Skip to content

Commit

Permalink
Make it an error to connect to a https URL without TLS
Browse files Browse the repository at this point in the history
  • Loading branch information
djc committed Nov 15, 2021
1 parent c62f382 commit 836c79c
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions tonic/src/transport/service/connector.rs
Original file line number Diff line number Diff line change
Expand Up @@ -80,16 +80,26 @@ where
#[cfg(feature = "tls-roots-common")]
let tls = self.tls_or_default(uri.scheme_str(), uri.host());

let is_https = uri.scheme_str() == Some("https");
let connect = self.inner.make_connection(uri);

Box::pin(async move {
#[cfg(not(feature = "tls"))]
{
if is_https && tls.is_some() {
return Err("connecting to HTTPS without TLS enabled".to_owned().into());
}
}

let io = connect.await?;

#[cfg(feature = "tls")]
{
if let Some(tls) = tls {
let conn = tls.connect(io).await?;
return Ok(BoxedIo::new(conn));
} else if is_https {
return Err("connecting to HTTPS without TLS enabled".to_owned().into());
}
}

Expand Down

0 comments on commit 836c79c

Please sign in to comment.