watermelon-mini 0.3.4

Minimal NATS Core client implementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

#![forbid(unsafe_code)]

use std::sync::Arc;

use rustls_platform_verifier::Verifier;
use tokio::net::TcpStream;
use tokio_rustls::{
    TlsConnector,
    rustls::{ClientConfig, crypto::CryptoProvider, version::TLS13},
};
use watermelon_net::Connection;
use watermelon_proto::{ServerAddr, ServerInfo};

#[cfg(feature = "non-standard-zstd")]
pub use self::non_standard_zstd::ZstdStream;
use self::proto::connect;
pub use self::proto::{
    AuthenticationMethod, ConnectError, ConnectionCompression, ConnectionSecurity,
};

#[cfg(feature = "non-standard-zstd")]
pub(crate) mod non_standard_zstd;
mod proto;
mod util;

#[derive(Debug, Clone)]
#[non_exhaustive]
pub struct ConnectFlags {
    pub tcp_nodelay: bool,
    pub echo: bool,
    #[cfg(feature = "non-standard-zstd")]
    pub zstd_compression_level: Option<u8>,
}

impl Default for ConnectFlags {
    fn default() -> Self {
        Self {
            tcp_nodelay: true,
            echo: false,
            #[cfg(feature = "non-standard-zstd")]
            zstd_compression_level: Some(3),
        }
    }
}

/// Connect to a given address with some reasonable presets.
///
/// The function is going to establish a TLS 1.3 connection, without the support of the client
/// authorization.
///
/// # Errors
///
/// This returns an error in case the connection fails.
#[expect(
    clippy::missing_panics_doc,
    reason = "the crypto_provider function always returns a provider that supports TLS 1.3"
)]
pub async fn easy_connect(
    addr: &ServerAddr,
    auth: Option<&AuthenticationMethod>,
    flags: ConnectFlags,
) -> Result<
    (
        Connection<
            ConnectionCompression<ConnectionSecurity<TcpStream>>,
            ConnectionSecurity<TcpStream>,
        >,
        Box<ServerInfo>,
    ),
    ConnectError,
> {
    let provider = Arc::new(crypto_provider());
    let connector = TlsConnector::from(Arc::new(
        ClientConfig::builder_with_provider(Arc::clone(&provider))
            .with_protocol_versions(&[&TLS13])
            .unwrap()
            .dangerous()
            .with_custom_certificate_verifier(Arc::new(
                Verifier::new(provider).map_err(ConnectError::Tls)?,
            ))
            .with_no_client_auth(),
    ));

    let (conn, info) = connect(&connector, addr, "watermelon".to_owned(), auth, flags).await?;
    Ok((conn, info))
}

fn crypto_provider() -> CryptoProvider {
    #[cfg(feature = "aws-lc-rs")]
    return tokio_rustls::rustls::crypto::aws_lc_rs::default_provider();
    #[cfg(all(not(feature = "aws-lc-rs"), feature = "ring"))]
    return tokio_rustls::rustls::crypto::ring::default_provider();
    #[cfg(all(
        not(feature = "aws-lc-rs"),
        not(feature = "ring"),
        feature = "graviola"
    ))]
    return rustls_graviola::default_provider();
    #[cfg(not(any(feature = "aws-lc-rs", feature = "ring", feature = "graviola")))]
    compile_error!("Please enable the `aws-lc-rs`, the `ring` or the `graviola` feature")
}