From 3896562ad3c8127c6b48164f99dc6d0848f5ced1 Mon Sep 17 00:00:00 2001 From: Arthur Wolf Date: Wed, 13 Sep 2023 02:45:57 +0200 Subject: [PATCH 001/177] replace example.com with wire.example, only in charts --- charts/account-pages/values.yaml | 32 ++++++++--------- charts/aws-ingress/values.yaml | 24 ++++++------- charts/brig/values.yaml | 4 +-- charts/calling-test/values.yaml | 2 +- charts/cargohold/values.yaml | 4 +-- charts/coturn/values.yaml | 6 ++-- charts/fake-aws-ses/values.yaml | 2 +- charts/galley/values.yaml | 2 +- charts/inbucket/values.yaml | 2 +- .../openldap/templates/secret-newusers.yaml | 10 +++--- charts/sftd/README.md | 10 +++--- charts/sftd/values.yaml | 2 +- charts/team-settings/values.yaml | 34 +++++++++---------- charts/webapp/values.yaml | 34 +++++++++---------- 14 files changed, 84 insertions(+), 84 deletions(-) diff --git a/charts/account-pages/values.yaml b/charts/account-pages/values.yaml index ae22ad9fb44..14d7f59ca54 100644 --- a/charts/account-pages/values.yaml +++ b/charts/account-pages/values.yaml @@ -20,9 +20,9 @@ service: #config: # externalUrls: -# backendRest: nginz-https.example.com -# backendWebsocket: nginz-ssl.example.com -# appHost: account.example.com +# backendRest: nginz-https.wire.example +# backendWebsocket: nginz-ssl.wire.example +# appHost: account.wire.example # Some relevant environment options. For a comprehensive # list of available variables, please refer to: @@ -36,19 +36,19 @@ envVars: {} # FEATURE_ENABLE_DEBUG: "true" # You are likely to need at least following CSP headers # due to the fact that you are likely to do cross sub-domain requests -# i.e., from account.example.com to nginz-https.example.com -# CSP_EXTRA_CONNECT_SRC: "https://*.example.com, wss://*.example.com" -# CSP_EXTRA_IMG_SRC: "https://*.example.com" -# CSP_EXTRA_SCRIPT_SRC: "https://*.example.com" -# CSP_EXTRA_DEFAULT_SRC: "https://*.example.com" -# CSP_EXTRA_FONT_SRC: "https://*.example.com" -# CSP_EXTRA_FRAME_SRC: "https://*.example.com" -# CSP_EXTRA_MANIFEST_SRC: "https://*.example.com" -# CSP_EXTRA_OBJECT_SRC: "https://*.example.com" -# CSP_EXTRA_MEDIA_SRC: "https://*.example.com" -# CSP_EXTRA_PREFETCH_SRC: "https://*.example.com" -# CSP_EXTRA_STYLE_SRC: "https://*.example.com" -# CSP_EXTRA_WORKER_SRC: "https://*.example.com" +# i.e., from account.wire.example to nginz-https.wire.example +# CSP_EXTRA_CONNECT_SRC: "https://*.wire.example, wss://*.wire.example" +# CSP_EXTRA_IMG_SRC: "https://*.wire.example" +# CSP_EXTRA_SCRIPT_SRC: "https://*.wire.example" +# CSP_EXTRA_DEFAULT_SRC: "https://*.wire.example" +# CSP_EXTRA_FONT_SRC: "https://*.wire.example" +# CSP_EXTRA_FRAME_SRC: "https://*.wire.example" +# CSP_EXTRA_MANIFEST_SRC: "https://*.wire.example" +# CSP_EXTRA_OBJECT_SRC: "https://*.wire.example" +# CSP_EXTRA_MEDIA_SRC: "https://*.wire.example" +# CSP_EXTRA_PREFETCH_SRC: "https://*.wire.example" +# CSP_EXTRA_STYLE_SRC: "https://*.wire.example" +# CSP_EXTRA_WORKER_SRC: "https://*.wire.example" podSecurityContext: allowPrivilegeEscalation: false diff --git a/charts/aws-ingress/values.yaml b/charts/aws-ingress/values.yaml index 3373fc6cc8a..eff6b721e4f 100644 --- a/charts/aws-ingress/values.yaml +++ b/charts/aws-ingress/values.yaml @@ -9,26 +9,26 @@ ingress: webapp: https: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: webapp.example.com + hostname: webapp.wire.example ttl: 300 http: webappPort: 8080 nginz: https: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: nginz-https.example.com + hostname: nginz-https.wire.example ttl: 300 http: httpPort: 8080 wss: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: nginz-ssl.example.com + hostname: nginz-ssl.wire.example ttl: 300 ws: wsPort: 8081 @@ -36,9 +36,9 @@ ingress: enabled: false # set to true if you wish to use minio on AWS instead of using real S3 https: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: assets.example.com + hostname: assets.wire.example ttl: 300 http: s3Port: 9000 @@ -48,18 +48,18 @@ ingress: teamSettings: https: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: teams.example.com + hostname: teams.wire.example ttl: 300 http: teamSettingsPort: 8080 accountPages: https: externalPort: 443 - sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/example.com + sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example sslPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 - hostname: account.example.com + hostname: account.wire.example ttl: 300 http: accountPagesPort: 8080 diff --git a/charts/brig/values.yaml b/charts/brig/values.yaml index 7f756955226..359101f77e1 100644 --- a/charts/brig/values.yaml +++ b/charts/brig/values.yaml @@ -87,7 +87,7 @@ config: # Details: https://github.com/wireapp/wire-server/blob/3d5684023c54fe580ab27c11d7dae8f19a29ddbc/services/brig/src/Brig/Options.hs#L465-L503 # setCustomerExtensions: # domainsBlockedForRegistration: - # - example.com + # - wire.example set2FACodeGenerationDelaySecs: 300 # 5 minutes setNonceTtlSecs: 300 # 5 minutes setDpopMaxSkewSecs: 1 @@ -122,7 +122,7 @@ turnStatic: turn: serversSource: files # files | dns - # baseDomain: turn.example.com # Must be configured if serversSource is dns + # baseDomain: turn.wire.example # Must be configured if serversSource is dns discoveryIntervalSeconds: 10 # Used only if serversSource is dns serviceAccount: diff --git a/charts/calling-test/values.yaml b/charts/calling-test/values.yaml index 4a8349841da..e6511f4a9c0 100644 --- a/charts/calling-test/values.yaml +++ b/charts/calling-test/values.yaml @@ -6,7 +6,7 @@ image: envVars: # note: this should be overridden in every deployment - BACKEND_HTTPS_URL: https://nginz-https.example.com + BACKEND_HTTPS_URL: https://nginz-https.wire.example # These name overrides are used also for routing. # Wire-server's nginz subchart will route /calling-test to this chart diff --git a/charts/cargohold/values.yaml b/charts/cargohold/values.yaml index 300e8b1472d..5dc4d282625 100644 --- a/charts/cargohold/values.yaml +++ b/charts/cargohold/values.yaml @@ -24,8 +24,8 @@ config: s3Bucket: assets # Multi-ingress configuration: # multiIngress: - # - nginz-https.red.example.com: assets.red.example.com - # - nginz-https.green.example.com: assets.green.example.com + # - nginz-https.red.wire.example: assets.red.wire.example + # - nginz-https.green.wire.example: assets.green.wire.example proxy: {} settings: maxTotalBytes: 5368709120 diff --git a/charts/coturn/values.yaml b/charts/coturn/values.yaml index 683cb2501d6..84934676739 100644 --- a/charts/coturn/values.yaml +++ b/charts/coturn/values.yaml @@ -78,11 +78,11 @@ federate: # # list of host/ip/cert common names / subject alt names, and optional issuer # # names to accept DTLS connections from. There can be multiple entries. # remoteWhitelist: - # - host: example.com + # - host: wire.example # issuer: Issuer Common Name - # - host: another.example.com + # - host: another.wire.example # issuer: "DigiCert SHA2 Extended Validation Server CA" - # - host: another-host-without-issuer.example.com + # - host: another-host-without-issuer.wire.example remoteWhitelist: [] metrics: diff --git a/charts/fake-aws-ses/values.yaml b/charts/fake-aws-ses/values.yaml index 3dcc068d8ba..8b82f73e00b 100644 --- a/charts/fake-aws-ses/values.yaml +++ b/charts/fake-aws-ses/values.yaml @@ -16,4 +16,4 @@ resources: ## The following needs to be provided (and consistent with the config in brig) #TODO: It would actually be useful if the deployment _fails_ if this is undefined -#sesSender: "sender@example.com" +#sesSender: "sender@wire.example" diff --git a/charts/galley/values.yaml b/charts/galley/values.yaml index 5b328a3e5b1..b23806e5918 100644 --- a/charts/galley/values.yaml +++ b/charts/galley/values.yaml @@ -45,7 +45,7 @@ config: # If set it must a map from `Z-Host` to URI prefix # Example: # multiIngress: - # example.com: https://accounts.example.com/conversation-join/ + # wire.example: https://accounts.wire.example/conversation-join/ # example.net: https://accounts.example.net/conversation-join/ multiIngress: null # Disable one ore more API versions. Please make sure the configuration value is the same in all these charts: diff --git a/charts/inbucket/values.yaml b/charts/inbucket/values.yaml index 0e59481ac99..d438b634748 100644 --- a/charts/inbucket/values.yaml +++ b/charts/inbucket/values.yaml @@ -1,6 +1,6 @@ # Fully qualified domain name (FQDN) of the domain where to serve inbucket. # E.g. 'inbucket.my-test-env.wire.link' -host: "inbucket.example.com" +host: "inbucket.wire.example" config: ingressClass: "nginx" diff --git a/charts/openldap/templates/secret-newusers.yaml b/charts/openldap/templates/secret-newusers.yaml index 0397cb0af55..55157a0ba4f 100644 --- a/charts/openldap/templates/secret-newusers.yaml +++ b/charts/openldap/templates/secret-newusers.yaml @@ -20,7 +20,7 @@ stringData: objectClass: posixAccount objectClass: shadowAccount cn: john - uid: john@example.com + uid: john@wire.example uidNumber: 10001 gidNumber: 10001 homeDirectory: /home/john @@ -33,7 +33,7 @@ stringData: objectClass: posixAccount objectClass: shadowAccount cn: jane - uid: jane@example.com + uid: jane@wire.example uidNumber: 10002 gidNumber: 10002 homeDirectory: /home/jane @@ -46,7 +46,7 @@ stringData: objectClass: posixAccount objectClass: shadowAccount cn: me - uid: me@example.com + uid: me@wire.example uidNumber: 10003 gidNumber: 10003 homeDirectory: /home/me @@ -60,10 +60,10 @@ stringData: objectClass: shadowAccount objectClass: extensibleObject cn: usesemail - uid: usesemail@example.com + uid: usesemail@wire.example uidNumber: 10004 gidNumber: 10004 - email: uses@example.com + email: uses@wire.example homeDirectory: /home/me userPassword: notgonnatelleither loginShell: /bin/bash diff --git a/charts/sftd/README.md b/charts/sftd/README.md index 2d0fa74a076..2cdb05de31c 100644 --- a/charts/sftd/README.md +++ b/charts/sftd/README.md @@ -48,8 +48,8 @@ tags: sftd: true sftd: - host: sftd.example.com - allowOrigin: https://webapp.example.com + host: sftd.wire.example + allowOrigin: https://webapp.wire.example tls: # The https://cert-manager.io issuer to use to retrieve a certificate issuerRef: @@ -69,8 +69,8 @@ very slow. ``` helm install sftd wire/sftd \ - --set host=sftd.example.com \ - --set allowOrigin=https://webapp.example.com \ + --set host=sftd.wire.example \ + --set allowOrigin=https://webapp.wire.example \ --set-file tls.crt=/path/to/tls.crt \ --set-file tls.key=/path/to/tls.key ``` @@ -98,7 +98,7 @@ brig: # ... optSettings: # ... - setSftStaticUrl: https://sftd.example.com:443 + setSftStaticUrl: https://sftd.wire.example:443 ``` ## Routability diff --git a/charts/sftd/values.yaml b/charts/sftd/values.yaml index 3b65d81d677..063ae636726 100644 --- a/charts/sftd/values.yaml +++ b/charts/sftd/values.yaml @@ -60,7 +60,7 @@ tolerations: [] affinity: {} -# allowOrigin: https://webapp.example.com +# allowOrigin: https://webapp.wire.example # host: tls: {} # {key,crt} and issuerRef are mutally exclusive diff --git a/charts/team-settings/values.yaml b/charts/team-settings/values.yaml index fa4545c38b7..ac4d940714a 100644 --- a/charts/team-settings/values.yaml +++ b/charts/team-settings/values.yaml @@ -20,10 +20,10 @@ service: #config: # externalUrls: -# backendRest: nginz-https.example.com -# backendWebsocket: nginz-ssl.example.com -# backendDomain: example.com -# appHost: teams.example.com +# backendRest: nginz-https.wire.example +# backendWebsocket: nginz-ssl.wire.example +# backendDomain: wire.example +# appHost: teams.wire.example #secrets: # configJson: @@ -40,19 +40,19 @@ envVars: {} # FEATURE_ENABLE_DEBUG: "true" # You are likely to need at least following CSP headers # due to the fact that you are likely to do cross sub-domain requests -# i.e., from teams.example.com to nginz-https.example.com -# CSP_EXTRA_CONNECT_SRC: "https://*.example.com, wss://*.example.com" -# CSP_EXTRA_IMG_SRC: "https://*.example.com" -# CSP_EXTRA_SCRIPT_SRC: "https://*.example.com" -# CSP_EXTRA_DEFAULT_SRC: "https://*.example.com" -# CSP_EXTRA_FONT_SRC: "https://*.example.com" -# CSP_EXTRA_FRAME_SRC: "https://*.example.com" -# CSP_EXTRA_MANIFEST_SRC: "https://*.example.com" -# CSP_EXTRA_OBJECT_SRC: "https://*.example.com" -# CSP_EXTRA_MEDIA_SRC: "https://*.example.com" -# CSP_EXTRA_PREFETCH_SRC: "https://*.example.com" -# CSP_EXTRA_STYLE_SRC: "https://*.example.com" -# CSP_EXTRA_WORKER_SRC: "https://*.example.com" +# i.e., from teams.wire.example to nginz-https.wire.example +# CSP_EXTRA_CONNECT_SRC: "https://*.wire.example, wss://*.wire.example" +# CSP_EXTRA_IMG_SRC: "https://*.wire.example" +# CSP_EXTRA_SCRIPT_SRC: "https://*.wire.example" +# CSP_EXTRA_DEFAULT_SRC: "https://*.wire.example" +# CSP_EXTRA_FONT_SRC: "https://*.wire.example" +# CSP_EXTRA_FRAME_SRC: "https://*.wire.example" +# CSP_EXTRA_MANIFEST_SRC: "https://*.wire.example" +# CSP_EXTRA_OBJECT_SRC: "https://*.wire.example" +# CSP_EXTRA_MEDIA_SRC: "https://*.wire.example" +# CSP_EXTRA_PREFETCH_SRC: "https://*.wire.example" +# CSP_EXTRA_STYLE_SRC: "https://*.wire.example" +# CSP_EXTRA_WORKER_SRC: "https://*.wire.example" podSecurityContext: allowPrivilegeEscalation: false diff --git a/charts/webapp/values.yaml b/charts/webapp/values.yaml index 3235cbcbb37..45fc9d033a9 100644 --- a/charts/webapp/values.yaml +++ b/charts/webapp/values.yaml @@ -20,10 +20,10 @@ service: #config: # externalUrls: -# backendRest: nginz-https.example.com -# backendWebsocket: nginz-ssl.example.com -# backendDomain: example.com -# appHost: webapp.example.com +# backendRest: nginz-https.wire.example +# backendWebsocket: nginz-ssl.wire.example +# backendDomain: wire.example +# appHost: webapp.wire.example # Some relevant environment options. For a comprehensive # list of available variables, please refer to: @@ -37,19 +37,19 @@ envVars: {} # FEATURE_ENABLE_DEBUG: "true" # You are likely to need at least following CSP headers # due to the fact that you are likely to do cross sub-domain requests -# i.e., from webapp.example.com to nginz-https.example.com -# CSP_EXTRA_CONNECT_SRC: "https://*.example.com, wss://*.example.com" -# CSP_EXTRA_IMG_SRC: "https://*.example.com" -# CSP_EXTRA_SCRIPT_SRC: "https://*.example.com" -# CSP_EXTRA_DEFAULT_SRC: "https://*.example.com" -# CSP_EXTRA_FONT_SRC: "https://*.example.com" -# CSP_EXTRA_FRAME_SRC: "https://*.example.com" -# CSP_EXTRA_MANIFEST_SRC: "https://*.example.com" -# CSP_EXTRA_OBJECT_SRC: "https://*.example.com" -# CSP_EXTRA_MEDIA_SRC: "https://*.example.com" -# CSP_EXTRA_PREFETCH_SRC: "https://*.example.com" -# CSP_EXTRA_STYLE_SRC: "https://*.example.com" -# CSP_EXTRA_WORKER_SRC: "https://*.example.com" +# i.e., from webapp.wire.example to nginz-https.wire.example +# CSP_EXTRA_CONNECT_SRC: "https://*.wire.example, wss://*.wire.example" +# CSP_EXTRA_IMG_SRC: "https://*.wire.example" +# CSP_EXTRA_SCRIPT_SRC: "https://*.wire.example" +# CSP_EXTRA_DEFAULT_SRC: "https://*.wire.example" +# CSP_EXTRA_FONT_SRC: "https://*.wire.example" +# CSP_EXTRA_FRAME_SRC: "https://*.wire.example" +# CSP_EXTRA_MANIFEST_SRC: "https://*.wire.example" +# CSP_EXTRA_OBJECT_SRC: "https://*.wire.example" +# CSP_EXTRA_MEDIA_SRC: "https://*.wire.example" +# CSP_EXTRA_PREFETCH_SRC: "https://*.wire.example" +# CSP_EXTRA_STYLE_SRC: "https://*.wire.example" +# CSP_EXTRA_WORKER_SRC: "https://*.wire.example" podSecurityContext: allowPrivilegeEscalation: false From a98e4b142ee0efad67af68160121910468cb5c26 Mon Sep 17 00:00:00 2001 From: Arthur Wolf Date: Thu, 28 Sep 2023 02:33:47 +0200 Subject: [PATCH 002/177] add basic information on debugging helm errors --- docs/src/how-to/install/troubleshooting.md | 160 +++++++++++++++++++++ 1 file changed, 160 insertions(+) diff --git a/docs/src/how-to/install/troubleshooting.md b/docs/src/how-to/install/troubleshooting.md index de2d857e4be..ccb5270c752 100644 --- a/docs/src/how-to/install/troubleshooting.md +++ b/docs/src/how-to/install/troubleshooting.md @@ -263,3 +263,163 @@ p: the expected ping (how many pings have not returned) Question: Are the connection values for bad networks/disconnect configurable on on-prem? Answer: The values are not currently configurable, they are built into the clients at compile time, we do have a mechanism for sending calling configs to the clients but these values are not currently there. + +## Diagnosing issues with installation steps. + +Some steps of the installation (for example `helm` commands) provide less feedback than others in the case errors are encountered. + +These are some steps you can take to debug what is going on when the installation process breaks down. + +As an example, we'll take a case where we try installing `wire-server` with `helm`, but it fails due to `cassandra` being broken in some way. + +Before installing `wire-server`, we run `d kubectl get pods` and get the result: + + +``` +demo@admin-host:~/wire-server-deploy$ d kubectl get pods +NAME READY STATUS RESTARTS AGE +demo-smtp-d98b789d7-5ntj6 1/1 Running 0 75m +fake-aws-sns-76fb45cf4f-t6mg6 2/2 Running 0 75m +fake-aws-sqs-6495cd7c98-w8f8w 2/2 Running 0 75m +rabbitmq-external-0 0/1 Pending 0 78m +reaper-84cfbf746d-wk8nc 1/1 Running 0 75m +redis-ephemeral-master-0 1/1 Running 0 76m +``` + +We then run the `wire-server` helm installation command: + +``` +d helm install wire-server ./charts/wire-server --timeout=15m0s --values ./values/wire-server/values.yaml --values ./values/wire-server/secrets.yaml +``` + +And we get the following error: + +``` +Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded +``` + +This, by itself, isn't much help in understanding what is going wrong. + +We can get more information by running `d kubectl get pods` again: + +``` +demo@admin-host:~/wire-server-deploy$ d kubectl get pods +NAME READY STATUS RESTARTS AGE +cassandra-migration-qgn7r 0/1 Init:0/4 0 12s +demo-smtp-d98b789d7-5ntj6 1/1 Running 0 95m +fake-aws-sns-76fb45cf4f-t6mg6 2/2 Running 0 95m +fake-aws-sqs-6495cd7c98-w8f8w 2/2 Running 0 95m +rabbitmq-external-0 0/1 Pending 0 98m +reaper-84cfbf746d-wk8nc 1/1 Running 0 95m +redis-ephemeral-master-0 1/1 Running 0 96m +``` + +We can see that a new pod has been created, called `cassandra-migration-qgn7r`, and that it is in the `Init:0/4` state. + +This means that the pod has been created, but that the init containers have not yet completed. In particular, it is at step 0 out of 4. + +If we let it running for a while, we'd see the "`RESTARTS`" field increase to 1, then 2, etc, as the init containers keep failing. + +We can get more information about the pod by running `d kubectl describe pod cassandra-migration-qgn7r`: + + +``` +demo@admin-host:~/wire-server-deploy$ d kubectl describe pod cassandra-migrations-qgn7r +Name: cassandra-migrations-qgn7r +Namespace: default +Priority: 0 +Node: kubenode1/172.16.0.129 +Start Time: Wed, 27 Sep 2023 23:03:07 +0000 +Labels: app=cassandra-migrations + controller-uid=c43f2a66-57c8-4657-877f-36a751cf487d + job-name=cassandra-migrations + release=wire-server +Annotations: cni.projectcalico.org/containerID: e314c7330c1196fbd9419267791429e3f31d6bfb910daa7739167b807116e830 + cni.projectcalico.org/podIP: 10.233.110.68/32 + cni.projectcalico.org/podIPs: 10.233.110.68/32 +Status: Pending +IP: 10.233.110.68 +IPs: + IP: 10.233.110.68 +Controlled By: Job/cassandra-migrations +Init Containers: + gundeck-schema: + Container ID: containerd://1cb4a68a0877e993ed5b2ab8ccf9a18e90bf868c742141514b31fa9070be055f + Image: quay.io/wire/gundeck-schema:4.38.0 + Image ID: quay.io/wire/gundeck-schema@sha256:2a060ef26b014fa43296e9bb36acd8f43070574add99821196c7da8e23127c9c + Port: + Host Port: + Command: + gundeck-schema + --host + cassandra-external + --port + 9042 + --keyspace + gundeck + --replication-factor + 3 + State: Running + Started: Wed, 27 Sep 2023 23:06:02 +0000 + Last State: Terminated + Reason: Error + Exit Code: 1 + Started: Wed, 27 Sep 2023 23:04:19 +0000 + Finished: Wed, 27 Sep 2023 23:05:10 +0000 + Ready: False + Restart Count: 4 + Environment: + Mounts: +[...] +``` + +In this output, the «containers» are the different «stages» of this pod, described as they get executed. + +We can see that the `gundeck-schema` container (step) has failed, and that it has been restarted 4 times. + +The other containers (steps) have not yet been executed, because the previous step failed, they'll be in a "`Waiting`"" state + +We can get further information about the failure by running `d kubectl logs cassandra-migrations-qgn7r -c gundeck-schema`. + +This will provide us an output such as: + +``` +demo@admin-host:~/wire-server-deploy$ d kubectl logs cassandra-migrations-qgn7r -c gundeck-schema +D, Connecting to 172.16.0.134:9042 +I, Known hosts: [datacenter1:rack1:172.16.0.132:9042,datacenter1:rack1:172.16.0.133:9042,datacenter1:rack1:172.16.0.134:9042] +I, New control connection: datacenter1:rack1:172.16.0.134:9042# +D, Connection established: datacenter1:rack1:172.16.0.134:9042# +I, New migrations found. +I, [1] Initial schema +gundeck-schema: ResponseError {reHost = datacenter1:rack1:172.16.0.134:9042, reTrace = Nothing, reWarn = [], reCause = Unavailable {unavailMessage = "Cannot achieve consistency level ALL", unavailConsistency = All, unavailNumRequired = 3, + unavailNumAlive = 1}} +``` + +The error message «`Cannot achieve consistency level ALL`» is the cause of the failure, it essentially means that some of the cassandra nodes in our cluster are not running, or not reachable in some way. + +We have now succesfully reached the «root» cause of the issue. + +We could use `nodetool status` to get more details about the cassandra nodes, `ping ` to check if they are reachable, `cat /var/log/cassandra/system.log` to look for any warnings/errors, review the cassandra documentation, use diagnostic tools such as `nodetool cfstats` or `nodetool describecluster`, etc. + +Note that because the `cassandra-migration-qgn7r` pod might get destroyed once the helm command outputs its error/terminates, you might have a limited amount of time to run these debugging commands, and might need to uninstall then re-install wire-server to get the error to occur multiple times. To uninstall the wire-server helm chart before running it again, run `d helm uninstall wire-server`. + +More generally, you can also get `d kubectl get events` to get a list of all the events that have happened in your cluster, including the creation/destruction of pods, and the errors that have occured. + +``` +demo@mandarin:~/wire-server-deploy$ d kubectl get events +LAST SEEN TYPE REASON OBJECT MESSAGE +17m Normal Scheduled pod/cassandra-migrations-qgn7r Successfully assigned default/cassandra-migrations-qgn7r to kubenode1 +17m Normal Pulling pod/cassandra-migrations-qgn7r Pulling image "quay.io/wire/gundeck-schema:4.38.0" +17m Normal Pulled pod/cassandra-migrations-qgn7r Successfully pulled image "quay.io/wire/gundeck-schema:4.38.0" in 8.769605884s +14m Normal Created pod/cassandra-migrations-qgn7r Created container gundeck-schema +14m Normal Started pod/cassandra-migrations-qgn7r Started container gundeck-schema +14m Normal Pulled pod/cassandra-migrations-qgn7r Container image "quay.io/wire/gundeck-schema:4.38.0" already present on machine +12m Warning BackOff pod/cassandra-migrations-qgn7r Back-off restarting failed container +17m Normal SuccessfulCreate job/cassandra-migrations Created pod: cassandra-migrations-qgn7r +9m25s Normal SuccessfulDelete job/cassandra-migrations Deleted pod: cassandra-migrations-qgn7r +9m25s Warning BackoffLimitExceeded job/cassandra-migrations Job has reached the specified backoff limit +[...] +``` + +Here we can see that the `cassandra-migrations-qgn7r` pod was created, then the warnings about the «`BackOff`» and reaching the backoff limit. + From 930c5f3a9cccbe5d926bdebcf54650cf62c90bfc Mon Sep 17 00:00:00 2001 From: Arthur Wolf Date: Thu, 28 Sep 2023 02:53:41 +0200 Subject: [PATCH 003/177] some minor additions for the helm troubleshooting docs --- docs/src/how-to/install/troubleshooting.md | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/docs/src/how-to/install/troubleshooting.md b/docs/src/how-to/install/troubleshooting.md index ccb5270c752..f326529be48 100644 --- a/docs/src/how-to/install/troubleshooting.md +++ b/docs/src/how-to/install/troubleshooting.md @@ -272,8 +272,11 @@ These are some steps you can take to debug what is going on when the installatio As an example, we'll take a case where we try installing `wire-server` with `helm`, but it fails due to `cassandra` being broken in some way. -Before installing `wire-server`, we run `d kubectl get pods` and get the result: +This guide, while focusing on a `cassandra` related issue, will also provide general steps to debug problems that could be related to other components like `rabbitmq`, `redis`, etc. + +Our first step is to identify and isolate which component is causing the issue. +Before installing `wire-server`, we run `d kubectl get pods` and get the result: ``` demo@admin-host:~/wire-server-deploy$ d kubectl get pods @@ -314,14 +317,25 @@ reaper-84cfbf746d-wk8nc 1/1 Running 0 95m redis-ephemeral-master-0 1/1 Running 0 96m ``` -We can see that a new pod has been created, called `cassandra-migration-qgn7r`, and that it is in the `Init:0/4` state. +(You can also do `d kubectl get pods -o wide` to get more details though that's not necessary here) + +When comparing with the previous run of the command, we can see that a new pod has been created, called `cassandra-migration-qgn7r`, and that it is in the `Init:0/4` state. This means that the pod has been created, but that the init containers have not yet completed. In particular, it is at step 0 out of 4. If we let it running for a while, we'd see the "`RESTARTS`" field increase to 1, then 2, etc, as the init containers keep failing. -We can get more information about the pod by running `d kubectl describe pod cassandra-migration-qgn7r`: +We can use `d kubectl logs` to learn more about this failing pod: + +``` +demo@admin-host:~/wire-server-deploy$ d kubectl logs cassandra-migrations-qgn7r +Error from server (BadRequest): container "job-done" in pod "cassandra-migrations-qgn7r" is waiting to start: PodInitializing +``` + +Note the name `job-done`, this is the name of the last step (container) of the pod, which is not yet running. + +We can get even more information about the pod by running `d kubectl describe pod cassandra-migration-qgn7r`: ``` demo@admin-host:~/wire-server-deploy$ d kubectl describe pod cassandra-migrations-qgn7r From dc3c9ea4cc26835bb69dbf93d246f9077d33ad22 Mon Sep 17 00:00:00 2001 From: Arthur Wolf Date: Thu, 28 Sep 2023 03:08:05 +0200 Subject: [PATCH 004/177] remove mention of mandarin hostname --- docs/src/how-to/install/troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/how-to/install/troubleshooting.md b/docs/src/how-to/install/troubleshooting.md index f326529be48..26e0f186913 100644 --- a/docs/src/how-to/install/troubleshooting.md +++ b/docs/src/how-to/install/troubleshooting.md @@ -420,7 +420,7 @@ Note that because the `cassandra-migration-qgn7r` pod might get destroyed once t More generally, you can also get `d kubectl get events` to get a list of all the events that have happened in your cluster, including the creation/destruction of pods, and the errors that have occured. ``` -demo@mandarin:~/wire-server-deploy$ d kubectl get events +demo@admin-host:~/wire-server-deploy$ d kubectl get events LAST SEEN TYPE REASON OBJECT MESSAGE 17m Normal Scheduled pod/cassandra-migrations-qgn7r Successfully assigned default/cassandra-migrations-qgn7r to kubenode1 17m Normal Pulling pod/cassandra-migrations-qgn7r Pulling image "quay.io/wire/gundeck-schema:4.38.0" From e21a24e196beff77f4b3593b1bb50808ddf50c8e Mon Sep 17 00:00:00 2001 From: Igor Ranieri Elland <54423+elland@users.noreply.github.com> Date: Mon, 23 Oct 2023 10:38:53 +0200 Subject: [PATCH 005/177] [fix]: flaky test for leaving self-conv MLS (#3664) --- services/galley/test/integration/API/MLS.hs | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/services/galley/test/integration/API/MLS.hs b/services/galley/test/integration/API/MLS.hs index 54f6e4ae177..2342735c502 100644 --- a/services/galley/test/integration/API/MLS.hs +++ b/services/galley/test/integration/API/MLS.hs @@ -1733,17 +1733,15 @@ testSelfConversationLeave :: TestM () testSelfConversationLeave = do alice <- randomQualifiedUser runMLSTest $ do - clients@(creator : others) <- traverse createMLSClient (replicate 3 alice) + (creator : others) <- traverse createMLSClient (replicate 3 alice) traverse_ uploadNewKeyPackage others (_, qcnv) <- setupMLSSelfGroup creator void $ createAddCommit creator [alice] >>= sendAndConsumeCommitBundle - mlsBracket clients $ \wss -> do - liftTest $ - deleteMemberQualified (qUnqualified alice) alice qcnv - !!! do - const 403 === statusCode - const (Just "invalid-op") === fmap Wai.label . responseJsonError - WS.assertNoEvent (1 # WS.Second) wss + liftTest $ + deleteMemberQualified (qUnqualified alice) alice qcnv + !!! do + const 403 === statusCode + const (Just "invalid-op") === fmap Wai.label . responseJsonError assertMLSNotEnabled :: Assertions () assertMLSNotEnabled = do From 4ccf082cb47ee1633be329946a01da5df458e12e Mon Sep 17 00:00:00 2001 From: Mango The Fourth <40720523+MangoIV@users.noreply.github.com> Date: Tue, 24 Oct 2023 09:47:42 +0200 Subject: [PATCH 006/177] [WPB-4981] replace unclaimed keypackages atomically (#3654) * add replace unclaimed key-packages route and endpoint * Add key package replace test --------- Co-authored-by: Paolo Capriotti --- changelog.d/1-api-changes/mls-replace-kps | 1 + integration/test/API/Brig.hs | 10 +++ integration/test/MLS/Util.hs | 10 +-- integration/test/Test/MLS/KeyPackage.hs | 77 +++++++++++++++++-- libs/wire-api/src/Wire/API/MLS/CipherSuite.hs | 17 ++-- libs/wire-api/src/Wire/API/MLS/KeyPackage.hs | 3 +- .../src/Wire/API/Routes/Public/Brig.hs | 23 ++++++ services/brig/src/Brig/API/MLS/CipherSuite.hs | 17 ++-- services/brig/src/Brig/API/MLS/KeyPackages.hs | 14 ++++ services/brig/src/Brig/API/Public.hs | 1 + services/brig/src/Brig/Data/MLS/KeyPackage.hs | 18 +++++ 11 files changed, 169 insertions(+), 22 deletions(-) create mode 100644 changelog.d/1-api-changes/mls-replace-kps diff --git a/changelog.d/1-api-changes/mls-replace-kps b/changelog.d/1-api-changes/mls-replace-kps new file mode 100644 index 00000000000..671b7d4b8c0 --- /dev/null +++ b/changelog.d/1-api-changes/mls-replace-kps @@ -0,0 +1 @@ +New endpoint for replacing MLS key packages in bulk: `PUT /mls/key-packages/self/:client`. It replaces all existing key packages that match the given ciphersuites with the new key packages provided in the body. diff --git a/integration/test/API/Brig.hs b/integration/test/API/Brig.hs index 455ce04e9d9..8e1c390862a 100644 --- a/integration/test/API/Brig.hs +++ b/integration/test/API/Brig.hs @@ -302,6 +302,16 @@ deleteKeyPackages cid kps = do req <- baseRequest cid Brig Versioned ("/mls/key-packages/self/" <> cid.client) submit "DELETE" $ req & addJSONObject ["key_packages" .= kps] +replaceKeyPackages :: ClientIdentity -> [Ciphersuite] -> [ByteString] -> App Response +replaceKeyPackages cid suites kps = do + req <- + baseRequest cid Brig Versioned $ + "/mls/key-packages/self/" <> cid.client + submit "PUT" $ + req + & addQueryParams [("ciphersuites", intercalate "," (map (.code) suites))] + & addJSONObject ["key_packages" .= map (T.decodeUtf8 . Base64.encode) kps] + getSelf :: HasCallStack => String -> String -> App Response getSelf domain uid = do let user = object ["domain" .= domain, "id" .= uid] diff --git a/integration/test/MLS/Util.hs b/integration/test/MLS/Util.hs index d6bef3fc8a0..94c2d520f21 100644 --- a/integration/test/MLS/Util.hs +++ b/integration/test/MLS/Util.hs @@ -174,7 +174,8 @@ createMLSClient opts u = do -- | create and upload to backend uploadNewKeyPackage :: HasCallStack => ClientIdentity -> App String uploadNewKeyPackage cid = do - (kp, ref) <- generateKeyPackage cid + mls <- getMLSState + (kp, ref) <- generateKeyPackage cid mls.ciphersuite -- upload key package bindResponse (uploadKeyPackages cid [kp]) $ \resp -> @@ -182,10 +183,9 @@ uploadNewKeyPackage cid = do pure ref -generateKeyPackage :: HasCallStack => ClientIdentity -> App (ByteString, String) -generateKeyPackage cid = do - mls <- getMLSState - kp <- mlscli cid ["key-package", "create", "--ciphersuite", mls.ciphersuite.code] Nothing +generateKeyPackage :: HasCallStack => ClientIdentity -> Ciphersuite -> App (ByteString, String) +generateKeyPackage cid suite = do + kp <- mlscli cid ["key-package", "create", "--ciphersuite", suite.code] Nothing ref <- B8.unpack . Base64.encode <$> mlscli cid ["key-package", "ref", "-"] (Just kp) fp <- keyPackageFile cid ref liftIO $ BS.writeFile fp kp diff --git a/integration/test/Test/MLS/KeyPackage.hs b/integration/test/Test/MLS/KeyPackage.hs index 8f6cf9d20d3..78c7e87e0b5 100644 --- a/integration/test/Test/MLS/KeyPackage.hs +++ b/integration/test/Test/MLS/KeyPackage.hs @@ -56,10 +56,8 @@ testKeyPackageCount cs = do resp.status `shouldMatchInt` 200 resp.json %. "count" `shouldMatchInt` 0 - setMLSCiphersuite cs - let count = 10 - kps <- map fst <$> replicateM count (generateKeyPackage alice1) + kps <- map fst <$> replicateM count (generateKeyPackage alice1 cs) void $ uploadKeyPackages alice1 kps >>= getBody 201 bindResponse (countKeyPackages cs alice1) $ \resp -> do @@ -68,10 +66,79 @@ testKeyPackageCount cs = do testUnsupportedCiphersuite :: HasCallStack => App () testUnsupportedCiphersuite = do - setMLSCiphersuite (Ciphersuite "0x0002") + let suite = Ciphersuite "0x0002" + setMLSCiphersuite suite bob <- randomUser OwnDomain def bob1 <- createMLSClient def bob - (kp, _) <- generateKeyPackage bob1 + (kp, _) <- generateKeyPackage bob1 suite bindResponse (uploadKeyPackages bob1 [kp]) $ \resp -> do resp.status `shouldMatchInt` 400 resp.json %. "label" `shouldMatch` "mls-protocol-error" + +testReplaceKeyPackages :: HasCallStack => App () +testReplaceKeyPackages = do + alice <- randomUser OwnDomain def + [alice1, alice2] <- replicateM 2 $ createMLSClient def alice + let suite = Ciphersuite "0xf031" + + let checkCount cs n = + bindResponse (countKeyPackages cs alice1) $ \resp -> do + resp.status `shouldMatchInt` 200 + resp.json %. "count" `shouldMatchInt` n + + -- setup: upload a batch of key packages for each ciphersuite + void $ + replicateM 4 (fmap fst (generateKeyPackage alice1 def)) + >>= uploadKeyPackages alice1 + >>= getBody 201 + setMLSCiphersuite suite + void $ + replicateM 5 (fmap fst (generateKeyPackage alice1 suite)) + >>= uploadKeyPackages alice1 + >>= getBody 201 + + checkCount def 4 + checkCount suite 5 + + do + -- generate a new batch of key packages + (kps, refs) <- unzip <$> replicateM 3 (generateKeyPackage alice1 suite) + + -- replace old key packages with new + void $ replaceKeyPackages alice1 [suite] kps >>= getBody 201 + + checkCount def 4 + checkCount suite 3 + + -- claim all key packages one by one + claimed <- + replicateM 3 $ + bindResponse (claimKeyPackages suite alice2 alice) $ \resp -> do + resp.status `shouldMatchInt` 200 + ks <- resp.json %. "key_packages" & asList + k <- assertOne ks + k %. "key_package_ref" + + refs `shouldMatchSet` claimed + + checkCount def 4 + checkCount suite 0 + + do + -- replenish key packages for the second ciphersuite + void $ + replicateM 5 (fmap fst (generateKeyPackage alice1 suite)) + >>= uploadKeyPackages alice1 + >>= getBody 201 + + checkCount def 4 + checkCount suite 5 + + -- replace all key packages with fresh ones + kps1 <- replicateM 2 (fmap fst (generateKeyPackage alice1 def)) + kps2 <- replicateM 2 (fmap fst (generateKeyPackage alice1 suite)) + + void $ replaceKeyPackages alice1 [def, suite] (kps1 <> kps2) >>= getBody 201 + + checkCount def 2 + checkCount suite 2 diff --git a/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs b/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs index 1f358b58e61..7c51932a439 100644 --- a/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs +++ b/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs @@ -42,6 +42,7 @@ module Wire.API.MLS.CipherSuite where import Cassandra.CQL +import Control.Applicative import Control.Error (note) import Control.Lens ((?~)) import Crypto.Error @@ -51,18 +52,20 @@ import Crypto.PubKey.Ed25519 qualified as Ed25519 import Data.Aeson qualified as Aeson import Data.Aeson.Types (FromJSON (..), FromJSONKey (..), ToJSON (..), ToJSONKey (..)) import Data.Aeson.Types qualified as Aeson +import Data.Attoparsec.ByteString.Char8 qualified as Atto import Data.Bifunctor import Data.ByteArray hiding (index) import Data.ByteArray qualified as BA +import Data.ByteString.Conversion import Data.OpenApi qualified as S import Data.OpenApi.Internal.Schema qualified as S import Data.Proxy import Data.Schema import Data.Text qualified as T +import Data.Text.Encoding qualified as T import Data.Text.Lazy qualified as LT import Data.Text.Lazy.Builder qualified as LT import Data.Text.Lazy.Builder.Int qualified as LT -import Data.Text.Read qualified as T import Data.Word import Imports hiding (cs) import Web.HttpApiData @@ -85,11 +88,8 @@ instance S.ToParamSchema CipherSuite where & S.type_ ?~ S.OpenApiNumber instance FromHttpApiData CipherSuite where - parseUrlPiece t = do - (x, rest) <- first T.pack $ T.hexadecimal t - unless (T.null rest) $ - Left "Trailing characters after ciphersuite number" - pure (CipherSuite x) + parseUrlPiece = parseHeader . T.encodeUtf8 + parseHeader = first T.pack . runParser parser instance ToHttpApiData CipherSuite where toUrlPiece = @@ -99,6 +99,11 @@ instance ToHttpApiData CipherSuite where . LT.hexadecimal . cipherSuiteNumber +instance FromByteString CipherSuite where + parser = do + void $ Atto.try (optional (Atto.string "0x")) + CipherSuite <$> Atto.hexadecimal + data CipherSuiteTag = MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519 | MLS_128_X25519Kyber768Draft00_AES128GCM_SHA256_Ed25519 diff --git a/libs/wire-api/src/Wire/API/MLS/KeyPackage.hs b/libs/wire-api/src/Wire/API/MLS/KeyPackage.hs index 1402ff17b9a..da2855013e8 100644 --- a/libs/wire-api/src/Wire/API/MLS/KeyPackage.hs +++ b/libs/wire-api/src/Wire/API/MLS/KeyPackage.hs @@ -62,7 +62,8 @@ import Wire.API.MLS.Serialisation import Wire.Arbitrary data KeyPackageUpload = KeyPackageUpload - {keyPackages :: [RawMLS KeyPackage]} + { keyPackages :: [RawMLS KeyPackage] + } deriving (FromJSON, ToJSON, S.ToSchema) via Schema KeyPackageUpload instance ToSchema KeyPackageUpload where diff --git a/libs/wire-api/src/Wire/API/Routes/Public/Brig.hs b/libs/wire-api/src/Wire/API/Routes/Public/Brig.hs index 6e780914b7c..8a09807bc5c 100644 --- a/libs/wire-api/src/Wire/API/Routes/Public/Brig.hs +++ b/libs/wire-api/src/Wire/API/Routes/Public/Brig.hs @@ -1186,6 +1186,15 @@ type CipherSuiteParam = "ciphersuite" CipherSuite +type MultipleCipherSuitesParam = + QueryParam' + [ Optional, + Strict, + Description "Comma-separated list of ciphersuites in hex format (e.g. 0xf031) - default is 0x0001" + ] + "ciphersuites" + (CommaSeparatedList CipherSuite) + type MLSKeyPackageAPI = "key-packages" :> ( Named @@ -1201,6 +1210,20 @@ type MLSKeyPackageAPI = :> ReqBody '[JSON] KeyPackageUpload :> MultiVerb 'POST '[JSON, MLS] '[RespondEmpty 201 "Key packages uploaded"] () ) + :<|> Named + "mls-key-packages-replace" + ( "self" + :> Summary "Upload a fresh batch of key packages and replace the old ones" + :> From 'V5 + :> Description "The request body should be a json object containing a list of base64-encoded key packages. Use this sparingly." + :> ZLocalUser + :> CanThrow 'MLSProtocolError + :> CanThrow 'MLSIdentityMismatch + :> CaptureClientId "client" + :> MultipleCipherSuitesParam + :> ReqBody '[JSON] KeyPackageUpload + :> MultiVerb 'PUT '[JSON, MLS] '[RespondEmpty 201 "Key packages replaced"] () + ) :<|> Named "mls-key-packages-claim" ( "claim" diff --git a/services/brig/src/Brig/API/MLS/CipherSuite.hs b/services/brig/src/Brig/API/MLS/CipherSuite.hs index ec6b9756787..da8182c0a41 100644 --- a/services/brig/src/Brig/API/MLS/CipherSuite.hs +++ b/services/brig/src/Brig/API/MLS/CipherSuite.hs @@ -15,15 +15,22 @@ -- You should have received a copy of the GNU Affero General Public License along -- with this program. If not, see . -module Brig.API.MLS.CipherSuite (getCipherSuite) where +module Brig.API.MLS.CipherSuite (getCipherSuite, getCipherSuites) where import Brig.API.Handler import Brig.API.MLS.KeyPackages.Validation import Imports import Wire.API.MLS.CipherSuite +getOneCipherSuite :: CipherSuite -> Handler r CipherSuiteTag +getOneCipherSuite s = + maybe + (mlsProtocolError "Unknown ciphersuite") + pure + (cipherSuiteTag s) + getCipherSuite :: Maybe CipherSuite -> Handler r CipherSuiteTag -getCipherSuite mSuite = case mSuite of - Nothing -> pure defCipherSuite - Just x -> - maybe (mlsProtocolError "Unknown ciphersuite") pure (cipherSuiteTag x) +getCipherSuite = maybe (pure defCipherSuite) getOneCipherSuite + +getCipherSuites :: Maybe [CipherSuite] -> Handler r [CipherSuiteTag] +getCipherSuites = maybe (pure [defCipherSuite]) (traverse getOneCipherSuite) diff --git a/services/brig/src/Brig/API/MLS/KeyPackages.hs b/services/brig/src/Brig/API/MLS/KeyPackages.hs index 4a3c244b356..35d1edba025 100644 --- a/services/brig/src/Brig/API/MLS/KeyPackages.hs +++ b/services/brig/src/Brig/API/MLS/KeyPackages.hs @@ -21,6 +21,7 @@ module Brig.API.MLS.KeyPackages claimLocalKeyPackages, countKeyPackages, deleteKeyPackages, + replaceKeyPackages, ) where @@ -37,6 +38,7 @@ import Brig.Federation.Client import Brig.IO.Intra import Control.Monad.Trans.Except import Control.Monad.Trans.Maybe +import Data.CommaSeparatedList import Data.Id import Data.Qualified import Data.Set qualified as Set @@ -157,3 +159,15 @@ deleteKeyPackages lusr c mSuite (unDeleteKeyPackages -> refs) = do assertMLSEnabled suite <- getCipherSuite mSuite lift $ wrapClient (Data.deleteKeyPackages (tUnqualified lusr) c suite refs) + +replaceKeyPackages :: + Local UserId -> + ClientId -> + Maybe (CommaSeparatedList CipherSuite) -> + KeyPackageUpload -> + Handler r () +replaceKeyPackages lusr c (fmap toList -> mSuites) upload = do + assertMLSEnabled + suites <- getCipherSuites mSuites + lift $ wrapClient (Data.deleteAllKeyPackages (tUnqualified lusr) c suites) + uploadKeyPackages lusr c upload diff --git a/services/brig/src/Brig/API/Public.hs b/services/brig/src/Brig/API/Public.hs index 2ce4307aecc..623792268ce 100644 --- a/services/brig/src/Brig/API/Public.hs +++ b/services/brig/src/Brig/API/Public.hs @@ -373,6 +373,7 @@ servantSitemap = mlsAPI :: ServerT MLSAPI (Handler r) mlsAPI = Named @"mls-key-packages-upload" uploadKeyPackages + :<|> Named @"mls-key-packages-replace" replaceKeyPackages :<|> Named @"mls-key-packages-claim" claimKeyPackages :<|> Named @"mls-key-packages-count" countKeyPackages :<|> Named @"mls-key-packages-delete" deleteKeyPackages diff --git a/services/brig/src/Brig/Data/MLS/KeyPackage.hs b/services/brig/src/Brig/Data/MLS/KeyPackage.hs index a03192f32e6..7aaccc4d16c 100644 --- a/services/brig/src/Brig/Data/MLS/KeyPackage.hs +++ b/services/brig/src/Brig/Data/MLS/KeyPackage.hs @@ -20,6 +20,7 @@ module Brig.Data.MLS.KeyPackage claimKeyPackage, countKeyPackages, deleteKeyPackages, + deleteAllKeyPackages, ) where @@ -37,6 +38,7 @@ import Data.Qualified import Data.Time.Clock import Data.Time.Clock.POSIX import Imports +import UnliftIO.Async import Wire.API.MLS.CipherSuite import Wire.API.MLS.KeyPackage import Wire.API.MLS.LeafNode @@ -142,6 +144,22 @@ deleteKeyPackages u c suite refs = deleteQuery :: PrepQuery W (UserId, ClientId, CipherSuiteTag, [KeyPackageRef]) () deleteQuery = "DELETE FROM mls_key_packages WHERE user = ? AND client = ? AND cipher_suite = ? AND ref in ?" +deleteAllKeyPackages :: + (MonadClient m, MonadUnliftIO m) => + UserId -> + ClientId -> + [CipherSuiteTag] -> + m () +deleteAllKeyPackages u c suites = + pooledForConcurrentlyN_ 16 suites $ \suite -> + retry x5 $ + write + deleteQuery + (params LocalQuorum (u, c, suite)) + where + deleteQuery :: PrepQuery W (UserId, ClientId, CipherSuiteTag) () + deleteQuery = "DELETE FROM mls_key_packages WHERE user = ? AND client = ? AND cipher_suite = ?" + -------------------------------------------------------------------------------- -- Utilities From 3d06ab91e82e089ddcdf585a6ad1484a16a392db Mon Sep 17 00:00:00 2001 From: Leif Battermann Date: Tue, 24 Oct 2023 12:51:36 +0200 Subject: [PATCH 007/177] WPB-5098 Backend-to-backend OpenApi Docs (#3666) --- changelog.d/4-docs/WPB-5098 | 1 + charts/nginz/values.yaml | 4 + .../api-client-perspective/swagger.md | 7 ++ libs/types-common/src/Data/Json/Util.hs | 2 +- .../src/Network/Wai/Utilities/JSONResponse.hs | 3 +- libs/wire-api-federation/default.nix | 2 + .../src/Wire/API/Federation/API/Brig.hs | 26 +++++++ .../API/Federation/API/Brig/Notifications.hs | 3 + .../src/Wire/API/Federation/API/Cargohold.hs | 14 +++- .../src/Wire/API/Federation/API/Common.hs | 3 + .../src/Wire/API/Federation/API/Galley.hs | 74 +++++++++++++++++-- .../Federation/API/Galley/Notifications.hs | 11 +++ .../src/Wire/API/Federation/Domain.hs | 10 +++ .../wire-api-federation.cabal | 1 + libs/wire-api/src/Wire/API/Asset.hs | 2 +- libs/wire-api/src/Wire/API/Conversation.hs | 2 +- .../src/Wire/API/Conversation/Action.hs | 36 ++++++++- .../src/Wire/API/Conversation/Action/Tag.hs | 4 + .../src/Wire/API/Conversation/Protocol.hs | 4 + libs/wire-api/src/Wire/API/Error/Galley.hs | 2 + libs/wire-api/src/Wire/API/MLS/CipherSuite.hs | 2 +- libs/wire-api/src/Wire/API/MLS/Epoch.hs | 3 +- .../src/Wire/API/MLS/SubConversation.hs | 2 +- .../API/Routes/Public/Galley/Messaging.hs | 3 + libs/wire-api/src/Wire/API/Team/Permission.hs | 2 + libs/wire-api/src/Wire/API/User/Search.hs | 2 +- services/brig/src/Brig/API/Public.hs | 16 +++- services/brig/src/Brig/API/Public/Swagger.hs | 27 ++++++- .../integration-test/conf/nginz/nginx.conf | 10 +++ 29 files changed, 259 insertions(+), 19 deletions(-) create mode 100644 changelog.d/4-docs/WPB-5098 diff --git a/changelog.d/4-docs/WPB-5098 b/changelog.d/4-docs/WPB-5098 new file mode 100644 index 00000000000..9b7f171dec8 --- /dev/null +++ b/changelog.d/4-docs/WPB-5098 @@ -0,0 +1 @@ +Backend-to-backend OpenApi Docs added diff --git a/charts/nginz/values.yaml b/charts/nginz/values.yaml index 83f89007609..dfec77bed8b 100644 --- a/charts/nginz/values.yaml +++ b/charts/nginz/values.yaml @@ -162,6 +162,10 @@ nginx_conf: disable_zauth: true envs: - staging + - path: /api-federation/swagger-ui + disable_zauth: true + envs: + - staging - path: /self$ # Matches exactly /self oauth_scope: self envs: diff --git a/docs/src/understand/api-client-perspective/swagger.md b/docs/src/understand/api-client-perspective/swagger.md index a60890951d9..b466fc7f8b8 100644 --- a/docs/src/understand/api-client-perspective/swagger.md +++ b/docs/src/understand/api-client-perspective/swagger.md @@ -84,6 +84,13 @@ The URL pattern is similar to that of public endpoints for latest version: If you want to get the raw json of the swagger: `https:///api-internal/swagger-ui/-swagger.json`. +### Federation API + +- Unversioned + - [`brig` - Federation API](https://staging-nginz-https.zinfra.io/api-federation/swagger-ui/brig) + - [`galley` - Federation API](https://staging-nginz-https.zinfra.io/api-federation/swagger-ui/galley) + - [`cargohold` - Federation API](https://staging-nginz-https.zinfra.io/api-federation/swagger-ui/cargohold) + ### Finding the source code for an end-point A *route internal ID* is provided for every end-point. See diff --git a/libs/types-common/src/Data/Json/Util.hs b/libs/types-common/src/Data/Json/Util.hs index 408dfe41cbc..2c898487f04 100644 --- a/libs/types-common/src/Data/Json/Util.hs +++ b/libs/types-common/src/Data/Json/Util.hs @@ -196,7 +196,7 @@ toJSONFieldName = A.defaultOptions {A.fieldLabelModifier = A.camelTo2 '_'} -- Some related discussion: . newtype Base64ByteString = Base64ByteString {fromBase64ByteString :: ByteString} deriving stock (Eq, Ord, Show) - deriving (FromJSON, ToJSON) via Schema Base64ByteString + deriving (FromJSON, ToJSON, S.ToSchema) via Schema Base64ByteString deriving newtype (Arbitrary, IsString) instance ToSchema Base64ByteString where diff --git a/libs/wai-utilities/src/Network/Wai/Utilities/JSONResponse.hs b/libs/wai-utilities/src/Network/Wai/Utilities/JSONResponse.hs index b3afe3f5432..c2ab383a42e 100644 --- a/libs/wai-utilities/src/Network/Wai/Utilities/JSONResponse.hs +++ b/libs/wai-utilities/src/Network/Wai/Utilities/JSONResponse.hs @@ -24,6 +24,7 @@ where import Data.Aeson (FromJSON (..), ToJSON (..)) import Data.Aeson qualified as A +import Data.OpenApi qualified as S import Data.Schema import Imports import Network.HTTP.Types.Status @@ -43,7 +44,7 @@ data JSONResponse = JSONResponse value :: A.Value } deriving (Eq, Ord, Show) - deriving (FromJSON, ToJSON) via Schema JSONResponse + deriving (FromJSON, ToJSON, S.ToSchema) via Schema JSONResponse instance ToSchema JSONResponse where schema = diff --git a/libs/wire-api-federation/default.nix b/libs/wire-api-federation/default.nix index 78342495155..c4af614faee 100644 --- a/libs/wire-api-federation/default.nix +++ b/libs/wire-api-federation/default.nix @@ -33,6 +33,7 @@ , servant , servant-client , servant-client-core +, servant-openapi3 , servant-server , singletons , singletons-th @@ -74,6 +75,7 @@ mkDerivation { servant servant-client servant-client-core + servant-openapi3 servant-server singletons-th text diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Brig.