rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix warnings 

Trait objects now have ``dyn`` in types.
This commit is contained in:
Thom Wiggers 2019-06-11 13:18:29 +02:00 committed by ctz
parent f535d6483c
commit b66d27faae
15 changed files with 71 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/anchors.rs
View File

@ -109,7 +109,7 @@ impl RootCertStore {
///
/// Returns the number of certificates added, and the number
/// which were extracted from the PEM but ultimately unsuitable.
pub fn add_pem_file(&mut self, rd: &mut io::BufRead) -> Result<(usize, usize), ()> {
pub fn add_pem_file(&mut self, rd: &mut dyn io::BufRead) -> Result<(usize, usize), ()> {
let ders = pemfile::certs(rd)?;
let mut valid_count = 0;
let mut invalid_count = 0;

14
src/cipher.rs
View File

@ -27,19 +27,19 @@ pub trait MessageEncrypter : Send + Sync {
fn encrypt(&self, m: BorrowMessage, seq: u64) -> Result<Message, TLSError>;
}
impl MessageEncrypter {
pub fn invalid() -> Box<MessageEncrypter> {
impl dyn MessageEncrypter {
pub fn invalid() -> Box<dyn MessageEncrypter> {
Box::new(InvalidMessageEncrypter {})
}
}
impl MessageDecrypter {
pub fn invalid() -> Box<MessageDecrypter> {
impl dyn MessageDecrypter {
pub fn invalid() -> Box<dyn MessageDecrypter> {
Box::new(InvalidMessageDecrypter {})
}
}
pub type MessageCipherPair = (Box<MessageDecrypter>, Box<MessageEncrypter>);
pub type MessageCipherPair = (Box<dyn MessageDecrypter>, Box<dyn MessageEncrypter>);
const TLS12_AAD_SIZE: usize = 8 + 1 + 2 + 2;
fn make_tls12_aad(seq: u64,
@ -111,7 +111,7 @@ pub fn new_tls12(scs: &'static SupportedCipherSuite,
}
pub fn new_tls13_read(scs: &'static SupportedCipherSuite,
secret: &[u8]) -> Box<MessageDecrypter> {
secret: &[u8]) -> Box<dyn MessageDecrypter> {
let hash = scs.get_hash();
let key = derive_traffic_key(hash, secret, scs.enc_key_len);
let iv = derive_traffic_iv(hash, secret, scs.fixed_iv_len);
@ -121,7 +121,7 @@ pub fn new_tls13_read(scs: &'static SupportedCipherSuite,
}
pub fn new_tls13_write(scs: &'static SupportedCipherSuite,
secret: &[u8]) -> Box<MessageEncrypter> {
secret: &[u8]) -> Box<dyn MessageEncrypter> {
let hash = scs.get_hash();
let key = derive_traffic_key(hash, secret, scs.enc_key_len);
let iv = derive_traffic_iv(hash, secret, scs.fixed_iv_len);

2
src/client/common.rs
View File

@ -152,7 +152,7 @@ impl ReceivedTicketDetails {
pub struct ClientAuthDetails {
pub cert: Option<CertificatePayload>,
pub signer: Option<Box<sign::Signer>>,
pub signer: Option<Box<dyn sign::Signer>>,
pub auth_context: Option<Vec<u8>>,
}

2
src/client/hs.rs
View File

@ -61,7 +61,7 @@ macro_rules! extract_handshake_mut(
);
pub type CheckResult = Result<(), TLSError>;
pub type NextState = Box<State + Send + Sync>;
pub type NextState = Box<dyn State + Send + Sync>;
pub type NextStateOrError = Result<NextState, TLSError>;
pub trait State {

