diff --git a/Cargo.lock b/Cargo.lock
index 158fa0d4..94d0d92b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -92,15 +92,73 @@ dependencies = [
[[package]]
name = "async-channel"
-version = "1.1.1"
+version = "1.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ee81ba99bee79f3c8ae114ae4baa7eaa326f63447cf2ec65e4393618b63f8770"
+checksum = "59740d83946db6a5af71ae25ddf9562c2b176b2ca42cf99a455f09f4a220d6b9"
dependencies = [
"concurrent-queue",
"event-listener",
"futures-core",
]
+[[package]]
+name = "async-executor"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d373d78ded7d0b3fa8039375718cde0aace493f2e34fb60f51cbf567562ca801"
+dependencies = [
+ "async-task",
+ "concurrent-queue",
+ "fastrand",
+ "futures-lite",
+ "once_cell",
+ "vec-arena",
+]
+
+[[package]]
+name = "async-global-executor"
+version = "1.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "124ac8c265e407641c3362b8f4d39cdb4e243885b71eef087be27199790f5a3a"
+dependencies = [
+ "async-executor",
+ "async-io",
+ "futures-lite",
+ "num_cpus",
+ "once_cell",
+]
+
+[[package]]
+name = "async-io"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38628c78a34f111c5a6b98fc87dfc056cd1590b61afe748b145be4623c56d194"
+dependencies = [
+ "cfg-if",
+ "concurrent-queue",
+ "fastrand",
+ "futures-lite",
+ "libc",
+ "log",
+ "once_cell",
+ "parking",
+ "polling",
+ "socket2",
+ "vec-arena",
+ "waker-fn",
+ "wepoll-sys-stjepang",
+ "winapi 0.3.9",
+]
+
+[[package]]
+name = "async-mutex"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "479db852db25d9dbf6204e6cb6253698f175c15726470f78af0d918e99d6156e"
+dependencies = [
+ "event-listener",
+]
+
[[package]]
name = "async-native-tls"
version = "0.3.3"
@@ -114,18 +172,33 @@ dependencies = [
]
[[package]]
-name = "async-std"
-version = "1.6.2"
+name = "async-rustls"
+version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00d68a33ebc8b57800847d00787307f84a562224a14db069b0acefe4c2abbf5d"
+checksum = "c238bd34d425674d8003b8d674cc04baf74e1b71802f3c62451e3bf86f2858ef"
+dependencies = [
+ "futures-lite",
+ "rustls",
+ "webpki",
+]
+
+[[package]]
+name = "async-std"
+version = "1.6.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a9fa76751505e8df1c7a77762f60486f60c71bbd9b8557f4da6ad47d083732ed"
dependencies = [
"async-attributes",
- "async-task",
+ "async-global-executor",
+ "async-io",
+ "async-mutex",
+ "blocking",
"crossbeam-utils",
"futures-channel",
"futures-core",
"futures-io",
- "futures-timer",
+ "futures-lite",
+ "gloo-timers",
"kv-log-macro",
"log",
"memchr",
@@ -134,15 +207,14 @@ dependencies = [
"pin-project-lite",
"pin-utils",
"slab",
- "smol",
"wasm-bindgen-futures",
]
[[package]]
name = "async-task"
-version = "3.0.0"
+version = "4.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c17772156ef2829aadc587461c7753af20b7e8db1529bc66855add962a3b35d3"
+checksum = "e91831deabf0d6d7ec49552e489aed63b7456a7a3c46cff62adad428110b0af0"
[[package]]
name = "async-trait"
@@ -245,16 +317,16 @@ dependencies = [
[[package]]
name = "blocking"
-version = "0.4.7"
+version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d2468ff7bf85066b4a3678fede6fe66db31846d753ff0adfbfab2c6a6e81612b"
+checksum = "c5e170dbede1f740736619b776d7251cb1b9095c435c34d8ca9f57fcd2f335e9"
dependencies = [
"async-channel",
+ "async-task",
"atomic-waker",
+ "fastrand",
"futures-lite",
"once_cell",
- "parking",
- "waker-fn",
]
[[package]]
@@ -401,9 +473,9 @@ dependencies = [
[[package]]
name = "concurrent-queue"
-version = "1.1.2"
+version = "1.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1582139bb74d97ef232c30bc236646017db06f13ee7cc01fa24c9e55640f86d4"
+checksum = "30ed07550be01594c6026cff2a1d7fe9c8f683caa798e12b68694ac9e88286a3"
dependencies = [
"cache-padded",
]
@@ -687,15 +759,18 @@ dependencies = [
[[package]]
name = "event-listener"
-version = "2.2.1"
