Misc clippy

boring-sys/build/main.rs

@@ -658,15 +658,15 @@ fn generate_bindings(config: &Config) {
             .clang_arg("--sysroot")
             .clang_arg(sysroot.display().to_string());
 
-        let c_target = format!(
-            "{}-{}-{}",
-            &config.target_arch, &config.target_os, &config.target_env
-        );
-
         // we need to add special platform header file with env for support cross building
-        let header = format!("{}/usr/include/{}", sysroot.display(), c_target);
-        if PathBuf::from(&header).is_dir() {
-            builder = builder.clang_arg("-I").clang_arg(&header);
+        let target_include_dir = sysroot.join(format!(
+            "usr/include/{}-{}-{}",
+            config.target_arch, config.target_os, config.target_env
+        ));
+        if target_include_dir.is_dir() {
+            builder = builder
+                .clang_arg("-I")
+                .clang_arg(target_include_dir.display().to_string());
         }
     }
 
@@ -722,7 +722,7 @@ fn ensure_err_lib_enum_is_named(source_code: &mut Vec<u8>) {
     let src = String::from_utf8_lossy(source_code);
     let enum_type = src
         .split_once("ERR_LIB_SSL:")
-        .and_then(|(_, def)| Some(def.split_once("=")?.0))
+        .and_then(|(_, def)| Some(def.split_once('=')?.0))
         .unwrap_or("_bindgen_ty_1");
 
     source_code.extend_from_slice(

boring/src/dsa.rs

@@ -300,7 +300,7 @@ mod test {
         let mut ctx = BigNumContext::new().unwrap();
         let mut calc = BigNum::new().unwrap();
         calc.mod_exp(g, priv_key, p, &mut ctx).unwrap();
-        assert_eq!(&calc, pub_key)
+        assert_eq!(&calc, pub_key);
     }
 
     #[test]

boring/src/sha.rs

@@ -54,7 +54,6 @@ use std::mem::MaybeUninit;
 /// SHA1 is known to be insecure - it should not be used unless required for
 /// compatibility with existing systems.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha1(data: &[u8]) -> [u8; 20] {
     unsafe {
@@ -66,7 +65,6 @@ pub fn sha1(data: &[u8]) -> [u8; 20] {
 
 /// Computes the SHA224 hash of some data.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha224(data: &[u8]) -> [u8; 28] {
     unsafe {
@@ -78,7 +76,6 @@ pub fn sha224(data: &[u8]) -> [u8; 28] {
 
 /// Computes the SHA256 hash of some data.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha256(data: &[u8]) -> [u8; 32] {
     unsafe {
@@ -90,7 +87,6 @@ pub fn sha256(data: &[u8]) -> [u8; 32] {
 
 /// Computes the SHA384 hash of some data.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha384(data: &[u8]) -> [u8; 48] {
     unsafe {
@@ -102,7 +98,6 @@ pub fn sha384(data: &[u8]) -> [u8; 48] {
 
 /// Computes the SHA512 hash of some data.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha512(data: &[u8]) -> [u8; 64] {
     unsafe {
@@ -114,7 +109,6 @@ pub fn sha512(data: &[u8]) -> [u8; 64] {
 
 /// Computes the SHA512-256 hash of some data.
 #[inline]
-#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
 #[must_use]
 pub fn sha512_256(data: &[u8]) -> [u8; 32] {
     unsafe {
@@ -143,7 +137,6 @@ impl Default for Sha1 {
 impl Sha1 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha1 {
         unsafe {
@@ -165,7 +158,6 @@ impl Sha1 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 20] {
         unsafe {
@@ -190,7 +182,6 @@ impl Default for Sha224 {
 impl Sha224 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha224 {
         unsafe {
@@ -212,7 +203,6 @@ impl Sha224 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 28] {
         unsafe {
@@ -237,7 +227,6 @@ impl Default for Sha256 {
 impl Sha256 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha256 {
         unsafe {
@@ -259,7 +248,6 @@ impl Sha256 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 32] {
         unsafe {
@@ -284,7 +272,6 @@ impl Default for Sha384 {
 impl Sha384 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha384 {
         unsafe {
@@ -306,7 +293,6 @@ impl Sha384 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 48] {
         unsafe {
@@ -331,7 +317,6 @@ impl Default for Sha512 {
 impl Sha512 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha512 {
         unsafe {
@@ -353,7 +338,6 @@ impl Sha512 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 64] {
         unsafe {
@@ -378,7 +362,6 @@ impl Default for Sha512_256 {
 impl Sha512_256 {
     /// Creates a new hasher.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn new() -> Sha512_256 {
         unsafe {
@@ -400,7 +383,6 @@ impl Sha512_256 {
 
