Skip to content

Reorganize extensions testing #2443

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

Reorganize extensions testing #2443

wants to merge 4 commits into from

Conversation

ctz
Copy link
Member

@ctz ctz commented Apr 30, 2025

The goal of this PR is to provide a single internal API surface for all our extension testing needs. A similar idea was previously included in #1475; this is a variation that replaces that.

That allows us to remove ClientExtension and ServerExtension from rustls::internals, and then further privatize types that were reachable from there.

@ctz ctz force-pushed the jbp-extensions-testing branch from ded2878 to be959e7 Compare April 30, 2025 11:09
@rustls-benchmarking Rustls Benchmarking
Copy link

rustls-benchmarking bot commented Apr 30, 2025
edited
Loading

Benchmark results

Instruction counts

Significant differences

There are no significant instruction count differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server 11537022 11578554 41532 (0.36%) 1.05%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server 11575222 11591530 16308 (0.14%) 1.64%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server 10452721 10462907 10186 (0.10%) 1.19%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 9950691 9956796 6105 (0.06%) 0.99%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client 78725615 78681377 -44238 (-0.06%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 9953988 9958625 4637 (0.05%) 0.91%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 4748042 4745853 -2189 (-0.05%) 0.33%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client 78464806 78498865 34059 (0.04%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client 78426771 78459721 32950 (0.04%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 4749469 4751302 1833 (0.04%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server 56571513 56550679 -20834 (-0.04%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server 55275213 55292251 17038 (0.03%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server 55207706 55224118 16412 (0.03%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client 78712144 78728642 16498 (0.02%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client 78680736 78664534 -16202 (-0.02%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client 3587251 3586565 -686 (-0.02%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 2914099 2913550 -549 (-0.02%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client 78505796 78491436 -14360 (-0.02%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client 3580182 3579571 -611 (-0.02%) 1.34%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client 78717780 78705319 -12461 (-0.02%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server 56558913 56550754 -8159 (-0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server 56600988 56609138 8150 (0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client 78684656 78695885 11229 (0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 2003750 2004026 276 (0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server 55292482 55285206 -7276 (-0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client 78515628 78505826 -9802 (-0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client 78710168 78719759 9591 (0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server 56605362 56598951 -6411 (-0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server 56591429 56597570 6141 (0.01%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client 3305915 3305582 -333 (-0.01%) 0.26%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server 56559432 56565001 5569 (0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server 55289408 55284306 -5102 (-0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 2910805 2910608 -197 (-0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 2001370 2001255 -115 (-0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client 78467010 78469797 2787 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client 78458460 78455890 -2570 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_client 3304476 3304370 -106 (-0.00%) 0.26%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server 55216275 55217735 1460 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server 55220221 55218912 -1309 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 58227969 58227326 -643 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server 1296679 1296666 -13 (-0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client 1719743 1719747 4 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server 7229076 7229084 8 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client 34744014 34744039 25 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client 34742315 34742300 -15 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server 7227115 7227117 2 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_server 46189325 46189314 -11 