Merge branch 'Main' into traits

hyperium · May 31, 2024 · 4768575 · 4768575
2 parents bd44fcf + 34bf403
commit 4768575
Show file tree

Hide file tree

Showing 59 changed files with 4,748 additions and 1,635 deletions.
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -8,10 +8,11 @@ on:
 env:
   RUST_BACKTRACE: 1
   toolchain_style: stable
-  toolchain_msrv: 1.57
-  toolchain_doc: nightly-2022-12-01
+  toolchain_msrv: 1.63
+  toolchain_h3_quinn_msrv: 1.66
+  toolchain_doc: nightly-2023-10-21
   toolchain_lint: stable
-  toolchain_fuzz: nightly-2022-12-01
+  toolchain_fuzz: nightly-2023-10-21
 
 jobs:
   ci-pass:
@@ -21,6 +22,7 @@ jobs:
       - style
       - lint
       - msrv
+      - msrv_h3_quinn
       - test
       - doc
       - fuzz
@@ -77,11 +79,30 @@ jobs:
           toolchain: ${{ env.toolchain_msrv }}
           override: true
       - uses: Swatinem/rust-cache@v2
-      - name: cargo check --workspace
+      - name: cargo check -p h3
         uses: actions-rs/cargo@v1
         with:
           command: check
-          args: --workspace
+          args: -p h3
+
+  msrv_h3_quinn:
+    name: Check MSRV of `h3-quinn`
+    needs: [style]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install Rust ${{ env.toolchain_h3_quinn_msrv }}
+        uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: ${{ env.toolchain_h3_quinn_msrv }}
+          override: true
+      - uses: Swatinem/rust-cache@v2
+      - name: cargo check -p h3-quinn
+        uses: actions-rs/cargo@v1
+        with:
+          command: check
+          args: -p h3-quinn
 
   test:
     name: Test ${{ matrix.toolchain }} ${{ matrix.os }}
@@ -118,7 +139,7 @@ jobs:
         uses: actions-rs/toolchain@v1
         with:
           profile: minimal
-          toolchain:  ${{ env.toolchain_doc }}
+          toolchain: ${{ env.toolchain_doc }}
           override: true
       - uses: Swatinem/rust-cache@v2
       - name: cargo rustdoc -p h3 -- -D intra-doc-link-resolution-failure

diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,9 @@ target/
 # macOS
 .DS_Store
 ._*
+
+# Example Certificates
+localhost-key.pem
+localhost.crt
+localhost.key
+localhost.pem
diff --git a/Cargo.toml b/Cargo.toml
@@ -2,7 +2,9 @@
 members = [
     "h3",
     "h3-quinn",
+    "h3-webtransport",
 
     # Internal
     "examples",
 ]
+resolver = "2"
diff --git a/changelog-h3-quinn.md b/changelog-h3-quinn.md
@@ -1,3 +1,27 @@
+### v0.0.6 (2024-05-20)
+* use quinn 0.11
+
+### v0.0.5 (2024-01-24)
+
+* Update to `http` v1.
+
+### v0.0.4 (2023-10-23)
+
+* Fix `cargo doc` warning ([3ef7c1a](https://github.com/hyperium/h3/commit/3ef7c1a37b635e8446322d8f8d3a68580a208ad8))
+* Initial WebTransport support ([22da938](https://github.com/hyperium/h3/commit/22da9387f19d724852b3bf1dfd7e66f0fd45cb81))
+
+
+### v0.0.3 (2023-05-16)
+
+* Update dependencies (quinn 0.10 and rustls 0.21) ([fabf614](https://github.com/hyperium/h3/commit/fabf6149c9ee57d7803ea5fb4426f895cbb5d244))
+
+### v0.0.2 (2023-04-11)
+
+#### Bug Fixes
+
+* support quinn 0.9 ([49301f1](https://github.com/hyperium/h3/commit/49301f18e15d3acffc2a8d8bea1a8038c5f3fe6d))
+
+
 ### v0.0.1 (2023-03-09)
 
