Skip to content

Commit

Permalink
refactor: change object_store CA handling (#5056)
Browse files Browse the repository at this point in the history 
Closes #4870.
  • Loading branch information
@crepererum
crepererum authored Nov 8, 2023
1 parent 1635f5b commit 0cb30bb
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
3 changes: 2 additions & 1 deletion object_store/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ quick-xml = { version = "0.31.0", features = ["serialize", "overlapped-lists"],
serde = { version = "1.0", default-features = false, features = ["derive"], optional = true }
serde_json = { version = "1.0", default-features = false, optional = true }
rand = { version = "0.8", default-features = false, features = ["std", "std_rng"], optional = true }
reqwest = { version = "0.11", default-features = false, features = ["rustls-tls"], optional = true }
reqwest = { version = "0.11", default-features = false, features = ["rustls-tls-native-roots"], optional = true }
ring = { version = "0.17", default-features = false, features = ["std"], optional = true }
rustls-pemfile = { version = "1.0", default-features = false, optional = true }
tokio = { version = "1.25.0", features = ["sync", "macros", "rt", "time", "io-util"] }
Expand All @@ -64,6 +64,7 @@ azure = ["cloud"]
gcp = ["cloud", "rustls-pemfile"]
aws = ["cloud"]
http = ["cloud"]
tls-webpki-roots = ["reqwest?/rustls-tls-webpki-roots"]

[dev-dependencies] # In alphabetical order
tempfile = "3.1.0"
Expand Down
11 changes: 11 additions & 0 deletions object_store/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,17 @@
doc = "* [`http`]: [HTTP/WebDAV Storage](https://datatracker.ietf.org/doc/html/rfc2518). See [`HttpBuilder`](http::HttpBuilder)"
)]
//!
//! # TLS Certificates
//!
//! Stores that use HTTPS/TLS (this is true for most cloud stores) can choose the source of their [CA]
//! certificates. By default the system-bundled certificates are used (see
//! [`rustls-native-certs`]). The `tls-webpki-roots` feature switch can be used to also bundle Mozilla's
//! root certificates with the library/application (see [`webpki-roots`]).
//!
//! [CA]: https://en.wikipedia.org/wiki/Certificate_authority
//! [`rustls-native-certs`]: https://crates.io/crates/rustls-native-certs/
//! [`webpki-roots`]: https://crates.io/crates/webpki-roots
//!
//! # Why not a Filesystem Interface?
//!
//! Whilst this crate does provide a [`BufReader`], the [`ObjectStore`] interface mirrors the APIs
Expand Down

0 comments on commit 0cb30bb

Please sign in to comment.