From 76d572ed10141f9b4c020b4f4d443934e9e6c339 Mon Sep 17 00:00:00 2001 From: Yuri Astrakhan Date: Tue, 12 Mar 2024 10:30:07 -0400 Subject: [PATCH] crate: hide internal features (#2026) In `Cargo.toml`, hide all optional dependencies as features Currently, reqwest publishes all optional dependencies as features - which is usually not what is intended. Instead, the features should be explicitly declared, whereas optional features are enabled with the new `dep:*` syntax. Note that I also had to fix a few conditional compilations which used optional crates rather than features as conditionals. Also, note the use of the `...?/...` syntax instead of `.../...` -- as this both enabled an optional crate AND adds a feature to it. Now, it uses the `"dep:...", "...?/..."` syntax to prevent exposing crate name. Technically, this is *breaking change*, since people may have enabled some of these features accidentally. That's why we're including it in 0.12. --- Cargo.toml | 34 +++++++++++++++++----------------- src/async_impl/client.rs | 8 +++----- src/connect.rs | 18 +++++++++--------- src/tls.rs | 8 ++++---- 4 files changed, 33 insertions(+), 35 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index d054f84e4..e3659dd89 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,45 +31,45 @@ default = ["default-tls", "http2"] # Note: this doesn't enable the 'native-tls' feature, which adds specific # functionality for it. -default-tls = ["hyper-tls", "native-tls-crate", "__tls", "tokio-native-tls"] +default-tls = ["dep:hyper-tls", "dep:native-tls-crate", "__tls", "dep:tokio-native-tls"] http2 = ["h2", "hyper/http2", "hyper-util/http2"] # Enables native-tls specific functionality not available by default. native-tls = ["default-tls"] -native-tls-alpn = ["native-tls", "native-tls-crate/alpn", "hyper-tls/alpn"] -native-tls-vendored = ["native-tls", "native-tls-crate/vendored"] +native-tls-alpn = ["native-tls", "native-tls-crate?/alpn", "hyper-tls?/alpn"] +native-tls-vendored = ["native-tls", "native-tls-crate?/vendored"] rustls-tls = ["rustls-tls-webpki-roots"] rustls-tls-manual-roots = ["__rustls"] -rustls-tls-webpki-roots = ["webpki-roots", "__rustls"] -rustls-tls-native-roots = ["rustls-native-certs", "__rustls"] +rustls-tls-webpki-roots = ["dep:webpki-roots", "__rustls"] +rustls-tls-native-roots = ["dep:rustls-native-certs", "__rustls"] blocking = ["futures-channel/sink", "futures-util/io", "futures-util/sink", "tokio/rt-multi-thread", "tokio/sync"] -cookies = ["cookie_crate", "cookie_store"] +cookies = ["dep:cookie_crate", "dep:cookie_store"] -gzip = ["async-compression", "async-compression/gzip", "tokio-util"] +gzip = ["dep:async-compression", "async-compression?/gzip", "dep:tokio-util"] -brotli = ["async-compression", "async-compression/brotli", "tokio-util"] +brotli = ["dep:async-compression", "async-compression?/brotli", "dep:tokio-util"] -deflate = ["async-compression", "async-compression/zlib", "tokio-util"] +deflate = ["dep:async-compression", "async-compression?/zlib", "dep:tokio-util"] -json = ["serde_json"] +json = ["dep:serde_json"] -multipart = ["mime_guess"] +multipart = ["dep:mime_guess"] # Deprecated, remove this feature while bumping minor versions. -trust-dns = ["hickory-dns"] -hickory-dns = ["hickory-resolver"] +trust-dns = ["dep:trust-dns-resolver"] +hickory-dns = ["dep:hickory-resolver"] -stream = ["tokio/fs", "tokio-util", "wasm-streams"] +stream = ["tokio/fs", "dep:tokio-util", "dep:wasm-streams"] -socks = ["tokio-socks"] +socks = ["dep:tokio-socks"] # Experimental HTTP/3 client. # Disabled while waiting for quinn to upgrade. -#http3 = ["rustls-tls-manual-roots", "h3", "h3-quinn", "quinn", "futures-channel"] +#http3 = ["rustls-tls-manual-roots", "dep:h3", "dep:h3-quinn", "dep:quinn", "dep:futures-channel"] # Internal (PRIVATE!) features used to aid testing. # Don't rely on these whatsoever. They may disappear at anytime. @@ -79,7 +79,7 @@ __tls = ["dep:rustls-pemfile", "tokio/io-util"] # Enables common rustls code. # Equivalent to rustls-tls-manual-roots but shorter :) -__rustls = ["hyper-rustls", "tokio-rustls", "rustls", "__tls", "dep:rustls-pemfile", "rustls-pki-types"] +__rustls = ["dep:hyper-rustls", "dep:tokio-rustls", "dep:rustls", "__tls", "dep:rustls-pemfile", "rustls-pki-types"] # When enabled, disable using the cached SYS_PROXIES. __internal_proxy_sys_no_cache = [] diff --git a/src/async_impl/client.rs b/src/async_impl/client.rs index 