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Brig.hs index 8703e3d8501..ed3586aa373 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Brig.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Brig.hs @@ -25,8 +25,11 @@ import Data.Aeson import Data.Domain (Domain) import Data.Handle (Handle) import Data.Id +import Data.OpenApi (OpenApi, ToSchema) +import Data.Proxy (Proxy (Proxy)) import Imports import Servant.API +import Servant.OpenApi (HasOpenApi (toOpenApi)) import Test.QuickCheck (Arbitrary) import Wire.API.Federation.API.Brig.Notifications as Notifications import Wire.API.Federation.Endpoint @@ -49,6 +52,8 @@ instance ToJSON SearchRequest instance FromJSON SearchRequest +instance ToSchema SearchRequest + data SearchResponse = SearchResponse { contacts :: [Contact], searchPolicy :: FederatedUserSearchPolicy @@ -59,6 +64,8 @@ instance ToJSON SearchResponse instance FromJSON SearchResponse +instance ToSchema SearchResponse + -- | For conventions see /docs/developer/federation-api-conventions.md type BrigApi = FedEndpoint "api-version" () VersionInfo @@ -85,6 +92,8 @@ newtype DomainSet = DomainSet deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded DomainSet) +instance ToSchema DomainSet + newtype NonConnectedBackends = NonConnectedBackends -- TODO: -- The encoding rules that were in place would make this "connectedBackends" over the wire. @@ -94,12 +103,16 @@ newtype NonConnectedBackends = NonConnectedBackends deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded NonConnectedBackends) +instance ToSchema NonConnectedBackends + newtype GetUserClients = GetUserClients { users :: [UserId] } deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded GetUserClients) +instance ToSchema GetUserClients + data MLSClientsRequest = MLSClientsRequest { userId :: UserId, -- implicitly qualified by the local domain cipherSuite :: CipherSuite @@ -107,6 +120,8 @@ data MLSClientsRequest = MLSClientsRequest deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded MLSClientsRequest) +instance ToSchema MLSClientsRequest + -- NOTE: ConversationId for remote connections -- -- The plan is to model the connect/one2one conversationId as deterministically derived from @@ -134,6 +149,8 @@ data NewConnectionRequest = NewConnectionRequest deriving (Arbitrary) via (GenericUniform NewConnectionRequest) deriving (FromJSON, ToJSON) via (CustomEncoded NewConnectionRequest) +instance ToSchema NewConnectionRequest + data RemoteConnectionAction = RemoteConnect | RemoteRescind @@ -141,6 +158,8 @@ data RemoteConnectionAction deriving (Arbitrary) via (GenericUniform RemoteConnectionAction) deriving (FromJSON, ToJSON) via (CustomEncoded RemoteConnectionAction) +instance ToSchema RemoteConnectionAction + data NewConnectionResponse = NewConnectionResponseUserNotActivated | NewConnectionResponseOk (Maybe RemoteConnectionAction) @@ -148,6 +167,8 @@ data NewConnectionResponse deriving (Arbitrary) via (GenericUniform NewConnectionResponse) deriving (FromJSON, ToJSON) via (CustomEncoded NewConnectionResponse) +instance ToSchema NewConnectionResponse + data ClaimKeyPackageRequest = ClaimKeyPackageRequest { -- | The user making the request, implictly qualified by the origin domain. claimant :: UserId, @@ -160,3 +181,8 @@ data ClaimKeyPackageRequest = ClaimKeyPackageRequest deriving stock (Eq, Show, Generic) deriving (Arbitrary) via (GenericUniform ClaimKeyPackageRequest) deriving (FromJSON, ToJSON) via (CustomEncoded ClaimKeyPackageRequest) + +instance ToSchema ClaimKeyPackageRequest + +swaggerDoc :: OpenApi +swaggerDoc = toOpenApi (Proxy @BrigApi) diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Brig/Notifications.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Brig/Notifications.hs index efdc16722b9..884b0c485ed 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Brig/Notifications.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Brig/Notifications.hs @@ -19,6 +19,7 @@ module Wire.API.Federation.API.Brig.Notifications where import Data.Aeson import Data.Id +import Data.OpenApi (ToSchema) import Data.Range import Imports import Wire.API.Federation.Component @@ -50,6 +51,8 @@ instance HasNotificationEndpoint 'OnUserDeletedConnectionsTag where NotificationAPI 'OnUserDeletedConnectionsTag 'Brig = NotificationFedEndpoint 'OnUserDeletedConnectionsTag +instance ToSchema UserDeletedConnectionsNotification + -- | All the notification endpoints return an 'EmptyResponse'. type BrigNotificationAPI = -- FUTUREWORK: Use NotificationAPI 'OnUserDeletedConnectionsTag 'Brig instead diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Cargohold.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Cargohold.hs index debe7a2a5d5..cb81f6cbc0d 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Cargohold.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Cargohold.hs @@ -19,8 +19,11 @@ module Wire.API.Federation.API.Cargohold where import Data.Aeson (FromJSON (..), ToJSON (..)) import Data.Id +import Data.OpenApi +import Data.Proxy import Imports import Servant.API +import Servant.OpenApi (HasOpenApi (toOpenApi)) import Wire.API.Asset import Wire.API.Federation.Endpoint import Wire.API.Routes.AssetBody @@ -28,9 +31,9 @@ import Wire.API.Util.Aeson import Wire.Arbitrary (Arbitrary, GenericUniform (..)) data GetAsset = GetAsset - { -- | User requesting the asset. Implictly qualified with the source domain. + { -- | User requesting the asset. Implicitly qualified with the source domain. user :: UserId, - -- | Asset key for the asset to download. Implictly qualified with the + -- | Asset key for the asset to download. Implicitly qualified with the -- target domain. key :: AssetKey, -- | Optional asset token. @@ -40,12 +43,19 @@ data GetAsset = GetAsset deriving (Arbitrary) via (GenericUniform GetAsset) deriving (ToJSON, FromJSON) via (CustomEncoded GetAsset) +instance ToSchema GetAsset + data GetAssetResponse = GetAssetResponse {available :: Bool} deriving stock (Eq, Show, Generic) deriving (Arbitrary) via (GenericUniform GetAssetResponse) deriving (ToJSON, FromJSON) via (CustomEncoded GetAssetResponse) +instance ToSchema GetAssetResponse + type CargoholdApi = FedEndpoint "get-asset" GetAsset GetAssetResponse :<|> StreamingFedEndpoint "stream-asset" GetAsset AssetSource + +swaggerDoc :: OpenApi +swaggerDoc = toOpenApi (Proxy @CargoholdApi) diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Common.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Common.hs index 81fa5e70f55..5982de6ee77 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Common.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Common.hs @@ -18,6 +18,7 @@ module Wire.API.Federation.API.Common where import Data.Aeson +import Data.OpenApi (ToSchema) import Imports import Test.QuickCheck import Wire.Arbitrary @@ -29,6 +30,8 @@ data EmptyResponse = EmptyResponse deriving stock (Eq, Show, Generic) deriving (Arbitrary) via (GenericUniform EmptyResponse) +instance ToSchema EmptyResponse + instance FromJSON EmptyResponse where parseJSON = withObject "EmptyResponse" . const $ pure EmptyResponse diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Galley.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Galley.hs index f40417e303b..c548cd35c60 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Galley.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Galley.hs @@ -26,11 +26,14 @@ import Data.Domain import Data.Id import Data.Json.Util import Data.Misc (Milliseconds) +import Data.OpenApi (OpenApi, ToSchema) +import Data.Proxy (Proxy (Proxy)) import Data.Qualified import Data.Time.Clock (UTCTime) import Imports import Network.Wai.Utilities.JSONResponse import Servant.API +import Servant.OpenApi (HasOpenApi (toOpenApi)) import Wire.API.Conversation import Wire.API.Conversation.Action import Wire.API.Conversation.Protocol @@ -147,12 +150,16 @@ data TypingDataUpdateRequest = TypingDataUpdateRequest deriving stock (Eq, Show, Generic) deriving (FromJSON, ToJSON) via (CustomEncoded TypingDataUpdateRequest) +instance ToSchema TypingDataUpdateRequest + data TypingDataUpdateResponse = TypingDataUpdateSuccess TypingDataUpdated | TypingDataUpdateError GalleyError deriving stock (Eq, Show, Generic) deriving (FromJSON, ToJSON) via (CustomEncoded TypingDataUpdateResponse) +instance ToSchema TypingDataUpdateResponse + data TypingDataUpdated = TypingDataUpdated { time :: UTCTime, origUserId :: Qualified UserId, @@ -165,6 +172,8 @@ data TypingDataUpdated = TypingDataUpdated deriving stock (Eq, Show, Generic) deriving (FromJSON, ToJSON) via (CustomEncoded TypingDataUpdated) +instance ToSchema TypingDataUpdated + data GetConversationsRequest = GetConversationsRequest { userId :: UserId, convIds :: [ConvId] @@ -173,6 +182,8 @@ data GetConversationsRequest = GetConversationsRequest deriving (Arbitrary) via (GenericUniform GetConversationsRequest) deriving (ToJSON, FromJSON) via (CustomEncoded GetConversationsRequest) +instance ToSchema GetConversationsRequest + data GetOne2OneConversationRequest = GetOne2OneConversationRequest { -- The user on the sender's domain goocSenderUser :: UserId, @@ -183,6 +194,8 @@ data GetOne2OneConversationRequest = GetOne2OneConversationRequest deriving (Arbitrary) via (GenericUniform GetOne2OneConversationRequest) deriving (ToJSON, FromJSON) via (CustomEncoded GetOne2OneConversationRequest) +instance ToSchema GetOne2OneConversationRequest + data RemoteConvMembers = RemoteConvMembers { selfRole :: RoleName, others :: [OtherMember] @@ -191,6 +204,8 @@ data RemoteConvMembers = RemoteConvMembers deriving (Arbitrary) via (GenericUniform RemoteConvMembers) deriving (FromJSON, ToJSON) via (CustomEncoded RemoteConvMembers) +instance ToSchema RemoteConvMembers + -- | A conversation hosted on a remote backend. This contains the same -- information as a 'Conversation', with the exception that conversation status -- fields (muted\/archived\/hidden) are omitted, since they are not known by the @@ -207,6 +222,8 @@ data RemoteConversation = RemoteConversation deriving (Arbitrary) via (GenericUniform RemoteConversation) deriving (FromJSON, ToJSON) via (CustomEncoded RemoteConversation) +instance ToSchema RemoteConversation + newtype GetConversationsResponse = GetConversationsResponse { convs :: [RemoteConversation] } @@ -214,6 +231,8 @@ newtype GetConversationsResponse = GetConversationsResponse deriving (Arbitrary) via (GenericUniform GetConversationsResponse) deriving (ToJSON, FromJSON) via (CustomEncoded GetConversationsResponse) +instance ToSchema GetConversationsResponse + data GetOne2OneConversationResponse = GetOne2OneConversationOk RemoteConversation | -- | This is returned when the local backend is asked for a 1-1 conversation @@ -226,6 +245,8 @@ data GetOne2OneConversationResponse deriving (Arbitrary) via (GenericUniform GetOne2OneConversationResponse) deriving (ToJSON, FromJSON) via (CustomEncoded GetOne2OneConversationResponse) +instance ToSchema GetOne2OneConversationResponse + -- | A record type describing a new federated conversation -- -- FUTUREWORK: Think about extracting common conversation metadata into a @@ -254,6 +275,8 @@ data ConversationCreated conv = ConversationCreated deriving stock (Eq, Show, Generic, Functor) deriving (ToJSON, FromJSON) via (CustomEncoded (ConversationCreated conv)) +instance (ToSchema a) => ToSchema (ConversationCreated a) + ccRemoteOrigUserId :: ConversationCreated (Remote ConvId) -> Remote UserId ccRemoteOrigUserId cc = qualifyAs cc.cnvId cc.origUserId @@ -268,15 +291,17 @@ data LeaveConversationRequest = LeaveConversationRequest deriving stock (Generic, Eq, Show) deriving (ToJSON, FromJSON) via (CustomEncoded LeaveConversationRequest) +instance ToSchema LeaveConversationRequest + -- | Error outcomes of the leave-conversation RPC. data RemoveFromConversationError = RemoveFromConversationErrorRemovalNotAllowed | RemoveFromConversationErrorNotFound | RemoveFromConversationErrorUnchanged deriving stock (Eq, Show, Generic) - deriving - (ToJSON, FromJSON) - via (CustomEncoded RemoveFromConversationError) + deriving (ToJSON, FromJSON) via (CustomEncoded RemoveFromConversationError) + +instance ToSchema RemoveFromConversationError data RemoteMLSMessageResponse = RemoteMLSMessageOk @@ -284,6 +309,8 @@ data RemoteMLSMessageResponse deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded RemoteMLSMessageResponse) +instance ToSchema RemoteMLSMessageResponse + data ProteusMessageSendRequest = ProteusMessageSendRequest { -- | Conversation is assumed to be owned by the target domain, this allows -- us to protect against relay attacks @@ -297,6 +324,8 @@ data ProteusMessageSendRequest = ProteusMessageSendRequest deriving (Arbitrary) via (GenericUniform ProteusMessageSendRequest) deriving (ToJSON, FromJSON) via (CustomEncoded ProteusMessageSendRequest) +instance ToSchema ProteusMessageSendRequest + data MLSMessageSendRequest = MLSMessageSendRequest { -- | Conversation (or sub conversation) is assumed to be owned by the target -- domain, this allows us to protect against relay attacks @@ -311,9 +340,11 @@ data MLSMessageSendRequest = MLSMessageSendRequest deriving (Arbitrary) via (GenericUniform MLSMessageSendRequest) deriving (ToJSON, FromJSON) via (CustomEncoded MLSMessageSendRequest) +instance ToSchema MLSMessageSendRequest + newtype MessageSendResponse = MessageSendResponse {response :: PostOtrResponse MessageSendingStatus} - deriving stock (Eq, Show) + deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via ( Either @@ -321,13 +352,17 @@ newtype MessageSendResponse = MessageSendResponse MessageSendingStatus ) +instance ToSchema MessageSendResponse + newtype LeaveConversationResponse = LeaveConversationResponse {response :: Either RemoveFromConversationError ()} - deriving stock (Eq, Show) + deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (Either (CustomEncoded RemoveFromConversationError) ()) +instance ToSchema LeaveConversationResponse + data ConversationUpdateRequest = ConversationUpdateRequest { -- | The user that is attempting to perform the action. This is qualified -- implicitly by the origin domain @@ -341,6 +376,8 @@ data ConversationUpdateRequest = ConversationUpdateRequest deriving (Arbitrary) via (GenericUniform ConversationUpdateRequest) deriving (FromJSON, ToJSON) via (CustomEncoded ConversationUpdateRequest) +instance ToSchema ConversationUpdateRequest + data ConversationUpdateResponse = ConversationUpdateResponseError GalleyError | ConversationUpdateResponseUpdate ConversationUpdate @@ -352,6 +389,8 @@ data ConversationUpdateResponse (ToJSON, FromJSON) via (CustomEncoded ConversationUpdateResponse) +instance ToSchema ConversationUpdateResponse + -- | A wrapper around a raw welcome message data MLSWelcomeRequest = MLSWelcomeRequest { -- | Implicitely qualified by origin domain @@ -367,12 +406,16 @@ data MLSWelcomeRequest = MLSWelcomeRequest deriving (Arbitrary) via (GenericUniform MLSWelcomeRequest) deriving (FromJSON, ToJSON) via (CustomEncoded MLSWelcomeRequest) +instance ToSchema MLSWelcomeRequest + data MLSWelcomeResponse = MLSWelcomeSent | MLSWelcomeMLSNotEnabled deriving stock (Eq, Generic, Show) deriving (FromJSON, ToJSON) via (CustomEncoded MLSWelcomeResponse) +instance ToSchema MLSWelcomeResponse + data MLSMessageResponse = MLSMessageResponseError GalleyError | MLSMessageResponseProtocolError Text @@ -387,6 +430,8 @@ data MLSMessageResponse deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded MLSMessageResponse) +instance ToSchema MLSMessageResponse + data GetGroupInfoRequest = GetGroupInfoRequest { -- | Conversation (or subconversation) is assumed to be owned by the target -- domain, this allows us to protect against relay attacks @@ -399,12 +444,16 @@ data GetGroupInfoRequest = GetGroupInfoRequest deriving (Arbitrary) via (GenericUniform GetGroupInfoRequest) deriving (ToJSON, FromJSON) via (CustomEncoded GetGroupInfoRequest) +instance ToSchema GetGroupInfoRequest + data GetGroupInfoResponse = GetGroupInfoResponseError GalleyError | GetGroupInfoResponseState Base64ByteString deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded GetGroupInfoResponse) +instance ToSchema GetGroupInfoResponse + data GetSubConversationsRequest = GetSubConversationsRequest { gsreqUser :: UserId, gsreqConv :: ConvId, @@ -413,12 +462,16 @@ data GetSubConversationsRequest = GetSubConversationsRequest deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded GetSubConversationsRequest) +instance ToSchema GetSubConversationsRequest + data GetSubConversationsResponse = GetSubConversationsResponseError GalleyError | GetSubConversationsResponseSuccess PublicSubConversation deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded GetSubConversationsResponse) +instance ToSchema GetSubConversationsResponse + data LeaveSubConversationRequest = LeaveSubConversationRequest { lscrUser :: UserId, lscrClient :: ClientId, @@ -429,6 +482,8 @@ data LeaveSubConversationRequest = LeaveSubConversationRequest deriving (Arbitrary) via (GenericUniform LeaveSubConversationRequest) deriving (ToJSON, FromJSON) via (CustomEncoded LeaveSubConversationRequest) +instance ToSchema LeaveSubConversationRequest + data LeaveSubConversationResponse = LeaveSubConversationResponseError GalleyError | LeaveSubConversationResponseProtocolError Text @@ -436,6 +491,8 @@ data LeaveSubConversationResponse deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded LeaveSubConversationResponse) +instance ToSchema LeaveSubConversationResponse + data DeleteSubConversationFedRequest = DeleteSubConversationFedRequest { dscreqUser :: UserId, dscreqConv :: ConvId, @@ -446,8 +503,15 @@ data DeleteSubConversationFedRequest = DeleteSubConversationFedRequest deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded DeleteSubConversationFedRequest) +instance ToSchema DeleteSubConversationFedRequest + data DeleteSubConversationResponse = DeleteSubConversationResponseError GalleyError | DeleteSubConversationResponseSuccess deriving stock (Eq, Show, Generic) deriving (ToJSON, FromJSON) via (CustomEncoded DeleteSubConversationResponse) + +instance ToSchema DeleteSubConversationResponse + +swaggerDoc :: OpenApi +swaggerDoc = toOpenApi (Proxy @GalleyApi) diff --git a/libs/wire-api-federation/src/Wire/API/Federation/API/Galley/Notifications.hs b/libs/wire-api-federation/src/Wire/API/Federation/API/Galley/Notifications.hs index e5a401f3940..3485a60c1c7 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/API/Galley/Notifications.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/API/Galley/Notifications.hs @@ -24,6 +24,7 @@ import Data.Aeson import Data.Id import Data.Json.Util import Data.List.NonEmpty +import Data.OpenApi (ToSchema) import Data.Qualified import Data.Range import Data.Time.Clock @@ -114,6 +115,8 @@ data ClientRemovedRequest = ClientRemovedRequest deriving (Arbitrary) via (GenericUniform ClientRemovedRequest) deriving (FromJSON, ToJSON) via (CustomEncoded ClientRemovedRequest) +instance ToSchema ClientRemovedRequest + -- Note: this is parametric in the conversation type to allow it to be used -- both for conversations with a fixed known domain (e.g. as the argument of the -- federation RPC), and for conversations with an arbitrary Qualified or Remote id @@ -133,6 +136,8 @@ data RemoteMessage conv = RemoteMessage deriving (Arbitrary) via (GenericUniform (RemoteMessage conv)) deriving (ToJSON, FromJSON) via (CustomEncodedLensable (RemoteMessage conv)) +instance (ToSchema a) => ToSchema (RemoteMessage a) + data RemoteMLSMessage = RemoteMLSMessage { time :: UTCTime, metadata :: MessageMetadata, @@ -146,6 +151,8 @@ data RemoteMLSMessage = RemoteMLSMessage deriving (Arbitrary) via (GenericUniform RemoteMLSMessage) deriving (ToJSON, FromJSON) via (CustomEncoded RemoteMLSMessage) +instance ToSchema RemoteMLSMessage + data ConversationUpdate = ConversationUpdate { cuTime :: UTCTime, cuOrigUserId :: Qualified UserId, @@ -168,6 +175,8 @@ instance ToJSON ConversationUpdate instance FromJSON ConversationUpdate +instance ToSchema ConversationUpdate + type UserDeletedNotificationMaxConvs = 1000 data UserDeletedConversationsNotification = UserDeletedConversationsNotification @@ -179,3 +188,5 @@ data UserDeletedConversationsNotification = UserDeletedConversationsNotification deriving stock (Eq, Show, Generic) deriving (Arbitrary) via (GenericUniform UserDeletedConversationsNotification) deriving (FromJSON, ToJSON) via (CustomEncoded UserDeletedConversationsNotification) + +instance ToSchema UserDeletedConversationsNotification diff --git a/libs/wire-api-federation/src/Wire/API/Federation/Domain.hs b/libs/wire-api-federation/src/Wire/API/Federation/Domain.hs index 63ccb6f8ff4..2ead800ffee 100644 --- a/libs/wire-api-federation/src/Wire/API/Federation/Domain.hs +++ b/libs/wire-api-federation/src/Wire/API/Federation/Domain.hs @@ -17,13 +17,17 @@ module Wire.API.Federation.Domain where +import Control.Lens ((?~)) import Data.Domain (Domain) import Data.Metrics.Servant +import Data.OpenApi (OpenApi) +import Data.OpenApi qualified as S import Data.Proxy (Proxy (..)) import GHC.TypeLits (Symbol, symbolVal) import Imports import Servant.API (Header', Required, Strict, (:>)) import Servant.Client +import Servant.OpenApi (HasOpenApi (toOpenApi)) import Servant.Server import Servant.Server.Internal (MkContextWithErrorFormatter) import Wire.API.Routes.ClientAlgebra @@ -58,3 +62,9 @@ instance originDomainHeaderName :: IsString a => a originDomainHeaderName = fromString $ symbolVal (Proxy @OriginDomainHeaderName) + +instance (HasOpenApi api) => HasOpenApi (OriginDomainHeader :> api) where + toOpenApi _ = desc $ toOpenApi (Proxy @api) + where + desc :: OpenApi -> OpenApi + desc = S.allOperations . S.description ?~ ("All federated endpoints expect origin domain header: `" <> originDomainHeaderName <> "`") diff --git a/libs/wire-api-federation/wire-api-federation.cabal b/libs/wire-api-federation/wire-api-federation.cabal index 3d46abff3d6..e6722543b2c 100644 --- a/libs/wire-api-federation/wire-api-federation.cabal +++ b/libs/wire-api-federation/wire-api-federation.cabal @@ -107,6 +107,7 @@ library , servant >=0.16 , servant-client , servant-client-core + , servant-openapi3 , servant-server , singletons-th , text >=0.11 diff --git a/libs/wire-api/src/Wire/API/Asset.hs b/libs/wire-api/src/Wire/API/Asset.hs index 1658056c6d0..200fcbe245c 100644 --- a/libs/wire-api/src/Wire/API/Asset.hs +++ b/libs/wire-api/src/Wire/API/Asset.hs @@ -196,7 +196,7 @@ nilAssetKey = AssetKeyV3 (Id UUID.nil) AssetVolatile newtype AssetToken = AssetToken {assetTokenAscii :: AsciiBase64Url} deriving stock (Eq, Show) deriving newtype (FromByteString, ToByteString, Arbitrary) - deriving (FromJSON, ToJSON) via (Schema AssetToken) + deriving (FromJSON, ToJSON, S.ToSchema) via (Schema AssetToken) instance ToSchema AssetToken where schema = diff --git a/libs/wire-api/src/Wire/API/Conversation.hs b/libs/wire-api/src/Wire/API/Conversation.hs index 22a715678fb..646330c87b4 100644 --- a/libs/wire-api/src/Wire/API/Conversation.hs +++ b/libs/wire-api/src/Wire/API/Conversation.hs @@ -137,7 +137,7 @@ data ConversationMetadata = ConversationMetadata } deriving stock (Eq, Show, Generic) deriving (Arbitrary) via (GenericUniform ConversationMetadata) - deriving (FromJSON, ToJSON) via Schema ConversationMetadata + deriving (FromJSON, ToJSON, S.ToSchema) via Schema ConversationMetadata defConversationMetadata :: Maybe UserId -> ConversationMetadata defConversationMetadata mCreator = diff --git a/libs/wire-api/src/Wire/API/Conversation/Action.hs b/libs/wire-api/src/Wire/API/Conversation/Action.hs index d6930d14488..24fde8bba76 100644 --- a/libs/wire-api/src/Wire/API/Conversation/Action.hs +++ b/libs/wire-api/src/Wire/API/Conversation/Action.hs @@ -31,7 +31,7 @@ module Wire.API.Conversation.Action ) where -import Control.Lens ((?~)) +import Control.Lens hiding ((%~)) import Data.Aeson (FromJSON (..), ToJSON (..)) import Data.Aeson qualified as A import Data.Aeson.KeyMap qualified as A @@ -89,6 +89,40 @@ instance ToJSON SomeConversationAction where actionJSON = fromMaybe A.Null $ schemaOut (conversationActionSchema sb) action in A.object ["tag" A..= tag, "action" A..= actionJSON] +instance S.ToSchema SomeConversationAction where + declareNamedSchema _ = do + unitSchema <- S.declareSchemaRef (Proxy :: Proxy ()) + conversationJoin <- S.declareSchemaRef (Proxy :: Proxy ConversationJoin) + conversationMemberUpdate <- S.declareSchemaRef (Proxy :: Proxy ConversationMemberUpdate) + conversationRename <- S.declareSchemaRef (Proxy :: Proxy ConversationRename) + conversationMessageTimerUpdate <- S.declareSchemaRef (Proxy :: Proxy ConversationMessageTimerUpdate) + conversationReceiptModeUpdate <- S.declareSchemaRef (Proxy :: Proxy ConversationReceiptModeUpdate) + conversationAccessData <- S.declareSchemaRef (Proxy :: Proxy ConversationAccessData) + nonEmptyListNonEmptyQualifiedUserId <- S.declareSchemaRef (Proxy :: Proxy (NonEmptyList.NonEmpty (Qualified UserId))) + protocolTag <- S.declareSchemaRef (Proxy :: Proxy ProtocolTag) + let schemas = + [ (toJSON ConversationJoinTag, conversationJoin), + (toJSON ConversationLeaveTag, unitSchema), + (toJSON ConversationMemberUpdateTag, conversationMemberUpdate), + (toJSON ConversationDeleteTag, unitSchema), + (toJSON ConversationRenameTag, conversationRename), + (toJSON ConversationMessageTimerUpdateTag, conversationMessageTimerUpdate), + (toJSON ConversationReceiptModeUpdateTag, conversationReceiptModeUpdate), + (toJSON ConversationAccessDataTag, conversationAccessData), + (toJSON ConversationRemoveMembersTag, nonEmptyListNonEmptyQualifiedUserId), + (toJSON ConversationUpdateProtocolTag, protocolTag) + ] + <&> \(t, a) -> + S.Inline $ + mempty + & S.type_ ?~ S.OpenApiObject + & S.properties . at "tag" ?~ S.Inline (mempty & S.type_ ?~ S.OpenApiString & S.enum_ ?~ [t]) + & S.properties . at "action" ?~ a + & S.required .~ ["tag", "action"] + pure $ + S.NamedSchema (Just "SomeConversationAction") $ + mempty & S.oneOf ?~ schemas + conversationActionSchema :: forall tag. Sing tag -> ValueSchema NamedSwaggerDoc (ConversationAction tag) conversationActionSchema SConversationJoinTag = schema @ConversationJoin conversationActionSchema SConversationLeaveTag = diff --git a/libs/wire-api/src/Wire/API/Conversation/Action/Tag.hs b/libs/wire-api/src/Wire/API/Conversation/Action/Tag.hs index 00e46cdfdf5..2ebac9c3605 100644 --- a/libs/wire-api/src/Wire/API/Conversation/Action/Tag.hs +++ b/libs/wire-api/src/Wire/API/Conversation/Action/Tag.hs @@ -22,6 +22,7 @@ module Wire.API.Conversation.Action.Tag where import Data.Aeson (FromJSON (..), ToJSON (..)) +import Data.OpenApi qualified as S import Data.Schema hiding (tag) import Data.Singletons.TH import Imports @@ -66,6 +67,9 @@ instance ToJSON ConversationActionTag where instance FromJSON ConversationActionTag where parseJSON = schemaParseJSON +instance S.ToSchema ConversationActionTag where + declareNamedSchema = schemaToSwagger + $(genSingletons [''ConversationActionTag]) $(singDecideInstance ''ConversationActionTag) diff --git a/libs/wire-api/src/Wire/API/Conversation/Protocol.hs b/libs/wire-api/src/Wire/API/Conversation/Protocol.hs index 5eb4a3dc66e..71a3fc1faf9 100644 --- a/libs/wire-api/src/Wire/API/Conversation/Protocol.hs +++ b/libs/wire-api/src/Wire/API/Conversation/Protocol.hs @@ -53,6 +53,8 @@ data ProtocolTag = ProtocolProteusTag | ProtocolMLSTag | ProtocolMixedTag deriving stock (Eq, Show, Enum, Ord, Bounded, Generic) deriving (Arbitrary) via GenericUniform ProtocolTag +instance S.ToSchema ProtocolTag + data ConversationMLSData = ConversationMLSData { -- | The MLS group ID associated to the conversation. cnvmlsGroupId :: GroupId, @@ -158,6 +160,8 @@ deriving via (Schema Protocol) instance FromJSON Protocol deriving via (Schema Protocol) instance ToJSON Protocol +deriving via (Schema Protocol) instance S.ToSchema Protocol + protocolDataSchema :: ProtocolTag -> ObjectSchema SwaggerDoc Protocol protocolDataSchema ProtocolProteusTag = tag _ProtocolProteus (pure ()) protocolDataSchema ProtocolMLSTag = tag _ProtocolMLS mlsDataSchema diff --git a/libs/wire-api/src/Wire/API/Error/Galley.hs b/libs/wire-api/src/Wire/API/Error/Galley.hs index 59b72799992..b85428cde02 100644 --- a/libs/wire-api/src/Wire/API/Error/Galley.hs +++ b/libs/wire-api/src/Wire/API/Error/Galley.hs @@ -143,6 +143,8 @@ data GalleyError deriving (Show, Eq, Generic) deriving (FromJSON, ToJSON) via (CustomEncoded GalleyError) +instance S.ToSchema GalleyError + $(genSingletons [''GalleyError]) instance (Typeable (MapError e), KnownError (MapError e)) => IsSwaggerError (e :: GalleyError) where diff --git a/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs b/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs index 7c51932a439..fce0e47042d 100644 --- a/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs +++ b/libs/wire-api/src/Wire/API/MLS/CipherSuite.hs @@ -75,7 +75,7 @@ import Wire.Arbitrary newtype CipherSuite = CipherSuite {cipherSuiteNumber :: Word16} deriving stock (Eq, Show) deriving newtype (ParseMLS, SerialiseMLS, Arbitrary) - deriving (FromJSON, ToJSON) via Schema CipherSuite + deriving (FromJSON, ToJSON, S.ToSchema) via Schema CipherSuite instance ToSchema CipherSuite where schema = diff --git a/libs/wire-api/src/Wire/API/MLS/Epoch.hs b/libs/wire-api/src/Wire/API/MLS/Epoch.hs index a12b65179f8..117e26abd28 100644 --- a/libs/wire-api/src/Wire/API/MLS/Epoch.hs +++ b/libs/wire-api/src/Wire/API/MLS/Epoch.hs @@ -21,6 +21,7 @@ module Wire.API.MLS.Epoch where import Data.Aeson qualified as A import Data.Binary +import Data.OpenApi qualified as S import Data.Schema import Imports import Wire.API.MLS.Serialisation @@ -29,7 +30,7 @@ import Wire.Arbitrary newtype Epoch = Epoch {epochNumber :: Word64} deriving stock (Eq, Show) deriving newtype (Arbitrary, Enum, ToSchema) - deriving (A.FromJSON, A.ToJSON) via (Schema Epoch) + deriving (A.FromJSON, A.ToJSON, S.ToSchema) via (Schema Epoch) instance ParseMLS Epoch where parseMLS = Epoch <$> parseMLS diff --git a/libs/wire-api/src/Wire/API/MLS/SubConversation.hs b/libs/wire-api/src/Wire/API/MLS/SubConversation.hs index 29fde7700e2..c01aa3e2366 100644 --- a/libs/wire-api/src/Wire/API/MLS/SubConversation.hs +++ b/libs/wire-api/src/Wire/API/MLS/SubConversation.hs @@ -48,7 +48,7 @@ import Wire.Arbitrary -- conversation. The pair of a qualified conversation ID and a subconversation -- ID identifies globally. newtype SubConvId = SubConvId {unSubConvId :: Text} - deriving newtype (Eq, ToSchema, Ord, S.ToParamSchema, ToByteString, ToJSON, FromJSON) + deriving newtype (Eq, ToSchema, Ord, S.ToParamSchema, ToByteString, ToJSON, FromJSON, S.ToSchema) deriving stock (Generic) deriving stock (Show) diff --git a/libs/wire-api/src/Wire/API/Routes/Public/Galley/Messaging.hs b/libs/wire-api/src/Wire/API/Routes/Public/Galley/Messaging.hs index 72aa70f4125..02625476f34 100644 --- a/libs/wire-api/src/Wire/API/Routes/Public/Galley/Messaging.hs +++ b/libs/wire-api/src/Wire/API/Routes/Public/Galley/Messaging.hs @@ -18,6 +18,7 @@ module Wire.API.Routes.Public.Galley.Messaging where import Data.Id +import Data.OpenApi qualified as S import Data.SOP import Generics.SOP qualified as GSOP import Imports @@ -129,6 +130,8 @@ data MessageNotSent a instance GSOP.Generic (MessageNotSent a) +instance S.ToSchema a => S.ToSchema (MessageNotSent a) + type MessageNotSentResponses a = '[ ErrorResponse 'ConvNotFound, ErrorResponse 'BrigError.UnknownClient, diff --git a/libs/wire-api/src/Wire/API/Team/Permission.hs b/libs/wire-api/src/Wire/API/Team/Permission.hs index 49a9893b370..7ed42a29e03 100644 --- a/libs/wire-api/src/Wire/API/Team/Permission.hs +++ b/libs/wire-api/src/Wire/API/Team/Permission.hs @@ -147,6 +147,8 @@ data Perm deriving (Arbitrary) via (GenericUniform Perm) deriving (FromJSON, ToJSON) via (CustomEncoded Perm) +instance S.ToSchema Perm + permsToInt :: Set Perm -> Word64 permsToInt = Set.foldr' (\p n -> n .|. permToInt p) 0 diff --git a/libs/wire-api/src/Wire/API/User/Search.hs b/libs/wire-api/src/Wire/API/User/Search.hs index deaf7c08f4d..375e1f07dc2 100644 --- a/libs/wire-api/src/Wire/API/User/Search.hs +++ b/libs/wire-api/src/Wire/API/User/Search.hs @@ -308,7 +308,7 @@ data FederatedUserSearchPolicy | FullSearch deriving (Show, Eq, Ord, Generic, Enum, Bounded) deriving (Arbitrary) via (GenericUniform FederatedUserSearchPolicy) - deriving (ToJSON, FromJSON) via (Schema FederatedUserSearchPolicy) + deriving (ToJSON, FromJSON, S.ToSchema) via (Schema FederatedUserSearchPolicy) instance ToSchema FederatedUserSearchPolicy where schema = diff --git a/services/brig/src/Brig/API/Public.hs b/services/brig/src/Brig/API/Public.hs index 623792268ce..e5c223e7c86 100644 --- a/services/brig/src/Brig/API/Public.hs +++ b/services/brig/src/Brig/API/Public.hs @@ -110,6 +110,9 @@ import Wire.API.Connection qualified as Public import Wire.API.Error import Wire.API.Error.Brig qualified as E import Wire.API.Federation.API +import Wire.API.Federation.API.Brig qualified as BrigFederationAPI +import Wire.API.Federation.API.Cargohold qualified as CargoholdFederationAPI +import Wire.API.Federation.API.Galley qualified as GalleyFederationAPI import Wire.API.Federation.Error import Wire.API.Properties qualified as Public import Wire.API.Routes.API @@ -156,7 +159,18 @@ docsAPI :: Servant.Server DocsAPI docsAPI = versionedSwaggerDocsAPI :<|> pure eventNotificationSchemas - :<|> internalEndpointsSwaggerDocsAPI "brig" 9082 BrigInternalAPI.swaggerDoc + :<|> internalEndpointsSwaggerDocsAPIs + :<|> federatedEndpointsSwaggerDocsAPIs + +federatedEndpointsSwaggerDocsAPIs :: Servant.Server FederationSwaggerDocsAPI +federatedEndpointsSwaggerDocsAPIs = + swaggerSchemaUIServer (adjustSwaggerForFederationEndpoints "brig" BrigFederationAPI.swaggerDoc) + :<|> swaggerSchemaUIServer (adjustSwaggerForFederationEndpoints "galley" GalleyFederationAPI.swaggerDoc) + :<|> swaggerSchemaUIServer (adjustSwaggerForFederationEndpoints "cargohold" CargoholdFederationAPI.swaggerDoc) + +internalEndpointsSwaggerDocsAPIs :: Servant.Server InternalEndpointsSwaggerDocsAPI +internalEndpointsSwaggerDocsAPIs = + internalEndpointsSwaggerDocsAPI "brig" 9082 BrigInternalAPI.swaggerDoc :<|> internalEndpointsSwaggerDocsAPI "cannon" 9093 CannonInternalAPI.swaggerDoc :<|> internalEndpointsSwaggerDocsAPI "cargohold" 9094 CargoholdInternalAPI.swaggerDoc :<|> internalEndpointsSwaggerDocsAPI "galley" 9095 GalleyInternalAPI.swaggerDoc diff --git a/services/brig/src/Brig/API/Public/Swagger.hs b/services/brig/src/Brig/API/Public/Swagger.hs index e17607cf8f7..c896a10f7e7 100644 --- a/services/brig/src/Brig/API/Public/Swagger.hs +++ b/services/brig/src/Brig/API/Public/Swagger.hs @@ -5,10 +5,12 @@ module Brig.API.Public.Swagger SwaggerDocsAPIBase, ServiceSwaggerDocsAPIBase, DocsAPI, + FederationSwaggerDocsAPI, pregenSwagger, swaggerPregenUIServer, eventNotificationSchemas, adjustSwaggerForInternalEndpoint, + adjustSwaggerForFederationEndpoints, emptySwagger, ) where @@ -54,7 +56,19 @@ type InternalEndpointsSwaggerDocsAPI = type NotificationSchemasAPI = "api" :> "event-notification-schemas" :> Get '[JSON] [S.Definitions S.Schema] -type DocsAPI = VersionedSwaggerDocsAPI :<|> NotificationSchemasAPI :<|> InternalEndpointsSwaggerDocsAPI +type FederationSwaggerDocsAPI = + "api-federation" + :> "swagger-ui" + :> ( ServiceSwaggerDocsAPIBase "brig" + :<|> ServiceSwaggerDocsAPIBase "galley" + :<|> ServiceSwaggerDocsAPIBase "cargohold" + ) + +type DocsAPI = + VersionedSwaggerDocsAPI + :<|> NotificationSchemasAPI + :<|> InternalEndpointsSwaggerDocsAPI + :<|> FederationSwaggerDocsAPI pregenSwagger :: Version -> Q Exp pregenSwagger v = @@ -71,7 +85,7 @@ swaggerPregenUIServer = adjustSwaggerForInternalEndpoint :: String -> PortNumber -> S.OpenApi -> S.OpenApi adjustSwaggerForInternalEndpoint service examplePort swagger = swagger - & S.info . S.title .~ T.pack ("Wire-Server internal API (" ++ service ++ ")") + & S.info . S.title .~ T.pack ("Wire-Server Internal API (" ++ service ++ ")") & S.info . S.description ?~ renderedDescription & S.allOperations . S.tags <>~ tag -- Enforce HTTP as the services themselves don't understand HTTPS @@ -97,6 +111,15 @@ adjustSwaggerForInternalEndpoint service examplePort swagger = ++ " But, the proposed `curl` commands will." ] +adjustSwaggerForFederationEndpoints :: String -> S.OpenApi -> S.OpenApi +adjustSwaggerForFederationEndpoints service swagger = + swagger + & S.info . S.title .~ T.pack ("Wire-Server Federation API (" ++ service ++ ")") + & S.allOperations . S.tags <>~ tag + where + tag :: InsOrdSet.InsOrdHashSet S.TagName + tag = InsOrdSet.singleton @S.TagName (T.pack service) + emptySwagger :: Servant.Server (ServiceSwaggerDocsAPIBase a) emptySwagger = swaggerSchemaUIServer $ diff --git a/services/nginz/integration-test/conf/nginz/nginx.conf b/services/nginz/integration-test/conf/nginz/nginx.conf index d0818f3419a..6485d34a58d 100644 --- a/services/nginz/integration-test/conf/nginz/nginx.conf +++ b/services/nginz/integration-test/conf/nginz/nginx.conf @@ -181,6 +181,16 @@ http { proxy_pass http://brig; } + location ~* ^(/v[0-9]+)?/api-federation/swagger-ui { + include common_response_no_zauth.conf; + proxy_pass http://brig; + } + + location ~* ^(/v[0-9]+)?/api-federation/swagger.json { + include common_response_no_zauth.conf; + proxy_pass http://brig; + } + location /register { include common_response_no_zauth.conf; proxy_pass http://brig; From 13edeef8494e83ff519322a5c8c17abe5fa2cd66 Mon Sep 17 00:00:00 2001 From: Igor Ranieri Elland <54423+elland@users.noreply.github.com> Date: Wed, 25 Oct 2023 12:17:28 +0200 Subject: [PATCH 008/177] Integration tests flake when assuming federation ingress is up. (#3670) * Added ingress check for dynamic backends in integration tests. * Moved some args around. Better error for ingress. * Restored nginz special handling. * WIP: check 533 reason --- integration/test/Testlib/ModService.hs | 86 ++++++++++++++++++++------ 1 file changed, 66 insertions(+), 20 deletions(-) diff --git a/integration/test/Testlib/ModService.hs b/integration/test/Testlib/ModService.hs index b5e0b526004..b7915cffc67 100644 --- a/integration/test/Testlib/ModService.hs +++ b/integration/test/Testlib/ModService.hs @@ -18,6 +18,7 @@ import Control.Monad.Extra import Control.Monad.Reader import Control.Retry (fibonacciBackoff, limitRetriesByCumulativeDelay, retrying) import Data.Aeson hiding ((.=)) +import Data.Aeson.KeyMap qualified as Aeson import Data.Default import Data.Foldable import Data.Function @@ -311,15 +312,69 @@ startBackend resource overrides services = do whenM (doesDirectoryExist path) $ removeDirectoryRecursive path let modifyEnv env = env {serviceMap = Map.insert resource.berDomain serviceMap env.serviceMap} + checkServiceIsUp = \case + Nginz -> pure True + srv -> do + req <- baseRequest domain srv Unversioned "/i/status" + checkStatus <- appToIO $ do + res <- submit "GET" req + pure (res.status `elem` [200, 204]) + eith <- liftIO (E.try checkStatus) + pure $ either (\(_e :: HTTP.HttpException) -> False) id eith Codensity $ \action -> local modifyEnv $ do - waitForService <- appToIOKleisli (waitUntilServiceUp domain) + waitForService <- + appToIOKleisli + ( \srv -> + retryRequestUntil + (checkServiceIsUp srv) + (show srv) + ) ioAction <- appToIO (action ()) + ioEnsureReachable <- appToIO (ensureReachable resource.berDomain) liftIO $ - (mapConcurrently_ waitForService services >> ioAction) + ( mapConcurrently_ waitForService services + >> ioEnsureReachable + >> ioAction + ) `finally` stopInstances pure modifyEnv + where + ensureReachable :: String -> App () + ensureReachable domain = do + env <- ask + let checkServiceIsUpReq = do + req <- + rawBaseRequest + env.domain1 + FederatorInternal + Unversioned + ("/rpc/" <> domain <> "/brig/api-version") + <&> (addHeader "Wire-Origin-Domain" env.domain1) + . (addJSONObject []) + checkStatus <- appToIO $ do + res <- submit "POST" req + -- If we get 533 here it means federation is not avaiable between domains + -- but ingress is working, since we're processing the request. + let is200 = res.status == 200 + msg = case res.jsonBody of + Just (Object obj) -> + (Aeson.lookup "message" obj) + _ -> Nothing + isFedDenied = + res.status == 533 + && ( Text.isInfixOf + "federation-denied" + (Text.pack $ show msg) + ) + + pure (is200 || isFedDenied) + eith <- liftIO (E.try checkStatus) + pure $ either (\(_e :: HTTP.HttpException) -> False) id eith + + when ((domain /= env.domain1) && (domain /= env.domain2)) $ do + retryRequestUntil checkServiceIsUpReq "Federator ingress" startProcess :: String -> Service -> Value -> App (ProcessHandle, FilePath) startProcess domain srv = startProcess' domain (configName srv) @@ -365,24 +420,15 @@ logToConsole colorize prefix hdl = do `E.catch` (\(_ :: E.IOException) -> pure ()) go -waitUntilServiceUp :: HasCallStack => String -> Service -> App () -waitUntilServiceUp domain = \case - Nginz -> pure () - srv -> do - isUp <- - retrying - (limitRetriesByCumulativeDelay (4 * 1000 * 1000) (fibonacciBackoff (200 * 1000))) - (\_ isUp -> pure (not isUp)) - ( \_ -> do - req <- baseRequest domain srv Unversioned "/i/status" - checkStatus <- appToIO $ do - res <- submit "GET" req - pure (res.status `elem` [200, 204]) - eith <- liftIO (E.try checkStatus) - pure $ either (\(_e :: HTTP.HttpException) -> False) id eith - ) - unless isUp $ - failApp ("Time out for service " <> show srv <> " to come up") +retryRequestUntil :: HasCallStack => App Bool -> String -> App () +retryRequestUntil reqAction err = do + isUp <- + retrying + (limitRetriesByCumulativeDelay (4 * 1000 * 1000) (fibonacciBackoff (200 * 1000))) + (\_ isUp -> pure (not isUp)) + (const reqAction) + unless isUp $ + failApp ("Timed out waiting for service " <> err <> " to come up") startNginzK8s :: String -> ServiceMap -> App (ProcessHandle, FilePath) startNginzK8s domain sm = do From 452341c24165248554d7cb4902247a9406ce3853 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Dimja=C5=A1evi=C4=87?= Date: Wed, 25 Oct 2023 14:18:17 +0200 Subject: [PATCH 009/177] [WPB-5103] Add users to MLS conversation when some backends are unreachable (#3673) * Add the copyright header to test modules * Add two integration tests The tests simply assert the expected behavior in MLS and confirm it is the same as for Proteus * Add a changelog * A test case on adding an unreachable user This is a scenario where a conversation already has a member from that backend, but now the backend is unreachable. The test case has both the Proteus and the MLS implementation and they are consistent in the observed behavior. --- ...