From 868e086d7593cfb8dad9ada3117f20070d61f628 Mon Sep 17 00:00:00 2001 From: behzad nouri Date: Fri, 14 Jul 2023 17:30:57 +0000 Subject: [PATCH] upgrades quinn and rustls crates (#32499) --- Cargo.lock | 84 ++++++++++++---------- Cargo.toml | 7 +- programs/sbf/Cargo.lock | 84 ++++++++++++---------- quic-client/Cargo.toml | 1 - quic-client/src/nonblocking/quic_client.rs | 4 +- streamer/Cargo.toml | 1 - streamer/src/nonblocking/quic.rs | 31 +++++--- streamer/src/quic.rs | 6 +- turbine/src/quic_endpoint.rs | 8 +-- 9 files changed, 130 insertions(+), 96 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3b6f6e1275..2624227b1b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2433,7 +2433,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2", + "socket2 0.4.9", "tokio", "tower-service", "tracing", @@ -4058,52 +4058,50 @@ checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" [[package]] name = "quinn" -version = "0.9.3" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "445cbfe2382fa023c4f2f3c7e1c95c03dcc1df2bf23cebcb2b13e1402c4394d1" +checksum = "21252f1c0fc131f1b69182db8f34837e8a69737b8251dff75636a9be0518c324" dependencies = [ "bytes", "pin-project-lite", "quinn-proto", "quinn-udp", "rustc-hash", - "rustls 0.20.8", + "rustls 0.21.5", "thiserror", "tokio", "tracing", - "webpki 0.22.0", ] [[package]] name = "quinn-proto" -version = "0.9.3" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67c10f662eee9c94ddd7135043e544f3c82fa839a1e7b865911331961b53186c" +checksum = "85af4ed6ee5a89f26a26086e9089a6643650544c025158449a3626ebf72884b3" dependencies = [ "bytes", "rand 0.8.5", "ring", "rustc-hash", - "rustls 0.20.8", + "rustls 0.21.5", "rustls-native-certs", "slab", "thiserror", "tinyvec", "tracing", - "webpki 0.22.0", ] [[package]] name = "quinn-udp" -version = "0.3.2" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "641538578b21f5e5c8ea733b736895576d0fe329bb883b937db6f4d163dbaaf4" +checksum = "6df19e284d93757a9fb91d63672f7741b129246a669db09d1c0063071debc0c0" dependencies = [ + "bytes", "libc", - "quinn-proto", - "socket2", + "socket2 0.5.3", "tracing", - "windows-sys 0.42.0", + "windows-sys 0.48.0", ] [[package]] @@ -4568,6 +4566,17 @@ dependencies = [ "webpki 0.22.0", ] +[[package]] +name = "rustls" +version = "0.21.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79ea77c539259495ce8ca47f53e66ae0330a8819f67e23ac96ca02f50e7b7d36" +dependencies = [ + "ring", + "rustls-webpki", + "sct 0.7.0", +] + [[package]] name = "rustls-native-certs" version = "0.6.1" @@ -4598,6 +4607,16 @@ dependencies = [ "base64 0.13.1", ] +[[package]] +name = "rustls-webpki" +version = "0.101.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15f36a6828982f422756984e47912a7a51dcbc2a197aa791158f8ca61cd8204e" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.13" @@ -5060,6 +5079,16 @@ dependencies = [ "winapi 0.3.9", ] +[[package]] +name = "socket2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + [[package]] name = "soketto" version = "0.7.1" @@ -6303,7 +6332,7 @@ dependencies = [ "rand 0.7.3", "serde", "serde_derive", - "socket2", + "socket2 0.4.9", "solana-logger", "solana-sdk", "solana-version", @@ -6534,9 +6563,8 @@ dependencies = [ "log", "quinn", "quinn-proto", - "quinn-udp", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-connection-cache", "solana-logger", "solana-measure", @@ -6997,10 +7025,9 @@ dependencies = [ "pkcs8", "quinn", "quinn-proto", - "quinn-udp", "rand 0.7.3", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-logger", "solana-metrics", "solana-perf", @@ -7191,7 +7218,7 @@ dependencies = [ "rand_chacha 0.2.2", "rayon", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-entry", "solana-gossip", "solana-ledger", @@ -7940,7 +7967,7 @@ dependencies = [ "parking_lot 0.12.1", "pin-project-lite", "signal-hook-registry", - "socket2", + "socket2 0.4.9", "tokio-macros", "windows-sys 0.48.0", ] @@ -8707,21 +8734,6 @@ dependencies = [ "windows_x86_64_msvc 0.32.0", ] -[[package]] -name = "windows-sys" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" -dependencies = [ - "windows_aarch64_gnullvm 0.42.2", - "windows_aarch64_msvc 0.42.2", - "windows_i686_gnu 0.42.2", - "windows_i686_msvc 0.42.2", - "windows_x86_64_gnu 0.42.2", - "windows_x86_64_gnullvm 0.42.2", - "windows_x86_64_msvc 0.42.2", -] - [[package]] name = "windows-sys" version = "0.45.0" diff --git a/Cargo.toml b/Cargo.toml index 58fcee9091..c29da8c98b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -259,9 +259,8 @@ prost = "0.11.9" prost-types = "0.11.9" protobuf-src = "1.1.0" qstring = "0.7.2" -quinn = "0.9.3" -quinn-proto = "0.9.3" -quinn-udp = "0.3.2" +quinn = "0.10.1" +quinn-proto = "0.10.1" quote = "1.0" rand = "0.7.0" rand_chacha = "0.2.2" @@ -275,7 +274,7 @@ rolling-file = "0.2.0" reqwest = { version = "0.11.17", default-features = false } rpassword = "7.2" rustc_version = "0.4" -rustls = { version = "0.20.8", default-features = false } +rustls = { version = "0.21.5", default-features = false, features = ["quic"] } rustversion = "1.0.13" scopeguard = "1.1.0" semver = "1.0.17" diff --git a/programs/sbf/Cargo.lock b/programs/sbf/Cargo.lock index 6310d77c4c..cfe36bc11f 100644 --- a/programs/sbf/Cargo.lock +++ b/programs/sbf/Cargo.lock @@ -2103,7 +2103,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2", + "socket2 0.4.9", "tokio", "tower-service", "tracing", @@ -3657,52 +3657,50 @@ dependencies = [ [[package]] name = "quinn" -version = "0.9.3" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "445cbfe2382fa023c4f2f3c7e1c95c03dcc1df2bf23cebcb2b13e1402c4394d1" +checksum = "21252f1c0fc131f1b69182db8f34837e8a69737b8251dff75636a9be0518c324" dependencies = [ "bytes", "pin-project-lite", "quinn-proto", "quinn-udp", "rustc-hash", - "rustls 0.20.8", + "rustls 0.21.5", "thiserror", "tokio", "tracing", - "webpki 0.22.0", ] [[package]] name = "quinn-proto" -version = "0.9.3" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67c10f662eee9c94ddd7135043e544f3c82fa839a1e7b865911331961b53186c" +checksum = "85af4ed6ee5a89f26a26086e9089a6643650544c025158449a3626ebf72884b3" dependencies = [ "bytes", "rand 0.8.5", "ring", "rustc-hash", - "rustls 0.20.8", + "rustls 0.21.5", "rustls-native-certs", "slab", "thiserror", "tinyvec", "tracing", - "webpki 0.22.0", ] [[package]] name = "quinn-udp" -version = "0.3.2" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "641538578b21f5e5c8ea733b736895576d0fe329bb883b937db6f4d163dbaaf4" +checksum = "6df19e284d93757a9fb91d63672f7741b129246a669db09d1c0063071debc0c0" dependencies = [ + "bytes", "libc", - "quinn-proto", - "socket2", + "socket2 0.5.3", "tracing", - "windows-sys 0.42.0", + "windows-sys 0.48.0", ] [[package]] @@ -4096,6 +4094,17 @@ dependencies = [ "webpki 0.22.0", ] +[[package]] +name = "rustls" +version = "0.21.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79ea77c539259495ce8ca47f53e66ae0330a8819f67e23ac96ca02f50e7b7d36" +dependencies = [ + "ring", + "rustls-webpki", + "sct 0.7.0", +] + [[package]] name = "rustls-native-certs" version = "0.6.1" @@ -4126,6 +4135,16 @@ dependencies = [ "base64 0.13.1", ] +[[package]] +name = "rustls-webpki" +version = "0.101.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15f36a6828982f422756984e47912a7a51dcbc2a197aa791158f8ca61cd8204e" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.13" @@ -4507,6 +4526,16 @@ dependencies = [ "winapi 0.3.9", ] +[[package]] +name = "socket2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + [[package]] name = "soketto" version = "0.7.1" @@ -5187,7 +5216,7 @@ dependencies = [ "rand 0.7.3", "serde", "serde_derive", - "socket2", + "socket2 0.4.9", "solana-logger", "solana-sdk", "solana-version", @@ -5374,9 +5403,8 @@ dependencies = [ "log", "quinn", "quinn-proto", - "quinn-udp", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-connection-cache", "solana-measure", "solana-metrics", @@ -6140,10 +6168,9 @@ dependencies = [ "pkcs8", "quinn", "quinn-proto", - "quinn-udp", "rand 0.7.3", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-metrics", "solana-perf", "solana-sdk", @@ -6269,7 +6296,7 @@ dependencies = [ "rand_chacha 0.2.2", "rayon", "rcgen", - "rustls 0.20.8", + "rustls 0.21.5", "solana-entry", "solana-gossip", "solana-ledger", @@ -6883,7 +6910,7 @@ dependencies = [ "parking_lot 0.12.1", "pin-project-lite", "signal-hook-registry", - "socket2", + "socket2 0.4.9", "tokio-macros", "windows-sys 0.48.0", ] @@ -7636,21 +7663,6 @@ dependencies = [ "windows_x86_64_msvc 0.32.0", ] -[[package]] -name = "windows-sys" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" -dependencies = [ - "windows_aarch64_gnullvm 0.42.2", - "windows_aarch64_msvc 0.42.2", - "windows_i686_gnu 0.42.2", - "windows_i686_msvc 0.42.2", - "windows_x86_64_gnu 0.42.2", - "windows_x86_64_gnullvm 0.42.2", - "windows_x86_64_msvc 0.42.2", -] - [[package]] name = "windows-sys" version = "0.45.0" diff --git a/quic-client/Cargo.toml b/quic-client/Cargo.toml index 28b5b780d1..8f6fcb070c 100644 --- a/quic-client/Cargo.toml +++ b/quic-client/Cargo.toml @@ -18,7 +18,6 @@ lazy_static = { workspace = true } log = { workspace = true } quinn = { workspace = true } quinn-proto = { workspace = true } -quinn-udp = { workspace = true } rcgen = { workspace = true } rustls = { workspace = true, features = ["dangerous_configuration"] } solana-connection-cache = { workspace = true } diff --git a/quic-client/src/nonblocking/quic_client.rs b/quic-client/src/nonblocking/quic_client.rs index 3e9fd27d72..21ee79a443 100644 --- a/quic-client/src/nonblocking/quic_client.rs +++ b/quic-client/src/nonblocking/quic_client.rs @@ -117,7 +117,7 @@ impl QuicLazyInitializedEndpoint { let mut crypto = rustls::ClientConfig::builder() .with_safe_defaults() .with_custom_certificate_verifier(SkipServerVerification::new()) - .with_single_cert( + .with_client_auth_cert( vec![self.client_certificate.certificate.clone()], self.client_certificate.key.clone(), ) @@ -203,7 +203,7 @@ impl QuicNewConnection { } fn create_endpoint(config: EndpointConfig, client_socket: UdpSocket) -> Endpoint { - quinn::Endpoint::new(config, None, client_socket, TokioRuntime) + quinn::Endpoint::new(config, None, client_socket, Arc::new(TokioRuntime)) .expect("QuicNewConnection::create_endpoint quinn::Endpoint::new") } diff --git a/streamer/Cargo.toml b/streamer/Cargo.toml index 0ef27bb405..f85a2942d2 100644 --- a/streamer/Cargo.toml +++ b/streamer/Cargo.toml @@ -25,7 +25,6 @@ percentage = { workspace = true } pkcs8 = { workspace = true, features = ["alloc"] } quinn = { workspace = true } quinn-proto = { workspace = true } -quinn-udp = { workspace = true } rand = { workspace = true } rcgen = { workspace = true } rustls = { workspace = true, features = ["dangerous_configuration"] } diff --git a/streamer/src/nonblocking/quic.rs b/streamer/src/nonblocking/quic.rs index 2f5b9471bb..ecdcb0bc2b 100644 --- a/streamer/src/nonblocking/quic.rs +++ b/streamer/src/nonblocking/quic.rs @@ -98,8 +98,13 @@ pub fn spawn_server( info!("Start {name} quic server on {sock:?