Comments (4)
Thanks for the report. Yes, the current API treats a half-close as a full-close. I think we should add additional ConnectionState
s so the server in your example can finish its connection with:
ReadTraffic
reads the client's close_notifyPeerClosed
informs the application that no further data will be forthcoming from peerWriteTraffic
for additional server-sent traffic, followed byqueue_close_notify
EncodeTlsData
for outputting that dataTransmitTlsData
for confirming the data was sentClosed
nothing further can happen with this connection
(This arrangement retains Closed
as a terminal, full-close state.)
from rustls.
Thanks for the quick response. There is no rush from my point of view as I also have it working with the buffered interface, and I can continue to use that. So if it's a breaking change for 0.24 that's not a problem. The API changes you suggested sound fine, but I'll code against whatever you come up with. If you want me to test against a pre-release version of Rustls I can do that.
Also it would be helpful to have some guidance about buffer-sizing requirements, either in the docs or as API calls. For example I'm allowing 18KiB for EncodeTlsData
because that appears to be the maximum required by protocol, but typically it will be much less. I can add another issue for this if you wish.
from rustls.
Will this need semver-incompatible changes? If so, it might take us a while to get this released.
from rustls.
The ConnectionState
enum is non_exhaustive
so adding new states there isn't semver breaking in itself. I think it would be more a question of how the semantics of the overall API are updated and whether it affects existing usages.
from rustls.
Related Issues (20)
- Suggest registering for OpenSSF Best Practices badge HOT 7
- Pass ClientHello by reference to ResolvesServerCert HOT 2
- GHSA-6g7w-8wpp-frhj and CVE-2024-32650 don't make it clear that async rustls servers aren't susceptible HOT 2
- AWS LC fails against golang TLS server while ring works fine HOT 6
- Rustls w/ aws-lc-rs on Windows requires NASM HOT 31
- Making impl ClientHelloPayload public ? HOT 21
- Question. Does rustls have something to hide cert (as it is sensitive data ) in binary and memory HOT 3
- Verify that SigningKey matches public key within certificate HOT 6
- Ensuring that a provider based on the one built-in is used HOT 8
- Compile error when target is watchos HOT 2
- Expose ability to customize ClientHello message HOT 4
- How I use CryptoProvider::install_default() ? HOT 3
- Illegal instruction on arm-a72 HOT 3
- Add RustCrypto cryptographic backend HOT 5
- Build rustls v0.23.5 with musl HOT 2
- UnbufferedConnectionState HOT 2
- Unbuffered process_tls_records does not mach usage scenario HOT 2
- Clean up crate feature naming
- build failure due to aws-lc-sys v0.16.0 HOT 1
- `UnknownIssuer` with self-signed certificate HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rustls.