{"id":18552742,"url":"https://github.com/kkocdko/tlsimple","last_synced_at":"2025-04-09T22:32:03.046Z","repository":{"id":191300701,"uuid":"670764497","full_name":"kkocdko/tlsimple","owner":"kkocdko","description":"TLS for async Rust, with Mbed-TLS.","archived":true,"fork":false,"pushed_at":"2024-01-06T11:43:25.000Z","size":227,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-05T04:39:29.541Z","etag":null,"topics":["rust","ssl","tls"],"latest_commit_sha":null,"homepage":"https://crates.io/crates/tlsimple","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kkocdko.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2023-07-25T19:32:09.000Z","updated_at":"2025-03-09T03:17:53.000Z","dependencies_parsed_at":"2024-01-06T02:34:04.695Z","dependency_job_id":"32c9568b-2554-45ac-ba4b-4e6d84c53c82","html_url":"https://github.com/kkocdko/tlsimple","commit_stats":null,"previous_names":["kkocdko/tlsimple"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kkocdko%2Ftlsimple","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kkocdko%2Ftlsimple/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kkocdko%2Ftlsimple/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kkocdko%2Ftlsimple/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kkocdko","download_url":"https://codeload.github.com/kkocdko/tlsimple/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248123795,"owners_count":21051534,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["rust","ssl","tls"],"created_at":"2024-11-06T21:15:00.772Z","updated_at":"2025-04-09T22:32:02.656Z","avatar_url":"https://github.com/kkocdko.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# tlsimple\n\nTLS for async Rust, with [Mbed-TLS](https://github.com/Mbed-TLS/mbedtls).\n\n## Features\n\n- Out of the box. Only a C compiler is required (unlike OpenSSL which needs perl + autoconf + automake + many more).\n\n- Async and blocking support, server and client mode. Also provide `HttpsConnector` for Hyper (0.14) client.\n\n- Lightweight. As a thin layer (\u003c 2K Lines) with few dependencies. Binary size about 700 KiB smaller than rustls, 2 MiB smaller than rust-openssl.\n\n## Performance\n\nWIP\n\n## Roadmap\n\n- [x] Run Mbed-TLS demo.\n- [x] Use Mbed-TLS BIO (I/O abstraction).\n- [x] Try to figure out if Mbed-TLS is easy to strip.\n- [x] Build Mbed-TLS with AddressSanitizer.\n- [x] Build Rust executable with AddressSanitizer.\n- [x] Rust binding prototype worked.\n- [x] Fully control the build progress, use only gcc / ar command.\n- [x] Fix LeakSanitizer.\n- [x] Compile with the Rust cc crate.\n- [x] Bind to Rust.\n- [x] Bind to Rust with async.\n- [ ] Miri, Loom, ThreadSanitizer and more.\n- [x] Set ALPN to use HTTP 2.\n- [x] Client mode.\n- [x] Implement Client mode cert vetify.\n- [ ] Test client mode cert vetify works.\n- [x] Client with Hyper 0.14.\n- [x] Client with Hyper 1.0.\n- [x] Deploy on Tokio current-thread runtime.\n- [x] Fix crach on Tokio multi-thread runtime.\n- [x] Bench OpenSSL and Mbed-TLS.\n- [x] Strip more.\n- [x] Test if works in Windows.\n- [x] TLS 1.3 in C.\n- [x] TLS 1.3 in Rust.\n- [ ] ~~Use mbedtls_ssl_cache_context to speed up.~~\n- [x] Use context pool to improve performance.\n- [x] Improve multi-thread performance.\n- [x] Bench and compare with OpenSSL / Rustls.\n- [ ] Better error code to name convert.\n- [x] CI by GitHub Actions.\n- [x] Handle underlying io errors.\n- [ ] More about close notify?\n- [x] Port init script to build.rs.\n- [ ] ~~Kernel TLS offload~~.\n- [x] Deploy on ksite.\n- [ ] Publish \u0026 Announce.\n\n## Thanks\n\n- https://github.com/Mbed-TLS/mbedtls\n\n- https://github.com/tokio-rs/tokio-openssl\n\n- https://github.com/fortanix/rust-mbedtls\n\n- https://curl.se/docs/ssl-compared.html\n\n\u003c!--\n\ntlsimple (174 deps)  =  5783792 Aug 17 19:52 ksite\nrustls (183 deps)    =  6479280 Aug 17 20:10 ksite\n\n./bombardier -a -d 4s -c 96 https://127.0.0.1:9304/\n\nhttps://frippery.org/files/busybox/busybox-w32-FRP-5181-g5c1a3b00e.exe\n\nhttps://github.com/rmyorston/busybox-w32\n\nhttps://github.com/monoio-rs/monoio-tls\n\nhttps://github.com/Mbed-TLS/mbedtls/pull/5969\n\nhttps://openwrt.org/releases/23.05/notes-23.05.0-rc2#switch_from_wolfssl_to_mbedtls_as_default\n\nhttps://dev.mysql.com/blog-archive/mysql-is-openssl-only-now/\n\nhttps://curl.se/docs/ssl-compared.html\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS\n\nhttps://github.com/rust-lang/cc-rs/issues/242\n\nhttps://www.wolfssl.com/documentation/manuals/wolfssl/chapter02.html\n\nhttps://doc.rust-lang.org/cargo/reference/manifest.html#the-exclude-and-include-fields\n\nhttps://mbed-tls.readthedocs.io/projects/api/en/development/api/file/net__sockets_8h/#net__sockets_8h_1a4841afd0e14f1fd44b82c3a850961ab7\n\nhttps://github.com/Mbed-TLS/mbedtls/tree/development/programs/ssl\n\nhttps://github.com/Mbed-TLS/mbedtls/blob/963513dba56991e2c741290841e2f33b9398ea52/programs/ssl/ssl_server2.c#L2855\n\nhttps://github.com/Mbed-TLS/mbedtls/blob/development/programs/ssl/mini_client.c\n\nhttps://github.com/sfackler/hyper-openssl/blob/master/src/lib.rs\n\nhttps://mbed-tls.readthedocs.io/projects/api/en/development/api/file/x509__crt_8h/#:~:text=int%20mbedtls_x509_crt_verify(mbedtls_x509_crt\n\nhttps://github.com/travis-ci/travis-ci/issues/4704#issuecomment-348435959\n\n--\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e简体中文\u003c/summary\u003e\n\n\u003e tlsimple\n\n为 Rust 提供轻巧的 TLS 支持，基于 [Mbed-TLS](https://github.com/Mbed-TLS/mbedtls)。\n\n## 特性\n\n- 支持异步与同步，服务端与客户端模式。同时为 Hyper 客户端提供 `HttpsConnector`。\n\n\u003e 翻译仍在进行中...\n\n\u003c/details\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkkocdko%2Ftlsimple","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkkocdko%2Ftlsimple","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkkocdko%2Ftlsimple/lists"}