diff --git a/CHANGELOG.md b/CHANGELOG.md index dfe010822..2efa89a02 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ - fix(logs): send environment in `sentry.environment` default attribute (#837) by @lcian +### Dependencies + +- chore(deps): upgrade `ureq` to 3.x (#835) by @algesten + ## 0.39.0 ### Features diff --git a/Cargo.lock b/Cargo.lock index da67f55b3..d011b9442 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -436,6 +436,12 @@ version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + [[package]] name = "bindgen" version = "0.71.1" @@ -974,6 +980,16 @@ dependencies = [ "thiserror 2.0.12", ] +[[package]] +name = "der" +version = "0.7.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb" +dependencies = [ + "pem-rfc7468", + "zeroize", +] + [[package]] name = "deranged" version = "0.4.0" @@ -1228,7 +1244,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "976dd42dc7e85965fe702eb8164f21f450704bdde31faefd6471dba214cb594e" dependencies = [ "libc", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -2046,7 +2062,7 @@ checksum = "e04d7f318608d35d4b61ddd75cbdaee86b023ebe2bd5a66ee0915f0bf93095a9" dependencies = [ "hermit-abi", "libc", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -2167,9 +2183,9 @@ checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" [[package]] name = "litemap" -version = "0.7.5" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23fb14cb19457329c82206317a5663005a4d404783dc74f4252769b0d5f42856" +checksum = "4ee93343901ab17bd981295f2cf0026d4ad018c7c31ba84549a4ddbb47a45104" [[package]] name = "local-channel" @@ -2257,9 +2273,9 @@ dependencies = [ [[package]] name = "native-tls" -version = "0.2.14" +version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e" +checksum = "a8614eb2c83d59d1c8cc974dd3f920198647674a0a035e1af1fa58707e317466" dependencies = [ "libc", "log", @@ -2502,6 +2518,15 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "pem-rfc7468" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" +dependencies = [ + "base64ct", +] + [[package]] name = "percent-encoding" version = "2.3.1" @@ -2723,7 +2748,7 @@ dependencies = [ "once_cell", "socket2", "tracing", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -3007,7 +3032,7 @@ dependencies = [ "errno", "libc", "linux-raw-sys 0.4.15", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -3020,7 +3045,7 @@ dependencies = [ "errno", "libc", "linux-raw-sys 0.9.4", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -3169,7 +3194,6 @@ dependencies = [ "tracing", "tracing-subscriber", "ureq", - "webpki-roots", ] [[package]] @@ -3558,7 +3582,7 @@ dependencies = [ "getrandom 0.3.2", "once_cell", "rustix 1.0.5", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -3961,20 +3985,36 @@ checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" [[package]] name = "ureq" -version = "2.12.1" +version = "3.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02d1a66277ed75f640d608235660df48c8e3c19f3b4edb6a263315626cc3c01d" +checksum = "b7a3e9af6113ecd57b8c63d3cd76a385b2e3881365f1f489e54f49801d0c83ea" dependencies = [ "base64", + "der", "log", "native-tls", - "once_cell", + "percent-encoding", "rustls", + "rustls-pemfile", "rustls-pki-types", - "url", + "ureq-proto", + "utf-8", + "webpki-root-certs 0.26.11", "webpki-roots", ] +[[package]] +name = "ureq-proto" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fadf18427d33828c311234884b7ba2afb57143e6e7e69fda7ee883b624661e36" +dependencies = [ + "base64", + "http 1.3.1", + "httparse", + "log", +] + [[package]] name = "url" version = "2.5.4" @@ -3987,6 +4027,12 @@ dependencies = [ "serde", ] +[[package]] +name = "utf-8" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" + [[package]] name = "utf16_iter" version = "1.0.5" @@ -4158,6 +4204,24 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "webpki-root-certs" +version = "0.26.