From 3dbe9c72178eaa17a73aaec8a9b2f3956eec9b87 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 8 Aug 2023 16:27:21 +0900 Subject: [PATCH] refactor: update rustls and fix response header server name --- rpxy-bin/Cargo.toml | 6 +++--- rpxy-lib/Cargo.toml | 4 ++-- rpxy-lib/src/constants.rs | 1 + rpxy-lib/src/handler/handler_main.rs | 5 +++-- rpxy-lib/src/proxy/crypto_service.rs | 2 +- 5 files changed, 10 insertions(+), 8 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index d7f5808..85f99a7 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -23,7 +23,7 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ anyhow = "1.0.72" rustc-hash = "1.1.0" -serde = { version = "1.0.180", default-features = false, features = ["derive"] } +serde = { version = "1.0.183", default-features = false, features = ["derive"] } derive_builder = "0.12.0" tokio = { version = "1.29.1", default-features = false, features = [ "net", @@ -36,7 +36,7 @@ async-trait = "0.1.72" rustls-pemfile = "1.0.3" # config -clap = { version = "4.3.19", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.3.21", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.7.6", default-features = false, features = ["parse"] } hot_reload = "0.1.4" @@ -46,7 +46,7 @@ tracing-subscriber = { version = "0.3.17", features = ["env-filter"] } [target.'cfg(not(target_env = "msvc"))'.dependencies] -tikv-jemallocator = "0.5.4" +tikv-jemallocator = "0.5.0" [dev-dependencies] diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index e1327f7..3f80fb0 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -51,9 +51,9 @@ hyper-rustls = { version = "0.24.1", default-features = false, features = [ "http2", ] } tokio-rustls = { version = "0.24.1", features = ["early-data"] } -rustls = { version = "0.21.5", default-features = false } +rustls = { version = "0.21.6", default-features = false } webpki = "0.22.0" -x509-parser = "0.15.0" +x509-parser = "0.15.1" # logging tracing = { version = "0.1.37" } diff --git a/rpxy-lib/src/constants.rs b/rpxy-lib/src/constants.rs index 39a93e7..b7b0bff 100644 --- a/rpxy-lib/src/constants.rs +++ b/rpxy-lib/src/constants.rs @@ -1,3 +1,4 @@ +pub const RESPONSE_HEADER_SERVER: &str = "rpxy"; // pub const LISTEN_ADDRESSES_V4: &[&str] = &["0.0.0.0"]; // pub const LISTEN_ADDRESSES_V6: &[&str] = &["[::]"]; pub const TCP_LISTEN_BACKLOG: u32 = 1024; diff --git a/rpxy-lib/src/handler/handler_main.rs b/rpxy-lib/src/handler/handler_main.rs index 0b554ae..29f0296 100644 --- a/rpxy-lib/src/handler/handler_main.rs +++ b/rpxy-lib/src/handler/handler_main.rs @@ -3,6 +3,7 @@ use super::{utils_headers::*, utils_request::*, utils_synth_response::*, Handler use crate::{ backend::{Backend, UpstreamGroup}, certs::CryptoSource, + constants::RESPONSE_HEADER_SERVER, error::*, globals::Globals, log::*, @@ -15,7 +16,7 @@ use hyper::{ http::uri::Scheme, Body, Client, Request, Response, StatusCode, Uri, Version, }; -use std::{env, net::SocketAddr, sync::Arc}; +use std::{net::SocketAddr, sync::Arc}; use tokio::{io::copy_bidirectional, time::timeout}; #[derive(Clone, Builder)] @@ -208,7 +209,7 @@ where let headers = response.headers_mut(); remove_connection_header(headers); remove_hop_header(headers); - add_header_entry_overwrite_if_exist(headers, "server", env!("CARGO_PKG_NAME"))?; + add_header_entry_overwrite_if_exist(headers, "server", RESPONSE_HEADER_SERVER)?; #[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))] { diff --git a/rpxy-lib/src/proxy/crypto_service.rs b/rpxy-lib/src/proxy/crypto_service.rs index d6191e6..ae0f993 100644 --- a/rpxy-lib/src/proxy/crypto_service.rs +++ b/rpxy-lib/src/proxy/crypto_service.rs @@ -115,7 +115,7 @@ impl ServerCryptoBase { // add client certificate if specified match certs_and_keys.parse_client_ca_certs() { Ok((owned_trust_anchors, _subject_key_ids)) => { - client_ca_roots_local.add_server_trust_anchors(owned_trust_anchors.into_iter()); + client_ca_roots_local.add_trust_anchors(owned_trust_anchors.into_iter()); } Err(e) => { warn!(