From 139cd29c1047382b74ff0e6f31ab297d62630c2b Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 01:43:41 +1300
Subject: [PATCH 1/6] feat(tls): add support for custom ClientConfig
 modification function

---
 tonic/src/transport/channel/service/tls.rs |  6 ++++++
 tonic/src/transport/channel/tls.rs         | 23 ++++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/tonic/src/transport/channel/service/tls.rs b/tonic/src/transport/channel/service/tls.rs
index 7510099a1..ca9cd24ba 100644
--- a/tonic/src/transport/channel/service/tls.rs
+++ b/tonic/src/transport/channel/service/tls.rs
@@ -34,6 +34,7 @@ impl TlsConnector {
         domain: &str,
         assume_http2: bool,
         use_key_log: bool,
+        modify_config: Option<Arc<dyn Fn(&mut ClientConfig) + Send + Sync>>,
         #[cfg(feature = "tls-native-roots")] with_native_roots: bool,
         #[cfg(feature = "tls-webpki-roots")] with_webpki_roots: bool,
     ) -> Result<Self, crate::BoxError> {
@@ -94,6 +95,11 @@ impl TlsConnector {
         }
 
         config.alpn_protocols.push(ALPN_H2.into());
+
+        if let Some(modify_config) = modify_config {
+            modify_config(&mut config);
+        }
+
         Ok(Self {
             config: Arc::new(config),
             domain: Arc::new(ServerName::try_from(domain)?.to_owned()),
diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 945384fd2..673e4ad8a 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -13,6 +13,7 @@ pub struct ClientTlsConfig {
     certs: Vec<Certificate>,
     trust_anchors: Vec<TrustAnchor<'static>>,
     identity: Option<Identity>,
+    modify_config: Option<ModdifyConfigFn>,
     assume_http2: bool,
     #[cfg(feature = "tls-native-roots")]
     with_native_roots: bool,
@@ -21,6 +22,15 @@ pub struct ClientTlsConfig {
     use_key_log: bool,
 }
 
+#[derive(Clone)]
+struct ModdifyConfigFn(std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>);
+
+impl std::fmt::Debug for ModdifyConfigFn {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.debug_struct("ModdifyConfigFn").finish()
+    }
+}
+
 impl ClientTlsConfig {
     /// Creates a new `ClientTlsConfig` using Rustls.
     pub fn new() -> Self {
@@ -121,6 +131,18 @@ impl ClientTlsConfig {
         config
     }
 
+    /// Adds a function to modify the `ClientConfig` before it is used.
+    pub fn modify_config<F>(self, f: F) -> Self
+    where
+        F: Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync + 'static,
+    {
+        let modify_config = ModdifyConfigFn(std::sync::Arc::new(f));
+        ClientTlsConfig {
+            modify_config: Some(modify_config),
+            ..self
+        }
+    }
+
     pub(crate) fn into_tls_connector(self, uri: &Uri) -> Result<TlsConnector, crate::BoxError> {
         let domain = match &self.domain {
             Some(domain) => domain,
@@ -137,6 +159,7 @@ impl ClientTlsConfig {
             self.with_native_roots,
             #[cfg(feature = "tls-webpki-roots")]
             self.with_webpki_roots,
+            self.modify_config.map(|f| f.0),
         )
     }
 }

From 76e0d39abd1a6709d9e4249bb36891c90222d6ca Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 01:54:19 +1300
Subject: [PATCH 2/6] fix(tls): correct position of modify_config in
 ClientTlsConfig

---
 tonic/src/transport/channel/tls.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 673e4ad8a..57a2442f8 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -155,11 +155,11 @@ impl ClientTlsConfig {
             domain,
             self.assume_http2,
             self.use_key_log,
+            self.modify_config.map(|f| f.0),
             #[cfg(feature = "tls-native-roots")]
             self.with_native_roots,
             #[cfg(feature = "tls-webpki-roots")]
             self.with_webpki_roots,
-            self.modify_config.map(|f| f.0),
         )
     }
 }

From 4b769a4c6cc93b25f78bc5859d5e5e7630307ad1 Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 02:46:20 +1300
Subject: [PATCH 3/6] fmt

---
 tonic/src/transport/channel/tls.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 57a2442f8..bf8d9c839 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -23,7 +23,9 @@ pub struct ClientTlsConfig {
 }
 
 #[derive(Clone)]
-struct ModdifyConfigFn(std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>);
+struct ModdifyConfigFn(
+    std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
+);
 
 impl std::fmt::Debug for ModdifyConfigFn {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {

From ed921209529403ff62f8dec36440a1898f00f792 Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 02:51:15 +1300
Subject: [PATCH 4/6] fix(tls): correct ModdifyConfigFn usage in
 ClientTlsConfig