+version = "2.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "829694371bd7bbc6aee17c4ff624aad8bf9f4dc06c6f9f6071eaa08c89530d10"
+checksum = "f7531096570974c3a9dcf9e4b8e1cede1ec26cf5046219fb3b9d897503b9be59"
[[package]]
name = "fastrand"
-version = "1.3.3"
+version = "1.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "36a9cb09840f81cd211e435d00a4e487edd263dc3c8ff815c32dd76ad668ebed"
+checksum = "ca5faf057445ce5c9d4329e382b2ce7ca38550ef3b73a5348362d5f24e0c7fe3"
+dependencies = [
+ "instant",
+]
[[package]]
name = "fnv"
@@ -784,9 +859,9 @@ checksum = "de27142b013a8e869c14957e6d2edeef89e97c289e69d042ee3a49acd8b51789"
[[package]]
name = "futures-lite"
-version = "0.1.9"
+version = "1.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8cc8771bd1bb4c7be3c5f072a1d5e18086ef220f100a0a4efece41076e87b9f2"
+checksum = "381a7ad57b1bad34693f63f6f377e1abded7a9c85c9d3eb6771e11c60aaadab9"
dependencies = [
"fastrand",
"futures-core",
@@ -824,16 +899,6 @@ dependencies = [
"once_cell",
]
-[[package]]
-name = "futures-timer"
-version = "3.0.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c"
-dependencies = [
- "gloo-timers",
- "send_wrapper",
-]
-
[[package]]
name = "futures-util"
version = "0.3.5"
@@ -1071,9 +1136,9 @@ dependencies = [
[[package]]
name = "libc"
-version = "0.2.73"
+version = "0.2.79"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bd7d4bd64732af4bf3a67f367c27df8520ad7e230c5817b8ff485864d80242b9"
+checksum = "2448f6066e80e3bfc792e9c98bf705b4b0fc6e8ef5b43e5889aff0eaa9c58743"
[[package]]
name = "libm"
@@ -1345,9 +1410,9 @@ dependencies = [
[[package]]
name = "once_cell"
-version = "1.4.0"
+version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0b631f7e854af39a1739f401cf34a8a013dfe09eac4fa4dba91e9768bd28168d"
+checksum = "260e51e7efe62b592207e9e13a68e43692a7a279171d6ba57abd208bf23645ad"
[[package]]
name = "oorandom"
@@ -1412,9 +1477,9 @@ checksum = "06de47b848347d8c4c94219ad8ecd35eb90231704b067e67e6ae2e36ee023510"
[[package]]
name = "parking"
-version = "1.0.6"
+version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6cb300f271742d4a2a66c01b6b2fa0c83dfebd2e0bf11addb879a3547b4ed87c"
+checksum = "427c3892f9e783d91cc128285287e70a59e206ca452770ece88a76f7a3eddd72"
[[package]]
name = "parking_lot"
@@ -1542,6 +1607,19 @@ dependencies = [
"web-sys",
]
+[[package]]
+name = "polling"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e0720e0b9ea9d52451cf29d3413ba8a9303f8815d9d9653ef70e03ff73e65566"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "log",
+ "wepoll-sys-stjepang",
+ "winapi 0.3.9",
+]
+
[[package]]
name = "ppv-lite86"
version = "0.2.8"
@@ -1730,6 +1808,21 @@ dependencies = [
"winapi 0.3.9",
]
+[[package]]
+name = "ring"
+version = "0.16.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "952cd6b98c85bbc30efa1ba5783b8abf12fec8b3287ffa52605b9432313e34e4"
+dependencies = [
+ "cc",
+ "libc",
+ "once_cell",
+ "spin",
+ "untrusted",
+ "web-sys",
+ "winapi 0.3.9",
+]
+
[[package]]
name = "rsa"
version = "0.3.0"
@@ -1771,6 +1864,19 @@ dependencies = [
"semver",
]
+[[package]]
+name = "rustls"
+version = "0.18.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d1126dcf58e93cee7d098dbda643b5f92ed724f1f6a63007c1116eed6700c81"
+dependencies = [
+ "base64 0.12.3",
+ "log",
+ "ring",
+ "sct",
+ "webpki",
+]
+
[[package]]
name = "ryu"
version = "1.0.5"
@@ -1796,18 +1902,22 @@ dependencies = [
"winapi 0.3.9",
]
-[[package]]
-name = "scoped-tls"
-version = "1.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ea6a9290e3c9cf0f18145ef7ffa62d68ee0bf5fcd651017e586dc7fd5da448c2"
-
[[package]]
name = "scopeguard"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
+[[package]]
+name = "sct"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3042af939fca8c3453b7af0f1c66e533a15a86169e39de2657310ade8f98d3c"
+dependencies = [
+ "ring",
+ "untrusted",
+]
+
[[package]]
name = "security-framework"
version = "0.4.4"
@@ -1847,12 +1957,6 @@ version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
-[[package]]
-name = "send_wrapper"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f638d531eccd6e23b980caf34876660d38e265409d8e99b397ab71eb3612fad0"
-
[[package]]
name = "serde"
version = "1.0.114"
@@ -1960,27 +2064,6 @@ version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3757cb9d89161a2f24e1cf78efa0c1fcff485d18e3f55e0aa3480824ddaa0f3f"
-[[package]]
-name = "smol"
-version = "0.1.18"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "620cbb3c6e34da57d3a248cda0cd01cd5848164dc062e764e65d06fe3ea7aed5"
-dependencies = [
- "async-task",
- "blocking",
- "concurrent-queue",
- "fastrand",
- "futures-io",
- "futures-util",
- "libc",
- "once_cell",
- "scoped-tls",
- "slab",
- "socket2",
- "wepoll-sys-stjepang",
- "winapi 0.3.9",
-]
-
[[package]]
name = "socket2"
version = "0.3.12"
@@ -2108,6 +2191,7 @@ dependencies = [
"regex",
"rsa",
"rust_decimal",
+ "rustls",
"serde",
"serde_json",
"sha-1",
@@ -2120,6 +2204,7 @@ dependencies = [
"time 0.2.16",
"url",
"uuid",
+ "webpki",
"whoami",
]
@@ -2196,11 +2281,13 @@ dependencies = [
"actix-rt",
"actix-threadpool",
"async-native-tls",
+ "async-rustls",
"async-std",
"native-tls",
"once_cell",
"tokio",
"tokio-native-tls",
+ "tokio-rustls",
]
[[package]]
@@ -2566,6 +2653,18 @@ dependencies = [
"tokio",
]
+[[package]]
+name = "tokio-rustls"
+version = "0.14.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e12831b255bcfa39dc0436b01e19fea231a37db570686c06ee72c423479f889a"
+dependencies = [
+ "futures-core",
+ "rustls",
+ "tokio",
+ "webpki",
+]
+
[[package]]
name = "toml"
version = "0.5.6"
@@ -2631,6 +2730,12 @@ version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564"
+[[package]]
+name = "untrusted"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
+
[[package]]
name = "url"
version = "2.1.1"
@@ -2654,6 +2759,12 @@ version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6454029bf181f092ad1b853286f23e2c507d8e8194d01d92da4a55c274a5508c"
+[[package]]
+name = "vec-arena"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eafc1b9b2dfc6f5529177b62cf806484db55b32dc7c9658a118e11bbeb33061d"
+
[[package]]
name = "vec_map"
version = "0.8.2"
@@ -2765,6 +2876,16 @@ dependencies = [
"wasm-bindgen",
]
+[[package]]
+name = "webpki"
+version = "0.21.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ab146130f5f790d45f82aeeb09e55a256573373ec64409fc19a6fb82fb1032ae"
+dependencies = [
+ "ring",
+ "untrusted",
+]
+
[[package]]
name = "wepoll-sys-stjepang"
version = "1.0.6"
diff --git a/Cargo.toml b/Cargo.toml
index 22a062b4..15e57f65 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -64,6 +64,10 @@ runtime-actix-native-tls = [ "sqlx-core/runtime-actix-native-tls", "sqlx-macros/
runtime-async-std-native-tls = [ "sqlx-core/runtime-async-std-native-tls", "sqlx-macros/runtime-async-std-native-tls", "_rt-async-std" ]
runtime-tokio-native-tls = [ "sqlx-core/runtime-tokio-native-tls", "sqlx-macros/runtime-tokio-native-tls", "_rt-tokio" ]
+runtime-actix-rustls = [ "sqlx-core/runtime-actix-rustls", "sqlx-macros/runtime-actix-rustls", "_rt-actix" ]
+runtime-async-std-rustls = [ "sqlx-core/runtime-async-std-rustls", "sqlx-macros/runtime-async-std-rustls", "_rt-async-std" ]
+runtime-tokio-rustls = [ "sqlx-core/runtime-tokio-rustls", "sqlx-macros/runtime-tokio-rustls", "_rt-tokio" ]
+
# for conditional compilation
_rt-actix = []
_rt-async-std = []
diff --git a/README.md b/README.md
index 8d903017..2de95386 100644
--- a/README.md
+++ b/README.md
@@ -66,7 +66,7 @@ SQLx is an async, pure Rust† SQL crate featuring compile-time check
- **Pure Rust**. The Postgres and MySQL/MariaDB drivers are written in pure Rust using **zero** unsafe†† code.
