Add native-tls support

Author: sfackler

Cargo.toml

@@ -25,6 +25,7 @@ with-bit-vec = ["bit-vec"]
 with-chrono = ["chrono"]
 with-eui48 = ["eui48"]
 with-openssl = ["openssl"]
+with-native-tls = ["native-tls"]
 with-rustc-serialize = ["rustc-serialize"]
 with-security-framework = ["security-framework"]
 with-serde_json = ["serde_json"]
@@ -44,6 +45,7 @@ bit-vec = { version = "0.4", optional = true }
 chrono = { version = "0.2.14", optional = true }
 eui48 = { version = "0.1", optional = true }
 openssl = { version = "0.9", optional = true }
+native-tls = { version = "0.1", optional = true }
 rustc-serialize = { version = "0.3", optional = true }
 security-framework = { version = "0.1.2", optional = true }
 serde_json = { version = ">= 0.6, < 0.9", optional = true }

src/lib.rs

@@ -44,25 +44,25 @@
 //! This crate supports TLS secured connections. The `TlsMode` enum is passed to connection methods
 //! and indicates if the connection will not, may, or must be secured by TLS. The TLS implementation
 //! is pluggable through the `TlsHandshake` trait. Implementations for OpenSSL and OSX's Secure
-//! Transport are provided behind the `with-openssl` and `with-security-framework` feature flags
-//! respectively.
+//! Transport are provided behind the `with-openssl`, `with-security-framework`, and
+//! `with-native-tls` feature flags respectively.
 //!
 //! ## Examples
 //!
-//! Connecting using OpenSSL:
+//! Connecting using native-tls:
 //!
 //! ```no_run
 //! extern crate postgres;
 //!
 //! use postgres::{Connection, TlsMode};
-//! # #[cfg(feature = "with-openssl")]
-//! use postgres::tls::openssl::OpenSsl;
+//! # #[cfg(feature = "with-native-tls")]
+//! use postgres::tls::native_tls::NativeTls;
 //!
-//! # #[cfg(not(feature = "with-openssl"))] fn main() {}
-//! # #[cfg(feature = "with-openssl")]
+//! # #[cfg(not(feature = "with-native-tls"))] fn main() {}
+//! # #[cfg(feature = "with-native-tls")]
 //! fn main() {
-//!     let openssl = OpenSsl::new().unwrap();
-//!     let conn = Connection::connect("postgres://postgres@localhost", TlsMode::Require(&openssl))
+//!     let negotiator = NativeTls::new().unwrap();
+//!     let conn = Connection::connect("postgres://postgres@localhost", TlsMode::Require(&negotiator))
 //!         .unwrap();
 //! }
 //! ```

src/tls/mod.rs

@@ -9,6 +9,8 @@ use std::fmt;
 pub mod openssl;
 #[cfg(feature = "with-security-framework")]
 pub mod security_framework;
+#[cfg(feature = "with-native-tls")]
+pub mod native_tls;
 
 /// A trait implemented by TLS streams.
 pub trait TlsStream: fmt::Debug + Read + Write + Send {

src/tls/native_tls.rs

@@ -0,0 +1,64 @@
+//! Native TLS support.
+extern crate native_tls;
+
+use std::error::Error;
+use std::fmt;
+
+use self::native_tls::TlsConnector;
+use tls::{TlsStream, Stream, TlsHandshake};
+
+impl TlsStream for native_tls::TlsStream<Stream> {
+    fn get_ref(&self) -> &Stream {
+        self.get_ref()
+    }
+
+    fn get_mut(&mut self) -> &mut Stream {
+        self.get_mut()
+    }
+}
+
+/// A `TlsHandshake` implementation that uses the native-tls crate.
+///
+/// Requires the `with-native-tls` feature.
+pub struct NativeTls(TlsConnector);
+
+impl fmt::Debug for NativeTls {
+    fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+        fmt.debug_struct("NativeTls").finish()
+    }
+}
+
+impl NativeTls {
+    /// Creates a new `NativeTls` with its default configuration.
+    pub fn new() -> Result<NativeTls, native_tls::Error> {
+        let connector = try!(TlsConnector::builder());
+        let connector = try!(connector.build());
+        Ok(NativeTls(connector))
+    }
+
+    /// Returns a reference to the inner `TlsConnector`.
+    pub fn connector(&self) -> &TlsConnector {
+        &self.0
+    }
+
+    /// Returns a mutable reference to the inner `TlsConnector`.
+    pub fn connector_mut(&mut self) -> &mut TlsConnector {
+        &mut self.0
+    }
+}
+
+impl From<TlsConnector> for NativeTls {
+    fn from(connector: TlsConnector) -> NativeTls {
+        NativeTls(connector)
+    }
+}
+
+impl TlsHandshake for NativeTls {
+    fn tls_handshake(&self,
+                     domain: &str,
+                     stream: Stream)
+                     -> Result<Box<TlsStream>, Box<Error + Send + Sync>> {
+        let stream = try!(self.0.connect(domain, stream));
+        Ok(Box::new(stream))
+    }
+}

tests/test.rs

@@ -6,6 +6,8 @@ extern crate url;
 extern crate openssl;
 #[cfg(feature = "with-security-framework")]
 extern crate security_framework;
+#[cfg(feature = "native-tls")]
+extern crate native_tls;
 
 use fallible_iterator::FallibleIterator;
 use postgres::{HandleNotice, Connection, GenericConnection, TlsMode};