20
src/client/mod.rs
View File

@ -94,13 +94,13 @@ pub struct ClientConfig {
pub alpn_protocols: Vec<Vec<u8>>,
/// How we store session data or tickets.
pub session_persistence: Arc<StoresClientSessions>,
pub session_persistence: Arc<dyn StoresClientSessions>,
/// Our MTU. If None, we don't limit TLS message sizes.
pub mtu: Option<usize>,
/// How to decide what client auth certificate/keys to use.
pub client_auth_cert_resolver: Arc<ResolvesClientCert>,
pub client_auth_cert_resolver: Arc<dyn ResolvesClientCert>,
/// Whether to support RFC5077 tickets. You must provide a working
/// `session_persistence` member for this to have any meaningful
@ -125,11 +125,11 @@ pub struct ClientConfig {
pub enable_sni: bool,
/// How to verify the server certificate chain.
verifier: Arc<verify::ServerCertVerifier>,
verifier: Arc<dyn verify::ServerCertVerifier>,
/// How to output key material for debugging. The default
/// does nothing.
pub key_log: Arc<KeyLog>,
pub key_log: Arc<dyn KeyLog>,
/// Whether to send data on the first flight ("early data") in
/// TLS 1.3 handshakes.
@ -175,7 +175,7 @@ impl ClientConfig {
}
#[doc(hidden)]
pub fn get_verifier(&self) -> &verify::ServerCertVerifier {
pub fn get_verifier(&self) -> &dyn verify::ServerCertVerifier {
self.verifier.as_ref()
}
@ -189,7 +189,7 @@ impl ClientConfig {
}
/// Sets persistence layer to `persist`.
pub fn set_persistence(&mut self, persist: Arc<StoresClientSessions>) {
pub fn set_persistence(&mut self, persist: Arc<dyn StoresClientSessions>) {
self.session_persistence = persist;
}
@ -371,7 +371,7 @@ pub struct ClientSessionImpl {
pub alpn_protocol: Option<Vec<u8>>,
pub common: SessionCommon,
pub error: Option<TLSError>,
pub state: Option<Box<hs::State + Send + Sync>>,
pub state: Option<Box<dyn hs::State + Send + Sync>>,
pub server_cert_chain: CertificatePayload,
pub early_data: EarlyData,
}
@ -635,16 +635,16 @@ impl ClientSession {
}
impl Session for ClientSession {
fn read_tls(&mut self, rd: &mut io::Read) -> io::Result<usize> {
fn read_tls(&mut self, rd: &mut dyn io::Read) -> io::Result<usize> {
self.imp.common.read_tls(rd)
}
/// Writes TLS messages to `wr`.
fn write_tls(&mut self, wr: &mut io::Write) -> io::Result<usize> {
fn write_tls(&mut self, wr: &mut dyn io::Write) -> io::Result<usize> {
self.imp.common.write_tls(wr)
}
fn writev_tls(&mut self, wr: &mut WriteV) -> io::Result<usize> {
fn writev_tls(&mut self, wr: &mut dyn WriteV) -> io::Result<usize> {
self.imp.common.writev_tls(wr)
}

2
src/msgs/deframer.rs
View File

@ -62,7 +62,7 @@ impl MessageDeframer {
/// Read some bytes from `rd`, and add them to our internal
/// buffer. If this means our internal buffer contains
/// full messages, decode them all.
pub fn read(&mut self, rd: &mut io::Read) -> io::Result<usize> {
pub fn read(&mut self, rd: &mut dyn io::Read) -> io::Result<usize> {
// Try to do the largest reads possible. Note that if
// we get a message with a length field out of range here,
// we do a zero length read. That looks like an EOF to

