update rustls and related dependencies (#72)

* chore(deps): bump rustls from 0.19.1 to 0.20.0 * chore(deps): bump webpki from 0.21.4 to 0.22.0 * chore(deps): bump tokio-rustls from 0.22.0 to 0.23.0 * update rustls calls * update webpki naming * update tests
2026-04-08 20:45:29 +00:00 · 2021-10-19 00:30:38 +02:00 · 2021-10-19 00:30:38 +02:00 · b5a416fc35
commit b5a416fc35
parent 824d384693
5 changed files with 121 additions and 80 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -8,7 +8,7 @@ use {
    once_cell::sync::Lazy,
    percent_encoding::{percent_decode_str, percent_encode, AsciiSet, CONTROLS},
    rcgen::{Certificate, CertificateParams, DnType},
-    rustls::{NoClientAuth, ServerConfig},
+    rustls::server::ServerConfig,
    std::{
        borrow::Cow,
        error::Error,
@ -318,11 +318,17 @@ fn check_path(s: String) -> Result<PathBuf, String> {
 static TLS: Lazy<TlsAcceptor> = Lazy::new(acceptor);

 fn acceptor() -> TlsAcceptor {
-    let mut config = ServerConfig::new(NoClientAuth::new());
-    if ARGS.only_tls13 {
-        config.versions = vec![rustls::ProtocolVersion::TLSv1_3];
+    let config = if ARGS.only_tls13 {
+        ServerConfig::builder()
+            .with_safe_default_cipher_suites()
+            .with_safe_default_kx_groups()
+            .with_protocol_versions(&[&rustls::version::TLS13])
+            .expect("could not build server config")
+    } else {
+        ServerConfig::builder().with_safe_defaults()
    }
-    config.cert_resolver = ARGS.certs.clone();
+    .with_no_client_auth()
+    .with_cert_resolver(ARGS.certs.clone());
    TlsAcceptor::from(Arc::new(config))
 }