migration_tool: Switch from OpenSSL to Rustls

This commit is contained in:
Valentin Tolmer 2022-07-15 15:20:25 +02:00 committed by nitnelave
parent 5e4ed9ee17
commit 4ba0db4e9e
3 changed files with 249 additions and 112 deletions

329
Cargo.lock generated
View File

@ -387,6 +387,45 @@ version = "0.10.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "619743e34b5ba4e9703bba34deac3427c72507c7159f5fd030aea8cac0cfe341" checksum = "619743e34b5ba4e9703bba34deac3427c72507c7159f5fd030aea8cac0cfe341"
[[package]]
name = "asn1-rs"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30ff05a702273012438132f449575dbc804e27b2f3cbe3069aa237d26c98fa33"
dependencies = [
"asn1-rs-derive",
"asn1-rs-impl",
"displaydoc 0.2.3",
"nom 7.1.1",
"num-traits",
"rusticata-macros",
"thiserror",
"time 0.3.11",
]
[[package]]
name = "asn1-rs-derive"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "db8b7511298d5b7784b40b092d9e9dcd3a627a5707e4b5e507931ab0d44eeebf"
dependencies = [
"proc-macro2",
"quote",
"syn",
"synstructure",
]
[[package]]
name = "asn1-rs-impl"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2777730b2039ac0f95f093556e61b6d26cebed5393ca6f152717777cec3a42ed"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "async-trait" name = "async-trait"
version = "0.1.56" version = "0.1.56"
@ -915,6 +954,12 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "data-encoding"
version = "2.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57"
[[package]] [[package]]
name = "der" name = "der"
version = "0.4.5" version = "0.4.5"
@ -925,6 +970,20 @@ dependencies = [
"crypto-bigint", "crypto-bigint",
] ]
[[package]]
name = "der-parser"
version = "7.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe398ac75057914d7d07307bf67dc7f3f574a26783b4fc7805a20ffa9f506e82"
dependencies = [
"asn1-rs",
"displaydoc 0.2.3",
"nom 7.1.1",
"num-bigint 0.4.3",
"num-traits",
"rusticata-macros",
]
[[package]] [[package]]
name = "derive_builder" name = "derive_builder"
version = "0.10.2" version = "0.10.2"
@ -1032,6 +1091,17 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "displaydoc"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3bf95dc3f046b9da4f2d51833c0d3547d8564ef6910f5c1ed130306a75b92886"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "dotenv" name = "dotenv"
version = "0.15.0" version = "0.15.0"
@ -1163,21 +1233,6 @@ version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
[[package]]
name = "foreign-types"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
dependencies = [
"foreign-types-shared",
]
[[package]]
name = "foreign-types-shared"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
[[package]] [[package]]
name = "form_urlencoded" name = "form_urlencoded"
version = "1.0.1" version = "1.0.1"
@ -1437,13 +1492,35 @@ dependencies = [
"thiserror", "thiserror",
] ]
[[package]]
name = "graphql-parser"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d2ebc8013b4426d5b81a4364c419a95ed0b404af2b82e2457de52d9348f0e474"
dependencies = [
"combine",
"thiserror",
]
[[package]] [[package]]
name = "graphql_client" name = "graphql_client"
version = "0.10.0" version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a9b58571cfc3cc42c3e8ff44fc6cfbb6c0dea17ed22d20f9d8f1efc4e8209a3f" checksum = "a9b58571cfc3cc42c3e8ff44fc6cfbb6c0dea17ed22d20f9d8f1efc4e8209a3f"
dependencies = [ dependencies = [
"graphql_query_derive", "graphql_query_derive 0.10.0",
"serde",
"serde_json",
]
[[package]]
name = "graphql_client"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7fc16d75d169fddb720d8f1c7aed6413e329e1584079b9734ff07266a193f5bc"
dependencies = [
"graphql_query_derive 0.11.0",
"reqwest",
"serde", "serde",
"serde_json", "serde_json",
] ]
@ -1465,13 +1542,41 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "graphql_client_codegen"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f290ecfa3bea3e8a157899dc8a1d96ee7dd6405c18c8ddd213fc58939d18a0e9"
