Update `tokio-rustls` to 0.25 and `rustls-native-certs` to 0.7
This commit is contained in:
parent
b55f84ac18
commit
2b1fa55927
10
Cargo.toml
10
Cargo.toml
|
@ -29,7 +29,7 @@ tokio-rustls-native-certs = ["__rustls-tls", "rustls-native-certs"]
|
|||
tokio-openssl = ["tokio-runtime", "real-tokio-openssl", "openssl"]
|
||||
verbose-logging = []
|
||||
|
||||
__rustls-tls = ["tokio-runtime", "real-tokio-rustls", "tungstenite/__rustls-tls"]
|
||||
__rustls-tls = ["tokio-runtime", "real-tokio-rustls", "rustls-pki-types", "tungstenite/__rustls-tls"]
|
||||
|
||||
[package.metadata.docs.rs]
|
||||
features = ["async-std-runtime", "tokio-runtime", "gio-runtime", "async-tls", "async-native-tls", "tokio-native-tls"]
|
||||
|
@ -84,12 +84,16 @@ package = "tokio-native-tls"
|
|||
|
||||
[dependencies.real-tokio-rustls]
|
||||
optional = true
|
||||
version = "0.24"
|
||||
version = "0.25"
|
||||
package = "tokio-rustls"
|
||||
|
||||
[dependencies.rustls-pki-types]
|
||||
optional = true
|
||||
version = "1.0.1"
|
||||
|
||||
[dependencies.rustls-native-certs]
|
||||
optional = true
|
||||
version = "0.6"
|
||||
version = "0.7"
|
||||
|
||||
[dependencies.webpki-roots]
|
||||
optional = true
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
use real_tokio_rustls::rustls::{ClientConfig, RootCertStore, ServerName};
|
||||
use real_tokio_rustls::rustls::{ClientConfig, RootCertStore};
|
||||
use real_tokio_rustls::{client::TlsStream, TlsConnector};
|
||||
use rustls_pki_types::ServerName;
|
||||
|
||||
use tungstenite::client::{uri_mode, IntoClientRequest};
|
||||
use tungstenite::error::TlsError;
|
||||
|
@ -48,11 +49,9 @@ where
|
|||
#[cfg(feature = "tokio-rustls-native-certs")]
|
||||
{
|
||||
let native_certs = rustls_native_certs::load_native_certs()?;
|
||||
let der_certs: Vec<Vec<u8>> =
|
||||
native_certs.into_iter().map(|cert| cert.0).collect();
|
||||
let total_number = der_certs.len();
|
||||
let total_number = native_certs.len();
|
||||
let (number_added, number_ignored) =
|
||||
root_store.add_parsable_certificates(&der_certs);
|
||||
root_store.add_parsable_certificates(native_certs);
|
||||
log::debug!("Added {number_added}/{total_number} native root certificates (ignored {number_ignored})");
|
||||
}
|
||||
#[cfg(all(
|
||||
|
@ -61,26 +60,15 @@ where
|
|||
not(feature = "tokio-rustls-manual-roots")
|
||||
))]
|
||||
{
|
||||
use real_tokio_rustls::rustls::OwnedTrustAnchor;
|
||||
|
||||
root_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(
|
||||
|ta| {
|
||||
OwnedTrustAnchor::from_subject_spki_name_constraints(
|
||||
ta.subject.as_ref(),
|
||||
ta.subject_public_key_info.as_ref(),
|
||||
ta.name_constraints.as_deref(),
|
||||
)
|
||||
},
|
||||
));
|
||||
root_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
|
||||
}
|
||||
TlsConnector::from(std::sync::Arc::new(
|
||||
ClientConfig::builder()
|
||||
.with_safe_defaults()
|
||||
.with_root_certificates(root_store)
|
||||
.with_no_client_auth(),
|
||||
))
|
||||
};
|
||||
let domain = ServerName::try_from(domain.as_str())
|
||||
let domain = ServerName::try_from(domain)
|
||||
.map_err(|_| Error::Tls(TlsError::InvalidDnsName))?;
|
||||
connector.connect(domain, socket).await?
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue