diff --git a/Cargo.lock b/Cargo.lock index df7d10e1f..0165d53c0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -463,13 +463,13 @@ dependencies = [ [[package]] name = "async-native-tls" -version = "0.5.0" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9343dc5acf07e79ff82d0c37899f079db3534d99f189a1837c8e549c99405bec" +checksum = "37dd6b179962fe4048a6f81d4c0d7ed419a21fdf49204b4c6b04971693358e79" dependencies = [ "futures-util", "native-tls", - "thiserror 1.0.69", + "thiserror 2.0.18", "url", ] @@ -518,17 +518,20 @@ dependencies = [ [[package]] name = "async-tungstenite" -version = "0.25.1" +version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2cca750b12e02c389c1694d35c16539f88b8bbaa5945934fdc1b41a776688589" +checksum = "eb26fbd2a93308b1c1b74ac4e494a11ac10db57c476882240573bdf961463520" dependencies = [ "async-native-tls", "async-std", + "atomic-waker", + "futures-core", "futures-io", + "futures-task", "futures-util", "log", "pin-project-lite", - "tungstenite 0.21.0", + "tungstenite", ] [[package]] @@ -586,6 +589,28 @@ dependencies = [ "arrayvec", ] +[[package]] +name = "aws-lc-rs" +version = "1.16.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ec6fb3fe69024a75fa7e1bfb48aa6cf59706a101658ea01bfd33b2b248a038f" +dependencies = [ + "aws-lc-sys", + "zeroize", +] + +[[package]] +name = "aws-lc-sys" +version = "0.40.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f50037ee5e1e41e7b8f9d161680a725bd1626cb6f8c7e901f91f942850852fe7" +dependencies = [ + "cc", + "cmake", + "dunce", + "fs_extra", +] + [[package]] name = "axum" version = "0.6.20" @@ -1180,6 +1205,15 @@ dependencies = [ "error-code", ] +[[package]] +name = "cmake" +version = "0.1.58" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0f78a02292a74a88ac736019ab962ece0bc380e3f977bf72e376c5d78ff0678" +dependencies = [ + "cc", +] + [[package]] name = "cocoa" version = "0.20.2" @@ -1955,6 +1989,12 @@ dependencies = [ "syn 2.0.117", ] +[[package]] +name = "dunce" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" + [[package]] name = "dyn-clone" version = "1.0.20" @@ -2557,6 +2597,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "fs_extra" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" + [[package]] name = "futures" version = "0.3.32" @@ -3218,13 +3264,11 @@ dependencies = [ "http 1.4.0", "hyper 1.8.1", "hyper-util", - "rustls 0.23.37", - "rustls-native-certs 0.8.3", + "rustls", "rustls-pki-types", "tokio", - "tokio-rustls 0.26.4", + "tokio-rustls", "tower-service", - "webpki-roots 1.0.6", ] [[package]] @@ -4031,6 +4075,7 @@ version = "0.4.18" dependencies = [ "async-tungstenite", "base64 0.21.7", + "bytes", "device-info", "futures-util", "http 1.4.0", @@ -4045,14 +4090,15 @@ dependencies = [ "prost 0.12.6", "rand 0.9.2", "reqwest", - "rustls-native-certs 0.6.3", + "rustls-native-certs", + "rustls-pki-types", "scopeguard", "serde", "serde_json", "sha2", "thiserror 2.0.18", "tokio", - "tokio-rustls 0.24.1", + "tokio-rustls", "tokio-tungstenite", "url", ] @@ -4549,7 +4595,7 @@ dependencies = [ "openssl-probe 0.2.1", "openssl-sys", "schannel", - "security-framework 3.7.0", + "security-framework", "security-framework-sys", "tempfile", ] @@ -6085,7 +6131,7 @@ dependencies = [ "quinn-proto", "quinn-udp", "rustc-hash 2.1.1", - "rustls 0.23.37", + "rustls", "socket2 0.6.3", "thiserror 2.0.18", "tokio", @@ -6099,13 +6145,14 @@ version = "0.11.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "434b42fec591c96ef50e21e886936e66d3cc3f737104fdb9b737c40ffb94c098" dependencies = [ + "aws-lc-rs", "bytes", "getrandom 0.3.4", "lru-slab", "rand 0.9.2", "ring", "rustc-hash 2.1.1", - "rustls 0.23.37", + "rustls", "rustls-pki-types", "slab", "thiserror 2.0.18", @@ -6370,9 +6417,9 @@ checksum = "19b30a45b0cd0bcca8037f3d0dc3421eaf95327a17cad11964fb8179b4fc4832" [[package]] name = "reqwest" -version = "0.12.28" +version = "0.