10
src/pemfile.rs
View File

@ -5,10 +5,10 @@ use crate::key;
/// Extract and decode all PEM sections from `rd`, which begin with `start_mark`
/// and end with `end_mark`. Apply the functor `f` to each decoded buffer,
/// and return a Vec of `f`'s return values.
fn extract<A>(rd: &mut io::BufRead,
fn extract<A>(rd: &mut dyn io::BufRead,
start_mark: &str,
end_mark: &str,
f: &Fn(Vec<u8>) -> A)
f: &dyn Fn(Vec<u8>) -> A)
-> Result<Vec<A>, ()> {
let mut ders = Vec::new();
let mut b64buf = String::new();
@ -48,7 +48,7 @@ fn extract<A>(rd: &mut io::BufRead,
/// Extract all the certificates from rd, and return a vec of `key::Certificate`s
/// containing the der-format contents.
pub fn certs(rd: &mut io::BufRead) -> Result<Vec<key::Certificate>, ()> {
pub fn certs(rd: &mut dyn io::BufRead) -> Result<Vec<key::Certificate>, ()> {
extract(rd,
"-----BEGIN CERTIFICATE-----",
"-----END CERTIFICATE-----",
@ -57,7 +57,7 @@ pub fn certs(rd: &mut io::BufRead) -> Result<Vec<key::Certificate>, ()> {
/// Extract all RSA private keys from rd, and return a vec of `key::PrivateKey`s
/// containing the der-format contents.
pub fn rsa_private_keys(rd: &mut io::BufRead) -> Result<Vec<key::PrivateKey>, ()> {
pub fn rsa_private_keys(rd: &mut dyn io::BufRead) -> Result<Vec<key::PrivateKey>, ()> {
extract(rd,
"-----BEGIN RSA PRIVATE KEY-----",
"-----END RSA PRIVATE KEY-----",
@ -66,7 +66,7 @@ pub fn rsa_private_keys(rd: &mut io::BufRead) -> Result<Vec<key::PrivateKey>, ()
/// Extract all PKCS8-encoded private keys from rd, and return a vec of
/// `key::PrivateKey`s containing the der-format contents.
pub fn pkcs8_private_keys(rd: &mut io::BufRead) -> Result<Vec<key::PrivateKey>, ()> {
pub fn pkcs8_private_keys(rd: &mut dyn io::BufRead) -> Result<Vec<key::PrivateKey>, ()> {
extract(rd,
"-----BEGIN PRIVATE KEY-----",
"-----END PRIVATE KEY-----",

2
src/server/hs.rs
View File

@ -46,7 +46,7 @@ macro_rules! extract_handshake(
);
pub type CheckResult = Result<(), TLSError>;
pub type NextState = Box<State + Send + Sync>;
pub type NextState = Box<dyn State + Send + Sync>;
pub type NextStateOrError = Result<NextState, TLSError>;
pub trait State {

24
src/server/mod.rs
View File

@ -124,13 +124,13 @@ pub struct ServerConfig {
pub mtu: Option<usize>,
/// How to store client sessions.
pub session_storage: Arc<StoresServerSessions + Send + Sync>,
pub session_storage: Arc<dyn StoresServerSessions + Send + Sync>,
/// How to produce tickets.
pub ticketer: Arc<ProducesTickets>,
pub ticketer: Arc<dyn ProducesTickets>,
/// How to choose a server cert and key.
pub cert_resolver: Arc<ResolvesServerCert>,
pub cert_resolver: Arc<dyn ResolvesServerCert>,
/// Protocol names we support, most preferred first.
/// If empty we don't do ALPN at all.
@ -141,11 +141,11 @@ pub struct ServerConfig {
pub versions: Vec<ProtocolVersion>,
/// How to verify client certificates.
verifier: Arc<verify::ClientCertVerifier>,
verifier: Arc<dyn verify::ClientCertVerifier>,
/// How to output key material for debugging. The default
/// does nothing.
pub key_log: Arc<KeyLog>,
pub key_log: Arc<dyn KeyLog>,
/// Amount of early data to accept; 0 to disable.
#[cfg(feature = "quic")] // TLS support unimplemented
@ -167,7 +167,7 @@ impl ServerConfig {
/// We don't provide a default for `client_cert_verifier` because the safest
/// default, requiring client authentication, requires additional
/// configuration that we cannot provide reasonable defaults for.
pub fn new(client_cert_verifier: Arc<verify::ClientCertVerifier>) -> ServerConfig {
pub fn new(client_cert_verifier: Arc<dyn verify::ClientCertVerifier>) -> ServerConfig {
ServerConfig {
ciphersuites: ALL_CIPHERSUITES.to_vec(),
ignore_client_order: false,
@ -193,12 +193,12 @@ impl ServerConfig {
}
#[doc(hidden)]
pub fn get_verifier(&self) -> &verify::ClientCertVerifier {
pub fn get_verifier(&self) -> &dyn verify::ClientCertVerifier {
self.verifier.as_ref()
}
/// Sets the session persistence layer to `persist`.
pub fn set_persistence(&mut self, persist: Arc<StoresServerSessions + Send + Sync>) {
pub fn set_persistence(&mut self, persist: Arc<dyn StoresServerSessions + Send + Sync>) {
self.session_storage = persist;
}
@ -265,7 +265,7 @@ pub struct ServerSessionImpl {
pub alpn_protocol: Option<Vec<u8>>,
pub quic_params: Option<Vec<u8>>,
pub error: Option<TLSError>,
pub state: Option<Box<hs::State + Send + Sync>>,
pub state: Option<Box<dyn hs::State + Send + Sync>>,
pub client_cert_chain: Option<Vec<key::Certificate>>,
}
@ -472,16 +472,16 @@ impl ServerSession {
}
impl Session for ServerSession {
fn read_tls(&mut self, rd: &mut io::Read) -> io::Result<usize> {
fn read_tls(&mut self, rd: &mut dyn io::Read) -> io::Result<usize> {
self.imp.common.read_tls(rd)
}
/// Writes TLS messages to `wr`.
fn write_tls(&mut self, wr: &mut io::Write) -> io::Result<usize> {
fn write_tls(&mut self, wr: &mut dyn io::Write) -> io::Result<usize> {
self.imp.common.write_tls(wr)
}
fn writev_tls(&mut self, wr: &mut WriteV) -> io::Result<usize> {
fn writev_tls(&mut self, wr: &mut dyn WriteV) -> io::Result<usize> {
self.imp.common.writev_tls(wr)
}