-5103-add-to-mls-conv-unreachable-backends | 1 + integration/integration.cabal | 1 + integration/test/Test/Conversation.hs | 23 +++++ integration/test/Test/MLS/Message.hs | 17 ++++ integration/test/Test/MLS/One2One.hs | 17 ++++ integration/test/Test/MLS/Unreachable.hs | 97 +++++++++++++++++++ 6 files changed, 156 insertions(+) create mode 100644 changelog.d/6-federation/wpb-5103-add-to-mls-conv-unreachable-backends create mode 100644 integration/test/Test/MLS/Unreachable.hs diff --git a/changelog.d/6-federation/wpb-5103-add-to-mls-conv-unreachable-backends b/changelog.d/6-federation/wpb-5103-add-to-mls-conv-unreachable-backends new file mode 100644 index 00000000000..8960555e163 --- /dev/null +++ b/changelog.d/6-federation/wpb-5103-add-to-mls-conv-unreachable-backends @@ -0,0 +1 @@ +Define a few tests for adding members to an MLS conversation when unreachable backends are involved diff --git a/integration/integration.cabal b/integration/integration.cabal index 8bf42de6aba..43de978287c 100644 --- a/integration/integration.cabal +++ b/integration/integration.cabal @@ -114,6 +114,7 @@ library Test.MLS.Message Test.MLS.One2One Test.MLS.SubConversation + Test.MLS.Unreachable Test.Notifications Test.Presence Test.Roles diff --git a/integration/test/Test/Conversation.hs b/integration/test/Test/Conversation.hs index d8e25bf1f5c..e1855965d55 100644 --- a/integration/test/Test/Conversation.hs +++ b/integration/test/Test/Conversation.hs @@ -304,6 +304,29 @@ testAddReachableWithUnreachableRemoteUsers = do resp.status `shouldMatchInt` 533 resp.jsonBody %. "unreachable_backends" `shouldMatchSet` domains +testAddUnreachableUserFromFederatingBackend :: HasCallStack => App () +testAddUnreachableUserFromFederatingBackend = do + resourcePool <- asks resourcePool + runCodensity (acquireResources 1 resourcePool) $ \[cDom] -> do + (alice, chadId, conv) <- runCodensity (startDynamicBackend cDom mempty) $ \_ -> do + ownDomain <- make OwnDomain & asString + otherDomain <- make OtherDomain & asString + [alice, bob, charlie, chad] <- + createAndConnectUsers [ownDomain, otherDomain, cDom.berDomain, cDom.berDomain] + + conv <- withWebSockets [bob, charlie] $ \wss -> do + conv <- + postConversation alice (defProteus {qualifiedUsers = [bob, charlie]}) + >>= getJSON 201 + forM_ wss $ awaitMatch 5 isMemberJoinNotif + pure conv + chadId <- chad %. "qualified_id" + pure (alice, chadId, conv) + + bindResponse (addMembers alice conv def {users = [chadId]}) $ \resp -> do + resp.status `shouldMatchInt` 533 + resp.jsonBody %. "unreachable_backends" `shouldMatchSet` [cDom.berDomain] + testAddUnreachable :: HasCallStack => App () testAddUnreachable = do ([alex, charlie], [charlieDomain, dylanDomain], conv) <- diff --git a/integration/test/Test/MLS/Message.hs b/integration/test/Test/MLS/Message.hs index 7282cfd700e..e36115ab934 100644 --- a/integration/test/Test/MLS/Message.hs +++ b/integration/test/Test/MLS/Message.hs @@ -1,5 +1,22 @@ {-# OPTIONS_GHC -Wno-ambiguous-fields #-} +-- This file is part of the Wire Server implementation. +-- +-- Copyright (C) 2023 Wire Swiss GmbH +-- +-- This program is free software: you can redistribute it and/or modify it under +-- the terms of the GNU Affero General Public License as published by the Free +-- Software Foundation, either version 3 of the License, or (at your option) any +-- later version. +-- +-- This program is distributed in the hope that it will be useful, but WITHOUT +-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more +-- details. +-- +-- You should have received a copy of the GNU Affero General Public License along +-- with this program. If not, see . + module Test.MLS.Message where import API.Gundeck diff --git a/integration/test/Test/MLS/One2One.hs b/integration/test/Test/MLS/One2One.hs index d23362beb9f..c8935b6cb5c 100644 --- a/integration/test/Test/MLS/One2One.hs +++ b/integration/test/Test/MLS/One2One.hs @@ -1,3 +1,20 @@ +-- This file is part of the Wire Server implementation. +-- +-- Copyright (C) 2023 Wire Swiss GmbH +-- +-- This program is free software: you can redistribute it and/or modify it under +-- the terms of the GNU Affero General Public License as published by the Free +-- Software Foundation, either version 3 of the License, or (at your option) any +-- later version. +-- +-- This program is distributed in the hope that it will be useful, but WITHOUT +-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more +-- details. +-- +-- You should have received a copy of the GNU Affero General Public License along +-- with this program. If not, see . + module Test.MLS.One2One where import API.Galley diff --git a/integration/test/Test/MLS/Unreachable.hs b/integration/test/Test/MLS/Unreachable.hs new file mode 100644 index 00000000000..16f8c6acc55 --- /dev/null +++ b/integration/test/Test/MLS/Unreachable.hs @@ -0,0 +1,97 @@ +-- This file is part of the Wire Server implementation. +-- +-- Copyright (C) 2023 Wire Swiss GmbH +-- +-- This program is free software: you can redistribute it and/or modify it under +-- the terms of the GNU Affero General Public License as published by the Free +-- Software Foundation, either version 3 of the License, or (at your option) any +-- later version. +-- +-- This program is distributed in the hope that it will be useful, but WITHOUT +-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more +-- details. +-- +-- You should have received a copy of the GNU Affero General Public License along +-- with this program. If not, see . + +module Test.MLS.Unreachable where + +import API.Galley +import Control.Monad.Codensity +import Control.Monad.Reader +import MLS.Util +import Notifications +import SetupHelpers +import Testlib.Prelude +import Testlib.ResourcePool + +testAddUsersSomeReachable :: HasCallStack => App () +testAddUsersSomeReachable = do + (addCommit, d) <- startDynamicBackends [mempty] $ \[thirdDomain] -> do + ownDomain <- make OwnDomain & asString + otherDomain <- make OtherDomain & asString + [alice, bob, charlie] <- createAndConnectUsers [ownDomain, otherDomain, thirdDomain] + + [alice1, bob1, charlie1] <- traverse (createMLSClient def) [alice, bob, charlie] + traverse_ uploadNewKeyPackage [bob1, charlie1] + void $ createNewGroup alice1 + void $ withWebSocket bob $ \ws -> do + void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle + awaitMatch 10 isMemberJoinNotif ws + mp <- createAddCommit alice1 [charlie] + pure (mp, thirdDomain) + + -- try adding Charlie now that his backend is unreachable + bindResponse (postMLSCommitBundle addCommit.sender (mkBundle addCommit)) $ \resp -> do + resp.status `shouldMatchInt` 533 + (resp.json %. "unreachable_backends" & asList) `shouldMatch` [d] + +-- There is analogous counterpart for Proteus in the 'Test.Conversation' module. +testAddReachableWithUnreachableRemoteUsers :: HasCallStack => App () +testAddReachableWithUnreachableRemoteUsers = do + resourcePool <- asks resourcePool + runCodensity (acquireResources 1 resourcePool) $ \[cDom] -> do + (alice1, bob) <- runCodensity (startDynamicBackend cDom mempty) $ \_ -> do + ownDomain <- make OwnDomain & asString + [alice, charlie] <- createAndConnectUsers [ownDomain, cDom.berDomain] + + [alice1, charlie1] <- traverse (createMLSClient def) [alice, charlie] + void $ uploadNewKeyPackage charlie1 + void $ createNewGroup alice1 + void $ withWebSocket charlie $ \ws -> do + void $ createAddCommit alice1 [charlie] >>= sendAndConsumeCommitBundle + awaitMatch 10 isMemberJoinNotif ws + otherDomain <- make OtherDomain & asString + bob <- randomUser otherDomain def + forM_ [alice, charlie] $ connectTwoUsers bob + pure (alice1, bob) + + bob1 <- createMLSClient def bob + void $ uploadNewKeyPackage bob1 + mp <- createAddCommit alice1 [bob] + bindResponse (postMLSCommitBundle mp.sender (mkBundle mp)) $ \resp -> do + resp.status `shouldMatchInt` 533 + resp.jsonBody %. "unreachable_backends" `shouldMatchSet` [cDom.berDomain] + +testAddUnreachableUserFromFederatingBackend :: HasCallStack => App () +testAddUnreachableUserFromFederatingBackend = do + resourcePool <- asks resourcePool + runCodensity (acquireResources 1 resourcePool) $ \[cDom] -> do + mp <- runCodensity (startDynamicBackend cDom mempty) $ \_ -> do + ownDomain <- make OwnDomain & asString + otherDomain <- make OtherDomain & asString + [alice, bob, charlie, chad] <- + createAndConnectUsers [ownDomain, otherDomain, cDom.berDomain, cDom.berDomain] + + [alice1, bob1, charlie1, chad1] <- traverse (createMLSClient def) [alice, bob, charlie, chad] + traverse_ uploadNewKeyPackage [bob1, charlie1, chad1] + void $ createNewGroup alice1 + withWebSockets [bob, charlie] $ \wss -> do + void $ createAddCommit alice1 [bob, charlie] >>= sendAndConsumeCommitBundle + forM_ wss $ awaitMatch 5 isMemberJoinNotif + createAddCommit alice1 [chad] + + bindResponse (postMLSCommitBundle mp.sender (mkBundle mp)) $ \resp -> do + resp.status `shouldMatchInt` 533 + resp.jsonBody %. "unreachable_backends" `shouldMatchSet` [cDom.berDomain] From 14be496ae0133f1e2e5ef048670445eb187460a8 Mon Sep 17 00:00:00 2001 From: Paolo Capriotti Date: Wed, 25 Oct 2023 14:35:34 +0200 Subject: [PATCH 010/177] Fix extra remove proposal bug (#3672) We were sending external remove proposals for each client of a user that was kicked out of a conversation following a remove commit. This was caused by some overgeneralisation of the mechanism that removes clients from subconversations when a user is deleted from the main. --- .../3-bug-fixes/extra-remove-proposals | 1 + services/galley/src/Galley/API/Action.hs | 4 +- services/galley/src/Galley/API/Federation.hs | 2 +- services/galley/src/Galley/API/Internal.hs | 2 +- services/galley/src/Galley/API/MLS/Removal.hs | 50 ++++++++++++++++++- 5 files changed, 53 insertions(+), 6 deletions(-) create mode 100644 changelog.d/3-bug-fixes/extra-remove-proposals diff --git a/changelog.d/3-bug-fixes/extra-remove-proposals b/changelog.d/3-bug-fixes/extra-remove-proposals new file mode 100644 index 00000000000..4aba01e42f2 --- /dev/null +++ b/changelog.d/3-bug-fixes/extra-remove-proposals @@ -0,0 +1 @@ +Extra remove proposals were being sent when a user was removed from a conversation diff --git a/services/galley/src/Galley/API/Action.hs b/services/galley/src/Galley/API/Action.hs index d8d5c530cdf..a2194ea8e1e 100644 --- a/services/galley/src/Galley/API/Action.hs +++ b/services/galley/src/Galley/API/Action.hs @@ -425,14 +425,14 @@ performAction tag origUser lconv action = do let victims = [origUser] lconv' <- traverse (convDeleteMembers (toUserList lconv victims)) lconv -- send remove proposals in the MLS case - traverse_ (removeUser lconv') victims + traverse_ (removeUser lconv' RemoveUserIncludeMain) victims pure (mempty, action) SConversationRemoveMembersTag -> do let presentVictims = filter (isConvMemberL lconv) (toList action) when (null presentVictims) noChanges traverse_ (convDeleteMembers (toUserList lconv presentVictims)) lconv -- send remove proposals in the MLS case - traverse_ (removeUser lconv) presentVictims + traverse_ (removeUser lconv RemoveUserExcludeMain) presentVictims pure (mempty, action) -- FUTUREWORK: should we return the filtered action here? SConversationMemberUpdateTag -> do void $ ensureOtherMember lconv (cmuTarget action) conv diff --git a/services/galley/src/Galley/API/Federation.hs b/services/galley/src/Galley/API/Federation.hs index 3a22a033b23..23a7280bdfe 100644 --- a/services/galley/src/Galley/API/Federation.hs +++ b/services/galley/src/Galley/API/Federation.hs @@ -414,7 +414,7 @@ onUserDeleted origDomain udcn = do Public.SelfConv -> pure () Public.RegularConv -> do let botsAndMembers = convBotsAndMembers conv - removeUser (qualifyAs lc conv) (tUntagged deletedUser) + removeUser (qualifyAs lc conv) RemoveUserIncludeMain (tUntagged deletedUser) outcome <- runError @FederationError $ notifyConversationAction diff --git a/services/galley/src/Galley/API/Internal.hs b/services/galley/src/Galley/API/Internal.hs index b33bab98ac5..97d62a76c61 100644 --- a/services/galley/src/Galley/API/Internal.hs +++ b/services/galley/src/Galley/API/Internal.hs @@ -376,7 +376,7 @@ rmUser lusr conn = do ConnectConv -> E.deleteMembers (Data.convId c) (UserList [tUnqualified lusr] []) $> Nothing RegularConv | tUnqualified lusr `isMember` Data.convLocalMembers c -> do - runError (removeUser (qualifyAs lusr c) (tUntagged lusr)) >>= \case + runError (removeUser (qualifyAs lusr c) RemoveUserIncludeMain (tUntagged lusr)) >>= \case Left e -> P.err $ Log.msg ("failed to send remove proposal: " <> internalErrorDescription e) Right _ -> pure () E.deleteMembers (Data.convId c) (UserList [tUnqualified lusr] []) diff --git a/services/galley/src/Galley/API/MLS/Removal.hs b/services/galley/src/Galley/API/MLS/Removal.hs index 3a796a75c22..deb21228e55 100644 --- a/services/galley/src/Galley/API/MLS/Removal.hs +++ b/services/galley/src/Galley/API/MLS/Removal.hs @@ -19,6 +19,7 @@ module Galley.API.MLS.Removal ( createAndSendRemoveProposals, removeExtraneousClients, removeClient, + RemoveUserIncludeMain (..), removeUser, ) where @@ -133,6 +134,31 @@ removeClientsWithClientMapRecursively lMlsConv getClients qusr = do planClientRemoval gid (fmap fst clients) createAndSendRemoveProposals mainConv (fmap snd clients) qusr cm + removeClientsFromSubConvs lMlsConv getClients qusr + +removeClientsFromSubConvs :: + ( Member (Input UTCTime) r, + Member TinyLog r, + Member BackendNotificationQueueAccess r, + Member ExternalAccess r, + Member GundeckAccess r, + Member MemberStore r, + Member ProposalStore r, + Member SubConversationStore r, + Member (Input Env) r, + Functor f, + Foldable f + ) => + Local MLSConversation -> + -- | A function returning the "list" of clients to be removed from either the + -- main conversation or each of its subconversations. + (ConvOrSubConv -> f (ClientIdentity, LeafIndex)) -> + -- | Originating user. The resulting proposals will appear to be sent by this user. + Qualified UserId -> + Sem r () +removeClientsFromSubConvs lMlsConv getClients qusr = do + let cm = mcMembers (tUnqualified lMlsConv) + -- remove this client from all subconversations subs <- listSubConversations' (mcId (tUnqualified lMlsConv)) for_ subs $ \sub -> do @@ -170,6 +196,18 @@ removeClient lc qusr c = do let getClients = fmap (cid,) . cmLookupIndex cid . (.members) removeClientsWithClientMapRecursively (qualifyAs lc mlsConv) getClients qusr +-- | A flag to determine whether 'removeUser' should operate on the parent +-- conversation as well as all the subconversations. +data RemoveUserIncludeMain + = -- | Remove user clients from all subconversations, including the parent. + RemoveUserIncludeMain + | -- | Remove user clients from all subconversations, but not the parent. + -- + -- This can be used when the clients are already in the process of being + -- removed from the main conversation, for example as a result of a commit + -- containing a remove proposal. + RemoveUserExcludeMain + -- | Send remove proposals for all clients of the user to the local conversation. removeUser :: ( Member BackendNotificationQueueAccess r, @@ -183,9 +221,10 @@ removeUser :: Member TinyLog r ) => Local Data.Conversation -> + RemoveUserIncludeMain -> Qualified UserId -> Sem r () -removeUser lc qusr = do +removeUser lc includeMain qusr = do mMlsConv <- mkMLSConversation (tUnqualified lc) for_ mMlsConv $ \mlsConv -> do let getClients :: ConvOrSubConv -> [(ClientIdentity, LeafIndex)] @@ -194,7 +233,14 @@ removeUser lc qusr = do . Map.assocs . Map.findWithDefault mempty qusr . (.members) - removeClientsWithClientMapRecursively (qualifyAs lc mlsConv) getClients qusr + case includeMain of + RemoveUserIncludeMain -> + removeClientsWithClientMapRecursively + (qualifyAs lc mlsConv) + getClients + qusr + RemoveUserExcludeMain -> + removeClientsFromSubConvs (qualifyAs lc mlsConv) getClients qusr -- | Convert cassandra subconv maps into SubConversations listSubConversations' :: From ee15ba31f8987e1fbaf4a108f126234148957541 Mon Sep 17 00:00:00 2001 From: zebot Date: Wed, 25 Oct 2023 17:27:49 +0200 Subject: [PATCH 011/177] chore: [charts] Update team-settings version (#3658) Co-authored-by: Zebot --- changelog.d/0-release-notes/team-settings-upgrade | 1 + charts/team-settings/values.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 changelog.d/0-release-notes/team-settings-upgrade diff --git a/changelog.d/0-release-notes/team-settings-upgrade b/changelog.d/0-release-notes/team-settings-upgrade new file mode 100644 index 00000000000..6f5dfdf8601 --- /dev/null +++ b/changelog.d/0-release-notes/team-settings-upgrade @@ -0,0 +1 @@ +Upgrade team-settings version to 4.15.1-v0.31.19-0-ee1dbce diff --git a/charts/team-settings/values.yaml b/charts/team-settings/values.yaml index fa4545c38b7..cdd57fd67cf 100644 --- a/charts/team-settings/values.yaml +++ b/charts/team-settings/values.yaml @@ -9,7 +9,7 @@ resources: cpu: "1" image: repository: quay.io/wire/team-settings - tag: "4.15.0-v0.31.16-0-8138d2e" + tag: "4.15.1-v0.31.19-0-ee1dbce" service: https: externalPort: 443 From 05e0bd6f9ebb9b2fca7ac2cbfe2676f1d1dd113c Mon Sep 17 00:00:00 2001 From: Paolo Capriotti Date: Thu, 26 Oct 2023 11:43:22 +0200 Subject: [PATCH 012/177] Remove leftover PublicGroupState (#3675) --- .../src/Wire/API/MLS/PublicGroupState.hs | 121 ------------------ libs/wire-api/wire-api.cabal | 1 - 2 files changed, 122 deletions(-) delete mode 100644 libs/wire-api/src/Wire/API/MLS/PublicGroupState.hs diff --git a/libs/wire-api/src/Wire/API/MLS/PublicGroupState.hs b/libs/wire-api/src/Wire/API/MLS/PublicGroupState.hs deleted file mode 100644 index 81ee1095616..00000000000 --- a/libs/wire-api/src/Wire/API/MLS/PublicGroupState.hs +++ /dev/null @@ -1,121 +0,0 @@ --- This file is part of the Wire Server implementation. --- --- Copyright (C) 2022 Wire Swiss GmbH --- --- This program is free software: you can redistribute it and/or modify it under --- the terms of the GNU Affero General Public License as published by the Free --- Software Foundation, either version 3 of the License, or (at your option) any --- later version. --- --- This program is distributed in the hope that it will be useful, but WITHOUT --- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS --- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more --- details. --- --- You should have received a copy of the GNU Affero General Public License along --- with this program. If not, see . -{-# LANGUAGE RecordWildCards #-} - -module Wire.API.MLS.PublicGroupState where - -import Data.Binary -import Data.Binary.Get -import Data.Binary.Put -import Data.ByteString.Lazy qualified as LBS -import Data.OpenApi qualified as S -import Imports -import Test.QuickCheck hiding (label) -import Wire.API.MLS.CipherSuite -import Wire.API.MLS.Epoch -import Wire.API.MLS.Group -import Wire.API.MLS.KeyPackage -import Wire.API.MLS.ProtocolVersion -import Wire.API.MLS.Serialisation -import Wire.Arbitrary - -data PublicGroupStateTBS = PublicGroupStateTBS - { pgsVersion :: ProtocolVersion, - pgsCipherSuite :: CipherSuite, - pgsGroupId :: GroupId, - pgsEpoch :: Epoch, - pgsTreeHash :: ByteString, - pgsInterimTranscriptHash :: ByteString, - pgsConfirmedInterimTranscriptHash :: ByteString, - pgsGroupContextExtensions :: ByteString, - pgsOtherExtensions :: ByteString, - pgsExternalPub :: ByteString, - pgsSigner :: KeyPackageRef - } - deriving stock (Eq, Show, Generic) - deriving (Arbitrary) via (GenericUniform PublicGroupStateTBS) - -instance ParseMLS PublicGroupStateTBS where - parseMLS = - PublicGroupStateTBS - <$> label "pgsVersion" parseMLS - <*> label "pgsCipherSuite" parseMLS - <*> label "pgsGroupId" parseMLS - <*> label "pgsEpoch" parseMLS - <*> label "pgsTreeHash" (parseMLSBytes @Word8) - <*> label "pgsInterimTranscriptHash" (parseMLSBytes @Word8) - <*> label "pgsConfirmedInterimTranscriptHash" (parseMLSBytes @Word8) - <*> label "pgsGroupContextExtensions" (parseMLSBytes @Word32) - <*> label "pgsOtherExtensions" (parseMLSBytes @Word32) - <*> label "pgsExternalPub" (parseMLSBytes @Word16) - <*> label "pgsSigner" parseMLS - -instance SerialiseMLS PublicGroupStateTBS where - serialiseMLS (PublicGroupStateTBS {..}) = do - serialiseMLS pgsVersion - serialiseMLS pgsCipherSuite - serialiseMLS pgsGroupId - serialiseMLS pgsEpoch - serialiseMLSBytes @Word8 pgsTreeHash - serialiseMLSBytes @Word8 pgsInterimTranscriptHash - serialiseMLSBytes @Word8 pgsConfirmedInterimTranscriptHash - serialiseMLSBytes @Word32 pgsGroupContextExtensions - serialiseMLSBytes @Word32 pgsOtherExtensions - serialiseMLSBytes @Word16 pgsExternalPub - serialiseMLS pgsSigner - -data PublicGroupState = PublicGroupState - { pgTBS :: RawMLS PublicGroupStateTBS, - pgSignature :: ByteString - } - deriving stock (Eq, Show, Generic) - --- | A type that holds an MLS-encoded 'PublicGroupState' value via --- 'serialiseMLS'. -newtype OpaquePublicGroupState = OpaquePublicGroupState - {unOpaquePublicGroupState :: ByteString} - deriving (Generic, Eq, Show) - deriving (Arbitrary) via (GenericUniform OpaquePublicGroupState) - -instance ParseMLS OpaquePublicGroupState where - parseMLS = OpaquePublicGroupState . LBS.toStrict <$> getRemainingLazyByteString - -instance SerialiseMLS OpaquePublicGroupState where - serialiseMLS (OpaquePublicGroupState bs) = putByteString bs - -instance S.ToSchema OpaquePublicGroupState where - declareNamedSchema _ = pure (mlsSwagger "OpaquePublicGroupState") - -toOpaquePublicGroupState :: RawMLS PublicGroupState -> OpaquePublicGroupState -toOpaquePublicGroupState = OpaquePublicGroupState . (.raw) - -instance Arbitrary PublicGroupState where - arbitrary = - PublicGroupState - <$> (mkRawMLS <$> arbitrary) - <*> arbitrary - -instance ParseMLS PublicGroupState where - parseMLS = - PublicGroupState - <$> label "pgTBS" parseMLS - <*> label "pgSignature" (parseMLSBytes @Word16) - -instance SerialiseMLS PublicGroupState where - serialiseMLS PublicGroupState {..} = do - serialiseMLS pgTBS - serialiseMLSBytes @Word16 pgSignature diff --git a/libs/wire-api/wire-api.cabal b/libs/wire-api/wire-api.cabal index 0d06a7f9964..f7db98ea453 100644 --- a/libs/wire-api/wire-api.cabal +++ b/libs/wire-api/wire-api.cabal @@ -122,7 +122,6 @@ library Wire.API.MLS.Proposal Wire.API.MLS.ProposalTag Wire.API.MLS.ProtocolVersion - Wire.API.MLS.PublicGroupState Wire.API.MLS.Serialisation Wire.API.MLS.Servant Wire.API.MLS.SubConversation From e1cff9fc251fc10e40bf945bbc5f10bf74ae583a Mon Sep 17 00:00:00 2001 From: Paolo Capriotti Date: Thu, 26 Oct 2023 14:14:53 +0200 Subject: [PATCH 013/177] Consume MLS messages from websocket (#3671) * More robust consuming of MLS messages This commit changes the behaviour of `sendAndConsumeMessage` and `sendAndConsumeCommitBundle` to actually wait for those messages on the client's websocket. This should fix a lot of the flakiness of MLS tests that appeared after the introduction of message queuing. * Fix testAppMessageSomeReachable When some backends are down, the new `sendAndConsume*` functions do not work, because they expect a message to be received by all clients. This commit changes tests with such a scenario to only post the message, and not consume it. * Add protocol field to MLS test state This is necessary because new users in mixed MLS conversations don't get join events, and we are waiting for such events before consuming MLS messages. * Add CHANGELOG entry --- changelog.d/5-internal/mls-robust-consume | 1 + integration/test/API/Galley.hs | 1 + integration/test/MLS/Util.hs | 173 ++++++++++++++----- integration/test/Notifications.hs | 3 + integration/test/SetupHelpers.hs | 2 + integration/test/Test/MLS.hs | 69 +++----- integration/test/Test/MLS/Message.hs | 6 +- integration/test/Test/MLS/SubConversation.hs | 17 +- integration/test/Testlib/Env.hs | 3 +- integration/test/Testlib/JSON.hs | 29 ++-- integration/test/Testlib/Types.hs | 8 +- 11 files changed, 194 insertions(+), 118 deletions(-) create mode 100644 changelog.d/5-internal/mls-robust-consume diff --git a/changelog.d/5-internal/mls-robust-consume b/changelog.d/5-internal/mls-robust-consume new file mode 100644 index 00000000000..b57f1e773e0 --- /dev/null +++ b/changelog.d/5-internal/mls-robust-consume @@ -0,0 +1 @@ +More robust consuming of MLS messages: the behaviour of `sendAndConsumeMessage` and `sendAndConsumeCommitBundle` is changed to actually wait for those messages on the client's websocket diff --git a/integration/test/API/Galley.hs b/integration/test/API/Galley.hs index 87e5042bc6d..66755cc8e70 100644 --- a/integration/test/API/Galley.hs +++ b/integration/test/API/Galley.hs @@ -1,4 +1,5 @@ {-# LANGUAGE OverloadedLabels #-} +{-# OPTIONS_GHC -Wno-ambiguous-fields #-} module API.Galley where diff --git a/integration/test/MLS/Util.hs b/integration/test/MLS/Util.hs index 94c2d520f21..68feacee6db 100644 --- a/integration/test/MLS/Util.hs +++ b/integration/test/MLS/Util.hs @@ -7,9 +7,11 @@ import API.Galley import Control.Concurrent.Async hiding (link) import Control.Monad import Control.Monad.Catch +import Control.Monad.Codensity import Control.Monad.Cont import Control.Monad.Reader import Control.Monad.Trans.Maybe +import Data.Aeson qualified as A import Data.Aeson qualified as Aeson import Data.ByteString qualified as BS import Data.ByteString.Base64 qualified as Base64 @@ -26,6 +28,7 @@ import Data.Traversable import Data.UUID qualified as UUID import Data.UUID.V4 qualified as UUIDV4 import GHC.Stack +import Notifications import System.Directory import System.Exit import System.FilePath @@ -501,15 +504,75 @@ createExternalCommit cid mgi = do groupInfo = Just newPgs } --- | Make all member clients consume a given message. -consumeMessage :: HasCallStack => MessagePackage -> App () -consumeMessage msg = do +data MLSNotificationTag = MLSNotificationMessageTag | MLSNotificationWelcomeTag + deriving (Show, Eq, Ord) + +-- | Extract a conversation ID (including an optional subconversation) from an +-- event object. +eventSubConv :: HasCallStack => MakesValue event => event -> App Value +eventSubConv event = do + sub <- lookupField event "subconv" + conv <- event %. "qualified_conversation" + objSubConvObject $ + object + [ "parent_qualified_id" .= conv, + "subconv_id" .= sub + ] + +consumingMessages :: HasCallStack => MessagePackage -> Codensity App () +consumingMessages mp = Codensity $ \k -> do mls <- getMLSState - for_ (Set.delete msg.sender mls.members) $ \cid -> - consumeMessage1 cid msg.message + -- clients that should receive the message itself + let oldClients = Set.delete mp.sender mls.members + -- clients that should receive a welcome message + let newClients = Set.delete mp.sender mls.newMembers + -- all clients that should receive some MLS notification, together with the + -- expected notification tag + let clients = + map (,MLSNotificationMessageTag) (toList oldClients) + <> map (,MLSNotificationWelcomeTag) (toList newClients) + + let newUsers = + Set.delete mp.sender.user $ + Set.difference + (Set.map (.user) newClients) + (Set.map (.user) oldClients) + withWebSockets (map fst clients) $ \wss -> do + r <- k () + + -- if the conversation is actually MLS (and not mixed), pick one client for + -- each new user and wait for its join event + when (mls.protocol == MLSProtocolMLS) $ + traverse_ + (awaitMatch 10 isMemberJoinNotif) + ( flip Map.restrictKeys newUsers + . Map.mapKeys ((.user) . fst) + . Map.fromList + . toList + $ zip clients wss + ) + + -- at this point we know that every new user has been added to the + -- conversation + for_ (zip clients wss) $ \((cid, t), ws) -> case t of + MLSNotificationMessageTag -> void $ consumeMessage cid (Just mp) ws + MLSNotificationWelcomeTag -> consumeWelcome cid mp ws + pure r + +-- | Get a single MLS message from a websocket and consume it. Return a JSON +-- representation of the message. +consumeMessage :: HasCallStack => ClientIdentity -> Maybe MessagePackage -> WebSocket -> App Value +consumeMessage cid mmp ws = do + mls <- getMLSState + notif <- awaitMatch 10 isNewMLSMessageNotif ws + event <- notif %. "payload.0" + + for_ mmp $ \mp -> do + shouldMatch (eventSubConv event) (fromMaybe A.Null mls.convId) + shouldMatch (event %. "from") mp.sender.user + shouldMatch (event %. "data") (B8.unpack (Base64.encode mp.message)) -consumeMessage1 :: HasCallStack => ClientIdentity -> ByteString -> App () -consumeMessage1 cid msg = + msgData <- event %. "data" & asByteString void $ mlscli cid @@ -520,52 +583,72 @@ consumeMessage1 cid msg = "", "-" ] - (Just msg) + (Just msgData) + showMessage cid msgData --- | Send an MLS message and simulate clients receiving it. If the message is a --- commit, the 'sendAndConsumeCommit' function should be used instead. +-- | Send an MLS message, wait for clients to receive it, then consume it on +-- the client side. If the message is a commit, the +-- 'sendAndConsumeCommitBundle' function should be used instead. sendAndConsumeMessage :: HasCallStack => MessagePackage -> App Value -sendAndConsumeMessage mp = do - r <- postMLSMessage mp.sender mp.message >>= getJSON 201 - consumeMessage mp - pure r +sendAndConsumeMessage mp = lowerCodensity $ do + consumingMessages mp + lift $ postMLSMessage mp.sender mp.message >>= getJSON 201 --- | Send an MLS commit bundle, simulate clients receiving it, and update the --- test state accordingly. +-- | Send an MLS commit bundle, wait for clients to receive it, consume it, and +-- update the test state accordingly. sendAndConsumeCommitBundle :: HasCallStack => MessagePackage -> App Value sendAndConsumeCommitBundle mp = do - resp <- postMLSCommitBundle mp.sender (mkBundle mp) >>= getJSON 201 - consumeMessage mp - traverse_ consumeWelcome mp.welcome - - -- increment epoch and add new clients - modifyMLSState $ \mls -> - mls - { epoch = epoch mls + 1, - members = members mls <> newMembers mls, - newMembers = mempty - } + lowerCodensity $ do + consumingMessages mp + lift $ do + r <- postMLSCommitBundle mp.sender (mkBundle mp) >>= getJSON 201 + + -- if the sender is a new member (i.e. it's an external commit), then + -- process the welcome message directly + do + mls <- getMLSState + when (Set.member mp.sender mls.newMembers) $ + traverse_ (fromWelcome mp.sender) mp.welcome + + -- increment epoch and add new clients + modifyMLSState $ \mls -> + mls + { epoch = epoch mls + 1, + members = members mls <> newMembers mls, + newMembers = mempty + } - pure resp + pure r -consumeWelcome :: HasCallStack => ByteString -> App () -consumeWelcome welcome = do +consumeWelcome :: HasCallStack => ClientIdentity -> MessagePackage -> WebSocket -> App () +consumeWelcome cid mp ws = do mls <- getMLSState - for_ mls.newMembers $ \cid -> do - gs <- getClientGroupState cid - assertBool - "Existing clients in a conversation should not consume welcomes" - (isNothing gs.group) - void $ - mlscli - cid - [ "group", - "from-welcome", - "--group-out", - "", - "-" - ] - (Just welcome) + notif <- awaitMatch 10 isWelcomeNotif ws + event <- notif %. "payload.0" + + shouldMatch (eventSubConv event) (fromMaybe A.Null mls.convId) + shouldMatch (event %. "from") mp.sender.user + shouldMatch (event %. "data") (fmap (B8.unpack . Base64.encode) mp.welcome) + + welcome <- event %. "data" & asByteString + gs <- getClientGroupState cid + assertBool + "Existing clients in a conversation should not consume welcomes" + (isNothing gs.group) + fromWelcome cid welcome + +fromWelcome :: ClientIdentity -> ByteString -> App () +fromWelcome cid welcome = + void $ + mlscli + cid + [ "group", + "from-welcome", + "--group-out", + "", + "-" + ] + (Just welcome) readWelcome :: FilePath -> IO (Maybe ByteString) readWelcome fp = runMaybeT $ do diff --git a/integration/test/Notifications.hs b/integration/test/Notifications.hs index d584407e89e..58edd2ec733 100644 --- a/integration/test/Notifications.hs +++ b/integration/test/Notifications.hs @@ -69,6 +69,9 @@ isNewMessageNotif n = fieldEquals n "payload.0.type" "conversation.otr-message-a isNewMLSMessageNotif :: MakesValue a => a -> App Bool isNewMLSMessageNotif n = fieldEquals n "payload.0.type" "conversation.mls-message-add" +isWelcomeNotif :: MakesValue a => a -> App Bool +isWelcomeNotif n = fieldEquals n "payload.0.type" "conversation.mls-welcome" + isMemberJoinNotif :: MakesValue a => a -> App Bool isMemberJoinNotif n = fieldEquals n "payload.0.type" "conversation.member-join" diff --git a/integration/test/SetupHelpers.hs b/integration/test/SetupHelpers.hs index 26f6db76e18..95694cfaf92 100644 --- a/integration/test/SetupHelpers.hs +++ b/integration/test/SetupHelpers.hs @@ -122,6 +122,8 @@ simpleMixedConversationSetup secondDomain = do bindResponse (putConversationProtocol bob conv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} + conv' <- getConversation alice conv >>= getJSON 200 pure (alice, bob, conv') diff --git a/integration/test/Test/MLS.hs b/integration/test/Test/MLS.hs index 5a7cc4a9163..f9c966f78e9 100644 --- a/integration/test/Test/MLS.hs +++ b/integration/test/Test/MLS.hs @@ -1,4 +1,4 @@ -{-# OPTIONS_GHC -Wno-incomplete-uni-patterns #-} +{-# OPTIONS_GHC -Wno-incomplete-uni-patterns -Wno-ambiguous-fields #-} module Test.MLS where @@ -90,6 +90,7 @@ testMixedProtocolUpgrade secondDomain = do resp.status `shouldMatchInt` 200 resp.json %. "conversation" `shouldMatch` (qcnv %. "id") resp.json %. "data.protocol" `shouldMatch` "mixed" + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} for_ websockets $ \ws -> do n <- awaitMatch 3 (\value -> nPayload value %. "type" `isEqual` "conversation.protocol-update") ws @@ -130,6 +131,7 @@ testMixedProtocolAddUsers secondDomain = do bindResponse (putConversationProtocol bob qcnv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} [alice1, bob1] <- traverse (createMLSClient def) [alice, bob] @@ -158,6 +160,7 @@ testMixedProtocolUserLeaves secondDomain = do bindResponse (putConversationProtocol bob qcnv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} [alice1, bob1] <- traverse (createMLSClient def) [alice, bob] @@ -193,6 +196,7 @@ testMixedProtocolAddPartialClients secondDomain = do bindResponse (putConversationProtocol bob qcnv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} [alice1, bob1, bob2] <- traverse (createMLSClient def) [alice, bob, bob] @@ -231,6 +235,7 @@ testMixedProtocolRemovePartialClients secondDomain = do bindResponse (putConversationProtocol bob qcnv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} [alice1, bob1, bob2] <- traverse (createMLSClient def) [alice, bob, bob] @@ -256,6 +261,7 @@ testMixedProtocolAppMessagesAreDenied secondDomain = do bindResponse (putConversationProtocol bob qcnv "mixed") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMixed} [alice1, bob1] <- traverse (createMLSClient def) [alice, bob] @@ -302,6 +308,7 @@ testMLSProtocolUpgrade secondDomain = do withWebSockets [alice1, bob1] $ \wss -> do bindResponse (putConversationProtocol bob conv "mls") $ \resp -> do resp.status `shouldMatchInt` 200 + modifyMLSState $ \mls -> mls {protocol = MLSProtocolMLS} for_ wss $ \ws -> do n <- awaitMatch 3 isNewMLSMessageNotif ws msg <- asByteString (nPayload n %. "data") >>= showMessage alice1 @@ -399,47 +406,17 @@ testCreateSubConvProteus = do bindResponse (getSubConversation alice conv "conference") $ \resp -> resp.status `shouldMatchInt` 404 --- FUTUREWORK: New clients should be adding themselves via external commits, and --- they shouldn't be added by another client. Change the test so external --- commits are used. testSelfConversation :: App () testSelfConversation = do alice <- randomUser OwnDomain def creator : others <- traverse (createMLSClient def) (replicate 3 alice) traverse_ uploadNewKeyPackage others - (_, cnv) <- createSelfGroup creator - commit <- createAddCommit creator [alice] - welcome <- assertOne (toList commit.welcome) + void $ createSelfGroup creator + void $ createAddCommit creator [alice] >>= sendAndConsumeCommitBundle - withWebSockets others $ \wss -> do - void $ sendAndConsumeCommitBundle commit - let isWelcome n = nPayload n %. "type" `isEqual` "conversation.mls-welcome" - for_ wss $ \ws -> do - n <- awaitMatch 3 isWelcome ws - shouldMatch (nPayload n %. "conversation") (objId cnv) - shouldMatch (nPayload n %. "from") (objId alice) - shouldMatch (nPayload n %. "data") (B8.unpack (Base64.encode welcome)) - -testJoinSubConv :: App () -testJoinSubConv = do - [alice, bob] <- createAndConnectUsers [OwnDomain, OwnDomain] - [alice1, bob1, bob2] <- traverse (createMLSClient def) [alice, bob, bob] - traverse_ uploadNewKeyPackage [bob1, bob2] - (_, qcnv) <- createNewGroup alice1 - void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle - void $ createSubConv bob1 "conference" - - -- bob adds his first client to the subconversation - void $ createPendingProposalCommit bob1 >>= sendAndConsumeCommitBundle - sub' <- getSubConversation bob qcnv "conference" >>= getJSON 200 - do - tm <- sub' %. "epoch_timestamp" - assertBool "Epoch timestamp should not be null" (tm /= Null) - - -- now alice joins with her own client - void $ - createExternalCommit alice1 Nothing - >>= sendAndConsumeCommitBundle + newClient <- createMLSClient def alice + void $ uploadNewKeyPackage newClient + void $ createExternalCommit newClient Nothing >>= sendAndConsumeCommitBundle -- | FUTUREWORK: Don't allow partial adds, not even in the first commit testFirstCommitAllowsPartialAdds :: HasCallStack => App () @@ -505,6 +482,7 @@ testAdminRemovesUserFromConv :: HasCallStack => App () testAdminRemovesUserFromConv = do [alice, bob] <- createAndConnectUsers [OwnDomain, OwnDomain] [alice1, bob1, bob2] <- traverse (createMLSClient def) [alice, bob, bob] + void $ createWireClient bob traverse_ uploadNewKeyPackage [bob1, bob2] (gid, qcnv) <- createNewGroup alice1 @@ -520,15 +498,16 @@ testAdminRemovesUserFromConv = do bobQid <- bob %. "qualified_id" shouldMatch members [bobQid] - convs <- getAllConvs bob - convIds <- traverse (%. "qualified_id") convs - clients <- bindResponse (getGroupClients alice gid) $ \resp -> do - resp.status `shouldMatchInt` 200 - resp.json %. "client_ids" & asList - void $ assertOne clients - assertBool - "bob is not longer part of conversation after the commit" - (qcnv `notElem` convIds) + do + convs <- getAllConvs bob + convIds <- traverse (%. "qualified_id") convs + clients <- bindResponse (getGroupClients alice gid) $ \resp -> do + resp.status `shouldMatchInt` 200 + resp.json %. "client_ids" & asList + void $ assertOne clients + assertBool + "bob is not longer part of conversation after the commit" + (qcnv `notElem` convIds) testLocalWelcome :: HasCallStack => App () testLocalWelcome = do diff --git a/integration/test/Test/MLS/Message.hs b/integration/test/Test/MLS/Message.hs index e36115ab934..762278f8de7 100644 --- a/integration/test/Test/MLS/Message.hs +++ b/integration/test/Test/MLS/Message.hs @@ -19,6 +19,7 @@ module Test.MLS.Message where +import API.Galley import API.Gundeck import MLS.Util import Notifications @@ -69,7 +70,10 @@ testAppMessageSomeReachable = do awaitMatch 10 isMemberJoinNotif ws pure alice1 - void $ createApplicationMessage alice1 "hi, bob!" >>= sendAndConsumeMessage + -- charlie isn't able to receive this message, so we make sure we can post it + -- successfully, but not attempt to consume it + mp <- createApplicationMessage alice1 "hi, bob!" + void $ postMLSMessage mp.sender mp.message >>= getJSON 201 testMessageNotifications :: HasCallStack => Domain -> App () testMessageNotifications bobDomain = do diff --git a/integration/test/Test/MLS/SubConversation.hs b/integration/test/Test/MLS/SubConversation.hs index ed5aa95c3d4..4ce961bab03 100644 --- a/integration/test/Test/MLS/SubConversation.hs +++ b/integration/test/Test/MLS/SubConversation.hs @@ -12,11 +12,11 @@ testJoinSubConv = do [alice1, bob1, bob2] <- traverse (createMLSClient def) [alice, bob, bob] traverse_ uploadNewKeyPackage [bob1, bob2] (_, qcnv) <- createNewGroup alice1 + void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle createSubConv bob1 "conference" -- bob adds his first client to the subconversation - void $ createPendingProposalCommit bob1 >>= sendAndConsumeCommitBundle sub' <- getSubConversation bob qcnv "conference" >>= getJSON 200 do tm <- sub' %. "epoch_timestamp" @@ -36,13 +36,10 @@ testDeleteParentOfSubConv secondDomain = do [alice1, bob1] <- traverse (createMLSClient def) [alice, bob] traverse_ uploadNewKeyPackage [alice1, bob1] (_, qcnv) <- createNewGroup alice1 - withWebSocket bob $ \ws -> do - void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle - void $ awaitMatch 10 isMemberJoinNotif ws + void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle -- bob creates a subconversation and adds his own client createSubConv bob1 "conference" - void $ createPendingProposalCommit bob1 >>= sendAndConsumeCommitBundle -- alice joins with her own client void $ createExternalCommit alice1 Nothing >>= sendAndConsumeCommitBundle @@ -136,12 +133,9 @@ testLeaveSubConv variant = do leaveCurrentConv firstLeaver for_ (zip others wss) $ \(cid, ws) -> do - notif <- awaitMatch 10 isNewMLSMessageNotif ws - msgData <- notif %. "payload.0.data" & asByteString - msg <- showMessage alice1 msgData + msg <- consumeMessage cid Nothing ws msg %. "message.content.body.Proposal.Remove.removed" `shouldMatchInt` idxFirstLeaver msg %. "message.content.sender.External" `shouldMatchInt` 0 - consumeMessage1 cid msgData withWebSockets (tail others) $ \wss -> do -- a member commits the pending proposal @@ -164,12 +158,9 @@ testLeaveSubConv variant = do leaveCurrentConv charlie1 for_ (zip others' wss) $ \(cid, ws) -> do - notif <- awaitMatch 10 isNewMLSMessageNotif ws - msgData <- notif %. "payload.0.data" & asByteString - msg <- showMessage alice1 msgData + msg <- consumeMessage cid Nothing ws msg %. "message.content.body.Proposal.Remove.removed" `shouldMatchInt` idxCharlie1 msg %. "message.content.sender.External" `shouldMatchInt` 0 - consumeMessage1 cid msgData -- a member commits the pending proposal void $ createPendingProposalCommit (head others') >>= sendAndConsumeCommitBundle diff --git a/integration/test/Testlib/Env.hs b/integration/test/Testlib/Env.hs index 40fd56adc8a..4a9b680be80 100644 --- a/integration/test/Testlib/Env.hs +++ b/integration/test/Testlib/Env.hs @@ -136,5 +136,6 @@ mkMLSState = Codensity $ \k -> convId = Nothing, clientGroupState = mempty, epoch = 0, - ciphersuite = def + ciphersuite = def, + protocol = MLSProtocolMLS } diff --git a/integration/test/Testlib/JSON.hs b/integration/test/Testlib/JSON.hs index 5aeba81073e..debb96fbac7 100644 --- a/integration/test/Testlib/JSON.hs +++ b/integration/test/Testlib/JSON.hs @@ -3,6 +3,7 @@ module Testlib.JSON where import Control.Monad import Control.Monad.Catch import Control.Monad.IO.Class +import Control.Monad.Trans.Class import Control.Monad.Trans.Maybe import Data.Aeson hiding ((.=)) import Data.Aeson qualified as Aeson @@ -17,6 +18,7 @@ import Data.Foldable import Data.Function import Data.Functor import Data.List.Split (splitOn) +import Data.Maybe import Data.Scientific qualified as Sci import Data.String import Data.Text qualified as T @@ -69,6 +71,14 @@ noValue = Nothing (.=?) :: ToJSON a => String -> Maybe a -> Maybe Aeson.Pair (.=?) k v = (Aeson..=) (fromString k) <$> v +-- | Convert JSON null to Nothing. +asOptional :: HasCallStack => MakesValue a => a -> App (Maybe Value) +asOptional x = do + v <- make x + pure $ case v of + Null -> Nothing + _ -> Just v + asString :: HasCallStack => MakesValue a => a -> App String asString x = make x >>= \case @@ -360,17 +370,14 @@ objDomain x = do -- is also supported. objSubConv :: (HasCallStack, MakesValue a) => a -> App (Value, Maybe String) objSubConv x = do - mParent <- lookupField x "parent_qualified_id" - case mParent of - Nothing -> do - obj <- objQidObject x - subValue <- lookupField x "subconv_id" - sub <- traverse asString subValue - pure (obj, sub) - Just parent -> do - obj <- objQidObject parent - sub <- x %. "subconv_id" & asString - pure (obj, Just sub) + v <- make x + mParent <- lookupField v "parent_qualified_id" + obj <- objQidObject $ fromMaybe v mParent + sub <- runMaybeT $ do + sub <- MaybeT $ lookupField v "subconv_id" + sub' <- MaybeT $ asOptional sub + lift $ asString sub' + pure (obj, sub) -- | Turn an object parseable by 'objSubConv' into a canonical flat representation. objSubConvObject :: (HasCallStack, MakesValue a) => a -> App Value diff --git a/integration/test/Testlib/Types.hs b/integration/test/Testlib/Types.hs index ca5ac7043f5..557c5d327d4 100644 --- a/integration/test/Testlib/Types.hs +++ b/integration/test/Testlib/Types.hs @@ -215,6 +215,9 @@ data ClientGroupState = ClientGroupState } deriving (Show) +data MLSProtocol = MLSProtocolMLS | MLSProtocolMixed + deriving (Eq, Show) + data MLSState = MLSState { baseDir :: FilePath, members :: Set ClientIdentity, @@ -224,7 +227,8 @@ data MLSState = MLSState convId :: Maybe Value, clientGroupState :: Map ClientIdentity ClientGroupState, epoch :: Word64, - ciphersuite :: Ciphersuite + ciphersuite :: Ciphersuite, + protocol :: MLSProtocol } deriving (Show) @@ -290,7 +294,7 @@ appToIOKleisli k = do getServiceMap :: HasCallStack => String -> App ServiceMap getServiceMap fedDomain = do env <- ask - assertJust ("Could not find service map for federation domain: " <> fedDomain) (Map.lookup fedDomain (env.serviceMap)) + assertJust ("Could not find service map for federation domain: " <> fedDomain) (Map.lookup fedDomain env.serviceMap) getMLSState :: App MLSState getMLSState = do From 6c78e70c2bc9c2174aaab488ccfa69d97bef1a2c Mon Sep 17 00:00:00 2001 From: Paolo Capriotti Date: Fri, 27 Oct 2023 16:26:12 +0200 Subject: [PATCH 014/177] Remove client check for subconversations (#3677) --- .../3-bug-fixes/fix-subconv-client-check | 1 + integration/test/Test/MLS.hs | 15 ++-- .../Galley/API/MLS/Commit/InternalCommit.hs | 75 +++++++++++-------- 3 files changed, 51 insertions(+), 40 deletions(-) create mode 100644 changelog.d/3-bug-fixes/fix-subconv-client-check diff --git a/changelog.d/3-bug-fixes/fix-subconv-client-check b/changelog.d/3-bug-fixes/fix-subconv-client-check new file mode 100644 index 00000000000..fd8a929b54d --- /dev/null +++ b/changelog.d/3-bug-fixes/fix-subconv-client-check @@ -0,0 +1 @@ +Remove client check for subconversations diff --git a/integration/test/Test/MLS.hs b/integration/test/Test/MLS.hs index f9c966f78e9..cbf41adcf0d 100644 --- a/integration/test/Test/MLS.hs +++ b/integration/test/Test/MLS.hs @@ -389,13 +389,14 @@ testRemoteRemoveClient = do testCreateSubConv :: HasCallStack => Ciphersuite -> App () testCreateSubConv suite = do setMLSCiphersuite suite - alice <- randomUser OwnDomain def - alice1 <- createMLSClient def alice - (_, conv) <- createNewGroup alice1 - bindResponse (getSubConversation alice conv "conference") $ \resp -> do - resp.status `shouldMatchInt` 200 - let tm = resp.json %. "epoch_timestamp" - tm `shouldMatch` Null + [alice, bob] <- createAndConnectUsers [OwnDomain, OwnDomain] + aliceClients@(alice1 : _) <- replicateM 5 $ createMLSClient def alice + replicateM_ 3 $ traverse_ uploadNewKeyPackage aliceClients + [bob1, bob2] <- replicateM 2 $ createMLSClient def bob + replicateM_ 3 $ traverse_ uploadNewKeyPackage [bob1, bob2] + void $ createNewGroup alice1 + void $ createAddCommit alice1 [alice, bob] >>= sendAndConsumeCommitBundle + createSubConv alice1 "conference" testCreateSubConvProteus :: App () testCreateSubConvProteus = do diff --git a/services/galley/src/Galley/API/MLS/Commit/InternalCommit.hs b/services/galley/src/Galley/API/MLS/Commit/InternalCommit.hs index b7ac03592c9..07bc7215388 100644 --- a/services/galley/src/Galley/API/MLS/Commit/InternalCommit.hs +++ b/services/galley/src/Galley/API/MLS/Commit/InternalCommit.hs @@ -133,39 +133,47 @@ processInternalCommit senderIdentity con lConvOrSub epoch action commit = do pure qtarget - -- for each user, we compare their clients with the ones being added to the conversation - failedAddFetching <- fmap catMaybes . forM newUserClients $ - \(qtarget, newclients) -> case Map.lookup qtarget cm of - -- user is already present, skip check in this case - Just _ -> do - -- new user - pure Nothing - Nothing -> do - -- final set of clients in the conversation - let clients = Map.keysSet (newclients <> Map.findWithDefault mempty qtarget cm) - -- get list of mls clients from Brig (local or remote) - getClientInfo lConvOrSub qtarget suite >>= \case - Left _e -> pure (Just qtarget) - Right clientInfo -> do - let allClients = Set.map ciId clientInfo - let allMLSClients = Set.map ciId (Set.filter ciMLS clientInfo) - -- We check the following condition: - -- allMLSClients ⊆ clients ⊆ allClients - -- i.e. - -- - if a client has at least 1 key package, it has to be added - -- - if a client is being added, it has to still exist - -- - -- The reason why we can't simply check that clients == allMLSClients is - -- that a client with no remaining key packages might be added by a user - -- who just fetched its last key package. - unless - ( Set.isSubsetOf allMLSClients clients - && Set.isSubsetOf clients allClients - ) - $ do - -- FUTUREWORK: turn this error into a proper response - throwS @'MLSClientMismatch + -- For each user, we compare their clients with the ones being added + -- to the conversation, and return a list of users for of which we + -- were unable to get a list of MLS-capable clients. + -- + -- Again, for subconversations there is no need to check anything + -- here, so we simply return the empty list. + failedAddFetching <- case convOrSub.id of + SubConv _ _ -> pure [] + Conv _ -> + fmap catMaybes . forM newUserClients $ + \(qtarget, newclients) -> case Map.lookup qtarget cm of + -- user is already present, skip check in this case + Just _ -> do + -- new user pure Nothing + Nothing -> do + -- final set of clients in the conversation + let clients = Map.keysSet (newclients <> Map.findWithDefault mempty qtarget cm) + -- get list of mls clients from Brig (local or remote) + getClientInfo lConvOrSub qtarget suite >>= \case + Left _e -> pure (Just qtarget) + Right clientInfo -> do + let allClients = Set.map ciId clientInfo + let allMLSClients = Set.map ciId (Set.filter ciMLS clientInfo) + -- We check the following condition: + -- allMLSClients ⊆ clients ⊆ allClients + -- i.e. + -- - if a client has at least 1 key package, it has to be added + -- - if a client is being added, it has to still exist + -- + -- The reason why we can't simply check that clients == allMLSClients is + -- that a client with no remaining key packages might be added by a user + -- who just fetched its last key package. + unless + ( Set.isSubsetOf allMLSClients clients + && Set.isSubsetOf clients allClients + ) + $ + -- FUTUREWORK: turn this error into a proper response + throwS @'MLSClientMismatch + pure Nothing for_ (unreachableFromList failedAddFetching) (throw . unreachableUsersToUnreachableBackends) @@ -225,7 +233,8 @@ processInternalCommit senderIdentity con lConvOrSub epoch action commit = do cjRole = roleNameWireMember } pure [update] - _ -> do + SubConv _ _ -> pure [] + Conv _ -> do -- remove users from the conversation and send events removeEvents <- foldMap From 2511d87cc21e5452e3479b5092243b911e8552af Mon Sep 17 00:00:00 2001 From: Paolo Capriotti Date: Mon, 30 Oct 2023 15:12:15 +0100 Subject: [PATCH 015/177] Update group state after application messages (#3678) After an application message the ratchet is updated, therefore we need to save the updated group state so that future messages are generated correctly. This commit includes an mls-test-cli update. The new mls-test-cli version modifies the `message` command to include both `group-in` and `group-out` options, as other similar commands already do. --- changelog.d/5-internal/multiple-messages | 1 + integration/test/MLS/Util.hs | 2 +- integration/test/Test/MLS/Message.hs | 17 +++++++++++++++++ libs/wire-api/test/unit/Test/Wire/API/MLS.hs | 2 +- nix/pkgs/mls-test-cli/default.nix | 6 +++--- .../galley/test/integration/API/MLS/Util.hs | 2 +- 6 files changed, 24 insertions(+), 6 deletions(-) create mode 100644 changelog.d/5-internal/multiple-messages diff --git a/changelog.d/5-internal/multiple-messages b/changelog.d/5-internal/multiple-messages new file mode 100644 index 00000000000..38543a89061 --- /dev/null +++ b/changelog.d/5-internal/multiple-messages @@ -0,0 +1 @@ +Update group state after application message diff --git a/integration/test/MLS/Util.hs b/integration/test/MLS/Util.hs index 68feacee6db..10dbd41724a 100644 --- a/integration/test/MLS/Util.hs +++ b/integration/test/MLS/Util.hs @@ -724,7 +724,7 @@ createApplicationMessage cid messageContent = do message <- mlscli cid - ["message", "--group", "", messageContent] + ["message", "--group-in", "", messageContent, "--group-out", ""] Nothing pure diff --git a/integration/test/Test/MLS/Message.hs b/integration/test/Test/MLS/Message.hs index 762278f8de7..f4bfef3e587 100644 --- a/integration/test/Test/MLS/Message.hs +++ b/integration/test/Test/MLS/Message.hs @@ -104,3 +104,20 @@ testMessageNotifications bobDomain = do get def `shouldMatchInt` (numNotifs + 1) get def {client = Just bobClient} `shouldMatchInt` (numNotifsClient + 1) + +testMultipleMessages :: HasCallStack => App () +testMultipleMessages = do + [alice, bob] <- createAndConnectUsers [OwnDomain, OtherDomain] + [alice1, bob1] <- traverse (createMLSClient def) [alice, bob] + traverse_ uploadNewKeyPackage [alice1, bob1] + void $ createNewGroup alice1 + + withWebSockets [bob] $ \wss -> do + void $ createAddCommit alice1 [bob] >>= sendAndConsumeCommitBundle + traverse_ (awaitMatch 10 isMemberJoinNotif) wss + + void $ createApplicationMessage alice1 "hello" >>= sendAndConsumeMessage + traverse_ (awaitMatch 10 isNewMLSMessageNotif) wss + + void $ createApplicationMessage alice1 "world" >>= sendAndConsumeMessage + traverse_ (awaitMatch 10 isNewMLSMessageNotif) wss diff --git a/libs/wire-api/test/unit/Test/Wire/API/MLS.hs b/libs/wire-api/test/unit/Test/Wire/API/MLS.hs index efd3fa48a58..74652d86628 100644 --- a/libs/wire-api/test/unit/Test/Wire/API/MLS.hs +++ b/libs/wire-api/test/unit/Test/Wire/API/MLS.hs @@ -123,7 +123,7 @@ testParseApplication = do msgData <- withSystemTempDirectory "mls" $ \tmp -> do void $ spawn (cli qcid tmp ["init", qcid]) Nothing groupJSON <- spawn (cli qcid tmp ["group", "create", "Zm9v"]) Nothing - spawn (cli qcid tmp ["message", "--group", "-", "hello"]) (Just groupJSON) + spawn (cli qcid tmp ["message", "--group-in", "-", "hello"]) (Just groupJSON) msg <- case decodeMLS' @Message msgData of Left err -> assertFailure (T.unpack err) diff --git a/nix/pkgs/mls-test-cli/default.nix b/nix/pkgs/mls-test-cli/default.nix index 2ba2d126575..832690a70da 100644 --- a/nix/pkgs/mls-test-cli/default.nix +++ b/nix/pkgs/mls-test-cli/default.nix @@ -11,8 +11,8 @@ let src = fetchFromGitHub { owner = "wireapp"; repo = "mls-test-cli"; - rev = "e6e6ce0c29f0e48e84b4ccef058130aca0625492"; - sha256 = "sha256-J9M8w3GJnULH3spKEuPGCL/t43zb2Wd+YfZ0LY3YITo="; + rev = "baaa5c78411a5bf6d697803276b991523c111631"; + sha256 = "sha256-M6bWB5hWl+WSblcH6L+AyGD+7ef9TvRs8wKYq7lJyS8="; }; cargoLockFile = builtins.toFile "cargo.lock" (builtins.readFile "${src}/Cargo.lock"); in rustPlatform.buildRustPackage rec { @@ -23,7 +23,7 @@ in rustPlatform.buildRustPackage rec { lockFile = cargoLockFile; outputHashes = { "hpke-0.10.0" = "sha256-T1+BFwX6allljNZ/8T3mrWhOejnUU27BiWQetqU+0fY="; - "openmls-1.0.0" = "sha256-s1ejM/aicFGvsKY7ajEun1Mc645/k8QVrE8YSbyD3Fg="; + "openmls-1.0.0" = "sha256-tAIm8+IgubNnU2M2A5cxHY5caiEQmisw73I9/cqfvUc="; "safe_pqc_kyber-0.6.0" = "sha256-Ch1LA+by+ezf5RV0LDSQGC1o+IWKXk8IPvkwSrAos68="; "tls_codec-0.3.0" = "sha256-IO6tenXKkC14EoUDp/+DtFNOVzDfOlLu8K1EJI7sOzs="; }; diff --git a/services/galley/test/integration/API/MLS/Util.hs b/services/galley/test/integration/API/MLS/Util.hs index 435c4f0c6a8..f15e326db3f 100644 --- a/services/galley/test/integration/API/MLS/Util.hs +++ b/services/galley/test/integration/API/MLS/Util.hs @@ -647,7 +647,7 @@ createApplicationMessage cid messageContent = do message <- mlscli cid - ["message", "--group", "", messageContent] + ["message", "--group-in", "", messageContent, "--group-out", ""] Nothing pure $ From f87b3b39803d79906e79ba573eed2df46b02e9ae Mon Sep 17 00:00:00 2001 From: Leif Battermann Date: Mon, 30 Oct 2023 15:13:54 +0100 Subject: [PATCH 016/177] Fix galley DB migrations (#3680) --- cassandra-schema.cql | 40 +++---------------- changelog.d/3-bug-fixes/PR-3680 | 1 + hack/bin/cassandra_dump_schema | 2 +- services/galley/galley.cabal | 3 +- services/galley/src/Galley/Schema/Run.hs | 6 +-- ...rClientAndTruncateMLSGroupMemberClient.hs} | 6 ++- .../Galley/Schema/V89_RemoveMemberClient.hs | 33 --------------- 7 files changed, 15 insertions(+), 76 deletions(-) create mode 100644 changelog.d/3-bug-fixes/PR-3680 rename services/galley/src/Galley/Schema/{V88_TruncateMLSGroupMemberClient.hs => V88_RemoveMemberClientAndTruncateMLSGroupMemberClient.hs} (85%) delete mode 100644 services/galley/src/Galley/Schema/V89_RemoveMemberClient.hs diff --git a/cassandra-schema.cql b/cassandra-schema.cql index d300556af70..3a6ff0c7780 100644 --- a/cassandra-schema.cql +++ b/cassandra-schema.cql @@ -1042,7 +1042,6 @@ CREATE TABLE brig_test.service_prefix ( AND min_index_interval = 128 AND read_repair_chance = 0.0 AND speculative_retry = '99PERCENTILE'; - CREATE KEYSPACE galley_test WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'} AND durable_writes = true; CREATE TYPE galley_test.permissions ( @@ -1442,19 +1441,15 @@ CREATE TABLE galley_test.team_admin ( AND read_repair_chance = 0.0 AND speculative_retry = '99PERCENTILE'; --- NOTE: this table is unused. It was replaced by mls_group_member_client -CREATE TABLE galley_test.member_client ( - conv uuid, - user_domain text, +CREATE TABLE galley_test.user ( user uuid, - client text, - key_package_ref blob, - PRIMARY KEY (conv, user_domain, user, client) -) WITH CLUSTERING ORDER BY (user_domain ASC, user ASC, client ASC) - AND bloom_filter_fp_chance = 0.01 + conv uuid, + PRIMARY KEY (user, conv) +) WITH CLUSTERING ORDER BY (conv ASC) + AND bloom_filter_fp_chance = 0.1 AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'} AND comment = '' - AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compaction = {'class': 'org.apache.cassandra.db.compaction.LeveledCompactionStrategy'} AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} AND crc_check_chance = 1.0 AND dclocal_read_repair_chance = 0.1 @@ -1697,27 +1692,6 @@ CREATE TABLE galley_test.mls_proposal_refs ( AND min_index_interval = 128 AND read_repair_chance = 0.0 AND speculative_retry = '99PERCENTILE'; - -CREATE TABLE galley_test.user ( - user uuid, - conv uuid, - PRIMARY KEY (user, conv) -) WITH CLUSTERING ORDER BY (conv ASC) - AND bloom_filter_fp_chance = 0.1 - AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'} - AND comment = '' - AND compaction = {'class': 'org.apache.cassandra.db.compaction.LeveledCompactionStrategy'} - AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} - AND crc_check_chance = 1.0 - AND dclocal_read_repair_chance = 0.1 - AND default_time_to_live = 0 - AND gc_grace_seconds = 864000 - AND max_index_interval = 2048 - AND memtable_flush_period_in_ms = 0 - AND min_index_interval = 128 - AND read_repair_chance = 0.0 - AND speculative_retry = '99PERCENTILE'; - CREATE KEYSPACE gundeck_test WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'} AND durable_writes = true; CREATE TABLE gundeck_test.push ( @@ -1832,7 +1806,6 @@ CREATE TABLE gundeck_test.user_push ( AND min_index_interval = 128 AND read_repair_chance = 0.0 AND speculative_retry = '99PERCENTILE'; - CREATE KEYSPACE spar_test WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'} AND durable_writes = true; CREATE TABLE spar_test.bind_cookie ( @@ -2204,4 +2177,3 @@ CREATE TABLE spar_test.user ( AND min_index_interval = 128 AND read_repair_chance = 0.0 AND speculative_retry = '99PERCENTILE'; - diff --git a/changelog.d/3-bug-fixes/PR-3680 b/changelog.d/3-bug-fixes/PR-3680 new file mode 100644 index 00000000000..6f1f599e86e --- /dev/null +++ b/changelog.d/3-bug-fixes/PR-3680 @@ -0,0 +1 @@ +galley's DB migrations fixed diff --git a/hack/bin/cassandra_dump_schema b/hack/bin/cassandra_dump_schema index 74c657fe5a5..9976f28ee1c 100755 --- a/hack/bin/cassandra_dump_schema +++ b/hack/bin/cassandra_dump_schema @@ -25,7 +25,7 @@ def main(): for keyspace in keyspaces: if keyspace.endswith('_test'): s = run_cqlsh(container, f'DESCRIBE keyspace {keyspace}') - print() + print(s) if __name__ == '__main__': main() diff --git a/services/galley/galley.cabal b/services/galley/galley.cabal index 2fba1c3df8e..07c708b6a72 100644 --- a/services/galley/galley.cabal +++ b/services/galley/galley.cabal @@ -272,8 +272,7 @@ library Galley.Schema.V85_MLSDraft17 Galley.Schema.V86_TeamFeatureMlsMigration Galley.Schema.V87_TeamFeatureSupportedProtocols - Galley.Schema.V88_TruncateMLSGroupMemberClient - Galley.Schema.V89_RemoveMemberClient + Galley.Schema.V88_RemoveMemberClientAndTruncateMLSGroupMemberClient Galley.Types.Clients Galley.Types.ToUserRole Galley.Types.UserList diff --git a/services/galley/src/Galley/Schema/Run.hs b/services/galley/src/Galley/Schema/Run.hs index 0c34f67d870..9f5c68d74cb 100644 --- a/services/galley/src/Galley/Schema/Run.hs +++ b/services/galley/src/Galley/Schema/Run.hs @@ -87,8 +87,7 @@ import Galley.Schema.V84_MLSSubconversation qualified as V84_MLSSubconversation import Galley.Schema.V85_MLSDraft17 qualified as V85_MLSDraft17 import Galley.Schema.V86_TeamFeatureMlsMigration qualified as V86_TeamFeatureMlsMigration import Galley.Schema.V87_TeamFeatureSupportedProtocols qualified as V87_TeamFeatureSupportedProtocols -import Galley.Schema.V88_TruncateMLSGroupMemberClient qualified as V88_TruncateMLSGroupMemberClient -import Galley.Schema.V89_RemoveMemberClient qualified as V89_RemoveMemberClient +import Galley.Schema.V88_RemoveMemberClientAndTruncateMLSGroupMemberClient qualified as V88_RemoveMemberClientAndTruncateMLSGroupMemberClient import Imports import Options.Applicative import System.Logger.Extended qualified as Log @@ -178,8 +177,7 @@ migrations = V85_MLSDraft17.migration, V86_TeamFeatureMlsMigration.migration, V87_TeamFeatureSupportedProtocols.migration, - V88_TruncateMLSGroupMemberClient.migration, - V89_RemoveMemberClient.migration + V88_RemoveMemberClientAndTruncateMLSGroupMemberClient.migration -- FUTUREWORK: once #1726 has made its way to master/production, -- the 'message' field in connections table can be dropped. -- See also https://github.com/wireapp/wire-server/pull/1747/files diff --git a/services/galley/src/Galley/Schema/V88_TruncateMLSGroupMemberClient.hs b/services/galley/src/Galley/Schema/V88_RemoveMemberClientAndTruncateMLSGroupMemberClient.hs similarity index 85% rename from services/galley/src/Galley/Schema/V88_TruncateMLSGroupMemberClient.hs rename to services/galley/src/Galley/Schema/V88_RemoveMemberClientAndTruncateMLSGroupMemberClient.hs index 77e9d15a11f..d0736577f76 100644 --- a/services/galley/src/Galley/Schema/V88_TruncateMLSGroupMemberClient.hs +++ b/services/galley/src/Galley/Schema/V88_RemoveMemberClientAndTruncateMLSGroupMemberClient.hs @@ -14,7 +14,7 @@ -- -- You should have received a copy of the GNU Affero General Public License along -- with this program. If not, see . -module Galley.Schema.V88_TruncateMLSGroupMemberClient +module Galley.Schema.V88_RemoveMemberClientAndTruncateMLSGroupMemberClient ( migration, ) where @@ -28,6 +28,8 @@ import Text.RawString.QQ -- could've been. This migration just deletes old data. This could break some -- conversations/users in unknown ways. But those are most likely test users. migration :: Migration -migration = Migration 88 "Truncate mls_group_member_client" $ do +migration = Migration 88 "Remove member_client and Truncate mls_group_member_client" $ do schema' [r|TRUNCATE TABLE mls_group_member_client|] + schema' + [r|DROP TABLE IF EXISTS member_client|] diff --git a/services/galley/src/Galley/Schema/V89_RemoveMemberClient.hs b/services/galley/src/Galley/Schema/V89_RemoveMemberClient.hs deleted file mode 100644 index 53f2d0df2d1..00000000000 --- a/services/galley/src/Galley/Schema/V89_RemoveMemberClient.hs +++ /dev/null @@ -1,33 +0,0 @@ --- This file is part of the Wire Server implementation. --- --- Copyright (C) 2023 Wire Swiss GmbH --- --- This program is free software: you can redistribute it and/or modify it under --- the terms of the GNU Affero General Public License as published by the Free --- Software Foundation, either version 3 of the License, or (at your option) any --- later version. --- --- This program is distributed in the hope that it will be useful, but WITHOUT --- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS --- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more --- details. --- --- You should have received a copy of the GNU Affero General Public License along --- with this program. If not, see . -module Galley.Schema.V89_RemoveMemberClient - ( migration, - ) -where - -import Cassandra.Schema -import Imports -import Text.RawString.QQ - --- | This migration exists because the table could have some rogue data in it --- before MLS Draft-17 was implemented. It was not supposed to be used, but it --- could've been. This migration just deletes old data. This could break some --- conversations/users in unknown ways. But those are most likely test users. -migration :: Migration -migration = Migration 88 "Remove member_client" $ do - schema' - [r|DROP TABLE IF EXISTS member_client|] From 44de0f51893fcfe697392e1b883200a4e6664e93 Mon Sep 17 00:00:00 2001 From: Stefan Matting Date: Tue, 31 Oct 2023 17:23:42 +0100 Subject: [PATCH 017/177] Remove create-user/team scripts (#3683) --- hack/bin/create-user | 265 ---------------------------------------- hack/bin/create_team.py | 66 ---------- 2 files changed, 331 deletions(-) delete mode 100755 hack/bin/create-user delete mode 100755 hack/bin/create_team.py diff --git a/hack/bin/create-user b/hack/bin/create-user deleted file mode 100755 index 3757493e4d6..00000000000 --- a/hack/bin/create-user +++ /dev/null @@ -1,265 +0,0 @@ -#!/usr/bin/env python3 - -'''This script creates a user on development backends that expose internal -endpoints to basicauth-authenticated users. - -This script is different than create_team.py which requires access to the brig service directly. - -Run with --help to see the args. - -Requirements of this script: the "requests" library. - -''' - -import requests -import string -import random -import argparse -import time -import sys -import os -import json -import base64 -import sys - - -def random_string(n): - return ''.join(random.choice(string.ascii_lowercase) for i in range(n)) - -def random_email(number=1): - rnd = random_string(8) - return f'doesnotexist+{number}_{rnd}@wire.com' - -def add_team_member(baseurl, team, access_token, basic_auth, i=1): - member_email = random_email(i) - - - password = random_string(20) - - r = requests.post(f'{baseurl}/teams/{team}/invitations', json={'email': member_email}, headers={'Authorization': f'Bearer {access_token}'}) - invitation_id = r.json()['id'] - - r = requests.get(f'{baseurl}/i/teams/invitation-code', params={'team': team, 'invitation_id': invitation_id}, headers={'Authorization': f'Basic {basic_auth}'}) - code = r.json()['code'] - - d = { - "name": member_email, - "email": member_email, - "password": password, - "team_code": code - } - r = requests.post(f'{baseurl}/register', json=d) - assert r.status_code == 201 - body = r.json() - - member = { - 'email': member_email, - 'password': password, - 'user_id': body['id'] - } - - r = requests.get(f'{baseurl}/i/users/activation-code', params={'email': member_email}, headers={'Authorization': f'Basic {basic_auth}'}) - - sys.stderr.write(f"Added member user {member_email}\n") - - return member - -def create_user(baseurl, basic_auth, create_team, n_members, manual_email, has_inbucket): - if manual_email is None: - email = random_email() - else: - email = manual_email - - password = random_string(20) - - body = { - "accent_id": 1, - 'locale': 'en-US', - 'name': email, - 'email': email, - 'password': password - } - if create_team: - body['team'] = {'name': 'My test team', 'icon': 'default'} - - r = requests.post(f'{baseurl}/register', json=body) - user = r.json() - - basicauth_headers = {'Authorization': f'Basic {basic_auth}'} - r = requests.get(f'{baseurl}/i/users/activation-code', params={'email': email}, headers=basicauth_headers) - assert r.status_code == 200 - - code = r.json() - - r = requests.post(f'{baseurl}/activate', json={'code': code['code'], 'key': code['key'], 'email': email, 'dryrun': False}) - assert r.status_code == 200 - - team = user.get("team") - - admin = { - 'email': email, - 'password': password, - 'user_id': user["id"], - 'team': team - } - - result = {'admin': admin} - - r = requests.get(f'{baseurl}/i/teams/{team}/features/sndFactorPasswordChallenge', headers=basicauth_headers) - d = r.json() - second_factor_enabled = d['status'] == 'enabled' - # FUTUREWORK: Create team members for 2fa backends. To login 1) send verification code 2) get verification code via internal api 3) use code when logging in as authentication code - if second_factor_enabled: - if manual_email is None and not has_inbucket: - fail("Backend has 2FA enabled. Yout must provide an existing email adress via the -m flag. Also no team members will be created by this script.") - - else: - login_request = {'email': email, 'password': password} - - r = requests.post(f'{baseurl}/login', json=login_request) - - access_token = r.json()['access_token'] - - if team is not None and not second_factor_enabled: - members = [] - for i in range(n_members): - member = add_team_member(baseurl, team, access_token, basic_auth, i) - members.append(member) - result['members'] = members - - return result - -def fail(msg): - sys.stderr.write(msg) - sys.stderr.write('\n') - sys.exit(1) - - -def main(): - known_envs = { - 'staging': { - 'baseurl': 'https://staging-nginz-https.zinfra.io', - 'webapp': 'https://wire-webapp-master.zinfra.io/' - }, - 'anta': { - 'baseurl': 'https://nginz-https.anta.wire.link', - 'webapp': 'https://webapp.anta.wire.link/', - 'teams': 'https://teams.anta.wire.link/' - }, - 'bella': { - 'baseurl': 'https://nginz-https.bella.wire.link', - 'webapp': 'https://webapp.bella.wire.link/' - }, - 'chala': { - 'baseurl': 'https://nginz-https.chala.wire.link', - 'webapp': 'https://webapp.chala.wire.link/' - }, - 'diya': { - 'baseurl': 'https://nginz-https.diya.wire.link', - 'webapp': 'https://webapp.diya.wire.link/', - 'teams': 'https://teams.diya.wire.link/' - }, - 'elna': { - 'baseurl': 'https://nginz-https.elna.wire.link', - 'webapp': 'https://webapp.elna.wire.link/', - 'teams': 'https://teams.elna.wire.link/' - }, - 'foma': { - 'baseurl': 'https://nginz-https.foma.wire.link', - 'webapp': 'https://webapp.foma.wire.link/' - }, - 'gudja': { - 'baseurl': 'https://nginz-https.gudja-offline-web.wire.link', - 'webapp': 'https://webapp.gudja-offline-web.wire.link/' - }, - 'jishui': { - 'baseurl': 'https://nginz-https.jishui.wire.link', - 'webapp': 'https://webapp.jishui.wire.link/' - }, - 'ninjas': { - 'baseurl': 'https://nginz-https.ninjas.dogfood.wire.link', - 'webapp': 'https://webapp.ninjas.dogfood.wire.link/' - }, - 'pirates': { - 'baseurl': 'https://nginz-https.pirates.dogfood.wire.link', - 'webapp': 'https://webapp.pirates.dogfood.wire.link/' - }, - 'unicorns': { - 'baseurl': 'https://nginz-https.unicorns.dogfood.wire.link', - 'webapp': 'https://webapp.unicorns.dogfood.wire.link/' - }, - 'bund-next-column-offline-android': { - 'baseurl': 'https://nginz-https.bund-next-column-offline-android.wire.link', - 'webapp': 'https://webapp.bund-next-column-offline-android.wire.link/' - }, - 'bund-next-column-offline-web': { - 'baseurl': 'https://nginz-https.bund-next-column-offline-web.wire.link', - 'webapp': 'https://webapp.bund-next-column-offline-web.wire.link/' - }, - 'bund-next-column-offline-ios': { - 'baseurl': 'https://nginz-https.bund-next-column-offline-ios.wire.link', - 'webapp': 'https://webapp.bund-next-column-offline-ios.wire.link/' - }, - 'bund-next-external': { - 'baseurl': 'https://nginz-https.bund-next-external.wire.link', - 'webapp': 'https://webapp.bund-next-external.wire.link/' - }, - 'bund-next-column-1': { - 'baseurl': 'https://nginz-https.bund-next-column-1.wire.link', - 'webapp': 'https://webapp.bund-next-column-1.wire.link/', - 'inbucket': 'https://inbucket.bund-next-column-1.wire.link/' - }, - 'bund-next-column-2': { - 'baseurl': 'https://nginz-https.bund-next-column-2.wire.link', - 'webapp': 'https://webapp.bund-next-column-2.wire.link/', - 'inbucket': 'https://inbucket.bund-next-column-2.wire.link/' - }, - 'bund-next-column-3': { - 'baseurl': 'https://nginz-https.bund-next-column-3.wire.link', - 'webapp': 'https://webapp.bund-next-column-3.wire.link/', - 'inbucket': 'https://inbucket.bund-next-column-3.wire.link/' - } - } - - parser = argparse.ArgumentParser( - prog=sys.argv[0], description="Create team (with members) or a personal user on Wire's testing environments." - ) - parser.add_argument('-e', '--env', default='choose_env', help=f'One of: {", ".join(known_envs.keys())}') - parser.add_argument('-p', '--personal', action='store_true', help="Create a personal user, instead of a team admin.") - parser.add_argument('-n', '--members', default='1', help="Number of members to add.") - parser.add_argument('-m', '--email', default='', help="Email of created user. If omitted a random non-existing @wire.com email will be used.") - args = parser.parse_args() - - if args.env == 'choose_env': - fail(parser.format_help()) - - env = known_envs.get(args.env) - if env is None: - fail(f'Unknown environment: {args.env}. If missing then add it to the script.') - - basic_auths_json = os.environ.get('CREATE_USER_BASICAUTH') - if basic_auths_json is None: - fail(r'Please set CREATE_USER_BASICAUTH to a json object of form {"env_name": {"username": "xx", "password": "xx"}} containing the basicauth credentials for each environment.') - - basic_auths = json.loads(basic_auths_json) - if args.env not in basic_auths: - fail(f'Environment "{args.env}" is missing in CREATE_USER_BASICAUTH.') - - b_user = basic_auths[args.env]['username'] - b_password = basic_auths[args.env]['password'] - - basic_auth = base64.b64encode(f'{b_user}:{b_password}'.encode('utf8')).decode('utf8') - - n_members = int(args.members) - - manual_email = args.email if len(args.email) > 0 else None - - result = create_user(env['baseurl'], basic_auth, not args.personal, n_members, manual_email, 'inbucket' in env) - - result['env'] = env - result['basicauth'] = {'username': b_user, 'password': b_password, 'header': basic_auth} - - print(json.dumps(result, indent=4)) - -if __name__ == '__main__': - main() diff --git a/hack/bin/create_team.py b/hack/bin/create_team.py deleted file mode 100755 index 6170e490f1e..00000000000 --- a/hack/bin/create_team.py +++ /dev/null @@ -1,66 +0,0 @@ -#!/usr/bin/env python3 - -import sys -import argparse - -from wire import api -from wire.context import Context - - -def invite_user(ctx, admin_user_id, team): - r = api.create_team_invitation(ctx, team, user=admin_user_id) - assert r.response.status_code == 201 - res_inv = r.response.json() - invitation = res_inv['id'] - email = res_inv['email'] - - r2 = api.get_invitation_code(ctx, team, invitation, user=admin_user_id) - assert r2.response.status_code == 200 - code = r2.response.json()['code'] - - r3 = api.register_user(ctx, email=email, code=code) - assert r3.response.status_code == 201 - password = r3.request['json']['password'] - user_id = r3.response.json()['id'] - - print('user_id', user_id) - print('email', email) - print('password', password) - - -def main(): - parser = argparse.ArgumentParser( - prog=sys.argv[0], description="Create team and members via brig's internal api" - ) - parser.add_argument('brig_port') - parser.add_argument('-n', '--number-users', default='1') - args = parser.parse_args() - local_brig_port = int(args.brig_port) - n_users = int(args.number_users) - - ctx = Context(domain="dummy", version="3", service_map={'brig': local_brig_port}) - create_user = api.create_user(ctx, create_team=True) - - admin_email = create_user.request['json']['email'] - admin_password = create_user.request['json']['password'] - team = create_user.response.json()['team'] - admin_user_id = create_user.response.json()['id'] - - print('# Team') - print('team', team) - print() - - print('# Admin') - print('admin_user_id', admin_user_id) - print('admin_email', admin_email) - print('admin_password', admin_password) - print() - - for i in range(n_users): - print(f'# Member {i+1}') - invite_user(ctx, admin_user_id=admin_user_id, team=team) - print() - - -if __name__ == '__main__': - main() From f9db2b65f27e0b274317e7808e3154dd8f85eaba Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 09:19:20 +0200 Subject: [PATCH 018/177] nix/wire-server.nix: nixpkgs-fmt --- nix/wire-server.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nix/wire-server.nix b/nix/wire-server.nix index 652cbcedd4b..9cadb783676 100644 --- a/nix/wire-server.nix +++ b/nix/wire-server.nix @@ -255,8 +255,8 @@ let # extraContents :: Map Exe Derivation -> Map Text [Derivation] extraContents = exes: { brig = [ brig-templates ]; - brig-integration = [brig-templates pkgs.mls-test-cli pkgs.awscli2]; - galley-integration = [pkgs.mls-test-cli pkgs.awscli2]; + brig-integration = [ brig-templates pkgs.mls-test-cli pkgs.awscli2 ]; + galley-integration = [ pkgs.mls-test-cli pkgs.awscli2 ]; stern-integration = [ pkgs.awscli2 ]; gundeck-integration = [ pkgs.awscli2 ]; cargohold-integration = [ pkgs.awscli2 ]; From c8ad2f4bc68d382efa86344799a74537b6fb9883 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 09:19:31 +0200 Subject: [PATCH 019/177] shell: add crate2nix --- nix/wire-server.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nix/wire-server.nix b/nix/wire-server.nix index 9cadb783676..9dad1718ce1 100644 --- a/nix/wire-server.nix +++ b/nix/wire-server.nix @@ -466,6 +466,7 @@ in name = "wire-server-dev-env"; paths = commonTools ++ [ pkgs.bash + pkgs.crate2nix pkgs.dash (pkgs.haskell-language-server.override { supportedGhcVersions = [ "92" ]; }) pkgs.ghcid From b48fd379cd4df4304f9ab67756217ee2c6a3afa0 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 09:38:49 +0200 Subject: [PATCH 020/177] cryptobox: package with crate2nix --- nix/pkgs/cryptobox/.gitignore | 1 + nix/pkgs/cryptobox/Cargo.nix | 959 +++++++++++++++++++++++ nix/pkgs/cryptobox/README.md | 7 + nix/pkgs/cryptobox/crate2nix-sources.nix | 109 +++ nix/pkgs/cryptobox/crate2nix.json | 10 + nix/pkgs/cryptobox/default.nix | 60 +- 6 files changed, 1116 insertions(+), 30 deletions(-) create mode 100644 nix/pkgs/cryptobox/.gitignore create mode 100644 nix/pkgs/cryptobox/Cargo.nix create mode 100644 nix/pkgs/cryptobox/README.md create mode 100644 nix/pkgs/cryptobox/crate2nix-sources.nix create mode 100644 nix/pkgs/cryptobox/crate2nix.json diff --git a/nix/pkgs/cryptobox/.gitignore b/nix/pkgs/cryptobox/.gitignore new file mode 100644 index 00000000000..3f66fdb7d63 --- /dev/null +++ b/nix/pkgs/cryptobox/.gitignore @@ -0,0 +1 @@ +/crate2nix-sources diff --git a/nix/pkgs/cryptobox/Cargo.nix b/nix/pkgs/cryptobox/Cargo.nix new file mode 100644 index 00000000000..3ba01131fb6 --- /dev/null +++ b/nix/pkgs/cryptobox/Cargo.nix @@ -0,0 +1,959 @@ + +# This file was @generated by crate2nix 0.10.0 with the command: +# "generate" +# See https://github.com/kolloch/crate2nix for more info. + +{ nixpkgs ? +, pkgs ? import nixpkgs { config = {}; } +, lib ? pkgs.lib +, stdenv ? pkgs.stdenv +, buildRustCrateForPkgs ? if buildRustCrate != null + then lib.warn "crate2nix: Passing `buildRustCrate` as argument to Cargo.nix is deprecated. If you don't customize `buildRustCrate`, replace `callPackage ./Cargo.nix {}` by `import ./Cargo.nix { inherit pkgs; }`, and if you need to customize `buildRustCrate`, use `buildRustCrateForPkgs` instead." (_: buildRustCrate) + else pkgs: pkgs.buildRustCrate + # Deprecated +, buildRustCrate ? null + # This is used as the `crateOverrides` argument for `buildRustCrate`. +, defaultCrateOverrides ? pkgs.defaultCrateOverrides + # The features to enable for the root_crate or the workspace_members. +, rootFeatures ? [ "default" ] + # If true, throw errors instead of issueing deprecation warnings. +, strictDeprecation ? false + # Used for conditional compilation based on CPU feature detection. +, targetFeatures ? [] + # Whether to perform release builds: longer compile times, faster binaries. +, release ? true + # Additional crate2nix configuration if it exists. +, crateConfig + ? if builtins.pathExists ./crate-config.nix + then pkgs.callPackage ./crate-config.nix {} + else {} +}: + +rec { + # + # "public" attributes that we attempt to keep stable with new versions of crate2nix. + # + + rootCrate = rec { + packageId = "cryptobox-c"; + + # Use this attribute to refer to the derivation building your root crate package. + # You can override the features with rootCrate.build.override { features = [ "default" "feature1" ... ]; }. + build = internal.buildRustCrateWithFeatures { + inherit packageId; + }; + + # Debug support which might change between releases. + # File a bug if you depend on any for non-debug work! + debug = internal.debugCrate { inherit packageId; }; + }; + # Refer your crate build derivation by name here. + # You can override the features with + # workspaceMembers."${crateName}".build.override { features = [ "default" "feature1" ... ]; }. + workspaceMembers = { + "cryptobox-c" = rec { + packageId = "cryptobox-c"; + build = internal.buildRustCrateWithFeatures { + packageId = "cryptobox-c"; + }; + + # Debug support which might change between releases. + # File a bug if you depend on any for non-debug work! + debug = internal.debugCrate { inherit packageId; }; + }; + }; + + # A derivation that joins the outputs of all workspace members together. + allWorkspaceMembers = pkgs.symlinkJoin { + name = "all-workspace-members"; + paths = + let members = builtins.attrValues workspaceMembers; + in builtins.map (m: m.build) members; + }; + + # + # "internal" ("private") attributes that may change in every new version of crate2nix. + # + + internal = rec { + # Build and dependency information for crates. + # Many of the fields are passed one-to-one to buildRustCrate. + # + # Noteworthy: + # * `dependencies`/`buildDependencies`: similar to the corresponding fields for buildRustCrate. + # but with additional information which is used during dependency/feature resolution. + # * `resolvedDependencies`: the selected default features reported by cargo - only included for debugging. + # * `devDependencies` as of now not used by `buildRustCrate` but used to + # inject test dependencies into the build + + crates = { + "byteorder" = rec { + crateName = "byteorder"; + version = "1.2.1"; + edition = "2015"; + sha256 = "08qdzm6y639swc9crvkav59cp46lmfj84rlsbvcakb9zwyvhaa35"; + authors = [ + "Andrew Gallant " + ]; + features = { + "default" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "cbor-codec" = rec { + crateName = "cbor-codec"; + version = "0.7.1"; + edition = "2015"; + sha256 = "0ihg2ixp71nkwcgg8jfip774q5dia4d16l786wlcadrbaqis10z0"; + libName = "cbor"; + authors = [ + "Toralf Wittner " + ]; + dependencies = [ + { + name = "byteorder"; + packageId = "byteorder"; + } + { + name = "libc"; + packageId = "libc"; + } + ]; + features = { + "quickcheck" = [ "dep:quickcheck" ]; + "random" = [ "quickcheck" ]; + }; + }; + "cryptobox" = rec { + crateName = "cryptobox"; + version = "1.0.0"; + edition = "2015"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/cryptobox"; + rev = "ec45a50c3608d00744625125125932beac890965"; + sha256 = "0sada781pwczmxhlnw0qhkh54k22jdhymc5kaczrwk86s4b3w2hk"; + }; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "byteorder"; + packageId = "byteorder"; + } + { + name = "cbor-codec"; + packageId = "cbor-codec"; + } + { + name = "proteus"; + packageId = "proteus"; + } + ]; + + }; + "cryptobox-c" = rec { + crateName = "cryptobox-c"; + version = "1.0.0"; + edition = "2015"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/cryptobox-c"; + rev = "4067ad96b125942545dbdec8c1a89f1e1b65d013"; + sha256 = "1i9dlhw0xk1viglyhail9fb36v1awrypps8jmhrkz8k1bhx98ci3"; + };type = [ "cdylib" ]; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "cryptobox"; + packageId = "cryptobox"; + } + { + name = "libc"; + packageId = "libc"; + } + { + name = "proteus"; + packageId = "proteus"; + } + ]; + + }; + "hkdf" = rec { + crateName = "hkdf"; + version = "0.2.0"; + edition = "2015"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/hkdf"; + rev = "215025dc0efec119a7368447ed97bb908eddfb1c"; + sha256 = "1s0q2xq489r4zmbhd501mm9qpwaw9zv3bz0pii493l1qhzvi3n3i"; + }; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "sodiumoxide"; + packageId = "sodiumoxide"; + usesDefaultFeatures = false; + } + ]; + + }; + "libc" = rec { + crateName = "libc"; + version = "0.2.35"; + edition = "2015"; + sha256 = "1sr0la5n6bq1g1yqpfjffmdwiv8szn7siy5vzidx559y56dlw9ln"; + authors = [ + "The Rust Project Developers" + ]; + features = { + "default" = [ "use_std" ]; + }; + resolvedDefaultFeatures = [ "default" "use_std" ]; + }; + "libsodium-sys" = rec { + crateName = "libsodium-sys"; + version = "0.0.16"; + edition = "2015"; + sha256 = "0hjmdxjz32yq4gxwjg608bi7cf9igilsmsv9lslcli4dxpp1pggw"; + libName = "libsodium_sys"; + libPath = "lib.rs"; + authors = [ + "dnaq" + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + } + ]; + buildDependencies = [ + { + name = "pkg-config"; + packageId = "pkg-config"; + } + ]; + + }; + "pkg-config" = rec { + crateName = "pkg-config"; + version = "0.3.9"; + edition = "2015"; + sha256 = "00x9vc7667m4r8sn8idgpmj9yf1ih6bj1cdrshf1mkb5h5mlr2rs"; + authors = [ + "Alex Crichton " + ]; + + }; + "proteus" = rec { + crateName = "proteus"; + version = "1.0.0"; + edition = "2015"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/proteus"; + rev = "bbecc0c649d020bb208ad83d120c6971913e2eeb"; + sha256 = "0dp4fzd39kzr0z1rq78vmgvyvpg9b13k1fq37gmsvr2qlkkjv4x6"; + }; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "byteorder"; + packageId = "byteorder"; + } + { + name = "cbor-codec"; + packageId = "cbor-codec"; + } + { + name = "hkdf"; + packageId = "hkdf"; + } + { + name = "libc"; + packageId = "libc"; + } + { + name = "sodiumoxide"; + packageId = "sodiumoxide"; + usesDefaultFeatures = false; + features = [ "std" ]; + } + ]; + + }; + "sodiumoxide" = rec { + crateName = "sodiumoxide"; + version = "0.0.16"; + edition = "2015"; + sha256 = "02m0mbyq4k4p7baz659ndaixancl19x2anaysqm3alcs9zqv4p7b"; + authors = [ + "dnaq" + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + } + { + name = "libsodium-sys"; + packageId = "libsodium-sys"; + } + ]; + features = { + "default" = [ "serde" "std" ]; + "serde" = [ "dep:serde" ]; + }; + resolvedDefaultFeatures = [ "std" ]; + }; + }; + + # +# crate2nix/default.nix (excerpt start) +# + + /* Target (platform) data for conditional dependencies. + This corresponds roughly to what buildRustCrate is setting. + */ + defaultTarget = { + unix = true; + windows = false; + fuchsia = true; + test = false; + + # This doesn't appear to be officially documented anywhere yet. + # See https://github.com/rust-lang-nursery/rust-forge/issues/101. + os = + if stdenv.hostPlatform.isDarwin + then "macos" + else stdenv.hostPlatform.parsed.kernel.name; + arch = stdenv.hostPlatform.parsed.cpu.name; + family = "unix"; + env = "gnu"; + endian = + if stdenv.hostPlatform.parsed.cpu.significantByte.name == "littleEndian" + then "little" else "big"; + pointer_width = toString stdenv.hostPlatform.parsed.cpu.bits; + vendor = stdenv.hostPlatform.parsed.vendor.name; + debug_assertions = false; + }; + + /* Filters common temp files and build files. */ + # TODO(pkolloch): Substitute with gitignore filter + sourceFilter = name: type: + let + baseName = builtins.baseNameOf (builtins.toString name); + in + ! ( + # Filter out git + baseName == ".gitignore" + || (type == "directory" && baseName == ".git") + + # Filter out build results + || ( + type == "directory" && ( + baseName == "target" + || baseName == "_site" + || baseName == ".sass-cache" + || baseName == ".jekyll-metadata" + || baseName == "build-artifacts" + ) + ) + + # Filter out nix-build result symlinks + || ( + type == "symlink" && lib.hasPrefix "result" baseName + ) + + # Filter out IDE config + || ( + type == "directory" && ( + baseName == ".idea" || baseName == ".vscode" + ) + ) || lib.hasSuffix ".iml" baseName + + # Filter out nix build files + || baseName == "Cargo.nix" + + # Filter out editor backup / swap files. + || lib.hasSuffix "~" baseName + || builtins.match "^\\.sw[a-z]$$" baseName != null + || builtins.match "^\\..*\\.sw[a-z]$$" baseName != null + || lib.hasSuffix ".tmp" baseName + || lib.hasSuffix ".bak" baseName + || baseName == "tests.nix" + ); + + /* Returns a crate which depends on successful test execution + of crate given as the second argument. + + testCrateFlags: list of flags to pass to the test exectuable + testInputs: list of packages that should be available during test execution + */ + crateWithTest = { crate, testCrate, testCrateFlags, testInputs, testPreRun, testPostRun }: + assert builtins.typeOf testCrateFlags == "list"; + assert builtins.typeOf testInputs == "list"; + assert builtins.typeOf testPreRun == "string"; + assert builtins.typeOf testPostRun == "string"; + let + # override the `crate` so that it will build and execute tests instead of + # building the actual lib and bin targets We just have to pass `--test` + # to rustc and it will do the right thing. We execute the tests and copy + # their log and the test executables to $out for later inspection. + test = + let + drv = testCrate.override + ( + _: { + buildTests = true; + } + ); + # If the user hasn't set any pre/post commands, we don't want to + # insert empty lines. This means that any existing users of crate2nix + # don't get a spurious rebuild unless they set these explicitly. + testCommand = pkgs.lib.concatStringsSep "\n" + (pkgs.lib.filter (s: s != "") [ + testPreRun + "$f $testCrateFlags 2>&1 | tee -a $out" + testPostRun + ]); + in + pkgs.runCommand "run-tests-${testCrate.name}" + { + inherit testCrateFlags; + buildInputs = testInputs; + } '' + set -ex + + export RUST_BACKTRACE=1 + + # recreate a file hierarchy as when running tests with cargo + + # the source for test data + ${pkgs.xorg.lndir}/bin/lndir ${crate.src} + + # build outputs + testRoot=target/debug + mkdir -p $testRoot + + # executables of the crate + # we copy to prevent std::env::current_exe() to resolve to a store location + for i in ${crate}/bin/*; do + cp "$i" "$testRoot" + done + chmod +w -R . + + # test harness executables are suffixed with a hash, like cargo does + # this allows to prevent name collision with the main + # executables of the crate + hash=$(basename $out) + for file in ${drv}/tests/*; do + f=$testRoot/$(basename $file)-$hash + cp $file $f + ${testCommand} + done + ''; + in + pkgs.runCommand "${crate.name}-linked" + { + inherit (crate) outputs crateName; + passthru = (crate.passthru or { }) // { + inherit test; + }; + } '' + echo tested by ${test} + ${lib.concatMapStringsSep "\n" (output: "ln -s ${crate.${output}} ${"$"}${output}") crate.outputs} + ''; + + /* A restricted overridable version of builtRustCratesWithFeatures. */ + buildRustCrateWithFeatures = + { packageId + , features ? rootFeatures + , crateOverrides ? defaultCrateOverrides + , buildRustCrateForPkgsFunc ? null + , runTests ? false + , testCrateFlags ? [ ] + , testInputs ? [ ] + # Any command to run immediatelly before a test is executed. + , testPreRun ? "" + # Any command run immediatelly after a test is executed. + , testPostRun ? "" + }: + lib.makeOverridable + ( + { features + , crateOverrides + , runTests + , testCrateFlags + , testInputs + , testPreRun + , testPostRun + }: + let + buildRustCrateForPkgsFuncOverriden = + if buildRustCrateForPkgsFunc != null + then buildRustCrateForPkgsFunc + else + ( + if crateOverrides == pkgs.defaultCrateOverrides + then buildRustCrateForPkgs + else + pkgs: (buildRustCrateForPkgs pkgs).override { + defaultCrateOverrides = crateOverrides; + } + ); + builtRustCrates = builtRustCratesWithFeatures { + inherit packageId features; + buildRustCrateForPkgsFunc = buildRustCrateForPkgsFuncOverriden; + runTests = false; + }; + builtTestRustCrates = builtRustCratesWithFeatures { + inherit packageId features; + buildRustCrateForPkgsFunc = buildRustCrateForPkgsFuncOverriden; + runTests = true; + }; + drv = builtRustCrates.crates.${packageId}; + testDrv = builtTestRustCrates.crates.${packageId}; + derivation = + if runTests then + crateWithTest + { + crate = drv; + testCrate = testDrv; + inherit testCrateFlags testInputs testPreRun testPostRun; + } + else drv; + in + derivation + ) + { inherit features crateOverrides runTests testCrateFlags testInputs testPreRun testPostRun; }; + + /* Returns an attr set with packageId mapped to the result of buildRustCrateForPkgsFunc + for the corresponding crate. + */ + builtRustCratesWithFeatures = + { packageId + , features + , crateConfigs ? crates + , buildRustCrateForPkgsFunc + , runTests + , target ? defaultTarget + } @ args: + assert (builtins.isAttrs crateConfigs); + assert (builtins.isString packageId); + assert (builtins.isList features); + assert (builtins.isAttrs target); + assert (builtins.isBool runTests); + let + rootPackageId = packageId; + mergedFeatures = mergePackageFeatures + ( + args // { + inherit rootPackageId; + target = target // { test = runTests; }; + } + ); + # Memoize built packages so that reappearing packages are only built once. + builtByPackageIdByPkgs = mkBuiltByPackageIdByPkgs pkgs; + mkBuiltByPackageIdByPkgs = pkgs: + let + self = { + crates = lib.mapAttrs (packageId: value: buildByPackageIdForPkgsImpl self pkgs packageId) crateConfigs; + build = mkBuiltByPackageIdByPkgs pkgs.buildPackages; + }; + in + self; + buildByPackageIdForPkgsImpl = self: pkgs: packageId: + let + features = mergedFeatures."${packageId}" or [ ]; + crateConfig' = crateConfigs."${packageId}"; + crateConfig = + builtins.removeAttrs crateConfig' [ "resolvedDefaultFeatures" "devDependencies" ]; + devDependencies = + lib.optionals + (runTests && packageId == rootPackageId) + (crateConfig'.devDependencies or [ ]); + dependencies = + dependencyDerivations { + inherit features target; + buildByPackageId = depPackageId: + # proc_macro crates must be compiled for the build architecture + if crateConfigs.${depPackageId}.procMacro or false + then self.build.crates.${depPackageId} + else self.crates.${depPackageId}; + dependencies = + (crateConfig.dependencies or [ ]) + ++ devDependencies; + }; + buildDependencies = + dependencyDerivations { + inherit features target; + buildByPackageId = depPackageId: + self.build.crates.${depPackageId}; + dependencies = crateConfig.buildDependencies or [ ]; + }; + filterEnabledDependenciesForThis = dependencies: filterEnabledDependencies { + inherit dependencies features target; + }; + dependenciesWithRenames = + lib.filter (d: d ? "rename") + ( + filterEnabledDependenciesForThis + ( + (crateConfig.buildDependencies or [ ]) + ++ (crateConfig.dependencies or [ ]) + ++ devDependencies + ) + ); + # Crate renames have the form: + # + # { + # crate_name = [ + # { version = "1.2.3"; rename = "crate_name01"; } + # ]; + # # ... + # } + crateRenames = + let + grouped = + lib.groupBy + (dependency: dependency.name) + dependenciesWithRenames; + versionAndRename = dep: + let + package = crateConfigs."${dep.packageId}"; + in + { inherit (dep) rename; version = package.version; }; + in + lib.mapAttrs (name: choices: builtins.map versionAndRename choices) grouped; + in + buildRustCrateForPkgsFunc pkgs + ( + crateConfig // { + src = crateConfig.src or ( + pkgs.fetchurl rec { + name = "${crateConfig.crateName}-${crateConfig.version}.tar.gz"; + # https://www.pietroalbini.org/blog/downloading-crates-io/ + # Not rate-limited, CDN URL. + url = "https://static.crates.io/crates/${crateConfig.crateName}/${crateConfig.crateName}-${crateConfig.version}.crate"; + sha256 = + assert (lib.assertMsg (crateConfig ? sha256) "Missing sha256 for ${name}"); + crateConfig.sha256; + } + ); + extraRustcOpts = lib.lists.optional (targetFeatures != [ ]) "-C target-feature=${lib.concatMapStringsSep "," (x: "+${x}") targetFeatures}"; + inherit features dependencies buildDependencies crateRenames release; + } + ); + in + builtByPackageIdByPkgs; + + /* Returns the actual derivations for the given dependencies. */ + dependencyDerivations = + { buildByPackageId + , features + , dependencies + , target + }: + assert (builtins.isList features); + assert (builtins.isList dependencies); + assert (builtins.isAttrs target); + let + enabledDependencies = filterEnabledDependencies { + inherit dependencies features target; + }; + depDerivation = dependency: buildByPackageId dependency.packageId; + in + map depDerivation enabledDependencies; + + /* Returns a sanitized version of val with all values substituted that cannot + be serialized as JSON. + */ + sanitizeForJson = val: + if builtins.isAttrs val + then lib.mapAttrs (n: v: sanitizeForJson v) val + else if builtins.isList val + then builtins.map sanitizeForJson val + else if builtins.isFunction val + then "function" + else val; + + /* Returns various tools to debug a crate. */ + debugCrate = { packageId, target ? defaultTarget }: + assert (builtins.isString packageId); + let + debug = rec { + # The built tree as passed to buildRustCrate. + buildTree = buildRustCrateWithFeatures { + buildRustCrateForPkgsFunc = _: lib.id; + inherit packageId; + }; + sanitizedBuildTree = sanitizeForJson buildTree; + dependencyTree = sanitizeForJson + ( + buildRustCrateWithFeatures { + buildRustCrateForPkgsFunc = _: crate: { + "01_crateName" = crate.crateName or false; + "02_features" = crate.features or [ ]; + "03_dependencies" = crate.dependencies or [ ]; + }; + inherit packageId; + } + ); + mergedPackageFeatures = mergePackageFeatures { + features = rootFeatures; + inherit packageId target; + }; + diffedDefaultPackageFeatures = diffDefaultPackageFeatures { + inherit packageId target; + }; + }; + in + { internal = debug; }; + + /* Returns differences between cargo default features and crate2nix default + features. + + This is useful for verifying the feature resolution in crate2nix. + */ + diffDefaultPackageFeatures = + { crateConfigs ? crates + , packageId + , target + }: + assert (builtins.isAttrs crateConfigs); + let + prefixValues = prefix: lib.mapAttrs (n: v: { "${prefix}" = v; }); + mergedFeatures = + prefixValues + "crate2nix" + (mergePackageFeatures { inherit crateConfigs packageId target; features = [ "default" ]; }); + configs = prefixValues "cargo" crateConfigs; + combined = lib.foldAttrs (a: b: a // b) { } [ mergedFeatures configs ]; + onlyInCargo = + builtins.attrNames + (lib.filterAttrs (n: v: !(v ? "crate2nix") && (v ? "cargo")) combined); + onlyInCrate2Nix = + builtins.attrNames + (lib.filterAttrs (n: v: (v ? "crate2nix") && !(v ? "cargo")) combined); + differentFeatures = lib.filterAttrs + ( + n: v: + (v ? "crate2nix") + && (v ? "cargo") + && (v.crate2nix.features or [ ]) != (v."cargo".resolved_default_features or [ ]) + ) + combined; + in + builtins.toJSON { + inherit onlyInCargo onlyInCrate2Nix differentFeatures; + }; + + /* Returns an attrset mapping packageId to the list of enabled features. + + If multiple paths to a dependency enable different features, the + corresponding feature sets are merged. Features in rust are additive. + */ + mergePackageFeatures = + { crateConfigs ? crates + , packageId + , rootPackageId ? packageId + , features ? rootFeatures + , dependencyPath ? [ crates.${packageId}.crateName ] + , featuresByPackageId ? { } + , target + # Adds devDependencies to the crate with rootPackageId. + , runTests ? false + , ... + } @ args: + assert (builtins.isAttrs crateConfigs); + assert (builtins.isString packageId); + assert (builtins.isString rootPackageId); + assert (builtins.isList features); + assert (builtins.isList dependencyPath); + assert (builtins.isAttrs featuresByPackageId); + assert (builtins.isAttrs target); + assert (builtins.isBool runTests); + let + crateConfig = crateConfigs."${packageId}" or (builtins.throw "Package not found: ${packageId}"); + expandedFeatures = expandFeatures (crateConfig.features or { }) features; + enabledFeatures = enableFeatures (crateConfig.dependencies or [ ]) expandedFeatures; + depWithResolvedFeatures = dependency: + let + packageId = dependency.packageId; + features = dependencyFeatures enabledFeatures dependency; + in + { inherit packageId features; }; + resolveDependencies = cache: path: dependencies: + assert (builtins.isAttrs cache); + assert (builtins.isList dependencies); + let + enabledDependencies = filterEnabledDependencies { + inherit dependencies target; + features = enabledFeatures; + }; + directDependencies = map depWithResolvedFeatures enabledDependencies; + foldOverCache = op: lib.foldl op cache directDependencies; + in + foldOverCache + ( + cache: { packageId, features }: + let + cacheFeatures = cache.