kozabrada123/chorus
kozabrada123
/
chorus
mirror of https://github.com/polyphony-chat/chorus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Build RootCertStore from webpki roots instead of native roots

This commit is contained in:
bitfl0wer 2024-07-10 18:13:40 +02:00
parent 648cd21001
commit 88ebc9e399
No known key found for this signature in database
GPG Key ID: 0ACD574FCF5226CF
1 changed files with 14 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/gateway/backends/tungstenite.rs
View File

@ -32,17 +32,19 @@ impl TungsteniteBackend {
pub async fn connect(
websocket_url: &str,
) -> Result<(TungsteniteSink, TungsteniteStream), TungsteniteBackendError> {
let mut roots = rustls::RootCertStore::empty();
let certs = rustls_native_certs::load_native_certs();
if let Err(e) = certs {
log::error!("Failed to load platform native certs! {:?}", e);
return Err(TungsteniteBackendError::FailedToLoadCerts { error: e });
}
for cert in certs.unwrap() {
roots.add(&rustls::Certificate(cert.0)).unwrap();
}
let certs = webpki_roots::TLS_SERVER_ROOTS;
let roots = rustls::RootCertStore {
roots: certs
.iter()
.map(|cert| {
rustls::OwnedTrustAnchor::from_subject_spki_name_constraints(
cert.subject.to_vec(),
cert.subject_public_key_info.to_vec(),
cert.name_constraints.as_ref().map(|der| der.to_vec()),
)
})
.collect(),
};
let (websocket_stream, _) = match connect_async_tls_with_config(
websocket_url,
None,
@ -58,11 +60,7 @@ impl TungsteniteBackend {
.await
{
Ok(websocket_stream) => websocket_stream,
Err(e) => {
return Err(TungsteniteBackendError::TungsteniteError {
error: e,
})
}
Err(e) => return Err(TungsteniteBackendError::TungsteniteError { error: e }),
};
Ok(websocket_stream.split())