Bug#1098848: marked as done (rust-tonic upcoming rustls-pemfile update)

Sat, 15 Mar 2025 12:24:20 -0700 

Your message dated Sat, 15 Mar 2025 19:21:43 +0000
with message-id <[email protected]>
and subject line Bug#1098848: fixed in rust-tonic 0.12.3+dfsg-1
has caused the Debian Bug report #1098848,
regarding rust-tonic upcoming rustls-pemfile update
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1098848: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098848
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: rust-tonic

I hope to update rust-rustls-pemfile to version 2 soon. I have prepared
a patch for rust-tonic.

Unfortunately, the rust-tonic package can't be built in a clean sid
environment right now due to a dependency on an old version of axum.
but I tested in an environment with the axum package from trixie and
it built and passed tests succesfully.

diff -Nru rust-tonic-0.10.2+dfsg/debian/changelog 
rust-tonic-0.10.2+dfsg/debian/changelog
--- rust-tonic-0.10.2+dfsg/debian/changelog     2025-02-19 18:57:45.000000000 
+0000
+++ rust-tonic-0.10.2+dfsg/debian/changelog     2025-02-25 03:13:13.000000000 
+0000
@@ -1,3 +1,10 @@
+rust-tonic (0.10.2+dfsg-12.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch for rustls-pemfile 2.
+
+ -- Peter Michael Green <[email protected]>  Tue, 25 Feb 2025 03:13:13 +0000
+
 rust-tonic (0.10.2+dfsg-12) unstable; urgency=medium
 
   * skip checking test max_message_send_size,
diff -Nru rust-tonic-0.10.2+dfsg/debian/control 
rust-tonic-0.10.2+dfsg/debian/control
--- rust-tonic-0.10.2+dfsg/debian/control       2025-02-19 15:21:54.000000000 
+0000
+++ rust-tonic-0.10.2+dfsg/debian/control       2025-02-25 02:19:08.000000000 
+0000
@@ -34,7 +34,7 @@
  librust-rand-0.8+default-dev,
  librust-rustls-0.21+default-dev,
  librust-rustls-native-certs-0.6+default-dev,
- librust-rustls-pemfile-1+default-dev,
+ librust-rustls-pemfile-2+default-dev,
  librust-static-assertions-1+default-dev,
  librust-syn-2+default-dev,
  librust-tokio-1+default-dev,
@@ -111,7 +111,7 @@
  librust-prost-0.12+default-dev,
  librust-rustls-0.21+default-dev,
  librust-rustls-native-certs-0.6+default-dev,
- librust-rustls-pemfile-1+default-dev,
+ librust-rustls-pemfile-2+default-dev,
  librust-tokio-1+default-dev,
  librust-tokio-1+macros-dev,
  librust-tokio-1+net-dev,
diff -Nru rust-tonic-0.10.2+dfsg/debian/patches/2006_rustls-pemfile.patch 
rust-tonic-0.10.2+dfsg/debian/patches/2006_rustls-pemfile.patch
--- rust-tonic-0.10.2+dfsg/debian/patches/2006_rustls-pemfile.patch     
1970-01-01 00:00:00.000000000 +0000
+++ rust-tonic-0.10.2+dfsg/debian/patches/2006_rustls-pemfile.patch     
2025-02-25 03:10:29.000000000 +0000
@@ -0,0 +1,164 @@
+Description: update rustls-pemfile to version 2
+ changes in tonic crate were based on
+ 
https://github.com/hyperium/tonic/commit/23106dd76882a4ffbf2d3ac59c9c403518e429c9
+
+ changes in example crate were based on 
+ 
https://github.com/hyperium/tonic/commit/32c91838122eaaab076b2c4606751a680afe5b46
+ which was squash-merged as part of
+ 
https://github.com/hyperium/tonic/commit/9c1f2f9402d97cfa4c9d9065b5af2fb99d2ef521
+
+ changes in both crates were adapted for use with the debian packaged version 
of
+ tonic by Peter Michael green.
+Author: Peter Michael Green <[email protected]>
+Author: Ivan Krivosheev <[email protected]>
+Author: Alex Rudy <[email protected]>
+Author: tottoto <[email protected]>
+Forwarded: not-needed
+Last-Update: 2025-02-25
+
+Index: rust-tonic-0.10.2+dfsg/examples/Cargo.toml
+===================================================================
+--- rust-tonic-0.10.2+dfsg.orig/examples/Cargo.toml
++++ rust-tonic-0.10.2+dfsg/examples/Cargo.toml
+@@ -332,7 +332,7 @@ bytes = { version = "1", optional = true
+ h2 = { version = ">= 0.3, <= 0.4", optional = true }
+ tokio-rustls = { version = "0.24.0", optional = true }
+ hyper-rustls = { version = "0.24.0", features = ["http2"], optional = true }
+-rustls-pemfile = { version = "1", optional = true }
++rustls-pemfile = { version = "2", optional = true }
+ tower-http = { version = "0.4", optional = true }
+ 
+ [build-dependencies]
+Index: rust-tonic-0.10.2+dfsg/tonic/Cargo.toml
+===================================================================
+--- rust-tonic-0.10.2+dfsg.orig/tonic/Cargo.toml
++++ rust-tonic-0.10.2+dfsg/tonic/Cargo.toml
+@@ -73,7 +73,7 @@ axum = {version = "0.6.9", default_featu
+ 
+ # rustls
+ async-stream = { version = "0.3", optional = true }
+-rustls-pemfile = { version = "1.0", optional = true }
++rustls-pemfile = { version = "2.0", optional = true }
+ rustls-native-certs = { version = "0.6.3", optional = true }
+ tokio-rustls = { version = "0.24.1", optional = true }
+ rustls = { version = "0.21.7", optional = true }
+Index: rust-tonic-0.10.2+dfsg/tonic/src/transport/service/tls.rs
+===================================================================
+--- rust-tonic-0.10.2+dfsg.orig/tonic/src/transport/service/tls.rs
++++ rust-tonic-0.10.2+dfsg/tonic/src/transport/service/tls.rs
+@@ -179,9 +179,9 @@ mod rustls_keys {
+     ) -> Result<PrivateKey, crate::Error> {
+         while let Ok(Some(item)) = rustls_pemfile::read_one(&mut cursor) {
+             match item {
+-                rustls_pemfile::Item::RSAKey(key)
+-                | rustls_pemfile::Item::PKCS8Key(key)
+-                | rustls_pemfile::Item::ECKey(key) => return 
Ok(PrivateKey(key)),
++                rustls_pemfile::Item::Pkcs1Key(key) => return 
Ok(PrivateKey(key.secret_pkcs1_der().to_vec())),
++                rustls_pemfile::Item::Pkcs8Key(key) => return 
Ok(PrivateKey(key.secret_pkcs8_der().to_vec())),
++                rustls_pemfile::Item::Sec1Key(key)  => return 
Ok(PrivateKey(key.secret_sec1_der().to_vec())),
+                 _ => continue,
+             }
+         }
+@@ -193,36 +193,29 @@ mod rustls_keys {
+     pub(crate) fn load_identity(
+         identity: Identity,
+     ) -> Result<(Vec<Certificate>, PrivateKey), crate::Error> {
