diff options
| author | Bartek IwaĆczuk <biwanczuk@gmail.com> | 2024-07-02 01:09:47 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-02 02:09:47 +0200 |
| commit | 8db420d552bc1d480a21748d73b566b623a266c1 (patch) | |
| tree | 4634447ec235f3d4f743a233c500425409236097 /ext/net | |
| parent | 9c1f741112f87ba97125e19efb3abf918205ad23 (diff) | |
chore: upgrade to reqwest 0.12.4 and rustls 0.22 (#24388)
Reland of https://github.com/denoland/deno/pull/24056 that doesn't
suffer from the problem that was discovered in
https://github.com/denoland/deno/pull/24261.
It uses upgraded `hyper` and `hyper-util` that fixed the previous
problem in https://github.com/hyperium/hyper/pull/3691.
Diffstat (limited to 'ext/net')
| -rw-r--r-- | ext/net/ops_tls.rs | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs index adfa8224c..a2a27c4ad 100644 --- a/ext/net/ops_tls.rs +++ b/ext/net/ops_tls.rs @@ -31,11 +31,11 @@ use deno_tls::create_client_config; use deno_tls::load_certs; use deno_tls::load_private_keys; use deno_tls::new_resolver; -use deno_tls::rustls::Certificate; +use deno_tls::rustls::pki_types::ServerName; use deno_tls::rustls::ClientConnection; -use deno_tls::rustls::PrivateKey; use deno_tls::rustls::ServerConfig; -use deno_tls::rustls::ServerName; +use deno_tls::webpki::types::CertificateDer; +use deno_tls::webpki::types::PrivateKeyDer; use deno_tls::ServerConfigProvider; use deno_tls::SocketUse; use deno_tls::TlsKey; @@ -48,7 +48,6 @@ use serde::Deserialize; use std::borrow::Cow; use std::cell::RefCell; use std::convert::From; -use std::convert::TryFrom; use std::fs::File; use std::io::BufReader; use std::io::ErrorKind; @@ -294,14 +293,14 @@ where { let rid = args.rid; let hostname = match &*args.hostname { - "" => "localhost", - n => n, + "" => "localhost".to_string(), + n => n.to_string(), }; { let mut s = state.borrow_mut(); let permissions = s.borrow_mut::<NP>(); - permissions.check_net(&(hostname, Some(0)), "Deno.startTls()")?; + permissions.check_net(&(&hostname, Some(0)), "Deno.startTls()")?; } let ca_certs = args @@ -310,8 +309,8 @@ where .map(|s| s.into_bytes()) .collect::<Vec<_>>(); - let hostname_dns = - ServerName::try_from(hostname).map_err(|_| invalid_hostname(hostname))?; + let hostname_dns = ServerName::try_from(hostname.to_string()) + .map_err(|_| invalid_hostname(&hostname))?; let unsafely_ignore_certificate_errors = state .borrow() @@ -412,9 +411,9 @@ where .borrow::<DefaultTlsOptions>() .root_cert_store()?; let hostname_dns = if let Some(server_name) = args.server_name { - ServerName::try_from(server_name.as_str()) + ServerName::try_from(server_name) } else { - ServerName::try_from(&*addr.hostname) + ServerName::try_from(addr.hostname.clone()) } .map_err(|_| invalid_hostname(&addr.hostname))?; let connect_addr = resolve_addr(&addr.hostname, addr.port) @@ -456,7 +455,9 @@ where Ok((rid, IpAddr::from(local_addr), IpAddr::from(remote_addr))) } -fn load_certs_from_file(path: &str) -> Result<Vec<Certificate>, AnyError> { +fn load_certs_from_file( + path: &str, +) -> Result<Vec<CertificateDer<'static>>, AnyError> { let cert_file = File::open(path)?; let reader = &mut BufReader::new(cert_file); load_certs(reader) @@ -464,7 +465,7 @@ fn load_certs_from_file(path: &str) -> Result<Vec<Certificate>, AnyError> { fn load_private_keys_from_file( path: &str, -) -> Result<Vec<PrivateKey>, AnyError> { +) -> Result<Vec<PrivateKeyDer<'static>>, AnyError> { let key_bytes = std::fs::read(path)?; load_private_keys(&key_bytes) } @@ -513,7 +514,6 @@ where TlsKeys::Null => Err(anyhow!("Deno.listenTls requires a key")), TlsKeys::Static(TlsKey(cert, key)) => { let mut tls_config = ServerConfig::builder() - .with_safe_defaults() .with_no_client_auth() .with_single_cert(cert, key) .map_err(|e| anyhow!(e))?; |