More aws_lc_rs support

Cargo.toml

@@ -14,7 +14,7 @@ Configures kTLS for tokio-rustls client and server connections.
 libc = { version = "0.2.153", features = ["const-extern-fn"] }
 thiserror = "1.0.57"
 tracing = "0.1.40"
-tokio-rustls = { git = "https://github.com/rustls/tokio-rustls", rev = "d26502cf444ab2fa24a6d6fe08933abd4a2e8f3e" }
+tokio-rustls = { git = "https://github.com/rustls/tokio-rustls", rev = "d26502cf444ab2fa24a6d6fe08933abd4a2e8f3e", default-features = false }
 rustls = { version = "0.23.1", default-features = false }
 smallvec = "1.13.1"
 memoffset = "0.9.0"
@@ -37,6 +37,6 @@ tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
 
 [features]
 default = ["aws_lc_rs", "tls12"]
-aws_lc_rs = ["rustls/aws_lc_rs"]
-ring = ["rustls/ring"]
-tls12 = ["rustls/tls12"]
+aws_lc_rs = ["rustls/aws_lc_rs", "tokio-rustls/aws-lc-rs"]
+ring = ["rustls/ring", "tokio-rustls/ring"]
+tls12 = ["rustls/tls12", "tokio-rustls/tls12"]

Justfile

@@ -15,10 +15,15 @@ cov:
 
 # Run all tests
 test *args:
-	RUST_BACKTRACE=1 cargo nextest run --all-features {{args}}
+	#!/bin/bash -eux
+	export RUST_BACKTRACE=1
+	for feature in ring aws_lc_rs; do
+		cargo nextest run --no-default-features --features tls12,$feature {{args}}
+	done
 
 check:
-	cargo clippy --all-features --all-targets
+	cargo clippy --no-default-features --features tls12,ring --all-targets
+	cargo clippy --no-default-features --features tls12,aws_lc_rs --all-targets
 
 check-powerset:
-	cargo hack --feature-powerset check
+	cargo hack --feature-powerset --mutually-exclusive-features ring,aws_lc_rs check

tests/integration_test.rs

@@ -112,12 +112,6 @@ enum ServerTestFlavor {
 //     cipher_suite: SupportedCipherSuite,
 //     crypto_provider: KtlsCryptoProvider,
 // ) {
-//     tracing_subscriber::fmt()
-//         // .with_env_filter(EnvFilter::new("rustls=trace,debug"))
-//         // .with_env_filter(EnvFilter::new("debug"))
-//         .with_env_filter(EnvFilter::new("trace"))
-//         .pretty()
-//         .init();
 
 //     server_test_inner(
 //         protocol_version,
@@ -169,11 +163,72 @@ impl KtlsCryptoProvider {
     }
 }
 
+#[test_case::test_matrix(
+    [
+        KtlsCryptoProvider::Ring,
+        KtlsCryptoProvider::AwsLcRs,
+    ],
+    [
+        KtlsVersion::TLS12,
+        KtlsVersion::TLS13,
+    ],
+    [
+        KtlsCipherType::AesGcm128,
+        KtlsCipherType::AesGcm256,
+        KtlsCipherType::Chacha20Poly1305,
+    ],
+    [
+        ServerTestFlavor::ClientCloses,
+        ServerTestFlavor::ServerCloses,
+    ]
+)]
+#[tokio::test]
+async fn server_tests(
+    crypto_provider: KtlsCryptoProvider,
+    version: KtlsVersion,
+    cipher_type: KtlsCipherType,
+    flavor: ServerTestFlavor,
+) {
+    if matches!(version, KtlsVersion::TLS12) && !cfg!(feature = "tls12") {
+        println!("Skipping...");
+        return;
+    }
+
+    let cipher_suite = KtlsCipherSuite {
+        version,
+        typ: cipher_type,
+    };
+
+    match &crypto_provider {
+        KtlsCryptoProvider::Ring => {
+            if !cfg!(feature = "ring") {
+                println!("Skipping (ring not built-in)");
+                return;
+            }
+        }
+        KtlsCryptoProvider::AwsLcRs => {
+            if !cfg!(feature = "aws_lc_rs") {
+                println!("Skipping (aws_lc_rs not built-in)");
+                return;
+            }
+        }
+    }
+
+    server_test_inner(cipher_suite, crypto_provider, flavor).await
+}
+
 async fn server_test_inner(
     cipher_suite: KtlsCipherSuite,
     crypto_provider: KtlsCryptoProvider,
     flavor: ServerTestFlavor,
 ) {
+    tracing_subscriber::fmt()
+        // .with_env_filter(EnvFilter::new("rustls=trace,debug"))
+        // .with_env_filter(EnvFilter::new("debug"))
+        .with_env_filter(EnvFilter::new("trace"))
+        .pretty()
+        .init();
+
     let subject_alt_names = vec!["localhost".to_string()];
 
     let cert = generate_simple_self_signed(subject_alt_names).unwrap();