richiejp
commented
1 year ago Is anyone currently working on this? I'd like it for an experiment, but I'm not sure how long it will take for me to implement.
Open andrewrk opened 1 year ago
richiejp
commented
1 year ago Is anyone currently working on this? I'd like it for an experiment, but I'm not sure how long it will take for me to implement.
laoshaw
commented
1 year ago I read somewhere tls.server was not the focus for stdlib as tls.client is here for package management, it will be really cool though for zig has tls.server implemented just like what golang does, so zig can be easily used for web without external dependencies.
in the meantime this looks good: https://github.com/mattnite/zig-mbedtls
richiejp
commented
1 year ago Yup. I did also realise that my HTTP/2 server can use h2c with a proxy that simply wraps the TCP connection in TLS with ALPN.
laoshaw
commented
1 year ago that's good for use cases where a zig-http(h2c) server runs behind a proxy who does the ssl termination(ALPN termination?), however zig will be used in embedded systems and typically has no proxy, the embedded device will have to deal with https directly, which is why zig-mbedtls exists I think.
clickingbuttons
commented
5 months ago I'm currently working on this in order to debug the TLS client.
clickingbuttons
commented
5 months ago Happy to report I've followed along with https://tls13.xargs.org/ (which I've used as a unit test) until the server new session tickets. The client and server can send application data messages!
I skipped cert verification and there are some memory optimizations left.
Big PR coming in the next week or two.
Extracted from #13980.
We already have
std.crypto.tls.Client. Now it's time to additionally add a server.Once we have both, they can be used to test each other.