diff --git a/Cargo.toml b/Cargo.toml index be639aec..c2fcfab9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -71,34 +71,34 @@ webauthn-rs-device-catalog = { path = "./device-catalog" } async-trait = "~0.1" async-std = { version = "1.6", features = ["attributes"] } -anyhow = "1.0" -base64 = "0.21" -clap = { version = "^4.5", features = ["derive", "env"] } +anyhow = "1.0.100" +base64 = "0.22.1" +clap = { version = "^4.5.53", features = ["derive", "env"] } compact_jwt = "0.4.2" futures = "^0.3.25" hex = "0.4.3" -http = "^0.2.9" +http = "^1.3.1" http-body = "1.0.1" http-body-util = "0.1.2" -hyper = { version = "1.5.1", default-features = false, features = ["http1"] } -hyper-util = { version = "0.1.10", features = ["tokio"] } -nom = "7.1" +hyper = { version = "1.8.1", default-features = false, features = ["http1"] } +hyper-util = { version = "0.1.18", features = ["tokio"] } +nom = "7.1.3" num-derive = { version = "0.4.2" } peg = "0.8.1" -openssl = "^0.10.56" +openssl = "^0.10.75" openssl-sys = "^0.9.109" -rand = "0.8" -rand_chacha = "0.3.1" -reqwest = { version = "0.12", default-features = false, features = [ +rand = "0.9.2" +rand_chacha = "0.9.0" +reqwest = { version = "0.12.24", default-features = false, features = [ "rustls-tls-native-roots", ] } -serde = { version = "^1.0.141", features = ["derive"] } +serde = { version = "^1.0.228", features = ["derive"] } serde_cbor_2 = { version = "0.13.0" } -serde_json = "^1.0.79" -thiserror = "^1.0.37" -tokio = { version = "1.22.0", features = [ +serde_json = "^1.0.145" +thiserror = "^2.0.17" +tokio = { version = "1.48.0", features = [ "sync", "test-util", "macros", @@ -108,16 +108,16 @@ tokio = { version = "1.22.0", features = [ ] } tokio-native-tls = "^0.3.1" tokio-stream = { version = "0.1", features = ["sync"] } -tokio-tungstenite = { version = "^0.24.0", features = ["native-tls"] } +tokio-tungstenite = { version = "^0.28.0", features = ["native-tls"] } tracing = "^0.1.35" -tracing-subscriber = { version = "0.3", features = [ +tracing-subscriber = { version = "0.3.20", features = [ "env-filter", "std", "fmt", ] } tracing-log = { version = "0.2.0" } -tungstenite = { version = "^0.24.0", default-features = false, features = [ +tungstenite = { version = "^0.28.0", default-features = false, features = [ "handshake", ] } -url = "2" -uuid = "^1.1.2" +url = "2.5.7" +uuid = "^1.18.1" diff --git a/cable-tunnel-server/backend/src/main.rs b/cable-tunnel-server/backend/src/main.rs index 31f13544..1a7061d7 100644 --- a/cable-tunnel-server/backend/src/main.rs +++ b/cable-tunnel-server/backend/src/main.rs @@ -1,6 +1,6 @@ use std::{ - borrow::Cow, collections::HashMap, convert::Infallible, error::Error as StdError, - net::SocketAddr, sync::Arc, time::Duration, + collections::HashMap, convert::Infallible, error::Error as StdError, net::SocketAddr, + sync::Arc, time::Duration, }; use clap::{ArgAction, Parser, ValueHint}; @@ -26,6 +26,7 @@ use tokio_tungstenite::WebSocketStream; use tungstenite::{ error::CapacityError, protocol::{frame::coding::CloseCode, CloseFrame, Message, Role, WebSocketConfig}, + Utf8Bytes, }; use cable_tunnel_server_common::*; @@ -127,7 +128,7 @@ impl Tunnel { const PEER_DISCONNECTED_FRAME: CloseFrame = CloseFrame { code: CloseCode::Normal, - reason: Cow::Borrowed("remote peer cleanly disconnected"), + reason: Utf8Bytes::from_static("remote peer cleanly disconnected"), }; #[derive(thiserror::Error, Debug)] @@ -162,7 +163,7 @@ impl From for CableError { } impl CableError { - fn close_reason(&self) -> Option> { + fn close_reason(&self) -> Option { use CableError::*; let code = match self { RemotePeerErrorFrame => CloseCode::Policy, @@ -376,11 +377,11 @@ async fn handle_request( tokio::task::spawn(async move { let ss = state.clone(); - let config = Some(WebSocketConfig { - max_message_size: Some(ss.max_length), - max_frame_size: Some(ss.max_length), - ..Default::default() - }); + let config = Some( + WebSocketConfig::default() + .max_message_size(Some(ss.max_length)) + .max_frame_size(Some(ss.max_length)), + ); match hyper::upgrade::on(&mut req).await { Ok(upgraded) => { diff --git