Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update to rcgen 0.13 #17

Merged
merged 2 commits into from
Nov 18, 2024
Merged

chore(deps): update to rcgen 0.13 #17

merged 2 commits into from
Nov 18, 2024

Conversation

dignifiedquire
Copy link
Contributor

No description provided.

@dignifiedquire dignifiedquire mentioned this pull request Nov 15, 2024
Merged
8 tasks
@matheus23
Copy link
Member

Really not looking forward to testing this again

matheus23
matheus23 reviewed Nov 15, 2024
View reviewed changes
Cargo.toml
@@ -25,11 +28,15 @@ x509-parser = "0.16"
chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
async-trait = "0.1.53"
rustls = { version = "0.23", default-features = false, features = ["ring"] }
time = "0.3.36" # force the transitive dependency to a more recent minimal version. The build fails with 0.3.20
time = "0.3.36" # force the transitive dependency to a more recent minimal version. The build fails with 0.3.20
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

? :D What did your formatter do?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no idea..

matheus23
matheus23 reviewed Nov 15, 2024
View reviewed changes
Copy link
Member

@matheus23 matheus23 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm so glad all the infra is still kicking around from... checks notes August 6th?

LMAO philipp.iroh.link has been running for like, 4 months nonstop.

Anyways.

Looks like there's some issues when I try to run cargo run --features=axum --example high_level -- -d philipp.iroh.link --prod:

Logs of failed attempt 
2024-11-15T14:54:25.351Z INFO  [tokio_rustls_acme::caches::no] no cert cache configured, could not load certificate
2024-11-15T14:54:25.351Z INFO  [tokio_rustls_acme::caches::no] no account cache configured, could not load account
2024-11-15T14:54:25.351Z INFO  [tokio_rustls_acme::caches::no] no account cache configured, could not store account
2024-11-15T14:54:25.352Z INFO  [tokio_rustls_acme::incoming] event: AccountCacheStore
2024-11-15T14:54:28.355Z INFO  [tokio_rustls_acme::state] trigger challenge for philipp.iroh.link
2024-11-15T14:54:29.869Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:30.279Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:30.427Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:30.803Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:31.076Z INFO  [tokio_rustls_acme::state] authorization for philipp.iroh.link still pending
2024-11-15T14:54:32.358Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:32.775Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:33.153Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:33.412Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:34.821Z INFO  [tokio_rustls_acme::state] completed all authorizations
2024-11-15T14:54:35.699Z INFO  [tokio_rustls_acme::state] sending csr
2024-11-15T14:54:37.028Z INFO  [tokio_rustls_acme::state] download certificate
2024-11-15T14:54:37.822Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)
2024-11-15T14:54:40.026Z INFO  [tokio_rustls_acme::state] sending csr
2024-11-15T14:54:40.577Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:54:41.657Z INFO  [tokio_rustls_acme::state] download certificate
2024-11-15T14:54:42.453Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)
2024-11-15T14:54:44.655Z INFO  [tokio_rustls_acme::state] sending csr
2024-11-15T14:54:45.746Z INFO  [tokio_rustls_acme::state] download certificate
2024-11-15T14:54:46.620Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)
2024-11-15T14:54:48.800Z INFO  [tokio_rustls_acme::state] sending csr
2024-11-15T14:54:49.296Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:54:49.309Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: InvalidMessage(InvalidContentType) }
2024-11-15T14:54:49.446Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:54:49.613Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: InvalidMessage(InvalidContentType) }
2024-11-15T14:54:52.231Z INFO  [tokio_rustls_acme::state] download certificate
2024-11-15T14:54:53.104Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)
2024-11-15T14:54:55.261Z INFO  [tokio_rustls_acme::state] sending csr
2024-11-15T14:54:56.792Z INFO  [tokio_rustls_acme::state] download certificate
2024-11-15T14:54:57.655Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)
2024-11-15T14:54:59.784Z ERROR [tokio_rustls_acme::incoming] event: Order(Acme(HttpRequest(Non2xxStatus { status_code: 429, body: "{\n  \"type\": \"urn:ietf:params:acme:error:rateLimited\",\n  \"detail\": \"too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2024-11-17 01:18:26 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames\",\n  \"status\": 429\n}" })))
2024-11-15T14:55:03.000Z ERROR [tokio_rustls_acme::incoming] event: Order(Acme(HttpRequest(Non2xxStatus { status_code: 429, body: "{\n  \"type\": \"urn:ietf:params:acme:error:rateLimited\",\n  \"detail\": \"too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2024-11-17 01:14:44 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames\",\n  \"status\": 429\n}" })))
2024-11-15T14:55:07.197Z ERROR [tokio_rustls_acme::incoming] event: Order(Acme(HttpRequest(Non2xxStatus { status_code: 429, body: "{\n  \"type\": \"urn:ietf:params:acme:error:rateLimited\",\n  \"detail\": \"too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2024-11-17 00:48:35 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames\",\n  \"status\": 429\n}" })))
2024-11-15T14:55:12.440Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:55:13.286Z ERROR [tokio_rustls_acme::incoming] event: Order(Acme(HttpRequest(Non2xxStatus { status_code: 429, body: "{\n  \"type\": \"urn:ietf:params:acme:error:rateLimited\",\n  \"detail\": \"too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2024-11-17 00:41:46 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames\",\n  \"status\": 429\n}" })))
2024-11-15T14:55:23.423Z ERROR [tokio_rustls_acme::incoming] event: Order(Acme(HttpRequest(Non2xxStatus { status_code: 429, body: "{\n  \"type\": \"urn:ietf:params:acme:error:rateLimited\",\n  \"detail\": \"too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2024-11-17 01:06:00 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames\",\n  \"status\": 429\n}" })))
2024-11-15T14:55:25.173Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:55:28.957Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }

But even when I'm on main (and without --prod) there seem to be some issues:

Logs of git switch main && cargo run --features=axum --example high_level -- -d philipp.iroh.link 
2024-11-15T14:58:56.656Z INFO  [tokio_rustls_acme::caches::no] no cert cache configured, could not load certificate
2024-11-15T14:58:56.657Z INFO  [tokio_rustls_acme::caches::no] no account cache configured, could not load account
2024-11-15T14:58:56.657Z INFO  [tokio_rustls_acme::caches::no] no account cache configured, could not store account
2024-11-15T14:58:56.657Z INFO  [tokio_rustls_acme::incoming] event: AccountCacheStore
2024-11-15T14:58:58.365Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:58:59.706Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: InvalidData, error: General("no server certificate chain resolved") }
2024-11-15T14:58:59.772Z INFO  [tokio_rustls_acme::state] trigger challenge for philipp.iroh.link
2024-11-15T14:58:59.972Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: UnexpectedEof, error: "tls handshake eof" }
2024-11-15T14:59:01.397Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:01.523Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:01.657Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:01.854Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:02.127Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:02.547Z INFO  [tokio_rustls_acme::state] authorization for philipp.iroh.link still pending
2024-11-15T14:59:02.597Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:02.674Z ERROR [tokio_rustls_acme::incoming] tls accept failed, Custom { kind: UnexpectedEof, error: "tls handshake eof" }
2024-11-15T14:59:03.729Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:04.173Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:04.745Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:06.294Z INFO  [tokio_rustls_acme::state] authorization for philipp.iroh.link still pending
2024-11-15T14:59:07.808Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:07.908Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request
2024-11-15T14:59:08.333Z INFO  [tokio_rustls_acme::incoming] received TLS-ALPN-01 validation request

@matheus23
Copy link
Member

Without --prod on this branch, I, too, get 2024-11-15T15:02:43.935Z ERROR [tokio_rustls_acme::incoming] event: NewCertParse(InvalidPrivateKey)

matheus23
matheus23 approved these changes Nov 15, 2024
View reviewed changes
Copy link
Member

@matheus23 matheus23 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, this fixes the issue :)

Arqu
Arqu approved these changes Nov 15, 2024
View reviewed changes
Copy link
Contributor

@Arqu Arqu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Odd formatting changes aside, this is way better than I expected :)

github-merge-queue bot pushed a commit to n0-computer/iroh that referenced this pull request Nov 15, 2024
@dignifiedquire
chore(deps): upgrade rcgen to 0.13 (#2934)
38bfe5e 
## Description

Some breaking changes in rcgen, but all pretty straightforward.

- [x] `iroh-net`
- [x] `iroh-relay`
- [x] `iroh-net-bench`
- [x] `iroh-dns-server`

`rcgen` changelog:
https://github.com/rustls/rcgen/blob/main/rcgen/CHANGELOG.md#release-0130---march-28th-2024

The last remaining `0.12` usage, will be gone after this is released:
n0-computer/tokio-rustls-acme#17

## Breaking Changes

None

## Notes & open questions

<!-- Any notes, remarks or open questions you have to make about the PR.
-->

## Change checklist

- [ ] Self-review.
- [ ] Documentation updates following the [style
guide](https://rust-lang.github.io/rfcs/1574-more-api-documentation-conventions.html#appendix-a-full-conventions-text),
if relevant.
- [ ] Tests if relevant.
- [ ] All breaking changes documented.
@dignifiedquire dignifiedquire merged commit 178c506 into main Nov 18, 2024
7 checks passed
@dignifiedquire dignifiedquire deleted the chore-rcgen-13 branch November 18, 2024 10:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matheus23 matheus23 matheus23 approved these changes

@Arqu Arqu Arqu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dignifiedquire @matheus23 @Arqu