chore: upgrade to iroh v0.30.0

content-discovery/Cargo.toml

@@ -3,6 +3,7 @@ members = [
   "iroh-mainline-content-discovery",
   "iroh-mainline-content-discovery-cli",
   "iroh-mainline-tracker",
+  "tls",
 ]
 resolver = "2"
 
@@ -26,5 +27,6 @@ missing_debug_implementations = "warn"
 unused-async = "warn"
 
 [workspace.dependencies]
-iroh = "0.29"
-iroh-blobs = "0.29"
+iroh = "0.30"
+iroh-base = "0.30"
+iroh-blobs = { version = "0.30", features = ["rpc"] }

content-discovery/iroh-mainline-content-discovery-cli/src/args.rs

@@ -1,6 +1,7 @@
 //! Command line arguments.
 use clap::{Parser, Subcommand};
-use iroh::{ticket::BlobTicket, NodeId};
+use iroh::NodeId;
+use iroh_blobs::ticket::BlobTicket;
 use iroh_blobs::{Hash, HashAndFormat};
 use std::{
     fmt::Display,

content-discovery/iroh-mainline-content-discovery-cli/src/main.rs

@@ -24,7 +24,7 @@ async fn announce(args: AnnounceArgs) -> anyhow::Result<()> {
         eprintln!("ANNOUNCE_SECRET environment variable must be set to a valid secret key");
         anyhow::bail!("ANNOUNCE_SECRET env var not set");
     };
-    let Ok(key) = iroh::key::SecretKey::from_str(&key) else {
+    let Ok(key) = iroh::SecretKey::from_str(&key) else {
         anyhow::bail!("ANNOUNCE_SECRET env var is not a valid secret key");
     };
     let content = args.content.hash_and_format();

content-discovery/iroh-mainline-content-discovery/Cargo.toml

@@ -12,7 +12,9 @@ license = "MIT OR Apache-2.0"
 #
 # The protocol is using postcard, but we don't need a postcard dependency for just the type definitions
 iroh = { workspace = true }
+iroh-base = { workspace = true }
 iroh-blobs = { workspace = true }
+rand = "0.8.5"
 serde = { version = "1", features = ["derive"] }
 derive_more = { version = "1.0.0-beta.1", features = ["debug", "display", "from", "try_into"] }
 serde-big-array = "0.5.1"
@@ -30,7 +32,8 @@ rustls = { version = "0.23", default-features = false, features = ["ring"], opti
 genawaiter = { version = "0.99.1", features = ["futures03"], optional = true }
 tokio = { version = "1.36.0", optional = true }
 flume = "0.11.0"
+tls = { path = "../tls", optional = true }
 
 [features]
-client = ["mainline", "iroh-quinn", "tracing", "anyhow", "rcgen", "genawaiter", "rustls", "futures", "postcard", "tokio"]
+client = ["mainline", "iroh-quinn", "tracing", "anyhow", "rcgen", "genawaiter", "rustls", "futures", "postcard", "tokio", "tls"]
 default = ["client"]

content-discovery/iroh-mainline-content-discovery/src/client.rs

@@ -210,9 +210,8 @@ pub fn create_quinn_client(
     alpn_protocols: Vec<Vec<u8>>,
     keylog: bool,
 ) -> anyhow::Result<iroh_quinn::Endpoint> {
-    let secret_key = iroh::key::SecretKey::generate();
-    let tls_client_config =
-        iroh::tls::make_client_config(&secret_key, None, alpn_protocols, keylog)?;
+    let secret_key = iroh::SecretKey::generate(rand::thread_rng());
+    let tls_client_config = tls::make_client_config(&secret_key, None, alpn_protocols, keylog)?;
     let mut client_config = iroh_quinn::ClientConfig::new(Arc::new(tls_client_config));
     let mut endpoint = iroh_quinn::Endpoint::client(bind_addr)?;
     let mut transport_config = iroh_quinn::TransportConfig::default();
@@ -223,7 +222,7 @@ pub fn create_quinn_client(
 }
 
 async fn create_endpoint(
-    key: iroh::key::SecretKey,
+    key: iroh::SecretKey,
     ipv4_addr: SocketAddrV4,
     ipv6_addr: SocketAddrV6,
     publish: bool,
@@ -301,7 +300,7 @@ async fn connect_iroh(
     // todo: uncomment once the connection problems are fixed
     // for now, a random node id is more reliable.
     // let key = load_secret_key(tracker_path(CLIENT_KEY)?).await?;
-    let key = iroh::key::SecretKey::generate();
+    let key = iroh::SecretKey::generate(rand::thread_rng());
     let endpoint = create_endpoint(key, local_ipv4_addr, local_ipv6_addr, false).await?;
     tracing::info!("trying to connect to tracker at {:?}", tracker);
     let connection = endpoint.connect(tracker, ALPN).await?;

