Merge branch 'master' into master

.github/workflows/ci.yml

@@ -29,7 +29,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        rust_version: [ stable, 1.70.0 ]
+        rust_version: [ stable, 1.81.0 ]
         os:
           - ubuntu-latest
           - windows-latest
@@ -85,7 +85,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        rust_version: [ stable, 1.70.0 ]
+        rust_version: [ stable, 1.81.0 ]
         features:
           - bluetooth
           - cable
@@ -107,7 +107,7 @@ jobs:
             rust_version: stable
         exclude:
           - os: windows-latest
-            rust_version: 1.70.0
+            rust_version: 1.79.0
 
     runs-on: ${{ matrix.os }}
     steps:
@@ -261,4 +261,4 @@ jobs:
           triplet: x64-windows-static-md
           token: ${{ github.token }}
 
-      - run: cargo build -p actix_web -p web_authn -p tide-server
+      - run: cargo build -p actix_tutorial -p axum_tutorial -p tide_tutorial

Cargo.toml

@@ -1,4 +1,14 @@
-
+[workspace.package]
+version = "0.5.1"
+authors = [
+    "William Brown <[email protected]>",
+    "Michael Farrell <[email protected]>",
+]
+rust-version = "1.81"
+edition = "2021"
+repository = "https://github.com/kanidm/webauthn-rs"
+homepage = "https://github.com/kanidm/webauthn-rs"
+license = "MPL-2.0"
 
 [workspace]
 resolver = "2"
@@ -42,44 +52,48 @@ members = [
 ]
 
 # Due to --cfg=web_sys_unstable_apis
-exclude = ["compat_tester/webauthn-rs-demo-wasm"]
+exclude = ["compat_tester/webauthn-rs-demo-wasm", "tutorial/wasm"]
 
 [workspace.dependencies]
 # These are in release/dependency order.
-base64urlsafedata = { path = "./base64urlsafedata", version = "0.5.0" }
-fido-hid-rs = { path = "./fido-hid-rs", version = "0.5.0" }
-webauthn-attestation-ca = { path = "./attestation-ca", version = "0.5.0" }
-webauthn-rs-proto = { path = "./webauthn-rs-proto", version = "0.5.0" }
-fido-mds = { path = "./fido-mds", version = "0.5.0" }
-webauthn-rs-core = { path = "./webauthn-rs-core", version = "0.5.0" }
-webauthn-rs = { path = "./webauthn-rs", version = "0.5.0" }
-webauthn-authenticator-rs = { path = "./webauthn-authenticator-rs", version = "0.5.0" }
+base64urlsafedata = { path = "./base64urlsafedata", version = "=0.5.1" }
+fido-hid-rs = { path = "./fido-hid-rs", version = "=0.5.1" }
+webauthn-attestation-ca = { path = "./attestation-ca", version = "=0.5.1" }
+webauthn-rs-proto = { path = "./webauthn-rs-proto", version = "=0.5.1" }
+fido-mds = { path = "./fido-mds", version = "=0.5.1" }
+webauthn-rs-core = { path = "./webauthn-rs-core", version = "=0.5.1" }
+webauthn-rs = { path = "./webauthn-rs", version = "=0.5.1" }
+webauthn-authenticator-rs = { path = "./webauthn-authenticator-rs", version = "=0.5.1" }
 
 # Currently un-released
 cable-tunnel-server-common = { path = "./cable-tunnel-server/common", version = "0.1.0" }
 webauthn-rs-device-catalog = { path = "./device-catalog" }
 
 async-std = { version = "1.6", features = ["attributes"] }
+anyhow = "1.0"
 base64 = "0.21"
-clap = { version = "=4.4.18", features = ["derive", "env"] }
-compact_jwt = "0.2.3"
+clap = { version = "^4.5", features = ["derive", "env"] }
+compact_jwt = "0.4.2"
 futures = "^0.3.25"
 hex = "0.4.3"
 http = "^0.2.9"
-http-body = "=1.0.0-rc.2"
-http-body-util = "=0.1.0-rc.2"
-hyper = { version = "=1.0.0-rc.3", default-features = false, features = [
-    "http1",
-] }
+http-body = "1.0.1"
+http-body-util = "0.1.2"
+hyper = { version = "1.5.1", default-features = false, features = ["http1"] }
+hyper-util = { version = "0.1.10", features = ["tokio"] }
 nom = "7.1"
 peg = "0.8.1"
 openssl = "^0.10.56"
+
 rand = "0.8"
 rand_chacha = "0.3.1"
+reqwest = { version = "0.12", default-features = false, features = [
+    "rustls-tls-native-roots",
+] }
+
 serde = { version = "^1.0.141", features = ["derive"] }
 serde_cbor_2 = { version = "0.12.0-dev" }
 serde_json = "^1.0.79"
-tide = "0.16"
 thiserror = "^1.0.37"
 tokio = { version = "1.22.0", features = [
     "sync",
@@ -91,14 +105,15 @@ tokio = { version = "1.22.0", features = [
 ] }
 tokio-native-tls = "^0.3.1"
 tokio-stream = { version = "0.1", features = ["sync"] }
-tokio-tungstenite = { version = "^0.18.0", features = ["native-tls"] }
+tokio-tungstenite = { version = "^0.24.0", features = ["native-tls"] }
 tracing = "^0.1.35"
 tracing-subscriber = { version = "0.3", features = [
     "env-filter",
     "std",
     "fmt",
 ] }
-tungstenite = { version = "^0.18.0", default-features = false, features = [
+tracing-log = { version = "0.2.0" }
+tungstenite = { version = "^0.24.0", default-features = false, features = [
     "handshake",
 ] }
 url = "2"

attestation-ca/Cargo.toml

@@ -1,13 +1,16 @@
 [package]
 name = "webauthn-attestation-ca"
-version = "0.5.0"
-edition = "2021"
-rust-version = "1.70.0"
-repository = "https://github.com/kanidm/webauthn-rs"
-license = "MPL-2.0"
 readme = "README.md"
 description = "Webauthn Attestation CA Descriptions"
 
+version = { workspace = true }
+authors = { workspace = true }
+rust-version = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+homepage = { workspace = true }
+repository = { workspace = true }
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]

authenticator-cli/Cargo.toml

@@ -1,18 +1,21 @@
 [package]
 name = "authenticator-cli"
-version = "0.5.0"
-edition = "2021"
-rust-version = "1.70.0"
-repository = "https://github.com/kanidm/webauthn-rs"
-license = "MPL-2.0"
 readme = "README.md"
 description = "Webauthn Authenticator Management Tool"
 
+version = { workspace = true }
+authors = { workspace = true }
+rust-version = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+homepage = { workspace = true }
+repository = { workspace = true }
+
 [dependencies]
 
 authenticator = { version = "0.3.2-dev.1", default-features = false, features = ["crypto_openssl"], package = "authenticator-ctap2-2021" }
 clap.workspace = true
 
 tracing.workspace = true
 tracing-subscriber.workspace = true
-tracing-log = { version = "0.1.3" }
+tracing-log.workspace = true

base64urlsafedata/Cargo.toml

@@ -1,16 +1,18 @@
 [package]
 name = "base64urlsafedata"
-version = "0.5.0"
-authors = ["William Brown <[email protected]>"]
-edition = "2021"
-rust-version = "1.70.0"
 description = "Base 64 Url Safe wrapper for Serde"
-repository = "https://github.com/kanidm/webauthn-rs"
 keywords = ["base64", "serde"]
 categories = ["web-programming"]
-license = "MPL-2.0"
 readme = "README.md"
 
