lohr: build on rust stable

Switching to Rocket's master branch (soon to be 0.5.0) allows building
with a stable Rust compiler, yay!
This commit is contained in:
Antoine Martin 2021-03-31 13:46:03 +02:00
parent da20e2c9ac
commit 3a93d9f994
5 changed files with 997 additions and 235 deletions

1139
Cargo.lock generated

File diff suppressed because it is too large Load diff

View file

@ -23,7 +23,7 @@ serde_yaml = "0.8.17"
sha2 = "0.9.3" sha2 = "0.9.3"
[dependencies.rocket] [dependencies.rocket]
version = "0.4.7" version = "0.5.0-dev"
# don't need private-cookies # don't need private-cookies
default-features = false default-features = false
@ -31,3 +31,6 @@ default-features = false
version = "2.33.3" version = "2.33.3"
# no need for suggestions or color with only one argument # no need for suggestions or color with only one argument
default-features = false default-features = false
[patch.crates-io]
rocket = { git = "https://github.com/SergioBenitez/Rocket", rev = "2893ce754d6535e0a752586e60d7e292343016c0" }

View file

@ -1 +1 @@
nightly stable

View file

@ -1,5 +1,3 @@
#![feature(proc_macro_hygiene, decl_macro)]
use std::env; use std::env;
use std::fs::File; use std::fs::File;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
@ -92,7 +90,8 @@ fn parse_config(home: &Path, flags: &clap::ArgMatches) -> anyhow::Result<GlobalS
serde_yaml::from_reader(file).context("could not parse configuration file") serde_yaml::from_reader(file).context("could not parse configuration file")
} }
fn main() -> anyhow::Result<()> { #[rocket::main]
async fn main() -> anyhow::Result<()> {
let matches = App::new("lohr") let matches = App::new("lohr")
.version(crate_version!()) .version(crate_version!())
.about("Git mirroring daemon") .about("Git mirroring daemon")
@ -127,7 +126,8 @@ fn main() -> anyhow::Result<()> {
.manage(JobSender(Mutex::new(sender))) .manage(JobSender(Mutex::new(sender)))
.manage(Secret(secret)) .manage(Secret(secret))
.manage(config_state) .manage(config_state)
.launch(); .launch()
.await?;
Ok(()) Ok(())
} }

View file

@ -1,20 +1,17 @@
use std::{ use std::{
io::Read, io,
ops::{Deref, DerefMut}, ops::{Deref, DerefMut},
}; };
use rocket::{ use rocket::{
data::{FromData, Outcome}, data::{ByteUnit, FromData, Outcome},
http::ContentType, http::ContentType,
State, State,
}; };
use rocket::{ use rocket::{http::Status, local_cache};
data::{Transform, Transformed},
http::Status,
};
use rocket::{Data, Request}; use rocket::{Data, Request};
use anyhow::anyhow; use anyhow::{anyhow, Context};
use serde::Deserialize; use serde::Deserialize;
use crate::Secret; use crate::Secret;
@ -53,37 +50,29 @@ impl<T> DerefMut for SignedJson<T> {
} }
} }
const LIMIT: u64 = 1 << 20; const LIMIT: ByteUnit = ByteUnit::Mebibyte(1);
impl<'r, T: Deserialize<'r>> SignedJson<T> {
fn from_str(s: &'r str) -> anyhow::Result<Self> {
serde_json::from_str(s)
.map(SignedJson)
.context("could not parse json")
}
}
// This is a one to one implementation of request_contrib::Json's FromData, but with HMAC // This is a one to one implementation of request_contrib::Json's FromData, but with HMAC
// validation. // validation.
// //
// Tracking issue for chaining Data guards to avoid this: // Tracking issue for chaining Data guards to avoid this:
// https://github.com/SergioBenitez/Rocket/issues/775 // https://github.com/SergioBenitez/Rocket/issues/775
impl<'a, T> FromData<'a> for SignedJson<T> #[rocket::async_trait]
impl<'r, T> FromData<'r> for SignedJson<T>
where where
T: Deserialize<'a>, T: Deserialize<'r>,
{ {
type Error = anyhow::Error; type Error = anyhow::Error;
type Owned = String;
type Borrowed = str;
fn transform( async fn from_data(request: &'r Request<'_>, data: Data) -> Outcome<Self, Self::Error> {
request: &Request,
data: Data,
) -> rocket::data::Transform<Outcome<Self::Owned, Self::Error>> {
let size_limit = request.limits().get("json").unwrap_or(LIMIT);
let mut s = String::with_capacity(512);
match data.open().take(size_limit).read_to_string(&mut s) {
Ok(_) => Transform::Borrowed(Outcome::Success(s)),
Err(e) => Transform::Borrowed(Outcome::Failure((
Status::BadRequest,
anyhow!("couldn't read json: {}", e),
))),
}
}
fn from_data(request: &Request, o: Transformed<'a, Self>) -> Outcome<Self, Self::Error> {
let json_ct = ContentType::new("application", "json"); let json_ct = ContentType::new("application", "json");
if request.content_type() != Some(&json_ct) { if request.content_type() != Some(&json_ct) {
return Outcome::Failure((Status::BadRequest, anyhow!("wrong content type"))); return Outcome::Failure((Status::BadRequest, anyhow!("wrong content type")));
@ -97,26 +86,31 @@ where
)); ));
} }
let size_limit = request.limits().get("json").unwrap_or(LIMIT);
let content = match data.open(size_limit).into_string().await {
Ok(s) if s.is_complete() => s.into_inner(),
Ok(_) => {
let eof = io::ErrorKind::UnexpectedEof;
return Outcome::Failure((
Status::PayloadTooLarge,
io::Error::new(eof, "data limit exceeded").into(),
));
}
Err(e) => return Outcome::Failure((Status::BadRequest, e.into())),
};
let signature = signatures[0]; let signature = signatures[0];
let secret = request.guard::<State<Secret>>().await.unwrap();
let content = o.borrowed()?; if !validate_signature(&secret.0, &signature, &content) {
let secret = request.guard::<State<Secret>>().unwrap();
if !validate_signature(&secret.0, &signature, content) {
return Outcome::Failure((Status::BadRequest, anyhow!("couldn't verify signature"))); return Outcome::Failure((Status::BadRequest, anyhow!("couldn't verify signature")));
} }
let content = match serde_json::from_str(content) { let content = match Self::from_str(local_cache!(request, content)) {
Ok(content) => content, Ok(content) => Outcome::Success(content),
Err(e) => { Err(e) => Outcome::Failure((Status::BadRequest, e)),
return Outcome::Failure((
Status::BadRequest,
anyhow!("couldn't parse json: {}", e),
))
}
}; };
Outcome::Success(SignedJson(content)) content
} }
} }