Switch webhook support from openssl to rustls

Cargo.lock

@@ -190,14 +190,14 @@ dependencies = [
  "futures-core",
  "http",
  "impl-more",
- "openssl",
  "pin-project-lite",
  "rustls 0.21.10",
  "rustls-webpki",
  "tokio",
- "tokio-openssl",
+ "tokio-rustls",
  "tokio-util",
  "tracing",
+ "webpki-roots",
 ]
 
 [[package]]
@@ -464,10 +464,10 @@ dependencies = [
  "itoa",
  "log",
  "mime",
- "openssl",
  "percent-encoding",
  "pin-project-lite",
  "rand",
+ "rustls 0.20.8",
  "serde",
  "serde_json",
  "serde_urlencoded",
@@ -908,9 +908,9 @@ checksum = "850878694b7933ca4c9569d30a34b55031b9b139ee1fc7b94a527c4ef960d690"
 
 [[package]]
 name = "digest"
-version = "0.10.6"
+version = "0.10.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
 dependencies = [
  "block-buffer",
  "crypto-common",
@@ -1024,21 +1024,6 @@ version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
-[[package]]
-name = "foreign-types"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
-dependencies = [
- "foreign-types-shared",
-]
-
-[[package]]
-name = "foreign-types-shared"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
-
 [[package]]
 name = "form_urlencoded"
 version = "1.1.0"
@@ -1458,6 +1443,7 @@ dependencies = [
  "actix-files",
  "actix-multipart",
  "actix-session",
+ "actix-tls",
  "actix-web",
  "awc",
  "better_toml_datetime",
@@ -1473,7 +1459,6 @@ dependencies = [
  "log",
  "mime_guess",
  "multipart_helper",
- "openssl",
  "pretty_env_logger",
  "rand",
  "serde",
@@ -1806,50 +1791,12 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
 
-[[package]]
-name = "openssl"
-version = "0.10.62"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8cde4d2d9200ad5909f8dac647e29482e07c3a35de8a13fce7c9c7747ad9f671"
-dependencies = [
- "bitflags 2.4.1",
- "cfg-if",
- "foreign-types",
- "libc",
- "once_cell",
- "openssl-macros",
- "openssl-sys",
-]
-
-[[package]]
-name = "openssl-macros"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.42",
-]
-
 [[package]]
 name = "openssl-probe"
 version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
 
-[[package]]
-name = "openssl-sys"
-version = "0.9.98"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1665caf8ab2dc9aef43d1c0023bd904633a6a05cb30b0ad59bec2ae986e57a7"
-dependencies = [
- "cc",
- "libc",
- "pkg-config",
- "vcpkg",
-]
-
 [[package]]
 name = "os_str_bytes"
 version = "6.4.1"
@@ -2526,9 +2473,9 @@ dependencies = [
 
 [[package]]
 name = "subtle"
-version = "2.4.1"
+version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
+checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
 
 [[package]]
 name = "syn"
@@ -2679,18 +2626,6 @@ dependencies = [
  "syn 1.0.107",
 ]
 
-[[package]]
-name = "tokio-openssl"
-version = "0.6.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ffab79df67727f6acf57f1ff743091873c24c579b1e2ce4d8f53e47ded4d63d"
-dependencies = [
- "futures-util",
- "openssl",
- "openssl-sys",
- "tokio",
-]
-
 [[package]]
 name = "tokio-rustls"
 version = "0.23.4"
@@ -2853,9 +2788,9 @@ checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c"
 
 [[package]]
 name = "universal-hash"
-version = "0.5.0"
+version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5"
+checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea"
 dependencies = [
  "crypto-common",
  "subtle",
@@ -2988,6 +2923,15 @@ dependencies = [
  "untrusted 0.7.1",
 ]
 
+[[package]]
+name = "webpki-roots"
+version = "0.22.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6c71e40d7d2c34a5106301fb632274ca37242cd0c9d3e64dbece371a40a2d87"
+dependencies = [
+ "webpki",
+]
+
 [[package]]
 name = "winapi"
 version = "0.3.9"

Cargo.toml

@@ -15,8 +15,9 @@ readme = "README.md"
 actix-files = "0.6.2"
 actix-web = "4.3.0"
 actix-session = { version = "0.7.2", features = ["cookie-session"] }
+actix-tls = "3.1.1"
 actix-multipart = "0.5.0"
-awc ={ version = "3.2.0", features = ["openssl"] }
+awc ={ version = "3.2.0", features = ["rustls"] }
 better_toml_datetime = { path = "packages/better_toml_datetime" }
 cargo-bundle-licenses = { version = "1.0.1", default-features = false }
 chrono = { version = "0.4.23", default-features = false, features = ["std","clock"] }
@@ -33,7 +34,6 @@ listenfd = "1.0.0"
 log = "0.4.17"
 mime_guess = "2.0.4"
 multipart_helper = {path = "packages/multipart_helper"}
-openssl = "0.10.62"
 pretty_env_logger = "0.4.0"
 rand = "0.8.5"
 serde = { version = "1.0.152", features = ["derive"] } # https://doc.rust-lang.org/cargo/reference/manifest.html

packages/jobboerse/Cargo.toml

@@ -22,6 +22,7 @@ dev_mode = []
 actix-files = { workspace = true }
 actix-web = { workspace = true }
 actix-session = { workspace = true, features = ["cookie-session"] }
+actix-tls = { workspace = true }
 actix-multipart = { workspace = true }
 awc = { workspace = true }
 better_toml_datetime = { workspace = true }
@@ -39,7 +40,6 @@ ldap3 = { workspace = true, default-features = false, features = ["tls-rustls"]
 log = { workspace = true }
 mime_guess = { workspace = true }
 multipart_helper = { workspace = true }
-openssl = { workspace = true }
 pretty_env_logger = { workspace = true }
 rand = { workspace = true }
 serde = { workspace = true, features = ["derive"] } # https://doc.rust-lang.org/cargo/reference/manifest.html

packages/jobboerse/src/webhook.rs

@@ -1,7 +1,9 @@
+use std::sync::Arc;
+
+use actix_tls::connect::rustls_0_20::reexports::ClientConfig;
 use awc::{Client, Connector};
 use handlebars::{Handlebars, RenderError};
 use log::debug;
-use openssl::ssl::{SslConnector, SslMethod};
 use serde_json::json;
 use url::Url;
 
@@ -30,8 +32,12 @@ pub(crate) async fn send_new_offer_message(
     });
 
     debug!("Sending webhook request to {}", webhook_url);
-    let ssl_connector_builder = SslConnector::builder(SslMethod::tls()).unwrap();
+    let tls_config = ClientConfig::builder()
-    let connector = Connector::new().openssl(ssl_connector_builder.build());
+        .with_safe_defaults()
+        .with_root_certificates(actix_tls::connect::rustls::webpki_roots_cert_store())
+        .with_no_client_auth();
+    let arc = Arc::new(tls_config);
+    let connector = Connector::new().rustls(arc);
     let client = Client::builder().connector(connector).finish();
     let request_result = client.post(webhook_url).send_json(&msg).await;
     let success = match request_result {