fn new( id: String, email: String, - displayName: Option, - firstName: Option, - lastName: Option, + display_name: Option, + first_name: Option, + last_name: Option, password: Option, dn: String, ) -> User { @@ -83,9 +82,9 @@ impl User { user_input: create_user::CreateUserInput { id, email, - displayName, - firstName, - lastName, + display_name, + first_name, + last_name, }, password, dn,