a/compat_tester/webauthn-rs-demo-wasm/Cargo.toml b/compat_tester/webauthn-rs-demo-wasm/Cargo.toml index f2e38eac..60a2cced 100644 --- a/compat_tester/webauthn-rs-demo-wasm/Cargo.toml +++ b/compat_tester/webauthn-rs-demo-wasm/Cargo.toml @@ -10,15 +10,17 @@ crate-type = ["cdylib", "rlib"] [dependencies] webauthn-rs-demo-shared = { path = "../webauthn-rs-demo-shared", default-features = false } -webauthn-rs-proto = { path = "../../webauthn-rs-proto", default-features = false, features = ["wasm"] } +webauthn-rs-proto = { path = "../../webauthn-rs-proto", default-features = false, features = [ + "wasm", +] } wasm-bindgen = { version = "0.2", features = ["serde-serialize"] } wasm-bindgen-futures = { version = "0.4" } -yew-router = "0.16.0" -yew = "0.19" +yew-router = "0.18.0" +yew = "0.21" js-sys = "0.3" serde = { version = "1.0", features = ["derive"] } -serde-wasm-bindgen = "0.4" -gloo = { version = "0.10", default-features = false, features = ["console"] } +serde-wasm-bindgen = "0.6.5" +gloo = { version = "0.11.0", default-features = false, features = ["console"] } url = "2" [dependencies.web-sys] diff --git a/compat_tester/webauthn-rs-demo/src/main.rs b/compat_tester/webauthn-rs-demo/src/main.rs index bd55b7d3..4c759cfa 100644 --- a/compat_tester/webauthn-rs-demo/src/main.rs +++ b/compat_tester/webauthn-rs-demo/src/main.rs @@ -669,7 +669,7 @@ async fn main() -> tide::Result<()> { let mut app = tide::with_state(app_state); - let cookie_sig = StdRng::from_entropy().gen::<[u8; 32]>(); + let cookie_sig = StdRng::from_os_rng().random::<[u8; 32]>(); let memory_store = tide::sessions::MemoryStore::new(); let sessions = tide::sessions::SessionMiddleware::new(memory_store.clone(), &cookie_sig) diff --git a/fido-hid-rs/Cargo.toml b/fido-hid-rs/Cargo.toml index f8a4ff12..bf64df6c 100644 --- a/fido-hid-rs/Cargo.toml +++ b/fido-hid-rs/Cargo.toml @@ -14,7 +14,7 @@ repository = { workspace = true } [dependencies] async-trait = "0.1.58" -bitflags = "1.3.2" +bitflags = "2.10.0" futures.workspace = true thiserror.workspace = true tokio.workspace = true @@ -24,7 +24,7 @@ tracing.workspace = true [build-dependencies] # Actually only required when targeting Linux, but Cargo doesn't support # build-dependencies for a single target, and you might be cross-compiling. -bindgen = "0.65.1" +bindgen = "0.72.1" [dev-dependencies] tracing-subscriber = { workspace = true } @@ -48,12 +48,12 @@ windows = { version = "0.41.0", features = [ ] } [target.'cfg(target_os = "macos")'.dependencies] -core-foundation = "0.9" +core-foundation = "0.10.1" libc = "0.2" -mach2 = "0.4" +mach2 = "0.6" [target.'cfg(target_os = "linux")'.dependencies] -nix = { version = "0.26.2", features = ["ioctl", "poll"] } +nix = { version = "0.30.1", features = ["ioctl", "poll", "signal"] } num-derive = { workspace = true } num-traits = "0.2" -udev = "0.7.0" +udev = "0.9.3" diff --git a/fido-hid-rs/build.rs b/fido-hid-rs/build.rs index 85da9242..b1ab71b9 100644 --- a/fido-hid-rs/build.rs +++ b/fido-hid-rs/build.rs @@ -6,7 +6,7 @@ fn linux_headers() { println!("cargo:rerun-if-changed={LINUX_WRAPPER_H}"); let bindings = bindgen::builder() .header(LINUX_WRAPPER_H) - .parse_callbacks(Box::new(bindgen::CargoCallbacks)) + .parse_callbacks(Box::new(bindgen::CargoCallbacks::new())) .derive_debug(false) .derive_default(true) .allowlist_type("hidraw_report_descriptor") diff --git a/fido-hid-rs/src/linux/mod.rs b/fido-hid-rs/src/linux/mod.rs index f74ab155..cb6e1306 100644 --- a/fido-hid-rs/src/linux/mod.rs +++ b/fido-hid-rs/src/linux/mod.rs @@ -8,7 +8,7 @@ use std::{ fs::{File, OpenOptions}, io::{Read, Write}, mem::size_of, - os::fd::AsRawFd, + os::fd::{AsFd, AsRawFd}, path::Path, time::Duration, }; @@ -89,12 +89,15 @@ impl USBDeviceManager for USBDeviceManagerImpl { return; } - let pollfd = PollFd::new(monitor.as_raw_fd(), PollFlags::POLLIN | PollFlags::POLLPRI); + let mut pollfds = [PollFd::new( + monitor.as_fd(), + PollFlags::POLLIN | PollFlags::POLLPRI, + )]; loop { // trace!("ppoll'ing for event"); if let Err(e) = ppoll( - &mut [pollfd], + &mut pollfds, Some(Duration::from_secs(1).into()), Some(SigSet::all()), ) { @@ -171,6 +174,7 @@ impl USBDeviceManager for USBDeviceManagerImpl { } #[derive(Clone, Debug)] +#[allow(dead_code)] // because vendor/product are not used yet pub struct USBDeviceInfoImpl { path: Box, vendor: u16, diff --git a/tutorial/server/actix_web/src/session.rs b/tutorial/server/actix_web/src/session.rs index d4e1041f..49ca4113 100644 --- a/tutorial/server/actix_web/src/session.rs +++ b/tutorial/server/actix_web/src/session.rs @@ -6,7 +6,7 @@ use actix_session::storage::{LoadError, SaveError, SessionKey, SessionStore, Upd use actix_web::cookie::time::Duration; use anyhow::anyhow; use chrono::Utc; -use rand::distributions::{Alphanumeric, DistString}; +use rand::distr::{Alphanumeric, SampleString}; /** Static map where session states are stored @@ -48,7 +48,7 @@ impl SessionStore for MemorySession { let mut session_key; loop { - session_key = Alphanumeric.sample_string(&mut rand::thread_rng(), 512); + session_key = Alphanumeric.sample_string(&mut rand::rng(), 512); if !SESSION_STATES .lock() diff --git a/tutorial/server/tide/src/main.rs b/tutorial/server/tide/src/main.rs index 0c216cf1..fbe42665 100644 --- a/tutorial/server/tide/src/main.rs +++ b/tutorial/server/tide/src/main.rs @@ -387,7 +387,7 @@ async fn main() -> tide::Result<()> { // Allow cookies so that we can bind some data to sessions. // In production, you should NOT use the memory store, since // it does not have cleanup. - let cookie_sig = StdRng::from_entropy().gen::<[u8; 32]>(); + let cookie_sig = StdRng::from_os_rng().random::<[u8; 32]>(); let memory_store = tide::sessions::MemoryStore::new(); let sessions = tide::sessions::SessionMiddleware::new(memory_store.clone(), &cookie_sig) diff --git a/webauthn-authenticator-rs/Cargo.toml b/webauthn-authenticator-rs/Cargo.toml index b262cb07..904b8edf 100644 --- a/webauthn-authenticator-rs/Cargo.toml +++ b/webauthn-authenticator-rs/Cargo.toml @@ -135,8 +135,8 @@ bluetooth-hci = { git = "https://github.com/micolous/bluetooth-hci.git", rev = " # image version needs to match bardecoder's version: # https://github.com/piderman314/bardecoder/blame/master/Cargo.toml -bardecoder = "=0.4.0" -image = ">= 0.23.14, < 0.24" +bardecoder = "=0.5.0" +image = "0.24.9" [[example]] name = "authenticate" diff --git a/webauthn-authenticator-rs/src/cable/tunnel.rs b/webauthn-authenticator-rs/src/cable/tunnel.rs index 37f6ec69..f7edb296 100644 --- a/webauthn-authenticator-rs/src/cable/tunnel.rs +++ b/webauthn-authenticator-rs/src/cable/tunnel.rs @@ -182,7 +182,9 @@ impl Tunnel { CableNoise::build_initiator(Some(local_identity), psk, None)?; trace!("Sending initial handshake..."); trace!(">!> {}", hex::encode(&handshake_message)); - stream.send(Message::Binary(handshake_message)).await?; + stream + .send(Message::Binary(handshake_message.into())) + .await?; // Handshake sent, get response ui.cable_status_update(CableState::WaitingForAuthenticatorResponse); @@ -292,7 +294,7 @@ impl Tunnel { CableNoise::build_responder(None, psk, Some(peer_identity), &resp)?; trace!("Sending response to initiator challenge"); trace!(">!> {}", hex::encode(&response)); - stream.send(Message::Binary(response)).await?; + stream.send(Message::Binary(response.into())).await?; // Send post-handshake message let phm = CablePostHandshake { @@ -336,7 +338,7 @@ impl Tunnel { trace!(">>> {}", hex::encode(cmd)); let encrypted = self.crypter.encrypt(cmd)?; trace!(">!> {}", hex::encode(&encrypted)); - self.stream.send(Message::Binary(encrypted)).await?; + self.stream.send(Message::Binary(encrypted.into())).await?; Ok(()) } diff --git a/webauthn-rs-core/src/core.rs b/webauthn-rs-core/src/core.rs index 4cb17aec..f6821a2e 100644 --- a/webauthn-rs-core/src/core.rs +++ b/webauthn-rs-core/src/core.rs @@ -226,8 +226,8 @@ impl WebauthnCore { } fn generate_challenge(&self) -> Challenge { - let mut rng = rand::thread_rng(); - Challenge::new(rng.gen::<[u8; CHALLENGE_SIZE_BYTES]>().to_vec()) + let mut rng = rand::rng(); + Challenge::new(rng.random::<[u8; CHALLENGE_SIZE_BYTES]>().to_vec()) } /// Generate a new challenge builder for client registration. This is the first step in