TLS for async Rust, with Mbed-TLS.
-
Out of the box. Only a C compiler is required (unlike OpenSSL which needs perl + autoconf + automake + many more).
-
Async and blocking support, server and client mode. Also provide
HttpsConnectorfor Hyper (0.14) client. -
Lightweight. As a thin layer (< 2K Lines) with few dependencies. Binary size about 700 KiB smaller than rustls, 2 MiB smaller than rust-openssl.
WIP
- Run Mbed-TLS demo.
- Use Mbed-TLS BIO (I/O abstraction).
- Try to figure out if Mbed-TLS is easy to strip.
- Build Mbed-TLS with AddressSanitizer.
- Build Rust executable with AddressSanitizer.
- Rust binding prototype worked.
- Fully control the build progress, use only gcc / ar command.
- Fix LeakSanitizer.
- Compile with the Rust cc crate.
- Bind to Rust.
- Bind to Rust with async.
- Miri, Loom, ThreadSanitizer and more.
- Set ALPN to use HTTP 2.
- Client mode.
- Implement Client mode cert vetify.
- Test client mode cert vetify works.
- Client with Hyper 0.14.
- Client with Hyper 1.0.
- Deploy on Tokio current-thread runtime.
- Fix crach on Tokio multi-thread runtime.
- Bench OpenSSL and Mbed-TLS.
- Strip more.
- Test if works in Windows.
- TLS 1.3 in C.
- TLS 1.3 in Rust.
-
Use mbedtls_ssl_cache_context to speed up. - Use context pool to improve performance.
- Improve multi-thread performance.
- Bench and compare with OpenSSL / Rustls.
- Better error code to name convert.
- CI by GitHub Actions.
- Handle underlying io errors.
- More about close notify?
- Port init script to build.rs.
-
Kernel TLS offload. - Deploy on ksite.
- Publish & Announce.
简体中文
tlsimple
为 Rust 提供轻巧的 TLS 支持,基于 Mbed-TLS。
- 支持异步与同步,服务端与客户端模式。同时为 Hyper 客户端提供
HttpsConnector。
翻译仍在进行中...