Skip to content
This repository was archived by the owner on Jan 14, 2025. It is now read-only.

Commit 9b0344b

Browse files
ol-teutool-teuto
committed
add support for rustls 0.22
1 parent f536e4d commit 9b0344b

File tree

2 files changed

+49
-15
lines changed

2 files changed

+49
-15
lines changed

Cargo.toml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,14 @@ readme = "README.md"
1111
[dependencies]
1212
futures = { version = "0.3", default-features = false }
1313
ring = { version = "0.16", default-features = false }
14-
rustls = { version = "0.21", default-features = false }
14+
rustls = { version = "0.22", default-features = false }
15+
rustls-pki-types = { version = "1", default-features = false }
1516
tokio = { version = "1", default-features = false }
1617
tokio-postgres = { version = "0.7", default-features = false }
17-
tokio-rustls = { version = "0.24", default-features = false }
18+
tokio-rustls = { version = "0.25", default-features = false }
1819

1920
[dev-dependencies]
2021
env_logger = { version = "0.8", default-features = false }
2122
tokio = { version = "1", features = ["macros", "rt"] }
2223
tokio-postgres = "0.7"
23-
rustls = { version = "0.21", features = ["dangerous_configuration"] }
24+
rustls = { version = "0.22" }

src/lib.rs

Lines changed: 45 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,8 @@ use std::{
99

1010
use futures::future::{FutureExt, TryFutureExt};
1111
use ring::digest;
12-
use rustls::{ClientConfig, ServerName};
12+
use rustls::ClientConfig;
13+
use rustls_pki_types::ServerName;
1314
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
1415
use tokio_postgres::tls::{ChannelBinding, MakeTlsConnect, TlsConnect};
1516
use tokio_rustls::{client::TlsStream, TlsConnector};
@@ -39,7 +40,7 @@ where
3940
ServerName::try_from(hostname)
4041
.map(|dns_name| {
4142
RustlsConnect(Some(RustlsConnectData {
42-
hostname: dns_name,
43+
hostname: dns_name.to_owned(),
4344
connector: Arc::clone(&self.config).into(),
4445
}))
4546
})
@@ -50,7 +51,7 @@ where
5051
pub struct RustlsConnect(Option<RustlsConnectData>);
5152

5253
struct RustlsConnectData {
53-
hostname: ServerName,
54+
hostname: ServerName<'static>,
5455
connector: TlsConnector,
5556
}
5657

@@ -130,30 +131,62 @@ where
130131
mod tests {
131132
use super::*;
132133
use futures::future::TryFutureExt;
133-
use rustls::{client::ServerCertVerified, client::ServerCertVerifier, Certificate, Error};
134-
use std::time::SystemTime;
135-
134+
use rustls::{
135+
client::danger::ServerCertVerifier,
136+
client::danger::{HandshakeSignatureValid, ServerCertVerified},
137+
Error, SignatureScheme,
138+
};
139+
use rustls_pki_types::{CertificateDer, UnixTime};
140+
141+
#[derive(Debug)]
136142
struct AcceptAllVerifier {}
137143
impl ServerCertVerifier for AcceptAllVerifier {
138144
fn verify_server_cert(
139145
&self,
140-
_end_entity: &Certificate,
141-
_intermediates: &[Certificate],
142-
_server_name: &ServerName,
143-
_scts: &mut dyn Iterator<Item = &[u8]>,
146+
_end_entity: &CertificateDer<'_>,
147+
_intermediates: &[CertificateDer<'_>],
148+
_server_name: &ServerName<'_>,
144149
_ocsp_response: &[u8],
145-
_now: SystemTime,
150+
_now: UnixTime,
146151
) -> Result<ServerCertVerified, Error> {
147152
Ok(ServerCertVerified::assertion())
148153
}
154+
155+
fn verify_tls12_signature(
156+
&self,
157+
_message: &[u8],
158+
_cert: &CertificateDer<'_>,
159+
_dss: &rustls::DigitallySignedStruct,
160+
) -> Result<rustls::client::danger::HandshakeSignatureValid, Error> {
161+
Ok(HandshakeSignatureValid::assertion())
162+
}
163+
164+
fn verify_tls13_signature(
165+
&self,
166+
_message: &[u8],
167+
_cert: &CertificateDer<'_>,
168+
_dss: &rustls::DigitallySignedStruct,
169+
) -> Result<rustls::client::danger::HandshakeSignatureValid, Error> {
170+
Ok(HandshakeSignatureValid::assertion())
171+
}
172+
173+
fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
174+
vec![
175+
SignatureScheme::ECDSA_NISTP384_SHA384,
176+
SignatureScheme::ECDSA_NISTP256_SHA256,
177+
SignatureScheme::RSA_PSS_SHA512,
178+
SignatureScheme::RSA_PSS_SHA384,
179+
SignatureScheme::RSA_PSS_SHA256,
180+
SignatureScheme::ED25519,
181+
]
182+
}
149183
}
150184

151185
#[tokio::test]
152186
async fn it_works() {
153187
env_logger::builder().is_test(true).try_init().unwrap();
154188

155189
let mut config = rustls::ClientConfig::builder()
156-
.with_safe_defaults()
157190
.with_root_certificates(rustls::RootCertStore::empty())
158191
.with_no_client_auth();
159192
config

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy