build fixes

Author: irfn

.github/workflows/ci.yml

@@ -102,9 +102,9 @@ jobs:
       run: cargo audit
 
     - name: Install cargo-deny
-      run: cargo install cargo-deny
+      run: cargo install cargo-deny --locked
 
-    - name: Run cargo-deny
+    - name: Run cargo-deny check
       run: cargo deny check
 
   coverage:

deny.toml

@@ -1,35 +1,25 @@
 # cargo-deny configuration for ClamReef Agent
-# See https://embarkstudios.github.io/cargo-deny/ for more information
+# Compatible with recent cargo-deny versions
 
 [graph]
-# If true, metadata will be collected with `--all-features`. Note that this can't
-# be toggled off if true, if you want to conditionally enable it, set it to false
-# here and pass `--all-features` to cargo-deny on the command line.
+# If true, metadata will be collected with `--all-features`
 all-features = true
-# If set, these feature flags will be passed when collecting metadata. This list
-# will be extended if you supply additional feature flags on the command line
-features = []
-# If set, disables the default features for a crate
-no-default-features = false
 
 [advisories]
-# The lint level for security vulnerabilities
+# Lint level for security vulnerabilities
 vulnerability = "deny"
-# The lint level for unmaintained crates
+# Lint level for unmaintained crates
 unmaintained = "warn"
-# The lint level for crates that have been yanked from their source registry
+# Lint level for yanked crates
 yanked = "warn"
-# The lint level for crates with security notices.
+# Lint level for crates with security notices
 notice = "warn"
-# A list of advisory IDs to ignore. Note that ignored advisories will still
-# output a note when they are encountered.
-ignore = [
-    #"RUSTSEC-0000-0000",
-]
+# Advisory IDs to ignore
+ignore = []
 
 [licenses]
-# The lint level for crates which do not have a detectable license
-unlicensed = "deny"
+# Confidence threshold for detecting a license from license text
+confidence-threshold = 0.8
 # List of explicitly allowed licenses
 allow = [
     "MIT",
@@ -50,57 +40,18 @@ deny = [
 ]
 # Lint level for when multiple versions of the same license are detected
 copyleft = "warn"
-# Confidence threshold for detecting a license from license text.
-confidence-threshold = 0.8
-# Allow 1 or more licenses on a per-crate basis, so that particular licenses
-# aren't accepted for every possible crate as with the normal allow list
-exceptions = [
-    # Each entry is the crate and version constraint, and its the license
-    { allow = ["OpenSSL"], name = "ring" },
-]
-
-[[licenses.clarify]]
-# The name of the crate the clarification applies to
-name = "ring"
-# The optional version constraint for the crate
-version = "*"
-# The SPDX expression for the license requirements of the crate
-expression = "MIT AND ISC AND OpenSSL"
-# One or more files in the crate's source used as the "source of truth" for
-# the license expression. If the files are missing, or their checksums do not
-# match, the clarification will fail
-license-files = [
-    { path = "LICENSE", hash = 0xbd0eed23 }
-]
+# The default lint level for licenses not explicitly allowed or denied
+default = "deny"
 
 [bans]
 # Lint level for when multiple versions of the same crate are detected
 multiple-versions = "warn"
 # Lint level for when a crate version requirement is `*`
 wildcards = "allow"
-# The graph highlighting used when creating dotgraphs for crates
-# with multiple versions
-highlight = "all"
-# List of crates that are allowed to have multiple versions
-allow = [
-    #{ name = "ansi_term", version = "=0.11.0" },
-]
+# List of crates that are allowed. Use with care!
+allow = []
 # List of crates to deny
-deny = [
-    # Each entry the name of a crate and a version range. If version is
-    # not specified, all versions will be matched.
-    #{ name = "ansi_term", version = "=0.11.0" },
-]
-# Certain crates/versions that will be skipped when doing duplicate detection.
-skip = [
-    #{ name = "ansi_term", version = "=0.11.0" },
-]
-# Similarly to `skip` allows you to skip certain crates from duplicate
-# detection. Unlike skip, it also includes the entire tree of transitive
-# dependencies starting from the specified crate, up to a certain depth.
-skip-tree = [
-    #{ name = "ansi_term", version = "=0.11.0", depth = 20 },
-]
+deny = []
 
 [sources]
 # Lint level for what to happen when a crate from a crate registry that is
@@ -109,8 +60,7 @@ unknown-registry = "warn"
 # Lint level for what to happen when a crate from a git repository that is not
 # in the allow list is encountered
 unknown-git = "warn"
-# List of URLs for allowed crate registries. Defaults to the crates.io index
-# if not specified. If it is specified but empty, no registries are allowed.
+# List of URLs for allowed crate registries
 allow-registry = ["https://github.com/rust-lang/crates.io-index"]
 # List of URLs for allowed Git repositories
 allow-git = []

src/clamav/client.rs

@@ -6,9 +6,9 @@ use tokio::net::{TcpStream, UnixStream};
 use tokio::time::timeout;
 use tracing::debug;
 
-use crate::error::{Error, Result};
 use super::parser::Parser;
 use super::types::{ScanResult, Stats, Version};
+use crate::error::{Error, Result};
 
 #[derive(Debug, Clone)]
 pub enum ClamAVConnection {
@@ -45,36 +45,32 @@ impl ClamAVClientImpl {
 
     async fn send_command(&self, command: &str) -> Result<String> {
         match &self.connection {
-            ClamAVConnection::Unix { path } => {
-                self.send_unix_command(path, command).await
-            }
+            ClamAVConnection::Unix { path } => self.send_unix_command(path, command).await,
             ClamAVConnection::Tcp { host, port } => {
                 self.send_tcp_command(host, *port, command).await
             }
         }
     }
 
     async fn send_unix_command(&self, path: &str, command: &str) -> Result<String> {
-        let mut stream = timeout(
-            self.timeout,
-            UnixStream::connect(path)
-        ).await
+        let mut stream = timeout(self.timeout, UnixStream::connect(path))
+            .await
             .map_err(|_| Error::Timeout(format!("Connection to {} timed out", path)))?
             .map_err(|e| Error::Connection(format!("Failed to connect to {}: {}", path, e)))?;
 
         debug!("Sending command to ClamAV: {}", command);
 
         let cmd = format!("z{}\0", command);
-        stream.write_all(cmd.as_bytes()).await
+        stream
+            .write_all(cmd.as_bytes())
+            .await
             .map_err(|e| Error::Io(e))?;
 
         let mut response = Vec::new();
         let mut reader = BufReader::new(stream);
 
-        timeout(
-            self.timeout,
-            reader.read_until(b'\0', &mut response)
-        ).await
+        timeout(self.timeout, reader.read_until(b'\0', &mut response))
+            .await
             .map_err(|_| Error::Timeout("Read response timed out".to_string()))?
             .map_err(|e| Error::Io(e))?;
 
@@ -89,26 +85,24 @@ impl ClamAVClientImpl {
 
     async fn send_tcp_command(&self, host: &str, port: u16, command: &str) -> Result<String> {
         let addr = format!("{}:{}", host, port);
-        let mut stream = timeout(
-            self.timeout,
-            TcpStream::connect(&addr)
-        ).await
+        let mut stream = timeout(self.timeout, TcpStream::connect(&addr))
+            .await
             .map_err(|_| Error::Timeout(format!("Connection to {} timed out", addr)))?
             .map_err(|e| Error::Connection(format!("Failed to connect to {}: {}", addr, e)))?;
 
         debug!("Sending command to ClamAV: {}", command);
 
         let cmd = format!("z{}\0", command);
-        stream.write_all(cmd.as_bytes()).await
+        stream
+            .write_all(cmd.as_bytes())
+            .await
             .map_err(|e| Error::Io(e))?;
 
         let mut response = Vec::new();
         let mut reader = BufReader::new(stream);
 
