Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(771): Adding mTLS support in QUIC #899

Merged
merged 6 commits into from
Apr 24, 2024
Merged

fix(771): Adding mTLS support in QUIC #899

merged 6 commits into from
Apr 24, 2024

Conversation

gabrik
Copy link
Contributor

@gabrik gabrik commented Apr 4, 2024

This PR contains

  • Some refactoring for shared method between TLS and QUIC transport
  • mTLS support for QUIC
  • tests

Closes #771

@eclipse-zenoh-bot
Copy link
Contributor

@gabrik If this pull request contains a bugfix or a new feature, then please consider using Closes #ISSUE-NUMBER syntax to link it to an issue.

1 similar comment
@eclipse-zenoh-bot
Copy link
Contributor

@gabrik If this pull request contains a bugfix or a new feature, then please consider using Closes #ISSUE-NUMBER syntax to link it to an issue.

@gabrik
Copy link
Contributor Author

gabrik commented Apr 4, 2024

This is may be blocked by: quinn-rs/quinn#1737

@Mallets Mallets changed the base branch from main_old to main April 11, 2024 08:49
gabrik added 2 commits April 24, 2024 08:29
Signed-off-by: gabrik <gabriele.baldoni@gmail.com>
Signed-off-by: gabrik <gabriele.baldoni@gmail.com>
@gabrik gabrik force-pushed the fix/771-quic-mtls branch from 0a72149 to 6682595 Compare April 24, 2024 06:31
…plicated code

Signed-off-by: gabrik <gabriele.baldoni@gmail.com>
@gabrik
Copy link
Contributor Author

gabrik commented Apr 24, 2024

@Mallets you can have a first look, I need to add the tests.
There is "duplicated" code between TLS and QUIC transports as two different version of rustls are being used, this "duplicated" code is the one in utils.rs of both crates.

… workaround the default CryptoProvider panic

Signed-off-by: gabrik <gabriele.baldoni@gmail.com>
@gabrik gabrik marked this pull request as ready for review April 24, 2024 09:40
@gabrik gabrik requested a review from Mallets April 24, 2024 09:40
@gabrik
Copy link
Contributor Author

gabrik commented Apr 24, 2024

I was using rustls 0.23 that introduced this: CryptoProvider that must be initialized early in any process using TLS, thus tests where failing.

I did a rollback to 0.22 (the same version used in main) to make the test pass and check if the logic is correct.

Cargo.toml Outdated Show resolved Hide resolved
Cargo.toml Outdated Show resolved Hide resolved
Signed-off-by: gabrik <gabriele.baldoni@gmail.com>
use secrecy::ExposeSecret;
use std::net::SocketAddr;
use zenoh_config::Config;

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

@Mallets Mallets merged commit 9a9832a into main Apr 24, 2024
21 checks passed
@Mallets Mallets deleted the fix/771-quic-mtls branch April 24, 2024 14:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Mutual authentication (mTLS) does not work with quic transport
3 participants