Upgrade hyper, reqwest, rustls.

2024-05-11 05:55:07 +00:00 · 2024-05-10 15:46:06 +02:00
parent b6cc336631
commit b6c7b900a3
10 changed files with 575 additions and 458 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -34,47 +34,48 @@ dependencies = [

 [[package]]
 name = "anstream"
-version = "0.6.13"
+version = "0.6.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb"
+checksum = "418c75fa768af9c03be99d17643f93f79bbba589895012a80e3452a19ddda15b"
 dependencies = [
 "anstyle",
 "anstyle-parse",
 "anstyle-query",
 "anstyle-wincon",
 "colorchoice",
+ "is_terminal_polyfill",
 "utf8parse",
 ]

 [[package]]
 name = "anstyle"
-version = "1.0.6"
+version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc"
+checksum = "038dfcf04a5feb68e9c60b21c9625a54c2c0616e79b72b0fd87075a056ae1d1b"

 [[package]]
 name = "anstyle-parse"
-version = "0.2.3"
+version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c75ac65da39e5fe5ab759307499ddad880d724eed2f6ce5b5e8a26f4f387928c"
+checksum = "c03a11a9034d92058ceb6ee011ce58af4a9bf61491aa7e1e59ecd24bd40d22d4"
 dependencies = [
 "utf8parse",
 ]

 [[package]]
 name = "anstyle-query"
-version = "1.0.2"
+version = "1.0.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648"
+checksum = "a64c907d4e79225ac72e2a354c9ce84d50ebb4586dee56c82b3ee73004f537f5"
 dependencies = [
 "windows-sys 0.52.0",
 ]

 [[package]]
 name = "anstyle-wincon"
-version = "3.0.2"
+version = "3.0.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7"
+checksum = "61a38449feb7068f52bb06c12759005cf459ee52bb4adc1d5a7c4322d716fb19"
 dependencies = [
 "anstyle",
 "windows-sys 0.52.0",
@ -97,9 +98,9 @@ checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457"

 [[package]]
 name = "autocfg"
-version = "1.2.0"
+version = "1.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f1fdabc7756949593fe60f30ec81974b613357de856987752631dea1e3394c80"
+checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"

 [[package]]
 name = "backtrace"
@ -118,9 +119,9 @@ dependencies = [

 [[package]]
 name = "base64"
-version = "0.21.7"
+version = "0.22.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567"
+checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"

 [[package]]
 name = "bcder"
@ -132,12 +133,6 @@ dependencies = [
 "smallvec",
 ]

-[[package]]
-name = "bitflags"
-version = "1.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
-
 [[package]]
 name = "bitflags"
 version = "2.5.0"
@ -158,9 +153,9 @@ checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9"

 [[package]]
 name = "cc"
-version = "1.0.95"
+version = "1.0.97"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d32a725bc159af97c3e629873bb9f88fb8cf8a4867175f76dc987815ea07c83b"
+checksum = "099a5357d84c4c61eb35fc8eafa9a79a902c2f76911e5747ced4e032edd8d9b4"

 [[package]]
 name = "cfg-if"
@ -226,19 +221,9 @@ checksum = "702fc72eb24e5a1e48ce58027a675bc24edd52096d5397d4aea7c6dd9eca0bd1"

 [[package]]
 name = "colorchoice"
-version = "1.0.0"
+version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
-
-[[package]]
-name = "core-foundation"
-version = "0.9.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
+checksum = "0b6a852b24ab71dffc585bcb46eaf7959d175cb865a7152e35b348d1b2960422"

 [[package]]
 name = "core-foundation-sys"
@ -254,9 +239,8 @@ checksum = "248e3bacc7dc6baa3b21e405ee045c3047101a49145e7e9eca583ab4c2ca5345"

 [[package]]
 name = "daemonbase"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2e2e198b7af809909368f39c1ab50ef5403756b7d7cd2ba6942555bc146bc874"
+version = "0.1.1-dev"
+source = "git+https://github.com/NLnetLabs/daemonbase.git#58f40e98ca04f795a115bc2fb6e1b741b407b19f"
 dependencies = [
 "chrono",
 "clap",
@ -264,7 +248,7 @@ dependencies = [
 "nix",
 "serde",
 "syslog",
- "toml_edit 0.20.7",
+ "toml_edit",
 ]

 [[package]]
@ -293,15 +277,6 @@ version = "1.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a47c1c47d2f5964e29c61246e81db715514cd532db6b5116a25ea3c03d6780a2"

-[[package]]
-name = "encoding_rs"
-version = "0.8.34"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b45de904aa0b010bce2ab45264d0631681847fa7b6f2eaa7dab7619943bc4f59"
-dependencies = [
- "cfg-if",
-]
-
 [[package]]
 name = "equivalent"
 version = "1.0.1"
@ -332,21 +307,6 @@ dependencies = [
 "percent-encoding",
 ]

-[[package]]
-name = "futures"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0"
-dependencies = [
- "futures-channel",
- "futures-core",
- "futures-executor",
- "futures-io",
- "futures-sink",
- "futures-task",
- "futures-util",
-]
-
 [[package]]
 name = "futures-channel"
 version = "0.3.30"
@ -363,17 +323,6 @@ version = "0.3.30"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d"

-[[package]]
-name = "futures-executor"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a576fc72ae164fca6b9db127eaa9a9dda0d61316034f33a0a0d4eda41f02b01d"
-dependencies = [
- "futures-core",
- "futures-task",
- "futures-util",
-]
-
 [[package]]
 name = "futures-io"
 version = "0.3.30"
@ -409,7 +358,6 @@ version = "0.3.30"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48"
 dependencies = [
- "futures-channel",
 "futures-core",
 "futures-io",
 "futures-macro",
@ -423,9 +371,9 @@ dependencies = [

 [[package]]
 name = "getrandom"
-version = "0.2.14"
+version = "0.2.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "94b22e06ecb0110981051723910cbf0b5f5e09a2062dd7663334ee79a9d1286c"
+checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
 dependencies = [
 "cfg-if",
 "libc",
@ -440,9 +388,9 @@ checksum = "4271d37baee1b8c7e4b708028c57d816cf9d2434acb33a549475f78c181f6253"

 [[package]]
 name = "h2"
-version = "0.3.26"
+version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8"
+checksum = "816ec7294445779408f36fe57bc5b7fc1cf59664059096c65f905c1c61f58069"
 dependencies = [
 "bytes",
 "fnv",
@ -488,9 +436,9 @@ dependencies = [

 [[package]]
 name = "http"
-version = "0.2.12"
+version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1"
+checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258"
 dependencies = [
 "bytes",
 "fnv",
@ -499,12 +447,24 @@ dependencies = [

