Merge pull request #227 from influxdata/dependabot/cargo/rustls-0.22

chore(deps): update rustls requirement from 0.21 to 0.22

Cargo.toml

@@ -31,11 +31,11 @@ lz4 = { version = "1.23", optional = true }
 parking_lot = "0.12"
 pin-project-lite = "0.2"
 rand = "0.8"
-rustls = { version = "0.21", optional = true }
+rustls = { version = "0.22", optional = true }
 snap = { version = "1", optional = true }
 thiserror = "1.0"
 tokio = { version = "1.19", default-features = false, features = ["io-util", "net", "rt", "sync", "time", "macros"] }
-tokio-rustls = { version = "0.24", optional = true }
+tokio-rustls = { version = "0.25", optional = true }
 tracing = "0.1"
 zstd = { version = "0.13", optional = true }
 

src/connection/transport.rs

@@ -35,7 +35,7 @@ pub enum Error {
 
     #[cfg(feature = "transport-tls")]
     #[error("Invalid Hostname: {0}")]
-    BadHostname(#[from] rustls::client::InvalidDnsNameError),
+    BadHostname(#[from] rustls::pki_types::InvalidDnsNameError),
 
     #[cfg(feature = "transport-socks5")]
     #[error("Cannot establish SOCKS5 connection: {0}")]
@@ -169,8 +169,9 @@ impl Transport {
                 let host = broker
                     .split(':')
                     .next()
-                    .ok_or_else(|| Error::InvalidHostPort(broker.to_owned()))?;
-                let server_name = rustls::ServerName::try_from(host)?;
+                    .ok_or_else(|| Error::InvalidHostPort(broker.to_owned()))?
+                    .to_owned();
+                let server_name = rustls::pki_types::ServerName::try_from(host)?;
 
                 let connector = TlsConnector::from(config);
                 let tls_stream = connector.connect(server_name, tcp_stream).await?;

tests/client.rs

@@ -213,27 +213,30 @@ async fn test_tls() {
     let mut reader = std::io::BufReader::new(file);
     match rustls_pemfile::read_one(&mut reader).unwrap().unwrap() {
         rustls_pemfile::Item::X509Certificate(key) => {
-            root_store.add(&rustls::Certificate(key)).unwrap();
+            root_store
+                .add(rustls::pki_types::CertificateDer::from(key))
+                .unwrap();
         }
         _ => unreachable!(),
     }
 
     let file = std::fs::File::open("/tmp/ca.crt").unwrap();
     let mut reader = std::io::BufReader::new(file);
     let producer_root = match rustls_pemfile::read_one(&mut reader).unwrap().unwrap() {
-        rustls_pemfile::Item::X509Certificate(key) => rustls::Certificate(key),
+        rustls_pemfile::Item::X509Certificate(key) => rustls::pki_types::CertificateDer::from(key),
         _ => unreachable!(),
     };
 
     let file = std::fs::File::open("/tmp/ca.key").unwrap();
     let mut reader = std::io::BufReader::new(file);
     let private_key = match rustls_pemfile::read_one(&mut reader).unwrap().unwrap() {
-        rustls_pemfile::Item::PKCS8Key(key) => rustls::PrivateKey(key),
+        rustls_pemfile::Item::PKCS8Key(key) => rustls::pki_types::PrivateKeyDer::Pkcs1(
+            rustls::pki_types::PrivatePkcs1KeyDer::from(key),
+        ),
         _ => unreachable!(),
     };
 
     let config = rustls::ClientConfig::builder()
-        .with_safe_defaults()
         .with_root_certificates(root_store)
         .with_client_auth_cert(vec![producer_root], private_key)
         .unwrap();