chore(deps): bump rustls-native-certs from 0.7.2 to 0.8.0 (#1639)

2026-02-09 01:59:16 +08:00 · 2024-09-05 15:09:37 +00:00
parent a4919d01cc
commit 2361f2f41f
3 changed files with 30 additions and 11 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1464,7 +1464,7 @@ dependencies = [
 "hyper",
 "hyper-util",
 "rustls 0.23.12",
- "rustls-native-certs 0.7.2",
+ "rustls-native-certs 0.7.3",
 "rustls-pki-types",
 "tokio",
 "tokio-rustls 0.26.0",
@@ -2745,7 +2745,7 @@ dependencies = [
 "pin-project-lite",
 "quinn 0.11.2",
 "rustls 0.23.12",
- "rustls-native-certs 0.7.2",
+ "rustls-native-certs 0.7.3",
 "rustls-pemfile 2.1.2",
 "rustls-pki-types",
 "serde",
@@ -2932,9 +2932,22 @@ dependencies = [

 [[package]]
 name = "rustls-native-certs"
-version = "0.7.2"
+version = "0.7.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "04182dffc9091a404e0fc069ea5cd60e5b866c3adf881eff99a32d048242dffa"
+checksum = "e5bfb394eeed242e909609f56089eecfe5fda225042e8b171791b9c95f5931e5"
+dependencies = [
+ "openssl-probe",
+ "rustls-pemfile 2.1.2",
+ "rustls-pki-types",
+ "schannel",
+ "security-framework",
+]
+
+[[package]]
+name = "rustls-native-certs"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fcaf18a4f2be7326cd874a5fa579fae794320a0f388d365dca7e480e55f83f8a"
 dependencies = [
 "openssl-probe",
 "rustls-pemfile 2.1.2",
@@ -3322,7 +3335,7 @@ dependencies = [
 "pin-project",
 "rand",
 "regex",
- "rustls-native-certs 0.7.2",
+ "rustls-native-certs 0.8.0",
 "serde",
 "shadowsocks",
 "sled",
--- a/crates/shadowsocks-service/Cargo.toml
+++ b/crates/shadowsocks-service/Cargo.toml
@@ -161,7 +161,7 @@ tokio-rustls = { version = "0.26", optional = true, default-features = false, fe
    "tls12",
    "ring",
 ] }
-rustls-native-certs = { version = "0.7", optional = true }
+rustls-native-certs = { version = "0.8", optional = true }
 async-trait = "0.1"

 socket2 = { version = "0.5", features = ["all"] }
--- a/crates/shadowsocks-service/src/local/http/http_stream.rs
+++ b/crates/shadowsocks-service/src/local/http/http_stream.rs
@@ -62,6 +62,7 @@ impl ProxyHttpStream {
    pub async fn connect_https(stream: AutoProxyClientStream, domain: &str) -> io::Result<ProxyHttpStream> {
        use log::warn;
        use once_cell::sync::Lazy;
+        use rustls_native_certs::CertificateResult;
        use std::sync::Arc;
        use tokio_rustls::{
            rustls::{pki_types::ServerName, ClientConfig, RootCertStore},
@@ -75,11 +76,16 @@ impl ProxyHttpStream {
                    let mut store = RootCertStore::empty();
                    store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());

-                    if let Ok(certs) = rustls_native_certs::load_native_certs() {
-                        for cert in certs {
-                            if let Err(err) = store.add(cert) {
-                                warn!("failed to add cert (native), error: {}", err);
-                            }
+                    let CertificateResult { certs, errors, .. } = rustls_native_certs::load_native_certs();
+                    if !errors.is_empty() {
+                        for error in errors {
+                            warn!("failed to load cert (native), error: {}", error);
+                        }
+                    }
+
+                    for cert in certs {
+                        if let Err(err) = store.add(cert) {
+                            warn!("failed to add cert (native), error: {}", err);
                        }
                    }