 [[package]]
 name = "http-body"
-version = "0.4.6"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2"
+checksum = "1cac85db508abc24a2e48553ba12a996e87244a0395ce011e62b37158745d643"
 dependencies = [
 "bytes",
 "http",
+]
+
+[[package]]
+name = "http-body-util"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0475f8b2ac86659c21b64320d5d653f9efe42acd2a4e560073ec61a155a34f1d"
+dependencies = [
+ "bytes",
+ "futures-core",
+ "http",
+ "http-body",
 "pin-project-lite",
 ]

@ -522,13 +482,12 @@ checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"

 [[package]]
 name = "hyper"
-version = "0.14.28"
+version = "1.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf96e135eb83a2a8ddf766e426a841d8ddd7449d5f00d34ea02b41d2f19eef80"
+checksum = "fe575dd17d0862a9a33781c8c4696a55c320909004a67a00fb286ba8b1bc496d"
 dependencies = [
 "bytes",
 "futures-channel",
- "futures-core",
 "futures-util",
 "h2",
 "http",
@ -537,25 +496,46 @@ dependencies = [
 "httpdate",
 "itoa",
 "pin-project-lite",
- "socket2",
+ "smallvec",
 "tokio",
- "tower-service",
- "tracing",
 "want",
 ]

 [[package]]
 name = "hyper-rustls"
-version = "0.24.2"
+version = "0.26.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590"
+checksum = "a0bea761b46ae2b24eb4aef630d8d1c398157b6fc29e6350ecf090a0b70c952c"
 dependencies = [
 "futures-util",
 "http",
 "hyper",
+ "hyper-util",
 "rustls",
+ "rustls-pki-types",
 "tokio",
 "tokio-rustls",
+ "tower-service",
+]
+
+[[package]]
+name = "hyper-util"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca38ef113da30126bbff9cd1705f9273e15d45498615d138b0c20279ac7a76aa"
+dependencies = [
+ "bytes",
+ "futures-channel",
+ "futures-util",
+ "http",
+ "http-body",
+ "hyper",
+ "pin-project-lite",
+ "socket2",
+ "tokio",
+ "tower",
+ "tower-service",
+ "tracing",
 ]

 [[package]]
@ -618,6 +598,12 @@ dependencies = [
 "windows-sys 0.52.0",
 ]

+[[package]]
+name = "is_terminal_polyfill"
+version = "1.70.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8478577c03552c21db0e2724ffb8986a5ce7af88107e6be5d2ee6e158c12800"
+
 [[package]]
 name = "itoa"
 version = "1.0.11"
@ -635,9 +621,9 @@ dependencies = [

 [[package]]
 name = "libc"
-version = "0.2.153"
+version = "0.2.154"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd"
+checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346"

 [[package]]
 name = "log"
@ -689,7 +675,7 @@ version = "0.27.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053"
 dependencies = [
- "bitflags 2.5.0",
+ "bitflags",
 "cfg-if",
 "libc",
 ]
@ -702,9 +688,9 @@ checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"

 [[package]]
 name = "num-traits"
-version = "0.2.18"
+version = "0.2.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a"
+checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
 dependencies = [
 "autocfg",
 ]
@ -749,6 +735,26 @@ version = "2.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"

+[[package]]
+name = "pin-project"
+version = "1.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6bf43b791c5b9e34c3d182969b4abb522f9343702850a2e57f460d00d09b4b3"
+dependencies = [
+ "pin-project-internal",
+]
+
+[[package]]
+name = "pin-project-internal"
+version = "1.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "pin-project-lite"
 version = "0.2.14"
@ -775,13 +781,22 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"

 [[package]]
 name = "proc-macro2"
-version = "1.0.81"
+version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d1597b0c024618f09a9c3b8655b7e430397a36d23fdafec26d6965e9eec3eba"
+checksum = "8ad3d49ab951a01fbaafe34f2ec74122942fe18a3f9814c3268f1bb72042131b"
 dependencies = [
 "unicode-ident",
 ]

+[[package]]
+name = "quick-xml"
+version = "0.31.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1004a344b30a54e2ee58d66a71b32d2db2feb0a31f9a2d302bf0536f15de2a33"
+dependencies = [
+ "memchr",
+]
+
 [[package]]
 name = "quote"
 version = "1.0.36"
@ -832,20 +847,21 @@ dependencies = [

 [[package]]
 name = "reqwest"
-version = "0.11.27"
+version = "0.12.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62"
+checksum = "566cafdd92868e0939d3fb961bd0dc25fcfaaed179291093b3d43e6b3150ea10"
 dependencies = [
 "base64",
 "bytes",
- "encoding_rs",
+ "futures-channel",
 "futures-core",
 "futures-util",
- "h2",
 "http",
 "http-body",
+ "http-body-util",
 "hyper",
 "hyper-rustls",
+ "hyper-util",
 "ipnet",
 "js-sys",
 "log",
@ -855,11 +871,11 @@ dependencies = [
 "pin-project-lite",
 "rustls",
 "rustls-pemfile",
+ "rustls-pki-types",
 "serde",
 "serde_json",
 "serde_urlencoded",
 "sync_wrapper",
- "system-configuration",
 "tokio",
 "tokio-rustls",
 "tokio-socks",
@ -872,21 +888,6 @@ dependencies = [
 "winreg",
 ]

-[[package]]
-name = "ring"
-version = "0.16.20"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc"
-dependencies = [
- "cc",
- "libc",
- "once_cell",
- "spin 0.5.2",
- "untrusted 0.7.1",
- "web-sys",
- "winapi",
-]
-
 [[package]]
 name = "ring"
 version = "0.17.8"
@ -897,16 +898,15 @@ dependencies = [
 "cfg-if",
 "getrandom",
 "libc",
- "spin 0.9.8",
- "untrusted 0.9.0",
+ "spin",
+ "untrusted",
 "windows-sys 0.52.0",
 ]

 [[package]]
 name = "rpki"
-version = "0.17.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "98a05b958a41ba8c923cf14bd2ad5f1aca3f3509c8ffd147c36e094346a0290b"
+version = "0.18.2-dev"
+source = "git+https://github.com/NLnetLabs/rpki-rs.git#aa722a30c187a6358d1a33cd8d83762dad64945c"
 dependencies = [
 "arbitrary",
 "base64",
@ -915,12 +915,13 @@ dependencies = [
 "chrono",
 "futures-util",
 "log",
- "ring 0.16.20",
+ "quick-xml",
+ "ring",
 "serde",
 "serde_json",
 "tokio",
 "tokio-stream",
- "untrusted 0.7.1",
+ "untrusted",
 "uuid",
 ]

@ -935,8 +936,10 @@ dependencies = [
 "clap",
 "crossbeam-utils",
 "daemonbase",
- "futures",
+ "futures-util",
+ "http-body-util",
 "hyper",
+ "hyper-util",
 "log",
 "pin-project-lite",
 "rand",
@ -944,7 +947,6 @@ dependencies = [
 "reqwest",
 "rpki",
 "rustls-pemfile",
- "rustls-webpki",
 "serde",
 "serde_json",
 "slab",
@ -959,71 +961,71 @@ dependencies = [

 [[package]]
 name = "rustc-demangle"
-version = "0.1.23"
+version = "0.1.24"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76"
+checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f"

 [[package]]
 name = "rustls"
-version = "0.21.12"
+version = "0.22.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e"
+checksum = "bf4ef73721ac7bcd79b2b315da7779d8fc09718c6b3d2d1b2d94850eb8c18432"
 dependencies = [
 "log",
- "ring 0.17.8",
+ "ring",
+ "rustls-pki-types",
 "rustls-webpki",
- "sct",
+ "subtle",
+ "zeroize",
 ]

 [[package]]
 name = "rustls-pemfile"
-version = "1.0.4"
+version = "2.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c"
+checksum = "29993a25686778eb88d4189742cd713c9bce943bc54251a33509dc63cbacf73d"
 dependencies = [
 "base64",
+ "rustls-pki-types",
 ]

 [[package]]
-name = "rustls-webpki"
-version = "0.101.7"
+name = "rustls-pki-types"
+version = "1.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765"
+checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d"
+
+[[package]]
+name = "rustls-webpki"
+version = "0.102.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f3bce581c0dd41bce533ce695a1437fa16a7ab5ac3ccfa99fe1a620a7885eabf"
 dependencies = [
- "ring 0.17.8",
- "untrusted 0.9.0",
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
 ]

 [[package]]
 name = "ryu"
-version = "1.0.17"
+version = "1.0.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e86697c916019a8588c99b5fac3cead74ec0b4b819707a682fd4d23fa0ce1ba1"
-
-[[package]]
-name = "sct"
-version = "0.7.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414"
-dependencies = [
- "ring 0.17.8",
- "untrusted 0.9.0",
-]
+checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"

 [[package]]
 name = "serde"
-version = "1.0.199"
+version = "1.0.201"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0c9f6e76df036c77cd94996771fb40db98187f096dd0b9af39c6c6e452ba966a"
+checksum = "780f1cebed1629e4753a1a38a3c72d30b97ec044f0aef68cb26650a3c5cf363c"
 dependencies = [
 "serde_derive",
 ]

 [[package]]
 name = "serde_derive"
-version = "1.0.199"
+version = "1.0.201"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "11bd257a6541e141e42ca6d24ae26f7714887b47e89aa739099104c7e4d3b7fc"
+checksum = "c5e405930b9796f1c00bee880d03fc7e0bb4b9a11afc776885ffe84320da2865"
 dependencies = [
 "proc-macro2",
 "quote",
@ -1032,9 +1034,9 @@ dependencies = [

 [[package]]
 name = "serde_json"
-version = "1.0.116"
+version = "1.0.117"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3e17db7126d17feb94eb3fad46bf1a96b034e8aacbc2e775fe81505f8b0b2813"
+checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3"
 dependencies = [
 "itoa",
 "ryu",
@ -1087,12 +1089,6 @@ dependencies = [
 "windows-sys 0.52.0",
 ]

-[[package]]
-name = "spin"
-version = "0.5.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
-
 [[package]]
 name = "spin"
 version = "0.9.8"
@ -1119,10 +1115,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"

 [[package]]
-name = "syn"
-version = "2.0.60"
+name = "subtle"
+version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "909518bc7b1c9b779f1bbf07f2929d35af9f0f37e47c6e9ef7f9dddc1e1821f3"
+checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
+
+[[package]]
+name = "syn"
+version = "2.0.61"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c993ed8ccba56ae856363b1845da7266a7cb78e1d146c8a32d54b45a8b831fc9"
 dependencies = [
 "proc-macro2",
 "quote",
@ -1148,27 +1150,6 @@ dependencies = [
 "time",
 ]

-[[package]]
-name = "system-configuration"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
-dependencies = [
- "bitflags 1.3.2",
- "core-foundation",
- "system-configuration-sys",
-]
-
-[[package]]
-name = "system-configuration-sys"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
-
 [[package]]
 name = "termcolor"
 version = "1.1.3"
@ -1180,18 +1161,18 @@ dependencies = [

 [[package]]
 name = "thiserror"
-version = "1.0.59"
+version = "1.0.60"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f0126ad08bff79f29fc3ae6a55cc72352056dfff61e3ff8bb7129476d44b23aa"
+checksum = "579e9083ca58dd9dcf91a9923bb9054071b9ebbd800b342194c9feb0ee89fc18"
 dependencies = [
 "thiserror-impl",
 ]

 [[package]]
 name = "thiserror-impl"
-version = "1.0.59"
+version = "1.0.60"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d1cd413b5d558b4c5bf3680e324a6fa5014e7b7c067a51e69dbdf47eb7148b66"
+checksum = "e2470041c06ec3ac1ab38d0356a6119054dedaea53e12fbefc0de730a1c08524"
 dependencies = [
 "proc-macro2",
 "quote",
@ -1286,11 +1267,12 @@ dependencies = [

 [[package]]
 name = "tokio-rustls"
-version = "0.24.1"
+version = "0.25.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081"
+checksum = "775e0c0f0adb3a2f22a00c4745d728b479985fc15ee7ca6a2608388c5569860f"
 dependencies = [
 "rustls",
+ "rustls-pki-types",
 "tokio",
 ]

@ -1319,16 +1301,15 @@ dependencies = [

 [[package]]
 name = "tokio-util"
-version = "0.7.10"
+version = "0.7.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5419f34732d9eb6ee4c3578b7989078579b7f039cbbb9ca2c4da015749371e15"
+checksum = "9cf6b47b3771c49ac75ad09a6162f53ad4b8088b76ac60e8ec1455b31a189fe1"
 dependencies = [
 "bytes",
 "futures-core",
 "futures-sink",
 "pin-project-lite",
 "tokio",
- "tracing",
 ]

 [[package]]
@ -1340,7 +1321,7 @@ dependencies = [
 "serde",
 "serde_spanned",
 "toml_datetime",
- "toml_edit 0.22.12",
+ "toml_edit",
 ]

 [[package]]
@ -1352,17 +1333,6 @@ dependencies = [
 "serde",
 ]

-[[package]]
-name = "toml_edit"
-version = "0.20.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "70f427fce4d84c72b5b732388bf4a9f4531b53f74e2887e3ecb2481f68f66d81"
-dependencies = [
- "indexmap",
- "toml_datetime",
- "winnow 0.5.40",
-]
-
 [[package]]
 name = "toml_edit"
 version = "0.22.12"
@ -1373,9 +1343,31 @@ dependencies = [
 "serde",
 "serde_spanned",
 "toml_datetime",
- "winnow 0.6.7",
+ "winnow",
 ]

+[[package]]
+name = "tower"
+version = "0.4.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c"
+dependencies = [
+ "futures-core",
+ "futures-util",
+ "pin-project",
+ "pin-project-lite",
+ "tokio",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "tower-layer"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0"
+
 [[package]]
 name = "tower-service"
 version = "0.3.2"
@ -1388,6 +1380,7 @@ version = "0.1.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef"
 dependencies = [
+ "log",
 "pin-project-lite",
 "tracing-core",
 ]
@ -1428,12 +1421,6 @@ dependencies = [
 "tinyvec",
 ]

-[[package]]
-name = "untrusted"
-version = "0.7.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
-
 [[package]]
 name = "untrusted"
 version = "0.9.0"
@ -1563,9 +1550,12 @@ dependencies = [

 [[package]]
 name = "webpki-roots"
-version = "0.25.4"
+version = "0.26.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1"
+checksum = "b3de34ae270483955a94f4b21bdaaeb83d508bb84a01435f393818edb0012009"
+dependencies = [
+ "rustls-pki-types",
+]

 [[package]]
 name = "winapi"
@ -1748,28 +1738,25 @@ checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0"

 [[package]]
 name = "winnow"
-version = "0.5.40"
+version = "0.6.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876"
-dependencies = [
- "memchr",
-]
-
-[[package]]
-name = "winnow"
-version = "0.6.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "14b9415ee827af173ebb3f15f9083df5a122eb93572ec28741fb153356ea2578"
+checksum = "c3c52e9c97a68071b23e836c9380edae937f17b9c4667bd021973efc689f618d"
 dependencies = [
 "memchr",
 ]

 [[package]]
 name = "winreg"
-version = "0.50.0"
+version = "0.52.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1"
+checksum = "a277a57398d4bfa075df44f501a17cfdf8542d224f0d36095a2adc7aee4ef0a5"
 dependencies = [
 "cfg-if",
 "windows-sys 0.48.0",
 ]
+
+[[package]]
+name = "zeroize"
+version = "1.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -17,25 +17,28 @@ bytes           = "1"
 chrono          = "0.4.31"
 clap            = { version = "~4.4", features = [ "cargo", "derive" ] }
 crossbeam-utils = "0.8.4"
-daemonbase      = "0.1.0"
-futures         = "0.3"
-hyper           = { version = "0.14.8", features = [ "server", "stream" ] }
+#daemonbase      = "0.1.0"
+daemonbase      = { git = "https://github.com/NLnetLabs/daemonbase.git" }
+futures-util    = "0.3"
+http-body-util  = "0.1"
+hyper           = { version = "1.3.1", features = [ "server" ] }
+hyper-util      = { version = "0.1", features = [ "server", "server-auto", "tokio" ] }
 log             = "0.4"
 pin-project-lite = "0.2.4"
 rand            = "0.8.3"
-reqwest         = { version = "0.11.3", default-features = false, features = ["blocking", "rustls-tls"] }
-rpki            = { version = "0.17.2", features = ["crypto", "rtr", "slurm"] }
-rustls-pemfile  = "1.0"
-rustls-webpki   = "0.101.6"
+reqwest         = { version = "0.12.4", default-features = false, features = ["blocking", "rustls-tls"] }
+#rpki            = { version = "0.17.2", features = ["crypto", "rtr", "slurm"] }
+rpki            = { git = "https://github.com/NLnetLabs/rpki-rs.git", features = [ "repository", "rrdp", "rtr", "serde", "slurm" ] }
+rustls-pemfile  = "2.1.2"
 serde           = { version = "1.0", features = ["derive"] }
 serde_json      = "1.0"
 slab            = "0.4.2"
 tokio           = { version = "1.6", features = ["fs", "io-util", "macros", "net", "rt", "rt-multi-thread", "sync", "time"]}
-tokio-rustls    = "0.24.1"
+tokio-rustls    = { version = "0.25.0", default-features = false, features = [ "ring", "logging", "tls12" ] }
 tokio-stream    = { version = "0.1", features = ["net"] }
-toml            = "0.8.2"
+toml            = "0.8.12"
 url             = { version = "2.2", features = ["serde"] }
-webpki-roots    = "0.25.2"
+webpki-roots    = "0.26.1"

 [features]
 default = [ "socks" ]
--- a/src/comms.rs
+++ b/src/comms.rs
@ -19,8 +19,8 @@ use std::sync::Arc;
 use std::sync::atomic::AtomicUsize;
 use chrono::{DateTime, Utc};
 use crossbeam_utils::atomic::AtomicCell;
-use futures::pin_mut;
-use futures::future::{select, Either, Future};
+use futures_util::pin_mut;
+use futures_util::future::{pending, select, Either, Future};
 use slab::Slab;
 use serde::Deserialize;
 use tokio::sync::{mpsc, oneshot};
@ -436,7 +436,7 @@ impl Link {
        let conn = match self.connection {
            ConnectionStatus::Active(ref mut conn) => conn,
            ConnectionStatus::Unconnected | ConnectionStatus::Gone => {
-                return futures::future::pending().await
+                return pending().await
            }
        };
        match conn.updates.recv().await {
--- a/src/formats/output.rs
+++ b/src/formats/output.rs
@ -3,6 +3,7 @@

 use serde::Deserialize;
 use crate::payload;
+use crate::http::ContentType;
 use super::json;

 //------------ Format --------------------------------------------------------
@ -16,9 +17,9 @@ pub enum Format {
 }

 impl Format {
-    pub fn content_type(self) -> &'static str {
+    pub fn content_type(self) -> ContentType {
        match self {
-            Format::Json => "application/json",
+            Format::Json => ContentType::JSON,
        }
    }

--- a/src/http.rs
+++ b/src/http.rs
@ -15,17 +15,25 @@ use std::pin::Pin;
 use std::sync::{Arc, Mutex, Weak};
 use std::task::{Context, Poll};
 use arc_swap::ArcSwap;
+use bytes::Bytes;
+use chrono::{DateTime, Utc};
 use daemonbase::error::ExitError;
-use futures::pin_mut;
-use hyper::{Body, Method, Request, Response, StatusCode};
-use hyper::server::accept::Accept;
-use hyper::service::{make_service_fn, service_fn};
+use futures_util::pin_mut;
+use futures_util::stream::{Stream, StreamExt};
+use http_body_util::{BodyExt, Empty, Full, StreamBody};
+use http_body_util::combinators::BoxBody;
+use hyper::{Method, StatusCode};
+use hyper::body::{Body, Frame};
+use hyper::http::response::Builder;
+use hyper::service::service_fn;
+use hyper_util::rt::{TokioExecutor, TokioIo};
 use log::{debug, error};
 use serde::Deserialize;
 use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
 use tokio::net::{TcpListener, TcpStream};
 use tokio::runtime::Runtime;
 use crate::metrics;
+use crate::utils::http::format_http_date;


