From 67e9cc84f194d76f3ef3a3f33c2835f690131cd9 Mon Sep 17 00:00:00 2001 From: Pierre Chifflier Date: Tue, 16 Sep 2025 16:52:12 +0200 Subject: [PATCH 1/5] Fix build errors: unnecessary qualifications --- src/ikev2_parser.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ikev2_parser.rs b/src/ikev2_parser.rs index 8157055..292066f 100644 --- a/src/ikev2_parser.rs +++ b/src/ikev2_parser.rs @@ -287,7 +287,7 @@ fn parse_ts_addr(i: &[u8], t: TSType) -> IResult<&[u8], &[u8]> { match t { TSType::IPv4AddrRange => take(4usize)(i), TSType::IPv6AddrRange => take(16usize)(i), - _ => Err(nom::Err::Error(make_error(i, ErrorKind::Switch))), + _ => Err(Err::Error(make_error(i, ErrorKind::Switch))), } } @@ -406,8 +406,8 @@ fn parse_ikev2_payload_list_fold<'a>( v.push(payload); Ok(v) } - Err(nom::Err::Error(e)) | Err(nom::Err::Failure(e)) => Err(IPsecError::NomError(e.code)), - Err(nom::Err::Incomplete(_)) => Err(IPsecError::NomError(ErrorKind::Complete)), + Err(Err::Error(e)) | Err(Err::Failure(e)) => Err(IPsecError::NomError(e.code)), + Err(Err::Incomplete(_)) => Err(IPsecError::NomError(ErrorKind::Complete)), } } From 265f7ba28ed1fb0a13bae41b94be389faae37851 Mon Sep 17 00:00:00 2001 From: Pierre Chifflier Date: Tue, 16 Sep 2025 16:55:08 +0200 Subject: [PATCH 2/5] Fix clippy warning: hiding a lifetime that's elided elsewhere is confusing --- src/esp.rs | 4 +-- src/ikev2_parser.rs | 67 +++++++++++++++++++++++++++++---------------- 2 files changed, 46 insertions(+), 25 deletions(-) diff --git a/src/esp.rs b/src/esp.rs index fdfb03e..6a176bc 100644 --- a/src/esp.rs +++ b/src/esp.rs @@ -31,7 +31,7 @@ pub enum ESPData<'a> { /// Any other value indicates an ESP header. /// /// *Note: input is entirely consumed* -pub fn parse_esp_encapsulated(i: &[u8]) -> IResult<&[u8], ESPData> { +pub fn parse_esp_encapsulated(i: &[u8]) -> IResult<&[u8], ESPData<'_>> { if be_u32(i)?.1 == 0 { parse_ikev2_header(i).map(|x| (x.0, ESPData::IKE(x.1))) } else { @@ -48,7 +48,7 @@ pub fn parse_esp_encapsulated(i: &[u8]) -> IResult<&[u8], ESPData> { /// - the payload data (which can be encrypted) /// /// *Note: input is entirely consumed* -pub fn parse_esp_header(i: &[u8]) -> IResult<&[u8], ESPHeader> { +pub fn parse_esp_header(i: &[u8]) -> IResult<&[u8], ESPHeader<'_>> { let (i, spi_index) = take(4usize)(i)?; let (i, seq) = be_u32(i)?; let (i, data) = rest(i)?; diff --git a/src/ikev2_parser.rs b/src/ikev2_parser.rs index 292066f..0d03c71 100644 --- a/src/ikev2_parser.rs +++ b/src/ikev2_parser.rs @@ -45,7 +45,7 @@ fn bits_split_1(i: &[u8]) -> IResult<&[u8], (u8, u8)> { Ok((i, (b1, b2_7))) } -pub fn parse_ikev2_payload_generic(i: &[u8]) -> IResult<&[u8], IkeV2GenericPayload> { +pub fn parse_ikev2_payload_generic(i: &[u8]) -> IResult<&[u8], IkeV2GenericPayload<'_>> { let (i, next_payload_type) = map(be_u8, IkePayloadType)(i)?; let (i, b) = bits_split_1(i)?; let (i, payload_length) = verify(be_u16, |&n| n >= 4)(i)?; @@ -60,7 +60,7 @@ pub fn parse_ikev2_payload_generic(i: &[u8]) -> IResult<&[u8], IkeV2GenericPaylo Ok((i, payload)) } -pub fn parse_ikev2_transform(i: &[u8]) -> IResult<&[u8], IkeV2RawTransform> { +pub fn parse_ikev2_transform(i: &[u8]) -> IResult<&[u8], IkeV2RawTransform<'_>> { let (i, last) = be_u8(i)?; let (i, reserved1) = be_u8(i)?; let (i, transform_length) = be_u16(i)?; @@ -82,7 +82,7 @@ pub fn parse_ikev2_transform(i: &[u8]) -> IResult<&[u8], IkeV2RawTransform> { Ok((i, transform)) } -pub fn parse_ikev2_proposal(i: &[u8]) -> IResult<&[u8], IkeV2Proposal> { +pub fn parse_ikev2_proposal(i: &[u8]) -> IResult<&[u8], IkeV2Proposal<'_>> { if i.len() < 8 { return Err(Err::Incomplete(Needed::new(8))); } @@ -115,14 +115,14 @@ pub fn parse_ikev2_proposal(i: &[u8]) -> IResult<&[u8], IkeV2Proposal> { Ok((i, proposal)) } -pub