From 7ead9440ee3f7cc09a64777845d23d06f7d594a0 Mon Sep 17 00:00:00 2001 From: Spacebot Date: Wed, 29 Apr 2026 00:01:09 +0000 Subject: [PATCH 1/3] Update Rust crate sha2 to 0.11.0 --- Cargo.lock | 46 +++++++++++++++++++++++++++++++++------------- Cargo.toml | 2 +- 2 files changed, 34 insertions(+), 14 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 906c47f..8ed831b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -41,7 +41,7 @@ dependencies = [ "sentry", "serde", "serde_json", - "sha2", + "sha2 0.11.0", "sha256", "sqlx", "thiserror 2.0.18", @@ -224,7 +224,7 @@ checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" dependencies = [ "cfg-if", "cipher", - "cpufeatures", + "cpufeatures 0.2.17", ] [[package]] @@ -271,7 +271,7 @@ checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072" dependencies = [ "base64ct", "blake2", - "cpufeatures", + "cpufeatures 0.2.17", "password-hash", ] @@ -668,6 +668,15 @@ dependencies = [ "libc", ] +[[package]] +name = "cpufeatures" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b2a41393f66f16b0823bb79094d54ac5fbd34ab292ddafb9a0456ac9f87d201" +dependencies = [ + "libc", +] + [[package]] name = "crc" version = "3.2.1" @@ -890,7 +899,7 @@ dependencies = [ "num-traits", "pkcs8", "rfc6979", - "sha2", + "sha2 0.10.9", "signature", "zeroize", ] @@ -1945,7 +1954,7 @@ dependencies = [ "ecdsa", "elliptic-curve", "once_cell", - "sha2", + "sha2 0.10.9", "signature", ] @@ -2372,7 +2381,7 @@ dependencies = [ "ecdsa", "elliptic-curve", "primeorder", - "sha2", + "sha2 0.10.9", ] [[package]] @@ -3267,7 +3276,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" dependencies = [ "cfg-if", - "cpufeatures", + "cpufeatures 0.2.17", "digest 0.10.7", ] @@ -3278,10 +3287,21 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" dependencies = [ "cfg-if", - "cpufeatures", + "cpufeatures 0.2.17", "digest 0.10.7", ] +[[package]] +name = "sha2" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "446ba717509524cb3f22f17ecc096f10f4822d76ab5c0b9822c5f9c284e825f4" +dependencies = [ + "cfg-if", + "cpufeatures 0.3.0", + "digest 0.11.2", +] + [[package]] name = "sha256" version = "1.6.0" @@ -3291,7 +3311,7 @@ dependencies = [ "async-trait", "bytes", "hex", - "sha2", + "sha2 0.10.9", "tokio", ] @@ -3427,7 +3447,7 @@ dependencies = [ "percent-encoding", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "smallvec", "thiserror 2.0.18", "tokio", @@ -3464,7 +3484,7 @@ dependencies = [ "quote", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "sqlx-core", "sqlx-mysql", "sqlx-postgres", @@ -3508,7 +3528,7 @@ dependencies = [ "rsa", "serde", "sha1", - "sha2", + "sha2 0.10.9", "smallvec", "sqlx-core", "stringprep", @@ -3547,7 +3567,7 @@ dependencies = [ "rand 0.8.5", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "smallvec", "sqlx-core", "stringprep", diff --git a/Cargo.toml b/Cargo.toml index 88aca0a..774b3a7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -23,7 +23,7 @@ once_cell = "1.20.3" serde_json = "1.0.139" chrono = { version = "0.4.39", features = ["serde"] } argon2 = "0.5.3" -sha2 = "0.10.8" +sha2 = "0.11.0" bytemuck = { version = "1.21.0", features = ["derive"] } base64 = "0.22.1" hex = "0.4.3" From