}"); let (config, _cert) = configure_server(keypair, gossip_host)?; - let endpoint = Endpoint::new(EndpointConfig::default(), Some(config), sock, TokioRuntime) - .map_err(QuicServerError::EndpointFailed)?; + let endpoint = Endpoint::new( + EndpointConfig::default(), + Some(config), + sock, + Arc::new(TokioRuntime), + ) + .map_err(QuicServerError::EndpointFailed)?; let stats = Arc::::default(); let handle = tokio::spawn(run_server( name, @@ -1132,7 +1137,7 @@ pub mod test { let mut crypto = rustls::ClientConfig::builder() .with_safe_defaults() .with_custom_certificate_verifier(SkipServerVerification::new()) - .with_single_cert(vec![cert], key) + .with_client_auth_cert(vec![cert], key) .expect("Failed to use client certificate"); crypto.enable_early_data = true; @@ -1189,9 +1194,13 @@ pub mod test { client_keypair: Option<&Keypair>, ) -> Connection { let client_socket = UdpSocket::bind("127.0.0.1:0").unwrap(); - let mut endpoint = - quinn::Endpoint::new(EndpointConfig::default(), None, client_socket, TokioRuntime) - .unwrap(); + let mut endpoint = quinn::Endpoint::new( + EndpointConfig::default(), + None, + client_socket, + Arc::new(TokioRuntime), + ) + .unwrap(); let default_keypair = Keypair::new(); endpoint.set_default_client_config(get_client_config( client_keypair.unwrap_or(&default_keypair), @@ -1459,9 +1468,13 @@ pub mod test { let (t, exit, _receiver, server_address, stats) = setup_quic_server(None, 2); let client_socket = UdpSocket::bind("127.0.0.1:0").unwrap(); - let mut endpoint = - quinn::Endpoint::new(EndpointConfig::default(), None, client_socket, TokioRuntime) - .unwrap(); + let mut endpoint = quinn::Endpoint::new( + EndpointConfig::default(), + None, + client_socket, + Arc::new(TokioRuntime), + ) + .unwrap(); let default_keypair = Keypair::new(); endpoint.set_default_client_config(get_client_config(&default_keypair)); let conn1 = endpoint diff --git a/streamer/src/quic.rs b/streamer/src/quic.rs index e64630e36c..fee0db110f 100644 --- a/streamer/src/quic.rs +++ b/streamer/src/quic.rs @@ -6,7 +6,7 @@ use { crossbeam_channel::Sender, pem::Pem, quinn::{Endpoint, IdleTimeout, ServerConfig}, - rustls::{server::ClientCertVerified, Certificate, DistinguishedNames}, + rustls::{server::ClientCertVerified, Certificate, DistinguishedName}, solana_perf::packet::PacketBatch, solana_sdk::{ packet::PACKET_DATA_SIZE, @@ -37,8 +37,8 @@ impl SkipClientVerification { } impl rustls::server::ClientCertVerifier for SkipClientVerification { - fn client_auth_root_subjects(&self) -> Option { - Some(DistinguishedNames::new()) + fn client_auth_root_subjects(&self) -> &[DistinguishedName] { + &[] } fn verify_client_cert( diff --git a/turbine/src/quic_endpoint.rs b/turbine/src/quic_endpoint.rs index a4b753be8d..5568262d64 100644 --- a/turbine/src/quic_endpoint.rs +++ b/turbine/src/quic_endpoint.rs @@ -32,7 +32,7 @@ use { }; const CLIENT_CHANNEL_CAPACITY: usize = 1 << 20; -const INITIAL_MAX_UDP_PAYLOAD_SIZE: u16 = 1280; +const INITIAL_MAXIMUM_TRANSMISSION_UNIT: u16 = 1280; const ALPN_TURBINE_PROTOCOL_ID: &[u8] = b"solana-turbine"; const CONNECT_SERVER_NAME: &str = "solana-turbine"; @@ -95,7 +95,7 @@ pub fn new_quic_endpoint( EndpointConfig::default(), Some(server_config), socket, - TokioRuntime, + Arc::new(TokioRuntime), )? }; endpoint.set_default_client_config(client_config); @@ -132,7 +132,7 @@ fn new_client_config(cert: Certificate, key: PrivateKey) -> Result TransportConfig { config .max_concurrent_bidi_streams(VarInt::from(0u8)) .max_concurrent_uni_streams(VarInt::from(0u8)) - .initial_max_udp_payload_size(INITIAL_MAX_UDP_PAYLOAD_SIZE); + .initial_mtu(INITIAL_MAXIMUM_TRANSMISSION_UNIT); config }