 //------------ Server --------------------------------------------------------
@ -75,15 +83,15 @@ impl Server {
                return Err(ExitError::default());
            }
            debug!("HTTP server listening on {}", addr);
-            listeners.push(listener);
+            listeners.push((listener, addr));
        }

        // Now spawn the listeners onto the runtime. This way, they will start
        // doing their thing as soon as the runtime is started.
-        for listener in listeners {
+        for (listener, addr) in listeners {
            runtime.spawn(
                Self::single_listener(
-                    listener, metrics.clone(), resources.clone()
+                    listener, *addr, metrics.clone(), resources.clone()
                )
            );
        }
@ -96,22 +104,10 @@ impl Server {
    /// listener encounters an error.
    async fn single_listener(
        listener: StdListener,
+        addr: SocketAddr,
        metrics: metrics::Collection,
        resources: Resources,
    ) {
-        let make_service = make_service_fn(|_conn| {
-            let metrics = metrics.clone();
-            let resources = resources.clone();
-            async move {
-                Ok::<_, Infallible>(service_fn(move |req| {
-                    let metrics = metrics.clone();
-                    let resources = resources.clone();
-                    async move {
-                        Self::handle_request(req, &metrics, &resources).await
-                    }
-                }))
-            }
-        });
        let listener = match TcpListener::from_std(listener) {
            Ok(listener) => listener,
            Err(err) => {
@ -119,19 +115,41 @@ impl Server {
                return
            }
        };
-        if let Err(err) = hyper::Server::builder(
-            HttpAccept { sock: listener }
-        ).serve(make_service).await {
-            error!("HTTP server error: {}", err);
+        loop {
+            let stream = match listener.accept().await {
+                Ok((stream, _addr)) => stream,
+                Err(err) => {
+                    error!("Fatal error in HTTP server {}: {}", addr, err);
+                    break;
+                }
+            };
+            let metrics = metrics.clone();
+            let resources = resources.clone();
+            tokio::task::spawn(async move {
+                let _ = hyper_util::server::conn::auto::Builder::new(
+                    TokioExecutor::new()
+                ).serve_connection(
+                    TokioIo::new(stream),
+                    service_fn(move |req| {
+                        let metrics = metrics.clone();
+                        let resources = resources.clone();
+                        async move {
+                            Self::handle_request(
+                                req, &metrics, &resources
+                            ).await
+                        }
+                    })
+                ).await;
+            });
        }
    }

    /// Handles a single HTTP request.
    async fn handle_request(
-        req: Request<Body>,
+        req: Request,
        metrics: &metrics::Collection,
        resources: &Resources,
-    ) -> Result<Response<Body>, Infallible> {
+    ) -> Result<Response, Infallible> {
        if *req.method() != Method::GET {
            return Ok(Self::method_not_allowed())
        }
@ -148,41 +166,33 @@ impl Server {
    }

    /// Produces the response for a call to the `/metrics` endpoint.
-    fn metrics(metrics: &metrics::Collection) -> Response<Body> {
-        Response::builder()
-        .header("Content-Type", "text/plain; version=0.0.4")
-        .body(
-            metrics.assemble(metrics::OutputFormat::Prometheus).into()
-        )
-        .unwrap()
+    fn metrics(metrics: &metrics::Collection) -> Response {
+        ResponseBuilder::ok()
+        .content_type(ContentType::PROMETHEUS)
+        .body(metrics.assemble(metrics::OutputFormat::Prometheus))
    }

    /// Produces the response for a call to the `/status` endpoint.
-    fn status(metrics: &metrics::Collection) -> Response<Body> {
-        Response::builder()
-        .header("Content-Type", "text/plain")
+    fn status(metrics: &metrics::Collection) -> Response {
+        ResponseBuilder::ok()
+        .content_type(ContentType::TEXT)
        .body(
-            metrics.assemble(metrics::OutputFormat::Plain).into()
+            metrics.assemble(metrics::OutputFormat::Plain)
        )
-        .unwrap()
    }

    /// Produces the response for a Method Not Allowed error.
-    fn method_not_allowed() -> Response<Body> {
-        Response::builder()
-        .status(StatusCode::METHOD_NOT_ALLOWED)
-        .header("Content-Type", "text/plain")
-        .body("Method Not Allowed".into())
-        .unwrap()
+    fn method_not_allowed() -> Response {
+        ResponseBuilder::method_not_allowed()
+        .content_type(ContentType::TEXT)
+        .body("Method Not Allowed")
    }

    /// Produces the response for a Not Found error.
-    fn not_found() -> Response<Body> {
-        Response::builder()
-        .status(StatusCode::NOT_FOUND)
-        .header("Content-Type", "text/plain")
-        .body("Not Found".into())
-        .unwrap()
+    fn not_found() -> Response {
+        ResponseBuilder::not_found()
+        .content_type(ContentType::TEXT)
+        .body("Not Found")
    }
 }

@ -238,8 +248,8 @@ impl Resources {
    /// Returns some response if any of the registered processors actually
    /// processed the particular request or `None` otherwise.
    pub fn process_request(
-        &self, request: &Request<Body>
-    ) -> Option<Response<Body>> {
+        &self, request: &Request,
+    ) -> Option<Response> {
        let sources = self.sources.load();
        for item in sources.iter() {
            if let Some(process) = item.process.upgrade() {
@ -281,58 +291,182 @@ pub trait ProcessRequest: Send + Sync {
    /// some response. This can be an error response. Otherwise it should
    /// return `None`.
    fn process_request(
-        &self, request: &Request<Body>
-    ) -> Option<Response<Body>>;
+        &self, request: &Request
+    ) -> Option<Response>;
 }

 impl<T: ProcessRequest> ProcessRequest for Arc<T> {
    fn process_request(
-        &self, request: &Request<Body>
-    ) -> Option<Response<Body>> {
+        &self, request: &Request
+    ) -> Option<Response> {
        AsRef::<T>::as_ref(self).process_request(request)
    }
 }

 impl<F> ProcessRequest for F
-where F: Fn(&Request<Body>) -> Option<Response<Body>> + Sync + Send {
+where F: Fn(&Request) -> Option<Response> + Sync + Send {
    fn process_request(
-        &self, request: &Request<Body>
-    ) -> Option<Response<Body>> {
+        &self, request: &Request
+    ) -> Option<Response> {
        (self)(request)
    }
 }


