TLSService mini-release


(Gelareh Taban) #1

It would also be a good idea to test out this TLS library with the HTTP
work that is being done right now.

···

From: Gelareh Taban via swift-server-dev <swift-server-dev@swift.org>
To: swift-server-dev@swift.org
Date: 06/28/2017 12:40 PM
Subject: [swift-server-dev] TLSService mini-release
Sent by: swift-server-dev-bounces@swift.org

Hi all,

A quick update on TLS library update.

I have an implementation of the protocol proposed earlier:
https://lists.swift.org/pipermail/swift-server-dev/Week-of-Mon-20170320/000298.html

I have spoken with Tanner Nelson about this proposal and its integration
into Vapor. This led to some discussion on an alternative protocol proposal
that hopefully will be followed up on!

For now, I would like to throw this code out for public review. Please
review below and let's look at what needs to get done.

The protocols are defined in:
https://github.com/gtaban/security

There are 2 protocols: Connection and TLSService.
- Connection abstracts away the connection protocol, eg socket and defines
what we need from the connection end point.
- TLSService defines the TLS behavior.

The implementation of the TLSService protocol (using OpenSSL and
SecureTransport) is:
https://github.com/gtaban/TLSService

For tests, I needed a transport layer and since we are constrained by SPM's
lack of test-only dependencies, I had to include the socket dependency.
However this would have caused problems when people import TLSService so I
created a Release branch, removed the socket dependency and tagged that at
0.0.1

The implementation of the Connection protocol using BlueSocket and Ckit is
below:
https://github.com/gtaban/BlueSocket (TLSService branch)
https://github.com/gtaban/CKit

Although right now I use BlueSocket for tests, I have Ckit more or less
working as well and will integrate soon. Please open issues for any bugs,
missing features, etc:
https://github.com/gtaban/TLSService/issues

Shout out to Bill Abt for writing the original SSLService which this is
based on.

Looking forward to everyone

_______________________________________________
swift-server-dev mailing list
swift-server-dev@swift.org
https://lists.swift.org/mailman/listinfo/swift-server-dev