1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

// Copyright 2020 Dmitry Tantsur <divius.inside@gmail.com>
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

//! Support for loading sessions from external input.

#[cfg(any(feature = "native-tls", feature = "rustls"))]
use std::fs;

#[cfg(any(feature = "native-tls", feature = "rustls"))]
use reqwest::Certificate;
use reqwest::Client;

use crate::{Error, ErrorKind};

/// Create an HTTP client with the provided CA certificate.
#[inline]
#[allow(unused_mut)] // mut builder unused with --no-default-features
fn get_client(cacert: Option<String>) -> Result<Client, Error> {
    let mut builder = Client::builder();
    #[cfg(any(feature = "native-tls", feature = "rustls"))]
    if let Some(cert_path) = cacert {
        let cert_content = fs::read(&cert_path).map_err(|e| {
            Error::new(
                ErrorKind::InvalidConfig,
                format!("Cannot open cacert file {}: {}", cert_path, e),
            )
        })?;

        let cert = Certificate::from_pem(&cert_content).map_err(|e| {
            Error::new(
                ErrorKind::InvalidConfig,
                format!("Cannot parse {} as PEM: {}", cert_path, e),
            )
        })?;

        builder = builder.add_root_certificate(cert);
    }

    #[cfg(not(any(feature = "native-tls", feature = "rustls")))]
    if cacert.is_some() {
        return Err(Error::new(
            ErrorKind::InvalidConfig,
            "TLS support is disabled",
        ));
    }

    Ok(builder.build().expect("Cannot initialize HTTP backend"))
}

mod config;
mod env;

pub use config::from_config;
pub use env::from_env;