reqwest
reqwest copied to clipboard
Published
20 hours ago •
seanmonstar
seanmonstar
kind: Other, error: Custom { kind: InvalidData, error: DecryptError }
I got an error
reqwest::Error { kind: Request, url: "https://**********, source: hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: DecryptError } }) }
This happens when create connection got ServerHello ServerHelloPayload.
[2020-03-28T13:20:22Z DEBUG hyper::client::connect::dns] resolving host="************"
[2020-03-28T13:20:22Z DEBUG hyper::client::connect::http] connecting to 172.31.43.112:443
[2020-03-28T13:20:22Z DEBUG hyper::client::connect::http] connected to 172.31.43.112:443
[2020-03-28T13:20:22Z DEBUG rustls::client::hs] Resuming session
[2020-03-28T13:20:22Z TRACE rustls::client::hs] Sending ClientHello Message {
typ: Handshake,
version: TLSv1_0,
payload: Handshake(
HandshakeMessagePayload {
typ: ClientHello,
payload: ClientHello(
ClientHelloPayload {
client_version: TLSv1_2,
random: Random(
[
52,
224,
208,
116,
39,
18,
249,
195,
38,
122,
90,
239,
221,
111,
35,
29,
179,
166,
221,
63,
21,
2,
76,
39,
53,
9,
190,
109,
25,
96,
77,
116,
],
),
session_id: SessionID(
89,
104,
165,
44,
71,
70,
210,
25,
166,
81,
0,
83,
133,
213,
234,
21,
94,
54,
139,
155,
5,
206,
72,
41,
19,
183,
63,
52,
252,
176,
111,
58,
),
cipher_suites: [
TLS13_CHACHA20_POLY1305_SHA256,
TLS13_AES_256_GCM_SHA384,
TLS13_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
],
compression_methods: [
Null,
],
extensions: [
SupportedVersions(
[
TLSv1_3,
TLSv1_2,
],
),
ServerName(
[
ServerName {
typ: HostName,
payload: HostName(
DNSName(
"************",
),
),
},
],
),
ECPointFormats(
[
Uncompressed,
],
),
NamedGroups(
[
X25519,
secp384r1,
secp256r1,
],
),
SignatureAlgorithms(
[
ECDSA_NISTP384_SHA384,
ECDSA_NISTP256_SHA256,
RSA_PSS_SHA512,
RSA_PSS_SHA384,
RSA_PSS_SHA256,
RSA_PKCS1_SHA512,
RSA_PKCS1_SHA384,
RSA_PKCS1_SHA256,
],
),
ExtendedMasterSecretRequest,
CertificateStatusRequest(
OCSP(
OCSPCertificateStatusRequest {
responder_ids: [],
extensions: PayloadU16(
[],
),
},
),
),
KeyShare(
[
KeyShareEntry {
group: X25519,
payload: PayloadU16(
[
159,
141,
204,
21,
205,
135,
101,
135,
73,
129,
229,
95,
49,
213,
239,
182,
25,
98,
105,
115,
20,
129,
204,
139,
151,
235,
40,
21,
246,
139,
78,
52,
],
),
},
],
),
PresharedKeyModes(
[
PSK_DHE_KE,
],
),
Protocols(
[
PayloadU8(
[
104,
50,
],
),
PayloadU8(
[
104,
116,
116,
112,
47,
49,
46,
49,
],
),
],
),
SessionTicketOffer(
Payload(
[
83,
83,
75,
45,
69,
48,
48,
52,
52,
48,
51,
56,
49,
0,
0,
0,
50,
49,
171,
244,
43,
198,
167,
19,
155,
187,
135,
127,
66,
8,
205,
228,
35,
189,
64,
71,
52,
215,
113,
15,
200,
180,
147,
110,
110,
136,
90,
13,
253,
206,
79,
188,
48,
69,
66,
108,
82,
56,
190,
166,
46,
147,
69,
211,
52,
71,
221,
75,
248,
146,
105,
59,
141,
89,
144,
62,
122,
235,
211,
166,
85,
2,
93,
252,
32,
109,
138,
146,
164,
41,
10,
156,
59,
193,
76,
59,
116,
209,
15,
190,
57,
102,
47,
167,
],
),
),
],
},
),
},
),
}
[2020-03-28T13:20:22Z TRACE rustls::client::hs] We got ServerHello ServerHelloPayload {
legacy_version: TLSv1_2,
random: Random(
[
237,
163,
36,
173,
117,
35,
48,
220,
104,
109,
255,
183,
195,
184,
121,
144,
236,
132,
41,
247,
151,
187,
28,
90,
164,
177,
247,
104,
222,
150,
77,
61,
],
),
session_id: SessionID(
89,
104,
165,
44,
71,
70,
210,
25,
166,
81,
0,
83,
133,
213,
234,
21,
94,
54,
139,
155,
5,
206,
72,
41,
19,
183,
63,
52,
252,
176,
111,
58,
),
cipher_suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
compression_method: Null,
extensions: [
ECPointFormats(
[
Uncompressed,
],
),
RenegotiationInfo(
PayloadU8(
[],
),
),
],
}
[2020-03-28T13:20:22Z DEBUG rustls::client::hs] ALPN protocol is None
[2020-03-28T13:20:22Z DEBUG rustls::client::hs] Using ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2020-03-28T13:20:22Z DEBUG rustls::client::hs] Server agreed to resume
