From 27affb2a63b3ab432f69afa49154aa3610c128ea Mon Sep 17 00:00:00 2001 From: "Wang, Arron" Date: Mon, 31 Oct 2022 11:14:10 +0800 Subject: [PATCH] agent: Bump pinned version of image-rs to support cosign signature To support cosign signature verification. Fix build warning in signal.rs: error: unused `tokio::sync::MutexGuard` that must be used --> src/signal.rs:27:9 | 27 | rustjail::container::WAIT_PID_LOCKER.lock().await; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = note: `-D unused-must-use` implied by `-D warnings` = note: if unused the Mutex will immediately unlock Fixes: #5541 Signed-off-by: Wang, Arron --- src/agent/Cargo.lock | 1137 +++++++++++++++++++++++++++++++++++++-- src/agent/Cargo.toml | 4 +- src/agent/src/signal.rs | 2 +- 3 files changed, 1085 insertions(+), 58 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index ab54b01fb2..af4870f4e4 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -26,6 +26,16 @@ dependencies = [ "generic-array", ] +[[package]] +name = "aead" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c192eb8f11fc081b0fe4259ba5af04217d4e0faddd02417310a927911abd7c8" +dependencies = [ + "crypto-common", + "generic-array", +] + [[package]] name = "aes" version = "0.6.0" @@ -70,7 +80,21 @@ dependencies = [ "aes 0.7.5", "cipher 0.3.0", "ctr 0.8.0", - "ghash", + "ghash 0.4.4", + "subtle", +] + +[[package]] +name = "aes-gcm" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e1366e0c69c9f927b1fa5ce2c7bf9eafc8f9268c0b9800729e8b267612447c" +dependencies = [ + "aead 0.5.1", + "aes 0.8.1", + "cipher 0.4.3", + "ctr 0.9.1", + "ghash 0.5.0", "subtle", ] @@ -142,6 +166,45 @@ dependencies = [ "term", ] +[[package]] +name = "asn1-rs" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf6690c370453db30743b373a60ba498fc0d6d83b11f4abfd87a84a075db5dd4" +dependencies = [ + "asn1-rs-derive", + "asn1-rs-impl", + "displaydoc", + "nom", + "num-traits", + "rusticata-macros", + "thiserror", + "time 0.3.14", +] + +[[package]] +name = "asn1-rs-derive" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "726535892e8eae7e70657b4c8ea93d26b8553afb1ce617caee529ef96d7dee6c" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "asn1-rs-impl" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2777730b2039ac0f95f093556e61b6d26cebed5393ca6f152717777cec3a42ed" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "async-recursion" version = "0.3.2" @@ -185,6 +248,36 @@ dependencies = [ "syn", ] +[[package]] +name = "async_once" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2ce4f10ea3abcd6617873bae9f91d1c5332b4a778bd9ce34d0cd517474c1de82" + +[[package]] +name = "attestation_agent" +version = "1.0.0" +source = "git+https://github.com/confidential-containers/attestation-agent?rev=3b4716dd3d8bbf0d5f8cec7bc0d528421f00fd06#3b4716dd3d8bbf0d5f8cec7bc0d528421f00fd06" +dependencies = [ + "aes-gcm 0.10.1", + "anyhow", + "async-trait", + "base64", + "env_logger", + "foreign-types 0.5.0", + "futures", + "futures-util", + "log", + "rand 0.8.5", + "rsa 0.6.1", + "serde", + "serde_json", + "sha2 0.10.5", + "shadow-rs 0.16.3", + "strum 0.24.1", + "tonic-build 0.8.0", +] + [[package]] name = "atty" version = "0.2.14" @@ -270,6 +363,12 @@ dependencies = [ "serde", ] +[[package]] +name = "base64ct" +version = "1.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b645a089122eccb6111b4f81cbc1a49f5900ac4666bb93ac027feaecf15607bf" + [[package]] name = "bincode" version = "1.3.3" @@ -357,6 +456,15 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "bstr" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba3569f383e8f1598449f1a423e72e99569137b47740b1da11ef19af3d5c3223" +dependencies = [ + "memchr", +] + [[package]] name = "buffered-reader" version = "1.1.3" @@ -423,6 +531,43 @@ dependencies = [ "pkg-config", ] +[[package]] +name = "cached" +version = "0.38.