Install crypto provider for TLS (#4178)

ordinals · Jan 13, 2025 · ac75074 · ac75074
1 parent 9bc54f8
commit ac75074
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 3 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -25,7 +25,7 @@ edition = "2021"
 homepage = "https://github.com/ordinals/ord"
 license = "CC0-1.0"
 repository = "https://github.com/ordinals/ord"
-rust-version = "1.79.0"
+rust-version = "1.80.0"
 
 [workspace.dependencies]
 base64 = "0.22.0"
@@ -81,7 +81,7 @@ regex.workspace = true
 reqwest.workspace = true
 rss = "2.0.1"
 rust-embed = "8.0.0"
-rustls = "0.23.20"
+rustls = { version  = "0.23.20", features = ["ring"] }
 rustls-acme = { version = "0.12.1", features = ["axum"] }
 serde-hex = "0.1.0"
 serde.workspace = true

diff --git a/src/lib.rs b/src/lib.rs
@@ -80,7 +80,7 @@ use {
     str::FromStr,
     sync::{
       atomic::{self, AtomicBool},
-      Arc, Mutex,
+      Arc, LazyLock, Mutex,
     },
     thread,
     time::{Duration, Instant, SystemTime},

diff --git a/src/subcommand/server.rs b/src/subcommand/server.rs
@@ -471,6 +471,12 @@ impl Server {
   }
 
   fn acceptor(&self, settings: &Settings) -> Result<AxumAcceptor> {
+    static RUSTLS_PROVIDER_INSTALLED: LazyLock<bool> = LazyLock::new(|| {
+      rustls::crypto::ring::default_provider()
+        .install_default()
+        .is_ok()
+    });
+
     let config = AcmeConfig::new(self.acme_domains()?)
       .contact(&self.acme_contact)
       .cache_option(Some(DirCache::new(Self::acme_cache(
@@ -485,6 +491,11 @@ impl Server {
 
     let mut state = config.state();
 
+    ensure! {
+      *RUSTLS_PROVIDER_INSTALLED,
+      "failed to install rustls ring crypto provider",
+    }
+
     let mut server_config = rustls::ServerConfig::builder()
       .with_no_client_auth()
       .with_cert_resolver(state.resolver());