[2020-03-28T13:20:22Z TRACE hyper::client::pool] checkout dropped for ("https", ************)
[2020-03-28T13:20:22Z ERROR order] reqwest::Error { kind: Request, url: "https://************", source: hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: DecryptError } }) }
This error occasionally appears in some requests, not in every request.
change rustls to native tls got error:
reqwest::Error { kind: Request, url: "***********", source: hyper::Error(Connect, Ssl(Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 336134278, library: "SSL routines", function: "ssl3_get_server_certificate", reason: "certificate verify failed", file: "s3_clnt.c", line: 1264 }]))) }, X509VerifyResult { code: 62, error: "Hostname mismatch" })) }
Is there something wrong with certificate? Using curl is ok.
* Trying 172.31.43.112...
* TCP_NODELAY set
* Connected to ***** (172.31.43.112) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: OU=Domain Control Validated; CN=*****
* start date: Dec 15 11:19:00 2017 GMT
* expire date: Dec 15 11:19:00 2020 GMT
* subjectAltName: host "**********" matched cert's "*****"
* issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
* SSL certificate verify ok.
> GET ********
> Host: *****
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.16.1
< Date: Sat, 28 Mar 2020 09:11:51 GMT
< Content-Length: 403
< Connection: keep-alive
< Content-Type: application/json
<
Hm. Open Google Chrome > Developer Tools > Security, load the URL and check if you see any warnings under Overview or Main origin.
Hm. Open Google Chrome > Developer Tools > Security, load the URL and check if you see any warnings under Overview or Main origin.
No warnings and errors!
Is the domain you are connecting to present in subjectAltName of the certificate? Do you use Rustls with a custom CA root store? Would it work by using the default config (webpki_roots)?
Is the domain you are connecting to present in subjectAltName of the certificate? Do you use Rustls with a custom CA root store? Would it work by using the default config (webpki_roots)?
use rustls there is no cert error, sometimes got
reqwest::Error { kind: Request, url: "https://**********, source: hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: DecryptError } }) }
when change to native tls got hostname mismatch
the domain I'm connectiong to is in SAN wildcard.
I think we can ignore the hostname mismatch error from openssl, focus on error "error sending request for url (https://******): error trying to connect: cannot decrypt peer's message".
What software is the server running? On which OS have you tried native-tls? What does https://github.com/drwetter/testssl.sh say?
$ git clone https://github.com/drwetter/testssl.sh.git
$ cd testssl.sh
$ ./testssl.sh https://yourdomain.tld
os: Linux version 4.14.146-120.181.amzn2.x86_64 (mockbuild@ip-10-0-1-243) (gcc version 7.3.1 20180712 (Red Hat 7.3.1-6) (GCC)) #1 SMP Fri Oct 18 17:01:06 UTC 2019
openssl: OpenSSL 1.0.2k-fips 26 Jan 2017
testssl.sh:
###########################################################
testssl.sh 3.1dev from https://testssl.sh/dev/
(8ff4520 2020-03-25 18:28:03 -- )
This program is free software. Distribution and
modification under GPLv2 permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
###########################################################
Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers]
on ip-172-31-35-102:./bin/openssl.Linux.x86_64
(built: "Jan 18 17:12:17 2019", platform: "linux-x86_64")
Start 2020-03-29 09:46:47 -->> 172.31.43.112:443 (xxxxx.coinex.com) <<--
rDNS (172.31.43.112): ip-172-31-43-112.ap-northeast-1.compute.internal.
Service detected: HTTP
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 offered (deprecated)
TLS 1.1 offered (deprecated)
TLS 1.2 offered (OK)
TLS 1.3 not offered and downgraded to a weaker protocol
NPN/SPDY not offered
ALPN/HTTP2 not offered
Testing cipher categories
NULL ciphers (no encryption) not offered (OK)
Anonymous NULL Ciphers (no authentication) not offered (OK)
Export ciphers (w/o ADH+NULL) not offered (OK)
LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK)
Triple DES Ciphers / IDEA not offered
Obsolete: SEED + 128+256 Bit CBC cipher offered
Strong encryption (AEAD ciphers) offered (OK)
Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
Elliptic curves offered: prime256v1 secp384r1
Testing server preferences
Has server cipher order? yes (OK)
Negotiated protocol TLSv1.2
Negotiated cipher ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Cipher order
TLSv1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
TLSv1.1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA
AES256-GCM-SHA384 AES256-SHA256 AES256-SHA
Testing server defaults (Server Hello)
TLS extensions (standard) "server name/#0" "EC point formats/#11" "renegotiation info/#65281" "session ticket/#35"
Session Ticket RFC 5077 hint 172800 seconds but: PFS requires session ticket keys to be rotated < daily !
SSL Session ID support yes
Session Resumption Tickets: yes, ID: no
TLS clock skew Random values, no fingerprinting possible
Signature Algorithm SHA256 with RSA
Server key size RSA 2048 bits
Server key usage Digital Signature, Key Encipherment
Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication
Serial / Fingerprints 2CF01767DABD9D4A / SHA1 EE242699D48D7FCDB0780A96DABDD98AD5D856CE
SHA256 7BA79C0BBB5DB856156C480EFBFD60AFE919C007087B4F87FC120996E3324D76
Common Name (CN) *.coinex.com
subjectAltName (SAN) *.coinex.com coinex.com
Issuer Go Daddy Secure Certificate Authority - G2 (GoDaddy.com, Inc. from US)
Trust (hostname) Ok via SAN wildcard (same w/o SNI)
Chain of trust Ok
EV cert (experimental) no
ETS/"eTLS", visibility info not present
Certificate Validity (UTC) 261 >= 60 days (2017-12-15 19:19 --> 2020-12-15 19:19)
>= 825 days certificate life time but issued before 2018/03/01
# of certificates provided 4
Certificate Revocation List http://crl.godaddy.com/gdig2s1-795.crl
OCSP URI http://ocsp.godaddy.com/
OCSP stapling not offered
OCSP must staple extension --
DNS CAA RR (experimental) not offered
Certificate Transparency --
Testing HTTP header response @ "/"
HTTP Status Code 404 Not Found (Hint: supply a path which doesn't give a "404 Not Found")
HTTP clock skew 0 sec from localtime
Strict Transport Security not offered
Public Key Pinning --
Server banner nginx/1.16.1
Application banner --
Cookie(s) (none issued at "/") -- maybe better try target URL of 30x
Security headers --
Reverse Proxy banner --
Testing vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
CCS (CVE-2014-0224) not vulnerable (OK)
Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets
ROBOT
not vulnerable (OK)
Secure Renegotiation (RFC 5746) supported (OK)
Secure Client-Initiated Renegotiation likely not vulnerable (OK), timed out
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
Can be ignored for static pages or if no secrets in the page
POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support
TLS_FALLBACK_SCSV (RFC 7507) Check failed, unexpected result , run testssl.sh -Z --debug=1 and look at /tmp/testssl.PtEa0L/*tls_fallback_scsv.txt
SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
FREAK (CVE-2015-0204) not vulnerable (OK)
DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
make sure you don't use this certificate elsewhere with SSLv2 enabled services
https://censys.io/ipv4?q=7BA79C0BBB5DB856156C480EFBFD60AFE919C007087B4F87FC120996E3324D76 could help you to find out
LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
Running client simulations (HTTP) via sockets
Android 4.4.2 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 9.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Android 10.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Chrome 74 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Chrome 79 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Firefox 66 (Win 8.1/10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Firefox 71 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
IE 6 XP No connection
IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
IE 8 XP No connection
IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
IE 11 Win Phone 8.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Edge 17 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Opera 66 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Safari 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Safari 12.1 (iOS 12.2) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Safari 13.0 (macOS 10.14.6) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Java 6u45 TLSv1.0 AES128-SHA, No FS
Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
Java 8u161 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Java 11.0.2 (OpenJDK) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Java 12.0.1 (OpenJDK) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
OpenSSL 1.1.1d (Debian) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
Thunderbird (68.3) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
my reqwest client have the error
"error sending request for url (https://******): error trying to connect: cannot decrypt peer's message".
But when I restart the client process, it's ok, no error any more. There is no update on server side.
├── reqwest v0.11.8
│ ├── async-compression v0.3.8
│ │ ├── flate2 v1.0.22 (*)
│ │ ├── futures-core v0.3.17
│ │ ├── memchr v2.4.1
│ │ ├── pin-project-lite v0.2.7
│ │ └── tokio v1.12.0
│ │ ├── bytes v1.1.0
│ │ ├── libc v0.2.105
│ │ ├── memchr v2.4.1
│ │ ├── mio v0.7.14
│ │ │ ├── libc v0.2.105
│ │ │ └── log v0.4.14 (*)
│ │ ├── num_cpus v1.13.0
│ │ │ └── libc v0.2.105
│ │ ├── once_cell v1.8.0
│ │ ├── parking_lot v0.11.2
│ │ │ ├── instant v0.1.12
│ │ │ │ └── cfg-if v1.0.0
│ │ │ ├── lock_api v0.4.5
│ │ │ │ └── scopeguard v1.1.0
│ │ │ └── parking_lot_core v0.8.5
│ │ │ ├── cfg-if v1.0.0
│ │ │ ├── instant v0.1.12 (*)
│ │ │ ├── libc v0.2.105
│ │ │ └── smallvec v1.7.0
│ │ ├── pin-project-lite v0.2.7
│ │ ├── signal-hook-registry v1.4.0
│ │ │ └── libc v0.2.105
│ │ └── tokio-macros v1.5.0 (proc-macro)
│ │ ├── proc-macro2 v1.0.32 (*)
│ │ ├── quote v1.0.10 (*)
│ │ └── syn v1.0.81 (*)
│ │ [build-dependencies]
│ │ └── autocfg v1.0.1
│ ├── base64 v0.13.0
│ ├── bytes v1.1.0
│ ├── encoding_rs v0.8.29
│ │ └── cfg-if v1.0.0
│ ├── futures-core v0.3.17
│ ├── futures-util v0.3.17 (*)
│ ├── http v0.2.5
│ │ ├── bytes v1.1.0
│ │ ├── fnv v1.0.7
│ │ └── itoa v0.4.8
│ ├── http-body v0.4.4
│ │ ├── bytes v1.1.0
│ │ ├── http v0.2.5 (*)
│ │ └── pin-project-lite v0.2.7
│ ├── hyper v0.14.14
│ │ ├── bytes v1.1.0
│ │ ├── futures-channel v0.3.17 (*)
│ │ ├── futures-core v0.3.17
│ │ ├── futures-util v0.3.17 (*)
│ │ ├── h2 v0.3.7
│ │ │ ├── bytes v1.1.0
│ │ │ ├── fnv v1.0.7
│ │ │ ├── futures-core v0.3.17
│ │ │ ├── futures-sink v0.3.17
│ │ │ ├── futures-util v0.3.17 (*)
│ │ │ ├── http v0.2.5 (*)
│ │ │ ├── indexmap v1.7.0
│ │ │ │ └── hashbrown v0.11.2
│ │ │ │ [build-dependencies]
│ │ │ │ └── autocfg v1.0.1
│ │ │ ├── slab v0.4.5
│ │ │ ├── tokio v1.12.0 (*)
│ │ │ ├── tokio-util v0.6.8
│ │ │ │ ├── bytes v1.1.0
│ │ │ │ ├── futures-core v0.3.17
│ │ │ │ ├── futures-sink v0.3.17
│ │ │ │ ├── log v0.4.14 (*)
│ │ │ │ ├── pin-project-lite v0.2.7
│ │ │ │ └── tokio v1.12.0 (*)
│ │ │ └── tracing v0.1.29
│ │ │ ├── cfg-if v1.0.0
│ │ │ ├── pin-project-lite v0.2.7
