backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-16 15:21:24 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix serving tls by setting rustls default crypto provider

Browse source 
The rustls version bump in c24f79b79b
introduced a panic when serving listeners with 'tls = true':

> thread 'main' panicked at /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-vendor-cargo-deps/c19b7c6f923b580ac259164a89f2577984ad5ab09ee9d583b888f934adbbe8d0/rustls-0.23.13/src/crypto/mod.rs:265:14:
> no process-level CryptoProvider available -- call CryptoProvider::install_default() before this point

This commit fixes this by setting the default provider to ring. I chose
ring (the old rustls default) over aws-lc-rs (the new default) for a few
reasons:

 - Judging by github issues, aws-lc-rs seems to have a lot of build problems.
   We don't need more of that.
 - The "motivation" section in the aws-lc-rs docs only talks about FIPS,
   which we do not care about.
 - My past experience with things that start with "aws-" has been very
   negative.
This commit is contained in:
Benjamin Lee 2024-09-23 23:33:29 -07:00
parent 084d862e51
commit e2318cad8a
No known key found for this signature in database
GPG key ID: FB9624E2885D55A4
3 changed files with 8 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Cargo.toml
View file

@ -90,7 +90,7 @@ argon2 = "0.5.3"
async-trait = "0.1.82"
axum = { version = "0.7.6", default-features = false, features = ["form", "http1", "http2", "json", "matched-path", "tracing"] }
axum-extra = { version = "0.9.4", features = ["typed-header"] }
axum-server = { version = "0.7.1", features = ["tls-rustls"] }
axum-server = { version = "0.7.1", features = ["tls-rustls-no-provider"] }
base64 = "0.22.1"
bytes = "1.7.2"
clap = { version = "4.5.18", default-features = false, features = ["std", "derive", "help", "usage", "error-context", "string", "wrap_help"] }
@ -121,6 +121,7 @@ ring = "0.17.8"
rocksdb = { package = "rust-rocksdb", version = "0.26.0", features = ["lz4", "multi-threaded-cf", "zstd"], optional = true }
ruma = { git = "https://github.com/ruma/ruma", branch = "main", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "server-util", "state-res", "unstable-msc2448", "unstable-msc3575", "unstable-exhaustive-types", "ring-compat", "unstable-unspecified" ] }
rusqlite = { version = "0.32.1", optional = true, features = ["bundled"] }
rustls = { version = "0.23.13", default-features = false, features = ["ring", "log", "logging", "std", "tls12"] }
sd-notify = { version = "0.4.2", optional = true }
serde = { version = "1.0.210", features = ["rc"] }
serde_html_form = "0.2.6"