Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

0.27.0 preparation, Rustls 0.23 update #266

Merged
merged 4 commits into from
Mar 26, 2024
Merged

0.27.0 preparation, Rustls 0.23 update #266

merged 4 commits into from
Mar 26, 2024

Conversation

cpu
Copy link
Member

@cpu cpu commented Mar 25, 2024
edited
Loading

  • Updates Rustls and associated ecosystem crates to use Rustls 0.23
  • Fixes implicit usage of the default crypto provider
  • Fixes some config gates that were overly specific to ring when aws_lc_rs would be acceptable as well
  • Adds some additional CI coverage for an aws-lc-rs build, and then flips it to be the ring coverage once the default changes
  • Switches the default crypto provider to aws-lc-rs to match upstream
  • Bumps the version

This is an alternative to #263 with a green build and a tidier commit history.

Proposed release notes

Changed

  • Rustls updated to 0.23
  • Default cryptography provider changed to aws-lc-rs to match upstream Rustls project. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows.
    Support for ring continues to be available: set the ring crate feature.

Added

  • New with_platform_verifier connector builder fns for using rustls-platform-verifier for certificate verification. Requires the optional rustls-platform-verifier feature be enabled.
  • New HttpsConnector::builder fn for conveniently constructing a ConnectorBuilder.

@cpu cpu self-assigned this Mar 25, 2024
@cpu cpu mentioned this pull request Mar 25, 2024
Closed
@cpu cpu changed the title 0.27.0 preparation 0.27.0 preparation, Ruslts 0.23 update Mar 25, 2024
@cpu cpu changed the title 0.27.0 preparation, Ruslts 0.23 update 0.27.0 preparation, Rustls 0.23 update Mar 25, 2024
djc
djc reviewed Mar 26, 2024
View reviewed changes
Cargo.toml Show resolved Hide resolved
Cargo.toml Outdated Show resolved Hide resolved
Cargo.toml Outdated Show resolved Hide resolved
djc
djc approved these changes Mar 26, 2024
View reviewed changes
Copy link
Member

@djc djc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

src/connector/builder.rs Outdated Show resolved Hide resolved
cpu added 3 commits March 26, 2024 10:43
@cpu
Cargo: update Rustls & associated crates to 0.23
ab169e8 
* updates rustls 0.22 to 0.23
* updates tokio-rustls 0.25 to 0.26
* updates rustls-platform-verifier 0.2 to 0.3
* addresses default crypto provider requirements for tests, examples
* makes aws-lc-rs the default crypto provider, matching upstream. Ring
  remains available opt-in with the `ring` feature.
@cpu
ci: add ring build to test phase
45648c1 
Previously we did not have a test step that would run the unit tests
assuming the equivalent of default features, but with the default
crypto provider (now `aws-lc-rs`) with the alternative built-in option
(now `ring`).
@cpu
Cargo: version 0.26.0 -> 0.27.0
624300b
@cpu cpu requested a review from ctz March 26, 2024 14:51
@cpu cpu added this pull request to the merge queue Mar 26, 2024
@cpu
Copy link
Member Author

cpu commented Mar 26, 2024

I have to run to an appointment but will do the post-merge release process when I get back in a couple of hours.

Merged via the queue into rustls:main with commit 0d38794 Mar 26, 2024
11 checks passed
@cpu cpu deleted the cpu-0.27 branch March 26, 2024 15:04
@cpu
Copy link
Member Author

cpu commented Mar 26, 2024
edited
Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ctz ctz ctz approved these changes

@djc djc djc approved these changes

Assignees

@cpu cpu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cpu @djc @ctz