Make meta tool build on Linux

7 files changed, 45 insertions, 72 deletions

diff --git a/Cargo.lock b/Cargo.lock
index 4058c2c7fc..ea4b4dd608 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1074,15 +1074,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "34aa73646ffb006b8f5147f3dc182bd4bcb190227ce861fc4a4844bf8e3cb2c0"
 
 [[package]]
-name = "encoding_rs"
-version = "0.8.35"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3"
-dependencies = [
- "cfg-if",
-]
-
-[[package]]
 name = "enum-as-inner"
 version = "0.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -4085,10 +4076,8 @@ checksum = "a77c62af46e79de0a562e1a9849205ffcb7fc1238876e9bd743357570e04046f"
 dependencies = [
  "base64 0.22.1",
  "bytes",
- "encoding_rs",
  "futures-core",
  "futures-util",
- "h2 0.4.4",
  "http 1.1.0",
  "http-body",
  "http-body-util",
@@ -4110,7 +4099,6 @@ dependencies = [
  "serde_json",
  "serde_urlencoded",
  "sync_wrapper 1.0.1",
- "system-configuration 0.6.1",
  "tokio",
  "tokio-rustls 0.26.0",
  "tower-service",
@@ -4783,18 +4771,7 @@ checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
 dependencies = [
  "bitflags 1.3.2",
  "core-foundation",
- "system-configuration-sys 0.5.0",
-]
-
-[[package]]
-name = "system-configuration"
-version = "0.6.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
-dependencies = [
- "bitflags 2.6.0",
- "core-foundation",
- "system-configuration-sys 0.6.0",
+ "system-configuration-sys",
 ]
 
 [[package]]
@@ -4808,16 +4785,6 @@ dependencies = [
 ]
 
 [[package]]
-name = "system-configuration-sys"
-version = "0.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8e1d1b10ced5ca923a1fcb8d03e96b8d3268065d724548c0211415ff6ac6bac4"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
-
-[[package]]
 name = "talpid-core"
 version = "0.0.0"
 dependencies = [
@@ -4847,7 +4814,7 @@ dependencies = [
  "resolv-conf",
  "serde",
  "serde_json",
- "system-configuration 0.5.1",
+ "system-configuration",
  "talpid-dbus",
  "talpid-macos",
  "talpid-net",
@@ -4988,7 +4955,7 @@ dependencies = [
  "netlink-sys",
  "nix 0.28.0",
  "rtnetlink",
- "system-configuration 0.5.1",
+ "system-configuration",
  "talpid-types",
  "talpid-windows",
  "thiserror 2.0.9",
diff --git a/mullvad-update/meta/Cargo.toml b/mullvad-update/meta/Cargo.toml
index 18dfd2bdd0..7eba726e95 100644
--- a/mullvad-update/meta/Cargo.toml
+++ b/mullvad-update/meta/Cargo.toml
@@ -16,7 +16,7 @@ chrono = { workspace = true, features = ["serde", "now"] }
 clap = { workspace = true }
 hex = { version = "0.4" }
 rand = { version = "0.8.5" }
-reqwest = { version = "0.12.9", features = ["rustls-tls"] }
+reqwest = { version = "0.12.9", default-features = false, features = ["rustls-tls"] }
 serde_json = { workspace = true }
 serde = { workspace = true }
 sha2 = "0.10"
diff --git a/mullvad-update/meta/src/artifacts.rs b/mullvad-update/meta/src/artifacts.rs
index 4cda5db75c..5b9d6f783b 100644
--- a/mullvad-update/meta/src/artifacts.rs
+++ b/mullvad-update/meta/src/artifacts.rs
@@ -6,7 +6,7 @@ use tokio::{
     io::{AsyncSeekExt, BufReader},
 };
 
-use mullvad_update::{format, verify::Sha256Verifier};
+use mullvad_update::{format, hash};
 
 /// Generate `format::Installer`
 pub async fn generate_installer_details(
@@ -31,7 +31,7 @@ pub async fn generate_installer_details(
 
     println!("Generating checksum for {}", artifact.display());
 
-    let checksum = Sha256Verifier::generate_hash(file)
+    let checksum = hash::checksum(file)
         .await
         .context("Failed to compute checksum")?;
 
diff --git a/mullvad-update/src/client/app.rs b/mullvad-update/src/client/app.rs
index decf8d932b..6b894dd201 100644
--- a/mullvad-update/src/client/app.rs
+++ b/mullvad-update/src/client/app.rs
@@ -1,3 +1,5 @@
+#![cfg(any(target_os = "macos", target_os = "windows"))]
+
 //! This module implements the flow of downloading and verifying the app.
 
