Skip to content

Commit

Permalink
Add rustls-bring-your-own-connector feature
Browse files Browse the repository at this point in the history 
Signed-off-by: Jens Reidel <adrian@travitia.xyz>
  • Loading branch information
@Gelbpunkt
Gelbpunkt committed Sep 13, 2024
1 parent 748741a commit 0f0125c
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 22 deletions.
1 change: 1 addition & 0 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ native-tls = ["dep:tokio-native-tls"]
rustls-webpki-roots = ["dep:rustls-pki-types", "dep:tokio-rustls", "dep:webpki-roots"]
rustls-native-roots = ["dep:rustls-pki-types", "dep:tokio-rustls", "dep:rustls-native-certs"]
rustls-platform-verifier = ["dep:rustls-pki-types", "dep:tokio-rustls", "dep:rustls-platform-verifier"]
rustls-bring-your-own-connector = ["dep:rustls-pki-types", "dep:tokio-rustls"]
rustls-tls12 = ["tokio-rustls?/tls12"]
nightly = ["simdutf8?/aarch64_neon_prefetch"]

Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ TLS is supported via any of the following feature flags:
- `rustls-webpki-roots` for a [`tokio-rustls`](https://docs.rs/tokio-rustls/latest/tokio_rustls/) backed implementation with [`webpki-roots`](https://docs.rs/webpki-roots/latest/webpki_roots/)
- `rustls-native-roots` for a [`tokio-rustls`](https://docs.rs/tokio-rustls/latest/tokio_rustls/) backed implementation with [`rustls-native-certs`](https://docs.rs/rustls-native-certs/latest/rustls_native_certs/)
- `rustls-platform-verifier` for a [`tokio-rustls`](https://docs.rs/tokio-rustls/latest/tokio_rustls/) backed implementation with [`rustls-platform-verifier`](https://docs.rs/rustls-platform-verifier/latest/rustls_platform_verifier/)
- `rustls-bring-your-own-connector` for a [`tokio-rustls`](https://docs.rs/tokio-rustls/latest/tokio_rustls/) backed implementation that requires you to create your own `Connector::Rustls` - the `Connector::new` method will return a plain connector

The `rustls-*-roots` and `rustls-platform-verifier` features require a crypto provider for `rustls`. You can either enable the `aws_lc_rs` (optionally also FIPS-compliant via the `fips` feature) or `ring` features to use these crates as the providers and then use `TlsConnector::new()`, or bring your own with `TlsConnector::new_rustls_with_crypto_provider()`.

Expand Down
29 changes: 19 additions & 10 deletions src/error.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ use std::{fmt, io};
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
use rustls_pki_types::InvalidDnsNameError;
#[cfg(feature = "native-tls")]
Expand Down Expand Up @@ -36,14 +37,16 @@ pub enum Error {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
InvalidDNSName(InvalidDnsNameError),
/// A general rustls error.
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Rustls(tokio_rustls::rustls::Error),
/// An unsupported, i.e. not `ws` or `wss`, or no URI scheme was specified.
Expand All @@ -69,7 +72,7 @@ pub enum Error {
#[cfg(all(
not(feature = "rustls-webpki-roots"),
feature = "rustls-native-roots",
not(feature = "rustls-platform-verifier")
not(feature = "rustls-platform-verifier"),
))]
NoNativeRootCertificatesFound(Vec<rustls_native_certs::Error>),
}
Expand All @@ -96,7 +99,8 @@ impl From<io::Error> for Error {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
impl From<InvalidDnsNameError> for Error {
fn from(err: InvalidDnsNameError) -> Self {
Expand All @@ -107,7 +111,8 @@ impl From<InvalidDnsNameError> for Error {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
impl From<tokio_rustls::rustls::Error> for Error {
fn from(err: tokio_rustls::rustls::Error) -> Self {
Expand Down Expand Up @@ -144,13 +149,15 @@ impl fmt::Display for Error {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Error::InvalidDNSName(_) => f.write_str("invalid DNS name"),
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Error::Rustls(e) => e.fmt(f),
#[cfg(feature = "client")]
Expand Down Expand Up @@ -211,13 +218,15 @@ impl std::error::Error for Error {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Error::InvalidDNSName(e) => Some(e),
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Error::Rustls(e) => Some(e),
#[cfg(any(feature = "client", feature = "server"))]
Expand Down
36 changes: 24 additions & 12 deletions src/tls.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ use std::{
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
use rustls_pki_types::ServerName;
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
Expand Down Expand Up @@ -71,7 +72,8 @@ pub enum Connector {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Rustls(tokio_rustls::TlsConnector),
}
Expand All @@ -85,7 +87,8 @@ impl Debug for Connector {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(_) => f.write_str("Connector::Rustls"),
}
Expand All @@ -109,7 +112,8 @@ pub enum MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Rustls(tokio_rustls::client::TlsStream<S>),
}
Expand All @@ -127,7 +131,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncRead for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => Pin::new(s).poll_read(cx, buf),
}
Expand All @@ -147,7 +152,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncWrite for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => Pin::new(s).poll_write(cx, buf),
}
Expand All @@ -161,7 +167,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncWrite for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => Pin::new(s).poll_flush(cx),
}
Expand All @@ -175,7 +182,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncWrite for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => Pin::new(s).poll_shutdown(cx),
}
Expand All @@ -193,7 +201,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncWrite for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => Pin::new(s).poll_write_vectored(cx, bufs),
}
Expand All @@ -207,7 +216,8 @@ impl<S: AsyncRead + AsyncWrite + Unpin> AsyncWrite for MaybeTlsStream<S> {
#[cfg(any(
feature = "rustls-native-roots",
feature = "rustls-webpki-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(s) => s.is_write_vectored(),
}
Expand Down Expand Up @@ -349,7 +359,8 @@ impl Connector {
feature = "native-tls",
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
)),
allow(unused_variables, clippy::unused_async)
)]
Expand All @@ -367,7 +378,8 @@ impl Connector {
#[cfg(any(
feature = "rustls-webpki-roots",
feature = "rustls-native-roots",
feature = "rustls-platform-verifier"
feature = "rustls-platform-verifier",
feature = "rustls-bring-your-own-connector"
))]
Self::Rustls(connector) => Ok(MaybeTlsStream::Rustls(
connector
Expand Down

0 comments on commit 0f0125c

Please sign in to comment.