search

zcash / librustzcash

Rust-language assets for Zcash
Other
337 stars 251 forks source link

`tokio 0.12` migration causes `UnknownIssuer` errors with `lightwallet` servers using Let's Encrypt #1455

Closed str4d closed 3 months ago

str4d commented 3 months ago

1446 migrated us from tokio 0.11 to tokio 0.12. This results in dependency updates that cause the following error when trying to connect to zec.rocks:

INFO zec_sqlite_cli::remote: Connecting to zec.rocks:443
Error: transport error

Caused by:
    0: invalid peer certificate: UnknownIssuer
    1: invalid peer certificate: UnknownIssuer

zec.rocks has this certificate chain:

$ echo quit | openssl s_client -showcerts -servername zec.rocks -connect zec.rocks:443 >zec.rocks.pem
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = zec.rocks
verify return:1
DONE
$ cat zec.rocks.pem ``` CONNECTED(00000003) --- Certificate chain 0 s:CN = zec.rocks i:C = US, O = Let's Encrypt, CN = R3 a:PKEY: id-ecPublicKey, 256 (bit); sigalg: RSA-SHA256 v:NotBefore: May 28 23:25:39 2024 GMT; NotAfter: Aug 26 23:25:38 2024 GMT -----BEGIN CERTIFICATE----- MIIEEzCCAvugAwIBAgISAy/kdOxAsW7vVouWK843ahYzMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjgyMzI1MzlaFw0yNDA4MjYyMzI1MzhaMBQxEjAQBgNVBAMT CXplYy5yb2NrczBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGRdbaS9ttli4ny8 9Vvwvt/B16lK70iqiKcyLyTeGj4p9z20WxEIok9D0vOrG9uYXGGoU399bir/7b7i 89A8OxijggIKMIICBjAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEgN471CWEM7QnTN 1QZJLb+a7OqUMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsG AQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIG CCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBQGA1UdEQQNMAuCCXpl Yy5yb2NrczATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQE gfEA7wB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABj8G9AK8A AAQDAEYwRAIgIdKfKsBjvX0xTahZ0drXQ9ZsXGq5NQ/wsTUTjM3GgEYCIFL6CkbZ Gkw2UTbKRcFQvyCdaDWbRSeWiHUv1zYkcAvdAHYASLDja9qmRzQP5WoC+p0w6xxS ActW3SyB2bu/qznYhHMAAAGPwb0AZAAABAMARzBFAiEApkMjdBbS2BmrdXGjvgmO 67Dz8K17pZ4QEWJZrjd/fiICIFaLK2qAqJXIBMJzhACC4WoEEwG1NthNvEn712MM Mgm4MA0GCSqGSIb3DQEBCwUAA4IBAQCeTGVx7MlRCxJL3TiNSbTex4bdfHbPjafy 3bz5Tv/+d1r+dDbxk7Mz/Th+iv57VzlznNaauigsrR594dM+Nz5ijhY7Agb5DBUa O4ia+FBJdM5lDU8J2tpBbn5eN+J6XkM0UPBPQBkGm3v0flyKLfjqpZWSEe+XW9OO iVRA3fNZ57dJhiwQ7mT9cXdYnhlTMgqUz2Uom4YKMy0VPD9/H6U3YlWt52tSdBNR yfu8jq29A1e+0AsMb2pMpB37CzmejnOuQmMu4kLok8YMYpP6TlsO97SY+7fhaUHm QYp/YnupTpTVoW7cUu9a9qXPvD0aZfhNJ3dCl2fkYaa3IVn6JL38 -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R3 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 2025 GMT -----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE----- --- Server certificate subject=CN = zec.rocks issuer=C = US, O = Let's Encrypt, CN = R3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2733 bytes and written 391 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- ```

My suspicion is that something in the upgrade is preventing the ISRG Root X1 root from being found.