-initial release
+initial release
diff --git a/changelog-h3.md b/changelog-h3.md
@@ -1,3 +1,33 @@
+### v0.0.5 (2024-05-20)
+* add `poll_recv_data()` for server
+* use 2021 edition
+* some cleanups
+
+### v0.0.4 (2024-01-24)
+
+* Update to `http` v1.0
+* Fix `try_recv` potentially hanging
+* Fix prefixed integers on 32bit targets
+
+### v0.0.3 (2023-10-23)
+
+* Split out a `Settings` struct from `Config` ([a57ed22](https://github.com/hyperium/h3/commit/a57ed224ac5d17a635eb71eb6f83c1196f581a51))
+* Add a test-only send_settings config option ([3991dca](https://github.com/hyperium/h3/commit/3991dcaf3801595e49d0bb7fb1649b4cf50292b7))
+* Expose setting to disable grease ([dccb3cd](https://github.com/hyperium/h3/commit/dccb3cdae9d5a9d720fae5f774b53f0bd8a16019))
+* bugfix: Actually encode extensions in header ([a38b194](https://github.com/hyperium/h3/commit/a38b194a2f00dc0b2b60564c299093204d349d7e))
+* Initial support for RFC 9298 "Proxying UDP in HTTP" ([5a87580](https://github.com/hyperium/h3/commit/5a87580bd060b6a7d4dc625e990526d6998fda5c))
+* Bump H3_DATAGRAM setting ID according to RFC9297 ([58c8e5c](https://github.com/hyperium/h3/commit/58c8e5cecb2b0c367d738989fe9c505936bc5ff3))
+* Fix `cargo doc` warning ([3ef7c1a](https://github.com/hyperium/h3/commit/3ef7c1a37b635e8446322d8f8d3a68580a208ad8))
+* Initial WebTransport support (in h3 is just some necessary code to support a WebTransport crate which contains most of the WebTransport implementation) ([22da938](https://github.com/hyperium/h3/commit/22da9387f19d724852b3bf1dfd7e66f0fd45cb81))
+
+
+### v0.0.2 (2023-04-11)
+
+#### Bug Fixes
+
+* distinguish push and stream ids ([da29aea](https://github.com/hyperium/h3/commit/da29aea305d61146664189346b3718458cb9f4d6))
+
+
 ### v0.0.1 (2023-03-09)
 
-initial release
+initial release
diff --git a/ci/compliance/specs/rfc9114/todo/4.2.toml b/ci/compliance/specs/rfc9114/todo/4.2.toml
@@ -1,12 +1,5 @@
 target = "https://www.rfc-editor.org/rfc/rfc9114#section-4.2"
 
-[[TODO]]
-quote = '''
-A request or
-response containing uppercase characters in field names MUST be
-treated as malformed.
-'''
-
 [[TODO]]
 quote = '''
 An endpoint MUST NOT generate

diff --git a/examples/Cargo.toml b/examples/Cargo.toml
@@ -2,24 +2,42 @@
 name = "examples"
 version = "0.0.0"
 publish = false
-edition = "2018"
+edition = "2021"
 
 # If you copy one of the examples into a new project, you should be using
 # [dependencies] instead.
 [dev-dependencies]
+anyhow = "1.0"
 bytes = "1"
 futures = "0.3"
 h3 = { path = "../h3" }
 h3-quinn = { path = "../h3-quinn" }
-http = "0.2"
-quinn = { version = "0.8", default-features = false, features = ["tls-rustls", "ring"] }
-rcgen = { version = "0.9" }
-rustls = { version = "0.20", features = ["dangerous_configuration"] }
-rustls-native-certs = "0.6"
+h3-webtransport = { path = "../h3-webtransport" }
+http = "1"
+quinn = { version = "0.11", default-features = false, features = [
+    "runtime-tokio",
+    "rustls",
+    "ring",
+] }
+rcgen = { version = "0.13" }
+rustls = { version = "0.23", default-features = false, features = ["logging", "ring", "std"] }
+rustls-native-certs = "0.7"
 structopt = "0.3"
-tokio = { version = "1.6", features = ["full"] }
-tracing = "0.1.10"
-tracing-subscriber = { version = "0.3", default-features = false, features = ["fmt", "ansi", "env-filter", "time", "tracing-log"] }
+tokio = { version = "1.27", features = ["full"] }
+tracing = "0.1.37"
+tracing-subscriber = { version = "0.3", default-features = false, features = [
+    "fmt",
+    "ansi",
+    "env-filter",
+    "time",
+    "tracing-log",
+] }
+octets = "0.3.0"
+
+tracing-tree = { version = "0.3" }
+
+[features]
+tree = []
 
 [[example]]
 name = "client"
@@ -28,3 +46,7 @@ path = "client.rs"
 [[example]]
 name = "server"
 path = "server.rs"
+
+[[example]]
+name = "webtransport_server"
+path = "webtransport_server.rs"
diff --git a/examples/client.rs b/examples/client.rs
@@ -1,6 +1,7 @@
 use std::{path::PathBuf, sync::Arc};
 
 use futures::future;
+use rustls::pki_types::CertificateDer;
 use structopt::StructOpt;
 use tokio::io::AsyncWriteExt;
 use tracing::{error, info};
@@ -64,7 +65,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
     match rustls_native_certs::load_native_certs() {
         Ok(certs) => {
             for cert in certs {
-                if let Err(e) = roots.add(&rustls::Certificate(cert.0)) {
+                if let Err(e) = roots.add(cert) {
                     error!("failed to parse trust anchor: {}", e);
                 }
             }
@@ -76,14 +77,11 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
 
     // load certificate of CA who issues the server certificate
     // NOTE that this should be used for dev only
-    if let Err(e) = roots.add(&rustls::Certificate(std::fs::read(opt.ca)?)) {
+    if let Err(e) = roots.add(CertificateDer::from(std::fs::read(opt.ca)?)) {
         error!("failed to parse trust anchor: {}", e);
     }
 
     let mut tls_config = rustls::ClientConfig::builder()
-        .with_safe_default_cipher_suites()
-        .with_safe_default_kx_groups()
-        .with_protocol_versions(&[&rustls::version::TLS13])?
         .with_root_certificates(roots)
         .with_no_client_auth();
 
@@ -99,7 +97,9 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
 
     let mut client_endpoint = h3_quinn::quinn::Endpoint::client("[::]:0".parse().unwrap())?;
 
-    let client_config = quinn::ClientConfig::new(Arc::new(tls_config));
+    let client_config = quinn::ClientConfig::new(Arc::new(
+        quinn::crypto::rustls::QuicClientConfig::try_from(tls_config)?,
+    ));
     client_endpoint.set_default_client_config(client_config);
 
     let conn = client_endpoint.connect(addr, auth.host())?.await?;

diff --git a/examples/launch_chrome.sh b/examples/launch_chrome.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+SPKI=`openssl x509 -inform der -in localhost.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64`
+
+echo "Got cert key $SPKI"
+
+echo "Opening google chrome"
+
+case `uname` in
+    (*Linux*)  google-chrome --origin-to-force-quic-on=127.0.0.1:4433 --ignore-certificate-errors-spki-list=$SPKI --enable-logging --v=1 ;;
+    (*Darwin*)  open -a "Google Chrome" --args --origin-to-force-quic-on=127.0.0.1:4433 --ignore-certificate-errors-spki-list=$SPKI --enable-logging --v=1 ;;
+esac
+
+## Logs are stored to ~/Library/Application Support/Google/Chrome/chrome_debug.log
diff --git a/examples/server.rs b/examples/server.rs
@@ -1,15 +1,14 @@
 use std::{net::SocketAddr, path::PathBuf, sync::Arc};
 
 use bytes::{Bytes, BytesMut};
-use futures::StreamExt;
 use http::{Request, StatusCode};
-use rustls::{Certificate, PrivateKey};
+use rustls::pki_types::{CertificateDer, PrivateKeyDer};
 use structopt::StructOpt;
 use tokio::{fs::File, io::AsyncReadExt};
 use tracing::{error, info, trace_span};
 
 use h3::{error::ErrorLevel, quic::BidiStream, server::RequestStream};
-use h3_quinn::quinn;
+use h3_quinn::quinn::{self, crypto::rustls::QuicServerConfig};
 
 #[derive(StructOpt, Debug)]
 #[structopt(name = "server")]
@@ -85,28 +84,25 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
     // create quinn server endpoint and bind UDP socket
 
     // both cert and key must be DER-encoded
-    let cert = Certificate(std::fs::read(cert)?);
-    let key = PrivateKey(std::fs::read(key)?);
+    let cert = CertificateDer::from(std::fs::read(cert)?);
+    let key = PrivateKeyDer::try_from(std::fs::read(key)?)?;
 
     let mut tls_config = rustls::ServerConfig::builder()
-        .with_safe_default_cipher_suites()
-        .with_safe_default_kx_groups()
-        .with_protocol_versions(&[&rustls::version::TLS13])
-        .unwrap()
         .with_no_client_auth()
         .with_single_cert(vec![cert], key)?;
 
     tls_config.max_early_data_size = u32::MAX;
     tls_config.alpn_protocols = vec![ALPN.into()];
 
-    let server_config = quinn::ServerConfig::with_crypto(Arc::new(tls_config));
-    let (endpoint, mut incoming) = quinn::Endpoint::server(server_config, opt.listen)?;
+    let server_config =
+        quinn::ServerConfig::with_crypto(Arc::new(QuicServerConfig::try_from(tls_config)?));
+    let endpoint = quinn::Endpoint::server(server_config, opt.listen)?;
 
     info!("listening on {}", opt.listen);
 
     // handle incoming connections and requests
 
-    while let Some(new_conn) = incoming.next().await {
+    while let Some(new_conn) = endpoint.accept().await {
         trace_span!("New connection being attempted");
 
         let root = root.clone();