From 9bce420cd43fca96bce722f32094caa1ac85a302 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Mar 2024 18:47:25 +0000
Subject: [PATCH 1/2] chore(deps): Bump rustls-pemfile from 1.0.3 to 2.1.1

Bumps [rustls-pemfile](https://github.com/rustls/pemfile) from 1.0.3 to 2.1.1.
- [Release notes](https://github.com/rustls/pemfile/releases)
- [Commits](https://github.com/rustls/pemfile/compare/v/1.0.3...v/2.1.1)

---
updated-dependencies:
- dependency-name: rustls-pemfile
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Cargo.lock               | 34 +++++++++++++++++++++++++---------
 src/connector/Cargo.toml |  2 +-
 2 files changed, 26 insertions(+), 10 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 99627dd7e9401..c12a7bf701773 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -796,7 +796,7 @@ dependencies = [
  "ring 0.17.5",
  "rustls",
  "rustls-native-certs",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "rustls-webpki 0.101.7",
  "serde",
  "serde_json",
@@ -8536,7 +8536,7 @@ dependencies = [
  "pin-project-lite",
  "rustls",
  "rustls-native-certs",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "serde",
  "serde_json",
  "serde_urlencoded",
@@ -9185,7 +9185,7 @@ dependencies = [
  "rumqttc",
  "rust_decimal",
  "rustls-native-certs",
- "rustls-pemfile",
+ "rustls-pemfile 2.1.1",
  "rw_futures_util",
  "serde",
  "serde_derive",
@@ -10344,7 +10344,7 @@ dependencies = [
  "futures",
  "log",
  "rustls-native-certs",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "rustls-webpki 0.100.3",
  "thiserror",
  "tokio",
@@ -10497,20 +10497,36 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a9aace74cb666635c918e9c12bc0d348266037aa8eb599b5cba565709a8dff00"
 dependencies = [
  "openssl-probe",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "schannel",
  "security-framework",
 ]
 
 [[package]]
 name = "rustls-pemfile"
-version = "1.0.3"
+version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2"
+checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c"
 dependencies = [
  "base64 0.21.7",
 ]
 
+[[package]]
+name = "rustls-pemfile"
+version = "2.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f48172685e6ff52a556baa527774f61fcaa884f59daf3375c62a3f1cd2549dab"
+dependencies = [
+ "base64 0.21.7",
+ "rustls-pki-types",
+]
+
+[[package]]
+name = "rustls-pki-types"
+version = "1.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ede67b28608b4c60685c7d54122d4400d90f62b40caee7700e700380a390fa8"
+
 [[package]]
 name = "rustls-webpki"
 version = "0.100.3"
@@ -12486,7 +12502,7 @@ dependencies = [
  "pin-project",
  "prost 0.12.1",
  "rustls",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "tokio",
  "tokio-rustls",
  "tokio-stream",
@@ -14250,7 +14266,7 @@ dependencies = [
  "log",
  "percent-encoding",
  "rustls",
- "rustls-pemfile",
+ "rustls-pemfile 1.0.4",
  "seahash",
  "serde",
  "serde_json",
diff --git a/src/connector/Cargo.toml b/src/connector/Cargo.toml
index e18b5d2bb2c8f..26cf4e1acf5c4 100644
--- a/src/connector/Cargo.toml
+++ b/src/connector/Cargo.toml
@@ -120,7 +120,7 @@ risingwave_rpc_client = { workspace = true }
 rumqttc = { version = "0.22.0", features = ["url"] }
 rust_decimal = "1"
 rustls-native-certs =  "0.6"
-rustls-pemfile = "1"
+rustls-pemfile = "2"
 rw_futures_util = { workspace = true }
 serde = { version = "1", features = ["derive", "rc"] }
 serde_derive = "1"

From 77e195dbc87a09263ea63ef44f25bdc746e417dc Mon Sep 17 00:00:00 2001
From: Richard Chien <stdrc@outlook.com>
Date: Fri, 15 Mar 2024 13:21:56 +0800
Subject: [PATCH 2/2] fix rustls_pemfile api calls

Signed-off-by: Richard Chien <stdrc@outlook.com>
---
 src/connector/src/common.rs | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/src/connector/src/common.rs b/src/connector/src/common.rs
index 4b198bf6caf1b..122383400f5cb 100644
--- a/src/connector/src/common.rs
+++ b/src/connector/src/common.rs
@@ -694,12 +694,9 @@ pub(crate) fn load_certs(
         certificates.as_bytes().to_owned()
     };
 
-    let certs = rustls_pemfile::certs(&mut cert_bytes.as_slice())?;
-
-    Ok(certs
-        .into_iter()
-        .map(tokio_rustls::rustls::Certificate)
-        .collect())
+    rustls_pemfile::certs(&mut cert_bytes.as_slice())
+        .map(|cert| Ok(tokio_rustls::rustls::Certificate(cert?.to_vec())))
+        .collect()
 }
 
 pub(crate) fn load_private_key(
@@ -711,10 +708,10 @@ pub(crate) fn load_private_key(
         certificate.as_bytes().to_owned()
     };
 
-    let certs = rustls_pemfile::pkcs8_private_keys(&mut cert_bytes.as_slice())?;
-    let cert = certs
-        .into_iter()
+    let cert = rustls_pemfile::pkcs8_private_keys(&mut cert_bytes.as_slice())
         .next()
         .ok_or_else(|| anyhow!("No private key found"))?;
-    Ok(tokio_rustls::rustls::PrivateKey(cert))
+    Ok(tokio_rustls::rustls::PrivateKey(
+        cert?.secret_pkcs8_der().to_vec(),
+    ))
 }