forked/reqwest-impersonate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Re-enable rustls feature (#625)

Browse Source
This commit is contained in:
Sean McArthur
2019-09-09 12:45:45 -07:00
committed by GitHub
parent ba7b2a754e
commit 5fb04356fc
4 changed files with 25 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.travis.yml
View File

@@ -19,13 +19,13 @@ matrix:
# rustls-tls
#- rust: stable
#- rust: nightly
# env: FEATURES="--no-default-features --features rustls-tls"
- rust: nightly
env: FEATURES="--no-default-features --features rustls-tls"
# default-tls and rustls-tls
#- rust: stable
#- rust: nightly
# env: FEATURES="--features rustls-tls"
- rust: nightly
env: FEATURES="--features rustls-tls"
# socks
#- rust: stable

10
Cargo.toml
View File

@@ -50,10 +50,10 @@ native-tls = { version = "0.2", optional = true }
tokio-tls = { version = "=0.3.0-alpha.4", optional = true }
## rustls-tls
#hyper-rustls = { git = "https://github.com/dbcfd/hyper-rustls.git", branch = "master", optional = true }
#rustls = { version = "0.16", features = ["dangerous_configuration"], optional = true }
#tokio-rustls = { version = "=0.12.0-alpha.2", optional = true }
#webpki-roots = { version = "0.17", optional = true }
hyper-rustls = { version = "=0.18.0-alpha.1", optional = true }
rustls = { version = "0.16", features = ["dangerous_configuration"], optional = true }
tokio-rustls = { version = "=0.12.0-alpha.2", optional = true }
webpki-roots = { version = "0.17", optional = true }
## socks
#socks = { version = "0.3.2", optional = true }
@@ -77,7 +77,7 @@ tls = []
default-tls = ["hyper-tls", "native-tls", "tls", "tokio-tls"]
default-tls-vendored = ["default-tls", "native-tls/vendored"]
#rustls-tls = ["hyper-rustls", "tokio-rustls", "webpki-roots", "rustls", "tls"]
rustls-tls = ["hyper-rustls", "tokio-rustls", "webpki-roots", "rustls", "tls"]
#trust-dns = ["trust-dns-resolver"]

12
src/connect.rs
View File

@@ -238,12 +238,12 @@ async fn connect_with_maybe_proxy(
// Disable Nagle's algorithm for TLS handshake
//
// https://www.openssl.org/docs/man1.1.1/man3/SSL_connect.html#NOTES
http.set_nodelay(nodelay || (dst.scheme() == "https"));
http.set_nodelay(no_delay || (dst.scheme() == "https"));
let http = hyper_rustls::HttpsConnector::from((http, tls.clone()));
let (io, connected) = http.connect(dst).await;
let (io, connected) = http.connect(dst).await?;
if let hyper_rustls::MaybeHttpsStream::Https(stream) = &io {
if !nodelay {
if !no_delay {
let (io, _) = stream.get_ref();
io.set_nodelay(false)?;
}
@@ -317,15 +317,15 @@ async fn connect_via_proxy(
let host = dst.host().to_owned();
let port = dst.port().unwrap_or(443);
let mut http = http.clone();
http.set_nodelay(nodelay);
http.set_nodelay(no_delay);
let http = hyper_rustls::HttpsConnector::from((http, tls_proxy.clone()));
let tls = tls.clone();
let (conn, connected) = http.connect(ndst).await;
let (conn, connected) = http.connect(ndst).await?;
log::trace!("tunneling HTTPS over proxy");
let maybe_dnsname = DNSNameRef::try_from_ascii_str(&host)
.map(|dnsname| dnsname.to_owned())
.map_err(|_| io::Error::new(io::ErrorKind::Other, "Invalid DNS Name"));
let tunneled = tunnel(conn, host, port, auth).await;
let tunneled = tunnel(conn, host, port, auth).await?;
let dnsname = maybe_dnsname?;
let io = RustlsConnector::from(tls)
.connect(dnsname.as_ref(), tunneled)

16
src/tls.rs
View File

@@ -97,17 +97,21 @@ impl Certificate {
use std::io::Cursor;
match self.original {
Cert::Der(buf) => try_!(tls
Cert::Der(buf) => tls
.root_store
.add(&::rustls::Certificate(buf))
.map_err(TLSError::WebPKIError)),
.map_err(|e| crate::error::from(TLSError::WebPKIError(e)))?,
Cert::Pem(buf) => {
let mut pem = Cursor::new(buf);
let certs = try_!(pemfile::certs(&mut pem).map_err(|_| TLSError::General(
String::from("No valid certificate was found")
)));
let certs = pemfile::certs(&mut pem).map_err(|_| {
crate::error::from(TLSError::General(String::from(
"No valid certificate was found",
)))
})?;
for c in certs {
try_!(tls.root_store.add(&c).map_err(TLSError::WebPKIError));
tls.root_store
.add(&c)
.map_err(|e| crate::error::from(TLSError::WebPKIError(e)))?;
}
}
}