refactor: pass ALPN around as &str

src/imap/client.rs

@@ -37,12 +37,12 @@ impl DerefMut for Client {
 }
 
 /// Converts port number to ALPN list.
-fn alpn(port: u16) -> &'static [&'static str] {
+fn alpn(port: u16) -> &'static str {
     if port == 993 {
         // Do not request ALPN on standard port.
-        &[]
+        ""
     } else {
-        &["imap"]
+        "imap"
     }
 }
 
@@ -262,7 +262,7 @@ impl Client {
         let buffered_tcp_stream = client.into_inner();
         let tcp_stream = buffered_tcp_stream.into_inner();
 
-        let tls_stream = wrap_tls(strict_tls, host, &[], tcp_stream)
+        let tls_stream = wrap_tls(strict_tls, host, "", tcp_stream)
             .await
             .context("STARTTLS upgrade failed")?;
         let buffered_stream = BufWriter::new(tls_stream);
@@ -334,7 +334,7 @@ impl Client {
         let buffered_proxy_stream = client.into_inner();
         let proxy_stream = buffered_proxy_stream.into_inner();
 
-        let tls_stream = wrap_tls(strict_tls, hostname, &[], proxy_stream)
+        let tls_stream = wrap_tls(strict_tls, hostname, "", proxy_stream)
             .await
             .context("STARTTLS upgrade failed")?;
         let buffered_stream = BufWriter::new(tls_stream);

src/net.rs

@@ -127,7 +127,7 @@ pub(crate) async fn connect_tls_inner(
     addr: SocketAddr,
     host: &str,
     strict_tls: bool,
-    alpn: &[&str],
+    alpn: &str,
 ) -> Result<impl SessionStream + 'static> {
     let tcp_stream = connect_tcp_inner(addr).await?;
     let tls_stream = wrap_tls(strict_tls, host, alpn, tcp_stream).await?;

src/net/http.rs

@@ -76,11 +76,11 @@ where
                 let proxy_stream = proxy_config
                     .connect(context, host, port, load_cache)
                     .await?;
-                let tls_stream = wrap_rustls(host, &[], proxy_stream).await?;
+                let tls_stream = wrap_rustls(host, "", proxy_stream).await?;
                 Box::new(tls_stream)
             } else {
                 let tcp_stream = crate::net::connect_tcp(context, host, port, load_cache).await?;
-                let tls_stream = wrap_rustls(host, &[], tcp_stream).await?;
+                let tls_stream = wrap_rustls(host, "", tcp_stream).await?;
                 Box::new(tls_stream)
             }
         }

src/net/proxy.rs

@@ -429,7 +429,7 @@ impl ProxyConfig {
                     load_cache,
                 )
                 .await?;
-                let tls_stream = wrap_rustls(&https_config.host, &[], tcp_stream).await?;
+                let tls_stream = wrap_rustls(&https_config.host, "", tcp_stream).await?;
                 let auth = if let Some((username, password)) = &https_config.user_password {
                     Some((username.as_str(), password.as_str()))
                 } else {

src/net/tls.rs

@@ -8,7 +8,7 @@ use crate::net::session::SessionStream;
 pub async fn wrap_tls<'a>(
     strict_tls: bool,
     hostname: &str,
-    alpn: &[&str],
+    alpn: &str,
     stream: impl SessionStream + 'static,
 ) -> Result<impl SessionStream + 'a> {
     if strict_tls {
@@ -19,9 +19,14 @@ pub async fn wrap_tls<'a>(
         // We use native_tls because it accepts 1024-bit RSA keys.
         // Rustls does not support them even if
         // certificate checks are disabled: <https://github.com/rustls/rustls/issues/234>.
+        let alpns = if alpn.is_empty() {
+            Box::from([])
+        } else {
+            Box::from([alpn])
+        };
         let tls = async_native_tls::TlsConnector::new()
             .min_protocol_version(Some(async_native_tls::Protocol::Tlsv12))
-            .request_alpns(alpn)
+            .request_alpns(&alpns)
             .danger_accept_invalid_hostnames(true)
             .danger_accept_invalid_certs(true);
         let tls_stream = tls.connect(hostname, stream).await?;
@@ -32,7 +37,7 @@ pub async fn wrap_tls<'a>(
 
 pub async fn wrap_rustls<'a>(
     hostname: &str,
-    alpn: &[&str],
+    alpn: &str,
     stream: impl SessionStream + 'a,
 ) -> Result<impl SessionStream + 'a> {
     let mut root_cert_store = tokio_rustls::rustls::RootCertStore::empty();
@@ -41,7 +46,11 @@ pub async fn wrap_rustls<'a>(
     let mut config = tokio_rustls::rustls::ClientConfig::builder()
         .with_root_certificates(root_cert_store)
         .with_no_client_auth();
-    config.alpn_protocols = alpn.iter().map(|s| s.as_bytes().to_vec()).collect();
+    config.alpn_protocols = if alpn.is_empty() {
+        vec![]
+    } else {
+        vec![alpn.as_bytes().to_vec()]
+    };
 
     let tls = tokio_rustls::TlsConnector::from(Arc::new(config));
     let name = rustls_pki_types::ServerName::try_from(hostname)?.to_owned();

src/smtp/connect.rs

@@ -19,13 +19,13 @@ use crate::net::{
 use crate::oauth2::get_oauth2_access_token;
 use crate::tools::time;
 
-/// Converts port number to ALPN list.
-fn alpn(port: u16) -> &'static [&'static str] {
+/// Converts port number to ALPN.
+fn alpn(port: u16) -> &'static str {
     if port == 465 {
         // Do not request ALPN on standard port.
-        &[]
+        ""
     } else {
-        &["smtp"]
+        "smtp"
     }
 }
 
@@ -249,7 +249,7 @@ async fn connect_starttls_proxy(
     skip_smtp_greeting(&mut buffered_stream).await?;
     let transport = new_smtp_transport(buffered_stream).await?;
     let tcp_stream = transport.starttls().await?.into_inner();
-    let tls_stream = wrap_tls(strict_tls, hostname, &[], tcp_stream)
+    let tls_stream = wrap_tls(strict_tls, hostname, "", tcp_stream)
         .await
         .context("STARTTLS upgrade failed")?;
     let buffered_stream = BufStream::new(tls_stream);
@@ -294,7 +294,7 @@ async fn connect_starttls(
     skip_smtp_greeting(&mut buffered_stream).await?;
     let transport = new_smtp_transport(buffered_stream).await?;
     let tcp_stream = transport.starttls().await?.into_inner();
-    let tls_stream = wrap_tls(strict_tls, host, &[], tcp_stream)
+    let tls_stream = wrap_tls(strict_tls, host, "", tcp_stream)
         .await
         .context("STARTTLS upgrade failed")?;