aa0cd97faae608fc62df093b9c2b6697440cbe94 Mon Sep 17 00:00:00 2001 From: Spacebot Date: Wed, 29 Apr 2026 08:31:17 +0000 Subject: [PATCH 2/3] Update Rust crate sha2 to 0.11.0 --- Cargo.lock | 29 ++++++++++++++++++++--------- Cargo.toml | 2 +- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6164b4f..41a57f2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -41,7 +41,7 @@ dependencies = [ "sentry", "serde", "serde_json", - "sha2", + "sha2 0.11.0", "sha256", "sqlx", "thiserror 2.0.18", @@ -989,7 +989,7 @@ dependencies = [ "num-traits", "pkcs8", "rfc6979", - "sha2", + "sha2 0.10.9", "signature", "zeroize", ] @@ -2142,7 +2142,7 @@ dependencies = [ "ecdsa", "elliptic-curve", "once_cell", - "sha2", + "sha2 0.10.9", "signature", ] @@ -2565,7 +2565,7 @@ dependencies = [ "ecdsa", "elliptic-curve", "primeorder", - "sha2", + "sha2 0.10.9", ] [[package]] @@ -3634,6 +3634,17 @@ dependencies = [ "digest 0.10.7", ] +[[package]] +name = "sha2" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "446ba717509524cb3f22f17ecc096f10f4822d76ab5c0b9822c5f9c284e825f4" +dependencies = [ + "cfg-if", + "cpufeatures 0.3.0", + "digest 0.11.2", +] + [[package]] name = "sha256" version = "1.6.0" @@ -3643,7 +3654,7 @@ dependencies = [ "async-trait", "bytes", "hex", - "sha2", + "sha2 0.10.9", "tokio", ] @@ -3795,7 +3806,7 @@ dependencies = [ "percent-encoding", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "smallvec", "thiserror 2.0.18", "tokio", @@ -3832,7 +3843,7 @@ dependencies = [ "quote", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "sqlx-core", "sqlx-mysql", "sqlx-postgres", @@ -3876,7 +3887,7 @@ dependencies = [ "rsa", "serde", "sha1 0.10.6", - "sha2", + "sha2 0.10.9", "smallvec", "sqlx-core", "stringprep", @@ -3915,7 +3926,7 @@ dependencies = [ "rand 0.8.5", "serde", "serde_json", - "sha2", + "sha2 0.10.9", "smallvec", "sqlx-core", "stringprep", diff --git a/Cargo.toml b/Cargo.toml index 597295c..e9f3a2b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -23,7 +23,7 @@ once_cell = "1.20.3" serde_json = "1.0.139" chrono = { version = "0.4.39", features = ["serde"] } argon2 = "0.5.3" -sha2 = "0.10.8" +sha2 = "0.11.0" bytemuck = { version = "1.21.0", features = ["derive"] } base64 = "0.22.1" hex = "0.4.3" From 8940b099e927152eb6e12104d712dd40d258d7c3 Mon Sep 17 00:00:00 2001 From: red binder Date: Wed, 29 Apr 2026 10:42:09 +0200 Subject: [PATCH 3/3] Update rand and sha --- Cargo.lock | 31 ++++++++++++++++++++++++++++++- Cargo.toml | 4 ++-- src/account/account.rs | 16 ++++++++-------- src/nnid/people.rs | 4 ++-- 4 files changed, 42 insertions(+), 13 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8ed831b..d2fbc76 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -34,7 +34,7 @@ dependencies = [ "p256", "prost", "quick-xml", - "rand 0.8.5", + "rand 0.10.1", "reqwest", "rocket", "rocket_cors", @@ -573,6 +573,17 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "chacha20" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f8d983286843e49675a4b7a2d174efe136dc93a18d69130dd18198a6c167601" +dependencies = [ + "cfg-if", + "cpufeatures 0.3.0", + "rand_core 0.10.1", +] + [[package]] name = "chrono" version = "0.4.44" @@ -1254,6 +1265,7 @@ dependencies = [ "cfg-if", "libc", "r-efi", + "rand_core 