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server 46291024 46291015 -9 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_client 58148982 58148972 -10 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_server 46284282 46284289 7 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server 80545424 80545415 -9 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client 92662821 92662828 7 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client 92685290 92685297 7 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 80645570 80645576 6 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server 46397781 46397778 -3 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 46450204 46450201 -3 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client 92717530 92717525 -5 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client 58124575 58124578 3 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server 80637669 80637666 -3 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client 58117362 58117360 -2 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client 58157303 58157301 -2 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 92691424 92691427 3 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 92691975 92691972 -3 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server 80533889 80533887 -2 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server 46452709 46452710 1 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 46461252 46461251 -1 (-0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_client 58035395 58035394 -1 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client 3876267 3876267 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server 5012134 5012134 0 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 80634528 80634528 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server 32451180 32451180 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client 4218370 4218370 0 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 58226791 58226791 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_client 2246298 2246298 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_server 4298144 4298144 0 (0.00%) 0.25%
handshake_session_id_ring_1.3_ecdsap256_chacha_server 31990744 31990744 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client 30929086 30929086 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_server 31987783 31987783 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_client 4569708 4569708 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_server 4757720 4757720 0 (0.00%) 0.24%
handshake_tickets_ring_1.3_rsa_chacha_client 31160522 31160522 0 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client 58251610 58251610 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_client 30933264 30933264 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server 32451138 32451138 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_client 2334066 2334066 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client 31156472 31156472 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client 30837796 30837796 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client 92653697 92653697 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client 2339715 2339715 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server 32112593 32112593 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_server 11000039 11000039 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_client 31231793 31231793 0 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server 3867855 3867855 0 (0.00%) 0.27%
handshake_tickets_ring_1.3_rsa_aes_server 32550089 32550089 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server 46294533 46294533 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_server 32109433 32109433 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client 30835051 30835051 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_client 30841974 30841974 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server 31990943 31990943 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_server 1295484 1295484 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_server 32448134 32448134 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client 31227743 31227743 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_server 11128086 11128086 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server 32553135 32553135 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server 11133847 11133847 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client 31224515 31224515 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_client 4306164 4306164 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server 32112394 32112394 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server 32553048 32553048 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client 31153265 31153265 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client 30926341 30926341 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server 80540623 80540623 0 (0.00%) 0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
