ForNetCode
diff --git a/‎Cargo.lock‎
Lines changed: 1323 additions & 808 deletions b/‎Cargo.lock‎
Lines changed: 1323 additions & 808 deletions
diff --git a/‎Cargo.toml‎
Lines changed: 14 additions & 12 deletions b/‎Cargo.toml‎
Lines changed: 14 additions & 12 deletions
diff --git a/‎server/Cargo.toml‎
Lines changed: 7 additions & 4 deletions b/‎server/Cargo.toml‎
Lines changed: 7 additions & 4 deletions
diff --git a/‎server/src/acme.rs‎
Lines changed: 13 additions & 17 deletions b/‎server/src/acme.rs‎
Lines changed: 13 additions & 17 deletions
diff --git a/‎server/src/admin_server.rs‎
Lines changed: 19 additions & 19 deletions b/‎server/src/admin_server.rs‎
Lines changed: 19 additions & 19 deletions
diff --git a/‎server/src/cors.rs‎
Lines changed: 4 additions & 4 deletions b/‎server/src/cors.rs‎
Lines changed: 4 additions & 4 deletions
@@ -9,7 +9,7 @@ members = [
 
 [workspace.package]
 authors = ["timzaak <[email protected]>"]
-edition = "2021"
+edition = "2024"
 version = "2.4.1"
 
 [workspace.dependencies]
@@ -20,32 +20,34 @@ bytes = "1"
 chrono = { version = "0.4" }
 clap = { version = "4.5.7"}
 console = "0.16"
-console-subscriber = "0.4"
+console-subscriber = "0.5"
 dashmap = "6.1"
 delay_timer = "0.11.6"
 duration-str = "0.17"
 flate2 = "1.0"
 futures = "0.3"
-futures-channel = { version = "0.3.17"}
-futures-util = { version = "0.3", default-features = false }
-headers = "0.3.5"
-http = "0.2"
-hyper = { version = "0.14" }
+futures-channel = { version = "0.3.17", features = ["sink"] }
+futures-util = { version = "0.3", default-features = false, features = ["sink"] }
+headers = "0.4"
+http = "1"
+http-body-util = "0.1.3"
+hyper = { version = "1" }
+hyper-util = { version = "0.1.12"}
 if_chain = "1.0"
 indicatif = "0.18"
 lazy_static = "1.4"
 log = "0.4"
 md-5 = "0.10"
 mime = "0.3"
 mime_guess = "2.0.0"
-multer = { version = "2.1.0" }
+multer = { version = "3" }
 percent-encoding = "2.1"
 pin-project = "1.0"
-rcgen = "0.12"
+rcgen = "0.14"
 regex = "1.10"
 reqwest = { version = "0.12", default-features = false }
 ring = { version = "0.17" }
-rustls = { version = "0.22" }
+rustls = { version = "0.23" }
 rustls-pemfile = "2.0"
 rustls-pki-types = "1.1.0"
 scoped-tls = "1.0"
@@ -71,6 +73,6 @@ tracing-core = "0.1.32"
 #opentelemetry-stdout = { version = "0.4", features = ["trace"] }
 
 tracing-subscriber = { version = "0.3"}
-ureq = { version = "2"}
+ureq = { version = "3"}
 walkdir = "2.5"
-x509-parser = "0.16"
+x509-parser = "0.18"
@@ -20,10 +20,11 @@ path = "src/main.rs"
 [dependencies]
 entity = { path = "../entity" }
 # web
-hyper = { workspace = true, features = ["stream", "server", "http1", "http2", "tcp"] }
+hyper = { workspace = true, features = ["server", "http1", "http2"] }
+hyper-util = { workspace = true, features = ["server", "server-graceful", "server-auto", "http1", "http2", "service", "tokio"] }
 tokio = { workspace = true, features = ["macros", "rt-multi-thread", "io-std", "sync", "time", "tokio-macros"] }
 futures = { workspace = true }
-warp = { path = "../warp", features = ["tls"] }
+warp = { path = "../warp", features = ["tls", "multipart", "server"] }
 socket2 = { workspace = true, features = ["all"] }
 
 # warp inner
@@ -66,7 +67,7 @@ dashmap = { workspace = true }
 
 #s3
 small-acme = { path = "../small-acme" }
-ureq = { workspace = true, features = ["json", "tls"] }
+ureq = { workspace = true, features = ["json"] }
 rcgen = { workspace = true }
 
