-
Notifications
You must be signed in to change notification settings - Fork 892
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CfT: Test out Rustup's reqwest
backend with rustls
#3806
Comments
reqwest
backend with rustls
reqwest
backend with rustls
reqwest
backend with rustls
LGTM! 👍🏾 |
An interesting observation by @llde indicates that this change might be a move in the right direction!
|
reqwest
backend with rustls
reqwest
backend with rustls
This CfT has been added to TWiR Issue 546. You may now remove the call-for-testing label. Please feel free to re-add the label if you wish this CfT to appear again in a future issue. |
Rustls is completely unusable with the WARP Gateway (a corporate VPN) due to lack of support for p521 signatures.
The curl backend has no problems with it. |
@kornelski interesting... So WARP MITMs all connections, and only supports P521 for this? That seems pretty restrictive and a little surprising. Or is this configurable for WARP and does your WARP org require the stronger curve? https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/user-side-certificates/custom-certificate/ suggests that RSA is supported for custom roots so it doesn't look like P521 is a requirement for the product itself? |
In #3790, we have started an initiative to make
reqwest/rustls
Rustup's future download/TLS backend combination.While a maximally-Rust stack might sound exciting, we want to get it tested beforehand to minimize the possibility for you to experience hiccups in production.
If you're using Rustup v1.28+, this should be available for you by default 1 ; for Rustup v1.27 and earlier, chances are you can opt in right now by setting the environment variable
RUSTUP_USE_RUSTLS=1
2 .Please feel free to share your experiences below, and many thanks in advance 🙇♀️
Note
You can report in this issue the changes that switching to
rustls
has made to your workflow, so I assume most of them are breakages: what worked before but now doesn’t work withrustls
.Of course, it could also be the opposite, i.e. what didn't work but now works.
If you can’t feel any difference, that’s actually a good news for us! Just reacting with 😄3 to this message would be perfect in this case :)
Tasks
ring
-basedreqwest/rustls
backend #3820aws-lc
#3979Footnotes
At the time of writing, the only exceptions are
powerpc64*
,loongarch*
,*openbsd*
and*illumos*
. ↩Please make sure that
RUSTUP_USE_CURL
is NOT set, otherwise thecurl
download backend will be selected; to opt out, just setRUSTUP_USE_RUSTLS=0
. ↩GitHub has recently replaced the emoji with 😂, I have no idea why this is the case 🤷♀No, they have changed it back, never mind :) ↩The text was updated successfully, but these errors were encountered: