Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move using-native-tls-instead-of-rustls to smithy-rs #2423

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions aws/sdk/integration-tests/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,5 @@ members = [
"s3control",
"sts",
"transcribestreaming",
"using-native-tls-instead-of-rustls",
]
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
[package]
name = "using-native-tls-instead-of-rustls"
version = "0.1.0"
authors = ["AWS Rust SDK Team <aws-sdk-rust@amazon.com>"]
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dev-dependencies]
# aws-config pulls in rustls and several other things by default. We have to disable defaults in order to use native-tls
# and then manually bring the other defaults back
aws-config = { path = "../../build/aws-sdk/sdk/aws-config", default-features = false, features = [
"native-tls",
"rt-tokio",
] }
# aws-sdk-s3 brings in rustls by default so we disable that in order to use native-tls only
aws-sdk-s3 = { path = "../../build/aws-sdk/sdk/s3", default-features = false, features = [
"native-tls",
] }
tokio = { version = "1.20.1", features = ["rt", "macros"] }
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0
*/

/// The SDK defaults to using RusTLS by default but you can also use [`native_tls`](https://github.com/sfackler/rust-native-tls)
/// which will choose a TLS implementation appropriate for your platform. This test looks much like
/// any other. Activating and deactivating `features` in your app's `Cargo.toml` is all that's needed.

async fn list_buckets() -> Result<(), aws_sdk_s3::Error> {
let sdk_config = aws_config::load_from_env().await;
let client = aws_sdk_s3::Client::new(&sdk_config);

let _resp = client.list_buckets().send().await?;

Ok(())
}

/// You can run this test to ensure that it is only using `native-tls` and
/// that nothing is pulling in `rustls` as a dependency
#[test]
#[should_panic = "error: package ID specification `rustls` did not match any packages"]
fn test_rustls_is_not_in_dependency_tree() {
let cargo_location = std::env::var("CARGO").unwrap();
let cargo_command = std::process::Command::new(&cargo_location)
.arg("tree")
.arg("--invert")
.arg("rustls")
.output()
.expect("failed to run 'cargo tree'");

let stderr = String::from_utf8_lossy(&cargo_command.stderr);

// We expect the call to `cargo tree` to error out. If it did, we panic with the resulting
// message here. In the case that no error message is set, that's bad.
if !stderr.is_empty() {
panic!("{}", stderr);
}

// Uh oh. We expected an error message but got none, likely because `cargo tree` found
// `rustls` in our dependencies. We'll print out the message we got to see what went wrong.
let stdout = String::from_utf8_lossy(&cargo_command.stdout);

println!("{}", stdout)
}

// NOTE: not currently run in CI, separate PR will set up a with-creds CI runner
#[tokio::test]
#[ignore]
async fn needs_creds_native_tls_works() {
list_buckets().await.expect("should succeed")
}