 # util
@@ -81,4 +82,6 @@ walkdir = { workspace = true }
 chrono = { workspace = true, features = ["serde"] }
 #make if let more easy
 if_chain = { workspace = true }
-tracing-core = { workspace = true }
+tracing-core = { workspace = true }
+http-body-util = "0.1.3"
+http-body = "1.0.1"
@@ -13,9 +13,9 @@ use dashmap::DashMap;
 use delay_timer::prelude::{DelayTimer, Task, TaskBuilder};
 use if_chain::if_chain;
 use lazy_static::lazy_static;
-use rcgen::{Certificate, CertificateParams, DistinguishedName};
+use rcgen::{CertificateParams, DistinguishedName, KeyPair};
 use regex::Regex;
-use rustls::sign::CertifiedKey;
+use tokio_rustls::rustls::sign::CertifiedKey;
 use small_acme::{
     Account, AccountCredentials, AuthorizationStatus, ChallengeType, Identifier, NewAccount,
     NewOrder, OrderStatus,
@@ -24,6 +24,7 @@ use tokio::sync::mpsc::{Receiver, Sender};
 use tokio::sync::RwLock;
 use tokio::time::sleep;
 use tracing::{debug, error, info, warn};
+use ureq::tls::{TlsConfig};
 use walkdir::WalkDir;
 
 use crate::config::{get_host_path_from_domain, ACMEConfig, ACMEType, Config};
@@ -110,20 +111,14 @@ impl ACMEProvider {
         ci_ca_path: Option<&String>,
     ) -> anyhow::Result<Account> {
         let agent = if matches!(acme_type, ACMEType::CI) {
-            let mut roots = rustls::RootCertStore::empty();
-            let mut reader = std::io::BufReader::new(File::open(ci_ca_path.unwrap())?);
-            let cert = rustls_pemfile::certs(&mut reader).map(|v| v.unwrap());
-            roots.add_parsable_certificates(cert);
-            let tls_config = rustls::ClientConfig::builder()
-                .with_root_certificates(roots)
-                .with_no_client_auth();
-            ureq::builder()
+            let tls_config = TlsConfig::builder().disable_verification(true).build();
+            ureq::Agent::config_builder()
                 .https_only(true)
-                .tls_config(Arc::new(tls_config))
+                .tls_config(tls_config)
                 .build()
         } else {
-            ureq::builder().https_only(true).build()
-        };
+            ureq::Agent::config_builder().https_only(true).build()
+        }.into();
 
         let account = if path.exists() {
             let file = File::open(path)?;
@@ -219,10 +214,11 @@ impl ACMEProvider {
             bail!("domain: {domain} order is invalid")
         }
 
-        let mut params = CertificateParams::new(names);
+        let mut params = CertificateParams::new(names)?;
         params.distinguished_name = DistinguishedName::new();
-        let cert = Certificate::from_params(params).unwrap();
-        let csr = cert.serialize_request_der()?;
+        let p_key = KeyPair::generate()?;
+        let csr = params.serialize_request(&p_key)?;
+        let csr = csr.der();
         order
             .finalize(&csr)
             .with_context(|| format!("{domain} csr failure"))?;
@@ -241,7 +237,7 @@ impl ACMEProvider {
         };
 
         debug!("domain: {domain} get cert successful, public cert {cert_chain_pem}");
-        let private_key = cert.serialize_private_key_pem();
+        let private_key = p_key.serialize_pem();
         let (public_cert_path, private_key_path) = self.get_certificate_file_names(&domain);
 
         let mut private_key_file = File::create(&private_key_path)
 
@@ -8,7 +8,7 @@ use entity::request::{
     DeleteDomainVersionOption, DomainWithOptVersionOption, DomainWithVersionOption,
     GetDomainOption, GetDomainPositionOption, UpdateUploadingStatusOption, UploadFileOption,
 };
-use hyper::{Body, StatusCode};
+use hyper::{StatusCode};
 use std::collections::HashMap;
 use std::convert::Infallible;
 use std::net::SocketAddr;
@@ -80,7 +80,7 @@ impl AdminServer {
         Ok(())
     }
 
