Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Upgrade scrypt to v0.11 (#15228)

Browse source 
This PR upgrades `scrypt` to v0.11.

There were some API changes that impacted our usage just in the tests.

Supersedes #15224.

Release Notes:

- N/A
This commit is contained in:
Marshall Bowers 2024-07-25 17:45:24 -04:00 committed by GitHub
parent cc1d3f0a35
commit 1da6a12bb4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 58 additions and 134 deletions
Download patch file Download diff file Expand all files Collapse all files

183
Cargo.lock generated
View file

@ -41,7 +41,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"cipher 0.4.4", "cipher",
"cpufeatures", "cpufeatures",
"zeroize", "zeroize",
] ]
@ -1179,14 +1179,14 @@ dependencies = [
"crypto-bigint 0.5.5", "crypto-bigint 0.5.5",
"form_urlencoded", "form_urlencoded",
"hex", "hex",
"hmac 0.12.1", "hmac",
"http 0.2.9", "http 0.2.9",
"http 1.0.0", "http 1.0.0",
"once_cell", "once_cell",
"p256", "p256",
"percent-encoding", "percent-encoding",
"ring", "ring",
"sha2 0.10.8", "sha2",
"subtle", "subtle",
"time", "time",
"tracing", "tracing",
@ -1221,7 +1221,7 @@ dependencies = [
"md-5", "md-5",
"pin-project-lite", "pin-project-lite",
"sha1", "sha1",
"sha2 0.10.8", "sha2",
"tracing", "tracing",
] ]
@ -1682,15 +1682,6 @@ version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d8c1fef690941d3e7788d328517591fecc684c084084702d6ff1641e993699a" checksum = "0d8c1fef690941d3e7788d328517591fecc684c084084702d6ff1641e993699a"
[[package]]
name = "block-buffer"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4"
dependencies = [
"generic-array",
]
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.10.4" version = "0.10.4"
@ -2020,7 +2011,7 @@ version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6" checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6"
dependencies = [ dependencies = [
"cipher 0.4.4", "cipher",
] ]
[[package]] [[package]]
@ -2166,15 +2157,6 @@ dependencies = [
"half", "half",
] ]
[[package]]
name = "cipher"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7"
dependencies = [
"generic-array",
]
[[package]] [[package]]
name = "cipher" name = "cipher"
version = "0.4.4" version = "0.4.4"
@ -2330,7 +2312,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"settings", "settings",
"sha2 0.10.8", "sha2",
"smol", "smol",
"sysinfo", "sysinfo",
"telemetry_events", "telemetry_events",
@ -2476,7 +2458,7 @@ dependencies = [
"serde_json", "serde_json",
"session", "session",
"settings", "settings",
"sha2 0.10.8", "sha2",
"sqlx", "sqlx",
"subtle", "subtle",
"supermaven_api", "supermaven_api",
@ -3153,16 +3135,6 @@ dependencies = [
"typenum", "typenum",
] ]
[[package]]
name = "crypto-mac"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "25fab6889090c8133f3deb8f73ba3c65a7f456f66436fc012a1b1e272b1e103e"
dependencies = [
"generic-array",
"subtle",
]
[[package]] [[package]]
name = "ctor" name = "ctor"
version = "0.2.6" version = "0.2.6"
@ -3401,22 +3373,13 @@ version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8"
[[package]]
name = "digest"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066"
dependencies = [
"generic-array",
]
[[package]] [[package]]
name = "digest" name = "digest"
version = "0.10.7" version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
dependencies = [ dependencies = [
"block-buffer 0.10.4", "block-buffer",
"const-oid", "const-oid",
"crypto-common", "crypto-common",
"subtle", "subtle",
@ -3601,7 +3564,7 @@ dependencies = [
"base16ct", "base16ct",
"crypto-bigint 0.4.9", "crypto-bigint 0.4.9",
"der 0.6.1", "der 0.6.1",
"digest 0.10.7", "digest",
"ff", "ff",
"generic-array", "generic-array",
"group", "group",
@ -5117,17 +5080,7 @@ version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437" checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437"
dependencies = [ dependencies = [
"hmac 0.12.1", "hmac",
]
[[package]]
name = "hmac"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b"
dependencies = [
"crypto-mac",
"digest 0.9.0",
] ]
[[package]] [[package]]
@ -5136,7 +5089,7 @@ version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
dependencies = [ dependencies = [
"digest 0.10.7", "digest",
] ]
[[package]] [[package]]
@ -5818,11 +5771,11 @@ checksum = "6204285f77fe7d9784db3fdc449ecce1a0114927a51d5a41c4c7a292011c015f"
dependencies = [ dependencies = [
"base64 0.13.1", "base64 0.13.1",
"crypto-common", "crypto-common",
"digest 0.10.7", "digest",
"hmac 0.12.1", "hmac",
"serde", "serde",
"serde_json", "serde_json",
"sha2 0.10.8", "sha2",
] ]
[[package]] [[package]]
@ -6233,7 +6186,7 @@ dependencies = [
"postage", "postage",
"serde", "serde",
"serde_json", "serde_json",
"sha2 0.10.8", "sha2",
"simplelog", "simplelog",
] ]
@ -6243,7 +6196,7 @@ version = "0.1.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"async-trait", "async-trait",
"hmac 0.12.1", "hmac",
"jwt", "jwt",
"log", "log",
"prost", "prost",
@ -6251,7 +6204,7 @@ dependencies = [
"prost-types", "prost-types",
"reqwest", "reqwest",
"serde", "serde",
"sha2 0.10.8", "sha2",
] ]
[[package]] [[package]]
@ -6476,7 +6429,7 @@ version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca" checksum = "6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca"
dependencies = [ dependencies = [
"digest 0.10.7", "digest",
] ]
[[package]] [[package]]
@ -7131,18 +7084,18 @@ dependencies = [
"async-lock 3.3.0", "async-lock 3.3.0",
"blocking", "blocking",
"cbc", "cbc",
"cipher 0.4.4", "cipher",
"digest 0.10.7", "digest",
"futures-lite 2.2.0", "futures-lite 2.2.0",
"futures-util", "futures-util",
"hkdf", "hkdf",
"hmac 0.12.1", "hmac",
"num", "num",
"num-bigint-dig", "num-bigint-dig",
"pbkdf2 0.12.2", "pbkdf2",
"rand 0.8.5", "rand 0.8.5",
"serde", "serde",
"sha2 0.10.8", "sha2",
"zbus", "zbus",
"zeroize", "zeroize",
"zvariant", "zvariant",
@ -7154,12 +7107,6 @@ version = "11.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575"
[[package]]
name = "opaque-debug"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "open" name = "open"
version = "5.3.0" version = "5.3.0"
@ -7366,7 +7313,7 @@ checksum = "51f44edd08f51e2ade572f141051021c5af22677e42b7dd28a88155151c33594"
dependencies = [ dependencies = [
"ecdsa", "ecdsa",
"elliptic-curve", "elliptic-curve",
"sha2 0.10.8", "sha2",
] ]
[[package]] [[package]]
@ -7446,9 +7393,9 @@ dependencies = [
[[package]] [[package]]
name = "password-hash" name = "password-hash"
version = "0.2.1" version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c1a5d4e9c205d2c1ae73b84aab6240e98218c0e72e63b50422cfb2d1ca952282" checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
dependencies = [ dependencies = [
"base64ct", "base64ct",
"rand_core 0.6.4", "rand_core 0.6.4",
@ -7494,23 +7441,14 @@ dependencies = [
"util", "util",
] ]
[[package]]
name = "pbkdf2"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d95f5254224e617595d2cc3cc73ff0a5eaf2637519e25f03388154e9378b6ffa"
dependencies = [
"crypto-mac",
]
[[package]] [[package]]
name = "pbkdf2" name = "pbkdf2"
version = "0.12.2" version = "0.12.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2"
dependencies = [ dependencies = [
"digest 0.10.7", "digest",
"hmac 0.12.1", "hmac",
] ]
[[package]] [[package]]
@ -8003,7 +7941,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"settings", "settings",
"sha2 0.10.8", "sha2",
"shellexpand 2.1.2", "shellexpand 2.1.2",
"shlex", "shlex",
"similar", "similar",
@ -8768,7 +8706,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb" checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb"
dependencies = [ dependencies = [
"crypto-bigint 0.4.9", "crypto-bigint 0.4.9",
"hmac 0.12.1", "hmac",
"zeroize", "zeroize",
] ]
@ -8915,7 +8853,7 @@ dependencies = [
"rsa", "rsa",
"serde", "serde",
"serde_json", "serde_json",
"sha2 0.10.8", "sha2",
"strum", "strum",
"tracing", "tracing",
"util", "util",
@ -8929,7 +8867,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc"
dependencies = [ dependencies = [
"const-oid", "const-oid",
"digest 0.10.7", "digest",
"num-bigint-dig", "num-bigint-dig",
"num-integer", "num-integer",
"num-traits", "num-traits",
@ -8999,7 +8937,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38c74a686185620830701348de757fd36bef4aa9680fd23c49fc539ddcc1af32" checksum = "38c74a686185620830701348de757fd36bef4aa9680fd23c49fc539ddcc1af32"
dependencies = [ dependencies = [
"globset", "globset",
