Skip to content

Commit

Permalink
Use extension trait to simplify config
Browse files Browse the repository at this point in the history
  • Loading branch information
djc committed Oct 25, 2024
1 parent e81e0f4 commit 6e6d73a
Showing 1 changed file with 24 additions and 4 deletions.
28 changes: 24 additions & 4 deletions rustls-platform-verifier/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
#![doc = include_str!("../README.md")]
#![warn(missing_docs)]

use rustls::ClientConfig;
use rustls::{client::WantsClientCert, ClientConfig, ConfigBuilder, WantsVerifier};
use std::sync::Arc;

mod verification;
Expand Down Expand Up @@ -49,9 +49,8 @@ pub use tests::ffi::*;
/// **Important:** You must ensure that your `reqwest` version is using the same Rustls
/// version as this crate or it will panic when downcasting the `&dyn Any` verifier.
///
/// If you require more control over the rustls `ClientConfig`, you can
/// instantiate a [Verifier] with [Verifier::default] and then use it
/// with [`DangerousClientConfigBuilder::with_custom_certificate_verifier`][rustls::client::danger::DangerousClientConfigBuilder::with_custom_certificate_verifier].
/// If you require more control over the rustls [`ClientConfig`], you can import the
/// [`PlatformVerifierExt`] trait and call `.with_platform_verifier()` on the [`ConfigBuilder`].
///
/// Refer to the crate level documentation to see what platforms
/// are currently supported.
Expand Down Expand Up @@ -88,3 +87,24 @@ pub fn tls_config_with_provider(
pub fn verifier_for_dbg(root: &[u8]) -> Arc<dyn rustls::client::danger::ServerCertVerifier> {
Arc::new(Verifier::new_with_fake_root(root))
}

/// Extension trait to help configure [`ClientConfig`]s with the platform verifier.
pub trait PlatformVerifierExt {
/// Configures the `ClientConfig` with the platform verifier.
///
/// ```rust
/// use rustls::ClientConfig;
/// use rustls_platform_verifier::PlatformVerifierExt;
/// let config = ClientConfig::builder()
/// .with_platform_verifier()
/// .with_no_client_auth();
/// ```
fn with_platform_verifier(self) -> ConfigBuilder<ClientConfig, WantsClientCert>;
}

impl PlatformVerifierExt for ConfigBuilder<ClientConfig, WantsVerifier> {
fn with_platform_verifier(self) -> ConfigBuilder<ClientConfig, WantsClientCert> {
self.dangerous()
.with_custom_certificate_verifier(Arc::new(Verifier::new()))
}
}

0 comments on commit 6e6d73a

Please sign in to comment.