CoCalc -- rustls.rs

GitHub Repository: bytecodealliance/wasmtime
Path: blob/main/crates/wasi-tls/src/rustls.rs
¹⁶⁹¹ views
1
//! The `rustls` provider.
2

3
use rustls::pki_types::ServerName;
4
use std::io;
5
use std::sync::{Arc, LazyLock};
6

7
use crate::{BoxFuture, TlsProvider, TlsStream, TlsTransport};
8

9
impl crate::TlsStream for tokio_rustls::client::TlsStream<Box<dyn TlsTransport>> {}
10

11
/// The `rustls` provider.
12
pub struct RustlsProvider {
13
    client_config: Arc<rustls::ClientConfig>,
14
}
15

16
impl TlsProvider for RustlsProvider {
17
    fn connect(
18
        &self,
19
        server_name: String,
20
        transport: Box<dyn TlsTransport>,
21
    ) -> BoxFuture<io::Result<Box<dyn TlsStream>>> {
22
        let client_config = Arc::clone(&self.client_config);
23
        Box::pin(async move {
24
            let domain = ServerName::try_from(server_name)
25
                .map_err(|_| io::Error::other("invalid server name"))?;
26

27
            let stream = tokio_rustls::TlsConnector::from(client_config)
28
                .connect(domain, transport)
29
                .await?;
30
            Ok(Box::new(stream) as Box<dyn TlsStream>)
31
        })
32
    }
33
}
34

35
impl Default for RustlsProvider {
36
    fn default() -> Self {
37
        static CONFIG: LazyLock<Arc<rustls::ClientConfig>> = LazyLock::new(|| {
38
            let roots = rustls::RootCertStore {
39
                roots: webpki_roots::TLS_SERVER_ROOTS.into(),
40
            };
41
            let config = rustls::ClientConfig::builder()
42
                .with_root_certificates(roots)
43
                .with_no_client_auth();
44
            Arc::new(config)
45
        });
46

47
        Self {
48
            client_config: Arc::clone(&CONFIG),
49
        }
50
    }
51
}
52

53
Product

Resources

Company
