Cherry-picked from e473ee1ecb335d8efa3d4ceb2feb369f46b125f2 and modified
by Brian Smith. The main modifications were:
1. Maintain API compatibility with webpki 0.22.0.
2. (In `build_chain_inner`), stop immediately on fatal error, without
considering any more paths. The point of having such fatal errors
is to fail ASAP and avoid unneeded work in the failure case.
3. The test uses rcgen which requires Rust 1.67.0 or later. (I don't
think the non-test MSRV of webpki changes though.)
The original commit message is below:
Pathbuilding complexity can be quadratic, particularly when the set of
intermediates all have subjects matching a trust anchor. In these cases
we need to bound the number of expensive signature validation operations
that are performed to avoid a DoS on CPU usage.
This commit implements a simple maximum signature check limit inspired
by the approach taken in the Golang x509 package. No more than 100
signatures will be evaluated while pathbuilding. This limit works in
practice for Go when processing real world certificate chains and so
should be appropriate for our use case as well.
Get all GitHub Actions jobs passing again.
There are no Ubuntu 18.04 runners in GitHub Actions anymore, so use
22.04.
Update mk/* scripts to match what's in *ring*'s main branch;
some of these changes are required for Ubuntu 22.04. This also fixes
a typo in the invocation of `cargo clippy`.
Temporarily allow `clippy::explicit_auto_deref` to avoid source code
changes prior to the next 0.22.1 release. Tweak `dns_names_test.rs`
so that it doesn't trigger `clippy::octal_escapes` false positives.
Update `cargo deny` to the latest release and update deny.toml so
that the Unicode license will be accepted, matching *ring*'s
configuration.
Test all feature configurations in CI.
Remove the `trust_anchor_utils` feature flag.
Guard all features that directly require allocation with a new `alloc` feature.
The RSA features will be handled separately.
Document the features. Tell docs.rs to document all features.
Adjust some tests so that tests are run in more configurations.
Unless/until we adapt all the tests to use wasm-bindgen-test, no tests are
actually run. In fact the jobs succeed even if there are missing symbols
from *ring*!
Brian Smith
Daniel McCarney