 use std::{ffi::OsString, path::PathBuf, time::Duration};
diff --git a/mullvad-update/src/client/verify.rs b/mullvad-update/src/client/verify.rs
index 08738206ee..28a53f839d 100644
--- a/mullvad-update/src/client/verify.rs
+++ b/mullvad-update/src/client/verify.rs
@@ -1,8 +1,7 @@
 use anyhow::Context;
-use sha2::Digest;
 use tokio::{
     fs,
-    io::{AsyncRead, AsyncReadExt, BufReader},
+    io::{AsyncRead, BufReader},
 };
 
 use std::{future::Future, path::Path};
@@ -22,11 +21,6 @@ pub trait AppVerifier: 'static + Clone {
 #[derive(Clone)]
 pub struct Sha256Verifier;
 
-impl Sha256Verifier {
-    /// Maximum number of bytes to read at a time
-    const BUF_SIZE: usize = 1024 * 1024;
-}
-
 impl AppVerifier for Sha256Verifier {
     /// The checksum
     type Parameters = [u8; 32];
@@ -49,34 +43,11 @@ impl AppVerifier for Sha256Verifier {
 }
 
 impl Sha256Verifier {
-    pub async fn generate_hash(
-        mut reader: impl AsyncRead + Unpin,
-    ) -> anyhow::Result<[u8; 32]>
-    {
-        let mut hasher = sha2::Sha256::new();
-
-        // Read data into hasher
-        let mut buffer = vec![0u8; Self::BUF_SIZE];
-        loop {
-            let read_n = reader
-                .read(&mut buffer)
-                .await
-                .context("Error reading bin file")?;
-            if read_n == 0 {
-                // We're done
-                break;
-            }
-            hasher.update(&buffer[..read_n]);
-        }
-
-        Ok(hasher.finalize().into())
-    }
-
     async fn verify_inner(
         reader: impl AsyncRead + Unpin,
         expected_hash: [u8; 32],
     ) -> anyhow::Result<()> {
-        let actual_hash = Self::generate_hash(reader).await?;
+        let actual_hash = crate::hash::checksum(reader).await?;
 
         // Verify that hash is correct
         if expected_hash != actual_hash {
@@ -90,6 +61,7 @@ impl Sha256Verifier {
 #[cfg(test)]
 mod test {
     use rand::RngCore;
+    use sha2::Digest;
     use std::io::Cursor;
 
     use super::*;
diff --git a/mullvad-update/src/hash.rs b/mullvad-update/src/hash.rs
new file mode 100644
index 0000000000..4a5891124e
--- /dev/null
+++ b/mullvad-update/src/hash.rs
@@ -0,0 +1,29 @@
+//! Compute checksum for SHA-256
+
+use anyhow::Context;
+use sha2::Digest;
+use tokio::io::{AsyncRead, AsyncReadExt};
+
+/// Maximum number of bytes to read at a time
+const BUF_SIZE: usize = 10 * 1024 * 1024;
+
+/// Generate SHA256 checksum for `reader`
+pub async fn checksum(mut reader: impl AsyncRead + Unpin) -> anyhow::Result<[u8; 32]> {
+    let mut hasher = sha2::Sha256::new();
+
+    // Read data into hasher
+    let mut buffer = vec![0u8; BUF_SIZE];
+    loop {
+        let read_n = reader
+            .read(&mut buffer)
+            .await
+            .context("Error reading bin file")?;
+        if read_n == 0 {
+            // We're done
+            break;
+        }
+        hasher.update(&buffer[..read_n]);
+    }
+
+    Ok(hasher.finalize().into())
+}
diff --git a/mullvad-update/src/lib.rs b/mullvad-update/src/lib.rs
index 2c78908089..4efd060b4b 100644
--- a/mullvad-update/src/lib.rs
+++ b/mullvad-update/src/lib.rs
@@ -1,12 +1,15 @@
 //! Support functions for securely installing or updating Mullvad VPN
 
-#[cfg(all(feature = "client", any(target_os = "windows", target_os = "macos")))]
+#[cfg(feature = "client")]
 mod client;
 
-#[cfg(all(feature = "client", any(target_os = "windows", target_os = "macos")))]
+#[cfg(feature = "client")]
 pub use client::*;
 
 pub mod version;
 
 /// Parser and serializer for version metadata
 pub mod format;
+
+#[cfg(feature = "client")]
+pub mod hash;