Rework tls feature split to avoid unused dependencies

README.md

@@ -85,19 +85,27 @@ redis = { version = "0.25.3", features = ["async-std-native-tls-comp"] }
 To use `rustls`:
 
 ```
-redis = { version = "0.25.3", features = ["tls-rustls"] }
+redis = { version = "0.25.3", features = ["tls-rustls-native-certs"] }
+# or
+redis = { version = "0.25.3", features = ["tls-rustls-webpki-roots"] }
 
 # if you use tokio
-redis = { version = "0.25.3", features = ["tokio-rustls-comp"] }
+redis = { version = "0.25.3", features = ["tokio-rustls-native-certs-comp"] }
+# or
+redis = { version = "0.25.3", features = ["tokio-rustls-webpki-roots-comp"] }
 
 # if you use async-std
-redis = { version = "0.25.3", features = ["async-std-rustls-comp"] }
+redis = { version = "0.25.3", features = ["async-std-rustls-native-certs-comp"] }
+# or
+redis = { version = "0.25.3", features = ["async-std-rustls-webpki-roots-comp"] }
 ```
 
-With `rustls`, you can add the following feature flags on top of other feature flags to enable additional features:
+With `rustls`, you must choose between `native-certs` and `webpki-roots` variants of the tls features.
+The first ones rely on native root certificates (the one provided by your OS) while `webpki-roots` features use `webpki-roots` (Mozilla's root certificates) instead.
+
+With `rustls`, you can add the following feature flag on top of other feature flags to enable additional features:
 
 -   `tls-rustls-insecure`: Allow insecure TLS connections
--   `tls-rustls-webpki-roots`: Use `webpki-roots` (Mozilla's root certificates) instead of native root certificates
 
 then you should be able to connect to a redis instance using the `rediss://` URL scheme:
 

redis/Cargo.toml

@@ -98,16 +98,6 @@ geospatial = []
 json = ["serde", "serde/derive", "serde_json"]
 cluster = ["crc16", "rand"]
 script = ["sha1_smol"]
-tls-native-tls = ["native-tls"]
-tls-rustls = ["rustls", "rustls-native-certs", "rustls-pemfile", "rustls-pki-types"]
-tls-rustls-insecure = ["tls-rustls"]
-tls-rustls-webpki-roots = ["tls-rustls", "webpki-roots"]
-async-std-comp = ["aio", "async-std"]
-async-std-native-tls-comp = ["async-std-comp", "async-native-tls", "tls-native-tls"]
-async-std-rustls-comp = ["async-std-comp", "futures-rustls", "tls-rustls"]
-tokio-comp = ["aio", "tokio/net"]
-tokio-native-tls-comp = ["tokio-comp", "tls-native-tls", "tokio-native-tls"]
-tokio-rustls-comp = ["tokio-comp", "tls-rustls", "tokio-rustls"]
 connection-manager = ["futures", "aio", "tokio-retry"]
 streams = []
 cluster-async = ["cluster", "futures", "futures-util", "log"]
@@ -120,9 +110,39 @@ num-bigint = []
 uuid = ["dep:uuid"]
 disable-client-setinfo = []
 
+# tls related features
+# At most one should be needed
+tls-native-tls = ["native-tls"]
+tls-rustls-native-certs = ["tls-rustls-core", "rustls-native-certs"]
+tls-rustls-webpki-roots = ["tls-rustls-core", "webpki-roots"]
+
+# async-std related features
+# At most one should be needed
+async-std-comp = ["aio", "async-std"]
+async-std-native-tls-comp = ["async-std-comp", "async-native-tls", "tls-native-tls"]
+async-std-rustls-native-certs-comp = ["async-std-rustls-core", "tls-rustls-native-certs"]
+async-std-rustls-webpki-roots-comp = ["async-std-rustls-core", "tls-rustls-webpki-roots"]
+
+# tokio related features
+# At most one should be needed
+tokio-comp = ["aio", "tokio/net"]
+tokio-native-tls-comp = ["tokio-comp", "tls-native-tls", "tokio-native-tls"]
+tokio-rustls-native-certs-comp = ["tokio-rustls-core", "tls-rustls-native-certs"]
+tokio-rustls-webpki-roots-comp = ["tokio-rustls-core", "tls-rustls-webpki-roots"]
+
+# Can be combined with any other feature that enables rustls
+tls-rustls-insecure = ["tls-rustls-core"]
+# mostly meant for internal use
+tls-rustls-core = ["rustls", "rustls-pemfile", "rustls-pki-types"]
+async-std-rustls-core = ["tls-rustls-core", "async-std-comp", "futures-rustls"]
+tokio-rustls-core = ["tls-rustls-core", "tokio-comp", "tokio-rustls"]
+
 # Deprecated features
 tls = ["tls-native-tls"] # use "tls-native-tls" instead
 async-std-tls-comp = ["async-std-native-tls-comp"] # use "async-std-native-tls-comp" instead
+tls-rustls = ["tls-rustls-native-certs"] # use "tls-rustls-native-certs" instead
+async-std-rustls-comp = ["async-std-rustls-native-certs-comp"] # use "async-std-rustls-native-certs-comp" instead
+tokio-rustls-comp = ["tokio-rustls-native-certs-comp"] # use "tokio-rustls-native-certs-comp" instead
 
 [dev-dependencies]
 rand = "0.8"

redis/src/aio/async_std.rs

@@ -1,6 +1,6 @@
 #[cfg(unix)]
 use std::path::Path;
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use std::sync::Arc;
 use std::{
     future::Future,
@@ -13,12 +13,12 @@ use std::{
 use crate::aio::{AsyncStream, RedisRuntime};
 use crate::types::RedisResult;
 
-#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
 use async_native_tls::{TlsConnector, TlsStream};
 
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::connection::create_rustls_config;
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use futures_rustls::{client::TlsStream, TlsConnector};
 
 use async_std::net::TcpStream;
@@ -49,10 +49,10 @@ async fn connect_tcp(addr: &SocketAddr) -> io::Result<TcpStream> {
         Ok(socket)
     }
 }
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::tls::TlsConnParams;
 
-#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
 use crate::connection::TlsConnParams;
 
 pin_project_lite::pin_project! {
@@ -120,7 +120,7 @@ pub enum AsyncStd {
     /// Represents an Async_std TLS encrypted TCP connection.
     #[cfg(any(
         feature = "async-std-native-tls-comp",
-        feature = "async-std-rustls-comp"
+        feature = "async-std-rustls-core"
     ))]
     TcpTls(AsyncStdWrapped<Box<TlsStream<TcpStream>>>),
     /// Represents an Async_std Unix connection.
@@ -138,7 +138,7 @@ impl AsyncWrite for AsyncStd {
             AsyncStd::Tcp(r) => Pin::new(r).poll_write(cx, buf),
             #[cfg(any(
                 feature = "async-std-native-tls-comp",
-                feature = "async-std-rustls-comp"
+                feature = "async-std-rustls-core"
             ))]
             AsyncStd::TcpTls(r) => Pin::new(r).poll_write(cx, buf),
             #[cfg(unix)]
@@ -151,7 +151,7 @@ impl AsyncWrite for AsyncStd {
             AsyncStd::Tcp(r) => Pin::new(r).poll_flush(cx),
             #[cfg(any(
                 feature = "async-std-native-tls-comp",
-                feature = "async-std-rustls-comp"
+                feature = "async-std-rustls-core"
             ))]
             AsyncStd::TcpTls(r) => Pin::new(r).poll_flush(cx),
             #[cfg(unix)]
@@ -164,7 +164,7 @@ impl AsyncWrite for AsyncStd {
             AsyncStd::Tcp(r) => Pin::new(r).poll_shutdown(cx),
             #[cfg(any(
                 feature = "async-std-native-tls-comp",
-                feature = "async-std-rustls-comp"
+                feature = "async-std-rustls-core"
             ))]
             AsyncStd::TcpTls(r) => Pin::new(r).poll_shutdown(cx),
             #[cfg(unix)]
@@ -183,7 +183,7 @@ impl AsyncRead for AsyncStd {
             AsyncStd::Tcp(r) => Pin::new(r).poll_read(cx, buf),
             #[cfg(any(
                 feature = "async-std-native-tls-comp",
-                feature = "async-std-rustls-comp"
+                feature = "async-std-rustls-core"
             ))]
             AsyncStd::TcpTls(r) => Pin::new(r).poll_read(cx, buf),
             #[cfg(unix)]
@@ -200,7 +200,7 @@ impl RedisRuntime for AsyncStd {
             .map(|con| Self::Tcp(AsyncStdWrapped::new(con)))?)
     }
 
-    #[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+    #[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
     async fn connect_tcp_tls(
         hostname: &str,
         socket_addr: SocketAddr,
@@ -222,7 +222,7 @@ impl RedisRuntime for AsyncStd {
             .map(|con| Self::TcpTls(AsyncStdWrapped::new(Box::new(con))))?)
     }
 
-    #[cfg(feature = "tls-rustls")]
+    #[cfg(feature = "tls-rustls-core")]
     async fn connect_tcp_tls(
         hostname: &str,
         socket_addr: SocketAddr,
@@ -259,7 +259,7 @@ impl RedisRuntime for AsyncStd {
             AsyncStd::Tcp(x) => Box::pin(x),
             #[cfg(any(
                 feature = "async-std-native-tls-comp",
-                feature = "async-std-rustls-comp"
+                feature = "async-std-rustls-core"
             ))]
             AsyncStd::TcpTls(x) => Box::pin(x),
             #[cfg(unix)]

redis/src/aio/connection.rs

@@ -449,7 +449,7 @@ pub(crate) async fn connect_simple<T: RedisRuntime>(
             select_ok(socket_addrs.map(<T>::connect_tcp)).await?.0
         }
 
-        #[cfg(any(feature = "tls-native-tls", feature = "tls-rustls"))]
+        #[cfg(any(feature = "tls-native-tls", feature = "tls-rustls-core"))]
         ConnectionAddr::TcpTls {
             ref host,
             port,
@@ -466,7 +466,7 @@ pub(crate) async fn connect_simple<T: RedisRuntime>(
             .0
         }
 
-        #[cfg(not(any(feature = "tls-native-tls", feature = "tls-rustls")))]
+        #[cfg(not(any(feature = "tls-native-tls", feature = "tls-rustls-core")))]
         ConnectionAddr::TcpTls { .. } => {
             fail!((
                 ErrorKind::InvalidClientConfig,

redis/src/aio/mod.rs

@@ -16,10 +16,10 @@ use std::pin::Pin;
 #[cfg_attr(docsrs, doc(cfg(feature = "async-std-comp")))]
 pub mod async_std;
 
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::tls::TlsConnParams;
 
-#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
 use crate::connection::TlsConnParams;
 
 /// Enables the tokio compatibility
@@ -34,7 +34,7 @@ pub(crate) trait RedisRuntime: AsyncStream + Send + Sync + Sized + 'static {
     async fn connect_tcp(socket_addr: SocketAddr) -> RedisResult<Self>;
 
     // Performs a TCP TLS connection
-    #[cfg(any(feature = "tls-native-tls", feature = "tls-rustls"))]
+    #[cfg(any(feature = "tls-native-tls", feature = "tls-rustls-core"))]
     async fn connect_tcp_tls(
         hostname: &str,
         socket_addr: SocketAddr,

redis/src/aio/tokio.rs

@@ -13,23 +13,23 @@ use tokio::{
     net::TcpStream as TcpStreamTokio,
 };
 
-#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+#[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
 use native_tls::TlsConnector;
 
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::connection::create_rustls_config;
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use std::sync::Arc;
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use tokio_rustls::{client::TlsStream, TlsConnector};
 
-#[cfg(all(feature = "tokio-native-tls-comp", not(feature = "tokio-rustls-comp")))]
+#[cfg(all(feature = "tokio-native-tls-comp", not(feature = "tokio-rustls-core")))]
 use tokio_native_tls::TlsStream;
 
-#[cfg(feature = "tokio-rustls-comp")]
+#[cfg(feature = "tokio-rustls-core")]
 use crate::tls::TlsConnParams;
 
-#[cfg(all(feature = "tokio-native-tls-comp", not(feature = "tls-rustls")))]
+#[cfg(all(feature = "tokio-native-tls-comp", not(feature = "tls-rustls-core")))]
 use crate::connection::TlsConnParams;
 
