forked/reqwest-impersonate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Re-enable rustls feature (#625)

Browse Source
This commit is contained in:
Sean McArthur
2019-09-09 12:45:45 -07:00
committed by GitHub
parent ba7b2a754e
commit 5fb04356fc
4 changed files with 25 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.travis.yml
View File

@@ -19,13 +19,13 @@ matrix:
# rustls-tls # rustls-tls
#- rust: stable #- rust: stable
#- rust: nightly - rust: nightly
# env: FEATURES="--no-default-features --features rustls-tls" env: FEATURES="--no-default-features --features rustls-tls"
# default-tls and rustls-tls # default-tls and rustls-tls
#- rust: stable #- rust: stable
#- rust: nightly - rust: nightly
# env: FEATURES="--features rustls-tls" env: FEATURES="--features rustls-tls"
# socks # socks
#- rust: stable #- rust: stable

10
Cargo.toml
View File

@@ -50,10 +50,10 @@ native-tls = { version = "0.2", optional = true }
tokio-tls = { version = "=0.3.0-alpha.4", optional = true } tokio-tls = { version = "=0.3.0-alpha.4", optional = true }
## rustls-tls ## rustls-tls
#hyper-rustls = { git = "https://github.com/dbcfd/hyper-rustls.git", branch = "master", optional = true } hyper-rustls = { version = "=0.18.0-alpha.1", optional = true }
#rustls = { version = "0.16", features = ["dangerous_configuration"], optional = true } rustls = { version = "0.16", features = ["dangerous_configuration"], optional = true }
#tokio-rustls = { version = "=0.12.0-alpha.2", optional = true } tokio-rustls = { version = "=0.12.0-alpha.2", optional = true }
#webpki-roots = { version = "0.17", optional = true } webpki-roots = { version = "0.17", optional = true }
## socks ## socks
#socks = { version = "0.3.2", optional = true } #socks = { version = "0.3.2", optional = true }
@@ -77,7 +77,7 @@ tls = []
default-tls = ["hyper-tls", "native-tls", "tls", "tokio-tls"] default-tls = ["hyper-tls", "native-tls", "tls", "tokio-tls"]
default-tls-vendored = ["default-tls", "native-tls/vendored"] default-tls-vendored = ["default-tls", "native-tls/vendored"]
#rustls-tls = ["hyper-rustls", "tokio-rustls", "webpki-roots", "rustls", "tls"] rustls-tls = ["hyper-rustls", "tokio-rustls", "webpki-roots", "rustls", "tls"]
#trust-dns = ["trust-dns-resolver"] #trust-dns = ["trust-dns-resolver"]

12
src/connect.rs
View File

@@ -238,12 +238,12 @@ async fn connect_with_maybe_proxy(
// Disable Nagle's algorithm for TLS handshake // Disable Nagle's algorithm for TLS handshake
// //
// https://www.openssl.org/docs/man1.1.1/man3/SSL_connect.html#NOTES // https://www.openssl.org/docs/man1.1.1/man3/SSL_connect.html#NOTES
http.set_nodelay(nodelay || (dst.scheme() == "https")); http.set_nodelay(no_delay || (dst.scheme() == "https"));
let http = hyper_rustls::HttpsConnector::from((http, tls.clone())); let http = hyper_rustls::HttpsConnector::from((http, tls.clone()));
let (io, connected) = http.connect(dst).await; let (io, connected) = http.connect(dst).await?;
if let hyper_rustls::MaybeHttpsStream::Https(stream) = &io { if let hyper_rustls::MaybeHttpsStream::Https(stream) = &io {
if !nodelay { if !no_delay {
let (io, _) = stream.get_ref(); let (io, _) = stream.get_ref();
io.set_nodelay(false)?; io.set_nodelay(false)?;
} }
@@ -317,15 +317,15 @@ async fn connect_via_proxy(
let host = dst.host().to_owned(); let host = dst.host().to_owned();
let port = dst.port().unwrap_or(443); let port = dst.port().unwrap_or(443);
let mut http = http.clone(); let mut http = http.clone();
http.set_nodelay(nodelay); http.set_nodelay(no_delay);
let http = hyper_rustls::HttpsConnector::from((http, tls_proxy.clone())); let http = hyper_rustls::HttpsConnector::from((http, tls_proxy.clone()));
let tls = tls.clone(); let tls = tls.clone();
let (conn, connected) = http.connect(ndst).await; let (conn, connected) = http.connect(ndst).await?;
log::trace!("tunneling HTTPS over proxy"); log::trace!("tunneling HTTPS over proxy");
let maybe_dnsname = DNSNameRef::try_from_ascii_str(&host) let maybe_dnsname = DNSNameRef::try_from_ascii_str(&host)
.map(|dnsname| dnsname.to_owned()) .map(|dnsname| dnsname.to_owned())
.map_err(|_| io::Error::new(io::ErrorKind::Other, "Invalid DNS Name")); .map_err(|_| io::Error::new(io::ErrorKind::Other, "Invalid DNS Name"));
let tunneled = tunnel(conn, host, port, auth).await; let tunneled = tunnel(conn, host, port, auth).await?;
let dnsname = maybe_dnsname?; let dnsname = maybe_dnsname?;
let io = RustlsConnector::from(tls) let io = RustlsConnector::from(tls)
.connect(dnsname.as_ref(), tunneled) .connect(dnsname.as_ref(), tunneled)

16
src/tls.rs
View File

@@ -97,17 +97,21 @@ impl Certificate {
use std::io::Cursor; use std::io::Cursor;
match self.original { match self.original {
Cert::Der(buf) => try_!(tls Cert::Der(buf) => tls
.root_store .root_store
.add(&::rustls::Certificate(buf)) .add(&::rustls::Certificate(buf))
.map_err(TLSError::WebPKIError)), .map_err(|e| crate::error::from(TLSError::WebPKIError(e)))?,
Cert::Pem(buf) => { Cert::Pem(buf) => {
let mut pem = Cursor::new(buf); let mut pem = Cursor::new(buf);
let certs = try_!(pemfile::certs(&mut pem).map_err(|_| TLSError::General( let certs = pemfile::certs(&mut pem).map_err(|_| {
String::from("No valid certificate was found") crate::error::from(TLSError::General(String::from(
))); "No valid certificate was found",
)))
})?;
for c in certs { for c in certs {
try_!(tls.root_store.add(&c).map_err(TLSError::WebPKIError)); tls.root_store
.add(&c)
.map_err(|e| crate::error::from(TLSError::WebPKIError(e)))?;
} }
} }
} }