diff --git a/quic/s2n-quic-tls/Cargo.toml b/quic/s2n-quic-tls/Cargo.toml index 639d544dcf..ea1f190740 100644 --- a/quic/s2n-quic-tls/Cargo.toml +++ b/quic/s2n-quic-tls/Cargo.toml @@ -20,10 +20,10 @@ libc = "0.2" s2n-codec = { version = "=0.1.0", path = "../../common/s2n-codec", default-features = false } s2n-quic-core = { version = "=0.4.0", path = "../s2n-quic-core", default-features = false } s2n-quic-crypto = { version = "=0.4.0", path = "../s2n-quic-crypto", default-features = false } -s2n-tls = { version = "=0.0.7", features = ["quic"] } +s2n-tls = { version = "=0.0.8", features = ["quic"] } [target.'cfg(all(s2n_quic_unstable, s2n_quic_enable_pq_tls))'.dependencies] -s2n-tls = { version = "=0.0.7", features = ["quic", "pq"] } +s2n-tls = { version = "=0.0.8", features = ["quic", "pq"] } [dev-dependencies] checkers = "0.6" diff --git a/quic/s2n-quic-tls/src/client.rs b/quic/s2n-quic-tls/src/client.rs index 91e0f4a2ea..e9fed8d703 100644 --- a/quic/s2n-quic-tls/src/client.rs +++ b/quic/s2n-quic-tls/src/client.rs @@ -11,8 +11,8 @@ use s2n_codec::EncoderValue; use s2n_quic_core::{application::ServerName, crypto::tls, endpoint}; use s2n_tls::raw::{ config::{self, Config}, + enums::ClientAuthType, error::Error, - ffi::s2n_cert_auth_type, }; use std::sync::Arc; @@ -114,8 +114,7 @@ impl Builder { .as_pem() .expect("pem is currently the only certificate format supported"), )?; - self.config - .set_client_auth_type(s2n_cert_auth_type::REQUIRED)?; + self.config.set_client_auth_type(ClientAuthType::Required)?; Ok(self) } diff --git a/quic/s2n-quic-tls/src/server.rs b/quic/s2n-quic-tls/src/server.rs index fe4bfdfa47..34c98a36d7 100644 --- a/quic/s2n-quic-tls/src/server.rs +++ b/quic/s2n-quic-tls/src/server.rs @@ -13,8 +13,8 @@ use s2n_quic_core::{application::ServerName, crypto::tls, endpoint}; use s2n_tls::raw::config::ClientHelloHandler; use s2n_tls::raw::{ config::{self, Config, VerifyClientCertificateHandler}, + enums::ClientAuthType, error::Error, - ffi::s2n_cert_auth_type, }; use std::sync::Arc; @@ -128,8 +128,7 @@ impl Builder { /// Configures this server instance to require client authentication (mutual TLS). pub fn with_client_authentication(mut self) -> Result { - self.config - .set_client_auth_type(s2n_cert_auth_type::REQUIRED)?; + self.config.set_client_auth_type(ClientAuthType::Required)?; Ok(self) } diff --git a/quic/s2n-quic-tls/src/session.rs b/quic/s2n-quic-tls/src/session.rs index a89c1b640b..37dc8541c0 100644 --- a/quic/s2n-quic-tls/src/session.rs +++ b/quic/s2n-quic-tls/src/session.rs @@ -12,9 +12,9 @@ use s2n_quic_core::{ use s2n_quic_crypto::Suite; use s2n_tls::raw::{ config::Config, - connection::{self, Connection}, + connection::Connection, + enums::{Blinding, Mode}, error::Error, - ffi::s2n_blinding, }; #[derive(Debug)] @@ -37,15 +37,15 @@ impl Session { server_name: Option, ) -> Result { let mut connection = Connection::new(match endpoint { - endpoint::Type::Server => connection::Mode::Server, - endpoint::Type::Client => connection::Mode::Client, + endpoint::Type::Server => Mode::Server, + endpoint::Type::Client => Mode::Client, }); connection.set_config(config)?; connection.enable_quic()?; connection.set_quic_transport_parameters(params)?; // QUIC handles sending alerts, so no need to apply TLS blinding - connection.set_blinding(s2n_blinding::SELF_SERVICE_BLINDING)?; + connection.set_blinding(Blinding::SelfService)?; if let Some(server_name) = server_name.as_ref() { connection