${packageId} or [ ]; + combinedFeatures = sortedUnique (cacheFeatures ++ features); + in + if cache ? ${packageId} && cache.${packageId} == combinedFeatures + then cache + else + mergePackageFeatures { + features = combinedFeatures; + featuresByPackageId = cache; + inherit crateConfigs packageId target runTests rootPackageId; + } + ); + cacheWithSelf = + let + cacheFeatures = featuresByPackageId.${packageId} or [ ]; + combinedFeatures = sortedUnique (cacheFeatures ++ enabledFeatures); + in + featuresByPackageId // { + "${packageId}" = combinedFeatures; + }; + cacheWithDependencies = + resolveDependencies cacheWithSelf "dep" + ( + crateConfig.dependencies or [ ] + ++ lib.optionals + (runTests && packageId == rootPackageId) + (crateConfig.devDependencies or [ ]) + ); + cacheWithAll = + resolveDependencies + cacheWithDependencies "build" + (crateConfig.buildDependencies or [ ]); + in + cacheWithAll; + + /* Returns the enabled dependencies given the enabled features. */ + filterEnabledDependencies = { dependencies, features, target }: + assert (builtins.isList dependencies); + assert (builtins.isList features); + assert (builtins.isAttrs target); + + lib.filter + ( + dep: + let + targetFunc = dep.target or (features: true); + in + targetFunc { inherit features target; } + && ( + !(dep.optional or false) + || builtins.any (doesFeatureEnableDependency dep) features + ) + ) + dependencies; + + /* Returns whether the given feature should enable the given dependency. */ + doesFeatureEnableDependency = { name, rename ? null, ... }: feature: + let + prefix = "${name}/"; + len = builtins.stringLength prefix; + startsWithPrefix = builtins.substring 0 len feature == prefix; + in + (rename == null && feature == name) + || (rename != null && rename == feature) + || startsWithPrefix; + + /* Returns the expanded features for the given inputFeatures by applying the + rules in featureMap. + + featureMap is an attribute set which maps feature names to lists of further + feature names to enable in case this feature is selected. + */ + expandFeatures = featureMap: inputFeatures: + assert (builtins.isAttrs featureMap); + assert (builtins.isList inputFeatures); + let + expandFeature = feature: + assert (builtins.isString feature); + [ feature ] ++ (expandFeatures featureMap (featureMap."${feature}" or [ ])); + outFeatures = lib.concatMap expandFeature inputFeatures; + in + sortedUnique outFeatures; + + /* This function adds optional dependencies as features if they are enabled + indirectly by dependency features. This function mimics Cargo's behavior + described in a note at: + https://doc.rust-lang.org/nightly/cargo/reference/features.html#dependency-features + */ + enableFeatures = dependencies: features: + assert (builtins.isList features); + assert (builtins.isList dependencies); + let + additionalFeatures = lib.concatMap + ( + dependency: + assert (builtins.isAttrs dependency); + let + enabled = builtins.any (doesFeatureEnableDependency dependency) features; + in + if (dependency.optional or false) && enabled then [ dependency.name ] else [ ] + ) + dependencies; + in + sortedUnique (features ++ additionalFeatures); + + /* + Returns the actual features for the given dependency. + + features: The features of the crate that refers this dependency. + */ + dependencyFeatures = features: dependency: + assert (builtins.isList features); + assert (builtins.isAttrs dependency); + let + defaultOrNil = + if dependency.usesDefaultFeatures or true + then [ "default" ] + else [ ]; + explicitFeatures = dependency.features or [ ]; + additionalDependencyFeatures = + let + dependencyPrefix = (dependency.rename or dependency.name) + "/"; + dependencyFeatures = + builtins.filter (f: lib.hasPrefix dependencyPrefix f) features; + in + builtins.map (lib.removePrefix dependencyPrefix) dependencyFeatures; + in + defaultOrNil ++ explicitFeatures ++ additionalDependencyFeatures; + + /* Sorts and removes duplicates from a list of strings. */ + sortedUnique = features: + assert (builtins.isList features); + assert (builtins.all builtins.isString features); + let + outFeaturesSet = lib.foldl (set: feature: set // { "${feature}" = 1; }) { } features; + outFeaturesUnique = builtins.attrNames outFeaturesSet; + in + builtins.sort (a: b: a < b) outFeaturesUnique; + + deprecationWarning = message: value: + if strictDeprecation + then builtins.throw "strictDeprecation enabled, aborting: ${message}" + else builtins.trace message value; + + # + # crate2nix/default.nix (excerpt end) + # + }; +} + diff --git a/nix/pkgs/cryptobox/README.md b/nix/pkgs/cryptobox/README.md new file mode 100644 index 00000000000..babc4e88b77 --- /dev/null +++ b/nix/pkgs/cryptobox/README.md @@ -0,0 +1,7 @@ +# How to update + +``` +crate2nix source add git https://github.com/wireapp/cryptobox-c --rev $your-rev +crate2nix generate +``` + diff --git a/nix/pkgs/cryptobox/crate2nix-sources.nix b/nix/pkgs/cryptobox/crate2nix-sources.nix new file mode 100644 index 00000000000..0af7754ab08 --- /dev/null +++ b/nix/pkgs/cryptobox/crate2nix-sources.nix @@ -0,0 +1,109 @@ + +# Support functions to create a nix generated workspace for out-of-tree sources. +# +# You do not need to check this in since it will be regenerated every time it is +# used by crate2nix. +# +# This file was @generated by crate2nix 0.10.0 with the command: +# "generate" +# +# See https://github.com/kolloch/crate2nix for more info. + +{ nixpkgs ? +, pkgs ? import nixpkgs {} +, lib ? pkgs.lib +# The path to crate2nix.json. +, crate2nixJson ? ./crate2nix.json +}: + +let config = builtins.fromJSON (builtins.readFile crate2nixJson); + sources = config.sources or (builtins.throw "no sources in ${crate2nixJson}"); +in +rec { + /* An attrset mapping a source name to its source (as a derivation). */ + fetchedSourcesByName = lib.mapAttrs internal.sourceFromConfig sources; + + /* A derivation building a directory symlinking all workspace member sources + by their name. + */ + fetchedSources = + let sources = lib.mapAttrsToList (name: path: { inherit name path; }) fetchedSourcesByName; + in + pkgs.linkFarm "crate2nix-sources" sources; + + internal = rec { + sourceFromConfig = name: { type, ... } @ source: + assert builtins.isString name; + assert builtins.isString type; + + if type == "Git" + then pkgs.fetchgit { + url = source.url; + rev = source.rev; + sha256 = source.sha256; + } + else if type == "CratesIo" + then downloadFromCratesIo source + else if type == "Nix" + then resolveNix source + else builtins.throw "Unexpected source type '${type}' for source: ${builtins.toJSON source}"; + + /* Resolves a source configuration of type "Nix". + + It can either have + + * a `{ package = ...; ... }` path which will be resolved with pkg.callPackage + + * or an `{ import = ...; ... }` path which will be imported. + + Within that context and additional optional `attr` attribute path is resolved. + + E.g. + ```nix + { + type = "Nix"; + import = "./nix/sources.nix"; + attr = "myPackage.release"; + } + ``` + */ + resolveNix = { type, ... } @ source: + assert type == "Nix"; + + let attrs = + if source ? package + then pkgs.callPackage (./. + "/${source.package}") {} + else if source ? "import" + then import (./. + ''/${source."import"}'') + else builtins.throw "Neither import nor package in nix source."; + attrPath = lib.splitString "." source.attr; + sourceDerivation = + if source ? attr + then lib.attrByPath + attrPath + (builtins.throw + '' + Did not find attribute '${source.attr or ""}' + in '${source.package or source.import or "missing file"}'. + '') + attrs + else attrs; + in + sourceDerivation; + + downloadFromCratesIo = { type, name, version, sha256 }: + assert type == "CratesIo"; + + let archive = pkgs.fetchurl { + name = "${name}-${version}.tar.gz"; + url = "https://crates.io/api/v1/crates/${name}/${version}/download"; + inherit sha256; + }; + in pkgs.runCommand (lib.removeSuffix ".tar.gz" name) {} + '' + mkdir -p $out + tar -xzf ${archive} --strip-components=1 -C $out + ''; + }; +} + diff --git a/nix/pkgs/cryptobox/crate2nix.json b/nix/pkgs/cryptobox/crate2nix.json new file mode 100644 index 00000000000..7cd2843f097 --- /dev/null +++ b/nix/pkgs/cryptobox/crate2nix.json @@ -0,0 +1,10 @@ +{ + "sources": { + "cryptobox-c": { + "type": "Git", + "url": "https://github.com/wireapp/cryptobox-c", + "rev": "4067ad96b125942545dbdec8c1a89f1e1b65d013", + "sha256": "1i9dlhw0xk1viglyhail9fb36v1awrypps8jmhrkz8k1bhx98ci3" + } + } +} \ No newline at end of file diff --git a/nix/pkgs/cryptobox/default.nix b/nix/pkgs/cryptobox/default.nix index 98d5adf8aa3..c5c4311c0c5 100644 --- a/nix/pkgs/cryptobox/default.nix +++ b/nix/pkgs/cryptobox/default.nix @@ -1,38 +1,38 @@ -{ fetchFromGitHub -, lib +{ pkgs , libsodium , pkg-config -, rustPlatform -, stdenv +, runCommand }: -rustPlatform.buildRustPackage rec { - pname = "cryptobox-c"; - version = "2019-06-17"; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libsodium ]; - src = fetchFromGitHub { - owner = "wireapp"; - repo = "cryptobox-c"; - rev = "4067ad96b125942545dbdec8c1a89f1e1b65d013"; - sha256 = "1i9dlhw0xk1viglyhail9fb36v1awrypps8jmhrkz8k1bhx98ci3"; - }; - patchLibs = lib.optionalString stdenv.isDarwin '' - install_name_tool -id $out/lib/libcryptobox.dylib $out/lib/libcryptobox.dylib - ''; +let + # load the crate2nix crate tree + crates = import ./Cargo.nix { + inherit pkgs; + nixpkgs = pkgs.path; - cargoLock = { - lockFile = "${src}/Cargo.lock"; - outputHashes = { - "cryptobox-1.0.0" = "sha256-Ewo+FtEGTZ4/U7Ow6mGTQkxS4IQYcEthr5/xG9BRTWk="; - "hkdf-0.2.0" = "sha256-cdgR94c40JFIjBf8NfZPXPGLU60BlAZX/SQnRHAXGOg="; - "proteus-1.0.0" = "sha256-ppMt56RY5K3rOwO7MEdY6d3t96sbHZzDB/nPNNp35DY="; + # per-crate overrides + defaultCrateOverrides = pkgs.defaultCrateOverrides // { + libsodium-sys = prev: { + nativeBuildInputs = prev.nativeBuildInputs or [ ] ++ [ pkg-config ]; + buildInputs = [ libsodium ]; + }; }; }; - postInstall = '' - ${patchLibs} - mkdir -p $out/include - cp src/cbox.h $out/include - ''; -} + rootCrate = crates.rootCrate.build; + +in + +# HACK: rather than providing the multi-output crate output, expose a single- + # output structure in the format expected by cryptobox-haskell. + # Note it expects the .so file to be called libcryptobox.so, not + # libcryptobox_c.so, and the cbox.h to be present. + # In the future, we might want to rework this to instead have cryptobox-c crate + # emit a .pc file, and all downstream tooling use pkg-config to discover things, + # but today is not that day. +runCommand "cryptobox" { } '' + mkdir -p $out/lib $out/include + cp ${rootCrate.lib}/lib/libcryptobox_c* $out/lib/ + ln -sfn libcryptobox_c.so $out/lib/libcryptobox.so + cp ${rootCrate.src}/src/cbox.h $out/include +'' From c5f8ee0a8cd2db9225334e5f2983c163ba0b9d3a Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 11:59:38 +0200 Subject: [PATCH 021/177] mls-test-cli: remove dead code, nixpkgs-fmt These function args are unused. --- nix/pkgs/mls-test-cli/default.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/nix/pkgs/mls-test-cli/default.nix b/nix/pkgs/mls-test-cli/default.nix index 2ba2d126575..f4b921dea1c 100644 --- a/nix/pkgs/mls-test-cli/default.nix +++ b/nix/pkgs/mls-test-cli/default.nix @@ -1,9 +1,5 @@ { fetchFromGitHub -, libsodium -, perl -, pkg-config , rustPlatform -, gitMinimal }: let @@ -15,7 +11,8 @@ let sha256 = "sha256-J9M8w3GJnULH3spKEuPGCL/t43zb2Wd+YfZ0LY3YITo="; }; cargoLockFile = builtins.toFile "cargo.lock" (builtins.readFile "${src}/Cargo.lock"); -in rustPlatform.buildRustPackage rec { +in +rustPlatform.buildRustPackage rec { name = "mls-test-cli-${version}"; inherit version src; From bcad6e7043e0e66623bedfcf6fc4635795116994 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 11:59:59 +0200 Subject: [PATCH 022/177] mls-test-cli: add TODO --- nix/pkgs/mls-test-cli/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nix/pkgs/mls-test-cli/default.nix b/nix/pkgs/mls-test-cli/default.nix index f4b921dea1c..8f874b56b90 100644 --- a/nix/pkgs/mls-test-cli/default.nix +++ b/nix/pkgs/mls-test-cli/default.nix @@ -2,6 +2,8 @@ , rustPlatform }: +# TODO: migrate to crate2nix once +# https://github.com/nix-community/crate2nix/issues/310 is fixed let version = "0.7.0"; src = fetchFromGitHub { From f905fae8b6ed0fdeac7a0ceb4a1d72c353d151ca Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 12:05:21 +0200 Subject: [PATCH 023/177] libs/libzauth/libzauth-c: run crate2nix generate --- libs/libzauth/libzauth-c/Cargo.nix | 3623 ++++++++++++++++++++ libs/libzauth/libzauth-c/crate-hashes.json | 3 + 2 files changed, 3626 insertions(+) create mode 100644 libs/libzauth/libzauth-c/Cargo.nix create mode 100644 libs/libzauth/libzauth-c/crate-hashes.json diff --git a/libs/libzauth/libzauth-c/Cargo.nix b/libs/libzauth/libzauth-c/Cargo.nix new file mode 100644 index 00000000000..4706945a419 --- /dev/null +++ b/libs/libzauth/libzauth-c/Cargo.nix @@ -0,0 +1,3623 @@ + +# This file was @generated by crate2nix 0.10.0 with the command: +# "generate" +# See https://github.com/kolloch/crate2nix for more info. + +{ nixpkgs ? +, pkgs ? import nixpkgs { config = {}; } +, lib ? pkgs.lib +, stdenv ? pkgs.stdenv +, buildRustCrateForPkgs ? if buildRustCrate != null + then lib.warn "crate2nix: Passing `buildRustCrate` as argument to Cargo.nix is deprecated. If you don't customize `buildRustCrate`, replace `callPackage ./Cargo.nix {}` by `import ./Cargo.nix { inherit pkgs; }`, and if you need to customize `buildRustCrate`, use `buildRustCrateForPkgs` instead." (_: buildRustCrate) + else pkgs: pkgs.buildRustCrate + # Deprecated +, buildRustCrate ? null + # This is used as the `crateOverrides` argument for `buildRustCrate`. +, defaultCrateOverrides ? pkgs.defaultCrateOverrides + # The features to enable for the root_crate or the workspace_members. +, rootFeatures ? [ "default" ] + # If true, throw errors instead of issueing deprecation warnings. +, strictDeprecation ? false + # Used for conditional compilation based on CPU feature detection. +, targetFeatures ? [] + # Whether to perform release builds: longer compile times, faster binaries. +, release ? true + # Additional crate2nix configuration if it exists. +, crateConfig + ? if builtins.pathExists ./crate-config.nix + then pkgs.callPackage ./crate-config.nix {} + else {} +}: + +rec { + # + # "public" attributes that we attempt to keep stable with new versions of crate2nix. + # + + rootCrate = rec { + packageId = "zauth-c"; + + # Use this attribute to refer to the derivation building your root crate package. + # You can override the features with rootCrate.build.override { features = [ "default" "feature1" ... ]; }. + build = internal.buildRustCrateWithFeatures { + inherit packageId; + }; + + # Debug support which might change between releases. + # File a bug if you depend on any for non-debug work! + debug = internal.debugCrate { inherit packageId; }; + }; + # Refer your crate build derivation by name here. + # You can override the features with + # workspaceMembers."${crateName}".build.override { features = [ "default" "feature1" ... ]; }. + workspaceMembers = { + "zauth-c" = rec { + packageId = "zauth-c"; + build = internal.buildRustCrateWithFeatures { + packageId = "zauth-c"; + }; + + # Debug support which might change between releases. + # File a bug if you depend on any for non-debug work! + debug = internal.debugCrate { inherit packageId; }; + }; + }; + + # A derivation that joins the outputs of all workspace members together. + allWorkspaceMembers = pkgs.symlinkJoin { + name = "all-workspace-members"; + paths = + let members = builtins.attrValues workspaceMembers; + in builtins.map (m: m.build) members; + }; + + # + # "internal" ("private") attributes that may change in every new version of crate2nix. + # + + internal = rec { + # Build and dependency information for crates. + # Many of the fields are passed one-to-one to buildRustCrate. + # + # Noteworthy: + # * `dependencies`/`buildDependencies`: similar to the corresponding fields for buildRustCrate. + # but with additional information which is used during dependency/feature resolution. + # * `resolvedDependencies`: the selected default features reported by cargo - only included for debugging. + # * `devDependencies` as of now not used by `buildRustCrate` but used to + # inject test dependencies into the build + + crates = { + "aho-corasick" = rec { + crateName = "aho-corasick"; + version = "0.7.19"; + edition = "2018"; + sha256 = "0knl5n9f396068qk4zrvhcf01d5qp9ja2my4j7ywny093bcmpxdl"; + libName = "aho_corasick"; + authors = [ + "Andrew Gallant " + ]; + dependencies = [ + { + name = "memchr"; + packageId = "memchr"; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "std" ]; + "std" = [ "memchr/std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "anyhow" = rec { + crateName = "anyhow"; + version = "1.0.69"; + edition = "2018"; + sha256 = "007q0cw3zv8y5314c41vjyqznrqvim5ydv0306wy9mn34zbznji2"; + authors = [ + "David Tolnay " + ]; + features = { + "backtrace" = [ "dep:backtrace" ]; + "default" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "asexp" = rec { + crateName = "asexp"; + version = "0.3.2"; + edition = "2018"; + sha256 = "0li6h191ppfyrsv6iwppbaxsmcbpc3sb2b8wgwq4g2bmrrhqfdjy"; + authors = [ + "Michael Neumann " + ]; + + }; + "autocfg" = rec { + crateName = "autocfg"; + version = "1.1.0"; + edition = "2015"; + sha256 = "1ylp3cb47ylzabimazvbz9ms6ap784zhb6syaz6c1jqpmcmq0s6l"; + authors = [ + "Josh Stone " + ]; + + }; + "base16ct" = rec { + crateName = "base16ct"; + version = "0.1.1"; + edition = "2021"; + sha256 = "1klccxr7igf73wpi0x3asjd8n0xjg0v6a7vxgvfk5ybvgh1hd6il"; + authors = [ + "RustCrypto Developers" + ]; + features = { + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; + "base64" = rec { + crateName = "base64"; + version = "0.21.0"; + edition = "2021"; + sha256 = "0sidjip5b33sr6w7kasfj9qxpbda41nw0x4gjjk55g55a6mdv954"; + authors = [ + "Alice Maz " + "Marshall Pierce " + ]; + features = { + "default" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "base64ct" = rec { + crateName = "base64ct"; + version = "1.5.3"; + edition = "2021"; + sha256 = "1gq7avqyrskz0an97fv68sn00nczlk0wp0ag3c8vdk1f2a4s0idn"; + authors = [ + "RustCrypto Developers" + ]; + features = { + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; + "binstring" = rec { + crateName = "binstring"; + version = "0.1.1"; + edition = "2021"; + sha256 = "11bsghizyz2xwxmqvsj7hlxs6qp180kl2vr0n4n7484k7nbn03by"; + authors = [ + "Frank Denis " + ]; + + }; + "block-buffer" = rec { + crateName = "block-buffer"; + version = "0.10.3"; + edition = "2018"; + sha256 = "0zmy5vjwa6pbrhlgk94jg2pz08w5dd9nw2j7jfwrg3s96w3y5k39"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "generic-array"; + packageId = "generic-array"; + } + ]; + + }; + "bumpalo" = rec { + crateName = "bumpalo"; + version = "3.12.0"; + edition = "2021"; + sha256 = "0damxqdgqqzp3zyfwvbrg5hzx39kqgxnxl3yyq3kk4ald0jiw9hd"; + authors = [ + "Nick Fitzgerald " + ]; + features = { + }; + resolvedDefaultFeatures = [ "default" ]; + }; + "byteorder" = rec { + crateName = "byteorder"; + version = "1.4.3"; + edition = "2018"; + sha256 = "0456lv9xi1a5bcm32arknf33ikv76p3fr9yzki4lb2897p2qkh8l"; + authors = [ + "Andrew Gallant " + ]; + features = { + "default" = [ "std" ]; + }; + }; + "cc" = rec { + crateName = "cc"; + version = "1.0.73"; + edition = "2018"; + crateBin = []; + sha256 = "04ccylrjq94jssh8f7d7hxv64gs9f1m1jrsxb7wqgfxk4xljmzrg"; + authors = [ + "Alex Crichton " + ]; + features = { + "jobserver" = [ "dep:jobserver" ]; + "parallel" = [ "jobserver" ]; + }; + }; + "cfg-if" = rec { + crateName = "cfg-if"; + version = "1.0.0"; + edition = "2018"; + sha256 = "1za0vb97n4brpzpv8lsbnzmq5r8f2b0cpqqr0sy8h5bn751xxwds"; + authors = [ + "Alex Crichton " + ]; + features = { + "compiler_builtins" = [ "dep:compiler_builtins" ]; + "core" = [ "dep:core" ]; + "rustc-dep-of-std" = [ "core" "compiler_builtins" ]; + }; + }; + "coarsetime" = rec { + crateName = "coarsetime"; + version = "0.1.22"; + edition = "2018"; + sha256 = "0ihfdyavcqanmxir9g6jbjwvqw3apk8lqnv59j043q9r0i83hh25"; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + target = { target, features }: (!(target."os" == "wasi")); + } + { + name = "once_cell"; + packageId = "once_cell"; + } + { + name = "wasi"; + packageId = "wasi"; + target = { target, features }: (target."os" == "wasi"); + } + { + name = "wasm-bindgen"; + packageId = "wasm-bindgen"; + target = { target, features }: (((target."arch" == "wasm32") || (target."arch" == "wasm64")) && (target."os" == "unknown")); + } + ]; + features = { + }; + }; + "const-oid" = rec { + crateName = "const-oid"; + version = "0.9.1"; + edition = "2021"; + sha256 = "0fyxvwnl3x6bxhy08a3g4ryf8mky6wnhwd6ll4g6mjxgfnk1ihyf"; + authors = [ + "RustCrypto Developers" + ]; + features = { + }; + }; + "cpufeatures" = rec { + crateName = "cpufeatures"; + version = "0.2.5"; + edition = "2018"; + sha256 = "08535izlz4kx8z1kkcp0gy80gqk7k19dqiiysj6r5994bsyrgn98"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + target = { target, features }: (stdenv.hostPlatform.config == "aarch64-apple-darwin"); + } + { + name = "libc"; + packageId = "libc"; + target = { target, features }: (stdenv.hostPlatform.config == "aarch64-linux-android"); + } + { + name = "libc"; + packageId = "libc"; + target = { target, features }: ((target."arch" == "aarch64") && (target."os" == "linux")); + } + ]; + + }; + "crypto-bigint" = rec { + crateName = "crypto-bigint"; + version = "0.4.9"; + edition = "2021"; + sha256 = "1vqprgj0aj1340w186zyspi58397ih78jsc0iydvhs6zrlilnazg"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "generic-array"; + packageId = "generic-array"; + optional = true; + } + { + name = "rand_core"; + packageId = "rand_core"; + optional = true; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "rand_core"; + packageId = "rand_core"; + features = [ "std" ]; + } + ]; + features = { + "default" = [ "rand" ]; + "der" = [ "dep:der" ]; + "generic-array" = [ "dep:generic-array" ]; + "rand" = [ "rand_core/std" ]; + "rand_core" = [ "dep:rand_core" ]; + "rlp" = [ "dep:rlp" ]; + "serde" = [ "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "generic-array" "rand_core" "zeroize" ]; + }; + "crypto-common" = rec { + crateName = "crypto-common"; + version = "0.1.6"; + edition = "2018"; + sha256 = "1cvby95a6xg7kxdz5ln3rl9xh66nz66w46mm3g56ri1z5x815yqv"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "generic-array"; + packageId = "generic-array"; + features = [ "more_lengths" ]; + } + { + name = "typenum"; + packageId = "typenum"; + } + ]; + features = { + "getrandom" = [ "rand_core/getrandom" ]; + "rand_core" = [ "dep:rand_core" ]; + }; + resolvedDefaultFeatures = [ "std" ]; + }; + "ct-codecs" = rec { + crateName = "ct-codecs"; + version = "1.1.1"; + edition = "2018"; + sha256 = "1pvmrkk95jadmhhd5mn88mq2dfnq0yng8mk3pfd5l6dq0i2fpdzk"; + authors = [ + "Frank Denis " + ]; + features = { + "default" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "der" = rec { + crateName = "der"; + version = "0.6.1"; + edition = "2021"; + sha256 = "1pnl3y52m1s6srxpfrfbazf6qilzq8fgksk5dv79nxaybjk6g97i"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "const-oid"; + packageId = "const-oid"; + optional = true; + } + { + name = "pem-rfc7468"; + packageId = "pem-rfc7468"; + optional = true; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + features = [ "alloc" ]; + } + ]; + features = { + "const-oid" = [ "dep:const-oid" ]; + "der_derive" = [ "dep:der_derive" ]; + "derive" = [ "der_derive" ]; + "flagset" = [ "dep:flagset" ]; + "oid" = [ "const-oid" ]; + "pem" = [ "alloc" "pem-rfc7468/alloc" "zeroize" ]; + "pem-rfc7468" = [ "dep:pem-rfc7468" ]; + "std" = [ "alloc" ]; + "time" = [ "dep:time" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "alloc" "const-oid" "oid" "pem" "pem-rfc7468" "std" "zeroize" ]; + }; + "digest" = rec { + crateName = "digest"; + version = "0.10.6"; + edition = "2018"; + sha256 = "0vz74785s96g727vg37iwkjvbkcfzp093j49ihhyf8sh9s7kfs41"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "block-buffer"; + packageId = "block-buffer"; + optional = true; + } + { + name = "const-oid"; + packageId = "const-oid"; + optional = true; + } + { + name = "crypto-common"; + packageId = "crypto-common"; + } + { + name = "subtle"; + packageId = "subtle"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "blobby" = [ "dep:blobby" ]; + "block-buffer" = [ "dep:block-buffer" ]; + "const-oid" = [ "dep:const-oid" ]; + "core-api" = [ "block-buffer" ]; + "default" = [ "core-api" ]; + "dev" = [ "blobby" ]; + "mac" = [ "subtle" ]; + "oid" = [ "const-oid" ]; + "rand_core" = [ "crypto-common/rand_core" ]; + "std" = [ "alloc" "crypto-common/std" ]; + "subtle" = [ "dep:subtle" ]; + }; + resolvedDefaultFeatures = [ "alloc" "block-buffer" "const-oid" "core-api" "default" "mac" "oid" "std" "subtle" ]; + }; + "ecdsa" = rec { + crateName = "ecdsa"; + version = "0.15.1"; + edition = "2021"; + sha256 = "0zk3nz2qlczayd8w7zp3nh1skxh5nvrk1l16m62l3msab50l310j"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "der"; + packageId = "der"; + optional = true; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "digest" "sec1" ]; + } + { + name = "rfc6979"; + packageId = "rfc6979"; + optional = true; + } + { + name = "signature"; + packageId = "signature 2.0.0"; + usesDefaultFeatures = false; + features = [ "rand_core" ]; + } + ]; + devDependencies = [ + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "signature/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "default" = [ "digest" ]; + "der" = [ "dep:der" ]; + "dev" = [ "arithmetic" "digest" "elliptic-curve/dev" "hazmat" ]; + "digest" = [ "signature/digest" ]; + "pem" = [ "elliptic-curve/pem" "pkcs8" ]; + "pkcs8" = [ "elliptic-curve/pkcs8" "der" ]; + "rfc6979" = [ "dep:rfc6979" ]; + "serde" = [ "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "signing" = [ "arithmetic" "digest" "hazmat" "rfc6979" ]; + "std" = [ "alloc" "elliptic-curve/std" "signature/std" ]; + "verifying" = [ "arithmetic" "digest" "hazmat" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "der" "digest" "hazmat" "pem" "pkcs8" "rfc6979" "signing" "std" "verifying" ]; + }; + "ed25519" = rec { + crateName = "ed25519"; + version = "1.5.3"; + edition = "2021"; + sha256 = "1rzydm5wd8szkddx3g55w4vm86y1ika8qp8qwckada5vf1fg7kwi"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "signature"; + packageId = "signature 1.6.4"; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "pkcs8/alloc" ]; + "default" = [ "std" ]; + "pem" = [ "pkcs8/pem" ]; + "pkcs8" = [ "dep:pkcs8" ]; + "serde" = [ "dep:serde" ]; + "serde_bytes" = [ "serde" "serde_bytes_crate" "std" ]; + "serde_bytes_crate" = [ "dep:serde_bytes_crate" ]; + "std" = [ "signature/std" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + }; + "ed25519-compact" = rec { + crateName = "ed25519-compact"; + version = "2.0.4"; + edition = "2018"; + sha256 = "0k4y7bjl5g0l871iav4zj35qx047n0a4qsvhr28p6434hhp3hgba"; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "ct-codecs"; + packageId = "ct-codecs"; + optional = true; + } + { + name = "getrandom"; + packageId = "getrandom"; + optional = true; + } + ]; + devDependencies = [ + { + name = "ct-codecs"; + packageId = "ct-codecs"; + } + { + name = "getrandom"; + packageId = "getrandom"; + } + ]; + features = { + "ct-codecs" = [ "dep:ct-codecs" ]; + "default" = [ "random" "std" "x25519" "pem" ]; + "ed25519" = [ "dep:ed25519" ]; + "getrandom" = [ "dep:getrandom" ]; + "pem" = [ "ct-codecs" ]; + "random" = [ "getrandom" ]; + "traits" = [ "ed25519" ]; + }; + resolvedDefaultFeatures = [ "ct-codecs" "default" "getrandom" "pem" "random" "std" "x25519" ]; + }; + "elliptic-curve" = rec { + crateName = "elliptic-curve"; + version = "0.12.3"; + edition = "2021"; + sha256 = "1lwi108mh6drw5nzqzlz7ighdba5qxdg5vmwwnw1j2ihnn58ifz7"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base16ct"; + packageId = "base16ct"; + } + { + name = "crypto-bigint"; + packageId = "crypto-bigint"; + usesDefaultFeatures = false; + features = [ "rand_core" "generic-array" "zeroize" ]; + } + { + name = "der"; + packageId = "der"; + usesDefaultFeatures = false; + features = [ "oid" ]; + } + { + name = "digest"; + packageId = "digest"; + optional = true; + } + { + name = "ff"; + packageId = "ff"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "generic-array"; + packageId = "generic-array"; + usesDefaultFeatures = false; + } + { + name = "group"; + packageId = "group"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "hkdf"; + packageId = "hkdf"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "pem-rfc7468"; + packageId = "pem-rfc7468"; + optional = true; + } + { + name = "pkcs8"; + packageId = "pkcs8"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "sec1"; + packageId = "sec1"; + optional = true; + features = [ "subtle" "zeroize" ]; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "base16ct/alloc" "der/alloc" "sec1/alloc" "zeroize/alloc" ]; + "arithmetic" = [ "ff" "group" ]; + "base64ct" = [ "dep:base64ct" ]; + "bits" = [ "arithmetic" "ff/bits" ]; + "default" = [ "arithmetic" ]; + "dev" = [ "arithmetic" "hex-literal" "pem" "pkcs8" ]; + "digest" = [ "dep:digest" ]; + "ecdh" = [ "arithmetic" "digest" "hkdf" ]; + "ff" = [ "dep:ff" ]; + "group" = [ "dep:group" ]; + "hash2curve" = [ "arithmetic" "digest" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "hkdf" = [ "dep:hkdf" ]; + "jwk" = [ "alloc" "base64ct/alloc" "serde" "serde_json" "zeroize/alloc" ]; + "pem" = [ "alloc" "arithmetic" "der/pem" "pem-rfc7468/alloc" "pkcs8" "sec1/pem" ]; + "pem-rfc7468" = [ "dep:pem-rfc7468" ]; + "pkcs8" = [ "dep:pkcs8" ]; + "sec1" = [ "dep:sec1" ]; + "serde" = [ "alloc" "pkcs8" "sec1/serde" "serdect" ]; + "serde_json" = [ "dep:serde_json" ]; + "serdect" = [ "dep:serdect" ]; + "std" = [ "alloc" "rand_core/std" ]; + "voprf" = [ "digest" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "digest" "ecdh" "ff" "group" "hazmat" "hkdf" "pem" "pem-rfc7468" "pkcs8" "sec1" "std" ]; + }; + "ff" = rec { + crateName = "ff"; + version = "0.12.1"; + edition = "2021"; + sha256 = "0q3imz4m3dj2cy182i20wa8kbclgj13ddfngqb2miicc6cjzq4yh"; + authors = [ + "Sean Bowe " + "Jack Grigg " + ]; + dependencies = [ + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + features = [ "i128" ]; + } + ]; + features = { + "bits" = [ "bitvec" ]; + "bitvec" = [ "dep:bitvec" ]; + "byteorder" = [ "dep:byteorder" ]; + "default" = [ "bits" "std" ]; + "derive" = [ "byteorder" "ff_derive" ]; + "derive_bits" = [ "bits" "ff_derive/bits" ]; + "ff_derive" = [ "dep:ff_derive" ]; + "std" = [ "alloc" ]; + }; + }; + "generic-array" = rec { + crateName = "generic-array"; + version = "0.14.6"; + edition = "2015"; + sha256 = "1fgi07v268jd0mr6xc42rjbq0wzl8ngsgp5b8wj33wwpfaa9xx5z"; + libName = "generic_array"; + authors = [ + "Bartłomiej Kamiński " + "Aaron Trent " + ]; + dependencies = [ + { + name = "typenum"; + packageId = "typenum"; + } + ]; + buildDependencies = [ + { + name = "version_check"; + packageId = "version_check"; + } + ]; + features = { + "serde" = [ "dep:serde" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "more_lengths" ]; + }; + "getrandom" = rec { + crateName = "getrandom"; + version = "0.2.8"; + edition = "2018"; + sha256 = "0cbb766pcyi7sws0fnp1pxkz0nhiya0ckallq502bxmq49mfnnn0"; + authors = [ + "The Rand Project Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "libc"; + packageId = "libc"; + usesDefaultFeatures = false; + target = { target, features }: (target."unix" or false); + } + { + name = "wasi"; + packageId = "wasi"; + target = { target, features }: (target."os" == "wasi"); + } + ]; + features = { + "compiler_builtins" = [ "dep:compiler_builtins" ]; + "core" = [ "dep:core" ]; + "js" = [ "wasm-bindgen" "js-sys" ]; + "js-sys" = [ "dep:js-sys" ]; + "rustc-dep-of-std" = [ "compiler_builtins" "core" "libc/rustc-dep-of-std" "wasi/rustc-dep-of-std" ]; + "wasm-bindgen" = [ "dep:wasm-bindgen" ]; + }; + resolvedDefaultFeatures = [ "std" ]; + }; + "group" = rec { + crateName = "group"; + version = "0.12.1"; + edition = "2021"; + sha256 = "1ixspxqdpq0hxg0hd9s6rngrp6rll21v4jjnr7ar1lzvdhxgpysx"; + authors = [ + "Sean Bowe " + "Jack Grigg " + ]; + dependencies = [ + { + name = "ff"; + packageId = "ff"; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "alloc" ]; + "memuse" = [ "dep:memuse" ]; + "rand" = [ "dep:rand" ]; + "rand_xorshift" = [ "dep:rand_xorshift" ]; + "tests" = [ "alloc" "rand" "rand_xorshift" ]; + "wnaf-memuse" = [ "alloc" "memuse" ]; + }; + }; + "hkdf" = rec { + crateName = "hkdf"; + version = "0.12.3"; + edition = "2018"; + sha256 = "0dyl16cf15hka32hv3l7dwgr3xj3brpfr27iyrbpdhlzdfgh46kr"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "hmac"; + packageId = "hmac"; + } + ]; + features = { + "std" = [ "hmac/std" ]; + }; + }; + "hmac" = rec { + crateName = "hmac"; + version = "0.12.1"; + edition = "2018"; + sha256 = "0pmbr069sfg76z7wsssfk5ddcqd9ncp79fyz6zcm6yn115yc6jbc"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "digest"; + packageId = "digest"; + features = [ "mac" ]; + } + ]; + devDependencies = [ + { + name = "digest"; + packageId = "digest"; + features = [ "dev" ]; + } + ]; + features = { + "std" = [ "digest/std" ]; + }; + resolvedDefaultFeatures = [ "reset" ]; + }; + "hmac-sha1-compact" = rec { + crateName = "hmac-sha1-compact"; + version = "1.1.3"; + edition = "2018"; + sha256 = "1frr8bam0m8c42qvvh5hchzg46a2x96260fad0xhrqkq00549qh5"; + authors = [ + "Frank Denis " + ]; + features = { + "digest010" = [ "dep:digest010" ]; + "digest09" = [ "dep:digest09" ]; + "traits" = [ "traits09" "traits010" ]; + "traits010" = [ "digest010" ]; + "traits09" = [ "digest09" ]; + }; + resolvedDefaultFeatures = [ "default" ]; + }; + "hmac-sha256" = rec { + crateName = "hmac-sha256"; + version = "1.1.6"; + edition = "2018"; + sha256 = "1zhvszjzmi9q4prl2sw4mh9rks917j5rixnm9jmdscfbma8n0wzw"; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "digest"; + packageId = "digest"; + rename = "digest010"; + optional = true; + features = [ "oid" ]; + } + ]; + features = { + "digest010" = [ "dep:digest010" ]; + "digest09" = [ "dep:digest09" ]; + "traits" = [ "traits09" "traits010" ]; + "traits010" = [ "digest010" ]; + "traits09" = [ "digest09" ]; + }; + resolvedDefaultFeatures = [ "default" "digest010" "traits010" ]; + }; + "hmac-sha512" = rec { + crateName = "hmac-sha512"; + version = "1.1.4"; + edition = "2018"; + sha256 = "0lfi6kvxwnm6j5m7cfm6w3421985nr8yb4awpilicrj0c0zrq32j"; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "digest"; + packageId = "digest"; + rename = "digest010"; + optional = true; + features = [ "oid" ]; + } + ]; + features = { + "default" = [ "sha384" ]; + "digest010" = [ "dep:digest010" ]; + "digest09" = [ "dep:digest09" ]; + "traits" = [ "traits09" "traits010" ]; + "traits010" = [ "digest010" ]; + "traits09" = [ "digest09" ]; + }; + resolvedDefaultFeatures = [ "default" "digest010" "sha384" "traits010" ]; + }; + "itoa" = rec { + crateName = "itoa"; + version = "1.0.5"; + edition = "2018"; + sha256 = "0h343sak699ci49anaa7l3p94b9kcc4ypaqwcam6qsz8p7s85mgs"; + authors = [ + "David Tolnay " + ]; + features = { + "no-panic" = [ "dep:no-panic" ]; + }; + }; + "jwt-simple" = rec { + crateName = "jwt-simple"; + version = "0.11.3"; + edition = "2018"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/rust-jwt-simple"; + rev = "15a69f82288d68b74a75c1364e5d4bf681f1c07b"; + sha256 = "1ms7bym5j3gvn10gdbacai7v5dsdw8cf747py7igg5almk105n0z"; + }; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "anyhow"; + packageId = "anyhow"; + } + { + name = "binstring"; + packageId = "binstring"; + } + { + name = "coarsetime"; + packageId = "coarsetime"; + } + { + name = "ct-codecs"; + packageId = "ct-codecs"; + } + { + name = "ed25519-compact"; + packageId = "ed25519-compact"; + features = [ "pem" ]; + } + { + name = "hmac-sha1-compact"; + packageId = "hmac-sha1-compact"; + } + { + name = "hmac-sha256"; + packageId = "hmac-sha256"; + features = [ "traits010" ]; + } + { + name = "hmac-sha512"; + packageId = "hmac-sha512"; + features = [ "traits010" "sha384" ]; + } + { + name = "k256"; + packageId = "k256"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "p256"; + packageId = "p256"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "p384"; + packageId = "p384"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "rand"; + packageId = "rand"; + } + { + name = "rsa"; + packageId = "rsa"; + } + { + name = "serde"; + packageId = "serde"; + features = [ "derive" ]; + } + { + name = "serde_json"; + packageId = "serde_json"; + } + { + name = "spki"; + packageId = "spki"; + } + { + name = "thiserror"; + packageId = "thiserror"; + } + { + name = "zeroize"; + packageId = "zeroize"; + } + ]; + features = { + "ciborium" = [ "dep:ciborium" ]; + "cwt" = [ "ciborium" ]; + }; + }; + "k256" = rec { + crateName = "k256"; + version = "0.12.0"; + edition = "2021"; + sha256 = "15rk834ksg9jw96kh6hwiyv94i5qy6brw784rwmjcb5pyc7mx9cj"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "ecdsa"; + packageId = "ecdsa"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "once_cell"; + packageId = "once_cell"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "signature"; + packageId = "signature 2.0.0"; + optional = true; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "critical-section" = [ "once_cell/critical-section" "precomputed-tables" ]; + "default" = [ "arithmetic" "ecdsa" "pkcs8" "precomputed-tables" "schnorr" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "once_cell" = [ "dep:once_cell" ]; + "pem" = [ "ecdsa-core/pem" "elliptic-curve/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core/pkcs8" "elliptic-curve/pkcs8" ]; + "precomputed-tables" = [ "arithmetic" "once_cell" ]; + "schnorr" = [ "arithmetic" "sha256" "signature" ]; + "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha256" = [ "digest" "sha2" ]; + "signature" = [ "dep:signature" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" "once_cell?/std" ]; + "test-vectors" = [ "hex-literal" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "once_cell" "pem" "pkcs8" "precomputed-tables" "schnorr" "sha2" "sha256" "signature" "std" ]; + }; + "lazy_static" = rec { + crateName = "lazy_static"; + version = "1.4.0"; + edition = "2015"; + sha256 = "0in6ikhw8mgl33wjv6q6xfrb5b9jr16q8ygjy803fay4zcisvaz2"; + authors = [ + "Marvin Löbel " + ]; + dependencies = [ + { + name = "spin"; + packageId = "spin"; + optional = true; + } + ]; + features = { + "spin" = [ "dep:spin" ]; + "spin_no_std" = [ "spin" ]; + }; + resolvedDefaultFeatures = [ "spin" "spin_no_std" ]; + }; + "libc" = rec { + crateName = "libc"; + version = "0.2.125"; + edition = "2015"; + sha256 = "0axwhkyv58vx7i1sri4cqlnj77f0cn6pmbcip2zyjvcgd6pd45jr"; + authors = [ + "The Rust Project Developers" + ]; + features = { + "default" = [ "std" ]; + "rustc-dep-of-std" = [ "align" "rustc-std-workspace-core" ]; + "rustc-std-workspace-core" = [ "dep:rustc-std-workspace-core" ]; + "use_std" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "libm" = rec { + crateName = "libm"; + version = "0.2.6"; + edition = "2018"; + sha256 = "1ywg7jfcgfv4jypxi3f6rpf7n9509ky695bfzy1fqhms7ymhi09l"; + authors = [ + "Jorge Aparicio " + ]; + features = { + "musl-reference-tests" = [ "rand" ]; + "rand" = [ "dep:rand" ]; + }; + resolvedDefaultFeatures = [ "default" ]; + }; + "libsodium-sys" = rec { + crateName = "libsodium-sys"; + version = "0.2.7"; + edition = "2015"; + sha256 = "1zcjka23grayr8kjrgbada6vwagp0kkni9m45v0gpbanrn3r6xvb"; + libName = "libsodium_sys"; + authors = [ + "dnaq" + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + usesDefaultFeatures = false; + } + ]; + buildDependencies = [ + { + name = "cc"; + packageId = "cc"; + target = {target, features}: (!(target."env" == "msvc")); + } + { + name = "libc"; + packageId = "libc"; + usesDefaultFeatures = false; + target = {target, features}: (target."env" == "msvc"); + } + { + name = "pkg-config"; + packageId = "pkg-config"; + } + { + name = "walkdir"; + packageId = "walkdir"; + } + ]; + features = { + }; + }; + "log" = rec { + crateName = "log"; + version = "0.4.17"; + edition = "2015"; + sha256 = "0biqlaaw1lsr8bpnmbcc0fvgjj34yy79ghqzyi0ali7vgil2xcdb"; + authors = [ + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + ]; + features = { + "kv_unstable" = [ "value-bag" ]; + "kv_unstable_serde" = [ "kv_unstable_std" "value-bag/serde" "serde" ]; + "kv_unstable_std" = [ "std" "kv_unstable" "value-bag/error" ]; + "kv_unstable_sval" = [ "kv_unstable" "value-bag/sval" "sval" ]; + "serde" = [ "dep:serde" ]; + "sval" = [ "dep:sval" ]; + "value-bag" = [ "dep:value-bag" ]; + }; + }; + "memchr" = rec { + crateName = "memchr"; + version = "2.5.0"; + edition = "2018"; + sha256 = "0vanfk5mzs1g1syqnj03q8n0syggnhn55dq535h2wxr7rwpfbzrd"; + authors = [ + "Andrew Gallant " + "bluss" + ]; + features = { + "compiler_builtins" = [ "dep:compiler_builtins" ]; + "core" = [ "dep:core" ]; + "default" = [ "std" ]; + "libc" = [ "dep:libc" ]; + "rustc-dep-of-std" = [ "core" "compiler_builtins" ]; + "use_std" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "num-bigint-dig" = rec { + crateName = "num-bigint-dig"; + version = "0.8.2"; + edition = "2021"; + sha256 = "01b9lnqkjgwr1fv8jlw8w8y8pf70h2h9panq969r0pxw793ck693"; + authors = [ + "dignifiedquire " + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "byteorder"; + packageId = "byteorder"; + usesDefaultFeatures = false; + } + { + name = "lazy_static"; + packageId = "lazy_static"; + usesDefaultFeatures = false; + features = [ "spin_no_std" ]; + } + { + name = "libm"; + packageId = "libm"; + } + { + name = "num-integer"; + packageId = "num-integer"; + usesDefaultFeatures = false; + features = [ "i128" ]; + } + { + name = "num-iter"; + packageId = "num-iter"; + usesDefaultFeatures = false; + } + { + name = "num-traits"; + packageId = "num-traits"; + usesDefaultFeatures = false; + features = [ "i128" ]; + } + { + name = "rand"; + packageId = "rand"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "smallvec"; + packageId = "smallvec"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "rand"; + packageId = "rand"; + features = [ "small_rng" ]; + } + ]; + features = { + "arbitrary" = [ "dep:arbitrary" ]; + "default" = [ "std" "u64_digit" ]; + "fuzz" = [ "arbitrary" "smallvec/arbitrary" ]; + "prime" = [ "rand/std_rng" ]; + "rand" = [ "dep:rand" ]; + "serde" = [ "dep:serde" ]; + "std" = [ "num-integer/std" "num-traits/std" "smallvec/write" "rand/std" "serde/std" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "i128" "prime" "rand" "u64_digit" "zeroize" ]; + }; + "num-integer" = rec { + crateName = "num-integer"; + version = "0.1.45"; + edition = "2015"; + sha256 = "1ncwavvwdmsqzxnn65phv6c6nn72pnv9xhpmjd6a429mzf4k6p92"; + authors = [ + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "num-traits"; + packageId = "num-traits"; + usesDefaultFeatures = false; + } + ]; + buildDependencies = [ + { + name = "autocfg"; + packageId = "autocfg"; + } + ]; + features = { + "default" = [ "std" ]; + "i128" = [ "num-traits/i128" ]; + "std" = [ "num-traits/std" ]; + }; + resolvedDefaultFeatures = [ "i128" ]; + }; + "num-iter" = rec { + crateName = "num-iter"; + version = "0.1.43"; + edition = "2015"; + sha256 = "0lp22isvzmmnidbq9n5kbdh8gj0zm3yhxv1ddsn5rp65530fc0vx"; + authors = [ + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "num-integer"; + packageId = "num-integer"; + usesDefaultFeatures = false; + } + { + name = "num-traits"; + packageId = "num-traits"; + usesDefaultFeatures = false; + } + ]; + buildDependencies = [ + { + name = "autocfg"; + packageId = "autocfg"; + } + ]; + features = { + "default" = [ "std" ]; + "i128" = [ "num-integer/i128" "num-traits/i128" ]; + "std" = [ "num-integer/std" "num-traits/std" ]; + }; + }; + "num-traits" = rec { + crateName = "num-traits"; + version = "0.2.15"; + edition = "2015"; + sha256 = "1kfdqqw2ndz0wx2j75v9nbjx7d3mh3150zs4p5595y02rwsdx3jp"; + authors = [ + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "libm"; + packageId = "libm"; + optional = true; + } + ]; + buildDependencies = [ + { + name = "autocfg"; + packageId = "autocfg"; + } + ]; + features = { + "default" = [ "std" ]; + "libm" = [ "dep:libm" ]; + }; + resolvedDefaultFeatures = [ "i128" "libm" ]; + }; + "once_cell" = rec { + crateName = "once_cell"; + version = "1.17.1"; + edition = "2021"; + sha256 = "1lrsy9c5ikf2iwxr4iwgd3rlq9mg8alh0np1g8abnvp1k4151rdp"; + authors = [ + "Aleksey Kladov " + ]; + features = { + "alloc" = [ "race" ]; + "atomic-polyfill" = [ "critical-section" ]; + "atomic_polyfill" = [ "dep:atomic_polyfill" ]; + "critical-section" = [ "critical_section" "atomic_polyfill" ]; + "critical_section" = [ "dep:critical_section" ]; + "default" = [ "std" ]; + "parking_lot" = [ "parking_lot_core" ]; + "parking_lot_core" = [ "dep:parking_lot_core" ]; + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" "default" "race" "std" ]; + }; + "p256" = rec { + crateName = "p256"; + version = "0.12.0"; + edition = "2021"; + sha256 = "0m8f1d0n69bvm4xpranhwv3nrvcq3lcfqn4cqsxbqhyfrfrj9ha9"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "primeorder"; + packageId = "primeorder"; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "default" = [ "arithmetic" "ecdsa" "pkcs8" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "pem" = [ "elliptic-curve/pem" "ecdsa-core/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core/pkcs8" "elliptic-curve/pkcs8" ]; + "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha256" = [ "digest" "sha2" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" ]; + "test-vectors" = [ "hex-literal" ]; + "voprf" = [ "elliptic-curve/voprf" "sha2" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha256" "std" ]; + }; + "p384" = rec { + crateName = "p384"; + version = "0.12.0"; + edition = "2021"; + sha256 = "1m6jw4zm5v9czk6ncbdzcdq82jsnby8a8qdfrz78wd0q4sdll2k3"; + authors = [ + "RustCrypto Developers" + "Frank Denis " + ]; + dependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "primeorder"; + packageId = "primeorder"; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" "elliptic-curve/digest" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "default" = [ "arithmetic" "ecdh" "ecdsa" "pem" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha384" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "pem" = [ "elliptic-curve/pem" "ecdsa-core/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core/pkcs8" "elliptic-curve/pkcs8" ]; + "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha384" = [ "digest" "sha2" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" ]; + "test-vectors" = [ "hex-literal" ]; + "voprf" = [ "elliptic-curve/voprf" "sha2" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdh" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha384" "std" ]; + }; + "pem-rfc7468" = rec { + crateName = "pem-rfc7468"; + version = "0.6.0"; + edition = "2021"; + sha256 = "1b5d8rvc4lgwxhs72m99fnrg0wq7bqh4x4wq0c7501ci7a1mkl94"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base64ct"; + packageId = "base64ct"; + } + ]; + features = { + "alloc" = [ "base64ct/alloc" ]; + "std" = [ "alloc" "base64ct/std" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; + "pkcs1" = rec { + crateName = "pkcs1"; + version = "0.4.1"; + edition = "2021"; + sha256 = "06gpasl1v2d2r74xa8vm72vqy6ryxjynwxna5s5cjk65vzdkpwzg"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "der"; + packageId = "der"; + features = [ "oid" ]; + } + { + name = "pkcs8"; + packageId = "pkcs8"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "spki"; + packageId = "spki"; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "der/alloc" "pkcs8/alloc" "zeroize/alloc" ]; + "pem" = [ "alloc" "der/pem" "pkcs8/pem" ]; + "pkcs8" = [ "dep:pkcs8" ]; + "std" = [ "der/std" "alloc" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "alloc" "pem" "pkcs8" "std" "zeroize" ]; + }; + "pkcs8" = rec { + crateName = "pkcs8"; + version = "0.9.0"; + edition = "2021"; + sha256 = "1fm4sigvcd0zpzg9jcp862a8p272kk08b9lgcs1dm1az19cjrjly"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "der"; + packageId = "der"; + features = [ "oid" ]; + } + { + name = "spki"; + packageId = "spki"; + } + ]; + features = { + "3des" = [ "encryption" "pkcs5/3des" ]; + "alloc" = [ "der/alloc" "der/zeroize" "spki/alloc" ]; + "des-insecure" = [ "encryption" "pkcs5/des-insecure" ]; + "encryption" = [ "alloc" "pkcs5/alloc" "pkcs5/pbes2" "rand_core" ]; + "getrandom" = [ "rand_core/getrandom" ]; + "pem" = [ "alloc" "der/pem" "spki/pem" ]; + "pkcs5" = [ "dep:pkcs5" ]; + "rand_core" = [ "dep:rand_core" ]; + "sha1" = [ "encryption" "pkcs5/sha1" ]; + "std" = [ "alloc" "der/std" "spki/std" ]; + "subtle" = [ "dep:subtle" ]; + }; + resolvedDefaultFeatures = [ "alloc" "pem" "std" ]; + }; + "pkg-config" = rec { + crateName = "pkg-config"; + version = "0.3.25"; + edition = "2015"; + sha256 = "1bh3vij79cshj884py4can1f8rvk52niaii1vwxya9q69gnc9y0x"; + authors = [ + "Alex Crichton " + ]; + + }; + "ppv-lite86" = rec { + crateName = "ppv-lite86"; + version = "0.2.17"; + edition = "2018"; + sha256 = "1pp6g52aw970adv3x2310n7glqnji96z0a9wiamzw89ibf0ayh2v"; + authors = [ + "The CryptoCorrosion Contributors" + ]; + features = { + "default" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "simd" "std" ]; + }; + "primeorder" = rec { + crateName = "primeorder"; + version = "0.12.1"; + edition = "2021"; + sha256 = "1cn5lh5pb1g7x9l0cq888qp6im36bg95pkqlyji6bfix3c9zfm0b"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "elliptic-curve"; + packageId = "elliptic-curve"; + usesDefaultFeatures = false; + features = [ "arithmetic" "sec1" ]; + } + ]; + features = { + "serde" = [ "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "std" = [ "elliptic-curve/std" ]; + }; + }; + "proc-macro2" = rec { + crateName = "proc-macro2"; + version = "1.0.51"; + edition = "2018"; + sha256 = "1mj9r146akd3ldfic70bzqr7hwxd35lr0h551yk1vlirbfp7qwjx"; + authors = [ + "David Tolnay " + "Alex Crichton " + ]; + dependencies = [ + { + name = "unicode-ident"; + packageId = "unicode-ident"; + } + ]; + features = { + "default" = [ "proc-macro" ]; + }; + resolvedDefaultFeatures = [ "default" "proc-macro" ]; + }; + "quote" = rec { + crateName = "quote"; + version = "1.0.23"; + edition = "2018"; + sha256 = "0ywwzw5xfwwgq62ihp4fbjbfdjb3ilss2vh3fka18ai59lvdhml8"; + authors = [ + "David Tolnay " + ]; + dependencies = [ + { + name = "proc-macro2"; + packageId = "proc-macro2"; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "proc-macro" ]; + "proc-macro" = [ "proc-macro2/proc-macro" ]; + }; + resolvedDefaultFeatures = [ "default" "proc-macro" ]; + }; + "rand" = rec { + crateName = "rand"; + version = "0.8.5"; + edition = "2018"; + sha256 = "013l6931nn7gkc23jz5mm3qdhf93jjf0fg64nz2lp4i51qd8vbrl"; + authors = [ + "The Rand Project Developers" + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + optional = true; + usesDefaultFeatures = false; + target = { target, features }: (target."unix" or false); + } + { + name = "rand_chacha"; + packageId = "rand_chacha"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + } + ]; + features = { + "alloc" = [ "rand_core/alloc" ]; + "default" = [ "std" "std_rng" ]; + "getrandom" = [ "rand_core/getrandom" ]; + "libc" = [ "dep:libc" ]; + "log" = [ "dep:log" ]; + "packed_simd" = [ "dep:packed_simd" ]; + "rand_chacha" = [ "dep:rand_chacha" ]; + "serde" = [ "dep:serde" ]; + "serde1" = [ "serde" "rand_core/serde1" ]; + "simd_support" = [ "packed_simd" ]; + "std" = [ "rand_core/std" "rand_chacha/std" "alloc" "getrandom" "libc" ]; + "std_rng" = [ "rand_chacha" ]; + }; + resolvedDefaultFeatures = [ "alloc" "default" "getrandom" "libc" "rand_chacha" "std" "std_rng" ]; + }; + "rand_chacha" = rec { + crateName = "rand_chacha"; + version = "0.3.1"; + edition = "2018"; + sha256 = "123x2adin558xbhvqb8w4f6syjsdkmqff8cxwhmjacpsl1ihmhg6"; + authors = [ + "The Rand Project Developers" + "The Rust Project Developers" + "The CryptoCorrosion Contributors" + ]; + dependencies = [ + { + name = "ppv-lite86"; + packageId = "ppv-lite86"; + usesDefaultFeatures = false; + features = [ "simd" ]; + } + { + name = "rand_core"; + packageId = "rand_core"; + } + ]; + features = { + "default" = [ "std" ]; + "serde" = [ "dep:serde" ]; + "serde1" = [ "serde" ]; + "std" = [ "ppv-lite86/std" ]; + }; + resolvedDefaultFeatures = [ "std" ]; + }; + "rand_core" = rec { + crateName = "rand_core"; + version = "0.6.4"; + edition = "2018"; + sha256 = "0b4j2v4cb5krak1pv6kakv4sz6xcwbrmy2zckc32hsigbrwy82zc"; + authors = [ + "The Rand Project Developers" + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "getrandom"; + packageId = "getrandom"; + optional = true; + } + ]; + features = { + "getrandom" = [ "dep:getrandom" ]; + "serde" = [ "dep:serde" ]; + "serde1" = [ "serde" ]; + "std" = [ "alloc" "getrandom" "getrandom/std" ]; + }; + resolvedDefaultFeatures = [ "alloc" "getrandom" "std" ]; + }; + "regex" = rec { + crateName = "regex"; + version = "1.6.0"; + edition = "2018"; + sha256 = "12wqvyh4i75j7pc8sgvmqh4yy3qaj4inc4alyv1cdf3lf4kb6kjc"; + authors = [ + "The Rust Project Developers" + ]; + dependencies = [ + { + name = "aho-corasick"; + packageId = "aho-corasick"; + optional = true; + } + { + name = "memchr"; + packageId = "memchr"; + optional = true; + } + { + name = "regex-syntax"; + packageId = "regex-syntax"; + usesDefaultFeatures = false; + } + ]; + features = { + "aho-corasick" = [ "dep:aho-corasick" ]; + "default" = [ "std" "perf" "unicode" "regex-syntax/default" ]; + "memchr" = [ "dep:memchr" ]; + "perf" = [ "perf-cache" "perf-dfa" "perf-inline" "perf-literal" ]; + "perf-literal" = [ "aho-corasick" "memchr" ]; + "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" "regex-syntax/unicode" ]; + "unicode-age" = [ "regex-syntax/unicode-age" ]; + "unicode-bool" = [ "regex-syntax/unicode-bool" ]; + "unicode-case" = [ "regex-syntax/unicode-case" ]; + "unicode-gencat" = [ "regex-syntax/unicode-gencat" ]; + "unicode-perl" = [ "regex-syntax/unicode-perl" ]; + "unicode-script" = [ "regex-syntax/unicode-script" ]; + "unicode-segment" = [ "regex-syntax/unicode-segment" ]; + "unstable" = [ "pattern" ]; + "use_std" = [ "std" ]; + }; + resolvedDefaultFeatures = [ "aho-corasick" "default" "memchr" "perf" "perf-cache" "perf-dfa" "perf-inline" "perf-literal" "std" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + }; + "regex-syntax" = rec { + crateName = "regex-syntax"; + version = "0.6.27"; + edition = "2018"; + sha256 = "0i32nnvyzzkvz1rqp2qyfxrp2170859z8ck37jd63c8irrrppy53"; + authors = [ + "The Rust Project Developers" + ]; + features = { + "default" = [ "unicode" ]; + "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + }; + resolvedDefaultFeatures = [ "default" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + }; + "rfc6979" = rec { + crateName = "rfc6979"; + version = "0.3.1"; + edition = "2021"; + sha256 = "1fzsp705b5lhwd2r9il9grc3lj6rm3b2r89vh0xv181gy5xg2hvp"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "crypto-bigint"; + packageId = "crypto-bigint"; + usesDefaultFeatures = false; + features = [ "generic-array" "zeroize" ]; + } + { + name = "hmac"; + packageId = "hmac"; + usesDefaultFeatures = false; + features = [ "reset" ]; + } + { + name = "zeroize"; + packageId = "zeroize"; + usesDefaultFeatures = false; + } + ]; + + }; + "rsa" = rec { + crateName = "rsa"; + version = "0.7.2"; + edition = "2021"; + sha256 = "1709a7gcb2h4r95qyrkdz8nz3jb8k4hafj5q3ibfzg0c8zam4h09"; + authors = [ + "RustCrypto Developers" + "dignifiedquire " + ]; + dependencies = [ + { + name = "byteorder"; + packageId = "byteorder"; + usesDefaultFeatures = false; + } + { + name = "digest"; + packageId = "digest"; + usesDefaultFeatures = false; + features = [ "alloc" "oid" ]; + } + { + name = "num-bigint-dig"; + packageId = "num-bigint-dig"; + rename = "num-bigint"; + usesDefaultFeatures = false; + features = [ "i128" "u64_digit" "prime" "zeroize" ]; + } + { + name = "num-integer"; + packageId = "num-integer"; + usesDefaultFeatures = false; + } + { + name = "num-iter"; + packageId = "num-iter"; + usesDefaultFeatures = false; + } + { + name = "num-traits"; + packageId = "num-traits"; + usesDefaultFeatures = false; + features = [ "libm" ]; + } + { + name = "pkcs1"; + packageId = "pkcs1"; + usesDefaultFeatures = false; + features = [ "pkcs8" "alloc" ]; + } + { + name = "pkcs8"; + packageId = "pkcs8"; + usesDefaultFeatures = false; + features = [ "alloc" ]; + } + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "signature"; + packageId = "signature 1.6.4"; + usesDefaultFeatures = false; + features = [ "digest-preview" "rand-preview" ]; + } + { + name = "smallvec"; + packageId = "smallvec"; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + features = [ "alloc" ]; + } + ]; + devDependencies = [ + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "std" "pem" ]; + "getrandom" = [ "rand_core/getrandom" ]; + "hazmat" = [ "signature/hazmat-preview" ]; + "nightly" = [ "num-bigint/nightly" ]; + "pem" = [ "pkcs1/pem" "pkcs8/pem" ]; + "pkcs5" = [ "pkcs8/encryption" ]; + "serde" = [ "num-bigint/serde" "serde_crate" ]; + "serde_crate" = [ "dep:serde_crate" ]; + "std" = [ "digest/std" "pkcs1/std" "pkcs8/std" "rand_core/std" "signature/std" ]; + }; + resolvedDefaultFeatures = [ "default" "pem" "std" ]; + }; + "rustc-serialize" = rec { + crateName = "rustc-serialize"; + version = "0.3.24"; + edition = "2015"; + sha256 = "1nkg3vasg7nk80ffkazizgiyv3hb1l9g3d8h17cajbkx538jiwfw"; + authors = [ + "The Rust Project Developers" + ]; + + }; + "ryu" = rec { + crateName = "ryu"; + version = "1.0.12"; + edition = "2018"; + sha256 = "1ppcgnyfs12p545bl7762jp9b11rlzmgb7yzrr5lnzb8xm1rfjvv"; + authors = [ + "David Tolnay " + ]; + features = { + "no-panic" = [ "dep:no-panic" ]; + }; + }; + "same-file" = rec { + crateName = "same-file"; + version = "1.0.6"; + edition = "2018"; + sha256 = "00h5j1w87dmhnvbv9l8bic3y7xxsnjmssvifw2ayvgx9mb1ivz4k"; + authors = [ + "Andrew Gallant " + ]; + dependencies = [ + { + name = "winapi-util"; + packageId = "winapi-util"; + target = { target, features }: (target."windows" or false); + } + ]; + + }; + "sec1" = rec { + crateName = "sec1"; + version = "0.3.0"; + edition = "2021"; + sha256 = "0a09lk5w3nyggpyz54m10nnlg9v8qbh6kw3v1bgla31988c4rqiv"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base16ct"; + packageId = "base16ct"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "der"; + packageId = "der"; + optional = true; + features = [ "oid" ]; + } + { + name = "generic-array"; + packageId = "generic-array"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "pkcs8"; + packageId = "pkcs8"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "der/alloc" "pkcs8/alloc" "zeroize/alloc" ]; + "base16ct" = [ "dep:base16ct" ]; + "default" = [ "der" "point" ]; + "der" = [ "dep:der" ]; + "generic-array" = [ "dep:generic-array" ]; + "pem" = [ "alloc" "der/pem" "pkcs8/pem" ]; + "pkcs8" = [ "dep:pkcs8" ]; + "point" = [ "base16ct" "generic-array" ]; + "serde" = [ "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "std" = [ "der/std" "alloc" ]; + "subtle" = [ "dep:subtle" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "alloc" "base16ct" "default" "der" "generic-array" "pem" "pkcs8" "point" "subtle" "zeroize" ]; + }; + "serde" = rec { + crateName = "serde"; + version = "1.0.152"; + edition = "2015"; + sha256 = "1ysykpc4a9f1yn7zikdwhyfs0bpa7mlc8vsm7sl4glr1606iyzdv"; + authors = [ + "Erick Tryzelaar " + "David Tolnay " + ]; + dependencies = [ + { + name = "serde_derive"; + packageId = "serde_derive"; + optional = true; + } + ]; + devDependencies = [ + { + name = "serde_derive"; + packageId = "serde_derive"; + } + ]; + features = { + "default" = [ "std" ]; + "derive" = [ "serde_derive" ]; + "serde_derive" = [ "dep:serde_derive" ]; + }; + resolvedDefaultFeatures = [ "default" "derive" "serde_derive" "std" ]; + }; + "serde_derive" = rec { + crateName = "serde_derive"; + version = "1.0.152"; + edition = "2015"; + sha256 = "07jlbk3khspawlqayr5lhzgqirv031ap4p8asw199l7ciq8psj5g"; + procMacro = true; + authors = [ + "Erick Tryzelaar " + "David Tolnay " + ]; + dependencies = [ + { + name = "proc-macro2"; + packageId = "proc-macro2"; + } + { + name = "quote"; + packageId = "quote"; + } + { + name = "syn"; + packageId = "syn"; + } + ]; + features = { + }; + resolvedDefaultFeatures = [ "default" ]; + }; + "serde_json" = rec { + crateName = "serde_json"; + version = "1.0.93"; + edition = "2018"; + sha256 = "0xmwq2838lvc50g849k8qsrwvj7nfaaw5wns0x8mp24ikjv0dm6a"; + authors = [ + "Erick Tryzelaar " + "David Tolnay " + ]; + dependencies = [ + { + name = "itoa"; + packageId = "itoa"; + } + { + name = "ryu"; + packageId = "ryu"; + } + { + name = "serde"; + packageId = "serde"; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "serde"; + packageId = "serde"; + features = [ "derive" ]; + } + ]; + features = { + "alloc" = [ "serde/alloc" ]; + "default" = [ "std" ]; + "indexmap" = [ "dep:indexmap" ]; + "preserve_order" = [ "indexmap" "std" ]; + "std" = [ "serde/std" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "sha2" = rec { + crateName = "sha2"; + version = "0.10.6"; + edition = "2018"; + sha256 = "1h5xrrv2y06kr1gsz4pwrm3lsp206nm2gjxgbf21wfrfzsavgrl2"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "cpufeatures"; + packageId = "cpufeatures"; + target = { target, features }: ((target."arch" == "aarch64") || (target."arch" == "x86_64") || (target."arch" == "x86")); + } + { + name = "digest"; + packageId = "digest"; + } + ]; + devDependencies = [ + { + name = "digest"; + packageId = "digest"; + features = [ "dev" ]; + } + ]; + features = { + "asm" = [ "sha2-asm" ]; + "asm-aarch64" = [ "asm" ]; + "default" = [ "std" ]; + "oid" = [ "digest/oid" ]; + "sha2-asm" = [ "dep:sha2-asm" ]; + "std" = [ "digest/std" ]; + }; + }; + "signature 1.6.4" = rec { + crateName = "signature"; + version = "1.6.4"; + edition = "2021"; + sha256 = "0z3xg405pg827g6hfdprnszsdqkkbrsfx7f1dl04nv9g7cxks8vl"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "digest"; + packageId = "digest"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "std" ]; + "derive-preview" = [ "digest-preview" "signature_derive" ]; + "digest" = [ "dep:digest" ]; + "digest-preview" = [ "digest" ]; + "rand-preview" = [ "rand_core" ]; + "rand_core" = [ "dep:rand_core" ]; + "signature_derive" = [ "dep:signature_derive" ]; + }; + resolvedDefaultFeatures = [ "digest" "digest-preview" "rand-preview" "rand_core" "std" ]; + }; + "signature 2.0.0" = rec { + crateName = "signature"; + version = "2.0.0"; + edition = "2021"; + sha256 = "0zg534qaa8cl5spq8d0rs0jq6km4w9vil69148awiy9khg4mir4g"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "digest"; + packageId = "digest"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "derive" = [ "dep:derive" ]; + "digest" = [ "dep:digest" ]; + "rand_core" = [ "dep:rand_core" ]; + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" "digest" "rand_core" "std" ]; + }; + "smallvec" = rec { + crateName = "smallvec"; + version = "1.10.0"; + edition = "2018"; + sha256 = "1q2k15fzxgwjpcdv3f323w24rbbfyv711ayz85ila12lg7zbw1x5"; + authors = [ + "The Servo Project Developers" + ]; + features = { + "arbitrary" = [ "dep:arbitrary" ]; + "const_new" = [ "const_generics" ]; + "serde" = [ "dep:serde" ]; + }; + }; + "sodiumoxide" = rec { + crateName = "sodiumoxide"; + version = "0.2.7"; + edition = "2015"; + sha256 = "0a00rcp2vphrs8qh0477rzs6lhsng1m5i0l4qamagnf2nsnf6sz2"; + authors = [ + "dnaq" + ]; + dependencies = [ + { + name = "ed25519"; + packageId = "ed25519"; + usesDefaultFeatures = false; + } + { + name = "libc"; + packageId = "libc"; + usesDefaultFeatures = false; + } + { + name = "libsodium-sys"; + packageId = "libsodium-sys"; + } + { + name = "serde"; + packageId = "serde"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "serde"; + packageId = "serde"; + } + ]; + features = { + "default" = [ "serde" "std" ]; + "serde" = [ "dep:serde" ]; + "use-pkg-config" = [ "libsodium-sys/use-pkg-config" ]; + }; + resolvedDefaultFeatures = [ "default" "serde" "std" ]; + }; + "spin" = rec { + crateName = "spin"; + version = "0.5.2"; + edition = "2015"; + sha256 = "0b84m6dbzrwf2kxylnw82d3dr8w06av7rfkr8s85fb5f43rwyqvf"; + authors = [ + "Mathijs van de Nes " + "John Ericson " + ]; + + }; + "spki" = rec { + crateName = "spki"; + version = "0.6.0"; + edition = "2021"; + sha256 = "0ar1ldkl7svp8l3gfw2hyiiph7n2nqynjnjgdv1pscvsmjxh5kv7"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base64ct"; + packageId = "base64ct"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "der"; + packageId = "der"; + features = [ "oid" ]; + } + ]; + features = { + "alloc" = [ "base64ct/alloc" "der/alloc" ]; + "base64ct" = [ "dep:base64ct" ]; + "fingerprint" = [ "sha2" ]; + "pem" = [ "alloc" "der/pem" ]; + "sha2" = [ "dep:sha2" ]; + "std" = [ "der/std" "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" "base64ct" "pem" "std" ]; + }; + "subtle" = rec { + crateName = "subtle"; + version = "2.4.1"; + edition = "2015"; + sha256 = "00b6jzh9gzb0h9n25g06nqr90z3xzqppfhhb260s1hjhh4pg7pkb"; + authors = [ + "Isis Lovecruft " + "Henry de Valence " + ]; + features = { + "default" = [ "std" "i128" ]; + }; + resolvedDefaultFeatures = [ "i128" ]; + }; + "syn" = rec { + crateName = "syn"; + version = "1.0.107"; + edition = "2018"; + sha256 = "1xg3315vx8civ8y0l5zxq5mkx07qskaqwnjak18aw0vfn6sn8h0z"; + authors = [ + "David Tolnay " + ]; + dependencies = [ + { + name = "proc-macro2"; + packageId = "proc-macro2"; + usesDefaultFeatures = false; + } + { + name = "quote"; + packageId = "quote"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "unicode-ident"; + packageId = "unicode-ident"; + } + ]; + features = { + "default" = [ "derive" "parsing" "printing" "clone-impls" "proc-macro" ]; + "printing" = [ "quote" ]; + "proc-macro" = [ "proc-macro2/proc-macro" "quote/proc-macro" ]; + "quote" = [ "dep:quote" ]; + "test" = [ "syn-test-suite/all-features" ]; + }; + resolvedDefaultFeatures = [ "clone-impls" "default" "derive" "full" "parsing" "printing" "proc-macro" "quote" "visit" ]; + }; + "thiserror" = rec { + crateName = "thiserror"; + version = "1.0.38"; + edition = "2018"; + sha256 = "1l7yh18iqcr2jnl6qjx3ywvhny98cvda3biwc334ap3xm65d373a"; + authors = [ + "David Tolnay " + ]; + dependencies = [ + { + name = "thiserror-impl"; + packageId = "thiserror-impl"; + } + ]; + + }; + "thiserror-impl" = rec { + crateName = "thiserror-impl"; + version = "1.0.38"; + edition = "2018"; + sha256 = "0vzkcjqkzzgrwwby92xvnbp11a8d70b1gkybm0zx1r458spjgcqz"; + procMacro = true; + authors = [ + "David Tolnay " + ]; + dependencies = [ + { + name = "proc-macro2"; + packageId = "proc-macro2"; + } + { + name = "quote"; + packageId = "quote"; + } + { + name = "syn"; + packageId = "syn"; + } + ]; + + }; + "typenum" = rec { + crateName = "typenum"; + version = "1.16.0"; + edition = "2018"; + sha256 = "1fhb9iaqyjn4dzn2vl86kxjhp4xpw5gynczlnqzf4x6rjgpn2ya9"; + build = "build/main.rs"; + authors = [ + "Paho Lurie-Gregg " + "Andre Bogus " + ]; + features = { + "scale-info" = [ "dep:scale-info" ]; + "scale_info" = [ "scale-info/derive" ]; + }; + }; + "unicode-ident" = rec { + crateName = "unicode-ident"; + version = "1.0.6"; + edition = "2018"; + sha256 = "1g2fdsw5sv9l1m73whm99za3lxq3nw4gzx5kvi562h4b46gjp8l4"; + authors = [ + "David Tolnay " + ]; + + }; + "version_check" = rec { + crateName = "version_check"; + version = "0.9.4"; + edition = "2015"; + sha256 = "0gs8grwdlgh0xq660d7wr80x14vxbizmd8dbp29p2pdncx8lp1s9"; + authors = [ + "Sergio Benitez " + ]; + + }; + "walkdir" = rec { + crateName = "walkdir"; + version = "2.3.2"; + edition = "2018"; + sha256 = "0mnszy33685v8y9js8mw6x2p3iddqs8vfj7n2dhqddnlbirz5340"; + authors = [ + "Andrew Gallant " + ]; + dependencies = [ + { + name = "same-file"; + packageId = "same-file"; + } + { + name = "winapi"; + packageId = "winapi"; + target = { target, features }: (target."windows" or false); + features = [ "std" "winnt" ]; + } + { + name = "winapi-util"; + packageId = "winapi-util"; + target = { target, features }: (target."windows" or false); + } + ]; + + }; + "wasi" = rec { + crateName = "wasi"; + version = "0.11.0+wasi-snapshot-preview1"; + edition = "2018"; + sha256 = "08z4hxwkpdpalxjps1ai9y7ihin26y9f476i53dv98v45gkqg3cw"; + authors = [ + "The Cranelift Project Developers" + ]; + features = { + "compiler_builtins" = [ "dep:compiler_builtins" ]; + "core" = [ "dep:core" ]; + "default" = [ "std" ]; + "rustc-dep-of-std" = [ "compiler_builtins" "core" "rustc-std-workspace-alloc" ]; + "rustc-std-workspace-alloc" = [ "dep:rustc-std-workspace-alloc" ]; + }; + resolvedDefaultFeatures = [ "default" "std" ]; + }; + "wasm-bindgen" = rec { + crateName = "wasm-bindgen"; + version = "0.2.84"; + edition = "2018"; + sha256 = "0fx5gh0b4n6znfa3blz92wn1k4bbiysyq9m95s7rn3gk46ydry1i"; + authors = [ + "The wasm-bindgen Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "wasm-bindgen-macro"; + packageId = "wasm-bindgen-macro"; + } + ]; + features = { + "default" = [ "spans" "std" ]; + "enable-interning" = [ "std" ]; + "serde" = [ "dep:serde" ]; + "serde-serialize" = [ "serde" "serde_json" "std" ]; + "serde_json" = [ "dep:serde_json" ]; + "spans" = [ "wasm-bindgen-macro/spans" ]; + "strict-macro" = [ "wasm-bindgen-macro/strict-macro" ]; + "xxx_debug_only_print_generated_code" = [ "wasm-bindgen-macro/xxx_debug_only_print_generated_code" ]; + }; + resolvedDefaultFeatures = [ "default" "spans" "std" ]; + }; + "wasm-bindgen-backend" = rec { + crateName = "wasm-bindgen-backend"; + version = "0.2.84"; + edition = "2018"; + sha256 = "1ffc0wb293ha56i66f830x7f8aa2xql69a21lrasy1ncbgyr1klm"; + authors = [ + "The wasm-bindgen Developers" + ]; + dependencies = [ + { + name = "bumpalo"; + packageId = "bumpalo"; + } + { + name = "log"; + packageId = "log"; + } + { + name = "once_cell"; + packageId = "once_cell"; + } + { + name = "proc-macro2"; + packageId = "proc-macro2"; + } + { + name = "quote"; + packageId = "quote"; + } + { + name = "syn"; + packageId = "syn"; + features = [ "full" ]; + } + { + name = "wasm-bindgen-shared"; + packageId = "wasm-bindgen-shared"; + } + ]; + features = { + "extra-traits" = [ "syn/extra-traits" ]; + }; + resolvedDefaultFeatures = [ "spans" ]; + }; + "wasm-bindgen-macro" = rec { + crateName = "wasm-bindgen-macro"; + version = "0.2.84"; + edition = "2018"; + sha256 = "1idlq28awqhq8rclb22rn5xix82w9a4rgy11vkapzhzd1dygf8ac"; + procMacro = true; + authors = [ + "The wasm-bindgen Developers" + ]; + dependencies = [ + { + name = "quote"; + packageId = "quote"; + } + { + name = "wasm-bindgen-macro-support"; + packageId = "wasm-bindgen-macro-support"; + } + ]; + features = { + "spans" = [ "wasm-bindgen-macro-support/spans" ]; + "strict-macro" = [ "wasm-bindgen-macro-support/strict-macro" ]; + }; + resolvedDefaultFeatures = [ "spans" ]; + }; + "wasm-bindgen-macro-support" = rec { + crateName = "wasm-bindgen-macro-support"; + version = "0.2.84"; + edition = "2018"; + sha256 = "1xm56lpi0rihh8ny7x085dgs3jdm47spgqflb98wghyadwq83zra"; + authors = [ + "The wasm-bindgen Developers" + ]; + dependencies = [ + { + name = "proc-macro2"; + packageId = "proc-macro2"; + } + { + name = "quote"; + packageId = "quote"; + } + { + name = "syn"; + packageId = "syn"; + features = [ "visit" "full" ]; + } + { + name = "wasm-bindgen-backend"; + packageId = "wasm-bindgen-backend"; + } + { + name = "wasm-bindgen-shared"; + packageId = "wasm-bindgen-shared"; + } + ]; + features = { + "extra-traits" = [ "syn/extra-traits" ]; + "spans" = [ "wasm-bindgen-backend/spans" ]; + }; + resolvedDefaultFeatures = [ "spans" ]; + }; + "wasm-bindgen-shared" = rec { + crateName = "wasm-bindgen-shared"; + version = "0.2.84"; + edition = "2018"; + sha256 = "0pcvk1c97r1pprzfaxxn359r0wqg5bm33ylbwgjh8f4cwbvzwih0"; + authors = [ + "The wasm-bindgen Developers" + ]; + + }; + "winapi" = rec { + crateName = "winapi"; + version = "0.3.9"; + edition = "2015"; + sha256 = "06gl025x418lchw1wxj64ycr7gha83m44cjr5sarhynd9xkrm0sw"; + authors = [ + "Peter Atashian " + ]; + dependencies = [ + { + name = "winapi-i686-pc-windows-gnu"; + packageId = "winapi-i686-pc-windows-gnu"; + target = { target, features }: (stdenv.hostPlatform.config == "i686-pc-windows-gnu"); + } + { + name = "winapi-x86_64-pc-windows-gnu"; + packageId = "winapi-x86_64-pc-windows-gnu"; + target = { target, features }: (stdenv.hostPlatform.config == "x86_64-pc-windows-gnu"); + } + ]; + features = { + "debug" = [ "impl-debug" ]; + }; + resolvedDefaultFeatures = [ "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "std" "winbase" "wincon" "winerror" "winnt" ]; + }; + "winapi-i686-pc-windows-gnu" = rec { + crateName = "winapi-i686-pc-windows-gnu"; + version = "0.4.0"; + edition = "2015"; + sha256 = "1dmpa6mvcvzz16zg6d5vrfy4bxgg541wxrcip7cnshi06v38ffxc"; + authors = [ + "Peter Atashian " + ]; + + }; + "winapi-util" = rec { + crateName = "winapi-util"; + version = "0.1.5"; + edition = "2018"; + sha256 = "0y71bp7f6d536czj40dhqk0d55wfbbwqfp2ymqf1an5ibgl6rv3h"; + authors = [ + "Andrew Gallant " + ]; + dependencies = [ + { + name = "winapi"; + packageId = "winapi"; + target = { target, features }: (target."windows" or false); + features = [ "std" "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "winbase" "wincon" "winerror" "winnt" ]; + } + ]; + + }; + "winapi-x86_64-pc-windows-gnu" = rec { + crateName = "winapi-x86_64-pc-windows-gnu"; + version = "0.4.0"; + edition = "2015"; + sha256 = "0gqq64czqb64kskjryj8isp62m2sgvx25yyj3kpc2myh85w24bki"; + authors = [ + "Peter Atashian " + ]; + + }; + "zauth" = rec { + crateName = "zauth"; + version = "3.1.0"; + edition = "2015"; + src = lib.cleanSourceWith { filter = sourceFilter; src = ../libzauth; }; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "asexp"; + packageId = "asexp"; + } + { + name = "base64"; + packageId = "base64"; + } + { + name = "jwt-simple"; + packageId = "jwt-simple"; + } + { + name = "lazy_static"; + packageId = "lazy_static"; + } + { + name = "regex"; + packageId = "regex"; + } + { + name = "rustc-serialize"; + packageId = "rustc-serialize"; + } + { + name = "serde"; + packageId = "serde"; + } + { + name = "serde_json"; + packageId = "serde_json"; + } + { + name = "sodiumoxide"; + packageId = "sodiumoxide"; + } + { + name = "thiserror"; + packageId = "thiserror"; + } + ]; + + }; + "zauth-c" = rec { + crateName = "zauth-c"; + version = "3.0.0"; + edition = "2015"; + src = lib.cleanSourceWith { filter = sourceFilter; src = ./.; };type = [ "cdylib" ]; + authors = [ + "Wire Swiss GmbH " + ]; + dependencies = [ + { + name = "jwt-simple"; + packageId = "jwt-simple"; + } + { + name = "libc"; + packageId = "libc"; + } + { + name = "zauth"; + packageId = "zauth"; + } + ]; + + }; + "zeroize" = rec { + crateName = "zeroize"; + version = "1.5.7"; + edition = "2018"; + sha256 = "17ql9c1qhh5kw5aas72swwicnr701alhmhnrfmr9wrkg1jyvb563"; + authors = [ + "The RustCrypto Project Developers" + ]; + features = { + "default" = [ "alloc" ]; + "derive" = [ "zeroize_derive" ]; + "serde" = [ "dep:serde" ]; + "std" = [ "alloc" ]; + "zeroize_derive" = [ "dep:zeroize_derive" ]; + }; + resolvedDefaultFeatures = [ "alloc" "default" ]; + }; + }; + + # +# crate2nix/default.nix (excerpt start) +# + + /* Target (platform) data for conditional dependencies. + This corresponds roughly to what buildRustCrate is setting. + */ + defaultTarget = { + unix = true; + windows = false; + fuchsia = true; + test = false; + + # This doesn't appear to be officially documented anywhere yet. + # See https://github.com/rust-lang-nursery/rust-forge/issues/101. + os = + if stdenv.hostPlatform.isDarwin + then "macos" + else stdenv.hostPlatform.parsed.kernel.name; + arch = stdenv.hostPlatform.parsed.cpu.name; + family = "unix"; + env = "gnu"; + endian = + if stdenv.hostPlatform.parsed.cpu.significantByte.name == "littleEndian" + then "little" else "big"; + pointer_width = toString stdenv.hostPlatform.parsed.cpu.bits; + vendor = stdenv.hostPlatform.parsed.vendor.name; + debug_assertions = false; + }; + + /* Filters common temp files and build files. */ + # TODO(pkolloch): Substitute with gitignore filter + sourceFilter = name: type: + let + baseName = builtins.baseNameOf (builtins.toString name); + in + ! ( + # Filter out git + baseName == ".gitignore" + || (type == "directory" && baseName == ".git") + + # Filter out build results + || ( + type == "directory" && ( + baseName == "target" + || baseName == "_site" + || baseName == ".sass-cache" + || baseName == ".jekyll-metadata" + || baseName == "build-artifacts" + ) + ) + + # Filter out nix-build result symlinks + || ( + type == "symlink" && lib.hasPrefix "result" baseName + ) + + # Filter out IDE config + || ( + type == "directory" && ( + baseName == ".idea" || baseName == ".vscode" + ) + ) || lib.hasSuffix ".iml" baseName + + # Filter out nix build files + || baseName == "Cargo.nix" + + # Filter out editor backup / swap files. + || lib.hasSuffix "~" baseName + || builtins.match "^\\.sw[a-z]$$" baseName != null + || builtins.match "^\\..*\\.sw[a-z]$$" baseName != null + || lib.hasSuffix ".tmp" baseName + || lib.hasSuffix ".bak" baseName + || baseName == "tests.nix" + ); + + /* Returns a crate which depends on successful test execution + of crate given as the second argument. + + testCrateFlags: list of flags to pass to the test exectuable + testInputs: list of packages that should be available during test execution + */ + crateWithTest = { crate, testCrate, testCrateFlags, testInputs, testPreRun, testPostRun }: + assert builtins.typeOf testCrateFlags == "list"; + assert builtins.typeOf testInputs == "list"; + assert builtins.typeOf testPreRun == "string"; + assert builtins.typeOf testPostRun == "string"; + let + # override the `crate` so that it will build and execute tests instead of + # building the actual lib and bin targets We just have to pass `--test` + # to rustc and it will do the right thing. We execute the tests and copy + # their log and the test executables to $out for later inspection. + test = + let + drv = testCrate.override + ( + _: { + buildTests = true; + } + ); + # If the user hasn't set any pre/post commands, we don't want to + # insert empty lines. This means that any existing users of crate2nix + # don't get a spurious rebuild unless they set these explicitly. + testCommand = pkgs.lib.concatStringsSep "\n" + (pkgs.lib.filter (s: s != "") [ + testPreRun + "$f $testCrateFlags 2>&1 | tee -a $out" + testPostRun + ]); + in + pkgs.runCommand "run-tests-${testCrate.name}" + { + inherit testCrateFlags; + buildInputs = testInputs; + } '' + set -ex + + export RUST_BACKTRACE=1 + + # recreate a file hierarchy as when running tests with cargo + + # the source for test data + ${pkgs.xorg.lndir}/bin/lndir ${crate.src} + + # build outputs + testRoot=target/debug + mkdir -p $testRoot + + # executables of the crate + # we copy to prevent std::env::current_exe() to resolve to a store location + for i in ${crate}/bin/*; do + cp "$i" "$testRoot" + done + chmod +w -R . + + # test harness executables are suffixed with a hash, like cargo does + # this allows to prevent name collision with the main + # executables of the crate + hash=$(basename $out) + for file in ${drv}/tests/*; do + f=$testRoot/$(basename $file)-$hash + cp $file $f + ${testCommand} + done + ''; + in + pkgs.runCommand "${crate.name}-linked" + { + inherit (crate) outputs crateName; + passthru = (crate.passthru or { }) // { + inherit test; + }; + } '' + echo tested by ${test} + ${lib.concatMapStringsSep "\n" (output: "ln -s ${crate.${output}} ${"$"}${output}") crate.outputs} + ''; + + /* A restricted overridable version of builtRustCratesWithFeatures. */ + buildRustCrateWithFeatures = + { packageId + , features ? rootFeatures + , crateOverrides ? defaultCrateOverrides + , buildRustCrateForPkgsFunc ? null + , runTests ? false + , testCrateFlags ? [ ] + , testInputs ? [ ] + # Any command to run immediatelly before a test is executed. + , testPreRun ? "" + # Any command run immediatelly after a test is executed. + , testPostRun ? "" + }: + lib.makeOverridable + ( + { features + , crateOverrides + , runTests + , testCrateFlags + , testInputs + , testPreRun + , testPostRun + }: + let + buildRustCrateForPkgsFuncOverriden = + if buildRustCrateForPkgsFunc != null + then buildRustCrateForPkgsFunc + else + ( + if crateOverrides == pkgs.defaultCrateOverrides + then buildRustCrateForPkgs + else + pkgs: (buildRustCrateForPkgs pkgs).override { + defaultCrateOverrides = crateOverrides; + } + ); + builtRustCrates = builtRustCratesWithFeatures { + inherit packageId features; + buildRustCrateForPkgsFunc = buildRustCrateForPkgsFuncOverriden; + runTests = false; + }; + builtTestRustCrates = builtRustCratesWithFeatures { + inherit packageId features; + buildRustCrateForPkgsFunc = buildRustCrateForPkgsFuncOverriden; + runTests = true; + }; + drv = builtRustCrates.crates.${packageId}; + testDrv = builtTestRustCrates.crates.${packageId}; + derivation = + if runTests then + crateWithTest + { + crate = drv; + testCrate = testDrv; + inherit testCrateFlags testInputs testPreRun testPostRun; + } + else drv; + in + derivation + ) + { inherit features crateOverrides runTests testCrateFlags testInputs testPreRun testPostRun; }; + + /* Returns an attr set with packageId mapped to the result of buildRustCrateForPkgsFunc + for the corresponding crate. + */ + builtRustCratesWithFeatures = + { packageId + , features + , crateConfigs ? crates + , buildRustCrateForPkgsFunc + , runTests + , target ? defaultTarget + } @ args: + assert (builtins.isAttrs crateConfigs); + assert (builtins.isString packageId); + assert (builtins.isList features); + assert (builtins.isAttrs target); + assert (builtins.isBool runTests); + let + rootPackageId = packageId; + mergedFeatures = mergePackageFeatures + ( + args // { + inherit rootPackageId; + target = target // { test = runTests; }; + } + ); + # Memoize built packages so that reappearing packages are only built once. + builtByPackageIdByPkgs = mkBuiltByPackageIdByPkgs pkgs; + mkBuiltByPackageIdByPkgs = pkgs: + let + self = { + crates = lib.mapAttrs (packageId: value: buildByPackageIdForPkgsImpl self pkgs packageId) crateConfigs; + build = mkBuiltByPackageIdByPkgs pkgs.buildPackages; + }; + in + self; + buildByPackageIdForPkgsImpl = self: pkgs: packageId: + let + features = mergedFeatures."${packageId}" or [ ]; + crateConfig' = crateConfigs."${packageId}"; + crateConfig = + builtins.removeAttrs crateConfig' [ "resolvedDefaultFeatures" "devDependencies" ]; + devDependencies = + lib.optionals + (runTests && packageId == rootPackageId) + (crateConfig'.devDependencies or [ ]); + dependencies = + dependencyDerivations { + inherit features target; + buildByPackageId = depPackageId: + # proc_macro crates must be compiled for the build architecture + if crateConfigs.${depPackageId}.procMacro or false + then self.build.crates.${depPackageId} + else self.crates.${depPackageId}; + dependencies = + (crateConfig.dependencies or [ ]) + ++ devDependencies; + }; + buildDependencies = + dependencyDerivations { + inherit features target; + buildByPackageId = depPackageId: + self.build.crates.${depPackageId}; + dependencies = crateConfig.buildDependencies or [ ]; + }; + filterEnabledDependenciesForThis = dependencies: filterEnabledDependencies { + inherit dependencies features target; + }; + dependenciesWithRenames = + lib.filter (d: d ? "rename") + ( + filterEnabledDependenciesForThis + ( + (crateConfig.buildDependencies or [ ]) + ++ (crateConfig.dependencies or [ ]) + ++ devDependencies + ) + ); + # Crate renames have the form: + # + # { + # crate_name = [ + # { version = "1.2.3"; rename = "crate_name01"; } + # ]; + # # ... + # } + crateRenames = + let + grouped = + lib.groupBy + (dependency: dependency.name) + dependenciesWithRenames; + versionAndRename = dep: + let + package = crateConfigs."${dep.packageId}"; + in + { inherit (dep) rename; version = package.version; }; + in + lib.mapAttrs (name: choices: builtins.map versionAndRename choices) grouped; + in + buildRustCrateForPkgsFunc pkgs + ( + crateConfig // { + src = crateConfig.src or ( + pkgs.fetchurl rec { + name = "${crateConfig.crateName}-${crateConfig.version}.tar.gz"; + # https://www.pietroalbini.org/blog/downloading-crates-io/ + # Not rate-limited, CDN URL. + url = "https://static.crates.io/crates/${crateConfig.crateName}/${crateConfig.crateName}-${crateConfig.version}.crate"; + sha256 = + assert (lib.assertMsg (crateConfig ? sha256) "Missing sha256 for ${name}"); + crateConfig.sha256; + } + ); + extraRustcOpts = lib.lists.optional (targetFeatures != [ ]) "-C target-feature=${lib.concatMapStringsSep "," (x: "+${x}") targetFeatures}"; + inherit features dependencies buildDependencies crateRenames release; + } + ); + in + builtByPackageIdByPkgs; + + /* Returns the actual derivations for the given dependencies. */ + dependencyDerivations = + { buildByPackageId + , features + , dependencies + , target + }: + assert (builtins.isList features); + assert (builtins.isList dependencies); + assert (builtins.isAttrs target); + let + enabledDependencies = filterEnabledDependencies { + inherit dependencies features target; + }; + depDerivation = dependency: buildByPackageId dependency.packageId; + in + map depDerivation enabledDependencies; + + /* Returns a sanitized version of val with all values substituted that cannot + be serialized as JSON. + */ + sanitizeForJson = val: + if builtins.isAttrs val + then lib.mapAttrs (n: v: sanitizeForJson v) val + else if builtins.isList val + then builtins.map sanitizeForJson val + else if builtins.isFunction val + then "function" + else val; + + /* Returns various tools to debug a crate. */ + debugCrate = { packageId, target ? defaultTarget }: + assert (builtins.isString packageId); + let + debug = rec { + # The built tree as passed to buildRustCrate. + buildTree = buildRustCrateWithFeatures { + buildRustCrateForPkgsFunc = _: lib.id; + inherit packageId; + }; + sanitizedBuildTree = sanitizeForJson buildTree; + dependencyTree = sanitizeForJson + ( + buildRustCrateWithFeatures { + buildRustCrateForPkgsFunc = _: crate: { + "01_crateName" = crate.crateName or false; + "02_features" = crate.features or [ ]; + "03_dependencies" = crate.dependencies or [ ]; + }; + inherit packageId; + } + ); + mergedPackageFeatures = mergePackageFeatures { + features = rootFeatures; + inherit packageId target; + }; + diffedDefaultPackageFeatures = diffDefaultPackageFeatures { + inherit packageId target; + }; + }; + in + { internal = debug; }; + + /* Returns differences between cargo default features and crate2nix default + features. + + This is useful for verifying the feature resolution in crate2nix. + */ + diffDefaultPackageFeatures = + { crateConfigs ? crates + , packageId + , target + }: + assert (builtins.isAttrs crateConfigs); + let + prefixValues = prefix: lib.mapAttrs (n: v: { "${prefix}" = v; }); + mergedFeatures = + prefixValues + "crate2nix" + (mergePackageFeatures { inherit crateConfigs packageId target; features = [ "default" ]; }); + configs = prefixValues "cargo" crateConfigs; + combined = lib.foldAttrs (a: b: a // b) { } [ mergedFeatures configs ]; + onlyInCargo = + builtins.attrNames + (lib.filterAttrs (n: v: !(v ? "crate2nix") && (v ? "cargo")) combined); + onlyInCrate2Nix = + builtins.attrNames + (lib.filterAttrs (n: v: (v ? "crate2nix") && !(v ? "cargo")) combined); + differentFeatures = lib.filterAttrs + ( + n: v: + (v ? "crate2nix") + && (v ? "cargo") + && (v.crate2nix.features or [ ]) != (v."cargo".resolved_default_features or [ ]) + ) + combined; + in + builtins.toJSON { + inherit onlyInCargo onlyInCrate2Nix differentFeatures; + }; + + /* Returns an attrset mapping packageId to the list of enabled features. + + If multiple paths to a dependency enable different features, the + corresponding feature sets are merged. Features in rust are additive. + */ + mergePackageFeatures = + { crateConfigs ? crates + , packageId + , rootPackageId ? packageId + , features ? rootFeatures + , dependencyPath ? [ crates.${packageId}.crateName ] + , featuresByPackageId ? { } + , target + # Adds devDependencies to the crate with rootPackageId. + , runTests ? false + , ... + } @ args: + assert (builtins.isAttrs crateConfigs); + assert (builtins.isString packageId); + assert (builtins.isString rootPackageId); + assert (builtins.isList features); + assert (builtins.isList dependencyPath); + assert (builtins.isAttrs featuresByPackageId); + assert (builtins.isAttrs target); + assert (builtins.isBool runTests); + let + crateConfig = crateConfigs."${packageId}" or (builtins.throw "Package not found: ${packageId}"); + expandedFeatures = expandFeatures (crateConfig.features or { }) features; + enabledFeatures = enableFeatures (crateConfig.dependencies or [ ]) expandedFeatures; + depWithResolvedFeatures = dependency: + let + packageId = dependency.packageId; + features = dependencyFeatures enabledFeatures dependency; + in + { inherit packageId features; }; + resolveDependencies = cache: path: dependencies: + assert (builtins.isAttrs cache); + assert (builtins.isList dependencies); + let + enabledDependencies = filterEnabledDependencies { + inherit dependencies target; + features = enabledFeatures; + }; + directDependencies = map depWithResolvedFeatures enabledDependencies; + foldOverCache = op: lib.foldl op cache directDependencies; + in + foldOverCache + ( + cache: { packageId, features }: + let + cacheFeatures = cache.${packageId} or [ ]; + combinedFeatures = sortedUnique (cacheFeatures ++ features); + in + if cache ? ${packageId} && cache.${packageId} == combinedFeatures + then cache + else + mergePackageFeatures { + features = combinedFeatures; + featuresByPackageId = cache; + inherit crateConfigs packageId target runTests rootPackageId; + } + ); + cacheWithSelf = + let + cacheFeatures = featuresByPackageId.${packageId} or [ ]; + combinedFeatures = sortedUnique (cacheFeatures ++ enabledFeatures); + in + featuresByPackageId // { + "${packageId}" = combinedFeatures; + }; + cacheWithDependencies = + resolveDependencies cacheWithSelf "dep" + ( + crateConfig.dependencies or [ ] + ++ lib.optionals + (runTests && packageId == rootPackageId) + (crateConfig.devDependencies or [ ]) + ); + cacheWithAll = + resolveDependencies + cacheWithDependencies "build" + (crateConfig.buildDependencies or [ ]); + in + cacheWithAll; + + /* Returns the enabled dependencies given the enabled features. */ + filterEnabledDependencies = { dependencies, features, target }: + assert (builtins.isList dependencies); + assert (builtins.isList features); + assert (builtins.isAttrs target); + + lib.filter + ( + dep: + let + targetFunc = dep.target or (features: true); + in + targetFunc { inherit features target; } + && ( + !(dep.optional or false) + || builtins.any (doesFeatureEnableDependency dep) features + ) + ) + dependencies; + + /* Returns whether the given feature should enable the given dependency. */ + doesFeatureEnableDependency = { name, rename ? null, ... }: feature: + let + prefix = "${name}/"; + len = builtins.stringLength prefix; + startsWithPrefix = builtins.substring 0 len feature == prefix; + in + (rename == null && feature == name) + || (rename != null && rename == feature) + || startsWithPrefix; + + /* Returns the expanded features for the given inputFeatures by applying the + rules in featureMap. + + featureMap is an attribute set which maps feature names to lists of further + feature names to enable in case this feature is selected. + */ + expandFeatures = featureMap: inputFeatures: + assert (builtins.isAttrs featureMap); + assert (builtins.isList inputFeatures); + let + expandFeature = feature: + assert (builtins.isString feature); + [ feature ] ++ (expandFeatures featureMap (featureMap."${feature}" or [ ])); + outFeatures = lib.concatMap expandFeature inputFeatures; + in + sortedUnique outFeatures; + + /* This function adds optional dependencies as features if they are enabled + indirectly by dependency features. This function mimics Cargo's behavior + described in a note at: + https://doc.rust-lang.org/nightly/cargo/reference/features.html#dependency-features + */ + enableFeatures = dependencies: features: + assert (builtins.isList features); + assert (builtins.isList dependencies); + let + additionalFeatures = lib.concatMap + ( + dependency: + assert (builtins.isAttrs dependency); + let + enabled = builtins.any (doesFeatureEnableDependency dependency) features; + in + if (dependency.optional or false) && enabled then [ dependency.name ] else [ ] + ) + dependencies; + in + sortedUnique (features ++ additionalFeatures); + + /* + Returns the actual features for the given dependency. + + features: The features of the crate that refers this dependency. + */ + dependencyFeatures = features: dependency: + assert (builtins.isList features); + assert (builtins.isAttrs dependency); + let + defaultOrNil = + if dependency.usesDefaultFeatures or true + then [ "default" ] + else [ ]; + explicitFeatures = dependency.features or [ ]; + additionalDependencyFeatures = + let + dependencyPrefix = (dependency.rename or dependency.name) + "/"; + dependencyFeatures = + builtins.filter (f: lib.hasPrefix dependencyPrefix f) features; + in + builtins.map (lib.removePrefix dependencyPrefix) dependencyFeatures; + in + defaultOrNil ++ explicitFeatures ++ additionalDependencyFeatures; + + /* Sorts and removes duplicates from a list of strings. */ + sortedUnique = features: + assert (builtins.isList features); + assert (builtins.all builtins.isString features); + let + outFeaturesSet = lib.foldl (set: feature: set // { "${feature}" = 1; }) { } features; + outFeaturesUnique = builtins.attrNames outFeaturesSet; + in + builtins.sort (a: b: a < b) outFeaturesUnique; + + deprecationWarning = message: value: + if strictDeprecation + then builtins.throw "strictDeprecation enabled, aborting: ${message}" + else builtins.trace message value; + + # + # crate2nix/default.nix (excerpt end) + # + }; +} + diff --git a/libs/libzauth/libzauth-c/crate-hashes.json b/libs/libzauth/libzauth-c/crate-hashes.json new file mode 100644 index 00000000000..2e7d8348082 --- /dev/null +++ b/libs/libzauth/libzauth-c/crate-hashes.json @@ -0,0 +1,3 @@ +{ + "jwt-simple 0.11.3 (git+https://github.com/wireapp/rust-jwt-simple?rev=15a69f82288d68b74a75c1364e5d4bf681f1c07b#15a69f82288d68b74a75c1364e5d4bf681f1c07b)": "1ms7bym5j3gvn10gdbacai7v5dsdw8cf747py7igg5almk105n0z" +} \ No newline at end of file From 4b956926c6d15a60ff07f896aa304fbaa677f8e3 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 12:35:43 +0200 Subject: [PATCH 024/177] libzauth-c: bump jwt-simple dep Still using that wireapp/rust-jwt-simple repository, but at least the latest version of the code, not a commit from Feb 10. --- libs/libzauth/libzauth-c/Cargo.lock | 508 ++++++++++++++++++++-------- libs/libzauth/libzauth-c/Cargo.toml | 2 +- 2 files changed, 366 insertions(+), 144 deletions(-) diff --git a/libs/libzauth/libzauth-c/Cargo.lock b/libs/libzauth/libzauth-c/Cargo.lock index 1b894e9bb67..33cca98de2f 100644 --- a/libs/libzauth/libzauth-c/Cargo.lock +++ b/libs/libzauth/libzauth-c/Cargo.lock @@ -4,18 +4,18 @@ version = 3 [[package]] name = "aho-corasick" -version = "0.7.19" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4f55bd91a0978cbfd91c457a164bab8b4001c833b7f323132c0a4e1922dd44e" +checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0" dependencies = [ "memchr", ] [[package]] name = "anyhow" -version = "1.0.69" +version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "224afbd727c3d6e4b90103ece64b8d1b67fbb1973b1046c2281eed3f3803f800" +checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" [[package]] name = "asexp" @@ -35,17 +35,23 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "349a06037c7bf932dd7e7d1f653678b2038b9ad46a74102f1fc7bd7872678cce" +[[package]] +name = "base16ct" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" + [[package]] name = "base64" -version = "0.21.0" +version = "0.21.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" +checksum = "35636a1494ede3b646cc98f74f8e62c773a38a659ebc777a2cf26b9b74171df9" [[package]] name = "base64ct" -version = "1.5.3" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b645a089122eccb6111b4f81cbc1a49f5900ac4666bb93ac027feaecf15607bf" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" [[package]] name = "binstring" @@ -55,30 +61,33 @@ checksum = "7e0d60973d9320722cb1206f412740e162a33b8547ea8d6be75d7cff237c7a85" [[package]] name = "block-buffer" -version = "0.10.3" +version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" dependencies = [ "generic-array", ] [[package]] name = "bumpalo" -version = "3.12.0" +version = "3.