str4d commented 3 months ago

This is the full current diff resulting from migrating zec-sqlite-cli from the main commit just before #1446 to the main commit merging that PR, and after update version minimisation for the TLS-related dependencies:

Click to view ```diff commit 23b3920563744de8732fb41bbf0175a98859d133 Author: Jack Grigg Date: Wed Jul 24 17:32:18 2024 +0000 Migrate to `librustzcash` revision just after `tonic 0.12` diff --git a/Cargo.lock b/Cargo.lock index 2bc2b58..9c0c4c5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -131,6 +131,12 @@ dependencies = [ "syn 2.0.66", ] +[[package]] +name = "atomic-waker" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" + [[package]] name = "autocfg" version = "1.3.0" @@ -139,18 +145,17 @@ checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0" [[package]] name = "axum" -version = "0.6.20" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b829e4e32b91e643de6eafe82b1d90675f5874230191a4ffbc1b336dec4d6bf" +checksum = "3a6c9af12842a67734c9a2e355436e5d03b22383ed60cf13cd0c18fbfe3dcbcf" dependencies = [ "async-trait", "axum-core", - "bitflags 1.3.2", "bytes", "futures-util", "http", "http-body", - "hyper", + "http-body-util", "itoa", "matchit", "memchr", @@ -159,7 +164,7 @@ dependencies = [ "pin-project-lite", "rustversion", "serde", - "sync_wrapper", + "sync_wrapper 1.0.1", "tower", "tower-layer", "tower-service", @@ -167,17 +172,20 @@ dependencies = [ [[package]] name = "axum-core" -version = "0.3.4" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c" +checksum = "a15c63fd72d41492dc4f497196f5da1fb04fb7529e631d73630d1b491e47a2e3" dependencies = [ "async-trait", "bytes", "futures-util", "http", "http-body", + "http-body-util", "mime", + "pin-project-lite", "rustversion", + "sync_wrapper 0.1.2", "tower-layer", "tower-service", ] @@ -278,12 +286,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "bitflags" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" - [[package]] name = "bitflags" version = "2.5.0" @@ -552,7 +554,7 @@ version = "0.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f476fe445d41c9e991fd07515a6f463074b782242ccf4a5b7b1d1012e70824df" dependencies = [ - "bitflags 2.5.0", + "bitflags", "crossterm_winapi", "futures-core", "libc", @@ -641,7 +643,7 @@ checksum = "3dca9240753cf90908d7e4aac30f630662b02aebaa1b58a3cadabdb23385b58b" [[package]] name = "equihash" version = "0.2.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "blake2b_simd", "byteorder", @@ -666,7 +668,7 @@ dependencies = [ [[package]] name = "f4jumble" version = "0.1.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "blake2b_simd", ] @@ -864,15 +866,15 @@ dependencies = [ [[package]] name = "h2" -version = "0.3.26" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" +checksum = "fa82e28a107a8cc405f0839610bdc9b15f1e25ec7d696aa5cf173edbcb1486ab" dependencies = [ + "atomic-waker", "bytes", "fnv", "futures-core", "futures-sink", - "futures-util", "http", "indexmap 2.2.6", "slab", @@ -984,9 +986,9 @@ dependencies = [ [[package]] name = "http" -version = "0.2.12" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" +checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258" dependencies = [ "bytes", "fnv", @@ -995,12 +997,24 @@ dependencies = [ [[package]] name = "http-body" -version = "0.4.6" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" dependencies = [ "bytes", "http", +] + +[[package]] +name = "http-body-util" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793429d76616a256bcb62c2a2ec2bed781c8307e797e2598c50010f2bee2544f" +dependencies = [ + "bytes", + "futures-util", + "http", + "http-body", "pin-project-lite", ] @@ -1018,13 +1032,12 @@ checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" [[package]] name = "hyper" -version = "0.14.29" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f361cde2f109281a220d4307746cdfd5ee3f410da58a70377762396775634b33" +checksum = "50dfd22e0e76d0f662d429a5f80fcaf3855009297eab6a0a9f8543834744ba05" dependencies = [ "bytes", "futures-channel", - "futures-core", "futures-util", "h2", "http", @@ -1033,23 +1046,42 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2", + "smallvec", "tokio", - "tower-service", - "tracing", "want", ] [[package]] name = "hyper-timeout" -version = "0.4.1" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1" +checksum = "3203a961e5c83b6f5498933e78b6b263e208c197b63e9c6c53cc82ffd3f63793" dependencies = [ "hyper", + "hyper-util", "pin-project-lite", "tokio", - "tokio-io-timeout", + "tower-service", +] + +[[package]] +name = "hyper-util" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ab92f4f49ee4fb4f997c784b7a2e0fa70050211e0b6a287f898c3c9785ca956" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http", + "http-body", + "hyper", + "pin-project-lite", + "socket2", + "tokio", + "tower", + "tower-service", + "tracing", ] [[package]] @@ -1612,9 +1644,9 @@ dependencies = [ [[package]] name = "prost" -version = "0.12.6" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "deb1435c188b76130da55f17a466d252ff7b1418b2ad3e037d127b94e3411f29" +checksum = "e13db3d3fde688c61e2446b4d843bc27a7e8af269a69440c0308021dc92333cc" dependencies = [ "bytes", "prost-derive", @@ -1622,9 +1654,9 @@ dependencies = [ [[package]] name = "prost-build" -version = "0.12.6" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22505a5c94da8e3b7c2996394d1c933236c4d743e81a410bcca4e6989fc066a4" +checksum = "5bb182580f71dd070f88d01ce3de9f4da5021db7115d2e1c3605a754153b77c1" dependencies = [ "bytes", "heck", @@ -1643,9 +1675,9 @@ dependencies = [ [[package]] name = "prost-derive" -version = "0.12.6" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81bddcdb20abf9501610992b6759a4c888aef7d1a7247ef75e2404275ac24af1" +checksum = "18bec9b0adc4eba778b33684b7ba3e7137789434769ee3ce3930463ef904cfca" dependencies = [ "anyhow", "itertools", @@ -1656,9 +1688,9 @@ dependencies = [ [[package]] name = "prost-types" -version = "0.12.6" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9091c90b0a32608e984ff2fa4091273cbdd755d54935c51d520887f4a1dbd5b0" +checksum = "cee5168b05f49d4b0ca581206eb14a7b22fafd963efe729ac48eb03266e25cc2" dependencies = [ "prost", ] @@ -1714,7 +1746,7 @@ version = "0.26.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f44c9e68fd46eda15c646fbb85e1040b657a58cdc8c98db1d97a55930d991eef" dependencies = [ - "bitflags 2.5.0", + "bitflags", "cassowary", "compact_str", "crossterm", @@ -1785,7 +1817,7 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c82cf8cff14456045f55ec4241383baeff27af886adb72ffb2162f99911de0fd" dependencies = [ - "bitflags 2.5.0", + "bitflags", ] [[package]] @@ -1872,7 +1904,7 @@ version = "0.29.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "549b9d036d571d42e6e85d1c1425e2ac83491075078ca9a15be021c56b1641f2" dependencies = [ - "bitflags 2.5.0", + "bitflags", "fallible-iterator", "fallible-streaming-iterator", "hashlink", @@ -1902,7 +1934,7 @@ version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ - "bitflags 2.5.0", + "bitflags", "errno", "libc", "linux-raw-sys", @@ -1911,11 +1943,12 @@ dependencies = [ [[package]] name = "rustls" -version = "0.22.4" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf4ef73721ac7bcd79b2b315da7779d8fc09718c6b3d2d1b2d94850eb8c18432" +checksum = "53e56521f047352df0db9a3c5aafc573eeb8909ab80f9d4cba201d8d73539009" dependencies = [ "log", + "once_cell", "ring", "rustls-pki-types", "rustls-webpki", @@ -2145,7 +2178,7 @@ name = "shardtree" version = "0.3.1" source = "git+https://github.com/zcash/incrementalmerkletree?rev=337f59179eda51261e9ddfc6b18e8fb84ea277c9#337f59179eda51261e9ddfc6b18e8fb84ea277c9" dependencies = [ - "bitflags 2.5.0", + "bitflags", "either", "incrementalmerkletree", "tracing", @@ -2348,6 +2381,12 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" +[[package]] +name = "sync_wrapper" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7065abeca94b6a8a577f9bd45aa0867a2238b74e8eb67cf10d492bc39351394" + [[package]] name = "tap" version = "1.0.1" @@ -2498,16 +2537,6 @@ dependencies = [ "windows-sys 0.48.0", ] -[[package]] -name = "tokio-io-timeout" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30b74022ada614a1b4834de765f9bb43877f910cc8ce4be40e89042c9223a8bf" -dependencies = [ - "pin-project-lite", - "tokio", -] - [[package]] name = "tokio-macros" version = "2.3.0" @@ -2521,9 +2550,9 @@ dependencies = [ [[package]] name = "tokio-rustls" -version = "0.25.0" +version = "0.26.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "775e0c0f0adb3a2f22a00c4745d728b479985fc15ee7ca6a2608388c5569860f" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" dependencies = [ "rustls", "rustls-pki-types", @@ -2590,26 +2619,28 @@ dependencies = [ [[package]] name = "tonic" -version = "0.11.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76c4eb7a4e9ef9d4763600161f12f5070b92a578e1b634db88a6887844c91a13" +checksum = "38659f4a91aba8598d27821589f5db7dddd94601e7a01b1e485a50e5484c7401" dependencies = [ "async-stream", "async-trait", "axum", - "base64 0.21.7", + "base64 0.22.1", "bytes", "flate2", "h2", "http", "http-body", + "http-body-util", "hyper", "hyper-timeout", + "hyper-util", "percent-encoding", "pin-project", "prost", "rustls-pemfile", - "rustls-pki-types", + "socket2", "tokio", "tokio-rustls", "tokio-stream", @@ -2622,9 +2653,9 @@ dependencies = [ [[package]] name = "tonic-build" -version = "0.11.