---
 tonic/src/transport/channel/service/tls.rs | 8 ++++----
 tonic/src/transport/channel/tls.rs         | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/tonic/src/transport/channel/service/tls.rs b/tonic/src/transport/channel/service/tls.rs
index ca9cd24ba..9a4c36495 100644
--- a/tonic/src/transport/channel/service/tls.rs
+++ b/tonic/src/transport/channel/service/tls.rs
@@ -13,9 +13,9 @@ use tokio_rustls::{
 };
 
 use super::io::BoxedIo;
-use crate::transport::service::tls::{
+use crate::transport::{channel::tls::ModdifyConfigFn, service::tls::{
     convert_certificate_to_pki_types, convert_identity_to_pki_types, TlsError, ALPN_H2,
-};
+}};
 use crate::transport::tls::{Certificate, Identity};
 
 #[derive(Clone)]
@@ -34,7 +34,7 @@ impl TlsConnector {
         domain: &str,
         assume_http2: bool,
         use_key_log: bool,
-        modify_config: Option<Arc<dyn Fn(&mut ClientConfig) + Send + Sync>>,
+        modify_config: Option<ModdifyConfigFn>,
         #[cfg(feature = "tls-native-roots")] with_native_roots: bool,
         #[cfg(feature = "tls-webpki-roots")] with_webpki_roots: bool,
     ) -> Result<Self, crate::BoxError> {
@@ -97,7 +97,7 @@ impl TlsConnector {
         config.alpn_protocols.push(ALPN_H2.into());
 
         if let Some(modify_config) = modify_config {
-            modify_config(&mut config);
+            modify_config.0(&mut config);
         }
 
         Ok(Self {
diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index bf8d9c839..069d1209f 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -23,8 +23,8 @@ pub struct ClientTlsConfig {
 }
 
 #[derive(Clone)]
-struct ModdifyConfigFn(
-    std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
+pub(crate) struct ModdifyConfigFn(
+   pub std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
 );
 
 impl std::fmt::Debug for ModdifyConfigFn {
@@ -157,7 +157,7 @@ impl ClientTlsConfig {
             domain,
             self.assume_http2,
             self.use_key_log,
-            self.modify_config.map(|f| f.0),
+            self.modify_config,
             #[cfg(feature = "tls-native-roots")]
             self.with_native_roots,
             #[cfg(feature = "tls-webpki-roots")]

From 7a331abfa3355491b4f32bbba321287d6c752280 Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 02:51:23 +1300
Subject: [PATCH 5/6] fmt

---
 tonic/src/transport/channel/service/tls.rs | 9 ++++++---
 tonic/src/transport/channel/tls.rs         | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/tonic/src/transport/channel/service/tls.rs b/tonic/src/transport/channel/service/tls.rs
index 9a4c36495..6aef12c05 100644
--- a/tonic/src/transport/channel/service/tls.rs
+++ b/tonic/src/transport/channel/service/tls.rs
@@ -13,10 +13,13 @@ use tokio_rustls::{
 };
 
 use super::io::BoxedIo;
-use crate::transport::{channel::tls::ModdifyConfigFn, service::tls::{
-    convert_certificate_to_pki_types, convert_identity_to_pki_types, TlsError, ALPN_H2,
-}};
 use crate::transport::tls::{Certificate, Identity};
+use crate::transport::{
+    channel::tls::ModdifyConfigFn,
+    service::tls::{
+        convert_certificate_to_pki_types, convert_identity_to_pki_types, TlsError, ALPN_H2,
+    },
+};
 
 #[derive(Clone)]
 pub(crate) struct TlsConnector {
diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 069d1209f..53306facb 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -24,7 +24,7 @@ pub struct ClientTlsConfig {
 
 #[derive(Clone)]
 pub(crate) struct ModdifyConfigFn(
-   pub std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
+    pub std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
 );
 
 impl std::fmt::Debug for ModdifyConfigFn {

From 23df5efe331dc2ca81b5d9f9a0e2ae7c3871e5e1 Mon Sep 17 00:00:00 2001
From: Night_Hunter <samuelhuntnz@gmail.com>
Date: Thu, 27 Mar 2025 02:55:23 +1300
Subject: [PATCH 6/6] fix(tls): change ModdifyConfigFn visibility to pub crate

---
 tonic/src/transport/channel/tls.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 53306facb..9cc38695d 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -24,7 +24,7 @@ pub struct ClientTlsConfig {
 
 #[derive(Clone)]
 pub(crate) struct ModdifyConfigFn(
-    pub std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
+    pub(crate) std::sync::Arc<dyn Fn(&mut tokio_rustls::rustls::ClientConfig) + Send + Sync>,
 );
 
 impl std::fmt::Debug for ModdifyConfigFn {