content-discovery/iroh-mainline-content-discovery/src/protocol.rs

@@ -118,7 +118,7 @@ impl Deref for SignedAnnounce {
 
 impl SignedAnnounce {
     /// Create a new signed announce.
-    pub fn new(announce: Announce, secret_key: &iroh::key::SecretKey) -> anyhow::Result<Self> {
+    pub fn new(announce: Announce, secret_key: &iroh::SecretKey) -> anyhow::Result<Self> {
         let announce_bytes = postcard::to_allocvec(&announce)?;
         let signature = secret_key.sign(&announce_bytes).to_bytes();
         Ok(Self {
@@ -130,7 +130,7 @@ impl SignedAnnounce {
     /// Verify the announce, and return the announce if it's valid.
     pub fn verify(&self) -> anyhow::Result<()> {
         let announce_bytes = postcard::to_allocvec(&self.announce)?;
-        let signature = iroh::key::Signature::from_bytes(&self.signature);
+        let signature = iroh_base::Signature::from_bytes(&self.signature);
         self.announce.host.verify(&announce_bytes, &signature)?;
         Ok(())
     }

content-discovery/iroh-mainline-tracker/Cargo.toml

@@ -41,6 +41,7 @@ url = "2.5.0"
 flume = "0.11.0"
 genawaiter = { version = "0.99.1", features = ["futures03"] }
 iroh-mainline-content-discovery = { path = "../iroh-mainline-content-discovery", features = ["client"] }
+tls = { path = "../tls" }
 
 clap = { version = "4", features = ["derive"], optional = true }
 serde-big-array = "0.5.1"

content-discovery/iroh-mainline-tracker/src/main.rs

@@ -62,7 +62,7 @@ async fn await_relay_region(endpoint: &Endpoint) -> anyhow::Result<()> {
 }
 
 async fn create_endpoint(
-    key: iroh::key::SecretKey,
+    key: iroh::SecretKey,
     ipv4_addr: SocketAddrV4,
     publish: bool,
 ) -> anyhow::Result<Endpoint> {
@@ -187,18 +187,18 @@ async fn main() -> anyhow::Result<()> {
 
 /// Returns default server configuration along with its certificate.
 #[allow(clippy::field_reassign_with_default)] // https://github.com/rust-lang/rust-clippy/issues/6527
-fn configure_server(secret_key: &iroh::key::SecretKey) -> anyhow::Result<iroh_quinn::ServerConfig> {
+fn configure_server(secret_key: &iroh::SecretKey) -> anyhow::Result<iroh_quinn::ServerConfig> {
     make_server_config(secret_key, 8, 1024, vec![ALPN.to_vec()])
 }
 
 /// Create a [`quinn::ServerConfig`] with the given secret key and limits.
 pub fn make_server_config(
-    secret_key: &iroh::key::SecretKey,
+    secret_key: &iroh::SecretKey,
     max_streams: u64,
     max_connections: u32,
     alpn_protocols: Vec<Vec<u8>>,
 ) -> anyhow::Result<iroh_quinn::ServerConfig> {
-    let tls_server_config = iroh::tls::make_server_config(secret_key, alpn_protocols, false)?;
+    let tls_server_config = tls::make_server_config(secret_key, alpn_protocols, false)?;
     let mut server_config = iroh_quinn::ServerConfig::with_crypto(Arc::new(tls_server_config));
     let mut transport_config = iroh_quinn::TransportConfig::default();
     transport_config

content-discovery/tls/Cargo.toml

@@ -0,0 +1,22 @@
+[package]
+name = "tls"
+version = "0.1.0"
+edition = "2021"
+description = "create tls configuration for quic connections"
+license = "MIT OR Apache-2.0"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+iroh-base = { workspace = true }
+der = { version = "0.7", features = ["alloc", "derive"] }
+derive_more = { version = "1.0.0-beta.1", features = ["debug", "display", "from", "try_into"] }
+quinn = { package = "iroh-quinn", version = "0.12.0" }
+rand = "0.8.5"
+rcgen = "0.13"
+ring = "0.17" 
+rustls = { version = "0.23", default-features = false, features = ["ring"] }
+thiserror = "2" 
+tracing = "0.1"
+webpki = { package = "rustls-webpki", version = "0.102" }
+x509-parser = "0.16"