Merge pull request #618 from sfackler/update-mac

Update hmac and sha2

Author: sfackler

codegen/src/type_gen.rs

@@ -319,46 +319,32 @@ fn make_impl(w: &mut BufWriter<File>, types: &BTreeMap<u32, Type>) {
     .unwrap();
 
     for (oid, type_) in types {
-        write!(
-            w,
-            "            {} => Some(Inner::{}),
-",
-            oid, type_.variant
-        )
-        .unwrap();
+        writeln!(w, "            {} => Some(Inner::{}),", oid, type_.variant).unwrap();
     }
 
-    write!(
+    writeln!(
         w,
         "            _ => None,
         }}
     }}
 
     pub fn oid(&self) -> Oid {{
-        match *self {{
-",
+        match *self {{",
     )
     .unwrap();
 
     for (oid, type_) in types {
-        write!(
-            w,
-            "            Inner::{} => {},
-",
-            type_.variant, oid
-        )
-        .unwrap();
+        writeln!(w, "            Inner::{} => {},", type_.variant, oid).unwrap();
     }
 
-    write!(
+    writeln!(
         w,
         "            Inner::Other(ref u) => u.oid,
         }}
     }}
 
     pub fn kind(&self) -> &Kind {{
-        match *self {{
-",
+        match *self {{",
     )
     .unwrap();
 
@@ -370,59 +356,54 @@ fn make_impl(w: &mut BufWriter<File>, types: &BTreeMap<u32, Type>) {
             _ => "Simple".to_owned(),
         };
 
-        write!(
+        writeln!(
             w,
             "            Inner::{} => {{
                 &Kind::{}
-            }}
-",
+            }}",
             type_.variant, kind
         )
         .unwrap();
     }
 
-    write!(
+    writeln!(
         w,
         r#"            Inner::Other(ref u) => &u.kind,
         }}
     }}
 
     pub fn name(&self) -> &str {{
-        match *self {{
-"#,
+        match *self {{"#,
     )
     .unwrap();
 
     for type_ in types.values() {
-        write!(
+        writeln!(
             w,
-            r#"            Inner::{} => "{}",
-"#,
+            r#"            Inner::{} => "{}","#,
             type_.variant, type_.name
         )
         .unwrap();
     }
 
-    write!(
+    writeln!(
         w,
         "            Inner::Other(ref u) => &u.name,
         }}
     }}
-}}
-"
+}}"
     )
     .unwrap();
 }
 
 fn make_consts(w: &mut BufWriter<File>, types: &BTreeMap<u32, Type>) {
     write!(w, "impl Type {{").unwrap();
     for type_ in types.values() {
-        write!(
+        writeln!(
             w,
             "
     /// {docs}
-    pub const {ident}: Type = Type(Inner::{variant});
-",
+    pub const {ident}: Type = Type(Inner::{variant});",
             docs = type_.doc,
             ident = type_.ident,
             variant = type_.variant

postgres-protocol/Cargo.toml

@@ -13,9 +13,9 @@ base64 = "0.12"
 byteorder = "1.0"
 bytes = "0.5"
 fallible-iterator = "0.2"
-hmac = "0.7"
+hmac = "0.8"
 md5 = "0.7"
 memchr = "2.0"
 rand = "0.7"
-sha2 = "0.8"
+sha2 = "0.9"
 stringprep = "0.1"

postgres-protocol/src/authentication/sasl.rs

@@ -1,7 +1,8 @@
 //! SASL-based authentication support.
 
