diff --git a/Cargo.lock b/Cargo.lock index 4938ac8df..530563c4b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -571,6 +571,16 @@ dependencies = [ "libc", ] +[[package]] +name = "core-foundation" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b55271e5c8c478ad3f38ad24ef34923091e0548492a266d19b3c0b4d82574c63" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "core-foundation-sys" version = "0.8.7" @@ -1534,6 +1544,7 @@ dependencies = [ "tokio-rustls 0.25.0", "tower-service", "webpki", + "webpki-roots 0.26.6", ] [[package]] @@ -1567,6 +1578,7 @@ dependencies = [ "tokio", "tokio-rustls 0.25.0", "tower-service", + "webpki-roots 0.26.6", ] [[package]] @@ -1581,11 +1593,12 @@ dependencies = [ "hyper-util", "log", "rustls 0.23.16", - "rustls-native-certs 0.8.0", + "rustls-native-certs 0.8.1", "rustls-pki-types", "tokio", "tokio-rustls 0.26.0", "tower-service", + "webpki-roots 0.26.6", ] [[package]] @@ -2900,7 +2913,7 @@ dependencies = [ "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots", + "webpki-roots 0.25.4", "winreg", ] @@ -3025,20 +3038,19 @@ dependencies = [ "rustls-pemfile 2.2.0", "rustls-pki-types", "schannel", - "security-framework", + "security-framework 2.11.1", ] [[package]] name = "rustls-native-certs" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcaf18a4f2be7326cd874a5fa579fae794320a0f388d365dca7e480e55f83f8a" +checksum = "7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3" dependencies = [ "openssl-probe", - "rustls-pemfile 2.2.0", "rustls-pki-types", "schannel", - "security-framework", + "security-framework 3.0.1", ] [[package]] @@ -3163,7 +3175,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" dependencies = [ "bitflags 2.6.0", - "core-foundation", + "core-foundation 0.9.4", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1415a607e92bec364ea2cf9264646dcce0f91e6d65281bd6f2819cca3bf39c8" +dependencies = [ + "bitflags 2.6.0", + "core-foundation 0.10.0", "core-foundation-sys", "libc", "security-framework-sys", @@ -3515,7 +3540,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" dependencies = [ "bitflags 1.3.2", - "core-foundation", + "core-foundation 0.9.4", "system-configuration-sys", ] @@ -3721,11 +3746,12 @@ dependencies = [ "futures-util", "log", "rustls 0.23.16", - "rustls-native-certs 0.8.0", + "rustls-native-certs 0.8.1", "rustls-pki-types", "tokio", "tokio-rustls 0.26.0", "tungstenite", + "webpki-roots 0.26.6", ] [[package]] @@ -4096,6 +4122,15 @@ version = "0.25.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" +[[package]] +name = "webpki-roots" +version = "0.26.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "841c67bff177718f1d4dfefde8d8f0e78f9b6589319ba88312f567fc5841a958" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "which" version = "4.4.2" diff --git a/Cargo.toml b/Cargo.toml index d0a558e26..932e5f641 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -32,6 +32,7 @@ version = "0.6.0-dev" [dependencies.librespot-core] path = "core" version = "0.6.0-dev" +default-features = false [dependencies.librespot-discovery] path = "discovery" @@ -82,7 +83,10 @@ with-libmdns = ["librespot-discovery/with-libmdns"] passthrough-decoder = ["librespot-playback/passthrough-decoder"] -default = ["rodio-backend", "with-libmdns"] +rustls-native-roots = ["librespot-core/rustls-native-roots"] +rustls-webpki-roots = ["librespot-core/rustls-webpki-roots"] + +default = ["rodio-backend", "with-libmdns", "rustls-native-roots"] [package.metadata.deb] maintainer = "librespot-org" diff --git a/audio/Cargo.toml b/audio/Cargo.toml index 3ef845325..0f51b342f 100644 --- a/audio/Cargo.toml +++ b/audio/Cargo.toml @@ -11,6 +11,7 @@ edition = "2021" [dependencies.librespot-core] path = "../core" version = "0.6.0-dev" +default-features = false [dependencies] aes = "0.8" diff --git a/connect/Cargo.toml b/connect/Cargo.toml index e35d3c778..61f68f2ea 100644 --- a/connect/Cargo.toml +++ b/connect/Cargo.toml @@ -23,6 +23,7 @@ tokio-stream = "0.1" [dependencies.librespot-core] path = "../core" version = "0.6.0-dev" +default-features = false [dependencies.librespot-playback] path = "../playback" diff --git a/core/Cargo.toml b/core/Cargo.toml index 994f1ab2b..81d96b651 100644 --- a/core/Cargo.toml +++ b/core/Cargo.toml @@ -32,8 +32,8 @@ http = "1.0" hyper = { version = "1.3", features = ["http1", "http2"] } hyper-util = { version = "0.1", features = ["client"] } http-body-util = "0.1.1" -hyper-proxy2 = { version = "0.1", default-features = false, features = ["rustls"] } -hyper-rustls = { version = "0.27.2", features = ["http2"] } +hyper-proxy2 = { version = "0.1", default-features = false } +hyper-rustls = { version = "0.27.2", default-features = false, features = ["aws-lc-rs", "http1", "logging", "tls12", "http2"] } log = "0.4" nonzero_ext = "0.3" num-bigint = { version = "0.4", features = ["rand"] } @@ -58,7 +58,7 @@ thiserror = "1.0" time = { version = "0.3", features = ["formatting", "parsing"] } tokio = { version = "1", features = ["io-util", "macros", "net", "parking_lot", "rt", "sync", "time"] } tokio-stream = "0.1" -tokio-tungstenite = { version = "0.24", default-features = false, features = ["rustls-tls-native-roots"] } +tokio-tungstenite = { version = "0.24", default-features = false } tokio-util = { version = "0.7", features = ["codec"] } url = "2" uuid = { version = "1", default-features = false, features = ["fast-rng", "v4"] } @@ -70,3 +70,16 @@ vergen-gitcl = { version = "1.0.0", default-features = false, features = ["build [dev-dependencies] tokio = { version = "1", features = ["macros", "parking_lot"] } + +[features] +default = ["rustls-native-roots"] +rustls-native-roots = [ + "hyper-proxy2/rustls", + "hyper-rustls/native-tokio", + "tokio-tungstenite/rustls-tls-native-roots", +] +rustls-webpki-roots = [ + "hyper-proxy2/rustls-webpki", + "hyper-rustls/webpki-tokio", + "tokio-tungstenite/rustls-tls-webpki-roots", +] diff --git a/core/src/http_client.rs b/core/src/http_client.rs index 8645d3a38..3dca0c642 100644 --- a/core/src/http_client.rs +++ b/core/src/http_client.rs @@ -145,12 +145,15 @@ impl HttpClient { fn try_create_hyper_client(proxy_url: Option<&Url>) -> Result { // configuring TLS is expensive and should be done once per process - let https_connector = HttpsConnectorBuilder::new() - .with_native_roots()? - .https_or_http() - .enable_http1() - .enable_http2() - .build(); + + // Prefer webpki if both features are enabled, else use native roots + #[cfg(all(not(feature = "rustls-webpki-roots"), feature = "rustls-native-roots"))] + let tls = HttpsConnectorBuilder::new().with_native_roots()?; + + #[cfg(feature = "rustls-webpki-roots")] + let tls = HttpsConnectorBuilder::new().with_webpki_roots(); + + let https_connector = tls.https_or_http().enable_http1().enable_http2().build(); // When not using a proxy a dummy proxy is configured that will not intercept any traffic. // This prevents needing to carry the Client Connector generics through the whole project diff --git a/discovery/Cargo.toml b/discovery/Cargo.toml index 01383f2ed..76f01209e 100644 --- a/discovery/Cargo.toml +++ b/discovery/Cargo.toml @@ -35,6 +35,7 @@ zbus = { version = "4", default-features = false, features = ["tokio"], optional [dependencies.librespot-core] path = "../core" version = "0.6.0-dev" +default-features = false [dev-dependencies] futures = "0.3" diff --git a/metadata/Cargo.toml b/metadata/Cargo.toml index 69efdf787..cfc37d7b1 100644 --- a/metadata/Cargo.toml +++ b/metadata/Cargo.toml @@ -21,6 +21,7 @@ serde_json = "1.0" [dependencies.librespot-core] path = "../core" version = "0.6.0-dev" +default-features = false [dependencies.librespot-protocol] path = "../protocol" diff --git a/playback/Cargo.toml b/playback/Cargo.toml index e9f6d4383..1e28e11c2 100644 --- a/playback/Cargo.toml +++ b/playback/Cargo.toml @@ -15,6 +15,7 @@ version = "0.6.0-dev" [dependencies.librespot-core] path = "../core" version = "0.6.0-dev" +default-features = false [dependencies.librespot-metadata] path = "../metadata"