6e79a3fd0..183f22807 100644 --- a/src/async_impl/client.rs +++ b/src/async_impl/client.rs @@ -14,7 +14,7 @@ use http::header::{ use http::uri::Scheme; use http::Uri; use hyper_util::client::legacy::connect::HttpConnector; -#[cfg(feature = "native-tls-crate")] +#[cfg(feature = "default-tls")] use native_tls_crate::TlsConnector; use pin_project_lite::pin_project; use std::future::Future; @@ -1534,9 +1534,7 @@ impl ClientBuilder { let mut tls = Some(tls); #[cfg(feature = "native-tls")] { - if let Some(conn) = - (&mut tls as &mut dyn Any).downcast_mut::>() - { + if let Some(conn) = (&mut tls as &mut dyn Any).downcast_mut::>() { let tls = conn.take().expect("is definitely Some"); let tls = crate::tls::TlsBackend::BuiltNativeTls(tls); self.config.tls = tls; @@ -2135,7 +2133,7 @@ impl Config { f.field("tls_info", &self.tls_info); } - #[cfg(all(feature = "native-tls-crate", feature = "__rustls"))] + #[cfg(all(feature = "default-tls", feature = "__rustls"))] { f.field("tls_backend", &self.tls); } diff --git a/src/connect.rs b/src/connect.rs index 68ef26924..79c069016 100644 --- a/src/connect.rs +++ b/src/connect.rs @@ -4,9 +4,9 @@ use http::uri::{Authority, Scheme}; use http::Uri; use hyper::rt::{Read, ReadBufCursor, Write}; use hyper_util::client::legacy::connect::{Connected, Connection}; -#[cfg(feature = "__tls")] +#[cfg(any(feature = "socks", feature = "__tls"))] use hyper_util::rt::TokioIo; -#[cfg(feature = "native-tls-crate")] +#[cfg(feature = "default-tls")] use native_tls_crate::{TlsConnector, TlsConnectorBuilder}; use tower_service::Service; @@ -217,11 +217,11 @@ impl Connector { if dst.scheme() == Some(&Scheme::HTTPS) { let host = dst.host().ok_or("no host in url")?.to_string(); let conn = socks::connect(proxy, dst, dns).await?; - let conn = hyper_util::rt::TokioIo::new(conn); - let conn = hyper_util::rt::TokioIo::new(conn); + let conn = TokioIo::new(conn); + let conn = TokioIo::new(conn); let tls_connector = tokio_native_tls::TlsConnector::from(tls.clone()); let io = tls_connector.connect(&host, conn).await?; - let io = hyper_util::rt::TokioIo::new(io); + let io = TokioIo::new(io); return Ok(Conn { inner: self.verbose.wrap(NativeTlsConn { inner: io }), is_proxy: false, @@ -238,15 +238,15 @@ impl Connector { let tls = tls_proxy.clone(); let host = dst.host().ok_or("no host in url")?.to_string(); let conn = socks::connect(proxy, dst, dns).await?; - let conn = hyper_util::rt::TokioIo::new(conn); - let conn = hyper_util::rt::TokioIo::new(conn); + let conn = TokioIo::new(conn); + let conn = TokioIo::new(conn); let server_name = rustls_pki_types::ServerName::try_from(host.as_str().to_owned()) .map_err(|_| "Invalid Server Name")?; let io = RustlsConnector::from(tls) .connect(server_name, conn) .await?; - let io = hyper_util::rt::TokioIo::new(io); + let io = TokioIo::new(io); return Ok(Conn { inner: self.verbose.wrap(RustlsTlsConn { inner: io }), is_proxy: false, @@ -259,7 +259,7 @@ impl Connector { } socks::connect(proxy, dst, dns).await.map(|tcp| Conn { - inner: self.verbose.wrap(hyper_util::rt::TokioIo::new(tcp)), + inner: self.verbose.wrap(TokioIo::new(tcp)), is_proxy: false, tls_info: false, }) diff --git a/src/tls.rs b/src/tls.rs index 27101d733..a502ab09d 100644 --- a/src/tls.rs +++ b/src/tls.rs @@ -59,7 +59,7 @@ use std::{ /// Represents a server X509 certificate. #[derive(Clone)] pub struct Certificate { - #[cfg(feature = "native-tls-crate")] + #[cfg(feature = "default-tls")] native: native_tls_crate::Certificate, #[cfg(feature = "__rustls")] original: Cert, @@ -131,7 +131,7 @@ impl Certificate { /// ``` pub fn from_der(der: &[u8]) -> crate::Result { Ok(Certificate { - #[cfg(feature = "native-tls-crate")] + #[cfg(feature = "default-tls")] native: native_tls_crate::Certificate::from_der(der).map_err(crate::error::builder)?, #[cfg(feature = "__rustls")] original: Cert::Der(der.to_owned()), @@ -156,7 +156,7 @@ impl Certificate { /// ``` pub fn from_pem(pem: &[u8]) -> crate::Result { Ok(Certificate { - #[cfg(feature = "native-tls-crate")] + #[cfg(feature = "default-tls")] native: native_tls_crate::Certificate::from_pem(pem).map_err(crate::error::builder)?, #[cfg(feature = "__rustls")] original: Cert::Pem(pem.to_owned()), @@ -189,7 +189,7 @@ impl Certificate { .collect::>>() } - #[cfg(feature = "native-tls-crate")] + #[cfg(feature = "default-tls")] pub(crate) fn add_to_native_tls(self, tls: &mut native_tls_crate::TlsConnectorBuilder) { tls.add_root_certificate(self.native); }