Use PEM decoding from rustls-pki-types directly

[djc]

No description provided.

[cpu]

Generally looks good, but I think the ignored-by-default smoketests might need an update:

[daniel@noire:~/Code/Rust/rustls-native-certs]$ git rev-parse HEAD
e73d170bafb8a1704f31263ac3487e3a66a7c998

[daniel@noire:~/Code/Rust/rustls-native-certs]$ cargo test -- --ignored
....
failures:

---- nothing_works_with_broken_file_and_dir stdout ----
thread 'nothing_works_with_broken_file_and_dir' panicked at tests/smoketests.rs:254:5:
assertion failed: first_err.contains("open file")
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

---- google_with_dir_but_broken_file stdout ----
thread 'google_with_dir_but_broken_file' panicked at tests/smoketests.rs:215:5:
assertion failed: first_err.contains("open file")


failures:
    google_with_dir_but_broken_file
    nothing_works_with_broken_file_and_dir

test result: FAILED. 9 passed; 2 failed; 0 ignored; 0 measured; 0 filtered out; finished in 1.80s

error: test failed, to rerun pass `--test smoketests`

Edit: manual workflow dispatch agrees.

[cpu]

The error being returned for each of the failed first_err.contains("open file") assertions is now "failed to parse PEM: No such file or directory (os error 2) in not-exist" where before it was: "failed to open file: No such file or directory (os error 2) in not-exist".

I think the intent of that assertion (at least in the nothing_works_with_broken_file_and_dir case) is to make sure the errors produced from a bad SSL_CERT_DIR or a bad SSL_CERT_FILE can be differentiated. The new message does feel like a small step backwards in that sense.

[djc]

The error being returned for each of the failed first_err.contains("open file") assertions is now "failed to parse PEM: No such file or directory (os error 2) in not-exist" where before it was: "failed to open file: No such file or directory (os error 2) in not-exist".

I think the intent of that assertion (at least in the nothing_works_with_broken_file_and_dir case) is to make sure the errors produced from a bad SSL_CERT_DIR or a bad SSL_CERT_FILE can be differentiated. The new message does feel like a small step backwards in that sense.

Tried to improve on this front:

enrai-2024 rustls-native-certs $ cargo t broken -- --nocapture --ignored
     Running tests/smoketests.rs (target/debug/deps/smoketests-33526649cd1b65fa)

running 3 tests
[tests/smoketests.rs:216:5] &first_err = "failed to read PEM from file: No such file or directory (os error 2) at 'not-exist'"
[tests/smoketests.rs:261:5] &first_err = "failed to read PEM from file: No such file or directory (os error 2) at 'not-exist'"
[tests/smoketests.rs:266:5] &second_err = "opening directory: No such file or directory (os error 2) at '/not-exist'"
test google_with_dir_but_broken_file ... ok
test nothing_works_with_broken_file_and_dir ... ok
[tests/smoketests.rs:238:5] &first_err = "opening directory: No such file or directory (os error 2) at '/not-exist'"
test google_with_file_but_broken_dir ... ok

test result: ok. 3 passed; 0 failed; 0 ignored; 0 measured; 8 filtered out; finished in 0.15s

[cpu]

Thanks, latest rev looks great.