0.10.1", "wasip2", "wasip3", ] @@ -2632,6 +2644,17 @@ dependencies = [ "rand_core 0.9.3", ] +[[package]] +name = "rand" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2e8e8bcc7961af1fdac401278c6a831614941f6164ee3bf4ce61b7edb162207" +dependencies = [ + "chacha20", + "getrandom 0.4.2", + "rand_core 0.10.1", +] + [[package]] name = "rand_chacha" version = "0.3.1" @@ -2670,6 +2693,12 @@ dependencies = [ "getrandom 0.3.1", ] +[[package]] +name = "rand_core" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "63b8176103e19a2643978565ca18b50549f6101881c443590420e4dc998a3c69" + [[package]] name = "redox_syscall" version = "0.5.9" diff --git a/Cargo.toml b/Cargo.toml index 774b3a7..4a952cd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -45,7 +45,7 @@ juniper_rocket = "0.10.0" prost = "0.13.4" lettre = "0.11.15" -rand = "0.8.5" +rand = { version = "0.10.0", features = ["std"] } reqwest = "0.12.12" binrw = "0.15.1" ecdsa = { version = "0.16.9", features = ["pem", "std", "verifying"] } @@ -55,4 +55,4 @@ k256 = "0.13.4" dsa = "0.6.3" openssl = "0.10.78" time = "0.3.47" -hickory-resolver = { version = "0.24", features = ["tokio-runtime"] } \ No newline at end of file +hickory-resolver = { version = "0.24", features = ["tokio-runtime"] } diff --git a/src/account/account.rs b/src/account/account.rs index 2d43166..fd58a1b 100644 --- a/src/account/account.rs +++ b/src/account/account.rs @@ -20,7 +20,7 @@ use openssl::ecdsa::EcdsaSig; use openssl::error::ErrorStack; use openssl::nid::Nid; use openssl::pkey::Public; -use rand::Rng; +use rand::prelude::*; use rocket::http::Status; use rocket::request::{FromRequest, Outcome}; use rocket::{Request, async_trait}; @@ -81,9 +81,9 @@ pub struct _CertificatePid { fn generate_nintendo_hash(pid: i32, text_password: &str) -> String { let mut sha = Sha256::new(); - sha.write_all(&bytes_of(&pid)).unwrap(); - sha.write_all(&[0x02, 0x65, 0x43, 0x46]).unwrap(); - sha.write_all(text_password.as_bytes()).unwrap(); + sha.update(&bytes_of(&pid)); + sha.update(&[0x02, 0x65, 0x43, 0x46]); + sha.update(text_password.as_bytes()); hex::encode(&sha.finalize()[..]) } @@ -193,18 +193,18 @@ pub async fn read_bearer_auth_token(connection: &Pool, token: &str) -> Option String { - let mut rng = rand::thread_rng(); + let mut rng = rand::rng(); let mut output = String::with_capacity(16); while output.len() < 16 { - let offset: u8 = rng.gen_range(0..62); + let offset: u8 = rng.random_range(0..62); let character = if offset < 10 { (offset + b'0') as char } else if offset < 36 { - (offset + 55) as char + (offset + 55) as char // A-Z } else { - (offset + 61) as char + (offset + 61) as char // a-z }; output.push(character); diff --git a/src/nnid/people.rs b/src/nnid/people.rs index 7d5f721..db9e690 100644 --- a/src/nnid/people.rs +++ b/src/nnid/people.rs @@ -11,7 +11,7 @@ use crate::nnid::timezones::{OFFSET_FROM_TIMEZONE}; use crate::Pool; use crate::xml::{Xml, YesNoVal}; use crate::email::send_verification_email; -use rand::Rng; +use rand::prelude::*; // Not in use currently. //use mii::{get_image_png, get_image_tga}; use crate::mii_util::get_mii_img_url; @@ -118,7 +118,7 @@ pub async fn create_account(database: &State, data: Xml