Switch from OpenSSL to Rustls (#19104)

This PR also includes a downgrade of our async_tungstenite version to 0.24 Release Notes: - N/A
2024-10-11 18:18:09 -07:00 · 2024-10-11 18:18:09 -07:00 · c85a3cc117
commit c85a3cc117
parent 22ac178f9d
8 changed files with 118 additions and 106 deletions
--- a/crates/http_client/Cargo.toml
+++ b/crates/http_client/Cargo.toml
@ -21,8 +21,6 @@ derive_more.workspace = true
 futures.workspace = true
 http = "1.1"
 log.workspace = true
-rustls-native-certs.workspace = true
-rustls.workspace = true
 serde.workspace = true
 serde_json.workspace = true
 smol.workspace = true
--- a/crates/http_client/src/http_client.rs
+++ b/crates/http_client/src/http_client.rs
@ -12,7 +12,7 @@ use http::request::Builder;
 use std::fmt;
 use std::{
    any::type_name,
-    sync::{Arc, LazyLock, Mutex},
+    sync::{Arc, Mutex},
    time::Duration,
 };
 pub use url::Url;
@ -35,23 +35,6 @@ pub enum RedirectPolicy {
 }
 pub struct FollowRedirects(pub bool);

-pub static TLS_CONFIG: LazyLock<Arc<rustls::ClientConfig>> = LazyLock::new(|| {
-    let mut root_store = rustls::RootCertStore::empty();
-
-    let root_certs = rustls_native_certs::load_native_certs();
-    for error in root_certs.errors {
-        log::warn!("error loading native certs: {:?}", error);
-    }
-    root_store.add_parsable_certificates(&root_certs.certs);
-
-    Arc::new(
-        rustls::ClientConfig::builder()
-            .with_safe_defaults()
-            .with_root_certificates(root_store)
-            .with_no_client_auth(),
-    )
-});
-
 pub trait HttpRequestExt {
    /// Set a read timeout on the request.
    /// For isahc, this is the low_speed_timeout.