From 575497137175cfcce8bfb86e34bfed35d4ef68ee Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 11:34:11 -0500
Subject: [PATCH 01/27] add tls crypto provider feature
---
tonic/Cargo.toml | 81 +++++++++++++++++++++++++++++++++---------------
1 file changed, 56 insertions(+), 25 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 15f3dc49e..a78ddac1a 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -26,29 +26,55 @@ version = "0.12.3"
codegen = ["dep:async-trait"]
gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
-default = ["transport", "codegen", "prost"]
+default = ["transport", "codegen", "prost", "tls-ring"]
prost = ["dep:prost"]
-tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
-tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
+tls = [
+ "dep:rustls-pemfile",
+ "dep:tokio-rustls",
+ "dep:tokio",
+ "tokio?/rt",
+ "tokio?/macros",
+]
+tls-roots = [
+ "tls-native-roots",
+] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
+tls-ring = ["tls", "tokio-rustls?/ring"]
+tls-aws-lc = ["tls", "tokio-rustls?/aws-lc-rs"]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
"router",
"dep:async-stream",
"dep:h2",
- "dep:hyper", "hyper?/server",
- "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto",
+ "dep:hyper",
+ "hyper?/server",
+ "dep:hyper-util",
+ "hyper-util?/service",
+ "hyper-util?/server-auto",
"dep:socket2",
- "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time",
+ "dep:tokio",
+ "tokio?/macros",
+ "tokio?/net",
+ "tokio?/time",
"tokio-stream/net",
- "dep:tower", "tower?/util", "tower?/limit",
+ "dep:tower",
+ "tower?/util",
+ "tower?/limit",
]
channel = [
- "dep:hyper", "hyper?/client",
- "dep:hyper-util", "hyper-util?/client-legacy",
- "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util",
- "dep:tokio", "tokio?/time",
+ "dep:hyper",
+ "hyper?/client",
+ "dep:hyper-util",
+ "hyper-util?/client-legacy",
+ "dep:tower",
+ "tower?/balance",
+ "tower?/buffer",
+ "tower?/discover",
+ "tower?/limit",
+ "tower?/util",
+ "dep:tokio",
+ "tokio?/time",
"dep:hyper-timeout",
]
transport = ["server", "channel"]
@@ -69,36 +95,41 @@ percent-encoding = "2.1"
pin-project = "1.0.11"
tower-layer = "0.3"
tower-service = "0.3"
-tokio-stream = {version = "0.1.16", default-features = false}
+tokio-stream = { version = "0.1.16", default-features = false }
# prost
-prost = {version = "0.13", default-features = false, features = ["std"], optional = true}
+prost = { version = "0.13", default-features = false, features = [
+ "std",
+], optional = true }
# codegen
-async-trait = {version = "0.1.13", optional = true}
+async-trait = { version = "0.1.13", optional = true }
# transport
-async-stream = {version = "0.3", optional = true}
-h2 = {version = "0.4", optional = true}
-hyper = {version = "1", features = ["http1", "http2"], optional = true}
+async-stream = { version = "0.3", optional = true }
+h2 = { version = "0.4", optional = true }
+hyper = { version = "1", features = ["http1", "http2"], optional = true }
hyper-util = { version = "0.1.4", features = ["tokio"], optional = true }
socket2 = { version = "0.5", optional = true, features = ["all"] }
-tokio = {version = "1", default-features = false, optional = true}
-tower = {version = "0.4.7", default-features = false, optional = true}
-axum = {version = "0.7", default-features = false, optional = true}
+tokio = { version = "1", default-features = false, optional = true }
+tower = { version = "0.4.7", default-features = false, optional = true }
+axum = { version = "0.7", default-features = false, optional = true }
# rustls
rustls-pemfile = { version = "2.0", optional = true }
rustls-native-certs = { version = "0.8", optional = true }
-tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12", "ring"], optional = true }
+tokio-rustls = { version = "0.26", default-features = false, features = [
+ "logging",
+ "tls12",
+], optional = true }
webpki-roots = { version = "0.26", optional = true }
# compression
-flate2 = {version = "1.0", optional = true}
+flate2 = { version = "1.0", optional = true }
zstd = { version = "0.13.0", optional = true }
# channel
-hyper-timeout = {version = "0.5", optional = true}
+hyper-timeout = { version = "0.5", optional = true }
[dev-dependencies]
bencher = "0.1.5"
@@ -106,8 +137,8 @@ quickcheck = "1.0"
quickcheck_macros = "1.0"
rand = "0.8"
static_assertions = "1.0"
-tokio = {version = "1.0", features = ["rt", "macros"]}
-tower = {version = "0.4.7", features = ["full"]}
+tokio = { version = "1.0", features = ["rt", "macros"] }
+tower = { version = "0.4.7", features = ["full"] }
[package.metadata.docs.rs]
all-features = true
From 645d6dca3785f6da36de4977af60b7d74494e08e Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 13:10:29 -0500
Subject: [PATCH 02/27] fix features
---
tonic/Cargo.toml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index a78ddac1a..66a140911 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -26,7 +26,7 @@ version = "0.12.3"
codegen = ["dep:async-trait"]
gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
-default = ["transport", "codegen", "prost", "tls-ring"]
+default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
tls = [
"dep:rustls-pemfile",
@@ -40,8 +40,8 @@ tls-roots = [
] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
-tls-ring = ["tls", "tokio-rustls?/ring"]
-tls-aws-lc = ["tls", "tokio-rustls?/aws-lc-rs"]
+tls-ring = ["tls", "tokio-rustls/ring"]
+tls-aws-lc = ["tls", "tokio-rustls/aws-lc-rs"]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
"router",
From 4cd649b4127b08a451a7f76e0c3ce308aa03039f Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 13:34:07 -0500
Subject: [PATCH 03/27] fix
---
tonic/Cargo.toml | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 66a140911..ace4bb536 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -34,14 +34,21 @@ tls = [
"dep:tokio",
"tokio?/rt",
"tokio?/macros",
+ "tokio-rustls/ring",
]
tls-roots = [
"tls-native-roots",
] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
-tls-ring = ["tls", "tokio-rustls/ring"]
-tls-aws-lc = ["tls", "tokio-rustls/aws-lc-rs"]
+tls-aws-lc = [
+ "dep:rustls-pemfile",
+ "dep:tokio-rustls",
+ "dep:tokio",
+ "tokio?/rt",
+ "tokio?/macros",
+ "tokio-rustls/aws-lc-rs",
+]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
"router",
From 3fe5c268f342dc746f9c79cb94a4673080a8bf96 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 14:53:18 -0500
Subject: [PATCH 04/27] fix
---
tonic/Cargo.toml | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index ace4bb536..2cb36c7e5 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -36,11 +36,6 @@ tls = [
"tokio?/macros",
"tokio-rustls/ring",
]
-tls-roots = [
- "tls-native-roots",
-] # Deprecated. Please use `tls-native-roots` instead.
-tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
-tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
tls-aws-lc = [
"dep:rustls-pemfile",
"dep:tokio-rustls",
@@ -49,6 +44,11 @@ tls-aws-lc = [
"tokio?/macros",
"tokio-rustls/aws-lc-rs",
]
+tls-roots = [
+ "tls-native-roots",
+] # Deprecated. Please use `tls-native-roots` instead.
+tls-native-roots = ["channel", "dep:rustls-native-certs"]
+tls-webpki-roots = ["channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
"router",
From 843c6c1bbe39d89ca0d5278da50f14bf227cc42a Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 14:59:43 -0500
Subject: [PATCH 05/27] add tls-aws-lc to conditional compilation
---
tonic/src/request.rs | 4 +--
tonic/src/transport/channel/endpoint.rs | 14 +++++-----
tonic/src/transport/channel/mod.rs | 4 +--
.../transport/channel/service/connector.rs | 27 ++++++++++---------
tonic/src/transport/channel/service/mod.rs | 4 +--
tonic/src/transport/mod.rs | 8 +++---
tonic/src/transport/server/conn.rs | 12 ++++-----
tonic/src/transport/server/incoming.rs | 8 +++---
tonic/src/transport/server/mod.rs | 22 +++++++--------
tonic/src/transport/server/service/io.rs | 22 +++++++--------
tonic/src/transport/server/service/mod.rs | 4 +--
tonic/src/transport/service/mod.rs | 2 +-
12 files changed, 67 insertions(+), 64 deletions(-)
diff --git a/tonic/src/request.rs b/tonic/src/request.rs
index 592d71576..ca6d38277 100644
--- a/tonic/src/request.rs
+++ b/tonic/src/request.rs
@@ -218,7 +218,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.local_addr());
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
@@ -240,7 +240,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.remote_addr());
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs
index b760e1ee9..246ecb530 100644
--- a/tonic/src/transport/channel/endpoint.rs
+++ b/tonic/src/transport/channel/endpoint.rs
@@ -1,8 +1,8 @@
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use super::service::TlsConnector;
use super::service::{self, Executor, SharedExec};
use super::Channel;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use super::ClientTlsConfig;
use crate::transport::Error;
use bytes::Bytes;
@@ -23,7 +23,7 @@ pub struct Endpoint {
pub(crate) timeout: Option<Duration>,
pub(crate) concurrency_limit: Option<usize>,
pub(crate) rate_limit: Option<(u64, Duration)>,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(crate) tls: Option<TlsConnector>,
pub(crate) buffer_size: Option<usize>,
pub(crate) init_stream_window_size: Option<u32>,
@@ -49,7 +49,7 @@ impl Endpoint {
D::Error: Into<crate::Error>,
{
let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?;
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) {
return me.tls_config(ClientTlsConfig::new().with_enabled_roots());
}
@@ -244,7 +244,7 @@ impl Endpoint {
}
/// Configures TLS for the endpoint.
