Fix: Do not try to call deframer on junk data

[schreter]

After receiving close notify, the TLS stream ends. The receive buffer can contain additional junk data received past close notify record, which obviously cannot be interpreted anymore.

However, UnbufferedConnectionCommon::process_tls_records_common() tried to interpret this junk data.

Add a check for has_received_close_notify to prevent calling the deframer on junk data. Also update the test to test also with a longer junk data (original junk data didn't trigger the bug).

[schreter]

@djc This addresses the deframer processing junk data as mentioned in #959.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.28%. Comparing base (76cc2ca) to head (d6bf22f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2575   +/-   ##
=======================================
  Coverage   95.28%   95.28%           
=======================================
  Files          97       97           
  Lines       21562    21566    +4     
=======================================
+ Hits        20545    20549    +4     
  Misses       1017     1017           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[ctz]

Thanks!

For other reviewers: the equivalent buffered behaviour is here

rustls/rustls/src/conn.rs

Lines 712 to 714 in 76cc2ca

	if self.has_received_close_notify {
	return Ok(0);
	}

and tested by test_read_tls_artificial_eof_after_close_notify. So this difference is another thing potentially addressed by #1723.

The idea of handling alerts in the state machine I think is a good one, but beware that the state machine operates on a sequence of whole TLS messages, so it has a limited effect on layers above that (and whether to read data at all is several layers above that). The other thing to note here is that every state in every state machine would need to handle alerts in exactly the same way; that commonality is why it doesn't currently happen in this way. But that is nothing some additional layering (eg, make State::handle concrete and handle alerts, before passing off to the state-specific code)

[rustls-benchmarking]

Benchmark results

Instruction counts

Significant differences

⚠️ There are significant instruction count differences

Click to expand

Scenario	Baseline	Candidate	Diff	Threshold
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server	1785315	1759203	✅ -26112 (-1.46%)	1.39%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server	2658574	2683812	⚠️ 25238 (0.95%)	0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server	10406857	10489298	⚠️ 82441 (0.79%)	0.68%

