Skip to content

Commit 49ec56a

Browse files
complexspacesdjc
authored andcommitted
Remove signature list failure case in other Verifier
Instead of having a Verifier construction failure in the path of obtaining the crypto provider's signature list, obtain the list of signatures directly from the provider instead like on the other platforms. This makes failure case debugging consistent across the different platforms the platform verifier supports and makes debugging failures with this verifier easier too.
1 parent d4c0b81 commit 49ec56a

File tree

1 file changed

+7
-4
lines changed
  • rustls-platform-verifier/src/verification

1 file changed

+7
-4
lines changed

rustls-platform-verifier/src/verification/others.rs

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -208,10 +208,13 @@ impl ServerCertVerifier for Verifier {
208208
}
209209

210210
fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
211-
match self.get_or_init_verifier() {
212-
Ok(v) => v.supported_verify_schemes(),
213-
Err(_) => Vec::default(),
214-
}
211+
// XXX: Don't go through `self.verifier` here: It introduces extra failure
212+
// cases and is strictly unneeded because `get_provider` is the same provider and
213+
// set of algorithms passed into the wrapped `WebPkiServerVerifier`. Given this,
214+
// the list of schemes are identical.
215+
self.get_provider()
216+
.signature_verification_algorithms
217+
.supported_schemes()
215218
}
216219
}
217220

0 commit comments

Comments
 (0)