Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

examples: ech-client should process all HTTPS records #2278

Merged
merged 8 commits into from
Dec 13, 2024
Merged

examples: ech-client should process all HTTPS records #2278

merged 8 commits into from
Dec 13, 2024

Conversation

cpu
Copy link
Member

@cpu cpu commented Dec 12, 2024
edited
Loading

Previously in the ech-client.rs example we only pulled EchConfigListBytes from the first HTTPS record ech-config SVC param we found when performing a DNS-over-HTTPS lookup using HickoryDNS.

Instead we should process all of the HTTPS records, collect up all of the EchConfigListBytes from each we can, and then use the first compatible ECH config from all of the available lists.

As reported in #2276 you could observe this causing issues when running:

cargo run --package rustls-examples --bin ech-client -- \
   --host curves1-ng.test.defo.ie \
   --path "echstat.php?format=json" \
   public.test.defo.ie curves1-ng.test.defo.ie

Before this change, the client would panic approximately 50% of the time after finding no supported ECH configs from the list in the first HTTPS record. The ECH configs in the other records were not examined.

With this change the client acts as expected and successfully negotiates ECH with the server after finding a good config from the whole set.

Along the way I tried to reduce some of the combinator-soup in favour of simpler logic.

Resolves #2276

@cpu cpu self-assigned this Dec 12, 2024
@cpu
Copy link
Member Author

cpu commented Dec 12, 2024
edited
Loading

As reported in #2276 you could observe this causing issues when running:

cargo run --package rustls-examples --bin ech-client --
--host curves1-ng.test.defo.ie
--path "echstat.php?format=json"
public.test.defo.ie curves1-ng.test.defo.ie

I haven't added this host/config to the daily-test CI job. Perhaps I should?

@codecov Codecov
Copy link

codecov bot commented Dec 12, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.82%. Comparing base (4a58cb2) to head (84b882f).
Report is 8 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2278   +/-   ##
=======================================
  Coverage   94.82%   94.82%           
=======================================
  Files         104      104           
  Lines       24102    24102           
=======================================
  Hits        22855    22855           
  Misses       1247     1247

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@cpu cpu force-pushed the cpu-ech-client-example-update branch from 0816561 to cb01d9f Compare December 12, 2024 19:26
djc
djc reviewed Dec 12, 2024
View reviewed changes
examples/src/bin/ech-client.rs Outdated Show resolved Hide resolved
examples/src/bin/ech-client.rs Outdated Show resolved Hide resolved
examples/src/bin/ech-client.rs Outdated Show resolved Hide resolved
examples/src/bin/ech-client.rs Outdated Show resolved Hide resolved
@cpu cpu force-pushed the cpu-ech-client-example-update branch from cb01d9f to c85c70e Compare December 12, 2024 22:15
djc
djc approved these changes Dec 13, 2024
View reviewed changes
Copy link
Member

@djc djc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, that was a lot easier to review!

examples/src/bin/ech-client.rs Outdated Show resolved Hide resolved
@rustls-benchmarking Rustls Benchmarking
Copy link

