Merge branch 'main' into async-signer-trait

NLnetLabs · Dec 7, 2023 · 4621168 · 4621168
2 parents 09ecffc + 89b700b
commit 4621168
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 21 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "rpki"
-version = "0.17.3-dev"
+version = "0.18.1-dev"
 edition = "2021"
 rust-version = "1.63"
 authors = ["NLnet Labs <rpki-team@nlnetlabs.nl>"]
@@ -26,14 +26,14 @@ futures-util    = { version = "0.3", optional = true }
 chrono          = { version = "0.4.10", features = [ "serde" ] }
 log             = "0.4.7"
 openssl         = { version = "0.10.23", optional = true }
-quick-xml       = { version = "0.29.0", optional = true }
-ring            = { version = "0.16.11", optional = true }
+quick-xml       = { version = "0.31.0", optional = true }
+ring            = { version = "0.17.6", optional = true }
 serde           = { version = "1.0.103", optional = true, features = [ "derive" ] }
 serde_json      = { version = "1.0.40", optional = true }
 tokio           = { version = "1.0", optional = true, features = ["io-util",  "net", "rt", "sync", "time"] }
 tokio-stream    = { version = "0.1", optional = true }
 uuid            = "1.1"
-untrusted       = { version = "0.7.0", optional = true }
+untrusted       = { version = "0.9", optional = true }
 
 [dev-dependencies]
 serde_json      = "1.0.40"

diff --git a/Changelog.md b/Changelog.md
@@ -11,6 +11,17 @@ Bug fixes
 Other changes
 
 
+## 0.18.0
+
+Released 2023-11-30.
+
+Breaking changes
+
+* Upgraded _ring_ to 0.17 and _quick-xml_ to 0.31. ([#287])
+
+[#287]: https://github.com/NLnetLabs/rpki-rs/pull/287
+
+
 ## 0.17.2
 
 Released 2023-09-21

diff --git a/doc/relaxed-validation.md b/doc/relaxed-validation.md
@@ -15,10 +15,10 @@ This memo documents the violations we encountered and are dealing with in
 relaxed validation mode.
 
 
-## Resource Certificates (RFC 6487)
+## Resource Certificates ([RFC 6487](https://datatracker.ietf.org/doc/html/rfc6487))
 
 Resource certificates are defined as a profile on the more general
-Internet PKI certificates defined in RFC 5280.
+Internet PKI certificates defined in [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280).
 
 
 ### Subject and Issuer
@@ -39,23 +39,26 @@ fields.
 RFC 6487 forbids any access methods other than id-ad-signedObject for EE
 certificates. However, there is CAs that also the id-ad-rpkiNotify method
 for RRDP to these certificates which are declared for certificate
-authority use by RFC 81821.
+authority use by [RFC 8182](https://datatracker.ietf.org/doc/html/rfc8182).
 
 In relaxed mode, we tolerate id-ad-rpkiNotify access methods in EE
 certificates.
 
 
 ## Signed Objects (RFC 6488)
 
-Signed objects are defined as a profile on CMS messages defined in RFC
-5652.
+Signed objects are defined as a profile on CMS messages defined in [RFC
+5652](https://datatracker.ietf.org/doc/html/rfc5652).
 
 
 ### DER Encoding
 
-RFC 6488 demands all signed objects to be DER encoded while the more
+[RFC 6488](https://datatracker.ietf.org/doc/html/rfc6488)
+demands all signed objects to be DER encoded while the more
 general CMS format allows any BER encoding – DER is a stricter subset of
-the more general BER. At least one CA does indeed produce BER encoded
+the more general BER. [See Wikipedia for BER vs DER](https://en.wikipedia.org/wiki/X.690).
+
+At least one CA does indeed produce BER encoded
 signed objects.
 
 In relaxed mode, we will allow BER encoding.

diff --git a/src/repository/x509.rs b/src/repository/x509.rs
@@ -1351,12 +1351,10 @@ mod test {
 
     #[test]
     fn next_year() {
-        let now = DateTime::parse_from_rfc3339(
-            "2014-10-21T16:39:57-00:00"
+        let now = Utc.with_ymd_and_hms(
+            2014, 10, 21, 16, 39, 57
         ).unwrap();
-        let future = Time::years_from_date(
-            1, DateTime::from_utc(now.naive_utc(), Utc)
-        );
+        let future = Time::years_from_date(1, now);
 
         assert_eq!(future.year(), 2015);
         assert_eq!(future.month(), 10);
@@ -1368,12 +1366,10 @@ mod test {
 
     #[test]
     fn next_year_from_leap() {
-        let now = DateTime::parse_from_rfc3339(
-            "2020-02-29T16:39:57-00:00"
+        let now = Utc.with_ymd_and_hms(
+            2020, 2, 29, 16, 39, 57
         ).unwrap();
-        let future = Time::years_from_date(
-            10, DateTime::from_utc(now.naive_utc(), Utc)
-        );
+        let future = Time::years_from_date(10, now);
 
         assert_eq!(future.year(), 2030);
         assert_eq!(future.month(), 2);