From 51ed8da9cbfc4ad7a4a790ffaa2a28e3c3dcec48 Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Sun, 3 Sep 2017 12:58:55 -1000
Subject: [PATCH] Update to in-progress Rustls, webpki, and webpki-roots.

Use the new, less error-prone, API in Rustls.
---
 Cargo.toml         |  5 +++--
 examples/client.rs |  3 +++
 examples/server.rs |  4 ++--
 src/lib.rs         |  5 +++--
 src/proto.rs       | 15 ++++++++-------
 tests/test.rs      |  8 +++++---
 6 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 6e8ec9f..cc6a0c8 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -17,13 +17,14 @@ appveyor = { repository = "quininer/tokio-rustls" }
 [dependencies]
 futures = "0.1.15"
 tokio-io = "0.1.3"
-rustls = "0.11"
+rustls = { git = "https://github.com/ctz/rustls" }
 tokio-proto = { version = "0.1.1", optional = true }
+webpki = { git = "https://github.com/briansmith/webpki" }
 
 [dev-dependencies]
 tokio-core = "0.1.9"
 clap = "2.26"
-webpki-roots = "0.13"
+webpki-roots = { git = "https://github.com/briansmith/webpki-roots", branch = "webpki-github" }
 
 [target.'cfg(unix)'.dev-dependencies]
 tokio-file-unix = "0.4"
diff --git a/examples/client.rs b/examples/client.rs
index 4a737f6..418a6a4 100644
--- a/examples/client.rs
+++ b/examples/client.rs
@@ -3,6 +3,7 @@ extern crate rustls;
 extern crate futures;
 extern crate tokio_io;
 extern crate tokio_core;
+extern crate webpki;
 extern crate webpki_roots;
 extern crate tokio_rustls;
 
@@ -68,6 +69,8 @@ fn main() {
     }
     let arc_config = Arc::new(config);
 
+    let domain = webpki::DNSNameRef::try_from_ascii_str(domain).unwrap();
+
     let socket = TcpStream::connect(&addr, &handle);
 
     // Use async non-blocking I/O for stdin/stdout on Unixy platforms.
diff --git a/examples/server.rs b/examples/server.rs
index 89a049f..9d407b9 100644
--- a/examples/server.rs
+++ b/examples/server.rs
@@ -11,7 +11,7 @@ use std::net::ToSocketAddrs;
 use std::io::BufReader;
 use std::fs::File;
 use futures::{ Future, Stream };
-use rustls::{ Certificate, PrivateKey, ServerConfig };
+use rustls::{ Certificate, NoClientAuth, PrivateKey, ServerConfig };
 use rustls::internal::pemfile::{ certs, rsa_private_keys };
 use tokio_io::{ io, AsyncRead };
 use tokio_core::net::TcpListener;
@@ -51,7 +51,7 @@ fn main() {
     let mut core = Core::new().unwrap();
     let handle = core.handle();
 
-    let mut config = ServerConfig::new();
+    let mut config = ServerConfig::new(NoClientAuth::new());
     config.set_single_cert(load_certs(cert_file), load_keys(key_file).remove(0));
     let arc_config = Arc::new(config);
 
diff --git a/src/lib.rs b/src/lib.rs
index 12cdf53..8ec6017 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -4,6 +4,7 @@
 #[cfg_attr(feature = "tokio-proto", macro_use)] extern crate futures;
 #[macro_use] extern crate tokio_io;
 extern crate rustls;
+extern crate webpki;
 
 pub mod proto;
 
@@ -19,7 +20,7 @@ use rustls::{
 
 /// Extension trait for the `Arc<ClientConfig>` type in the `rustls` crate.
 pub trait ClientConfigExt {
-    fn connect_async<S>(&self, domain: &str, stream: S)
+    fn connect_async<S>(&self, domain: webpki::DNSNameRef, stream: S)
         -> ConnectAsync<S>
         where S: AsyncRead + AsyncWrite;
 }
@@ -42,7 +43,7 @@ pub struct AcceptAsync<S>(MidHandshake<S, ServerSession>);
 
 
 impl ClientConfigExt for Arc<ClientConfig> {
-    fn connect_async<S>(&self, domain: &str, stream: S)
+    fn connect_async<S>(&self, domain: webpki::DNSNameRef, stream: S)
         -> ConnectAsync<S>
         where S: AsyncRead + AsyncWrite
     {
diff --git a/src/proto.rs b/src/proto.rs
index 688bb19..7c659e4 100644
--- a/src/proto.rs
+++ b/src/proto.rs
@@ -19,6 +19,7 @@ use rustls::{ ServerConfig, ClientConfig, ServerSession, ClientSession };
 use self::tokio_proto::multiplex;
 use self::tokio_proto::pipeline;
 use self::tokio_proto::streaming;
+use webpki;
 
 use { TlsStream, ServerConfigExt, ClientConfigExt, AcceptAsync, ConnectAsync };
 
