-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Introducing the Boring crypto provider.
Also adding examples and basic documentation.
- Loading branch information
Showing
28 changed files
with
5,689 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,33 @@ | ||
# TODO | ||
[![codecov](https://codecov.io/gh/quinn-rs/quinn/branch/main/graph/badge.svg)](https://codecov.io/gh/quinn-rs/quinn-boring) | ||
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE-MIT) | ||
[![License: Apache 2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](LICENSE-APACHE) | ||
|
||
A crypto provider for [quinn](https://github.com/quinn-rs/quinn) based on [BoringSSL](https://github.com/google/boringssl). | ||
|
||
## Getting Started | ||
|
||
The [examples](examples) directory provides example client and server applications, which can be run as follows: | ||
|
||
```sh | ||
$ cargo run --example server ./ | ||
$ cargo run --example client https://localhost:4433/Cargo.toml | ||
``` | ||
|
||
This launches an HTTP 0.9 server on the loopback address serving the current | ||
working directory, with the client fetching `./Cargo.toml`. By default, the | ||
server generates a self-signed certificate and stores it to disk, where the | ||
client will automatically find and trust it. | ||
|
||
## Testing | ||
|
||
This repository relies on the [quinn_proto integration tests](https://github.com/quinn-rs/quinn/tree/main/quinn-proto/src/tests), | ||
which can be made to run with the BoringSSL provider. | ||
|
||
## FIPS | ||
|
||
The BoringSSL provider is based on the Cloudflare [Boring library](https://github.com/cloudflare/boring), which | ||
supports building against a FIPS-validated version of BoringSSL. | ||
|
||
## Authors | ||
|
||
* [Nathan Mittler](https://github.com/nmittler) - *Project owner* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
[licenses] | ||
allow-osi-fsf-free = "either" | ||
copyleft = "warn" | ||
exceptions = [{ allow = ["ISC", "MIT", "OpenSSL"], name = "ring" }] | ||
private = { ignore = true } | ||
|
||
[[licenses.clarify]] | ||
name = "ring" | ||
expression = "ISC AND MIT AND OpenSSL" | ||
license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
## HTTP/0.9 File Serving Example | ||
|
||
The examples in this directory were copied from [quinn](https://github.com/quinn-rs/quinn/tree/main/quinn/examples) | ||
and modified to use BoringSSL. | ||
|
||
The `server` and `client` examples demonstrate fetching files using a HTTP-like toy protocol. | ||
|
||
1. Server (`server.rs`) | ||
|
||
The server listens for any client requesting a file. | ||
If the file path is valid and allowed, it returns the contents. | ||
|
||
Open up a terminal and execute: | ||
|
||
```text | ||
$ cargo run --example server ./ | ||
``` | ||
|
||
2. Client (`client.rs`) | ||
|
||
The client requests a file and prints it to the console. | ||
If the file is on the server, it will receive the response. | ||
|
||
In a new terminal execute: | ||
|
||
```test | ||
$ cargo run --example client https://localhost:4433/Cargo.toml | ||
``` | ||
|
||
where `Cargo.toml` is any file in the directory passed to the server. | ||
|
||
**Result:** | ||
|
||
The output will be the contents of this README. | ||
|
||
**Troubleshooting:** | ||
|
||
If the client times out with no activity on the server, try forcing the server to run on IPv4 by | ||
running it with `cargo run --example server -- ./ --listen 127.0.0.1:4433`. The server listens on | ||
IPv6 by default, `localhost` tends to resolve to IPv4, and support for accepting IPv4 packets on | ||
IPv6 sockets varies between platforms. | ||
|
||
If the client prints `failed to process request: failed reading file`, the request was processed | ||
successfully but the path segment of the URL did not correspond to a file in the directory being | ||
served. |
Oops, something went wrong.