From 380620c0506d091b7e765ec9949f4cc6f1fbea54 Mon Sep 17 00:00:00 2001 From: "hinto.janai" Date: Thu, 1 Jun 2023 11:53:03 -0400 Subject: [PATCH] update: fix macOS Tor's TLS On apple-darwin targets there is an issue with the native and rustls tls implementation so this makes it fall back to the openssl variant. https://gitlab.torproject.org/tpo/core/arti/-/issues/715 --- Cargo.lock | 16 ++++++++++++++++ Cargo.toml | 13 ++++++++++++- src/update.rs | 19 ++++++++++++++++--- 3 files changed, 44 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f19e590..3d17447 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2083,6 +2083,7 @@ dependencies = [ "tar", "tls-api", "tls-api-native-tls", + "tls-api-openssl", "tokio", "toml 0.7.4", "tor-rtcompat", @@ -4548,6 +4549,21 @@ dependencies = [ "tokio", ] +[[package]] +name = "tls-api-openssl" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82155f245c99a3b652627f32abeacd4eae9e0fec996c1090df121e01379d28f3" +dependencies = [ + "anyhow", + "openssl", + "openssl-sys", + "thiserror", + "tls-api", + "tls-api-test", + "tokio", +] + [[package]] name = "tls-api-test" version = "0.9.0" diff --git a/Cargo.toml b/Cargo.toml index 22e734c..780549e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -66,7 +66,6 @@ serde = { version = "1.0.163", features = ["rc", "derive"] } serde_json = "1.0" sysinfo = { version = "0.29.0", default-features = false } tls-api = "0.9.0" -tls-api-native-tls = "0.9.0" tokio = { version = "1.21.2", features = ["rt", "time", "macros", "process"] } toml = { version = "0.7.4", features = ["preserve_order"] } tor-rtcompat = "0.9.0" @@ -82,6 +81,18 @@ sudo = "0.6.0" ## [glow] backend for Unix. eframe = { version = "0.19.0", default-features = false, features = ["glow"] } +# macOS Tor +[target.'cfg(target_os = "macos")'.dependencies] +# On apple-darwin targets there is an issue with the native and rustls +# tls implementation so this makes it fall back to the openssl variant. +# +# https://gitlab.torproject.org/tpo/core/arti/-/issues/715 +tls-api-openssl = "0.9.0" + +# Windows/Linux Tor +[target.'cfg(not(target_os = "macos"))'.dependencies] +tls-api-native-tls = "0.9.0" + # Windows dependencies [target.'cfg(windows)'.dependencies] zip = "0.6.6" diff --git a/src/update.rs b/src/update.rs index b43631f..556131b 100644 --- a/src/update.rs +++ b/src/update.rs @@ -45,10 +45,23 @@ use rand::{thread_rng, Rng}; use serde::{Serialize,Deserialize}; use std::path::{Path,PathBuf}; use std::sync::{Arc,Mutex}; -use tls_api::{TlsConnector, TlsConnectorBuilder}; use tokio::task::JoinHandle; use walkdir::WalkDir; +// On apple-darwin targets there is an issue with the native and rustls +// tls implementation so this makes it fall back to the openssl variant. +// +// https://gitlab.torproject.org/tpo/core/arti/-/issues/715 +#[cfg(target_os = "macos")] +use tls_api_openssl::TlsConnector; +#[cfg(not(target_os = "macos"))] +use tls_api_native_tls::TlsConnector; + +use tls_api::{ + TlsConnector as TlsConnectorTrait, + TlsConnectorBuilder, +}; + #[cfg(target_os = "windows")] use zip::ZipArchive; //#[cfg(target_family = "unix")] @@ -297,7 +310,7 @@ impl Update { let tor = TorClient::builder().bootstrap_behavior(arti_client::BootstrapBehavior::OnDemand).create_unbootstrapped()?; // This makes sure the Tor circuit is different each time let tor = TorClient::isolated_client(&tor); - let tls = tls_api_native_tls::TlsConnector::builder()?.build()?; + let tls = TlsConnector::builder()?.build()?; let connector = ArtiHttpConnector::new(tor, tls); let client = ClientEnum::Tor(Client::builder().build(connector)); Ok(client) @@ -764,7 +777,7 @@ impl Update { #[derive(Debug,Clone)] pub enum ClientEnum { - Tor(hyper::Client>), + Tor(hyper::Client>), Https(hyper::Client>), }