Update 'x509-parser' to 0.16.

2024-03-20 01:37:31 -07:00 · 2024-03-20 01:37:31 -07:00 · 225655817a
parent 02011a1307
commit 225655817a
5 changed files with 20 additions and 29 deletions
--- a/core/lib/Cargo.toml
+++ b/core/lib/Cargo.toml
@ -55,7 +55,7 @@ tokio-rustls = { version = "0.25", optional = true }
 rustls-pemfile = { version = "2.0.0", optional = true }

 # Optional MTLS dependencies
-x509-parser = { version = "0.13", optional = true }
+x509-parser = { version = "0.16", optional = true }

 # Hyper dependencies
 http = "1"
--- a/core/lib/src/mtls/certificate.rs
+++ b/core/lib/src/mtls/certificate.rs
@ -133,7 +133,7 @@ impl<'a> Certificate<'a> {

    fn parse_one(raw: &[u8]) -> Result<x509::X509Certificate<'_>> {
        use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME;
-        use x509_parser::traits::FromDer;
+        use x509::FromDer;

        let (left, x509) = x509::X509Certificate::from_der(raw)?;
        if !left.is_empty() {
--- a/core/lib/src/mtls/error.rs
+++ b/core/lib/src/mtls/error.rs
@ -3,7 +3,7 @@ use std::num::NonZeroUsize;

 use crate::mtls::x509::{self, nom};

-/// An error returned by the [`Certificate`] request guard.
+/// An error returned by the [`Certificate`](crate::mtls::Certificate) guard.
 ///
 /// To retrieve this error in a handler, use an `mtls::Result<Certificate>`
 /// guard type:
@ -65,10 +65,10 @@ impl From<nom::Err<x509::X509Error>> for Error {
 }

 impl std::error::Error for Error {
-    // fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
-    //     match self {
-    //         Error::Parse(e) => Some(e),
-    //         _ => None
-    //     }
-    // }
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        match self {
+            Error::Parse(e) => Some(e),
+            _ => None
+        }
+    }
 }
--- a/core/lib/src/mtls/mod.rs
+++ b/core/lib/src/mtls/mod.rs
@ -1,9 +1,8 @@
 //! Support for mutual TLS client certificates.
 //!
-//! For details on how to configure mutual TLS, see
-//! [`MutualTls`](crate::config::MutualTls) and the [TLS
+//! For details on how to configure mutual TLS, see [`MtlsConfig`] and the [TLS
 //! guide](https://rocket.rs/master/guide/configuration/#tls). See
-//! [`Certificate`] for a request guard that validated, verifies, and retrieves
+//! [`Certificate`] for a request guard that validates, verifies, and retrieves
 //! client certificates.

 pub mod oid {
@ -28,17 +27,7 @@ pub mod x509 {
    //! Lack of documentation is directly inherited from the source crate.
    //! Prefer to use Rocket's wrappers when possible.

-    pub(crate) use x509_parser::nom;
-    pub use x509_parser::certificate::*;
-    pub use x509_parser::cri_attributes::*;
-    pub use x509_parser::error::*;
-    pub use x509_parser::extensions::*;
-    pub use x509_parser::revocation_list::*;
-    pub use x509_parser::time::*;
-    pub use x509_parser::x509::*;
-    pub use x509_parser::der_parser::der;
-    pub use x509_parser::der_parser::ber;
-    pub use x509_parser::traits::*;
+    pub use x509_parser::prelude::*;
 }

 mod certificate;
@ -51,6 +40,5 @@ pub use name::Name;
 pub use config::MtlsConfig;
 pub use certificate::{Certificate, CertificateDer};

-/// A type alias for [`Result`](std::result::Result) with the error type set to
-/// [`Error`].
+/// A type alias for `Result` with the error type set to [`Error`].
 pub type Result<T, E = Error> = std::result::Result<T, E>;
--- a/core/lib/src/mtls/name.rs
+++ b/core/lib/src/mtls/name.rs
@ -6,11 +6,12 @@ use ref_cast::RefCast;
 use crate::mtls::x509::X509Name;
 use crate::mtls::oid;

-/// An X.509 Distinguished Name (DN) found in a [`Certificate`].
+/// An X.509 Distinguished Name (DN) found in a
+/// [`Certificate`](crate::mtls::Certificate).
 ///
-/// This type is a wrapper over [`x509::X509Name`] with convenient methods and
+/// This type is a wrapper over [`X509Name`] with convenient methods and
 /// complete documentation. Should the data exposed by the inherent methods not
-/// suffice, this type derefs to [`x509::X509Name`].
+/// suffice, this type derefs to [`X509Name`].
 #[repr(transparent)]
 #[derive(Debug, PartialEq, RefCast)]
 pub struct Name<'a>(X509Name<'a>);
@ -113,7 +114,9 @@ impl<'a> Name<'a> {
    /// Returns `true` if `self` has no data.
    ///
    /// When this is the case for a `subject()`, the subject data can be found
-    /// in the `subjectAlt` [`extension()`](Certificate::extensions()).
+    /// in the `subjectAlt` [`extension`].
+    ///
+    /// [`extension`]: crate::mtls::Certificate::extensions()
    ///
    /// # Example
    ///