+version = { workspace = true }
+authors = { workspace = true }
+rust-version = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+homepage = { workspace = true }
+repository = { workspace = true }
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]

cable-tunnel-server/backend/Cargo.toml

@@ -20,6 +20,7 @@ hex.workspace = true
 http-body.workspace = true
 http-body-util.workspace = true
 hyper = { workspace = true, features = ["server"] }
+hyper-util.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
 tokio-native-tls.workspace = true

cable-tunnel-server/backend/src/main.rs

@@ -14,6 +14,7 @@ use hyper::{
     upgrade::Upgraded,
     Request, Response, StatusCode,
 };
+use hyper_util::rt::tokio::TokioIo;
 use tokio::{
     select,
     sync::{
@@ -202,7 +203,7 @@ impl CableError {
 #[instrument(level = "info", skip_all, err, fields(addr = addr.to_string()))]
 async fn handle_websocket(
     state: Arc<ServerState>,
-    mut ws_stream: WebSocketStream<Upgraded>,
+    mut ws_stream: WebSocketStream<TokioIo<Upgraded>>,
     tx: Tx,
     mut rx: Rx,
     addr: SocketAddr,
@@ -383,6 +384,7 @@ async fn handle_request(
 
         match hyper::upgrade::on(&mut req).await {
             Ok(upgraded) => {
+                let upgraded = TokioIo::new(upgraded);
                 let ws_stream =
                     WebSocketStream::from_raw_socket(upgraded, Role::Server, config).await;
                 handle_websocket(ss, ws_stream, tx, rx, addr).await.ok();

cable-tunnel-server/common/Cargo.toml

@@ -16,6 +16,7 @@ hex.workspace = true
 http-body.workspace = true
 http-body-util.workspace = true
 hyper = { workspace = true, features = ["server"] }
+hyper-util.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
 tokio-native-tls.workspace = true

cable-tunnel-server/common/src/lib.rs

@@ -322,10 +322,10 @@ pub async fn run_server<F, R, ResBody, T>(
     bind_address: SocketAddr,
     tls_acceptor: Option<TlsAcceptor>,
     server_state: T,
-    mut request_handler: F,
+    request_handler: F,
 ) -> Result<(), Box<dyn StdError>>
 where
-    F: FnMut(Arc<T>, SocketAddr, Request<Incoming>) -> R + Copy + Send + Sync + 'static,
+    F: Fn(Arc<T>, SocketAddr, Request<Incoming>) -> R + Copy + Send + Sync + 'static,
     R: Future<Output = Result<Response<ResBody>, Infallible>> + Send,
     ResBody: Body + Send + 'static,
     <ResBody as Body>::Error: Into<Box<dyn StdError + Send + Sync>>,
@@ -362,6 +362,7 @@ where
                         }
                     },
                 };
+                let stream = hyper_util::rt::tokio::TokioIo::new(stream);
 
                 let conn =
                     hyper::server::conn::http1::Builder::new().serve_connection(stream, service);

cable-tunnel-server/frontend/Cargo.toml

@@ -18,6 +18,7 @@ clap.workspace = true
 hex.workspace = true
 http-body-util.workspace = true
 hyper = { workspace = true, features = ["client", "server"] }
+hyper-util.workspace = true
 tokio.workspace = true
 tokio-native-tls.workspace = true
 tokio-tungstenite.workspace = true

cable-tunnel-server/frontend/src/main.rs

@@ -14,7 +14,8 @@ use hyper::{
 };
 
 use cable_tunnel_server_common::*;
-use tokio::{io::AsyncWriteExt, net::TcpStream, sync::RwLock};
+use hyper_util::rt::TokioIo;
+use tokio::{io::AsyncWriteExt as _, net::TcpStream, sync::RwLock};
 use tokio_native_tls::TlsConnector;
 use tokio_tungstenite::MaybeTlsStream;
 
