Open ReubenBond opened 5 years ago
We don't have a plan as of yet. It's certainly something we could do if there was value in it. Ideally we'd also re-base our Https logic on top of a more general-purpose TLS middleware. From what I can tell, the main thing coupling the existing middleware to HTTPS is ALPN support. We could generalize the middleware so that instead of taking options specifying the HTTP version, it could just take ALPN protocols to negotiate.
I think we can achieve this by refactoring the (internal 🎉) HttpsConnectionMiddleware
like so:
TlsConnectionMiddleware
and refactor to use ALPN-specific options with no HTTP stuffUseTls
extension method and configuration.UseHttps
extension method and HttpsConnectionAdaptorOptions
and have them configure the TlsConnectionMiddleware
@ReubenBond if you're passionate and excited, we'd take a PR. Otherwise we'll put it in our planning for 5.0 and see where it shakes out.
I took a quick stab at the first point (rename, refactor), pulling the bits into our repo. We're targeting netstandard2.0 right now & there're are a bunch of issues (lack of IAsyncDisposable
& PipeWriter.Create(Stream, ...)
, among other things). I spoke with @sergeybykov earlier and we loosely agreed on the following w.r.t our Bedrock + TLS support:
TlsConnectionMiddleware
which can target netcoreapp3.0 if needed - I assume (perhaps incorrectly) that the Stream
change to implement IAsyncDisposable
will not be made available on netstandard2.0
/ .NET Framework in general.After your above comments we may need to update our thinking, unless someone else in the community is available to follow your steps for a general-purpose TlsConnectionMiddleware
.
Putting this in 5.0
I've opened a PR on Orleans which adds a generic middleware (+ Orleans-specific configuration helpers) which I would like feedback on: https://github.com/dotnet/orleans/pull/6035
It's based on the HTTPS middleware from ASP.NET Core but also adds support for client connections (in addition to the HTTPS middleware's support for server connections).
Ideally we can extract this & upstream it for 5.0 once it's polished and stable.
Any new update for this?
Are there any plans for a general-purpose TLS connection middleware? I'm looking to add TLS support to Orleans (which uses sockets). I saw #11109, but it's specific to HTTPS.
(Related to Bedrock / #4772)