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75c7f0ef91146ebfb530314f5f1d24528d7f0767efbfd31dce919275413e393e" +dependencies = [ + "webpki-root-certs 1.0.0", +] + +[[package]] +name = "webpki-root-certs" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01a83f7e1a9f8712695c03eabe9ed3fbca0feff0152f33f12593e5a6303cb1a4" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "webpki-roots" version = "0.26.8" @@ -4201,7 +4265,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -4511,9 +4575,9 @@ dependencies = [ [[package]] name = "zerofrom" -version = "0.1.6" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" +checksum = "cff3ee08c995dee1859d998dea82f7374f2826091dd9cd47def953cae446cd2e" dependencies = [ "zerofrom-derive", ] diff --git a/sentry/Cargo.toml b/sentry/Cargo.toml index 7f88dbd31..72e234d62 100644 --- a/sentry/Cargo.toml +++ b/sentry/Cargo.toml @@ -56,7 +56,7 @@ curl = ["dep:curl", "httpdate"] ureq = ["dep:ureq", "httpdate"] # transport settings native-tls = ["dep:native-tls", "reqwest?/default-tls", "ureq?/native-tls"] -rustls = ["dep:rustls", "reqwest?/rustls-tls", "ureq?/tls", "webpki-roots"] +rustls = ["dep:rustls", "reqwest?/rustls-tls", "ureq?/rustls"] embedded-svc-http = ["dep:embedded-svc", "dep:esp-idf-svc"] [dependencies] @@ -82,10 +82,9 @@ curl = { version = "0.4.25", optional = true } httpdate = { version = "1.0.0", optional = true } serde_json = { version = "1.0.48", optional = true } tokio = { version = "1.44", features = ["rt"], optional = true } -ureq = { version = "2.10.1", optional = true, default-features = false } +ureq = { version = "3.0.11", optional = true, default-features = false } native-tls = { version = "0.2.8", optional = true } rustls = { version = "0.23.18", optional = true, default-features = false } -webpki-roots = { version = "0.26.1", optional = true } embedded-svc = { version = "0.28.1", optional = true } [target.'cfg(target_os = "espidf")'.dependencies] esp-idf-svc = { version = "0.51.0", optional = true } diff --git a/sentry/src/transports/ureq.rs b/sentry/src/transports/ureq.rs index ee59cd283..9fa20fe4b 100644 --- a/sentry/src/transports/ureq.rs +++ b/sentry/src/transports/ureq.rs @@ -1,19 +1,9 @@ -use std::sync::Arc; use std::time::Duration; -#[cfg(feature = "native-tls")] -use native_tls::TlsConnector; -#[cfg(feature = "rustls")] -use rustls::client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier}; -#[cfg(feature = "rustls")] -use rustls::crypto::{verify_tls12_signature, verify_tls13_signature}; -#[cfg(feature = "rustls")] -use rustls::pki_types::{CertificateDer, ServerName, TrustAnchor, UnixTime}; -#[cfg(feature = "rustls")] -use rustls::{ClientConfig, DigitallySignedStruct, RootCertStore}; -use ureq::{Agent, AgentBuilder, Proxy}; -#[cfg(feature = "rustls")] -use webpki_roots::TLS_SERVER_ROOTS; +use ureq::http::Response; +#[cfg(any(feature = "rustls", feature = "native-tls"))] +use ureq::tls::{TlsConfig, TlsProvider}; +use ureq::{Agent, Proxy}; use super::thread::TransportThread; @@ -42,92 +32,33 @@ impl UreqHttpTransport { let dsn = options.dsn.as_ref().unwrap(); let scheme = dsn.scheme(); let agent = agent.unwrap_or_else(|| { - let mut builder = AgentBuilder::new(); + let mut builder = Agent::config_builder(); #[cfg(feature = "native-tls")] { - let mut tls_connector_builder = TlsConnector::builder(); - - if options.accept_invalid_certs { - tls_connector_builder.danger_accept_invalid_certs(true); - } - - builder = builder.tls_connector(Arc::new(tls_connector_builder.build().unwrap())); + builder = builder.tls_config( + TlsConfig::builder() + .provider(TlsProvider::NativeTls) + .disable_verification(options.accept_invalid_certs) + .build(), + ); } - - if options.accept_invalid_certs { - #[cfg(feature = "rustls")] - { - #[derive(Debug)] - struct NoVerifier; - - impl ServerCertVerifier for NoVerifier { - fn verify_server_cert( - &self, - _end_entity: &CertificateDer<'_>, - _intermediates: &[CertificateDer<'_>], - _server_name: &ServerName<'_>, - _ocsp: &[u8], - _now: UnixTime, - ) -> Result { - Ok(ServerCertVerified::assertion()) - } - - fn verify_tls12_signature( - &self, - message: &[u8], - cert: &CertificateDer<'_>, - dss: &DigitallySignedStruct, - ) -> Result - { - verify_tls12_signature( - message, - cert, - dss, - &rustls::crypto::ring::default_provider() - .signature_verification_algorithms, - ) - } - - fn verify_tls13_signature( - &self, - message: &[u8], - cert: &CertificateDer<'_>, - dss: &DigitallySignedStruct, - ) -> Result - { - verify_tls13_signature( - message, - cert, - dss, - &rustls::crypto::ring::default_provider() - .signature_verification_algorithms, - ) - } - - fn supported_verify_schemes(&self) -> Vec { - rustls::crypto::ring::default_provider() - .signature_verification_algorithms - .supported_schemes() - } - } - - let mut root_store = RootCertStore::empty(); - root_store.extend(TLS_SERVER_ROOTS.iter().map(TrustAnchor::to_owned)); - let mut config = ClientConfig::builder() - .with_root_certificates(root_store) - .with_no_client_auth(); - config - .dangerous() - .set_certificate_verifier(Arc::new(NoVerifier)); - builder = builder.tls_config(Arc::new(config)); - } + #[cfg(feature = "rustls")] + { + builder = builder.tls_config( + TlsConfig::builder() + .provider(TlsProvider::Rustls) + .disable_verification(options.accept_invalid_certs) + .build(), + ); } + let mut maybe_proxy = None; + match (scheme, &options.http_proxy, &options.https_proxy) { (Scheme::Https, _, Some(proxy)) => match Proxy::new(proxy) { Ok(proxy) => { - builder = builder.proxy(proxy); + maybe_proxy = Some(proxy); } Err(err) => { sentry_debug!("invalid proxy: {:?}", err); @@ -135,7 +66,7 @@ impl UreqHttpTransport { }, (_, Some(proxy), _) => match Proxy::new(proxy) { Ok(proxy) => { - builder = builder.proxy(proxy); + maybe_proxy = Some(proxy); } Err(err) => { sentry_debug!("invalid proxy: {:?}", err); @@ -144,7 +75,9 @@ impl UreqHttpTransport { _ => {} } - builder.build() + builder = builder.proxy(maybe_proxy); + + builder.build().new_agent() }); let user_agent = options.user_agent.clone(); let auth = dsn.to_auth(Some(&user_agent)).to_string(); @@ -153,22 +86,23 @@ impl UreqHttpTransport { let thread = TransportThread::new(move |envelope, rl| { let mut body = Vec::new(); envelope.to_writer(&mut body).unwrap(); - let request = agent - .post(&url) - .set("X-Sentry-Auth", &auth) - .send_bytes(&body); + let request = agent.post(&url).header("X-Sentry-Auth", &auth).send(&body); match request { - Ok(response) => { - if let Some(sentry_header) = response.header("x-sentry-rate-limits") { + Ok(mut response) => { + fn header_str<'a, B>(response: &'a Response, key: &str) -> Option<&'a str> { + response.headers().get(key)?.to_str().ok() + } + + if let Some(sentry_header) = header_str(&response, "x-sentry-rate-limits") { rl.update_from_sentry_header(sentry_header); - } else if let Some(retry_after) = response.header("retry-after") { + } else if let Some(retry_after) = header_str(&response, "retry-after") { rl.update_from_retry_after(retry_after); } else if response.status() == 429 { rl.update_from_429(); } - match response.into_string() { + match response.body_mut().read_to_string() { Err(err) => { sentry_debug!("Failed to read sentry response: {}", err); }