@@ -199,6 +200,7 @@ async fn handle_request(
             }
         }
     };
+    let backend_socket = TokioIo::new(backend_socket);
 
     let (mut sender, conn) = match hyper::client::conn::http1::handshake(backend_socket).await {
         Ok(v) => v,
@@ -239,22 +241,24 @@ async fn handle_request(
     // Set up the "upgrade" handler to connect the two sockets together
     tokio::task::spawn(async move {
         // Upgrade the connection to the backend
-        let mut backend_upgraded = match hyper::upgrade::on(&mut backend_res).await {
+        let backend_upgraded = match hyper::upgrade::on(&mut backend_res).await {
             Ok(u) => u,
             Err(e) => {
                 error!("failure upgrading connection to backend: {e}");
                 return;
             }
         };
+        let mut backend_upgraded = TokioIo::new(backend_upgraded);
 
         // Upgrade the connection from the client
-        let mut client_upgraded = match hyper::upgrade::on(&mut req).await {
+        let client_upgraded = match hyper::upgrade::on(&mut req).await {
             Ok(u) => u,
             Err(e) => {
                 error!("failure upgrading connection to client: {e}");
                 return;
             }
         };
+        let mut client_upgraded = TokioIo::new(client_upgraded);
 
         // Connect the two streams together directly.
         match tokio::io::copy_bidirectional(&mut backend_upgraded, &mut client_upgraded).await {

compat_tester/webauthn-rs-demo-shared/Cargo.toml

@@ -2,7 +2,6 @@
 name = "webauthn-rs-demo-shared"
 version = "0.1.0"
 edition = "2021"
-rust-version = "1.70.0"
 
 [features]
 core = ["webauthn-rs-core"]

compat_tester/webauthn-rs-demo-wasm/Cargo.toml

@@ -3,7 +3,6 @@ name = "webauthn_rs_demo_wasm"
 version = "0.1.0"
 authors = ["William Brown <[email protected]>"]
 edition = "2021"
-rust-version = "1.70.0"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 [lib]

compat_tester/webauthn-rs-demo/Cargo.toml

@@ -3,7 +3,6 @@ name = "webauthn-rs-demo"
 version = "0.1.0"
 authors = ["William Brown <[email protected]>"]
 edition = "2021"
-rust-version = "1.70.0"
 build = "build.rs"
 
 description = "Webauthn Demonstration Server"
@@ -16,7 +15,7 @@ webauthn-rs-demo-shared = { path = "../webauthn-rs-demo-shared", features = ["co
 webauthn-rs-core.workspace = true
 webauthn-rs = { workspace = true, features = ["conditional-ui", "attestation", "resident-key-support", "danger-allow-state-serialisation"] }
 
-tide.workspace = true
+tide = "0.16"
 tokio.workspace = true
 
 structopt = { version = "0.3", default-features = false }
@@ -29,7 +28,7 @@ serde.workspace = true
 
 webauthn-rs-device-catalog =  { workspace = true }
 fido-mds = { workspace = true }
-reqwest = "0.11"
+reqwest = { version = "0.12", default-features = false, features = [ "rustls-tls-native-roots" ] }
 
 [dependencies.tide-openssl]
 git = "https://github.com/victorcwai/tide-openssl.git"

compat_tester/webauthn-rs-demo/src/actors.rs

@@ -44,9 +44,9 @@ pub enum TypedCredential {
 }
 
 pub struct WebauthnActor {
-    pub rp_name: String,
-    pub rp_id: String,
-    pub rp_origin: Url,
+    // pub rp_name: String,
+    // pub rp_id: String,
+    // pub rp_origin: Url,
     /// Used for testing with compat.
     wan: WebauthnCore,
     /// For demoing the simple cases.
@@ -81,9 +81,9 @@ impl WebauthnActor {
             .expect("Failed to build swan");
 
         WebauthnActor {
-            rp_name,
-            rp_id,
-            rp_origin,
+            // rp_name,
+            // rp_id,
+            // rp_origin,
             wan,
             swan,
             device_cat_strict,