Skip to content

Commit

Permalink
Bump rustls-native-certs (#2427)
Browse files Browse the repository at this point in the history
  • Loading branch information
Jake-Shadle authored Sep 20, 2024
1 parent c8665be commit d85f44b
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 7 deletions.
2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ rustls = { version = "0.23.4", optional = true, default-features = false, featur
rustls-pki-types = { version = "1.1.0", features = ["alloc"] ,optional = true }
tokio-rustls = { version = "0.26", optional = true, default-features = false, features = ["tls12"] }
webpki-roots = { version = "0.26.0", optional = true }
rustls-native-certs = { version = "0.7", optional = true }
rustls-native-certs = { version = "0.8.0", optional = true }

## cookies
cookie_crate = { version = "0.18.0", package = "cookie", optional = true }
Expand Down
24 changes: 18 additions & 6 deletions src/async_impl/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -514,9 +514,9 @@ impl ClientBuilder {
if config.tls_built_in_certs_native {
let mut valid_count = 0;
let mut invalid_count = 0;
for cert in rustls_native_certs::load_native_certs()
.map_err(crate::error::builder)?
{

let load_results = rustls_native_certs::load_native_certs();
for cert in load_results.certs {
// Continue on parsing errors, as native stores often include ancient or syntactically
// invalid certificates, like root certificates without any X509 extensions.
// Inspiration: https://github.com/rustls/rustls/blob/633bf4ba9d9521a95f68766d04c22e2b01e68318/rustls/src/anchors.rs#L105-L112
Expand All @@ -529,9 +529,21 @@ impl ClientBuilder {
}
}
if valid_count == 0 && invalid_count > 0 {
return Err(crate::error::builder(
"zero valid certificates found in native root store",
));
let err = if load_results.errors.is_empty() {
crate::error::builder(
"zero valid certificates found in native root store",
)
} else {
use std::fmt::Write as _;
let mut acc = String::new();
for err in load_results.errors {
let _ = writeln!(&mut acc, "{err}");
}

crate::error::builder(acc)
};

return Err(err);
}
}

Expand Down

0 comments on commit d85f44b

Please sign in to comment.