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be4ef6dd70a610078cb4e338a0f79d06bc759ff1b22d2120c2ff02ae264ba9c2" +checksum = "568392c5a2bd0020723e3f387891176aabafe36fd9fcd074ad309dfa0c8eb964" dependencies = [ "prettyplease", "proc-macro2", @@ -3130,7 +3161,7 @@ checksum = "213b7324336b53d2414b2db8537e56544d981803139155afa84f76eeebb7a546" [[package]] name = "zcash_address" version = "0.3.2" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "bech32", "bs58", @@ -3142,7 +3173,7 @@ dependencies = [ [[package]] name = "zcash_client_backend" version = "0.12.1" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "base64 0.21.7", "bech32", @@ -3185,7 +3216,7 @@ dependencies = [ [[package]] name = "zcash_client_sqlite" version = "0.10.3" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "bip32", "bs58", @@ -3220,7 +3251,7 @@ dependencies = [ [[package]] name = "zcash_encoding" version = "0.2.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "byteorder", "nonempty", @@ -3229,7 +3260,7 @@ dependencies = [ [[package]] name = "zcash_keys" version = "0.2.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "bech32", "bip32", @@ -3270,7 +3301,7 @@ dependencies = [ [[package]] name = "zcash_primitives" version = "0.15.1" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "aes", "bip32", @@ -3308,7 +3339,7 @@ dependencies = [ [[package]] name = "zcash_proofs" version = "0.15.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "bellman", "blake2b_simd", @@ -3330,7 +3361,7 @@ dependencies = [ [[package]] name = "zcash_protocol" version = "0.1.1" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "document-features", "memuse", @@ -3436,7 +3467,7 @@ dependencies = [ [[package]] name = "zip321" version = "0.0.0" -source = "git+https://github.com/zcash/librustzcash?rev=34cf6d286a201caf7dfee29fbee867d547afc486#34cf6d286a201caf7dfee29fbee867d547afc486" +source = "git+https://github.com/zcash/librustzcash?rev=73d0c5b68b1910d88b4e0ba095916b11fa49dc88#73d0c5b68b1910d88b4e0ba095916b11fa49dc88" dependencies = [ "base64 0.21.7", "nom", diff --git a/Cargo.toml b/Cargo.toml index c0ced40..fd1514e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ anyhow = "1" bip0039 = { version = "0.12", features = ["std", "all-languages"] } futures-util = "0.3" gumdrop = "0.8" -prost = "0.12" +prost = "0.13" rayon = "1.7" rusqlite = { version = "0.29", features = ["time"] } orchard = { version = "0.8", default-features = false } @@ -22,7 +22,7 @@ serde = "1.0" time = "0.2" tokio = { version = "1.21.0", features = ["fs", "macros", "rt-multi-thread", "signal"] } toml = "0.8" -tonic = { version = "0.11", features = ["gzip", "tls-webpki-roots"] } +tonic = { version = "0.12", features = ["gzip", "tls-webpki-roots"] } tracing = "0.1" tracing-subscriber = { version = "0.3", features = ["env-filter", "fmt"] } zcash_address = "0.3.2" @@ -55,13 +55,13 @@ tui = [ ] [patch.crates-io] -zcash_address = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zip321 = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_keys = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_primitives = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_protocol = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_proofs = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_client_backend = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } -zcash_client_sqlite = { git = "https://github.com/zcash/librustzcash", rev = "34cf6d286a201caf7dfee29fbee867d547afc486" } +zcash_address = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zip321 = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_keys = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_primitives = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_protocol = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_proofs = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_client_backend = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } +zcash_client_sqlite = { git = "https://github.com/zcash/librustzcash", rev = "73d0c5b68b1910d88b4e0ba095916b11fa49dc88" } incrementalmerkletree = { git = "https://github.com/zcash/incrementalmerkletree", rev = "337f59179eda51261e9ddfc6b18e8fb84ea277c9" } shardtree = { git = "https://github.com/zcash/incrementalmerkletree", rev = "337f59179eda51261e9ddfc6b18e8fb84ea277c9" } ```
str4d commented 3 months ago

