@@ -1055,15 +1055,25 @@ pub async fn send_request_handler(
10551055 let ( mut sender, worker) = if use_tls {
10561056 #[ cfg( any( target_arch = "riscv64" , target_arch = "s390x" ) ) ]
10571057 {
1058- return Err ( crate :: bindings:: http:: types:: ErrorCode :: InternalError (
1059- Some ( "unsupported architecture for SSL" . to_string ( ) ) ,
1060- ) ) ;
1058+ return Err (
1059+ wasmtime_wasi_http:: bindings:: http:: types:: ErrorCode :: InternalError ( Some (
1060+ "unsupported architecture for SSL" . to_string ( ) ,
1061+ ) ) ,
1062+ ) ;
10611063 }
10621064
10631065 #[ cfg( not( any( target_arch = "riscv64" , target_arch = "s390x" ) ) ) ]
10641066 {
10651067 use rustls:: pki_types:: ServerName ;
1066- let config = get_client_tls_config_for_authority ( & authority, client_tls_opts) ;
1068+ let config =
1069+ get_client_tls_config_for_authority ( & authority, client_tls_opts) . map_err ( |e| {
1070+ wasmtime_wasi_http:: bindings:: http:: types:: ErrorCode :: InternalError ( Some (
1071+ format ! (
1072+ "failed to configure client tls config for authority. error: {}" ,
1073+ e
1074+ ) ,
1075+ ) )
1076+ } ) ?;
10671077 let connector = tokio_rustls:: TlsConnector :: from ( std:: sync:: Arc :: new ( config) ) ;
10681078 let mut parts = authority_str. split ( ":" ) ;
10691079 let host = parts. next ( ) . unwrap_or ( & authority_str) ;
@@ -1150,7 +1160,7 @@ pub async fn send_request_handler(
11501160fn get_client_tls_config_for_authority (
11511161 authority : & Authority ,
11521162 client_tls_opts : Option < HashMap < Authority , ParsedClientTlsOpts > > ,
1153- ) -> rustls:: ClientConfig {
1163+ ) -> Result < rustls:: ClientConfig > {
11541164 // derived from https://github.com/tokio-rs/tls/blob/master/tokio-rustls/examples/client/src/main.rs
11551165 let mut root_cert_store = rustls:: RootCertStore {
11561166 roots : webpki_roots:: TLS_SERVER_ROOTS . into ( ) ,
@@ -1159,18 +1169,18 @@ fn get_client_tls_config_for_authority(
11591169 let client_tls_opts = match client_tls_opts {
11601170 Some ( opts) => opts,
11611171 _ => {
1162- return rustls:: ClientConfig :: builder ( )
1172+ return Ok ( rustls:: ClientConfig :: builder ( )
11631173 . with_root_certificates ( root_cert_store)
1164- . with_no_client_auth ( ) ;
1174+ . with_no_client_auth ( ) ) ;
11651175 }
11661176 } ;
11671177
11681178 let client_tls_opts_for_host = match client_tls_opts. get ( authority) {
11691179 Some ( opts) => opts,
11701180 _ => {
1171- return rustls:: ClientConfig :: builder ( )
1181+ return Ok ( rustls:: ClientConfig :: builder ( )
11721182 . with_root_certificates ( root_cert_store)
1173- . with_no_client_auth ( ) ;
1183+ . with_no_client_auth ( ) ) ;
11741184 }
11751185 } ;
11761186
@@ -1179,7 +1189,10 @@ fn get_client_tls_config_for_authority(
11791189 match root_cert_store. add ( cer. to_owned ( ) ) {
11801190 Ok ( _) => { }
11811191 Err ( e) => {
1182- tracing:: warn!( "failed to add custom cert to root_cert_store. error: {}" , e)
1192+ return Err ( anyhow:: anyhow!(
1193+ "failed to add custom cert to root_cert_store. error: {}" ,
1194+ e
1195+ ) ) ;
11831196 }
11841197 }
11851198 }
@@ -1189,13 +1202,13 @@ fn get_client_tls_config_for_authority(
11891202 & client_tls_opts_for_host. cert_chain ,
11901203 & client_tls_opts_for_host. private_key ,
11911204 ) {
1192- ( Some ( cert_chain) , Some ( private_key) ) => rustls:: ClientConfig :: builder ( )
1205+ ( Some ( cert_chain) , Some ( private_key) ) => Ok ( rustls:: ClientConfig :: builder ( )
11931206 . with_root_certificates ( root_cert_store)
11941207 . with_client_auth_cert ( cert_chain. to_owned ( ) , private_key. clone_key ( ) )
1195- . unwrap ( ) ,
1196- _ => rustls:: ClientConfig :: builder ( )
1208+ . unwrap ( ) ) ,
1209+ _ => Ok ( rustls:: ClientConfig :: builder ( )
11971210 . with_root_certificates ( root_cert_store)
1198- . with_no_client_auth ( ) ,
1211+ . with_no_client_auth ( ) ) ,
11991212 }
12001213}
12011214
0 commit comments