From cb87cb0283fbe95ace2317b0617e7e74382bf4db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bartek=20Iwa=C5=84czuk?= <biwanczuk@gmail.com>
Date: Wed, 17 May 2023 02:19:23 +0200
Subject: fix: support "fetch" over HTTPS for IP addresses (#18499)

This commit adds support for connecting to IP addresses over HTTPS.

This is done by updating "rustls" to "0.21.0" and other related crates.

Closes https://github.com/denoland/deno/issues/7660
Closes https://github.com/denoland/deno/issues/17967

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
---
 ext/tls/lib.rs | 27 ++-------------------------
 1 file changed, 2 insertions(+), 25 deletions(-)

(limited to 'ext/tls/lib.rs')

diff --git a/ext/tls/lib.rs b/ext/tls/lib.rs
index 3034e2ae9..dded1b385 100644
--- a/ext/tls/lib.rs
+++ b/ext/tls/lib.rs
@@ -9,16 +9,14 @@ pub use webpki_roots;
 use deno_core::anyhow::anyhow;
 use deno_core::error::custom_error;
 use deno_core::error::AnyError;
-use deno_core::parking_lot::Mutex;
 
 use rustls::client::HandshakeSignatureValid;
 use rustls::client::ServerCertVerified;
 use rustls::client::ServerCertVerifier;
-use rustls::client::StoresClientSessions;
 use rustls::client::WebPkiVerifier;
-use rustls::internal::msgs::handshake::DigitallySignedStruct;
 use rustls::Certificate;
 use rustls::ClientConfig;
+use rustls::DigitallySignedStruct;
 use rustls::Error;
 use rustls::PrivateKey;
 use rustls::RootCertStore;
@@ -27,7 +25,6 @@ use rustls_pemfile::certs;
 use rustls_pemfile::pkcs8_private_keys;
 use rustls_pemfile::rsa_private_keys;
 use serde::Deserialize;
-use std::collections::HashMap;
 use std::io::BufRead;
 use std::io::BufReader;
 use std::io::Cursor;
@@ -145,26 +142,6 @@ pub struct BasicAuth {
   pub password: String,
 }
 
-#[derive(Default)]
-struct ClientSessionMemoryCache(Mutex<HashMap<Vec<u8>, Vec<u8>>>);
-
-impl StoresClientSessions for ClientSessionMemoryCache {
-  fn get(&self, key: &[u8]) -> Option<Vec<u8>> {
-    self.0.lock().get(key).cloned()
-  }
-
-  fn put(&self, key: Vec<u8>, value: Vec<u8>) -> bool {
-    let mut sessions = self.0.lock();
-    // TODO(bnoordhuis) Evict sessions LRU-style instead of arbitrarily.
-    while sessions.len() >= 1024 {
-      let key = sessions.keys().next().unwrap().clone();
-      sessions.remove(&key);
-    }
-    sessions.insert(key, value);
-    true
-  }
-}
-
 pub fn create_default_root_cert_store() -> RootCertStore {
   let mut root_cert_store = RootCertStore::empty();
   // TODO(@justinmchase): Consider also loading the system keychain here
@@ -293,7 +270,7 @@ fn filter_invalid_encoding_err(
   to_be_filtered: Result<HandshakeSignatureValid, Error>,
 ) -> Result<HandshakeSignatureValid, Error> {
   match to_be_filtered {
-    Err(Error::InvalidCertificateEncoding) => {
+    Err(Error::InvalidCertificate(rustls::CertificateError::BadEncoding)) => {
       Ok(HandshakeSignatureValid::assertion())
     }
     res => res,
-- 
cgit v1.2.3