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eddd3ca559203180a307f12d114c268abf583f59b03cb906fd0b3ff8646c1147" +checksum = "ab3f43e3283ab1488b624b44b0e988d0acea0b3214e694730a055cb6b2efa801" dependencies = [ "base64 0.22.1", "bytes", @@ -6392,16 +6439,15 @@ dependencies = [ "percent-encoding", "pin-project-lite", "quinn", - "rustls 0.23.37", - "rustls-native-certs 0.8.3", + "rustls", "rustls-pki-types", + "rustls-platform-verifier", "serde", "serde_json", - "serde_urlencoded", "sync_wrapper 1.0.2", "tokio", "tokio-native-tls", - "tokio-rustls 0.26.4", + "tokio-rustls", "tower 0.5.3", "tower-http", "tower-service", @@ -6409,7 +6455,6 @@ dependencies = [ "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots 1.0.6", ] [[package]] @@ -6581,44 +6626,21 @@ dependencies = [ "windows-sys 0.61.2", ] -[[package]] -name = "rustls" -version = "0.21.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e" -dependencies = [ - "log", - "ring", - "rustls-webpki 0.101.7", - "sct", -] - [[package]] name = "rustls" version = "0.23.37" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "758025cb5fccfd3bc2fd74708fd4682be41d99e5dff73c377c0646c6012c73a4" dependencies = [ + "aws-lc-rs", + "log", "once_cell", - "ring", "rustls-pki-types", - "rustls-webpki 0.103.10", + "rustls-webpki", "subtle", "zeroize", ] -[[package]] -name = "rustls-native-certs" -version = "0.6.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9aace74cb666635c918e9c12bc0d348266037aa8eb599b5cba565709a8dff00" -dependencies = [ - "openssl-probe 0.1.6", - "rustls-pemfile", - "schannel", - "security-framework 2.11.1", -] - [[package]] name = "rustls-native-certs" version = "0.8.3" @@ -6628,16 +6650,7 @@ dependencies = [ "openssl-probe 0.2.1", "rustls-pki-types", "schannel", - "security-framework 3.7.0", -] - -[[package]] -name = "rustls-pemfile" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" -dependencies = [ - "base64 0.21.7", + "security-framework", ] [[package]] @@ -6651,21 +6664,39 @@ dependencies = [ ] [[package]] -name = "rustls-webpki" -version = "0.101.7" +name = "rustls-platform-verifier" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +checksum = "1d99feebc72bae7ab76ba994bb5e121b8d83d910ca40b36e0921f53becc41784" dependencies = [ - "ring", - "untrusted", + "core-foundation 0.10.1", + "core-foundation-sys 0.8.7", + "jni 0.21.1", + "log", + "once_cell", + "rustls", + "rustls-native-certs", + "rustls-platform-verifier-android", + "rustls-webpki", + "security-framework", + "security-framework-sys", + "webpki-root-certs", + "windows-sys 0.61.2", ] +[[package]] +name = "rustls-platform-verifier-android" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f87165f0995f63a9fbeea62b64d10b4d9d8e78ec6d7d51fb2125fda7bb36788f" + [[package]] name = "rustls-webpki" version = "0.103.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df33b2b81ac578cabaf06b89b0631153a3f416b0a886e8a7a1707fb51abbd1ef" dependencies = [ + "aws-lc-rs", "ring", "rustls-pki-types", "untrusted", @@ -6677,12 +6708,6 @@ version = "1.0.22" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" -[[package]] -name = "ryu" -version = "1.0.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9774ba4a74de5f7b1c1451ed6cd5285a32eddb5cccb8cc655a4e50009e06477f" - [[package]] name = "safetensors" version = "0.6.2" @@ -6780,16 +6805,6 @@ dependencies = [ "syn 2.0.117", ] -[[package]] -name = "sct" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" -dependencies = [ - "ring", - "untrusted", -] - [[package]] name = "sctk-adwaita" version = "0.10.1" @@ -6817,19 +6832,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "security-framework" -version = "2.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" -dependencies = [ - "bitflags 2.11.0", - "core-foundation 0.9.4", - "core-foundation-sys 0.8.7", - "libc", - "security-framework-sys", -] - [[package]] name = "security-framework" version = "3.7.0" @@ -6928,18 +6930,6 @@ dependencies = [ "serde_core", ] -[[package]] -name = "serde_urlencoded" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" -dependencies = [ - "form_urlencoded", - "itoa", - "ryu", - "serde", -] - [[package]] name = "sha1" version = "0.10.6" @@ -7610,23 +7600,13 @@ dependencies = [ "tokio", ] -[[package]] -name = "tokio-rustls" -version = "0.24.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" -dependencies = [ - "rustls 0.21.12", - "tokio", -] - [[package]] name = "tokio-rustls" version = "0.26.