Skip to content

Commit

Permalink
feat: add cargo feature to use rustls without ring (seanmonstar#2301)
Browse files Browse the repository at this point in the history
  • Loading branch information
asonix authored and Nutomic committed Nov 7, 2024
1 parent 30e633f commit f5b3469
Show file tree
Hide file tree
Showing 10 changed files with 40 additions and 8 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,10 @@ jobs:
- "feat.: rustls-tls"
- "feat.: rustls-tls-manual-roots"
- "feat.: rustls-tls-native-roots"
- "feat.: rustls-tls-no-provider"
- "feat.: native-tls"
- "feat.: default-tls and rustls-tls"
- "feat.: rustls-tls and rustls-tls-no-provider"
- "feat.: cookies"
- "feat.: blocking"
- "feat.: blocking only"
Expand Down Expand Up @@ -131,8 +133,12 @@ jobs:
features: "--no-default-features --features rustls-tls-manual-roots"
- name: "feat.: rustls-tls-native-roots"
features: "--no-default-features --features rustls-tls-native-roots"
- name: "feat.: rustls-tls-no-provider"
features: "--no-default-features --features rustls-tls-no-provider"
- name: "feat.: native-tls"
features: "--features native-tls"
- name: "feat.: rustls-tls and rustls-tls-no-provider"
features: "--features rustls-tls,rustls-tls-no-provider"
- name: "feat.: default-tls and rustls-tls"
features: "--features rustls-tls"
- name: "feat.: cookies"
Expand Down
20 changes: 13 additions & 7 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,12 @@ native-tls-alpn = ["native-tls", "native-tls-crate?/alpn", "hyper-tls?/alpn"]
native-tls-vendored = ["native-tls", "native-tls-crate?/vendored"]

rustls-tls = ["rustls-tls-webpki-roots"]
rustls-tls-manual-roots = ["__rustls"]
rustls-tls-webpki-roots = ["dep:webpki-roots", "__rustls"]
rustls-tls-native-roots = ["dep:rustls-native-certs", "__rustls"]
rustls-tls-no-provider = ["rustls-tls-manual-roots-no-provider"]

rustls-tls-manual-roots = ["__rustls", "__rustls-ring"]
rustls-tls-webpki-roots = ["dep:webpki-roots", "__rustls", "__rustls-ring"]
rustls-tls-native-roots = ["dep:rustls-native-certs", "__rustls", "__rustls-ring"]
rustls-tls-manual-roots-no-provider = ["__rustls"]

blocking = ["dep:futures-channel", "futures-channel?/sink", "futures-util/io", "futures-util/sink", "tokio/sync"]

Expand Down Expand Up @@ -77,6 +80,7 @@ macos-system-configuration = ["dep:system-configuration"]
# Experimental HTTP/3 client.
http3 = ["rustls-tls-manual-roots", "dep:h3", "dep:h3-quinn", "dep:quinn", "dep:slab", "dep:futures-channel"]


# Internal (PRIVATE!) features used to aid testing.
# Don't rely on these whatsoever. They may disappear at anytime.

Expand All @@ -86,6 +90,7 @@ __tls = ["dep:rustls-pemfile", "tokio/io-util"]
# Enables common rustls code.
# Equivalent to rustls-tls-manual-roots but shorter :)
__rustls = ["dep:hyper-rustls", "dep:tokio-rustls", "dep:rustls", "__tls", "dep:rustls-pemfile", "dep:rustls-pki-types"]
__rustls-ring = ["hyper-rustls?/ring", "tokio-rustls?/ring", "rustls?/ring", "quinn?/ring"]

# When enabled, disable using the cached SYS_PROXIES.
__internal_proxy_sys_no_cache = []
Expand Down Expand Up @@ -133,10 +138,10 @@ native-tls-crate = { version = "0.2.10", optional = true, package = "native-tls"
tokio-native-tls = { version = "0.3.0", optional = true }

# rustls-tls
hyper-rustls = { version = "0.27.0", default-features = false, optional = true, features = ["http1", "http2", "native-tokio", "ring", "tls12"] }
rustls = { version = "0.23.4", optional = true, default-features = false, features = ["std", "ring", "tls12"] }
hyper-rustls = { version = "0.27.0", default-features = false, optional = true, features = ["http1", "http2", "native-tokio", "tls12"] }
rustls = { version = "0.23.4", optional = true, default-features = false, features = ["std", "tls12"] }
rustls-pki-types = { version = "1.1.0", features = ["alloc"] ,optional = true }
tokio-rustls = { version = "0.26", optional = true, default-features = false, features = ["ring", "tls12"] }
tokio-rustls = { version = "0.26", optional = true, default-features = false, features = ["tls12"] }
webpki-roots = { version = "0.26.0", optional = true }
rustls-native-certs = { version = "0.7", optional = true }

