Bump rustls to v0.23

author: Sven-Hendrik Haase <svenstaro@gmail.com> 2024-06-09 23:06:16 +0000
committer: Sven-Hendrik Haase <svenstaro@gmail.com> 2024-06-09 23:06:16 +0000
commit: 81df80c1c91f77847da9c8a4a71df51b8526392c (patch)
tree: f5eeec0a0e57f781219f3c140d5fdfb433a750a2 /src
parent: Bump reqwest to v0.12 (diff)
download: miniserve-81df80c1c91f77847da9c8a4a71df51b8526392c.tar.gz
miniserve-81df80c1c91f77847da9c8a4a71df51b8526392c.zip
2 files changed, 7 insertions, 16 deletions
diff --git a/src/config.rs b/src/config.rs
index 5a0037b..f468365 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -223,24 +223,15 @@ impl MiniserveConfig {
                 let key_file = &mut BufReader::new(
                     File::open(&tls_key).context(format!("Couldn't access TLS key {tls_key:?}"))?,
                 );
-                let cert_chain = pemfile::certs(cert_file).context("Reading cert file")?;
-                let key = pemfile::read_all(key_file)
+                let cert_chain = pemfile::certs(cert_file)
+                    .map(|cert| cert.expect("Invalid certificate in certificate chain"))
+                    .collect();
+                let private_key = pemfile::private_key(key_file)
                     .context("Reading private key file")?
-                    .into_iter()
-                    .find_map(|item| match item {
-                        pemfile::Item::RSAKey(key)
-                        | pemfile::Item::PKCS8Key(key)
-                        | pemfile::Item::ECKey(key) => Some(key),
-                        _ => None,
-                    })
-                    .ok_or_else(|| anyhow!("No supported private key in file"))?;
+                    .expect("No private key found");
                 let server_config = rustls::ServerConfig::builder()
-                    .with_safe_defaults()
                     .with_no_client_auth()
-                    .with_single_cert(
-                        cert_chain.into_iter().map(rustls::Certificate).collect(),
-                        rustls::PrivateKey(key),
-                    )?;
+                    .with_single_cert(cert_chain, private_key)?;
                 Some(server_config)
             } else {
                 None
diff --git a/src/main.rs b/src/main.rs
index aa40585..7b04f7c 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -228,7 +228,7 @@ async fn run(miniserve_config: MiniserveConfig) -> Result<(), StartupError> {
 
         #[cfg(feature = "tls")]
         let srv = match &miniserve_config.tls_rustls_config {
-            Some(tls_config) => srv.listen_rustls(listener, tls_config.clone()),
+            Some(tls_config) => srv.listen_rustls_0_23(listener, tls_config.clone()),
             None => srv.listen(listener),
         };
author	Sven-Hendrik Haase <svenstaro@gmail.com>	2024-06-09 23:06:16 +0000
committer	Sven-Hendrik Haase <svenstaro@gmail.com>	2024-06-09 23:06:16 +0000
commit	81df80c1c91f77847da9c8a4a71df51b8526392c (patch)
tree	f5eeec0a0e57f781219f3c140d5fdfb433a750a2 /src
parent	Bump reqwest to v0.12 (diff)
download	miniserve-81df80c1c91f77847da9c8a4a71df51b8526392c.tar.gz miniserve-81df80c1c91f77847da9c8a4a71df51b8526392c.zip