20
src/session.rs
View File

@ -38,7 +38,7 @@ pub trait Session: quic::QuicExt + Read + Write + Send + Sync {
/// This function returns `Ok(0)` when the underlying `rd` does
/// so. This typically happens when a socket is cleanly closed,
/// or a file is at EOF.
fn read_tls(&mut self, rd: &mut Read) -> Result<usize, io::Error>;
fn read_tls(&mut self, rd: &mut dyn Read) -> Result<usize, io::Error>;
/// Writes TLS messages to `wr`.
///
@ -51,12 +51,12 @@ pub trait Session: quic::QuicExt + Read + Write + Send + Sync {
/// to check if output buffer is not empty.
///
/// [`wants_write`]: #tymethod.wants_write
fn write_tls(&mut self, wr: &mut Write) -> Result<usize, io::Error>;
fn write_tls(&mut self, wr: &mut dyn Write) -> Result<usize, io::Error>;
/// Like `write_tls`, but writes potentially many records in one
/// go via `wr`; a `rustls::WriteV`. This function has the same semantics
/// as `write_tls` otherwise.
fn writev_tls(&mut self, wr: &mut WriteV) -> Result<usize, io::Error>;
fn writev_tls(&mut self, wr: &mut dyn WriteV) -> Result<usize, io::Error>;
/// Processes any new packets read by a previous call to `read_tls`.
/// Errors from this function relate to TLS protocol errors, and
@ -436,8 +436,8 @@ enum Limit {
pub struct SessionCommon {
pub negotiated_version: Option<ProtocolVersion>,
pub is_client: bool,
message_encrypter: Box<MessageEncrypter>,
message_decrypter: Box<MessageDecrypter>,
message_encrypter: Box<dyn MessageEncrypter>,
message_decrypter: Box<dyn MessageDecrypter>,
pub secrets: Option<SessionSecrets>,
pub key_schedule: Option<KeySchedule>,
suite: Option<&'static SupportedCipherSuite>,
@ -533,14 +533,14 @@ impl SessionCommon {
}
pub fn set_message_encrypter(&mut self,
cipher: Box<MessageEncrypter>) {
cipher: Box<dyn MessageEncrypter>) {
self.message_encrypter = cipher;
self.write_seq = 0;
self.we_encrypting = true;
}
pub fn set_message_decrypter(&mut self,
cipher: Box<MessageDecrypter>) {
cipher: Box<dyn MessageDecrypter>) {
self.message_decrypter = cipher;
self.read_seq = 0;
self.peer_encrypting = true;
@ -706,15 +706,15 @@ impl SessionCommon {
/// Read TLS content from `rd`. This method does internal
/// buffering, so `rd` can supply TLS messages in arbitrary-
/// sized chunks (like a socket or pipe might).
pub fn read_tls(&mut self, rd: &mut Read) -> io::Result<usize> {
pub fn read_tls(&mut self, rd: &mut dyn Read) -> io::Result<usize> {
self.message_deframer.read(rd)
}
pub fn write_tls(&mut self, wr: &mut Write) -> io::Result<usize> {
pub fn write_tls(&mut self, wr: &mut dyn Write) -> io::Result<usize> {
self.sendable_tls.write_to(wr)
}
pub fn writev_tls(&mut self, wr: &mut WriteV) -> io::Result<usize> {
pub fn writev_tls(&mut self, wr: &mut dyn WriteV) -> io::Result<usize> {
self.sendable_tls.writev_to(wr)
}