-- **Runtime Agnostic**. Works on different runtimes ([async-std](https://crates.io/crates/async-std) / [tokio](https://crates.io/crates/tokio) / [actix](https://crates.io/crates/actix-rt)).
+* **Runtime Agnostic**. Works on different runtimes ([async-std](https://crates.io/crates/async-std) / [tokio](https://crates.io/crates/tokio) / [actix](https://crates.io/crates/actix-rt)) and TLS backends ([native-tls](https://crates.io/crates/native-tls), [rustls](https://crates.io/crates/rustls)).
† The SQLite driver uses the libsqlite3 C library as SQLite is an embedded database (the only way
we could be pure Rust for SQLite is by porting _all_ of SQLite to Rust).
@@ -109,12 +109,14 @@ SQLx is compatible with the [`async-std`], [`tokio`] and [`actix`] runtimes.
[`tokio`]: https://github.com/tokio-rs/tokio
[`actix`]: https://github.com/actix/actix-net
-By default, you get `async-std`. If you want a different runtime or TLS backend, just disable the default features and activate the corresponding feature, for example for tokio:
+You can also select between [`native-tls`] and [`rustls`] for the TLS backend.
+
+By default, you get `async-std` + `native-tls`. If you want a different runtime or TLS backend, just disable the default features and activate the corresponding feature, for example for tokio + rustls:
```toml
# Cargo.toml
[dependencies]
-sqlx = { version = "0.4.0-beta.1", default-features = false, features = [ "runtime-tokio-native-tls", "macros" ] }
+sqlx = { version = "0.4.0-beta.1", default-features = false, features = [ "runtime-tokio-rustls", "macros" ] }
```
The runtime and TLS backend not being separate feature sets to select is a workaround for a [Cargo issue](https://github.com/rust-lang/cargo/issues/3494).
@@ -133,11 +135,17 @@ sqlx = { version = "0.4.0-beta.1", default-features = false, features = [ "runti
- `runtime-tokio-native-tls`: Use the `tokio` runtime and `native-tls` TLS backend.
+- `runtime-async-std-rustls`: Use the `async-std` runtime and `rustls` TLS backend.
+
+- `runtime-tokio-native-tls`: Use the `tokio` runtime and `native-tls` TLS backend.
+
+- `runtime-tokio-rustls`: Use the `tokio` runtime and `rustls` TLS backend.
+
- `runtime-actix-native-tls`: Use the `actix` runtime and `native-tls` TLS backend.
-- `postgres`: Add support for the Postgres database server.
+- `runtime-actix-rustls`: Use the `actix` runtime and `rustls` TLS backend.
-- `mysql`: Add support for the MySQL (and MariaDB) database server.
+- `postgres`: Add support for the Postgres database server.
