feat(sqlx-core): split connector creation from handshake

goffrie · goffrie · commit 04b409a26604 · 2026-04-21T15:39:40.000-07:00
diff --git a/sqlx-core/src/net/tls/mod.rs b/sqlx-core/src/net/tls/mod.rs
@@ -60,15 +60,37 @@ impl std::fmt::Display for CertificateInput {
 pub struct TlsConfig<'a> {
     pub accept_invalid_certs: bool,
     pub accept_invalid_hostnames: bool,
-    pub hostname: &'a str,
     pub root_cert_path: Option<&'a CertificateInput>,
     pub client_cert_path: Option<&'a CertificateInput>,
     pub client_key_path: Option<&'a CertificateInput>,
 }
 
+#[cfg(feature = "_tls-native-tls")]
+pub use self::tls_native_tls::NativeTlsConnector as TlsConnector;
+#[cfg(all(feature = "_tls-rustls", not(feature = "_tls-native-tls")))]
+pub use self::tls_rustls::RustlsConnector as TlsConnector;
+#[cfg(not(any(feature = "_tls-native-tls", feature = "_tls-rustls")))]
+#[derive(Clone)]
+pub struct TlsConnector(std::convert::Infallible);
+
+pub async fn connector(config: TlsConfig<'_>) -> crate::Result<TlsConnector> {
+    #[cfg(feature = "_tls-native-tls")]
+    return Ok(tls_native_tls::connector(config).await?);
+
+    #[cfg(all(feature = "_tls-rustls", not(feature = "_tls-native-tls")))]
+    return Ok(tls_rustls::connector(config).await?);
+
+    #[cfg(not(any(feature = "_tls-native-tls", feature = "_tls-rustls")))]
+    {
+        _ = config;
+        panic!("one of the `runtime-*-native-tls` or `runtime-*-rustls` features must be enabled")
+    }
+}
+
 pub async fn handshake<S, Ws>(
     socket: S,
-    config: TlsConfig<'_>,
+    hostname: &str,
+    connector: TlsConnector,
     with_socket: Ws,
 ) -> crate::Result<Ws::Output>
 where
@@ -77,18 +99,18 @@ where
 {
     #[cfg(feature = "_tls-native-tls")]
     return Ok(with_socket
-        .with_socket(tls_native_tls::handshake(socket, config).await?)
+        .with_socket(tls_native_tls::handshake(socket, hostname, connector).await?)
         .await);
 
     #[cfg(all(feature = "_tls-rustls", not(feature = "_tls-native-tls")))]
     return Ok(with_socket
-        .with_socket(tls_rustls::handshake(socket, config).await?)
+        .with_socket(tls_rustls::handshake(socket, hostname, connector).await?)
         .await);
 
     #[cfg(not(any(feature = "_tls-native-tls", feature = "_tls-rustls")))]
     {
-        drop((socket, config, with_socket));
-        panic!("one of the `runtime-*-native-tls` or `runtime-*-rustls` features must be enabled")
+        drop((socket, hostname, with_socket));
+        match connector.0 {}
     }
 }
 
diff --git a/sqlx-core/src/net/tls/tls_native_tls.rs b/sqlx-core/src/net/tls/tls_native_tls.rs
@@ -39,10 +39,12 @@ impl<S: Socket> Socket for NativeTlsSocket<S> {
     }
 }
 
-pub async fn handshake<S: Socket>(
-    socket: S,
-    config: TlsConfig<'_>,
-) -> crate::Result<NativeTlsSocket<S>> {
+#[derive(Clone)]
+pub struct NativeTlsConnector {
+    connector: native_tls::TlsConnector,
+}
+
+pub async fn connector(config: TlsConfig<'_>) -> crate::Result<NativeTlsConnector> {
     let mut builder = native_tls::TlsConnector::builder();
 
     builder
@@ -67,8 +69,18 @@ pub async fn handshake<S: Socket>(
     let connector = rt::spawn_blocking(move || builder.build())
         .await
         .map_err(Error::tls)?;
+    Ok(NativeTlsConnector { connector })
+}
 
-    let mut mid_handshake = match connector.connect(config.hostname, StdSocket::new(socket)) {
+pub async fn handshake<S: Socket>(
+    socket: S,
+    hostname: &str,
+    connector: NativeTlsConnector,
+) -> crate::Result<NativeTlsSocket<S>> {
+    let mut mid_handshake = match connector
+        .connector
+        .connect(hostname, StdSocket::new(socket))
+    {
         Ok(tls_stream) => return Ok(NativeTlsSocket { stream: tls_stream }),
         Err(HandshakeError::Failure(e)) => return Err(Error::tls(e)),
         Err(HandshakeError::WouldBlock(mid_handshake)) => mid_handshake,
diff --git a/sqlx-core/src/net/tls/tls_rustls.rs b/sqlx-core/src/net/tls/tls_rustls.rs
@@ -87,10 +87,12 @@ impl<S: Socket> Socket for RustlsSocket<S> {
     }
 }
 
-pub async fn handshake<S>(socket: S, tls_config: TlsConfig<'_>) -> Result<RustlsSocket<S>, Error>
-where
-    S: Socket,
-{
+#[derive(Clone)]
+pub struct RustlsConnector {
+    config: Arc<ClientConfig>,
+}
+
+pub async fn connector(tls_config: TlsConfig<'_>) -> Result<RustlsConnector, Error> {
     #[cfg(all(
         feature = "_tls-rustls-aws-lc-rs",
         not(feature = "_tls-rustls-ring-webpki"),
@@ -180,11 +182,24 @@ where
         }
     };
 
-    let host = ServerName::try_from(tls_config.hostname.to_owned()).map_err(Error::tls)?;
+    Ok(RustlsConnector {
+        config: Arc::new(config),
+    })
+}
+
+pub async fn handshake<S>(
+    socket: S,
+    hostname: &str,
+    connector: RustlsConnector,
+) -> Result<RustlsSocket<S>, Error>
+where
+    S: Socket,
+{
+    let host = ServerName::try_from(hostname.to_owned()).map_err(Error::tls)?;
 
     let mut socket = RustlsSocket {
         inner: StdSocket::new(socket),
-        state: ClientConnection::new(Arc::new(config), host).map_err(Error::tls)?,
+        state: ClientConnection::new(connector.config, host).map_err(Error::tls)?,
         close_notify_sent: false,
     };
 
