review fix

Author: irvingoujAtDevolution

devolutions-agent/src/config.rs

@@ -244,17 +244,12 @@ pub mod dto {
 
     #[derive(PartialEq, Eq, Debug, Clone, Serialize, Deserialize)]
     #[serde(rename_all = "PascalCase")]
+    #[derive(Default)]
     pub struct PedmConf {
         /// Enable PEDM module (disabled by default)
         pub enabled: bool,
     }
 
-    impl Default for PedmConf {
-        fn default() -> Self {
-            Self { enabled: false }
-        }
-    }
-
     #[derive(PartialEq, Eq, Debug, Clone, Serialize, Deserialize)]
     #[serde(rename_all = "PascalCase")]
     pub struct SessionConf {

devolutions-agent/src/remote_desktop/graphics.rs

@@ -46,10 +46,12 @@ impl RdpServerDisplayUpdates for DisplayUpdates {
         let left: u16 = rng.gen_range(0..WIDTH);
         let width = NonZeroU16::new(rng.gen_range(1..=WIDTH - left)).expect("never zero");
 
-        let data: Vec<u8> = std::iter::repeat([rng.r#gen(), rng.r#gen(), rng.r#gen(), 255])
-            .take(usize::from(width.get()) * usize::from(height.get()))
-            .flatten()
-            .collect();
+        let data: Vec<u8> = std::iter::repeat_n(
+            [rng.r#gen(), rng.r#gen(), rng.r#gen(), 255],
+            usize::from(width.get()) * usize::from(height.get()),
+        )
+        .flatten()
+        .collect();
 
         trace!(left, top, width, height, "BitmapUpdate");
 

devolutions-gateway/src/api/net.rs

@@ -370,22 +370,19 @@ impl TryFrom<ScannerEvent> for NetworkScanResponse {
                 protocol,
                 port,
             }) => {
-                let protocol = match protocol {
-                    None => None,
-                    Some(protocol) => Some(match protocol {
-                        scanner::ServiceType::Rdp => Protocol::Rdp,
-                        scanner::ServiceType::Ard => Protocol::Ard,
-                        scanner::ServiceType::Vnc => Protocol::Vnc,
-                        scanner::ServiceType::Ssh => Protocol::Ssh,
-                        scanner::ServiceType::Sftp => Protocol::Sftp,
-                        scanner::ServiceType::Scp => Protocol::Scp,
-                        scanner::ServiceType::Telnet => Protocol::Telnet,
-                        scanner::ServiceType::Http => Protocol::Http,
-                        scanner::ServiceType::Https => Protocol::Https,
-                        scanner::ServiceType::Ldap => Protocol::Ldap,
-                        scanner::ServiceType::Ldaps => Protocol::Ldaps,
-                    }),
-                };
+                let protocol = protocol.map(|protocol| match protocol {
+                    scanner::ServiceType::Rdp => Protocol::Rdp,
+                    scanner::ServiceType::Ard => Protocol::Ard,
+                    scanner::ServiceType::Vnc => Protocol::Vnc,
+                    scanner::ServiceType::Ssh => Protocol::Ssh,
+                    scanner::ServiceType::Sftp => Protocol::Sftp,
+                    scanner::ServiceType::Scp => Protocol::Scp,
+                    scanner::ServiceType::Telnet => Protocol::Telnet,
+                    scanner::ServiceType::Http => Protocol::Http,
+                    scanner::ServiceType::Https => Protocol::Https,
+                    scanner::ServiceType::Ldap => Protocol::Ldap,
+                    scanner::ServiceType::Ldaps => Protocol::Ldaps,
+                });
 
                 let protocol = match protocol {
                     Some(protocol) => TcpKnockProbe::NamedApplication(protocol),

devolutions-gateway/src/credential.rs

@@ -29,6 +29,12 @@ pub struct AppCredentialMapping {
 #[derive(Debug, Clone)]
 pub struct CredentialStoreHandle(Arc<Mutex<CredentialStore>>);
 
