Skip to content

Use clap macro for rustls-mio examples #879

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Use clap macro for rustls-mio examples #879

wants to merge 1 commit into from

Conversation

djc
Copy link
Member

@djc djc commented Dec 13, 2021

docopt is no longer maintained. Meanwhile, structopt provides a nice way of declaratively setting up the CLI options and arguments.

tlsclient 0.0.1
The default `port` is 443. By default, this reads a request from stdin (to EOF) before making the connection.  --http
replaces this with a basic HTTP GET request for /.

If --cafile is not supplied, a built-in set of CA certificates are used from the webpki-roots crate.

USAGE:
    tlsclient [FLAGS] [OPTIONS] <hostname>

FLAGS:
    -h, --help          
            Prints help information

        --http          
            Send a basic HTTP GET request for /

        --insecure      
            Disable certificate verification

        --no-sni        
            Disable server name indication support

        --no-tickets    
            Disable session ticket support

    -V, --version       
            Prints version information

        --verbose       
            Emit log output


OPTIONS:
        --auth-certs <auth-certs>          
            Read client authentication certificates from `auth-certs`.
            
            `auth-certs` must match up with `auth-key`.
        --auth-key <auth-key>              
            Read client authentication key from `auth-key`

        --cache <cache>                    
            Save session cache to file `cache`

        --cafile <cafile>                  
            Read root certificates from `cafile`

        --max-frag-size <max-frag-size>    
            Limit outgoing messages to `max_frag_size` bytes

    -p, --port <port>                      
            Connect to `port` [default: 443]

        --proto <proto>...                 
            Send ALPN extension containing `proto`. May be used multiple times to offer several protocols

        --protover <protover>...           
            Disable default TLS version list, and use `protover` instead. May be used multiple times

        --suite <suite>...                 
            Disable default cipher suite list, and use `suite` instead. May be used multiple times


ARGS:
    <hostname>

rustls-mio 0.0.1
Runs a TLS server on :port.  The default port is 443.

`--certs' names the full certificate chain, `--key' provides the RSA private key.

USAGE:
    tlsserver [FLAGS] [OPTIONS] <SUBCOMMAND>

FLAGS:
    -h, --help            
            Prints help information

        --require-auth    
            Send a fatal alert if the client does not complete client authentication

        --resumption      
            Support session resumption

        --tickets         
            Support tickets

    -V, --version         
            Prints version information

        --verbose         
            Emit log output


OPTIONS:
        --auth <auth>               
            Enable client authentication, and accept certificates signed by those roots provided in `certs`

        --certs <certs>             
            Read server certificates from `certs`.
            
            This should contain PEM-format certificates in the right order (the first certificate should certify `key`,
            the last should be a root CA).
        --key <key>                 
            Read private key from `key`.
            
            This should be an RSA private key or PKCS8-encoded private key, in PEM format.
        --ocsp <ocsp>               
            Read DER-encoded OCSP response from OCSP and stable to certificate. Optional

    -p, --port <port>               
            Listen on `port` [default: 443]

        --proto <proto>...          
            Send ALPN extension containing `proto`. May be used multiple times to offer several protocols

        --protover <protover>...    
            Disable default TLS version list, and use `protover` instead. May be used multiple times

        --suite <suite>...          
            Disable default cipher suite list, and use `suite` instead. May be used multiple times


SUBCOMMANDS:
    echo       Write back received bytes
    forward    Forward traffic to/from given port on localhost
    help       Prints this message or the help of the given subcommand(s)
    http       Do one read, then write a bodged HTTP response and cleanly close the connection

@codecov-commenter
Copy link

codecov-commenter commented Dec 13, 2021
edited
Loading

Codecov Report

Merging #879 (b040e5b) into main (4ae7cff) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #879   +/-   ##
=======================================
  Coverage   95.94%   95.94%           
=======================================
  Files          59       59           
  Lines        9501     9501           
=======================================
  Hits         9116     9116           
  Misses        385      385

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4ae7cff...b040e5b. Read the comment docs.

@djc djc marked this pull request as draft December 13, 2021 12:05
@djc
Copy link
Member Author

djc commented Dec 13, 2021

tlsserver seems to trigger some edge cases in structopt here, will try to investigate soon.

@djc
Copy link
Member Author

djc commented Jan 7, 2022

Currently blocked on clap-rs/clap#3267.

@djc djc changed the title Use structopt for rustls-mio examples Use clap for rustls-mio examples Jan 7, 2022
@djc djc changed the title Use clap for rustls-mio examples Use clap macro for rustls-mio examples Jan 7, 2022
@briansmith
Copy link
Contributor

Currently blocked on clap-rs/clap#3267.

  • It seems a bit much to ask the clap developers to change their MSRV policy to accommodate our examples. I think the clap MSRV policy is good as it is.
  • rustls-mio isn't even published to crates.io, so why do we need example programs for it?
  • Why do we continue to use rustls-mio in the first place, instead of using tokio-rustls like everybody else?

@djc
Copy link
Member Author

djc commented Jan 17, 2022

It seems a bit much to ask the clap developers to change their MSRV policy to accommodate our examples. I think the clap MSRV policy is good as it is.

It's also an issue for trust-dns (https://github.com/bluejekyll/trust-dns/pull/1616) and for Quinn.

As I understand it, rustls-mio contains a bunch of integration tests that depend on these example programs.

@briansmith
Copy link
Contributor

Even if we go by what Tokio does, which is 6 months, then 1.53 would be OK and we're very close to 1.54 being an acceptable MSRV for us now. IDK of anything in 1.53 or 1.54 that we need, but also I humbly suggest we don't bother people too much if they're just requiring 1.54.

As I understand it, rustls-mio contains a bunch of integration tests that depend on these example programs.

Perhaps we should split tlsclient and tlsserver into two programs each: A demo/utility program and the test engine. It would be nice if the tests didn't have a 3rd-party command line parsing dependency at all, or ultimately even a mio dependency. That will be needed if/when we want to address the ability for Rustls to run on the web (#808), which multiple people have requested (publicly and privately).

@ctz
Copy link
Member

ctz commented Jan 17, 2022

The reason rustls-mio exists as it does is to separate out and remove mio as dependency of the core crate (even as a dev-dependency). See #241 for background. It definitely does not stand in the way of running the core crate under wasm.

@briansmith
Copy link
Contributor

It definitely does not stand in the way of running the core crate under wasm.

There are (at least) two different wasm32 environments that people are interested in: wasm32-wasi and wasm32 browser, tunneled through WebSockets. I expanded on this in #808.

@cpu
Copy link
Member

cpu commented Oct 16, 2023

I'm going to close this draft PR since it's quite out of date with main and doesn't seem like a high priority to fix. I suspect some of the issues that made it difficult to merge back in ~2021 might be resolved but it's probably better to tackle in a fresh PR when someone has time.

@cpu cpu closed this Oct 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@djc @codecov-commenter @briansmith @ctz @cpu