diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 607b512..137ac28 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,7 +7,7 @@ on: branches: [ "main" ] env: - RUST_VERSION: 1.78.0 + RUST_VERSION: 1.80.1 BIN_NAME: "wstunnel" jobs: diff --git a/Cargo.lock b/Cargo.lock index 6c95c46..d02a983 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3143,7 +3143,6 @@ dependencies = [ "log", "nix", "notify", - "once_cell", "parking_lot", "pin-project", "ppp", diff --git a/Cargo.toml b/Cargo.toml index 11b70a5..89fd9a1 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,7 +34,6 @@ http-body-util = { version = "0.1.2" } jsonwebtoken = { version = "9.3.0", default-features = false } log = "0.4.22" nix = { version = "0.29.0", features = ["socket", "net", "uio"] } -once_cell = { version = "1.19.0", features = [] } parking_lot = "0.12.3" pin-project = "1" notify = { version = "6.1.1", features = [] } diff --git a/Dockerfile b/Dockerfile index c87d1aa..2367a9d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BUILDER_IMAGE=builder_cache ############################################################ # Cache image with all the deps -FROM rust:1.79-bookworm AS builder_cache +FROM rust:1.80-bookworm AS builder_cache RUN rustup component add rustfmt clippy diff --git a/src/embedded_certificate.rs b/src/embedded_certificate.rs index a371177..0e6a6e4 100644 --- a/src/embedded_certificate.rs +++ b/src/embedded_certificate.rs @@ -1,8 +1,8 @@ use log::info; -use once_cell::sync::Lazy; +use std::sync::LazyLock; use tokio_rustls::rustls::pki_types::{CertificateDer, PrivateKeyDer}; -pub static TLS_PRIVATE_KEY: Lazy> = Lazy::new(|| { +pub static TLS_PRIVATE_KEY: LazyLock> = LazyLock::new(|| { info!("Loading embedded tls private key"); let key = include_bytes!("../certs/key.pem"); @@ -11,7 +11,7 @@ pub static TLS_PRIVATE_KEY: Lazy> = Lazy::new(|| { .expect("failed to load embedded tls private key"); key }); -pub static TLS_CERTIFICATE: Lazy>> = Lazy::new(|| { +pub static TLS_CERTIFICATE: LazyLock>> = LazyLock::new(|| { info!("Loading embedded tls certificate"); let cert = include_bytes!("../certs/cert.pem"); diff --git a/src/tunnel/client/config.rs b/src/tunnel/client/config.rs index 6ec9cb1..74b200f 100644 --- a/src/tunnel/client/config.rs +++ b/src/tunnel/client/config.rs @@ -1,12 +1,11 @@ use crate::protocols::dns::DnsResolver; use crate::tunnel::transport::TransportAddr; use hyper::header::{HeaderName, HeaderValue}; -use once_cell::sync::Lazy; use parking_lot::RwLock; use std::collections::HashMap; use std::net::IpAddr; use std::path::PathBuf; -use std::sync::Arc; +use std::sync::{Arc, LazyLock}; use std::time::Duration; use tokio_rustls::rustls::pki_types::{DnsName, ServerName}; use tokio_rustls::TlsConnector; @@ -30,7 +29,8 @@ pub struct WsClientConfig { impl WsClientConfig { pub fn tls_server_name(&self) -> ServerName<'static> { - static INVALID_DNS_NAME: Lazy = Lazy::new(|| DnsName::try_from("dns-name-invalid.com").unwrap()); + static INVALID_DNS_NAME: LazyLock = + LazyLock::new(|| DnsName::try_from("dns-name-invalid.com").unwrap()); self.remote_addr .tls() diff --git a/src/tunnel/server/server.rs b/src/tunnel/server/server.rs index bb87510..255c9f3 100644 --- a/src/tunnel/server/server.rs +++ b/src/tunnel/server/server.rs @@ -9,7 +9,7 @@ use http_body_util::combinators::BoxBody; use std::net::SocketAddr; use std::path::PathBuf; use std::pin::Pin; -use std::sync::Arc; +use std::sync::{Arc, LazyLock}; use std::time::Duration; use crate::protocols; @@ -18,8 +18,7 @@ use hyper::body::Incoming; use hyper::server::conn::{http1, http2}; use hyper::service::service_fn; use