Skip to content

Commit

Permalink
build: fix some clippy warnings
Browse files Browse the repository at this point in the history 
When no TLS feature is enabled, clippy warns about some
things.
  • Loading branch information
@ctron
ctron committed Oct 11, 2024
1 parent 0b1f909 commit ea677d8
Show file tree
Hide file tree
Showing 6 changed files with 61 additions and 47 deletions.
27 changes: 22 additions & 5 deletions src/config/rt/build.rs
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
use super::{super::STAGE_DIR, RtcBuilder};
use crate::config::{
models::{Configuration, Hook, Tools},
rt::{CoreOptions, RtcCore},
types::{BaseUrl, Minify},
Hooks,
use crate::{
config::{
models::{Configuration, Hook, Tools},
rt::{CoreOptions, RtcCore},
types::{BaseUrl, Minify},
Hooks,
},
tools::HttpClientOptions,
};
use anyhow::{ensure, Context};
use std::{collections::HashMap, ops::Deref, path::PathBuf};
Expand Down Expand Up @@ -70,10 +73,12 @@ pub struct RtcBuild {
/// `pattern_script` and `pattern_preload`.
pub pattern_params: HashMap<String, String>,
/// Optional root certificate chain for use when downloading dependencies.
#[cfg(any(feature = "native-tls", feature = "rustls"))]
pub root_certificate: Option<PathBuf>,
/// Sets if reqwest is allowed to ignore certificate validation errors (defaults to false).
///
/// **WARNING**: Setting this to true can make you vulnerable to man-in-the-middle attacks. Sometimes this is necessary when working behind corporate proxies.
#[cfg(any(feature = "native-tls", feature = "rustls"))]
pub accept_invalid_certs: bool,
/// Control minification
pub minify: Minify,
Expand Down Expand Up @@ -191,7 +196,9 @@ impl RtcBuild {
offline: build.offline,
frozen: build.frozen,
locked: build.locked,
#[cfg(any(feature = "native-tls", feature = "rustls"))]
root_certificate: build.root_certificate.map(PathBuf::from),
#[cfg(any(feature = "native-tls", feature = "rustls"))]
accept_invalid_certs: build.accept_invalid_certs,
minify: build.minify,
no_sri: build.no_sri,
Expand Down Expand Up @@ -251,6 +258,16 @@ impl RtcBuild {
(Minify::Always, _) => true,
}
}

/// Build [`HttpClientOptions`] options form configuration.
pub fn client_options(&self) -> HttpClientOptions {
HttpClientOptions {
#[cfg(any(feature = "native-tls", feature = "rustls"))]
root_certificate: self.root_certificate.clone(),
#[cfg(any(feature = "native-tls", feature = "rustls"))]
accept_invalid_certificates: self.accept_invalid_certs,
}
}
}

impl RtcBuilder for RtcBuild {
Expand Down
10 changes: 2 additions & 8 deletions src/pipelines/rust/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -517,10 +517,7 @@ impl RustApp {
Application::WasmBindgen,
version.as_deref(),
self.cfg.offline,
&tools::HttpClientOptions {
root_certificate: self.cfg.root_certificate.clone(),
accept_invalid_certificates: self.cfg.accept_invalid_certs,
},
&self.cfg.client_options(),
)
.await?;

Expand Down Expand Up @@ -872,10 +869,7 @@ impl RustApp {
Application::WasmOpt,
version,
self.cfg.offline,
&tools::HttpClientOptions {
root_certificate: self.cfg.root_certificate.clone(),
accept_invalid_certificates: self.cfg.accept_invalid_certs,
},
&self.cfg.client_options(),
)
.await?;

Expand Down
5 changes: 1 addition & 4 deletions src/pipelines/sass.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,10 +83,7 @@ impl Sass {
Application::Sass,
version,
self.cfg.offline,
&tools::HttpClientOptions {
root_certificate: self.cfg.root_certificate.clone(),
accept_invalid_certificates: self.cfg.accept_invalid_certs,
},
&self.cfg.client_options(),
)
.await?;

Expand Down
5 changes: 1 addition & 4 deletions src/pipelines/tailwind_css.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,7 @@ impl TailwindCss {
Application::TailwindCss,
version,
self.cfg.offline,
&tools::HttpClientOptions {
root_certificate: self.cfg.root_certificate.clone(),
accept_invalid_certificates: self.cfg.accept_invalid_certs,
},
&self.cfg.client_options(),
)
.await?;

Expand Down
54 changes: 29 additions & 25 deletions src/serve/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -283,32 +283,36 @@ async fn run_server(
let router = router.clone();
let shutdown_handle = shutdown_handle.clone();
match &tls {
Some(tls) => match tls.clone() {
#[cfg(feature = "rustls")]
TlsConfig::Rustls { config } => {
tasks.push(
async move {
axum_server::bind_rustls(addr, config)
.handle(shutdown_handle)
.serve(router.into_make_service())
.await
}
.boxed(),
);
}
#[cfg(feature = "native-tls")]
TlsConfig::Native { config } => {
tasks.push(
async move {
axum_server::bind_openssl(addr, config)
.handle(shutdown_handle)
.serve(router.into_make_service())
.await
}
.boxed(),
);
Some(tls) =>
{
#[allow(unreachable_code)]
match tls.clone() {
#[cfg(feature = "rustls")]
TlsConfig::Rustls { config } => {
tasks.push(
async move {
axum_server::bind_rustls(addr, config)
.handle(shutdown_handle)
.serve(router.into_make_service())
.await
}
.boxed(),
);
}
#[cfg(feature = "native-tls")]
TlsConfig::Native { config } => {
tasks.push(
async move {
axum_server::bind_openssl(addr, config)
.handle(shutdown_handle)
.serve(router.into_make_service())
.await
}
.boxed(),
);
}
}
},
}

None => tasks.push(
async move {
Expand Down
7 changes: 6 additions & 1 deletion src/tools.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,12 @@ pub struct HttpClientOptions {
/// Use this specific root certificate to validate the certificate chain. Optional.
///
/// Useful when behind a corporate proxy that uses a self-signed root certificate.
#[cfg(any(feature = "native-tls", feature = "rustls"))]
pub root_certificate: Option<PathBuf>,
/// Allows Trunk to accept certificates that can't be verified when fetching dependencies. Defaults to false.
///
/// **WARNING**: This is inherently unsafe and can open you up to Man-in-the-middle attacks. But sometimes it is required when working behind corporate proxies.
#[cfg(any(feature = "native-tls", feature = "rustls"))]
pub accept_invalid_certificates: bool,
}

Expand Down Expand Up @@ -350,6 +352,7 @@ async fn download(
) -> Result<PathBuf> {
tracing::info!(version = version, "downloading {}", app.name());

#[cfg(any(feature = "native-tls", feature = "rustls"))]
if client_options.accept_invalid_certificates {
tracing::warn!(
"Accept Invalid Certificates is set to true. This can open you up to MITM attacks."
Expand Down Expand Up @@ -458,7 +461,9 @@ pub async fn cache_dir() -> Result<PathBuf> {
Ok(path)
}

async fn get_http_client(client_options: &HttpClientOptions) -> Result<reqwest::Client> {
async fn get_http_client(
#[allow(unused_variables)] client_options: &HttpClientOptions,
) -> Result<reqwest::Client> {
let builder = reqwest::ClientBuilder::new();

#[cfg(any(feature = "native-tls", feature = "rustls"))]
Expand Down

0 comments on commit ea677d8

Please sign in to comment.