-        timeout(
-            self.timeout,
-            reader.read_until(b'\0', &mut response)
-        ).await
+        timeout(self.timeout, reader.read_until(b'\0', &mut response))
+            .await
             .map_err(|_| Error::Timeout("Read response timed out".to_string()))?
             .map_err(|e| Error::Io(e))?;
 
@@ -155,7 +149,10 @@ impl ClamAVClient for ClamAVClientImpl {
         if response.trim() == "RELOADING" {
             Ok(())
         } else {
-            Err(Error::ClamAV(format!("Unexpected reload response: {}", response)))
+            Err(Error::ClamAV(format!(
+                "Unexpected reload response: {}",
+                response
+            )))
         }
     }
 }
@@ -177,4 +174,4 @@ mod tests {
             async fn reload(&self) -> Result<()>;
         }
     }
-}
+}

src/clamav/mod.rs

@@ -3,4 +3,4 @@ pub mod parser;
 pub mod types;
 
 pub use client::{ClamAVClient, ClamAVClientImpl, ClamAVConnection};
-pub use types::{ScanResult, ScanStatus, Stats, Version};
+pub use types::{ScanResult, ScanStatus, Stats, Version};

src/clamav/parser.rs

@@ -1,10 +1,10 @@
 use chrono::Utc;
 use regex::Regex;
 
-use crate::error::{Error, Result};
 use super::types::{
     DatabaseInfo, MemoryStats, QueueStats, ScanResult, ScanStatus, Stats, ThreadStats, Version,
 };
+use crate::error::{Error, Result};
 
 pub struct Parser;
 
@@ -13,11 +13,15 @@ impl Parser {
         // Example: ClamAV 0.103.8/26827/Mon Mar 13 08:20:48 2023
         let parts: Vec<&str> = response.trim().split('/').collect();
         if parts.len() < 3 {
-            return Err(Error::Parse(format!("Invalid version response: {}", response)));
+            return Err(Error::Parse(format!(
+                "Invalid version response: {}",
+                response
+            )));
         }
 
         let clamav = parts[0].replace("ClamAV ", "");
-        let database = parts[1].parse::<u32>()
+        let database = parts[1]
+            .parse::<u32>()
             .map_err(|_| Error::Parse(format!("Invalid database version: {}", parts[1])))?;
         let database_date = parts[2].to_string();
 
@@ -31,9 +35,17 @@ impl Parser {
     pub fn parse_stats(response: &str) -> Result<Stats> {
         let mut pools = 0;
         let mut state = String::new();
-        let mut threads = ThreadStats { live: 0, idle: 0, max: 0 };
+        let mut threads = ThreadStats {
+            live: 0,
+            idle: 0,
+            max: 0,
+        };
         let mut queue = QueueStats { items: 0, max: 0 };
-        let mut mem_stats = MemoryStats { heap: 0.0, mmap: 0.0, used: 0.0 };
+        let mut mem_stats = MemoryStats {
+            heap: 0.0,
+            mmap: 0.0,
+            used: 0.0,
+        };
         let mut database = DatabaseInfo {
             version: 0,
             sigs: 0,
@@ -124,7 +136,10 @@ impl Parser {
             let error_msg = response.replace("ERROR: ", "");
             (ScanStatus::Error(error_msg.clone()), None)
         } else {
-            (ScanStatus::Error(format!("Unexpected response: {}", response)), None)
+            (
+                ScanStatus::Error(format!("Unexpected response: {}", response)),
+                None,
+            )
         };
 
         Ok(ScanResult {
@@ -165,4 +180,4 @@ mod tests {
         assert_eq!(result.status, ScanStatus::Infected);
         assert_eq!(result.threat, Some("Win.Trojan.Generic".to_string()));
     }
-}
+}

src/clamav/types.rs

@@ -60,4 +60,4 @@ pub struct Version {
     pub clamav: String,
     pub database: u32,
     pub database_date: String,
-}
+}