Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-10-04 02:29:12 +01:00
Code Issues Projects Releases Packages Wiki Activity
servo/components/net_traits/Cargo.toml
Martin Robinson bce7622cde
Switch to rustls and webpki-roots (#30025) 
This change replaces OpenSSL with rustls and also the manually curated
CA certs file with webpki-roots (effectively the same thing, but as a
crate).

Generally speaking the design of the network stack is the same. Changes:

- Code around certificate overrides needed to be refactored to work with
  rustls so the various thread-safe list of certificates is refactored
  into `CertificateErrorOverrideManager`
- hyper-rustls takes care of setting ALPN protocols for HTTP requests,
  so for WebSockets this is moved to the WebSocket code.
- The safe set of cypher suites is chosen, which seem to correspond to
  the "Modern" configuration from [1]. This can be adjusted later.
- Instead of passing a string of PEM CA certificates around, an enum is
  used that includes parsed Certificates (or the default which reads
  them from webpki-roots).
- Code for starting up an SSL server for testing is cleaned up a little,
  due to the fact that the certificates need to be overriden explicitly
  now. This is due to the fact that the `webpki` crate is more stringent
  with self-signed certificates than SSL (CA certificates cannot used as
  end-entity certificates). [2]

1. https://wiki.mozilla.org/Security/Server_Side_TLS
2. https://github.com/briansmith/webpki/issues/114

Fixes #7888.
Fixes #13749.
Fixes #26835.
Fixes #29291.
2023-08-08 14:00:10 +00:00

45 lines
1.2 KiB
TOML
Raw Blame History

[package]
name = "net_traits"
version = "0.0.1"
authors = ["The Servo Project Developers"]
license = "MPL-2.0"
edition = "2018"
publish = false
[lib]
name = "net_traits"
path = "lib.rs"
test = false
doctest = false
[dependencies]
content-security-policy = { workspace = true }
cookie = { workspace = true }
embedder_traits = { path = "../embedder_traits" }
headers = { workspace = true }
http = { workspace = true }
hyper = { workspace = true }
hyper_serde = { workspace = true }
image = { workspace = true }
ipc-channel = { workspace = true }
lazy_static = { workspace = true }
log = { workspace = true }
malloc_size_of = { path = "../malloc_size_of" }
malloc_size_of_derive = { workspace = true }
mime = { workspace = true }
msg = { path = "../msg" }
num-traits = { workspace = true }
percent-encoding = { workspace = true }
pixels = { path = "../pixels" }
rustls = { workspace = true }
serde = { workspace = true }
servo_arc = { path = "../servo_arc" }
servo_rand = { path = "../rand" }
servo_url = { path = "../url" }
time = { workspace = true }
url = { workspace = true }
uuid = { workspace = true }
webrender_api = { git = "https://github.com/servo/webrender" }
[dev-dependencies]
std_test_override = { path = "../std_test_override" }
Reference in a new issue View git blame Copy permalink