add rustls-ring feature to make ring optional

.github/workflows/cross.yml

@@ -21,7 +21,7 @@ on:
 
 env:
   CARGO_TERM_COLOR: always
-  CROSS_FEATURES: --no-default-features --features vendored-openssl,quic,vendored-c-ares,hickory
+  CROSS_FEATURES: --no-default-features --features vendored-openssl,rustls-ring,quic,vendored-c-ares,hickory
   CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-gcc
   CARGO_TARGET_RISCV64GC_UNKNOWN_LINUX_GNU_LINKER: riscv64-linux-gnu-gcc
   CARGO_TARGET_POWERPC64LE_UNKNOWN_LINUX_GNU_LINKER: powerpc64le-linux-gnu-gcc

.github/workflows/linux.yml

@@ -69,7 +69,42 @@ jobs:
     - name: Cargo clippy
       run: cargo clippy --tests -- --deny warnings
 
-  build-vendored:
+  build-vendored-g1:
+    name: Build vendored
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        feature:
+          - vendored-openssl,rustls-ring
+          - vendored-tongsuo,rustls-ring
+          - vendored-aws-lc,rustls-aws-lc
+          - vendored-boringssl,rustls-ring
+        component:
+          - g3proxy
+          - g3bench
+          - g3tiles
+        include:
+          - feature: vendored-c-ares,rustls-ring
+            component: g3proxy
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install capnproto libc-ares-dev libssl-dev liblua5.4-dev
+      - name: Cargo build
+        run: cargo build --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }}
+      - name: Cargo clippy
+        run: cargo clippy --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }} -- --deny warnings
+
+  build-vendored-g2:
     name: Build vendored
     runs-on: ubuntu-latest
     strategy:
@@ -80,15 +115,9 @@ jobs:
           - vendored-aws-lc
           - vendored-boringssl
         component:
-          - g3proxy
-          - g3bench
-          - g3tiles
           - g3fcgen
           - g3mkcert
           - g3keymess
-        include:
-          - feature: vendored-c-ares
-            component: g3proxy
     steps:
       - name: Checkout sources
         uses: actions/checkout@v4
@@ -101,7 +130,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get update
-          sudo apt-get install capnproto libc-ares-dev libssl-dev liblua5.4-dev
+          sudo apt-get install capnproto libssl-dev
       - name: Cargo build
         run: cargo build --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }}
       - name: Cargo clippy

.github/workflows/macos.yml

@@ -44,7 +44,40 @@ jobs:
         run: cargo clippy --tests -- --deny warnings
       - name: Cargo test
         run: cargo test --workspace --exclude g3-journal
-  build-vendored:
+  build-vendored-g1:
+    name: Build vendored
+    runs-on: macos-latest
+    strategy:
+      matrix:
+        feature:
+          - vendored-openssl,rustls-ring
+          - vendored-tongsuo,rustls-ring
+          - vendored-aws-lc,rustls-aws-lc
+          - vendored-boringssl,rustls-ring
+        component:
+          - g3proxy
+          - g3bench
+          - g3tiles
+        include:
+          - feature: vendored-c-ares,rustls-ring
+            component: g3proxy
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy
+      - name: Install dependencies
+        run: |
+          brew install capnp openssl c-ares lua
+      - name: Cargo build
+        run: cargo build --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }}
+      - name: Cargo clippy
+        run: cargo clippy --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }} -- --deny warnings
+  build-vendored-g2:
     name: Build vendored
     runs-on: macos-latest
     strategy:
@@ -55,15 +88,9 @@ jobs:
           - vendored-aws-lc
           - vendored-boringssl
         component:
-          - g3proxy
-          - g3bench
-          - g3tiles
           - g3fcgen
           - g3mkcert
           - g3keymess
-        include:
-          - feature: vendored-c-ares
-            component: g3proxy
     steps:
       - name: Checkout sources
         uses: actions/checkout@v4
@@ -75,7 +102,7 @@ jobs:
           components: clippy
       - name: Install dependencies
         run: |
-          brew install capnp openssl c-ares lua
+          brew install capnp openssl
       - name: Cargo build
         run: cargo build --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }}
       - name: Cargo clippy