Other differences

Click to expand

Scenario	Baseline	Candidate	Diff	Threshold
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client	4346517	4292063	-54454 (-1.25%)	2.12%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client	9489119	9549332	60213 (0.63%)	1.10%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client	63644424	63954206	309782 (0.49%)	0.54%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server	49128680	49283756	155076 (0.32%)	0.32%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client	63368518	63522465	153947 (0.24%)	0.76%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client	63569472	63437444	-132028 (-0.21%)	0.49%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server	47763269	47840646	77377 (0.16%)	0.43%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client	63473705	63375094	-98611 (-0.16%)	0.52%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client	63675349	63582255	-93094 (-0.15%)	0.73%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client	63633107	63706503	73396 (0.12%)	0.85%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server	47888287	47834890	-53397 (-0.11%)	0.28%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server	11320336	11308209	-12127 (-0.11%)	1.16%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server	47812617	47763716	-48901 (-0.10%)	0.30%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server	49153433	49107199	-46234 (-0.09%)	0.47%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client	63660359	63717763	57404 (0.09%)	0.69%
handshake_session_id_ring_1.2_rsa_aes_client	3866948	3870368	3420 (0.09%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client	63526346	63473838	-52508 (-0.08%)	0.82%
handshake_tickets_ring_1.2_rsa_aes_client	4256246	4259666	3420 (0.08%)	0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client	63385501	63336479	-49022 (-0.08%)	0.96%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server	49103218	49140428	37210 (0.08%)	0.54%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client	3130132	3132501	2369 (0.08%)	0.20%
handshake_session_id_ring_1.2_rsa_aes_server	3787218	3790008	2790 (0.07%)	0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_client	3303644	3301256	-2388 (-0.07%)	0.24%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client	3302564	3304709	2145 (0.06%)	0.25%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server	49108736	49139226	30490 (0.06%)	0.45%
handshake_tickets_ring_1.2_rsa_aes_server	4386506	4389146	2640 (0.06%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server	47890908	47864914	-25994 (-0.05%)	0.54%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server	47759986	47735853	-24133 (-0.05%)	0.55%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client	3124954	3123709	-1245 (-0.04%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server	11314803	11318913	4110 (0.04%)	0.99%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client	63577358	63596562	19204 (0.03%)	0.74%
handshake_tickets_1.3_no_crypto_server	2059229	2059679	450 (0.02%)	0.20%
handshake_session_id_1.3_no_crypto_server	2097403	2097853	450 (0.02%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server	1757202	1756829	-373 (-0.02%)	5.50%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server	2661657	2661100	-557 (-0.02%)	0.37%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server	49103029	49113204	10175 (0.02%)	0.48%
handshake_session_id_1.2_no_crypto_server	1028201	1028411	210 (0.02%)	0.20%
handshake_no_resume_1.3_no_crypto_server	101712	101727	15 (0.01%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client	4291758	4292315	557 (0.01%)	4.45%
handshake_session_id_1.2_no_crypto_client	1134761	1134881	120 (0.01%)	0.20%
handshake_tickets_1.2_no_crypto_client	1220691	1220811	120 (0.01%)	0.20%
handshake_no_resume_ring_1.2_rsa_aes_client	2233674	2233835	161 (0.01%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client	63711373	63715347	3974 (0.01%)	0.81%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server	3671512	3671722	210 (0.01%)	0.20%
handshake_tickets_1.2_no_crypto_server	1194724	1194784	60 (0.01%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server	49143660	49146086	2426 (0.00%)	0.53%
handshake_session_id_ring_1.3_rsa_chacha_server	31555767	31556787	1020 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server	31558622	31559642	1020 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_server	31559096	31560116	1020 (0.00%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client	9526024	9526331	307 (0.00%)	0.85%
handshake_session_id_ring_1.3_rsa_aes_server	31677747	31678767	1020 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server	31680602	31681622	1020 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server	31681076	31682096	1020 (0.00%)	0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client	3747994	3748114	120 (0.00%)	0.20%
handshake_tickets_ring_1.3_rsa_chacha_server	31880103	31881123	1020 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server	31882733	31883753	1020 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server	31882802	31883822	1020 (0.00%)	0.20%
handshake_tickets_ring_1.3_rsa_aes_server	31982853	31983873	1020 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server	31985483	31986503	1020 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server	31985552	31986572	1020 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client	30353743	30354643	900 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client	30356776	30357676	900 (0.00%)	0.20%
