File tree 1 file changed +11
-4
lines changed
1 file changed +11
-4
lines changed Original file line number Diff line number Diff line change @@ -11,8 +11,9 @@ pub fn pool_config() -> ManagerConfig<AsyncPgConnection> {
11
11
fn establish_conn ( config : & str ) -> BoxFuture < ' _ , ConnectionResult < AsyncPgConnection > > {
12
12
async {
13
13
let rustls_config = rustls:: ClientConfig :: builder ( )
14
- . with_root_certificates ( load_certs ( ) )
14
+ . with_root_certificates ( load_certs ( ) . await )
15
15
. with_no_client_auth ( ) ;
16
+
16
17
let tls = tokio_postgres_rustls:: MakeRustlsConnect :: new ( rustls_config) ;
17
18
let ( client, conn) = tokio_postgres:: connect ( config, tls)
18
19
. await
@@ -29,10 +30,16 @@ fn establish_conn(config: &str) -> BoxFuture<'_, ConnectionResult<AsyncPgConnect
29
30
. boxed ( )
30
31
}
31
32
32
- fn load_certs ( ) -> rustls:: RootCertStore {
33
+ async fn load_certs ( ) -> rustls:: RootCertStore {
34
+ // Load certificates on a background thread to avoid blocking the runtime
35
+ //
36
+ // TODO(aumetra): Maybe add a fallback to `webpki-roots`?
37
+ let certs = kitsune_blocking:: io ( rustls_native_certs:: load_native_certs)
38
+ . await
39
+ . unwrap ( )
40
+ . expect ( "Failed to load native certificates" ) ;
41
+
33
42
let mut roots = rustls:: RootCertStore :: empty ( ) ;
34
- let certs =
35
- rustls_native_certs:: load_native_certs ( ) . expect ( "Failed to load native certificates" ) ;
36
43
roots. add_parsable_certificates ( certs) ;
37
44
roots
38
45
}
You can’t perform that action at this time.
0 commit comments