fn parse_ikev2_payload_sa(i: &[u8], _length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_sa(i: &[u8], _length: u16) -> IResult<&[u8], IkeV2PayloadContent<'_>> { map( many1(complete(parse_ikev2_proposal)), IkeV2PayloadContent::SA, )(i) } -pub fn parse_ikev2_payload_kex(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_kex(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -140,7 +140,7 @@ pub fn parse_ikev2_payload_kex(i: &[u8], length: u16) -> IResult<&[u8], IkeV2Pay pub fn parse_ikev2_payload_ident_init( i: &[u8], length: u16, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -160,7 +160,7 @@ pub fn parse_ikev2_payload_ident_init( pub fn parse_ikev2_payload_ident_resp( i: &[u8], length: u16, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -180,7 +180,7 @@ pub fn parse_ikev2_payload_ident_resp( pub fn parse_ikev2_payload_certificate( i: &[u8], length: u16, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 1 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -196,7 +196,7 @@ pub fn parse_ikev2_payload_certificate( pub fn parse_ikev2_payload_certificate_request( i: &[u8], length: u16, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 1 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -212,7 +212,7 @@ pub fn parse_ikev2_payload_certificate_request( pub fn parse_ikev2_payload_authentication( i: &[u8], length: u16, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -229,12 +229,15 @@ pub fn parse_ikev2_payload_authentication( Ok((i, IkeV2PayloadContent::Authentication(payload))) } -pub fn parse_ikev2_payload_nonce(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_nonce(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent<'_>> { let (i, nonce_data) = take(length)(i)?; Ok((i, IkeV2PayloadContent::Nonce(NoncePayload { nonce_data }))) } -pub fn parse_ikev2_payload_notify(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_notify( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { let (i, protocol_id) = map(be_u8, ProtocolID)(i)?; let (i, spi_size) = be_u8(i)?; let (i, notify_type) = map(be_u16, NotifyType)(i)?; @@ -255,7 +258,10 @@ pub fn parse_ikev2_payload_notify(i: &[u8], length: u16) -> IResult<&[u8], IkeV2 Ok((i, IkeV2PayloadContent::Notify(payload))) } -pub fn parse_ikev2_payload_vendor_id(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_vendor_id( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 1 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -266,7 +272,10 @@ pub fn parse_ikev2_payload_vendor_id(i: &[u8], length: u16) -> IResult<&[u8], Ik )) } -pub fn parse_ikev2_payload_delete(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_delete( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -291,7 +300,7 @@ fn parse_ts_addr(i: &[u8], t: TSType) -> IResult<&[u8], &[u8]> { } } -fn parse_ikev2_ts(i: &[u8]) -> IResult<&[u8], TrafficSelector> { +fn parse_ikev2_ts(i: &[u8]) -> IResult<&[u8], TrafficSelector<'_>> { let (i, ts_type) = map(be_u8, TSType)(i)?; let (i, ip_proto_id) = be_u8(i)?; let (i, sel_length) = be_u16(i)?; @@ -311,7 +320,7 @@ fn parse_ikev2_ts(i: &[u8]) -> IResult<&[u8], TrafficSelector> { Ok((i, ts)) } -pub fn parse_ikev2_payload_ts(i: &[u8], length: u16) -> IResult<&[u8], TrafficSelectorPayload> { +pub fn parse_ikev2_payload_ts(i: &[u8], length: u16) -> IResult<&[u8], TrafficSelectorPayload<'_>> { if length < 4 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); } @@ -326,27 +335,39 @@ pub fn parse_ikev2_payload_ts(i: &[u8], length: u16) -> IResult<&[u8], TrafficSe Ok((i, payload)) } -pub fn parse_ikev2_payload_ts_init(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_ts_init( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { map( |d| parse_ikev2_payload_ts(d, length), IkeV2PayloadContent::TSi, )(i) } -pub