Merge pull request #38 from crawford/ring

 Update to rustls 0.12

Author: ctz

Cargo.toml

@@ -11,11 +11,12 @@ repository = "https://github.com/ctz/hyper-rustls"
 [dependencies]
 futures = "0.1.13"
 hyper = "0.11"
-rustls = "0.11.0"
+rustls = "0.12"
 tokio-core = "0.1.7"
 tokio-io = "0.1.1"
 tokio-proto = "0.1"
-tokio-rustls = { version = "0.4.0", features = [ "tokio-proto" ] }
+tokio-rustls = { version = "0.5", features = [ "tokio-proto" ] }
 tokio-service = "0.1.0"
-webpki-roots = "0.13.0"
-ct-logs = "0.2.0"
+webpki = "0.18.0-alpha"
+webpki-roots = "0.14"
+ct-logs = "0.3"

examples/server.rs

@@ -65,7 +65,7 @@ fn main() {
     let addr = format!("127.0.0.1:{}", port).parse().unwrap();
     let certs = load_certs("examples/sample.pem");
     let key = load_private_key("examples/sample.rsa");
-    let mut cfg = rustls::ServerConfig::new();
+    let mut cfg = rustls::ServerConfig::new(rustls::NoClientAuth::new());
     cfg.set_single_cert(certs, key);
     let tls = proto::Server::new(Http::new(), std::sync::Arc::new(cfg));
     let tcp = tokio_proto::TcpServer::new(tls, addr);

src/connector.rs

@@ -8,6 +8,7 @@ use stream::MaybeHttpsStream;
 use tokio_core::reactor::Handle;
 use tokio_rustls::ClientConfigExt;
 use tokio_service::Service;
+use webpki::{DNSName, DNSNameRef};
 use webpki_roots;
 use ct_logs;
 
@@ -26,9 +27,14 @@ impl HttpsConnector {
         let mut http = HttpConnector::new(threads, handle);
         http.enforce_http(false);
         let mut config = ClientConfig::new();
-        config.root_store.add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
+        config
+            .root_store
+            .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
         config.ct_logs = Some(&ct_logs::LOGS);
-        HttpsConnector { http: http, tls_config: Arc::new(config) }
+        HttpsConnector {
+            http: http,
+            tls_config: Arc::new(config),
+        }
     }
 }
 
@@ -55,36 +61,42 @@ impl Service for HttpsConnector {
 
     fn call(&self, uri: Uri) -> Self::Future {
         let is_https = uri.scheme() == Some("https");
-        let host = match uri.host() {
-            Some(host) => host.to_owned(),
-            None => return HttpsConnecting(
-                Box::new(
-                    ::futures::future::err(
-                        io::Error::new(
-                            io::ErrorKind::InvalidInput,
-                            "invalid url, missing host"
-                            )
-                        )
-                    )
-                ),
+        let host: DNSName = match uri.host() {
+            Some(host) => match DNSNameRef::try_from_ascii_str(host) {
+                Ok(host) => host.into(),
+                Err(err) => {
+                    return HttpsConnecting(Box::new(::futures::future::err(io::Error::new(
+                        io::ErrorKind::InvalidInput,
+                        format!("invalid url: {:?}", err),
+                    ))))
+                }
+            },
+            None => {
+                return HttpsConnecting(Box::new(::futures::future::err(io::Error::new(
+                    io::ErrorKind::InvalidInput,
+                    "invalid url, missing host",
+                ))))
+            }
         };
         let connecting = self.http.call(uri);
 
         HttpsConnecting(if is_https {
             let tls = self.tls_config.clone();
-            Box::new(connecting.and_then(move |tcp| {
-                    tls
-                    .connect_async(&host, tcp)
-                    .map_err(|e| io::Error::new(io::ErrorKind::Other, e))
-            }).map(|tls| MaybeHttpsStream::Https(tls))
-                .map_err(|e| io::Error::new(io::ErrorKind::Other, e)))
+            Box::new(
+                connecting
+                    .and_then(move |tcp| {
+                        tls.connect_async(host.as_ref(), tcp)
+                            .map_err(|e| io::Error::new(io::ErrorKind::Other, e))
+                    })
+                    .map(|tls| MaybeHttpsStream::Https(tls))
+                    .map_err(|e| io::Error::new(io::ErrorKind::Other, e)),
+            )
         } else {
             Box::new(connecting.map(|tcp| MaybeHttpsStream::Http(tcp)))
         })
     }
 }
 
-
 pub struct HttpsConnecting(Box<Future<Item = MaybeHttpsStream, Error = io::Error>>);
 
 impl Future for HttpsConnecting {

src/lib.rs

@@ -25,15 +25,16 @@
 //! }
 //! ```
 
+extern crate ct_logs;
 extern crate futures;
 extern crate hyper;
 extern crate rustls;
 extern crate tokio_core;
 extern crate tokio_io;
 extern crate tokio_rustls;
 extern crate tokio_service;
+extern crate webpki;
 extern crate webpki_roots;
-extern crate ct_logs;
 
 mod connector;
 mod stream;