Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop automatically pulling in aws-lc as a dependency #46

Merged
merged 2 commits into from
Oct 6, 2024
+35 −16
Merged

Stop automatically pulling in aws-lc as a dependency #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
66ab640
Stop automatically pulling in aws-lc as a dependency
OverShifted Oct 3, 2024
b70d263
Add the rustls-core feature flag to provide backwards compatibility
OverShifted Oct 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 16 additions & 3 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,11 @@ license = "Apache-2.0"

[features]
default = ["tokio-net"]
rustls = ["tokio-rustls"]
rustls-core = ["tokio-rustls"]
rustls-aws-lc = ["rustls-core", "tokio-rustls/aws-lc-rs"]
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All these features aren't strictly necessary.

The user could potentially enable these features on the tokio-rustls dependency directly.

All this create actually needs to depend on is the core tokio-rustls api.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, you are right. But consider the fact that tokio-rustls which is also an "intermediate" crate between us and the actual rustls crate has similar feature flags which do nothing but pass themselves to rustls. (I've checked it's source code and they actually do nothing else)

rustls-fips = ["rustls-aws-lc", "tokio-rustls/fips"]
rustls-ring = ["rustls-core", "tokio-rustls/ring"]
rustls = ["rustls-aws-lc", "tokio-rustls/default"]
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should probably also include "tokio-rustls/tls12" and "tokio-rustls/logging" since those are included in the default features.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But aren't we including the tokio-rustls/default feature already? It should pull them in.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, yeah you're right

native-tls = ["tokio-native-tls"]
openssl = ["tokio-openssl", "openssl_impl"]
rt = ["tokio/rt"]
Expand All @@ -22,7 +26,7 @@ pin-project-lite = "0.2.13"
thiserror = "1.0.30"
tokio = { version = "1.0", features = ["time"] }
tokio-native-tls = { version = "0.3.0", optional = true }
tokio-rustls = { version = ">=0.25.0,<0.27", optional = true }
tokio-rustls = { version = ">=0.25.0,<0.27", default-features = false, optional = true }
tokio-openssl = { version = "0.6.3", optional = true }
openssl_impl = { package = "openssl", version = "0.10.32", optional = true }

Expand Down Expand Up @@ -60,5 +64,14 @@ name = "http-change-certificate"
path = "examples/http-change-certificate.rs"

[package.metadata.docs.rs]
features = ["rustls", "native-tls", "openssl", "rt"]
features = [
"rustls-core",
"rustls",
"rustls-aws-lc",
"rustls-fips",
"rustls-ring",
"native-tls",
"openssl",
"rt"
]
rustdoc-args = ["--cfg", "docsrs"]
10 changes: 8 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,11 @@ It can be used to easily create a `Stream` of TLS connections from a listening s

See examples for examples of usage.

You must enable either one of the `rustls`, `native-tls`, or `openssl` features depending on which implementation you
would like to use.
You must enable either one of the `rustls` (more details below), `native-tls`, or `openssl`
features depending on which implementation you would like to use.

When enabling the `rustls` feature, the `rustls` crate will be added as a dependency along
with it's default [cryptography provider](https://docs.rs/rustls/latest/rustls/#cryptography-providers).
To avoid this behaviour and use other cryptography providers, the `rustls-core` feature can be used instead.
Additional feature flags for other [rustls built-in cryptography providers](https://docs.rs/rustls/latest/rustls/#built-in-providers) are also available:
`rustls-aws-lc` (default), `rustls-fips` and `rustls-ring`
4 changes: 2 additions & 2 deletions examples/echo-threads.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ use tls_listener::{SpawningHandshakes, TlsListener};
use tokio::io::{copy, split};
use tokio::net::{TcpListener, TcpStream};
use tokio::signal::ctrl_c;
#[cfg(all(feature = "native-tls", not(feature = "rustls")))]
#[cfg(all(feature = "native-tls", not(feature = "rustls-core")))]
use tokio_native_tls::TlsStream;
#[cfg(feature = "rustls")]
#[cfg(feature = "rustls-core")]
use tokio_rustls::server::TlsStream;

mod tls_config;
Expand Down
6 changes: 3 additions & 3 deletions examples/echo.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,15 @@ use tokio::signal::ctrl_c;

#[cfg(all(
feature = "native-tls",
not(any(feature = "rustls", feature = "openssl"))
not(any(feature = "rustls-core", feature = "openssl"))
))]
use tokio_native_tls::TlsStream;
#[cfg(all(
feature = "openssl",
not(any(feature = "rustls", feature = "native-tls"))
not(any(feature = "rustls-core", feature = "native-tls"))
))]
use tokio_openssl::SslStream as TlsStream;
#[cfg(feature = "rustls")]
#[cfg(feature = "rustls-core")]
use tokio_rustls::server::TlsStream;

mod tls_config;
Expand Down
6 changes: 3 additions & 3 deletions examples/tls_config/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#[cfg(feature = "rustls")]
#[cfg(feature = "rustls-core")]
mod config {
use std::sync::Arc;
use tokio_rustls::rustls::{
Expand Down Expand Up @@ -39,7 +39,7 @@ mod config {

#[cfg(all(
feature = "native-tls",
not(any(feature = "rustls", feature = "openssl"))
not(any(feature = "rustls-core", feature = "openssl"))
))]
mod config {
use tokio_native_tls::native_tls::{Identity, TlsAcceptor};
Expand All @@ -65,7 +65,7 @@ mod config {

#[cfg(all(
feature = "openssl",
not(any(feature = "rustls", feature = "native-tls"))
not(any(feature = "rustls-core", feature = "native-tls"))
))]
mod config {
use openssl_impl::ssl::{SslContext, SslFiletype, SslMethod};
Expand Down
6 changes: 3 additions & 3 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ use tokio::time::{timeout, Timeout};
pub use tokio_native_tls as native_tls;
#[cfg(feature = "openssl")]
pub use tokio_openssl as openssl;
#[cfg(feature = "rustls")]
#[cfg(feature = "rustls-core")]
pub use tokio_rustls as rustls;

#[cfg(feature = "rt")]
Expand Down Expand Up @@ -270,8 +270,8 @@ where
}
}

#[cfg(feature = "rustls")]
#[cfg_attr(docsrs, doc(cfg(feature = "rustls")))]
#[cfg(feature = "rustls-core")]
#[cfg_attr(docsrs, doc(cfg(feature = "rustls-core")))]
impl<C: AsyncRead + AsyncWrite + Unpin> AsyncTls<C> for tokio_rustls::TlsAcceptor {
type Stream = tokio_rustls::server::TlsStream<C>;
type Error = std::io::Error;
Expand Down