Revert "mobile wss use rustls_platform_verifier"

This reverts commit bf9a79f.

Author: 21pages

Cargo.toml

@@ -59,7 +59,7 @@ tokio-rustls = { version = "0.26", features = [
     "tls12",
     "ring",
 ], default-features = false }
-rustls-platform-verifier = "0.6"
+rustls-platform-verifier = "0.5"
 rustls-pki-types = "1.11"
 tokio-tungstenite = { version = "0.26", features = ["rustls-tls-native-roots", "rustls-tls-webpki-roots"] }
 tungstenite = { version = "0.26", features = ["rustls-tls-native-roots", "rustls-tls-webpki-roots"] }

src/config.rs

@@ -5,7 +5,7 @@ use std::{
     net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr},
     ops::{Deref, DerefMut},
     path::{Path, PathBuf},
-    sync::{atomic::AtomicBool, Mutex, RwLock},
+    sync::{Mutex, RwLock},
     time::{Duration, Instant, SystemTime},
 };
 
@@ -70,7 +70,6 @@ lazy_static::lazy_static! {
     pub static ref OVERWRITE_LOCAL_SETTINGS: RwLock<HashMap<String, String>> = Default::default();
     pub static ref HARD_SETTINGS: RwLock<HashMap<String, String>> = Default::default();
     pub static ref BUILTIN_SETTINGS: RwLock<HashMap<String, String>> = Default::default();
-    pub static ref RUSTLS_PLATFORM_VERIFIER_INITIALIZED: AtomicBool = AtomicBool::new(false);
 }
 
 lazy_static::lazy_static! {

src/lib.rs

@@ -57,10 +57,8 @@ pub use toml;
 pub use uuid;
 pub mod fingerprint;
 pub use flexi_logger;
-pub mod stream;
 pub mod websocket;
-#[cfg(not(any(target_os = "macos", target_os = "windows")))]
-pub use rustls_platform_verifier;
+pub mod stream;
 pub use stream::Stream;
 pub use whoami;
 

src/proxy.rs

@@ -56,6 +56,7 @@ const MAXIMUM_RESPONSE_HEADERS: usize = 16;
 const DEFINE_TIME_OUT: u64 = 600;
 
 pub trait IntoUrl {
+
     // Besides parsing as a valid `Url`, the `Url` must be a valid
     // `http::Uri`, in that it makes sense to use in a network request.
     fn into_url(self) -> Result<Url, ProxyError>;
@@ -454,10 +455,8 @@ impl Proxy {
         Input: AsyncRead + AsyncWrite + Unpin,
         T: IntoTargetAddr<'a>,
     {
-        use rustls_platform_verifier::ConfigVerifierExt;
         use std::convert::TryFrom;
-        let verifier = tokio_rustls::rustls::ClientConfig::with_platform_verifier()
-            .map_err(|e| ProxyError::IoError(std::io::Error::other(e)))?;
+        let verifier = rustls_platform_verifier::tls_config();
         let url_domain = self.intercept.get_domain()?;
 
         let domain = rustls_pki_types::ServerName::try_from(url_domain.as_str())

src/websocket.rs

@@ -8,11 +8,7 @@ use crate::{
     ResultType,
 };
 use bytes::{Bytes, BytesMut};
-#[cfg(any(target_os = "android", target_os = "ios"))]
-use futures::future::{select_ok, FutureExt};
 use futures::{SinkExt, StreamExt};
-#[cfg(any(target_os = "android", target_os = "ios"))]
-use std::future::Future;
 use std::{
     io::{Error, ErrorKind},
     net::SocketAddr,
@@ -32,19 +28,6 @@ pub struct WsFramedStream {
     send_timeout: u64,
 }
 
-#[cfg(any(target_os = "android", target_os = "ios"))]
-async fn await_timeout_result<F, T, E>(future: F) -> ResultType<T>
-where
-    F: Future<Output = Result<Result<T, E>, tokio::time::error::Elapsed>>,
-    E: std::error::Error + Send + Sync + 'static,
-{
-    match future.await {
-        Ok(Ok(result)) => Ok(result),
-        Ok(Err(e)) => Err(e.into()),
-        Err(elapsed) => Err(Error::new(ErrorKind::TimedOut, elapsed).into()),
-    }
-}
-
 impl WsFramedStream {
     pub async fn new<T: AsRef<str>>(
         url: T,
@@ -60,57 +43,8 @@ impl WsFramedStream {
             .into_client_request()
             .map_err(|e| Error::new(ErrorKind::Other, e))?;
 
-        let stream;
-        #[cfg(any(target_os = "android", target_os = "ios"))]
-        {
-            let mut futures = vec![];
-
-            let is_wss = url_str.starts_with("wss://");
-            let rustls_platform_verifier_initialized = !cfg!(target_os = "android")
-                || crate::config::RUSTLS_PLATFORM_VERIFIER_INITIALIZED
-                    .load(std::sync::atomic::Ordering::Relaxed);
-            if is_wss && rustls_platform_verifier_initialized {
-                use rustls_platform_verifier::ConfigVerifierExt;
-                use std::sync::Arc;
-                use tokio_rustls::rustls::ClientConfig;
-                use tokio_tungstenite::{connect_async_tls_with_config, Connector};
-                match ClientConfig::with_platform_verifier() {
-                    Ok(config) => {
-                        let connector = Connector::Rustls(Arc::new(config));
-                        futures.push(
-                            await_timeout_result(timeout(
-                                Duration::from_millis(ms_timeout),
-                                connect_async_tls_with_config(
-                                    request.clone(),
-                                    None,
-                                    false,
-                                    Some(connector),
-                                ),
-                            ))
-                            .boxed(),
-                        );
-                    }
-                    Err(e) => {
-                        log::error!("with_platform_verifier failed: {:?}", e);
-                    }
-                }
-            }
-            futures.push(
-                await_timeout_result(timeout(
-                    Duration::from_millis(ms_timeout),
-                    connect_async(request),
-                ))
-                .boxed(),
-            );
-            let ((s, _), _) = select_ok(futures).await?;
-            stream = s;
-        }
-        #[cfg(not(any(target_os = "android", target_os = "ios")))]
-        {
-            let (s, _) =
-                timeout(Duration::from_millis(ms_timeout), connect_async(request)).await??;
-            stream = s;
-        }
+        let (stream, _) =
+            timeout(Duration::from_millis(ms_timeout), connect_async(request)).await??;
 
         let addr = match stream.get_ref() {
             MaybeTlsStream::Plain(tcp) => tcp.peer_addr()?,