.github/workflows/static.yml

@@ -30,8 +30,8 @@ jobs:
     strategy:
       matrix:
         feature:
-          - vendored-openssl
-          - vendored-tongsuo
+          - vendored-openssl,rustls-ring
+          - vendored-tongsuo,rustls-ring
           # - vendored-aws-lc
           # - vendored-boringssl
     steps:
@@ -55,18 +55,18 @@ jobs:
     strategy:
       matrix:
         feature:
-          - vendored-openssl
-          - vendored-tongsuo
-          - vendored-aws-lc
-          - vendored-boringssl
+          - vendored-openssl,rustls-ring
+          - vendored-tongsuo,rustls-ring
+          - vendored-aws-lc,rustls-aws-lc
+          - vendored-boringssl,rustls-ring
     steps:
       - name: Install common tools
         run: choco install capnproto
       - name: Install nasm and ninja for BoringSSL
-        if: matrix.feature == 'vendored-boringssl'
+        if: contains(matrix.feature, 'vendored-boringssl')
         run: choco install nasm ninja
       - name: Install nasm for AWS-LC
-        if: matrix.feature == 'vendored-aws-lc'
+        if: contains(matrix.feature, 'vendored-aws-lc')
         uses: ilammy/setup-nasm@v1
       - name: Checkout sources
         uses: actions/checkout@v4

.github/workflows/windows.yml

@@ -22,7 +22,7 @@ on:
 env:
   CARGO_TERM_COLOR: always
   VCPKG_ROOT: C:\vcpkg
-  WIN_FEATURES: quic,vendored-c-ares,hickory
+  WIN_FEATURES: rustls-ring,quic,vendored-c-ares,hickory
 
 jobs:
   build:
@@ -48,7 +48,43 @@ jobs:
       - name: Cargo test
         run: cargo test --no-default-features --features $env:WIN_FEATURES --workspace --exclude g3-journal
 
-  build-vendored:
+  build-vendored-g1:
+    name: Build vendored
+    runs-on: windows-latest
+    strategy:
+      matrix:
+        feature:
+          - vendored-openssl,rustls-ring
+          - vendored-tongsuo,rustls-ring
+          - vendored-aws-lc,rustls-aws-lc
+          - vendored-boringssl,rustls-ring
+        component:
+          - g3proxy
+          - g3bench
+          - g3tiles
+    steps:
+      - name: Install common tools
+        run: choco install capnproto
+      - name: Install nasm and ninja for BoringSSL
+        if: contains(matrix.feature, 'vendored-boringssl')
+        run: choco install nasm ninja
+      - name: Install nasm for AWS-LC
+        if: contains(matrix.feature, 'vendored-aws-lc')
+        uses: ilammy/setup-nasm@v1
+      - name: Checkout sources
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy
+      - name: Cargo build
+        run: cargo build --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }}
+      - name: Cargo clippy
+        run: cargo clippy --no-default-features --features ${{ matrix.feature }} -p ${{ matrix.component }} -- --deny warnings
+
+  build-vendored-g2:
     name: Build vendored
     runs-on: windows-latest
     strategy:
@@ -59,20 +95,17 @@ jobs:
           - vendored-aws-lc
           - vendored-boringssl
         component:
-          - g3proxy
-          - g3bench
-          - g3tiles
           - g3fcgen
           - g3mkcert
           - g3keymess
     steps:
       - name: Install common tools
         run: choco install capnproto
       - name: Install nasm and ninja for BoringSSL
-        if: matrix.feature == 'vendored-boringssl'
+        if: contains(matrix.feature, 'vendored-boringssl')
         run: choco install nasm ninja
       - name: Install nasm for AWS-LC
-        if: matrix.feature == 'vendored-aws-lc'
+        if: contains(matrix.feature, 'vendored-aws-lc')
         uses: ilammy/setup-nasm@v1
       - name: Checkout sources
         uses: actions/checkout@v4

