Bump rust version

.github/workflows/release.yaml

@@ -7,7 +7,7 @@ on:
     branches: [ "main" ]
 
 env:
-  RUST_VERSION: 1.78.0
+  RUST_VERSION: 1.80.1
   BIN_NAME: "wstunnel"
 
 jobs:

Cargo.lock

@@ -3143,7 +3143,6 @@ dependencies = [
  "log",
  "nix",
  "notify",
- "once_cell",
  "parking_lot",
  "pin-project",
  "ppp",

Cargo.toml

@@ -34,7 +34,6 @@ http-body-util = { version = "0.1.2" }
 jsonwebtoken = { version = "9.3.0", default-features = false }
 log = "0.4.22"
 nix = { version = "0.29.0", features = ["socket", "net", "uio"] }
-once_cell = { version = "1.19.0", features = [] }
 parking_lot = "0.12.3"
 pin-project = "1"
 notify = { version = "6.1.1", features = [] }

Dockerfile

@@ -2,7 +2,7 @@ ARG BUILDER_IMAGE=builder_cache
 
 ############################################################
 # Cache image with all the deps
-FROM rust:1.79-bookworm AS builder_cache
+FROM rust:1.80-bookworm AS builder_cache
 
 RUN rustup component add rustfmt clippy
 

src/embedded_certificate.rs

@@ -1,8 +1,8 @@
 use log::info;
-use once_cell::sync::Lazy;
+use std::sync::LazyLock;
 use tokio_rustls::rustls::pki_types::{CertificateDer, PrivateKeyDer};
 
-pub static TLS_PRIVATE_KEY: Lazy<PrivateKeyDer<'static>> = Lazy::new(|| {
+pub static TLS_PRIVATE_KEY: LazyLock<PrivateKeyDer<'static>> = LazyLock::new(|| {
     info!("Loading embedded tls private key");
 
     let key = include_bytes!("../certs/key.pem");
@@ -11,7 +11,7 @@ pub static TLS_PRIVATE_KEY: Lazy<PrivateKeyDer<'static>> = Lazy::new(|| {
         .expect("failed to load embedded tls private key");
     key
 });
-pub static TLS_CERTIFICATE: Lazy<Vec<CertificateDer<'static>>> = Lazy::new(|| {
+pub static TLS_CERTIFICATE: LazyLock<Vec<CertificateDer<'static>>> = LazyLock::new(|| {
     info!("Loading embedded tls certificate");
 
     let cert = include_bytes!("../certs/cert.pem");

src/tunnel/client/config.rs

@@ -1,12 +1,11 @@
 use crate::protocols::dns::DnsResolver;
 use crate::tunnel::transport::TransportAddr;
 use hyper::header::{HeaderName, HeaderValue};
-use once_cell::sync::Lazy;
 use parking_lot::RwLock;
 use std::collections::HashMap;
 use std::net::IpAddr;
 use std::path::PathBuf;
-use std::sync::Arc;
+use std::sync::{Arc, LazyLock};
 use std::time::Duration;
 use tokio_rustls::rustls::pki_types::{DnsName, ServerName};
 use tokio_rustls::TlsConnector;
@@ -30,7 +29,8 @@ pub struct WsClientConfig {
 
 impl WsClientConfig {
     pub fn tls_server_name(&self) -> ServerName<'static> {
-        static INVALID_DNS_NAME: Lazy<DnsName> = Lazy::new(|| DnsName::try_from("dns-name-invalid.com").unwrap());
+        static INVALID_DNS_NAME: LazyLock<DnsName> =
+            LazyLock::new(|| DnsName::try_from("dns-name-invalid.com").unwrap());
 
         self.remote_addr
             .tls()

src/tunnel/server/server.rs

@@ -9,7 +9,7 @@ use http_body_util::combinators::BoxBody;
 use std::net::SocketAddr;
 use std::path::PathBuf;
 use std::pin::Pin;
-use std::sync::Arc;
+use std::sync::{Arc, LazyLock};
 use std::time::Duration;
 
 use crate::protocols;
@@ -18,8 +18,7 @@ use hyper::body::Incoming;
 use hyper::server::conn::{http1, http2};
 use hyper::service::service_fn;
 use hyper::{http, Request, Response, StatusCode, Version};
-use hyper_util::rt::{TokioExecutor, TokioTimer};
+use hyper_util::rt::TokioExecutor;
-use once_cell::sync::Lazy;
 use parking_lot::Mutex;
 use socket2::SockRef;
 
