Merge pull request #36 from CleverCloud/devel/fdubois/feat/rustls-instead-openssl

FlorentinDUBOIS · web-flow · commit a5d19d653d19 · 2023-05-24T17:47:06.000+02:00
Use rustls instead of openssl
diff --git a/Cargo.toml b/Cargo.toml
@@ -27,8 +27,8 @@ crypto-common = { version = "^0.1.6", optional = true }
 headers = { version = "^0.3.8", optional = true }
 hmac = { version = "^0.12.1", features = ["std"], optional = true }
 hyper = { version = "^0.14.26", default-features = false, optional = true }
-hyper-tls = { version = "^0.5.0", optional = true }
-hyper-proxy = { version = "^0.9.1", default-features = false, features = ["tls"], optional = true }
+hyper-rustls = { version = "^0.24.0", default-features= false, features = ["webpki-tokio", "http1", "tls12"], optional = true }
+hyper-proxy = { version = "^0.9.1", default-features = false, features = ["rustls-webpki"], optional = true }
 once_cell = { version = "^1.17.1", optional = true }
 log = { version = "^0.4.17", optional = true }
 prometheus = { version = "^0.13.3", optional = true }
@@ -57,15 +57,15 @@ client = [
     "hyper/client",
     "hyper/tcp",
     "hyper/http1",
-    "hyper-tls",
+    "hyper-rustls",
     "serde",
     "serde_json",
     "sha2",
     "thiserror",
     "urlencoding",
     "uuid",
 ]
-logging = ["log", "tracing/log-always"]
+logging = ["log", "tracing/log-always", "hyper-rustls/logging"]
 trace = ["tracing", "tracing-futures"]
 tokio = ["tracing-futures/tokio"]
 metrics = ["once_cell", "prometheus"]
diff --git a/src/client/connector.rs b/src/client/connector.rs
@@ -8,4 +8,4 @@ pub use hyper::client::{
 };
 #[cfg(feature = "proxy")]
 pub use hyper_proxy::ProxyConnector;
-pub use hyper_tls::HttpsConnector;
+pub use hyper_rustls::{HttpsConnector, HttpsConnectorBuilder};
diff --git a/src/client/mod.rs b/src/client/mod.rs
@@ -26,7 +26,7 @@ use hyper::{
     },
     header, Body, Method, StatusCode,
 };
-use hyper_tls::HttpsConnector;
+use hyper_rustls::{HttpsConnector, HttpsConnectorBuilder};
 #[cfg(feature = "logging")]
 use log::{error, log_enabled, trace, Level};
 #[cfg(feature = "metrics")]
@@ -662,14 +662,28 @@ where
 impl Default for Client<HttpsConnector<HttpConnector<GaiResolver>>> {
     #[cfg_attr(feature = "trace", tracing::instrument)]
     fn default() -> Self {
-        Self::from(HttpsConnector::new())
+        Self::new(
+            HttpsConnectorBuilder::new()
+                .with_webpki_roots()
+                .https_or_http()
+                .enable_http1()
+                .build(),
+            None,
+        )
     }
 }
 
 impl From<Credentials> for Client<HttpsConnector<HttpConnector<GaiResolver>>> {
     #[cfg_attr(feature = "trace", tracing::instrument)]
     fn from(credentials: Credentials) -> Self {
-        Self::new(HttpsConnector::new(), Some(credentials))
+        Self::new(
+            HttpsConnectorBuilder::new()
+                .with_webpki_roots()
+                .https_or_http()
+                .enable_http1()
+                .build(),
+            Some(credentials),
+        )
     }
 }
 
diff --git a/src/client/proxy.rs b/src/client/proxy.rs
@@ -20,7 +20,7 @@ use hyper::{
     Uri,
 };
 use hyper_proxy::{Custom, Intercept, Proxy, ProxyConnector};
-use hyper_tls::HttpsConnector;
+use hyper_rustls::{HttpsConnector, HttpsConnectorBuilder};
 #[cfg(feature = "logging")]
 use log::{debug, info, log_enabled, trace, Level};
 use url::Url;
@@ -437,7 +437,13 @@ impl ProxyConnectorBuilder<HttpsConnector<HttpConnector<GaiResolver>>> {
             builder = builder.with_proxy(proxy);
         }
 
-        builder.build(HttpsConnector::new())
+        builder.build(
+            HttpsConnectorBuilder::new()
+                .with_webpki_roots()
+                .https_or_http()
+                .enable_http1()
+                .build(),
+        )
     }
 }
 