Cargo.toml

@@ -150,8 +150,8 @@ async-recursion = "1.1"
 pin-project-lite = "0.2"
 #
 rustls-pki-types = { version = "1", default-features = false }
-rustls = { version = "0.23.15", default-features = false, features = ["std", "tls12", "ring", "brotli"] }
-tokio-rustls = { version = "0.26", default-features = false, features = ["tls12", "ring"] }
+rustls = { version = "0.23.15", default-features = false, features = ["std", "tls12", "brotli"] }
+tokio-rustls = { version = "0.26", default-features = false, features = ["tls12"] }
 quinn = { version = "0.11", default-features = false, features = ["runtime-tokio"] }
 quinn-udp = { version = "0.5.6", default-features = false, features = ["fast-apple-datapath"] }
 #

doc/openssl-variants.md

@@ -22,10 +22,6 @@ then you need to use Tongsuo.
 
 Use `--features vendored-tongsuo` cargo build option.
 
-### Package
-
-Switch to branch `rel/tlcp-tongsuo`, then run the build script or create the release tarball as usual.
-
 # BoringSSL
 
 See [BoringSSL](https://boringssl.googlesource.com/boringssl/) for more introduction.
@@ -37,18 +33,12 @@ As an alternative, you can switch to use BoringSSl as a solution.
 
 ## How
 
-BoringSSL is supported in branch `rel/boringssl`.
-
 ### Build
 
 - Make sure you have `cmake`, `pkg-config`installed
 
 - Build with `--features vendored-boringssl` cargo option
 
-### Package
-
-Switch to branch `rel/boringssl`, then run the build script or create the release tarball as usual.
-
 # AWS-LC
 
 See [AWS-LC](https://github.com/aws/aws-lc) for more introduction.
@@ -60,16 +50,10 @@ As an alternative, you can switch to use AWS-LC as a solution on AWS EC2 hosts.
 
 ## How
 
-AWS-LC is supported in branch `rel/aws-lc`.
-
 ### Build
 
 - Make sure you have `cmake`, `pkg-config` installed
 
 - Install a recent version of [go](https://go.dev/dl/) if you want to do AWS-LC code generation.
 
-- Build with `--features vendored-aws-lc` cargo build option.
-
-### Package
-
-Switch to branch `rel/aws-lc`, then run the build script or create the release tarball as usual.
+- Build with `--no-default-features --features vendored-aws-lc,rustls-aws-lc,<other features>` cargo build option.

g3bench/Cargo.toml

@@ -55,9 +55,10 @@ g3-hickory-client.workspace = true
 g3-build-env.workspace = true
 
 [features]
-default = ["quic"]
+default = ["quic", "rustls-ring"]
 quic = ["g3-types/quic", "g3-socks/quic", "g3-io-ext/quic", "g3-hickory-client/quic", "dep:quinn", "dep:h3", "dep:h3-quinn"]
-rustls-aws-lc = ["rustls/aws-lc-rs"]
+rustls-ring = ["g3-types/rustls-ring", "rustls/ring", "quinn?/rustls-ring"]
+rustls-aws-lc = ["g3-types/rustls-aws-lc", "rustls/aws-lc-rs", "quinn?/rustls-aws-lc-rs"]
 vendored-openssl = ["openssl/vendored", "openssl-probe"]
 vendored-tongsuo = ["openssl/tongsuo", "openssl-probe", "g3-types/tongsuo"]
 vendored-aws-lc = ["rustls-aws-lc", "openssl/aws-lc", "openssl-probe", "g3-types/aws-lc", "g3-tls-cert/aws-lc", "g3-openssl/aws-lc"]