Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

hyper-rustls: add ring Rustls backend & use it by default #140

Merged
merged 6 commits into from
Sep 4, 2024
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ env:
RUSTFLAGS: -Dwarnings
RUSTDOCFLAGS: -Dwarnings
RUST_BACKTRACE: 1
MSRV: 1.67.0
MSRV: 1.70.0

jobs:
build:
Expand All @@ -32,9 +32,6 @@ jobs:
- run: rustup toolchain install ${{ env.MSRV }} --profile minimal
- run: rustup override set ${{ env.MSRV }}
- run: rustup show active-toolchain -v
# cargo from toolchain v1.67 doesn't choose versions based on MSRV,
# so we downgrade tokio because since v1.39 it requires rustc >=1.70.
- run: cargo update -p tokio --precise 1.38.1
- run: cargo build
- run: cargo build --no-default-features
- run: cargo build --features uuid,time
Expand All @@ -60,6 +57,7 @@ jobs:
- run: cargo clippy --all-targets --no-default-features
- run: cargo build --all-targets --features native-tls
- run: cargo build --all-targets --features rustls-tls
- run: cargo build --all-targets --features rustls-tls-aws
- run: cargo clippy --all-targets --all-features

test:
Expand Down
19 changes: 15 additions & 4 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,8 @@ homepage = "https://clickhouse.com"
license = "MIT OR Apache-2.0"
readme = "README.md"
edition = "2021"
rust-version = "1.67.0" # update `derive/Cargo.toml` and CI if changed
# update `derive/Cargo.toml` and CI if changed
rust-version = "1.70.0"

[lints.rust]
rust_2018_idioms = { level = "warn", priority = -1 }
Expand Down Expand Up @@ -57,7 +58,8 @@ uuid = ["dep:uuid"]
time = ["dep:time"]
lz4 = ["dep:lz4_flex", "dep:cityhash-rs"]
native-tls = ["dep:hyper-tls"]
rustls-tls = ["dep:hyper-rustls"]
rustls-tls = ["dep:hyper-rustls", "dep:rustls", "hyper-rustls?/ring"]
rustls-tls-aws = ["dep:hyper-rustls", "dep:rustls", "hyper-rustls?/aws-lc-rs"]

[dependencies]
clickhouse-derive = { version = "0.2.0", path = "derive" }
Expand All @@ -70,15 +72,24 @@ http-body-util = "0.1.2"
hyper = "1.4"
hyper-util = { version = "0.1.6", features = ["client-legacy", "http1"] }
hyper-tls = { version = "0.6.0", optional = true }
hyper-rustls = { version = "0.27.2", features = ["webpki-roots"], optional = true }
rustls = { version = "0.23", default-features = false, optional = true }
hyper-rustls = { version = "0.27.2", default-features = false, features = [
"http1",
"http2",
loyd marked this conversation as resolved.
Show resolved Hide resolved
"native-tokio",
loyd marked this conversation as resolved.
Show resolved Hide resolved
"tls12",
"webpki-roots",
], optional = true }
url = "2.1.1"
futures = "0.3.5"
futures-channel = "0.3.30"
static_assertions = "1.1"
sealed = "0.5"
sha-1 = { version = "0.10", optional = true }
serde_json = { version = "1.0.68", optional = true }
lz4_flex = { version = "0.11.3", default-features = false, features = ["std"], optional = true }
lz4_flex = { version = "0.11.3", default-features = false, features = [
"std",
], optional = true }
cityhash-rs = { version = "=1.0.1", optional = true } # exact version for safety
uuid = { version = "1", optional = true }
time = { version = "0.3", optional = true }
Expand Down
3 changes: 2 additions & 1 deletion derive/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,8 @@ repository = "https://github.com/ClickHouse/clickhouse-rs"
homepage = "https://clickhouse.com"
edition = "2021"
license = "MIT OR Apache-2.0"
rust-version = "1.67.0" # update `Cargo.toml` and CI if changed
# update `Cargo.toml` and CI if changed
rust-version = "1.70.0"
serprex marked this conversation as resolved.
Show resolved Hide resolved

[lib]
proc-macro = true
Expand Down
35 changes: 28 additions & 7 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,19 @@ const TCP_KEEPALIVE: Duration = Duration::from_secs(60);
// See https://github.com/ClickHouse/ClickHouse/blob/368cb74b4d222dc5472a7f2177f6bb154ebae07a/programs/server/config.xml#L201
const POOL_IDLE_TIMEOUT: Duration = Duration::from_secs(2);

#[cfg(any(feature = "rustls-tls", feature = "rustls-tls-aws"))]
fn prepare_hyper_rustls_client(
connector: HttpConnector,
provider: impl Into<Arc<rustls::crypto::CryptoProvider>>,
) -> hyper_rustls::HttpsConnector<HttpConnector> {
hyper_rustls::HttpsConnectorBuilder::new()
.with_provider_and_webpki_roots(provider)
.unwrap()
.https_or_http()
.enable_http1()
.wrap_connector(connector)
}

/// A client containing HTTP pool.
#[derive(Clone)]
pub struct Client {
Expand All @@ -70,18 +83,26 @@ impl Default for Client {
// TODO: make configurable in `Client::builder()`.
connector.set_keepalive(Some(TCP_KEEPALIVE));

#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(
feature = "native-tls",
feature = "rustls-tls",
feature = "rustls-tls-aws"
))]
connector.enforce_http(false);

#[cfg(all(feature = "native-tls", not(feature = "rustls-tls")))]
#[cfg(all(
feature = "native-tls",
not(feature = "rustls-tls"),
not(feature = "rustls-tls-aws")
))]
let connector = hyper_tls::HttpsConnector::new_with_connector(connector);

#[cfg(feature = "rustls-tls")]
let connector = hyper_rustls::HttpsConnectorBuilder::new()
.with_webpki_roots()
.https_or_http()
.enable_http1()
.wrap_connector(connector);
let connector =
prepare_hyper_rustls_client(connector, rustls::crypto::ring::default_provider());
#[cfg(feature = "rustls-tls-aws")]
let connector =
prepare_hyper_rustls_client(connector, rustls::crypto::aws_lc_rs::default_provider());

let client = HyperClient::builder(TokioExecutor::new())
.pool_idle_timeout(POOL_IDLE_TIMEOUT)
Expand Down
Loading