Modernize and update metadata for rustls fork

.github/workflows/ci.yml

@@ -6,10 +6,10 @@ on:
   push:
 jobs:
   rustfmt:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
           profile: minimal
@@ -20,10 +20,10 @@ jobs:
       - run: cargo fmt --all -- --check
 
   clippy:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
           profile: minimal
@@ -36,10 +36,10 @@ jobs:
       - run: mk/clippy.sh
 
   audit:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
           profile: minimal
@@ -63,10 +63,10 @@ jobs:
       - run: cargo audit --deny warnings
 
   deny:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
           profile: minimal
@@ -89,7 +89,7 @@ jobs:
 
   # Verify that documentation builds.
   rustdoc:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     strategy:
       matrix:
@@ -102,7 +102,7 @@ jobs:
           - target: x86_64-unknown-linux-gnu
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           override: true
           target: ${{ matrix.target }}
@@ -116,10 +116,10 @@ jobs:
           cargo doc --all-features
 
   package:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
     steps:
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
           profile: minimal
@@ -172,16 +172,16 @@ jobs:
 
         include:
           - target: arm-unknown-linux-gnueabihf
-            host_os: ubuntu-18.04
+            host_os: ubuntu-20.04
 
           - target: i686-pc-windows-msvc
             host_os: windows-latest
 
           - target: x86_64-unknown-linux-musl
-            host_os: ubuntu-18.04
+            host_os: ubuntu-20.04
 
           - target: x86_64-unknown-linux-gnu
-            host_os: ubuntu-18.04
+            host_os: ubuntu-20.04
 
     steps:
       - if: ${{ contains(matrix.host_os, 'ubuntu') }}
@@ -194,7 +194,7 @@ jobs:
       - if: ${{ !contains(matrix.host_os, 'windows') }}
         run: mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
 
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           override: true
           target: ${{ matrix.target }}
@@ -233,7 +233,7 @@ jobs:
         # TODO: targets
         include:
           - target: x86_64-unknown-linux-musl
-            host_os: ubuntu-18.04
+            host_os: ubuntu-20.04
 
     steps:
       - if: ${{ contains(matrix.host_os, 'ubuntu') }}
@@ -246,7 +246,7 @@ jobs:
       - if: ${{ !contains(matrix.host_os, 'windows') }}
         run: RING_COVERAGE=1 mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
 
-      - uses: briansmith/actions-rs-toolchain@v1
+      - uses: actions-rs/toolchain@v1
         with:
           override: true
           target: ${{ matrix.target }}

Cargo.toml

@@ -13,16 +13,14 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 [package]
-authors = ["Brian Smith <[email protected]>"]
 categories = ["cryptography", "no-std"]
 description = "Web PKI X.509 Certificate Verification."
-documentation = "https://briansmith.org/rustdoc/webpki/"
 edition = "2018"
 license-file = "LICENSE"
-name = "webpki"
+name = "rustls-webpki"
 readme = "README.md"
-repository = "https://github.com/briansmith/webpki"
-version = "0.21.4"
+repository = "https://github.com/rustls/webpki"
+version = "0.22.0-alpha.1"
 
 include = [
     "Cargo.toml",

src/error.rs

@@ -15,7 +15,7 @@
 use core::fmt;
 
 /// An error that occurs during certificate validation or name validation.
-#[derive(Clone, Copy, Debug, PartialEq)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
 pub enum Error {
     /// The encoding of some ASN.1 DER-encoded item is invalid.
     // TODO: Rename to `BadDer` in the next release.

