Skip to content

Commit

Permalink
Bump to webpki-roots 0.25
Browse files Browse the repository at this point in the history
  • Loading branch information
mdecimus committed Aug 15, 2023
1 parent d5ac9b3 commit ffa60e3
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 16 deletions.
5 changes: 3 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,14 @@ base64 = "0.20.0"
rand = { version = "0.8.5", optional = true }
md5 = { version = "0.7.0", optional = true }
tokio = { version = "1.23", features = ["net", "io-util", "time"]}
rustls = { version = "0.21", features = ["dangerous_configuration"]}
rustls = { version = "0.21", features = ["tls12", "dangerous_configuration"]}
tokio-rustls = { version = "0.24"}
webpki-roots = { version = "0.23"}
webpki-roots = { version = "0.25.2"}
gethostname = { version = "0.4"}

[dev-dependencies]
tokio = { version = "1.16", features = ["net", "io-util", "time", "rt-multi-thread", "macros"] }
env_logger = "0.10.0"

[features]
default = ["digest-md5", "cram-md5", "builder", "dkim"]
Expand Down
1 change: 1 addition & 0 deletions src/smtp/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ mod test {
#[tokio::test]
async fn smtp_basic() {
// StartTLS test
env_logger::init();
let client = SmtpClientBuilder::new("mail.smtp2go.com", 2525)
.implicit_tls(false)
.connect()
Expand Down
31 changes: 17 additions & 14 deletions src/smtp/tls.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
use std::{convert::TryFrom, io, sync::Arc};

use rustls::{
client::{ServerCertVerified, ServerCertVerifier, WebPkiVerifier},
client::{ServerCertVerified, ServerCertVerifier},
Certificate, ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, ServerName,
};
use tokio::net::TcpStream;
Expand Down Expand Up @@ -80,22 +80,25 @@ pub fn build_tls_connector(allow_invalid_certs: bool) -> TlsConnector {
let config = if !allow_invalid_certs {
let mut root_cert_store = RootCertStore::empty();

root_cert_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(
|ta| {
OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject,
ta.spki,
ta.name_constraints,
)
},
));
root_cert_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject,
ta.spki,
ta.name_constraints,
)
}));

//config
// .with_custom_certificate_verifier(Arc::new(WebPkiVerifier::new(root_cert_store, None)))

config
.with_custom_certificate_verifier(Arc::new(WebPkiVerifier::new(root_cert_store, None)))
.with_root_certificates(root_cert_store)
.with_no_client_auth()
} else {
config.with_custom_certificate_verifier(Arc::new(DummyVerifier {}))
}
.with_no_client_auth();
config
.with_custom_certificate_verifier(Arc::new(DummyVerifier {}))
.with_no_client_auth()
};

TlsConnector::from(Arc::new(config))
}
Expand Down

0 comments on commit ffa60e3

Please sign in to comment.