Merge branch 'main' into fix-mbedtls-connector

examples/mbedtls/Cargo.toml

@@ -6,4 +6,4 @@ edition = "2021"
 
 [dependencies]
 mbedtls = { version = "0.11.0" }
-ureq = { path = "../.." }
+ureq = { path = "../.." }

src/rtls.rs

@@ -115,6 +115,13 @@ impl TlsConnector for Arc<rustls::ClientConfig> {
         dns_name: &str,
         mut io: Box<dyn ReadWrite>,
     ) -> Result<Box<dyn ReadWrite>, Error> {
+        let dns_name = if dns_name.starts_with('[') && dns_name.ends_with(']') {
+            // rustls doesn't like ipv6 addresses with brackets
+            &dns_name[1..dns_name.len() - 1]
+        } else {
+            dns_name
+        };
+
         let sni = rustls::ServerName::try_from(dns_name)
             .map_err(|e| ErrorKind::Dns.msg(format!("parsing '{}'", dns_name)).src(e))?;
 

tests/https-agent.rs

@@ -150,3 +150,33 @@ m0Wqhhi8/24Sy934t5Txgkfoltg8ahkx934WjP6WWRnSAu+cf+vW
 
     assert!(resp.into_string().unwrap().len() > 10);
 }
+
+// This tests that IPv6 addresses as host names work.
+// This is a regression test for passing the host name to `rustls::ServerName::try_from(host_name)`
+#[test]
+#[cfg(any(feature = "tls", feature = "tls-native"))]
+fn ipv6_addr_in_dns_name() {
+    let mut root_store = rustls::RootCertStore::empty();
+    root_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
+        rustls::OwnedTrustAnchor::from_subject_spki_name_constraints(
+            ta.subject,
+            ta.spki,
+            ta.name_constraints,
+        )
+    }));
+
+    let tls_config = rustls::ClientConfig::builder()
+        .with_safe_defaults()
+        .with_root_certificates(root_store)
+        .with_no_client_auth();
+
+    let agent = ureq::builder()
+        .tls_config(std::sync::Arc::new(tls_config))
+        .build();
+
+    let resp = agent.get("https://[2606:4700:4700::1111]/").call();
+
+    assert!(
+        !matches!(resp, Err(ureq::Error::Transport(ref t)) if t.kind() == ureq::ErrorKind::Dns)
+    );
+}