- `mssql`: Add support for the MSSQL database server.
diff --git a/sqlx-bench/Cargo.toml b/sqlx-bench/Cargo.toml
index ea945a11..9e3f1233 100644
--- a/sqlx-bench/Cargo.toml
+++ b/sqlx-bench/Cargo.toml
@@ -10,6 +10,10 @@ runtime-actix-native-tls = [ "sqlx/runtime-actix-native-tls", "sqlx-rt/runtime-a
runtime-async-std-native-tls = [ "sqlx/runtime-async-std-native-tls", "sqlx-rt/runtime-async-std-native-tls" ]
runtime-tokio-native-tls = [ "sqlx/runtime-tokio-native-tls", "sqlx-rt/runtime-tokio-native-tls" ]
+runtime-actix-rustls = [ "sqlx/runtime-actix-rustls", "sqlx-rt/runtime-actix-rustls" ]
+runtime-async-std-rustls = [ "sqlx/runtime-async-std-rustls", "sqlx-rt/runtime-async-std-rustls" ]
+runtime-tokio-rustls = [ "sqlx/runtime-tokio-rustls", "sqlx-rt/runtime-tokio-rustls" ]
+
postgres = ["sqlx/postgres"]
[dependencies]
diff --git a/sqlx-bench/README.md b/sqlx-bench/README.md
index c769eb5b..ca219336 100644
--- a/sqlx-bench/README.md
+++ b/sqlx-bench/README.md
@@ -24,7 +24,7 @@ You must choose a runtime to execute the benchmarks on; the feature flags are th
```bash
cargo bench --features runtime-tokio-native-tls
-cargo bench --features runtime-async-std-native-tls
+cargo bench --features runtime-async-std-rustls
```
When complete, the benchmark results will be in `target/criterion/`.
diff --git a/sqlx-core/Cargo.toml b/sqlx-core/Cargo.toml
index bb36ccef..80f4994c 100644
--- a/sqlx-core/Cargo.toml
+++ b/sqlx-core/Cargo.toml
@@ -38,11 +38,16 @@ runtime-actix-native-tls = [ "sqlx-rt/runtime-actix-native-tls", "_tls-native-tl
runtime-async-std-native-tls = [ "sqlx-rt/runtime-async-std-native-tls", "_tls-native-tls", "_rt-async-std" ]
runtime-tokio-native-tls = [ "sqlx-rt/runtime-tokio-native-tls", "_tls-native-tls", "_rt-tokio" ]
+runtime-actix-rustls = [ "sqlx-rt/runtime-actix-rustls", "_tls-rustls", "_rt-actix" ]
+runtime-async-std-rustls = [ "sqlx-rt/runtime-async-std-rustls", "_tls-rustls", "_rt-async-std" ]
+runtime-tokio-rustls = [ "sqlx-rt/runtime-tokio-rustls", "_tls-rustls", "_rt-tokio" ]
+
# for conditional compilation
_rt-actix = []
_rt-async-std = []
_rt-tokio = []
_tls-native-tls = []
+_tls-rustls = [ "rustls", "webpki" ]
# support offline/decoupled building (enables serialization of `Describe`)
offline = [ "serde", "either/serde" ]
@@ -86,6 +91,7 @@ parking_lot = "0.11.0"
rand = { version = "0.7.3", default-features = false, optional = true, features = [ "std" ] }
regex = { version = "1.3.9", optional = true }
rsa = { version = "0.3.0", optional = true }
+rustls = { version = "0.18.1", optional = true }
serde = { version = "1.0.106", features = [ "derive", "rc" ], optional = true }
serde_json = { version = "1.0.51", features = [ "raw_value" ], optional = true }
sha-1 = { version = "0.9.0", default-features = false, optional = true }
@@ -96,6 +102,7 @@ time = { version = "0.2.16", optional = true }
smallvec = "1.4.0"
url = { version = "2.1.1", default-features = false }
uuid = { version = "0.8.1", default-features = false, optional = true, features = [ "std" ] }
+webpki = { version = "0.21.3", optional = true }
whoami = "0.9.0"
stringprep = "0.1.2"
lru-cache = "0.1.2"
diff --git a/sqlx-core/src/error.rs b/sqlx-core/src/error.rs
index 0cab5a2f..238681fa 100644
--- a/sqlx-core/src/error.rs
+++ b/sqlx-core/src/error.rs