@@ -292,7 +293,7 @@ impl<T, I> Future for ServerStreamingMultiplexBind<T, I>
 pub struct Client<T> {
     inner: Arc<T>,
     connector: Arc<ClientConfig>,
-    hostname: String,
+    hostname: webpki::DNSName,
 }
 
 impl<T> Client<T> {
@@ -303,11 +304,11 @@ impl<T> Client<T> {
     /// will go through the negotiated TLS stream through the `protocol` specified.
     pub fn new(protocol: T,
                connector: Arc<ClientConfig>,
-               hostname: &str) -> Client<T> {
+               hostname: webpki::DNSName) -> Client<T> {
         Client {
             inner: Arc::new(protocol),
             connector: connector,
-            hostname: hostname.to_string(),
+            hostname: hostname,
         }
     }
 }
@@ -339,7 +340,7 @@ impl<T, I> pipeline::ClientProto<I> for Client<T>
 
     fn bind_transport(&self, io: I) -> Self::BindTransport {
         let proto = self.inner.clone();
-        let io = self.connector.connect_async(&self.hostname, io);
+        let io = self.connector.connect_async(self.hostname.as_ref(), io);
 
         ClientPipelineBind {
             state: ClientPipelineState::First(io, proto),
@@ -397,7 +398,7 @@ impl<T, I> multiplex::ClientProto<I> for Client<T>
 
     fn bind_transport(&self, io: I) -> Self::BindTransport {
         let proto = self.inner.clone();
-        let io = self.connector.connect_async(&self.hostname, io);
+        let io = self.connector.connect_async(self.hostname.as_ref(), io);
 
         ClientMultiplexBind {
             state: ClientMultiplexState::First(io, proto),
@@ -458,7 +459,7 @@ impl<T, I> streaming::pipeline::ClientProto<I> for Client<T>
 
     fn bind_transport(&self, io: I) -> Self::BindTransport {
         let proto = self.inner.clone();
-        let io = self.connector.connect_async(&self.hostname, io);
+        let io = self.connector.connect_async(self.hostname.as_ref(), io);
 
         ClientStreamingPipelineBind {
             state: ClientStreamingPipelineState::First(io, proto),
@@ -519,7 +520,7 @@ impl<T, I> streaming::multiplex::ClientProto<I> for Client<T>
 
     fn bind_transport(&self, io: I) -> Self::BindTransport {
         let proto = self.inner.clone();
-        let io = self.connector.connect_async(&self.hostname, io);
+        let io = self.connector.connect_async(self.hostname.as_ref(), io);
 
         ClientStreamingMultiplexBind {
             state: ClientStreamingMultiplexState::First(io, proto),
diff --git a/tests/test.rs b/tests/test.rs
index 86c715e..e66e2aa 100644
--- a/tests/test.rs
+++ b/tests/test.rs
@@ -3,6 +3,7 @@ extern crate futures;
 extern crate tokio_core;
 extern crate tokio_io;
 extern crate tokio_rustls;
+extern crate webpki;
 
 use std::{ io, thread };
 use std::io::{ BufReader, Cursor };
@@ -24,7 +25,7 @@ const HELLO_WORLD: &[u8] = b"Hello world!";
 
 
 fn start_server(cert: Vec<Certificate>, rsa: PrivateKey) -> SocketAddr {
-    let mut config = ServerConfig::new();
+    let mut config = ServerConfig::new(rustls::NoClientAuth::new());
     config.set_single_cert(cert, rsa);
     let config = Arc::new(config);
 
@@ -60,7 +61,9 @@ fn start_server(cert: Vec<Certificate>, rsa: PrivateKey) -> SocketAddr {
     recv.recv().unwrap()
 }
 
-fn start_client(addr: &SocketAddr, domain: &str, chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
+fn start_client(addr: &SocketAddr, domain: &str,
+                chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
+    let domain = webpki::DNSNameRef::try_from_ascii_str(domain).unwrap();
     let mut config = ClientConfig::new();
     if let Some(mut chain) = chain {
         config.root_store.add_pem_file(&mut chain).unwrap();
@@ -91,7 +94,6 @@ fn main() {
     let chain = BufReader::new(Cursor::new(CHAIN));
 
     let addr = start_server(cert, keys.pop().unwrap());
-
     start_client(&addr, "localhost", Some(chain)).unwrap();
 }