From 8ddc157a60de4aede69212f9b02402d0415dd0bc Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Mon, 27 Jun 2022 21:50:41 -0400 Subject: [PATCH 1/6] Launch Nexus using a self-signed x.509 certificate --- docs/how-to-run.adoc | 7 +++++++ package-manifest.toml | 3 +++ sled-agent/src/services.rs | 6 ++++++ tools/create_self_signed_cert.sh | 33 ++++++++++++++++++++++++++++++++ 4 files changed, 49 insertions(+) create mode 100755 tools/create_self_signed_cert.sh diff --git a/docs/how-to-run.adoc b/docs/how-to-run.adoc index 0805eef362..47f05cca7e 100644 --- a/docs/how-to-run.adoc +++ b/docs/how-to-run.adoc @@ -43,6 +43,13 @@ the networking bits are temporary, so a reboot should always clear them. Both scripts must be run as root, e.g, `pfexec ./tools/create_virtual_hardware.sh`. +=== Make me a certificate! + +Nexus's external interface will typically be served using public-facing x.509 +certificate. While we are still configuring the mechanism to integrate this real +certificate into the package system, `./tools/create_self_signed_cert.sh` can be +used to generate an equivalent self-signed certificate. + == Deploying Omicron The control plane repository contains a packaging tool which bundles binaries diff --git a/package-manifest.toml b/package-manifest.toml index 683412532b..92421e3478 100644 --- a/package-manifest.toml +++ b/package-manifest.toml @@ -25,6 +25,9 @@ to = "/var/svc/manifest/site/nexus" [[package.omicron-nexus.paths]] from = "out/console-assets" to = "/var/nexus/static" +[[package.omicron-nexus.paths]] +from = "out/certs" +to = "/var/nexus/certs" [package.oximeter-collector] rust.binary_names = ["oximeter"] diff --git a/sled-agent/src/services.rs b/sled-agent/src/services.rs index be11bfb2a6..b1f711bfe3 100644 --- a/sled-agent/src/services.rs +++ b/sled-agent/src/services.rs @@ -324,6 +324,12 @@ impl ServiceManager { dropshot_external: ConfigDropshot { bind_address: SocketAddr::V6(external_address), request_body_max_bytes: 1048576, + tls: Some( + dropshot::ConfigTls { + cert_file: PathBuf::from("/var/nexus/certs/cert.pem"), + key_file: PathBuf::from("/var/nexus/certs/key.pem"), + } + ), ..Default::default() }, dropshot_internal: ConfigDropshot { diff --git a/tools/create_self_signed_cert.sh b/tools/create_self_signed_cert.sh new file mode 100755 index 0000000000..b7ac514d08 --- /dev/null +++ b/tools/create_self_signed_cert.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +set -eu + +# Creates a self-signed certificate. +# +# For those with access, certificates are available in: +# +# https://github.com/oxidecomputer/configs/tree/master/nginx/ssl/wildcard.oxide-preview.com + +set -eu + +SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +ARG0="$(basename ${BASH_SOURCE[0]})" + +# Set the CWD to Omicron's source. +SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +cd "${SOURCE_DIR}/.." + +OUTPUT_DIR="out/certs" +CERT_PATH="$OUTPUT_DIR/cert.pem" +KEY_PATH="$OUTPUT_DIR/key.pem" + +mkdir -p "$OUTPUT_DIR" + +openssl req -newkey rsa:4096 \ + -x509 \ + -sha256 \ + -days 3650 \ + -nodes \ + -out "$CERT_PATH" \ + -keyout "$KEY_PATH" \ + -subj '/CN=localhost' From 278e57d5ba9dae3239df2859d3327252dd4d7686 Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Mon, 27 Jun 2022 22:10:35 -0400 Subject: [PATCH 2/6] clippy --- sled-agent/src/services.