@@ -242,6 +242,14 @@ impl From for Error {
}
}
+#[cfg(feature = "_tls-rustls")]
+impl From for Error {
+ #[inline]
+ fn from(error: webpki::InvalidDNSNameError) -> Self {
+ Error::Tls(Box::new(error))
+ }
+}
+
// Format an error message as a `Protocol` error
macro_rules! err_protocol {
($expr:expr) => {
diff --git a/sqlx-core/src/net/tls.rs b/sqlx-core/src/net/tls.rs
index 69041b46..f3e0806b 100644
--- a/sqlx-core/src/net/tls.rs
+++ b/sqlx-core/src/net/tls.rs
@@ -6,11 +6,7 @@ use std::path::Path;
use std::pin::Pin;
use std::task::{Context, Poll};
-use sqlx_rt::{
- fs,
- native_tls::{Certificate, TlsConnector},
- AsyncRead, AsyncWrite, TlsStream,
-};
+use sqlx_rt::{fs, AsyncRead, AsyncWrite, TlsStream};
use crate::error::Error;
use std::mem::replace;
@@ -40,25 +36,12 @@ where
accept_invalid_hostnames: bool,
root_cert_path: Option<&Path>,
) -> Result<(), Error> {
- let mut builder = TlsConnector::builder();
- builder
- .danger_accept_invalid_certs(accept_invalid_certs)
- .danger_accept_invalid_hostnames(accept_invalid_hostnames);
-
- if !accept_invalid_certs {
- if let Some(ca) = root_cert_path {
- let data = fs::read(ca).await?;
- let cert = Certificate::from_pem(&data)?;
-
- builder.add_root_certificate(cert);
- }
- }
-
- #[cfg(not(feature = "_rt-async-std"))]
- let connector = sqlx_rt::TlsConnector::from(builder.build()?);
-
- #[cfg(feature = "_rt-async-std")]
- let connector = sqlx_rt::TlsConnector::from(builder);
+ let connector = configure_tls_connector(
+ accept_invalid_certs,
+ accept_invalid_hostnames,
+ root_cert_path,
+ )
+ .await?;
let stream = match replace(self, MaybeTlsStream::Upgrading) {
MaybeTlsStream::Raw(stream) => stream,
@@ -75,12 +58,71 @@ where
}
};
+ #[cfg(feature = "_tls-rustls")]
+ let host = webpki::DNSNameRef::try_from_ascii_str(host)?;
+
*self = MaybeTlsStream::Tls(connector.connect(host, stream).await?);
Ok(())
}
}
+#[cfg(feature = "_tls-native-tls")]
+async fn configure_tls_connector(
+ accept_invalid_certs: bool,
+ accept_invalid_hostnames: bool,
+ root_cert_path: Option<&Path>,
+) -> Result {
+ use sqlx_rt::native_tls::{Certificate, TlsConnector};
+
+ let mut builder = TlsConnector::builder();
+ builder
+ .danger_accept_invalid_certs(accept_invalid_certs)
+ .danger_accept_invalid_hostnames(accept_invalid_hostnames);
+
+ if !accept_invalid_certs {
+ if let Some(ca) = root_cert_path {
+ let data = fs::read(ca).await?;
+ let cert = Certificate::from_pem(&data)?;
+
+ builder.add_root_certificate(cert);
+ }
+ }
+
+ #[cfg(not(feature = "_rt-async-std"))]
+ let connector = builder.build()?.into();
+
+ #[cfg(feature = "_rt-async-std")]
+ let connector = builder.into();
+
+ Ok(connector)
+}
+
+#[cfg(feature = "_tls-rustls")]
+async fn configure_tls_connector(
+ _accept_invalid_certs: bool,
+ _accept_invalid_hostnames: bool,
+ root_cert_path: Option<&Path>,
+) -> Result {
+ // FIXME: Support accept_invalid_certs / accept_invalid_hostnames
+
+ use rustls::ClientConfig;
+ use std::io::Cursor;
+ use std::sync::Arc;
+
+ let mut config = ClientConfig::new();
+
+ if let Some(ca) = root_cert_path {
+ let data = fs::read(ca).await?;
+ let mut cursor = Cursor::new(data);
+ config.root_store.add_pem_file(&mut cursor).map_err(|_| {
+ Error::Tls(format!("Invalid certificate file: {}", ca.display()).into())
+ })?;
+ }
+
