diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index bad3100334db..fe6c8ec12c0b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -425,6 +425,13 @@ jobs: -p wasmtime-wasi --no-default-features --features p2 -p wasmtime-wasi --no-default-features --features p3 + - name: wasmtime-wasi-tls + checks: | + -p wasmtime-wasi-tls --no-default-features + -p wasmtime-wasi-tls --no-default-features --features rustls + -p wasmtime-wasi-tls --no-default-features --features nativetls + -p wasmtime-wasi-tls --no-default-features --features openssl + - name: wasmtime-wizer checks: | -p wasmtime-wizer --no-default-features @@ -942,9 +949,9 @@ jobs: # Run the tests! - run: cargo test -p wasmtime-wasi-nn --features ${{ matrix.feature }} - # Test `wasmtime-wasi-tls-nativetls` & `wasmtime-wasi-tls-openssl` in their - # own job. This is because they depends on OpenSSL, which is not easily - # available on all platforms. + # Test `wasmtime-wasi-tls` in its own job, as not all of its providers are + # compatible with all targets. The primary culprit is the OpenSSL dependency, + # which is not easily available on all platforms. # # The Windows base image has OpenSSL installed by default, but not in a way # that is automatically discoverable by `openssl-sys`. We need to configure @@ -952,7 +959,7 @@ jobs: # Additionally, the GH actions Windows image does not ship with a CA cert # bundle, so we use the one from cUrl. test_wasi_tls: - name: Test wasi-tls using native-tls & openssl providers + name: Test wasi-tls needs: determine if: needs.determine.outputs.run-full runs-on: ${{ matrix.os }} @@ -976,8 +983,7 @@ jobs: "SSL_CERT_FILE=$sslCertFile" | Out-File -FilePath $env:GITHUB_ENV -Append "OPENSSL_DIR=$opensslDir" | Out-File -FilePath $env:GITHUB_ENV -Append "OPENSSL_LIB_DIR=$opensslLibDir" | Out-File -FilePath $env:GITHUB_ENV -Append - - run: cargo test -p wasmtime-wasi-tls-openssl - - run: cargo test -p wasmtime-wasi-tls-nativetls + - run: cargo test -p wasmtime-wasi-tls --all-features # Test the `wasmtime-fuzzing` crate. Split out from the main tests because # `--all-features` brings in OCaml, which is a pain to get setup for all diff --git a/Cargo.lock b/Cargo.lock index 34b71018778c..dd03e869bd1e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5192,42 +5192,19 @@ name = "wasmtime-wasi-tls" version = "44.0.0" dependencies = [ "bytes", - "futures", - "rustls", - "test-programs-artifacts", - "tokio", - "tokio-rustls", - "wasmtime", - "wasmtime-wasi", - "webpki-roots", -] - -[[package]] -name = "wasmtime-wasi-tls-nativetls" -version = "44.0.0" -dependencies = [ + "cfg-if", "futures", "native-tls", - "test-programs-artifacts", - "tokio", - "tokio-native-tls", - "wasmtime", - "wasmtime-wasi", - "wasmtime-wasi-tls", -] - -[[package]] -name = "wasmtime-wasi-tls-openssl" -version = "44.0.0" -dependencies = [ - "futures", "openssl", + "rustls", "test-programs-artifacts", "tokio", + "tokio-native-tls", "tokio-openssl", + "tokio-rustls", "wasmtime", "wasmtime-wasi", - "wasmtime-wasi-tls", + "webpki-roots", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 8a68c79afcc0..233b507dc568 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -165,8 +165,6 @@ members = [ "crates/test-programs", "crates/wasi-preview1-component-adapter", "crates/wasi-preview1-component-adapter/verify", - "crates/wasi-tls-nativetls", - "crates/wasi-tls-openssl", "crates/debugger", "crates/wizer/fuzz", "crates/wizer/tests/regex-test", @@ -253,8 +251,6 @@ wasmtime-wasi-config = { path = "crates/wasi-config", version = "44.0.0" } wasmtime-wasi-keyvalue = { path = "crates/wasi-keyvalue", version = "44.0.0" } wasmtime-wasi-threads = { path = "crates/wasi-threads", version = "44.0.0" } wasmtime-wasi-tls = { path = "crates/wasi-tls", version = "44.0.0" } -wasmtime-wasi-tls-nativetls = { path = "crates/wasi-tls-nativetls", version = "44.0.0" } -wasmtime-wasi-tls-openssl = { path = "crates/wasi-tls-openssl", version = "44.0.0" } wasmtime-wast = { path = "crates/wast", version = "=44.0.0" } # Internal Wasmtime-specific crates. diff --git a/ci/run-tests.py b/ci/run-tests.py index 8e08a7b87d19..f273eb40f82f 100755 --- a/ci/run-tests.py +++ b/ci/run-tests.py @@ -7,10 +7,7 @@ # - wasmtime-wasi-nn: mutually-exclusive features that aren't available for all # targets, needs its own CI job. # -# - wasmtime-wasi-tls-nativetls: the openssl dependency does not play nice with -# cross compilation. This crate is tested in a separate CI job. -# -# - wasmtime-wasi-tls-openssl: the openssl dependency does not play nice with +# - wasmtime-wasi-tls: the openssl dependency does not play nice with # cross compilation. This crate is tested in a separate CI job. # # - wasmtime-fuzzing: enabling all features brings in OCaml which is a pain to @@ -29,8 +26,7 @@ args = ['cargo', 'test', '--workspace', '--all-features'] args.append('--exclude=test-programs') args.append('--exclude=wasmtime-wasi-nn') -args.append('--exclude=wasmtime-wasi-tls-nativetls') -args.append('--exclude=wasmtime-wasi-tls-openssl') +args.append('--exclude=wasmtime-wasi-tls') args.append('--exclude=wasmtime-fuzzing') args.append('--exclude=wasm-spec-interpreter') args.append('--exclude=veri_engine') diff --git a/crates/wasi-tls-nativetls/Cargo.toml b/crates/wasi-tls-nativetls/Cargo.toml deleted file mode 100644 index dd7bf05e09c2..000000000000 --- a/crates/wasi-tls-nativetls/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "wasmtime-wasi-tls-nativetls" -version.workspace = true -authors.workspace = true -edition.workspace = true -rust-version.workspace = true -repository = "https://github.com/bytecodealliance/wasmtime" -license = "Apache-2.0 WITH LLVM-exception" -description = "Wasmtime implementation of the wasi-tls API, using native-tls for TLS support." - -[lints] -workspace = true - -[dependencies] -wasmtime-wasi-tls = { workspace = true } -tokio = { workspace = true } -tokio-native-tls = { workspace = true } -native-tls = { workspace = true } - -[dev-dependencies] -test-programs-artifacts = { workspace = true } -wasmtime = { workspace = true, features = ["runtime", "component-model"] } -wasmtime-wasi = { workspace = true } -tokio = { workspace = true, features = ["macros"] } -futures = { workspace = true } diff --git a/crates/wasi-tls-nativetls/tests/main.rs b/crates/wasi-tls-nativetls/tests/main.rs deleted file mode 100644 index 0aa344a815ec..000000000000 --- a/crates/wasi-tls-nativetls/tests/main.rs +++ /dev/null @@ -1,68 +0,0 @@ -use wasmtime::{ - Result, Store, - component::{Component, Linker, ResourceTable}, - format_err, -}; -use wasmtime_wasi::{WasiCtx, WasiCtxView, WasiView, p2::bindings::Command}; -use wasmtime_wasi_tls::{LinkOptions, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder}; - -struct Ctx { - table: ResourceTable, - wasi_ctx: WasiCtx, - wasi_tls_ctx: WasiTlsCtx, -} - -impl WasiView for Ctx { - fn ctx(&mut self) -> WasiCtxView<'_> { - WasiCtxView { - ctx: &mut self.wasi_ctx, - table: &mut self.table, - } - } -} - -async fn run_test(path: &str) -> Result<()> { - let provider = Box::new(wasmtime_wasi_tls_nativetls::NativeTlsProvider::default()); - let ctx = Ctx { - table: ResourceTable::new(), - wasi_ctx: WasiCtx::builder() - .inherit_stderr() - .inherit_network() - .allow_ip_name_lookup(true) - .build(), - wasi_tls_ctx: WasiTlsCtxBuilder::new().provider(provider).build(), - }; - - let engine = test_programs_artifacts::engine(|_config| {}); - let mut store = Store::new(&engine, ctx); - let component = Component::from_file(&engine, path)?; - - let mut linker = Linker::new(&engine); - wasmtime_wasi::p2::add_to_linker_async(&mut linker)?; - let mut opts = LinkOptions::default(); - opts.tls(true); - wasmtime_wasi_tls::add_to_linker(&mut linker, &mut opts, |h: &mut Ctx| { - WasiTls::new(&h.wasi_tls_ctx, &mut h.table) - })?; - - let command = Command::instantiate_async(&mut store, &component, &linker).await?; - command - .wasi_cli_run() - .call_run(&mut store) - .await? - .map_err(|()| format_err!("command returned with failing exit status")) -} - -macro_rules! assert_test_exists { - ($name:ident) => { - #[expect(unused_imports, reason = "just here to assert it exists")] - use self::$name as _; - }; -} - -test_programs_artifacts::foreach_tls!(assert_test_exists); - -#[tokio::test(flavor = "multi_thread")] -async fn tls_sample_application() -> Result<()> { - run_test(test_programs_artifacts::TLS_SAMPLE_APPLICATION_COMPONENT).await -} diff --git a/crates/wasi-tls-openssl/Cargo.toml b/crates/wasi-tls-openssl/Cargo.toml deleted file mode 100644 index ec7f02552bdc..000000000000 --- a/crates/wasi-tls-openssl/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "wasmtime-wasi-tls-openssl" -version.workspace = true -authors.workspace = true -edition.workspace = true -rust-version.workspace = true -repository = "https://github.com/bytecodealliance/wasmtime" -license = "Apache-2.0 WITH LLVM-exception" -description = "Wasmtime implementation of the wasi-tls API, using OpenSSL for TLS support." - -[lints] -workspace = true - -[dependencies] -wasmtime-wasi-tls = { workspace = true } -tokio = { workspace = true } -tokio-openssl = { workspace = true } -openssl = { workspace = true } - -[dev-dependencies] -test-programs-artifacts = { workspace = true } -wasmtime = { workspace = true, features = ["runtime", "component-model"] } -wasmtime-wasi = { workspace = true } -tokio = { workspace = true, features = ["macros"] } -futures = { workspace = true } diff --git a/crates/wasi-tls-openssl/tests/main.rs b/crates/wasi-tls-openssl/tests/main.rs deleted file mode 100644 index d09c0939aacb..000000000000 --- a/crates/wasi-tls-openssl/tests/main.rs +++ /dev/null @@ -1,68 +0,0 @@ -use wasmtime::{ - Result, Store, - component::{Component, Linker, ResourceTable}, - format_err, -}; -use wasmtime_wasi::{WasiCtx, WasiCtxView, WasiView, p2::bindings::Command}; -use wasmtime_wasi_tls::{LinkOptions, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder}; - -struct Ctx { - table: ResourceTable, - wasi_ctx: WasiCtx, - wasi_tls_ctx: WasiTlsCtx, -} - -impl WasiView for Ctx { - fn ctx(&mut self) -> WasiCtxView<'_> { - WasiCtxView { - ctx: &mut self.wasi_ctx, - table: &mut self.table, - } - } -} - -async fn run_test(path: &str) -> Result<()> { - let provider = Box::new(wasmtime_wasi_tls_openssl::OpenSslProvider::default()); - let ctx = Ctx { - table: ResourceTable::new(), - wasi_ctx: WasiCtx::builder() - .inherit_stderr() - .inherit_network() - .allow_ip_name_lookup(true) - .build(), - wasi_tls_ctx: WasiTlsCtxBuilder::new().provider(provider).build(), - }; - - let engine = test_programs_artifacts::engine(|_config| {}); - let mut store = Store::new(&engine, ctx); - let component = Component::from_file(&engine, path)?; - - let mut linker = Linker::new(&engine); - wasmtime_wasi::p2::add_to_linker_async(&mut linker)?; - let mut opts = LinkOptions::default(); - opts.tls(true); - wasmtime_wasi_tls::add_to_linker(&mut linker, &mut opts, |h: &mut Ctx| { - WasiTls::new(&h.wasi_tls_ctx, &mut h.table) - })?; - - let command = Command::instantiate_async(&mut store, &component, &linker).await?; - command - .wasi_cli_run() - .call_run(&mut store) - .await? - .map_err(|()| format_err!("command returned with failing exit status")) -} - -macro_rules! assert_test_exists { - ($name:ident) => { - #[expect(unused_imports, reason = "just here to assert it exists")] - use self::$name as _; - }; -} - -test_programs_artifacts::foreach_tls!(assert_test_exists); - -#[tokio::test(flavor = "multi_thread")] -async fn tls_sample_application() -> Result<()> { - run_test(test_programs_artifacts::TLS_SAMPLE_APPLICATION_COMPONENT).await -} diff --git a/crates/wasi-tls/Cargo.toml b/crates/wasi-tls/Cargo.toml index a94af76ca3c5..bacec6072d58 100644 --- a/crates/wasi-tls/Cargo.toml +++ b/crates/wasi-tls/Cargo.toml @@ -11,6 +11,12 @@ description = "Wasmtime implementation of the wasi-tls API" [lints] workspace = true +[features] +default = ["rustls"] +rustls = ["dep:rustls", "dep:tokio-rustls", "dep:webpki-roots"] +nativetls = ["dep:native-tls", "dep:tokio-native-tls"] +openssl = ["dep:openssl", "dep:tokio-openssl"] + [dependencies] bytes = { workspace = true } tokio = { workspace = true, features = [ @@ -21,10 +27,14 @@ tokio = { workspace = true, features = [ ] } wasmtime = { workspace = true, features = ["runtime", "component-model"] } wasmtime-wasi = { workspace = true } - -tokio-rustls = { workspace = true } -rustls = { workspace = true } -webpki-roots = { workspace = true } +cfg-if = { workspace = true } +tokio-rustls = { workspace = true, optional = true } +rustls = { workspace = true, optional = true } +webpki-roots = { workspace = true, optional = true } +tokio-native-tls = { workspace = true, optional = true } +native-tls = { workspace = true, optional = true } +tokio-openssl = { workspace = true, optional = true } +openssl = { workspace = true, optional = true } [dev-dependencies] test-programs-artifacts = { workspace = true } diff --git a/crates/wasi-tls/src/lib.rs b/crates/wasi-tls/src/lib.rs index 0f011f0bde29..7c1222b8b631 100644 --- a/crates/wasi-tls/src/lib.rs +++ b/crates/wasi-tls/src/lib.rs @@ -37,8 +37,10 @@ //! .allow_ip_name_lookup(true) //! .build(), //! wasi_tls_ctx: WasiTlsCtxBuilder::new() -//! // Optionally, configure a different TLS provider: -//! // .provider(Box::new(wasmtime_wasi_tls_nativetls::NativeTlsProvider::default())) +//! // Optionally, configure a specific TLS provider: +//! // .provider(Box::new(wasmtime_wasi_tls::RustlsProvider::default())) +//! // .provider(Box::new(wasmtime_wasi_tls::NativeTlsProvider::default())) +//! // .provider(Box::new(wasmtime_wasi_tls::OpenSslProvider::default())) //! .build(), //! }; //! @@ -74,11 +76,11 @@ use wasmtime::component::{HasData, ResourceTable}; pub mod bindings; mod host; mod io; -mod rustls; +mod providers; pub use bindings::types::LinkOptions; pub use host::{HostClientConnection, HostClientHandshake, HostFutureClientStreams}; -pub use rustls::RustlsProvider; +pub use providers::*; /// Capture the state necessary for use in the `wasi-tls` API implementation. pub struct WasiTls<'a> { @@ -121,7 +123,10 @@ impl WasiTlsCtxBuilder { /// Configure the TLS provider to use for this context. /// - /// By default, this is set to the [`RustlsProvider`]. + /// By default, this is set to the [`DefaultProvider`] which is picked at + /// compile time based on feature flags. If this crate is compiled with + /// multiple TLS providers, this method can be used to specify the provider + /// at runtime. pub fn provider(mut self, provider: Box) -> Self { self.provider = provider; self @@ -137,7 +142,7 @@ impl WasiTlsCtxBuilder { impl Default for WasiTlsCtxBuilder { fn default() -> Self { Self { - provider: Box::new(RustlsProvider::default()), + provider: Box::new(DefaultProvider::default()), } } } diff --git a/crates/wasi-tls/src/providers/mod.rs b/crates/wasi-tls/src/providers/mod.rs new file mode 100644 index 000000000000..c36450ad7d9b --- /dev/null +++ b/crates/wasi-tls/src/providers/mod.rs @@ -0,0 +1,28 @@ +//! The available TLS providers. + +mod unsupported; +pub use unsupported::*; +#[cfg(feature = "rustls")] +mod rustls; +#[cfg(feature = "rustls")] +pub use rustls::RustlsProvider; +#[cfg(feature = "openssl")] +mod openssl; +#[cfg(feature = "openssl")] +pub use openssl::OpenSslProvider; +#[cfg(feature = "nativetls")] +mod nativetls; +#[cfg(feature = "nativetls")] +pub use nativetls::NativeTlsProvider; + +cfg_if::cfg_if! { + if #[cfg(feature = "rustls")] { + pub use RustlsProvider as DefaultProvider; + } else if #[cfg(feature = "openssl")] { + pub use OpenSslProvider as DefaultProvider; + } else if #[cfg(feature = "nativetls")] { + pub use NativeTlsProvider as DefaultProvider; + } else { + pub use UnsupportedProvider as DefaultProvider; + } +} diff --git a/crates/wasi-tls-nativetls/src/lib.rs b/crates/wasi-tls/src/providers/nativetls.rs similarity index 97% rename from crates/wasi-tls-nativetls/src/lib.rs rename to crates/wasi-tls/src/providers/nativetls.rs index 488614512dcb..c548289797eb 100644 --- a/crates/wasi-tls-nativetls/src/lib.rs +++ b/crates/wasi-tls/src/providers/nativetls.rs @@ -2,7 +2,7 @@ use std::{io, pin::pin}; -use wasmtime_wasi_tls::{TlsProvider, TlsStream, TlsTransport}; +use crate::{TlsProvider, TlsStream, TlsTransport}; type BoxFuture = std::pin::Pin + Send>>; diff --git a/crates/wasi-tls-openssl/src/lib.rs b/crates/wasi-tls/src/providers/openssl.rs similarity index 97% rename from crates/wasi-tls-openssl/src/lib.rs rename to crates/wasi-tls/src/providers/openssl.rs index 554dfdc010a8..5175c7fa88cf 100644 --- a/crates/wasi-tls-openssl/src/lib.rs +++ b/crates/wasi-tls/src/providers/openssl.rs @@ -1,11 +1,11 @@ //! The `openssl` provider. +use crate::{TlsProvider, TlsStream, TlsTransport}; use openssl::ssl::{SslConnector, SslMethod}; use std::{ io, pin::{Pin, pin}, }; -use wasmtime_wasi_tls::{TlsProvider, TlsStream, TlsTransport}; type BoxFuture = std::pin::Pin + Send>>; diff --git a/crates/wasi-tls/src/rustls.rs b/crates/wasi-tls/src/providers/rustls.rs similarity index 100% rename from crates/wasi-tls/src/rustls.rs rename to crates/wasi-tls/src/providers/rustls.rs diff --git a/crates/wasi-tls/src/providers/unsupported.rs b/crates/wasi-tls/src/providers/unsupported.rs new file mode 100644 index 000000000000..b6a502688a59 --- /dev/null +++ b/crates/wasi-tls/src/providers/unsupported.rs @@ -0,0 +1,26 @@ +//! The `unsupported` provider. + +use crate::{BoxFuture, TlsProvider, TlsStream, TlsTransport}; +use std::io; + +/// A pseudo TLS provider that returns an error for all operations. This is the +/// default provider when no real TLS providers were enabled at compile time. +#[derive(Default)] +pub struct UnsupportedProvider { + _priv: (), +} + +impl TlsProvider for UnsupportedProvider { + fn connect( + &self, + _server_name: String, + _transport: Box, + ) -> BoxFuture>> { + Box::pin(async move { + Err(io::Error::new( + io::ErrorKind::Unsupported, + "no TLS provider enabled; recompile with a TLS provider feature", + )) + }) + } +} diff --git a/crates/wasi-tls/tests/main.rs b/crates/wasi-tls/tests/main.rs index 86ddee7f888f..70f5b11c0107 100644 --- a/crates/wasi-tls/tests/main.rs +++ b/crates/wasi-tls/tests/main.rs @@ -1,10 +1,12 @@ +#![cfg(any(feature = "rustls", feature = "openssl", feature = "nativetls"))] + use wasmtime::{ Result, Store, component::{Component, Linker, ResourceTable}, format_err, }; use wasmtime_wasi::{WasiCtx, WasiCtxView, WasiView, p2::bindings::Command}; -use wasmtime_wasi_tls::{LinkOptions, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder}; +use wasmtime_wasi_tls::{LinkOptions, TlsProvider, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder}; struct Ctx { table: ResourceTable, @@ -21,7 +23,7 @@ impl WasiView for Ctx { } } -async fn run_test(path: &str) -> Result<()> { +async fn run_test(provider: Box, path: &str) -> Result<()> { let ctx = Ctx { table: ResourceTable::new(), wasi_ctx: WasiCtx::builder() @@ -30,7 +32,7 @@ async fn run_test(path: &str) -> Result<()> { .inherit_network() .allow_ip_name_lookup(true) .build(), - wasi_tls_ctx: WasiTlsCtxBuilder::new().build(), + wasi_tls_ctx: WasiTlsCtxBuilder::new().provider(provider).build(), }; let engine = test_programs_artifacts::engine(|_config| {}); @@ -53,16 +55,52 @@ async fn run_test(path: &str) -> Result<()> { .map_err(|()| format_err!("command returned with failing exit status")) } -macro_rules! assert_test_exists { - ($name:ident) => { - #[expect(unused_imports, reason = "just here to assert it exists")] - use self::$name as _; +macro_rules! test_case { + ($provider:ident, $name:ident) => { + #[tokio::test(flavor = "multi_thread")] + async fn $name() -> wasmtime::Result<()> { + super::$name(Box::new(wasmtime_wasi_tls::$provider::default())).await + } }; } -test_programs_artifacts::foreach_tls!(assert_test_exists); +#[cfg(feature = "rustls")] +mod rustls { + macro_rules! rustls_test_case { + ($name:ident) => { + test_case!(RustlsProvider, $name); + }; + } + + test_programs_artifacts::foreach_tls!(rustls_test_case); +} + +#[cfg(feature = "openssl")] +mod openssl { + macro_rules! openssl_test_case { + ($name:ident) => { + test_case!(OpenSslProvider, $name); + }; + } + + test_programs_artifacts::foreach_tls!(openssl_test_case); +} + +#[cfg(feature = "nativetls")] +mod nativetls { + macro_rules! nativetls_test_case { + ($name:ident) => { + test_case!(NativeTlsProvider, $name); + }; + } + + test_programs_artifacts::foreach_tls!(nativetls_test_case); +} -#[tokio::test(flavor = "multi_thread")] -async fn tls_sample_application() -> Result<()> { - run_test(test_programs_artifacts::TLS_SAMPLE_APPLICATION_COMPONENT).await +async fn tls_sample_application(provider: Box) -> Result<()> { + run_test( + provider, + test_programs_artifacts::TLS_SAMPLE_APPLICATION_COMPONENT, + ) + .await } diff --git a/scripts/publish.rs b/scripts/publish.rs index 3bbb1cdc1dc2..253040864687 100644 --- a/scripts/publish.rs +++ b/scripts/publish.rs @@ -75,8 +75,6 @@ const CRATES_TO_PUBLISH: &[&str] = &[ "wasmtime-wasi-keyvalue", "wasmtime-wasi-threads", "wasmtime-wasi-tls", - "wasmtime-wasi-tls-nativetls", - "wasmtime-wasi-tls-openssl", "wasmtime-wast", "wasmtime-internal-c-api-macros", "wasmtime-c-api-impl", @@ -98,8 +96,6 @@ const PUBLIC_CRATES: &[&str] = &[ "wasmtime-wasi-io", "wasmtime-wasi", "wasmtime-wasi-tls", - "wasmtime-wasi-tls-nativetls", - "wasmtime-wasi-tls-openssl", "wasmtime-wasi-http", "wasmtime-wasi-nn", "wasmtime-wasi-config", diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 16dcf6f3fad9..d87bea5a59e2 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -199,12 +199,6 @@ audit-as-crates-io = true [policy.wasmtime-wasi-tls] audit-as-crates-io = true -[policy.wasmtime-wasi-tls-nativetls] -audit-as-crates-io = true - -[policy.wasmtime-wasi-tls-openssl] -audit-as-crates-io = true - [policy.wasmtime-wast] audit-as-crates-io = true