net/quinn: Fix panic due to unset default crypto provider

Fix CI failure that we see after the upgrade of rustls from
0.23.13 to 0.23.15.

Related docs/PR
https://docs.rs/rustls/latest/rustls/crypto/struct.CryptoProvider.html#using-the-per-process-default-cryptoprovider
https://github.com/quinn-rs/quinn/pull/1882

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/1865>
This commit is contained in:
Sanchayan Maity 2024-10-21 14:47:52 +05:30 committed by GStreamer Marge Bot
parent 0e3d019e24
commit d6e7031799

View file

@ -155,11 +155,11 @@ pub fn make_socket_addr(addr: &str) -> Result<SocketAddr, WaitError> {
* Following functions are taken from Quinn documentation/repository * Following functions are taken from Quinn documentation/repository
*/ */
#[derive(Debug)] #[derive(Debug)]
struct SkipServerVerification; struct SkipServerVerification(Arc<rustls::crypto::CryptoProvider>);
impl SkipServerVerification { impl SkipServerVerification {
pub fn new() -> Arc<Self> { pub fn new() -> Arc<Self> {
Arc::new(Self) Arc::new(Self(Arc::new(rustls::crypto::ring::default_provider())))
} }
} }
@ -177,38 +177,34 @@ impl rustls::client::danger::ServerCertVerifier for SkipServerVerification {
fn verify_tls12_signature( fn verify_tls12_signature(
&self, &self,
_: &[u8], message: &[u8],
_: &rustls_pki_types::CertificateDer<'_>, cert: &rustls_pki_types::CertificateDer<'_>,
_: &rustls::DigitallySignedStruct, dss: &rustls::DigitallySignedStruct,
) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> { ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
Ok(rustls::client::danger::HandshakeSignatureValid::assertion()) rustls::crypto::verify_tls12_signature(
message,
cert,
dss,
&self.0.signature_verification_algorithms,
)
} }
fn verify_tls13_signature( fn verify_tls13_signature(
&self, &self,
_: &[u8], message: &[u8],
_: &rustls_pki_types::CertificateDer<'_>, cert: &rustls_pki_types::CertificateDer<'_>,
_: &rustls::DigitallySignedStruct, dss: &rustls::DigitallySignedStruct,
) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> { ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
Ok(rustls::client::danger::HandshakeSignatureValid::assertion()) rustls::crypto::verify_tls13_signature(
message,
cert,
dss,
&self.0.signature_verification_algorithms,
)
} }
fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> { fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> {
vec![ self.0.signature_verification_algorithms.supported_schemes()
rustls::SignatureScheme::RSA_PKCS1_SHA1,
rustls::SignatureScheme::ECDSA_SHA1_Legacy,
rustls::SignatureScheme::RSA_PKCS1_SHA256,
rustls::SignatureScheme::ECDSA_NISTP256_SHA256,
rustls::SignatureScheme::RSA_PKCS1_SHA384,
rustls::SignatureScheme::ECDSA_NISTP384_SHA384,
rustls::SignatureScheme::RSA_PKCS1_SHA512,
rustls::SignatureScheme::ECDSA_NISTP521_SHA512,
rustls::SignatureScheme::RSA_PSS_SHA256,
rustls::SignatureScheme::RSA_PSS_SHA384,
rustls::SignatureScheme::RSA_PSS_SHA512,
rustls::SignatureScheme::ED25519,
rustls::SignatureScheme::ED448,
]
} }
} }