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result<Self, Error> {
Ok(Endpoint {
tls: Some(
@@ -320,7 +320,7 @@ impl Endpoint {
pub(crate) fn connector<C>(&self, c: C) -> service::Connector<C> {
service::Connector::new(
c,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
self.tls.clone(),
)
}
@@ -445,7 +445,7 @@ impl From<Uri> for Endpoint {
concurrency_limit: None,
rate_limit: None,
timeout: None,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls: None,
buffer_size: None,
init_stream_window_size: None,
diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs
index ed8d22275..f04f826e1 100644
--- a/tonic/src/transport/channel/mod.rs
+++ b/tonic/src/transport/channel/mod.rs
@@ -2,11 +2,11 @@
mod endpoint;
pub(crate) mod service;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
mod tls;
pub use endpoint::Endpoint;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use tls::ClientTlsConfig;
use self::service::{Connection, DynamicServiceStream, Executor, SharedExec};
diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs
index cf28cdef7..9ab659d2f 100644
--- a/tonic/src/transport/channel/service/connector.rs
+++ b/tonic/src/transport/channel/service/connector.rs
@@ -1,30 +1,33 @@
use super::BoxedIo;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use super::TlsConnector;
use crate::transport::channel::BoxFuture;
use crate::ConnectError;
use http::Uri;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use std::fmt;
use std::task::{Context, Poll};
use hyper::rt;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use hyper_util::rt::TokioIo;
use tower_service::Service;
pub(crate) struct Connector<C> {
inner: C,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls: Option<TlsConnector>,
}
impl<C> Connector<C> {
- pub(crate) fn new(inner: C, #[cfg(feature = "tls")] tls: Option<TlsConnector>) -> Self {
+ pub(crate) fn new(
+ inner: C,
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option<TlsConnector>,
+ ) -> Self {
Self {
inner,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls,
}
}
@@ -48,10 +51,10 @@ where
}
fn call(&mut self, uri: Uri) -> Self::Future {
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
let tls = self.tls.clone();
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
let is_https = uri.scheme_str() == Some("https");
let connect = self.inner.call(uri);
@@ -59,7 +62,7 @@ where
async {
let io = connect.await?;
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
if is_https {
return if let Some(tls) = tls {
let io = tls.connect(TokioIo::new(io)).await?;
@@ -78,11 +81,11 @@ where
}
/// Error returned when trying to connect to an HTTPS endpoint without TLS enabled.
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
#[derive(Debug)]
pub(crate) struct HttpsUriWithoutTlsSupport(());
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
impl fmt::Display for HttpsUriWithoutTlsSupport {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Connecting to HTTPS without TLS enabled")
@@ -90,5 +93,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport {
}
// std::error::Error only requires a type to impl Debug and Display
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
impl std::error::Error for HttpsUriWithoutTlsSupport {}
diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs
index cd481e9a4..f329fee75 100644
--- a/tonic/src/transport/channel/service/mod.rs
+++ b/tonic/src/transport/channel/service/mod.rs
@@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector;
mod executor;
pub(super) use self::executor::{Executor, SharedExec};
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
mod tls;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(super) use self::tls::TlsConnector;
diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs
index c81208d0e..e9a53bba3 100644
--- a/tonic/src/transport/mod.rs
+++ b/tonic/src/transport/mod.rs
@@ -96,7 +96,7 @@ pub mod server;
mod error;
mod service;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
mod tls;
#[doc(inline)]
@@ -109,15 +109,15 @@ pub use self::server::Server;
/// Deprecated. Please use [`crate::status::TimeoutExpired`] instead.
pub use crate::status::TimeoutExpired;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use self::tls::Certificate;
pub use hyper::{body::Body, Uri};
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use tokio_rustls::rustls::pki_types::CertificateDer;
#[cfg(all(feature = "channel", feature = "tls"))]
pub use self::channel::ClientTlsConfig;
#[cfg(all(feature = "server", feature = "tls"))]
pub use self::server::ServerTlsConfig;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use self::tls::Identity;
diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs
index f0fee4fc3..9e53fe8da 100644
--- a/tonic/src/transport/server/conn.rs
+++ b/tonic/src/transport/server/conn.rs
@@ -1,11 +1,11 @@
use std::net::SocketAddr;
use tokio::net::TcpStream;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use std::sync::Arc;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use tokio_rustls::rustls::pki_types::CertificateDer;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use tokio_rustls::server::TlsStream;
/// Trait that connected IO resources implement and use to produce info about the connection.
@@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream {
fn connect_info(&self) -> Self::ConnectInfo {}
}
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
impl<T> Connected for TlsStream<T>
where
T: Connected,
@@ -128,14 +128,14 @@ where
/// See [`Connected`] for more details.
///
/// [ext]: crate::Request::extensions
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
#[derive(Debug, Clone)]
pub struct TlsConnectInfo<T> {
inner: T,
certs: Option<Arc<Vec<CertificateDer<'static>>>>,
}
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
impl<T> TlsConnectInfo<T> {
/// Get a reference to the underlying connection info.
pub fn get_ref(&self) -> &T {
diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs
index e55c6a171..37ea313f8 100644
--- a/tonic/src/transport/server/incoming.rs
+++ b/tonic/src/transport/server/incoming.rs
@@ -16,7 +16,7 @@ use tokio_stream::{Stream, StreamExt};
use tracing::warn;
use super::service::ServerIo;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use super::service::TlsAcceptor;
#[cfg(not(feature = "tls"))]
@@ -42,7 +42,7 @@ where
}
}
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
tls: Option<TlsAcceptor>,
@@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into<crate::Error>) -> ControlFlow<crate::Err
ControlFlow::Break(e)
}
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
async fn select<IO: 'static, IE>(
incoming: &mut (impl Stream<Item = Result<IO, IE>> + Unpin),
tasks: &mut tokio::task::JoinSet<Result<ServerIo<IO>, crate::Error>>,
@@ -147,7 +147,7 @@ where
}
}
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
enum SelectOutput<A> {
Incoming(A),
Io(ServerIo<A>),
diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs
index 62006e1a6..ef7554fc4 100644
--- a/tonic/src/transport/server/mod.rs
+++ b/tonic/src/transport/server/mod.rs
@@ -3,7 +3,7 @@
mod conn;
mod incoming;
mod service;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
mod tls;
#[cfg(unix)]
mod unix;
@@ -19,13 +19,13 @@ use hyper_util::{
server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec},
service::TowerToHyperService,
};
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use tls::ServerTlsConfig;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use conn::TlsConnectInfo;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use self::service::TlsAcceptor;
#[cfg(unix)]
@@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo;
pub use incoming::TcpIncoming;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use crate::transport::Error;
use self::service::{RecoverError, ServerIo};
@@ -86,7 +86,7 @@ pub struct Server<L = Identity> {
trace_interceptor: Option<TraceInterceptor>,
concurrency_limit: Option<usize>,
timeout: Option<Duration>,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls: Option<TlsAcceptor>,
init_stream_window_size: Option<u32>,
init_connection_window_size: Option<u32>,
@@ -110,7 +110,7 @@ impl Default for Server<Identity> {
trace_interceptor: None,
concurrency_limit: None,
timeout: None,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls: None,
init_stream_window_size: None,
init_connection_window_size: None,
@@ -154,7 +154,7 @@ impl Server {
impl<L> Server<L> {
/// Configure TLS for this server.
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result<Self, Error> {
Ok(Server {
tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?),
@@ -509,7 +509,7 @@ impl<L> Server<L> {
trace_interceptor: self.trace_interceptor,
concurrency_limit: self.concurrency_limit,
timeout: self.timeout,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
tls: self.tls,
init_stream_window_size: self.init_stream_window_size,
init_connection_window_size: self.init_connection_window_size,
@@ -570,7 +570,7 @@ impl<L> Server<L> {
let incoming = incoming::tcp_incoming(
incoming,
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
self.tls,
);
let mut svc = MakeSvc {
@@ -1041,7 +1041,7 @@ where
request.extensions_mut().insert(inner.clone());
}
tower::util::Either::B(inner) => {
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
{
request.extensions_mut().insert(inner.clone());
request.extensions_mut().insert(inner.get_ref().clone());
diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs
index e4588abe7..343419fd3 100644
--- a/tonic/src/transport/server/service/io.rs
+++ b/tonic/src/transport/server/service/io.rs
@@ -4,18 +4,18 @@ use std::io::IoSlice;
use std::pin::Pin;
use std::task::{Context, Poll};
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use tokio_rustls::server::TlsStream;
pub(crate) enum ServerIo<IO> {
Io(IO),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
TlsIo(Box<TlsStream<IO>>),
}
use tower::util::Either;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
type ServerIoConnectInfo<IO> =
Either<<IO as Connected>::ConnectInfo, <TlsStream<IO> as Connected>::ConnectInfo>;
@@ -27,7 +27,7 @@ impl<IO> ServerIo<IO> {
Self::Io(io)
}
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(in crate::transport) fn new_tls_io(io: TlsStream<IO>) -> Self {
Self::TlsIo(Box::new(io))
}
@@ -38,7 +38,7 @@ impl<IO> ServerIo<IO> {
{
match self {
Self::Io(io) => Either::A(io.connect_info()),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Either::B(io.connect_info()),
}
}
@@ -55,7 +55,7 @@ where
) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_read(cx, buf),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf),
}
}
@@ -72,7 +72,7 @@ where
) -> Poll<io::Result<usize>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write(cx, buf),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf),
}
}
@@ -80,7 +80,7 @@ where
fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_flush(cx),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Pin::new(io).poll_flush(cx),
}
}
@@ -88,7 +88,7 @@ where
fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_shutdown(cx),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx),
}
}
@@ -100,7 +100,7 @@ where
) -> Poll<Result<usize, io::Error>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs),
}
}
@@ -108,7 +108,7 @@ where
fn is_write_vectored(&self) -> bool {
match self {
Self::Io(io) => io.is_write_vectored(),
- #[cfg(feature = "tls")]
+ #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
Self::TlsIo(io) => io.is_write_vectored(),
}
}
diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs
index 5043339e4..1ab4255b5 100644
--- a/tonic/src/transport/server/service/mod.rs
+++ b/tonic/src/transport/server/service/mod.rs
@@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo;
mod recover_error;
pub(crate) use self::recover_error::RecoverError;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
mod tls;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(crate) use self::tls::TlsAcceptor;
diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs
index 7f1e3fcae..f507ffe5e 100644
--- a/tonic/src/transport/service/mod.rs
+++ b/tonic/src/transport/service/mod.rs
@@ -1,5 +1,5 @@
pub(crate) mod grpc_timeout;
-#[cfg(feature = "tls")]
+#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub(crate) mod tls;
pub(crate) use self::grpc_timeout::GrpcTimeout;
From 6bb3a9ccb0cbe3bd58bd22ebaa911f09746f8084 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 15:30:09 -0500
Subject: [PATCH 06/27] fix conditional compilation
---
tonic/src/transport/server/incoming.rs | 2 +-
tonic/src/transport/server/mod.rs | 2 +-
tonic/src/transport/server/service/io.rs | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs
index 37ea313f8..0e73181cb 100644
--- a/tonic/src/transport/server/incoming.rs
+++ b/tonic/src/transport/server/incoming.rs
@@ -19,7 +19,7 @@ use super::service::ServerIo;
#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
use super::service::TlsAcceptor;
-#[cfg(not(feature = "tls"))]
+#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
) -> impl Stream<Item = Result<ServerIo<IO>, crate::Error>>
diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs
index ef7554fc4..3cd7876a4 100644
--- a/tonic/src/transport/server/mod.rs
+++ b/tonic/src/transport/server/mod.rs
@@ -1047,7 +1047,7 @@ where
request.extensions_mut().insert(inner.get_ref().clone());
}
- #[cfg(not(feature = "tls"))]
+ #[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
{
// just a type check to make sure we didn't forget to
// insert this into the extensions
diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs
index 343419fd3..f0fba2354 100644
--- a/tonic/src/transport/server/service/io.rs
+++ b/tonic/src/transport/server/service/io.rs
@@ -19,7 +19,7 @@ use tower::util::Either;
type ServerIoConnectInfo<IO> =
Either<<IO as Connected>::ConnectInfo, <TlsStream<IO> as Connected>::ConnectInfo>;
-#[cfg(not(feature = "tls"))]
+#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
type ServerIoConnectInfo<IO> = Either<<IO as Connected>::ConnectInfo, ()>;
impl<IO> ServerIo<IO> {
From da565a03f1c3738008334ad136f9b75667cdb05b Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 15:32:55 -0500
Subject: [PATCH 07/27] fix conditional compilation
---
tonic/src/request.rs | 8 ++++----
tonic/src/transport/mod.rs | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/tonic/src/request.rs b/tonic/src/request.rs
index ca6d38277..f22d10f3d 100644
--- a/tonic/src/request.rs
+++ b/tonic/src/request.rs
@@ -1,15 +1,15 @@
use crate::metadata::{MetadataMap, MetadataValue};
#[cfg(feature = "server")]
use crate::transport::server::TcpConnectInfo;
-#[cfg(all(feature = "server", feature = "tls"))]
+#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
use crate::transport::server::TlsConnectInfo;
use http::Extensions;
#[cfg(feature = "server")]
use std::net::SocketAddr;
-#[cfg(all(feature = "server", feature = "tls"))]
+#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
use std::sync::Arc;
use std::time::Duration;
-#[cfg(all(feature = "server", feature = "tls"))]
+#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
use tokio_rustls::rustls::pki_types::CertificateDer;
use tokio_stream::Stream;
@@ -256,7 +256,7 @@ impl<T> Request<T> {
/// and is mostly used for mTLS. This currently only returns
/// `Some` on the server side of the `transport` server with
/// TLS enabled connections.
- #[cfg(all(feature = "server", feature = "tls"))]
+ #[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
pub fn peer_certs(&self) -> Option<Arc<Vec<CertificateDer<'static>>>> {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs
index e9a53bba3..d98c1c729 100644
--- a/tonic/src/transport/mod.rs
+++ b/tonic/src/transport/mod.rs
@@ -117,7 +117,7 @@ pub use tokio_rustls::rustls::pki_types::CertificateDer;
#[cfg(all(feature = "channel", feature = "tls"))]
pub use self::channel::ClientTlsConfig;
-#[cfg(all(feature = "server", feature = "tls"))]
+#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
pub use self::server::ServerTlsConfig;
#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
pub use self::tls::Identity;
From 0185ddbe4ad9bc24d9b0bef92d7dd731317ab51a Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:31:31 -0500
Subject: [PATCH 08/27] revert formatting
---
tonic/Cargo.toml | 45 ++++++++++++++++++++-------------------------
1 file changed, 20 insertions(+), 25 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 2cb36c7e5..f14d1a706 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -102,41 +102,36 @@ percent-encoding = "2.1"
pin-project = "1.0.11"
tower-layer = "0.3"
tower-service = "0.3"
-tokio-stream = { version = "0.1.16", default-features = false }
+tokio-stream = {version = "0.1.16", default-features = false}
# prost
-prost = { version = "0.13", default-features = false, features = [
- "std",
-], optional = true }
+prost = {version = "0.13", default-features = false, features = ["std"], optional = true}
# codegen
-async-trait = { version = "0.1.13", optional = true }
+async-trait = {version = "0.1.13", optional = true}
# transport
-async-stream = { version = "0.3", optional = true }
-h2 = { version = "0.4", optional = true }
-hyper = { version = "1", features = ["http1", "http2"], optional = true }
-hyper-util = { version = "0.1.4", features = ["tokio"], optional = true }
-socket2 = { version = "0.5", optional = true, features = ["all"] }
-tokio = { version = "1", default-features = false, optional = true }
-tower = { version = "0.4.7", default-features = false, optional = true }
-axum = { version = "0.7", default-features = false, optional = true }
+async-stream = {version = "0.3", optional = true}
+h2 = {version = "0.4", optional = true}
+hyper = {version = "1", features = ["http1", "http2"], optional = true}
+hyper-util = {version = "0.1.4", features = ["tokio"], optional = true}
+socket2 = {version = "0.5", optional = true, features = ["all"]}
+tokio = {version = "1", default-features = false, optional = true}
+tower = {version = "0.4.7", default-features = false, optional = true}
+axum = {version = "0.7", default-features = false, optional = true}
# rustls
-rustls-pemfile = { version = "2.0", optional = true }
-rustls-native-certs = { version = "0.8", optional = true }
-tokio-rustls = { version = "0.26", default-features = false, features = [
- "logging",
- "tls12",
-], optional = true }
-webpki-roots = { version = "0.26", optional = true }
+rustls-pemfile = {version = "2.0", optional = true}
+rustls-native-certs = {version = "0.8", optional = true}
+tokio-rustls = {version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true}
+webpki-roots = {version = "0.26", optional = true}
# compression
-flate2 = { version = "1.0", optional = true }
-zstd = { version = "0.13.0", optional = true }
+flate2 = {version = "1.0", optional = true}
+zstd = {version = "0.13.0", optional = true}
# channel
-hyper-timeout = { version = "0.5", optional = true }
+hyper-timeout = {version = "0.5", optional = true}
[dev-dependencies]
bencher = "0.1.5"
@@ -144,8 +139,8 @@ quickcheck = "1.0"
quickcheck_macros = "1.0"
rand = "0.8"
static_assertions = "1.0"
-tokio = { version = "1.0", features = ["rt", "macros"] }
-tower = { version = "0.4.7", features = ["full"] }
+tokio = {version = "1.0", features = ["rt", "macros"]}
+tower = {version = "0.4.7", features = ["full"]}
[package.metadata.docs.rs]
all-features = true
From 065faf4393e0c665d00409031351f65195f0105b Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:36:23 -0500
Subject: [PATCH 09/27] revert formatting
---
tonic/Cargo.toml | 54 ++++---------------
.../transport/channel/service/connector.rs | 5 +-
2 files changed, 12 insertions(+), 47 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index f14d1a706..9a15067a1 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,25 +28,9 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = [
- "dep:rustls-pemfile",
- "dep:tokio-rustls",
- "dep:tokio",
- "tokio?/rt",
- "tokio?/macros",
- "tokio-rustls/ring",
-]
-tls-aws-lc = [
- "dep:rustls-pemfile",
- "dep:tokio-rustls",
- "dep:tokio",
- "tokio?/rt",
- "tokio?/macros",
- "tokio-rustls/aws-lc-rs",
-]
-tls-roots = [
- "tls-native-roots",
-] # Deprecated. Please use `tls-native-roots` instead.
+tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/ring"]
+tls-aws-lc = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/aws-lc-rs"]
+tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
@@ -54,34 +38,18 @@ server = [
"router",
"dep:async-stream",
"dep:h2",
- "dep:hyper",
- "hyper?/server",
- "dep:hyper-util",
- "hyper-util?/service",
- "hyper-util?/server-auto",
+ "dep:hyper", "hyper?/server",
+ "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto",
"dep:socket2",
- "dep:tokio",
- "tokio?/macros",
- "tokio?/net",
- "tokio?/time",
+ "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time",
"tokio-stream/net",
- "dep:tower",
- "tower?/util",
- "tower?/limit",
+ "dep:tower", "tower?/util", "tower?/limit",
]
channel = [
- "dep:hyper",
- "hyper?/client",
- "dep:hyper-util",
- "hyper-util?/client-legacy",
- "dep:tower",
- "tower?/balance",
- "tower?/buffer",
- "tower?/discover",
- "tower?/limit",
- "tower?/util",
- "dep:tokio",
- "tokio?/time",
+ "dep:hyper", "hyper?/client",
+ "dep:hyper-util", "hyper-util?/client-legacy",
+ "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util",
+ "dep:tokio", "tokio?/time",
"dep:hyper-timeout",
]
transport = ["server", "channel"]
diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs
index 9ab659d2f..c7ecf8d50 100644
--- a/tonic/src/transport/channel/service/connector.rs
+++ b/tonic/src/transport/channel/service/connector.rs
@@ -21,10 +21,7 @@ pub(crate) struct Connector<C> {
}
impl<C> Connector<C> {
- pub(crate) fn new(
- inner: C,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option<TlsConnector>,
- ) -> Self {
+ pub(crate) fn new(inner: C, #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option<TlsConnector>) -> Self {
Self {
inner,
#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
From 3dfae60bc1241a2df88846020a0ad598c5a9b099 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:42:51 -0500
Subject: [PATCH 10/27] add tls-any and deprecate tls
---
tonic/Cargo.toml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 9a15067a1..38451a873 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,8 +28,10 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/ring"]
-tls-aws-lc = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros", "tokio-rustls/aws-lc-rs"]
+tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
+tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
+tls-ring = ["tls-any", "tokio-rustls/ring"]
+tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"]
tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["channel", "dep:webpki-roots"]
From a01b67e11ca41f7a2926f034d3804da737cbf5c5 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:43:39 -0500
Subject: [PATCH 11/27] formatting
---
tonic/Cargo.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 38451a873..ccdfc267b 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,8 +28,8 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
+tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
tls-ring = ["tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"]
tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
From c9c833cff95ad71f513d0400c49769a966ae9dac Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:45:22 -0500
Subject: [PATCH 12/27] revert formatting
---
tonic/Cargo.toml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index ccdfc267b..f7f9d0262 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -84,8 +84,8 @@ async-trait = {version = "0.1.13", optional = true}
async-stream = {version = "0.3", optional = true}
h2 = {version = "0.4", optional = true}
hyper = {version = "1", features = ["http1", "http2"], optional = true}
-hyper-util = {version = "0.1.4", features = ["tokio"], optional = true}
-socket2 = {version = "0.5", optional = true, features = ["all"]}
+hyper-util = { version = "0.1.4", features = ["tokio"], optional = true }
+socket2 = { version = "0.5", optional = true, features = ["all"] }
tokio = {version = "1", default-features = false, optional = true}
tower = {version = "0.4.7", default-features = false, optional = true}
axum = {version = "0.7", default-features = false, optional = true}
From f7b40008bc1ea03fd6b0808959411a8b88a77cd1 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:46:33 -0500
Subject: [PATCH 13/27] revert formatting
---
tonic/Cargo.toml | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index f7f9d0262..4e4f53f8e 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -91,14 +91,14 @@ tower = {version = "0.4.7", default-features = false, optional = true}
axum = {version = "0.7", default-features = false, optional = true}
# rustls
-rustls-pemfile = {version = "2.0", optional = true}
-rustls-native-certs = {version = "0.8", optional = true}
-tokio-rustls = {version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true}
-webpki-roots = {version = "0.26", optional = true}
+rustls-pemfile = { version = "2.0", optional = true }
+rustls-native-certs = { version = "0.8", optional = true }
+tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true }
+webpki-roots = { version = "0.26", optional = true }
# compression
flate2 = {version = "1.0", optional = true}
-zstd = {version = "0.13.0", optional = true}
+zstd = { version = "0.13.0", optional = true }
# channel
hyper-timeout = {version = "0.5", optional = true}
From 91f6f3bd5562906284fede7833bd0479f39710bf Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 16 Oct 2024 16:50:44 -0500
Subject: [PATCH 14/27] clean up #[cfg(..)]
---
tonic/src/request.rs | 12 +++++-----
tonic/src/transport/channel/endpoint.rs | 14 +++++------
tonic/src/transport/channel/mod.rs | 4 ++--
.../transport/channel/service/connector.rs | 24 +++++++++----------
tonic/src/transport/channel/service/mod.rs | 4 ++--
tonic/src/transport/mod.rs | 12 +++++-----
tonic/src/transport/server/conn.rs | 12 +++++-----
tonic/src/transport/server/incoming.rs | 10 ++++----
tonic/src/transport/server/mod.rs | 24 +++++++++----------
tonic/src/transport/server/service/io.rs | 24 +++++++++----------
tonic/src/transport/server/service/mod.rs | 4 ++--
tonic/src/transport/service/mod.rs | 2 +-
12 files changed, 73 insertions(+), 73 deletions(-)
diff --git a/tonic/src/request.rs b/tonic/src/request.rs
index f22d10f3d..09f08555b 100644
--- a/tonic/src/request.rs
+++ b/tonic/src/request.rs
@@ -1,15 +1,15 @@
use crate::metadata::{MetadataMap, MetadataValue};
#[cfg(feature = "server")]
use crate::transport::server::TcpConnectInfo;
-#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
+#[cfg(all(feature = "server", feature = "tls-any"))]
use crate::transport::server::TlsConnectInfo;
use http::Extensions;
#[cfg(feature = "server")]
use std::net::SocketAddr;
-#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
+#[cfg(all(feature = "server", feature = "tls-any"))]
use std::sync::Arc;
use std::time::Duration;
-#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
+#[cfg(all(feature = "server", feature = "tls-any"))]
use tokio_rustls::rustls::pki_types::CertificateDer;
use tokio_stream::Stream;
@@ -218,7 +218,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.local_addr());
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
@@ -240,7 +240,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.remote_addr());
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
@@ -256,7 +256,7 @@ impl<T> Request<T> {
/// and is mostly used for mTLS. This currently only returns
/// `Some` on the server side of the `transport` server with
/// TLS enabled connections.
- #[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
+ #[cfg(all(feature = "server", feature = "tls-any"))]
pub fn peer_certs(&self) -> Option<Arc<Vec<CertificateDer<'static>>>> {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs
index 246ecb530..49695491c 100644
--- a/tonic/src/transport/channel/endpoint.rs
+++ b/tonic/src/transport/channel/endpoint.rs
@@ -1,8 +1,8 @@
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use super::service::TlsConnector;
use super::service::{self, Executor, SharedExec};
use super::Channel;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use super::ClientTlsConfig;
use crate::transport::Error;
use bytes::Bytes;
@@ -23,7 +23,7 @@ pub struct Endpoint {
pub(crate) timeout: Option<Duration>,
pub(crate) concurrency_limit: Option<usize>,
pub(crate) rate_limit: Option<(u64, Duration)>,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
pub(crate) tls: Option<TlsConnector>,
pub(crate) buffer_size: Option<usize>,
pub(crate) init_stream_window_size: Option<u32>,
@@ -49,7 +49,7 @@ impl Endpoint {
D::Error: Into<crate::Error>,
{
let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?;
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) {
return me.tls_config(ClientTlsConfig::new().with_enabled_roots());
}
@@ -244,7 +244,7 @@ impl Endpoint {
}
/// Configures TLS for the endpoint.
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result<Self, Error> {
Ok(Endpoint {
tls: Some(
@@ -320,7 +320,7 @@ impl Endpoint {
pub(crate) fn connector<C>(&self, c: C) -> service::Connector<C> {
service::Connector::new(
c,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
self.tls.clone(),
)
}
@@ -445,7 +445,7 @@ impl From<Uri> for Endpoint {
concurrency_limit: None,
rate_limit: None,
timeout: None,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls: None,
buffer_size: None,
init_stream_window_size: None,
diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs
index f04f826e1..e8ada742d 100644
--- a/tonic/src/transport/channel/mod.rs
+++ b/tonic/src/transport/channel/mod.rs
@@ -2,11 +2,11 @@
mod endpoint;
pub(crate) mod service;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
mod tls;
pub use endpoint::Endpoint;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use tls::ClientTlsConfig;
use self::service::{Connection, DynamicServiceStream, Executor, SharedExec};
diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs
index c7ecf8d50..8e1ee4887 100644
--- a/tonic/src/transport/channel/service/connector.rs
+++ b/tonic/src/transport/channel/service/connector.rs
@@ -1,30 +1,30 @@
use super::BoxedIo;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use super::TlsConnector;
use crate::transport::channel::BoxFuture;
use crate::ConnectError;
use http::Uri;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use std::fmt;
use std::task::{Context, Poll};
use hyper::rt;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use hyper_util::rt::TokioIo;
use tower_service::Service;
pub(crate) struct Connector<C> {
inner: C,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls: Option<TlsConnector>,
}
impl<C> Connector<C> {
- pub(crate) fn new(inner: C, #[cfg(any(feature = "tls", feature = "tls-aws-lc"))] tls: Option<TlsConnector>) -> Self {
+ pub(crate) fn new(inner: C, #[cfg(feature = "tls-any")] tls: Option<TlsConnector>) -> Self {
Self {
inner,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls,
}
}
@@ -48,10 +48,10 @@ where
}
fn call(&mut self, uri: Uri) -> Self::Future {
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
let tls = self.tls.clone();
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
let is_https = uri.scheme_str() == Some("https");
let connect = self.inner.call(uri);
@@ -59,7 +59,7 @@ where
async {
let io = connect.await?;
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
if is_https {
return if let Some(tls) = tls {
let io = tls.connect(TokioIo::new(io)).await?;
@@ -78,11 +78,11 @@ where
}
/// Error returned when trying to connect to an HTTPS endpoint without TLS enabled.
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
#[derive(Debug)]
pub(crate) struct HttpsUriWithoutTlsSupport(());
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
impl fmt::Display for HttpsUriWithoutTlsSupport {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Connecting to HTTPS without TLS enabled")
@@ -90,5 +90,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport {
}
// std::error::Error only requires a type to impl Debug and Display
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
impl std::error::Error for HttpsUriWithoutTlsSupport {}
diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs
index f329fee75..f186e5552 100644
--- a/tonic/src/transport/channel/service/mod.rs
+++ b/tonic/src/transport/channel/service/mod.rs
@@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector;
mod executor;
pub(super) use self::executor::{Executor, SharedExec};
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
mod tls;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub(super) use self::tls::TlsConnector;
diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs
index d98c1c729..7e67c9be4 100644
--- a/tonic/src/transport/mod.rs
+++ b/tonic/src/transport/mod.rs
@@ -96,7 +96,7 @@ pub mod server;
mod error;
mod service;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
mod tls;
#[doc(inline)]
@@ -109,15 +109,15 @@ pub use self::server::Server;
/// Deprecated. Please use [`crate::status::TimeoutExpired`] instead.
pub use crate::status::TimeoutExpired;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use self::tls::Certificate;
pub use hyper::{body::Body, Uri};
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use tokio_rustls::rustls::pki_types::CertificateDer;
-#[cfg(all(feature = "channel", feature = "tls"))]
+#[cfg(all(feature = "channel", feature = "tls-any"))]
pub use self::channel::ClientTlsConfig;
-#[cfg(all(feature = "server", any(feature = "tls", feature = "tls-aws-lc")))]
+#[cfg(all(feature = "server", feature = "tls-any"))]
pub use self::server::ServerTlsConfig;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use self::tls::Identity;
diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs
index 9e53fe8da..b6ef75d30 100644
--- a/tonic/src/transport/server/conn.rs
+++ b/tonic/src/transport/server/conn.rs
@@ -1,11 +1,11 @@
use std::net::SocketAddr;
use tokio::net::TcpStream;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use std::sync::Arc;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use tokio_rustls::rustls::pki_types::CertificateDer;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use tokio_rustls::server::TlsStream;
/// Trait that connected IO resources implement and use to produce info about the connection.
@@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream {
fn connect_info(&self) -> Self::ConnectInfo {}
}
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
impl<T> Connected for TlsStream<T>
where
T: Connected,
@@ -128,14 +128,14 @@ where
/// See [`Connected`] for more details.
///
/// [ext]: crate::Request::extensions
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
#[derive(Debug, Clone)]
pub struct TlsConnectInfo<T> {
inner: T,
certs: Option<Arc<Vec<CertificateDer<'static>>>>,
}
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
impl<T> TlsConnectInfo<T> {
/// Get a reference to the underlying connection info.
pub fn get_ref(&self) -> &T {
diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs
index 0e73181cb..8a2a5d7c9 100644
--- a/tonic/src/transport/server/incoming.rs
+++ b/tonic/src/transport/server/incoming.rs
@@ -16,10 +16,10 @@ use tokio_stream::{Stream, StreamExt};
use tracing::warn;
use super::service::ServerIo;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use super::service::TlsAcceptor;
-#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
+#[cfg(not(feature = "tls-any"))]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
) -> impl Stream<Item = Result<ServerIo<IO>, crate::Error>>
@@ -42,7 +42,7 @@ where
}
}
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
tls: Option<TlsAcceptor>,
@@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into<crate::Error>) -> ControlFlow<crate::Err
ControlFlow::Break(e)
}
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
async fn select<IO: 'static, IE>(
incoming: &mut (impl Stream<Item = Result<IO, IE>> + Unpin),
tasks: &mut tokio::task::JoinSet<Result<ServerIo<IO>, crate::Error>>,
@@ -147,7 +147,7 @@ where
}
}
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
enum SelectOutput<A> {
Incoming(A),
Io(ServerIo<A>),
diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs
index 3cd7876a4..8b5d70bc7 100644
--- a/tonic/src/transport/server/mod.rs
+++ b/tonic/src/transport/server/mod.rs
@@ -3,7 +3,7 @@
mod conn;
mod incoming;
mod service;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
mod tls;
#[cfg(unix)]
mod unix;
@@ -19,13 +19,13 @@ use hyper_util::{
server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec},
service::TowerToHyperService,
};
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use tls::ServerTlsConfig;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub use conn::TlsConnectInfo;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use self::service::TlsAcceptor;
#[cfg(unix)]
@@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo;
pub use incoming::TcpIncoming;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use crate::transport::Error;
use self::service::{RecoverError, ServerIo};
@@ -86,7 +86,7 @@ pub struct Server<L = Identity> {
trace_interceptor: Option<TraceInterceptor>,
concurrency_limit: Option<usize>,
timeout: Option<Duration>,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls: Option<TlsAcceptor>,
init_stream_window_size: Option<u32>,
init_connection_window_size: Option<u32>,
@@ -110,7 +110,7 @@ impl Default for Server<Identity> {
trace_interceptor: None,
concurrency_limit: None,
timeout: None,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls: None,
init_stream_window_size: None,
init_connection_window_size: None,
@@ -154,7 +154,7 @@ impl Server {
impl<L> Server<L> {
/// Configure TLS for this server.
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result<Self, Error> {
Ok(Server {
tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?),
@@ -509,7 +509,7 @@ impl<L> Server<L> {
trace_interceptor: self.trace_interceptor,
concurrency_limit: self.concurrency_limit,
timeout: self.timeout,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
tls: self.tls,
init_stream_window_size: self.init_stream_window_size,
init_connection_window_size: self.init_connection_window_size,
@@ -570,7 +570,7 @@ impl<L> Server<L> {
let incoming = incoming::tcp_incoming(
incoming,
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
self.tls,
);
let mut svc = MakeSvc {
@@ -1041,13 +1041,13 @@ where
request.extensions_mut().insert(inner.clone());
}
tower::util::Either::B(inner) => {
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
{
request.extensions_mut().insert(inner.clone());
request.extensions_mut().insert(inner.get_ref().clone());
}
- #[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
+ #[cfg(not(feature = "tls-any"))]
{
// just a type check to make sure we didn't forget to
// insert this into the extensions
diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs
index f0fba2354..80f9b9d34 100644
--- a/tonic/src/transport/server/service/io.rs
+++ b/tonic/src/transport/server/service/io.rs
@@ -4,22 +4,22 @@ use std::io::IoSlice;
use std::pin::Pin;
use std::task::{Context, Poll};
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
use tokio_rustls::server::TlsStream;
pub(crate) enum ServerIo<IO> {
Io(IO),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
TlsIo(Box<TlsStream<IO>>),
}
use tower::util::Either;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
type ServerIoConnectInfo<IO> =
Either<<IO as Connected>::ConnectInfo, <TlsStream<IO> as Connected>::ConnectInfo>;
-#[cfg(all(not(feature = "tls"), not(feature = "tls-aws-lc")))]
+#[cfg(not(feature = "tls-any"))]
type ServerIoConnectInfo<IO> = Either<<IO as Connected>::ConnectInfo, ()>;
impl<IO> ServerIo<IO> {
@@ -27,7 +27,7 @@ impl<IO> ServerIo<IO> {
Self::Io(io)
}
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
pub(in crate::transport) fn new_tls_io(io: TlsStream<IO>) -> Self {
Self::TlsIo(Box::new(io))
}
@@ -38,7 +38,7 @@ impl<IO> ServerIo<IO> {
{
match self {
Self::Io(io) => Either::A(io.connect_info()),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Either::B(io.connect_info()),
}
}
@@ -55,7 +55,7 @@ where
) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_read(cx, buf),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf),
}
}
@@ -72,7 +72,7 @@ where
) -> Poll<io::Result<usize>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write(cx, buf),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf),
}
}
@@ -80,7 +80,7 @@ where
fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_flush(cx),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_flush(cx),
}
}
@@ -88,7 +88,7 @@ where
fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_shutdown(cx),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx),
}
}
@@ -100,7 +100,7 @@ where
) -> Poll<Result<usize, io::Error>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs),
}
}
@@ -108,7 +108,7 @@ where
fn is_write_vectored(&self) -> bool {
match self {
Self::Io(io) => io.is_write_vectored(),
- #[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+ #[cfg(feature = "tls-any")]
Self::TlsIo(io) => io.is_write_vectored(),
}
}
diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs
index 1ab4255b5..d24cf99c6 100644
--- a/tonic/src/transport/server/service/mod.rs
+++ b/tonic/src/transport/server/service/mod.rs
@@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo;
mod recover_error;
pub(crate) use self::recover_error::RecoverError;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
mod tls;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub(crate) use self::tls::TlsAcceptor;
diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs
index f507ffe5e..bf4ea3fe9 100644
--- a/tonic/src/transport/service/mod.rs
+++ b/tonic/src/transport/service/mod.rs
@@ -1,5 +1,5 @@
pub(crate) mod grpc_timeout;
-#[cfg(any(feature = "tls", feature = "tls-aws-lc"))]
+#[cfg(feature = "tls-any")]
pub(crate) mod tls;
pub(crate) use self::grpc_timeout::GrpcTimeout;
From ea4b2c3225f08a52bd6aa1af324af43a609680a9 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:03:41 -0500
Subject: [PATCH 15/27] tests pass
---
tests/integration_tests/Cargo.toml | 1 +
tests/integration_tests/tests/connection.rs | 1 +
2 files changed, 2 insertions(+)
diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml
index 238fe374d..74f83a323 100644
--- a/tests/integration_tests/Cargo.toml
+++ b/tests/integration_tests/Cargo.toml
@@ -11,6 +11,7 @@ version = "0.1.0"
[dependencies]
bytes = "1.0"
prost = "0.13"
+rustls = {version = "*", features = ["ring"]}
tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]}
tonic = {path = "../../tonic"}
tracing-subscriber = {version = "0.3"}
diff --git a/tests/integration_tests/tests/connection.rs b/tests/integration_tests/tests/connection.rs
index 841600bcf..65eb2810c 100644
--- a/tests/integration_tests/tests/connection.rs
+++ b/tests/integration_tests/tests/connection.rs
@@ -28,6 +28,7 @@ async fn connect_returns_err() {
#[tokio::test]
async fn connect_handles_tls() {
+ rustls::crypto::ring::default_provider().install_default().unwrap();
TestClient::connect("https://example.com").await.unwrap();
}
From 423e84dd477568d8f6bb9cbe42483dd62a93865b Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:06:15 -0500
Subject: [PATCH 16/27] update workflow for new features
---
.github/workflows/CI.yml | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index 57ffa443d..1726de984 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -62,10 +62,13 @@ jobs:
- uses: taiki-e/install-action@cargo-udeps
- uses: taiki-e/install-action@protoc
- uses: Swatinem/rust-cache@v2
- - run: cargo hack udeps --workspace --exclude-features tls --each-feature
- - run: cargo udeps --package tonic --features tls,transport
- - run: cargo udeps --package tonic --features tls,server
- - run: cargo udeps --package tonic --features tls,channel
+ - run: cargo hack udeps --workspace --exclude-features tls-ring,tls-aws-lc --each-feature
+ - run: cargo udeps --package tonic --features tls-ring,transport
+ - run: cargo udeps --package tonic --features tls-ring,server
+ - run: cargo udeps --package tonic --features tls-ring,channel
+ - run: cargo udeps --package tonic --features tls-aws-lc,transport
+ - run: cargo udeps --package tonic --features tls-aws-lc,server
+ - run: cargo udeps --package tonic --features tls-aws-lc,channel
check:
runs-on: ${{ matrix.os }}
From 649d12d6434e707e4ec58382681441f74c3b0248 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:10:10 -0500
Subject: [PATCH 17/27] internal feature flag
---
tonic/Cargo.toml | 86 +++++++++++++------
tonic/src/request.rs | 12 +--
tonic/src/transport/channel/endpoint.rs | 14 +--
tonic/src/transport/channel/mod.rs | 4 +-
.../transport/channel/service/connector.rs | 24 +++---
tonic/src/transport/channel/service/mod.rs | 4 +-
tonic/src/transport/mod.rs | 12 +--
tonic/src/transport/server/conn.rs | 12 +--
tonic/src/transport/server/incoming.rs | 10 +--
tonic/src/transport/server/mod.rs | 24 +++---
tonic/src/transport/server/service/io.rs | 24 +++---
tonic/src/transport/server/service/mod.rs | 4 +-
tonic/src/transport/service/mod.rs | 2 +-
13 files changed, 132 insertions(+), 100 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 4e4f53f8e..c3ba85735 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,11 +28,22 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = ["tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
-tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
-tls-ring = ["tls-any", "tokio-rustls/ring"]
-tls-aws-lc = ["tls-any", "tokio-rustls/aws-lc-rs"]
-tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
+tls = [
+ "_tls-any",
+ "tls-ring",
+] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
+_tls-any = [
+ "dep:rustls-pemfile",
+ "dep:tokio-rustls",
+ "dep:tokio",
+ "tokio?/rt",
+ "tokio?/macros",
+] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
+tls-ring = ["_tls-any", "tokio-rustls/ring"]
+tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]
+tls-roots = [
+ "tls-native-roots",
+] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
@@ -40,18 +51,34 @@ server = [
"router",
"dep:async-stream",
"dep:h2",
- "dep:hyper", "hyper?/server",
- "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto",
+ "dep:hyper",
+ "hyper?/server",
+ "dep:hyper-util",
+ "hyper-util?/service",
+ "hyper-util?/server-auto",
"dep:socket2",
- "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time",
+ "dep:tokio",
+ "tokio?/macros",
+ "tokio?/net",
+ "tokio?/time",
"tokio-stream/net",
- "dep:tower", "tower?/util", "tower?/limit",
+ "dep:tower",
+ "tower?/util",
+ "tower?/limit",
]
channel = [
- "dep:hyper", "hyper?/client",
- "dep:hyper-util", "hyper-util?/client-legacy",
- "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util",
- "dep:tokio", "tokio?/time",
+ "dep:hyper",
+ "hyper?/client",
+ "dep:hyper-util",
+ "hyper-util?/client-legacy",
+ "dep:tower",
+ "tower?/balance",
+ "tower?/buffer",
+ "tower?/discover",
+ "tower?/limit",
+ "tower?/util",
+ "dep:tokio",
+ "tokio?/time",
"dep:hyper-timeout",
]
transport = ["server", "channel"]
@@ -72,36 +99,41 @@ percent-encoding = "2.1"
pin-project = "1.0.11"
tower-layer = "0.3"
tower-service = "0.3"
-tokio-stream = {version = "0.1.16", default-features = false}
+tokio-stream = { version = "0.1.16", default-features = false }
# prost
-prost = {version = "0.13", default-features = false, features = ["std"], optional = true}
+prost = { version = "0.13", default-features = false, features = [
+ "std",
+], optional = true }
# codegen
-async-trait = {version = "0.1.13", optional = true}
+async-trait = { version = "0.1.13", optional = true }
# transport
-async-stream = {version = "0.3", optional = true}
-h2 = {version = "0.4", optional = true}
-hyper = {version = "1", features = ["http1", "http2"], optional = true}
+async-stream = { version = "0.3", optional = true }
+h2 = { version = "0.4", optional = true }
+hyper = { version = "1", features = ["http1", "http2"], optional = true }
hyper-util = { version = "0.1.4", features = ["tokio"], optional = true }
socket2 = { version = "0.5", optional = true, features = ["all"] }
-tokio = {version = "1", default-features = false, optional = true}
-tower = {version = "0.4.7", default-features = false, optional = true}
-axum = {version = "0.7", default-features = false, optional = true}
+tokio = { version = "1", default-features = false, optional = true }
+tower = { version = "0.4.7", default-features = false, optional = true }
+axum = { version = "0.7", default-features = false, optional = true }
# rustls
rustls-pemfile = { version = "2.0", optional = true }
rustls-native-certs = { version = "0.8", optional = true }
-tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true }
+tokio-rustls = { version = "0.26", default-features = false, features = [
+ "logging",
+ "tls12",
+], optional = true }
webpki-roots = { version = "0.26", optional = true }
# compression
-flate2 = {version = "1.0", optional = true}
+flate2 = { version = "1.0", optional = true }
zstd = { version = "0.13.0", optional = true }
# channel
-hyper-timeout = {version = "0.5", optional = true}
+hyper-timeout = { version = "0.5", optional = true }
[dev-dependencies]
bencher = "0.1.5"
@@ -109,8 +141,8 @@ quickcheck = "1.0"
quickcheck_macros = "1.0"
rand = "0.8"
static_assertions = "1.0"
-tokio = {version = "1.0", features = ["rt", "macros"]}
-tower = {version = "0.4.7", features = ["full"]}
+tokio = { version = "1.0", features = ["rt", "macros"] }
+tower = { version = "0.4.7", features = ["full"] }
[package.metadata.docs.rs]
all-features = true
diff --git a/tonic/src/request.rs b/tonic/src/request.rs
index 09f08555b..531f42653 100644
--- a/tonic/src/request.rs
+++ b/tonic/src/request.rs
@@ -1,15 +1,15 @@
use crate::metadata::{MetadataMap, MetadataValue};
#[cfg(feature = "server")]
use crate::transport::server::TcpConnectInfo;
-#[cfg(all(feature = "server", feature = "tls-any"))]
+#[cfg(all(feature = "server", feature = "_tls-any"))]
use crate::transport::server::TlsConnectInfo;
use http::Extensions;
#[cfg(feature = "server")]
use std::net::SocketAddr;
-#[cfg(all(feature = "server", feature = "tls-any"))]
+#[cfg(all(feature = "server", feature = "_tls-any"))]
use std::sync::Arc;
use std::time::Duration;
-#[cfg(all(feature = "server", feature = "tls-any"))]
+#[cfg(all(feature = "server", feature = "_tls-any"))]
use tokio_rustls::rustls::pki_types::CertificateDer;
use tokio_stream::Stream;
@@ -218,7 +218,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.local_addr());
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
@@ -240,7 +240,7 @@ impl<T> Request<T> {
.get::<TcpConnectInfo>()
.and_then(|i| i.remote_addr());
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
let addr = addr.or_else(|| {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
@@ -256,7 +256,7 @@ impl<T> Request<T> {
/// and is mostly used for mTLS. This currently only returns
/// `Some` on the server side of the `transport` server with
/// TLS enabled connections.
- #[cfg(all(feature = "server", feature = "tls-any"))]
+ #[cfg(all(feature = "server", feature = "_tls-any"))]
pub fn peer_certs(&self) -> Option<Arc<Vec<CertificateDer<'static>>>> {
self.extensions()
.get::<TlsConnectInfo<TcpConnectInfo>>()
diff --git a/tonic/src/transport/channel/endpoint.rs b/tonic/src/transport/channel/endpoint.rs
index 49695491c..e612a080d 100644
--- a/tonic/src/transport/channel/endpoint.rs
+++ b/tonic/src/transport/channel/endpoint.rs
@@ -1,8 +1,8 @@
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use super::service::TlsConnector;
use super::service::{self, Executor, SharedExec};
use super::Channel;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use super::ClientTlsConfig;
use crate::transport::Error;
use bytes::Bytes;
@@ -23,7 +23,7 @@ pub struct Endpoint {
pub(crate) timeout: Option<Duration>,
pub(crate) concurrency_limit: Option<usize>,
pub(crate) rate_limit: Option<(u64, Duration)>,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
pub(crate) tls: Option<TlsConnector>,
pub(crate) buffer_size: Option<usize>,
pub(crate) init_stream_window_size: Option<u32>,
@@ -49,7 +49,7 @@ impl Endpoint {
D::Error: Into<crate::Error>,
{
let me = dst.try_into().map_err(|e| Error::from_source(e.into()))?;
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
if me.uri.scheme() == Some(&http::uri::Scheme::HTTPS) {
return me.tls_config(ClientTlsConfig::new().with_enabled_roots());
}
@@ -244,7 +244,7 @@ impl Endpoint {
}
/// Configures TLS for the endpoint.
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
pub fn tls_config(self, tls_config: ClientTlsConfig) -> Result<Self, Error> {
Ok(Endpoint {
tls: Some(
@@ -320,7 +320,7 @@ impl Endpoint {
pub(crate) fn connector<C>(&self, c: C) -> service::Connector<C> {
service::Connector::new(
c,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
self.tls.clone(),
)
}
@@ -445,7 +445,7 @@ impl From<Uri> for Endpoint {
concurrency_limit: None,
rate_limit: None,
timeout: None,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls: None,
buffer_size: None,
init_stream_window_size: None,
diff --git a/tonic/src/transport/channel/mod.rs b/tonic/src/transport/channel/mod.rs
index e8ada742d..3294dbe95 100644
--- a/tonic/src/transport/channel/mod.rs
+++ b/tonic/src/transport/channel/mod.rs
@@ -2,11 +2,11 @@
mod endpoint;
pub(crate) mod service;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
mod tls;
pub use endpoint::Endpoint;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use tls::ClientTlsConfig;
use self::service::{Connection, DynamicServiceStream, Executor, SharedExec};
diff --git a/tonic/src/transport/channel/service/connector.rs b/tonic/src/transport/channel/service/connector.rs
index 8e1ee4887..02da88f72 100644
--- a/tonic/src/transport/channel/service/connector.rs
+++ b/tonic/src/transport/channel/service/connector.rs
@@ -1,30 +1,30 @@
use super::BoxedIo;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use super::TlsConnector;
use crate::transport::channel::BoxFuture;
use crate::ConnectError;
use http::Uri;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use std::fmt;
use std::task::{Context, Poll};
use hyper::rt;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use hyper_util::rt::TokioIo;
use tower_service::Service;
pub(crate) struct Connector<C> {
inner: C,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls: Option<TlsConnector>,
}
impl<C> Connector<C> {
- pub(crate) fn new(inner: C, #[cfg(feature = "tls-any")] tls: Option<TlsConnector>) -> Self {
+ pub(crate) fn new(inner: C, #[cfg(feature = "_tls-any")] tls: Option<TlsConnector>) -> Self {
Self {
inner,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls,
}
}
@@ -48,10 +48,10 @@ where
}
fn call(&mut self, uri: Uri) -> Self::Future {
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
let tls = self.tls.clone();
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
let is_https = uri.scheme_str() == Some("https");
let connect = self.inner.call(uri);
@@ -59,7 +59,7 @@ where
async {
let io = connect.await?;
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
if is_https {
return if let Some(tls) = tls {
let io = tls.connect(TokioIo::new(io)).await?;
@@ -78,11 +78,11 @@ where
}
/// Error returned when trying to connect to an HTTPS endpoint without TLS enabled.
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
#[derive(Debug)]
pub(crate) struct HttpsUriWithoutTlsSupport(());
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
impl fmt::Display for HttpsUriWithoutTlsSupport {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Connecting to HTTPS without TLS enabled")
@@ -90,5 +90,5 @@ impl fmt::Display for HttpsUriWithoutTlsSupport {
}
// std::error::Error only requires a type to impl Debug and Display
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
impl std::error::Error for HttpsUriWithoutTlsSupport {}
diff --git a/tonic/src/transport/channel/service/mod.rs b/tonic/src/transport/channel/service/mod.rs
index f186e5552..c94104f4f 100644
--- a/tonic/src/transport/channel/service/mod.rs
+++ b/tonic/src/transport/channel/service/mod.rs
@@ -22,7 +22,7 @@ pub(crate) use self::connector::Connector;
mod executor;
pub(super) use self::executor::{Executor, SharedExec};
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
mod tls;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub(super) use self::tls::TlsConnector;
diff --git a/tonic/src/transport/mod.rs b/tonic/src/transport/mod.rs
index 7e67c9be4..a75ce9d49 100644
--- a/tonic/src/transport/mod.rs
+++ b/tonic/src/transport/mod.rs
@@ -96,7 +96,7 @@ pub mod server;
mod error;
mod service;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
mod tls;
#[doc(inline)]
@@ -109,15 +109,15 @@ pub use self::server::Server;
/// Deprecated. Please use [`crate::status::TimeoutExpired`] instead.
pub use crate::status::TimeoutExpired;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use self::tls::Certificate;
pub use hyper::{body::Body, Uri};
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use tokio_rustls::rustls::pki_types::CertificateDer;
-#[cfg(all(feature = "channel", feature = "tls-any"))]
+#[cfg(all(feature = "channel", feature = "_tls-any"))]
pub use self::channel::ClientTlsConfig;
-#[cfg(all(feature = "server", feature = "tls-any"))]
+#[cfg(all(feature = "server", feature = "_tls-any"))]
pub use self::server::ServerTlsConfig;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use self::tls::Identity;
diff --git a/tonic/src/transport/server/conn.rs b/tonic/src/transport/server/conn.rs
index b6ef75d30..c626af9ce 100644
--- a/tonic/src/transport/server/conn.rs
+++ b/tonic/src/transport/server/conn.rs
@@ -1,11 +1,11 @@
use std::net::SocketAddr;
use tokio::net::TcpStream;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use std::sync::Arc;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use tokio_rustls::rustls::pki_types::CertificateDer;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use tokio_rustls::server::TlsStream;
/// Trait that connected IO resources implement and use to produce info about the connection.
@@ -102,7 +102,7 @@ impl Connected for tokio::io::DuplexStream {
fn connect_info(&self) -> Self::ConnectInfo {}
}
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
impl<T> Connected for TlsStream<T>
where
T: Connected,
@@ -128,14 +128,14 @@ where
/// See [`Connected`] for more details.