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61" dependencies = [ - "rustls 0.23.37", + "rustls", "tokio", ] @@ -7644,20 +7624,21 @@ dependencies = [ [[package]] name = "tokio-tungstenite" -version = "0.20.1" +version = "0.29.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "212d5dcb2a1ce06d81107c3d0ffa3121fe974b73f068c8282cb1c32328113b6c" +checksum = "8f72a05e828585856dacd553fba484c242c46e391fb0e58917c942ee9202915c" dependencies = [ "futures-util", "log", "native-tls", - "rustls 0.21.12", - "rustls-native-certs 0.6.3", + "rustls", + "rustls-native-certs", + "rustls-pki-types", "tokio", "tokio-native-tls", - "tokio-rustls 0.24.1", - "tungstenite 0.20.1", - "webpki-roots 0.25.4", + "tokio-rustls", + "tungstenite", + "webpki-roots 0.26.11", ] [[package]] @@ -8065,43 +8046,22 @@ checksum = "d2df906b07856748fa3f6e0ad0cbaa047052d4a7dd609e231c4f72cee8c36f31" [[package]] name = "tungstenite" -version = "0.20.1" +version = "0.29.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e3dac10fd62eaf6617d3a904ae222845979aec67c615d1c842b4002c7666fb9" +checksum = "6c01152af293afb9c7c2a57e4b559c5620b421f6d133261c60dd2d0cdb38e6b8" dependencies = [ - "byteorder", - "bytes", - "data-encoding", - "http 0.2.12", - "httparse", - "log", - "native-tls", - "rand 0.8.5", - "rustls 0.21.12", - "sha1", - "thiserror 1.0.69", - "url", - "utf-8", -] - -[[package]] -name = "tungstenite" -version = "0.21.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ef1a641ea34f399a848dea702823bbecfb4c486f911735368f1f137cb8257e1" -dependencies = [ - "byteorder", "bytes", "data-encoding", "http 1.4.0", "httparse", "log", "native-tls", - "rand 0.8.5", + "rand 0.9.2", + "rustls", + "rustls-pki-types", "sha1", - "thiserror 1.0.69", + "thiserror 2.0.18", "url", - "utf-8", ] [[package]] @@ -8309,12 +8269,6 @@ dependencies = [ "serde", ] -[[package]] -name = "utf-8" -version = "0.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" - [[package]] name = "utf8_iter" version = "1.0.4" @@ -8710,11 +8664,23 @@ dependencies = [ "tokio", ] +[[package]] +name = "webpki-root-certs" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31141ce3fc3e300ae89b78c0dd67f9708061d1d2eda54b8209346fd6be9a92c" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "webpki-roots" -version = "0.25.4" +version = "0.26.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" +checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9" +dependencies = [ + "webpki-roots 1.0.6", +] [[package]] name = "webpki-roots" diff --git a/livekit-api/Cargo.toml b/livekit-api/Cargo.toml index fc3035591..44684f261 100644 --- a/livekit-api/Cargo.toml +++ b/livekit-api/Cargo.toml @@ -17,7 +17,8 @@ signal-client-tokio = [ "dep:reqwest", "dep:livekit-runtime", "livekit-runtime/tokio", - "dep:base64" + "dep:base64", + "dep:rustls-pki-types", ] signal-client-async = [ @@ -36,7 +37,8 @@ __signal-client-async-compatible = [ "dep:futures-util", "dep:isahc", "dep:livekit-runtime", - "dep:base64" + "dep:base64", + "dep:rustls-pki-types", ] @@ -58,14 +60,14 @@ native-tls-vendored = [ ] rustls-tls-native-roots = [ "tokio-tungstenite?/rustls-tls-native-roots", - "reqwest?/rustls-tls-native-roots", + "reqwest?/rustls", "tokio-tungstenite?/__rustls-tls", "dep:tokio-rustls", "dep:rustls-native-certs" ] rustls-tls-webpki-roots = [ "tokio-tungstenite?/rustls-tls-webpki-roots", - "reqwest?/rustls-tls-webpki-roots", + "reqwest?/rustls", ] __rustls-tls = ["tokio-tungstenite?/__rustls-tls", "reqwest?/__rustls"] @@ -79,6 +81,7 @@ log = { workspace = true } parking_lot = { workspace = true } prost = "0.12" pbjson-types = "0.6" +bytes = "1.11" # webhooks serde_json = { workspace = true, optional = true } @@ -89,16 +92,18 @@ jsonwebtoken = { version = "10", default-features = false, features = ["rust_cry # signal_client livekit-runtime = { workspace = true, optional = true} -tokio-tungstenite = { version = "0.20", optional = true } -async-tungstenite = { version = "0.25.0", features = [ "async-std-runtime", "async-native-tls"], optional = true } +tokio-tungstenite = { version = "0.29", features = ["url"], optional = true } +async-tungstenite = { version = "0.34.0", features = [ "async-std-runtime", "async-native-tls"], optional = true } tokio = { workspace = true, default-features = false, features = ["sync", "macros", "signal", "io-util", "net"], optional = true } -tokio-rustls = { version = "0.24", optional = true } -rustls-native-certs = { version = "0.6", optional = true } +tokio-rustls = { version = "0.26", optional = true } +rustls-pki-types = { version = "1", features = ["std"], optional = true } + +rustls-native-certs = { version = "0.8", optional = true } futures-util = { workspace = true, default-features = false, features = [ "sink" ], optional = true } # This dependency must be kept in sync with reqwest's version http = "1.1" -reqwest = { version = "0.12", default-features = false, features = [ "json" ], optional = true } +reqwest = { version = "0.13", default-features = false, features = [ "json" ], optional = true } isahc = { version = "1.7.2", default-features = false, features = [ "json", "text-decoding" ], optional = true } scopeguard = "1.2.0" diff --git a/livekit-api/src/signal_client/signal_stream.rs b/livekit-api/src/signal_client/signal_stream.rs index 89c429fdc..b9304800f 100644 --- a/livekit-api/src/signal_client/signal_stream.rs +++ b/livekit-api/src/signal_client/signal_stream.rs @@ -12,6 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +use bytes::Bytes; use futures_util::{ stream::{SplitSink, SplitStream}, SinkExt, StreamExt, @@ -64,7 +65,7 @@ enum InternalMessage { response_chn: oneshot::Sender>, }, Pong { - ping_data: Vec, + ping_data: Bytes, }, Close, } @@ -230,40 +231,26 @@ impl SignalStream { // Load native root certificates let mut root_store = rustls::RootCertStore::empty(); - match rustls_native_certs::load_native_certs() { - Ok(certs) => { - let roots: Vec = certs - .into_iter() - .map(|cert| rustls::Certificate(cert.0)) - .collect(); - - for root in roots { - root_store.add(&root).map_err(|e| { - WsError::Io(io::Error::new( - io::ErrorKind::Other, - format!( - "Failed to parse root certificate: {:?}", - e - ), - )) - })?; - } - } - Err(e) => { - return Err(WsError::Io(io::Error::new( + + let roots = rustls_native_certs::load_native_certs().certs; + + for root in roots { + root_store.add(root).map_err(|e| { + WsError::Io(io::Error::new( io::ErrorKind::Other, - format!("Could not load native root certificates: {}", e), + format!("Failed to parse root certificate: {:?}", e), )) - .into()); - } + })?; } let tls_config = rustls::ClientConfig::builder() - .with_safe_defaults() .with_root_certificates(root_store) .with_no_client_auth(); - let server_name = rustls::ServerName::try_from(host).map_err(|_| { + let server_name = rustls_pki_types::ServerName::try_from( + host.to_string(), + ) + .map_err(|_| { WsError::Io(io::Error::new( io::ErrorKind::InvalidInput, format!("Invalid DNS name: {}", host), @@ -359,7 +346,7 @@ impl SignalStream { InternalMessage::Signal { signal, response_chn } => { let data = proto::SignalRequest { message: Some(signal) }.encode_to_vec(); - if let Err(err) = ws_writer.send(Message::Binary(data)).await { + if let Err(err) = ws_writer.send(Message::Binary(data.into())).await { let _ = response_chn.send(Err(err.into())); break; } @@ -367,7 +354,7 @@ impl SignalStream { let _ = response_chn.send(Ok(())); } InternalMessage::Pong { ping_data } => { - if let Err(err) = ws_writer.send(Message::Pong(ping_data)).await { + if let Err(err) = ws_writer.send(Message::Pong(ping_data.into())).await { log::error!("failed to send pong message: {:?}", err); } } @@ -390,7 +377,7 @@ impl SignalStream { while let Some(msg) = ws_reader.next().await { match msg { Ok(Message::Binary(data)) => { - let res = proto::SignalResponse::decode(data.as_slice()) + let res = proto::SignalResponse::decode(&data[..]) .expect("failed to decode SignalResponse"); if let Some(msg) = res.message { diff --git a/webrtc-sys/build/Cargo.toml b/webrtc-sys/build/Cargo.toml index da530bee4..0033a7957 100644 --- a/webrtc-sys/build/Cargo.toml +++ b/webrtc-sys/build/Cargo.toml @@ -7,7 +7,7 @@ description = "Build utilities when working with libwebrtc" repository.workspace = true [dependencies] -reqwest = { version = "0.12", default-features = false, features = ["rustls-tls-native-roots", "blocking"] } +reqwest = { version = "0.13", default-features = false, features = ["rustls", "blocking"] } zip = "0.6" regex = "1.0" scratch = "1.0"