-    fn auth(&self) -> impl Filter<Extract = (), Error = Rejection> + Clone {
+    fn auth(&self) -> impl Filter<Extract = (), Error = Rejection> + Clone + 'static {
         // this will not trigger memory leak, be careful to use it
         warp::header::exact(
             "authorization",
@@ -170,9 +170,7 @@ impl AdminServer {
             let resp = service::update_file(query, form, storage)
                 .await
                 .unwrap_or_else(|e| {
-                    let mut resp = Response::new(Body::from(e.to_string()));
-                    *resp.status_mut() = StatusCode::BAD_REQUEST;
-                    resp
+                    bad_resp(e.to_string())
                 });
             Ok(resp)
         }
@@ -236,7 +234,7 @@ pub mod service {
     };
     use entity::storage::DomainInfo;
     use futures_util::{StreamExt, TryStreamExt};
-    use hyper::Body;
+    // use hyper::Body;
     use std::collections::HashMap;
     use std::convert::Infallible;
     use std::sync::Arc;
@@ -262,7 +260,9 @@ pub mod service {
                 _ => Ok(warp::reply::json(&domain_info).into_response()),
             },
             Err(e) => {
-                let mut resp = Response::new(Body::from(e.to_string()));
+                let z = warp::reply();
+
+                let mut resp = e.to_string().into_response();
                 *resp.status_mut() = StatusCode::BAD_REQUEST;
                 Ok(resp)
             }
@@ -310,8 +310,8 @@ pub mod service {
                     }
                 }
                 Err(err) => {
-                    let mut resp = StatusCode::BAD_REQUEST.into_response();
-                    *resp.body_mut() = Body::from(err.to_string());
+                    let mut resp = err.to_string().into_response();
+                    *resp.status_mut() = StatusCode::BAD_REQUEST;
                     resp
                 }
             }
@@ -330,7 +330,7 @@ pub mod service {
         {
             Ok(_) => Response::default(),
             Err(e) => {
-                let mut resp = Response::new(Body::from(format!("error:{}", e)));
+                let mut resp = format!("error:{}", e).into_response();
                 *resp.status_mut() = StatusCode::BAD_REQUEST;
                 resp
             }
@@ -353,7 +353,7 @@ pub mod service {
         {
             Ok(_) => Response::default(),
             Err(e) => {
-                let mut resp = Response::new(Body::from(e.to_string()));
+                let mut resp = e.to_string().into_response();
                 *resp.status_mut() = StatusCode::BAD_REQUEST;
                 resp
             }
@@ -367,8 +367,8 @@ pub mod service {
         storage: Arc<DomainStorage>,
     ) -> anyhow::Result<Response> {
         if let Err(e) = storage.check_if_can_upload(&query.domain) {
-            let mut resp = StatusCode::BAD_REQUEST.into_response();
-            *resp.body_mut() = Body::from(e.to_string());
+            let mut resp= e.to_string().into_response();
+            *resp.status_mut() = StatusCode::BAD_REQUEST;
             return Ok(resp);
         }
         let mut parts = form.into_stream();
@@ -401,7 +401,7 @@ pub mod service {
         match storage.get_files_metadata(query.domain, query.version) {
             Ok(data) => warp::reply::json(&data).into_response(),
             Err(err) => {
-                let mut resp = Response::new(Body::from(err.to_string()));
+                let mut resp = err.to_string().into_response();
                 *resp.status_mut() = StatusCode::BAD_REQUEST;
                 resp
             }
@@ -458,7 +458,7 @@ pub mod service {
         let resp = match acme_manager.get_cert_data(query.domain.as_ref()).await {
             Ok(data) => warp::reply::json(&data).into_response(),
             Err(err) => {
-                let mut resp = Response::new(Body::from(err.to_string()));
+                let mut resp = err.to_string().into_response();
                 *resp.status_mut() = StatusCode::BAD_REQUEST;
                 resp
             }
@@ -485,8 +485,8 @@ pub mod service {
                     {
                         Ok(_) => Response::default(),
                         Err(e) => {
-                            let mut resp = StatusCode::BAD_REQUEST.into_response();
-                            *resp.body_mut() = Body::from(e.to_string());
+                            let mut resp = e.to_string().into_response();
+                            *resp.status_mut() = StatusCode::BAD_REQUEST;
                             resp
                         }
                     }
@@ -501,8 +501,8 @@ pub mod service {
 }
 
 fn bad_resp(text: String) -> Response {
-    let mut resp = StatusCode::BAD_REQUEST.into_response();
-    *resp.body_mut() = Body::from(text);
+    let mut resp = text.into_response();
+    *resp.status_mut() = StatusCode::BAD_REQUEST;
     resp
 }
 
 
@@ -2,7 +2,7 @@ use crate::service::resp;
 use futures_util::future::Either;
 use headers::{AccessControlAllowMethods, HeaderMap, HeaderMapExt};
 use hyper::http::HeaderValue;
-use hyper::{header, Body, Method, Response, StatusCode};
+use hyper::{header, Method, Response, StatusCode};
 use lazy_static::lazy_static;
 use std::collections::HashSet;
 
@@ -15,7 +15,7 @@ lazy_static! {
         HashSet::from([Method::GET, Method::OPTIONS, Method::HEAD]);
 }
 
-pub fn cors_resp(mut res: Response<Body>, origin: HeaderValue) -> Response<Body> {
+pub fn cors_resp<B:http_body::Body>(mut res: Response<B>, origin: HeaderValue) -> Response<B> {
     let headers = res.headers_mut();
     headers.insert(
         header::ACCESS_CONTROL_ALLOW_CREDENTIALS,
@@ -38,11 +38,11 @@ fn is_origin_allowed(origins: &Option<HashSet<HeaderValue>>, origin: &HeaderValu
     }
 }
 // preflight response
-pub fn resp_cors_request(
+pub fn resp_cors_request<B:http_body::Body>(
     method: &Method,
     headers: &HeaderMap,
     origins: &Option<HashSet<HeaderValue>>,
-) -> Either<Validated, Response<Body>> {
+) -> Either<Validated, Response<B>> {
     match (headers.get(header::ORIGIN), method) {
         (Some(origin), &Method::OPTIONS) => {
             if !is_origin_allowed(origins, origin) {