Avoid deprecated rustls API

Author: djc

Cargo.toml

@@ -13,7 +13,7 @@ rust-version = "1.60"
 
 [dependencies]
 tokio = "1.0"
-rustls = { version = "0.21.0", default-features = false }
+rustls = { version = "0.21.6", default-features = false }
 
 [features]
 default = ["logging", "tls12"]

README.md

@@ -1,4 +1,5 @@
 # tokio-rustls
+
 [![github actions](https://github.com/rustls/tokio-rustls/workflows/CI/badge.svg)](https://github.com/rustls/tokio-rustls/actions)
 [![crates](https://img.shields.io/crates/v/tokio-rustls.svg)](https://crates.io/crates/tokio-rustls)
 [![license](https://img.shields.io/badge/License-MIT-blue.svg)](https://github.com/rustls/tokio-rustls/blob/main/LICENSE-MIT)
@@ -19,7 +20,7 @@ use tokio_rustls::TlsConnector;
 // ...
 
 let mut root_cert_store = RootCertStore::empty();
-root_cert_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
+root_cert_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
     OwnedTrustAnchor::from_subject_spki_name_constraints(
         ta.subject,
         ta.spki,
@@ -61,10 +62,10 @@ cargo run -- 127.0.0.1:8000 --cert mycert.der --key mykey.der
 
 This project is licensed under either of
 
- * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
-   https://www.apache.org/licenses/LICENSE-2.0)
- * MIT license ([LICENSE-MIT](LICENSE-MIT) or
-   https://opensource.org/licenses/MIT)
+- Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
+  https://www.apache.org/licenses/LICENSE-2.0)
+- MIT license ([LICENSE-MIT](LICENSE-MIT) or
+  https://opensource.org/licenses/MIT)
 
 at your option.
 

examples/client.rs

@@ -54,17 +54,15 @@ async fn main() -> io::Result<()> {
                 ta.name_constraints,
             )
         });
-        root_cert_store.add_server_trust_anchors(trust_anchors);
+        root_cert_store.add_trust_anchors(trust_anchors);
     } else {
-        root_cert_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(
-            |ta| {
-                OwnedTrustAnchor::from_subject_spki_name_constraints(
-                    ta.subject,
-                    ta.spki,
-                    ta.name_constraints,
-                )
-            },
-        ));
+        root_cert_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
+            OwnedTrustAnchor::from_subject_spki_name_constraints(
+                ta.subject,
+                ta.spki,
+                ta.name_constraints,
+            )
+        }));
     }
 
     let config = rustls::ClientConfig::builder()

tests/badssl.rs

@@ -34,7 +34,7 @@ async fn get(
 #[tokio::test]
 async fn test_tls12() -> io::Result<()> {
     let mut root_store = rustls::RootCertStore::empty();
-    root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
+    root_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
         OwnedTrustAnchor::from_subject_spki_name_constraints(
             ta.subject,
             ta.spki,
@@ -72,7 +72,7 @@ fn test_tls13() {
 #[tokio::test]
 async fn test_modern() -> io::Result<()> {
     let mut root_store = rustls::RootCertStore::empty();
-    root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
+    root_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
         OwnedTrustAnchor::from_subject_spki_name_constraints(
             ta.subject,
             ta.spki,

tests/early-data.rs

@@ -142,7 +142,7 @@ async fn test_0rtt() -> io::Result<()> {
         )
     });
     let mut root_store = RootCertStore::empty();
-    root_store.add_server_trust_anchors(trust_anchors);
+    root_store.add_trust_anchors(trust_anchors);
     let mut config = rustls::ClientConfig::builder()
         .with_safe_default_cipher_suites()
         .with_safe_default_kx_groups()

tests/test.rs

@@ -113,7 +113,7 @@ async fn pass() -> io::Result<()> {
 
     let chain = certs(&mut std::io::Cursor::new(*chain)).unwrap();
     let mut root_store = rustls::RootCertStore::empty();
-    root_store.add_server_trust_anchors(chain.iter().map(|cert| {
+    root_store.add_trust_anchors(chain.iter().map(|cert| {
         let ta = webpki::TrustAnchor::try_from_cert_der(&cert[..]).unwrap();
         OwnedTrustAnchor::from_subject_spki_name_constraints(
             ta.subject,
@@ -139,7 +139,7 @@ async fn fail() -> io::Result<()> {
 
     let chain = certs(&mut std::io::Cursor::new(*chain)).unwrap();
     let mut root_store = rustls::RootCertStore::empty();
-    root_store.add_server_trust_anchors(chain.iter().map(|cert| {
+    root_store.add_trust_anchors(chain.iter().map(|cert| {
         let ta = webpki::TrustAnchor::try_from_cert_der(&cert[..]).unwrap();
         OwnedTrustAnchor::from_subject_spki_name_constraints(
             ta.subject,

tests/utils.rs

@@ -27,7 +27,7 @@ mod utils {
         let mut client_root_cert_store = RootCertStore::empty();
         let mut chain = BufReader::new(Cursor::new(CHAIN));
         let certs = certs(&mut chain).unwrap();
-        client_root_cert_store.add_server_trust_anchors(certs.iter().map(|cert| {
+        client_root_cert_store.add_trust_anchors(certs.iter().map(|cert| {
             let ta = webpki::TrustAnchor::try_from_cert_der(&cert[..]).unwrap();
             OwnedTrustAnchor::from_subject_spki_name_constraints(
                 ta.subject,