lohr: build on rust stable

Switching to Rocket's master branch (soon to be 0.5.0) allows building with a stable Rust compiler, yay!
2021-03-31 13:46:03 +02:00 · 2021-03-31 13:46:03 +02:00 · 3a93d9f994
parent da20e2c9ac
commit 3a93d9f994
5 changed files with 997 additions and 235 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -23,7 +23,7 @@ serde_yaml = "0.8.17"
 sha2 = "0.9.3"

 [dependencies.rocket]
-version = "0.4.7"
+version = "0.5.0-dev"
 # don't need private-cookies
 default-features = false

@ -31,3 +31,6 @@ default-features = false
 version = "2.33.3"
 # no need for suggestions or color with only one argument
 default-features = false
+
+[patch.crates-io]
+rocket = { git = "https://github.com/SergioBenitez/Rocket", rev = "2893ce754d6535e0a752586e60d7e292343016c0" }
--- a/2
+++ b/2
@ -1 +1 @@
-nightly
+stable
--- a/src/main.rs
+++ b/src/main.rs
@ -1,5 +1,3 @@
-#![feature(proc_macro_hygiene, decl_macro)]
-
 use std::env;
 use std::fs::File;
 use std::path::{Path, PathBuf};
@ -92,7 +90,8 @@ fn parse_config(home: &Path, flags: &clap::ArgMatches) -> anyhow::Result<GlobalS
    serde_yaml::from_reader(file).context("could not parse configuration file")
 }

-fn main() -> anyhow::Result<()> {
+#[rocket::main]
+async fn main() -> anyhow::Result<()> {
    let matches = App::new("lohr")
        .version(crate_version!())
        .about("Git mirroring daemon")
@ -127,7 +126,8 @@ fn main() -> anyhow::Result<()> {
        .manage(JobSender(Mutex::new(sender)))
        .manage(Secret(secret))
        .manage(config_state)
-        .launch();
+        .launch()
+        .await?;

    Ok(())
 }
--- a/src/signature.rs
+++ b/src/signature.rs
@ -1,20 +1,17 @@
 use std::{
-    io::Read,
+    io,
    ops::{Deref, DerefMut},
 };

 use rocket::{
-    data::{FromData, Outcome},
+    data::{ByteUnit, FromData, Outcome},
    http::ContentType,
    State,
 };
-use rocket::{
-    data::{Transform, Transformed},
-    http::Status,
-};
+use rocket::{http::Status, local_cache};
 use rocket::{Data, Request};

-use anyhow::anyhow;
+use anyhow::{anyhow, Context};
 use serde::Deserialize;

 use crate::Secret;
@ -53,37 +50,29 @@ impl<T> DerefMut for SignedJson<T> {
    }
 }

-const LIMIT: u64 = 1 << 20;
+const LIMIT: ByteUnit = ByteUnit::Mebibyte(1);
+
+impl<'r, T: Deserialize<'r>> SignedJson<T> {
+    fn from_str(s: &'r str) -> anyhow::Result<Self> {
+        serde_json::from_str(s)
+            .map(SignedJson)
+            .context("could not parse json")
+    }
+}

 // This is a one to one implementation of request_contrib::Json's FromData, but with HMAC
 // validation.
 //
 // Tracking issue for chaining Data guards to avoid this:
 // https://github.com/SergioBenitez/Rocket/issues/775
-impl<'a, T> FromData<'a> for SignedJson<T>
+#[rocket::async_trait]
+impl<'r, T> FromData<'r> for SignedJson<T>
 where
-    T: Deserialize<'a>,
+    T: Deserialize<'r>,
 {
    type Error = anyhow::Error;
-    type Owned = String;
-    type Borrowed = str;

-    fn transform(
-        request: &Request,
-        data: Data,
-    ) -> rocket::data::Transform<Outcome<Self::Owned, Self::Error>> {
-        let size_limit = request.limits().get("json").unwrap_or(LIMIT);
-        let mut s = String::with_capacity(512);
-        match data.open().take(size_limit).read_to_string(&mut s) {
-            Ok(_) => Transform::Borrowed(Outcome::Success(s)),
-            Err(e) => Transform::Borrowed(Outcome::Failure((
-                Status::BadRequest,
-                anyhow!("couldn't read json: {}", e),
-            ))),
-        }
-    }
-
-    fn from_data(request: &Request, o: Transformed<'a, Self>) -> Outcome<Self, Self::Error> {
+    async fn from_data(request: &'r Request<'_>, data: Data) -> Outcome<Self, Self::Error> {
        let json_ct = ContentType::new("application", "json");
        if request.content_type() != Some(&json_ct) {
            return Outcome::Failure((Status::BadRequest, anyhow!("wrong content type")));
@ -97,26 +86,31 @@ where
            ));
        }

+        let size_limit = request.limits().get("json").unwrap_or(LIMIT);
+        let content = match data.open(size_limit).into_string().await {
+            Ok(s) if s.is_complete() => s.into_inner(),
+            Ok(_) => {
+                let eof = io::ErrorKind::UnexpectedEof;
+                return Outcome::Failure((
+                    Status::PayloadTooLarge,
+                    io::Error::new(eof, "data limit exceeded").into(),
+                ));
+            }
+            Err(e) => return Outcome::Failure((Status::BadRequest, e.into())),
+        };
+
        let signature = signatures[0];
+        let secret = request.guard::<State<Secret>>().await.unwrap();

-        let content = o.borrowed()?;
-
-        let secret = request.guard::<State<Secret>>().unwrap();
-
-        if !validate_signature(&secret.0, &signature, content) {
+        if !validate_signature(&secret.0, &signature, &content) {
            return Outcome::Failure((Status::BadRequest, anyhow!("couldn't verify signature")));
        }

-        let content = match serde_json::from_str(content) {
-            Ok(content) => content,
-            Err(e) => {
-                return Outcome::Failure((
-                    Status::BadRequest,
-                    anyhow!("couldn't parse json: {}", e),
-                ))
-            }
+        let content = match Self::from_str(local_cache!(request, content)) {
+            Ok(content) => Outcome::Success(content),
+            Err(e) => Outcome::Failure((Status::BadRequest, e)),
        };

-        Outcome::Success(SignedJson(content))
+        content
    }
 }