+ Ok(Arc::new(config).into())
+}
+
impl AsyncRead for MaybeTlsStream
where
S: Unpin + AsyncWrite + AsyncRead,
@@ -192,12 +234,15 @@ where
match self {
MaybeTlsStream::Raw(s) => s,
- #[cfg(not(feature = "_rt-async-std"))]
- MaybeTlsStream::Tls(s) => s.get_ref().get_ref().get_ref(),
+ #[cfg(feature = "_tls-rustls")]
+ MaybeTlsStream::Tls(s) => s.get_ref().0,
- #[cfg(feature = "_rt-async-std")]
+ #[cfg(all(feature = "_rt-async-std", feature = "_tls-native-tls"))]
MaybeTlsStream::Tls(s) => s.get_ref(),
+ #[cfg(all(not(feature = "_rt-async-std"), feature = "_tls-native-tls"))]
+ MaybeTlsStream::Tls(s) => s.get_ref().get_ref().get_ref(),
+
MaybeTlsStream::Upgrading => panic!(io::Error::from(io::ErrorKind::ConnectionAborted)),
}
}
@@ -211,12 +256,15 @@ where
match self {
MaybeTlsStream::Raw(s) => s,
- #[cfg(not(feature = "_rt-async-std"))]
- MaybeTlsStream::Tls(s) => s.get_mut().get_mut().get_mut(),
+ #[cfg(feature = "_tls-rustls")]
+ MaybeTlsStream::Tls(s) => s.get_mut().0,
- #[cfg(feature = "_rt-async-std")]
+ #[cfg(all(feature = "_rt-async-std", feature = "_tls-native-tls"))]
MaybeTlsStream::Tls(s) => s.get_mut(),
+ #[cfg(all(not(feature = "_rt-async-std"), feature = "_tls-native-tls"))]
+ MaybeTlsStream::Tls(s) => s.get_mut().get_mut().get_mut(),
+
MaybeTlsStream::Upgrading => panic!(io::Error::from(io::ErrorKind::ConnectionAborted)),
}
}
diff --git a/sqlx-macros/Cargo.toml b/sqlx-macros/Cargo.toml
index e2578bf8..e713eac1 100644
--- a/sqlx-macros/Cargo.toml
+++ b/sqlx-macros/Cargo.toml
@@ -24,6 +24,10 @@ runtime-actix-native-tls = [ "sqlx-core/runtime-actix-native-tls", "sqlx-rt/runt
runtime-async-std-native-tls = [ "sqlx-core/runtime-async-std-native-tls", "sqlx-rt/runtime-async-std-native-tls", "_rt-async-std" ]
runtime-tokio-native-tls = [ "sqlx-core/runtime-tokio-native-tls", "sqlx-rt/runtime-tokio-native-tls", "_rt-tokio" ]
+runtime-actix-rustls = [ "sqlx-core/runtime-actix-rustls", "sqlx-rt/runtime-actix-rustls", "_rt-actix" ]
+runtime-async-std-rustls = [ "sqlx-core/runtime-async-std-rustls", "sqlx-rt/runtime-async-std-rustls", "_rt-async-std" ]
+runtime-tokio-rustls = [ "sqlx-core/runtime-tokio-rustls", "sqlx-rt/runtime-tokio-rustls", "_rt-tokio" ]
+
# for conditional compilation
_rt-actix = []
_rt-async-std = []
diff --git a/sqlx-rt/Cargo.toml b/sqlx-rt/Cargo.toml
index caddcd85..34bfa1e8 100644
--- a/sqlx-rt/Cargo.toml
+++ b/sqlx-rt/Cargo.toml
@@ -15,18 +15,25 @@ runtime-actix-native-tls = [ "_rt-actix", "_tls-native-tls", "tokio-native-tls"
runtime-async-std-native-tls = [ "_rt-async-std", "_tls-native-tls", "async-native-tls" ]
runtime-tokio-native-tls = [ "_rt-tokio", "_tls-native-tls", "tokio-native-tls" ]
+runtime-actix-rustls = [ "_rt-actix", "_tls-rustls", "tokio-rustls" ]
+runtime-async-std-rustls = [ "_rt-async-std", "_tls-rustls", "async-rustls" ]
+runtime-tokio-rustls = [ "_rt-tokio", "_tls-rustls", "tokio-rustls" ]
+
# Not used directly and not re-exported from sqlx
_rt-actix = [ "actix-rt", "actix-threadpool", "tokio", "once_cell" ]
_rt-async-std = [ "async-std" ]
_rt-tokio = [ "tokio", "once_cell" ]
_tls-native-tls = [ "native-tls" ]
+_tls-rustls = [ ]
[dependencies]
async-native-tls = { version = "0.3.3", optional = true }
+async-rustls = { version = "0.1.1", optional = true }
actix-rt = { version = "1.1.1", optional = true }
