aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Peter Neumark <neumark.peter@gmail.com> 2022-09-14 16:55:38 +0200
committerGravatar GitHub <noreply@github.com> 2022-09-14 14:55:38 +0000
commit187f4f033509cb616582d0645ff5cf1ea77bac76 (patch)
treebe65305a58ca1129d280630990c14d7bf946a0f4
parent064bdcab8ec056d4ef3d7b4e6f57d7684de1b3af (diff)
downloadrathole-187f4f033509cb616582d0645ff5cf1ea77bac76.tar.gz
rathole-187f4f033509cb616582d0645ff5cf1ea77bac76.tar.zst
rathole-187f4f033509cb616582d0645ff5cf1ea77bac76.zip
feat: Allow use of system default TLS trusted root by omitting the trusted_root client config parameter. (#192)
Diffstat
-rw-r--r--src/config.rs5
-rw-r--r--src/transport/tls.rs6
2 files changed, 5 insertions, 6 deletions
diff --git a/src/config.rs b/src/config.rs
index 6af9c26..8b9cd3d 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -296,11 +296,6 @@ impl Config {
.as_ref()
.and(tls_config.pkcs12_password.as_ref())
.ok_or_else(|| anyhow!("Missing `pkcs12` or `pkcs12_password`"))?;
- } else {
- tls_config
- .trusted_root
- .as_ref()
- .ok_or_else(|| anyhow!("Missing `trusted_root`"))?;
}
Ok(())
}
diff --git a/src/transport/tls.rs b/src/transport/tls.rs
index 8043360..80d0fbd 100644
--- a/src/transport/tls.rs
+++ b/src/transport/tls.rs
@@ -42,7 +42,11 @@ impl Transport for TlsTransport {
.build()?;
Some(TlsConnector::from(connector))
}
- None => None,
+ None => {
+ // if no trusted_root is specified, allow TlsConnector to use system default
+ let connector = native_tls::TlsConnector::builder().build()?;
+ Some(TlsConnector::from(connector))
+ },
};
let tls_acceptor = match config.pkcs12.as_ref() {
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-25 16:33:53 +0000