magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initialise default TLS crypto provider with aws_lc_rs manually

Browse source 
we use ring for hashing state and ruma, and reqwest/rustls defaults
to aws_lc_rs, so we have to manually pick which one. there doesn't
seem to be a way to just use one for some reason, so lets just use
the new aws_lc_rs.

Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry 2024-08-23 19:29:36 -04:00 committed by Jason Volk
parent dc3d9ebbf1
commit 47ca835c20
5 changed files with 21 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/router/serve/tls.rs
View file

@ -18,6 +18,10 @@ pub(super) async fn serve(
let certs = &tls.certs;
let key = &tls.key;
// we use ring for ruma and hashing state, but aws-lc-rs is the new default.
// without this, TLS mode will panic.
_ = rustls::crypto::aws_lc_rs::default_provider().install_default();
debug!("Using direct TLS. Certificate path {certs} and certificate private key path {key}",);
info!(
"Note: It is strongly recommended that you use a reverse proxy instead of running conduwuit directly with TLS."