chore(all): update actix-web dependency to 4.0.0-beta.21

2025-07-03 11:57:07 +02:00 · 2022-01-21 20:44:17 +00:00 · 2022-01-21 20:44:17 +00:00 · 9f5fee404b
commit 9f5fee404b
parent f9f075bca2
10 changed files with 511 additions and 505 deletions
--- a/meilisearch-http/src/extractors/authentication/mod.rs
+++ b/meilisearch-http/src/extractors/authentication/mod.rs
@ -32,8 +32,6 @@ impl<T, D> Deref for GuardedData<T, D> {
 }

 impl<P: Policy + 'static, D: 'static + Clone> FromRequest for GuardedData<P, D> {
-    type Config = ();
-
    type Error = ResponseError;

    type Future = Ready<Result<Self, Self::Error>>;
--- a/meilisearch-http/src/extractors/payload.rs
+++ b/meilisearch-http/src/extractors/payload.rs
@ -28,8 +28,6 @@ impl Default for PayloadConfig {
 }

 impl FromRequest for Payload {
-    type Config = PayloadConfig;
-
    type Error = PayloadError;

    type Future = Ready<Result<Payload, Self::Error>>;
@ -39,7 +37,7 @@ impl FromRequest for Payload {
        let limit = req
            .app_data::<PayloadConfig>()
            .map(|c| c.limit)
-            .unwrap_or(Self::Config::default().limit);
+            .unwrap_or(PayloadConfig::default().limit);
        ready(Ok(Payload {
            payload: payload.take(),
            limit,
--- a/meilisearch-http/src/lib.rs
+++ b/meilisearch-http/src/lib.rs
@ -90,7 +90,7 @@ pub fn configure_data(
 #[cfg(feature = "mini-dashboard")]
 pub fn dashboard(config: &mut web::ServiceConfig, enable_frontend: bool) {
    use actix_web::HttpResponse;
-    use actix_web_static_files::Resource;
+    use static_files::Resource;

    mod generated {
        include!(concat!(env!("OUT_DIR"), "/generated.rs"));
--- a/meilisearch-http/src/option.rs
+++ b/meilisearch-http/src/option.rs
@ -6,11 +6,14 @@ use std::sync::Arc;
 use byte_unit::Byte;
 use clap::Parser;
 use meilisearch_lib::options::IndexerOpts;
-use rustls::internal::pemfile::{certs, pkcs8_private_keys, rsa_private_keys};
 use rustls::{
-    AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient, NoClientAuth,
+    server::{
+        AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient,
+        ServerSessionMemoryCache,
+    },
    RootCertStore,
 };
+use rustls_pemfile::{certs, pkcs8_private_keys, rsa_private_keys};

 const POSSIBLE_ENV: [&str; 2] = ["development", "production"];

@ -131,7 +134,9 @@ pub struct Opt {
 impl Opt {
    pub fn get_ssl_config(&self) -> anyhow::Result<Option<rustls::ServerConfig>> {
        if let (Some(cert_path), Some(key_path)) = (&self.ssl_cert_path, &self.ssl_key_path) {
-            let client_auth = match &self.ssl_auth_path {
+            let config = rustls::ServerConfig::builder().with_safe_defaults();
+
+            let config = match &self.ssl_auth_path {
                Some(auth_path) => {
                    let roots = load_certs(auth_path.to_path_buf())?;
                    let mut client_auth_roots = RootCertStore::empty();
@ -139,30 +144,32 @@ impl Opt {
                        client_auth_roots.add(&root).unwrap();
                    }
                    if self.ssl_require_auth {
-                        AllowAnyAuthenticatedClient::new(client_auth_roots)
+                        let verifier = AllowAnyAuthenticatedClient::new(client_auth_roots);
+                        config.with_client_cert_verifier(verifier)
                    } else {
-                        AllowAnyAnonymousOrAuthenticatedClient::new(client_auth_roots)
+                        let verifier =
+                            AllowAnyAnonymousOrAuthenticatedClient::new(client_auth_roots);
+                        config.with_client_cert_verifier(verifier)
                    }
                }
-                None => NoClientAuth::new(),
+                None => config.with_no_client_auth(),
            };

-            let mut config = rustls::ServerConfig::new(client_auth);
-            config.key_log = Arc::new(rustls::KeyLogFile::new());
-
            let certs = load_certs(cert_path.to_path_buf())?;
            let privkey = load_private_key(key_path.to_path_buf())?;
            let ocsp = load_ocsp(&self.ssl_ocsp_path)?;
-            config
-                .set_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![])
+            let mut config = config
+                .with_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![])
                .map_err(|_| anyhow::anyhow!("bad certificates/private key"))?;

+            config.key_log = Arc::new(rustls::KeyLogFile::new());
+
            if self.ssl_resumption {
-                config.set_persistence(rustls::ServerSessionMemoryCache::new(256));
+                config.session_storage = ServerSessionMemoryCache::new(256);
            }

            if self.ssl_tickets {
-                config.ticketer = rustls::Ticketer::new();
+                config.ticketer = rustls::Ticketer::new().unwrap();
            }

            Ok(Some(config))
@ -176,7 +183,9 @@ fn load_certs(filename: PathBuf) -> anyhow::Result<Vec<rustls::Certificate>> {
    let certfile =
        fs::File::open(filename).map_err(|_| anyhow::anyhow!("cannot open certificate file"))?;
    let mut reader = BufReader::new(certfile);
-    certs(&mut reader).map_err(|_| anyhow::anyhow!("cannot read certificate file"))
+    certs(&mut reader)
+        .map(|certs| certs.into_iter().map(rustls::Certificate).collect())
+        .map_err(|_| anyhow::anyhow!("cannot read certificate file"))
 }

 fn load_private_key(filename: PathBuf) -> anyhow::Result<rustls::PrivateKey> {
@ -201,10 +210,10 @@ fn load_private_key(filename: PathBuf) -> anyhow::Result<rustls::PrivateKey> {

    // prefer to load pkcs8 keys
    if !pkcs8_keys.is_empty() {
-        Ok(pkcs8_keys[0].clone())
+        Ok(rustls::PrivateKey(pkcs8_keys[0].clone()))
    } else {
        assert!(!rsa_keys.is_empty());
-        Ok(rsa_keys[0].clone())
+        Ok(rustls::PrivateKey(rsa_keys[0].clone()))
    }
 }