Make TLS ciphersuites configurable

[AlessandroBono]

Hello, I would like to make the TLS ciphersuites configurable. Let me know how to proceed if you are not comfortable to expose SupportedCipherSuite from rustls.

[jxs]

Hi, and thanks for the interest!
Yeah ideally we don't want to expose internal dependencies to avoid them introducing breaking changes. But this would involve three indirections right? SupportedCipherSuite and Tls12CipherSuite /Tls13CipherSuite honestly I'd suggest punting this one, wdyt @seanmonstar?
Meanwhile if you convert your warp filters to Service and roll them on Hyper with tokio_rustls TlsAcceptor see here also for an axum example on how to that as serve_connection accepts a Service

[seanmonstar]

Yea, I agree with @jxs. We've purposefully not exposed the rustls dependency, which allows us to upgrade to new versions transparently. So, I wouldn't want to expose the SupportedCipherSuite type.

We could consider allowing you to just pass a list of strings, and parse them internally. I don't know if that's a good idea, just one I had. The other alternative is what we've suggested for anyone needing more advanced configuration: convert the filters into a service using warp::service, and then use rustls and hyper to make the listener part.