     /// Returns the hash of the data.
     #[inline]
-    #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
     #[must_use]
     pub fn finish(mut self) -> [u8; 32] {
         unsafe {

boring/src/ssl/error.rs

@@ -79,6 +79,7 @@ impl ErrorCode {
     }
 
     #[corresponds(SSL_error_description)]
+    #[must_use]
     pub fn description(self) -> Option<&'static str> {
         unsafe {
             let msg = ffi::SSL_error_description(self.0);

boring/src/ssl/mod.rs

@@ -1658,7 +1658,7 @@ impl SslContextBuilder {
         C: CertificateCompressor,
     {
         const {
-            assert!(C::CAN_COMPRESS || C::CAN_DECOMPRESS, "Either compression or decompression must be supported for algorithm to be registered")
+            assert!(C::CAN_COMPRESS || C::CAN_DECOMPRESS, "Either compression or decompression must be supported for algorithm to be registered");
         };
         let success = unsafe {
             ffi::SSL_CTX_add_cert_compression_alg(
@@ -1705,7 +1705,7 @@ impl SslContextBuilder {
                     decrypt: Some(callbacks::raw_decrypt::<M>),
                     complete: Some(callbacks::raw_complete::<M>),
                 },
-            )
+            );
         }
     }
 
@@ -2327,6 +2327,7 @@ impl SslContextRef {
     }
 
     /// Returns `true` if context is configured for X.509 certificates.
+    #[must_use]
     pub fn has_x509_support(&self) -> bool {
         self.ex_data(*X509_FLAG_INDEX).copied().unwrap_or_default()
     }
@@ -2351,6 +2352,7 @@ impl SslContextRef {
     /// Returns the list of server certificate types.
     #[corresponds(SSL_CTX_get0_server_certificate_types)]
     #[cfg(feature = "rpk")]
+    #[must_use]
     pub fn server_certificate_types(&self) -> Option<&[CertificateType]> {
         let mut types = ptr::null();
         let mut types_len = 0;
@@ -4644,6 +4646,7 @@ impl SslCredentialBuilder {
         }
     }
 
+    #[must_use]
     pub fn build(self) -> SslCredential {
         self.0
     }

boring/src/ssl/test/ech.rs

@@ -40,7 +40,7 @@ fn ech() {
     let (_server, client) = bootstrap_ech(ECH_CONFIG, ECH_KEY, ECH_CONFIG_LIST);
 
     let ssl_stream = client.connect();
-    assert!(ssl_stream.ssl().ech_accepted())
+    assert!(ssl_stream.ssl().ech_accepted());
 }
 
 #[test]
@@ -57,7 +57,7 @@ fn ech_rejection() {
         Some(b"ech.com".to_vec().as_ref())
     );
     assert!(failed_ssl_stream.ssl().get_ech_retry_configs().is_some());
-    assert!(!failed_ssl_stream.ssl().ech_accepted())
+    assert!(!failed_ssl_stream.ssl().ech_accepted());
 }
 
 #[test]
@@ -69,5 +69,5 @@ fn ech_grease() {
     client.ssl().set_enable_ech_grease(true);
 
     let ssl_stream = client.connect();
-    assert!(!ssl_stream.ssl().ech_accepted())
+    assert!(!ssl_stream.ssl().ech_accepted());
 }

boring/src/ssl/test/mod.rs

@@ -1010,7 +1010,7 @@ fn test_set_compliance() {
     assert_eq!(ciphers.len(), FIPS_CIPHERS.len());
 
     for cipher in ciphers.into_iter().zip(FIPS_CIPHERS) {
-        assert_eq!(cipher.0.name(), cipher.1)
+        assert_eq!(cipher.0.name(), cipher.1);
     }
 
     let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
@@ -1029,7 +1029,7 @@ fn test_set_compliance() {
     assert_eq!(ciphers.len(), WPA3_192_CIPHERS.len());
 
     for cipher in ciphers.into_iter().zip(WPA3_192_CIPHERS) {
-        assert_eq!(cipher.0.name(), cipher.1)
+        assert_eq!(cipher.0.name(), cipher.1);
     }
 
