Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing support for reqwest's rustls roots features #228

Open
fspreiss opened this issue Nov 21, 2023 · 0 comments
Open

Missing support for reqwest's rustls roots features #228

fspreiss opened this issue Nov 21, 2023 · 0 comments

Comments

@fspreiss
Copy link

cloudflare's reqwest dependency offers various optional features to control which root certificates are used by reqwest. While some features such as default-tls and rustls-tls have corresponding features in cloudflare's Cargo.toml, the more fine-grained rustls-tls-native-roots (and rustls-tls-webpki-roots) are currently not supported.

This is problematic in projects that want to use Rustls with (only) the native roots and have cloudflare as dependency because the rustls-tls feature actually resolves to rustls-tls-webpki-roots.

Even more so, if a project uses cloudflare as dependency with the rustls-tls feature (which, as mentioned, resolves to rustls-tls-webpki-roots) and itself uses reqwest with the rustls-tls-native-roots feature, reqwest will actually use the root certificates from both sources with Rustls because of how Cargo's feature unification works where the union of all enabled features is used on that dependency when building it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant