Stop automatically pulling in aws-lc as a dependency

Author: OverShifted

Cargo.toml

@@ -10,6 +10,9 @@ license = "Apache-2.0"
 [features]
 default = ["tokio-net"]
 rustls = ["tokio-rustls"]
+rustls-aws-lc = ["rustls", "tokio-rustls/aws-lc-rs"]
+rustls-fips = ["rustls-aws-lc", "tokio-rustls/fips"]
+rustls-ring = ["rustls", "tokio-rustls/ring"]
 native-tls = ["tokio-native-tls"]
 openssl = ["tokio-openssl", "openssl_impl"]
 rt = ["tokio/rt"]
@@ -22,7 +25,7 @@ pin-project-lite = "0.2.13"
 thiserror = "1.0.30"
 tokio = { version = "1.0", features = ["time"] }
 tokio-native-tls = { version = "0.3.0", optional = true }
-tokio-rustls = { version = ">=0.25.0,<0.27", optional = true }
+tokio-rustls = { version = ">=0.25.0,<0.27", default-features = false, optional = true }
 tokio-openssl = { version = "0.6.3", optional = true }
 openssl_impl = { package = "openssl", version = "0.10.32", optional = true }
 

README.md

@@ -13,5 +13,39 @@ It can be used to easily create a `Stream` of TLS connections from a listening s
 
 See examples for examples of usage.
 
-You must enable either one of the `rustls`, `native-tls`, or `openssl` features depending on which implementation you
-would like to use.
+You must enable either one of the `rustls[-xyz]` (more details below), `native-tls`, or `openssl`
+features depending on which implementation you would like to use.
+
+When enabling the `rustls` feature, the `rustls` crate will be added as a dependency through
+the `tokio-rustls` crate without any
+[cryptography providers](https://docs.rs/rustls/latest/rustls/#cryptography-providers)
+included by default. To include one, do either of the following:
+
+1. Enable at least one of the additional `rustls-aws-lc`, `rustls-fips`, or `rustls-ring` features.
+   By doing this, you can also remove the `rustls` feature flag since it will be enabled
+   automatically by any of the `rustls-xyz` features.
+
+   ```toml
+   # Replace `rustls-xyz` with one of the features mentioned above.
+   tls-listener = { version = "x", features = ["rustls-xyz"] }
+   ```
+
+   These features will enable their relevant [`rustls` features](https://docs.rs/rustls/latest/rustls/#crate-features).
+
+1. Keep the `rustls` feature flag, but directly add the [`rustls`](https://crates.io/crates/rustls)
+   and/or [`tokio-rustls`](https://crates.io/crates/tokio-rustls) crates to your project's 
+   dependencies and enable your preferred flags on them instead of adding additional flags on
+   this crate (`tls-listener`).
+
+   ```toml
+   # Replace `xyz` with one of the features mentioned in the crate's documentation.
+   # for example: `aws-lc-rc`, `fips` or `ring`
+   rustls = { version = "x", default-features = false, features = ["xyz"]}
+   # And/or
+   tokio-rustls = { version = "x", default-features = false, features = ["xyz"]}
+   ```
+
+   You can also enable the default features by removing `default-features = false`, which will
+   enable the [AWS-LC crypto provider](https://github.com/aws/aws-lc-rs). However, their
+   default features are not enable by `tls-listener` because doing so will make disabling
+   them very hard for dependent crates.

examples/test_examples.py

@@ -56,7 +56,7 @@ def build_examples():
             "build",
             "--examples",
             "--features",
-            "rustls,rt,tokio/rt-multi-thread",
+            "rustls-aws-lc,rt,tokio/rt-multi-thread",
         ]
     )
     proc.check_returncode()