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" +checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec" [[package]] name = "byteorder" -version = "1.4.3" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "cc" -version = "1.0.73" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" +dependencies = [ + "libc", +] [[package]] name = "cfg-if" @@ -88,9 +97,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "coarsetime" -version = "0.1.22" +version = "0.1.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "454038500439e141804c655b4cd1bc6a70bcb95cd2bc9463af5661b6956f0e46" +checksum = "a73ef0d00d14301df35d0f13f5ea32344de6b00837485c358458f1e7f2d27db4" dependencies = [ "libc", "once_cell", @@ -100,15 +109,15 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.9.1" +version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cec318a675afcb6a1ea1d4340e2d377e56e47c266f28043ceccbf4412ddfdd3b" +checksum = "28c122c3980598d243d63d9a704629a2d748d101f278052ff068be5a4423ab6f" [[package]] name = "cpufeatures" -version = "0.2.5" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" dependencies = [ "libc", ] @@ -125,6 +134,18 @@ dependencies = [ "zeroize", ] +[[package]] +name = "crypto-bigint" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "740fe28e594155f10cfc383984cbefd529d7396050557148f79cb0f621204124" +dependencies = [ + "generic-array", + "rand_core", + "subtle", + "zeroize", +] + [[package]] name = "crypto-common" version = "0.1.6" @@ -148,15 +169,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" dependencies = [ "const-oid", - "pem-rfc7468", + "pem-rfc7468 0.6.0", + "zeroize", +] + +[[package]] +name = "der" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" +dependencies = [ + "const-oid", + "pem-rfc7468 0.7.0", "zeroize", ] [[package]] name = "digest" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ "block-buffer", "const-oid", @@ -170,12 +202,26 @@ version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "12844141594ad74185a926d030f3b605f6a903b4e3fec351f3ea338ac5b7637e" dependencies = [ - "der", - "elliptic-curve", - "rfc6979", + "der 0.6.1", + "elliptic-curve 0.12.3", + "rfc6979 0.3.1", "signature 2.0.0", ] +[[package]] +name = "ecdsa" +version = "0.16.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4b1e0c257a9e9f25f90ff76d7a68360ed497ee519c8e428d1825ef0000799d4" +dependencies = [ + "der 0.7.8", + "digest", + "elliptic-curve 0.13.6", + "rfc6979 0.4.0", + "signature 2.0.0", + "spki 0.7.2", +] + [[package]] name = "ed25519" version = "1.5.3" @@ -201,18 +247,39 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3" dependencies = [ - "base16ct", - "crypto-bigint", - "der", + "base16ct 0.1.1", + "crypto-bigint 0.4.9", + "der 0.6.1", "digest", - "ff", + "ff 0.12.1", "generic-array", - "group", + "group 0.12.1", "hkdf", - "pem-rfc7468", - "pkcs8", + "pem-rfc7468 0.6.0", + "pkcs8 0.9.0", "rand_core", - "sec1", + "sec1 0.3.0", + "subtle", + "zeroize", +] + +[[package]] +name = "elliptic-curve" +version = "0.13.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d97ca172ae9dc9f9b779a6e3a65d308f2af74e5b8c921299075bdb4a0370e914" +dependencies = [ + "base16ct 0.2.0", + "crypto-bigint 0.5.3", + "digest", + "ff 0.13.0", + "generic-array", + "group 0.13.0", + "hkdf", + "pem-rfc7468 0.7.0", + "pkcs8 0.10.2", + "rand_core", + "sec1 0.7.3", "subtle", "zeroize", ] @@ -227,21 +294,32 @@ dependencies = [ "subtle", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core", + "subtle", +] + [[package]] name = "generic-array" -version = "0.14.6" +version = "0.14.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" dependencies = [ "typenum", "version_check", + "zeroize", ] [[package]] name = "getrandom" -version = "0.2.8" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31" +checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" dependencies = [ "cfg-if", "libc", @@ -254,7 +332,18 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5dfbfb3a6cfbd390d5c9564ab283a0349b9b9fcd46a706c1eb10e0db70bfbac7" dependencies = [ - "ff", + "ff 0.12.1", + "rand_core", + "subtle", +] + +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", "rand_core", "subtle", ] @@ -279,33 +368,33 @@ dependencies = [ [[package]] name = "hmac-sha1-compact" -version = "1.1.3" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05e2440a0078e20c3b68ca01234cea4219f23e64b0c0bdb1200c5550d54239bb" +checksum = "dff9d405ec732fa3fcde87264e54a32a84956a377b3e3107de96e59b798c84a7" [[package]] name = "hmac-sha256" -version = "1.1.6" +version = "1.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc736091aacb31ddaa4cd5f6988b3c21e99913ac846b41f32538c5fae5d71bfe" +checksum = "3688e69b38018fec1557254f64c8dc2cc8ec502890182f395dbb0aa997aa5735" dependencies = [ "digest", ] [[package]] name = "hmac-sha512" -version = "1.1.4" +version = "1.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "520c9c3f6040661669bc5c91e551b605a520c8e0a63a766a91a65adef734d151" +checksum = "e4ce1f4656bae589a3fab938f9f09bf58645b7ed01a2c5f8a3c238e01a4ef78a" dependencies = [ "digest", ] [[package]] name = "itoa" -version = "1.0.5" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fad582f4b9e86b6caa621cabeb0963332d92eea04729ab12892c2533951e6440" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" [[package]] name = "jwt-simple" @@ -320,14 +409,39 @@ dependencies = [ "hmac-sha1-compact", "hmac-sha256", "hmac-sha512", - "k256", - "p256", - "p384", + "k256 0.12.0", + "p256 0.12.0", + "p384 0.12.0", "rand", "rsa", "serde", "serde_json", - "spki", + "spki 0.6.0", + "thiserror", + "zeroize", +] + +[[package]] +name = "jwt-simple" +version = "0.11.4" +source = "git+https://github.com/wireapp/rust-jwt-simple?rev=5a35177ae37c06d65225df4ba2c2b065917748c5#5a35177ae37c06d65225df4ba2c2b065917748c5" +dependencies = [ + "anyhow", + "binstring", + "coarsetime", + "ct-codecs", + "ed25519-compact", + "hmac-sha1-compact", + "hmac-sha256", + "hmac-sha512", + "k256 0.13.1", + "p256 0.13.2", + "p384 0.13.0", + "rand", + "rsa", + "serde", + "serde_json", + "spki 0.6.0", "thiserror", "zeroize", ] @@ -339,8 +453,22 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "92a55e0ff3b72c262bcf041d9e97f1b84492b68f1c1a384de2323d3dc9403397" dependencies = [ "cfg-if", - "ecdsa", - "elliptic-curve", + "ecdsa 0.15.1", + "elliptic-curve 0.12.3", + "once_cell", + "sha2", + "signature 2.0.0", +] + +[[package]] +name = "k256" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cadb76004ed8e97623117f3df85b17aaa6626ab0b0831e6573f104df16cd1bcc" +dependencies = [ + "cfg-if", + "ecdsa 0.16.8", + "elliptic-curve 0.13.6", "once_cell", "sha2", "signature 2.0.0", @@ -357,15 +485,15 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.125" +version = "0.2.149" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5916d2ae698f6de9bfb891ad7a8d65c09d232dc58cc4ac433c7da3b2fd84bc2b" +checksum = "a08173bc88b7955d1b3145aa561539096c421ac8debde8cbc3612ec635fee29b" [[package]] name = "libm" -version = "0.2.6" +version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "348108ab3fba42ec82ff6e9564fc4ca0247bdccdc68dd8af9764bbc79c3c8ffb" +checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" [[package]] name = "libsodium-sys" @@ -381,24 +509,21 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" [[package]] name = "memchr" -version = "2.5.0" +version = "2.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" +checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" [[package]] name = "num-bigint-dig" -version = "0.8.2" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2399c9463abc5f909349d8aa9ba080e0b88b3ce2885389b60b993f39b1a56905" +checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" dependencies = [ "byteorder", "lazy_static", @@ -434,9 +559,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.15" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c" dependencies = [ "autocfg", "libm", @@ -444,9 +569,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.1" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "p256" @@ -454,9 +579,21 @@ version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49c124b3cbce43bcbac68c58ec181d98ed6cc7e6d0aa7c3ba97b2563410b0e55" dependencies = [ - "ecdsa", - "elliptic-curve", - "primeorder", + "ecdsa 0.15.1", + "elliptic-curve 0.12.3", + "primeorder 0.12.1", + "sha2", +] + +[[package]] +name = "p256" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b" +dependencies = [ + "ecdsa 0.16.8", + "elliptic-curve 0.13.6", + "primeorder 0.13.2", "sha2", ] @@ -466,9 +603,21 @@ version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "630a4a9b2618348ececfae61a4905f564b817063bf2d66cdfc2ced523fe1d2d4" dependencies = [ - "ecdsa", - "elliptic-curve", - "primeorder", + "ecdsa 0.15.1", + "elliptic-curve 0.12.3", + "primeorder 0.12.1", + "sha2", +] + +[[package]] +name = "p384" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209" +dependencies = [ + "ecdsa 0.16.8", + "elliptic-curve 0.13.6", + "primeorder 0.13.2", "sha2", ] @@ -481,15 +630,24 @@ dependencies = [ "base64ct", ] +[[package]] +name = "pem-rfc7468" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" +dependencies = [ + "base64ct", +] + [[package]] name = "pkcs1" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719" dependencies = [ - "der", - "pkcs8", - "spki", + "der 0.6.1", + "pkcs8 0.9.0", + "spki 0.6.0", "zeroize", ] @@ -499,15 +657,25 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" dependencies = [ - "der", - "spki", + "der 0.6.1", + "spki 0.6.0", +] + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der 0.7.8", + "spki 0.7.2", ] [[package]] name = "pkg-config" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" +checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" [[package]] name = "ppv-lite86" @@ -521,23 +689,32 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b54f7131b3dba65a2f414cf5bd25b66d4682e4608610668eae785750ba4c5b2" dependencies = [ - "elliptic-curve", + "elliptic-curve 0.12.3", +] + +[[package]] +name = "primeorder" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c2fcef82c0ec6eefcc179b978446c399b3cdf73c392c35604e399eee6df1ee3" +dependencies = [ + "elliptic-curve 0.13.6", ] [[package]] name = "proc-macro2" -version = "1.0.51" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d727cae5b39d21da60fa540906919ad737832fe0b1c165da3a34d6548c849d6" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.23" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -574,9 +751,21 @@ dependencies = [ [[package]] name = "regex" -version = "1.6.0" +version = "1.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "380b951a9c5e80ddfd6136919eef32310721aa4aacd4889a8d39124b026ab343" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" +checksum = "5f804c7828047e88b2d32e2d7fe5a105da8ee3264f01902f796c8e067dc2483f" dependencies = [ "aho-corasick", "memchr", @@ -585,9 +774,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.27" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" [[package]] name = "rfc6979" @@ -595,11 +784,21 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb" dependencies = [ - "crypto-bigint", + "crypto-bigint 0.4.9", "hmac", "zeroize", ] +[[package]] +name = "rfc6979" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" +dependencies = [ + "hmac", + "subtle", +] + [[package]] name = "rsa" version = "0.7.2" @@ -613,7 +812,7 @@ dependencies = [ "num-iter", "num-traits", "pkcs1", - "pkcs8", + "pkcs8 0.9.0", "rand_core", "signature 1.6.4", "smallvec", @@ -629,9 +828,9 @@ checksum = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" [[package]] name = "ryu" -version = "1.0.12" +version = "1.0.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b4b9743ed687d4b4bcedf9ff5eaa7398495ae14e61cba0a295704edbc7decde" +checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" [[package]] name = "same-file" @@ -648,28 +847,42 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928" dependencies = [ - "base16ct", - "der", + "base16ct 0.1.1", + "der 0.6.1", "generic-array", - "pkcs8", + "pkcs8 0.9.0", + "subtle", + "zeroize", +] + +[[package]] +name = "sec1" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" +dependencies = [ + "base16ct 0.2.0", + "der 0.7.8", + "generic-array", + "pkcs8 0.10.2", "subtle", "zeroize", ] [[package]] name = "serde" -version = "1.0.152" +version = "1.0.190" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb7d1f0d3021d347a83e556fc4683dea2ea09d87bccdf88ff5c12545d89d5efb" +checksum = "91d3c334ca1ee894a2c6f6ad698fe8c435b76d504b13d436f0685d648d6d96f7" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.152" +version = "1.0.190" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af487d118eecd09402d70a5d72551860e788df87b464af30e5ea6a38c75c541e" +checksum = "67c5609f394e5c2bd7fc51efda478004ea80ef42fee983d5c67a65e34f32c0e3" dependencies = [ "proc-macro2", "quote", @@ -678,9 +891,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.93" +version = "1.0.108" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cad406b69c91885b5107daf2c29572f6c8cdb3c66826821e286c533490c0bc76" +checksum = "3d1c7e3eac408d115102c4c24ad393e0821bb3a5df4d506a80f85f7a742a526b" dependencies = [ "itoa", "ryu", @@ -689,9 +902,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.6" +version = "0.10.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ "cfg-if", "cpufeatures", @@ -720,9 +933,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.10.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +checksum = "942b4a808e05215192e39f4ab80813e599068285906cc91aa64f923db842bd5a" [[package]] name = "sodiumoxide" @@ -749,20 +962,30 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" dependencies = [ "base64ct", - "der", + "der 0.6.1", +] + +[[package]] +name = "spki" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d1e996ef02c474957d681f1b05213dfb0abab947b446a62d37770b23500184a" +dependencies = [ + "base64ct", + "der 0.7.8", ] [[package]] name = "subtle" -version = "2.4.1" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" [[package]] name = "syn" -version = "1.0.107" +version = "2.0.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" +checksum = "e96b79aaa137db8f61e26363a0c9b47d8b4ec75da28b7d1d614c2303e232408b" dependencies = [ "proc-macro2", "quote", @@ -771,18 +994,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.38" +version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" +checksum = "f9a7210f5c9a7156bb50aa36aed4c95afb51df0df00713949448cf9e97d382d2" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.38" +version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" +checksum = "266b2e40bc00e5a6c09c3584011e08b06f123c00362c92b975ba9843aaaa14b8" dependencies = [ "proc-macro2", "quote", @@ -791,15 +1014,15 @@ dependencies = [ [[package]] name = "typenum" -version = "1.16.0" +version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" [[package]] name = "unicode-ident" -version = "1.0.6" +version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" [[package]] name = "version_check" @@ -809,12 +1032,11 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "walkdir" -version = "2.3.2" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "808cf2735cd4b6866113f648b791c6adc5714537bc222d9347bb203386ffda56" +checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee" dependencies = [ "same-file", - "winapi", "winapi-util", ] @@ -826,9 +1048,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.84" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b" +checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -836,9 +1058,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.84" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9" +checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd" dependencies = [ "bumpalo", "log", @@ -851,9 +1073,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.84" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5" +checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -861,9 +1083,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.84" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6" +checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", @@ -874,9 +1096,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.84" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" +checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" [[package]] name = "winapi" @@ -896,9 +1118,9 @@ checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" [[package]] name = "winapi-util" -version = "0.1.5" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596" dependencies = [ "winapi", ] @@ -915,7 +1137,7 @@ version = "3.1.0" dependencies = [ "asexp", "base64", - "jwt-simple", + "jwt-simple 0.11.3", "lazy_static", "regex", "rustc-serialize", @@ -929,13 +1151,13 @@ dependencies = [ name = "zauth-c" version = "3.0.0" dependencies = [ - "jwt-simple", + "jwt-simple 0.11.4", "libc", "zauth", ] [[package]] name = "zeroize" -version = "1.5.7" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" +checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" diff --git a/libs/libzauth/libzauth-c/Cargo.toml b/libs/libzauth/libzauth-c/Cargo.toml index 25506f5ea5d..f10d58cab73 100644 --- a/libs/libzauth/libzauth-c/Cargo.toml +++ b/libs/libzauth/libzauth-c/Cargo.toml @@ -17,4 +17,4 @@ path = "../libzauth" # fork of jwt-simple which supports JWK handling [dependencies.jwt-simple] git = "https://github.com/wireapp/rust-jwt-simple" -rev = "15a69f82288d68b74a75c1364e5d4bf681f1c07b" +rev = "5a35177ae37c06d65225df4ba2c2b065917748c5" From 078b850ead98a065d5cc31c58c76492242afc329 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 12:50:03 +0200 Subject: [PATCH 025/177] nix/overlay.nix: nixpkgs-fmt --- nix/overlay.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nix/overlay.nix b/nix/overlay.nix index 4d533dea9c8..608d36a180f 100644 --- a/nix/overlay.nix +++ b/nix/overlay.nix @@ -50,7 +50,7 @@ let }; sources = import ./sources.nix; - pkgsCargo = import sources.nixpkgs-cargo {}; + pkgsCargo = import sources.nixpkgs-cargo { }; in self: super: { From accff30f5215fe1a8bad6f18ecc1e9bad5f6dd18 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 12:49:47 +0200 Subject: [PATCH 026/177] zauth: build with crate2nix This needs crate2nix 0.11.0 (from a more recent nixpkgs checkout), but only during Cargo.nix recreation. Let's hope it's there the next time we update this file. --- libs/libzauth/libzauth-c/Cargo.nix | 1599 ++++++++++++++++---- libs/libzauth/libzauth-c/crate-hashes.json | 3 +- nix/overlay.nix | 2 +- nix/pkgs/zauth/default.nix | 54 +- 4 files changed, 1324 insertions(+), 334 deletions(-) diff --git a/libs/libzauth/libzauth-c/Cargo.nix b/libs/libzauth/libzauth-c/Cargo.nix index 4706945a419..13374265f8b 100644 --- a/libs/libzauth/libzauth-c/Cargo.nix +++ b/libs/libzauth/libzauth-c/Cargo.nix @@ -1,5 +1,5 @@ -# This file was @generated by crate2nix 0.10.0 with the command: +# This file was @generated by crate2nix 0.11.0 with the command: # "generate" # See https://github.com/kolloch/crate2nix for more info. @@ -7,11 +7,7 @@ , pkgs ? import nixpkgs { config = {}; } , lib ? pkgs.lib , stdenv ? pkgs.stdenv -, buildRustCrateForPkgs ? if buildRustCrate != null - then lib.warn "crate2nix: Passing `buildRustCrate` as argument to Cargo.nix is deprecated. If you don't customize `buildRustCrate`, replace `callPackage ./Cargo.nix {}` by `import ./Cargo.nix { inherit pkgs; }`, and if you need to customize `buildRustCrate`, use `buildRustCrateForPkgs` instead." (_: buildRustCrate) - else pkgs: pkgs.buildRustCrate - # Deprecated -, buildRustCrate ? null +, buildRustCrateForPkgs ? pkgs: pkgs.buildRustCrate # This is used as the `crateOverrides` argument for `buildRustCrate`. , defaultCrateOverrides ? pkgs.defaultCrateOverrides # The features to enable for the root_crate or the workspace_members. @@ -89,9 +85,9 @@ rec { crates = { "aho-corasick" = rec { crateName = "aho-corasick"; - version = "0.7.19"; - edition = "2018"; - sha256 = "0knl5n9f396068qk4zrvhcf01d5qp9ja2my4j7ywny093bcmpxdl"; + version = "1.1.2"; + edition = "2021"; + sha256 = "1w510wnixvlgimkx1zjbvlxh6xps2vjgfqgwf5a6adlbjp5rv5mj"; libName = "aho_corasick"; authors = [ "Andrew Gallant " @@ -100,20 +96,23 @@ rec { { name = "memchr"; packageId = "memchr"; + optional = true; usesDefaultFeatures = false; } ]; features = { - "default" = [ "std" ]; - "std" = [ "memchr/std" ]; + "default" = [ "std" "perf-literal" ]; + "logging" = [ "dep:log" ]; + "perf-literal" = [ "dep:memchr" ]; + "std" = [ "memchr?/std" ]; }; - resolvedDefaultFeatures = [ "default" "std" ]; + resolvedDefaultFeatures = [ "default" "perf-literal" "std" ]; }; "anyhow" = rec { crateName = "anyhow"; - version = "1.0.69"; + version = "1.0.75"; edition = "2018"; - sha256 = "007q0cw3zv8y5314c41vjyqznrqvim5ydv0306wy9mn34zbznji2"; + sha256 = "1rmcjkim91c5mw7h9wn8nv0k6x118yz0xg0z1q18svgn42mqqrm4"; authors = [ "David Tolnay " ]; @@ -143,7 +142,7 @@ rec { ]; }; - "base16ct" = rec { + "base16ct 0.1.1" = rec { crateName = "base16ct"; version = "0.1.1"; edition = "2021"; @@ -156,25 +155,39 @@ rec { }; resolvedDefaultFeatures = [ "alloc" ]; }; + "base16ct 0.2.0" = rec { + crateName = "base16ct"; + version = "0.2.0"; + edition = "2021"; + sha256 = "1kylrjhdzk7qpknrvlphw8ywdnvvg39dizw9622w3wk5xba04zsc"; + authors = [ + "RustCrypto Developers" + ]; + features = { + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; "base64" = rec { crateName = "base64"; - version = "0.21.0"; - edition = "2021"; - sha256 = "0sidjip5b33sr6w7kasfj9qxpbda41nw0x4gjjk55g55a6mdv954"; + version = "0.21.5"; + edition = "2018"; + sha256 = "1y8x2xs9nszj5ix7gg4ycn5a6wy7ca74zxwqri3bdqzdjha6lqrm"; authors = [ "Alice Maz " "Marshall Pierce " ]; features = { "default" = [ "std" ]; + "std" = [ "alloc" ]; }; - resolvedDefaultFeatures = [ "default" "std" ]; + resolvedDefaultFeatures = [ "alloc" "default" "std" ]; }; "base64ct" = rec { crateName = "base64ct"; - version = "1.5.3"; + version = "1.6.0"; edition = "2021"; - sha256 = "1gq7avqyrskz0an97fv68sn00nczlk0wp0ag3c8vdk1f2a4s0idn"; + sha256 = "0nvdba4jb8aikv60az40x2w1y96sjdq8z3yp09rwzmkhiwv1lg4c"; authors = [ "RustCrypto Developers" ]; @@ -195,9 +208,9 @@ rec { }; "block-buffer" = rec { crateName = "block-buffer"; - version = "0.10.3"; + version = "0.10.4"; edition = "2018"; - sha256 = "0zmy5vjwa6pbrhlgk94jg2pz08w5dd9nw2j7jfwrg3s96w3y5k39"; + sha256 = "0w9sa2ypmrsqqvc20nhwr75wbb5cjr4kkyhpjm1z1lv2kdicfy1h"; authors = [ "RustCrypto Developers" ]; @@ -211,21 +224,22 @@ rec { }; "bumpalo" = rec { crateName = "bumpalo"; - version = "3.12.0"; + version = "3.14.0"; edition = "2021"; - sha256 = "0damxqdgqqzp3zyfwvbrg5hzx39kqgxnxl3yyq3kk4ald0jiw9hd"; + sha256 = "1v4arnv9kwk54v5d0qqpv4vyw2sgr660nk0w3apzixi1cm3yfc3z"; authors = [ "Nick Fitzgerald " ]; features = { + "allocator-api2" = [ "dep:allocator-api2" ]; }; resolvedDefaultFeatures = [ "default" ]; }; "byteorder" = rec { crateName = "byteorder"; - version = "1.4.3"; - edition = "2018"; - sha256 = "0456lv9xi1a5bcm32arknf33ikv76p3fr9yzki4lb2897p2qkh8l"; + version = "1.5.0"; + edition = "2021"; + sha256 = "0jzncxyf404mwqdbspihyzpkndfgda450l0893pz5xj685cg5l0z"; authors = [ "Andrew Gallant " ]; @@ -235,13 +249,21 @@ rec { }; "cc" = rec { crateName = "cc"; - version = "1.0.73"; + version = "1.0.83"; edition = "2018"; crateBin = []; - sha256 = "04ccylrjq94jssh8f7d7hxv64gs9f1m1jrsxb7wqgfxk4xljmzrg"; + sha256 = "1l643zidlb5iy1dskc5ggqs4wqa29a02f44piczqc8zcnsq4y5zi"; authors = [ "Alex Crichton " ]; + dependencies = [ + { + name = "libc"; + packageId = "libc"; + usesDefaultFeatures = false; + target = { target, features }: (target."unix" or false); + } + ]; features = { "jobserver" = [ "dep:jobserver" ]; "parallel" = [ "jobserver" ]; @@ -263,9 +285,9 @@ rec { }; "coarsetime" = rec { crateName = "coarsetime"; - version = "0.1.22"; + version = "0.1.29"; edition = "2018"; - sha256 = "0ihfdyavcqanmxir9g6jbjwvqw3apk8lqnv59j043q9r0i83hh25"; + sha256 = "1d3xsbrfgwaqhhsmqj1p12qfck9l6bmga4qgbprisc0l1p8g0gm7"; authors = [ "Frank Denis " ]; @@ -273,7 +295,7 @@ rec { { name = "libc"; packageId = "libc"; - target = { target, features }: (!(target."os" == "wasi")); + target = { target, features }: (!("wasi" == target."os")); } { name = "once_cell"; @@ -282,12 +304,12 @@ rec { { name = "wasi"; packageId = "wasi"; - target = { target, features }: (target."os" == "wasi"); + target = { target, features }: ("wasi" == target."os"); } { name = "wasm-bindgen"; packageId = "wasm-bindgen"; - target = { target, features }: (((target."arch" == "wasm32") || (target."arch" == "wasm64")) && (target."os" == "unknown")); + target = { target, features }: ((("wasm32" == target."arch") || ("wasm64" == target."arch")) && ("unknown" == target."os")); } ]; features = { @@ -295,20 +317,21 @@ rec { }; "const-oid" = rec { crateName = "const-oid"; - version = "0.9.1"; + version = "0.9.5"; edition = "2021"; - sha256 = "0fyxvwnl3x6bxhy08a3g4ryf8mky6wnhwd6ll4g6mjxgfnk1ihyf"; + sha256 = "0vxb4d25mgk8y0phay7j078limx2553716ixsr1x5605k31j5h98"; authors = [ "RustCrypto Developers" ]; features = { + "arbitrary" = [ "dep:arbitrary" ]; }; }; "cpufeatures" = rec { crateName = "cpufeatures"; - version = "0.2.5"; + version = "0.2.11"; edition = "2018"; - sha256 = "08535izlz4kx8z1kkcp0gy80gqk7k19dqiiysj6r5994bsyrgn98"; + sha256 = "1l0gzsyy576n017g9bf0vkv5hhg9cpz1h1libxyfdlzcgbh0yhnf"; authors = [ "RustCrypto Developers" ]; @@ -316,22 +339,27 @@ rec { { name = "libc"; packageId = "libc"; - target = { target, features }: (stdenv.hostPlatform.config == "aarch64-apple-darwin"); + target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "aarch64-linux-android"); + } + { + name = "libc"; + packageId = "libc"; + target = { target, features }: (("aarch64" == target."arch") && ("linux" == target."os")); } { name = "libc"; packageId = "libc"; - target = { target, features }: (stdenv.hostPlatform.config == "aarch64-linux-android"); + target = { target, features }: (("aarch64" == target."arch") && ("apple" == target."vendor")); } { name = "libc"; packageId = "libc"; - target = { target, features }: ((target."arch" == "aarch64") && (target."os" == "linux")); + target = { target, features }: (("loongarch64" == target."arch") && ("linux" == target."os")); } ]; }; - "crypto-bigint" = rec { + "crypto-bigint 0.4.9" = rec { crateName = "crypto-bigint"; version = "0.4.9"; edition = "2021"; @@ -382,6 +410,57 @@ rec { }; resolvedDefaultFeatures = [ "generic-array" "rand_core" "zeroize" ]; }; + "crypto-bigint 0.5.3" = rec { + crateName = "crypto-bigint"; + version = "0.5.3"; + edition = "2021"; + sha256 = "092140hzdc4wyx472mahc0wxfafmxz5q8f9qzh6g2ma1b67f43vl"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "generic-array"; + packageId = "generic-array"; + optional = true; + } + { + name = "rand_core"; + packageId = "rand_core"; + optional = true; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "rand_core"; + packageId = "rand_core"; + features = [ "std" ]; + } + ]; + features = { + "alloc" = [ "serdect?/alloc" ]; + "default" = [ "rand" ]; + "der" = [ "dep:der" ]; + "generic-array" = [ "dep:generic-array" ]; + "rand" = [ "rand_core/std" ]; + "rand_core" = [ "dep:rand_core" ]; + "rlp" = [ "dep:rlp" ]; + "serde" = [ "dep:serdect" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "generic-array" "rand_core" "zeroize" ]; + }; "crypto-common" = rec { crateName = "crypto-common"; version = "0.1.6"; @@ -420,7 +499,7 @@ rec { }; resolvedDefaultFeatures = [ "default" "std" ]; }; - "der" = rec { + "der 0.6.1" = rec { crateName = "der"; version = "0.6.1"; edition = "2021"; @@ -436,7 +515,7 @@ rec { } { name = "pem-rfc7468"; - packageId = "pem-rfc7468"; + packageId = "pem-rfc7468 0.6.0"; optional = true; } { @@ -461,11 +540,52 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "const-oid" "oid" "pem" "pem-rfc7468" "std" "zeroize" ]; }; + "der 0.7.8" = rec { + crateName = "der"; + version = "0.7.8"; + edition = "2021"; + sha256 = "070bwiyr80800h31c5zd96ckkgagfjgnrrdmz3dzg2lccsd3dypz"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "const-oid"; + packageId = "const-oid"; + optional = true; + } + { + name = "pem-rfc7468"; + packageId = "pem-rfc7468 0.7.0"; + optional = true; + features = [ "alloc" ]; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "zeroize?/alloc" ]; + "arbitrary" = [ "dep:arbitrary" "const-oid?/arbitrary" "std" ]; + "bytes" = [ "dep:bytes" "alloc" ]; + "derive" = [ "dep:der_derive" ]; + "flagset" = [ "dep:flagset" ]; + "oid" = [ "dep:const-oid" ]; + "pem" = [ "dep:pem-rfc7468" "alloc" "zeroize" ]; + "std" = [ "alloc" ]; + "time" = [ "dep:time" ]; + "zeroize" = [ "dep:zeroize" ]; + }; + resolvedDefaultFeatures = [ "alloc" "oid" "pem" "std" "zeroize" ]; + }; "digest" = rec { crateName = "digest"; - version = "0.10.6"; + version = "0.10.7"; edition = "2018"; - sha256 = "0vz74785s96g727vg37iwkjvbkcfzp093j49ihhyf8sh9s7kfs41"; + sha256 = "14p2n6ih29x81akj097lvz7wi9b6b9hvls0lwrv7b6xwyy0s5ncy"; authors = [ "RustCrypto Developers" ]; @@ -506,7 +626,7 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "block-buffer" "const-oid" "core-api" "default" "mac" "oid" "std" "subtle" ]; }; - "ecdsa" = rec { + "ecdsa 0.15.1" = rec { crateName = "ecdsa"; version = "0.15.1"; edition = "2021"; @@ -517,18 +637,18 @@ rec { dependencies = [ { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; optional = true; } { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; usesDefaultFeatures = false; features = [ "digest" "sec1" ]; } { name = "rfc6979"; - packageId = "rfc6979"; + packageId = "rfc6979 0.3.1"; optional = true; } { @@ -541,7 +661,7 @@ rec { devDependencies = [ { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; usesDefaultFeatures = false; features = [ "dev" ]; } @@ -564,6 +684,79 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "arithmetic" "der" "digest" "hazmat" "pem" "pkcs8" "rfc6979" "signing" "std" "verifying" ]; }; + "ecdsa 0.16.8" = rec { + crateName = "ecdsa"; + version = "0.16.8"; + edition = "2021"; + sha256 = "1m4r0w0g0pl2s4lf9j0rwmz4kvb0hfkdfxpzj1gz5sd9az1f1cd4"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "der"; + packageId = "der 0.7.8"; + optional = true; + } + { + name = "digest"; + packageId = "digest"; + optional = true; + usesDefaultFeatures = false; + features = [ "oid" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; + usesDefaultFeatures = false; + features = [ "digest" "sec1" ]; + } + { + name = "rfc6979"; + packageId = "rfc6979 0.4.0"; + optional = true; + } + { + name = "signature"; + packageId = "signature 2.0.0"; + usesDefaultFeatures = false; + features = [ "rand_core" ]; + } + { + name = "spki"; + packageId = "spki 0.7.2"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "elliptic-curve/alloc" "signature/alloc" "spki/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "default" = [ "digest" ]; + "der" = [ "dep:der" ]; + "dev" = [ "arithmetic" "digest" "elliptic-curve/dev" "hazmat" ]; + "digest" = [ "dep:digest" "signature/digest" ]; + "pem" = [ "elliptic-curve/pem" "pkcs8" ]; + "pkcs8" = [ "digest" "elliptic-curve/pkcs8" "der" ]; + "rfc6979" = [ "dep:rfc6979" ]; + "serde" = [ "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "signing" = [ "arithmetic" "digest" "hazmat" "rfc6979" ]; + "spki" = [ "dep:spki" ]; + "std" = [ "alloc" "elliptic-curve/std" "signature/std" ]; + "verifying" = [ "arithmetic" "digest" "hazmat" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "der" "digest" "hazmat" "pem" "pkcs8" "rfc6979" "signing" "spki" "std" "verifying" ]; + }; "ed25519" = rec { crateName = "ed25519"; version = "1.5.3"; @@ -632,7 +825,7 @@ rec { }; resolvedDefaultFeatures = [ "ct-codecs" "default" "getrandom" "pem" "random" "std" "x25519" ]; }; - "elliptic-curve" = rec { + "elliptic-curve 0.12.3" = rec { crateName = "elliptic-curve"; version = "0.12.3"; edition = "2021"; @@ -643,17 +836,17 @@ rec { dependencies = [ { name = "base16ct"; - packageId = "base16ct"; + packageId = "base16ct 0.1.1"; } { name = "crypto-bigint"; - packageId = "crypto-bigint"; + packageId = "crypto-bigint 0.4.9"; usesDefaultFeatures = false; features = [ "rand_core" "generic-array" "zeroize" ]; } { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; usesDefaultFeatures = false; features = [ "oid" ]; } @@ -664,7 +857,7 @@ rec { } { name = "ff"; - packageId = "ff"; + packageId = "ff 0.12.1"; optional = true; usesDefaultFeatures = false; } @@ -675,7 +868,7 @@ rec { } { name = "group"; - packageId = "group"; + packageId = "group 0.12.1"; optional = true; usesDefaultFeatures = false; } @@ -687,12 +880,12 @@ rec { } { name = "pem-rfc7468"; - packageId = "pem-rfc7468"; + packageId = "pem-rfc7468 0.6.0"; optional = true; } { name = "pkcs8"; - packageId = "pkcs8"; + packageId = "pkcs8 0.9.0"; optional = true; usesDefaultFeatures = false; } @@ -703,7 +896,7 @@ rec { } { name = "sec1"; - packageId = "sec1"; + packageId = "sec1 0.3.0"; optional = true; features = [ "subtle" "zeroize" ]; } @@ -745,7 +938,110 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "arithmetic" "digest" "ecdh" "ff" "group" "hazmat" "hkdf" "pem" "pem-rfc7468" "pkcs8" "sec1" "std" ]; }; - "ff" = rec { + "elliptic-curve 0.13.6" = rec { + crateName = "elliptic-curve"; + version = "0.13.6"; + edition = "2021"; + sha256 = "0579f01lmnsv0yci54lcbd7gfalg61fsdqx6g6vzkjcxmrra2z6r"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base16ct"; + packageId = "base16ct 0.2.0"; + } + { + name = "crypto-bigint"; + packageId = "crypto-bigint 0.5.3"; + usesDefaultFeatures = false; + features = [ "rand_core" "generic-array" "zeroize" ]; + } + { + name = "digest"; + packageId = "digest"; + optional = true; + } + { + name = "ff"; + packageId = "ff 0.13.0"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "generic-array"; + packageId = "generic-array"; + usesDefaultFeatures = false; + features = [ "zeroize" ]; + } + { + name = "group"; + packageId = "group 0.13.0"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "hkdf"; + packageId = "hkdf"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "pem-rfc7468"; + packageId = "pem-rfc7468 0.7.0"; + optional = true; + features = [ "alloc" ]; + } + { + name = "pkcs8"; + packageId = "pkcs8 0.10.2"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "sec1"; + packageId = "sec1 0.7.3"; + optional = true; + features = [ "subtle" "zeroize" ]; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "base16ct/alloc" "ff?/alloc" "group?/alloc" "pkcs8?/alloc" "sec1?/alloc" "zeroize/alloc" ]; + "arithmetic" = [ "group" ]; + "bits" = [ "arithmetic" "ff/bits" "dep:tap" ]; + "default" = [ "arithmetic" ]; + "dev" = [ "arithmetic" "dep:hex-literal" "pem" "pkcs8" ]; + "digest" = [ "dep:digest" ]; + "ecdh" = [ "arithmetic" "digest" "dep:hkdf" ]; + "ff" = [ "dep:ff" ]; + "group" = [ "dep:group" "ff" ]; + "hash2curve" = [ "arithmetic" "digest" ]; + "jwk" = [ "dep:base64ct" "dep:serde_json" "alloc" "serde" "zeroize/alloc" ]; + "pem" = [ "dep:pem-rfc7468" "alloc" "arithmetic" "pkcs8" "sec1/pem" ]; + "pkcs8" = [ "dep:pkcs8" "sec1" ]; + "sec1" = [ "dep:sec1" ]; + "serde" = [ "dep:serdect" "alloc" "pkcs8" "sec1/serde" ]; + "std" = [ "alloc" "rand_core/std" "pkcs8?/std" "sec1?/std" ]; + "voprf" = [ "digest" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "digest" "ecdh" "ff" "group" "hazmat" "pem" "pkcs8" "sec1" "std" ]; + }; + "ff 0.12.1" = rec { crateName = "ff"; version = "0.12.1"; edition = "2021"; @@ -778,11 +1074,45 @@ rec { "std" = [ "alloc" ]; }; }; - "generic-array" = rec { - crateName = "generic-array"; - version = "0.14.6"; - edition = "2015"; - sha256 = "1fgi07v268jd0mr6xc42rjbq0wzl8ngsgp5b8wj33wwpfaa9xx5z"; + "ff 0.13.0" = rec { + crateName = "ff"; + version = "0.13.0"; + edition = "2021"; + sha256 = "0jcl8yhcs5kbfxfpnrhpkkvnk7s666vly6sgawg3nri9nx215m6y"; + authors = [ + "Sean Bowe " + "Jack Grigg " + ]; + dependencies = [ + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + features = [ "i128" ]; + } + ]; + features = { + "bits" = [ "bitvec" ]; + "bitvec" = [ "dep:bitvec" ]; + "byteorder" = [ "dep:byteorder" ]; + "default" = [ "bits" "std" ]; + "derive" = [ "byteorder" "ff_derive" ]; + "derive_bits" = [ "bits" "ff_derive/bits" ]; + "ff_derive" = [ "dep:ff_derive" ]; + "std" = [ "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; + "generic-array" = rec { + crateName = "generic-array"; + version = "0.14.7"; + edition = "2015"; + sha256 = "16lyyrzrljfq424c3n8kfwkqihlimmsg5nhshbbp48np3yjrqr45"; libName = "generic_array"; authors = [ "Bartłomiej Kamiński " @@ -793,6 +1123,12 @@ rec { name = "typenum"; packageId = "typenum"; } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } ]; buildDependencies = [ { @@ -804,13 +1140,13 @@ rec { "serde" = [ "dep:serde" ]; "zeroize" = [ "dep:zeroize" ]; }; - resolvedDefaultFeatures = [ "more_lengths" ]; + resolvedDefaultFeatures = [ "more_lengths" "zeroize" ]; }; "getrandom" = rec { crateName = "getrandom"; - version = "0.2.8"; + version = "0.2.10"; edition = "2018"; - sha256 = "0cbb766pcyi7sws0fnp1pxkz0nhiya0ckallq502bxmq49mfnnn0"; + sha256 = "09zlimhhskzf7cmgcszix05wyz2i6fcpvh711cv1klsxl6r3chdy"; authors = [ "The Rand Project Developers" ]; @@ -828,7 +1164,8 @@ rec { { name = "wasi"; packageId = "wasi"; - target = { target, features }: (target."os" == "wasi"); + usesDefaultFeatures = false; + target = { target, features }: ("wasi" == target."os"); } ]; features = { @@ -841,7 +1178,7 @@ rec { }; resolvedDefaultFeatures = [ "std" ]; }; - "group" = rec { + "group 0.12.1" = rec { crateName = "group"; version = "0.12.1"; edition = "2021"; @@ -853,7 +1190,42 @@ rec { dependencies = [ { name = "ff"; - packageId = "ff"; + packageId = "ff 0.12.1"; + usesDefaultFeatures = false; + } + { + name = "rand_core"; + packageId = "rand_core"; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "alloc" ]; + "memuse" = [ "dep:memuse" ]; + "rand" = [ "dep:rand" ]; + "rand_xorshift" = [ "dep:rand_xorshift" ]; + "tests" = [ "alloc" "rand" "rand_xorshift" ]; + "wnaf-memuse" = [ "alloc" "memuse" ]; + }; + }; + "group 0.13.0" = rec { + crateName = "group"; + version = "0.13.0"; + edition = "2021"; + sha256 = "0qqs2p5vqnv3zvq9mfjkmw3qlvgqb0c3cm6p33srkh7pc9sfzygh"; + authors = [ + "Sean Bowe " + "Jack Grigg " + ]; + dependencies = [ + { + name = "ff"; + packageId = "ff 0.13.0"; usesDefaultFeatures = false; } { @@ -875,6 +1247,7 @@ rec { "tests" = [ "alloc" "rand" "rand_xorshift" ]; "wnaf-memuse" = [ "alloc" "memuse" ]; }; + resolvedDefaultFeatures = [ "alloc" ]; }; "hkdf" = rec { crateName = "hkdf"; @@ -923,9 +1296,9 @@ rec { }; "hmac-sha1-compact" = rec { crateName = "hmac-sha1-compact"; - version = "1.1.3"; + version = "1.1.4"; edition = "2018"; - sha256 = "1frr8bam0m8c42qvvh5hchzg46a2x96260fad0xhrqkq00549qh5"; + sha256 = "19w4iiwrprcnvq3k2gkv6xm9b11alda4w9l7vvya6bvkxh2x9yfz"; authors = [ "Frank Denis " ]; @@ -940,9 +1313,9 @@ rec { }; "hmac-sha256" = rec { crateName = "hmac-sha256"; - version = "1.1.6"; + version = "1.1.7"; edition = "2018"; - sha256 = "1zhvszjzmi9q4prl2sw4mh9rks917j5rixnm9jmdscfbma8n0wzw"; + sha256 = "0dapmabsj2mvblwjy64h518frj1cvk468kr5awayr3q172dyd21n"; authors = [ "Frank Denis " ]; @@ -966,9 +1339,9 @@ rec { }; "hmac-sha512" = rec { crateName = "hmac-sha512"; - version = "1.1.4"; + version = "1.1.5"; edition = "2018"; - sha256 = "0lfi6kvxwnm6j5m7cfm6w3421985nr8yb4awpilicrj0c0zrq32j"; + sha256 = "12pp9qdf0f62lgwcb8h1xnvlb1pmkgqgjf5rzaiqkrdsar31zkp4"; authors = [ "Frank Denis " ]; @@ -993,9 +1366,9 @@ rec { }; "itoa" = rec { crateName = "itoa"; - version = "1.0.5"; + version = "1.0.9"; edition = "2018"; - sha256 = "0h343sak699ci49anaa7l3p94b9kcc4ypaqwcam6qsz8p7s85mgs"; + sha256 = "0f6cpb4yqzhkrhhg6kqsw3wnmmhdnnffi6r2xzy248gzi2v0l5dg"; authors = [ "David Tolnay " ]; @@ -1003,7 +1376,7 @@ rec { "no-panic" = [ "dep:no-panic" ]; }; }; - "jwt-simple" = rec { + "jwt-simple 0.11.3" = rec { crateName = "jwt-simple"; version = "0.11.3"; edition = "2018"; @@ -1054,17 +1427,116 @@ rec { } { name = "k256"; - packageId = "k256"; + packageId = "k256 0.12.0"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "p256"; + packageId = "p256 0.12.0"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "p384"; + packageId = "p384 0.12.0"; + features = [ "ecdsa" "std" "pkcs8" "pem" ]; + } + { + name = "rand"; + packageId = "rand"; + } + { + name = "rsa"; + packageId = "rsa"; + } + { + name = "serde"; + packageId = "serde"; + features = [ "derive" ]; + } + { + name = "serde_json"; + packageId = "serde_json"; + } + { + name = "spki"; + packageId = "spki 0.6.0"; + } + { + name = "thiserror"; + packageId = "thiserror"; + } + { + name = "zeroize"; + packageId = "zeroize"; + } + ]; + features = { + "ciborium" = [ "dep:ciborium" ]; + "cwt" = [ "ciborium" ]; + }; + }; + "jwt-simple 0.11.4" = rec { + crateName = "jwt-simple"; + version = "0.11.4"; + edition = "2018"; + workspace_member = null; + src = pkgs.fetchgit { + url = "https://github.com/wireapp/rust-jwt-simple"; + rev = "5a35177ae37c06d65225df4ba2c2b065917748c5"; + sha256 = "1fkv1w82dy681qbw9wwja2dapgg1m8d01j5i2zxn1vccpsy89cnc"; + }; + authors = [ + "Frank Denis " + ]; + dependencies = [ + { + name = "anyhow"; + packageId = "anyhow"; + } + { + name = "binstring"; + packageId = "binstring"; + } + { + name = "coarsetime"; + packageId = "coarsetime"; + } + { + name = "ct-codecs"; + packageId = "ct-codecs"; + } + { + name = "ed25519-compact"; + packageId = "ed25519-compact"; + features = [ "pem" ]; + } + { + name = "hmac-sha1-compact"; + packageId = "hmac-sha1-compact"; + } + { + name = "hmac-sha256"; + packageId = "hmac-sha256"; + features = [ "traits010" ]; + } + { + name = "hmac-sha512"; + packageId = "hmac-sha512"; + features = [ "traits010" "sha384" ]; + } + { + name = "k256"; + packageId = "k256 0.13.1"; features = [ "ecdsa" "std" "pkcs8" "pem" ]; } { name = "p256"; - packageId = "p256"; + packageId = "p256 0.13.2"; features = [ "ecdsa" "std" "pkcs8" "pem" ]; } { name = "p384"; - packageId = "p384"; + packageId = "p384 0.13.0"; features = [ "ecdsa" "std" "pkcs8" "pem" ]; } { @@ -1086,7 +1558,7 @@ rec { } { name = "spki"; - packageId = "spki"; + packageId = "spki 0.6.0"; } { name = "thiserror"; @@ -1102,7 +1574,7 @@ rec { "cwt" = [ "ciborium" ]; }; }; - "k256" = rec { + "k256 0.12.0" = rec { crateName = "k256"; version = "0.12.0"; edition = "2021"; @@ -1117,7 +1589,90 @@ rec { } { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.15.1"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "once_cell"; + packageId = "once_cell"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "signature"; + packageId = "signature 2.0.0"; + optional = true; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa 0.15.1"; + rename = "ecdsa-core"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "critical-section" = [ "once_cell/critical-section" "precomputed-tables" ]; + "default" = [ "arithmetic" "ecdsa" "pkcs8" "precomputed-tables" "schnorr" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "once_cell" = [ "dep:once_cell" ]; + "pem" = [ "ecdsa-core/pem" "elliptic-curve/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core/pkcs8" "elliptic-curve/pkcs8" ]; + "precomputed-tables" = [ "arithmetic" "once_cell" ]; + "schnorr" = [ "arithmetic" "sha256" "signature" ]; + "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha256" = [ "digest" "sha2" ]; + "signature" = [ "dep:signature" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" "once_cell?/std" ]; + "test-vectors" = [ "hex-literal" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "once_cell" "pem" "pkcs8" "precomputed-tables" "schnorr" "sha2" "sha256" "signature" "std" ]; + }; + "k256 0.13.1" = rec { + crateName = "k256"; + version = "0.13.1"; + edition = "2021"; + sha256 = "1k0vrlbdy17ifdjix0xhn1m659ma2xdzhgbz24ipdsfq9q07dnya"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "cfg-if"; + packageId = "cfg-if"; + } + { + name = "ecdsa"; + packageId = "ecdsa 0.16.8"; rename = "ecdsa-core"; optional = true; usesDefaultFeatures = false; @@ -1125,7 +1680,7 @@ rec { } { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; usesDefaultFeatures = false; features = [ "hazmat" "sec1" ]; } @@ -1150,7 +1705,8 @@ rec { devDependencies = [ { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.16.8"; + rename = "ecdsa-core"; usesDefaultFeatures = false; features = [ "dev" ]; } @@ -1207,9 +1763,9 @@ rec { }; "libc" = rec { crateName = "libc"; - version = "0.2.125"; + version = "0.2.149"; edition = "2015"; - sha256 = "0axwhkyv58vx7i1sri4cqlnj77f0cn6pmbcip2zyjvcgd6pd45jr"; + sha256 = "16z2zqswcbk1qg5yigfyr0d44v0974amdaj564dmv5dpi2y770d0"; authors = [ "The Rust Project Developers" ]; @@ -1223,9 +1779,9 @@ rec { }; "libm" = rec { crateName = "libm"; - version = "0.2.6"; + version = "0.2.8"; edition = "2018"; - sha256 = "1ywg7jfcgfv4jypxi3f6rpf7n9509ky695bfzy1fqhms7ymhi09l"; + sha256 = "0n4hk1rs8pzw8hdfmwn96c4568s93kfxqgcqswr7sajd2diaihjf"; authors = [ "Jorge Aparicio " ]; @@ -1255,13 +1811,13 @@ rec { { name = "cc"; packageId = "cc"; - target = {target, features}: (!(target."env" == "msvc")); + target = {target, features}: (!("msvc" == target."env")); } { name = "libc"; packageId = "libc"; usesDefaultFeatures = false; - target = {target, features}: (target."env" == "msvc"); + target = {target, features}: ("msvc" == target."env"); } { name = "pkg-config"; @@ -1277,33 +1833,28 @@ rec { }; "log" = rec { crateName = "log"; - version = "0.4.17"; + version = "0.4.20"; edition = "2015"; - sha256 = "0biqlaaw1lsr8bpnmbcc0fvgjj34yy79ghqzyi0ali7vgil2xcdb"; + sha256 = "13rf7wphnwd61vazpxr7fiycin6cb1g8fmvgqg18i464p0y1drmm"; authors = [ "The Rust Project Developers" ]; - dependencies = [ - { - name = "cfg-if"; - packageId = "cfg-if"; - } - ]; features = { "kv_unstable" = [ "value-bag" ]; "kv_unstable_serde" = [ "kv_unstable_std" "value-bag/serde" "serde" ]; "kv_unstable_std" = [ "std" "kv_unstable" "value-bag/error" ]; - "kv_unstable_sval" = [ "kv_unstable" "value-bag/sval" "sval" ]; + "kv_unstable_sval" = [ "kv_unstable" "value-bag/sval" "sval" "sval_ref" ]; "serde" = [ "dep:serde" ]; "sval" = [ "dep:sval" ]; + "sval_ref" = [ "dep:sval_ref" ]; "value-bag" = [ "dep:value-bag" ]; }; }; "memchr" = rec { crateName = "memchr"; - version = "2.5.0"; - edition = "2018"; - sha256 = "0vanfk5mzs1g1syqnj03q8n0syggnhn55dq535h2wxr7rwpfbzrd"; + version = "2.6.4"; + edition = "2021"; + sha256 = "0rq1ka8790ns41j147npvxcqcl2anxyngsdimy85ag2api0fwrgn"; authors = [ "Andrew Gallant " "bluss" @@ -1312,17 +1863,18 @@ rec { "compiler_builtins" = [ "dep:compiler_builtins" ]; "core" = [ "dep:core" ]; "default" = [ "std" ]; - "libc" = [ "dep:libc" ]; + "logging" = [ "dep:log" ]; "rustc-dep-of-std" = [ "core" "compiler_builtins" ]; + "std" = [ "alloc" ]; "use_std" = [ "std" ]; }; - resolvedDefaultFeatures = [ "default" "std" ]; + resolvedDefaultFeatures = [ "alloc" "default" "std" ]; }; "num-bigint-dig" = rec { crateName = "num-bigint-dig"; - version = "0.8.2"; + version = "0.8.4"; edition = "2021"; - sha256 = "01b9lnqkjgwr1fv8jlw8w8y8pf70h2h9panq969r0pxw793ck693"; + sha256 = "0lb12df24wgxxbspz4gw1sf1kdqwvpdcpwq4fdlwg4gj41c1k16w"; authors = [ "dignifiedquire " "The Rust Project Developers" @@ -1459,9 +2011,9 @@ rec { }; "num-traits" = rec { crateName = "num-traits"; - version = "0.2.15"; - edition = "2015"; - sha256 = "1kfdqqw2ndz0wx2j75v9nbjx7d3mh3150zs4p5595y02rwsdx3jp"; + version = "0.2.17"; + edition = "2018"; + sha256 = "0z16bi5zwgfysz6765v3rd6whfbjpihx3mhsn4dg8dzj2c221qrr"; authors = [ "The Rust Project Developers" ]; @@ -1486,26 +2038,23 @@ rec { }; "once_cell" = rec { crateName = "once_cell"; - version = "1.17.1"; + version = "1.18.0"; edition = "2021"; - sha256 = "1lrsy9c5ikf2iwxr4iwgd3rlq9mg8alh0np1g8abnvp1k4151rdp"; + sha256 = "0vapcd5ambwck95wyz3ymlim35jirgnqn9a0qmi19msymv95v2yx"; authors = [ "Aleksey Kladov " ]; features = { "alloc" = [ "race" ]; "atomic-polyfill" = [ "critical-section" ]; - "atomic_polyfill" = [ "dep:atomic_polyfill" ]; - "critical-section" = [ "critical_section" "atomic_polyfill" ]; - "critical_section" = [ "dep:critical_section" ]; + "critical-section" = [ "dep:critical-section" "dep:atomic-polyfill" ]; "default" = [ "std" ]; - "parking_lot" = [ "parking_lot_core" ]; - "parking_lot_core" = [ "dep:parking_lot_core" ]; + "parking_lot" = [ "dep:parking_lot_core" ]; "std" = [ "alloc" ]; }; resolvedDefaultFeatures = [ "alloc" "default" "race" "std" ]; }; - "p256" = rec { + "p256 0.12.0" = rec { crateName = "p256"; version = "0.12.0"; edition = "2021"; @@ -1516,7 +2065,149 @@ rec { dependencies = [ { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.15.1"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "primeorder"; + packageId = "primeorder 0.12.1"; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa 0.15.1"; + rename = "ecdsa-core"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "default" = [ "arithmetic" "ecdsa" "pkcs8" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "hex-literal" = [ "dep:hex-literal" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "pem" = [ "elliptic-curve/pem" "ecdsa-core/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core/pkcs8" "elliptic-curve/pkcs8" ]; + "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha256" = [ "digest" "sha2" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" ]; + "test-vectors" = [ "hex-literal" ]; + "voprf" = [ "elliptic-curve/voprf" "sha2" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha256" "std" ]; + }; + "p256 0.13.2" = rec { + crateName = "p256"; + version = "0.13.2"; + edition = "2021"; + sha256 = "0jyd3c3k239ybs59ixpnl7dqkmm072fr1js8kh7ldx58bzc3m1n9"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa 0.16.8"; + rename = "ecdsa-core"; + optional = true; + usesDefaultFeatures = false; + features = [ "der" ]; + } + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; + usesDefaultFeatures = false; + features = [ "hazmat" "sec1" ]; + } + { + name = "primeorder"; + packageId = "primeorder 0.13.2"; + optional = true; + } + { + name = "sha2"; + packageId = "sha2"; + optional = true; + usesDefaultFeatures = false; + } + ]; + devDependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa 0.16.8"; + rename = "ecdsa-core"; + usesDefaultFeatures = false; + features = [ "dev" ]; + } + { + name = "primeorder"; + packageId = "primeorder 0.13.2"; + features = [ "dev" ]; + } + ]; + features = { + "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; + "arithmetic" = [ "dep:primeorder" "elliptic-curve/arithmetic" ]; + "bits" = [ "arithmetic" "elliptic-curve/bits" ]; + "default" = [ "arithmetic" "ecdsa" "pem" "std" ]; + "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; + "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa-core" = [ "dep:ecdsa-core" ]; + "expose-field" = [ "arithmetic" ]; + "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; + "jwk" = [ "elliptic-curve/jwk" ]; + "pem" = [ "elliptic-curve/pem" "ecdsa-core/pem" "pkcs8" ]; + "pkcs8" = [ "ecdsa-core?