From f837e4f346cf19c25485250376c5645120c212da Mon Sep 17 00:00:00 2001
From: Matt Mastracci <matthew@mastracci.com>
Date: Fri, 15 Sep 2023 12:26:58 -0600
Subject: [PATCH] feat(ext/websocket): use rustls-tokio-stream instead of
 tokio-rustls

---
 Cargo.lock               | 14 +++++++++++++-
 Cargo.toml               |  1 +
 ext/websocket/Cargo.toml |  3 ++-
 ext/websocket/lib.rs     | 11 +++++------
 4 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 60897e50417fa6..19882df10cd651 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1643,9 +1643,10 @@ dependencies = [
  "http",
  "hyper 0.14.27",
  "once_cell",
+ "rustls",
+ "rustls-tokio-stream",
  "serde",
  "tokio",
- "tokio-rustls",
 ]
 
 [[package]]
@@ -4329,6 +4330,17 @@ dependencies = [
  "base64 0.21.4",
 ]
 
+[[package]]
+name = "rustls-tokio-stream"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "47953070fa1373d9d2f841243e824f5a56b01db9e06f65665b28681765ff657b"
+dependencies = [
+ "futures",
+ "rustls",
+ "tokio",
+]
+
 [[package]]
 name = "rustls-webpki"
 version = "0.101.5"
diff --git a/Cargo.toml b/Cargo.toml
index 5ca7d1d961212f..bd03887f5cacfa 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -124,6 +124,7 @@ ring = "=0.16.20"
 rusqlite = { version = "=0.29.0", features = ["unlock_notify", "bundled"] }
 rustls = "0.21.0"
 rustls-pemfile = "1.0.0"
+rustls-tokio-stream = "0"
 rustls-webpki = "0.101.4"
 rustls-native-certs = "0.6.2"
 webpki-roots = "0.25.2"
diff --git a/ext/websocket/Cargo.toml b/ext/websocket/Cargo.toml
index 2af6592ac6318b..27b5d9c64d34dc 100644
--- a/ext/websocket/Cargo.toml
+++ b/ext/websocket/Cargo.toml
@@ -22,6 +22,7 @@ fastwebsockets = { workspace = true, features = ["upgrade"] }
 http.workspace = true
 hyper = { workspace = true, features = ["backports"] }
 once_cell.workspace = true
+rustls.workspace = true
+rustls-tokio-stream.workspace = true
 serde.workspace = true
 tokio.workspace = true
-tokio-rustls.workspace = true
diff --git a/ext/websocket/lib.rs b/ext/websocket/lib.rs
index 479cae7ecc07c0..7bdad994fb01dc 100644
--- a/ext/websocket/lib.rs
+++ b/ext/websocket/lib.rs
@@ -42,9 +42,9 @@ use std::sync::Arc;
 use tokio::io::AsyncRead;
 use tokio::io::AsyncWrite;
 use tokio::net::TcpStream;
-use tokio_rustls::rustls::RootCertStore;
-use tokio_rustls::rustls::ServerName;
-use tokio_rustls::TlsConnector;
+use rustls::RootCertStore;
+use rustls::ServerName;
+use rustls_tokio_stream::TlsStream;
 
 use fastwebsockets::CloseCode;
 use fastwebsockets::FragmentCollector;
@@ -278,11 +278,10 @@ where
         unsafely_ignore_certificate_errors,
         None,
       )?;
-      let tls_connector = TlsConnector::from(Arc::new(tls_config));
       let dnsname = ServerName::try_from(domain.as_str())
         .map_err(|_| invalid_hostname(domain))?;
-      let tls_socket = tls_connector.connect(dnsname, tcp_socket).await?;
-      handshake(cancel_resource, request, tls_socket).await?
+      let tls_connector = TlsStream::new_client_side(tcp_socket, tls_config.into(), dnsname);
+      handshake(cancel_resource, request, tls_connector).await?
     }
     _ => unreachable!(),
   };