Skip to content

Commit

Permalink
Added support for older rustls versions.
Browse files Browse the repository at this point in the history
  • Loading branch information
davidv1992 committed Dec 12, 2024
1 parent a611ad2 commit 8e4c431
Show file tree
Hide file tree
Showing 16 changed files with 1,089 additions and 663 deletions.
24 changes: 18 additions & 6 deletions .github/workflows/checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,23 +25,23 @@ jobs:
include:
- rust: stable
os: ubuntu-latest
features: ""
features: "--features run_tokio_rustls_tests"
target: "x86_64-unknown-linux-gnu"
- rust: beta
os: ubuntu-latest
features: ""
features: "--features run_tokio_rustls_tests"
target: "x86_64-unknown-linux-gnu"
- rust: "msrv"
os: ubuntu-latest
features: ""
features: "--features run_tokio_rustls_tests"
target: "x86_64-unknown-linux-gnu"
- rust: "stable"
os: ubuntu-latest
features: ""
features: "--features run_tokio_rustls_tests"
target: "x86_64-unknown-linux-musl"
- rust: "stable"
os: macos-latest
features: ""
features: "--features run_tokio_rustls_tests"
target: "x86_64-apple-darwin"
- rust: "stable"
os: ubuntu-latest
Expand All @@ -59,6 +59,18 @@ jobs:
os: macos-latest
features: "--all-features"
target: "x86_64-apple-darwin"
- rust: "stable"
os: ubuntu-latest
features: "--no-default-features --features rustls21"
target: "x86_64-unknown-linux-gnu"
- rust: "stable"
os: ubuntu-latest
features: "--no-default-features --features rustls22"
target: "x86_64-unknown-linux-gnu"
- rust: "stable"
os: ubuntu-latest
features: "--no-default-features --features rustls23"
target: "x86_64-unknown-linux-gnu"
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
Expand Down Expand Up @@ -237,7 +249,7 @@ jobs:
shared-key: "stable-${{matrix.target}}"

- name: Run clippy
run: cargo clippy --target ${{matrix.target}} --workspace --all-targets --all-features -- -D warnings
run: cargo clippy --target ${{matrix.target}} --workspace --all-targets --features hardware-timestamping,unstable_ntpv5,unstable_nts-pool,__internal-fuzz,__internal-test,__internal-api,ntpv5,nts-pool -- -D warnings
- name: Run clippy (fuzzers)
run: cargo clippy --target ${{matrix.target}} --manifest-path ./fuzz/Cargo.toml --all-targets -- -D warnings
if: ${{matrix.fuzzer}}
Expand Down
99 changes: 88 additions & 11 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 9 additions & 4 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,14 @@ timestamped-socket = "0.2.2"
clock-steering = "0.2.1"

# TLS
rustls = { version = "0.23.0", default-features = false, features = ["ring", "logging", "std", "tls12"] }
rustls-pemfile = "2.0"
rustls-native-certs = "0.7.0"
rustls23 = { package = "rustls", version = "0.23.0", default-features = false, features = ["ring", "logging", "std", "tls12"] }
rustls22 = { package = "rustls", version = "0.22.0", default-features = false, features = ["ring", "logging", "tls12"] }
rustls21 = { package = "rustls", version = "0.21.0" }
rustls-pemfile1 = { package = "rustls-pemfile", version = "1.0" }
rustls-pemfile2 = { package = "rustls-pemfile", version = "2.0" }
rustls-pki-types = "1.2"
rustls-native-certs6 = { package = "rustls-native-certs", version = "0.6" }
rustls-native-certs7 = { package = "rustls-native-certs", version = ">=0.7.0,<0.9" }
tokio-rustls = { version = "0.26.0", default-features = false, features = ["ring", "logging", "tls12"] } # testing only

# crypto
Expand All @@ -62,4 +67,4 @@ zeroize = "1.7"

# our own crates used as dependencies, same version as the workspace version
# NOTE: keep this part at the bottom of the file, do not change this line
ntp-proto = { version = "1.3.1", path = "./ntp-proto", features = ["__internal-api"] }
ntp-proto = { version = "1.3.1", path = "./ntp-proto", default-features = false, features = ["__internal-api"] }
17 changes: 13 additions & 4 deletions ntp-proto/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,15 @@ rust-version.workspace = true
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[features]
default = []
default = ["rustls23"]
__internal-fuzz = ["arbitrary", "__internal-api"]
__internal-test = ["__internal-api"]
__internal-api = []
ntpv5 = []
nts-pool = []
nts-pool = [ "rustls23" ]
rustls23 = [ "dep:rustls23", "dep:rustls-pemfile2", "dep:rustls-native-certs7" ]
rustls22 = [ "dep:rustls22", "dep:rustls-pemfile2", "dep:rustls-native-certs7", "dep:rustls-pki-types" ]
rustls21 = [ "dep:rustls21", "dep:rustls-pemfile1", "dep:rustls-native-certs6" ]

[dependencies]
# Note: md5 is needed to calculate ReferenceIDs for IPv6 addresses per RFC5905
Expand All @@ -27,11 +30,17 @@ rand.workspace = true
tracing.workspace = true
serde.workspace = true
arbitrary = { workspace = true, optional = true }
rustls.workspace = true
rustls23 = { workspace = true, optional = true }
rustls22 = { workspace = true, optional = true }
rustls21 = { workspace = true, optional = true }
rustls-pki-types = { workspace = true, optional = true }
rustls-pemfile2 = { workspace = true, optional = true }
rustls-pemfile1 = { workspace = true, optional = true }
rustls-native-certs6 = { workspace = true, optional = true }
rustls-native-certs7 = { workspace = true, optional = true }
aead.workspace = true
aes-siv.workspace = true
zeroize.workspace = true

[dev-dependencies]
rustls-pemfile.workspace = true
serde_test.workspace = true
1 change: 0 additions & 1 deletion ntp-proto/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ mod time_types;

#[cfg(feature = "nts-pool")]
mod nts_pool_ke;
#[cfg(feature = "nts-pool")]
pub mod tls_utils;

pub(crate) mod exitcode {
Expand Down
2 changes: 1 addition & 1 deletion ntp-proto/src/nts_pool_ke.rs
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ pub struct ClientToPoolData {
impl ClientToPoolData {
pub fn extract_nts_keys<ConnectionData>(
&self,
stream: &rustls::ConnectionCommon<ConnectionData>,
stream: &rustls23::ConnectionCommon<ConnectionData>,
) -> Result<NtsKeys, KeyExchangeError> {
self.algorithm
.extract_nts_keys(self.protocol, stream)
Expand Down
Loading

0 comments on commit 8e4c431

Please sign in to comment.