Daniel McCarney
Daniel McCarney
@ctz Can I bug you for a second review? I'm out today but can finish up the changelog, README update, and other misc bits on ~Thurs if this looks good...
> This makes me realize we need an update to the README discussing building with ring. That could be where we specifically document that building with both is unsupported. Added...
> cpu marked this pull request as draft 6 minutes ago I think I need a couple more tweaks here (and test coverage) for consumers that want to use the...
> Working on a fix. The core issue here is that Rustls only [sets the process default based on feature selection](https://github.com/rustls/rustls/blob/d484e412ec2653a79765cb8f716049df56ef801e/rustls/src/crypto/mod.rs#L248-L263) when calling `ClientConfig::builder()`, `ServerConfig::builder()`, `WebPkiClientVerifier::builder()` or `WebPkiServerVerifier::builder()`. That makes...
> I've worked around the pain this causes in some places by changing where the builders are instantiated in a local WIP branch but I think to offer the best...
> It occurs to me as an intermediate step we can reproduce the logic local to rustls-ffi. I'm going to experiment with that. I think this works well and I'm...
> stage a downstream update in mod-tls I've been working on this more ([wip branch](https://github.com/apache/httpd/compare/trunk...cpu:httpd:cpu-rustls-ffi-0.14-wip-2024-08-27?expand=1)) and have all the `mod_tls` tests passing save one, [`test/modules/tls/test_10_session_id.py::TestSessionID::test_tls_10_session_id_12`](https://github.com/cpu/httpd/blob/trunk/test/modules/tls/test_10_session_id.py) ([example failure](https://github.com/cpu/httpd/actions/runs/10585065560/job/29330819375)). I'm not sure...
> I'm not sure the best architectural fix for this wrinkle yet. Perhaps the tls_proto_conf_t struct should be changed to hold onto the rustls_supported_ciphersuites directly? I think this turns out...
> I think I'm missing something... As expected, I was missing something :laughing: I see the expected output w/ `httpd@trunk` and `[email protected]` once I updated my config to include the...
> Cargo: version 0.13.0 -> 0.14.0-rc1 I switched the version number from 0.14.0 to 0.14.0-rc1. Despite a bunch of debugging time I still haven't been able to get to the...