Comments (2)
sfackler
commented on August 16, 2024
It is not possible to implement try_clone on any backend. A TLS stream is inherently stateful.
from rust-native-tls.
emk
commented on August 16, 2024
Interesting!
It turns out that rust-amqp was definitely calling try_clone on an OpenSSL SslStream<TcpStream>, as provided here by openssl.
The documentation for try_clone, however, reads:
Deprecated
This method does not behave as expected and will be removed in a future release.
So it looks like rust-amqp is actually relying on incorrect and non-portable OpenSSL behavior that has been removed in newer releases. And unfortunately, this seems to be pretty deeply baked into the code, because it tries to listen for inbound messages while still allowing outbound messages—it's treating the connection as two independent one-way connections.
Now I need to find a solution elsewhere, and it looks like this is going to be trickier than I had hoped. :-(
Thank you for helping me get to the bottom of this!
from rust-native-tls.
Related Issues (20)
- Please update openssl dependency. HOT 1
- Several RUSTSEC vulnerabilities in openssl HOT 1
- RUSTSEC vulnerability in `tempfile` - need to take updated version HOT 1
- tls
- rust-native-tls is not able to receive peer certificate HOT 10
- Upgrade security-framework v2.9.1 HOT 1
- TlsConnectorBuilder constructor HOT 2
- PKCS12 Legacy Support HOT 1
- Identity::from_pkcs8 does not work correctly on macos HOT 2
- PKCS12 Identity [mac verify failure] on legacy format HOT 3
- Windows: When loading an Identity with from_pkcs8(), running multiple servers generates handshake errors HOT 7
- Is `&TlsStream: Read + Write` possible? HOT 2
- Option to disable certificate CA verification HOT 7
- Newer pkcs12 file format reverses cert chain order HOT 4
- Ability to customise SslContext for openssl HOT 1
- feature request: please provide a way to "opt-outing" openssl HOT 2
- reading the response is taking too long - 10 minutes HOT 4
- Allow access to ssl::SslStream for advanced usage HOT 1
- Use schannel CertContext to create an Identity HOT 2
- TlsConnector throws an error: Failure(Error { code: -9836, message: "bad protocol version" }) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-native-tls.