Merge pull request #15 from briansmith/remove-danger
Remove `danger` feature & the API it controls.
This commit is contained in:
commit
6a8c6431a3
@ -14,9 +14,6 @@ categories = ["asynchronous", "cryptography", "network-programming"]
|
||||
travis-ci = { repository = "quininer/tokio-rustls" }
|
||||
appveyor = { repository = "quininer/tokio-rustls" }
|
||||
|
||||
[features]
|
||||
danger = [ "rustls/dangerous_configuration" ]
|
||||
|
||||
[dependencies]
|
||||
futures = "0.1.15"
|
||||
tokio-io = "0.1.3"
|
||||
|
29
src/lib.rs
29
src/lib.rs
@ -22,11 +22,6 @@ pub trait ClientConfigExt {
|
||||
fn connect_async<S>(&self, domain: &str, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite;
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
fn danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication<S>(&self, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite;
|
||||
}
|
||||
|
||||
/// Extension trait for the `Arc<ServerConfig>` type in the `rustls` crate.
|
||||
@ -53,30 +48,6 @@ impl ClientConfigExt for Arc<ClientConfig> {
|
||||
{
|
||||
connect_async_with_session(stream, ClientSession::new(self, domain))
|
||||
}
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
fn danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication<S>(&self, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite
|
||||
{
|
||||
use rustls::{ ServerCertVerifier, RootCertStore, Certificate, ServerCertVerified, TLSError };
|
||||
|
||||
struct NoCertVerifier;
|
||||
impl ServerCertVerifier for NoCertVerifier {
|
||||
fn verify_server_cert(&self, _: &RootCertStore, _: &[Certificate], _: &str, _: &[u8])
|
||||
-> Result<ServerCertVerified, TLSError>
|
||||
{
|
||||
Ok(ServerCertVerified::assertion())
|
||||
}
|
||||
}
|
||||
|
||||
let mut client_config = ClientConfig::new();
|
||||
client_config.clone_from(self);
|
||||
client_config.dangerous()
|
||||
.set_certificate_verifier(Arc::new(NoCertVerifier));
|
||||
|
||||
Arc::new(client_config).connect_async("", stream)
|
||||
}
|
||||
}
|
||||
|
||||
#[inline]
|
||||
|
@ -60,7 +60,7 @@ fn start_server(cert: Vec<Certificate>, rsa: PrivateKey) -> SocketAddr {
|
||||
recv.recv().unwrap()
|
||||
}
|
||||
|
||||
fn start_client(addr: &SocketAddr, domain: Option<&str>, chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
|
||||
fn start_client(addr: &SocketAddr, domain: &str, chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
|
||||
let mut config = ClientConfig::new();
|
||||
if let Some(mut chain) = chain {
|
||||
config.root_store.add_pem_file(&mut chain).unwrap();
|
||||
@ -72,17 +72,7 @@ fn start_client(addr: &SocketAddr, domain: Option<&str>, chain: Option<BufReader
|
||||
|
||||
#[allow(unreachable_code, unused_variables)]
|
||||
let done = TcpStream::connect(addr, &handle)
|
||||
.and_then(|stream| if let Some(domain) = domain {
|
||||
config.connect_async(domain, stream)
|
||||
} else {
|
||||
#[cfg(feature = "danger")]
|
||||
let c = config.danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication(stream);
|
||||
|
||||
#[cfg(not(feature = "danger"))]
|
||||
let c = panic!();
|
||||
|
||||
c
|
||||
})
|
||||
.and_then(|stream| config.connect_async(domain, stream))
|
||||
.and_then(|stream| aio::write_all(stream, HELLO_WORLD))
|
||||
.and_then(|(stream, _)| aio::read_exact(stream, vec![0; HELLO_WORLD.len()]))
|
||||
.and_then(|(_, buf)| {
|
||||
@ -102,10 +92,7 @@ fn main() {
|
||||
|
||||
let addr = start_server(cert, keys.pop().unwrap());
|
||||
|
||||
start_client(&addr, Some("localhost"), Some(chain)).unwrap();
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
start_client(&addr, None, None).unwrap();
|
||||
start_client(&addr, "localhost", Some(chain)).unwrap();
|
||||
}
|
||||
|
||||
#[should_panic]
|
||||
@ -117,5 +104,5 @@ fn fail() {
|
||||
|
||||
let addr = start_server(cert, keys.pop().unwrap());
|
||||
|
||||
start_client(&addr, Some("google.com"), Some(chain)).unwrap();
|
||||
start_client(&addr, "google.com", Some(chain)).unwrap();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user