dependencies = [
"graphql-introspection-query",
"graphql-parser 0.4.0",
"heck 0.4.0",
"lazy_static",
"proc-macro2",
"quote",
"serde",
"serde_json",
"syn",
]
[[package]] [[package]]
name = "graphql_query_derive" name = "graphql_query_derive"
version = "0.10.0" version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e56b093bfda71de1da99758b036f4cc811fd2511c8a76f75680e9ffbd2bb4251" checksum = "e56b093bfda71de1da99758b036f4cc811fd2511c8a76f75680e9ffbd2bb4251"
dependencies = [ dependencies = [
"graphql_client_codegen", "graphql_client_codegen 0.10.0",
"proc-macro2",
"syn",
]
[[package]]
name = "graphql_query_derive"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a755cc59cda2641ea3037b4f9f7ef40471c329f55c1fa2db6fa0bb7ae6c1f7ce"
dependencies = [
"graphql_client_codegen 0.11.0",
"proc-macro2", "proc-macro2",
"syn", "syn",
] ]
@ -1644,16 +1749,16 @@ dependencies = [
] ]
[[package]] [[package]]
name = "hyper-tls" name = "hyper-rustls"
version = "0.5.0" version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac"
dependencies = [ dependencies = [
"bytes", "http",
"hyper", "hyper",
"native-tls", "rustls 0.20.6",
"tokio", "tokio",
"tokio-native-tls", "tokio-rustls 0.23.4",
] ]
[[package]] [[package]]
@ -1857,15 +1962,18 @@ dependencies = [
"lazy_static", "lazy_static",
"lber", "lber",
"log", "log",
"native-tls",
"nom 2.2.1", "nom 2.2.1",
"percent-encoding", "percent-encoding",
"ring",
"rustls 0.20.6",
"rustls-native-certs",
"thiserror", "thiserror",
"tokio", "tokio",
"tokio-native-tls", "tokio-rustls 0.23.4",
"tokio-stream", "tokio-stream",
"tokio-util 0.7.3", "tokio-util 0.7.3",
"url", "url",
"x509-parser",
] ]
[[package]] [[package]]
@ -2018,7 +2126,7 @@ version = "0.4.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"chrono", "chrono",
"graphql_client", "graphql_client 0.10.0",
"http", "http",
"indexmap", "indexmap",
"jwt", "jwt",
@ -2134,7 +2242,7 @@ name = "migration-tool"
version = "0.3.0-alpha.1" version = "0.3.0-alpha.1"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"graphql_client", "graphql_client 0.11.0",
"ldap3", "ldap3",
"lldap_auth", "lldap_auth",
"rand 0.8.5", "rand 0.8.5",
@ -2237,24 +2345,6 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "native-tls"
version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fd7e2f3618557f980e0b17e8856252eee3c97fa12c54dff0ca290fb6266ca4a9"
dependencies = [
"lazy_static",
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
"security-framework",
"security-framework-sys",
"tempfile",
]
[[package]] [[package]]
name = "nom" name = "nom"
version = "2.2.1" version = "2.2.1"
@ -2308,6 +2398,17 @@ dependencies = [
"num-traits", "num-traits",
] ]
[[package]]
name = "num-bigint"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f"
dependencies = [
"autocfg 1.1.0",
"num-integer",
"num-traits",
]
[[package]] [[package]]
name = "num-bigint-dig" name = "num-bigint-dig"
version = "0.7.0" version = "0.7.0"
@ -2367,6 +2468,15 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "num_threads"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44"
dependencies = [
"libc",
]
[[package]] [[package]]
name = "object" name = "object"
version = "0.28.4" version = "0.28.4"
@ -2376,6 +2486,15 @@ dependencies = [
"memchr", "memchr",
] ]
[[package]]
name = "oid-registry"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38e20717fa0541f39bd146692035c37bedfa532b3e5071b35761082407546b2a"
dependencies = [
"asn1-rs",
]
[[package]] [[package]]
name = "once_cell" name = "once_cell"
version = "1.12.0" version = "1.12.0"
@ -2397,7 +2516,7 @@ dependencies = [
"base64", "base64",
"curve25519-dalek", "curve25519-dalek",
"digest", "digest",
"displaydoc", "displaydoc 0.1.7",
"generic-array", "generic-array",
"generic-bytes", "generic-bytes",
"hkdf", "hkdf",
@ -2409,51 +2528,12 @@ dependencies = [
"zeroize", "zeroize",
] ]
[[package]]
name = "openssl"
version = "0.10.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb81a6430ac911acb25fe5ac8f1d2af1b4ea8a4fdfda0f1ee4292af2e2d8eb0e"
dependencies = [
"bitflags",
"cfg-if",
"foreign-types",
"libc",
"once_cell",
"openssl-macros",
"openssl-sys",
]
[[package]]
name = "openssl-macros"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "openssl-probe" name = "openssl-probe"
version = "0.1.5" version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]]
name = "openssl-sys"
version = "0.9.74"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1"
dependencies = [
"autocfg 1.1.0",
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]] [[package]]
name = "orion" name = "orion"
version = "0.16.1" version = "0.16.1"
@ -2893,25 +2973,27 @@ dependencies = [
"http", "http",
"http-body", "http-body",
"hyper", "hyper",
"hyper-tls", "hyper-rustls",
"ipnet", "ipnet",
"js-sys", "js-sys",
"lazy_static", "lazy_static",
"log", "log",
"mime", "mime",
"native-tls",
"percent-encoding", "percent-encoding",
"pin-project-lite", "pin-project-lite",
"rustls 0.20.6",
"rustls-pemfile",
"serde", "serde",
"serde_json", "serde_json",
"serde_urlencoded", "serde_urlencoded",
"tokio", "tokio",
"tokio-native-tls", "tokio-rustls 0.23.4",
"tower-service", "tower-service",
"url", "url",
"wasm-bindgen", "wasm-bindgen",
"wasm-bindgen-futures", "wasm-bindgen-futures",
"web-sys", "web-sys",
"webpki-roots 0.22.4",
"winreg", "winreg",
] ]
@ -2986,6 +3068,15 @@ dependencies = [
"semver 1.0.12", "semver 1.0.12",
] ]
[[package]]
name = "rusticata-macros"
version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632"
dependencies = [
"nom 7.1.1",
]
[[package]] [[package]]
name = "rustls" name = "rustls"
version = "0.19.1" version = "0.19.1"
@ -3011,6 +3102,18 @@ dependencies = [
"webpki 0.22.0", "webpki 0.22.0",
] ]
[[package]]
name = "rustls-native-certs"
version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50"
dependencies = [
"openssl-probe",
"rustls-pemfile",
"schannel",
"security-framework",
]
[[package]] [[package]]
name = "rustls-pemfile" name = "rustls-pemfile"
version = "1.0.0" version = "1.0.0"
@ -3402,7 +3505,7 @@ dependencies = [
"log", "log",
"md-5", "md-5",
"memchr", "memchr",
"num-bigint", "num-bigint 0.3.3",
"once_cell", "once_cell",
"paste", "paste",
"percent-encoding", "percent-encoding",
@ -3655,11 +3758,23 @@ dependencies = [
"libc", "libc",
"standback", "standback",
"stdweb", "stdweb",
"time-macros", "time-macros 0.1.1",
"version_check", "version_check",
"winapi", "winapi",
] ]
[[package]]
name = "time"
version = "0.3.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72c91f41dcb2f096c05f0873d667dceec1087ce5bcf984ec8ffb19acddbb3217"
dependencies = [
"itoa 1.0.2",
"libc",
"num_threads",
"time-macros 0.2.4",
]
[[package]] [[package]]
name = "time-macros" name = "time-macros"
version = "0.1.1" version = "0.1.1"
@ -3670,6 +3785,12 @@ dependencies = [
"time-macros-impl", "time-macros-impl",
] ]
[[package]]
name = "time-macros"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792"
[[package]] [[package]]
name = "time-macros-impl" name = "time-macros-impl"
version = "0.1.2" version = "0.1.2"
@ -3729,16 +3850,6 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "tokio-native-tls"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7d995660bd2b7f8c1568414c1126076c13fbb725c40112dc0120b78eb9b717b"
dependencies = [
"native-tls",
"tokio",
]
[[package]] [[package]]
name = "tokio-rustls" name = "tokio-rustls"
version = "0.22.0" version = "0.22.0"
@ -4338,6 +4449,24 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "x509-parser"
version = "0.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9fb9bace5b5589ffead1afb76e43e34cff39cd0f3ce7e170ae0c29e53b88eb1c"
dependencies = [
"asn1-rs",
"base64",
"data-encoding",
"der-parser",
"lazy_static",
"nom 7.1.1",
"oid-registry",
"rusticata-macros",
"thiserror",
"time 0.3.11",
]
[[package]] [[package]]
name = "yansi" name = "yansi"
version = "0.5.1" version = "0.5.1"

