Skip to content

Commit

Permalink
feat(tls): Rename tls-roots feature with tls-native-roots
Browse files Browse the repository at this point in the history
  • Loading branch information
tottoto committed Aug 6, 2024
1 parent b1b5e89 commit 6962f37
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 7 deletions.
3 changes: 2 additions & 1 deletion tonic/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,8 @@ zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
tls-roots = ["tls", "channel", "dep:rustls-native-certs"]
tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
Expand Down
3 changes: 2 additions & 1 deletion tonic/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@
//! for [`tonic-build`]. Enabled by default.
//! - `tls`: Enables the [`rustls`] based TLS options for the `transport` feature. Not
//! enabled by default.
//! - `tls-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the
//! - `tls-roots`: Deprecated. An alias to `tls-native-roots`.
//! - `tls-native-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the
//! [`rustls-native-certs`] crate. Not enabled by default.
//! - `tls-webpki-roots`: Add the standard trust roots from the [`webpki-roots`] crate to
//! `rustls`-based gRPC clients. Not enabled by default.
Expand Down
4 changes: 2 additions & 2 deletions tonic/src/transport/channel/service/tls.rs
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,13 @@ impl TlsConnector {
identity: Option<Identity>,
domain: &str,
assume_http2: bool,
#[cfg(feature = "tls-roots")] with_native_roots: bool,
#[cfg(feature = "tls-native-roots")] with_native_roots: bool,
#[cfg(feature = "tls-webpki-roots")] with_webpki_roots: bool,
) -> Result<Self, crate::Error> {
let builder = ClientConfig::builder();
let mut roots = RootCertStore::empty();

#[cfg(feature = "tls-roots")]
#[cfg(feature = "tls-native-roots")]
if with_native_roots {
roots.add_parsable_certificates(rustls_native_certs::load_native_certs()?);
}
Expand Down
6 changes: 3 additions & 3 deletions tonic/src/transport/channel/tls.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ pub struct ClientTlsConfig {
certs: Vec<Certificate>,
identity: Option<Identity>,
assume_http2: bool,
#[cfg(feature = "tls-roots")]
#[cfg(feature = "tls-native-roots")]
with_native_roots: bool,
#[cfg(feature = "tls-webpki-roots")]
with_webpki_roots: bool,
Expand Down Expand Up @@ -64,7 +64,7 @@ impl ClientTlsConfig {
}

/// Enables the platform's trusted certs.
#[cfg(feature = "tls-roots")]
#[cfg(feature = "tls-native-roots")]
pub fn with_native_roots(self) -> Self {
ClientTlsConfig {
with_native_roots: true,
Expand All @@ -91,7 +91,7 @@ impl ClientTlsConfig {
self.identity,
domain,
self.assume_http2,
#[cfg(feature = "tls-roots")]
#[cfg(feature = "tls-native-roots")]
self.with_native_roots,
#[cfg(feature = "tls-webpki-roots")]
self.with_webpki_roots,
Expand Down

0 comments on commit 6962f37

Please sign in to comment.