From a89911317f93d0183371b769a538b8f7ba349877 Mon Sep 17 00:00:00 2001 From: Zanie Date: Mon, 11 Dec 2023 11:34:12 -0600 Subject: [PATCH] Use the system trust store for HTTPS requests Using the `rustls-tls-native-roots` feature https://github.com/seanmonstar/reqwest/issues/1554 --- Cargo.lock | 49 ++++++++++++++++++++++++++++++++++++++++++++++++- Cargo.toml | 2 +- 2 files changed, 49 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a4ba755139fb..025e93e0a1dc 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2789,6 +2789,7 @@ dependencies = [ "percent-encoding", "pin-project-lite", "rustls", + "rustls-native-certs", "rustls-pemfile", "serde", "serde_json", @@ -2804,7 +2805,6 @@ dependencies = [ "wasm-bindgen-futures", "wasm-streams", "web-sys", - "webpki-roots", "winreg", ] @@ -3015,6 +3015,18 @@ dependencies = [ "sct", ] +[[package]] +name = "rustls-native-certs" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9aace74cb666635c918e9c12bc0d348266037aa8eb599b5cba565709a8dff00" +dependencies = [ + "openssl-probe", + "rustls-pemfile", + "schannel", + "security-framework", +] + [[package]] name = "rustls-pemfile" version = "1.0.4" @@ -3071,6 +3083,15 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "schannel" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c3733bf4cf7ea0880754e19cb5a462007c4a8c1914bff372ccc95b464f1df88" +dependencies = [ + "windows-sys 0.48.0", +] + [[package]] name = "scopeguard" version = "1.2.0" @@ -3113,6 +3134,29 @@ version = "4.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" +[[package]] +name = "security-framework" +version = "2.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de" +dependencies = [ + "bitflags 1.3.2", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e932934257d3b408ed8f30db49d85ea163bfe74961f017f405b025af298f0c7a" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "serde" version = "1.0.196" @@ -4730,6 +4774,7 @@ dependencies = [ ] [[package]] +<<<<<<< HEAD name = "webpki-roots" version = "0.25.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -4742,6 +4787,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "53a85b86a771b1c87058196170769dd264f66c0782acf1ae6cc51bfd64b39082" [[package]] +======= +>>>>>>> 2ecac4bd (Use `rustls-tls-native-roots` feature to support HTTPS proxy from mitmproxy) name = "which" version = "6.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" diff --git a/Cargo.toml b/Cargo.toml index 387945f3cb84..8579673c50e2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -73,7 +73,7 @@ rand = { version = "0.8.5" } rayon = { version = "1.8.0" } reflink-copy = { version = "0.1.14" } regex = { version = "1.10.2" } -reqwest = { version = "0.11.23", default-features = false, features = ["json", "gzip", "brotli", "stream", "rustls-tls"] } +reqwest = { version = "0.11.23", default-features = false, features = ["json", "gzip", "brotli", "stream", "rustls-tls-native-roots"] } reqwest-middleware = { version = "0.2.4" } reqwest-retry = { version = "0.3.0" } rkyv = { version = "0.7.43", features = ["strict", "validation"] }