Comments (2)
Instead it makes users of the API handle both directions with newly created
ReadTraffic
andWriteTraffic
instances on each invocation.
Note that the caller is in control of providing received TLS data to the library. It therefore always has the option of providing an empty slice to obtain a WriteTraffic
(which is the quiescent, state post-handshake with no data pending). This means the caller controls whether to write or read at any given time.
Is there a way to extract a reader–writer pair from the unbuffered API?
Note that a fully independent reader-writer pair continues to be very difficult. That is because reading TLS data can imply writing, so the reader needs to be able to prod the writer.
from rustls.
reading TLS data can imply writing
Thanks for clearing things up @ctz. The setup starts to make more sense now.
The documentation states “A Handshake record is ready for encoding” on ConnectionState::EncodeTlsData
, and “Previously encoded handshake records need to be transmitted” on ConnectionState::TransmitTlsData
. Are you saying that both states may also occur after the handshake, @ctz?
Why not use an error for the occasion, as in unbuffered::ReadError::NeedsWriteFirst(unbuffered::EncodeTlsData)
?
Also, I believe the ConnectionState
separation in EncodeTlsData
and TransmitTlsData
was ment to allow for network fail-over, because of the presence of done()
. In such case there is a need keep state on how many bytes were written, which makes the whole reliance on rustls(3) to resume an extra step rather than it being of any help. That is, if my assumption is correct, then rustls(3) users may be better off with out done()
and the state separation to deal with.
always has the option of providing an empty slice to obtain a WriteTraffic
So we could provide a method to get the WriteTraffic directly then? That alone would fix many of the problems already.
from rustls.
Related Issues (20)
- How I use CryptoProvider::install_default() ? HOT 3
- Illegal instruction on arm-a72 HOT 3
- Add RustCrypto cryptographic backend HOT 5
- Build rustls v0.23.5 with musl HOT 2
- UnbufferedConnectionState HOT 2
- Clean up crate feature naming HOT 2
- build failure due to aws-lc-sys v0.16.0 HOT 4
- `UnknownIssuer` with self-signed certificate HOT 2
- Poll-based encrypt/decrypt/sign API support in asynchronous and synchronous call HOT 8
- Server-side Encrypted Client Hello (ECH) support
- Dependency Dashboard
- X25519 might not be FIPS compliant for use in key exchange HOT 1
- from_subject_spki_name_constraints on rustls 0.23.9 HOT 7
- Reqwest Connection reset by peer, on a Microsoft-IIS/10.0 HOT 6
- Forced inclusion of aws-lc-rs causes linker errors HOT 4
- can anyone show an example on how to use ktls with rustls? HOT 2
- Add support for determining the key exchange for connection HOT 6
- aws-lc-rs ticketer can & should use RFC5077 "recommended ticket construction"
- Partitioning Oracle Attacks against TLS Session Tickets
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rustls.