+-        let cert = {
+-            let mut cert = std::io::Cursor::new(identity.cert.as_ref());
+-            match rustls_pemfile::certs(&mut cert) {
+-                Ok(certs) => certs.into_iter().map(Certificate).collect(),
+-                Err(_) => return 
Err(Box::new(TlsError::CertificateParseError)),
+-            }
+-        };
++        let cert = rustls_pemfile::certs(&mut Cursor::new(identity.cert))
++            .map(|result| result.map(|cert| Certificate(cert.to_vec())))
++            .collect::<Result<Vec<_>, _>>()
++            .map_err(|_| TlsError::CertificateParseError)?;
+ 
+-        let key = {
+-            let key = std::io::Cursor::new(identity.key.as_ref());
+-            match load_rustls_private_key(key) {
+-                Ok(key) => key,
+-                Err(e) => {
+-                    return Err(e);
+-                }
+-            }
++        let Ok(Some(key)) = rustls_pemfile::private_key(&mut 
Cursor::new(identity.key)) else {
++            return Err(Box::new(TlsError::PrivateKeyParseError));
+         };
+ 
+-        Ok((cert, key))
++        Ok((cert, PrivateKey(key.secret_der().to_vec())))
+     }
+ 
+     pub(crate) fn add_certs_from_pem(
+         mut certs: Cursor<&[u8]>,
+         roots: &mut RootCertStore,
+     ) -> Result<(), crate::Error> {
+-        let (_, ignored) = 
roots.add_parsable_certificates(&rustls_pemfile::certs(&mut certs)?);
+-        match ignored == 0 {
+-            true => Ok(()),
+-            false => Err(Box::new(TlsError::CertificateParseError)),
++
++        for cert in rustls_pemfile::certs(&mut 
certs).collect::<Result<Vec<_>, _>>()? {
++            roots
++                .add(&Certificate(cert.to_vec()))
++                .map_err(|_| TlsError::CertificateParseError)?;
+         }
++        Ok(())
+     }
+ }
+ 
+Index: rust-tonic-0.10.2+dfsg/examples/src/tls_rustls/client.rs
+===================================================================
+--- rust-tonic-0.10.2+dfsg.orig/examples/src/tls_rustls/client.rs
++++ rust-tonic-0.10.2+dfsg/examples/src/tls_rustls/client.rs
+@@ -19,7 +19,7 @@ async fn main() -> Result<(), Box<dyn st
+     let mut roots = RootCertStore::empty();
+ 
+     let mut buf = std::io::BufReader::new(&fd);
+-    let certs = rustls_pemfile::certs(&mut buf)?;
++    let certs = rustls_pemfile::certs(&mut buf).collect::<Result<Vec<_>, 
_>>()?;
+     roots.add_parsable_certificates(&certs);
+ 
+     let tls = ClientConfig::builder()
+Index: rust-tonic-0.10.2+dfsg/examples/src/tls_rustls/server.rs
+===================================================================
+--- rust-tonic-0.10.2+dfsg.orig/examples/src/tls_rustls/server.rs
++++ rust-tonic-0.10.2+dfsg/examples/src/tls_rustls/server.rs
+@@ -19,19 +19,21 @@ async fn main() -> Result<(), Box<dyn st
+     let certs = {
+         let fd = std::fs::File::open(data_dir.join("tls/server.pem"))?;
+         let mut buf = std::io::BufReader::new(&fd);
+-        rustls_pemfile::certs(&mut buf)?
++        rustls_pemfile::certs(&mut buf).collect::<Result<Vec<_>, _>>()?
+             .into_iter()
+-            .map(Certificate)
++            .map(|cert| Certificate(cert.to_vec()))
+             .collect()
+     };
+     let key = {
+         let fd = std::fs::File::open(data_dir.join("tls/server.key"))?;
+         let mut buf = std::io::BufReader::new(&fd);
+-        rustls_pemfile::pkcs8_private_keys(&mut buf)?
++        let key = rustls_pemfile::pkcs8_private_keys(&mut buf)
+             .into_iter()
+-            .map(PrivateKey)
+             .next()
+-            .unwrap()
++            .unwrap()?
++            .clone_key();
++
++        key
+ 
+         // let key = std::fs::read(data_dir.join("tls/server.key"))?;
+         // PrivateKey(key)
+@@ -40,7 +42,7 @@ async fn main() -> Result<(), Box<dyn st
+     let mut tls = ServerConfig::builder()
+         .with_safe_defaults()
+         .with_no_client_auth()
+-        .with_single_cert(certs, key)?;
++        .with_single_cert(certs, 
PrivateKey(key.secret_pkcs8_der().to_vec()))?;
+     tls.alpn_protocols = vec![b"h2".to_vec()];
+ 
+     let server = EchoServer::default();
diff -Nru rust-tonic-0.10.2+dfsg/debian/patches/series 
rust-tonic-0.10.2+dfsg/debian/patches/series
--- rust-tonic-0.10.2+dfsg/debian/patches/series        2025-02-19 
15:21:54.000000000 +0000
+++ rust-tonic-0.10.2+dfsg/debian/patches/series        2025-02-25 
01:47:50.000000000 +0000
@@ -6,3 +6,4 @@
 2003_no_bench.patch
 2004_no_warp.patch
 2005_no_interop.patch
+2006_rustls-pemfile.patch

