-
Notifications
You must be signed in to change notification settings - Fork 226
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* rpc: replace hyper::Client with reqwest::Client In hyper, the high-level Client implementation is going to be removed in the next major release. The current client lacks built-in support for HTTP proxies, and we want to ditch hyper-proxy as it is unmaintained and its webpki dependency has known security issues. * Remove the proxy_client example Oops, this was temporary and not meant to be commited. The CLI can be used to test the proxy support. * Bump async-tungstenite version to 0.23 * rpc: fix proxy configuration in http::Builder * rpc: use argument type to select the dialog Remove ugly turbofish syntax. The changes only affect internal methods, so these stylistics do not matter a lot. * rpc: restore LatestDialog as re-export This solves the problem with using type alias as a constructor. * Changelog entries for #1362 * rpc: prune dependencies for http-client feature * rpc: demote http to dev-dependencies * Small rewording in changelog for #1342 (#1362) Co-authored-by: Romain Ruetschi <[email protected]> --------- Co-authored-by: Romain Ruetschi <[email protected]>
- Loading branch information
Showing
10 changed files
with
168 additions
and
301 deletions.
There are no files selected for viewing
10 changes: 10 additions & 0 deletions
10
.changelog/unreleased/breaking-changes/1362-rpc-by-reqwest.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
- `[tendermint-rpc]` Changed `ErrorDetail` variants | ||
([\#1362](https://github.com/informalsystems/tendermint-rs/pull/1362)): | ||
* Removed the `Hyper` and `InvalidUri` variants. | ||
* The `Http` variant now has `Error` from `reqwest` as the source. | ||
* Added the `InvalidProxy` variant. | ||
* The `tungstenite` dependency exposed through its `Error` type in | ||
WebSocket-related variants has been updated to version 0.20.x. | ||
- `[tendermint-rpc]` Removed a `TryFrom<HttpClientUrl>` conversion for | ||
`hyper::Uri` as hyper is no longer a direct dependency | ||
([\#1362](https://github.com/informalsystems/tendermint-rs/pull/1362)). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
- `[tendermint-rpc]` Address the RUSTSEC-2023-0052 vulnerability by dropping | ||
dependency on `hyper-proxy` and changing the HTTP client to use `reqwest` | ||
([\#1342](https://github.com/informalsystems/tendermint-rs/issues/1342)). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,8 +5,8 @@ | |
use alloc::string::{String, ToString}; | ||
use core::fmt; | ||
|
||
use http::Uri; | ||
use subtle_encoding::base64; | ||
use url::Url; | ||
|
||
/// An HTTP authorization. | ||
/// | ||
|
@@ -28,10 +28,10 @@ impl fmt::Display for Authorization { | |
/// | ||
/// This authorization can then be supplied to the RPC server via | ||
/// the `Authorization` HTTP header. | ||
pub fn authorize(uri: &Uri) -> Option<Authorization> { | ||
let authority = uri.authority()?; | ||
pub fn authorize(url: &Url) -> Option<Authorization> { | ||
let authority = url.authority(); | ||
|
||
if let Some((userpass, _)) = authority.as_str().split_once('@') { | ||
if let Some((userpass, _)) = authority.split_once('@') { | ||
let bytes = base64::encode(userpass); | ||
let credentials = String::from_utf8_lossy(bytes.as_slice()); | ||
Some(Authorization::Basic(credentials.to_string())) | ||
|
@@ -42,28 +42,24 @@ pub fn authorize(uri: &Uri) -> Option<Authorization> { | |
|
||
#[cfg(test)] | ||
mod tests { | ||
use core::str::FromStr; | ||
|
||
use http::Uri; | ||
|
||
use super::*; | ||
|
||
#[test] | ||
fn extract_auth_absent() { | ||
let uri = Uri::from_str("http://example.com").unwrap(); | ||
let uri = "http://example.com".parse().unwrap(); | ||
assert_eq!(authorize(&uri), None); | ||
} | ||
|
||
#[test] | ||
fn extract_auth_username_only() { | ||
let uri = Uri::from_str("http://[email protected]").unwrap(); | ||
let uri = "http://[email protected]".parse().unwrap(); | ||
let base64 = "dG90bw==".to_string(); | ||
assert_eq!(authorize(&uri), Some(Authorization::Basic(base64))); | ||
} | ||
|
||
#[test] | ||
fn extract_auth_username_password() { | ||
let uri = Uri::from_str("http://toto:[email protected]").unwrap(); | ||
let uri = "http://toto:[email protected]".parse().unwrap(); | ||
let base64 = "dG90bzp0YXRh".to_string(); | ||
assert_eq!(authorize(&uri), Some(Authorization::Basic(base64))); | ||
} | ||
|
Oops, something went wrong.