Remove danger feature & the API it controls.
The singular purpose of this crate should be to integrate Tokio and Rustls. Therefore, any feature that isn't about making Rustls work nicely with Tokio should be assumed a priori to be out of scope. In particular, it is out of scope for tokio-rustls to provide APIs to control SNI behavior. Instead, the application should configure Rustls's SNI behavior using Rustls's configuration APIs, and pass the configuration to tokio-rustls. Similarly, it is out of scope for tokio-rustls to provide APIs to control the certificate validation behavior. Instead, the application should configure certificate validation using Rustls's APIs. Perhaps there should be a crate that makes it convenient to do "dangerous" certificate validation, but IMO that shouldn't be tokio-rustls, but a different one. FWIW, the `danger` API was inherited from tokio-tls, and I'm working on making an analogous change there.
This commit is contained in:
Brian Smith
parent
aefc023dd4
commit
eccf90a534
@ -14,9 +14,6 @@ categories = ["asynchronous", "cryptography", "network-programming"]
|
||||
travis-ci = { repository = "quininer/tokio-rustls" }
|
||||
appveyor = { repository = "quininer/tokio-rustls" }
|
||||
|
||||
[features]
|
||||
danger = [ "rustls/dangerous_configuration" ]
|
||||
|
||||
[dependencies]
|
||||
futures = "0.1"
|
||||
tokio-io = "0.1"
|
||||
|
||||
29
src/lib.rs
29
src/lib.rs
@ -22,11 +22,6 @@ pub trait ClientConfigExt {
|
||||
fn connect_async<S>(&self, domain: &str, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite;
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
fn danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication<S>(&self, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite;
|
||||
}
|
||||
|
||||
/// Extension trait for the `Arc<ServerConfig>` type in the `rustls` crate.
|
||||
@ -53,30 +48,6 @@ impl ClientConfigExt for Arc<ClientConfig> {
|
||||
{
|
||||
connect_async_with_session(stream, ClientSession::new(self, domain))
|
||||
}
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
fn danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication<S>(&self, stream: S)
|
||||
-> ConnectAsync<S>
|
||||
where S: AsyncRead + AsyncWrite
|
||||
{
|
||||
use rustls::{ ServerCertVerifier, RootCertStore, Certificate, ServerCertVerified, TLSError };
|
||||
|
||||
struct NoCertVerifier;
|
||||
impl ServerCertVerifier for NoCertVerifier {
|
||||
fn verify_server_cert(&self, _: &RootCertStore, _: &[Certificate], _: &str, _: &[u8])
|
||||
-> Result<ServerCertVerified, TLSError>
|
||||
{
|
||||
Ok(ServerCertVerified::assertion())
|
||||
}
|
||||
}
|
||||
|
||||
let mut client_config = ClientConfig::new();
|
||||
client_config.clone_from(self);
|
||||
client_config.dangerous()
|
||||
.set_certificate_verifier(Arc::new(NoCertVerifier));
|
||||
|
||||
Arc::new(client_config).connect_async("", stream)
|
||||
}
|
||||
}
|
||||
|
||||
#[inline]
|
||||
|
||||
@ -60,7 +60,7 @@ fn start_server(cert: Vec<Certificate>, rsa: PrivateKey) -> SocketAddr {
|
||||
recv.recv().unwrap()
|
||||
}
|
||||
|
||||
fn start_client(addr: &SocketAddr, domain: Option<&str>, chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
|
||||
fn start_client(addr: &SocketAddr, domain: &str, chain: Option<BufReader<Cursor<&str>>>) -> io::Result<()> {
|
||||
let mut config = ClientConfig::new();
|
||||
if let Some(mut chain) = chain {
|
||||
config.root_store.add_pem_file(&mut chain).unwrap();
|
||||
@ -72,17 +72,7 @@ fn start_client(addr: &SocketAddr, domain: Option<&str>, chain: Option<BufReader
|
||||
|
||||
#[allow(unreachable_code, unused_variables)]
|
||||
let done = TcpStream::connect(addr, &handle)
|
||||
.and_then(|stream| if let Some(domain) = domain {
|
||||
config.connect_async(domain, stream)
|
||||
} else {
|
||||
#[cfg(feature = "danger")]
|
||||
let c = config.danger_connect_async_without_providing_domain_for_certificate_verification_and_server_name_indication(stream);
|
||||
|
||||
#[cfg(not(feature = "danger"))]
|
||||
let c = panic!();
|
||||
|
||||
c
|
||||
})
|
||||
.and_then(|stream| config.connect_async(domain, stream))
|
||||
.and_then(|stream| aio::write_all(stream, HELLO_WORLD))
|
||||
.and_then(|(stream, _)| aio::read_exact(stream, vec![0; HELLO_WORLD.len()]))
|
||||
.and_then(|(_, buf)| {
|
||||
@ -102,10 +92,7 @@ fn main() {
|
||||
|
||||
let addr = start_server(cert, keys.pop().unwrap());
|
||||
|
||||
start_client(&addr, Some("localhost"), Some(chain)).unwrap();
|
||||
|
||||
#[cfg(feature = "danger")]
|
||||
start_client(&addr, None, None).unwrap();
|
||||
start_client(&addr, "localhost", Some(chain)).unwrap();
|
||||
}
|
||||
|
||||
#[should_panic]
|
||||
@ -117,5 +104,5 @@ fn fail() {
|
||||
|
||||
let addr = start_server(cert, keys.pop().unwrap());
|
||||
|
||||
start_client(&addr, Some("google.com"), Some(chain)).unwrap();
|
||||
start_client(&addr, "google.com", Some(chain)).unwrap();
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user