Skip to content

THRIFT-6097: Add rustls client and server support#3638

Open
HTHou wants to merge 1 commit into
apache:masterfrom
HTHou:THRIFT-6097
Open

THRIFT-6097: Add rustls client and server support#3638
HTHou wants to merge 1 commit into
apache:masterfrom
HTHou:THRIFT-6097

Conversation

@HTHou

@HTHou HTHou commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Summary

  • add optional rustls-backed TTlsClientChannel and TTlsServerChannel transports
  • add TServer::listen_tls while keeping TLS configuration, trust anchors, client authentication, protocol versions, and crypto-provider selection under application control
  • extract TSharedChannel so a non-cloneable bidirectional TLS stream can be split safely for Thrift input and output transports
  • enable Rust client/server TLS cross-tests for buffered and framed transports across the supported protocols
  • document the Rust TLS API, feature flag, MSRV, and threat-model behavior

This addresses THRIFT-6097.

Compatibility

The new rustls feature is optional and is not enabled by Thrift's default feature set, so existing users do not acquire a TLS dependency unless they opt in. The runtime does not select a crypto provider or load certificates/system roots; callers pass a fully configured rustls ClientConfig or ServerConfig.

The Rust binding and generated code retain their Rust 1.65 baseline. Enabling the optional rustls feature requires Rust 1.71 or newer, matching rustls 0.23's declared MSRV.

Dependency licensing

  • rustls is an optional library dependency (0.23.42 currently resolved), licensed under Apache-2.0 OR ISC OR MIT; this contribution consumes it under the Apache-2.0 option.
  • rustls-pemfile is used only by the Rust cross-test binaries (2.2.0 currently resolved), with the same Apache-2.0 OR ISC OR MIT terms and Apache-2.0 option.
  • The repository enables the ring provider only for Rust unit/cross-tests (0.17.14 currently resolved); the library feature itself remains provider-neutral. ring is licensed under Apache-2.0 AND ISC.
  • Resolved transitive dependencies use Apache-2.0, MIT, ISC, or BSD-3-Clause terms (including rustls-webpki/untrusted: ISC; subtle: BSD-3-Clause; and rustls-pki-types/once_cell/zeroize: Apache-2.0/MIT).

All of these are ASF Category A licenses; no Category B or Category X dependency is introduced. No dependency source or binary is vendored into the Apache Thrift source distribution: Cargo downloads the crates separately at build/test time. Therefore the root LICENSE and NOTICE remain unchanged, following ASF guidance for non-bundled dependencies.

Validation

  • cargo fmt --all -- --check (lib/rs and test/rs)
  • cargo check --no-default-features --features rustls (lib/rs)
  • cargo test --all-features (lib/rs: 175 unit tests, 2 shared-channel tests, 3 TLS tests, and 23 doc tests)
  • cargo test (test/rs)
  • python3 test/test.py --server rs --client rs -R ip-ssl -j 1 (16/16 TLS combinations passed)
  • codespell check over the added lines

AI assistance

This change was developed with OpenAI Codex (GPT-5). The single commit contains the corresponding Co-Authored-By trailer.

Checklist

  • Created Apache JIRA ticket THRIFT-6097.
  • PR title starts with THRIFT-6097:.
  • Squashed the change to a single commit.
  • Avoided a breaking default: TLS is opt-in through an optional feature.
  • This PR contains code, so [skip ci] is not used.

@mergeable mergeable Bot added rust Pull requests that update Rust code testsuite build and general CI cmake, automake and build system changes labels Jul 16, 2026
@HTHou
HTHou marked this pull request as ready for review July 16, 2026 09:15
@HTHou
HTHou requested a review from Jens-G as a code owner July 16, 2026 09:15
Copilot AI review requested due to automatic review settings July 16, 2026 09:15
@HTHou
HTHou requested review from jimexist and mhlakhani as code owners July 16, 2026 09:15

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds optional TLS support to the Rust runtime via rustls, introducing new TLS-backed client/server channels and a server TLS listen entrypoint while keeping all TLS policy and trust configuration under application control. It also adds Rust TLS cross-tests and updates Rust/threat-model documentation to reflect the new TLS capability.

