Skip to content

Commit

Permalink
v0.3.2
Browse files Browse the repository at this point in the history
  • Loading branch information
mdecimus committed Dec 29, 2023
1 parent f7920dd commit 4633f89
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 12 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
jmap-client 0.3.2
================================
- Bump to `rustls` 0.22.

jmap-client 0.3.0
================================
- JMAP for Sieve Scripts DRAFT-14 support.
Expand Down
7 changes: 4 additions & 3 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[package]
name = "jmap-client"
description = "JMAP client library for Rust"
version = "0.3.1"
version = "0.3.2"
edition = "2021"
authors = [ "Stalwart Labs Ltd. <hello@stalw.art>"]
license = "Apache-2.0 OR MIT"
Expand All @@ -18,7 +18,8 @@ tokio-tungstenite = { version = "0.21", features = ["rustls-tls-webpki-roots"],
tokio = { version = "1.16", default-features = false, features = ["io-util"], optional = true }
futures-util = { version = "0.3", optional = true}
async-stream = { version = "0.3", optional = true}
rustls = { version = "0.21.0", features = ["dangerous_configuration"], optional = true }
rustls = { version = "0.22", optional = true }
rustls-pki-types = { version = "1" }
serde = { version = "1.0", features = ["derive"]}
serde_json = "1.0"
chrono = { version = "0.4", features = ["serde"]}
Expand All @@ -28,7 +29,7 @@ base64 = "0.13"
maybe-async = "0.2"

[features]
default = ["async"]
default = ["async", "websockets"]
async = ["futures-util", "async-stream", "reqwest/stream"]
websockets = ["tokio", "tokio-tungstenite", "rustls"]
blocking = ["reqwest/blocking", "maybe-async/is_sync"]
Expand Down
54 changes: 45 additions & 9 deletions src/client_ws.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ use std::{pin::Pin, sync::Arc};
use ahash::AHashMap;
use futures_util::{stream::SplitSink, SinkExt, Stream, StreamExt};
use rustls::{
client::{ServerCertVerified, ServerCertVerifier},
Certificate, ClientConfig, ServerName,
client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier},
ClientConfig, SignatureScheme,
};
use serde::{Deserialize, Serialize};
use tokio::net::TcpStream;
Expand Down Expand Up @@ -167,20 +167,56 @@ pub struct WsStream {
}

#[doc(hidden)]
#[derive(Debug)]
struct DummyVerifier;

impl ServerCertVerifier for DummyVerifier {
fn verify_server_cert(
&self,
_e: &Certificate,
_i: &[Certificate],
_sn: &ServerName,
_sc: &mut dyn Iterator<Item = &[u8]>,
_o: &[u8],
_n: std::time::SystemTime,
_end_entity: &rustls_pki_types::CertificateDer<'_>,
_intermediates: &[rustls_pki_types::CertificateDer<'_>],
_server_name: &rustls_pki_types::ServerName<'_>,
_ocsp_response: &[u8],
_now: rustls_pki_types::UnixTime,
) -> Result<ServerCertVerified, rustls::Error> {
Ok(ServerCertVerified::assertion())
}

fn verify_tls12_signature(
&self,
_message: &[u8],
_cert: &rustls_pki_types::CertificateDer<'_>,
_dss: &rustls::DigitallySignedStruct,
) -> Result<HandshakeSignatureValid, rustls::Error> {
Ok(HandshakeSignatureValid::assertion())
}

fn verify_tls13_signature(
&self,
_message: &[u8],
_cert: &rustls_pki_types::CertificateDer<'_>,
_dss: &rustls::DigitallySignedStruct,
) -> Result<HandshakeSignatureValid, rustls::Error> {
Ok(HandshakeSignatureValid::assertion())
}

fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
vec![
SignatureScheme::RSA_PKCS1_SHA1,
SignatureScheme::ECDSA_SHA1_Legacy,
SignatureScheme::RSA_PKCS1_SHA256,
SignatureScheme::ECDSA_NISTP256_SHA256,
SignatureScheme::RSA_PKCS1_SHA384,
SignatureScheme::ECDSA_NISTP384_SHA384,
SignatureScheme::RSA_PKCS1_SHA512,
SignatureScheme::ECDSA_NISTP521_SHA512,
SignatureScheme::RSA_PSS_SHA256,
SignatureScheme::RSA_PSS_SHA384,
SignatureScheme::RSA_PSS_SHA512,
SignatureScheme::ED25519,
SignatureScheme::ED448,
]
}
}

impl Client {
Expand All @@ -206,7 +242,7 @@ impl Client {
false,
Connector::Rustls(Arc::new(
ClientConfig::builder()
.with_safe_defaults()
.dangerous()
.with_custom_certificate_verifier(Arc::new(DummyVerifier {}))
.with_no_client_auth(),
))
Expand Down

0 comments on commit 4633f89

Please sign in to comment.