Eliminate methods to pass in ruslts config directly

Author: djc

tonic/src/transport/channel/tls.rs

@@ -14,7 +14,6 @@ pub struct ClientTlsConfig {
     domain: Option<String>,
     cert: Option<Certificate>,
     identity: Option<Identity>,
-    rustls_raw: Option<tokio_rustls::rustls::ClientConfig>,
 }
 
 #[cfg(feature = "tls")]
@@ -36,7 +35,6 @@ impl ClientTlsConfig {
             domain: None,
             cert: None,
             identity: None,
-            rustls_raw: None,
         }
     }
 
@@ -49,8 +47,6 @@ impl ClientTlsConfig {
     }
 
     /// Sets the CA Certificate against which to verify the server's TLS certificate.
-    ///
-    /// This has no effect if `rustls_client_config` is used to configure Rustls.
     pub fn ca_certificate(self, ca_certificate: Certificate) -> Self {
         ClientTlsConfig {
             cert: Some(ca_certificate),
@@ -59,35 +55,18 @@ impl ClientTlsConfig {
     }
 
     /// Sets the client identity to present to the server.
-    ///
-    /// This has no effect if `rustls_client_config` is used to configure Rustls.
     pub fn identity(self, identity: Identity) -> Self {
         ClientTlsConfig {
             identity: Some(identity),
             ..self
         }
     }
 
-    /// Use options specified by the given `ClientConfig` to configure TLS.
-    ///
-    /// This overrides all other TLS options set via other means.
-    pub fn rustls_client_config(self, config: tokio_rustls::rustls::ClientConfig) -> Self {
-        ClientTlsConfig {
-            rustls_raw: Some(config),
-            ..self
-        }
-    }
-
     pub(crate) fn tls_connector(&self, uri: Uri) -> Result<TlsConnector, crate::Error> {
         let domain = match &self.domain {
             None => uri.host().ok_or_else(Error::new_invalid_uri)?.to_string(),
             Some(domain) => domain.clone(),
         };
-        match &self.rustls_raw {
-            None => {
-                TlsConnector::new_with_rustls_cert(self.cert.clone(), self.identity.clone(), domain)
-            }
-            Some(c) => TlsConnector::new_with_rustls_raw(c.clone(), domain),
-        }
+        TlsConnector::new(self.cert.clone(), self.identity.clone(), domain)
     }
 }

tonic/src/transport/server/tls.rs

@@ -11,7 +11,6 @@ use std::fmt;
 pub struct ServerTlsConfig {
     identity: Option<Identity>,
     client_ca_root: Option<Certificate>,
-    rustls_raw: Option<tokio_rustls::rustls::ServerConfig>,
 }
 
 #[cfg(feature = "tls")]
@@ -28,7 +27,6 @@ impl ServerTlsConfig {
         ServerTlsConfig {
             identity: None,
             client_ca_root: None,
-            rustls_raw: None,
         }
     }
 
@@ -48,24 +46,7 @@ impl ServerTlsConfig {
         }
     }
 
-    /// Use options specified by the given `ServerConfig` to configure TLS.
-    ///
-    /// This overrides all other TLS options set via other means.
-    pub fn rustls_server_config(
-        &mut self,
-        config: tokio_rustls::rustls::ServerConfig,
-    ) -> &mut Self {
-        self.rustls_raw = Some(config);
-        self
-    }
-
     pub(crate) fn tls_acceptor(&self) -> Result<TlsAcceptor, crate::Error> {
-        match &self.rustls_raw {
-            None => TlsAcceptor::new_with_rustls_identity(
-                self.identity.clone().unwrap(),
-                self.client_ca_root.clone(),
-            ),
-            Some(config) => TlsAcceptor::new_with_rustls_raw(config.clone()),
-        }
+        TlsAcceptor::new(self.identity.clone().unwrap(), self.client_ca_root.clone())
     }
 }

tonic/src/transport/service/connector.rs

@@ -52,7 +52,7 @@ impl<C> Connector<C> {
 
         host.try_into()
             .ok()
-            .and_then(|dns| TlsConnector::new_with_rustls_cert(None, None, dns).ok())
+            .and_then(|dns| TlsConnector::new(None, None, dns).ok())
     }
 }
 

tonic/src/transport/service/tls.rs

@@ -37,7 +37,7 @@ pub(crate) struct TlsConnector {
 
 impl TlsConnector {
     #[cfg(feature = "tls")]
-    pub(crate) fn new_with_rustls_cert(
+    pub(crate) fn new(
         ca_cert: Option<Certificate>,
         identity: Option<Identity>,
         domain: String,
@@ -82,14 +82,6 @@ impl TlsConnector {
         };
 
         config.alpn_protocols.push(ALPN_H2.as_bytes().to_vec());
-        Self::new_with_rustls_raw(config, domain)
-    }
-
-    #[cfg(feature = "tls")]
-    pub(crate) fn new_with_rustls_raw(
-        config: tokio_rustls::rustls::ClientConfig,
-        domain: String,
-    ) -> Result<Self, crate::Error> {
         Ok(Self {
             config: Arc::new(config),
             domain: Arc::new(domain.as_str().try_into()?),
@@ -132,7 +124,7 @@ pub(crate) struct TlsAcceptor {
 
 impl TlsAcceptor {
     #[cfg(feature = "tls")]
-    pub(crate) fn new_with_rustls_identity(
+    pub(crate) fn new(
         identity: Identity,
         client_ca_root: Option<Certificate>,
     ) -> Result<Self, crate::Error> {
@@ -157,15 +149,6 @@ impl TlsAcceptor {
         })
     }
 
-    #[cfg(feature = "tls")]
-    pub(crate) fn new_with_rustls_raw(
-        config: tokio_rustls::rustls::ServerConfig,
-    ) -> Result<Self, crate::Error> {
-        Ok(Self {
-            inner: Arc::new(config),
-        })
-    }
-
     pub(crate) async fn accept<IO>(&self, io: IO) -> Result<TlsStream<IO>, crate::Error>
     where
         IO: AsyncRead + AsyncWrite + Connected + Unpin + Send + 'static,