View File

@ -6,8 +6,6 @@ authors = ["Valentin Tolmer <valentin@tolmer.fr>"]
[dependencies] [dependencies]
anyhow = "*" anyhow = "*"
graphql_client = "0.10"
ldap3 = "*"
rand = "0.8" rand = "0.8"
requestty = "*" requestty = "*"
serde = "1" serde = "1"
@ -16,8 +14,19 @@ smallvec = "*"
[dependencies.lldap_auth] [dependencies.lldap_auth]
path = "../auth" path = "../auth"
features = [ "opaque_client" ] features = ["opaque_client"]
[dependencies.graphql_client]
features = ["graphql_query_derive", "reqwest-rustls"]
default-features = false
version = "0.11"
[dependencies.reqwest] [dependencies.reqwest]
version = "*" version = "*"
features = [ "json", "blocking" ] default-features = false
features = ["json", "blocking", "rustls-tls"]
[dependencies.ldap3]
version = "*"
default-features = false
features = ["sync", "tls-rustls"]

View File

@ -30,7 +30,7 @@ impl GraphQLClient {
where where
QueryType: GraphQLQuery + 'static, QueryType: GraphQLQuery + 'static,
{ {
let unwrap_graphql_response = |graphql_client::Response { data, errors }| { let unwrap_graphql_response = |graphql_client::Response { data, errors, .. }| {
data.ok_or_else(|| { data.ok_or_else(|| {
anyhow!( anyhow!(
"Errors: [{}]", "Errors: [{}]",
@ -69,13 +69,12 @@ pub struct User {
impl User { impl User {
// https://github.com/graphql-rust/graphql-client/issues/386 // https://github.com/graphql-rust/graphql-client/issues/386
#[allow(non_snake_case)]
pub fn new( pub fn new(
id: String, id: String,
email: String, email: String,
displayName: Option<String>, display_name: Option<String>,
firstName: Option<String>, first_name: Option<String>,
lastName: Option<String>, last_name: Option<String>,
password: Option<String>, password: Option<String>,
dn: String, dn: String,
) -> User { ) -> User {
@ -83,9 +82,9 @@ impl User {
user_input: create_user::CreateUserInput { user_input: create_user::CreateUserInput {
id, id,
email, email,
displayName, display_name,
firstName, first_name,
lastName, last_name,
}, },
password, password,
dn, dn,