From cbe77fd2ff13fe0cc95be636a257cf65e48d0924 Mon Sep 17 00:00:00 2001
From: 0x676e67 <gngppz@gmail.com>
Date: Fri, 6 Dec 2024 23:01:36 +0800
Subject: [PATCH] boring: Add SslConnector no default cert verify paths builder
 (#16)

---
 boring/src/ssl/connector.rs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/boring/src/ssl/connector.rs b/boring/src/ssl/connector.rs
index e910a324..52821e46 100644
--- a/boring/src/ssl/connector.rs
+++ b/boring/src/ssl/connector.rs
@@ -87,6 +87,18 @@ impl SslConnector {
         Ok(SslConnectorBuilder(ctx))
     }
 
+    /// Creates a new builder for TLS connections with no verification.
+    ///
+    /// This is useful for testing and other purposes where you want to skip verification.
+    pub fn no_default_verify_builder(method: SslMethod) -> Result<SslConnectorBuilder, ErrorStack> {
+        let mut ctx = ctx(ContextType::WithMethod(method))?;
+        ctx.set_cipher_list(
+            "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK",
+        )?;
+
+        Ok(SslConnectorBuilder(ctx))
+    }
+
     /// Creates a new builder for TLS connections with raw public key.
     #[cfg(feature = "rpk")]
     pub fn rpk_builder() -> Result<SslConnectorBuilder, ErrorStack> {