Package: rust-hyper-rustls

Package: rust-hyper-rustls / 0.27.6-1

2001_rustls-native-certs.patch
Description: use older branch of crate rustls-native-certs
Author: Blair Noctis <ncts@debian.org>
Forwarded: not-needed
Last-Update: 2025-03-21
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -26,7 +26,7 @@
 hyper-util = { version = "0.1", default-features = false, features = ["client-legacy", "tokio"] }
 log = { version = "0.4.4", optional = true }
 pki-types = { package = "rustls-pki-types", version = "1" }
-rustls-native-certs = { version = "0.8", optional = true }
+rustls-native-certs = { version = "0.6", optional = true }
 rustls-platform-verifier = { version = "0.5", optional = true }
 rustls = { version = "0.23", default-features = false }
 tokio = "1.0"
--- a/src/config.rs
+++ b/src/config.rs
@@ -10,8 +10,8 @@
 ))]
 use rustls::client::WantsClientCert;
 use rustls::{ClientConfig, ConfigBuilder, WantsVerifier};
-#[cfg(feature = "rustls-native-certs")]
-use rustls_native_certs::CertificateResult;
+//#[cfg(feature = "rustls-native-certs")]
+//use rustls_native_certs::CertificateResult;
 
 /// Methods for configuring roots
 ///
@@ -57,20 +57,21 @@
         let mut valid_count = 0;
         let mut invalid_count = 0;
 
-        let CertificateResult { certs, errors, .. } = rustls_native_certs::load_native_certs();
-        if !errors.is_empty() {
+        let result = rustls_native_certs::load_native_certs();
+        if let Err(ref errors) = result {
             crate::log::warn!("native root CA certificate loading errors: {errors:?}");
         }
+        let certs = result.unwrap_or_default();
 
         if certs.is_empty() {
             return Err(io::Error::new(
                 io::ErrorKind::NotFound,
-                format!("no native root CA certificates found (errors: {errors:?})"),
+                format!("no native root CA certificates found")
             ));
         }
 
         for cert in certs {
-            match roots.add(cert) {
+            match roots.add(pki_types::CertificateDer::from_slice(&cert.0)) {
                 Ok(_) => valid_count += 1,
                 Err(err) => {
                     crate::log::debug!("certificate parsing failed: {:?}", err);