fn parse_ikev2_payload_ts_resp(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_ts_resp( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { map( |d| parse_ikev2_payload_ts(d, length), IkeV2PayloadContent::TSr, )(i) } -pub fn parse_ikev2_payload_encrypted(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_encrypted( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { map(take(length), |d| { IkeV2PayloadContent::Encrypted(EncryptedPayload(d)) })(i) } -pub fn parse_ikev2_payload_unknown(i: &[u8], length: u16) -> IResult<&[u8], IkeV2PayloadContent> { +pub fn parse_ikev2_payload_unknown( + i: &[u8], + length: u16, +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { map(take(length), IkeV2PayloadContent::Unknown)(i) } @@ -355,7 +376,7 @@ pub fn parse_ikev2_payload_with_type( i: &[u8], length: u16, next_payload_type: IkePayloadType, -) -> IResult<&[u8], IkeV2PayloadContent> { +) -> IResult<&[u8], IkeV2PayloadContent<'_>> { let f = match next_payload_type { // IkePayloadType::NoNextPayload => parse_ikev2_payload_unknown, // XXX ? IkePayloadType::SecurityAssociation => parse_ikev2_payload_sa, @@ -414,7 +435,7 @@ fn parse_ikev2_payload_list_fold<'a>( pub fn parse_ikev2_payload_list( i: &[u8], initial_type: IkePayloadType, -) -> IResult<&[u8], Result, IPsecError>> { +) -> IResult<&[u8], Result>, IPsecError>> { // XXX fold manually, because fold_many1 requires accumulator to have Clone, and we don't want // XXX to implement that for IkeV2Payload let mut acc = Ok(vec![IkeV2Payload { @@ -449,7 +470,7 @@ pub fn parse_ikev2_payload_list( #[allow(clippy::type_complexity)] pub fn parse_ikev2_message( i: &[u8], -) -> IResult<&[u8], (IkeV2Header, Result, IPsecError>)> { +) -> IResult<&[u8], (IkeV2Header, Result>, IPsecError>)> { let (i, hdr) = parse_ikev2_header(i)?; if hdr.length < 28 { return Err(Err::Error(make_error(i, ErrorKind::Verify))); From 3bf768fd7f31c208e3786993b160f17ba92e813b Mon Sep 17 00:00:00 2001 From: Pierre Chifflier Date: Tue, 16 Sep 2025 16:55:42 +0200 Subject: [PATCH 3/5] Fix clippy warning: unused_import --- src/lib.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/lib.rs b/src/lib.rs index 62ddac6..3afbc29 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -71,7 +71,6 @@ mod ikev2_transforms; pub use error::*; pub use esp::*; pub use ikev2::*; -pub use ikev2_debug::*; pub use ikev2_notify::*; pub use ikev2_parser::*; pub use ikev2_transforms::*; From 760e45853e170e8772134a7a9fa76142ce0c5c2d Mon Sep 17 00:00:00 2001 From: Pierre Chifflier Date: Tue, 16 Sep 2025 16:59:03 +0200 Subject: [PATCH 4/5] Set MSRV to 1.63.0 --- .github/workflows/rust.yml | 2 +- Cargo.toml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 7f35caf..04f20d7 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -10,7 +10,7 @@ jobs: matrix: rust: - stable - - 1.46.0 + - 1.63.0 - nightly steps: - uses: actions/checkout@v2 diff --git a/Cargo.toml b/Cargo.toml index 60ea2c2..f57fe4f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,6 +11,7 @@ authors = ["Pierre Chifflier "] categories = ["parser-implementations"] readme = "README.md" edition = "2018" +rust-version = "1.63" include = [ "LICENSE-*", From 713e1ac3501b5e34390c9496fe0e1dc28f0758d8 Mon Sep 17 00:00:00 2001 From: Pierre Chifflier Date: Tue, 16 Sep 2025 17:17:51 +0200 Subject: [PATCH 5/5] Remove deprecated lint --- src/ikev2_parser.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ikev2_parser.rs b/src/ikev2_parser.rs index 0d03c71..25f4581 100644 --- a/src/ikev2_parser.rs +++ b/src/ikev2_parser.rs @@ -447,7 +447,6 @@ pub fn parse_ikev2_payload_list( }, content: IkeV2PayloadContent::Dummy, }]); - #[allow(suspicious_double_ref_op)] let mut i = i; loop { if i.is_empty() {