src/name/verify.rs

@@ -32,19 +32,12 @@ pub fn verify_cert_dns_name(
         cert.subject_alt_name,
         Err(Error::CertNotValidForName),
         &|name| {
-            match name {
-                GeneralName::DnsName(presented_id) => {
-                    match dns_name::presented_id_matches_reference_id(presented_id, dns_name) {
-                        Some(true) => {
-                            return NameIteration::Stop(Ok(()));
-                        }
-                        Some(false) => (),
-                        None => {
-                            return NameIteration::Stop(Err(Error::BadDER));
-                        }
-                    }
+            if let GeneralName::DnsName(presented_id) = name {
+                match dns_name::presented_id_matches_reference_id(presented_id, dns_name) {
+                    Some(true) => return NameIteration::Stop(Ok(())),
+                    Some(false) => (),
+                    None => return NameIteration::Stop(Err(Error::BadDER)),
                 }
-                _ => (),
             }
             NameIteration::KeepGoing
         },

src/time.rs

@@ -19,7 +19,7 @@
 /// Internally this is merely a UNIX timestamp: a count of non-leap
 /// seconds since the start of 1970.  This type exists to assist
 /// unit-of-measure correctness.
-#[derive(Debug, Clone, Copy, PartialEq, PartialOrd)]
+#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd)]
 pub struct Time(u64);
 
 impl Time {

src/verify_cert.rs

@@ -53,7 +53,7 @@ pub fn build_chain(
 
     // TODO: revocation.
 
-    match loop_while_non_fatal_error(trust_anchors, |trust_anchor: &TrustAnchor| {
+    let result = loop_while_non_fatal_error(trust_anchors, |trust_anchor: &TrustAnchor| {
         let trust_anchor_subject = untrusted::Input::from(trust_anchor.subject);
         if cert.issuer != trust_anchor_subject {
             return Err(Error::UnknownIssuer);
@@ -72,13 +72,11 @@ pub fn build_chain(
         check_signatures(supported_sig_algs, cert, trust_anchor_spki)?;
 
         Ok(())
-    }) {
-        Ok(()) => {
-            return Ok(());
-        }
-        Err(..) => {
-            // If the error is not fatal, then keep going.
-        }
+    });
+
+    // If the error is not fatal, then keep going.
+    if result.is_ok() {
+        return Ok(());
     }
 
     loop_while_non_fatal_error(intermediate_certs, |cert_der| {
@@ -339,13 +337,9 @@ where
     V: IntoIterator,
 {
     for v in values {
-        match f(v) {
-            Ok(()) => {
-                return Ok(());
-            }
-            Err(..) => {
-                // If the error is not fatal, then keep going.
-            }
+        // If the error is not fatal, then keep going.
+        if f(v).is_ok() {
+            return Ok(());
         }
     }
     Err(Error::UnknownIssuer)

tests/dns_name_tests.rs

@@ -249,10 +249,10 @@ static IP_ADDRESS_DNS_VALIDITY: &[(&[u8], bool)] = &[
     (b"\n1.2.3.4", false),
     (b"1.2.3.4\n", false),
     // Nulls not allowed
-    (b"\0", false),
-    (b"\01.2.3.4", false),
-    (b"1.2.3.4\0", false),
-    (b"1.2.3.4\0.5", false),
+    (b"\x00", false),
+    (b"\x001.2.3.4", false),
+    (b"1.2.3.4\x00", false),
+    (b"1.2.3.4\x00.5", false),
     // Range
     (b"0.0.0.0", false),
     (b"255.255.255.255", false),
@@ -385,11 +385,11 @@ static IP_ADDRESS_DNS_VALIDITY: &[(&[u8], bool)] = &[
     (b"1234::252.253.254.255\n", false),
     (b"1234::252.253. 254.255", false),
     // Nulls
-    (b"\0", false),
-    (b"::1\0:2", false),
-    (b"::1\0", false),
-    (b"::1.2.3.4\0", false),
-    (b"::1.2\02.3.4", false),
+    (b"\x00", false),
+    (b"::1\x00:2", false),
+    (b"::1\x00", false),
+    (b"::1.2.3.4\x00", false),
+    (b"::1.2\x002.3.4", false),
 ];
 
 #[test]