build(deps): update s2n-tls requirement from =0.0.39 to =0.0.41 (#2031)

dependabot[bot] · web-flow · commit 72a000427d04 · 2023-11-17T02:14:54.000Z
Updates the requirements on [s2n-tls](https://github.com/aws/s2n-tls) to permit the latest version. - [Release notes](https://github.com/aws/s2n-tls/releases) - [Commits](https://github.com/aws/s2n-tls/commits) --- updated-dependencies: - dependency-name: s2n-tls dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/examples/async-client-hello-callback/src/bin/quic_async_client_hello_callback_server.rs b/examples/async-client-hello-callback/src/bin/quic_async_client_hello_callback_server.rs
@@ -5,12 +5,10 @@ use moka::sync::Cache;
 use rand::{distributions::WeightedIndex, prelude::*};
 use s2n_quic::{
     provider::tls::s2n_tls::{
-        s2n_tls::{
-            callbacks::{ConfigResolver, ConnectionFuture},
-            config::Config,
-            error::Error as S2nError,
-        },
-        ClientHelloCallback, Connection,
+        callbacks::{ClientHelloCallback, ConfigResolver, ConnectionFuture},
+        config::Config,
+        connection::Connection,
+        error::Error as S2nError,
     },
     Server,
 };
diff --git a/examples/resumption/Cargo.toml b/examples/resumption/Cargo.toml
@@ -5,5 +5,4 @@ edition = "2021"
 
 [dependencies]
 s2n-quic = { version = "1", path = "../../quic/s2n-quic", features = ["provider-tls-s2n", "unstable_resumption"]}
-s2n-tls = { version = "=0.0.39", features = ["quic"] }
 tokio = { version = "1", features = ["full"] }
diff --git a/examples/resumption/src/bin/server.rs b/examples/resumption/src/bin/server.rs
@@ -1,7 +1,7 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-use s2n_quic::provider::tls::s2n_tls::{ConfigLoader, ConnectionContext, Server};
+use s2n_quic::provider::tls::s2n_tls::Server;
 use std::{error::Error, time::SystemTime};
 
 pub static CERT_PEM: &str = include_str!(concat!(
@@ -17,35 +17,18 @@ pub static KEY_PEM: &str = include_str!(concat!(
 pub static TICKET_KEY: [u8; 16] = [0; 16];
 pub static TICKET_KEY_NAME: &[u8] = "keyname".as_bytes();
 
-struct ResumptionConfig;
-
-impl ResumptionConfig {
-    fn build() -> Result<s2n_tls::config::Config, s2n_tls::error::Error> {
-        let mut config_builder = s2n_tls::config::Builder::new();
-        config_builder
-            .enable_session_tickets(true)?
-            .add_session_ticket_key(TICKET_KEY_NAME, &TICKET_KEY, SystemTime::now())?
-            .load_pem(CERT_PEM.as_bytes(), KEY_PEM.as_bytes())?
-            .set_security_policy(&s2n_tls::security::DEFAULT_TLS13)?
-            .enable_quic()?
-            .set_application_protocol_preference([b"h3"])?;
-        config_builder.build()
-    }
-}
-
-impl ConfigLoader for ResumptionConfig {
-    fn load(&mut self, _cx: ConnectionContext) -> s2n_tls::config::Config {
-        Self::build().expect("Config builder failed")
-    }
-}
-
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn Error>> {
-    let tls = Server::from_loader(ResumptionConfig);
+    let mut tls = Server::builder().with_certificate(CERT_PEM, KEY_PEM)?;
+
+    tls.config_mut()
+        .add_session_ticket_key(TICKET_KEY_NAME, &TICKET_KEY, SystemTime::now())?;
+
     let mut server = s2n_quic::Server::builder()
-        .with_tls(tls)?
+        .with_tls(tls.build()?)?
         .with_io("127.0.0.1:4433")?
         .start()?;
+
     while let Some(mut connection) = server.accept().await {
         // spawn a new task for the connection
         tokio::spawn(async move {
diff --git a/netbench/netbench-driver/Cargo.toml b/netbench/netbench-driver/Cargo.toml
@@ -16,8 +16,8 @@ netbench = { version = "0.1", path = "../netbench" }
 probe = "0.5"
 s2n-quic = { path = "../../quic/s2n-quic", features = ["provider-tls-s2n"] }
 s2n-quic-core = { path = "../../quic/s2n-quic-core", features = ["testing"] }
-s2n-tls = { version = "0.0.39" }
-s2n-tls-tokio = { version = "0.0.39" }
+s2n-tls = { version = "0.0.41" }
+s2n-tls-tokio = { version = "0.0.41" }
 structopt = "0.3"
 tokio = { version = "1", features = ["io-util", "net", "time", "rt-multi-thread"] }
 tokio-native-tls = "0.3"
diff --git a/quic/s2n-quic-tls/Cargo.toml b/quic/s2n-quic-tls/Cargo.toml
@@ -21,7 +21,7 @@ libc = "0.2"
 s2n-codec = { version = "=0.31.0", path = "../../common/s2n-codec", default-features = false }
 s2n-quic-core = { version = "=0.31.0", path = "../s2n-quic-core", default-features = false, features = ["alloc"] }
 s2n-quic-crypto = { version = "=0.31.0", path = "../s2n-quic-crypto", default-features = false }
-s2n-tls = { version = "=0.0.39", features = ["quic"] }
+s2n-tls = { version = "=0.0.41", features = ["quic"] }
 
 [dev-dependencies]
 checkers = "0.6"
diff --git a/quic/s2n-quic-tls/src/client.rs b/quic/s2n-quic-tls/src/client.rs
@@ -84,6 +84,10 @@ impl Default for Builder {
 }
 
 impl Builder {
+    pub fn config_mut(&mut self) -> &mut s2n_tls::config::Builder {
+        &mut self.config
+    }
+
     pub fn with_application_protocols<P: IntoIterator<Item = I>, I: AsRef<[u8]>>(
         mut self,
         protocols: P,
diff --git a/quic/s2n-quic-tls/src/lib.rs b/quic/s2n-quic-tls/src/lib.rs
@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use s2n_quic_core::application::ServerName;
-use s2n_tls::config::Config;
 
 /// Ensure memory is correctly managed in tests
 #[cfg(test)]
@@ -23,26 +22,26 @@ pub struct ConnectionContext<'a> {
 ///
 /// This trait can be implemented to override the default config loading for a QUIC endpoint
 pub trait ConfigLoader: 'static + Send {
-    fn load(&mut self, cx: ConnectionContext) -> Config;
+    fn load(&mut self, cx: ConnectionContext) -> config::Config;
 }
 
-impl ConfigLoader for Config {
+impl ConfigLoader for config::Config {
     #[inline]
-    fn load(&mut self, _cx: ConnectionContext) -> Config {
+    fn load(&mut self, _cx: ConnectionContext) -> config::Config {
         self.clone()
     }
 }
 
-impl<T: FnMut(ConnectionContext) -> Config + Send + 'static> ConfigLoader for T {
+impl<T: FnMut(ConnectionContext) -> config::Config + Send + 'static> ConfigLoader for T {
     #[inline]
-    fn load(&mut self, cx: ConnectionContext) -> Config {
+    fn load(&mut self, cx: ConnectionContext) -> config::Config {
         (self)(cx)
     }
 }
 
 impl ConfigLoader for Box<dyn ConfigLoader> {
     #[inline]
-    fn load(&mut self, cx: ConnectionContext) -> Config {
+    fn load(&mut self, cx: ConnectionContext) -> config::Config {
         (**self).load(cx)
     }
 }
@@ -57,12 +56,8 @@ pub mod client;
 pub mod server;
 
 pub use client::Client;
+pub use s2n_tls::*;
 pub use server::Server;
 
-// Re-export the `ClientHelloHandler` and `Connection` to make it easier for users
-// to consume. This depends on experimental behavior in s2n-tls.
-#[cfg(any(test, all(s2n_quic_unstable, feature = "unstable_client_hello")))]
-pub use s2n_tls::{self, callbacks::ClientHelloCallback, connection::Connection};
-
 #[cfg(test)]
 mod tests;
diff --git a/quic/s2n-quic-tls/src/tests.rs b/quic/s2n-quic-tls/src/tests.rs
@@ -210,6 +210,27 @@ fn s2n_client_with_fixed_hostname_auth(host_name: &str) -> Result<client::Client
         .build()
 }
 
+fn s2n_client_with_resumption() -> Result<client::Client, Error> {
+    let mut builder = client::Builder::default().with_certificate(CERT_PEM)?;
+
+    struct TicketCallback;
+
+    impl s2n_tls::callbacks::SessionTicketCallback for TicketCallback {
+        fn on_session_ticket(
+            &self,
+            _connection: &mut Connection,
+            _session_ticket: &s2n_tls::callbacks::SessionTicket,
+        ) {
+        }
+    }
+
+    let cb = TicketCallback;
+    builder.config_mut().set_session_ticket_callback(cb)?;
+    builder.config_mut().enable_session_tickets(true)?;
+
+    builder.build()
+}
+
 fn s2n_server() -> server::Server {
     server::Builder::default()
         .with_certificate(CERT_PEM, KEY_PEM)
@@ -320,11 +341,14 @@ fn s2n_client_s2n_server_test() {
 #[test]
 #[cfg_attr(miri, ignore)]
 fn s2n_client_s2n_server_resumption_test() {
-    let mut client_endpoint = s2n_client();
+    let mut client_endpoint = s2n_client_with_resumption().unwrap();
     let mut server_endpoint = s2n_server_with_resumption();
 
     let pair = run_result(&mut server_endpoint, &mut client_endpoint, None).unwrap();
-    assert!(!pair.client.context.application.rx.is_empty());
+    assert!(
+        !pair.client.context.application.rx.is_empty(),
+        "expected session ticket message in RX"
+    );
 }
 
 #[test]
@@ -334,7 +358,10 @@ fn rustls_client_s2n_server_resumption_test() {
     let mut server_endpoint = s2n_server_with_resumption();
 
     let pair = run_result(&mut server_endpoint, &mut client_endpoint, None).unwrap();
-    assert!(!pair.client.context.application.rx.is_empty());
+    assert!(
+        !pair.client.context.application.rx.is_empty(),
+        "expected session ticket message in RX"
+    );
 }
 
 #[test]
