diff --git a/Cargo.lock b/Cargo.lock index cbcf2112b..ed40a4c7e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -339,16 +339,6 @@ dependencies = [ "serde", ] -[[package]] -name = "bincode" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36eaf5d7b090263e8150820482d5d93cd964a81e4019913c972f4edcc6edb740" -dependencies = [ - "serde", - "unty", -] - [[package]] name = "bitflags" version = "1.3.2" @@ -517,6 +507,15 @@ dependencies = [ "cc", ] +[[package]] +name = "cobs" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fa961b519f0b462e3a3b4a34b64d119eeaca1d59af726fe450bbba07a9fc0a1" +dependencies = [ + "thiserror 2.0.17", +] + [[package]] name = "color-eyre" version = "0.6.5" @@ -1070,6 +1069,18 @@ version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" +[[package]] +name = "embedded-io" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef1a6892d9eef45c8fa6b9e0086428a2cca8491aca8f787c534a3d6d0bcb3ced" + +[[package]] +name = "embedded-io" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edd0f118536f44f5ccd48bcb8b111bdc3de888b58c74639dfb034a357d0f206d" + [[package]] name = "encode_unicode" version = "1.0.0" @@ -2531,7 +2542,6 @@ version = "0.22.3" dependencies = [ "async-trait", "base64 0.22.1", - "bincode", "bytes", "chrono", "config", @@ -2549,6 +2559,7 @@ dependencies = [ "itertools 0.14.0", "json-patch", "open", + "postcard", "regex", "reqwest", "reserve-port", @@ -2814,6 +2825,18 @@ version = "1.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f89776e4d69bb58bc6993e99ffa1d11f228b839984854c7daeb5d37f87cbe950" +[[package]] +name = "postcard" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6764c3b5dd454e283a30e6dfe78e9b31096d9e32036b5d1eaac7a6119ccb9a24" +dependencies = [ + "cobs", + "embedded-io 0.4.0", + "embedded-io 0.6.1", + "serde", +] + [[package]] name = "potential_utf" version = "0.1.4" @@ -4340,12 +4363,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" -[[package]] -name = "unty" -version = "0.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d49784317cd0d1ee7ec5c716dd598ec5b4483ea832a2dced265471cc0f690ae" - [[package]] name = "url" version = "2.5.7" diff --git a/deny.toml b/deny.toml index 40419665a..d24cd6d7b 100644 --- a/deny.toml +++ b/deny.toml @@ -73,6 +73,8 @@ ignore = [ #"RUSTSEC-0000-0000", "RUSTSEC-2021-0127", # serde_cbor as optional transitive dep: https://github.com/mozilla/authenticator-rs/issues/327 "RUSTSEC-2024-0436", + # ratatui is going to be updated soon + "RUSTSEC-2026-0002", #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" }, #"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish #{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" }, diff --git a/openstack_sdk/Cargo.toml b/openstack_sdk/Cargo.toml index 0ae2a5175..3bc576332 100644 --- a/openstack_sdk/Cargo.toml +++ b/openstack_sdk/Cargo.toml @@ -46,7 +46,6 @@ passkey = ["keystone_ng", "dep:webauthn-authenticator-rs", "dep:webauthn-rs-prot [dependencies] async-trait = {workspace = true} base64 = { workspace = true } -bincode = { version = "^2.0", default-features = false, features = ["serde", "std"] } bytes = {workspace = true} chrono = { workspace= true } config = { workspace = true, features = ["yaml"] } @@ -63,6 +62,7 @@ hyper-util = { version = "^0.1", features = ["full"] } itertools = { workspace = true } json-patch = { workspace = true } open.workspace = true +postcard = { version = "1.1", default-features = false, features = ["use-std"] } regex = { workspace = true } reqwest = { workspace = true, features = ["gzip", "deflate", "form", "http2", "socks", "system-proxy"] } diff --git a/openstack_sdk/src/state.rs b/openstack_sdk/src/state.rs index 0990e0122..307696a6f 100644 --- a/openstack_sdk/src/state.rs +++ b/openstack_sdk/src/state.rs @@ -22,8 +22,8 @@ use serde::{Deserialize, Serialize}; use std::collections::HashMap; use std::fs::{DirBuilder, File}; use std::io::prelude::*; +use std::os::unix::fs::PermissionsExt; use std::path::PathBuf; -//use thiserror::Error; use tracing::{debug, info, trace, warn}; use crate::auth::{ @@ -31,24 +31,6 @@ use crate::auth::{ AuthState, }; -// /// Errors which may occur when creating connection state data. -// #[derive(Debug, Error)] -// #[non_exhaustive] -// pub enum StateError { -// #[error("failed to deserialize config: {}", source)] -// Parse { -// /// The source of the error. -// #[from] -// source: config::ConfigError, -// }, -// #[error("IO error: {}", source)] -// IO { -// /// The source of the error. -// #[from] -// source: std::io::Error, -// }, -// } - /// A HashMap of Scope to Token #[derive(Clone, Default, Deserialize, Serialize, Debug)] pub(crate) struct ScopeAuths(HashMap); @@ -246,18 +228,15 @@ impl State { Ok(mut file) => { let mut contents = vec![]; match file.read_to_end(&mut contents) { - Ok(_) => match bincode::serde::decode_from_slice( - &contents, - bincode::config::legacy(), - ) { - Ok::<(ScopeAuths, usize), _>((mut auth, _)) => { + Ok(_) => match postcard::from_bytes::(&contents) { + Ok(mut auth) => { auth.filter_invalid_auths(); trace!("Cached Auth info: {:?}", auth); Some(auth) } Err(x) => { info!( - "Corrupted cache file {}: {:?}. Removing ", + "Corrupted cache file `{}`: {:?}. Removing ", fname.display(), x ); @@ -265,18 +244,18 @@ impl State { None } }, - _ => { + Err(e) => { // Not able to read file, maybe it is corrupted. There is nothing user can // or is expected to do about it, but it make sense to make user aware of. - info!("Error reading file {}", fname.display()); + info!("Error reading file `{}`: {:?}", fname.display(), e); None } } } - _ => { + Err(e) => { // Not able to open file, maybe it is missing. There is nothing user can or is // expected to do about it. - debug!("Error opening file {}", fname.display()); + debug!("Error opening file `{}`: {:?}", fname.display(), e); None } } @@ -291,17 +270,25 @@ impl State { let _ = state.0.insert(scope.clone(), data.clone()); - match bincode::serde::encode_to_vec(&state, bincode::config::legacy()) { - Ok(ser_data) => match File::create(fname.as_path()) { - Ok(mut file) => { - let _ = file.write_all(&ser_data); + match File::create(fname.as_path()) { + Ok(mut file) => { + match file.metadata() { + Ok(metadata) => { + let mut permissions = metadata.permissions(); + permissions.set_mode(0o600); + let _ = file.set_permissions(permissions); + } + Err(_) => { + warn!("Cannot set permissions for the cache file"); + return; + } } - _ => { - warn!("Error writing state file"); + if let Err(e) = postcard::to_io(&state, &mut file) { + warn!("Error serializing state: {:?}", e); } - }, - Err(e) => { - warn!("Error serializing state, {:?}", e); + } + _ => { + warn!("Error writing state file"); } } }