hyper::{http, Request, Response, StatusCode, Version}; -use hyper_util::rt::{TokioExecutor, TokioTimer}; -use once_cell::sync::Lazy; +use hyper_util::rt::TokioExecutor; use parking_lot::Mutex; use socket2::SockRef; @@ -205,7 +204,8 @@ impl WsServer { Ok((remote, Box::pin(rx), Box::pin(tx))) } LocalProtocol::ReverseTcp => { - static SERVERS: Lazy> = Lazy::new(ReverseTunnelServer::new); + static SERVERS: LazyLock> = + LazyLock::new(ReverseTunnelServer::new); let remote_port = find_mapped_port(remote.port, restriction); let local_srv = (remote.host, remote_port); @@ -216,7 +216,8 @@ impl WsServer { Ok((remote, Box::pin(local_rx), Box::pin(local_tx))) } LocalProtocol::ReverseUdp { timeout } => { - static SERVERS: Lazy> = Lazy::new(ReverseTunnelServer::new); + static SERVERS: LazyLock> = + LazyLock::new(ReverseTunnelServer::new); let remote_port = find_mapped_port(remote.port, restriction); let local_srv = (remote.host, remote_port); @@ -226,7 +227,8 @@ impl WsServer { Ok((remote, Box::pin(local_rx), Box::pin(local_tx))) } LocalProtocol::ReverseSocks5 { timeout, credentials } => { - static SERVERS: Lazy> = Lazy::new(ReverseTunnelServer::new); + static SERVERS: LazyLock> = + LazyLock::new(ReverseTunnelServer::new); let remote_port = find_mapped_port(remote.port, restriction); let local_srv = (remote.host, remote_port); @@ -237,8 +239,8 @@ impl WsServer { Ok((remote, Box::pin(local_rx), Box::pin(local_tx))) } LocalProtocol::ReverseHttpProxy { timeout, credentials } => { - static SERVERS: Lazy> = - Lazy::new(ReverseTunnelServer::new); + static SERVERS: LazyLock> = + LazyLock::new(ReverseTunnelServer::new); let remote_port = find_mapped_port(remote.port, restriction); let local_srv = (remote.host, remote_port); @@ -251,7 +253,8 @@ impl WsServer { #[cfg(unix)] LocalProtocol::ReverseUnix { ref path } => { use crate::tunnel::listeners::UnixTunnelListener; - static SERVERS: Lazy> = Lazy::new(ReverseTunnelServer::new); + static SERVERS: LazyLock> = + LazyLock::new(ReverseTunnelServer::new); let remote_port = find_mapped_port(remote.port, restriction); let local_srv = (remote.host, remote_port); @@ -436,7 +439,6 @@ impl WsServer { let websocket_upgrade_fn = mk_websocket_upgrade_fn(server, restrictions.clone(), restrict_path, peer_addr); let conn_fut = http1::Builder::new() - .timer(TokioTimer::new()) .header_read_timeout(Duration::from_secs(10)) .serve_connection(tls_stream, service_fn(websocket_upgrade_fn)) .with_upgrades(); diff --git a/src/tunnel/transport/jwt.rs b/src/tunnel/transport/jwt.rs index a09f216..0c992d0 100644 --- a/src/tunnel/transport/jwt.rs +++ b/src/tunnel/transport/jwt.rs @@ -1,18 +1,18 @@ use crate::tunnel::{LocalProtocol, RemoteAddr}; use jsonwebtoken::{Algorithm, DecodingKey, EncodingKey, Header, TokenData, Validation}; -use once_cell::sync::Lazy; use serde::{Deserialize, Serialize}; use std::collections::HashSet; use std::ops::Deref; +use std::sync::LazyLock; use url::Host; use uuid::Uuid; pub static JWT_HEADER_PREFIX: &str = "authorization.bearer."; static JWT_SECRET: &[u8; 15] = b"champignonfrais"; -static JWT_KEY: Lazy<(Header, EncodingKey)> = - Lazy::new(|| (Header::new(Algorithm::HS256), EncodingKey::from_secret(JWT_SECRET))); +static JWT_KEY: LazyLock<(Header, EncodingKey)> = + LazyLock::new(|| (Header::new(Algorithm::HS256), EncodingKey::from_secret(JWT_SECRET))); -static JWT_DECODE: Lazy<(Validation, DecodingKey)> = Lazy::new(|| { +static JWT_DECODE: LazyLock<(Validation, DecodingKey)> = LazyLock::new(|| { let mut validation = Validation::new(Algorithm::HS256); validation.required_spec_claims = HashSet::with_capacity(0); (validation, DecodingKey::from_secret(JWT_SECRET))