20
src/sign.rs
View File

@ -17,7 +17,7 @@ pub trait SigningKey : Send + Sync {
///
/// Expresses the choice something that implements `Signer`,
/// using the chosen scheme.
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<Signer>>;
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>;
/// What kind of key we have.
fn algorithm(&self) -> SignatureAlgorithm;
@ -40,7 +40,7 @@ pub struct CertifiedKey {
pub cert: Vec<key::Certificate>,
/// The certified key.
pub key: Arc<Box<SigningKey>>,
pub key: Arc<Box<dyn SigningKey>>,
/// An optional OCSP response from the certificate issuer,
/// attesting to its continued validity.
@ -57,7 +57,7 @@ impl CertifiedKey {
///
/// The cert chain must not be empty. The first certificate in the chain
/// must be the end-entity certificate.
pub fn new(cert: Vec<key::Certificate>, key: Arc<Box<SigningKey>>) -> CertifiedKey {
pub fn new(cert: Vec<key::Certificate>, key: Arc<Box<dyn SigningKey>>) -> CertifiedKey {
CertifiedKey {
cert,
key,
@ -135,7 +135,7 @@ impl CertifiedKey {
/// Parse `der` as any supported key encoding/type, returning
/// the first which works.
pub fn any_supported_type(der: &key::PrivateKey) -> Result<Box<SigningKey>, ()> {
pub fn any_supported_type(der: &key::PrivateKey) -> Result<Box<dyn SigningKey>, ()> {
if let Ok(rsa) = RSASigningKey::new(der) {
return Ok(Box::new(rsa));
}
@ -144,7 +144,7 @@ pub fn any_supported_type(der: &key::PrivateKey) -> Result<Box<SigningKey>, ()>
}
/// Parse `der` as any ECDSA key type, returning the first which works.
pub fn any_ecdsa_type(der: &key::PrivateKey) -> Result<Box<SigningKey>, ()> {
pub fn any_ecdsa_type(der: &key::PrivateKey) -> Result<Box<dyn SigningKey>, ()> {
if let Ok(ecdsa_p256) = SingleSchemeSigningKey::new(der,
SignatureScheme::ECDSA_NISTP256_SHA256,
&signature::ECDSA_P256_SHA256_ASN1_SIGNING) {
@ -190,7 +190,7 @@ impl RSASigningKey {
}
impl SigningKey for RSASigningKey {
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<Signer>> {
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>> {
util::first_in_both(ALL_RSA_SCHEMES, offered)
.map(|scheme| RSASigner::new(self.key.clone(), scheme))
}
@ -203,12 +203,12 @@ impl SigningKey for RSASigningKey {
struct RSASigner {
key: Arc<RsaKeyPair>,
scheme: SignatureScheme,
encoding: &'static signature::RsaEncoding
encoding: &'static dyn signature::RsaEncoding
}
impl RSASigner {
fn new(key: Arc<RsaKeyPair>, scheme: SignatureScheme) -> Box<Signer> {
let encoding: &signature::RsaEncoding = match scheme {
fn new(key: Arc<RsaKeyPair>, scheme: SignatureScheme) -> Box<dyn Signer> {
let encoding: &dyn signature::RsaEncoding = match scheme {
SignatureScheme::RSA_PKCS1_SHA256 => &signature::RSA_PKCS1_SHA256,
SignatureScheme::RSA_PKCS1_SHA384 => &signature::RSA_PKCS1_SHA384,
SignatureScheme::RSA_PKCS1_SHA512 => &signature::RSA_PKCS1_SHA512,
@ -266,7 +266,7 @@ impl SingleSchemeSigningKey {
}
impl SigningKey for SingleSchemeSigningKey {
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<Signer>> {
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>> {
if offered.contains(&self.scheme) {
Some(Box::new(SingleSchemeSigner { key: self.key.clone(), scheme: self.scheme } ))
} else {