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27e6092f8c7ba6e65a46f6f26d7d7997201d3a6f0e69ff5d2440b930d7c0513a" +dependencies = [ + "async-trait", + "async_once", + "cached_proc_macro", + "cached_proc_macro_types", + "futures", + "hashbrown", + "instant", + "lazy_static", + "once_cell", + "thiserror", + "tokio", +] + +[[package]] +name = "cached_proc_macro" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "751f7f4e7a091545e7f6c65bacc404eaee7e87bfb1f9ece234a1caa173dc16f2" +dependencies = [ + "cached_proc_macro_types", + "darling 0.13.4", + "quote", + "syn", +] + +[[package]] +name = "cached_proc_macro_types" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a4f925191b4367301851c6d99b09890311d74b0d43f274c0b34c86d308a3663" + [[package]] name = "capctl" version = "0.2.2" @@ -498,6 +643,7 @@ dependencies = [ "js-sys", "num-integer", "num-traits", + "serde", "time 0.1.44", "wasm-bindgen", "winapi", @@ -592,6 +738,38 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "279bc8fc53f788a75c7804af68237d1fce02cde1e275a886a4b320604dc2aeda" +[[package]] +name = "const-oid" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3" + +[[package]] +name = "const_fn" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbdcdcb6d86f71c5e97409ad45898af11cbc995b4ee8112d59095a28d376c935" + +[[package]] +name = "const_format" +version = "0.2.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7309d9b4d3d2c0641e018d449232f2e28f1b22933c137f157d3dbc14228b8c0e" +dependencies = [ + "const_format_proc_macros", +] + +[[package]] +name = "const_format_proc_macros" +version = "0.2.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f47bf7270cf70d370f8f98c1abb6d2d4cf60a6845d30e05bfb90c6568650" +dependencies = [ + "proc-macro2", + "quote", + "unicode-xid", +] + [[package]] name = "core-foundation" version = "0.9.3" @@ -701,6 +879,16 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" +[[package]] +name = "crypto-bigint" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21" +dependencies = [ + "generic-array", + "subtle", +] + [[package]] name = "crypto-common" version = "0.1.6" @@ -708,6 +896,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array", + "rand_core 0.6.3", "typenum", ] @@ -761,9 +950,9 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.2.1" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0" +checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" dependencies = [ "byteorder", "digest 0.9.0", @@ -772,14 +961,38 @@ dependencies = [ "zeroize", ] +[[package]] +name = "darling" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a01d95850c592940db9b8194bc39f4bc0e89dee5c4265e4b1807c34a9aba453c" +dependencies = [ + "darling_core 0.13.4", + "darling_macro 0.13.4", +] + [[package]] name = "darling" version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4529658bdda7fd6769b8614be250cdcfc3aeb0ee72fe66f9e41e5e5eb73eac02" dependencies = [ - "darling_core", - "darling_macro", + "darling_core 0.14.1", + "darling_macro 0.14.1", +] + +[[package]] +name = "darling_core" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "859d65a907b6852c9361e3185c862aae7fafd2887876799fa55f5f99dc40d610" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", ] [[package]] @@ -796,17 +1009,34 @@ dependencies = [ "syn", ] +[[package]] +name = "darling_macro" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c972679f83bdf9c42bd905396b6c3588a843a17f0f16dfcfa3e2c5d57441835" +dependencies = [ + "darling_core 0.13.4", + "quote", + "syn", +] + [[package]] name = "darling_macro" version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ddfc69c5bfcbd2fc09a0f38451d2daf0e372e367986a83906d1b0dbc88134fb5" dependencies = [ - "darling_core", + "darling_core 0.14.1", "quote", "syn", ] +[[package]] +name = "data-encoding" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" + [[package]] name = "dbl" version = "0.3.2" @@ -822,10 +1052,35 @@ version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2eeb9d92785d1facb50567852ce75d0858630630e7eabea59cf7eb7474051087" dependencies = [ - "const-oid", + "const-oid 0.5.2", "typenum", ] +[[package]] +name = "der" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c" +dependencies = [ + "const-oid 0.7.1", + "crypto-bigint", + "pem-rfc7468", +] + +[[package]] +name = "der-parser" +version = "8.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42d4bc9b0db0a0df9ae64634ac5bdefb7afcb534e182275ca0beadbe486701c1" +dependencies = [ + "asn1-rs", + "displaydoc", + "nom", + "num-bigint 0.4.3", + "num-traits", + "rusticata-macros", +] + [[package]] name = "derive-new" version = "0.5.9" @@ -852,7 +1107,7 @@ version = "0.11.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1f91d4cfa921f1c05904dc3c57b4a32c38aed3340cce209f3a6fd1478babafc4" dependencies = [ - "darling", + "darling 0.14.1", "proc-macro2", "quote", "syn", @@ -937,6 +1192,23 @@ dependencies = [ "winapi", ] +[[package]] +name = "displaydoc" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3bf95dc3f046b9da4f2d51833c0d3547d8564ef6910f5c1ed130306a75b92886" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "doc-comment" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" + [[package]] name = "dyn-clone" version = "1.0.9" @@ -962,7 +1234,7 @@ version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34d33b390ab82f2e1481e331dbd0530895640179d2128ef9a79cc690b78d1eba" dependencies = [ - "der", + "der 0.3.5", "elliptic-curve", "hmac 0.11.0", "signature 1.3.2", @@ -1006,7 +1278,7 @@ dependencies = [ "ff", "generic-array", "group", - "pkcs8", + "pkcs8 0.6.1", "rand_core 0.6.3", "subtle", "zeroize", @@ -1030,6 +1302,40 @@ dependencies = [ "cfg-if 1.0.0", ] +[[package]] +name = "env_logger" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c90bf5f19754d10198ccb95b70664fc925bd1fc090a0fd9a6ebc54acc8cd6272" +dependencies = [ + "atty", + "humantime", + "log", + "regex", + "termcolor", +] + +[[package]] +name = "errno" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" +dependencies = [ + "errno-dragonfly", + "libc", + "winapi", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + [[package]] name = "fail" version = "0.5.0" @@ -1107,7 +1413,28 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" dependencies = [ - "foreign-types-shared", + "foreign-types-shared 0.1.1", +] + +[[package]] +name = "foreign-types" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d737d9aa519fb7b749cbc3b962edcf310a8dd1f4b67c91c4f83975dbdd17d965" +dependencies = [ + "foreign-types-macros", + "foreign-types-shared 0.3.1", +] + +[[package]] +name = "foreign-types-macros" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8469d0d40519bc608ec6863f1cc88f3f1deee15913f2f3b3e573d81ed38cccc" +dependencies = [ + "proc-macro2", + "quote", + "syn", ] [[package]] @@ -1116,6 +1443,12 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" +[[package]] +name = "foreign-types-shared" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa9a19cbb55df58761df49b23516a86d432839add4af60fc256da840f66ed35b" + [[package]] name = "form_urlencoded" version = "1.0.1" @@ -1282,14 +1615,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" dependencies = [ "opaque-debug", - "polyval", + "polyval 0.5.3", +] + +[[package]] +name = "ghash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40" +dependencies = [ + "opaque-debug", + "polyval 0.6.0", ] [[package]] name = "git2" -version = "0.13.25" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f29229cc1b24c0e6062f6e742aa3e256492a5323365e5ed3413599f8a5eff7d6" +checksum = "2994bee4a3a6a51eb90c218523be382fd7ea09b16380b9312e9dbe955ff7c7d1" dependencies = [ "bitflags", "libc", @@ -1304,6 +1647,19 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" +[[package]] +name = "globset" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a1e17342619edbc21a964c2afbeb6c820c6a2560032872f397bb97ea127bd0a" +dependencies = [ + "aho-corasick", + "bstr", + "fnv", + "log", + "regex", +] + [[package]] name = "group" version = "0.9.0" @@ -1400,6 +1756,15 @@ dependencies = [ "itoa", ] +[[package]] +name = "http-auth" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0b40b39d66c28829a0cf4d09f7e139ff8201f7500a5083732848ed3b4b4d850" +dependencies = [ + "memchr", +] + [[package]] name = "http-body" version = "0.4.5" @@ -1429,6 +1794,12 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" +[[package]] +name = "humantime" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" + [[package]] name = "hyper" version = "0.14.20" @@ -1549,7 +1920,7 @@ dependencies = [ [[package]] name = "image-rs" version = "0.1.0" -source = "git+https://github.com/confidential-containers/image-rs?rev=a1d7ba31201d9d7a575d05c5fed1f2cb2142a842#a1d7ba31201d9d7a575d05c5fed1f2cb2142a842" +source = "git+https://github.com/confidential-containers/image-rs?rev=60bfcfa86011355362992f91bdd92da75e75eec6#60bfcfa86011355362992f91bdd92da75e75eec6" dependencies = [ "anyhow", "dircpy", @@ -1559,7 +1930,7 @@ dependencies = [ "libc", "log", "nix 0.23.1", - "oci-distribution", + "oci-distribution 0.9.3", "oci-spec", "ocicrypt-rs", "prost 0.8.0", @@ -1567,7 +1938,7 @@ dependencies = [ "serde_json", "sha2 0.10.5", "signature 0.1.0", - "strum", + "strum 0.23.0", "tar", "tokio", "walkdir", @@ -1624,6 +1995,12 @@ dependencies = [ "cfg-if 1.0.0", ] +[[package]] +name = "io-lifetimes" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6e481ccbe3dea62107216d0d1138bb8ad8e5e5c43009a098bd1990272c497b0" + [[package]] name = "iovec" version = "0.1.4" @@ -1648,6 +2025,12 @@ dependencies = [ "serde", ] +[[package]] +name = "is_debug" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06d198e9919d9822d5f7083ba8530e04de87841eaf21ead9af8f2304efd57c89" + [[package]] name = "itertools" version = "0.10.3" @@ -1724,6 +2107,21 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "jwt" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6204285f77fe7d9784db3fdc449ecce1a0114927a51d5a41c4c7a292011c015f" +dependencies = [ + "base64", + "crypto-common", + "digest 0.10.3", + "hmac 0.12.1", + "serde", + "serde_json", + "sha2 0.10.5", +] + [[package]] name = "kata-agent" version = "0.1.0" @@ -1820,6 +2218,12 @@ dependencies = [ "toml", ] +[[package]] +name = "keccak" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9b7d56ba4a8344d6be9729995e6b06f928af29998cdf79fe390cbf6b1fee838" + [[package]] name = "lalrpop" version = "0.19.8" @@ -1865,15 +2269,15 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.132" +version = "0.2.137" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8371e4e5341c3a96db127eb2465ac681ced4c433e01dd0e938adbef26ba93ba5" +checksum = "fc7fcc620a3bff7cdd7a365be3376c97191aeaccc2a603e600951e452615bf89" [[package]] name = "libgit2-sys" -version = "0.12.26+1.3.0" +version = "0.14.0+1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19e1c899248e606fbfe68dcb31d8b0176ebab833b103824af31bddf4b7457494" +checksum = "47a00859c70c8a4f7218e6d1cc32875c4b55f6799445b842b0d8ed5e4c3d959b" dependencies = [ "cc", "libc", @@ -1922,6 +2326,12 @@ version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" +[[package]] +name = "linux-raw-sys" +version = "0.0.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4d2456c373231a208ad294c33dc5bff30051eafd954cd4caae83a712b12854d" + [[package]] name = "lock_api" version = "0.4.8" @@ -1984,6 +2394,15 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "md-5" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66b48670c893079d3c2ed79114e3644b7004df1c361a4e0ad52e2e6940d07c3d" +dependencies = [ + "digest 0.10.3", +] + [[package]] name = "memchr" version = "2.5.0" @@ -2011,6 +2430,12 @@ version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + [[package]] name = "miniz_oxide" version = "0.5.4" @@ -2165,6 +2590,16 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nom" +version = "7.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8903e5a29a317527874d0402f867152a3d21c908bb0b933e416c65e301d4c36" +dependencies = [ + "memchr", + "minimal-lexical", +] + [[package]] name = "ntapi" version = "0.3.7" @@ -2185,6 +2620,17 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +dependencies = [ + "autocfg 1.1.0", + "num-integer", + "num-traits", +] + [[package]] name = "num-bigint-dig" version = "0.6.1" @@ -2204,6 +2650,24 @@ dependencies = [ "zeroize", ] +[[package]] +name = "num-bigint-dig" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "566d173b2f9406afbc5510a90925d5a2cd80cae4605631f1212303df265de011" +dependencies = [ + "byteorder", + "lazy_static", + "libm", + "num-integer", + "num-iter", + "num-traits", + "rand 0.8.5", + "serde", + "smallvec", + "zeroize", +] + [[package]] name = "num-integer" version = "0.1.45" @@ -2232,6 +2696,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ "autocfg 1.1.0", + "libm", ] [[package]] @@ -2253,6 +2718,26 @@ dependencies = [ "libc", ] +[[package]] +name = "oauth2" +version = "4.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d62c436394991641b970a92e23e8eeb4eb9bca74af4f5badc53bcd568daadbd" +dependencies = [ + "base64", + "chrono", + "getrandom 0.2.7", + "http", + "rand 0.8.5", + "reqwest", + "serde", + "serde_json", + "serde_path_to_error", + "sha2 0.10.5", + "thiserror", + "url 2.2.2", +] + [[package]] name = "oci" version = "0.1.0" @@ -2271,7 +2756,7 @@ dependencies = [ "anyhow", "futures-util", "hyperx", - "jwt", + "jwt 0.15.0", "lazy_static", "olpc-cjson", "regex", @@ -2286,6 +2771,29 @@ dependencies = [ "www-authenticate", ] +[[package]] +name = "oci-distribution" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8fa0963c4a3870267e3455c7f15340f3c5d7d1080d417696e86d5d260bee0a7" +dependencies = [ + "futures-util", + "http", + "http-auth", + "jwt 0.16.0", + "lazy_static", + "olpc-cjson", + "regex", + "reqwest", + "serde", + "serde_json", + "sha2 0.10.5", + "thiserror", + "tokio", + "tracing", + "unicase 2.6.0", +] + [[package]] name = "oci-spec" version = "0.5.8" @@ -2301,21 +2809,23 @@ dependencies = [ [[package]] name = "ocicrypt-rs" version = "0.1.0" -source = "git+https://github.com/confidential-containers/ocicrypt-rs?rev=e28e1d922aad72f3faeff480fc26af9c7643124c#e28e1d922aad72f3faeff480fc26af9c7643124c" +source = "git+https://github.com/confidential-containers/ocicrypt-rs?rev=2a09bd03abbfae99e065e3ec4bdddd0054a62d2f#2a09bd03abbfae99e065e3ec4bdddd0054a62d2f" dependencies = [ "aes 0.8.1", - "aes-gcm", + "aes-gcm 0.9.4", "anyhow", + "attestation_agent", "base64", "base64-serde", "ctr 0.9.1", + "futures", "hmac 0.12.1", "josekit", "lazy_static", - "oci-distribution", + "oci-distribution 0.9.3", + "openssl", "pin-project-lite", "prost 0.11.0", - "rand 0.8.5", "serde", "serde_json", "sha2 0.10.5", @@ -2324,6 +2834,24 @@ dependencies = [ "tonic-build 0.8.0", ] +[[package]] +name = "oid" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c19903c598813dba001b53beeae59bb77ad4892c5c1b9b3500ce4293a0d06c2" +dependencies = [ + "serde", +] + +[[package]] +name = "oid-registry" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d4bda43fd1b844cbc6e6e54b5444e2b1bc7838bce59ad205902cccbb26d6761" +dependencies = [ + "asn1-rs", +] + [[package]] name = "olpc-cjson" version = "0.1.1" @@ -2347,6 +2875,40 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +[[package]] +name = "open" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4a3100141f1733ea40b53381b0ae3117330735ef22309a190ac57b9576ea716" +dependencies = [ + "pathdiff", + "windows-sys", +] + +[[package]] +name = "openidconnect" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87af7097640fedbe64718ac1c9b0549d72da747a3f527cd089215f96c6f691d5" +dependencies = [ + "base64", + "chrono", + "http", + "itertools", + "log", + "num-bigint 0.4.3", + "oauth2", + "rand 0.8.5", + "ring", + "serde", + "serde-value", + "serde_derive", + "serde_json", + "serde_path_to_error", + "thiserror", + "url 2.2.2", +] + [[package]] name = "openssl" version = "0.10.41" @@ -2355,7 +2917,7 @@ checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0" dependencies = [ "bitflags", "cfg-if 1.0.0", - "foreign-types", + "foreign-types 0.3.2", "libc", "once_cell", "openssl-macros", @@ -2422,6 +2984,15 @@ dependencies = [ "tokio-stream", ] +[[package]] +name = "ordered-float" +version = "2.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7940cf2ca942593318d07fcf2596cdca60a85c9e7fab408a5e21a4f9dcd40d87" +dependencies = [ + "num-traits", +] + [[package]] name = "os_str_bytes" version = "6.3.0" @@ -2499,10 +3070,19 @@ version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ceeedc827d9a758b4641457683ced2f02d4252cc1bd8794c415ed20256114290" dependencies = [ - "path-dedot", + "path-dedot 1.2.4", "slash-formatter", ] +[[package]] +name = "path-absolutize" +version = "3.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f1d4993b16f7325d90c18c3c6a3327db7808752db8d208cea0acee0abd52c52" +dependencies = [ + "path-dedot 3.0.18", +] + [[package]] name = "path-dedot" version = "1.2.4" @@ -2512,6 +3092,21 @@ dependencies = [ "lazy_static", ] +[[package]] +name = "path-dedot" +version = "3.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a81540d94551664b72b72829b12bd167c73c9d25fbac0e04fafa8023f7e4901" +dependencies = [ + "once_cell", +] + +[[package]] +name = "pathdiff" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8835116a5c179084a830efb3adc117ab007512b535bc1a21c991d3b32a6b44dd" + [[package]] name = "pem" version = "0.8.3" @@ -2523,6 +3118,24 @@ dependencies = [ "regex", ] +[[package]] +name = "pem" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03c64931a1a212348ec4f3b4362585eca7159d0d09cbdf4a7f74f02173596fd4" +dependencies = [ + "base64", +] + +[[package]] +name = "pem-rfc7468" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30" +dependencies = [ + "base64ct", +] + [[package]] name = "percent-encoding" version = "1.0.1" @@ -2564,6 +3177,79 @@ dependencies = [ "siphasher", ] +[[package]] +name = "picky" +version = "7.0.0-rc.