yetangitu/librespot
1
0
Fork 0
mirror of https://github.com/librespot-org/librespot.git synced 2025-10-03 09:49:31 +02:00
Code Issues Releases Wiki Activity

refactor: move from native to webpki certs on all platforms

Browse source
This commit is contained in:
Roderick van Domburg 2025-08-13 19:05:52 +02:00
parent 416bf00888
commit 056d125cb2
No known key found for this signature in database
GPG key ID: 607FA06CB5236AE0
4 changed files with 11 additions and 179 deletions
Download patch file Download diff file Expand all files Collapse all files

153
Cargo.lock generated
View file

@ -369,16 +369,6 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "core-foundation"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b2a6cd9ae233e7f62ba4e9353e81a88df7fc8a5987b8d445b4d90c879bd156f6"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]] [[package]]
name = "core-foundation-sys" name = "core-foundation-sys"
version = "0.8.7" version = "0.8.7"
@ -745,21 +735,6 @@ version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2" checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
[[package]]
name = "foreign-types"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
dependencies = [
"foreign-types-shared",
]
[[package]]
name = "foreign-types-shared"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
[[package]] [[package]]
name = "form_urlencoded" name = "form_urlencoded"
version = "1.2.1" version = "1.2.1"
@ -1316,7 +1291,6 @@ dependencies = [
"hyper-rustls 0.26.0", "hyper-rustls 0.26.0",
"hyper-util", "hyper-util",
"pin-project-lite", "pin-project-lite",
"rustls-native-certs 0.7.3",
"tokio", "tokio",
"tokio-rustls 0.25.0", "tokio-rustls 0.25.0",
"tower-service", "tower-service",
@ -1336,7 +1310,7 @@ dependencies = [
"hyper-util", "hyper-util",
"log", "log",
"rustls 0.22.4", "rustls 0.22.4",
"rustls-native-certs 0.7.3", "rustls-native-certs",
"rustls-pki-types", "rustls-pki-types",
"tokio", "tokio",
"tokio-rustls 0.25.0", "tokio-rustls 0.25.0",
@ -1355,7 +1329,6 @@ dependencies = [
"hyper-util", "hyper-util",
"log", "log",
"rustls 0.23.31", "rustls 0.23.31",
"rustls-native-certs 0.8.1",
"rustls-pki-types", "rustls-pki-types",
"tokio", "tokio",
"tokio-rustls 0.26.2", "tokio-rustls 0.26.2",
@ -1363,22 +1336,6 @@ dependencies = [
"webpki-roots 1.0.2", "webpki-roots 1.0.2",
] ]
[[package]]
name = "hyper-tls"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0"
dependencies = [
"bytes",
"http-body-util",
"hyper",
"hyper-util",
"native-tls",
"tokio",
"tokio-native-tls",
"tower-service",
]
[[package]] [[package]]
name = "hyper-util" name = "hyper-util"
version = "0.1.16" version = "0.1.16"
@ -2152,23 +2109,6 @@ dependencies = [
"serde", "serde",
] ]
[[package]]
name = "native-tls"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e"
dependencies = [
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
"security-framework 2.11.1",
"security-framework-sys",
"tempfile",
]
[[package]] [[package]]
name = "ndk" name = "ndk"
version = "0.9.0" version = "0.9.0"
@ -2485,50 +2425,12 @@ dependencies = [
"pathdiff", "pathdiff",
] ]
[[package]]
name = "openssl"
version = "0.10.73"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8"
dependencies = [
"bitflags 2.9.1",
"cfg-if",
"foreign-types",
"libc",
"once_cell",
"openssl-macros",
"openssl-sys",
]
[[package]]
name = "openssl-macros"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "openssl-probe" name = "openssl-probe"
version = "0.1.6" version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
[[package]]
name = "openssl-sys"
version = "0.9.109"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "90096e2e47630d78b7d1c20952dc621f957103f8bc2c8359ec81290d75238571"
dependencies = [
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]] [[package]]
name = "option-operations" name = "option-operations"
version = "0.5.0" version = "0.5.0"
@ -3012,7 +2914,6 @@ checksum = "d429f34c8092b2d42c7c93cec323bb4adeb7c67698f70839adec842ec10c7ceb"
dependencies = [ dependencies = [
"base64", "base64",
"bytes", "bytes",
"encoding_rs",
"futures-channel", "futures-channel",
"futures-core", "futures-core",
"futures-util", "futures-util",
@ -3022,12 +2923,9 @@ dependencies = [
"http-body-util", "http-body-util",
"hyper", "hyper",
"hyper-rustls 0.27.7", "hyper-rustls 0.27.7",
"hyper-tls",
"hyper-util", "hyper-util",
"js-sys", "js-sys",
"log", "log",
"mime",
"native-tls",
"percent-encoding", "percent-encoding",
"pin-project-lite", "pin-project-lite",
"quinn", "quinn",
@ -3038,7 +2936,6 @@ dependencies = [
"serde_urlencoded", "serde_urlencoded",
"sync_wrapper", "sync_wrapper",
"tokio", "tokio",
"tokio-native-tls",
"tokio-rustls 0.26.2", "tokio-rustls 0.26.2",
"tower", "tower",
"tower-http", "tower-http",
@ -3172,19 +3069,7 @@ dependencies = [
"rustls-pemfile", "rustls-pemfile",
"rustls-pki-types", "rustls-pki-types",
"schannel", "schannel",
"security-framework 2.11.1", "security-framework",
]
[[package]]
name = "rustls-native-certs"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3"
dependencies = [
"openssl-probe",
"rustls-pki-types",
"schannel",
"security-framework 3.3.0",
] ]
[[package]] [[package]]
@ -3294,20 +3179,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02"
dependencies = [ dependencies = [
"bitflags 2.9.1", "bitflags 2.9.1",
"core-foundation 0.9.4", "core-foundation",
"core-foundation-sys",
"libc",
"security-framework-sys",
]
[[package]]
name = "security-framework"
version = "3.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "80fb1d92c5028aa318b4b8bd7302a5bfcf48be96a37fc6fc790f806b0004ee0c"
dependencies = [
"bitflags 2.9.1",
"core-foundation 0.10.1",
"core-foundation-sys", "core-foundation-sys",
"libc", "libc",
"security-framework-sys", "security-framework-sys",
@ -3676,7 +3548,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b" checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
dependencies = [ dependencies = [
"bitflags 2.9.1", "bitflags 2.9.1",
"core-foundation 0.9.4", "core-foundation",
"system-configuration-sys", "system-configuration-sys",
] ]
@ -3862,16 +3734,6 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "tokio-native-tls"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
dependencies = [
"native-tls",
"tokio",
]
[[package]] [[package]]
name = "tokio-rustls" name = "tokio-rustls"
version = "0.25.0" version = "0.25.0"
@ -3913,7 +3775,6 @@ dependencies = [
"futures-util", "futures-util",
"log", "log",
"rustls 0.23.31", "rustls 0.23.31",
"rustls-native-certs 0.8.1",
"rustls-pki-types", "rustls-pki-types",
"tokio", "tokio",
"tokio-rustls 0.26.2", "tokio-rustls 0.26.2",
@ -4145,12 +4006,6 @@ dependencies = [
"wasm-bindgen", "wasm-bindgen",
] ]
[[package]]
name = "vcpkg"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
[[package]] [[package]]
name = "vergen" name = "vergen"
version = "9.0.6" version = "9.0.6"

