Use rustls for interop tests
#125
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Evidently that is not actually the case, guess I had stale binaries or something. |
jen20
force-pushed
the
jen20/interop-rustls
branch
from
82a57af
to
8d06f39
Compare
This commit changes the interop tests to use rustls instead of openssl. Apparently in the past there was some issue with this, but it seems to work OK to me.
This commit switches out the certificates used for testing interop to be based on 4096-bit RSA keys, allowing rustls to be used for the interop testing instead of OpenSSL. The keys are generated using Terraform, although the state file is not committed. A README.md is added to the data directory that explains how to use Terraform to rotate the test certificates if this is ever desirable. This is desirable in order that none of the crates which `cargo build --all` will build have the `openssl` feature, which should allow Tonic to build on Windows with no issues.
jen20
force-pushed
the
jen20/interop-rustls
branch
from
8d06f39
to
9ed2bc7
Compare
|
The reason for switching out the certificates here is that the upstream repo (from which the current set of certs originated) has 1024-bit keys, which |
LucioFranco
approved these changes
Nov 9, 2019
rabbitinspace
pushed a commit
to satelit-project/tonic
that referenced
this pull request
Jan 1, 2020
* Use rustls for interop tests This commit changes the interop tests to use rustls instead of openssl. Apparently in the past there was some issue with this, but it seems to work OK to me. * Use certificates with larger key sizes for interop This commit switches out the certificates used for testing interop to be based on 4096-bit RSA keys, allowing rustls to be used for the interop testing instead of OpenSSL. The keys are generated using Terraform, although the state file is not committed. A README.md is added to the data directory that explains how to use Terraform to rotate the test certificates if this is ever desirable. This is desirable in order that none of the crates which `cargo build --all` will build have the `openssl` feature, which should allow Tonic to build on Windows with no issues.
brentalanmiller
pushed a commit
to brentalanmiller/tonic
that referenced
this pull request
Oct 6, 2023
brentalanmiller
pushed a commit
to brentalanmiller/tonic
that referenced
this pull request
Oct 6, 2023
# 0.3.1 (February 4th, 2023) ### Additions - Add Vendored Feature ([hyperium#125]) - Implement AsRawFd for both tokio-rustls and tokio-native-tls TlsStream\<S\> ([hyperium#74]) ### Internal - Fix warning about renamed lint ([hyperium#93]) - fix a handful of lints, one of which was breaking the build ([hyperium#65]) [hyperium#65]: tokio-rs/tls#65 [hyperium#74]: tokio-rs/tls#74 [hyperium#93]: tokio-rs/tls#93 [hyperium#125]: tokio-rs/tls#125
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit changes the interop tests to use rustls instead of openssl. Apparently in the past there was some issue with this, but it seems to work OK (locally) to me.