Changes:

  • Add optional rustls-backed transports (TTlsClientChannel, TTlsServerChannel) and a TSharedChannel adapter to safely split non-cloneable bidirectional streams.
  • Add TServer::listen_tls (Rust) and wire up Rust cross-test client/server binaries for --ssl.
  • Add Rust TLS/shared-channel tests plus documentation updates (Rust README + threat model), and enable TLS socket mode in the cross-test matrix.

Reviewed changes

Copilot reviewed 14 out of 14 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
test/tests.json Adds ip-ssl socket mode to the cross-test matrix.
test/rs/src/bin/test_server.rs Enables --ssl for Rust test server and uses listen_tls with a test rustls config.
test/rs/src/bin/test_client.rs Enables --ssl for Rust test client and connects via TTlsClientChannel with a test verifier.
test/rs/Cargo.toml Adds rustls deps for Rust cross-tests and enables Thrift’s rustls feature.
lib/rs/tests/tls.rs Adds unit tests for TLS handshake behavior and error messaging.
lib/rs/tests/shared_channel.rs Adds tests for TSharedChannel split behavior and poison handling.
lib/rs/src/transport/tls.rs Introduces TTlsClientChannel / TTlsServerChannel implementations using rustls.
lib/rs/src/transport/shared.rs Adds TSharedChannel wrapper to share/split non-cloneable I/O safely.
lib/rs/src/transport/mod.rs Wires in new transport modules and exports new channel types (feature-gated for TLS).
lib/rs/src/server/threaded.rs Adds TServer::listen_tls (feature-gated) using TTlsServerChannel.
lib/rs/README.md Documents Rust TLS feature usage and updates stated Rust compatibility notes.
lib/rs/Makefile.am Expands Rust checks/tests to include --all-features and explicit rustls build coverage.
lib/rs/Cargo.toml Adds optional rustls dependency and feature flag; adds dev-dep rustls for tests.
doc/thrift-threat-model.md Updates threat model to reflect Rust TLS support and configuration-controlled validation.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread lib/rs/src/transport/shared.rs Outdated
Comment thread lib/rs/src/transport/shared.rs
Comment thread lib/rs/tests/shared_channel.rs Outdated
Copilot AI review requested due to automatic review settings July 16, 2026 09:31

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 2 comments.

Comment thread test/rs/src/bin/test_client.rs
Comment thread lib/rs/src/transport/tls.rs Outdated
Copilot AI review requested due to automatic review settings July 16, 2026 09:54

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 1 comment.

Comment thread doc/thrift-threat-model.md Outdated
Copilot AI review requested due to automatic review settings July 16, 2026 10:02

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 4 comments.

Comment thread lib/rs/src/transport/tls.rs Outdated
Comment thread lib/rs/src/transport/tls.rs Outdated
Comment thread lib/rs/Makefile.am Outdated
Comment thread lib/rs/Makefile.am Outdated
Client: rs

Co-Authored-By: OpenAI Codex (GPT-5) <noreply@openai.com>
Copilot AI review requested due to automatic review settings July 16, 2026 10:30
@HTHou
HTHou requested a review from fishy as a code owner July 16, 2026 10:30
@mergeable mergeable Bot added the github_actions Pull requests that update GitHub Actions code label Jul 16, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 15 out of 15 changed files in this pull request and generated 1 comment.

Comment thread test/rs/src/bin/test_client.rs
@Jens-G

Jens-G commented Jul 16, 2026

Copy link
Copy Markdown
Member

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

🤖 Generated with Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

build and general CI cmake, automake and build system changes github_actions Pull requests that update GitHub Actions code rust Pull requests that update Rust code testsuite

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants