Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: update rustls to 0.21.0 and tokio-rustls to 0.24 #606

Merged
merged 8 commits into from
May 8, 2023
Merged

feat: update rustls to 0.21.0 and tokio-rustls to 0.24 #606

merged 8 commits into from
May 8, 2023

Conversation

CGQAQ
Copy link
Contributor

@CGQAQ CGQAQ commented Apr 12, 2023
edited
Loading

With rustls 0.21.0 release see: https://www.memorysafety.org/blog/rustls-new-features/, two new features cames along:

The first big feature is support for TLS certificates containing IP addresses. Rustls can now be used to set up TLS connections addressed by IP rather than a domain name. This is useful for things like Kubernetes pods, which often use IP addresses instead of domain names, and for DNS over HTTPS/TLS which need an IP address for the server to avoid circular dependency on name resolution. TLS certificates for IP addresses have been the most heavily requested feature for quite a while now and it's great to have it completed.

The second big feature is support for RFC8446 C.4 client tracking prevention. This means that passive network observers will no longer be able to correlate connections from ticket reuse.

This PR upgrades both rumqttc and rumqttd's rustls to version 0.21.0

Type of change

Checklist:

  • Formatted with cargo fmt
  • Make an entry to CHANGELOG.md if its relevant of user of the library. If its not relevant mention why.

Blocking:

@CGQAQ CGQAQ marked this pull request as draft April 12, 2023 07:26
@CGQAQ CGQAQ marked this pull request as ready for review April 12, 2023 08:01
@CGQAQ CGQAQ changed the title feat: update tokio-tls to 0.24 feat: update rustls to 0.21.0 and tokio-rustls to 0.24 Apr 12, 2023
@h3nill
Copy link

h3nill commented Apr 20, 2023

I am seeing some errors related to having 2 versions of tokio-rustls creating conflicts (async-tungstenite has a dependency on version 0.23).

You can see the error when you enable websocket feature, for e.g. cargo c --features websocket.

@CGQAQ
Copy link
Contributor Author

CGQAQ commented Apr 26, 2023

I am seeing some errors related to having 2 versions of tokio-rustls creating conflicts (async-tungstenite has a dependency on version 0.23).

You can see the error when you enable websocket feature, for e.g. cargo c --features websocket.

I'll check it out, sorry for late response

@CGQAQ
Copy link
Contributor Author

CGQAQ commented Apr 27, 2023
edited
Loading

BLOCKINGS:

@CGQAQ
Copy link
Contributor Author

CGQAQ commented May 5, 2023

@henil After these two PRs merged, I think it's ready to merge this PR

BLOCKINGS:

@CGQAQ
Copy link
Contributor Author

CGQAQ commented May 8, 2023

@henil please take a look

h3nill
h3nill reviewed May 8, 2023
View reviewed changes
Copy link

@h3nill h3nill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, Thank you @CGQAQ!

@h3nill
Copy link

h3nill commented May 8, 2023
edited
Loading

Actually @CGQAQ can you add back webpki error variants, removing them is a breaking change. We can remove them in future if they are not required. I cannot push it to this branch. ref: d46bc1a

@CGQAQ
Copy link
Contributor Author

CGQAQ commented May 8, 2023

Actually @CGQAQ can you add back webpki error variants, removing them is a breaking change. We can remove them in future if they are not required. I cannot push it to this branch. ref: d46bc1a

@CGQAQ added back

@h3nill h3nill merged commit 568f209 into bytebeamio:main May 8, 2023
3 checks passed
@CGQAQ CGQAQ deleted the patch-1 branch May 22, 2023 01:06
carlocorradini pushed a commit to carlocorradini/rumqtt that referenced this pull request Aug 3, 2023
@CGQAQ
feat: update rustls to 0.21.0 and tokio-rustls to 0.24 (bytebeami…
258525e 
…o#606)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@h3nill h3nill h3nill left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@CGQAQ @h3nill