From ca4702a7f9b1d933e1941becb0075dc2665edf57 Mon Sep 17 00:00:00 2001
From: valued mammal <valuedmammal@protonmail.com>
Date: Sun, 13 Jul 2025 22:53:22 -0400
Subject: [PATCH] raw_client: Use rustls crypto provider based on features

Potential solution to #171 that uses the default crypto provider
based on the enabled features, but does not call `install_default`.
---
 src/raw_client.rs | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/raw_client.rs b/src/raw_client.rs
index 45af548..fdbd892 100644
--- a/src/raw_client.rs
+++ b/src/raw_client.rs
@@ -406,7 +406,15 @@ impl RawClient<ElectrumSslStream> {
     ) -> Result<Self, Error> {
         use std::convert::TryFrom;
 
-        let builder = ClientConfig::builder();
+        #[cfg(feature = "use-rustls")]
+        use rustls::crypto::aws_lc_rs as crypto_provider;
+        #[cfg(feature = "use-rustls-ring")]
+        use rustls::crypto::ring as crypto_provider;
+
+        let builder =
+            ClientConfig::builder_with_provider(Arc::new(crypto_provider::default_provider()))
+                .with_safe_default_protocol_versions()
+                .map_err(Error::CouldNotCreateConnection)?;
 
         let config = if validate_domain {
             socket_addr.domain().ok_or(Error::MissingDomain)?;
@@ -426,10 +434,7 @@ impl RawClient<ElectrumSslStream> {
             builder
                 .dangerous()
                 .with_custom_certificate_verifier(std::sync::Arc::new(
-                    #[cfg(feature = "use-rustls")]
-                    danger::NoCertificateVerification::new(rustls::crypto::aws_lc_rs::default_provider()),
-                    #[cfg(feature = "use-rustls-ring")]
-                    danger::NoCertificateVerification::new(rustls::crypto::ring::default_provider()),
+                    danger::NoCertificateVerification::new(crypto_provider::default_provider()),
                 ))
                 .with_no_client_auth()
         };