│ │ │ └── tracing-core v0.1.21
│ │ │ └── lazy_static v1.4.0
│ │ ├── http v0.2.5 (*)
│ │ ├── http-body v0.4.4 (*)
│ │ ├── httparse v1.5.1
│ │ ├── httpdate v1.0.1
│ │ ├── itoa v0.4.8
│ │ ├── pin-project-lite v0.2.7
│ │ ├── socket2 v0.4.2
│ │ │ └── libc v0.2.105
│ │ ├── tokio v1.12.0 (*)
│ │ ├── tower-service v0.3.1
│ │ ├── tracing v0.1.29 (*)
│ │ └── want v0.3.0
│ │ ├── log v0.4.14 (*)
│ │ └── try-lock v0.2.3
│ ├── hyper-rustls v0.23.0
│ │ ├── http v0.2.5 (*)
│ │ ├── hyper v0.14.14 (*)
│ │ ├── rustls v0.20.2
│ │ │ ├── log v0.4.14 (*)
│ │ │ ├── ring v0.16.20
│ │ │ │ ├── libc v0.2.105
│ │ │ │ ├── once_cell v1.8.0
│ │ │ │ ├── spin v0.5.2
│ │ │ │ └── untrusted v0.7.1
│ │ │ │ [build-dependencies]
│ │ │ │ └── cc v1.0.71
│ │ │ ├── sct v0.7.0
│ │ │ │ ├── ring v0.16.20 (*)
│ │ │ │ └── untrusted v0.7.1
│ │ │ └── webpki v0.22.0
│ │ │ ├── ring v0.16.20 (*)
│ │ │ └── untrusted v0.7.1
│ │ ├── tokio v1.12.0 (*)
│ │ └── tokio-rustls v0.23.2
│ │ ├── rustls v0.20.2 (*)
│ │ ├── tokio v1.12.0 (*)
│ │ └── webpki v0.22.0 (*)
│ ├── hyper-tls v0.5.0
│ │ ├── bytes v1.1.0
│ │ ├── hyper v0.14.14 (*)
│ │ ├── native-tls v0.2.8 (*)
│ │ ├── tokio v1.12.0 (*)
│ │ └── tokio-native-tls v0.3.0
│ │ ├── native-tls v0.2.8 (*)
│ │ └── tokio v1.12.0 (*)
│ ├── ipnet v2.3.1
│ ├── lazy_static v1.4.0
│ ├── log v0.4.14 (*)
│ ├── mime v0.3.16
│ ├── native-tls v0.2.8 (*)
│ ├── percent-encoding v2.1.0
│ ├── pin-project-lite v0.2.7
│ ├── rustls v0.20.2 (*)
│ ├── rustls-pemfile v0.2.1
│ │ └── base64 v0.13.0
│ ├── serde v1.0.130
│ ├── serde_json v1.0.68
│ │ ├── itoa v0.4.8
│ │ ├── ryu v1.0.5
│ │ └── serde v1.0.130
│ ├── serde_urlencoded v0.7.0
│ │ ├── form_urlencoded v1.0.1 (*)
│ │ ├── itoa v0.4.8
│ │ ├── ryu v1.0.5
│ │ └── serde v1.0.130
│ ├── tokio v1.12.0 (*)
│ ├── tokio-native-tls v0.3.0 (*)
│ ├── tokio-rustls v0.23.2 (*)
│ ├── tokio-util v0.6.8 (*)
│ ├── url v2.2.2 (*)
│ └── webpki-roots v0.22.1
│ └── webpki v0.22.0 (*)
├── security-framework v0.3.4
│ ├── core-foundation v0.6.4
│ │ ├── core-foundation-sys v0.6.2
│ │ └── libc v0.2.105
│ ├── core-foundation-sys v0.6.2
│ ├── libc v0.2.105
│ └── security-framework-sys v0.3.3
│ └── core-foundation-sys v0.6.2