"sha2 0.10.8", "sha2",
"walkdir", "walkdir",
] ]
@ -9154,11 +9092,11 @@ checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
[[package]] [[package]]
name = "salsa20" name = "salsa20"
version = "0.8.1" version = "0.10.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ecbd2eb639fd7cab5804a0837fe373cc2172d15437e804c054a9fb885cb923b0" checksum = "97a22f5af31f73a954c10289c93e8a50cc23d971e80ee446f1f6f7137a088213"
dependencies = [ dependencies = [
"cipher 0.3.0", "cipher",
] ]
[[package]] [[package]]
@ -9218,16 +9156,14 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
[[package]] [[package]]
name = "scrypt" name = "scrypt"
version = "0.7.0" version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "879588d8f90906e73302547e20fffefdd240eb3e0e744e142321f5d49dea0518" checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f"
dependencies = [ dependencies = [
"base64ct",
"hmac 0.11.0",
"password-hash", "password-hash",
"pbkdf2 0.8.0", "pbkdf2",
"salsa20", "salsa20",
"sha2 0.9.9", "sha2",
] ]
[[package]] [[package]]
@ -9440,7 +9376,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"settings", "settings",
"sha2 0.10.8", "sha2",
"smol", "smol",
"tempfile", "tempfile",
"theme", "theme",
@ -9630,7 +9566,7 @@ checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"cpufeatures", "cpufeatures",
"digest 0.10.7", "digest",
] ]
[[package]] [[package]]
@ -9639,19 +9575,6 @@ version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ae1a47186c03a32177042e55dbc5fd5aee900b8e0069a8d70fba96a9375cd012" checksum = "ae1a47186c03a32177042e55dbc5fd5aee900b8e0069a8d70fba96a9375cd012"
[[package]]
name = "sha2"
version = "0.9.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800"
dependencies = [
"block-buffer 0.9.0",
"cfg-if",
"cpufeatures",
"digest 0.9.0",
"opaque-debug",
]
[[package]] [[package]]
name = "sha2" name = "sha2"
version = "0.10.8" version = "0.10.8"
@ -9660,7 +9583,7 @@ checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"cpufeatures", "cpufeatures",
"digest 0.10.7", "digest",
] ]
[[package]] [[package]]
@ -9727,7 +9650,7 @@ version = "1.6.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c" checksum = "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c"
dependencies = [ dependencies = [
"digest 0.10.7", "digest",
"rand_core 0.6.4", "rand_core 0.6.4",
] ]
@ -9737,7 +9660,7 @@ version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500" checksum = "5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500"
dependencies = [ dependencies = [
"digest 0.10.7", "digest",
"rand_core 0.6.4", "rand_core 0.6.4",
] ]
@ -10060,7 +9983,7 @@ dependencies = [
"rustls-pemfile", "rustls-pemfile",
"serde", "serde",
"serde_json", "serde_json",
"sha2 0.10.8", "sha2",
"smallvec", "smallvec",
"sqlformat", "sqlformat",
"thiserror", "thiserror",
@ -10101,7 +10024,7 @@ dependencies = [
"quote", "quote",
"serde", "serde",
"serde_json", "serde_json",
"sha2 0.10.8", "sha2",
"sqlx-core", "sqlx-core",
"sqlx-mysql", "sqlx-mysql",
"sqlx-postgres", "sqlx-postgres",
@ -10126,7 +10049,7 @@ dependencies = [
"bytes 1.5.0", "bytes 1.5.0",
"chrono", "chrono",
"crc", "crc",
"digest 0.10.7", "digest",
"dotenvy", "dotenvy",
"either", "either",
"futures-channel", "futures-channel",
@ -10136,7 +10059,7 @@ dependencies = [
"generic-array", "generic-array",
"hex", "hex",
"hkdf", "hkdf",
"hmac 0.12.1", "hmac",
"itoa", "itoa",
"log", "log",
"md-5", "md-5",
@ -10148,7 +10071,7 @@ dependencies = [
"rust_decimal", "rust_decimal",
"serde", "serde",
"sha1", "sha1",
"sha2 0.10.8", "sha2",
"smallvec", "smallvec",
"sqlx-core", "sqlx-core",
"stringprep", "stringprep",
@ -10180,7 +10103,7 @@ dependencies = [
"futures-util", "futures-util",
"hex", "hex",
"hkdf", "hkdf",
"hmac 0.12.1", "hmac",
"home", "home",
"itoa", "itoa",
"log", "log",
@ -10193,7 +10116,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"sha1", "sha1",
"sha2 0.10.8", "sha2",
"smallvec", "smallvec",
"sqlx-core", "sqlx-core",
"stringprep", "stringprep",
@ -10674,7 +10597,7 @@ dependencies = [
"schemars", "schemars",
"serde", "serde",
"serde_json_lenient", "serde_json_lenient",
"sha2 0.10.8", "sha2",
"shellexpand 2.1.2", "shellexpand 2.1.2",
"util", "util",
] ]