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/sled-agent/src/services.rs b/sled-agent/src/services.rs index b1f711bfe3..12ad16f1f4 100644 --- a/sled-agent/src/services.rs +++ b/sled-agent/src/services.rs @@ -330,7 +330,6 @@ impl ServiceManager { key_file: PathBuf::from("/var/nexus/certs/key.pem"), } ), - ..Default::default() }, dropshot_internal: ConfigDropshot { bind_address: SocketAddr::V6(internal_address), From 6421bf1773c8167fd27a5382a2fc9fcdec14f310 Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Tue, 28 Jun 2022 12:59:14 -0400 Subject: [PATCH 3/6] Update package manifest to be pickier about individual files --- Cargo.lock | 132 +++++++++++++++------------- nexus/src/authn/external/cookies.rs | 2 +- package-manifest.toml | 9 +- 3 files changed, 78 insertions(+), 65 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 91ea678021..ae6c94d9cd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -85,9 +85,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.57" +version = "1.0.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" +checksum = "bb07d2053ccdbe10e2af2995a2f116c1330396493dc1269f6a91d0ae82e19704" [[package]] name = "anymap" @@ -109,7 +109,7 @@ dependencies = [ [[package]] name = "api_identity" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "proc-macro2", "quote", @@ -124,9 +124,9 @@ checksum = "c5d78ce20460b82d3fa150275ed9d55e21064fc7951177baacf86a145c4a4b1f" [[package]] name = "array-init" -version = "2.0.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6945cc5422176fc5e602e590c2878d2c2acd9a4fe20a4baa7c28022521698ec6" +checksum = "bfb6d71005dc22a708c7496eee5c8dc0300ee47355de6256c3b35b12b5fef596" [[package]] name = "ascii-canvas" @@ -573,9 +573,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.2.2" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5538cd660450ebeb4234cfecf8f2284b844ffc4c50531e66d584ad5b91293613" +checksum = "87eba3c8c7f42ef17f6c659fc7416d0f4758cd3e58861ee63c5fa4a4dde649e4" dependencies = [ "os_str_bytes", ] @@ -646,7 +646,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ - "time 0.3.9", + "time 0.3.11", "version_check", ] @@ -767,9 +767,9 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.4" +version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aaa7bd5fb665c6864b5f963dd9097905c54125909c7aa94c9e18507cdbe6c53" +checksum = "4c02a4d71819009c192cf4872265391563fd6a84c81ff2c0f2a7026ca4c1d85c" dependencies = [ "cfg-if 1.0.0", "crossbeam-utils", @@ -788,15 +788,15 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.8" +version = "0.9.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1145cf131a2c6ba0615079ab6a638f7e1973ac9c2634fcbeaaad6114246efe8c" +checksum = "07db9d94cbd326813772c968ccd25999e5f8ae22f4f8d1b11effa37ef6ce281d" dependencies = [ "autocfg 1.1.0", "cfg-if 1.0.0", "crossbeam-utils", - "lazy_static", "memoffset", + "once_cell", "scopeguard", ] @@ -812,12 +812,12 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.8" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38" +checksum = "7d82ee10ce34d7bc12c2122495e7593a9c41347ecdd64185af4ecf72cb1a7f83" dependencies = [ "cfg-if 1.0.0", - "lazy_static", + "once_cell", ] [[package]] @@ -1310,7 +1310,7 @@ checksum = "1435fa1053d8b2fbbe9be7e97eca7f33d37b28409959813daefc1446a14247f1" [[package]] name = "dropshot" version = "0.7.1-dev" -source = "git+https://github.com/oxidecomputer/dropshot?branch=main#188247c5aa37a23b8289d79e22e399b3dca1b534" +source = "git+https://github.com/oxidecomputer/dropshot?branch=main#d9f87790e92cafa179f079f441f2f3be1e2f1026" dependencies = [ "async-stream", "async-trait", @@ -1349,7 +1349,7 @@ dependencies = [ [[package]] name = "dropshot_endpoint" version = "0.7.1-dev" -source = "git+https://github.com/oxidecomputer/dropshot?branch=main#188247c5aa37a23b8289d79e22e399b3dca1b534" +source = "git+https://github.com/oxidecomputer/dropshot?branch=main#d9f87790e92cafa179f079f441f2f3be1e2f1026" dependencies = [ "proc-macro2", "quote", @@ -1371,9 +1371,9 @@ dependencies = [ [[package]] name = "dyn-clone" -version = "1.0.5" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21e50f3adc76d6a43f5ed73b698a87d0760ca74617f60f7c3b879003536fdd28" +checksum = "140206b78fb2bc3edbcfc9b5ccbd0b30699cfe8d348b8b31b330e47df5291a5a" [[package]] name = "ecdsa" @@ -1979,6 +1979,12 @@ dependencies = [ "ahash 0.7.6", ] +[[package]] +name = "hashbrown" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db0d4cf898abf0081f964436dc980e96670a0f36863e4b83aaacdb65c9d7ccc3" + [[package]] name = "hashlink" version = "0.7.0" @@ -2282,12 +2288,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.8.2" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6012d540c5baa3589337a98ce73408de9b5a25ec9fc2c6fd6be8f0d39e0ca5a" +checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" dependencies = [ "autocfg 1.1.0", - "hashbrown 0.11.2", + "hashbrown 0.12.1", "serde", ] @@ -2495,9 +2501,10 @@ dependencies = [ [[package]] name = "libnet" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/netadm-sys#3e2d8b3f5e7e7eea61424ffbca494af12a930631" +source = "git+https://github.com/oxidecomputer/netadm-sys#b7c94042a61708a2acb782826cdf600b5f1c2813" dependencies = [ "anyhow", + "cfg-if 1.0.0", "colored", "dlpi", "libc", @@ -2532,9 +2539,9 @@ dependencies = [ [[package]] name = "linked-hash-map" -version = "0.5.4" +version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fb9b38af92608140b86b693604b9ffcc5824240a484d1ecd4795bacb2fe88f3" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "lock_api" @@ -2654,9 +2661,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.3" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "713d550d9b44d89174e066b7a6217ae06234c10cb47819a88290d2b353c31799" +checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" dependencies = [ "libc", "log", @@ -2762,7 +2769,7 @@ dependencies = [ [[package]] name = "nexus-client" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "chrono", "omicron-common 0.1.0 (git+https://github.com/oxidecomputer/omicron?branch=main)", @@ -2964,7 +2971,7 @@ dependencies = [ [[package]] name = "omicron-common" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "anyhow", "api_identity 0.1.0 (git+https://github.com/oxidecomputer/omicron?branch=main)", @@ -2992,6 +2999,7 @@ dependencies = [ "thiserror", "tokio", "tokio-postgres", + "toml", "uuid", ] @@ -3432,7 +3440,7 @@ dependencies = [ [[package]] name = "oximeter" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "bytes", "chrono", @@ -3536,7 +3544,7 @@ dependencies = [ [[package]] name = "oximeter-macro-impl" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "bytes", "proc-macro2", @@ -3566,7 +3574,7 @@ dependencies = [ [[package]] name = "oximeter-producer" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" dependencies = [ "chrono", "dropshot", @@ -4053,9 +4061,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.39" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c54b25569025b7fc9651de43004ae593a75ad88543b17178aa5e1b9c4f15f56f" +checksum = "dd96a1e8ed2596c337f8eae5f24924ec83f5ad5ab21ea8e455d3566c69fbcaf7" dependencies = [ "unicode-ident", ] @@ -4160,21 +4168,21 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.19" +version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f53dc8cf16a769a6f677e09e7ff2cd4be1ea0f48754aac39520536962011de0d" +checksum = "3bcdf212e9776fbcb2d23ab029360416bb1706b1aea2d1a5ba002727cbcab804" dependencies = [ "proc-macro2", ] [[package]] name = "r2d2" -version = "0.8.9" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "545c5bc2b880973c9c10e4067418407a0ccaa3091781d1671d46eb35107cb26f" +checksum = "51de85fb3fb6524929c8a2eb85e6b6d363de4e8c48f9e2c2eac4944abc181c93" dependencies = [ "log", - "parking_lot 0.11.2", + "parking_lot 0.12.1", "scheduled-thread-pool", ] @@ -4578,9 +4586,9 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.6" +version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" +checksum = "a0a5f7c728f5d284929a1cccb5bc19884422bfe6ef4d6c409da2c41838983fcf" [[package]] name = "rusty-doors" @@ -5130,7 +5138,7 @@ dependencies = [ "hostname", "slog", "slog-json", - "time 0.3.9", + "time 0.3.11", ] [[package]] @@ -5171,7 +5179,7 @@ dependencies = [ "serde", "serde_json", "slog", - "time 0.3.9", + "time 0.3.11", ] [[package]] @@ -5206,14 +5214,14 @@ dependencies = [ "slog", "term", "thread_local", - "time 0.3.9", + "time 0.3.11", ] [[package]] name = "smallvec" -version = "1.8.0" +version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" +checksum = "cc88c725d61fc6c3132893370cac4a0200e3fedf5da8331c570664b1987f5ca2" [[package]] name = "smf" @@ -5531,7 +5539,7 @@ version = "0.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f" dependencies = [ - "strum_macros 0.24.1", + "strum_macros 0.24.2", ] [[package]] @@ -5549,9 +5557,9 @@ dependencies = [ [[package]] name = "strum_macros" -version = "0.24.1" +version = "0.24.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9550962e7cf70d9980392878dfaf1dcc3ece024f4cf3bf3c46b978d0bad61d6c" +checksum = "4faebde00e8ff94316c01800f9054fd2ba77d30d9e922541913051d1d978918b" dependencies = [ "heck 0.4.0", "proc-macro2", @@ -5578,9 +5586,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.96" +version = "1.0.98" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0748dd251e24453cb8717f0354206b91557e4ec8703673a4b30208f2abaf1ebf" +checksum = "c50aef8a904de4c23c788f104b7dddc7d6f79c647c7c8ce4cc8f73eb0ca773dd" dependencies = [ "proc-macro2", "quote", @@ -5750,9 +5758,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.9" +version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2702e08a7a860f005826c6815dcac101b19b5eb330c27fe4a5928fec1d20ddd" +checksum = "72c91f41dcb2f096c05f0873d667dceec1087ce5bcf984ec8ffb19acddbb3217" dependencies = [ "itoa 1.0.2", "libc", @@ -5963,9 +5971,9 @@ dependencies = [ [[package]] name = "tower-service" -version = "0.3.1" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" [[package]] name = "tracing" @@ -5993,9 +6001,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.27" +version = "0.1.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7709595b8878a4965ce5e87ebf880a7d39c9afc6837721b21a5a816a8117d921" +checksum = "7b7358be39f2f274f322d2aaed611acc57f382e8eb1e5b48cb9ae30933495ce7" dependencies = [ "once_cell", "valuable", @@ -6027,7 +6035,7 @@ dependencies = [ "radix_trie", "rand 0.8.5", "thiserror", - "time 0.3.9", + "time 0.3.11", "tokio", "trust-dns-proto", ] @@ -6093,7 +6101,7 @@ dependencies = [ "log", "serde", "thiserror", - "time 0.3.9", + "time 0.3.11", "tokio", "toml", "trust-dns-client", @@ -6230,9 +6238,9 @@ checksum = "5bd2fe26506023ed7b5e1e315add59d6f584c621d037f9368fea9cfb988f368c" [[package]] name = "unicode-normalization" -version = "0.1.19" +version = "0.1.