cpu
commented
1 month ago Thanks for opening an issue. Sorry to hear this sent you down a debugging rabbit hole :weary:
It looks like we're directly linking to the backing Rustls fn as the documentation for the rustls-ffi binding:
I think that rustdoc documentation does try to communicate the detail you're noting here when it says:
After Connection::process_new_packets() has been called, this might start to return false while the final handshake packets still need to be extracted from the connection’s buffers.
Did you find that documentation and think it wasn't sufficient? I'm not opposed to lifting the important text directly into the rustls.h docstring but wanted to confirm the existing text in the upstream docs seems OK to you first.
icing
I think it would be helpful to document that
rustls_connection_is_handshaking(rconn)in a client returnsFALSEbefore the FINISHED message has been sent.A client, assuming the handshake is complete and not sending more data to the peer, will timeout since the server continues to wait for FINISHED. With http: connections, this is never noticable since the client will always send a request that causes the FINISHED to be send also.
I debugged curl+rustls on an FTP passive connection, where only the server sends, and there the connection then stalls.