diff --git a/Cargo.toml b/Cargo.toml index 8dd2449..12ef5fd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -48,7 +48,7 @@ targets = ["x86_64-unknown-linux-gnu"] rustdoc-args = [ "--cfg", "docsrs" ] [features] -default = [ "std", "ndarray", "tracing", "download-binaries", "copy-dylibs" ] +default = [ "std", "ndarray", "tracing", "download-binaries", "tls-native", "copy-dylibs" ] std = [ "ort-sys/std", "ndarray/std", "tracing?/std" ] training = [ "ort-sys/training" ] @@ -63,6 +63,11 @@ download-binaries = [ "ort-sys/download-binaries" ] load-dynamic = [ "std", "libloading", "ort-sys/load-dynamic" ] copy-dylibs = [ "ort-sys/copy-dylibs" ] +tls-rustls = [ "ort-sys/tls-rustls" ] +tls-rustls-no-provider = [ "ort-sys/tls-rustls-no-provider" ] +tls-native = [ "ort-sys/tls-native" ] +tls-native-vendored = [ "ort-sys/tls-native-vendored" ] + alternative-backend = [ "ort-sys/disable-linking" ] cuda = [ "ort-sys/cuda" ] diff --git a/ort-sys/Cargo.toml b/ort-sys/Cargo.toml index 5161e03..65407c9 100644 --- a/ort-sys/Cargo.toml +++ b/ort-sys/Cargo.toml @@ -46,8 +46,14 @@ webgpu = [ "dep:glob" ] azure = [] nv = [] +tls-rustls = [ "tls-rustls-no-provider", "ureq?/rustls" ] +tls-rustls-no-provider = [ "__tls", "ureq?/rustls-no-provider" ] +tls-native = [ "__tls", "ureq?/native-tls" ] +tls-native-vendored = [ "tls-native", "ureq?/vendored" ] +__tls = [] + [build-dependencies] -ureq = { version = "3", optional = true, default-features = false, features = [ "native-tls", "socks-proxy" ] } +ureq = { version = "3", optional = true, default-features = false, features = [ "socks-proxy" ] } tar = { version = "0.4", optional = true } flate2 = { version = "1.0", optional = true } sha2 = { version = "0.10", optional = true } diff --git a/ort-sys/build.rs b/ort-sys/build.rs index 5aa162c..0fb9331 100644 --- a/ort-sys/build.rs +++ b/ort-sys/build.rs @@ -4,6 +4,12 @@ use std::{ process::Command }; +#[cfg(all(feature = "download-binaries", not(feature = "__tls")))] +compile_error!( + "When using `download-binaries`, a TLS feature must be configured. Enable exactly one of: \ + `tls-rustls` (uses `ring` as provider), `tls-rustls-no-provider`, `tls-native`, or `tls-native-vendored`." +); + #[allow(unused)] const ONNXRUNTIME_VERSION: &str = "1.22.1"; @@ -36,7 +42,11 @@ fn fetch_file(source_url: &str) -> Vec { .https_only(true) .tls_config( ureq::tls::TlsConfig::builder() - .provider(ureq::tls::TlsProvider::NativeTls) + .provider(if cfg!(feature = "tls-rustls-no-provider") { + ureq::tls::TlsProvider::Rustls + } else { + ureq::tls::TlsProvider::NativeTls + }) .root_certs(ureq::tls::RootCerts::PlatformVerifier) .build() ) @@ -176,7 +186,7 @@ fn macos_rtlib_search_dir() -> Option { } fn ios_rtlib_search_dir() -> Option { - let output = Command::new("xcrun").args(&["clang", "--print-resource-dir"]).output().ok()?; + let output = Command::new("xcrun").args(["clang", "--print-resource-dir"]).output().ok()?; if !output.status.success() { return None;