-use hmac::{Hmac, Mac};
+use hmac::{Hmac, Mac, NewMac};
 use rand::{self, Rng};
+use sha2::digest::FixedOutput;
 use sha2::{Digest, Sha256};
 use std::fmt::Write;
 use std::io;
@@ -33,16 +34,16 @@ fn normalize(pass: &[u8]) -> Vec<u8> {
 
 fn hi(str: &[u8], salt: &[u8], i: u32) -> [u8; 32] {
     let mut hmac = Hmac::<Sha256>::new_varkey(str).expect("HMAC is able to accept all key sizes");
-    hmac.input(salt);
-    hmac.input(&[0, 0, 0, 1]);
-    let mut prev = hmac.result().code();
+    hmac.update(salt);
+    hmac.update(&[0, 0, 0, 1]);
+    let mut prev = hmac.finalize().into_bytes();
 
     let mut hi = prev;
 
     for _ in 1..i {
         let mut hmac = Hmac::<Sha256>::new_varkey(str).expect("already checked above");
-        hmac.input(prev.as_slice());
-        prev = hmac.result().code();
+        hmac.update(&prev);
+        prev = hmac.finalize().into_bytes();
 
         for (hi, prev) in hi.iter_mut().zip(prev) {
             *hi ^= prev;
@@ -196,12 +197,12 @@ impl ScramSha256 {
 
         let mut hmac = Hmac::<Sha256>::new_varkey(&salted_password)
             .expect("HMAC is able to accept all key sizes");
-        hmac.input(b"Client Key");
-        let client_key = hmac.result().code();
+        hmac.update(b"Client Key");
+        let client_key = hmac.finalize().into_bytes();
 
         let mut hash = Sha256::default();
-        hash.input(client_key.as_slice());
-        let stored_key = hash.result();
+        hash.update(client_key.as_slice());
+        let stored_key = hash.finalize_fixed();
 
         let mut cbind_input = vec![];
         cbind_input.extend(channel_binding.gs2_header().as_bytes());
@@ -215,11 +216,11 @@ impl ScramSha256 {
 
         let mut hmac =
             Hmac::<Sha256>::new_varkey(&stored_key).expect("HMAC is able to accept all key sizes");
-        hmac.input(auth_message.as_bytes());
-        let client_signature = hmac.result();
+        hmac.update(auth_message.as_bytes());
+        let client_signature = hmac.finalize().into_bytes();
 
         let mut client_proof = client_key;
-        for (proof, signature) in client_proof.iter_mut().zip(client_signature.code()) {
+        for (proof, signature) in client_proof.iter_mut().zip(client_signature) {
             *proof ^= signature;
         }
 
@@ -267,12 +268,12 @@ impl ScramSha256 {
 
         let mut hmac = Hmac::<Sha256>::new_varkey(&salted_password)
             .expect("HMAC is able to accept all key sizes");
-        hmac.input(b"Server Key");
-        let server_key = hmac.result();
+        hmac.update(b"Server Key");
+        let server_key = hmac.finalize().into_bytes();
 
-        let mut hmac = Hmac::<Sha256>::new_varkey(&server_key.code())
-            .expect("HMAC is able to accept all key sizes");
-        hmac.input(auth_message.as_bytes());
+        let mut hmac =
+            Hmac::<Sha256>::new_varkey(&server_key).expect("HMAC is able to accept all key sizes");
+        hmac.update(auth_message.as_bytes());
         hmac.verify(&verifier)
             .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "SCRAM verification error"))
     }

postgres-types/src/lib.rs

@@ -158,16 +158,17 @@ macro_rules! accepts {
 #[macro_export]
 macro_rules! to_sql_checked {
     () => {
-        fn to_sql_checked(&self,
-                          ty: &$crate::Type,
-                          out: &mut $crate::private::BytesMut)
-                          -> ::std::result::Result<$crate::IsNull,
-                                                   Box<dyn ::std::error::Error +
-                                                       ::std::marker::Sync +
-                                                       ::std::marker::Send>> {
+        fn to_sql_checked(
+            &self,
+            ty: &$crate::Type,
+            out: &mut $crate::private::BytesMut,
+        ) -> ::std::result::Result<
+            $crate::IsNull,
+            Box<dyn ::std::error::Error + ::std::marker::Sync + ::std::marker::Send>,
+        > {
             $crate::__to_sql_checked(self, ty, out)
         }
-    }
+    };
 }
 
 // WARNING: this function is not considered part of this crate's public API.