@@ -205,7 +204,8 @@ impl WsServer {
                 Ok((remote, Box::pin(rx), Box::pin(tx)))
             }
             LocalProtocol::ReverseTcp => {
-                static SERVERS: Lazy<ReverseTunnelServer<TcpTunnelListener>> = Lazy::new(ReverseTunnelServer::new);
+                static SERVERS: LazyLock<ReverseTunnelServer<TcpTunnelListener>> =
+                    LazyLock::new(ReverseTunnelServer::new);
 
                 let remote_port = find_mapped_port(remote.port, restriction);
                 let local_srv = (remote.host, remote_port);
@@ -216,7 +216,8 @@ impl WsServer {
                 Ok((remote, Box::pin(local_rx), Box::pin(local_tx)))
             }
             LocalProtocol::ReverseUdp { timeout } => {
-                static SERVERS: Lazy<ReverseTunnelServer<UdpTunnelListener>> = Lazy::new(ReverseTunnelServer::new);
+                static SERVERS: LazyLock<ReverseTunnelServer<UdpTunnelListener>> =
+                    LazyLock::new(ReverseTunnelServer::new);
 
                 let remote_port = find_mapped_port(remote.port, restriction);
                 let local_srv = (remote.host, remote_port);
@@ -226,7 +227,8 @@ impl WsServer {
                 Ok((remote, Box::pin(local_rx), Box::pin(local_tx)))
             }
             LocalProtocol::ReverseSocks5 { timeout, credentials } => {
-                static SERVERS: Lazy<ReverseTunnelServer<Socks5TunnelListener>> = Lazy::new(ReverseTunnelServer::new);
+                static SERVERS: LazyLock<ReverseTunnelServer<Socks5TunnelListener>> =
+                    LazyLock::new(ReverseTunnelServer::new);
 
                 let remote_port = find_mapped_port(remote.port, restriction);
                 let local_srv = (remote.host, remote_port);
@@ -237,8 +239,8 @@ impl WsServer {
                 Ok((remote, Box::pin(local_rx), Box::pin(local_tx)))
             }
             LocalProtocol::ReverseHttpProxy { timeout, credentials } => {
-                static SERVERS: Lazy<ReverseTunnelServer<HttpProxyTunnelListener>> =
+                static SERVERS: LazyLock<ReverseTunnelServer<HttpProxyTunnelListener>> =
-                    Lazy::new(ReverseTunnelServer::new);
+                    LazyLock::new(ReverseTunnelServer::new);
 
                 let remote_port = find_mapped_port(remote.port, restriction);
                 let local_srv = (remote.host, remote_port);
@@ -251,7 +253,8 @@ impl WsServer {
             #[cfg(unix)]
             LocalProtocol::ReverseUnix { ref path } => {
                 use crate::tunnel::listeners::UnixTunnelListener;
-                static SERVERS: Lazy<ReverseTunnelServer<UnixTunnelListener>> = Lazy::new(ReverseTunnelServer::new);
+                static SERVERS: LazyLock<ReverseTunnelServer<UnixTunnelListener>> =
+                    LazyLock::new(ReverseTunnelServer::new);
 
                 let remote_port = find_mapped_port(remote.port, restriction);
                 let local_srv = (remote.host, remote_port);
@@ -436,7 +439,6 @@ impl WsServer {
                                 let websocket_upgrade_fn =
                                     mk_websocket_upgrade_fn(server, restrictions.clone(), restrict_path, peer_addr);
                                 let conn_fut = http1::Builder::new()
-                                    .timer(TokioTimer::new())
                                     .header_read_timeout(Duration::from_secs(10))
                                     .serve_connection(tls_stream, service_fn(websocket_upgrade_fn))
                                     .with_upgrades();

src/tunnel/transport/jwt.rs

@@ -1,18 +1,18 @@
 use crate::tunnel::{LocalProtocol, RemoteAddr};
 use jsonwebtoken::{Algorithm, DecodingKey, EncodingKey, Header, TokenData, Validation};
-use once_cell::sync::Lazy;
 use serde::{Deserialize, Serialize};
 use std::collections::HashSet;
 use std::ops::Deref;
+use std::sync::LazyLock;
 use url::Host;
 use uuid::Uuid;
 
 pub static JWT_HEADER_PREFIX: &str = "authorization.bearer.";
 static JWT_SECRET: &[u8; 15] = b"champignonfrais";
-static JWT_KEY: Lazy<(Header, EncodingKey)> =
+static JWT_KEY: LazyLock<(Header, EncodingKey)> =
-    Lazy::new(|| (Header::new(Algorithm::HS256), EncodingKey::from_secret(JWT_SECRET)));
+    LazyLock::new(|| (Header::new(Algorithm::HS256), EncodingKey::from_secret(JWT_SECRET)));
 
-static JWT_DECODE: Lazy<(Validation, DecodingKey)> = Lazy::new(|| {
+static JWT_DECODE: LazyLock<(Validation, DecodingKey)> = LazyLock::new(|| {
     let mut validation = Validation::new(Algorithm::HS256);
     validation.required_spec_claims = HashSet::with_capacity(0);
     (validation, DecodingKey::from_secret(JWT_SECRET))