+//------------ Request -------------------------------------------------------
+
+pub type Request = hyper::Request<hyper::body::Incoming>;
+
+
+//------------ Response ------------------------------------------------------
+
+pub type Response = hyper::Response<BoxBody<Bytes, Infallible>>;
+
+
+//------------ ResponseBuilder -----------------------------------------------
+
+#[derive(Debug)]
+pub struct ResponseBuilder {
+    builder: Builder,
+}
+
+impl ResponseBuilder {
+    /// Creates a new builder with the given status.
+    pub fn new(status: StatusCode) -> Self {
+        ResponseBuilder { builder:  Builder::new().status(status) }
+    }
+
+    /// Creates a new builder for a 200 OK response.
+    pub fn ok() -> Self {
+        Self::new(StatusCode::OK)
+    }
+
+    /// Creates a new builder for a Service Unavailable response.
+    pub fn service_unavailable() -> Self {
+        Self::new(StatusCode::SERVICE_UNAVAILABLE)
+    }
+
+    /// Creates a new builder for a Bad Request response.
+    pub fn bad_request() -> Self {
+        Self::new(StatusCode::BAD_REQUEST)
+    }
+
+    /// Creates a new builder for a Not Found response.
+    pub fn not_found() -> Self {
+        Self::new(StatusCode::NOT_FOUND)
+    }
+
+    /// Creates a new builder for a Not Modified response.
+    pub fn not_modified() -> Self {
+        Self::new(StatusCode::NOT_MODIFIED)
+    }
+
+    /// Creates a new builder for a Method Not Allowed response.
+    pub fn method_not_allowed() -> Self {
+        Self::new(StatusCode::METHOD_NOT_ALLOWED)
+    }
+
+    /// Creates a new builder for a Moved Permanently response.
+    pub fn moved_permanently() -> Self {
+        Self::new(StatusCode::MOVED_PERMANENTLY)
+    }
+
+    /// Adds the content type header.
+    pub fn content_type(self, content_type: ContentType) -> Self {
+        ResponseBuilder {
+            builder: self.builder.header("Content-Type", content_type.0)
+        }
+    }
+
+    /// Adds the ETag header.
+    pub fn etag(self, etag: &str) -> Self {
+        ResponseBuilder {
+            builder: self.builder.header("ETag", etag)
+        }
+    }
+
+    /// Adds the Last-Modified header.
+    pub fn last_modified(self, last_modified: DateTime<Utc>) -> Self {
+        ResponseBuilder {
+            builder: self.builder.header(
+                "Last-Modified",
+                format_http_date(last_modified)
+            )
+        }
+    }
+
+    /// Adds the Location header.
+    #[allow(dead_code)]
+    pub fn location(self, location: &str) -> Self {
+        ResponseBuilder {
+            builder: self.builder.header(
+                "Location",
+                location
+            )
+        }
+    }
+
+    fn finalize<B>(self, body: B) -> Response
+    where
+        B: Body<Data = Bytes, Error = Infallible> + Send + Sync + 'static
+    {
+        self.builder.body(
+            body.boxed()
+        ).expect("broken HTTP response builder")
+    }
+
+    /// Finalizes the response by adding a body.
+    pub fn body(self, body: impl Into<Bytes>) -> Response {
+        self.finalize(Full::new(body.into()))
+    }
+
+    /// Finalies the response by adding an empty body.
+    pub fn empty(self) -> Response {
+        self.finalize(Empty::new())
+    }
+
+    pub fn stream<S>(self, body: S) -> Response
+    where
+        S: Stream<Item = Bytes> + Send + Sync + 'static
+    {
+        self.finalize(
+            StreamBody::new(body.map(|item| {
+                Ok(Frame::data(item))
+            }))
+        )
+    }
+}
+
+
+//------------ ContentType ---------------------------------------------------
+
+#[derive(Clone, Debug)]
+pub struct ContentType(&'static [u8]);
+
+impl ContentType {
+    pub const CSV: ContentType = ContentType(
+        b"text/csv;charset=utf-8;header=present"
+    );
+    pub const JSON: ContentType = ContentType(b"application/json");
+    pub const TEXT: ContentType = ContentType(b"text/plain;charset=utf-8");
+    pub const PROMETHEUS: ContentType = ContentType(
+        b"text/plain; version=0.0.4"
+    );
+
+    pub fn external(value: &'static [u8]) -> Self {
+        ContentType(value)
+    }
+}
+
+
 //------------ Wrapped sockets -----------------------------------------------

+/*
 /// A TCP listener wrapped for use with Hyper.
 struct HttpAccept {
    sock: TcpListener,
 }
-
-impl Accept for HttpAccept {
-    type Conn = HttpStream;
-    type Error = io::Error;
-
-    fn poll_accept(
-        mut self: Pin<&mut Self>,
-        cx: &mut Context
-    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
-        let sock = &mut self.sock;
-        pin_mut!(sock);
-        match sock.poll_accept(cx) {
-            Poll::Pending => Poll::Pending,
-            Poll::Ready(Ok((sock, _addr))) => {
-                Poll::Ready(Some(Ok(HttpStream {
-                    sock,
-                })))
-            }
-            Poll::Ready(Err(err)) => {
-                Poll::Ready(Some(Err(err)))
-            }
-        }
-    }
-}
+*/


 /// A TCP stream wrapped for use with Hyper.
--- a/src/main.rs
+++ b/src/main.rs
@ -2,7 +2,7 @@ use std::process::exit;
 use clap::{Command, crate_authors, crate_version};
 use daemonbase::error::ExitError;
 use daemonbase::logging::Logger;
-use futures::future::pending;
+use futures_util::future::pending;
 use tokio::runtime;
 use rtrtr::config::Config;

--- a/src/targets/http.rs
+++ b/src/targets/http.rs
@ -1,23 +1,22 @@
 //! A target using the HTTP server.

-use std::convert::Infallible;
 use std::sync::Arc;
 use arc_swap::ArcSwap;
 use daemonbase::error::ExitError;
 use chrono::{DateTime, Utc};
-use futures::stream;
-use hyper::{Body, Method, Request, Response, StatusCode};
+use futures_util::stream;
+use hyper::Method;
 use hyper::header::{IF_NONE_MATCH, IF_MODIFIED_SINCE};
-use hyper::http::response;
 use log::debug;
 use rpki::rtr::State;
 use serde::Deserialize;
 use crate::payload;
 use crate::comms::{Link, UnitUpdate};
 use crate::formats::output;
+use crate::http::{ContentType, Response, ResponseBuilder, Request};
 use crate::manager::Component;
 use crate::utils::http::EtagsIter;
-use crate::utils::http::{format_http_date, parse_http_date};
+use crate::utils::http::parse_http_date;


 //------------ Target --------------------------------------------------------
@ -41,7 +40,7 @@ impl Target {
        let http_source = source.clone();
        
        let processor = Arc::new(
-            move |request: &Request<_>| {
+            move |request: &Request| {
                if 
                    request.method() != Method::GET
                    || request.uri().path() != path
@ -54,14 +53,9 @@ impl Target {
                    Some(update) => update,
                    None => {
                        return Some(
-                            Response::builder()
-                            .status(StatusCode::SERVICE_UNAVAILABLE)
-                            .header("Content-Type", "text/plain")
-                            .body(
-                                "Initial validation ongoing. \
-                                 Please wait.".into()
-                            )
-                            .unwrap()
+                            ResponseBuilder::service_unavailable()
+                            .content_type(ContentType::TEXT)
+                            .body("Initial validation ongoing. Please wait.")
                        )
                    }
                };
@ -71,16 +65,15 @@ impl Target {
                }

                Some(
-                    update.header(
-                        Response::builder()
-                    ).header(
-                        "Content-Type", format.content_type()
+                    ResponseBuilder::ok()
+                    .content_type(format.content_type())
+                    .etag(&update.etag)
+                    .last_modified(update.created)
+                    .stream(
+                        stream::iter(
+                            format.stream(update.set.clone()).map(Into::into)
+                        )
                    )
-                    .body(Body::wrap_stream(stream::iter(
-                        format.stream(update.set.clone())
-                        .map(Result::<_, Infallible>::Ok)
-                    )))
-                    .unwrap()
                )
            }
        );
@ -148,7 +141,7 @@ impl SourceData {
    }

    /// Returns whether 304 Not Modified response should be returned.
-    fn is_not_modified(&self, req: &Request<Body>) -> bool {
+    fn is_not_modified(&self, req: &Request) -> bool {
        // First, check If-None-Match.
        let mut found_if_none_match = false;
        for value in req.headers().get_all(IF_NONE_MATCH).iter() {
@ -193,19 +186,10 @@ impl SourceData {
        false
    }

-    fn not_modified(&self) -> Response<Body> {
-        self.header(
-            response::Builder::new().status(
-                StatusCode::NOT_MODIFIED
-            )
-        ).body(Body::empty()).expect("broken HTTP response builder")
-    }
-
-    fn header(&self, builder: response::Builder) -> response::Builder {
-        builder.header(
-            "ETag", &self.etag
-        ).header(
-            "Last-Modified", format_http_date(self.created)
-        )
+    fn not_modified(&self) -> Response {
+        ResponseBuilder::not_modified()
+            .etag(&self.etag)
+            .last_modified(self.created)
+            .empty()
    }
 }
--- a/src/targets/rtr.rs
+++ b/src/targets/rtr.rs
@ -10,7 +10,7 @@ use std::task::{Context, Poll};
 use arc_swap::ArcSwap;
 use daemonbase::config::ConfigPath;
 use daemonbase::error::ExitError;
-use futures::{TryFuture, ready};
+use futures_util::{TryFuture, ready};
 use log::{debug, error};
 use pin_project_lite::pin_project;
 use serde::Deserialize;
@ -20,7 +20,8 @@ use rpki::rtr::state::{Serial, State};
 use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
 use tokio::net::{TcpListener, TcpStream};
 use tokio_rustls::{Accept, TlsAcceptor};
-use tokio_rustls::rustls::{Certificate, PrivateKey, ServerConfig};
+use tokio_rustls::rustls::ServerConfig;
+use tokio_rustls::rustls::pki_types::{CertificateDer, PrivateKeyDer};
 use tokio_rustls::server::TlsStream;
 use tokio_stream::wrappers::TcpListenerStream;
 use crate::payload;
@ -177,7 +178,18 @@ impl Tls {

    /// Creates the TLS server config.
    fn create_tls_config(&self) -> Result<ServerConfig, ExitError> {
-        let certs = rustls_pemfile::certs(
+        ServerConfig::builder()
+            .with_no_client_auth()
+            .with_single_cert(self.read_certs()?, self.read_key()?)
+            .map_err(|err| {
+                error!("Failed to create TLS server config: {}", err);
+                ExitError::default()
+            })
+    }
+
+    /// Reads the certificates from the given PEM file.
+    fn read_certs(&self) -> Result<Vec<CertificateDer<'static>>, ExitError> {
+        rustls_pemfile::certs(
            &mut io::BufReader::new(
                File::open(&self.certificate).map_err(|err| {
                    error!(
@ -187,58 +199,74 @@ impl Tls {
                    ExitError::default()
                })?
            )
-        ).map_err(|err| {
+        ).collect::<Result<_, _>>().map_err(|err| {
            error!(
                "Failed to read TLS certificate file '{}': {}.",
                self.certificate.display(), err
            );
            ExitError::default()
-        }).map(|mut certs| {
-            certs.drain(..).map(Certificate).collect()
-        })?;
+        })
+    }

-        let key = rustls_pemfile::pkcs8_private_keys(
-            &mut io::BufReader::new(
-                File::open(&self.key).map_err(|err| {
-                    error!(
-                        "Failed to open TLS key file '{}': {}.",
-                        self.key.display(), err
-                    );
-                    ExitError::default()
-                })?
-            )
-        ).map_err(|err| {
-            error!(
-                "Failed to read TLS key file '{}': {}.",
-                self.key.display(), err
-            );
-            ExitError::default()
-        }).and_then(|mut certs| {
-            if certs.is_empty() {
+    /// Reads the first private key from the given PEM file.
+    ///
+    /// The key may be a PKCS#1 RSA private key, a PKCS#8 private key, or a
+    /// SEC1 encoded EC private key. All other PEM items are ignored.
+    ///
+    /// Errors out if opening or reading the file fails or if there isn’t exactly
+    /// one private key in the file.
+    fn read_key(&self) -> Result<PrivateKeyDer<'static>, ExitError> {
+        use rustls_pemfile::Item::*;
+
+        let mut key_file = io::BufReader::new(
+            File::open(&self.key).map_err(|err| {
                error!(
-                    "TLS key file '{}' does not contain any usable keys.",
-                    self.key.display()
+                    "Failed to open TLS key file '{}': {}.",
+                    self.key.display(), err
                );
-                return Err(ExitError::default())
-            }
-            if certs.len() != 1 {
+                ExitError::default()
+            })?
+        );
+
+        let mut key = None;
+
+        while let Some(item) =
+            rustls_pemfile::read_one(&mut key_file).transpose()
+        {
+            let item = item.map_err(|err| {
+                error!(
+                    "Failed to read TLS key file '{}': {}.",
+                    self.key.display(), err
+                );
+                ExitError::default()
+            })?;
+
+            let bits = match item {
+                Pkcs1Key(bits) => bits.into(),
+                Pkcs8Key(bits) => bits.into(),
+                Sec1Key(bits) => bits.into(),
+                _ => continue,
+            };
+            if key.is_some() {
                error!(
                    "TLS key file '{}' contains multiple keys.",
                    self.key.display()
                );
                return Err(ExitError::default())
            }
-            Ok(PrivateKey(certs.pop().unwrap()))
-        })?;
+            key = Some(bits)
+        }