+impl Default for CredentialStoreHandle {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl CredentialStoreHandle {
     pub fn new() -> Self {
         Self(Arc::new(Mutex::new(CredentialStore::new())))

devolutions-gateway/src/rd_clean_path.rs

@@ -77,10 +77,7 @@ async fn read_cleanpath_pdu(mut stream: impl AsyncRead + Unpin + Send) -> io::Re
                 std::cmp::Ordering::Less => {}
                 std::cmp::Ordering::Equal => break,
                 std::cmp::Ordering::Greater => {
-                    return Err(io::Error::new(
-                        ErrorKind::Other,
-                        "no leftover is expected when reading cleanpath PDU",
-                    ));
+                    return Err(io::Error::other("no leftover is expected when reading cleanpath PDU"));
                 }
             }
         }
@@ -234,30 +231,31 @@ async fn process_cleanpath(
     debug!(%selected_target, "Connected to destination server");
     span.record("target", selected_target.to_string());
 
-    // Preconnection Blob (PCB) is currently only used for Hyper-V VMs.
+    // Preconnection Blob (PCB) is currently used for Hyper-V VMs almost exclusively in practice.
+    // However, we still leave space for future extensions of usages of PCB.
     //
-    // Connection sequence with Hyper-V VMs (PCB enabled):
-    // ┌─────────────────────┐    ┌─────────────────────────────────────────────────────────────┐
-    // │   handled by        │    │              handled by IronRDP client                      │
-    // │     Gateway         │    │                                                             │
-    // └─────────────────────┘    └─────────────────────────────────────────────────────────────┘
-    // │PCB → TLS handshake  │ →  │CredSSP → X224 connection request → X224 connection response │
-    // └─────────────────────┘    └─────────────────────────────────────────────────────────────┘
+    // Connection sequence with Hyper-V VMs (PCB included and X224 connection request is not present):
+    // ┌───────────────────────┐    ┌───────────────────────────────────────────────────────────────┐
+    // │       handled by      │    │                  handled by IronRDP client                    │
+    // │        Gateway        │    │                                                               │
+    // └───────────────────────┘    └───────────────────────────────────────────────────────────────┘
+    // │ PCB → TLS handshake   │ →  │ CredSSP → X224 connection request → X224 connection response  │
+    // └───────────────────────┘    └───────────────────────────────────────────────────────────────┘
     //
-    // Connection sequence without Hyper-V VMs (PCB disabled):
-    // ┌─────────────────────────────────────────────────────────────┐    ┌──────────────────────┐
-    // │                  handled by Gateway                         │    │ handled by IronRDP   │
-    // │                                                             │    │       client         │
-    // └─────────────────────────────────────────────────────────────┘    └──────────────────────┘
-    // │X224 connection request → X224 connection response → TLS hs  │ →  │CredSSP → ...         │
-    // └─────────────────────────────────────────────────────────────┘    └──────────────────────┘
+    // Connection sequence without Hyper-V VMs (PCB optional):
+    // ┌───────────────────────────────────────────────────────────────┐          ┌───────────────────────┐
+    // │                     handled by Gateway                        │          │   handled by IronRDP  │
+    // │                                                               │          │         client        │
+    // └───────────────────────────────────────────────────────────────┘          └───────────────────────┘
+    // │ PCB → X224 connection request → X224 connection response → TLS|          │ → CredSSP → ...       │
+    // └───────────────────────────────────────────────────────────────┘          └───────────────────────┘
     //
     // Summary:
-    // - With PCB: Gateway handles (1) sending PCB, (2) TLS handshake, then leaves CredSSP
-    //   and X224 connection request/response to IronRDP client
-    // - Without PCB: Gateway handles (1) X224 connection request, (2) X224 connection response,
-    //   then leaves TLS handshake and CredSSP to IronRDP client
-    // Send preconnection blob and/or X224 connection request
+    // - With PCB but not X224 connection request: Gateway handles (1) sending PCB/VmConnectID, (2) TLS handshake, then leaves CredSSP
+    //   and X224 connection request/response to IronRDP client.
+    // - With PCB and X224 connection request: Gateway handles (1) sending PCB/VmConnectID, (2) X224 connection request, (3) X224 connection response, (4) TLS handshake,
+    //   then leaves CredSSP to IronRDP client.
+    // - Without PCB: In this case, X224 MUST be present! Gateway handles (1) X224 connection request, (2) X224 connection response, (3) TLS handshake, then leaves CredSSP to IronRDP client.
     match (&cleanpath_pdu.preconnection_blob, &cleanpath_pdu.x224_connection_pdu) {
         (None, None) => {
             return Err(CleanPathError::BadRequest(anyhow::anyhow!(
@@ -310,13 +308,13 @@ async fn process_cleanpath(
             target_server: selected_target.to_owned(),
         })?;
 
-    return Ok(CleanPathResult {
+    Ok(CleanPathResult {
         destination: selected_target.to_owned(),
         claims,
         server_addr,
         server_stream,
         x224_rsp,
-    });
+    })
 }
 
 #[allow(clippy::too_many_arguments)]
@@ -380,12 +378,8 @@ pub async fn handle(
 
     trace!("Sending RDCleanPath response");
 
-    let rdcleanpath_rsp = RDCleanPathPdu::new_response(
-        server_addr.to_string(),
-        x224_rsp,
-        x509_chain,
-    )
-    .map_err(|e| anyhow::anyhow!("couldn’t build RDCleanPath response: {e}"))?;
+    let rdcleanpath_rsp = RDCleanPathPdu::new_response(server_addr.to_string(), x224_rsp, x509_chain)
+        .context("couldn’t build RDCleanPath response")?;
 
     send_clean_path_response(&mut client_stream, &rdcleanpath_rsp).await?;
 
@@ -504,7 +498,7 @@ enum WsaError {
     WSAESTALE = 10070,
     WSAEREMOTE = 10071,
     WSASYSNOTREADY = 10091,
-    WSAVERNOTSUPPORTED = 10092,
+    WSAVERNOT_SUPPORTED = 10092,
     WSANOTINITIALISED = 10093,
     WSAEDISCON = 10101,
     WSAENOMORE = 10102,

devolutions-gateway/src/tls.rs

@@ -76,7 +76,7 @@ pub fn build_server_config(cert_source: CertificateSource) -> anyhow::Result<rus
         } => {
             let first_certificate = certificates.first().context("empty certificate list")?;
 
-            if let Ok(report) = check_certificate_now(&first_certificate) {
+            if let Ok(report) = check_certificate_now(first_certificate) {
                 if report.issues.intersects(
                     CertIssues::MISSING_SERVER_AUTH_EXTENDED_KEY_USAGE | CertIssues::MISSING_SUBJECT_ALT_NAME,
                 ) {

jetsocat/src/main.rs

@@ -463,7 +463,7 @@ impl CommonArgs {
             let pid = u32::try_from(process_id).context("invalid value for process ID")?;
             Some(sysinfo::Pid::from_u32(pid))
         } else if c.bool_flag("watch-parent") {
-            use sysinfo::{ProcessRefreshKind, RefreshKind, System};
+            use sysinfo::System;
 
             // Find current process' parent process ID
             let current_pid =
@@ -850,7 +850,7 @@ fn clean_old_log_files(logging: &Logging) -> anyhow::Result<()> {
         match entry
             .metadata()
             .and_then(|metadata| metadata.modified())
-            .and_then(|time| time.elapsed().map_err(|e| io::Error::new(io::ErrorKind::Other, e)))
+            .and_then(|time| time.elapsed().map_err(io::Error::other))
         {
             Ok(modified) if modified > MAX_AGE => {
                 info!("Delete log file");