feat(interop): add s2n-tls interop test client and server #4547
Conversation
This initial commit defines generally useful traits and the starting s2n-tls client and server implementations.
- add copyright annotations to all files
| /// | ||
| /// It will the return the [InteropTest] that is being run, as well as the expected | ||
| /// port for the server to run on. | ||
| pub fn parse_server_arguments() -> (InteropTest, u16) { |
There was a problem hiding this comment.
The quic interop uses the library structopt for this, might be good to use here as well so we don't have to rewrite parsing code.
There was a problem hiding this comment.
Hmm, I'm a little wary of doing that, because while rust makes it super easy to have elegant argument parsing, that is not the case for other languages (Go, Java) so we'd have to implement our own argument parsing in those languages. That argument parsing is likely just going to be test = argv[2] and port = argv[4], at which point there didn't seem to be much advantage in specifying additional arguments.
| } | ||
| } | ||
| } | ||
| InteropTest::LargeDataDownloadWithFrequentKeyUpdates => { |
There was a problem hiding this comment.
Trying to think through how this would work with resumption. Where would that logic live 🤔? This test only allows for a single connection currently.
There was a problem hiding this comment.
I think you'd end up essentially special-casing the logic for the client. If the test is InteropTest::Resumption then you would call the handle_session_resumption method twice. The implementation would be responsible for
- storing the session ticket from the first connection
- setting the session ticket on the second connection.
The config for session resumption would set the SessionTicketCallback and the ConnectionInitializer.
- use existing test certs
| let (test, port) = common::parse_server_arguments(); | ||
| let config = match <S2NShim as ClientTLS<TcpStream>>::get_client_config(test)? { | ||
| Some(c) => c, | ||
| None => exit(127), |
There was a problem hiding this comment.
needs to be the constant
|
The team wants some additional documentation/research before committing to any specific interop path, so closing this pull request. |
This initial commit defines generally useful traits and the initial s2n-tls client and server implementations.
Description of changes:
Two crates are added
common
this holds "interop" information that is independent of any tls implementation. This crate will eventually be where the actual interop runner lives.
tls-shim
a number of implementations (boringssl, s2n-tls, openssl, rustls) provide APIs to integrate with the tokio ecosystem, which results in generally similar API shapes. This crate defines interop client and server functionality generically over those API shapes, which allows code to be shared between implementations.
For this PR, only the s2n-tls client and server implementations are added.
Additionally, this crate contains an integration test which uses turmoil to simulate the actual interop test. This allows a fast feedback loop since separate processes don't have to be launched.
Testing:
This is currently just building on my local machine, but I plan on adding CI one the two remaining rust implementations (rustls and openssl) are merged in.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.