Expand All @@ -157,7 +162,7 @@ hickory-resolver = { version = "0.24", optional = true, features = ["tokio-runti
# HTTP/3 experimental support
h3 = { version = "0.0.5", optional = true }
h3-quinn = { version = "0.0.6", optional = true }
quinn = { version = "0.11.1", default-features = false, features = ["rustls", "ring", "runtime-tokio"], optional = true }
quinn = { version = "0.11.1", default-features = false, features = ["rustls", "runtime-tokio"], optional = true }
slab = { version = "0.4.9", optional = true } # just to get minimal versions working with quinn
futures-channel = { version = "0.3", optional = true }

Expand All @@ -173,6 +178,7 @@ zstd_crate = { package = "zstd", version = "0.13" }
doc-comment = "0.3"
tokio = { version = "1.0", default-features = false, features = ["macros", "rt-multi-thread"] }
futures-util = { version = "0.3.28", default-features = false, features = ["std", "alloc"] }
rustls = { version = "0.23", default-features = false, features = ["ring"] }

[target.'cfg(windows)'.dependencies]
winreg = "0.52.0"
Expand Down
14 changes: 13 additions & 1 deletion src/async_impl/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -571,7 +571,13 @@ impl ClientBuilder {
// If not, we use ring.
let provider = rustls::crypto::CryptoProvider::get_default()
.map(|arc| arc.clone())
.unwrap_or_else(|| Arc::new(rustls::crypto::ring::default_provider()));
.unwrap_or_else(|| {
#[cfg(not(feature = "__rustls-ring"))]
panic!("No provider set");

#[cfg(feature = "__rustls-ring")]
Arc::new(rustls::crypto::ring::default_provider())
});

// Build TLS config
let config_builder = rustls::ClientConfig::builder_with_provider(provider)
Expand Down Expand Up @@ -1322,6 +1328,8 @@ impl ClientBuilder {
/// # Example
///
/// ```
/// # #[cfg(all(feature = "__rustls", not(feature = "__rustls-ring")))]
/// # let _ = rustls::crypto::ring::default_provider().install_default();
/// use std::net::IpAddr;
/// let local_addr = IpAddr::from([12, 4, 1, 8]);
/// let client = reqwest::Client::builder()
Expand All @@ -1341,6 +1349,8 @@ impl ClientBuilder {
/// # Example
///
/// ```
/// # #[cfg(all(feature = "__rustls", not(feature = "__rustls-ring")))]
/// # let _ = rustls::crypto::ring::default_provider().install_default();
/// let interface = "lo";
/// let client = reqwest::Client::builder()
/// .interface(interface)
Expand Down Expand Up @@ -2781,6 +2791,8 @@ fn add_cookie_header(headers: &mut HeaderMap, cookie_store: &dyn cookie::CookieS

#[cfg(test)]
mod tests {
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]

#[tokio::test]
async fn execute_request_rejects_invalid_urls() {
let url_str = "hxxps://www.rust-lang.org/";
Expand Down
2 changes: 2 additions & 0 deletions src/async_impl/request.rs
Original file line number Diff line number Diff line change
Expand Up @@ -649,6 +649,8 @@ impl TryFrom<Request> for HttpRequest<Body> {

#[cfg(test)]
mod tests {
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]

use super::{Client, HttpRequest, Request, RequestBuilder, Version};
use crate::Method;
use serde::Serialize;
Expand Down
1 change: 1 addition & 0 deletions tests/badssl.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]

#[cfg(all(feature = "__tls", not(feature = "rustls-tls-manual-roots")))]
#[tokio::test]
Expand Down
1 change: 1 addition & 0 deletions tests/client.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]
mod support;

use support::server;
Expand Down
1 change: 1 addition & 0 deletions tests/proxy.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]
mod support;
use support::server;

Expand Down
1 change: 1 addition & 0 deletions tests/redirect.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]
mod support;
use http_body_util::BodyExt;
use reqwest::Body;
Expand Down
1 change: 1 addition & 0 deletions tests/timeouts.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]
mod support;
use support::server;

Expand Down
1 change: 1 addition & 0 deletions tests/upgrade.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#![cfg(not(target_arch = "wasm32"))]
#![cfg(not(feature = "rustls-tls-manual-roots-no-provider"))]
mod support;
use support::server;
use tokio::io::{AsyncReadExt, AsyncWriteExt};
Expand Down

0 comments on commit f5b3469

Please sign in to comment.