File: 2007_rustls-native-certs-0.8.patch

package info (click to toggle)
rust-hyper-rustls-0.24 0.24.2-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 348 kB
  • sloc: sh: 47; makefile: 2
file content (85 lines) | stat: -rw-r--r-- 2,897 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
This patch is based on the upstream commit described below, adapted for use
in the Debian package by Peter Michael Green.

commit 139550b4919786fd0ae474bff1ad9c840edf6f55
Author: Dirkjan Ochtman <dirkjan@ochtman.nl>
Date:   Fri Aug 30 11:02:23 2024 +0200

    Upgrade to rustls-native-certs 0.8

Index: hyper-rustls-0.24/src/config.rs
===================================================================
--- hyper-rustls-0.24.orig/src/config.rs
+++ hyper-rustls-0.24/src/config.rs
@@ -1,5 +1,7 @@
 use rustls::client::WantsTransparencyPolicyOrClientCert;
 use rustls::{ClientConfig, ConfigBuilder, WantsVerifier};
+#[cfg(feature = "rustls-native-certs")]
+use rustls_native_certs::CertificateResult;
 
 /// Methods for configuring roots
 ///
@@ -28,8 +30,16 @@ impl ConfigBuilderExt for ConfigBuilder<
         let mut valid_count = 0;
         let mut invalid_count = 0;
 
-        for cert in rustls_native_certs::load_native_certs().expect("could not load platform certs")
-        {
+        let CertificateResult { certs, errors, .. } = rustls_native_certs::load_native_certs();
+        if !errors.is_empty() {
+            crate::log::warn!("native root CA certificate loading errors: {errors:?}");
+        }
+
+        if certs.is_empty() {
+            panic!("no native root CA certificates found (errors: {errors:?})");
+        }
+
+        for cert in certs {
             let cert = rustls::Certificate(cert.as_ref().to_owned());
             match roots.add(&cert) {
                 Ok(_) => valid_count += 1,
@@ -40,6 +50,7 @@ impl ConfigBuilderExt for ConfigBuilder<
                 }
             }
         }
+
         crate::log::debug!(
             "with_native_roots processed {} valid and {} invalid certs",
             valid_count,
Index: hyper-rustls-0.24/src/lib.rs
===================================================================
--- hyper-rustls-0.24.orig/src/lib.rs
+++ hyper-rustls-0.24/src/lib.rs
@@ -89,6 +89,8 @@ mod stream;
 #[cfg(feature = "logging")]
 mod log {
     pub(crate) use log::{debug, trace};
+    #[cfg(feature = "rustls-native-certs")]
+    pub(crate) use log::warn;
 }
 
 #[cfg(not(feature = "logging"))]
@@ -96,6 +98,10 @@ mod log {
     macro_rules! trace    ( ($($tt:tt)*) => {{}} );
     macro_rules! debug    ( ($($tt:tt)*) => {{}} );
     pub(crate) use {debug, trace};
+    #[cfg(feature = "rustls-native-certs")]
+    macro_rules! warn_    ( ($($tt:tt)*) => {{}} );
+    #[cfg(feature = "rustls-native-certs")]
+    pub(crate) use warn_ as warn;
 }
 
 #[cfg(feature = "acceptor")]
Index: hyper-rustls-0.24/Cargo.toml
===================================================================
--- hyper-rustls-0.24.orig/Cargo.toml
+++ hyper-rustls-0.24/Cargo.toml
@@ -65,7 +65,7 @@ version = "0.21.6"
 default-features = false
 
 [dependencies.rustls-native-certs]
-version = "0.7"
+version = "0.8"
 optional = true
 
 [dependencies.tokio]