transfer_no_resume_aws_lc_rs_1.2_rsa_aes 5.06 ms 5.02 ms -0.04 ms (-0.72%) 6.74%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes 5.40 ms 5.36 ms -0.04 ms (-0.69%) 6.19%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes 5.33 ms 5.29 ms -0.04 ms (-0.69%) 6.11%
handshake_no_resume_ring_1.3_ecdsap256_aes 479.25 µs 476.01 µs -3.24 µs (-0.68%) 4.43%
transfer_no_resume_ring_1.3_ecdsap256_aes 5.40 ms 5.36 ms -0.04 ms (-0.67%) 6.21%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes 4.70 ms 4.67 ms -0.03 ms (-0.66%) 6.70%
handshake_no_resume_ring_1.3_ecdsap256_chacha 474.96 µs 472.02 µs -2.94 µs (-0.62%) 4.77%
transfer_no_resume_ring_1.2_rsa_aes 5.82 ms 5.78 ms -0.03 ms (-0.59%) 6.13%
transfer_no_resume_ring_1.3_rsa_aes 5.89 ms 5.86 ms -0.03 ms (-0.57%) 5.74%
handshake_tickets_aws_lc_rs_1.2_rsa_aes 1.79 ms 1.78 ms -0.01 ms (-0.55%) 4.45%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 662.48 µs 658.82 µs -3.67 µs (-0.55%) 4.36%
handshake_session_id_aws_lc_rs_1.2_rsa_aes 1.61 ms 1.60 ms -0.01 ms (-0.50%) 3.57%
transfer_no_resume_ring_1.3_ecdsap384_aes 8.50 ms 8.46 ms -0.04 ms (-0.45%) 3.82%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha 10.67 ms 10.63 ms -0.04 ms (-0.39%) 2.24%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha 11.35 ms 11.31 ms -0.04 ms (-0.37%) 2.21%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes 11.39 ms 11.35 ms -0.04 ms (-0.36%) 1.53%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha 10.48 ms 10.45 ms -0.04 ms (-0.36%) 1.76%
handshake_session_id_ring_1.2_rsa_aes 1.52 ms 1.51 ms -0.01 ms (-0.34%) 1.98%
handshake_tickets_ring_1.3_rsa_aes 6.12 ms 6.10 ms -0.02 ms (-0.34%) 1.25%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha 11.15 ms 11.12 ms -0.04 ms (-0.33%) 1.63%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes 10.70 ms 10.67 ms -0.03 ms (-0.32%) 1.99%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes 10.52 ms 10.48 ms -0.03 ms (-0.31%) 1.72%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha 11.32 ms 11.28 ms -0.03 ms (-0.30%) 1.49%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 13.85 ms 13.81 ms -0.04 ms (-0.30%) 2.28%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes 11.20 ms 11.17 ms -0.03 ms (-0.29%) 1.36%
transfer_no_resume_ring_1.3_rsa_chacha 13.45 ms 13.42 ms -0.04 ms (-0.28%) 2.74%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 13.16 ms 13.13 ms -0.04 ms (-0.28%) 2.45%
handshake_session_id_aws_lc_rs_1.3_rsa_aes 11.17 ms 11.14 ms -0.03 ms (-0.28%) 1.27%
handshake_no_resume_ring_1.3_rsa_chacha 966.64 µs 963.99 µs -2.65 µs (-0.27%) 2.15%
handshake_no_resume_ring_1.3_rsa_aes 967.00 µs 964.36 µs -2.64 µs (-0.27%) 1.97%
transfer_no_resume_ring_1.3_ecdsap256_chacha 12.96 ms 12.92 ms -0.03 ms (-0.27%) 2.64%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha 11.13 ms 11.10 ms -0.03 ms (-0.26%) 1.48%
handshake_tickets_aws_lc_rs_1.3_rsa_aes 11.35 ms 11.32 ms -0.03 ms (-0.26%) 1.71%
transfer_no_resume_ring_1.3_ecdsap384_chacha 16.06 ms 16.02 ms -0.04 ms (-0.25%) 2.29%
handshake_tickets_ring_1.3_ecdsap256_chacha 5.59 ms 5.57 ms -0.01 ms (-0.24%) 1.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes 1.35 ms 1.35 ms -0.00 ms (-0.24%) 1.67%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes 1.30 ms 1.29 ms -0.00 ms (-0.23%) 4.70%
handshake_session_id_ring_1.3_ecdsap256_chacha 5.53 ms 5.51 ms -0.01 ms (-0.22%) 1.00%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha 13.80 ms 13.77 ms -0.03 ms (-0.22%) 2.49%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 1.34 ms 1.34 ms -0.00 ms (-0.21%) 2.15%
handshake_tickets_ring_1.3_ecdsap384_chacha 8.68 ms 8.67 ms -0.02 ms (-0.20%) 1.00%
handshake_tickets_ring_1.3_ecdsap384_aes 8.71 ms 8.70 ms -0.02 ms (-0.19%) 1.00%
handshake_tickets_ring_1.3_rsa_chacha 6.07 ms 6.06 ms -0.01 ms (-0.18%) 1.00%
handshake_session_id_ring_1.3_ecdsap384_chacha 8.62 ms 8.61 ms -0.02 ms (-0.17%) 1.00%
handshake_tickets_ring_1.3_ecdsap256_aes 5.62 ms 5.61 ms -0.01 ms (-0.17%) 1.29%
handshake_session_id_ring_1.3_ecdsap256_aes 5.56 ms 5.55 ms -0.01 ms (-0.17%) 1.48%
handshake_session_id_ring_1.3_rsa_aes 6.05 ms 6.04 ms -0.01 ms (-0.16%) 1.35%
handshake_no_resume_ring_1.2_rsa_aes 964.03 µs 962.62 µs -1.41 µs (-0.15%) 1.63%
handshake_session_id_ring_1.3_ecdsap384_aes 8.65 ms 8.64 ms -0.01 ms (-0.14%) 1.07%
handshake_tickets_ring_1.2_rsa_aes 1.59 ms 1.59 ms -0.00 ms (-0.13%) 1.81%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes 662.09 µs 661.21 µs -0.88 µs (-0.13%) 4.65%
handshake_session_id_ring_1.3_rsa_chacha 6.01 ms 6.01 ms -0.01 ms (-0.11%) 1.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha 1.29 ms 1.29 ms -0.00 ms (-0.10%) 5.07%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes 1.06 ms 1.06 ms -0.00 ms (-0.08%) 4.60%
handshake_no_resume_ring_1.3_ecdsap384_chacha 3.57 ms 3.57 ms -0.00 ms (-0.05%) 1.00%
handshake_no_resume_ring_1.3_ecdsap384_aes 3.58 ms 3.58 ms -0.00 ms (-0.02%) 1.00%