 #[cfg(unix)]
@@ -61,7 +61,7 @@ pub(crate) enum Tokio {
     /// Represents a Tokio TCP connection.
     Tcp(TcpStreamTokio),
     /// Represents a Tokio TLS encrypted TCP connection
-    #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+    #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
     TcpTls(Box<TlsStream<TcpStreamTokio>>),
     /// Represents a Tokio Unix connection.
     #[cfg(unix)]
@@ -76,7 +76,7 @@ impl AsyncWrite for Tokio {
     ) -> Poll<io::Result<usize>> {
         match &mut *self {
             Tokio::Tcp(r) => Pin::new(r).poll_write(cx, buf),
-            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
             Tokio::TcpTls(r) => Pin::new(r).poll_write(cx, buf),
             #[cfg(unix)]
             Tokio::Unix(r) => Pin::new(r).poll_write(cx, buf),
@@ -86,7 +86,7 @@ impl AsyncWrite for Tokio {
     fn poll_flush(mut self: Pin<&mut Self>, cx: &mut task::Context) -> Poll<io::Result<()>> {
         match &mut *self {
             Tokio::Tcp(r) => Pin::new(r).poll_flush(cx),
-            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
             Tokio::TcpTls(r) => Pin::new(r).poll_flush(cx),
             #[cfg(unix)]
             Tokio::Unix(r) => Pin::new(r).poll_flush(cx),
@@ -96,7 +96,7 @@ impl AsyncWrite for Tokio {
     fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut task::Context) -> Poll<io::Result<()>> {
         match &mut *self {
             Tokio::Tcp(r) => Pin::new(r).poll_shutdown(cx),
-            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
             Tokio::TcpTls(r) => Pin::new(r).poll_shutdown(cx),
             #[cfg(unix)]
             Tokio::Unix(r) => Pin::new(r).poll_shutdown(cx),
@@ -112,7 +112,7 @@ impl AsyncRead for Tokio {
     ) -> Poll<io::Result<()>> {
         match &mut *self {
             Tokio::Tcp(r) => Pin::new(r).poll_read(cx, buf),
-            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
             Tokio::TcpTls(r) => Pin::new(r).poll_read(cx, buf),
             #[cfg(unix)]
             Tokio::Unix(r) => Pin::new(r).poll_read(cx, buf),
@@ -126,7 +126,7 @@ impl RedisRuntime for Tokio {
         Ok(connect_tcp(&socket_addr).await.map(Tokio::Tcp)?)
     }
 
-    #[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls")))]
+    #[cfg(all(feature = "tls-native-tls", not(feature = "tls-rustls-core")))]
     async fn connect_tcp_tls(
         hostname: &str,
         socket_addr: SocketAddr,
@@ -149,7 +149,7 @@ impl RedisRuntime for Tokio {
             .map(|con| Tokio::TcpTls(Box::new(con)))?)
     }
 
-    #[cfg(feature = "tls-rustls")]
+    #[cfg(feature = "tls-rustls-core")]
     async fn connect_tcp_tls(
         hostname: &str,
         socket_addr: SocketAddr,
@@ -186,7 +186,7 @@ impl RedisRuntime for Tokio {
     fn boxed(self) -> Pin<Box<dyn AsyncStream + Send + Sync>> {
         match self {
             Tokio::Tcp(x) => Box::pin(x),
-            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-comp"))]
+            #[cfg(any(feature = "tokio-native-tls-comp", feature = "tokio-rustls-core"))]
             Tokio::TcpTls(x) => Box::pin(x),
             #[cfg(unix)]
             Tokio::Unix(x) => Box::pin(x),

redis/src/client.rs

@@ -7,7 +7,7 @@ use crate::{
 #[cfg(feature = "aio")]
 use std::pin::Pin;
 
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::tls::{inner_build_with_tls, TlsCertificates};
 
 /// The client type.
@@ -667,7 +667,7 @@ impl Client {
     ///     Ok(())
     /// }
     /// ```
-    #[cfg(feature = "tls-rustls")]
+    #[cfg(feature = "tls-rustls-core")]
     pub fn build_with_tls<C: IntoConnectionInfo>(
         conn_info: C,
         tls_certs: TlsCertificates,

redis/src/cluster.rs

@@ -62,10 +62,10 @@ use rand::{seq::IteratorRandom, thread_rng, Rng};
 pub use crate::cluster_client::{ClusterClient, ClusterClientBuilder};
 pub use crate::cluster_pipeline::{cluster_pipe, ClusterPipeline};
 
-#[cfg(feature = "tls-rustls")]
+#[cfg(feature = "tls-rustls-core")]
 use crate::tls::TlsConnParams;
 
-#[cfg(not(feature = "tls-rustls"))]
+#[cfg(not(feature = "tls-rustls-core"))]
 use crate::connection::TlsConnParams;
 
 #[derive(Clone)]