2
crates/collab/Cargo.toml
View file

@ -47,7 +47,7 @@ prost.workspace = true
rand.workspace = true rand.workspace = true
reqwest = { version = "0.11", features = ["json"] } reqwest = { version = "0.11", features = ["json"] }
rpc.workspace = true rpc.workspace = true
scrypt = "0.7" scrypt = "0.11"
sea-orm = { version = "0.12.x", features = ["sqlx-postgres", "postgres-array", "runtime-tokio-rustls", "with-uuid"] } sea-orm = { version = "0.12.x", features = ["sqlx-postgres", "postgres-array", "runtime-tokio-rustls", "with-uuid"] }
semantic_version.workspace = true semantic_version.workspace = true
semver.workspace = true semver.workspace = true

7
crates/collab/src/auth.rs
View file

@ -402,15 +402,16 @@ mod test {
fn previous_hash_access_token(token: &str) -> Result<String> { fn previous_hash_access_token(token: &str) -> Result<String> {
// Avoid slow hashing in debug mode. // Avoid slow hashing in debug mode.
let params = if cfg!(debug_assertions) { let params = if cfg!(debug_assertions) {
scrypt::Params::new(1, 1, 1).unwrap() scrypt::Params::new(1, 1, 1, scrypt::Params::RECOMMENDED_LEN).unwrap()
} else { } else {
scrypt::Params::new(14, 8, 1).unwrap() scrypt::Params::new(14, 8, 1, scrypt::Params::RECOMMENDED_LEN).unwrap()
}; };
Ok(Scrypt Ok(Scrypt
.hash_password( .hash_password_customized(
token.as_bytes(), token.as_bytes(),
None, None,
None,
params, params,
&SaltString::generate(thread_rng()), &SaltString::generate(thread_rng()),
) )