Additional information

Historical results

Checkout details:

@codecov Codecov
Copy link

codecov bot commented Apr 30, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 89.47368% with 2 lines in your changes missing coverage. Please review.

Project coverage is 95.25%. Comparing base (97a63bf) to head (382cbe1).
Report is 4 commits behind head on main.

Files with missing lines Patch % Lines
rustls/src/msgs/handshake.rs 89.47% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2443      +/-   ##
==========================================
- Coverage   95.26%   95.25%   -0.02%     
==========================================
  Files          95       95              
  Lines       21256    21256              
==========================================
- Hits        20250    20247       -3     
- Misses       1006     1009       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@ctz ctz force-pushed the jbp-extensions-testing branch 2 times, most recently from 9bb2683 to eb2bbd3 Compare April 30, 2025 14:10
@ctz ctz marked this pull request as ready for review April 30, 2025 14:10
djc
djc reviewed May 1, 2025
View reviewed changes
@ctz ctz force-pushed the jbp-extensions-testing branch from eb2bbd3 to 4286587 Compare May 2, 2025 09:24
@djc djc mentioned this pull request May 2, 2025
Merged
@djc
Copy link
Member

djc commented May 2, 2025

I've been playing with this because I find the proposed interface pretty hard to grok. I wonder whether it could be built around something more like this:

trait ExtensionEncoder {
    fn encode<'a>(&self, ext: &impl Extension<'a>) -> Result<bool, ()>;
}

trait Extension<'a>: Codec<'a> {
    fn ext_type(&self) -> ExtensionType;
}

@ctz ctz force-pushed the jbp-extensions-testing branch 4 times, most recently from 7c15171 to c2765db Compare May 9, 2025 11:28
@ctz ctz force-pushed the jbp-extensions-testing branch from c2765db to 382cbe1 Compare May 9, 2025 14:39
@ctz
Copy link
Member Author

ctz commented May 9, 2025

@djc ready for another look -- this no longer adds any code to the core crate.

@djc djc mentioned this pull request May 12, 2025
Merged
djc
djc reviewed May 12, 2025
View reviewed changes
Copy link
Member

@djc djc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I'm a big fan.

I think you have the original goal that most of the tests should be on the outside of the crate, but I am not entirely sure that I understand the value of this ideal. It seems reasonable to me to have tests written on the inside of the crate boundary, especially since we can also use modules as an abstraction boundary. On the other hand, it comes with this crutch of the internals module which is like semi-public but not stable, which works around rather than with a bunch of the tooling.

But the idea of growing a second implementation of encoding and decoding messages seems suboptimal to me -- this is adding a whole bunch of code for the sole purpose of supporting some tests that want to inspect/change messages that contain extensions, which means we now have to review/maintain a lot of test-only code in addition to the production library code that is our actual product.

I agree with is that it is better to have higher-level tests that are not tightly integrated to low-level (internal) APIs, but I think I prefer some kind of mid-level API that avoids too much integration without requiring what is substantially a rewrite of the logic used in the library -- and I think it would be okay to have that inside the library.

(I also think both our 8.5k-line tests/api.rs and 3.4k-line msgs/handshake.rs could both more organization/splitting up.)

rustls/tests/common/mod.rs
&[0u8; 32],
&[0],
vec![
ClientHello {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggest doing this function -> struct conversion in a separate commit.

@ctz
Copy link
Member Author

ctz commented May 15, 2025

I'm not sure I'm a big fan.

I think the main issue here is we are testing several different things, but testing them in the same way. The original purpose of tests/api.rs is to (as the name hints) exercise the public API in realistic, representative and complete ways, so we can be sure that the public surface is sufficient to do all the things we want to. Naturally, if we move those tests into the crate, we lose that.

The other property of those tests is they don't become invalid from testing rustls against itself. In other words, if we screw up the encoding and decoding of a ClientHello in a consistent way, these tests will pass even though we no longer interop with other implementations. That is fine, but is undesirable for protocol-level tests and for those we want an implementation that is independent (bogo, openssl, or a some straightforward encoding/decoding written in a different style that this PR introduced).

As time has gone on we've added to tests/api.rs things like protocol error testing, to give coverage of the cases that bogo doesn't cover. Those things don't need to be tested outside the crate. Perhaps putting them inside the crate might allow them to become smaller tests, but if not we'd still need to (say) create a ClientConnection with the boilerplate that entails. Maybe we could find a way of reusing tests/common/mod.rs both inside and outside the crate, maybe with a #[path] or something.

Lastly, the other constraint is the desire to have tightly defined and misuse-resistant internal APIs, that those by design make it more difficult to construct erroneous messages for testing. As an example, ffac73a makes it impossible to represent the clienthello issued by

rustls/rustls/tests/api.rs

Line 1549 in 7f8df89

fn server_ignores_sni_with_ip_address() {
, that would prevent moving this test into the core crate and reusing the same extension representation.

tldr: onboard with moving the protocol tests into the crate, but i still think some of the encoding cases need to diverge from the "real" code

@ctz ctz closed this May 15, 2025
@ctz
Copy link
Member Author

ctz commented May 19, 2025

Maybe we could find a way of reusing tests/common/mod.rs both inside and outside the crate, maybe with a #[path] or something.

This seems to be extremely difficult:

  • a crate can't refer to itself via its name, so code that works outside the crate does not work inside it, and vv.
  • a testing-only crate that contains common/mod.rs is basically unusable inside the crate, because all the types are from a separate compilation of the same code (and so none of the types match).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djc djc djc left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ctz @djc