From dac1c3862978c8b9056d43263edb5b0f61615355 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 1 Nov 2024 20:29:36 +0900 Subject: [PATCH 01/15] [ci skip] chore: unreleased version bump and changelog --- CHANGELOG.md | 2 +- Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 25c274a..fd67751 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # CHANGELOG -## 0.10.0 (Unreleased) +## 0.9.4 or 0.10.0 (Unreleased) ## 0.9.3 diff --git a/Cargo.toml b/Cargo.toml index ce78871..492fc22 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [workspace.package] -version = "0.9.3" +version = "0.9.4" authors = ["Jun Kurihara"] homepage = "https://github.com/junkurihara/rust-rpxy" repository = "https://github.com/junkurihara/rust-rpxy" From 1783fad752cabed7257f9fefab9358434dc48268 Mon Sep 17 00:00:00 2001 From: Jonas Berlin Date: Sun, 3 Nov 2024 18:38:46 +0200 Subject: [PATCH 02/15] feat: Add 502 error when upstream unavailable --- rpxy-lib/src/message_handler/http_result.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/rpxy-lib/src/message_handler/http_result.rs b/rpxy-lib/src/message_handler/http_result.rs index 98cdb45..5fcada1 100644 --- a/rpxy-lib/src/message_handler/http_result.rs +++ b/rpxy-lib/src/message_handler/http_result.rs @@ -53,6 +53,7 @@ impl From for StatusCode { HttpError::FailedToAddSetCookeInResponse(_) => StatusCode::INTERNAL_SERVER_ERROR, HttpError::FailedToGenerateDownstreamResponse(_) => StatusCode::INTERNAL_SERVER_ERROR, HttpError::FailedToUpgrade(_) => StatusCode::INTERNAL_SERVER_ERROR, + HttpError::FailedToGetResponseFromBackend(_) => StatusCode::BAD_GATEWAY, // HttpError::NoUpgradeExtensionInRequest => StatusCode::BAD_REQUEST, // HttpError::NoUpgradeExtensionInResponse => StatusCode::BAD_GATEWAY, _ => StatusCode::INTERNAL_SERVER_ERROR, From b315c6cfad4cf9f8c4a8134ab78f19f4e844ffbf Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 5 Nov 2024 11:07:30 +0900 Subject: [PATCH 03/15] deps: s2n-quic and others --- rpxy-acme/Cargo.toml | 4 ++-- rpxy-bin/Cargo.toml | 4 ++-- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 10 +++++----- submodules/s2n-quic | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index 6b7b96e..be4a73a 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -14,9 +14,9 @@ publish.workspace = true post-quantum = ["rustls-post-quantum"] [dependencies] -url = { version = "2.5.2" } +url = { version = "2.5.3" } rustc-hash = "2.0.0" -thiserror = "1.0.66" +thiserror = "1.0.68" tracing = "0.1.40" async-trait = "0.1.83" base64 = "0.22.1" diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 50173fe..6c76d9a 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -13,7 +13,7 @@ publish.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] +# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] # make this default in future # default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] default = ["http3-quinn", "cache", "rustls-backend", "acme"] # default = ["http3-s2n", "cache", "rustls-backend", "acme"] @@ -32,7 +32,7 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ ] } mimalloc = { version = "*", default-features = false } -anyhow = "1.0.91" +anyhow = "1.0.92" rustc-hash = "2.0.0" serde = { version = "1.0.214", default-features = false, features = ["derive"] } tokio = { version = "1.41.0", default-features = false, features = [ diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index ba39e6c..70b633a 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -19,7 +19,7 @@ http3 = [] rustc-hash = { version = "2.0.0" } tracing = { version = "0.1.40" } derive_builder = { version = "0.20.2" } -thiserror = { version = "1.0.66" } +thiserror = { version = "1.0.68" } hot_reload = { version = "0.1.6" } async-trait = { version = "0.1.83" } rustls = { version = "0.23.16", default-features = false, features = [ diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index fb21a4f..214c855 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -54,8 +54,8 @@ pin-project-lite = "0.2.15" async-trait = "0.1.83" # Error handling -anyhow = "1.0.91" -thiserror = "1.0.66" +anyhow = "1.0.92" +thiserror = "1.0.68" # http for both server and client http = "1.1.0" @@ -94,11 +94,11 @@ tracing = { version = "0.1.40" } quinn = { version = "0.11.5", optional = true } h3 = { version = "0.0.6", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.7", optional = true } -s2n-quic = { version = "1.48.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ +s2n-quic = { version = "1.49.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } -s2n-quic-core = { version = "0.48.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } -s2n-quic-rustls = { version = "0.48.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } +s2n-quic-core = { version = "0.49.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } +s2n-quic-rustls = { version = "0.49.