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b467d8082dcc552d4ca8c9aecdc94a09b0e092b961c542bb78b6feff8f1b3ea" +dependencies = [ + "base64", + "digest 0.10.3", + "md-5 0.10.4", + "num-bigint-dig 0.8.1", + "oid", + "picky-asn1 0.6.0", + "picky-asn1-der", + "picky-asn1-x509", + "rand 0.8.5", + "ring", + "rsa 0.6.1", + "serde", + "sha-1 0.10.0", + "sha2 0.10.5", + "sha3", + "thiserror", +] + +[[package]] +name = "picky-asn1" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1088a7f82ee21e534da0f62b074b559d2a0717b0d5104ba7a47c1f5bc6c83f69" +dependencies = [ + "oid", + "serde", + "serde_bytes", +] + +[[package]] +name = "picky-asn1" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b7a3f07db0e5b22727979a992df18c78170c7c30279ab4149a395c0c3843832" +dependencies = [ + "oid", + "serde", + "serde_bytes", + "zeroize", +] + +[[package]] +name = "picky-asn1-der" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de76bf631e2f2064f78d7f1ea8a57cb0445d83138cd5fac67274d50b0f6053c2" +dependencies = [ + "picky-asn1 0.5.0", + "serde", + "serde_bytes", +] + +[[package]] +name = "picky-asn1-x509" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25ffcd92e3f788f0f76506f3b86310876cc0014ade835d68a6365ee0fd1009dc" +dependencies = [ + "base64", + "num-bigint-dig 0.8.1", + "oid", + "picky-asn1 0.6.0", + "picky-asn1-der", + "serde", + "zeroize", +] + [[package]] name = "pin-project" version = "1.0.12" @@ -2596,14 +3282,36 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" +[[package]] +name = "pkcs1" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320" +dependencies = [ + "der 0.5.1", + "pkcs8 0.8.0", + "zeroize", +] + [[package]] name = "pkcs8" version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c9c2f795bc591cb3384cb64082a578b89207ac92bb89c9d98c1ea2ace7cd8110" dependencies = [ - "der", - "spki", + "der 0.3.5", + "spki 0.3.0", +] + +[[package]] +name = "pkcs8" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0" +dependencies = [ + "der 0.5.1", + "spki 0.5.4", + "zeroize", ] [[package]] @@ -2621,7 +3329,19 @@ dependencies = [ "cfg-if 1.0.0", "cpufeatures", "opaque-debug", - "universal-hash", + "universal-hash 0.4.1", +] + +[[package]] +name = "polyval" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "opaque-debug", + "universal-hash 0.5.0", ] [[package]] @@ -3058,6 +3778,21 @@ dependencies = [ "winreg", ] +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin", + "untrusted", + "web-sys", + "winapi", +] + [[package]] name = "ripemd160" version = "0.9.1" @@ -3087,11 +3822,11 @@ dependencies = [ "byteorder", "digest 0.9.0", "lazy_static", - "num-bigint-dig", + "num-bigint-dig 0.6.1", "num-integer", "num-iter", "num-traits", - "pem", + "pem 0.8.3", "rand 0.7.3", "sha2 0.9.9", "simple_asn1", @@ -3100,6 +3835,26 @@ dependencies = [ "zeroize", ] +[[package]] +name = "rsa" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b" +dependencies = [ + "byteorder", + "digest 0.10.3", + "num-bigint-dig 0.8.1", + "num-integer", + "num-iter", + "num-traits", + "pkcs1", + "pkcs8 0.8.0", + "rand_core 0.6.3", + "smallvec", + "subtle", + "zeroize", +] + [[package]] name = "rtnetlink" version = "0.8.1" @@ -3115,6 +3870,29 @@ dependencies = [ "tokio", ] +[[package]] +name = "rusticata-macros" +version = "4.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632" +dependencies = [ + "nom", +] + +[[package]] +name = "rustix" +version = "0.35.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "985947f9b6423159c4726323f373be0a21bdb514c5af06a849cb3d2dce2d01e8" +dependencies = [ + "bitflags", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys", + "windows-sys", +] + [[package]] name = "rustjail" version = "0.1.0" @@ -3132,7 +3910,7 @@ dependencies = [ "libseccomp", "nix 0.24.2", "oci", - "path-absolutize", + "path-absolutize 1.2.1", "protobuf", "protocols", "regex", @@ -3251,17 +4029,17 @@ dependencies = [ "lalrpop-util", "lazy_static", "libc", - "md-5", + "md-5 0.9.1", "memsec", - "num-bigint-dig", + "num-bigint-dig 0.6.1", "p256", "rand 0.7.3", "rand_core 0.6.3", "regex", "regex-syntax", "ripemd160", - "rsa", - "sha-1", + "rsa 0.3.0", + "sha-1 0.9.8", "sha1collisiondetection", "sha2 0.9.9", "thiserror", @@ -3280,6 +4058,25 @@ dependencies = [ "serde_derive", ] +[[package]] +name = "serde-value" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3a1a3341211875ef120e117ea7fd5228530ae7e7036a779fdc9117be6b3282c" +dependencies = [ + "ordered-float", + "serde", +] + +[[package]] +name = "serde_bytes" +version = "0.11.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfc50e8183eeeb6178dcb167ae34a8051d63535023ae38b5d8d12beae193d37b" +dependencies = [ + "serde", +] + [[package]] name = "serde_derive" version = "1.0.144" @@ -3303,6 +4100,24 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_path_to_error" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "184c643044780f7ceb59104cef98a5a6f12cb2288a7bc701ab93a362b49fd47d" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_plain" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6018081315db179d0ce57b1fe4b62a12a0028c9cf9bbef868c9cf477b3c34ae" +dependencies = [ + "serde", +] + [[package]] name = "serde_urlencoded" version = "0.7.1" @@ -3362,6 +4177,17 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "sha-1" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "digest 0.10.3", +] + [[package]] name = "sha1collisiondetection" version = "0.2.6" @@ -3397,13 +4223,39 @@ dependencies = [ ] [[package]] -name = "shadow-rs" -version = "0.5.25" +name = "sha3" +version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "110e0e7bde3d3f0f2a4284f250c40f1f6ed7ef1eef281598f8eb76838ac42305" +checksum = "eaedf34ed289ea47c2b741bb72e5357a209512d67bcd4bda44359e5bf0470f56" dependencies = [ - "chrono", + "digest 0.10.3", + "keccak", +] + +[[package]] +name = "shadow-rs" +version = "0.16.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c0ea0c68418544f725eba5401a5b965a2263254c92458d04aeae74e9d88ff4e" +dependencies = [ + "const_format", "git2", + "is_debug", + "time 0.3.14", + "tzdb", +] + +[[package]] +name = "shadow-rs" +version = "0.17.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f679e51942d1dbd5a7ebfb442d30855fa951152512176bb21f5f55ed0fd2f53b" +dependencies = [ + "const_format", + "git2", + "is_debug", + "time 0.3.14", + "tzdb", ] [[package]] @@ -3427,20 +4279,21 @@ dependencies = [ [[package]] name = "signature" version = "0.1.0" -source = "git+https://github.com/confidential-containers/image-rs?rev=a1d7ba31201d9d7a575d05c5fed1f2cb2142a842#a1d7ba31201d9d7a575d05c5fed1f2cb2142a842" +source = "git+https://github.com/confidential-containers/image-rs?rev=60bfcfa86011355362992f91bdd92da75e75eec6#60bfcfa86011355362992f91bdd92da75e75eec6" dependencies = [ "anyhow", "async-trait", "base64", "hex", - "oci-distribution", + "oci-distribution 0.8.1", "prost 0.8.0", "sequoia-openpgp", "serde", "serde_json", "serde_yaml", - "shadow-rs", - "strum", + "shadow-rs 0.17.1", + "sigstore", + "strum 0.23.0", "strum_macros 0.24.3", "tokio", "tonic 0.5.2", @@ -3458,6 +4311,34 @@ dependencies = [ "rand_core 0.6.3", ] +[[package]] +name = "sigstore" +version = "0.3.3" +source = "git+https://github.com/sigstore/sigstore-rs?rev=6dd3281c25270f0d82550368abfb399ed3da7b41#6dd3281c25270f0d82550368abfb399ed3da7b41" +dependencies = [ + "async-trait", + "base64", + "cached", + "lazy_static", + "oci-distribution 0.9.3", + "olpc-cjson", + "open", + "openidconnect", + "pem 1.1.0", + "picky", + "regex", + "ring", + "serde", + "serde_json", + "sha2 0.10.5", + "thiserror", + "tokio", + "tough", + "tracing", + "url 2.2.2", + "x509-parser", +] + [[package]] name = "simple_asn1" version = "0.4.1" @@ -3465,7 +4346,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "692ca13de57ce0613a363c8c2f1de925adebc81b04c923ac60c5488bb44abe4b" dependencies = [ "chrono", - "num-bigint", + "num-bigint 0.2.6", "num-traits", ] @@ -3548,6 +4429,28 @@ version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1" +[[package]] +name = "snafu" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a152ba99b054b22972ee794cf04e5ef572da1229e33b65f3c57abbff0525a454" +dependencies = [ + "doc-comment", + "snafu-derive", +] + +[[package]] +name = "snafu-derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5e79cdebbabaebb06a9bdbaedc7f159b410461f63611d4d0e3fb0fab8fed850" +dependencies = [ + "heck 0.4.0", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "socket2" version = "0.4.7" @@ -3570,7 +4473,17 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9dae7e047abc519c96350e9484a96c6bf1492348af912fd3446dd2dc323f6268" dependencies = [ - "der", + "der 0.3.5", +] + +[[package]] +name = "spki" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27" +dependencies = [ + "base64ct", + "der 0.5.1", ] [[package]] @@ -3601,6 +4514,15 @@ dependencies = [ "strum_macros 0.23.1", ] +[[package]] +name = "strum" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f" +dependencies = [ + "strum_macros 0.24.3", +] + [[package]] name = "strum_macros" version = "0.23.1" @@ -3806,8 +4728,15 @@ dependencies = [ "itoa", "libc", "num_threads", + "time-macros", ] +[[package]] +name = "time-macros" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" + [[package]] name = "tiny-keccak" version = "2.0.2" @@ -3834,9 +4763,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.20.1" +version = "1.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a8325f63a7d4774dd041e363b2409ed1c5cbbd0f867795e661df066b2b0a581" +checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg 1.1.0", "bytes 1.1.0", @@ -3844,7 +4773,6 @@ dependencies = [ "memchr", "mio", "num_cpus", - "once_cell", "parking_lot 0.12.1", "pin-project-lite", "signal-hook-registry", @@ -4033,6 +4961,33 @@ dependencies = [ "syn", ] +[[package]] +name = "tough" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70a537c6b4307f5401e82a0196e97aaab9599e9c0f880e168eafb176abbac63d" +dependencies = [ + "chrono", + "dyn-clone", + "globset", + "hex", + "log", + "olpc-cjson", + "path-absolutize 3.0.14", + "pem 1.1.0", + "percent-encoding 2.1.0", + "reqwest", + "ring", + "serde", + "serde_json", + "serde_plain", + "snafu", + "tempfile", + "untrusted", + "url 2.2.2", + "walkdir", +] + [[package]] name = "tower" version = "0.4.13" @@ -4253,6 +5208,26 @@ version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +[[package]] +name = "tz-rs" +version = "0.6.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33851b15c848fad2cf4b105c6bb66eb9512b6f6c44a4b13f57c53c73c707e2b4" +dependencies = [ + "const_fn", +] + +[[package]] +name = "tzdb" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31b8eecae212c0701db1974229094c8337855cfb02edddfa47be6b4fe369cf26" +dependencies = [ + "iana-time-zone", + "tz-rs", + "utcnow", +] + [[package]] name = "unicase" version = "1.4.2" @@ -4314,6 +5289,22 @@ dependencies = [ "subtle", ] +[[package]] +name = "universal-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5" +dependencies = [ + "crypto-common", + "subtle", +] + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + [[package]] name = "url" version = "1.7.2" @@ -4335,6 +5326,23 @@ dependencies = [ "idna 0.2.3", "matches", "percent-encoding 2.1.0", + "serde", +] + +[[package]] +name = "utcnow" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80b49db848e09c50db9e7d15aee89030b6ebb8c55e77aff2cef22aeb6844c8b5" +dependencies = [ + "const_fn", + "errno", + "js-sys", + "libc", + "rustix", + "wasi 0.11.0+wasi-snapshot-preview1", + "wasm-bindgen", + "winapi", ] [[package]] @@ -4616,15 +5624,34 @@ checksum = "85e60b0d1b5f99db2556934e21937020776a5d31520bf169e851ac44e6420214" [[package]] name = "x25519-dalek" -version = "1.2.0" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077" +checksum = "5a0c105152107e3b96f6a00a65e86ce82d9b125230e1c4302940eca58ff71f4f" dependencies = [ "curve25519-dalek", "rand_core 0.5.1", "zeroize", ] +[[package]] +name = "x509-parser" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0ecbeb7b67ce215e40e3cc7f2ff902f94a223acf44995934763467e7b1febc8" +dependencies = [ + "asn1-rs", + "base64", + "data-encoding", + "der-parser", + "lazy_static", + "nom", + "oid-registry", + "ring", + "rusticata-macros", + "thiserror", + "time 0.3.14", +] + [[package]] name = "xattr" version = "0.2.3" @@ -4651,9 +5678,9 @@ dependencies = [ [[package]] name = "zeroize" -version = "1.3.0" +version = "1.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4756f7db3f7b5574938c3eb1c117038b8e07f95ee6718c0efad4ac21508f1efd" +checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" dependencies = [ "zeroize_derive", ] diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 1bf91b0482..61c3db811a 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -32,7 +32,7 @@ async-recursion = "0.3.2" futures = "0.3.17" # Async runtime -tokio = { version = "1.14.0", features = ["full"] } +tokio = { version = "1.21.2", features = ["full"] } tokio-vsock = "0.3.1" netlink-sys = { version = "0.7.0", features = ["tokio_socket",]} @@ -68,7 +68,7 @@ toml = "0.5.8" clap = { version = "3.0.1", features = ["derive"] } # Image pull/decrypt -image-rs = { git = "https://github.com/confidential-containers/image-rs", rev = "a1d7ba31201d9d7a575d05c5fed1f2cb2142a842" } +image-rs = { git = "https://github.com/confidential-containers/image-rs", rev = "60bfcfa86011355362992f91bdd92da75e75eec6" } # "vendored" feature for openssl is required by musl build openssl = { version = "0.10.38", features = ["vendored"] } diff --git a/src/agent/src/signal.rs b/src/agent/src/signal.rs index 79dea3b08b..a22892db3f 100644 --- a/src/agent/src/signal.rs +++ b/src/agent/src/signal.rs @@ -24,7 +24,7 @@ async fn handle_sigchild(logger: Logger, sandbox: Arc>) -> Result loop { // Avoid reaping the undesirable child's signal, e.g., execute_hook's // The lock should be released immediately. - rustjail::container::WAIT_PID_LOCKER.lock().await; + let _ = rustjail::container::WAIT_PID_LOCKER.lock().await; let result = wait::waitpid( Some(Pid::from_raw(-1)), Some(WaitPidFlag::WNOHANG | WaitPidFlag::__WALL),