Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-06-06 16:45:39 +00:00
Code Issues Projects Releases Packages Wiki Activity
servo/components/net/Cargo.toml
Martin Robinson bce7622cde
Switch to rustls and webpki-roots (#30025) 
This change replaces OpenSSL with rustls and also the manually curated
CA certs file with webpki-roots (effectively the same thing, but as a
crate).

Generally speaking the design of the network stack is the same. Changes:

- Code around certificate overrides needed to be refactored to work with
  rustls so the various thread-safe list of certificates is refactored
  into `CertificateErrorOverrideManager`
- hyper-rustls takes care of setting ALPN protocols for HTTP requests,
  so for WebSockets this is moved to the WebSocket code.
- The safe set of cypher suites is chosen, which seem to correspond to
  the "Modern" configuration from [1]. This can be adjusted later.
- Instead of passing a string of PEM CA certificates around, an enum is
  used that includes parsed Certificates (or the default which reads
  them from webpki-roots).
- Code for starting up an SSL server for testing is cleaned up a little,
  due to the fact that the certificates need to be overriden explicitly
  now. This is due to the fact that the `webpki` crate is more stringent
  with self-signed certificates than SSL (CA certificates cannot used as
  end-entity certificates). [2]

1. https://wiki.mozilla.org/Security/Server_Side_TLS
2. https://github.com/briansmith/webpki/issues/114

Fixes #7888.
Fixes #13749.
Fixes #26835.
Fixes #29291.
2023-08-08 14:00:10 +00:00

80 lines
2.4 KiB
TOML
Raw Blame History

[package]
name = "net"
version = "0.0.1"
authors = ["The Servo Project Developers"]
license = "MPL-2.0"
edition = "2018"
publish = false
autotests = false # Inhibit lookup for tests/*.rs without [[test]] sections
[lib]
name = "net"
path = "lib.rs"
test = false
doctest = false
[dependencies]
async-recursion = "0.3.2"
async-tungstenite = { workspace = true }
base64 = { workspace = true }
brotli = "3"
bytes = "1"
content-security-policy = { workspace = true }
cookie_rs = { package = "cookie", version = "0.12" }
crossbeam-channel = { workspace = true }
data-url = { workspace = true }
devtools_traits = { path = "../devtools_traits" }
embedder_traits = { path = "../embedder_traits" }
flate2 = "1"
futures = { version = "0.3", package = "futures" }
futures-util = { version = "0.3" }
generic-array = "0.14"
headers = { workspace = true }
http = { workspace = true }
hyper = { workspace = true, features = ["client", "http1", "http2", "tcp", "stream"] }
hyper-rustls = { workspace = true }
hyper_serde = { workspace = true }
immeta = "0.4"
ipc-channel = { workspace = true }
lazy_static = { workspace = true }
libflate = "0.1"
log = { workspace = true }
malloc_size_of = { path = "../malloc_size_of" }
malloc_size_of_derive = { workspace = true }
mime = { workspace = true }
mime_guess = { workspace = true }
msg = { path = "../msg" }
net_traits = { path = "../net_traits" }
percent-encoding = { workspace = true }
pixels = { path = "../pixels" }
profile_traits = { path = "../profile_traits" }
rayon = { workspace = true }
rustls = { workspace = true }
rustls-pemfile = { workspace = true }
serde = { workspace = true }
serde_json = { workspace = true }
servo_allocator = { path = "../allocator" }
servo_arc = { path = "../servo_arc" }
servo_config = { path = "../config" }
servo_url = { path = "../url" }
sha2 = "0.10"
time = { workspace = true }
tokio = { workspace = true, features = ["sync", "macros", "rt-multi-thread"] }
tokio-rustls = { workspace = true }
tokio-stream = "0.1"
tungstenite = { workspace = true }
url = { workspace = true }
uuid = { workspace = true }
webrender_api = { workspace = true }
webpki-roots = { workspace = true }
[dev-dependencies]
futures = {version = "0.3", features = ["compat"]}
std_test_override = { path = "../std_test_override" }
tokio-test = "0.4"
tokio-stream = { version = "0.1", features = ["net"] }
hyper = { workspace = true, features = ["full"] }
[[test]]
name = "main"
path = "tests/main.rs"
Reference in a new issue View git blame Copy permalink