For me, this was relatively unclear control flow. Replace the
`break len` with direct function calls. Observe that both lengths
are always the handshake state `expected_len`, so that parallel
data flow can be dropped.
Try to make it clear which parts of this file are for the TLS
message protocol, and which are for the TLS handshake protocol.
Correct comments mentioning `buf`, vectors or an output frames
queue (these longer exist.)
This recasts the internal `process_new_packets()` as something
that consumes an iterator of messages. This is the goal of this
larger refactoring.
`deframe_and_process_new_packets()` is a stop-gap.
This makes it possible for our bogo config.json to vary
between providers. That is achieved by -- with my sincere apologies --
applying the C preprocessor.
This goes from being a single set of keys for ECDSA (with a
purposeful mix of curves) to a set of keys per curve.
That means we can avoid P521 chains in tests when it is not supported.
In those tests, reflect this as additional `KeyType` variants.
This commit provides more pointers to our existing examples and
additionally provides guidance about Rusts being low-level. Users that
just want to make an HTTPS request should probably use a crate built on
top of Rustls. Similarly, users in the Tokio ecosystem should look at
tokio-rustls.
This commit adds an example *server* that is roughly contemporary with
the existing "simpleclient".
It is the absolute bare minimum needed to run a server using Rustls
(e.g. it only accepts a single connection before terminating).
You can run the server with:
```
CERTFILE=test-ca/rsa/end.fullchain PRIV_KEY_FILE=test-ca/rsa/end.key cargo run --package rustls-examples --bin simpleserver
```
And connect to it with a client:
```
cargo run --package rustls-examples --bin tlsclient-mio -- --port 4443 --cafile test-ca/rsa/ca.cert localhost --http
```
This file is meant as an entry point for users and contributors who are
interested in benchmarking rustls. It is linked from the readme so
people can find it easily.
Closes#1478 and #1685
This sticks the error from `process_tls_records()` inside
`UnbufferedStatus`. That means the `discard` field is still
available, but continues to require handling the error to learn
the `state` field's underlying value.
TODO: the example code is made to unwrap errors in this PR.
They need reorganising so the discard processing happens before
error handling.