Lib.rs

Web programmingHTTP serverTrillium
#trillium #async #framework

trillium-rustls

rustls adapter for trillium.rs

by Jacob Rothstein and 6 contributors

11 releases (7 breaking)

0.8.1 Jun 29, 2024
0.7.0 Apr 4, 2024
0.6.0 Jan 24, 2024
0.4.0 Apr 27, 2023
0.1.0 Jun 7, 2021

#1330 in HTTP server

Download history 431/week @ 2024-08-02 449/week @ 2024-08-09 317/week @ 2024-08-16 251/week @ 2024-08-23 325/week @ 2024-08-30 472/week @ 2024-09-06 235/week @ 2024-09-13 247/week @ 2024-09-20 235/week @ 2024-09-27 247/week @ 2024-10-04 250/week @ 2024-10-11 302/week @ 2024-10-18 391/week @ 2024-10-25 333/week @ 2024-11-01 391/week @ 2024-11-08 429/week @ 2024-11-15

1,553 downloads per month
Used in 8 crates (7 directly)

MIT/Apache

78KB
1.5K SLoC

Welcome to Trillium!

📖 Guide 📖

The guide provides an architectural overview and lay of the land connecting the trillium crates.

📑 Rustdocs 📑

The rustdocs represent the best way to learn about any of trillium's individual crates and the specific interfaces.



Legal:

Licensed under either of

at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

lib.rs:

This crate provides rustls trait implementations for trillium client (RustlsConnector) and server (RustlsAcceptor).

Cargo Features

This crate's default features should be appropriate for most users. To pare down on dependencies or customize trillium-rustls' usage of rustls, opt out of default features and reenable the appropriate features for your use case.

server and client features

This crate offers a server feature and a client feature. Opting out of default features allows you to avoid building any dependencies for the unused other component. By default, both server and client features are enabled.

Cryptographic backend selection

Rustls supports pluggable cryptographic backends as well as a process-default cryptographic cryptographic backend. There are two built-in feature-enabled cryptographic backends and other community provided cryptographic backends.

⚠️ There are three cryptographic backend cargo features, and they behave differently than the rustls features. Please read the following section.⚠️

trillium-rustls tries to avoid runtime panics where possible, so compiling this crate without a valid cryptographic backend will result in a compile time error. To opt into rustls's default process-default behavior, enable custom-crypto-provider as described below. Enabling multiple crypto providers will select exactly one of them at compile time in the following order:

aws-lc-rs

This is the default cryptographic backend in concordance with rustls' default. This backend will be selected if the feature is enabled. If either of the other two cryptographic backends are selected, trillium-rustls will log an error but use aws-lc-rs.

ring

If this feature is enabled, this backend will be selected even if custom-crypto-provider is also enabled.

custom-crypto-provider

In order to use a crypto provider other than the above two options, enable the custom-crypto-provider feature and either configure a trillium_rustls::rustls::ClientConfig or trillium_rustls::rustls::ServerConfig yourself to convert the equivalent trillium-rustls type, or install a custom process-default crypto provider with trillium_rustls::rustls::crypto::CryptoProvider::install_default prior to executing trillium-rustls code.

Client verifier

This crate offers a platform-verifier feature for client usage that builds a ClientConfig with the selected cryptographic backend and uses rustls-platform-verifier. This feature is enabled by default. If you disable the feature, webpki_roots will be used.

Dependencies

~15–38MB
~880K SLoC