prepare actix-tls 3.0.0-beta.7 release (#401)

2025-06-28 12:10:37 +02:00 · 2021-10-20 17:12:11 +01:00
parent 303666278a
commit 70ea5322ab
7 changed files with 30 additions and 6 deletions
--- a/actix-tls/src/connect/mod.rs
+++ b/actix-tls/src/connect/mod.rs
@ -21,7 +21,9 @@ mod connector;
 mod error;
 mod resolve;
 mod service;
-pub mod ssl;
+pub mod tls;
+#[doc(hidden)]
+pub use tls as ssl;
 #[cfg(feature = "uri")]
 mod uri;

--- a/actix-tls/src/connect/tls/mod.rs
+++ b/actix-tls/src/connect/tls/mod.rs
@ -1,4 +1,4 @@
-//! SSL Services
+//! TLS Services

 #[cfg(feature = "openssl")]
 pub mod openssl;
--- a/actix-tls/src/connect/tls/native_tls.rs
+++ b/actix-tls/src/connect/tls/native_tls.rs
--- a/actix-tls/src/connect/tls/openssl.rs
+++ b/actix-tls/src/connect/tls/openssl.rs
--- a/actix-tls/src/connect/tls/rustls.rs
+++ b/actix-tls/src/connect/tls/rustls.rs
@ -14,11 +14,26 @@ use actix_rt::net::ActixStream;
 use actix_service::{Service, ServiceFactory};
 use futures_core::{future::LocalBoxFuture, ready};
 use log::trace;
-use tokio_rustls::rustls::client::ServerName;
+use tokio_rustls::rustls::{client::ServerName, OwnedTrustAnchor, RootCertStore};
 use tokio_rustls::{Connect, TlsConnector};

 use crate::connect::{Address, Connection};

+/// Returns standard root certificates from `webpki-roots` crate as a rustls certificate store.
+pub fn webpki_roots_cert_store() -> RootCertStore {
+    let mut root_certs = RootCertStore::empty();
+    for cert in TLS_SERVER_ROOTS.0 {
+        let cert = OwnedTrustAnchor::from_subject_spki_name_constraints(
+            cert.subject,
+            cert.spki,
+            cert.name_constraints,
+        );
+        let certs = vec![cert].into_iter();
+        root_certs.add_server_trust_anchors(certs);
+    }
+    root_certs
+}
+
 /// Rustls connector factory
 pub struct RustlsConnector {
    connector: Arc<ClientConfig>,