These are the specific updates that I think might be contributing:

@@ -1911,11 +1943,12 @@ dependencies = [

 [[package]]
 name = "rustls"
-version = "0.22.4"
+version = "0.23.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf4ef73721ac7bcd79b2b315da7779d8fc09718c6b3d2d1b2d94850eb8c18432"
+checksum = "53e56521f047352df0db9a3c5aafc573eeb8909ab80f9d4cba201d8d73539009"
 dependencies = [
  "log",
+ "once_cell",
  "ring",
  "rustls-pki-types",
  "rustls-webpki",
@@ -2521,9 +2550,9 @@ dependencies = [

 [[package]]
 name = "tokio-rustls"
-version = "0.25.0"
+version = "0.26.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "775e0c0f0adb3a2f22a00c4745d728b479985fc15ee7ca6a2608388c5569860f"
+checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4"
 dependencies = [
  "rustls",
  "rustls-pki-types",

Note in particular that webpki-roots is not upgraded. The fact that we can connect to zec.rocks without the upgrade means that ISRV Root X1 must be in webpki-roots; the problem must be in changes to certificate path building.

str4d commented 3 months ago

Code changes for these updates:

str4d commented 3 months ago

Aha, the issue is this change in rustls 0.23.0: https://github.com/hyperium/tonic/pull/1731

The feature flags enable webpki-roots to be used, but they are no longer used unless an explicit call to ClientTlsConfig::with_webpki_roots is added.

This breaking change to the API was not noted in the changelog at all until two weeks ago: https://github.com/hyperium/tonic/pull/1781