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } s2n-quic-h3 = { path = "../submodules/s2n-quic/quic/s2n-quic-h3/", features = [ "tracing", ], optional = true } diff --git a/submodules/s2n-quic b/submodules/s2n-quic index ffeaac1..7bbf574 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit ffeaac1eb32589599c9be357f2273a2824741c7d +Subproject commit 7bbf5745306ddcc905fdc0486ace1328bccbafd1 From 641292fe5db2c66cc34f4a08cc850ee5b308e3b1 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 5 Nov 2024 19:40:04 +0900 Subject: [PATCH 04/15] deps --- rpxy-acme/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index be4a73a..d33c794 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -28,7 +28,7 @@ rustls = { version = "0.23.16", default-features = false, features = [ "std", "aws_lc_rs", ] } -rustls-platform-verifier = { version = "0.3.4" } +rustls-platform-verifier = { version = "0.4.0" } rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, features = [ "aws-lc-rs", ] } From 1a199396c0fe8309165cce750a83f7fc1867abf7 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 5 Nov 2024 19:49:21 +0900 Subject: [PATCH 05/15] fix: update the default logging level of external crates to warn --- rpxy-bin/src/log.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rpxy-bin/src/log.rs b/rpxy-bin/src/log.rs index 4076943..dd98b77 100644 --- a/rpxy-bin/src/log.rs +++ b/rpxy-bin/src/log.rs @@ -21,7 +21,7 @@ pub fn init_logger() { .target() .starts_with(env!("CARGO_PKG_NAME").replace('-', "_").as_str()) && metadata.level() <= &level) - || metadata.level() <= &tracing::Level::ERROR.min(level) + || metadata.level() <= &tracing::Level::WARN.min(level) })); tracing_subscriber::registry().with(stdio_layer).init(); } else { From 7cad7fd3650a53044abebfd55a38b5b2a23dbbf7 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 5 Nov 2024 23:07:14 +0900 Subject: [PATCH 06/15] update hot_reload --- rpxy-bin/Cargo.toml | 2 +- rpxy-bin/src/config/service.rs | 9 ++++----- rpxy-bin/src/main.rs | 13 ++++++++----- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- 5 files changed, 15 insertions(+), 13 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 6c76d9a..990f60a 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -49,7 +49,7 @@ futures-util = { version = "0.3.31", default-features = false } # config clap = { version = "4.5.20", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8.19", default-features = false, features = ["parse"] } -hot_reload = "0.1.6" +hot_reload = "0.1.8" serde_ignored = "0.1.10" # logging diff --git a/rpxy-bin/src/config/service.rs b/rpxy-bin/src/config/service.rs index 8769b96..76702c8 100644 --- a/rpxy-bin/src/config/service.rs +++ b/rpxy-bin/src/config/service.rs @@ -8,17 +8,16 @@ pub struct ConfigTomlReloader { } #[async_trait] -impl Reload for ConfigTomlReloader { +impl Reload for ConfigTomlReloader { type Source = String; - async fn new(source: &Self::Source) -> Result> { + async fn new(source: &Self::Source) -> Result> { Ok(Self { config_path: source.clone(), }) } - async fn reload(&self) -> Result, ReloaderError> { - let conf = ConfigToml::new(&self.config_path) - .map_err(|_e| ReloaderError::::Reload("Failed to reload config toml"))?; + async fn reload(&self) -> Result, ReloaderError> { + let conf = ConfigToml::new(&self.config_path).map_err(|e| ReloaderError::::Reload(e.to_string()))?; Ok(Some(conf)) } } diff --git a/rpxy-bin/src/main.rs b/rpxy-bin/src/main.rs index ce96253..d1156d8 100644 --- a/rpxy-bin/src/main.rs +++ b/rpxy-bin/src/main.rs @@ -40,10 +40,13 @@ fn main() { std::process::exit(1); } } else { - let (config_service, config_rx) = - ReloaderService::::new(&parsed_opts.config_file_path, CONFIG_WATCH_DELAY_SECS, false) - .await - .unwrap(); + let (config_service, config_rx) = ReloaderService::::new( + &parsed_opts.config_file_path, + CONFIG_WATCH_DELAY_SECS, + false, + ) + .await + .unwrap(); tokio::select! { config_res = config_service.start() => { @@ -246,7 +249,7 @@ async fn rpxy_service_without_watcher( } async fn rpxy_service_with_watcher( - mut config_rx: ReloaderReceiver, + mut config_rx: ReloaderReceiver, runtime_handle: tokio::runtime::Handle, ) -> Result<(), anyhow::Error> { info!("Start rpxy service with dynamic config reloader"); diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 70b633a..7da21b4 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -20,7 +20,7 @@ rustc-hash = { version = "2.0.0" } tracing = { version = "0.1.40" } derive_builder = { version = "0.20.2" } thiserror = { version = "1.0.68" } -hot_reload = { version = "0.1.6" } +hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } rustls = { version = "0.23.16", default-features = false, features = [ "std", diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 214c855..5020e8e 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -79,7 +79,7 @@ hyper-rustls = { version = "0.27.3", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } -hot_reload = "0.1.6" +hot_reload = "0.1.8" rustls = { version = "0.23.16", default-features = false } rustls-post-quantum = { version = "0.1.0", optional = true } tokio-rustls = { version = "0.26.0", features = ["early-data"] } From e14efb5149894d107d7205ade7223d48eb299f31 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 12 Nov 2024 11:55:26 +0800 Subject: [PATCH 07/15] chore: deps --- rpxy-acme/Cargo.toml | 4 ++-- rpxy-bin/Cargo.toml | 6 +++--- rpxy-certs/Cargo.toml | 4 ++-- rpxy-lib/Cargo.toml | 12 ++++++------ submodules/s2n-quic | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index d33c794..ecea66b 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -16,7 +16,7 @@ post-quantum = ["rustls-post-quantum"] [dependencies] url = { version = "2.5.3" } rustc-hash = "2.0.0" -thiserror = "1.0.68" +thiserror = "2.0.3" tracing = "0.1.40" async-trait = "0.1.83" base64 = "0.22.1" @@ -33,6 +33,6 @@ rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, f "aws-lc-rs", ] } rustls-post-quantum = { version = "0.1.0", optional = true } -tokio = { version = "1.41.0", default-features = false } +tokio = { version = "1.41.1", default-features = false } tokio-util = { version = "0.7.12", default-features = false } tokio-stream = { version = "0.1.16", default-features = false } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 990f60a..92469ba 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -32,10 +32,10 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ ] } mimalloc = { version = "*", default-features = false } -anyhow = "1.0.92" +anyhow = "1.0.93" rustc-hash = "2.0.0" -serde = { version = "1.0.214", default-features = false, features = ["derive"] } -tokio = { version = "1.41.0", default-features = false, features = [ +serde = { version = "1.0.215", default-features = false, features = ["derive"] } +tokio = { version = "1.41.1", default-features = false, features = [ "net", "rt-multi-thread", "time", diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 7da21b4..a64b266 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -19,7 +19,7 @@ http3 = [] rustc-hash = { version = "2.0.0" } tracing = { version = "0.1.40" } derive_builder = { version = "0.20.2" } -thiserror = { version = "1.0.68" } +thiserror = { version = "2.0.3" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } rustls = { version = "0.23.16", default-features = false, features = [ @@ -35,7 +35,7 @@ rustls-post-quantum = { version = "0.1.0", optional = true } x509-parser = { version = "0.16.0" } [dev-dependencies] -tokio = { version = "1.41.0", default-features = false, features = [ +tokio = { version = "1.41.1", default-features = false, features = [ "rt-multi-thread", "macros", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 5020e8e..3c4e628 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -41,7 +41,7 @@ rustc-hash = "2.0.0" bytes = "1.8.0" derive_builder = "0.20.2" futures = { version = "0.3.31", features = ["alloc", "async-await"] } -tokio = { version = "1.41.0", default-features = false, features = [ +tokio = { version = "1.41.1", default-features = false, features = [ "net", "rt-multi-thread", "time", @@ -54,8 +54,8 @@ pin-project-lite = "0.2.15" async-trait = "0.1.83" # Error handling -anyhow = "1.0.92" -thiserror = "1.0.68" +anyhow = "1.0.93" +thiserror = "2.0.3" # http for both server and client http = "1.1.0" @@ -94,11 +94,11 @@ tracing = { version = "0.1.40" } quinn = { version = "0.11.5", optional = true } h3 = { version = "0.0.6", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.7", optional = true } -s2n-quic = { version = "1.49.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ +s2n-quic = { version = "1.50.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } -s2n-quic-core = { version = "0.49.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } -s2n-quic-rustls = { version = "0.49.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } +s2n-quic-core = { version = "0.50.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } +s2n-quic-rustls = { version = "0.50.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } s2n-quic-h3 = { path = "../submodules/s2n-quic/quic/s2n-quic-h3/", features = [ "tracing", ], optional = true } diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 7bbf574..2a81847 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 7bbf5745306ddcc905fdc0486ace1328bccbafd1 +Subproject commit 2a81847fa0d3ceead08d7f0c5469eaee853c8a6c From 2e20287b4743b49e36b5b0fc7b9c33651300df35 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Mon, 18 Nov 2024 16:56:32 +0900 Subject: [PATCH 08/15] chore: deps --- rpxy-acme/Cargo.toml | 4 ++-- rpxy-bin/Cargo.toml | 2 +- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index ecea66b..903cbb0 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -20,11 +20,11 @@ thiserror = "2.0.3" tracing = "0.1.40" async-trait = "0.1.83" base64 = "0.22.1" -aws-lc-rs = { version = "1.10.0", default-features = false, features = [ +aws-lc-rs = { version = "1.11.0", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" -rustls = { version = "0.23.16", default-features = false, features = [ +rustls = { version = "0.23.17", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 92469ba..e7f9cc1 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -47,7 +47,7 @@ async-trait = "0.1.83" futures-util = { version = "0.3.31", default-features = false } # config -clap = { version = "4.5.20", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.5.21", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8.19", default-features = false, features = ["parse"] } hot_reload = "0.1.8" serde_ignored = "0.1.10" diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index a64b266..cab3243 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -22,7 +22,7 @@ derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.3" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } -rustls = { version = "0.23.16", default-features = false, features = [ +rustls = { version = "0.23.17", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 3c4e628..74ad6d3 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -80,7 +80,7 @@ hyper-rustls = { version = "0.27.3", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.8" -rustls = { version = "0.23.16", default-features = false } +rustls = { version = "0.23.17", default-features = false } rustls-post-quantum = { version = "0.1.0", optional = true } tokio-rustls = { version = "0.26.0", features = ["early-data"] } @@ -91,7 +91,7 @@ rpxy-acme = { path = "../rpxy-acme/", default-features = false, optional = true tracing = { version = "0.1.40" } # http/3 -quinn = { version = "0.11.5", optional = true } +quinn = { version = "0.11.6", optional = true } h3 = { version = "0.0.6", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.7", optional = true } s2n-quic = { version = "1.50.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ From 3af6ac957c30ebc2bc5d5f463d64b8db25c1e197 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Fri, 22 Nov 2024 12:58:54 +0900 Subject: [PATCH 09/15] deps: s2n-quic and others --- rpxy-lib/Cargo.toml | 8 ++++---- submodules/s2n-quic | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 74ad6d3..ef42e7c 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -60,7 +60,7 @@ thiserror = "2.0.3" # http for both server and client http = "1.1.0" http-body-util = "0.1.2" -hyper = { version = "1.5.0", default-features = false } +hyper = { version = "1.5.1", default-features = false } hyper-util = { version = "0.1.10", features = ["full"] } futures-util = { version = "0.3.31", default-features = false } futures-channel = { version = "0.3.31", default-features = false } @@ -94,11 +94,11 @@ tracing = { version = "0.1.40" } quinn = { version = "0.11.6", optional = true } h3 = { version = "0.0.6", features = ["tracing"], optional = true } h3-quinn = { version = "0.0.7", optional = true } -s2n-quic = { version = "1.50.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ +s2n-quic = { version = "1.51.0", path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } -s2n-quic-core = { version = "0.50.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } -s2n-quic-rustls = { version = "0.50.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } +s2n-quic-core = { version = "0.51.0", path = "../submodules/s2n-quic/quic/s2n-quic-core", default-features = false, optional = true } +s2n-quic-rustls = { version = "0.51.0", path = "../submodules/s2n-quic/quic/s2n-quic-rustls", optional = true } s2n-quic-h3 = { path = "../submodules/s2n-quic/quic/s2n-quic-h3/", features = [ "tracing", ], optional = true } diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 2a81847..0e475b8 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 2a81847fa0d3ceead08d7f0c5469eaee853c8a6c +Subproject commit 0e475b839f65daa6eafa6badb748f4087c133fdb From e2e1c2e7a01795f61fa8312a0944e1b74205ef7c Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sat, 23 Nov 2024 09:04:51 +0900 Subject: [PATCH 10/15] chore: deps --- rpxy-acme/Cargo.toml | 6 +++--- rpxy-certs/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index 903cbb0..1be23d3 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -14,17 +14,17 @@ publish.workspace = true post-quantum = ["rustls-post-quantum"] [dependencies] -url = { version = "2.5.3" } +url = { version = "2.5.4" } rustc-hash = "2.0.0" thiserror = "2.0.3" tracing = "0.1.40" async-trait = "0.1.83" base64 = "0.22.1" -aws-lc-rs = { version = "1.11.0", default-features = false, features = [ +aws-lc-rs = { version = "1.11.1", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" -rustls = { version = "0.23.17", default-features = false, features = [ +rustls = { version = "0.23.18", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index cab3243..86d00c5 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -22,7 +22,7 @@ derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.3" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } -rustls = { version = "0.23.17", default-features = false, features = [ +rustls = { version = "0.23.18", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index ef42e7c..7ec9ad7 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -80,7 +80,7 @@ hyper-rustls = { version = "0.27.3", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.8" -rustls = { version = "0.23.17", default-features = false } +rustls = { version = "0.23.18", default-features = false } rustls-post-quantum = { version = "0.1.0", optional = true } tokio-rustls = { version = "0.26.0", features = ["early-data"] } From 0180b618e42fab36ecc301479d1cf0fc8ffb3770 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 