diff options
author | Nora Widdecke <nora@sequoia-pgp.org> | 2021-09-28 12:18:38 +0200 |
---|---|---|
committer | Nora Widdecke <nora@sequoia-pgp.org> | 2021-10-25 18:25:05 +0200 |
commit | 463b8702ab672e1f528968f46f81b8cfdf2005c8 (patch) | |
tree | 52be0e0741130c9507a26d6865ef34562baf6b85 /ffi | |
parent | 6257a2e0197190f5f2951693256d05d32437bd55 (diff) |
ffi, net, sq: Update to tokio 1.0.
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
Diffstat (limited to 'ffi')
-rw-r--r-- | ffi/Cargo.toml | 2 | ||||
-rw-r--r-- | ffi/src/net.rs | 7 |
2 files changed, 4 insertions, 5 deletions
diff --git a/ffi/Cargo.toml b/ffi/Cargo.toml index a2320c45..53ddaf68 100644 --- a/ffi/Cargo.toml +++ b/ffi/Cargo.toml @@ -32,7 +32,7 @@ lazy_static = "1.4.0" libc = "0.2.66" memsec = { version = ">=0.5", default-features = false } native-tls = "0.2.0" -tokio = { version = "0.2.19", features = ["rt-core", "io-driver", "io-util", "time"] } +tokio = { version = "1", features = ["rt", "time"] } [dev-dependencies] filetime = "0.2" diff --git a/ffi/src/net.rs b/ffi/src/net.rs index ce1888b8..c8f03289 100644 --- a/ffi/src/net.rs +++ b/ffi/src/net.rs @@ -127,7 +127,7 @@ fn sq_keyserver_get(ctx: *mut Context, let ks = ffi_param_ref_mut!(ks); let id = id.ref_raw().clone(); - let mut core = ffi_try_or!(basic_runtime(), None); + let core = ffi_try_or!(basic_runtime(), None); core.block_on(ks.get(id)).move_into_raw(Some(ctx.errp())) } @@ -146,13 +146,12 @@ fn sq_keyserver_send(ctx: *mut Context, ffi_try_status!(basic_runtime() .map_err(|e| e.into()) - .and_then(|mut rt| rt.block_on(ks.send(cert)))) + .and_then(|rt| rt.block_on(ks.send(cert)))) } /// Constructs a basic Tokio runtime. fn basic_runtime() -> tokio::io::Result<tokio::runtime::Runtime> { - tokio::runtime::Builder::new() - .basic_scheduler() + tokio::runtime::Builder::new_current_thread() .enable_io() .enable_time() .build() |