2
src/stream.rs
View File

@ -145,7 +145,7 @@ mod tests {
#[test]
fn stream_can_be_created_for_session_and_tcpstream() {
fn _foo<'a>(sess: &'a mut Session, sock: &'a mut TcpStream) -> Stream<'a, Session, TcpStream> {
fn _foo<'a>(sess: &'a mut dyn Session, sock: &'a mut TcpStream) -> Stream<'a, dyn Session, TcpStream> {
Stream {
sess,
sock,

12
src/ticketer.rs
View File

@ -111,8 +111,8 @@ impl ProducesTickets for AEADTicketer {
}
struct TicketSwitcherState {
current: Box<ProducesTickets>,
previous: Option<Box<ProducesTickets>>,
current: Box<dyn ProducesTickets>,
previous: Option<Box<dyn ProducesTickets>>,
next_switch_time: u64,
}
@ -120,7 +120,7 @@ struct TicketSwitcherState {
/// 'previous' ticketer. It creates a new ticketer every so
/// often, demoting the current ticketer.
pub struct TicketSwitcher {
generator: fn() -> Box<ProducesTickets>,
generator: fn() -> Box<dyn ProducesTickets>,
lifetime: u32,
state: Mutex<TicketSwitcherState>,
}
@ -131,7 +131,7 @@ impl TicketSwitcher {
/// longer than twice this duration. `generator` produces a new
/// `ProducesTickets` implementation.
pub fn new(lifetime: u32,
generator: fn() -> Box<ProducesTickets>)
generator: fn() -> Box<dyn ProducesTickets>)
-> TicketSwitcher {
TicketSwitcher {
generator,
@ -197,7 +197,7 @@ impl ProducesTickets for TicketSwitcher {
/// A concrete, safe ticket creation mechanism.
pub struct Ticketer {}
fn generate_inner() -> Box<ProducesTickets> {
fn generate_inner() -> Box<dyn ProducesTickets> {
Box::new(AEADTicketer::new())
}
@ -206,7 +206,7 @@ impl Ticketer {
/// with a 12 hour life and randomly generated keys.
///
/// The encryption mechanism used in Chacha20Poly1305.
pub fn new() -> Arc<ProducesTickets> {
pub fn new() -> Arc<dyn ProducesTickets> {
Arc::new(TicketSwitcher::new(6 * 60 * 60, generate_inner))
}
}

4
src/vecbuf.rs
View File

@ -127,7 +127,7 @@ impl ChunkVecBuffer {
}
/// Read data out of this object, passing it `wr`
pub fn write_to(&mut self, wr: &mut io::Write) -> io::Result<usize> {
pub fn write_to(&mut self, wr: &mut dyn io::Write) -> io::Result<usize> {
if self.is_empty() {
return Ok(0);
}
@ -137,7 +137,7 @@ impl ChunkVecBuffer {
Ok(used)
}
pub fn writev_to(&mut self, wr: &mut WriteV) -> io::Result<usize> {
pub fn writev_to(&mut self, wr: &mut dyn WriteV) -> io::Result<usize> {
if self.is_empty() {
return Ok(0);
}

6
src/verify.rs
View File

@ -167,7 +167,7 @@ impl AllowAnyAuthenticatedClient {
/// Construct a new `AllowAnyAuthenticatedClient`.
///
/// `roots` is the list of trust anchors to use for certificate validation.
pub fn new(roots: RootCertStore) -> Arc<ClientCertVerifier> {
pub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier> {
Arc::new(AllowAnyAuthenticatedClient { roots })
}
}
@ -207,7 +207,7 @@ impl AllowAnyAnonymousOrAuthenticatedClient {
/// Construct a new `AllowAnyAnonymousOrAuthenticatedClient`.
///
/// `roots` is the list of trust anchors to use for certificate validation.
pub fn new(roots: RootCertStore) -> Arc<ClientCertVerifier> {
pub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier> {
Arc::new(AllowAnyAnonymousOrAuthenticatedClient {
inner: AllowAnyAuthenticatedClient { roots }
})
@ -234,7 +234,7 @@ pub struct NoClientAuth;
impl NoClientAuth {
/// Constructs a `NoClientAuth` and wraps it in an `Arc`.
pub fn new() -> Arc<ClientCertVerifier> { Arc::new(NoClientAuth) }
pub fn new() -> Arc<dyn ClientCertVerifier> { Arc::new(NoClientAuth) }
}
impl ClientCertVerifier for NoClientAuth {