Skip to content

Update tokio-rustls #1470

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
maxammann wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Update tokio-rustls #1470

maxammann wants to merge 4 commits into from

Conversation

@maxammann
Copy link

@maxammann maxammann commented Nov 5, 2025

The tokio-rustls version is pretty old and pulls in ring by default.

@maxammann
Copy link
Author

maxammann commented Nov 13, 2025

@halvko would be sweet if you can take a look at this one :)

also this one might be done? #1375

@maxammann
Copy link
Author

maxammann commented Nov 13, 2025

ah wait this is just documentation

@halvko
Copy link
Contributor

halvko commented Nov 14, 2025

Yeah, sorry I'm not @ oxide - but LGTM 😅

@maxammann
Copy link
Author

maxammann commented Nov 24, 2025

@ahl woudl be sweet to have that in :)

@davepacheco
Copy link
Collaborator

davepacheco commented Jan 13, 2026

Note this updates both tokio-rustls and rustls and it looks like the rustls includes a bunch of breaking changes: https://github.com/rustls/rustls/releases/tag/v%2F0.23.0

In particular I'm not sure if the default change to aws-lc-rs is a problem for us. @ahl @sunshowers or @iliana does one of you know what the state of this is? I'm not sure why Dropshot's been behind for so long.

@sunshowers
Copy link
Contributor

sunshowers commented Jan 13, 2026

I'm not sure about the details but I vaguely recall @ahl knowing about this.

@ahl
Copy link
Collaborator

ahl commented Jan 14, 2026

Note this updates both tokio-rustls and rustls and it looks like the rustls includes a bunch of breaking changes: https://github.com/rustls/rustls/releases/tag/v%2F0.23.0

In particular I'm not sure if the default change to aws-lc-rs is a problem for us. @ahl @sunshowers or @iliana does one of you know what the state of this is? I'm not sure why Dropshot's been behind for so long.

I think the short of it is that I had some idea here that you thought were bad (and apparently forgot about). And I wasn't sure what the answer was at the time...

@iliana
Copy link
Contributor

iliana commented Jan 14, 2026

From what I understand the ecosystem is generally shifting (has shifted?) from ring to aws-lc-rs. Several months ago we made some illumos build fixes upstream so that we could consume it and things have been smooth sailing since.

@iliana
Copy link
Contributor

iliana commented Jan 14, 2026

We're several aws-lc-sys revisions behind on Omicron but I just checked to make sure the current one still builds on Helios, and it does.

@maxammann
Copy link
Author

maxammann commented Jan 15, 2026

At Zoo we switched to aws-lc-sys. reqwests also supports it through build flags wince 0.13.

We also have AWS dependencies which kind of force it down your throat.

Apart from that the ecosystem has already switched away from ring. The upgrade also still allows you to go with ring and I'd say that is recommended until you switch over most of your projects.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@maxammann @halvko @davepacheco @sunshowers @ahl @iliana