This PR removes the openssl dependency in favor of rustls. The benefits to doing this are:
Less unsafe: openssl relies on the openssl-sys FFI crate, which wraps unsafe FFIs with no added soundness guarantees, afaik. rustls is written in Rust and provides no unsafe features by default.
No openssl-sys: Linux, macOS and other UNIX-users have to install a dev-package for the openssl library in order to compile chorus. This PR changes that, improving portability
No openssl, in general: OpenSSL has a long history of implementation defects. Naturally, removing the OpenSSL dependency in favor of a modern and safe replacement changes this.
Note, that with this PR, certificates are no longer provided by the system, but rather by the webpki_roots crate, which "is a crate containing Mozilla's root certificates for use with the webpki or rustls crates.". A feature could be added in the future to choose between rustls+webpki and rustls+native_certs (likely re-introducing openssl as a dependency),
This PR removes the
openssldependency in favor ofrustls. The benefits to doing this are:unsafe:opensslrelies on theopenssl-sysFFI crate, which wrapsunsafeFFIs with no added soundness guarantees, afaik.rustlsis written in Rust and provides nounsafefeatures by default.openssl-sys: Linux, macOS and other UNIX-users have to install a dev-package for the openssl library in order to compile chorus. This PR changes that, improving portabilityNote, that with this PR, certificates are no longer provided by the system, but rather by the
webpki_rootscrate, which "is a crate containing Mozilla's root certificates for use with the webpki or rustls crates.". A feature could be added in the future to choose between rustls+webpki and rustls+native_certs (likely re-introducing openssl as a dependency),