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d54590932941a9e9266f0832deed84ebe1bf2e4c9e4a3554d393d18f5e854bf9" +checksum = "81dee68f85cab8cf68dec42158baf3a79a1cdc065a8b103025965d6ccb7f6cbd" dependencies = [ "tinyvec", ] diff --git a/nexus/src/authn/external/cookies.rs b/nexus/src/authn/external/cookies.rs index 5a61bf09f8..2d66175ef0 100644 --- a/nexus/src/authn/external/cookies.rs +++ b/nexus/src/authn/external/cookies.rs @@ -44,7 +44,7 @@ impl Extractor for Cookies { Ok(cookies.into()) } - fn metadata() -> ExtractorMetadata { + fn metadata(_content_type: dropshot::ApiEndpointBodyContentType) -> ExtractorMetadata { ExtractorMetadata { paginated: false, parameters: vec![] } } } diff --git a/package-manifest.toml b/package-manifest.toml index 92421e3478..7bf591a742 100644 --- a/package-manifest.toml +++ b/package-manifest.toml @@ -25,9 +25,14 @@ to = "/var/svc/manifest/site/nexus" [[package.omicron-nexus.paths]] from = "out/console-assets" to = "/var/nexus/static" +# Note, we could just map the whole "out/certs" directory, but this ensures +# both files exist. [[package.omicron-nexus.paths]] -from = "out/certs" -to = "/var/nexus/certs" +from = "out/certs/cert.pem" +to = "/var/nexus/certs/cert.pem" +[[package.omicron-nexus.paths]] +from = "out/certs/key.pem" +to = "/var/nexus/certs/key.pem" [package.oximeter-collector] rust.binary_names = ["oximeter"] From 414c6d08adf11aa70af56d726126c6f5033412c1 Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Tue, 28 Jun 2022 12:59:28 -0400 Subject: [PATCH 4/6] fmt --- nexus/src/authn/external/cookies.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nexus/src/authn/external/cookies.rs b/nexus/src/authn/external/cookies.rs index 2d66175ef0..cdd09da0ed 100644 --- a/nexus/src/authn/external/cookies.rs +++ b/nexus/src/authn/external/cookies.rs @@ -44,7 +44,9 @@ impl Extractor for Cookies { Ok(cookies.into()) } - fn metadata(_content_type: dropshot::ApiEndpointBodyContentType) -> ExtractorMetadata { + fn metadata( + _content_type: dropshot::ApiEndpointBodyContentType, + ) -> ExtractorMetadata { ExtractorMetadata { paginated: false, parameters: vec![] } } } From b3ea27f58ea44cd1571b1a6fb5b33650c1ecc5d1 Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Tue, 28 Jun 2022 14:18:21 -0400 Subject: [PATCH 5/6] Don't update deps in this PR --- Cargo.lock | 132 +++++++++++++--------------- nexus/src/authn/external/cookies.rs | 4 +- 2 files changed, 63 insertions(+), 73 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ae6c94d9cd..91ea678021 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -85,9 +85,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.58" +version = "1.0.57" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb07d2053ccdbe10e2af2995a2f116c1330396493dc1269f6a91d0ae82e19704" +checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" [[package]] name = "anymap" @@ -109,7 +109,7 @@ dependencies = [ [[package]] name = "api_identity" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "proc-macro2", "quote", @@ -124,9 +124,9 @@ checksum = "c5d78ce20460b82d3fa150275ed9d55e21064fc7951177baacf86a145c4a4b1f" [[package]] name = "array-init" -version = "2.0.1" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfb6d71005dc22a708c7496eee5c8dc0300ee47355de6256c3b35b12b5fef596" +checksum = "6945cc5422176fc5e602e590c2878d2c2acd9a4fe20a4baa7c28022521698ec6" [[package]] name = "ascii-canvas" @@ -573,9 +573,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.2.3" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87eba3c8c7f42ef17f6c659fc7416d0f4758cd3e58861ee63c5fa4a4dde649e4" +checksum = "5538cd660450ebeb4234cfecf8f2284b844ffc4c50531e66d584ad5b91293613" dependencies = [ "os_str_bytes", ] @@ -646,7 +646,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ - "time 0.3.11", + "time 0.3.9", "version_check", ] @@ -767,9 +767,9 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.5" +version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c02a4d71819009c192cf4872265391563fd6a84c81ff2c0f2a7026ca4c1d85c" +checksum = "5aaa7bd5fb665c6864b5f963dd9097905c54125909c7aa94c9e18507cdbe6c53" dependencies = [ "cfg-if 1.0.0", "crossbeam-utils", @@ -788,15 +788,15 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.9" +version = "0.9.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07db9d94cbd326813772c968ccd25999e5f8ae22f4f8d1b11effa37ef6ce281d" +checksum = "1145cf131a2c6ba0615079ab6a638f7e1973ac9c2634fcbeaaad6114246efe8c" dependencies = [ "autocfg 1.1.0", "cfg-if 1.0.0", "crossbeam-utils", + "lazy_static", "memoffset", - "once_cell", "scopeguard", ] @@ -812,12 +812,12 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.10" +version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d82ee10ce34d7bc12c2122495e7593a9c41347ecdd64185af4ecf72cb1a7f83" +checksum = "0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38" dependencies = [ "cfg-if 1.0.0", - "once_cell", + "lazy_static", ] [[package]] @@ -1310,7 +1310,7 @@ checksum = "1435fa1053d8b2fbbe9be7e97eca7f33d37b28409959813daefc1446a14247f1" [[package]] name = "dropshot" version = "0.7.1-dev" -source = "git+https://github.com/oxidecomputer/dropshot?branch=main#d9f87790e92cafa179f079f441f2f3be1e2f1026" +source = "git+https://github.com/oxidecomputer/dropshot?branch=main#188247c5aa37a23b8289d79e22e399b3dca1b534" dependencies = [ "async-stream", "async-trait", @@ -1349,7 +1349,7 @@ dependencies = [ [[package]] name = "dropshot_endpoint" version = "0.7.1-dev" -source = "git+https://github.com/oxidecomputer/dropshot?branch=main#d9f87790e92cafa179f079f441f2f3be1e2f1026" +source = "git+https://github.com/oxidecomputer/dropshot?branch=main#188247c5aa37a23b8289d79e22e399b3dca1b534" dependencies = [ "proc-macro2", "quote", @@ -1371,9 +1371,9 @@ dependencies = [ [[package]] name = "dyn-clone" -version = "1.0.6" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "140206b78fb2bc3edbcfc9b5ccbd0b30699cfe8d348b8b31b330e47df5291a5a" +checksum = "21e50f3adc76d6a43f5ed73b698a87d0760ca74617f60f7c3b879003536fdd28" [[package]] name = "ecdsa" @@ -1979,12 +1979,6 @@ dependencies = [ "ahash 0.7.6", ] -[[package]] -name = "hashbrown" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db0d4cf898abf0081f964436dc980e96670a0f36863e4b83aaacdb65c9d7ccc3" - [[package]] name = "hashlink" version = "0.7.0" @@ -2288,12 +2282,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.9.1" +version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" +checksum = "e6012d540c5baa3589337a98ce73408de9b5a25ec9fc2c6fd6be8f0d39e0ca5a" dependencies = [ "autocfg 1.1.0", - "hashbrown 0.12.1", + "hashbrown 0.11.2", "serde", ] @@ -2501,10 +2495,9 @@ dependencies = [ [[package]] name = "libnet" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/netadm-sys#b7c94042a61708a2acb782826cdf600b5f1c2813" +source = "git+https://github.com/oxidecomputer/netadm-sys#3e2d8b3f5e7e7eea61424ffbca494af12a930631" dependencies = [ "anyhow", - "cfg-if 1.0.0", "colored", "dlpi", "libc", @@ -2539,9 +2532,9 @@ dependencies = [ [[package]] name = "linked-hash-map" -version = "0.5.6" +version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" +checksum = "7fb9b38af92608140b86b693604b9ffcc5824240a484d1ecd4795bacb2fe88f3" [[package]] name = "lock_api" @@ -2661,9 +2654,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.4" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" +checksum = "713d550d9b44d89174e066b7a6217ae06234c10cb47819a88290d2b353c31799" dependencies = [ "libc", "log", @@ -2769,7 +2762,7 @@ dependencies = [ [[package]] name = "nexus-client" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "chrono", "omicron-common 0.1.0 (git+https://github.com/oxidecomputer/omicron?branch=main)", @@ -2971,7 +2964,7 @@ dependencies = [ [[package]] name = "omicron-common" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "anyhow", "api_identity 0.1.0 (git+https://github.com/oxidecomputer/omicron?branch=main)", @@ -2999,7 +2992,6 @@ dependencies = [ "thiserror", "tokio", "tokio-postgres", - "toml", "uuid", ] @@ -3440,7 +3432,7 @@ dependencies = [ [[package]] name = "oximeter" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "bytes", "chrono", @@ -3544,7 +3536,7 @@ dependencies = [ [[package]] name = "oximeter-macro-impl" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "bytes", "proc-macro2", @@ -3574,7 +3566,7 @@ dependencies = [ [[package]] name = "oximeter-producer" version = "0.1.0" -source = "git+https://github.com/oxidecomputer/omicron?branch=main#0d2410071711d7ecdd3c115ebfb93b3ea3e1e16b" +source = "git+https://github.com/oxidecomputer/omicron?branch=main#c458fddcb8660eeb78d4a0ffe34c9d21c2ebd3dc" dependencies = [ "chrono", "dropshot", @@ -4061,9 +4053,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.40" +version = "1.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd96a1e8ed2596c337f8eae5f24924ec83f5ad5ab21ea8e455d3566c69fbcaf7" +checksum = "c54b25569025b7fc9651de43004ae593a75ad88543b17178aa5e1b9c4f15f56f" dependencies = [ "unicode-ident", ] @@ -4168,21 +4160,21 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.20" +version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bcdf212e9776fbcb2d23ab029360416bb1706b1aea2d1a5ba002727cbcab804" +checksum = "f53dc8cf16a769a6f677e09e7ff2cd4be1ea0f48754aac39520536962011de0d" dependencies = [ "proc-macro2", ] [[package]] name = "r2d2" -version = "0.8.10" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51de85fb3fb6524929c8a2eb85e6b6d363de4e8c48f9e2c2eac4944abc181c93" +checksum = "545c5bc2b880973c9c10e4067418407a0ccaa3091781d1671d46eb35107cb26f" dependencies = [ "log", - "parking_lot 0.12.1", + "parking_lot 0.11.2", "scheduled-thread-pool", ] @@ -4586,9 +4578,9 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.7" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0a5f7c728f5d284929a1cccb5bc19884422bfe6ef4d6c409da2c41838983fcf" +checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" [[package]] name = "rusty-doors" @@ -5138,7 +5130,7 @@ dependencies = [ "hostname", "slog", "slog-json", - "time 0.3.11", + "time 0.3.9", ] [[package]] @@ -5179,7 +5171,7 @@ dependencies = [ "serde", "serde_json", "slog", - "time 0.3.11", + "time 0.3.9", ] [[package]] @@ -5214,14 +5206,14 @@ dependencies = [ "slog", "term", "thread_local", - "time 0.3.11", + "time 0.3.9", ] [[package]] name = "smallvec" -version = "1.8.1" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc88c725d61fc6c3132893370cac4a0200e3fedf5da8331c570664b1987f5ca2" +checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" [[package]] name = "smf" @@ -5539,7 +5531,7 @@ version = "0.