--- End Message ---
--- Begin Message --- 
Source: rust-tonic
Source-Version: 0.12.3+dfsg-1
Done: Jonas Smedegaard <[email protected]>

We believe that the bug you reported is fixed in the latest version of
rust-tonic, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Smedegaard <[email protected]> (supplier of updated rust-tonic package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 15 Mar 2025 19:19:00 +0100
Source: rust-tonic
Architecture: source
Version: 0.12.3+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Jonas Smedegaard <[email protected]>
Changed-By: Jonas Smedegaard <[email protected]>
Closes: 1069180 1092989 1098848 1098897
Changes:
 rust-tonic (0.12.3+dfsg-1) unstable; urgency=medium
 .
   [ upstream ]
   * new release(s);
     closes: bug#1069180, #1092989,
     thanks to Reinhard Tartler and Maytham Alsudany
 .
   [ Jonas Smedegaard ]
   * bump project versions in virtual packages and autopkgtests
   * update and unfuzz patches
   * bump (build-)dependencies
     for crates axum http http-body hyper hyper-timeout
     rustls-pemfile tokio-rustls;
     bump build- and autopkgtest-dependencies for crate tower-http;
     tighten (build-)dependencies for crates h2 tokio tokio-stream;
     (build-)depend on packages
     for crates http-body-util hyper-util socket2 zstd;
     build- and autopkgtest-depend on package for crate paste;
     relax (build-)dependencies for crate rustls-native-certs;
     relax (build-dependencies for crate tracing-subscriber;
     stop build-depend on packages
     for crates console hyper-rustls listenfd pico-args rustls;
     provide and autopkgtest
     features router server tls-native-roots zstd (not roots-common);
     closes: bug#1098848, #1098897,
     thanks to Peter Michael Green and Reinhard Tartler
   * skip broken test skip_debug
Checksums-Sha1:
 f51625dc68df42a67b48b8b7ef7410f5c7ba5860 5523 rust-tonic_0.12.3+dfsg-1.dsc
 e1cf2a4686c9917fb63bc061a7f81d11d7b01df2 811824 
rust-tonic_0.12.3+dfsg.orig.tar.xz
 ce22aa7fa815c18de47297570e6da555b9fbf6be 11896 
rust-tonic_0.12.3+dfsg-1.debian.tar.xz
 b37764d6532d6c25ed343229a4bde00e30603757 20928 
rust-tonic_0.12.3+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 0c4891d17590fba1525f5f2bbde88ce7373bbb0a1d9a0f51fb339f041a13570f 5523 
rust-tonic_0.12.3+dfsg-1.dsc
 77d10fee1dec1a974c755954ee326ee7add77102838dd597c6312e8f2636b836 811824 
rust-tonic_0.12.3+dfsg.orig.tar.xz
 5e198ac4ea085c5967933a75a305946a5723a3758bbb676742f08d17a10b8cf9 11896 
rust-tonic_0.12.3+dfsg-1.debian.tar.xz
 d287f86f46b11194f927ae1f751e17e9d4014d5eb3dcc860e3ae48b4c8d98491 20928 
rust-tonic_0.12.3+dfsg-1_amd64.buildinfo
Files:
 7a93d83c6ce4605575cadfb210b93a99 5523 rust optional 
rust-tonic_0.12.3+dfsg-1.dsc
 d8c9ea45337f571c1c2cec06e13117d9 811824 rust optional 
rust-tonic_0.12.3+dfsg.orig.tar.xz
 f3d44e609f5e1de06c6c86c8337a448c 11896 rust optional 
rust-tonic_0.12.3+dfsg-1.debian.tar.xz
 fc7579b0673fc3654fa89332efce1df6 20928 rust optional 
rust-tonic_0.12.3+dfsg-1_amd64.buildinfo


-----BEGIN PGP SIGNATURE-----

wsG7BAEBCgBvBYJn1c/cCRAsfDFGwaABIUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmdeR/zIEmfpbyzVZytsTRGRTxaBJ+7SMwoGueAXMx0D
ChYhBJ/j6cNmkaaf9TzGhCx8MUbBoAEhAAA7xg//ZVEUIuC9GXTqakrZ04bGdRTh
NsKqPuKrYxtL6DbHRhAeDq1Zoj7mjF0axcoQaV06rscqzWUe7v+kfzVx41qNIgS8
tEGWadv3KU6rqLt5T330zfeiEQjrYgKEZ+cJlxtgV3581P7K75gwbCKd5brAXCbX
c0i4zJKtt8gJLoPh2q+xUYRrMT0Pk87GM/y92sIFH+L6omReBZtvFklLieDs67K0
1qHPGij/ETa1BOj2vdKY4XDUqUTJniHrXRuCX29/ESk5AZuTzLGkF4ppmmWTsxt2
251kjXgbjU2baz933MzyEQGTt9Wqo6sqLCy8tsyIZAmRJij4+qCOODr2zQv3y3JN
RcTRcHzLBXdRdfFNn7BkBQzWJkTBusv+9MGUDJChzFqZ9ClvrBeTqtjt7e4ZrTTb
q7jCYuWhTFGqi0zsC7VwTpeUuu84rCp08prdeOHkgxAxhJwLKdnpsNu/fqWSEoF3
wPsVNycpj/XhnXlZHTCKuT5fCgV5CA5xwRTNELM1XASvEv+2vtGjTJnCRQoTxmD7
8wv+sEvw6O3ICsD9wV/6IFF89lmcVctEDgMguD9idJgYwWDVbfECpppmnRaXWc3E
33NI+jQyoXsxAMbd4foxlgl3BjzP0PgYWddPl8n3v5BLPq7WnIQUPP+610CKpF0N
QYXUi1CEAGS8KM0k9cs=
=69nq
-----END PGP SIGNATURE-----

Attachment: pgpGqhuVfFXEq.pgp
Description: PGP signature


--- End Message ---

Reply via email to