From ec92c1e17d48b96cda57bf05aa0bf1ec61695ae7 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 9 Dec 2024 13:39:33 +0000
Subject: [PATCH 1/2] [deps]: Update Rust crate rustls-platform-verifier to
 0.4.0

---
 Cargo.lock                         | 14 +++++++-------
 crates/bitwarden-core/Cargo.toml   |  2 +-
 crates/bitwarden-uniffi/Cargo.toml |  2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e826fb30..e82a1d25 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2249,7 +2249,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34"
 dependencies = [
  "cfg-if",
- "windows-targets 0.48.5",
+ "windows-targets 0.52.6",
 ]
 
 [[package]]
@@ -3147,9 +3147,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-platform-verifier"
-version = "0.3.4"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "afbb878bdfdf63a336a5e63561b1835e7a8c91524f51621db870169eac84b490"
+checksum = "a4c7dc240fec5517e6c4eab3310438636cfe6391dfc345ba013109909a90d136"
 dependencies = [
  "core-foundation",
  "core-foundation-sys",
@@ -3162,8 +3162,8 @@ dependencies = [
  "rustls-webpki",
  "security-framework",
  "security-framework-sys",
- "webpki-roots",
- "winapi",
+ "webpki-root-certs",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -4519,10 +4519,10 @@ dependencies = [
 ]
 
 [[package]]
-name = "webpki-roots"
+name = "webpki-root-certs"
 version = "0.26.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d642ff16b7e79272ae451b7322067cdc17cadf68c23264be9d94a32319efe7e"
+checksum = "9cd5da49bdf1f30054cfe0b8ce2958b8fbeb67c4d82c8967a598af481bef255c"
 dependencies = [
  "rustls-pki-types",
 ]
diff --git a/crates/bitwarden-core/Cargo.toml b/crates/bitwarden-core/Cargo.toml
index fe1c6a1c..79b60660 100644
--- a/crates/bitwarden-core/Cargo.toml
+++ b/crates/bitwarden-core/Cargo.toml
@@ -59,7 +59,7 @@ bitwarden-error = { workspace = true }
 # By default, we use rustls as the TLS stack and rust-platform-verifier to support user-installed root certificates
 # The only exception is WASM, as it just uses the browsers/node fetch
 reqwest = { workspace = true, features = ["rustls-tls-manual-roots"] }
-rustls-platform-verifier = "0.3.4"
+rustls-platform-verifier = "0.4.0"
 
 [dev-dependencies]
 bitwarden-crypto = { workspace = true }
diff --git a/crates/bitwarden-uniffi/Cargo.toml b/crates/bitwarden-uniffi/Cargo.toml
index 2e57e23b..6575e6ad 100644
--- a/crates/bitwarden-uniffi/Cargo.toml
+++ b/crates/bitwarden-uniffi/Cargo.toml
@@ -39,7 +39,7 @@ android_logger = "0.14"
 # The use of rustls-platform-verifier requires some extra support to communicate with the Android platform
 jni = ">=0.19, <0.20"
 libloading = ">=0.8.1, <0.9"
-rustls-platform-verifier = "0.3.4"
+rustls-platform-verifier = "0.4.0"
 
 [target.'cfg(target_os = "ios")'.dependencies]
 oslog = "0.2.0"

From 3dfdc8633dcfc74fe706d3536b81f09eabd903ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Garci=CC=81a?=
 <dani-garcia@users.noreply.github.com>
Date: Tue, 10 Dec 2024 18:55:36 +0100
Subject: [PATCH 2/2] Update deprecated methods

---
 Cargo.lock                                 |  1 +
 crates/bitwarden-core/Cargo.toml           |  1 +
 crates/bitwarden-core/src/client/client.rs | 25 +++-------------------
 3 files changed, 5 insertions(+), 22 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e82a1d25..cd3df9b6 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -396,6 +396,7 @@ dependencies = [
  "rand",
  "rand_chacha",
  "reqwest",
+ "rustls",
  "rustls-platform-verifier",
  "schemars",
  "serde",
diff --git a/crates/bitwarden-core/Cargo.toml b/crates/bitwarden-core/Cargo.toml
index 79b60660..08637015 100644
--- a/crates/bitwarden-core/Cargo.toml
+++ b/crates/bitwarden-core/Cargo.toml
@@ -59,6 +59,7 @@ bitwarden-error = { workspace = true }
 # By default, we use rustls as the TLS stack and rust-platform-verifier to support user-installed root certificates
 # The only exception is WASM, as it just uses the browsers/node fetch
 reqwest = { workspace = true, features = ["rustls-tls-manual-roots"] }
+rustls = { version = "0.23.19", default-features = false }
 rustls-platform-verifier = "0.4.0"
 
 [dev-dependencies]
diff --git a/crates/bitwarden-core/src/client/client.rs b/crates/bitwarden-core/src/client/client.rs
index b9bf4c51..8b8182cd 100644
--- a/crates/bitwarden-core/src/client/client.rs
+++ b/crates/bitwarden-core/src/client/client.rs
@@ -27,8 +27,10 @@ impl Client {
 
             #[cfg(not(target_arch = "wasm32"))]
             {
+                use rustls::ClientConfig;
+                use rustls_platform_verifier::ConfigVerifierExt;
                 client_builder =
-                    client_builder.use_preconfigured_tls(rustls_platform_verifier::tls_config());
+                    client_builder.use_preconfigured_tls(ClientConfig::with_platform_verifier());
             }
 
             client_builder
@@ -83,24 +85,3 @@ impl Client {
         }
     }
 }
-
-#[cfg(test)]
-mod tests {
-    #[cfg(not(target_arch = "wasm32"))]
-    #[test]
-    fn test_reqwest_rustls_platform_verifier_are_compatible() {
-        // rustls-platform-verifier is generating a rustls::ClientConfig,
-        // which reqwest accepts as a &dyn Any and then downcasts it to a
-        // rustls::ClientConfig.
-
-        // This means that if the rustls version of the two crates don't match,
-        // the downcast will fail and we will get a runtime error.
-
-        // This tests is added to ensure that it doesn't happen.
-
-        let _ = reqwest::ClientBuilder::new()
-            .use_preconfigured_tls(rustls_platform_verifier::tls_config())
-            .build()
-            .unwrap();
-    }
-}