Use rustls default provider unless specified

[GreenYun]

Starting from rustls 0.23, the backend provider is aws-lc-rs. However, request hard coded many rings, especially the default rustls-tls feature. Will this change in the future to use the default setup from rustls unless some more other features specified?

[Congyuwang]

I hope that ring would still remain an option even if aws-lc-rs becomes available as a feature. For those without compliance need, ring is much more lightweight.

[GreenYun]

I hope that ring would still remain an option even if aws-lc-rs. For those without compliance need, ring is much more lightweight.

I think the library should not eliminate the potential to have another choice. ring may be lightweight but was-lc could have other benefits.

My current implementation is to build the requester myself:

use std::sync::OnceLock;

use reqwest::Client;
use rustls::{ClientConfig, RootCertStore};
use webpki_roots::TLS_SERVER_ROOTS;

static HTTP_CLIENT: OnceLock<Client> = OnceLock::new();

pub fn client() -> Client {
	HTTP_CLIENT.get_or_init(init_client).clone()
}

fn init_client() -> Client {
	static USER_AGENT: &str = concat!(env!("CARGO_PKG_NAME"), "/", env!("CARGO_PKG_VERSION"),);

	let cert_store: RootCertStore = TLS_SERVER_ROOTS.iter().cloned().collect();
	let mut tls = ClientConfig::builder().with_root_certificates(cert_store).with_no_client_auth();
	tls.enable_early_data = true;
	tls.alpn_protocols = vec!["h2".into(), "http/1.1".into()];

	let client = Client::builder().use_preconfigured_tls(tls).user_agent(USER_AGENT).build();
	match client {
		Ok(client) => client,
		Err(e) => {
			log::error!("{e}");
			panic!("{e}");
		}
	}
}

Most of the code to build the Client is copied from reqwest, and no hard coding ring or was_lc_rs. However, install_default() should be called before the client initialized.