Fix build with "ring" instead of "aws_lc_rs" feature (#540)

Since there are feature flags for ring and aws-lc in libunftp, it seems
unintended to pull aws-lc-sys unconditionally via the tokio-rustls
default features.

Furthermore, the build failed with "aws_lc_rs" disabled, since `tls.rs`
unconditionally imported `rustls::crypto::aws_lc_rs`. With this PR
merged, there will be a meaningful error message if neither "ring" nor
"aws_lc_rs" are enabled, and enabling "ring" without "aws_lc_rs" is
supported again.

Last commit just removes some dead code which caused a warning.

---------

Co-authored-by: Hannes de Jager <hannes.de.jager@gmail.com>

Author: procr1337

Cargo.toml

@@ -60,13 +60,13 @@ rustls = { version = "0.23.35", default-features = false }
 rustls-pemfile = "2.2.0"
 slog = { version = "2.8.2", features = ["max_level_trace", "release_max_level_info"] }
 slog-stdlog = "4.1.1"
-thiserror = "2.0.17"
-tokio = { version = "1.48.0", features = ["macros", "rt", "net", "process", "sync", "io-util", "time"] }
-tokio-rustls = "0.26.4"
-tokio-util = { version = "0.7.17", features = ["codec"] }
-tracing = { version = "0.1.44", default-features = false }
-tracing-attributes = "0.1.31"
-uuid = { version = "1.19.0", features = ["v4"] }
+thiserror = "2.0.12"
+tokio = { version = "1.44.2", features = ["macros", "rt", "net", "process", "sync", "io-util", "time"] }
+tokio-rustls = { version = "0.26.2", default-features = false }
+tokio-util = { version = "0.7.15", features = ["codec"] }
+tracing = { version = "0.1.41", default-features = false }
+tracing-attributes = "0.1.28"
+uuid = { version = "1.16.0", features = ["v4"] }
 x509-parser = "0.17.0"
 dashmap = "6.1.0"
 libc = "0.2"

src/lib.rs

@@ -52,3 +52,6 @@ pub mod storage;
 pub use crate::server::ftpserver::{Server, ServerBuilder, error::ServerError, options};
 
 type BoxError = Box<dyn std::error::Error + Send + Sync + 'static>;
+
+#[cfg(not(any(feature = "aws_lc_rs", feature = "ring")))]
+compile_error!("Need to enable either aws_lc_rs or ring feature for libunftp");

src/server/tls.rs

@@ -1,13 +1,20 @@
 use crate::options::{FtpsClientAuth, TlsFlags};
 use rustls::{
     NoKeyLog, RootCertStore, ServerConfig, SupportedProtocolVersion,
-    crypto::{aws_lc_rs, aws_lc_rs::Ticketer},
     pki_types::{CertificateDer, PrivateKeyDer},
     server::{ClientCertVerifierBuilder, NoServerSessionStorage, StoresServerSessions, WebPkiClientVerifier},
     version::{TLS12, TLS13},
 };
+
+// Enable aws_lc_rs, unless the flag is disabled (in which case ring has to be enabled).
+// If both are enabled, aws_lc_rs is preferred.
+#[cfg(feature = "aws_lc_rs")]
+use rustls::crypto::{aws_lc_rs as crypto_impl, aws_lc_rs::Ticketer};
+#[cfg(all(not(feature = "aws_lc_rs"), feature = "ring"))]
+use rustls::crypto::{ring as crypto_impl, ring::Ticketer};
+
 use std::{
-    fmt::{self, Display, Formatter},
+    fmt::{self, Formatter},
     fs::File,
     io::{self, BufReader},
     path::{Path, PathBuf},
@@ -34,17 +41,6 @@ impl fmt::Debug for FtpsConfig {
     }
 }
 
-#[derive(Debug, Copy, Clone)]
-pub struct FtpsNotAvailable;
-
-impl Display for FtpsNotAvailable {
-    fn fmt(&self, f: &mut Formatter) -> fmt::Result {
-        write!(f, "FTPS not configured/available")
-    }
-}
-
-impl std::error::Error for FtpsNotAvailable {}
-
 // The error returned by new_config
 #[derive(Error, Debug)]
 #[error("TLS configuration error")]
@@ -96,7 +92,7 @@ pub fn new_config<P: AsRef<Path>>(
         versions.push(&TLS13)
     }
 
-    let provider = Arc::new(aws_lc_rs::default_provider());
+    let provider = Arc::new(crypto_impl::default_provider());
     let mut config = ServerConfig::builder_with_provider(provider)
         .with_protocol_versions(&versions)
         .map_err(ConfigError::RustlsInit)?