28 Nov 2024 11:36:11 +0900 Subject: [PATCH 11/15] chore: deps --- rpxy-acme/Cargo.toml | 4 ++-- rpxy-bin/Cargo.toml | 2 +- rpxy-certs/Cargo.toml | 4 ++-- rpxy-lib/Cargo.toml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index 1be23d3..3143168 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -17,14 +17,14 @@ post-quantum = ["rustls-post-quantum"] url = { version = "2.5.4" } rustc-hash = "2.0.0" thiserror = "2.0.3" -tracing = "0.1.40" +tracing = "0.1.41" async-trait = "0.1.83" base64 = "0.22.1" aws-lc-rs = { version = "1.11.1", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" -rustls = { version = "0.23.18", default-features = false, features = [ +rustls = { version = "0.23.19", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index e7f9cc1..b5dec39 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -53,7 +53,7 @@ hot_reload = "0.1.8" serde_ignored = "0.1.10" # logging -tracing = { version = "0.1.40" } +tracing = { version = "0.1.41" } tracing-subscriber = { version = "0.3.18", features = ["env-filter"] } ################################ diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 86d00c5..dc6ddfe 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -17,12 +17,12 @@ http3 = [] [dependencies] rustc-hash = { version = "2.0.0" } -tracing = { version = "0.1.40" } +tracing = { version = "0.1.41" } derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.3" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } -rustls = { version = "0.23.18", default-features = false, features = [ +rustls = { version = "0.23.19", default-features = false, features = [ "std", "aws_lc_rs", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 7ec9ad7..f8467c7 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -80,7 +80,7 @@ hyper-rustls = { version = "0.27.3", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.8" -rustls = { version = "0.23.18", default-features = false } +rustls = { version = "0.23.19", default-features = false } rustls-post-quantum = { version = "0.1.0", optional = true } tokio-rustls = { version = "0.26.0", features = ["early-data"] } @@ -88,7 +88,7 @@ tokio-rustls = { version = "0.26.0", features = ["early-data"] } rpxy-acme = { path = "../rpxy-acme/", default-features = false, optional = true } # logging -tracing = { version = "0.1.40" } +tracing = { version = "0.1.41" } # http/3 quinn = { version = "0.11.6", optional = true } From 70a587bc33c27f25f3b8af5e29f2d4504a8823a4 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Dec 2024 10:30:43 +0900 Subject: [PATCH 12/15] chore: deps --- rpxy-acme/Cargo.toml | 10 +++++----- rpxy-bin/Cargo.toml | 12 ++++++------ rpxy-certs/Cargo.toml | 6 +++--- rpxy-lib/Cargo.toml | 20 ++++++++++---------- 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index 3143168..52db006 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -15,8 +15,8 @@ post-quantum = ["rustls-post-quantum"] [dependencies] url = { version = "2.5.4" } -rustc-hash = "2.0.0" -thiserror = "2.0.3" +rustc-hash = "2.1.0" +thiserror = "2.0.6" tracing = "0.1.41" async-trait = "0.1.83" base64 = "0.22.1" @@ -33,6 +33,6 @@ rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, f "aws-lc-rs", ] } rustls-post-quantum = { version = "0.1.0", optional = true } -tokio = { version = "1.41.1", default-features = false } -tokio-util = { version = "0.7.12", default-features = false } -tokio-stream = { version = "0.1.16", default-features = false } +tokio = { version = "1.42.0", default-features = false } +tokio-util = { version = "0.7.13", default-features = false } +tokio-stream = { version = "0.1.17", default-features = false } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index b5dec39..bf0a148 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -32,29 +32,29 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ ] } mimalloc = { version = "*", default-features = false } -anyhow = "1.0.93" -rustc-hash = "2.0.0" +anyhow = "1.0.94" +rustc-hash = "2.1.0" serde = { version = "1.0.215", default-features = false, features = ["derive"] } -tokio = { version = "1.41.1", default-features = false, features = [ +tokio = { version = "1.42.0", default-features = false, features = [ "net", "rt-multi-thread", "time", "sync", "macros", ] } -tokio-util = { version = "0.7.12", default-features = false } +tokio-util = { version = "0.7.13", default-features = false } async-trait = "0.1.83" futures-util = { version = "0.3.31", default-features = false } # config -clap = { version = "4.5.21", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.5.23", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8.19", default-features = false, features = ["parse"] } hot_reload = "0.1.8" serde_ignored = "0.1.10" # logging tracing = { version = "0.1.41" } -tracing-subscriber = { version = "0.3.18", features = ["env-filter"] } +tracing-subscriber = { version = "0.3.19", features = ["env-filter"] } ################################ # cert management diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index dc6ddfe..1bec247 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -16,10 +16,10 @@ post-quantum = ["rustls-post-quantum"] http3 = [] [dependencies] -rustc-hash = { version = "2.0.0" } +rustc-hash = { version = "2.1.0" } tracing = { version = "0.1.41" } derive_builder = { version = "0.20.2" } -thiserror = { version = "2.0.3" } +thiserror = { version = "2.0.6" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } rustls = { version = "0.23.19", default-features = false, features = [ @@ -35,7 +35,7 @@ rustls-post-quantum = { version = "0.1.0", optional = true } x509-parser = { version = "0.16.0" } [dev-dependencies] -tokio = { version = "1.41.1", default-features = false, features = [ +tokio = { version = "1.42.0", default-features = false, features = [ "rt-multi-thread", "macros", ] } diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index f8467c7..f8c71c4 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -37,11 +37,11 @@ post-quantum = [ [dependencies] rand = "0.8.5" -rustc-hash = "2.0.0" -bytes = "1.8.0" +rustc-hash = "2.1.0" +bytes = "1.9.0" derive_builder = "0.20.2" futures = { version = "0.3.31", features = ["alloc", "async-await"] } -tokio = { version = "1.41.1", default-features = false, features = [ +tokio = { version = "1.42.0", default-features = false, features = [ "net", "rt-multi-thread", "time", @@ -49,16 +49,16 @@ tokio = { version = "1.41.1", default-features = false, features = [ "macros", "fs", ] } -tokio-util = { version = "0.7.12", default-features = false } +tokio-util = { version = "0.7.13", default-features = false } pin-project-lite = "0.2.15" async-trait = "0.1.83" # Error handling -anyhow = "1.0.93" -thiserror = "2.0.3" +anyhow = "1.0.94" +thiserror = "2.0.6" # http for both server and client -http = "1.1.0" +http = "1.2.0" http-body-util = "0.1.2" hyper = { version = "1.5.1", default-features = false } hyper-util = { version = "0.1.10", features = ["full"] } @@ -82,7 +82,7 @@ rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.8" rustls = { version = "0.23.19", default-features = false } rustls-post-quantum = { version = "0.1.0", optional = true } -tokio-rustls = { version = "0.26.0", features = ["early-data"] } +tokio-rustls = { version = "0.26.1", features = ["early-data"] } # acme rpxy-acme = { path = "../rpxy-acme/", default-features = false, optional = true } @@ -104,7 +104,7 @@ s2n-quic-h3 = { path = "../submodules/s2n-quic/quic/s2n-quic-h3/", features = [ ], optional = true } ########## # for UDP socket wit SO_REUSEADDR when h3 with quinn -socket2 = { version = "0.5.7", features = ["all"], optional = true } +socket2 = { version = "0.5.8", features = ["all"], optional = true } # cache http-cache-semantics = { path = "../submodules/rusty-http-cache-semantics", default-features = false, optional = true } @@ -112,7 +112,7 @@ lru = { version = "0.12.5", optional = true } sha2 = { version = "0.10.8", default-features = false, optional = true } # cookie handling for sticky cookie -chrono = { version = "0.4.38", default-features = false, features = [ +chrono = { version = "0.4.39", default-features = false, features = [ "unstable-locales", "alloc", "clock", From 69885a782a5b80f603ef76ff85ac9f27628b9642 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 12 Dec 2024 14:59:45 +0900 Subject: [PATCH 13/15] chore deps rustls-post-quantum, make pq default --- rpxy-acme/Cargo.toml | 4 ++-- rpxy-bin/Cargo.toml | 6 ++---- rpxy-certs/Cargo.toml | 4 ++-- rpxy-lib/Cargo.toml | 4 ++-- submodules/s2n-quic | 2 +- 5 files changed, 9 insertions(+), 11 deletions(-) diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml index 52db006..c0d473a 100644 --- a/rpxy-acme/Cargo.toml +++ b/rpxy-acme/Cargo.toml @@ -24,7 +24,7 @@ aws-lc-rs = { version = "1.11.1", default-features = false, features = [ "aws-lc-sys", ] } blocking = "1.6.1" -rustls = { version = "0.23.19", default-features = false, features = [ +rustls = { version = "0.23.20", default-features = false, features = [ "std", "aws_lc_rs", ] } @@ -32,7 +32,7 @@ rustls-platform-verifier = { version = "0.4.0" } rustls-acme = { path = "../submodules/rustls-acme/", default-features = false, features = [ "aws-lc-rs", ] } -rustls-post-quantum = { version = "0.1.0", optional = true } +rustls-post-quantum = { version = "0.2.1", optional = true } tokio = { version = "1.42.0", default-features = false } tokio-util = { version = "0.7.13", default-features = false } tokio-stream = { version = "0.1.17", default-features = false } diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index bf0a148..2c14df7 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -14,9 +14,7 @@ publish.workspace = true [features] # default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] # make this default in future -# default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] -default = ["http3-quinn", "cache", "rustls-backend", "acme"] -# default = ["http3-s2n", "cache", "rustls-backend", "acme"] +default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] native-tls-backend = ["rpxy-lib/native-tls-backend"] @@ -34,7 +32,7 @@ rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ mimalloc = { version = "*", default-features = false } anyhow = "1.0.94" rustc-hash = "2.1.0" -serde = { version = "1.0.215", default-features = false, features = ["derive"] } +serde = { version = "1.0.216", default-features = false, features = ["derive"] } tokio = { version = "1.42.0", default-features = false, features = [ "net", "rt-multi-thread", diff --git a/rpxy-certs/Cargo.toml b/rpxy-certs/Cargo.toml index 1bec247..1ca8e41 100644 --- a/rpxy-certs/Cargo.toml +++ b/rpxy-certs/Cargo.toml @@ -22,7 +22,7 @@ derive_builder = { version = "0.20.2" } thiserror = { version = "2.0.6" } hot_reload = { version = "0.1.8" } async-trait = { version = "0.1.83" } -rustls = { version = "0.23.19", default-features = false, features = [ +rustls = { version = "0.23.20", default-features = false, features = [ "std", "aws_lc_rs", ] } @@ -31,7 +31,7 @@ rustls-webpki = { version = "0.102.8", default-features = false, features = [ "std", "aws_lc_rs", ] } -rustls-post-quantum = { version = "0.1.0", optional = true } +rustls-post-quantum = { version = "0.2.1", optional = true } x509-parser = { version = "0.16.0" } [dev-dependencies] diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index f8c71c4..e5a1806 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -80,8 +80,8 @@ hyper-rustls = { version = "0.27.3", default-features = false, features = [ # tls and cert management for server rpxy-certs = { path = "../rpxy-certs/", default-features = false } hot_reload = "0.1.8" -rustls = { version = "0.23.19", default-features = false } -rustls-post-quantum = { version = "0.1.0", optional = true } +rustls = { version = "0.23.20", default-features = false } +rustls-post-quantum = { version = "0.2.1", optional = true } tokio-rustls = { version = "0.26.1", features = ["early-data"] } # acme diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 0e475b8..b49cb51 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 0e475b839f65daa6eafa6badb748f4087c133fdb +Subproject commit b49cb517d0256864a9382f04fedd0e9f71531d85 From d3adb44087507c1a9761dbb7710b5d73b9e8b91d Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 12 Dec 2024 15:04:03 +0900 Subject: [PATCH 14/15] chore: actions. remove -pq --- .github/workflows/release.yml | 30 ---------------------- .github/workflows/release_docker.yml | 37 ---------------------------- CHANGELOG.md | 9 ++++++- rpxy-bin/Cargo.toml | 4 +-- 4 files changed, 10 insertions(+), 70 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8b056bb..8c0dca6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,16 +34,6 @@ jobs: platform: linux/arm64 tags-suffix: "-slim" - - target: "musl" - build-feature: "-slim-pq" - platform: linux/amd64 - tags-suffix: "-slim-pq" - - - target: "musl" - build-feature: "-slim-pq" - platform: linux/arm64 - tags-suffix: "-slim-pq" - - target: "gnu" build-feature: "-s2n" platform: linux/amd64 @@ -54,26 +44,6 @@ jobs: platform: linux/arm64 tags-suffix: "-s2n" - - target: "gnu" - build-feature: "-pq" - platform: linux/amd64 - tags-suffix: "-pq" - - - target: "gnu" - build-feature: "-pq" - platform: linux/arm64 - tags-suffix: "-pq" - - - target: "gnu" - build-feature: "-s2n-pq" - platform: linux/amd64 - tags-suffix: "-s2n-pq" - - - target: "gnu" - build-feature: "-s2n-pq" - platform: linux/arm64 - tags-suffix: "-s2n-pq" - - target: "gnu" build-feature: "-webpki-roots" platform: linux/amd64 diff --git a/.github/workflows/release_docker.yml b/.github/workflows/release_docker.yml index 7a3105d..c018272 100644 --- a/.github/workflows/release_docker.yml +++ b/.github/workflows/release_docker.yml @@ -30,17 +30,6 @@ jobs: jqtype/rpxy:latest ghcr.io/junkurihara/rust-rpxy:latest - - target: "default-pq" - dockerfile: ./docker/Dockerfile - platforms: linux/amd64,linux/arm64 - build-args: | - "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,rustls-backend,acme,post-quantum" - tags-suffix: "-pq" - # Aliases must be used only for release builds - aliases: | - jqtype/rpxy:pq - ghcr.io/junkurihara/rust-rpxy:pq - - target: "default-slim" dockerfile: ./docker/Dockerfile-slim build-contexts: | @@ -53,20 +42,6 @@ jobs: jqtype/rpxy:slim ghcr.io/junkurihara/rust-rpxy:slim - - target: "default-slim-pq" - dockerfile: ./docker/Dockerfile-slim - build-args: | - "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,rustls-backend,acme,post-quantum" - build-contexts: | - messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl - messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl - platforms: linux/amd64,linux/arm64 - tags-suffix: "-slim-pq" - # Aliases must be used only for release builds - aliases: | - jqtype/rpxy:slim-pq - ghcr.io/junkurihara/rust-rpxy:slim-pq - - target: "s2n" dockerfile: ./docker/Dockerfile build-args: | @@ -79,18 +54,6 @@ jobs: jqtype/rpxy:s2n ghcr.io/junkurihara/rust-rpxy:s2n - - target: "s2n-pq" - dockerfile: ./docker/Dockerfile - build-args: | - "CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,rustls-backend,acme,post-quantum" - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++" - platforms: linux/amd64,linux/arm64 - tags-suffix: "-s2n-pq" - # Aliases must be used only for release builds - aliases: | - jqtype/rpxy:s2n-pq - ghcr.io/junkurihara/rust-rpxy:s2n-pq - - target: "webpki-roots" dockerfile: ./docker/Dockerfile platforms: linux/amd64,linux/arm64 diff --git a/CHANGELOG.md b/CHANGELOG.md index fd67751..d3d2f92 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,13 @@ # CHANGELOG -## 0.9.4 or 0.10.0 (Unreleased) +## 0.9.5 or 0.10.0 (Unreleased) + +## 0.9.4 + +### Improvement + +- Feat: Enable the hybrid post-quantum key exchange for TLS and QUIC with `X25519MLKEM768` by default. +- Deps and refactor ## 0.9.3 diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 2c14df7..9b22f17 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -13,8 +13,8 @@ publish.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -# default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] # make this default in future -default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] +default = ["http3-quinn", "cache", "rustls-backend", "acme", "post-quantum"] +# default = ["http3-s2n", "cache", "rustls-backend", "acme", "post-quantum"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] native-tls-backend = ["rpxy-lib/native-tls-backend"] From f5b121347694d0f64f0cb3b7fdafed21dfb13a0c Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 12 Dec 2024 15:08:42 +0900 Subject: [PATCH 15/15] chore: readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5f0467d..ebe3de3 100644 --- a/README.md +++ b/README.md @@ -14,11 +14,11 @@ [^pure_rust]: Doubtfully can be claimed to be written in pure Rust since current `rpxy` is based on `aws-lc-rs` for cryptographic operations. -By default, `rpxy` provides the *TLS connection sanitization* by correctly binding a certificate used to establish a secure channel with the backend application. Specifically, it always keeps the consistency between the given SNI (server name indication) in `ClientHello` of the underlying TLS and the domain name given by the overlaid HTTP HOST header (or URL in Request line) [^1]. Additionally, as a somewhat unstable feature, our `rpxy` can handle the brand-new HTTP/3 connection thanks to [`quinn`](https://github.com/quinn-rs/quinn), [`s2n-quic`](https://github.com/aws/s2n-quic) and [`hyperium/h3`](https://github.com/hyperium/h3).[^h3lib] Furthermore, `rpxy` supports the automatic issuance and renewal of certificates via [TLS-ALPN-01 (RFC8737)](https://www.rfc-editor.org/rfc/rfc8737) of [ACME protocol (RFC8555)](https://www.rfc-editor.org/rfc/rfc8555) thanks to [`rustls-acme`](https://github.com/FlorianUekermann/rustls-acme), and the hybridized post-quantum key exchange [`X25519Kyber768Draft00`](https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/)[^kyber] for TLS incoming and outgoing initiation thanks to [`rustls-post-quantum`](https://docs.rs/rustls-post-quantum/latest/rustls_post_quantum/). +By default, `rpxy` provides the *TLS connection sanitization* by correctly binding a certificate used to establish a secure channel with the backend application. Specifically, it always keeps the consistency between the given SNI (server name indication) in `ClientHello` of the underlying TLS and the domain name given by the overlaid HTTP HOST header (or URL in Request line) [^1]. Additionally, as a somewhat unstable feature, our `rpxy` can handle the brand-new HTTP/3 connection thanks to [`quinn`](https://github.com/quinn-rs/quinn), [`s2n-quic`](https://github.com/aws/s2n-quic) and [`hyperium/h3`](https://github.com/hyperium/h3).[^h3lib] Furthermore, `rpxy` supports the automatic issuance and renewal of certificates via [TLS-ALPN-01 (RFC8737)](https://www.rfc-editor.org/rfc/rfc8737) of [ACME protocol (RFC8555)](https://www.rfc-editor.org/rfc/rfc8555) thanks to [`rustls-acme`](https://github.com/FlorianUekermann/rustls-acme), and the hybridized post-quantum key exchange [`X25519MLKEM768`](https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-02.html)[^kyber] for TLS/QUIC incoming and outgoing initiation thanks to [`rustls-post-quantum`](https://docs.rs/rustls-post-quantum/latest/rustls_post_quantum/). [^h3lib]: HTTP/3 libraries are mutually exclusive. You need to explicitly specify `s2n-quic` with `--no-default-features` flag. Also note that if you build `rpxy` with `s2n-quic`, then it requires `openssl` just for building the package. - [^kyber]: This is not yet a default feature. You need to specify `--features post-quantum` when building `rpxy`. Also note that `X25519Kyber768Draft00` is a draft version yet this is widely used on the Internet. We will update the feature when the newest version (`X25519MLKEM768` in [`ECDHE-MLKEM`](https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-02.html)) is available. + [^kyber]: This is already a default feature. Also note that `X25519MLKEM768` is still a draft version yet this is widely used on the Internet. This project is still *work-in-progress*. But it is already working in some production environments and serves a number of domain names. Furthermore it *significantly outperforms* NGINX and Caddy, e.g., *1.5x faster than NGINX*, in the setting of a very simple HTTP reverse-proxy scenario (See [`bench`](./bench/) directory).