///
/// [ext]: crate::Request::extensions
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
#[derive(Debug, Clone)]
pub struct TlsConnectInfo<T> {
inner: T,
certs: Option<Arc<Vec<CertificateDer<'static>>>>,
}
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
impl<T> TlsConnectInfo<T> {
/// Get a reference to the underlying connection info.
pub fn get_ref(&self) -> &T {
diff --git a/tonic/src/transport/server/incoming.rs b/tonic/src/transport/server/incoming.rs
index 8a2a5d7c9..f414e5048 100644
--- a/tonic/src/transport/server/incoming.rs
+++ b/tonic/src/transport/server/incoming.rs
@@ -16,10 +16,10 @@ use tokio_stream::{Stream, StreamExt};
use tracing::warn;
use super::service::ServerIo;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use super::service::TlsAcceptor;
-#[cfg(not(feature = "tls-any"))]
+#[cfg(not(feature = "_tls-any"))]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
) -> impl Stream<Item = Result<ServerIo<IO>, crate::Error>>
@@ -42,7 +42,7 @@ where
}
}
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub(crate) fn tcp_incoming<IO, IE>(
incoming: impl Stream<Item = Result<IO, IE>>,
tls: Option<TlsAcceptor>,
@@ -112,7 +112,7 @@ fn handle_tcp_accept_error(e: impl Into<crate::Error>) -> ControlFlow<crate::Err
ControlFlow::Break(e)
}
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
async fn select<IO: 'static, IE>(
incoming: &mut (impl Stream<Item = Result<IO, IE>> + Unpin),
tasks: &mut tokio::task::JoinSet<Result<ServerIo<IO>, crate::Error>>,
@@ -147,7 +147,7 @@ where
}
}
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
enum SelectOutput<A> {
Incoming(A),
Io(ServerIo<A>),
diff --git a/tonic/src/transport/server/mod.rs b/tonic/src/transport/server/mod.rs
index 8b5d70bc7..e53c108c4 100644
--- a/tonic/src/transport/server/mod.rs
+++ b/tonic/src/transport/server/mod.rs
@@ -3,7 +3,7 @@
mod conn;
mod incoming;
mod service;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
mod tls;
#[cfg(unix)]
mod unix;
@@ -19,13 +19,13 @@ use hyper_util::{
server::conn::auto::{Builder as ConnectionBuilder, HttpServerConnExec},
service::TowerToHyperService,
};
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use tls::ServerTlsConfig;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub use conn::TlsConnectInfo;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use self::service::TlsAcceptor;
#[cfg(unix)]
@@ -33,7 +33,7 @@ pub use unix::UdsConnectInfo;
pub use incoming::TcpIncoming;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use crate::transport::Error;
use self::service::{RecoverError, ServerIo};
@@ -86,7 +86,7 @@ pub struct Server<L = Identity> {
trace_interceptor: Option<TraceInterceptor>,
concurrency_limit: Option<usize>,
timeout: Option<Duration>,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls: Option<TlsAcceptor>,
init_stream_window_size: Option<u32>,
init_connection_window_size: Option<u32>,
@@ -110,7 +110,7 @@ impl Default for Server<Identity> {
trace_interceptor: None,
concurrency_limit: None,
timeout: None,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls: None,
init_stream_window_size: None,
init_connection_window_size: None,
@@ -154,7 +154,7 @@ impl Server {
impl<L> Server<L> {
/// Configure TLS for this server.
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
pub fn tls_config(self, tls_config: ServerTlsConfig) -> Result<Self, Error> {
Ok(Server {
tls: Some(tls_config.tls_acceptor().map_err(Error::from_source)?),
@@ -509,7 +509,7 @@ impl<L> Server<L> {
trace_interceptor: self.trace_interceptor,
concurrency_limit: self.concurrency_limit,
timeout: self.timeout,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
tls: self.tls,
init_stream_window_size: self.init_stream_window_size,
init_connection_window_size: self.init_connection_window_size,
@@ -570,7 +570,7 @@ impl<L> Server<L> {
let incoming = incoming::tcp_incoming(
incoming,
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
self.tls,
);
let mut svc = MakeSvc {
@@ -1041,13 +1041,13 @@ where
request.extensions_mut().insert(inner.clone());
}
tower::util::Either::B(inner) => {
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
{
request.extensions_mut().insert(inner.clone());
request.extensions_mut().insert(inner.get_ref().clone());
}
- #[cfg(not(feature = "tls-any"))]
+ #[cfg(not(feature = "_tls-any"))]
{
// just a type check to make sure we didn't forget to
// insert this into the extensions
diff --git a/tonic/src/transport/server/service/io.rs b/tonic/src/transport/server/service/io.rs
index 80f9b9d34..c9d9bf95a 100644
--- a/tonic/src/transport/server/service/io.rs
+++ b/tonic/src/transport/server/service/io.rs
@@ -4,22 +4,22 @@ use std::io::IoSlice;
use std::pin::Pin;
use std::task::{Context, Poll};
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
use tokio_rustls::server::TlsStream;
pub(crate) enum ServerIo<IO> {
Io(IO),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
TlsIo(Box<TlsStream<IO>>),
}
use tower::util::Either;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
type ServerIoConnectInfo<IO> =
Either<<IO as Connected>::ConnectInfo, <TlsStream<IO> as Connected>::ConnectInfo>;
-#[cfg(not(feature = "tls-any"))]
+#[cfg(not(feature = "_tls-any"))]
type ServerIoConnectInfo<IO> = Either<<IO as Connected>::ConnectInfo, ()>;
impl<IO> ServerIo<IO> {
@@ -27,7 +27,7 @@ impl<IO> ServerIo<IO> {
Self::Io(io)
}
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
pub(in crate::transport) fn new_tls_io(io: TlsStream<IO>) -> Self {
Self::TlsIo(Box::new(io))
}
@@ -38,7 +38,7 @@ impl<IO> ServerIo<IO> {
{
match self {
Self::Io(io) => Either::A(io.connect_info()),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Either::B(io.connect_info()),
}
}
@@ -55,7 +55,7 @@ where
) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_read(cx, buf),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_read(cx, buf),
}
}
@@ -72,7 +72,7 @@ where
) -> Poll<io::Result<usize>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write(cx, buf),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_write(cx, buf),
}
}
@@ -80,7 +80,7 @@ where
fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_flush(cx),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_flush(cx),
}
}
@@ -88,7 +88,7 @@ where
fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_shutdown(cx),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_shutdown(cx),
}
}
@@ -100,7 +100,7 @@ where
) -> Poll<Result<usize, io::Error>> {
match &mut *self {
Self::Io(io) => Pin::new(io).poll_write_vectored(cx, bufs),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => Pin::new(io).poll_write_vectored(cx, bufs),
}
}
@@ -108,7 +108,7 @@ where
fn is_write_vectored(&self) -> bool {
match self {
Self::Io(io) => io.is_write_vectored(),
- #[cfg(feature = "tls-any")]
+ #[cfg(feature = "_tls-any")]
Self::TlsIo(io) => io.is_write_vectored(),
}
}
diff --git a/tonic/src/transport/server/service/mod.rs b/tonic/src/transport/server/service/mod.rs
index d24cf99c6..b5fce0923 100644
--- a/tonic/src/transport/server/service/mod.rs
+++ b/tonic/src/transport/server/service/mod.rs
@@ -4,7 +4,7 @@ pub(crate) use self::io::ServerIo;
mod recover_error;
pub(crate) use self::recover_error::RecoverError;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
mod tls;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub(crate) use self::tls::TlsAcceptor;
diff --git a/tonic/src/transport/service/mod.rs b/tonic/src/transport/service/mod.rs
index bf4ea3fe9..b41869c7c 100644
--- a/tonic/src/transport/service/mod.rs
+++ b/tonic/src/transport/service/mod.rs
@@ -1,5 +1,5 @@
pub(crate) mod grpc_timeout;
-#[cfg(feature = "tls-any")]
+#[cfg(feature = "_tls-any")]
pub(crate) mod tls;
pub(crate) use self::grpc_timeout::GrpcTimeout;
From 00f31fcf83788c81d8263407b937a16a263b9a7b Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:10:45 -0500
Subject: [PATCH 18/27] revert formatting
---
tonic/Cargo.toml | 82 +++++++++++++++---------------------------------
1 file changed, 25 insertions(+), 57 deletions(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index c3ba85735..0c73c2cc1 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,22 +28,11 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = [
- "_tls-any",
- "tls-ring",
-] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
-_tls-any = [
- "dep:rustls-pemfile",
- "dep:tokio-rustls",
- "dep:tokio",
- "tokio?/rt",
- "tokio?/macros",
-] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
+tls = ["_tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
+_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
tls-ring = ["_tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]
-tls-roots = [
- "tls-native-roots",
-] # Deprecated. Please use `tls-native-roots` instead.
+tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
tls-native-roots = ["channel", "dep:rustls-native-certs"]
tls-webpki-roots = ["channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
@@ -51,34 +40,18 @@ server = [
"router",
"dep:async-stream",
"dep:h2",
- "dep:hyper",
- "hyper?/server",
- "dep:hyper-util",
- "hyper-util?/service",
- "hyper-util?/server-auto",
+ "dep:hyper", "hyper?/server",
+ "dep:hyper-util", "hyper-util?/service", "hyper-util?/server-auto",
"dep:socket2",
- "dep:tokio",
- "tokio?/macros",
- "tokio?/net",
- "tokio?/time",
+ "dep:tokio", "tokio?/macros", "tokio?/net", "tokio?/time",
"tokio-stream/net",
- "dep:tower",
- "tower?/util",
- "tower?/limit",
+ "dep:tower", "tower?/util", "tower?/limit",
]
channel = [
- "dep:hyper",
- "hyper?/client",
- "dep:hyper-util",
- "hyper-util?/client-legacy",
- "dep:tower",
- "tower?/balance",
- "tower?/buffer",
- "tower?/discover",
- "tower?/limit",
- "tower?/util",
- "dep:tokio",
- "tokio?/time",
+ "dep:hyper", "hyper?/client",
+ "dep:hyper-util", "hyper-util?/client-legacy",
+ "dep:tower", "tower?/balance", "tower?/buffer", "tower?/discover", "tower?/limit", "tower?/util",
+ "dep:tokio", "tokio?/time",
"dep:hyper-timeout",
]
transport = ["server", "channel"]
@@ -99,41 +72,36 @@ percent-encoding = "2.1"
pin-project = "1.0.11"
tower-layer = "0.3"
tower-service = "0.3"
-tokio-stream = { version = "0.1.16", default-features = false }
+tokio-stream = {version = "0.1.16", default-features = false}
# prost
-prost = { version = "0.13", default-features = false, features = [
- "std",
-], optional = true }
+prost = {version = "0.13", default-features = false, features = ["std"], optional = true}
# codegen
-async-trait = { version = "0.1.13", optional = true }
+async-trait = {version = "0.1.13", optional = true}
# transport
-async-stream = { version = "0.3", optional = true }
-h2 = { version = "0.4", optional = true }
-hyper = { version = "1", features = ["http1", "http2"], optional = true }
+async-stream = {version = "0.3", optional = true}
+h2 = {version = "0.4", optional = true}
+hyper = {version = "1", features = ["http1", "http2"], optional = true}
hyper-util = { version = "0.1.4", features = ["tokio"], optional = true }
socket2 = { version = "0.5", optional = true, features = ["all"] }
-tokio = { version = "1", default-features = false, optional = true }
-tower = { version = "0.4.7", default-features = false, optional = true }
-axum = { version = "0.7", default-features = false, optional = true }
+tokio = {version = "1", default-features = false, optional = true}
+tower = {version = "0.4.7", default-features = false, optional = true}
+axum = {version = "0.7", default-features = false, optional = true}
# rustls
rustls-pemfile = { version = "2.0", optional = true }
rustls-native-certs = { version = "0.8", optional = true }
-tokio-rustls = { version = "0.26", default-features = false, features = [
- "logging",
- "tls12",
-], optional = true }
+tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12"], optional = true }
webpki-roots = { version = "0.26", optional = true }
# compression
-flate2 = { version = "1.0", optional = true }
+flate2 = {version = "1.0", optional = true}
zstd = { version = "0.13.0", optional = true }
# channel
-hyper-timeout = { version = "0.5", optional = true }
+hyper-timeout = {version = "0.5", optional = true}
[dev-dependencies]
bencher = "0.1.5"
@@ -141,8 +109,8 @@ quickcheck = "1.0"
quickcheck_macros = "1.0"
rand = "0.8"
static_assertions = "1.0"
-tokio = { version = "1.0", features = ["rt", "macros"] }
-tower = { version = "0.4.7", features = ["full"] }
+tokio = {version = "1.0", features = ["rt", "macros"]}
+tower = {version = "0.4.7", features = ["full"]}
[package.metadata.docs.rs]
all-features = true
From 033f2218e3b3955fe8646f035b4f5fb3860669b7 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:20:05 -0500
Subject: [PATCH 19/27] update docs
---
tonic/src/lib.rs | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs
index 2ed0d220e..1ca8c6095 100644
--- a/tonic/src/lib.rs
+++ b/tonic/src/lib.rs
@@ -24,8 +24,11 @@
//! - `router`: Enables the [`axum`] based service router. Enabled by default.
//! - `codegen`: Enables all the required exports and optional dependencies required
//! for [`tonic-build`]. Enabled by default.
-//! - `tls`: Enables the [`rustls`] based TLS options for the `transport` feature. Not
-//! enabled by default.
+//! - `tls`: Deprecated. An alias to `tls-ring`
+//! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using
+//! the [`ring`] libcrypto provider. Not enabled by default.
+//! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using
+//! the [`aws-lc-rs`] libcrypto provider. Not enabled by default.
//! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature.
//! - `tls-native-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the
//! [`rustls-native-certs`] crate. Not enabled by default.
From 1c73ca4e2ce797c2863717cc7f6860ee95f5b25f Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 13:22:04 -0500
Subject: [PATCH 20/27] specify rustls version in tests
---
tests/integration_tests/Cargo.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml
index 74f83a323..60c5f607f 100644
--- a/tests/integration_tests/Cargo.toml
+++ b/tests/integration_tests/Cargo.toml
@@ -11,7 +11,7 @@ version = "0.1.0"
[dependencies]
bytes = "1.0"
prost = "0.13"
-rustls = {version = "*", features = ["ring"]}
+rustls = {version = "0.23", features = ["ring"]}
tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]}
tonic = {path = "../../tonic"}
tracing-subscriber = {version = "0.3"}
From 121fda75a7e87787ea0059a9ef779b2c714669ef Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Thu, 17 Oct 2024 17:14:56 -0500
Subject: [PATCH 21/27] tls only depends on tls-ring
---
tonic/Cargo.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 0c73c2cc1..71c4dd188 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,7 +28,7 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = ["_tls-any", "tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
+tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
tls-ring = ["_tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]
From 6411c3cf1ce7fc8331f0aa44453f667ac2db3607 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Fri, 18 Oct 2024 16:34:32 -0500
Subject: [PATCH 22/27] update CI + deps
---
.github/workflows/CI.yml | 2 +-
tests/integration_tests/Cargo.toml | 2 +-
tonic/Cargo.toml | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index 1726de984..760629b17 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -62,7 +62,7 @@ jobs:
- uses: taiki-e/install-action@cargo-udeps
- uses: taiki-e/install-action@protoc
- uses: Swatinem/rust-cache@v2
- - run: cargo hack udeps --workspace --exclude-features tls-ring,tls-aws-lc --each-feature
+ - run: cargo hack udeps --workspace --exclude-features=_tls-any,tls,tls-aws-lc,tls-ring --each-feature
- run: cargo udeps --package tonic --features tls-ring,transport
- run: cargo udeps --package tonic --features tls-ring,server
- run: cargo udeps --package tonic --features tls-ring,channel
diff --git a/tests/integration_tests/Cargo.toml b/tests/integration_tests/Cargo.toml
index 60c5f607f..5c829d3e7 100644
--- a/tests/integration_tests/Cargo.toml
+++ b/tests/integration_tests/Cargo.toml
@@ -11,7 +11,6 @@ version = "0.1.0"
[dependencies]
bytes = "1.0"
prost = "0.13"
-rustls = {version = "0.23", features = ["ring"]}
tokio = {version = "1.0", features = ["macros", "rt-multi-thread", "net", "sync"]}
tonic = {path = "../../tonic"}
tracing-subscriber = {version = "0.3"}
@@ -21,6 +20,7 @@ async-stream = "0.3"
http = "1"
http-body = "1"
hyper-util = "0.1"
+rustls = {version = "0.23", features = ["ring"]}
tokio-stream = {version = "0.1.5", features = ["net"]}
tower = {version = "0.4", features = []}
tower-http = { version = "0.5", features = ["set-header", "trace"] }
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 71c4dd188..563941b00 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -33,8 +33,8 @@ _tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt",
tls-ring = ["_tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]
tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
-tls-native-roots = ["channel", "dep:rustls-native-certs"]
-tls-webpki-roots = ["channel", "dep:webpki-roots"]
+tls-native-roots = ["_tls-any", "channel", "dep:rustls-native-certs"]
+tls-webpki-roots = ["_tls-any","channel", "dep:webpki-roots"]
router = ["dep:axum", "dep:tower", "tower?/util"]
server = [
"router",
From 43b4214f15eba5040c2531b0a7aed2cba77849ae Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Mon, 21 Oct 2024 09:38:33 -0500
Subject: [PATCH 23/27] minor change for force push
---
tonic/Cargo.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 563941b00..83729e2b7 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,8 +28,8 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
+tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
tls-ring = ["_tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]
tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
From e8d2de695c15eeae13fc960c5363942700ed8d54 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Tue, 22 Oct 2024 17:33:03 -0500
Subject: [PATCH 24/27] fmt
---
tests/integration_tests/tests/connection.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/integration_tests/tests/connection.rs b/tests/integration_tests/tests/connection.rs
index 65eb2810c..3cf15ebe0 100644
--- a/tests/integration_tests/tests/connection.rs
+++ b/tests/integration_tests/tests/connection.rs
@@ -28,7 +28,9 @@ async fn connect_returns_err() {
#[tokio::test]
async fn connect_handles_tls() {
- rustls::crypto::ring::default_provider().install_default().unwrap();
+ rustls::crypto::ring::default_provider()
+ .install_default()
+ .unwrap();
TestClient::connect("https://example.com").await.unwrap();
}
From e8dd0f1087a346738d5c0d762e84ad4981988c7a Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Tue, 22 Oct 2024 17:33:53 -0500
Subject: [PATCH 25/27] fix docs
---
tonic/src/lib.rs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs
index 58b76b083..c65cb9743 100644
--- a/tonic/src/lib.rs
+++ b/tonic/src/lib.rs
@@ -26,7 +26,7 @@
//! for [`tonic-build`]. Enabled by default.
//! - `tls`: Deprecated. An alias to `tls-ring`
//! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using
-//! the [`ring`] libcrypto provider. Not enabled by default.
+//! the ring libcrypto provider. Not enabled by default.
//! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using
//! the [`aws-lc-rs`] libcrypto provider. Not enabled by default.
//! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature.
From c2c736b9438eb7931f5cea7d2fdddea87f76c262 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Wed, 23 Oct 2024 11:06:12 -0500
Subject: [PATCH 26/27] fix ring docs link
---
tonic/src/lib.rs | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs
index c65cb9743..1d73725e4 100644
--- a/tonic/src/lib.rs
+++ b/tonic/src/lib.rs
@@ -26,7 +26,7 @@
//! for [`tonic-build`]. Enabled by default.
//! - `tls`: Deprecated. An alias to `tls-ring`
//! - `tls-ring`: Enables the [`rustls`] based TLS options for the `transport` feature using
-//! the ring libcrypto provider. Not enabled by default.
+//! the [`ring`]` libcrypto provider. Not enabled by default.
//! - `tls-aws-lc`: Enables the [`rustls`] based TLS options for the `transport` feature using
//! the [`aws-lc-rs`] libcrypto provider. Not enabled by default.
//! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature.
@@ -74,6 +74,7 @@
//! [`hyper`]: https://docs.rs/hyper
//! [`tower`]: https://docs.rs/tower
//! [`tonic-build`]: https://docs.rs/tonic-build
+//! [`ring`]: https://docs.rs/ring
//! [`tonic-examples`]: https://github.com/hyperium/tonic/tree/master/examples
//! [`Codec`]: codec/trait.Codec.html
//! [`Channel`]: transport/struct.Channel.html
From 8daf3495c43c0ce281dfcfe7c7487c2d69288318 Mon Sep 17 00:00:00 2001
From: Jen Cecelia Reiss <jen@architect.xyz>
Date: Fri, 25 Oct 2024 13:27:19 -0500
Subject: [PATCH 27/27] Update Cargo.toml
Co-authored-by: Lucio Franco <luciofranco14@gmail.com>
---
tonic/Cargo.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 6ccad0515..395670f8f 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -28,7 +28,7 @@ gzip = ["dep:flate2"]
zstd = ["dep:zstd"]
default = ["transport", "codegen", "prost"]
prost = ["dep:prost"]
-_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose on of `tls-ring` or `tls-aws-lc`
+_tls-any = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"] # Internal. Please choose one of `tls-ring` or `tls-aws-lc`
tls = ["tls-ring"] # Deprecated. Please use `tls-ring` or `tls-aws-lc` instead.
tls-ring = ["_tls-any", "tokio-rustls/ring"]
tls-aws-lc = ["_tls-any", "tokio-rustls/aws-lc-rs"]