-        ServerConfig::builder()
-            .with_safe_defaults()
-            .with_no_client_auth()
-            .with_single_cert(certs, key)
-            .map_err(|err| {
-                error!("Failed to create TLS server config: {}", err);
-                ExitError::default()
-            })
+        match key {
+            Some(key) => Ok(key),
+            None => {
+                 error!(
+                    "TLS key file '{}' does not contain any usable keys.",
+                    self.key.display()
+                );
+                Err(ExitError::default())
+           }
+        }
    }

    /// Spawns a single listener onto the current runtime.
@ -268,7 +296,7 @@ impl Tls {
            }
        };
        tokio::spawn(async move {
-            use futures::StreamExt;
+            use futures_util::stream::StreamExt;

            let listener = TcpListenerStream::new(listener).map(|sock| {
                sock.map(|sock| TlsSocket::new(&config , sock))
--- a/src/units/combine.rs
+++ b/src/units/combine.rs
@ -2,7 +2,7 @@

 use std::sync::Arc;
 use crossbeam_utils::atomic::AtomicCell;
-use futures::future::{select, select_all, Either, FutureExt};
+use futures_util::future::{select, select_all, Either, FutureExt};
 use log::debug;
 use rand::{thread_rng, Rng};
 use serde::Deserialize;
--- a/src/units/rtr.rs
+++ b/src/units/rtr.rs
@ -15,9 +15,9 @@ use std::task::{Context, Poll};
 use std::time::Duration;
 use chrono::{TimeZone, Utc};
 use daemonbase::config::ConfigPath;
-use futures::pin_mut;
-use futures::future::{select, Either};
-use log::{debug, error, info, warn};
+use futures_util::pin_mut;
+use futures_util::future::{select, Either};
+use log::{debug, error, warn};
 use pin_project_lite::pin_project;
 use rpki::rtr::client::{Client, PayloadError, PayloadTarget, PayloadUpdate};
 use rpki::rtr::payload::{Action, Payload, Timing};
@ -26,12 +26,10 @@ use serde::Deserialize;
 use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
 use tokio::net::TcpStream;
 use tokio::time::{timeout_at, Instant};
-use tokio_rustls::{
-    TlsConnector, client::TlsStream,
-    rustls::ClientConfig, rustls::OwnedTrustAnchor, rustls::RootCertStore,
-    rustls::client::ServerName, 
-};
-use webpki::TrustAnchor;
+use tokio_rustls::TlsConnector;
+use tokio_rustls::client::TlsStream;
+use tokio_rustls::rustls::{ClientConfig, RootCertStore};
+use tokio_rustls::rustls::pki_types::ServerName;
 use crate::metrics;
 use crate::comms::{Gate, GateMetrics, GateStatus, Terminated, UnitUpdate};
 use crate::manager::Component;
@ -103,7 +101,7 @@ struct TlsState {
    tls: Tls,

    /// The name of the server.
-    domain: ServerName,
+    domain: ServerName<'static>,

    /// The TLS configuration for connecting to the server.
    connector: TlsConnector,
@ -138,7 +136,7 @@ impl Tls {
    /// Converts the server address into the name for certificate validation.
    fn get_domain_name(
        &self, unit_name: &str
-    ) -> Result<ServerName, Terminated> {
+    ) -> Result<ServerName<'static>, Terminated> {
        let host = if let Some((host, port)) = self.remote.rsplit_once(':') {
            if port.parse::<u16>().is_ok() {
                host
@ -150,7 +148,7 @@ impl Tls {
        else {
            self.remote.as_ref()
        };
-        ServerName::try_from(host).map_err(|err| {
+        ServerName::try_from(host).map(|res| res.to_owned()).map_err(|err| {
            error!(
                "Unit {}: Invalid remote name '{}': {}'",
                unit_name, host, err
@ -163,17 +161,9 @@ impl Tls {
    fn build_connector(
        &self, unit_name: &str
    ) -> Result<TlsConnector, Terminated> {
-        let mut root_certs = RootCertStore::empty();
-        root_certs.add_trust_anchors(
-            webpki_roots::TLS_SERVER_ROOTS.iter().map(
-            |ta| {
-                OwnedTrustAnchor::from_subject_spki_name_constraints(
-                    ta.subject,
-                    ta.spki,
-                    ta.name_constraints,
-                )
-            },
-        ));
+        let mut root_certs = RootCertStore {
+            roots: Vec::from(webpki_roots::TLS_SERVER_ROOTS)
+        };
        for path in &self.cacerts {
            let mut file = io::BufReader::new(
                File::open(path).map_err(|err| {
@ -184,41 +174,31 @@ impl Tls {
                    Terminated
                })?
            );
-            let certs = rustls_pemfile::certs(&mut file).map_err(|err| {
-                error!(
-                    "Unit {}: failed to read cacert file '{}': {}.",
-                    unit_name, path.display(), err,
-                );
-                Terminated
-            })?;
-            let trust_anchors = certs.iter().filter_map(|cert| {
-                match TrustAnchor::try_from_cert_der(&cert[..]) {
-                    Ok(ta) => {
-                        Some(
-                            OwnedTrustAnchor
-                                ::from_subject_spki_name_constraints(
-                                    ta.subject,
-                                    ta.spki,
-                                    ta.name_constraints,
-                                )
-                        )
-                    }
+            for cert in rustls_pemfile::certs(&mut file) {
+                let cert = match cert {
+                    Ok(cert) => cert,
                    Err(err) => {
-                        info!(
-                            "Unit {}: cecert file '{}' contained an invalid \
-                             certificate that was ignored ({})",
+                        error!(
+                            "Unit {}: failed to read certificate file '{}': \
+                             {}",
                            unit_name, path.display(), err
                        );
-                        None
+                        return Err(Terminated)
                    }
+                };
+                if let Err(err) = root_certs.add(cert) {
+                    error!(
+                        "Unit {}: failed to add TLS certificate \
+                         from file '{}': {}",
+                        unit_name, path.display(), err
+                    );
+                    return Err(Terminated)
                }
-            });
-            root_certs.add_trust_anchors(trust_anchors);
+            }
        }

        Ok(TlsConnector::from(Arc::new(
            ClientConfig::builder()
-                .with_safe_defaults()
                .with_root_certificates(root_certs)
                .with_no_client_auth()
        )))