actix-threadpool = { version = "0.3.2", optional = true }
-async-std = { version = "1.6.0", features = [ "unstable" ], optional = true }
+async-std = { version = "1.6.5", features = [ "unstable" ], optional = true }
tokio = { version = "0.2.21", optional = true, features = [ "blocking", "stream", "fs", "tcp", "uds", "macros", "rt-core", "rt-threaded", "time", "dns", "io-util" ] }
tokio-native-tls = { version = "0.1.0", optional = true }
+tokio-rustls = { version = "0.14.0", optional = true }
native-tls = { version = "0.2.4", optional = true }
once_cell = { version = "1.4", features = ["std"], optional = true }
diff --git a/sqlx-rt/src/lib.rs b/sqlx-rt/src/lib.rs
index 961356ee..75974abd 100644
--- a/sqlx-rt/src/lib.rs
+++ b/sqlx-rt/src/lib.rs
@@ -2,20 +2,26 @@
feature = "runtime-actix-native-tls",
feature = "runtime-async-std-native-tls",
feature = "runtime-tokio-native-tls",
+ feature = "runtime-actix-rustls",
+ feature = "runtime-async-std-rustls",
+ feature = "runtime-tokio-rustls",
)))]
compile_error!(
"one of the features ['runtime-actix-native-tls', 'runtime-async-std-native-tls', \
- 'runtime-tokio-native-tls'] must be enabled"
+ 'runtime-tokio-native-tls', 'runtime-actix-rustls', 'runtime-async-std-rustls', \
+ 'runtime-tokio-rustls'] must be enabled"
);
#[cfg(any(
all(feature = "_rt-actix", feature = "_rt-async-std"),
all(feature = "_rt-actix", feature = "_rt-tokio"),
all(feature = "_rt-async-std", feature = "_rt-tokio"),
+ all(feature = "_tls-native-tls", feature = "_tls-rustls"),
))]
compile_error!(
"only one of ['runtime-actix-native-tls', 'runtime-async-std-native-tls', \
- 'runtime-tokio-native-tls'] can be enabled"
+ 'runtime-tokio-native-tls', 'runtime-actix-rustls', 'runtime-async-std-rustls', \
+ 'runtime-tokio-rustls'] can be enabled"
);
#[cfg(all(feature = "_tls-native-tls"))]
@@ -78,10 +84,17 @@ mod tokio_runtime {
#[cfg(all(
feature = "_tls-native-tls",
any(feature = "_rt-tokio", feature = "_rt-actix"),
- not(feature = "_rt-async-std"),
+ not(any(feature = "_tls-rustls", feature = "_rt-async-std")),
))]
pub use tokio_native_tls::{TlsConnector, TlsStream};
+#[cfg(all(
+ feature = "_tls-rustls",
+ any(feature = "_rt-tokio", feature = "_rt-actix"),
+ not(any(feature = "_tls-native-tls", feature = "_rt-async-std")),
+))]
+pub use tokio_rustls::{client::TlsStream, TlsConnector};
+
//
// tokio
//
@@ -170,3 +183,14 @@ where
#[cfg(all(feature = "async-native-tls", not(feature = "tokio-native-tls")))]
pub use async_native_tls::{TlsConnector, TlsStream};
+
+#[cfg(all(
+ feature = "_tls-rustls",
+ feature = "_rt-async-std",
+ not(any(
+ feature = "_tls-native-tls",
+ feature = "_rt-tokio",
+ feature = "_rt-actix"
+ )),
+))]
+pub use async_rustls::{client::TlsStream, TlsConnector};
diff --git a/src/lib.rs b/src/lib.rs
index 08084356..e2a404b0 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -7,8 +7,8 @@
))]
compile_error!(
"the features 'runtime-actix', 'runtime-async-std' and 'runtime-tokio' have been removed in
- favor of new features 'runtime-{rt}-{tls}' where rt is one of 'actix', 'async-std' and
- 'tokio'."
+ favor of new features 'runtime-{rt}-{tls}' where rt is one of 'actix', 'async-std' and 'tokio'
+ and 'tls' is one of 'native-tls' and 'rustls'."
);
pub use sqlx_core::acquire::Acquire;