use native-tls for ureq

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2025-08-05 20:01:59 +00:00 · 2022-02-01 10:35:10 +01:00 · 2022-02-01 10:35:10 +01:00 · bd2bf045cc
commit bd2bf045cc
parent ce9a84c54f
2 changed files with 23 additions and 8 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -13,7 +13,6 @@ exclude = [
 name = "proxmox_openid"
 path = "src/lib.rs"

-
 [dependencies]
 anyhow = "1.0"
 http = "0.2"
@ -22,7 +21,8 @@ openidconnect = { version = "2.2", default-features = false, features = ["accept
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 thiserror="1.0"
-ureq = { version = "2.4", features = ["native-tls", "gzip"] }
+ureq = { version = "2.4", default-features = false, features = ["native-tls", "gzip"] }
+native-tls = "0.2"
 url = "2.1"

 proxmox-time = "1"
--- a/src/http_client.rs
+++ b/src/http_client.rs
@ -1,3 +1,5 @@
+use std::sync::Arc;
+
 use http::header::{HeaderMap, HeaderValue, CONTENT_TYPE};
 use http::method::Method;
 use http::status::StatusCode;
@ -19,26 +21,39 @@ pub enum Error {
    /// Non-ureq HTTP error.
    #[error("HTTP error")]
    Http(#[from] http::Error),
+
    /// IO error
    #[error("IO error")]
    IO(#[from] std::io::Error),
-    /// Other error.
-    #[error("Other error: {}", _0)]
-    Other(String),
+
    /// Error returned by ureq crate.
    // boxed due to https://github.com/algesten/ureq/issues/296
    #[error("ureq request failed")]
    Ureq(#[from] Box<ureq::Error>),
+
+    #[error("TLS error: {0}")]
+    Tls(#[from] native_tls::Error),
+
+    /// Other error.
+    #[error("Other error: {}", _0)]
+    Other(String),
+}
+
+fn ureq_agent() -> Result<ureq::Agent, Error> {
+    Ok(ureq::AgentBuilder::new()
+        .tls_connector(Arc::new(native_tls::TlsConnector::new()?))
+        .build())
 }

 ///
 /// Synchronous HTTP client for ureq.
 ///
 pub fn http_client(request: HttpRequest) -> Result<HttpResponse, Error> {
-   let mut req = if let Method::POST = request.method {
-        ureq::post(&request.url.to_string())
+    let agent = ureq_agent()?;
+    let mut req = if let Method::POST = request.method {
+        agent.post(&request.url.to_string())
    } else {
-        ureq::get(&request.url.to_string())
+        agent.get(&request.url.to_string())
    };

    for (name, value) in request.headers {