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f" dependencies = [ - "strum_macros 0.24.2", + "strum_macros 0.24.1", ] [[package]] @@ -5557,9 +5549,9 @@ dependencies = [ [[package]] name = "strum_macros" -version = "0.24.2" +version = "0.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4faebde00e8ff94316c01800f9054fd2ba77d30d9e922541913051d1d978918b" +checksum = "9550962e7cf70d9980392878dfaf1dcc3ece024f4cf3bf3c46b978d0bad61d6c" dependencies = [ "heck 0.4.0", "proc-macro2", @@ -5586,9 +5578,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.98" +version = "1.0.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c50aef8a904de4c23c788f104b7dddc7d6f79c647c7c8ce4cc8f73eb0ca773dd" +checksum = "0748dd251e24453cb8717f0354206b91557e4ec8703673a4b30208f2abaf1ebf" dependencies = [ "proc-macro2", "quote", @@ -5758,9 +5750,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.11" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72c91f41dcb2f096c05f0873d667dceec1087ce5bcf984ec8ffb19acddbb3217" +checksum = "c2702e08a7a860f005826c6815dcac101b19b5eb330c27fe4a5928fec1d20ddd" dependencies = [ "itoa 1.0.2", "libc", @@ -5971,9 +5963,9 @@ dependencies = [ [[package]] name = "tower-service" -version = "0.3.2" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" +checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" [[package]] name = "tracing" @@ -6001,9 +5993,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.28" +version = "0.1.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b7358be39f2f274f322d2aaed611acc57f382e8eb1e5b48cb9ae30933495ce7" +checksum = "7709595b8878a4965ce5e87ebf880a7d39c9afc6837721b21a5a816a8117d921" dependencies = [ "once_cell", "valuable", @@ -6035,7 +6027,7 @@ dependencies = [ "radix_trie", "rand 0.8.5", "thiserror", - "time 0.3.11", + "time 0.3.9", "tokio", "trust-dns-proto", ] @@ -6101,7 +6093,7 @@ dependencies = [ "log", "serde", "thiserror", - "time 0.3.11", + "time 0.3.9", "tokio", "toml", "trust-dns-client", @@ -6238,9 +6230,9 @@ checksum = "5bd2fe26506023ed7b5e1e315add59d6f584c621d037f9368fea9cfb988f368c" [[package]] name = "unicode-normalization" -version = "0.1.20" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81dee68f85cab8cf68dec42158baf3a79a1cdc065a8b103025965d6ccb7f6cbd" +checksum = "d54590932941a9e9266f0832deed84ebe1bf2e4c9e4a3554d393d18f5e854bf9" dependencies = [ "tinyvec", ] diff --git a/nexus/src/authn/external/cookies.rs b/nexus/src/authn/external/cookies.rs index cdd09da0ed..5a61bf09f8 100644 --- a/nexus/src/authn/external/cookies.rs +++ b/nexus/src/authn/external/cookies.rs @@ -44,9 +44,7 @@ impl Extractor for Cookies { Ok(cookies.into()) } - fn metadata( - _content_type: dropshot::ApiEndpointBodyContentType, - ) -> ExtractorMetadata { + fn metadata() -> ExtractorMetadata { ExtractorMetadata { paginated: false, parameters: vec![] } } } From 6e7d6484e7cf02910baecd317e55d062494a2c29 Mon Sep 17 00:00:00 2001 From: Sean Klein Date: Tue, 28 Jun 2022 14:46:00 -0400 Subject: [PATCH 6/6] cleanup --- tools/create_self_signed_cert.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tools/create_self_signed_cert.sh b/tools/create_self_signed_cert.sh index b7ac514d08..783c8eaf70 100755 --- a/tools/create_self_signed_cert.sh +++ b/tools/create_self_signed_cert.sh @@ -1,7 +1,5 @@ #!/bin/bash -set -eu - # Creates a self-signed certificate. # # For those with access, certificates are available in: @@ -10,9 +8,6 @@ set -eu set -eu -SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" -ARG0="$(basename ${BASH_SOURCE[0]})" - # Set the CWD to Omicron's source. SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" cd "${SOURCE_DIR}/.."