-
Notifications
You must be signed in to change notification settings - Fork 424
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Separate default rustls::ClientConfig
for each protocol
#2001
Conversation
@djc I was looking into continuing this, but immediately hit a barrier. The last decision was to move the configs into I'm not exactly seeing a clear way forward here:
Personally I would like to avoid storing them globally, but otherwise I don't have a preference. Obviously 2. is the easiest for me to move forward on this. |
Is there any code actually depending on serde capabilities and/or |
This is the original issue adding Serde support to
Here is me playing around with the idea: 2720598...daxpedda:trust-dns:resolver-opts-copy-serde-test. |
@bluejekyll what do you think? I'm inclined to think that the complete reflection of |
I also made a branch only removing |
That sounds like a good path forward, let's do that in a separate PR as a first step? |
Closing in favor of #2031. |
This PR separates the default configuration used by each protocol to allow correct default ALPN and SNI configuration.
The certificates provided by
webpki-roots
are parsed only once, theClientConfig
is cloned and then modified for each protocol. The clone doesn't actually clone the certificates, as they are stored in anArc<WebPkiVerifier>
, which avoids re-parsing the certificates over and over again but more importantly doesn't multiply the memory usage for each clonedClientConfig
.See #1990 for more details on the issue addressed here.
Based on #1943.
Fixes #1990.