Include a workaround for a bug with rustls & webpki
This commit is contained in:
parent
0ca71e46c9
commit
4d0b0521d6
21
src/lib.rs
21
src/lib.rs
|
@ -17,6 +17,7 @@ use tokio::{
|
|||
};
|
||||
use tokio::net::TcpListener;
|
||||
use rustls::ClientCertVerifier;
|
||||
use rustls::internal::msgs::handshake::DigitallySignedStruct;
|
||||
use tokio_rustls::{rustls, TlsAcceptor};
|
||||
use rustls::*;
|
||||
use anyhow::*;
|
||||
|
@ -434,6 +435,8 @@ impl ClientCertVerifier for AllowAnonOrSelfsignedClient {
|
|||
Some(false)
|
||||
}
|
||||
|
||||
// the below methods are a hack until webpki doesn't break with certain certs
|
||||
|
||||
fn verify_client_cert(
|
||||
&self,
|
||||
_: &[Certificate],
|
||||
|
@ -441,6 +444,24 @@ impl ClientCertVerifier for AllowAnonOrSelfsignedClient {
|
|||
) -> Result<ClientCertVerified, TLSError> {
|
||||
Ok(ClientCertVerified::assertion())
|
||||
}
|
||||
|
||||
fn verify_tls12_signature(
|
||||
&self,
|
||||
_message: &[u8],
|
||||
_cert: &Certificate,
|
||||
_dss: &DigitallySignedStruct,
|
||||
) -> Result<HandshakeSignatureValid, TLSError> {
|
||||
Ok(HandshakeSignatureValid::assertion())
|
||||
}
|
||||
|
||||
fn verify_tls13_signature(
|
||||
&self,
|
||||
_message: &[u8],
|
||||
_cert: &Certificate,
|
||||
_dss: &DigitallySignedStruct,
|
||||
) -> Result<HandshakeSignatureValid, TLSError> {
|
||||
Ok(HandshakeSignatureValid::assertion())
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
|
Loading…
Reference in a new issue