Comments (8)
Happy new year folks! :)
Is there anything we can do to push this forward? Is @AdrianCX's PR suitable? Would it be possible to separate the generic context element of the PR into another, if other parts of the PR are blocking?
I also see that there is another request for this in #178, seems this is also needed for use with the ureq library.
from rust-mbedtls.
One problem will be, native-tls
assumes that PKCS12 is used as the container for keys and certs. In fact it supports no other method of configuration (there is no way to say pass say a certificate chain + a PKCS8 private key). Mbedtls doesn't support PKCS12 at all.
Last year I worked on a project that used mbedtls that needed PKCS12, I hacked up something that happened to be able to generate valid PKCS12 files + parse them but it was fragile and (with mbedtls's quite primitive ASN1 library) very verbose, it was easily 1K lines of C.
If PKCS12 support proves required (as I think it would be for native-tls
) it would be easier and safer to implement a PKCS12 library in Rust in a new crate, using yasna
for ASN1 and mbedtls
crate for the crypto ops.
from rust-mbedtls.
rust-native-tls
requires that the stream types implement both Sync
and Send
. Already (with threading support enabled), mbedtls::Context
is Send
, but not Sync
. This appears to be correct, in that the underlying ssl_context
does not take a lock. I suppose the fix is, within rust-native-tls
, add a mutex which serializes access to the ssl_context
and then implement Sync
for that wrapper type.
This assumes it is safe to invoke a shared ssl_context
from multiple threads in a serialized way. Which it should be unless they are doing something weird, like using thread IDs for something, but as with the un-movable AES context sometimes mbedtls is kind of odd. So I'll review the code to make sure there are nothing like that.
from rust-mbedtls.
I'm clearly misunderstanding what rust-native-tls
expects wrt Sync
, rust-openssl
defines the wrapper around SSL
as Sync
with no external lock, but OpenSSL's SSL
is very much not safe to access concurrently from multiple threads.
from rust-mbedtls.
Things missing that native-tls expects
- Being able to distinguish server vs client endpoints. The getters in
Config
are commented out with "need bitfield support". This is needed to implementtls_server_end_point
which returns a hash of the server certificate. This is used for channel binding. - Explicit shutdown API. Right now, it happens as a result of the
Context
beingDrop
ed.
Things that are missing but I think I can work around:
- Ability to
Clone
aConfig
andContext
, becauseTlsConnector
andTlsAcceptor
are alsoClone
. - No lifetimes. native-tls clearly expects reference counting, as is done eg in OpenSSL, because its
TlsStream
does not have a lifetime binding it to the life of theTlsConnector
/TlsAcceptor
. Since adding lifetimes to the publicnative-tls
API would break downstream applications, that is presumably a no-go as far as upstream is concerned.
I think I will refactor my code so that the TlsConnector
and TlsAcceptor
basically do nothing and just cache the same data that was provided by the TlsConnectorBuilder
/TlsAcceptorBuilder
, then all state (eg our Config
/Context
) is created in connect
and accept
and owned by the TlsStream
. That prevents lifetime issues and allows clone to work on the TlsConnector
/TlsAcceptor
.
Also an issue:
- Very likely for upstream acceptance: some way to use
rust-mbedtls
in a way that isn't a total cluster#### ofunsafe
and raw pointers. #4
from rust-mbedtls.
I'm currently taking another stab at this, as we want to use mbedtls for our os (espidf). With the changes made since the first attempt you folks made, its been relatively clean to implement. The final hurdle are the quite strict trait bounds on Context
's accept
& establish
methods.
As far as I understand it, these trait bounds are required because unlike the openssl crate, Context
is always Send + Sync
, even if the stream (io
) is not. This is due to the indirection of Box
'ing the stream as dyn Any
, essentially decoupling the stream from the Context
.
I assume it was done this way for a reason, but I don't know enough about the internals of mbedtls to understand why, hopefully you can help me out here. Would it be possible to drop the indirection and move the stream into the Context
with a generic type parameter?
from rust-mbedtls.
@xinyufort FYI
from rust-mbedtls.
note: making Context generic is also covered via pr: #163
from rust-mbedtls.
Related Issues (20)
- Profile changes on `mbedtls_x509_crt_profile_default` HOT 1
- [mbedtls3] `mbedlts` would breaks the record size limit when sending big record HOT 2
- Add support to pass salt length for RSASSA_PSS
- Avoid tests depending on external services
- Tracking outage of Travis CI HOT 2
- `gcm_context` size mismatch for target `i686-linux-android` HOT 6
- [mbedtls3] TLS 1.3 connection is unstable and sometime break in multi-thread env
- Build failed in ```no_std``` environment.
- Link error with v0.11.0 rust-lld: error: undefined symbol: mbedtls_pk_ec__extern mbedtls_cipher_get_cipher_mode__extern HOT 2
- Unable to build for ESP-IDF target HOT 3
- `mbedtls::x509::certificate::Certificate::verify()` segfaults when passing in an empty certificate chain to verify
- Don't use `alloca()` or variable-sized arrays in `rust_printf.c`
- Certificate from_pem_multiple error HOT 1
- [IMPORTANT] Crate status change
- A security vulnerability has been detected in spin v0.4.* used in v0.9.3 HOT 1
- Features that need to be ported to 2.28.X mbedtls (current master) HOT 2
- Encountered test failures when randomizing tests HOT 1
- Check to set `CMAKE_TRY_COMPILE_TARGET_TYPE` too restrictive HOT 1
- Fix and Setup daily CI for keeping track of nightly compiler changes
- Update depdencies (and address vulnerabilities in them)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-mbedtls.