Skip to content

Commit f0d6e63

Browse files
youknowoneyouknowone
committed
fix
1 parent 499a7fd commit f0d6e63

File tree

3 files changed

+37
-22
lines changed

3 files changed

+37
-22
lines changed

stdlib/build.rs

Lines changed: 20 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -23,25 +23,28 @@ fn main() {
2323
println!("cargo::rustc-check-cfg=cfg({cfg})");
2424
}
2525

26-
#[allow(clippy::unusual_byte_groupings)]
27-
if let Ok(v) = std::env::var("DEP_OPENSSL_VERSION_NUMBER") {
28-
println!("cargo:rustc-env=OPENSSL_API_VERSION={v}");
29-
// cfg setup from openssl crate's build script
30-
let version = u64::from_str_radix(&v, 16).unwrap();
31-
for (ver, cfg) in ossl_vers {
32-
if version >= ver {
33-
println!("cargo:rustc-cfg={cfg}");
26+
#[cfg(feature = "ssl-openssl")]
27+
{
28+
#[allow(clippy::unusual_byte_groupings)]
29+
if let Ok(v) = std::env::var("DEP_OPENSSL_VERSION_NUMBER") {
30+
println!("cargo:rustc-env=OPENSSL_API_VERSION={v}");
31+
// cfg setup from openssl crate's build script
32+
let version = u64::from_str_radix(&v, 16).unwrap();
33+
for (ver, cfg) in ossl_vers {
34+
if version >= ver {
35+
println!("cargo:rustc-cfg={cfg}");
36+
}
3437
}
3538
}
36-
}
37-
if let Ok(v) = std::env::var("DEP_OPENSSL_CONF") {
38-
for conf in v.split(',') {
39-
println!("cargo:rustc-cfg=osslconf=\"{conf}\"");
39+
if let Ok(v) = std::env::var("DEP_OPENSSL_CONF") {
40+
for conf in v.split(',') {
41+
println!("cargo:rustc-cfg=osslconf=\"{conf}\"");
42+
}
43+
}
44+
// it's possible for openssl-sys to link against the system openssl under certain conditions,
45+
// so let the ssl module know to only perform a probe if we're actually vendored
46+
if std::env::var("DEP_OPENSSL_VENDORED").is_ok_and(|s| s == "1") {
47+
println!("cargo::rustc-cfg=openssl_vendored")
4048
}
41-
}
42-
// it's possible for openssl-sys to link against the system openssl under certain conditions,
43-
// so let the ssl module know to only perform a probe if we're actually vendored
44-
if std::env::var("DEP_OPENSSL_VENDORED").is_ok_and(|s| s == "1") {
45-
println!("cargo::rustc-cfg=openssl_vendored")
4649
}
4750
}

stdlib/src/ssl/cert.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1007,9 +1007,9 @@ impl ClientCertVerifier for DeferredClientCertVerifier {
10071007
}
10081008

10091009
fn client_auth_mandatory(&self) -> bool {
1010-
// Return false to make client auth optional during handshake
1011-
// This allows the handshake to complete even if client cert is invalid
1012-
false
1010+
// Delegate to inner verifier to respect CERT_REQUIRED mode
1011+
// This ensures client certificates are mandatory when verify_mode=CERT_REQUIRED
1012+
self.inner.client_auth_mandatory()
10131013
}
10141014

10151015
fn root_hint_subjects(&self) -> &[rustls::DistinguishedName] {

stdlib/src/ssl/compat.rs

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -238,6 +238,18 @@ pub(super) fn create_ssl_cert_verification_error(
238238
vm,
239239
)?;
240240

241+
// Set library and reason attributes like CPython (for test_httplib.py compatibility)
242+
exc.as_object()
243+
.set_attr("library", vm.ctx.new_str("SSL").as_object().to_owned(), vm)?;
244+
exc.as_object().set_attr(
245+
"reason",
246+
vm.ctx
247+
.new_str("CERTIFICATE_VERIFY_FAILED")
248+
.as_object()
249+
.to_owned(),
250+
vm,
251+
)?;
252+
241253
Ok(exc)
242254
}
243255

@@ -473,13 +485,13 @@ impl SslError {
473485
// Set library and reason attributes like CPython
474486
// Ignore errors as they're extremely rare (e.g., out of memory)
475487
let _ = exc.as_object().set_attr(
476-
"_library",
488+
"library",
477489
vm.ctx.new_str(library).as_object().to_owned(),
478490
vm,
479491
);
480492
let _ =
481493
exc.as_object()
482-
.set_attr("_reason", vm.ctx.new_str(reason).as_object().to_owned(), vm);
494+
.set_attr("reason", vm.ctx.new_str(reason).as_object().to_owned(), vm);
483495

484496
exc
485497
}

0 commit comments

Comments
 (0)