From 5a3fcdb1738c8cdf2edffcf235221339f12e97b5 Mon Sep 17 00:00:00 2001 From: link2xt Date: Mon, 2 Mar 2026 06:37:23 +0000 Subject: [PATCH 1/2] refactor: use re-exported rustls::pki_types --- Cargo.lock | 1 - Cargo.toml | 1 - src/net/tls.rs | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 536a1c875e..0d73adc05c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1358,7 +1358,6 @@ dependencies = [ "ratelimit", "regex", "rusqlite", - "rustls-pki-types", "sanitize-filename", "sdp", "serde", diff --git a/Cargo.toml b/Cargo.toml index ed623fc51e..2b1f8b1590 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -86,7 +86,6 @@ rand-old = { package = "rand", version = "0.8" } rand = { workspace = true } regex = { workspace = true } rusqlite = { workspace = true, features = ["sqlcipher"] } -rustls-pki-types = "1.12.0" sanitize-filename = { workspace = true } sdp = "0.10.0" serde_json = { workspace = true } diff --git a/src/net/tls.rs b/src/net/tls.rs index d339f3b2ba..452cd93367 100644 --- a/src/net/tls.rs +++ b/src/net/tls.rs @@ -124,7 +124,7 @@ pub async fn wrap_rustls<'a>( config.enable_sni = use_sni; let tls = tokio_rustls::TlsConnector::from(Arc::new(config)); - let name = rustls_pki_types::ServerName::try_from(hostname)?.to_owned(); + let name = tokio_rustls::rustls::pki_types::ServerName::try_from(hostname)?.to_owned(); let tls_stream = tls.connect(name, stream).await?; Ok(tls_stream) } From 9e5e9d906efec0503cc675b6af5258d96b1f7a2a Mon Sep 17 00:00:00 2001 From: link2xt Date: Mon, 2 Mar 2026 06:01:13 +0000 Subject: [PATCH 2/2] refactor: import tokio_rustls::rustls --- src/net/tls.rs | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/net/tls.rs b/src/net/tls.rs index 452cd93367..0745b32608 100644 --- a/src/net/tls.rs +++ b/src/net/tls.rs @@ -7,6 +7,7 @@ use anyhow::Result; use crate::net::session::SessionStream; +use tokio_rustls::rustls; use tokio_rustls::rustls::client::ClientSessionStore; pub async fn wrap_tls<'a>( @@ -82,7 +83,7 @@ impl TlsSessionStore { .lock() .entry((port, alpn.to_string())) .or_insert_with(|| { - Arc::new(tokio_rustls::rustls::client::ClientSessionMemoryCache::new( + Arc::new(rustls::client::ClientSessionMemoryCache::new( TLS_CACHE_SIZE, )) }), @@ -98,10 +99,10 @@ pub async fn wrap_rustls<'a>( stream: impl SessionStream + 'a, tls_session_store: &TlsSessionStore, ) -> Result { - let mut root_cert_store = tokio_rustls::rustls::RootCertStore::empty(); + let mut root_cert_store = rustls::RootCertStore::empty(); root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned()); - let mut config = tokio_rustls::rustls::ClientConfig::builder() + let mut config = rustls::ClientConfig::builder() .with_root_certificates(root_cert_store) .with_no_client_auth(); config.alpn_protocols = if alpn.is_empty() { @@ -118,8 +119,8 @@ pub async fn wrap_rustls<'a>( // and are not worth increasing // attack surface: . let resumption_store = tls_session_store.get(port, alpn); - let resumption = tokio_rustls::rustls::client::Resumption::store(resumption_store) - .tls12_resumption(tokio_rustls::rustls::client::Tls12Resumption::Disabled); + let resumption = rustls::client::Resumption::store(resumption_store) + .tls12_resumption(rustls::client::Tls12Resumption::Disabled); config.resumption = resumption; config.enable_sni = use_sni;