Allow specifying root certs and Client Identity [for native-tls] as bytes rather than via a file #288
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rjobanp
force-pushed
the
ssl-opts-bytes
branch
from
5b249e5
to
44df99d
Compare
rjobanp
force-pushed
the
ssl-opts-bytes
branch
from
44df99d
to
0e38674
Compare
rjobanp
force-pushed
the
ssl-opts-bytes
branch
from
0e38674
to
ecc4908
Compare
5 tasks
convex-copybara bot
pushed a commit
to get-convex/convex-backend
that referenced
this pull request
Jul 4, 2024
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [mysql_async](https://github.com/blackbeam/mysql_async) | workspace.dependencies | minor | `0.33.0` -> `0.34.0` | --- ### Release Notes <details> <summary>blackbeam/mysql_async (mysql_async)</summary> ### [`v0.34.1`](https://github.com/blackbeam/mysql_async/releases/tag/v0.34.1) [Compare Source](https://github.com/blackbeam/mysql_async/compare/v0.34.0...v0.34.1) #### What's Changed - Fix imports for non-default features by [@​blackbeam](https://github.com/blackbeam) in [blackbeam/mysql_async#299 **Full Changelog**: blackbeam/mysql_async@v0.34.0...v0.34.1 ### [`v0.34.0`](https://github.com/blackbeam/mysql_async/releases/tag/v0.34.0) [Compare Source](https://github.com/blackbeam/mysql_async/compare/v0.33.0...v0.34.0) #### What's Changed - Use an explicit priority check by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#271 - Refactor pool creation in tests by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#268 - Implement Borrow<QueueId> for QueuedWaker by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#266 - Inline poll_new_conn_inner into only caller by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#267 - Make queue_id non-optional by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#273 - Drop unnecessary use of Pin by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#277 - Silence clippy warnings by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#276 - Always save the most recent waker by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#272 - Delete GetConnInner::take by [@​espindola](https://github.com/espindola) in [blackbeam/mysql_async#279 - fix skip_domain_validation usage when using rustls by [@​alekitto](https://github.com/alekitto) in [blackbeam/mysql_async#284 - annotate `Transaction` with `must_use` by [@​petrosagg](https://github.com/petrosagg) in [blackbeam/mysql_async#290 - Allow specifying root certs and Client Identity as bytes rather than via a file by [@​blackbeam](https://github.com/blackbeam) in [blackbeam/mysql_async#291 - Allow specifying root certs and Client Identity \[for native-tls] as bytes rather than via a file by [@​rjobanp](https://github.com/rjobanp) in [blackbeam/mysql_async#288 - Allow overriding domain used for TLS hostname verification by [@​blackbeam](https://github.com/blackbeam) in [blackbeam/mysql_async#292 - Allow overriding domain used for TLS hostname verification by [@​rjobanp](https://github.com/rjobanp) in [blackbeam/mysql_async#289 - Use DROP USER in test by [@​grooverdan](https://github.com/grooverdan) in [blackbeam/mysql_async#295 - proxy `mysql_common` features by [@​blackbeam](https://github.com/blackbeam) in [blackbeam/mysql_async#297 #### New Contributors - [@​espindola](https://github.com/espindola) made their first contribution in [blackbeam/mysql_async#271 - [@​alekitto](https://github.com/alekitto) made their first contribution in [blackbeam/mysql_async#284 - [@​petrosagg](https://github.com/petrosagg) made their first contribution in [blackbeam/mysql_async#290 - [@​rjobanp](https://github.com/rjobanp) made their first contribution in [blackbeam/mysql_async#288 - [@​grooverdan](https://github.com/grooverdan) made their first contribution in [blackbeam/mysql_async#295 **Full Changelog**: blackbeam/mysql_async@v0.33.0...v0.34.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on the first day of the month" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/get-convex/convex). GitOrigin-RevId: 6509626c78732e9f033417b4c3c47faab9a00e4b
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
👋🏽 In our use-case we'd prefer not to have to generate files for providing root certs and client keys to
mysql_async-- we already have those values as bytes and for security reasons don't want to expose them to the filesystem.This PR adds a
with_root_certoption toSslOptsto allow providing root CA certs directly, which are merged with any other certs specified bywith_root_cert_path.This also adds a
ClientIdentity::new_from_bytesmethod to allow instantiating a native-tlsClientIdentityusing the pkcs12 archive directly.In both cases I avoided changing any existing APIs, but feel free to suggest an alternative design or implementation. Thanks!