tlsimple

Simple and tiny TLS supports for Rust (Async FFI of Mbed TLS).

Goals

• In a word: Async Rust binding, use cc crate, needs only a c compiler, supports multi platform.

• Async support. Provide TlsStream (for tokio) and HttpsConnector (for hyper).

• Single crate, less dependencies.

• Easy to build, without install Perl, autoconf, automake etc.

Roadmap

• [x] Run OpenSSL demo.
• [x] Run wolfSSL demo.
• [x] Run Mbed TLS demo.
• [x] Use Mbed TLS BIO (I/O abstraction).
• [x] Try to figure out if Mbed TLS is easy to strip.
• [x] Build Mbed TLS with AddressSanitizer.
• [x] Build Rust executable with AddressSanitizer.
• [x] Rust binding prototype worked.
• [x] Fully control the build progress, use only gcc / ar command.
• [ ] TLS 1.3.
• [x] Fix LeakSanitizer.
• [ ] Test if C demo works in Windows.
• [x] Compile with the Rust cc crate.
• [x] Bind to Rust.
• [x] Bind to Rust with async.
• [ ] Miri, Loom, ThreadSanitizer and more.
• [ ] Bench OpenSSL and Mbed TLS.
• [x] Strip more.
• [ ] Kernel TLS offload?
• [ ] Deploy.
• [ ] Publish & Announce.

https://github.com/monoio-rs/monoio-tls

https://github.com/Mbed-TLS/mbedtls/pull/5969

https://openwrt.org/releases/23.05/notes-23.05.0-rc2#switchfromwolfssltombedtlsasdefault

https://dev.mysql.com/blog-archive/mysql-is-openssl-only-now/

https://curl.se/docs/ssl-compared.html