23
core/Cargo.toml
View file

@ -77,29 +77,8 @@ uuid = { version = "1", default-features = false, features = ["v4"] }
data-encoding = "2.9" data-encoding = "2.9"
flate2 = "1.1" flate2 = "1.1"
protobuf-json-mapping = "3.7" protobuf-json-mapping = "3.7"
rustls = { version = "0.23", default-features = false, features = [ rustls = { version = "0.23", default-features = false, features = ["ring"] }
"ring",
] }
# Eventually, this should use rustls-platform-verifier to unify the platform-specific dependencies
# but currently, hyper-proxy2 and tokio-tungstenite do not support it.
[target.'cfg(any(target_os = "windows", target_os = "macos", target_os = "linux"))'.dependencies]
hyper-proxy2 = { version = "0.1", default-features = false, features = [
"rustls",
] }
hyper-rustls = { version = "0.27", default-features = false, features = [
"ring",
"http1",
"logging",
"tls12",
"native-tokio",
"http2",
] }
tokio-tungstenite = { version = "0.27", default-features = false, features = [
"rustls-tls-native-roots",
] }
[target.'cfg(not(any(target_os = "windows", target_os = "macos", target_os = "linux")))'.dependencies]
hyper-proxy2 = { version = "0.1", default-features = false, features = [ hyper-proxy2 = { version = "0.1", default-features = false, features = [
"rustls-webpki", "rustls-webpki",
] } ] }

7
core/src/http_client.rs
View file

@ -151,14 +151,7 @@ impl HttpClient {
Error::internal(format!("unable to install default crypto provider: {e:?}")) Error::internal(format!("unable to install default crypto provider: {e:?}"))
}); });
// On supported platforms, use native roots
#[cfg(any(target_os = "windows", target_os = "macos", target_os = "linux"))]
let tls = HttpsConnectorBuilder::new().with_native_roots()?;
// Otherwise, use webpki roots
#[cfg(not(any(target_os = "windows", target_os = "macos", target_os = "linux")))]
let tls = HttpsConnectorBuilder::new().with_webpki_roots(); let tls = HttpsConnectorBuilder::new().with_webpki_roots();
let https_connector = tls.https_or_http().enable_http1().enable_http2().build(); let https_connector = tls.https_or_http().enable_http1().enable_http2().build();
// When not using a proxy a dummy proxy is configured that will not intercept any traffic. // When not using a proxy a dummy proxy is configured that will not intercept any traffic.

7
oauth/Cargo.toml
View file

@ -11,7 +11,12 @@ edition = "2021"
[dependencies] [dependencies]
log = "0.4" log = "0.4"
oauth2 = { version = "5.0", features = ["reqwest", "reqwest-blocking"] } oauth2 = { version = "5.0", features = ["reqwest", "reqwest-blocking"] }
reqwest = { version = "0.12", features = ["blocking"] } reqwest = { version = "0.12", default-features = false, features = [
"blocking",
"http2",
"rustls-tls",
"system-proxy",
] }
open = "5.3" open = "5.3"
thiserror = "2" thiserror = "2"
url = "2.5" url = "2.5"