initialise default TLS crypto provider with aws_lc_rs manually
we use ring for hashing state and ruma, and reqwest/rustls defaults to aws_lc_rs, so we have to manually pick which one. there doesn't seem to be a way to just use one for some reason, so lets just use the new aws_lc_rs. Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
parent
dc3d9ebbf1
commit
47ca835c20
5 changed files with 21 additions and 10 deletions
22
Cargo.lock
generated
22
Cargo.lock
generated
|
@ -484,9 +484,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "cc"
|
||||
version = "1.1.13"
|
||||
version = "1.1.14"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "72db2f7947ecee9b03b510377e8bb9077afa27176fdbff55c51027e976fdcc48"
|
||||
checksum = "50d2eb3cd3d1bf4529e31c215ee6f93ec5a3d536d9f578f93d9d33ee19562932"
|
||||
dependencies = [
|
||||
"jobserver",
|
||||
"libc",
|
||||
|
@ -708,6 +708,7 @@ dependencies = [
|
|||
"reqwest",
|
||||
"ring",
|
||||
"ruma",
|
||||
"rustls 0.23.12",
|
||||
"sanitize-filename",
|
||||
"serde",
|
||||
"serde_json",
|
||||
|
@ -767,6 +768,7 @@ dependencies = [
|
|||
"hyper-util",
|
||||
"log",
|
||||
"ruma",
|
||||
"rustls 0.23.12",
|
||||
"sd-notify",
|
||||
"sentry",
|
||||
"sentry-tower",
|
||||
|
@ -1946,9 +1948,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "lazy-regex"
|
||||
version = "3.2.0"
|
||||
version = "3.3.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "576c8060ecfdf2e56995cf3274b4f2d71fa5e4fa3607c1c0b63c10180ee58741"
|
||||
checksum = "8d8e41c97e6bc7ecb552016274b99fbb5d035e8de288c582d9b933af6677bfda"
|
||||
dependencies = [
|
||||
"lazy-regex-proc_macros",
|
||||
"once_cell",
|
||||
|
@ -1957,9 +1959,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "lazy-regex-proc_macros"
|
||||
version = "3.2.0"
|
||||
version = "3.3.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9efb9e65d4503df81c615dc33ff07042a9408ac7f26b45abee25566f7fbfd12c"
|
||||
checksum = "76e1d8b05d672c53cb9c7b920bbba8783845ae4f0b076e02a3db1d02c81b4163"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -2806,9 +2808,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "quote"
|
||||
version = "1.0.36"
|
||||
version = "1.0.37"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7"
|
||||
checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
]
|
||||
|
@ -3591,9 +3593,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "serde_json"
|
||||
version = "1.0.125"
|
||||
version = "1.0.127"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "83c8e735a073ccf5be70aa8066aa984eaf2fa000db6c8d0100ae605b366d31ed"
|
||||
checksum = "8043c06d9f82bd7271361ed64f415fe5e12a77fdb52e573e7f06a516dea329ad"
|
||||
dependencies = [
|
||||
"itoa",
|
||||
"memchr",
|
||||
|
|
|
@ -128,6 +128,9 @@ features = [
|
|||
"catch-panic",
|
||||
]
|
||||
|
||||
[workspace.dependencies.rustls]
|
||||
version = "0.23.12"
|
||||
|
||||
[workspace.dependencies.reqwest]
|
||||
version = "0.12.7"
|
||||
default-features = false
|
||||
|
|
|
@ -82,6 +82,7 @@ regex.workspace = true
|
|||
reqwest.workspace = true
|
||||
ring.workspace = true
|
||||
ruma.workspace = true
|
||||
rustls.workspace = true
|
||||
sanitize-filename.workspace = true
|
||||
serde_json.workspace = true
|
||||
serde_regex.workspace = true
|
||||
|
|
|
@ -62,6 +62,7 @@ http.workspace = true
|
|||
hyper.workspace = true
|
||||
hyper-util.workspace = true
|
||||
ruma.workspace = true
|
||||
rustls.workspace = true
|
||||
sentry.optional = true
|
||||
sentry-tower.optional = true
|
||||
sentry-tower.workspace = true
|
||||
|
|
|
@ -18,6 +18,10 @@ pub(super) async fn serve(
|
|||
let certs = &tls.certs;
|
||||
let key = &tls.key;
|
||||
|
||||
// we use ring for ruma and hashing state, but aws-lc-rs is the new default.
|
||||
// without this, TLS mode will panic.
|
||||
_ = rustls::crypto::aws_lc_rs::default_provider().install_default();
|
||||
|
||||
debug!("Using direct TLS. Certificate path {certs} and certificate private key path {key}",);
|
||||
info!(
|
||||
"Note: It is strongly recommended that you use a reverse proxy instead of running conduwuit directly with TLS."
|
||||
|
|
Loading…
Add table
Reference in a new issue