postgres/src/copy_out_reader.rs

@@ -38,7 +38,7 @@ impl BufRead for CopyOutReader<'_> {
             let mut stream = self.stream.pinned();
             match self
                 .connection
-                .block_on({ async { stream.next().await.transpose() } })
+                .block_on(async { stream.next().await.transpose() })
             {
                 Ok(Some(cur)) => self.cur = cur,
                 Err(e) => return Err(io::Error::new(io::ErrorKind::Other, e)),

tokio-postgres/src/error/mod.rs

@@ -224,7 +224,7 @@ impl DbError {
     ///
     /// Might run to multiple lines.
     pub fn detail(&self) -> Option<&str> {
-        self.detail.as_ref().map(|s| &**s)
+        self.detail.as_deref()
     }
 
     /// An optional suggestion what to do about the problem.
@@ -233,7 +233,7 @@ impl DbError {
     /// (potentially inappropriate) rather than hard facts. Might run to
     /// multiple lines.
     pub fn hint(&self) -> Option<&str> {
-        self.hint.as_ref().map(|s| &**s)
+        self.hint.as_deref()
     }
 
     /// An optional error cursor position into either the original query string
@@ -248,20 +248,20 @@ impl DbError {
     /// language functions and internally-generated queries. The trace is one
     /// entry per line, most recent first.
     pub fn where_(&self) -> Option<&str> {
-        self.where_.as_ref().map(|s| &**s)
+        self.where_.as_deref()
     }
 
     /// If the error was associated with a specific database object, the name
     /// of the schema containing that object, if any. (PostgreSQL 9.3+)
     pub fn schema(&self) -> Option<&str> {
-        self.schema.as_ref().map(|s| &**s)
+        self.schema.as_deref()
     }
 
     /// If the error was associated with a specific table, the name of the
     /// table. (Refer to the schema name field for the name of the table's
     /// schema.) (PostgreSQL 9.3+)
     pub fn table(&self) -> Option<&str> {
-        self.table.as_ref().map(|s| &**s)
+        self.table.as_deref()
     }
 
     /// If the error was associated with a specific table column, the name of
@@ -270,14 +270,14 @@ impl DbError {
     /// (Refer to the schema and table name fields to identify the table.)
     /// (PostgreSQL 9.3+)
     pub fn column(&self) -> Option<&str> {
-        self.column.as_ref().map(|s| &**s)
+        self.column.as_deref()
     }
 
     /// If the error was associated with a specific data type, the name of the
     /// data type. (Refer to the schema name field for the name of the data
     /// type's schema.) (PostgreSQL 9.3+)
     pub fn datatype(&self) -> Option<&str> {
-        self.datatype.as_ref().map(|s| &**s)
+        self.datatype.as_deref()
     }
 
     /// If the error was associated with a specific constraint, the name of the
@@ -287,12 +287,12 @@ impl DbError {
     /// (For this purpose, indexes are treated as constraints, even if they
     /// weren't created with constraint syntax.) (PostgreSQL 9.3+)
     pub fn constraint(&self) -> Option<&str> {
-        self.constraint.as_ref().map(|s| &**s)
+        self.constraint.as_deref()
     }
 
     /// The file name of the source-code location where the error was reported.
     pub fn file(&self) -> Option<&str> {
-        self.file.as_ref().map(|s| &**s)
+        self.file.as_deref()
     }
 
     /// The line number of the source-code location where the error was
@@ -303,7 +303,7 @@ impl DbError {
 
     /// The name of the source-code routine reporting the error.
     pub fn routine(&self) -> Option<&str> {
-        self.routine.as_ref().map(|s| &**s)
+        self.routine.as_deref()
     }
 }
 

tokio-postgres/src/generic_client.rs

@@ -146,6 +146,7 @@ impl GenericClient for Client {
 impl private::Sealed for Transaction<'_> {}
 
 #[async_trait]
+#[allow(clippy::needless_lifetimes)]
 impl GenericClient for Transaction<'_> {
     async fn execute<T>(&self, query: &T, params: &[&(dyn ToSql + Sync)]) -> Result<u64, Error>
     where