reuse tlsconfig as transport.quic + do not import quic unless feature…

… enabled

also chnage openssl version to * to track native-tls

Cargo.toml

@@ -76,7 +76,7 @@ atty = "0.2"
 quinn = { version = "0.8.0", optional = true}
 rustls = { version = "*", default-features = false, features = ["quic"], optional = true }
 rustls-pemfile = { version = "*", optional = true }
-openssl = { version = "0.10.38", optional = true }
+openssl = { version = "*", optional = true }
 futures-util = { version = "*", optional = true}
 
 [build-dependencies]

src/config.rs

@@ -104,6 +104,7 @@ pub struct TransportConfig {
     pub transport_type: TransportType,
     pub tls: Option<TlsConfig>,
     pub noise: Option<NoiseConfig>,
+    pub quic: Option<TlsConfig>,  // reuse TLSconfig since QUIC uses TLS1.3
 }
 
 fn default_transport() -> TransportConfig {
@@ -188,27 +189,37 @@ impl Config {
         Ok(())
     }
 
+    fn validate_tls_config(tls_config: &TlsConfig, is_server:  bool) -> Result<()>{
+        if is_server {
+            tls_config
+                .pkcs12
+                .as_ref()
+                .and(tls_config.pkcs12_password.as_ref())
+                .ok_or(anyhow!("Missing `pkcs12` or `pkcs12_password`"))?;
+        } else {
+            tls_config
+                .trusted_root
+                .as_ref()
+                .ok_or(anyhow!("Missing `trusted_root`"))?;
+        }
+        Ok(())
+    }
     fn validate_transport_config(config: &TransportConfig, is_server: bool) -> Result<()> {
         match config.transport_type {
             TransportType::Tcp => Ok(()),
-            TransportType::Quic | TransportType::Tls => {
+            TransportType::Tls => {
                 let tls_config = config
                     .tls
                     .as_ref()
                     .ok_or(anyhow!("Missing TLS configuration"))?;
-                if is_server {
-                    tls_config
-                        .pkcs12
-                        .as_ref()
-                        .and(tls_config.pkcs12_password.as_ref())
-                        .ok_or(anyhow!("Missing `pkcs12` or `pkcs12_password`"))?;
-                } else {
-                    tls_config
-                        .trusted_root
-                        .as_ref()
-                        .ok_or(anyhow!("Missing `trusted_root`"))?;
-                }
-                Ok(())
+                Config::validate_tls_config(tls_config, is_server)
+            }
+            TransportType::Quic => {
+                let tls_config = config
+                    .quic
+                    .as_ref()
+                    .ok_or(anyhow!("Missing QUIC configuration"))?;
+                Config::validate_tls_config(tls_config, is_server)
             }
             TransportType::Noise => {
                 // The check is done in transport

src/server.rs

@@ -7,7 +7,7 @@ use crate::protocol::{
     self, read_auth, read_hello, Ack, ControlChannelCmd, DataChannelCmd, Hello, UdpTraffic,
     HASH_WIDTH_IN_BYTES,
 };
-use crate::transport::{QuicTransport, TcpTransport, Transport};
+use crate::transport::{TcpTransport, Transport};
 use anyhow::{anyhow, bail, Context, Result};
 use backoff::backoff::Backoff;
 use backoff::ExponentialBackoff;
@@ -26,6 +26,8 @@ use tracing::{debug, error, info, info_span, instrument, warn, Instrument, Span}
 use crate::transport::NoiseTransport;
 #[cfg(feature = "tls")]
 use crate::transport::TlsTransport;
+#[cfg(feature = "quic")]
+use crate::transport::QuicTransport;
 
 type ServiceDigest = protocol::Digest; // SHA256 of a service name
 type Nonce = protocol::Digest; // Also called `session_key`

src/transport/quic.rs

@@ -123,10 +123,10 @@ impl Transport for QuicTransport {
     type Stream = QuicBiStream;
 
     async fn new(config: &TransportConfig) -> Result<Self> {
-        let config = match &config.tls {
+        let config = match &config.quic {
             Some(v) => v,
             None => {
-                return Err(anyhow!("Missing tls config"));
+                return Err(anyhow!("Missing tls config: {:?}", config));
             }
         };
 
@@ -169,6 +169,7 @@ impl Transport for QuicTransport {
         let pkcs12 =
             Pkcs12::from_der(buf.as_slice()).with_context(|| "Failed to open `tls.pkcs12`")?;
 
+
         let parsed = pkcs12
             .parse(self.config.pkcs12_password.as_ref().unwrap())
             .with_context(|| "Could not decrypt  `tls.pkcs12` using `tls.pkcs12_password`")?;

tests/for_tcp/quic_transport.toml

@@ -4,7 +4,7 @@ default_token = "default_token_if_not_specify"
 
 [client.transport]
 type = "quic"
-[client.transport.tls]
+[client.transport.quic]
 trusted_root = "examples/tls/test_ca.pem"
 hostname = "testserver"
 
@@ -19,7 +19,7 @@ default_token = "default_token_if_not_specify"
 
 [server.transport]
 type = "quic"
-[server.transport.tls]
+[server.transport.quic]
 pkcs12 = "examples/tls/test_server.pfx"
 pkcs12_password = "1234"
 

tests/for_udp/quic_transport.toml

@@ -4,7 +4,7 @@ default_token = "default_token_if_not_specify"
 
 [client.transport]
 type = "quic"
-[client.transport.tls]
+[client.transport.quic]
 trusted_root = "examples/tls/test_ca.pem"
 hostname = "testserver"
 
@@ -21,7 +21,7 @@ default_token = "default_token_if_not_specify"
 
 [server.transport]
 type = "quic"
-[server.transport.tls]
+[server.transport.quic]
 pkcs12 = "examples/tls/test_server.pfx"
 pkcs12_password = "1234"