rustls-benchmarking bot commented Dec 13, 2024
edited
Loading

Benchmark results

Instruction counts

Significant differences

There are no significant instruction count differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server 10503668 10458305 -45363 (-0.43%) 1.37%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server 10676901 10718520 41619 (0.39%) 1.05%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 8597070 8619949 22879 (0.27%) 0.92%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 3079427 3082386 2959 (0.10%) 0.27%
handshake_no_resume_ring_1.3_ecdsap256_aes_client 3623266 3621013 -2253 (-0.06%) 0.24%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 8595767 8593014 -2753 (-0.03%) 1.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server 10687014 10684631 -2383 (-0.02%) 1.02%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 3080240 3079650 -590 (-0.02%) 0.24%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 1176714 1176810 96 (0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 1174431 1174523 92 (0.01%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client 3624770 3624542 -228 (-0.01%) 0.25%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 2076957 2076846 -111 (-0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 2073892 2073984 92 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client 1925554 1925594 40 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server 28967859 28968147 288 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server 28970271 28969992 -279 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client 28180411 28180240 -171 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server 28891572 28891715 143 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client 27779488 27779392 -96 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server 30420581 30420679 98 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server 30380411 30380317 -94 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client 27845876 27845796 -80 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client 28206424 28206503 79 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client 27841395 27841470 75 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client 28203452 28203525 73 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server 28889434 28889363 -71 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client 27782186 27782118 -68 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client 28210325 28210386 61 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server 28891636 28891678 42 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client 28176423 28176463 40 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server 7566704 7566714 10 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client 27838993 27838965 -28 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client 27786412 27786436 24 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server 30423184 30423206 22 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client 35182570 35182595 25 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server 28969873 28969855 -18 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client 35180663 35180676 13 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server 30380674 30380664 -10 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server 7564562 7564560 -2 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client 28173452 28173459 7 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server 30377807 30377814 7 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_server 46487092 46487102 10 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server 46423836 46423827 -9 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client 58331799 58331788 -11 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_client 58342690 58342701 11 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client 58338935 58338945 10 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server 30423488 30423493 5 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server 80661860 80661850 -10 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 58240726 58240733 7 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client 92710967 92710957 -10 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 92706969 92706960 -9 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server 80540451 80540444 -7 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client 92673025 92673018 -7 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 92704728 92704723 -5 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server 46470690 46470692 2 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server 46477527 46477529 2 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server 80535650 80535648 -2 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client 92663957 92663959 2 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_server 46389595 46389596 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 46456937 46456936 -1 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server 46467812 46467813 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client 58181212 58181213 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 58243605 58243604 -1 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client 58245678 58245679 1 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server 80554932 80554933 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 80641262 80641263 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 80648887 80648886 -1 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client 92674857 92674858 1 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_client 2655918 2655918 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_server 11292436 11292436 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_server 4233520 4233520 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_server 41490398 41490398 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_server 41969798 41969798 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client 40571689 40571689 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client 40277252 40277252 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client 2661785 2661785 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client 40574950 40574950 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_server 1612230 1612230 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server 41972348 41972348 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server 1613606 1613606 0 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 46464556 46464556 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_server 42068138 42068138 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_server 41492451 41492451 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_server 41608658 41608658 0 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client 1717543 1717543 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server 42070498 42070498 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client 4206499 4206499 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_server 11425039 11425039 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_client 4489533 4489533 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_client 2563543 2563543 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_client 40504760 40504760 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server 5019524 5019524 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_client 40281303 40281303 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client 40497499 40497499 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client 40274309 40274309 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client 40179989 40179989 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_client 40186983 40186983 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server 42070688 42070688 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client 40182932 40182932 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server 41610759 41610759 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server 41492499 41492499 0 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server 3872523 3872523 0 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client 3864415 3864415 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server 41610711 41610711 0 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client 1932336 1932336 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server 41972158 41972158 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_server 4698000 4698000 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server 11430994 11430994 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_client 40578950 40578950 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_client 4229019 4229019 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client 40500760 40500760 0 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_client 58225376 58225376 0 (0.00%) 0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes 4.42 ms 4.48 ms 0.05 ms (1.18%) 4.02%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes 5.00 ms 5.05 ms 0.05 ms (1.09%) 2.90%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes 5.07 ms 5.12 ms 0.05 ms (1.07%) 3.37%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes 5.15 ms 5.20 ms 0.05 ms (1.07%) 3.67%
transfer_no_resume_ring_1.3_rsa_aes 6.78 ms 6.84 ms 0.06 ms (0.93%) 2.57%
transfer_no_resume_ring_1.3_ecdsap256_aes 6.29 ms 6.34 ms 0.06 ms (0.90%) 3.06%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 454.40 µs 458.38 µs 3.98 µs (0.88%) 2.56%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes 456.87 µs 460.80 µs 3.93 µs (0.86%) 2.67%
transfer_no_resume_ring_1.2_rsa_aes 6.71 ms 6.76 ms 0.06 ms (0.84%) 2.34%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes 1.09 ms 1.10 ms 0.01 ms (0.68%) 2.28%
handshake_no_resume_ring_1.3_ecdsap256_chacha 495.64 µs 498.96 µs 3.33 µs (0.67%) 2.13%
transfer_no_resume_ring_1.3_ecdsap384_aes 9.38 ms 9.44 ms 0.06 ms (0.60%) 1.92%
handshake_no_resume_ring_1.3_ecdsap256_aes 500.31 µs 502.81 µs 2.50 µs (0.50%) 2.04%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes 1.06 ms 1.07 ms 0.01 ms (0.48%) 2.23%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha 13.53 ms 13.60 ms 0.06 ms (0.48%) 1.24%
transfer_no_resume_ring_1.3_rsa_chacha 13.42 ms 13.48 ms 0.06 ms (0.46%) 1.32%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 13.62 ms 13.68 ms 0.06 ms (0.41%) 1.46%
transfer_no_resume_ring_1.3_ecdsap256_chacha 12.92 ms 12.98 ms 0.05 ms (0.40%) 1.47%
handshake_no_resume_ring_1.3_rsa_aes 990.14 µs 993.83 µs 3.69 µs (0.37%) 1.00%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 12.90 ms 12.95 ms 0.05 ms (0.36%) 1.54%
transfer_no_resume_ring_1.3_ecdsap384_chacha 16.02 ms 16.07 ms 0.05 ms (0.33%) 1.09%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha 1.10 ms 1.11 ms 0.00 ms (0.29%) 3.19%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes 1.18 ms 1.18 ms 0.00 ms (0.27%) 1.00%
handshake_no_resume_ring_1.3_rsa_chacha 990.72 µs 993.33 µs 2.61 µs (0.26%) 1.00%
handshake_session_id_aws_lc_rs_1.3_rsa_aes 4.97 ms 4.99 ms 0.01 ms (0.25%) 1.00%
handshake_tickets_aws_lc_rs_1.3_rsa_aes 5.16 ms 5.17 ms 0.01 ms (0.21%) 1.00%
handshake_session_id_ring_1.2_rsa_aes 1.53 ms 1.53 ms -0.00 ms (-0.21%) 1.03%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes 4.33 ms 4.34 ms 0.01 ms (0.19%) 1.18%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 1.18 ms 1.18 ms 0.00 ms (0.19%) 1.09%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha 4.94 ms 4.95 ms 0.01 ms (0.18%) 1.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes 4.52 ms 4.53 ms 0.01 ms (0.17%) 1.28%
handshake_tickets_ring_1.2_rsa_aes 1.62 ms 1.62 ms -0.00 ms (-0.15%) 1.08%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes 5.24 ms 5.25 ms 0.01 ms (0.15%) 1.01%
handshake_no_resume_ring_1.2_rsa_aes 990.47 µs 991.90 µs 1.44 µs (0.15%) 1.13%
handshake_no_resume_ring_1.3_ecdsap384_aes 3.59 ms 3.60 ms 0.00 ms (0.13%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes 5.05 ms 5.05 ms 0.01 ms (0.11%) 1.00%
handshake_tickets_ring_1.3_ecdsap256_chacha 6.33 ms 6.34 ms 0.01 ms (0.09%) 1.00%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha 5.15 ms 5.15 ms 0.00 ms (0.08%) 1.24%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha 4.50 ms 4.50 ms 0.00 ms (0.07%) 1.09%
handshake_session_id_aws_lc_rs_1.2_rsa_aes 1.61 ms 1.61 ms 0.00 ms (0.06%) 1.39%
handshake_tickets_ring_1.3_rsa_aes 6.88 ms 6.88 ms -0.00 ms (-0.05%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha 5.02 ms 5.01 ms -0.00 ms (-0.05%) 1.16%
handshake_session_id_ring_1.3_ecdsap256_chacha 6.26 ms 6.26 ms 0.00 ms (0.04%) 1.00%
handshake_session_id_ring_1.3_rsa_chacha 6.75 ms 6.76 ms 0.00 ms (0.03%) 1.00%
handshake_session_id_ring_1.3_ecdsap384_chacha 9.35 ms 9.35 ms 0.00 ms (0.03%) 1.00%
handshake_tickets_ring_1.3_ecdsap384_chacha 9.42 ms 9.42 ms -0.00 ms (-0.02%) 1.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha 5.22 ms 5.22 ms -0.00 ms (-0.02%) 1.00%
handshake_no_resume_ring_1.3_ecdsap384_chacha 3.59 ms 3.59 ms 0.00 ms (0.02%) 1.00%
handshake_session_id_ring_1.3_ecdsap384_aes 9.40 ms 9.40 ms 0.00 ms (0.02%) 1.00%
handshake_tickets_ring_1.3_rsa_chacha 6.82 ms 6.82 ms 0.00 ms (0.02%) 1.00%
handshake_session_id_ring_1.3_ecdsap256_aes 6.31 ms 6.31 ms -0.00 ms (-0.02%) 1.00%
handshake_tickets_ring_1.3_ecdsap384_aes 9.48 ms 9.48 ms -0.00 ms (-0.01%) 1.00%
handshake_tickets_aws_lc_rs_1.2_rsa_aes 1.78 ms 1.78 ms 0.00 ms (0.01%) 1.60%
handshake_session_id_ring_1.3_rsa_aes 6.81 ms 6.81 ms 0.00 ms (0.01%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha 4.30 ms 4.30 ms 0.00 ms (0.01%) 1.01%
handshake_tickets_ring_1.3_ecdsap256_aes 6.39 ms 6.39 ms 0.00 ms (0.01%) 1.00%

