Bindings to `rustls-platform-verifier`?

[amesgen]

Any thoughts on including bindings to rustls-platform-verifier? AFAICT the reasons listed in https://github.com/rustls/rustls-ffi/pull/110 (which removed rustls-native-roots) do not apply to it.

E.g. sth like this (maybe also taking in additional root certs):

#[no_mangle]
pub extern "C" fn rustls_platform_verifier_server_cert_verifier(
    verifier_out: *mut *mut rustls_server_cert_verifier,
) -> rustls_result {
    ffi_panic_boundary! {
        let verifier_out = try_mut_from_ptr_ptr!(verifier_out);
        let verifier = Arc::new(rustls_platform_verifier::Verifier::new());
        set_boxed_mut_ptr(verifier_out, verifier);
        rustls_result::Ok
    }
}

However, it still might be considered out-of-scope for this project, or it might be too new of a project to include here.

[cpu]

:wave: thanks for opening the issue.

From my perspective I think it makes sense to offer as an optional feature. The platform verifier crate is young, but now that it's published in crates.io, is gradually being adopted in other crates (e.g. hyper-rustls and quinn).

I think it would be helpful to hear what @jsha thinks since the work would require his review to be merged.

[jsha]

I think bindings to rustls-platform-verifier would be awesome! That's the direction we want the ecosystem to move in, so we should get it set up in the FFI bindings early.