     ctx.set_compliance_policy(CompliancePolicy::NONE)
@@ -1092,7 +1092,7 @@ fn test_ssl_set_compliance() {
     assert_eq!(ciphers.len(), FIPS_CIPHERS.len());
 
     for cipher in ciphers.into_iter().zip(FIPS_CIPHERS) {
-        assert_eq!(cipher.0.name(), cipher.1)
+        assert_eq!(cipher.0.name(), cipher.1);
     }
 
     let ctx = SslContext::builder(SslMethod::tls()).unwrap().build();
@@ -1112,7 +1112,7 @@ fn test_ssl_set_compliance() {
     assert_eq!(ciphers.len(), WPA3_192_CIPHERS.len());
 
     for cipher in ciphers.into_iter().zip(WPA3_192_CIPHERS) {
-        assert_eq!(cipher.0.name(), cipher.1)
+        assert_eq!(cipher.0.name(), cipher.1);
     }
 
     ssl.set_compliance_policy(CompliancePolicy::NONE)

boring/src/ssl/test/session.rs

@@ -49,7 +49,7 @@ fn new_get_session_callback() {
         .ctx()
         .set_session_cache_mode(SslSessionCacheMode::SERVER | SslSessionCacheMode::NO_INTERNAL);
     server.ctx().set_new_session_callback(|_, session| {
-        SERVER_SESSION_DER.set(session.to_der().unwrap()).unwrap()
+        SERVER_SESSION_DER.set(session.to_der().unwrap()).unwrap();
     });
     unsafe {
         server.ctx().set_get_session_callback(|_, id| {
@@ -76,7 +76,7 @@ fn new_get_session_callback() {
         .ctx()
         .set_session_cache_mode(SslSessionCacheMode::CLIENT);
     client.ctx().set_new_session_callback(|_, session| {
-        CLIENT_SESSION_DER.set(session.to_der().unwrap()).unwrap()
+        CLIENT_SESSION_DER.set(session.to_der().unwrap()).unwrap();
     });
 
     let client = client.build();

boring/src/ssl/test/session_resumption.rs

@@ -61,7 +61,7 @@ fn custom_callback_success() {
     unsafe {
         server
             .ctx()
-            .set_ticket_key_callback(test_success_tickey_key_callback)
+            .set_ticket_key_callback(test_success_tickey_key_callback);
     };
     let server = server.build();
 
@@ -106,7 +106,7 @@ fn custom_callback_unrecognized_decryption_ticket() {
     unsafe {
         server
             .ctx()
-            .set_ticket_key_callback(test_noop_tickey_key_callback)
+            .set_ticket_key_callback(test_noop_tickey_key_callback);
     };
     let server = server.build();
 

boring/src/x509/store.rs

@@ -177,6 +177,7 @@ impl X509StoreRef {
 }
 
 #[test]
+#[allow(clippy::redundant_clone)]
 #[should_panic = "Shared X509Store can't be mutated"]
 fn set_cert_store_pevents_mutability() {
     use crate::ssl::*;

boring/src/x509/tests/mod.rs

@@ -73,7 +73,7 @@ fn test_subject_read_cn() {
     let cert = X509::from_pem(cert).unwrap();
     let subject = cert.subject_name();
     let cn = subject.entries_by_nid(Nid::COMMONNAME).next().unwrap();
-    assert_eq!(cn.data().as_slice(), b"foobar.com")
+    assert_eq!(cn.data().as_slice(), b"foobar.com");
 }
 
 #[test]

boring/src/x509/tests/trusted_first.rs

@@ -60,7 +60,7 @@ fn test_verify_cert() {
     assert_eq!(
         Ok(()),
         verify(&leaf, &[&root1], &[&intermediate, &root1_cross], |param| {
-            param.clear_flags(X509VerifyFlags::TRUSTED_FIRST)
+            param.clear_flags(X509VerifyFlags::TRUSTED_FIRST);
         })
     );
 }

hyper-boring/src/cache.rs

@@ -86,9 +86,8 @@ impl SessionCache {
     }
 
     pub fn remove(&mut self, session: &SslSessionRef) {
-        let key = match self.reverse.remove(session.id()) {
-            Some(key) => key,
-            None => return,
+        let Some(key) = self.reverse.remove(session.id()) else {
+            return;
         };
 
         if let Entry::Occupied(mut sessions) = self.sessions.entry(key) {