Commit Graph

259 Commits

Author SHA1 Message Date
Braden Ehrat
9487a157ab
Support half-closed states (#23)
After this commit, this crate will support using TLS streams in a
half-closed state. Note that the TLS 1.3 spec in RFC 8446
says this should be supported:

```
Each party MUST send a "close_notify" alert before closing its write
side of the connection, unless it has already sent some error alert.
This does not have any effect on its read side of the connection.  Note
that this is a change from versions of TLS prior to TLS 1.3 in which
implementations were required to react to a "close_notify" by discarding
pending writes and sending an immediate "close_notify" alert of their
own.  That previous requirement could cause truncation in the read side.
Both parties need not wait to receive a "close_notify" alert before
closing their read side of the connection, though doing so would
introduce the possibility of truncation.
```

https://tools.ietf.org/html/rfc8446#page-87

The `rustls` crate raises such a clean closure of a
[`ClientSession`](https://docs.rs/rustls/0.18.0/rustls/struct.ClientSession.html#impl-Read)
or
[`ServerSesson`](https://docs.rs/rustls/0.18.0/rustls/struct.ServerSession.html#impl-Read)
read-side with `ErrorKind::ConnectionAborted`.

This crate's `TlsState` struct already encodes support for the
half-closed states `TlsState::ReadShutdown` and
`TlsState::WriteShutdown`, in addition to `TlsState::FullyShutdown`.
However, the current behavior of the `AsyncRead` implementation is that
it unconditionally shuts-down the write-half of a connection after the
read-half closes cleanly with `ErrorKind::ConnectionAborted`.

This change removes the `stream.session.send_close_notify()` and
`this.state.shutdown_write()` calls from `poll_read()`. Note that
`stream.session.send_close_notify()` is still called in
`poll_shutdown()`, which the application calls to cleanly shutdown the
write-half.

I highly suspect the logic of this can be simplified and cleaned up
further. Minimally, the edited match statement now has two identical
branches which could be combined into one. Additionally, perhaps the
`Stream` implementation should simply return `Ok(0)` for this case in
its implementation of
[`tokio::io::AsyncRead`](https://docs.rs/tokio/0.2/tokio/io/trait.AsyncRead.html),
since that's the defined way to indicate clean closure with EOF from
`AsyncRead`. However, I want to make the minimal changes and have them
reviewed for logical correctness first.

Co-authored-by: Braden Ehrat <braden@cloudflare.com>
2020-08-16 23:25:49 +08:00
quininer
c2dd82e323
tokio-rustls: release 0.14.0 (#17)
* tokio-rustls: release 0.14.0

* Fix writev

* Fix fmt
2020-07-06 00:26:52 +08:00
quininer
fc90b3f378
tokio-rustls: Add to README and clean code (#15)
* tokio-rustls: Add to README and clean code

* cargo fmt
2020-05-20 13:09:24 +08:00
quininer
3be701cefb
Fix place wrong for process_new_packets (#14)
The `wants_read` only changes after `process_new_packets`,
which means that not immediately calling `process_new_packets` may cause rustls to cache too much data.
2020-05-19 11:57:14 +08:00
Kirill Fomichev
3c9b126993
Drop context on MidHandshake success [tokio-native-tls] (#12) 2020-05-07 13:55:37 -04:00
Kirill Fomichev
bd749ed734
Convert result in with_context function [tokio-native-tls] (#13) 2020-05-06 16:48:43 -04:00
zzzdong
9af6ed39a6
chore: fix CI by adding --all-features to cargo clippy (#11)
Co-authored-by: zzzdong <kuwater@163.com>
2020-05-02 13:29:12 -07:00
Lucio Franco
ec76fe4c8a fix doc link
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
2020-04-03 10:28:01 -04:00
Denis Molokanov
447a040a43
Auto-generate TLS server certificate for unix platform (#8)
* Add cert generation for unix targets

* Fix early-data.rs check

* Make clippy happy
2020-04-03 10:16:23 -04:00
aloucks
1c3aeb691e
Allow access to all inner streams [tokio-native-tls] (#6)
Related: https://github.com/tokio-rs/tokio/issues/1383
2020-02-28 10:31:17 -05:00
Lucio Franco
7e41beaff4
Rename more tests (#1)
* Rename more tests

* Clean up smoke test

* fmt

* Clean up ci and remove all-features test
2020-02-27 18:32:52 -05:00
quininer
01fdb7ccf4
Update rustls (#5) 2020-02-25 13:14:04 +08:00
quininer
7df8fb5b21
try fix openssl quit (#4) 2020-02-24 14:42:22 -05:00
Lucio Franco
61b1fef344
Merge tokio-rustls (#2)
Merge tokio-rustls
2020-01-14 10:57:24 -05:00
quininer
926dd17892 Update README 2020-01-12 01:06:15 +08:00
quininer
e961616b17 Add 'tokio-rustls/' from commit 'd7862fae8ae6870ad27bd62b7960798825998a62'
git-subtree-dir: tokio-rustls
git-subtree-mainline: 7e31085307
git-subtree-split: d7862fae8a
2020-01-11 12:40:55 +08:00
Lucio Franco
7e31085307 fix cargo command 2020-01-09 18:39:13 -05:00
Lucio Franco
0fb23cb673 Add tokio to the readme 2020-01-09 18:37:48 -05:00
Lucio Franco
43c85779ca Initial commit 2020-01-09 18:36:35 -05:00
quininer
d7862fae8a bump version 2020-01-08 00:34:59 +08:00
quininer
ce16555b13 implement WriteV
close https://github.com/quininer/tokio-rustls/issues/57
2020-01-07 23:57:00 +08:00
quininer
7530e2f739 publish 0.12.1 2019-12-08 16:54:37 +08:00
quininer
368f32ea9f Add Failable{Connect,Accept} 2019-12-08 16:41:47 +08:00
quininer
7f69e889a4 Fix incorrect prepare_uninitialized_buffer 2019-12-08 00:59:15 +08:00
quininer
074fe4a5ac Move TlsState to common 2019-12-08 00:52:55 +08:00
quininer
a9b20c509c Update ci 2019-12-03 01:28:31 +08:00
quininer
02028c54b8 Fix client example 2019-12-02 23:43:49 +08:00
quininer
34b1bc9c83 Update example 2019-11-28 00:11:02 +08:00
quininer
d42540f52f release 0.12.0 2019-11-27 22:23:10 +08:00
Gleb Pomykalov
078f6c0e73 Fix early-data 2019-11-27 17:32:44 +08:00
Gleb Pomykalov
61b2f5b3bc Migrate to tokio 0.2 and futures 0.3 2019-11-27 17:32:44 +08:00
quininer
3146253907 bump 0.12.0-alpha.8 2019-11-08 01:40:00 +08:00
quininer
07c51665da Fix 0-RTT write zero 2019-11-08 01:39:20 +08:00
quininer
8b3bf3a2b6 Remove pin-project
We always constrain T is Unpin, so we don't need pin-project.
2019-11-07 23:46:49 +08:00
quininer
262796af39 Clean TlsState 2019-11-07 22:56:26 +08:00
quininer
fe113dc6b0 bump 0.12.0-alpha.7 2019-11-07 10:58:06 +08:00
quininer
ba909ed95e Fix 0-RTT fallback 2019-11-07 10:57:14 +08:00
quininer
ff3d0a4de3 bump 0.12.0-alpha.6 2019-11-06 21:44:21 +08:00
quininer
872510bd65 Fix 0-RTT flush 2019-11-06 21:43:50 +08:00
Dirkjan Ochtman
3e2c0446a4 Port unified TLS stream type to tokio-0.2 2019-11-06 21:22:45 +08:00
gvallat
7cccd9c3b3 Export rustls dangerous_configuration feature 2019-11-06 21:10:57 +08:00
quininer
03b1f3b454 Add codecov badge 2019-11-02 02:56:16 +08:00
quininer
4b0dd05e86 Move ci to github actions 2019-11-02 02:56:16 +08:00
quininer
9f6d3c74bf release 0.12.0-alpha.5 2019-10-23 19:33:38 +08:00
quininer
086758837f remove unnecessary get_mut() 2019-10-11 23:01:13 +08:00
quininer
10c139df08 test: split bad channel 2019-10-11 23:01:13 +08:00
quininer
9a161beb87 use write_io instead of handshake 2019-10-11 23:01:13 +08:00
quininer
7864945694 ci: try install openssl 2019-10-11 23:01:13 +08:00
quininer
d8235071cd move sleep 2019-10-11 23:01:13 +08:00
quininer
369c13d6a5 add 0-RTT test 2019-10-11 23:01:13 +08:00