diff --git a/Cargo.lock b/Cargo.lock index c3e83c9b56..b9d790ee03 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1495,8 +1495,8 @@ dependencies = [ "rustls", "rustls-native-certs", "rustls-pemfile", + "rustls-webpki", "serde", - "webpki", "webpki-roots", ] @@ -2752,7 +2752,7 @@ dependencies = [ "socket2", "widestring", "winapi", - "winreg", + "winreg 0.10.1", ] [[package]] @@ -3980,9 +3980,9 @@ checksum = "4bf2521270932c3c7bed1a59151222bd7643c79310f2916f01925e1e16255698" [[package]] name = "reqwest" -version = "0.11.18" +version = "0.11.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55" +checksum = "3e9ad3fe7488d7e34558a2033d45a0c90b72d97b4f80705666fea71472e2e6a1" dependencies = [ "async-compression", "base64 0.21.0", @@ -4018,7 +4018,7 @@ dependencies = [ "wasm-streams", "web-sys", "webpki-roots", - "winreg", + "winreg 0.50.0", ] [[package]] @@ -4160,9 +4160,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.21.0" +version = "0.21.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07180898a28ed6a7f7ba2311594308f595e3dd2e3c3812fa0a80a47b45f17e5d" +checksum = "1d1feddffcfcc0b33f5c6ce9a29e341e4cd59c3f78e7ee45f4a40c038b1d6cbb" dependencies = [ "log", "ring", @@ -4172,9 +4172,9 @@ dependencies = [ [[package]] name = "rustls-native-certs" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50" +checksum = "a9aace74cb666635c918e9c12bc0d348266037aa8eb599b5cba565709a8dff00" dependencies = [ "openssl-probe", "rustls-pemfile", @@ -4193,9 +4193,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.100.2" +version = "0.101.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e98ff011474fa39949b7e5c0428f9b4937eda7da7848bbb947786b7be0b27dab" +checksum = "7d93931baf2d282fff8d3a532bbfd7653f734643161b87e3e01e59a04439bf0d" dependencies = [ "ring", "untrusted", @@ -4266,11 +4266,11 @@ dependencies = [ [[package]] name = "schannel" -version = "0.1.21" +version = "0.1.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "713cfb06c7059f3588fb8044c0fad1d09e3c01d225e25b9220dbfdcf16dbb1b3" +checksum = "0c3733bf4cf7ea0880754e19cb5a462007c4a8c1914bff372ccc95b464f1df88" dependencies = [ - "windows-sys 0.42.0", + "windows-sys 0.48.0", ] [[package]] @@ -4356,9 +4356,9 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.8.2" +version = "2.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" +checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de" dependencies = [ "bitflags 1.3.2", "core-foundation", @@ -4369,9 +4369,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.8.0" +version = "2.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" +checksum = "e932934257d3b408ed8f30db49d85ea163bfe74961f017f405b025af298f0c7a" dependencies = [ "core-foundation-sys", "libc", @@ -6056,9 +6056,9 @@ checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" [[package]] name = "wasm-streams" -version = "0.2.3" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bbae3363c08332cadccd13b67db371814cd214c2524020932f0804b8cf7c078" +checksum = "b4609d447824375f43e1ffbc051b50ad8f4b3ae8219680c94452ea05eb240ac7" dependencies = [ "futures-util", "js-sys", @@ -6077,24 +6077,11 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webpki" -version = "0.22.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "webpki-roots" -version = "0.22.6" +version = "0.25.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6c71e40d7d2c34a5106301fb632274ca37242cd0c9d3e64dbece371a40a2d87" -dependencies = [ - "webpki", -] +checksum = "14247bb57be4f377dfb94c72830b8ce8fc6beac03cf4bf7b9732eadd414123fc" [[package]] name = "which" @@ -6328,6 +6315,16 @@ dependencies = [ "winapi", ] +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + [[package]] name = "winres" version = "0.1.12" diff --git a/Cargo.toml b/Cargo.toml index bc43c9fcdb..287d808bb0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -115,11 +115,14 @@ prost-build = "0.11" rand = "=0.8.5" regex = "^1.7.0" lazy-regex = "2.5.0" -reqwest = { version = "0.11.18", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json"] } +reqwest = { version = "0.11.20", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json"] } ring = "=0.16.20" rusqlite = { version = "=0.29.0", features = ["unlock_notify", "bundled"] } rustls = "0.21.0" rustls-pemfile = "1.0.0" +rustls-webpki = "0.101.4" +rustls-native-certs = "0.6.2" +webpki-roots = "0.25.2" serde = { version = "1.0.149", features = ["derive"] } serde_bytes = "0.11" serde_json = "1.0.85" diff --git a/cli/args/mod.rs b/cli/args/mod.rs index 424a7dc706..f82ed9a712 100644 --- a/cli/args/mod.rs +++ b/cli/args/mod.rs @@ -486,8 +486,8 @@ pub fn get_root_cert_store( for store in ca_stores.iter() { match store.as_str() { "mozilla" => { - root_cert_store.add_server_trust_anchors( - webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| { + root_cert_store.add_trust_anchors( + webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| { rustls::OwnedTrustAnchor::from_subject_spki_name_constraints( ta.subject, ta.spki, diff --git a/ext/tls/Cargo.toml b/ext/tls/Cargo.toml index 4dfc045f68..a06af68acf 100644 --- a/ext/tls/Cargo.toml +++ b/ext/tls/Cargo.toml @@ -17,8 +17,8 @@ path = "lib.rs" deno_core.workspace = true once_cell.workspace = true rustls = { workspace = true, features = ["dangerous_configuration"] } -rustls-native-certs = "0.6.2" +rustls-native-certs.workspace = true rustls-pemfile.workspace = true +rustls-webpki.workspace = true serde.workspace = true -webpki = "0.22" -webpki-roots = "0.22" +webpki-roots.workspace = true diff --git a/ext/tls/lib.rs b/ext/tls/lib.rs index dded1b3859..78ad243c1a 100644 --- a/ext/tls/lib.rs +++ b/ext/tls/lib.rs @@ -145,15 +145,15 @@ pub struct BasicAuth { pub fn create_default_root_cert_store() -> RootCertStore { let mut root_cert_store = RootCertStore::empty(); // TODO(@justinmchase): Consider also loading the system keychain here - root_cert_store.add_server_trust_anchors( - webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| { + root_cert_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map( + |ta| { rustls::OwnedTrustAnchor::from_subject_spki_name_constraints( ta.subject, ta.spki, ta.name_constraints, ) - }), - ); + }, + )); root_cert_store } @@ -187,7 +187,7 @@ pub fn create_client_config( let client = if let Some((cert_chain, private_key)) = maybe_cert_chain_and_key { client_config - .with_single_cert(cert_chain, private_key) + .with_client_auth_cert(cert_chain, private_key) .expect("invalid client key or certificate") } else { client_config.with_no_client_auth() @@ -223,7 +223,7 @@ pub fn create_client_config( let client = if let Some((cert_chain, private_key)) = maybe_cert_chain_and_key { client_config - .with_single_cert(cert_chain, private_key) + .with_client_auth_cert(cert_chain, private_key) .expect("invalid client key or certificate") } else { client_config.with_no_client_auth()