Additional information

Historical results

Checkout details:

@cpu cpu force-pushed the cpu-ech-client-example-update branch from df2f66e to 5e0fc07 Compare December 13, 2024 15:22
cpu added 8 commits December 13, 2024 10:25
@cpu
examples/ech-client: return Result from main
3f08f79 
This allows us to remove a bunch of `unwrap()`'s from `main()`,
simplifying the code.
@cpu
examples/ech-client: make read_ech() return Result
fd5b941
@cpu
examples/ech-client: make lookup_ech_config return Result
94ed2bf
@cpu
examples/ech-client: avoid opaque Into::into
9a3b896
@cpu
examples/ech-client: reduce scope of DNS bits
eb1f673 
Move the `resolver_config` into the match arm that uses it. Inline the
`Resolver` since it isn't used anywhere except as an arg to
`lookup_ech_configs()`.
@cpu
examples/ech-client: process all HTTPS records
664029f 
Previously we only looked at the first HTTPS record's ech-config SCVB
param. We should instead collect up the `EchConfigListBytes` from all
available HTTPS records.

With the list of config lists in hand we should only error if none of
the ECH configs across the whole set are compatible.
@cpu
examples/ech-client: reduce rightward drift
3350ffb
@cpu
examples/ech-client: improve rustdoc intro comment
84b882f 
This updates the documentation to match the more realistic invocation
being used in the CI daily-tests.yml job.

It also adds a bit more prose to clarify the overall process and where
the outer/inner hostnames are used.
@cpu cpu force-pushed the cpu-ech-client-example-update branch from 5e0fc07 to 84b882f Compare December 13, 2024 15:26
@cpu cpu requested a review from ctz December 13, 2024 15:35
ctz
ctz approved these changes Dec 13, 2024
View reviewed changes
Copy link
Member

@ctz ctz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

(Do we need to sync tests/ech_fetch.rs in rustls-ffi? I guess probably not with any urgency given it is just test infra...)

@cpu cpu mentioned this pull request Dec 13, 2024
Closed
@cpu
Copy link
Member Author

cpu commented Dec 13, 2024

(Do we need to sync tests/ech_fetch.rs in rustls-ffi? I guess probably not with any urgency given it is just test infra...)

Yeah, the client.c example will also need an update. I filed rustls/rustls-ffi#503 for this before I forget. I think I can pick it up next week.

@cpu cpu added this pull request to the merge queue Dec 13, 2024
Merged via the queue into rustls:main with commit 49fe8de Dec 13, 2024
32 checks passed
@cpu cpu deleted the cpu-ech-client-example-update branch December 13, 2024 16:31
@cpu cpu mentioned this pull request Dec 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ctz ctz ctz approved these changes

@djc djc djc approved these changes

Assignees

@cpu cpu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

example ech-client.rs panics on some URLs
3 participants
@cpu @djc @ctz