/pkcs8" "elliptic-curve/pkcs8" ]; + "serde" = [ "ecdsa-core?/serde" "elliptic-curve/serde" "primeorder?/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "sha2" = [ "dep:sha2" ]; + "sha256" = [ "digest" "sha2" ]; + "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" ]; + "test-vectors" = [ "dep:hex-literal" ]; + "voprf" = [ "elliptic-curve/voprf" "sha2" ]; + }; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha256" "std" ]; + }; + "p384 0.12.0" = rec { + crateName = "p384"; + version = "0.12.0"; + edition = "2021"; + sha256 = "1m6jw4zm5v9czk6ncbdzcdq82jsnby8a8qdfrz78wd0q4sdll2k3"; + authors = [ + "RustCrypto Developers" + "Frank Denis " + ]; + dependencies = [ + { + name = "ecdsa"; + packageId = "ecdsa 0.15.1"; rename = "ecdsa-core"; optional = true; usesDefaultFeatures = false; @@ -1524,13 +2215,13 @@ rec { } { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; usesDefaultFeatures = false; features = [ "hazmat" "sec1" ]; } { name = "primeorder"; - packageId = "primeorder"; + packageId = "primeorder 0.12.1"; } { name = "sha2"; @@ -1542,19 +2233,20 @@ rec { devDependencies = [ { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.15.1"; + rename = "ecdsa-core"; usesDefaultFeatures = false; features = [ "dev" ]; } ]; features = { "alloc" = [ "ecdsa-core?/alloc" "elliptic-curve/alloc" ]; - "arithmetic" = [ "elliptic-curve/arithmetic" ]; + "arithmetic" = [ "elliptic-curve/arithmetic" "elliptic-curve/digest" ]; "bits" = [ "arithmetic" "elliptic-curve/bits" ]; - "default" = [ "arithmetic" "ecdsa" "pkcs8" "std" ]; + "default" = [ "arithmetic" "ecdh" "ecdsa" "pem" "std" ]; "digest" = [ "ecdsa-core/digest" "ecdsa-core/hazmat" ]; "ecdh" = [ "arithmetic" "elliptic-curve/ecdh" ]; - "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha256" ]; + "ecdsa" = [ "arithmetic" "ecdsa-core/signing" "ecdsa-core/verifying" "sha384" ]; "ecdsa-core" = [ "dep:ecdsa-core" ]; "expose-field" = [ "arithmetic" ]; "hash2curve" = [ "arithmetic" "elliptic-curve/hash2curve" ]; @@ -1565,18 +2257,18 @@ rec { "serde" = [ "ecdsa-core/serde" "elliptic-curve/serde" "serdect" ]; "serdect" = [ "dep:serdect" ]; "sha2" = [ "dep:sha2" ]; - "sha256" = [ "digest" "sha2" ]; + "sha384" = [ "digest" "sha2" ]; "std" = [ "alloc" "ecdsa-core?/std" "elliptic-curve/std" ]; "test-vectors" = [ "hex-literal" ]; "voprf" = [ "elliptic-curve/voprf" "sha2" ]; }; - resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha256" "std" ]; + resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdh" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha384" "std" ]; }; - "p384" = rec { + "p384 0.13.0" = rec { crateName = "p384"; - version = "0.12.0"; + version = "0.13.0"; edition = "2021"; - sha256 = "1m6jw4zm5v9czk6ncbdzcdq82jsnby8a8qdfrz78wd0q4sdll2k3"; + sha256 = "02cjlxdvxwvhmnckqnydqpvrwhf5raj67q300d66m7y6pi8nyy3h"; authors = [ "RustCrypto Developers" "Frank Denis " @@ -1584,7 +2276,7 @@ rec { dependencies = [ { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.16.8"; rename = "ecdsa-core"; optional = true; usesDefaultFeatures = false; @@ -1592,13 +2284,13 @@ rec { } { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; usesDefaultFeatures = false; features = [ "hazmat" "sec1" ]; } { name = "primeorder"; - packageId = "primeorder"; + packageId = "primeorder 0.13.2"; } { name = "sha2"; @@ -1610,7 +2302,8 @@ rec { devDependencies = [ { name = "ecdsa"; - packageId = "ecdsa"; + packageId = "ecdsa 0.16.8"; + rename = "ecdsa-core"; usesDefaultFeatures = false; features = [ "dev" ]; } @@ -1640,7 +2333,7 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "arithmetic" "default" "digest" "ecdh" "ecdsa" "ecdsa-core" "pem" "pkcs8" "sha2" "sha384" "std" ]; }; - "pem-rfc7468" = rec { + "pem-rfc7468 0.6.0" = rec { crateName = "pem-rfc7468"; version = "0.6.0"; edition = "2021"; @@ -1660,6 +2353,26 @@ rec { }; resolvedDefaultFeatures = [ "alloc" ]; }; + "pem-rfc7468 0.7.0" = rec { + crateName = "pem-rfc7468"; + version = "0.7.0"; + edition = "2021"; + sha256 = "04l4852scl4zdva31c1z6jafbak0ni5pi0j38ml108zwzjdrrcw8"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base64ct"; + packageId = "base64ct"; + } + ]; + features = { + "alloc" = [ "base64ct/alloc" ]; + "std" = [ "alloc" "base64ct/std" ]; + }; + resolvedDefaultFeatures = [ "alloc" ]; + }; "pkcs1" = rec { crateName = "pkcs1"; version = "0.4.1"; @@ -1671,18 +2384,18 @@ rec { dependencies = [ { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; features = [ "oid" ]; } { name = "pkcs8"; - packageId = "pkcs8"; + packageId = "pkcs8 0.9.0"; optional = true; usesDefaultFeatures = false; } { name = "spki"; - packageId = "spki"; + packageId = "spki 0.6.0"; } { name = "zeroize"; @@ -1700,7 +2413,41 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "pem" "pkcs8" "std" "zeroize" ]; }; - "pkcs8" = rec { + "pkcs8 0.10.2" = rec { + crateName = "pkcs8"; + version = "0.10.2"; + edition = "2021"; + sha256 = "1dx7w21gvn07azszgqd3ryjhyphsrjrmq5mmz1fbxkj5g0vv4l7r"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "der"; + packageId = "der 0.7.8"; + features = [ "oid" ]; + } + { + name = "spki"; + packageId = "spki 0.7.2"; + } + ]; + features = { + "3des" = [ "encryption" "pkcs5/3des" ]; + "alloc" = [ "der/alloc" "der/zeroize" "spki/alloc" ]; + "des-insecure" = [ "encryption" "pkcs5/des-insecure" ]; + "encryption" = [ "alloc" "pkcs5/alloc" "pkcs5/pbes2" "rand_core" ]; + "getrandom" = [ "rand_core/getrandom" ]; + "pem" = [ "alloc" "der/pem" "spki/pem" ]; + "pkcs5" = [ "dep:pkcs5" ]; + "rand_core" = [ "dep:rand_core" ]; + "sha1-insecure" = [ "encryption" "pkcs5/sha1-insecure" ]; + "std" = [ "alloc" "der/std" "spki/std" ]; + "subtle" = [ "dep:subtle" ]; + }; + resolvedDefaultFeatures = [ "alloc" "pem" "std" ]; + }; + "pkcs8 0.9.0" = rec { crateName = "pkcs8"; version = "0.9.0"; edition = "2021"; @@ -1711,12 +2458,12 @@ rec { dependencies = [ { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; features = [ "oid" ]; } { name = "spki"; - packageId = "spki"; + packageId = "spki 0.6.0"; } ]; features = { @@ -1736,9 +2483,9 @@ rec { }; "pkg-config" = rec { crateName = "pkg-config"; - version = "0.3.25"; + version = "0.3.27"; edition = "2015"; - sha256 = "1bh3vij79cshj884py4can1f8rvk52niaii1vwxya9q69gnc9y0x"; + sha256 = "0r39ryh1magcq4cz5g9x88jllsnxnhcqr753islvyk4jp9h2h1r6"; authors = [ "Alex Crichton " ]; @@ -1757,7 +2504,7 @@ rec { }; resolvedDefaultFeatures = [ "simd" "std" ]; }; - "primeorder" = rec { + "primeorder 0.12.1" = rec { crateName = "primeorder"; version = "0.12.1"; edition = "2021"; @@ -1768,7 +2515,29 @@ rec { dependencies = [ { name = "elliptic-curve"; - packageId = "elliptic-curve"; + packageId = "elliptic-curve 0.12.3"; + usesDefaultFeatures = false; + features = [ "arithmetic" "sec1" ]; + } + ]; + features = { + "serde" = [ "elliptic-curve/serde" "serdect" ]; + "serdect" = [ "dep:serdect" ]; + "std" = [ "elliptic-curve/std" ]; + }; + }; + "primeorder 0.13.2" = rec { + crateName = "primeorder"; + version = "0.13.2"; + edition = "2021"; + sha256 = "1qqyvzkfx6g30ibc74n3fggkr6rrdi27ifbrq7yfxihf5kwcwbrw"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "elliptic-curve"; + packageId = "elliptic-curve 0.13.6"; usesDefaultFeatures = false; features = [ "arithmetic" "sec1" ]; } @@ -1781,9 +2550,9 @@ rec { }; "proc-macro2" = rec { crateName = "proc-macro2"; - version = "1.0.51"; - edition = "2018"; - sha256 = "1mj9r146akd3ldfic70bzqr7hwxd35lr0h551yk1vlirbfp7qwjx"; + version = "1.0.69"; + edition = "2021"; + sha256 = "1nljgyllbm3yr3pa081bf83gxh6l4zvjqzaldw7v4mj9xfgihk0k"; authors = [ "David Tolnay " "Alex Crichton " @@ -1801,9 +2570,9 @@ rec { }; "quote" = rec { crateName = "quote"; - version = "1.0.23"; + version = "1.0.33"; edition = "2018"; - sha256 = "0ywwzw5xfwwgq62ihp4fbjbfdjb3ilss2vh3fka18ai59lvdhml8"; + sha256 = "1biw54hbbr12wdwjac55z1m2x2rylciw83qnjn564a3096jgqrsj"; authors = [ "David Tolnay " ]; @@ -1920,11 +2689,12 @@ rec { }; "regex" = rec { crateName = "regex"; - version = "1.6.0"; - edition = "2018"; - sha256 = "12wqvyh4i75j7pc8sgvmqh4yy3qaj4inc4alyv1cdf3lf4kb6kjc"; + version = "1.10.2"; + edition = "2021"; + sha256 = "0hxkd814n4irind8im5c9am221ri6bprx49nc7yxv02ykhd9a2rq"; authors = [ "The Rust Project Developers" + "Andrew Gallant " ]; dependencies = [ { @@ -1937,6 +2707,12 @@ rec { packageId = "memchr"; optional = true; } + { + name = "regex-automata"; + packageId = "regex-automata"; + usesDefaultFeatures = false; + features = [ "alloc" "syntax" "meta" "nfa-pikevm" ]; + } { name = "regex-syntax"; packageId = "regex-syntax"; @@ -1944,39 +2720,106 @@ rec { } ]; features = { - "aho-corasick" = [ "dep:aho-corasick" ]; "default" = [ "std" "perf" "unicode" "regex-syntax/default" ]; - "memchr" = [ "dep:memchr" ]; - "perf" = [ "perf-cache" "perf-dfa" "perf-inline" "perf-literal" ]; - "perf-literal" = [ "aho-corasick" "memchr" ]; - "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" "regex-syntax/unicode" ]; - "unicode-age" = [ "regex-syntax/unicode-age" ]; - "unicode-bool" = [ "regex-syntax/unicode-bool" ]; - "unicode-case" = [ "regex-syntax/unicode-case" ]; - "unicode-gencat" = [ "regex-syntax/unicode-gencat" ]; - "unicode-perl" = [ "regex-syntax/unicode-perl" ]; - "unicode-script" = [ "regex-syntax/unicode-script" ]; - "unicode-segment" = [ "regex-syntax/unicode-segment" ]; + "logging" = [ "aho-corasick?/logging" "memchr?/logging" "regex-automata/logging" ]; + "perf" = [ "perf-cache" "perf-dfa" "perf-onepass" "perf-backtrack" "perf-inline" "perf-literal" ]; + "perf-backtrack" = [ "regex-automata/nfa-backtrack" ]; + "perf-dfa" = [ "regex-automata/hybrid" ]; + "perf-dfa-full" = [ "regex-automata/dfa-build" "regex-automata/dfa-search" ]; + "perf-inline" = [ "regex-automata/perf-inline" ]; + "perf-literal" = [ "dep:aho-corasick" "dep:memchr" "regex-automata/perf-literal" ]; + "perf-onepass" = [ "regex-automata/dfa-onepass" ]; + "std" = [ "aho-corasick?/std" "memchr?/std" "regex-automata/std" "regex-syntax/std" ]; + "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" "regex-automata/unicode" "regex-syntax/unicode" ]; + "unicode-age" = [ "regex-automata/unicode-age" "regex-syntax/unicode-age" ]; + "unicode-bool" = [ "regex-automata/unicode-bool" "regex-syntax/unicode-bool" ]; + "unicode-case" = [ "regex-automata/unicode-case" "regex-syntax/unicode-case" ]; + "unicode-gencat" = [ "regex-automata/unicode-gencat" "regex-syntax/unicode-gencat" ]; + "unicode-perl" = [ "regex-automata/unicode-perl" "regex-automata/unicode-word-boundary" "regex-syntax/unicode-perl" ]; + "unicode-script" = [ "regex-automata/unicode-script" "regex-syntax/unicode-script" ]; + "unicode-segment" = [ "regex-automata/unicode-segment" "regex-syntax/unicode-segment" ]; "unstable" = [ "pattern" ]; "use_std" = [ "std" ]; }; - resolvedDefaultFeatures = [ "aho-corasick" "default" "memchr" "perf" "perf-cache" "perf-dfa" "perf-inline" "perf-literal" "std" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + resolvedDefaultFeatures = [ "default" "perf" "perf-backtrack" "perf-cache" "perf-dfa" "perf-inline" "perf-literal" "perf-onepass" "std" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + }; + "regex-automata" = rec { + crateName = "regex-automata"; + version = "0.4.3"; + edition = "2021"; + sha256 = "0gs8q9yhd3kcg4pr00ag4viqxnh5l7jpyb9fsfr8hzh451w4r02z"; + authors = [ + "The Rust Project Developers" + "Andrew Gallant " + ]; + dependencies = [ + { + name = "aho-corasick"; + packageId = "aho-corasick"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "memchr"; + packageId = "memchr"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "regex-syntax"; + packageId = "regex-syntax"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "default" = [ "std" "syntax" "perf" "unicode" "meta" "nfa" "dfa" "hybrid" ]; + "dfa" = [ "dfa-build" "dfa-search" "dfa-onepass" ]; + "dfa-build" = [ "nfa-thompson" "dfa-search" ]; + "dfa-onepass" = [ "nfa-thompson" ]; + "hybrid" = [ "alloc" "nfa-thompson" ]; + "internal-instrument" = [ "internal-instrument-pikevm" ]; + "internal-instrument-pikevm" = [ "logging" "std" ]; + "logging" = [ "dep:log" "aho-corasick?/logging" "memchr?/logging" ]; + "meta" = [ "syntax" "nfa-pikevm" ]; + "nfa" = [ "nfa-thompson" "nfa-pikevm" "nfa-backtrack" ]; + "nfa-backtrack" = [ "nfa-thompson" ]; + "nfa-pikevm" = [ "nfa-thompson" ]; + "nfa-thompson" = [ "alloc" ]; + "perf" = [ "perf-inline" "perf-literal" ]; + "perf-literal" = [ "perf-literal-substring" "perf-literal-multisubstring" ]; + "perf-literal-multisubstring" = [ "std" "dep:aho-corasick" ]; + "perf-literal-substring" = [ "aho-corasick?/perf-literal" "dep:memchr" ]; + "std" = [ "regex-syntax?/std" "memchr?/std" "aho-corasick?/std" "alloc" ]; + "syntax" = [ "dep:regex-syntax" "alloc" ]; + "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" "unicode-word-boundary" "regex-syntax?/unicode" ]; + "unicode-age" = [ "regex-syntax?/unicode-age" ]; + "unicode-bool" = [ "regex-syntax?/unicode-bool" ]; + "unicode-case" = [ "regex-syntax?/unicode-case" ]; + "unicode-gencat" = [ "regex-syntax?/unicode-gencat" ]; + "unicode-perl" = [ "regex-syntax?/unicode-perl" ]; + "unicode-script" = [ "regex-syntax?/unicode-script" ]; + "unicode-segment" = [ "regex-syntax?/unicode-segment" ]; + }; + resolvedDefaultFeatures = [ "alloc" "dfa-onepass" "hybrid" "meta" "nfa-backtrack" "nfa-pikevm" "nfa-thompson" "perf-inline" "perf-literal" "perf-literal-multisubstring" "perf-literal-substring" "std" "syntax" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" "unicode-word-boundary" ]; }; "regex-syntax" = rec { crateName = "regex-syntax"; - version = "0.6.27"; - edition = "2018"; - sha256 = "0i32nnvyzzkvz1rqp2qyfxrp2170859z8ck37jd63c8irrrppy53"; + version = "0.8.2"; + edition = "2021"; + sha256 = "17rd2s8xbiyf6lb4aj2nfi44zqlj98g2ays8zzj2vfs743k79360"; authors = [ "The Rust Project Developers" + "Andrew Gallant " ]; features = { - "default" = [ "unicode" ]; + "arbitrary" = [ "dep:arbitrary" ]; + "default" = [ "std" "unicode" ]; "unicode" = [ "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; }; - resolvedDefaultFeatures = [ "default" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; + resolvedDefaultFeatures = [ "default" "std" "unicode" "unicode-age" "unicode-bool" "unicode-case" "unicode-gencat" "unicode-perl" "unicode-script" "unicode-segment" ]; }; - "rfc6979" = rec { + "rfc6979 0.3.1" = rec { crateName = "rfc6979"; version = "0.3.1"; edition = "2021"; @@ -1987,7 +2830,7 @@ rec { dependencies = [ { name = "crypto-bigint"; - packageId = "crypto-bigint"; + packageId = "crypto-bigint 0.4.9"; usesDefaultFeatures = false; features = [ "generic-array" "zeroize" ]; } @@ -2004,6 +2847,29 @@ rec { } ]; + }; + "rfc6979 0.4.0" = rec { + crateName = "rfc6979"; + version = "0.4.0"; + edition = "2021"; + sha256 = "1chw95jgcfrysyzsq6a10b1j5qb7bagkx8h0wda4lv25in02mpgq"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "hmac"; + packageId = "hmac"; + usesDefaultFeatures = false; + features = [ "reset" ]; + } + { + name = "subtle"; + packageId = "subtle"; + usesDefaultFeatures = false; + } + ]; + }; "rsa" = rec { crateName = "rsa"; @@ -2057,7 +2923,7 @@ rec { } { name = "pkcs8"; - packageId = "pkcs8"; + packageId = "pkcs8 0.9.0"; usesDefaultFeatures = false; features = [ "alloc" ]; } @@ -2120,9 +2986,9 @@ rec { }; "ryu" = rec { crateName = "ryu"; - version = "1.0.12"; + version = "1.0.15"; edition = "2018"; - sha256 = "1ppcgnyfs12p545bl7762jp9b11rlzmgb7yzrr5lnzb8xm1rfjvv"; + sha256 = "0hfphpn1xnpzxwj8qg916ga1lyc33lc03lnf1gb3wwpglj6wrm0s"; authors = [ "David Tolnay " ]; @@ -2147,7 +3013,7 @@ rec { ]; }; - "sec1" = rec { + "sec1 0.3.0" = rec { crateName = "sec1"; version = "0.3.0"; edition = "2021"; @@ -2158,13 +3024,13 @@ rec { dependencies = [ { name = "base16ct"; - packageId = "base16ct"; + packageId = "base16ct 0.1.1"; optional = true; usesDefaultFeatures = false; } { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; optional = true; features = [ "oid" ]; } @@ -2176,7 +3042,7 @@ rec { } { name = "pkcs8"; - packageId = "pkcs8"; + packageId = "pkcs8 0.9.0"; optional = true; usesDefaultFeatures = false; } @@ -2210,11 +3076,71 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "base16ct" "default" "der" "generic-array" "pem" "pkcs8" "point" "subtle" "zeroize" ]; }; + "sec1 0.7.3" = rec { + crateName = "sec1"; + version = "0.7.3"; + edition = "2021"; + sha256 = "1p273j8c87pid6a1iyyc7vxbvifrw55wbxgr0dh3l8vnbxb7msfk"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base16ct"; + packageId = "base16ct 0.2.0"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "der"; + packageId = "der 0.7.8"; + optional = true; + features = [ "oid" ]; + } + { + name = "generic-array"; + packageId = "generic-array"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "pkcs8"; + packageId = "pkcs8 0.10.2"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "subtle"; + packageId = "subtle"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "zeroize"; + packageId = "zeroize"; + optional = true; + usesDefaultFeatures = false; + } + ]; + features = { + "alloc" = [ "der?/alloc" "pkcs8?/alloc" "zeroize?/alloc" ]; + "default" = [ "der" "point" ]; + "der" = [ "dep:der" "zeroize" ]; + "pem" = [ "alloc" "der/pem" "pkcs8/pem" ]; + "pkcs8" = [ "dep:pkcs8" ]; + "point" = [ "dep:base16ct" "dep:generic-array" ]; + "serde" = [ "dep:serdect" ]; + "std" = [ "alloc" "der?/std" ]; + "subtle" = [ "dep:subtle" ]; + "zeroize" = [ "dep:zeroize" "der?/zeroize" ]; + }; + resolvedDefaultFeatures = [ "alloc" "default" "der" "pem" "pkcs8" "point" "std" "subtle" "zeroize" ]; + }; "serde" = rec { crateName = "serde"; - version = "1.0.152"; - edition = "2015"; - sha256 = "1ysykpc4a9f1yn7zikdwhyfs0bpa7mlc8vsm7sl4glr1606iyzdv"; + version = "1.0.190"; + edition = "2018"; + sha256 = "1xwndn6n8pb8y0vd84sba1nvfdf4x27nkbgnqsi99s0yr8sc7lwi"; authors = [ "Erick Tryzelaar " "David Tolnay " @@ -2225,6 +3151,11 @@ rec { packageId = "serde_derive"; optional = true; } + { + name = "serde_derive"; + packageId = "serde_derive"; + target = { target, features }: false; + } ]; devDependencies = [ { @@ -2241,9 +3172,9 @@ rec { }; "serde_derive" = rec { crateName = "serde_derive"; - version = "1.0.152"; + version = "1.0.190"; edition = "2015"; - sha256 = "07jlbk3khspawlqayr5lhzgqirv031ap4p8asw199l7ciq8psj5g"; + sha256 = "1qy0697y6rbsqvaq7sgy8bpq1sh4h13xmvsizkbjnp2f76gn1ib7"; procMacro = true; authors = [ "Erick Tryzelaar " @@ -2269,9 +3200,9 @@ rec { }; "serde_json" = rec { crateName = "serde_json"; - version = "1.0.93"; - edition = "2018"; - sha256 = "0xmwq2838lvc50g849k8qsrwvj7nfaaw5wns0x8mp24ikjv0dm6a"; + version = "1.0.108"; + edition = "2021"; + sha256 = "0ssj59s7lpzqh1m50kfzlnrip0p0jg9lmhn4098i33a0mhz7w71x"; authors = [ "Erick Tryzelaar " "David Tolnay " @@ -2309,9 +3240,9 @@ rec { }; "sha2" = rec { crateName = "sha2"; - version = "0.10.6"; + version = "0.10.8"; edition = "2018"; - sha256 = "1h5xrrv2y06kr1gsz4pwrm3lsp206nm2gjxgbf21wfrfzsavgrl2"; + sha256 = "1j1x78zk9il95w9iv46dh9wm73r6xrgj32y6lzzw7bxws9dbfgbr"; authors = [ "RustCrypto Developers" ]; @@ -2323,7 +3254,7 @@ rec { { name = "cpufeatures"; packageId = "cpufeatures"; - target = { target, features }: ((target."arch" == "aarch64") || (target."arch" == "x86_64") || (target."arch" == "x86")); + target = { target, features }: (("aarch64" == target."arch") || ("x86_64" == target."arch") || ("x86" == target."arch")); } { name = "digest"; @@ -2411,15 +3342,16 @@ rec { }; "smallvec" = rec { crateName = "smallvec"; - version = "1.10.0"; + version = "1.11.1"; edition = "2018"; - sha256 = "1q2k15fzxgwjpcdv3f323w24rbbfyv711ayz85ila12lg7zbw1x5"; + sha256 = "0nmx8aw3v4jglqdcjv4hhn10d6g52c4bhjlzwf952885is04lawl"; authors = [ "The Servo Project Developers" ]; features = { "arbitrary" = [ "dep:arbitrary" ]; "const_new" = [ "const_generics" ]; + "drain_keep_rest" = [ "drain_filter" ]; "serde" = [ "dep:serde" ]; }; }; @@ -2477,7 +3409,7 @@ rec { ]; }; - "spki" = rec { + "spki 0.6.0" = rec { crateName = "spki"; version = "0.6.0"; edition = "2021"; @@ -2494,7 +3426,7 @@ rec { } { name = "der"; - packageId = "der"; + packageId = "der 0.6.1"; features = [ "oid" ]; } ]; @@ -2508,11 +3440,43 @@ rec { }; resolvedDefaultFeatures = [ "alloc" "base64ct" "pem" "std" ]; }; + "spki 0.7.2" = rec { + crateName = "spki"; + version = "0.7.2"; + edition = "2021"; + sha256 = "0jhq00sv4w3psdi6li3vjjmspc6z2d9b1wc1srbljircy1p9j7lx"; + authors = [ + "RustCrypto Developers" + ]; + dependencies = [ + { + name = "base64ct"; + packageId = "base64ct"; + optional = true; + usesDefaultFeatures = false; + } + { + name = "der"; + packageId = "der 0.7.8"; + features = [ "oid" ]; + } + ]; + features = { + "alloc" = [ "base64ct?/alloc" "der/alloc" ]; + "arbitrary" = [ "std" "dep:arbitrary" "der/arbitrary" ]; + "base64" = [ "dep:base64ct" ]; + "fingerprint" = [ "sha2" ]; + "pem" = [ "alloc" "der/pem" ]; + "sha2" = [ "dep:sha2" ]; + "std" = [ "der/std" "alloc" ]; + }; + resolvedDefaultFeatures = [ "alloc" "pem" "std" ]; + }; "subtle" = rec { crateName = "subtle"; - version = "2.4.1"; - edition = "2015"; - sha256 = "00b6jzh9gzb0h9n25g06nqr90z3xzqppfhhb260s1hjhh4pg7pkb"; + version = "2.5.0"; + edition = "2018"; + sha256 = "1g2yjs7gffgmdvkkq0wrrh0pxds3q0dv6dhkw9cdpbib656xdkc1"; authors = [ "Isis Lovecruft " "Henry de Valence " @@ -2524,9 +3488,9 @@ rec { }; "syn" = rec { crateName = "syn"; - version = "1.0.107"; - edition = "2018"; - sha256 = "1xg3315vx8civ8y0l5zxq5mkx07qskaqwnjak18aw0vfn6sn8h0z"; + version = "2.0.38"; + edition = "2021"; + sha256 = "12s06bi068scc4fpv2x2bp3lx2vxnk4s0qv3w9hqznrpl6m7jsz9"; authors = [ "David Tolnay " ]; @@ -2558,9 +3522,9 @@ rec { }; "thiserror" = rec { crateName = "thiserror"; - version = "1.0.38"; - edition = "2018"; - sha256 = "1l7yh18iqcr2jnl6qjx3ywvhny98cvda3biwc334ap3xm65d373a"; + version = "1.0.50"; + edition = "2021"; + sha256 = "1ll2sfbrxks8jja161zh1pgm3yssr7aawdmaa2xmcwcsbh7j39zr"; authors = [ "David Tolnay " ]; @@ -2574,9 +3538,9 @@ rec { }; "thiserror-impl" = rec { crateName = "thiserror-impl"; - version = "1.0.38"; - edition = "2018"; - sha256 = "0vzkcjqkzzgrwwby92xvnbp11a8d70b1gkybm0zx1r458spjgcqz"; + version = "1.0.50"; + edition = "2021"; + sha256 = "1f0lmam4765sfnwr4b1n00y14vxh10g0311mkk0adr80pi02wsr6"; procMacro = true; authors = [ "David Tolnay " @@ -2599,9 +3563,9 @@ rec { }; "typenum" = rec { crateName = "typenum"; - version = "1.16.0"; + version = "1.17.0"; edition = "2018"; - sha256 = "1fhb9iaqyjn4dzn2vl86kxjhp4xpw5gynczlnqzf4x6rjgpn2ya9"; + sha256 = "09dqxv69m9lj9zvv6xw5vxaqx15ps0vxyy5myg33i0kbqvq0pzs2"; build = "build/main.rs"; authors = [ "Paho Lurie-Gregg " @@ -2614,9 +3578,9 @@ rec { }; "unicode-ident" = rec { crateName = "unicode-ident"; - version = "1.0.6"; + version = "1.0.12"; edition = "2018"; - sha256 = "1g2fdsw5sv9l1m73whm99za3lxq3nw4gzx5kvi562h4b46gjp8l4"; + sha256 = "0jzf1znfpb2gx8nr8mvmyqs1crnv79l57nxnbiszc7xf7ynbjm1k"; authors = [ "David Tolnay " ]; @@ -2634,9 +3598,9 @@ rec { }; "walkdir" = rec { crateName = "walkdir"; - version = "2.3.2"; + version = "2.4.0"; edition = "2018"; - sha256 = "0mnszy33685v8y9js8mw6x2p3iddqs8vfj7n2dhqddnlbirz5340"; + sha256 = "1vjl9fmfc4v8k9ald23qrpcbyb8dl1ynyq8d516cm537r1yqa7fp"; authors = [ "Andrew Gallant " ]; @@ -2645,12 +3609,6 @@ rec { name = "same-file"; packageId = "same-file"; } - { - name = "winapi"; - packageId = "winapi"; - target = { target, features }: (target."windows" or false); - features = [ "std" "winnt" ]; - } { name = "winapi-util"; packageId = "winapi-util"; @@ -2678,9 +3636,9 @@ rec { }; "wasm-bindgen" = rec { crateName = "wasm-bindgen"; - version = "0.2.84"; + version = "0.2.87"; edition = "2018"; - sha256 = "0fx5gh0b4n6znfa3blz92wn1k4bbiysyq9m95s7rn3gk46ydry1i"; + sha256 = "0hm3k42gcnrps2jh339h186scx1radqy1w7v1zwb333dncmaf1kp"; authors = [ "The wasm-bindgen Developers" ]; @@ -2697,6 +3655,7 @@ rec { features = { "default" = [ "spans" "std" ]; "enable-interning" = [ "std" ]; + "gg-alloc" = [ "wasm-bindgen-test/gg-alloc" ]; "serde" = [ "dep:serde" ]; "serde-serialize" = [ "serde" "serde_json" "std" ]; "serde_json" = [ "dep:serde_json" ]; @@ -2708,9 +3667,9 @@ rec { }; "wasm-bindgen-backend" = rec { crateName = "wasm-bindgen-backend"; - version = "0.2.84"; + version = "0.2.87"; edition = "2018"; - sha256 = "1ffc0wb293ha56i66f830x7f8aa2xql69a21lrasy1ncbgyr1klm"; + sha256 = "1gcsh3bjxhw3cirmin45107pcsnn0ymhkxg6bxg65s8hqp9vdwjy"; authors = [ "The wasm-bindgen Developers" ]; @@ -2752,9 +3711,9 @@ rec { }; "wasm-bindgen-macro" = rec { crateName = "wasm-bindgen-macro"; - version = "0.2.84"; + version = "0.2.87"; edition = "2018"; - sha256 = "1idlq28awqhq8rclb22rn5xix82w9a4rgy11vkapzhzd1dygf8ac"; + sha256 = "07cg0b6zkcxa1yg1n10h62paid59s9zr8yss214bv8w2b7jrbr6y"; procMacro = true; authors = [ "The wasm-bindgen Developers" @@ -2777,9 +3736,9 @@ rec { }; "wasm-bindgen-macro-support" = rec { crateName = "wasm-bindgen-macro-support"; - version = "0.2.84"; + version = "0.2.87"; edition = "2018"; - sha256 = "1xm56lpi0rihh8ny7x085dgs3jdm47spgqflb98wghyadwq83zra"; + sha256 = "0yqc46pr6mlgb9bsnfdnd50qvsqnrz8g5243fnaz0rb7lhc1ns2l"; authors = [ "The wasm-bindgen Developers" ]; @@ -2814,9 +3773,9 @@ rec { }; "wasm-bindgen-shared" = rec { crateName = "wasm-bindgen-shared"; - version = "0.2.84"; + version = "0.2.87"; edition = "2018"; - sha256 = "0pcvk1c97r1pprzfaxxn359r0wqg5bm33ylbwgjh8f4cwbvzwih0"; + sha256 = "18bmjwvfyhvlq49nzw6mgiyx4ys350vps4cmx5gvzckh91dd0sna"; authors = [ "The wasm-bindgen Developers" ]; @@ -2834,18 +3793,18 @@ rec { { name = "winapi-i686-pc-windows-gnu"; packageId = "winapi-i686-pc-windows-gnu"; - target = { target, features }: (stdenv.hostPlatform.config == "i686-pc-windows-gnu"); + target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "i686-pc-windows-gnu"); } { name = "winapi-x86_64-pc-windows-gnu"; packageId = "winapi-x86_64-pc-windows-gnu"; - target = { target, features }: (stdenv.hostPlatform.config == "x86_64-pc-windows-gnu"); + target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "x86_64-pc-windows-gnu"); } ]; features = { "debug" = [ "impl-debug" ]; }; - resolvedDefaultFeatures = [ "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "std" "winbase" "wincon" "winerror" "winnt" ]; + resolvedDefaultFeatures = [ "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "std" "sysinfoapi" "winbase" "wincon" "winerror" "winnt" ]; }; "winapi-i686-pc-windows-gnu" = rec { crateName = "winapi-i686-pc-windows-gnu"; @@ -2859,9 +3818,9 @@ rec { }; "winapi-util" = rec { crateName = "winapi-util"; - version = "0.1.5"; - edition = "2018"; - sha256 = "0y71bp7f6d536czj40dhqk0d55wfbbwqfp2ymqf1an5ibgl6rv3h"; + version = "0.1.6"; + edition = "2021"; + sha256 = "15i5lm39wd44004i9d5qspry2cynkrpvwzghr6s2c3dsk28nz7pj"; authors = [ "Andrew Gallant " ]; @@ -2870,7 +3829,7 @@ rec { name = "winapi"; packageId = "winapi"; target = { target, features }: (target."windows" or false); - features = [ "std" "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "winbase" "wincon" "winerror" "winnt" ]; + features = [ "std" "consoleapi" "errhandlingapi" "fileapi" "minwindef" "processenv" "sysinfoapi" "winbase" "wincon" "winerror" "winnt" ]; } ]; @@ -2889,7 +3848,11 @@ rec { crateName = "zauth"; version = "3.1.0"; edition = "2015"; - src = lib.cleanSourceWith { filter = sourceFilter; src = ../libzauth; }; + # We can't filter paths with references in Nix 2.4 + # See https://github.com/NixOS/nix/issues/5410 + src = if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion )) + then lib.cleanSourceWith { filter = sourceFilter; src = ../libzauth; } + else ../libzauth; authors = [ "Wire Swiss GmbH " ]; @@ -2904,7 +3867,7 @@ rec { } { name = "jwt-simple"; - packageId = "jwt-simple"; + packageId = "jwt-simple 0.11.3"; } { name = "lazy_static"; @@ -2941,14 +3904,19 @@ rec { crateName = "zauth-c"; version = "3.0.0"; edition = "2015"; - src = lib.cleanSourceWith { filter = sourceFilter; src = ./.; };type = [ "cdylib" ]; + # We can't filter paths with references in Nix 2.4 + # See https://github.com/NixOS/nix/issues/5410 + src = if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion )) + then lib.cleanSourceWith { filter = sourceFilter; src = ./.; } + else ./.; + libName = "zauth";type = [ "cdylib" ]; authors = [ "Wire Swiss GmbH " ]; dependencies = [ { name = "jwt-simple"; - packageId = "jwt-simple"; + packageId = "jwt-simple 0.11.4"; } { name = "libc"; @@ -2963,9 +3931,9 @@ rec { }; "zeroize" = rec { crateName = "zeroize"; - version = "1.5.7"; - edition = "2018"; - sha256 = "17ql9c1qhh5kw5aas72swwicnr701alhmhnrfmr9wrkg1jyvb563"; + version = "1.6.0"; + edition = "2021"; + sha256 = "1ndar43r58zbmasjhrhgas168vxb4i0rwbkcnszhjybwpbqmc29a"; authors = [ "The RustCrypto Project Developers" ]; @@ -2987,26 +3955,25 @@ rec { /* Target (platform) data for conditional dependencies. This corresponds roughly to what buildRustCrate is setting. */ - defaultTarget = { - unix = true; - windows = false; + makeDefaultTarget = platform: { + unix = platform.isUnix; + windows = platform.isWindows; fuchsia = true; test = false; - # This doesn't appear to be officially documented anywhere yet. - # See https://github.com/rust-lang-nursery/rust-forge/issues/101. - os = - if stdenv.hostPlatform.isDarwin - then "macos" - else stdenv.hostPlatform.parsed.kernel.name; - arch = stdenv.hostPlatform.parsed.cpu.name; - family = "unix"; + /* We are choosing an arbitrary rust version to grab `lib` from, + which is unfortunate, but `lib` has been version-agnostic the + whole time so this is good enough for now. + */ + os = pkgs.rust.lib.toTargetOs platform; + arch = pkgs.rust.lib.toTargetArch platform; + family = pkgs.rust.lib.toTargetFamily platform; env = "gnu"; endian = - if stdenv.hostPlatform.parsed.cpu.significantByte.name == "littleEndian" + if platform.parsed.cpu.significantByte.name == "littleEndian" then "little" else "big"; - pointer_width = toString stdenv.hostPlatform.parsed.cpu.bits; - vendor = stdenv.hostPlatform.parsed.vendor.name; + pointer_width = toString platform.parsed.cpu.bits; + vendor = platform.parsed.vendor.name; debug_assertions = false; }; @@ -3078,6 +4045,7 @@ rec { ( _: { buildTests = true; + release = false; } ); # If the user hasn't set any pre/post commands, we don't want to @@ -3095,14 +4063,14 @@ rec { inherit testCrateFlags; buildInputs = testInputs; } '' - set -ex + set -e export RUST_BACKTRACE=1 # recreate a file hierarchy as when running tests with cargo # the source for test data - ${pkgs.xorg.lndir}/bin/lndir ${crate.src} + ${pkgs.buildPackages.xorg.lndir}/bin/lndir ${crate.src} # build outputs testRoot=target/debug @@ -3132,10 +4100,12 @@ rec { passthru = (crate.passthru or { }) // { inherit test; }; - } '' - echo tested by ${test} - ${lib.concatMapStringsSep "\n" (output: "ln -s ${crate.${output}} ${"$"}${output}") crate.outputs} - ''; + } + (lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' + echo tested by ${test} + '' + '' + ${lib.concatMapStringsSep "\n" (output: "ln -s ${crate.${output}} ${"$"}${output}") crate.outputs} + ''); /* A restricted overridable version of builtRustCratesWithFeatures. */ buildRustCrateWithFeatures = @@ -3209,12 +4179,12 @@ rec { , crateConfigs ? crates , buildRustCrateForPkgsFunc , runTests - , target ? defaultTarget + , makeTarget ? makeDefaultTarget } @ args: assert (builtins.isAttrs crateConfigs); assert (builtins.isString packageId); assert (builtins.isList features); - assert (builtins.isAttrs target); + assert (builtins.isAttrs (makeTarget stdenv.hostPlatform)); assert (builtins.isBool runTests); let rootPackageId = packageId; @@ -3222,7 +4192,7 @@ rec { ( args // { inherit rootPackageId; - target = target // { test = runTests; }; + target = makeTarget stdenv.hostPlatform // { test = runTests; }; } ); # Memoize built packages so that reappearing packages are only built once. @@ -3231,6 +4201,7 @@ rec { let self = { crates = lib.mapAttrs (packageId: value: buildByPackageIdForPkgsImpl self pkgs packageId) crateConfigs; + target = makeTarget pkgs.stdenv.hostPlatform; build = mkBuiltByPackageIdByPkgs pkgs.buildPackages; }; in @@ -3247,7 +4218,8 @@ rec { (crateConfig'.devDependencies or [ ]); dependencies = dependencyDerivations { - inherit features target; + inherit features; + inherit (self) target; buildByPackageId = depPackageId: # proc_macro crates must be compiled for the build architecture if crateConfigs.${depPackageId}.procMacro or false @@ -3259,24 +4231,26 @@ rec { }; buildDependencies = dependencyDerivations { - inherit features target; + inherit features; + inherit (self.build) target; buildByPackageId = depPackageId: self.build.crates.${depPackageId}; dependencies = crateConfig.buildDependencies or [ ]; }; - filterEnabledDependenciesForThis = dependencies: filterEnabledDependencies { - inherit dependencies features target; - }; dependenciesWithRenames = - lib.filter (d: d ? "rename") - ( - filterEnabledDependenciesForThis - ( - (crateConfig.buildDependencies or [ ]) - ++ (crateConfig.dependencies or [ ]) - ++ devDependencies - ) - ); + let + buildDeps = filterEnabledDependencies { + inherit features; + inherit (self) target; + dependencies = crateConfig.dependencies or [ ] ++ devDependencies; + }; + hostDeps = filterEnabledDependencies { + inherit features; + inherit (self.build) target; + dependencies = crateConfig.buildDependencies or [ ]; + }; + in + lib.filter (d: d ? "rename") (hostDeps ++ buildDeps); # Crate renames have the form: # # { @@ -3302,6 +4276,8 @@ rec { buildRustCrateForPkgsFunc pkgs ( crateConfig // { + # https://github.com/NixOS/nixpkgs/issues/218712 + dontStrip = stdenv.hostPlatform.isDarwin; src = crateConfig.src or ( pkgs.fetchurl rec { name = "${crateConfig.crateName}-${crateConfig.version}.tar.gz"; @@ -3351,7 +4327,7 @@ rec { else val; /* Returns various tools to debug a crate. */ - debugCrate = { packageId, target ? defaultTarget }: + debugCrate = { packageId, target ? makeDefaultTarget stdenv.hostPlatform }: assert (builtins.isString packageId); let debug = rec { @@ -3527,15 +4503,14 @@ rec { dependencies; /* Returns whether the given feature should enable the given dependency. */ - doesFeatureEnableDependency = { name, rename ? null, ... }: feature: + doesFeatureEnableDependency = dependency: feature: let + name = dependency.rename or dependency.name; prefix = "${name}/"; len = builtins.stringLength prefix; startsWithPrefix = builtins.substring 0 len feature == prefix; in - (rename == null && feature == name) - || (rename != null && rename == feature) - || startsWithPrefix; + feature == name || feature == "dep:" + name || startsWithPrefix; /* Returns the expanded features for the given inputFeatures by applying the rules in featureMap. @@ -3547,10 +4522,24 @@ rec { assert (builtins.isAttrs featureMap); assert (builtins.isList inputFeatures); let - expandFeature = feature: - assert (builtins.isString feature); - [ feature ] ++ (expandFeatures featureMap (featureMap."${feature}" or [ ])); - outFeatures = lib.concatMap expandFeature inputFeatures; + expandFeaturesNoCycle = oldSeen: inputFeatures: + if inputFeatures != [ ] + then + let + # The feature we're currently expanding. + feature = builtins.head inputFeatures; + # All the features we've seen/expanded so far, including the one + # we're currently processing. + seen = oldSeen // { ${feature} = 1; }; + # Expand the feature but be careful to not re-introduce a feature + # that we've already seen: this can easily cause a cycle, see issue + # #209. + enables = builtins.filter (f: !(seen ? "${f}")) (featureMap."${feature}" or [ ]); + in + [ feature ] ++ (expandFeaturesNoCycle seen (builtins.tail inputFeatures ++ enables)) + # No more features left, nothing to expand to. + else [ ]; + outFeatures = expandFeaturesNoCycle { } inputFeatures; in sortedUnique outFeatures; @@ -3570,7 +4559,9 @@ rec { let enabled = builtins.any (doesFeatureEnableDependency dependency) features; in - if (dependency.optional or false) && enabled then [ dependency.name ] else [ ] + if (dependency.optional or false) && enabled + then [ (dependency.rename or dependency.name) ] + else [ ] ) dependencies; in @@ -3592,11 +4583,21 @@ rec { explicitFeatures = dependency.features or [ ]; additionalDependencyFeatures = let - dependencyPrefix = (dependency.rename or dependency.name) + "/"; - dependencyFeatures = - builtins.filter (f: lib.hasPrefix dependencyPrefix f) features; + name = dependency.rename or dependency.name; + stripPrefixMatch = prefix: s: + if lib.hasPrefix prefix s + then lib.removePrefix prefix s + else null; + extractFeature = feature: lib.findFirst + (f: f != null) + null + (map (prefix: stripPrefixMatch prefix feature) [ + (name + "/") + (name + "?/") + ]); + dependencyFeatures = lib.filter (f: f != null) (map extractFeature features); in - builtins.map (lib.removePrefix dependencyPrefix) dependencyFeatures; + dependencyFeatures; in defaultOrNil ++ explicitFeatures ++ additionalDependencyFeatures; diff --git a/libs/libzauth/libzauth-c/crate-hashes.json b/libs/libzauth/libzauth-c/crate-hashes.json index 2e7d8348082..35f3b6ec1e4 100644 --- a/libs/libzauth/libzauth-c/crate-hashes.json +++ b/libs/libzauth/libzauth-c/crate-hashes.json @@ -1,3 +1,4 @@ { - "jwt-simple 0.11.3 (git+https://github.com/wireapp/rust-jwt-simple?rev=15a69f82288d68b74a75c1364e5d4bf681f1c07b#15a69f82288d68b74a75c1364e5d4bf681f1c07b)": "1ms7bym5j3gvn10gdbacai7v5dsdw8cf747py7igg5almk105n0z" + "jwt-simple 0.11.3 (git+https://github.com/wireapp/rust-jwt-simple?rev=15a69f82288d68b74a75c1364e5d4bf681f1c07b#15a69f82288d68b74a75c1364e5d4bf681f1c07b)": "1ms7bym5j3gvn10gdbacai7v5dsdw8cf747py7igg5almk105n0z", + "jwt-simple 0.11.4 (git+https://github.com/wireapp/rust-jwt-simple?rev=5a35177ae37c06d65225df4ba2c2b065917748c5#5a35177ae37c06d65225df4ba2c2b065917748c5)": "1fkv1w82dy681qbw9wwja2dapgg1m8d01j5i2zxn1vccpsy89cnc" } \ No newline at end of file diff --git a/nix/overlay.nix b/nix/overlay.nix index 608d36a180f..35acc2f23ce 100644 --- a/nix/overlay.nix +++ b/nix/overlay.nix @@ -68,7 +68,7 @@ self: super: { zauth = { name = "zauth"; src = ../services/nginz/third_party/nginx-zauth-module; - inputs = [ self.pkg-config self.zauth ]; + inputs = [ self.pkg-config self.zauth.lib ]; }; }; diff --git a/nix/pkgs/zauth/default.nix b/nix/pkgs/zauth/default.nix index 19ade192f8f..ff08c585e02 100644 --- a/nix/pkgs/zauth/default.nix +++ b/nix/pkgs/zauth/default.nix @@ -1,40 +1,28 @@ -{ fetchFromGitHub +{ pkgs , lib -, libsodium -, nix-gitignore -, pkg-config -, rustPlatform -, stdenv -, gitMinimal }: -rustPlatform.buildRustPackage rec { - name = "libzauth-${version}"; - version = "3.0.0"; - nativeBuildInputs = [ pkg-config gitMinimal ]; - buildInputs = [ libsodium ]; - src = nix-gitignore.gitignoreSourcePure [ ../../../.gitignore ] ../../../libs/libzauth; - sourceRoot = "libzauth/libzauth-c"; +let + # load the crate2nix crate tree + crates = import ../../../libs/libzauth/libzauth-c/Cargo.nix { + inherit pkgs; + nixpkgs = pkgs.path; - cargoLock = { - lockFile = "${src}/libzauth-c/Cargo.lock"; - outputHashes = { - "jwt-simple-0.11.3" = "sha256-H9gCwqxUlffi8feQ4xjiTbeyT1RMrfZAsPsNWapfR9c="; + # per-crate overrides + defaultCrateOverrides = pkgs.defaultCrateOverrides // { + zauth-c = prev: { + postFixup = '' + find ${prev.src} + mkdir -p $lib/include $lib/lib/pkgconfig + sed -e "s~<>~${prev.version}~" \ + -e "s~<>~$lib~" \ + ${prev.src}/src/libzauth.pc > $lib/lib/pkgconfig/libzauth.pc + + cp ${prev.src}/src/zauth.h $lib/include/ + ''; + }; }; }; - patchLibs = lib.optionalString stdenv.isDarwin '' - install_name_tool -id $out/lib/libzauth.dylib $out/lib/libzauth.dylib - ''; - - postInstall = '' - mkdir -p $out/lib/pkgconfig - mkdir -p $out/include - cp src/zauth.h $out/include - sed -e "s~<>~${version}~" \ - -e "s~<>~$out~" \ - src/libzauth.pc > $out/lib/pkgconfig/libzauth.pc - cp target/release-tmp/libzauth.* $out/lib/ - ${patchLibs} - ''; -} +in +crates.rootCrate.build From eedc7bcaaa91c7624fe451a5b928f305b4528185 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 12:57:06 +0200 Subject: [PATCH 027/177] rusty_jwt_tools: describe why crate2nix doesn't work here --- nix/pkgs/rusty_jwt_tools_ffi/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nix/pkgs/rusty_jwt_tools_ffi/default.nix b/nix/pkgs/rusty_jwt_tools_ffi/default.nix index 1f0764c3b7a..9d664c6bd5c 100644 --- a/nix/pkgs/rusty_jwt_tools_ffi/default.nix +++ b/nix/pkgs/rusty_jwt_tools_ffi/default.nix @@ -6,6 +6,9 @@ , gitMinimal }: +# TODO: update to crate2nix once https://github.com/wireapp/rusty-jwt-tools as a +# Cargo.lock file in its root (not at the ffi/ subpath). + let version = "0.5.0"; src = fetchFromGitHub { From d33a5d4b9c3be240d0c3a1899a06f8942482680d Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 1 Nov 2023 13:12:29 +0200 Subject: [PATCH 028/177] add changelog --- changelog.d/5-internal/crate2nix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/5-internal/crate2nix diff --git a/changelog.d/5-internal/crate2nix b/changelog.d/5-internal/crate2nix new file mode 100644 index 00000000000..aafa494b074 --- /dev/null +++ b/changelog.d/5-internal/crate2nix @@ -0,0 +1 @@ +For some rust packages (cryptobox and libzauth-c), we now use crate2nix as a build tool, rather than the more coarse and FOD-based nixpkgs `rustPlatform.buildRustPackage` approach. \ No newline at end of file From c9c2353a52192b119bd4cddd8234ff3be062c44a Mon Sep 17 00:00:00 2001 From: Leif Battermann Date: Thu, 2 Nov 2023 09:55:55 +0100 Subject: [PATCH 029/177] WPB-5143 locked status for mls config (#3681) --- cassandra-schema.cql | 1 + changelog.d/0-release-notes/WPB-5143 | 14 ++++++++ changelog.d/2-features/WPB-5143 | 1 + charts/galley/values.yaml | 5 +-- .../src/developer/reference/config-options.md | 25 +++++++------- libs/galley-types/src/Galley/Types/Teams.hs | 4 +-- .../test/unit/Test/Galley/Types.hs | 2 +- .../src/Wire/API/Routes/Internal/Galley.hs | 1 + services/galley/galley.cabal | 1 + services/galley/src/Galley/API/Internal.hs | 1 + .../galley/src/Galley/API/Teams/Features.hs | 5 ++- .../src/Galley/API/Teams/Features/Get.hs | 2 +- services/galley/src/Galley/App.hs | 2 +- .../src/Galley/Cassandra/TeamFeatures.hs | 2 ++ services/galley/src/Galley/Schema/Run.hs | 4 ++- .../src/Galley/Schema/V89_MlsLockStatus.hs | 33 +++++++++++++++++++ .../test/integration/API/Teams/Feature.hs | 18 ++++++++-- 17 files changed, 98 insertions(+), 23 deletions(-) create mode 100644 changelog.d/0-release-notes/WPB-5143 create mode 100644 changelog.d/2-features/WPB-5143 create mode 100644 services/galley/src/Galley/Schema/V89_MlsLockStatus.hs diff --git a/cassandra-schema.cql b/cassandra-schema.cql index 3a6ff0c7780..5c784c069ac 100644 --- a/cassandra-schema.cql +++ b/cassandra-schema.cql @@ -1184,6 +1184,7 @@ CREATE TABLE galley_test.team_features ( mls_e2eid_lock_status int, mls_e2eid_status int, mls_e2eid_ver_exp timestamp, + mls_lock_status int, mls_migration_finalise_regardless_after timestamp, mls_migration_lock_status int, mls_migration_start_time timestamp, diff --git a/changelog.d/0-release-notes/WPB-5143 b/changelog.d/0-release-notes/WPB-5143 new file mode 100644 index 00000000000..61816853ac1 --- /dev/null +++ b/changelog.d/0-release-notes/WPB-5143 @@ -0,0 +1,14 @@ +The mls team feature now has a lock status. If the current installation has default settings defined in wire-server's `values.yaml`, the `lockStatus` has to be added, e.g.: + +```yaml +mls: + defaults: + status: enabled + config: + protocolToggleUsers: [] + defaultProtocol: mls + allowedCipherSuites: [1] + defaultCipherSuite: 1 + supportedProtocols: [proteus, mls] # must contain defaultProtocol + lockStatus: locked +``` diff --git a/changelog.d/2-features/WPB-5143 b/changelog.d/2-features/WPB-5143 new file mode 100644 index 00000000000..3d7fc2cdfee --- /dev/null +++ b/changelog.d/2-features/WPB-5143 @@ -0,0 +1 @@ +The mls team feature now has a lock status diff --git a/charts/galley/values.yaml b/charts/galley/values.yaml index 8bd2d28c37f..daeecc78dbe 100644 --- a/charts/galley/values.yaml +++ b/charts/galley/values.yaml @@ -41,10 +41,10 @@ config: conversationCodeURI: null # # `multiIngress` is a `Z-Host` depended setting of conversationCodeURI. - # Use this only if you want to expose the instance on mutliple ingresses. + # Use this only if you want to expose the instance on multiple ingresses. # If set it must a map from `Z-Host` to URI prefix # Example: - # multiIngress: + # multiIngress: # example.com: https://accounts.example.com/conversation-join/ # example.net: https://accounts.example.net/conversation-join/ multiIngress: null @@ -83,6 +83,7 @@ config: allowedCipherSuites: [1] defaultCipherSuite: 1 supportedProtocols: [proteus, mls] # must contain defaultProtocol + lockStatus: unlocked searchVisibilityInbound: defaults: status: disabled diff --git a/docs/src/developer/reference/config-options.md b/docs/src/developer/reference/config-options.md index d92d461479b..fd8e6034ad5 100644 --- a/docs/src/developer/reference/config-options.md +++ b/docs/src/developer/reference/config-options.md @@ -299,17 +299,18 @@ If this feature is disabled then clients will use the Proteus protocol with this The default configuration that applies to all teams that didn't explicitly change their feature configuration can be given in galley's `featureFlags` section in the config file: -``` +```yaml # galley.yaml mls: defaults: - status: disabled + status: enabled config: protocolToggleUsers: [] - defaultProtocol: proteus + defaultProtocol: mls allowedCipherSuites: [1] defaultCipherSuite: 1 - + supportedProtocols: [proteus, mls] # must contain defaultProtocol + lockStatus: locked ``` This default configuration can be overriden on a per-team basis through the [feature config API](../developer/features.md) @@ -748,7 +749,7 @@ to the configuration example above: ![Sequence Diagram: Alice and Bob download an asset](./multi-ingress-example-sequence.svg) -