Expose client-supplied server name #596
Conversation
| self.0.lock().unwrap().inner.protocol().map(|x| x.into()) | ||
| } | ||
|
|
||
| /// The server name specified by the client |
There was a problem hiding this comment.
Should we replace these methods with a crypto_session() accessor at the quinn layer, as well? I feel like abstracting over this isn't working out so well for us.
There was a problem hiding this comment.
That's appealing, but because quinn::Connection is Send + Clone, access to the interior of a proto::Connection must always involve a lock, so we can't expose a reference directly, and returning a lock guard is both a bit weird and a substantial footgun as it would block other operations on the connection.
We could do with_session<T>(&self, f: impl FnOnce(&S) -> T) -> T but that's also pretty weird. Conversely, even a hypothetical cryptographic protocol that doesn't support ALPN and/or SNI can harmlessly return None for them, so this approach seems the most practical. I'm open to other ideas, though.
We could still get rid of the accessors on proto::Connection, including in the crypto traits, and rely on the already-hardcoded dependency on TLS in the high level API, but we'd need to expose more of proto::crypto::rustls for that to be viable, as get_sni_hostname is defined only on rustls::ServerSession, not rustls::Session, and references to the former cannot currently be constructed externally.
There was a problem hiding this comment.
Ah, fair point. Not sure all that is more appealing than what we've got today...
Fixes #595.