Description
Hello there! After the Rustup team's recent attempt to migrate to rustls-platform-verifier (rust-lang/rustup#3903) we have noticed a CI regression as follows:
error: could not download file from 'https://static.rust-lang.org/rustup/release-stable.toml' to '/tmp/rustup-update68roIr/release-stable.toml': failed to make network request: error sending request for url (https://static.rust-lang.org/rustup/release-stable.toml): client error (Connect): received fatal alert: DecodeError
I'm not sure what this
DecodeErroris. Could it beX.509-related?
rust-lang/rustup#3908 (comment)
Interestingly enough, before the migration we have used reqwest's integration of rustls-native-certs v0.7.0 and it didn't fail:
Before (d85502ca):
> cargo tree -i webpki-roots --target=x86_64-unknown-freebsd error: package ID specification `webpki-roots` did not match any packages > cargo tree -i rustls-native-certs --target=x86_64-unknown-freebsd rustls-native-certs v0.7.0 └── reqwest v0.12.4 └── download v1.27.1 └── rustup v1.27.1After (f48df22e):
> cargo tree -i webpki-roots --target=x86_64-unknown-freebsd warning: nothing to print. > cargo tree -i rustls-native-certs --target=x86_64-unknown-freebsd rustls-native-certs v0.7.0 └── rustls-platform-verifier v0.3.1 └── download v1.27.1 └── rustup v1.27.1
rust-lang/rustup#3908 (comment)
Comparing the usage of rustls_native_certs::load_native_certs in reqwest and rustls-platform-verifier, I have noticed that here this function is under a guard that is disabled on FreeBSD (rust-lang/rustup#3908 (comment)):
rustls-platform-verifier/rustls-platform-verifier/src/verification/others.rs
Lines 118 to 119 in 2b3bfbe
Could this be a mistake of some sort? Does it have something to do with the snippet below?
rustls-platform-verifier/rustls-platform-verifier/Cargo.toml
Lines 51 to 53 in 2b3bfbe
Many thanks in advance!