handshake_session_id_ring_1.3_rsa_chacha_client	30360900	30361800	900 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client	30445393	30446293	900 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client	30448426	30449326	900 (0.00%)	0.20%
handshake_session_id_ring_1.3_rsa_aes_client	30452550	30453450	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client	30479673	30480573	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client	30483106	30484006	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_rsa_chacha_client	30487213	30488113	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client	30551883	30552783	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client	30555337	30556237	900 (0.00%)	0.20%
handshake_tickets_ring_1.3_rsa_aes_client	30559444	30560344	900 (0.00%)	0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client	4137912	4138032	120 (0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_aes_client	58067488	58066210	-1278 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client	58069781	58068503	-1278 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client	58061124	58059847	-1277 (-0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_server	1282313	1282336	23 (0.00%)	0.20%
handshake_no_resume_ring_1.2_rsa_aes_server	10977829	10977990	161 (0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client	92597141	92595854	-1287 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client	92587205	92585924	-1281 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client	92593566	92592295	-1271 (-0.00%)	0.20%
handshake_session_id_1.3_no_crypto_client	2204990	2205020	30 (0.00%)	0.20%
handshake_tickets_1.3_no_crypto_client	2221602	2221632	30 (0.00%)	0.20%
handshake_no_resume_1.2_no_crypto_server	78337	78338	1 (0.00%)	0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server	4751812	4751872	60 (0.00%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server	47915643	47916172	529 (0.00%)	0.51%
handshake_no_resume_1.2_no_crypto_client	102496	102497	1 (0.00%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client	63582585	63583194	609 (0.00%)	0.90%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server	1283497	1283509	12 (0.00%)	0.20%
handshake_no_resume_ring_1.3_rsa_aes_client	2337455	2337476	21 (0.00%)	0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client	2343109	2343130	21 (0.00%)	0.20%
handshake_no_resume_1.3_no_crypto_client	112037	112038	1 (0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server	7214526	7214562	36 (0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server	7212565	7212588	23 (0.00%)	0.20%
handshake_no_resume_ring_1.3_rsa_aes_server	11112435	11112458	23 (0.00%)	0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server	11118198	11118221	23 (0.00%)	0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client	1721748	1721745	-3 (-0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client	34742123	34742161	38 (0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client	34740407	34740428	21 (0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_aes_server	46009149	46009159	10 (0.00%)	0.20%
transfer_no_resume_ring_1.2_rsa_aes_client	57950387	57950397	10 (0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server	46010414	46010421	7 (0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server	80247213	80247223	10 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server	80363470	80363480	10 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server	80352545	80352537	-8 (-0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client	92636648	92636656	8 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client	58176488	58176493	5 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client	58186436	58186432	-4 (-0.00%)	0.20%
transfer_no_resume_ring_1.2_rsa_aes_server	45906403	45906406	3 (0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server	46017298	46017301	3 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server	46172705	46172702	-3 (-0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server	46182992	46182995	3 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client	58181245	58181242	-3 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server	80252184	80252188	4 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server	46119385	46119387	2 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server	80352184	80352187	3 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client	58118094	58118096	2 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client	92642686	92642689	3 (0.00%)	0.20%
transfer_no_resume_1.2_no_crypto_client	117362059	117362062	3 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server	46171698	46171699	1 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client	92646588	92646586	-2 (-0.00%)	0.20%
transfer_no_resume_1.3_no_crypto_server	105026296	105026298	2 (0.00%)	0.20%
transfer_no_resume_1.2_no_crypto_server	104980489	104980490	1 (0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server	80244038	80244038	0 (0.00%)	0.20%
transfer_no_resume_1.3_no_crypto_client	117405051	117405051	0 (0.00%)	0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand

Scenario	Baseline	Candidate	Diff	Threshold
handshake_no_resume_1.3_no_crypto	82.88 µs	87.11 µs	4.22 µs (5.10%)	9.93%
handshake_no_resume_1.2_no_crypto	74.82 µs	78.57 µs	3.75 µs (5.01%)	9.37%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes	4.52 ms	4.64 ms	0.12 ms (2.59%)	4.32%
transfer_no_resume_ring_1.3_ecdsap256_aes	5.29 ms	5.41 ms	0.12 ms (2.32%)	3.28%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes	5.22 ms	5.33 ms	0.12 ms (2.28%)	3.59%
transfer_no_resume_ring_1.2_rsa_aes	5.71 ms	5.82 ms	0.12 ms (2.02%)	3.20%
transfer_no_resume_ring_1.3_rsa_aes	5.78 ms	5.89 ms	0.11 ms (1.96%)	3.59%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes	5.19 ms	5.29 ms	0.10 ms (1.92%)	4.37%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes	4.98 ms	5.08 ms	0.10 ms (1.92%)	3.97%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha	572.72 µs	582.35 µs	9.63 µs (1.68%)	2.84%
handshake_no_resume_ring_1.3_ecdsap256_chacha	451.37 µs	458.73 µs	7.36 µs (1.63%)	2.61%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes	575.00 µs	583.89 µs	8.88 µs (1.54%)	2.99%
handshake_no_resume_ring_1.3_ecdsap256_aes	454.59 µs	461.57 µs	6.98 µs (1.54%)	2.57%
transfer_no_resume_ring_1.3_ecdsap384_aes	8.38 ms	8.50 ms	0.13 ms (1.52%)	2.28%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha	12.99 ms	13.12 ms	0.13 ms (0.99%)	1.51%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes	8.37 ms	8.45 ms	0.08 ms (0.98%)	1.00%
transfer_no_resume_ring_1.3_ecdsap256_chacha	12.84 ms	12.97 ms	0.12 ms (0.96%)	1.54%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha	8.34 ms	8.42 ms	0.08 ms (0.96%)	1.00%
handshake_session_id_1.2_no_crypto	344.01 µs	347.23 µs	3.22 µs (0.94%)	3.29%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes	8.54 ms	8.62 ms	0.08 ms (0.91%)	1.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha	8.51 ms	8.59 ms	0.08 ms (0.91%)	1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha	9.01 ms	9.09 ms	0.08 ms (0.90%)	1.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha	9.19 ms	9.27 ms	0.08 ms (0.90%)	1.04%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha	13.68 ms	13.80 ms	0.12 ms (0.89%)	1.54%
transfer_no_resume_1.2_no_crypto	11.82 ms	11.93 ms	0.10 ms (0.87%)	1.51%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes	9.05 ms	9.13 ms	0.08 ms (0.86%)	1.00%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha	13.66 ms	13.78 ms	0.12 ms (0.85%)	1.57%
transfer_no_resume_ring_1.3_ecdsap384_chacha	15.94 ms	16.07 ms	0.14 ms (0.85%)	1.19%
transfer_no_resume_ring_1.3_rsa_chacha	13.34 ms	13.45 ms	0.11 ms (0.84%)	1.38%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha	9.19 ms	9.26 ms	0.08 ms (0.83%)	1.00%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha	9.02 ms	9.10 ms	0.07 ms (0.82%)	1.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha	1.25 ms	1.26 ms	0.01 ms (0.80%)	1.00%
handshake_session_id_aws_lc_rs_1.3_rsa_aes	9.06 ms	9.14 ms	0.07 ms (0.80%)	1.00%
handshake_tickets_aws_lc_rs_1.2_rsa_aes	1.73 ms	1.75 ms	0.01 ms (0.79%)	2.53%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes	9.24 ms	9.31 ms	0.07 ms (0.78%)	1.00%
transfer_no_resume_1.3_no_crypto	11.85 ms	11.94 ms	0.09 ms (0.77%)	1.53%
handshake_tickets_aws_lc_rs_1.3_rsa_aes	9.23 ms	9.29 ms	0.06 ms (0.70%)	1.00%
handshake_session_id_1.3_no_crypto	661.80 µs	657.16 µs	-4.65 µs (-0.70%)	2.62%
handshake_no_resume_ring_1.2_rsa_aes	936.79 µs	943.14 µs	6.35 µs (0.68%)	1.04%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes	1.26 ms	1.27 ms	0.01 ms (0.65%)	1.05%
handshake_no_resume_ring_1.3_rsa_chacha	943.88 µs	949.86 µs	5.98 µs (0.63%)	1.00%
handshake_no_resume_ring_1.3_rsa_aes	943.99 µs	949.65 µs	5.66 µs (0.60%)	1.00%
handshake_tickets_1.3_no_crypto	636.24 µs	632.52 µs	-3.71 µs (-0.58%)	3.98%
handshake_session_id_ring_1.3_ecdsap256_chacha	5.37 ms	5.39 ms	0.02 ms (0.42%)	1.00%
handshake_tickets_ring_1.3_ecdsap256_chacha	5.42 ms	5.44 ms	0.02 ms (0.36%)	1.00%
handshake_tickets_ring_1.2_rsa_aes	1.53 ms	1.54 ms	0.01 ms (0.34%)	1.82%
handshake_session_id_ring_1.3_rsa_aes	5.90 ms	5.91 ms	0.01 ms (0.24%)	1.00%
handshake_session_id_ring_1.3_ecdsap256_aes	5.41 ms	5.42 ms	0.01 ms (0.23%)	1.00%
handshake_session_id_ring_1.3_rsa_chacha	5.86 ms	5.88 ms	0.01 ms (0.22%)	1.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes	1.24 ms	1.24 ms	0.00 ms (0.22%)	2.39%
handshake_tickets_ring_1.3_rsa_chacha	5.92 ms	5.93 ms	0.01 ms (0.21%)	1.00%
handshake_no_resume_ring_1.3_ecdsap384_chacha	3.55 ms	3.55 ms	0.01 ms (0.21%)	1.00%
handshake_no_resume_ring_1.3_ecdsap384_aes	3.55 ms	3.55 ms	0.01 ms (0.19%)	1.00%
handshake_tickets_ring_1.3_ecdsap384_chacha	8.52 ms	8.53 ms	0.02 ms (0.19%)	1.00%
handshake_tickets_ring_1.3_ecdsap256_aes	5.46 ms	5.47 ms	0.01 ms (0.18%)	1.00%
handshake_session_id_ring_1.3_ecdsap384_chacha	8.46 ms	8.48 ms	0.01 ms (0.15%)	1.00%
handshake_tickets_ring_1.3_rsa_aes	5.95 ms	5.96 ms	0.01 ms (0.14%)	1.00%
handshake_session_id_ring_1.3_ecdsap384_aes	8.49 ms	8.50 ms	0.01 ms (0.12%)	1.00%
handshake_tickets_ring_1.3_ecdsap384_aes	8.55 ms	8.56 ms	0.01 ms (0.09%)	1.00%
handshake_session_id_ring_1.2_rsa_aes	1.45 ms	1.45 ms	-0.00 ms (-0.09%)	1.28%
handshake_session_id_aws_lc_rs_1.2_rsa_aes	1.59 ms	1.59 ms	-0.00 ms (-0.08%)	2.57%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes	1.07 ms	1.07 ms	0.00 ms (0.07%)	2.87%
handshake_tickets_1.2_no_crypto	377.93 µs	377.85 µs	-0.08 µs (-0.02%)	3.88%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha	1.23 ms	1.23 ms	-0.00 ms (-0.02%)	2.43%

Additional information

Historical results

Checkout details:

• Base repo: https://github.com/rustls/rustls.git
• Base branch: main (76cc2ca)
• Candidate repo: https://github.com/schreter/rustls.git
• Candidate branch: close_notify_deframer_fix (d6bf22f)

[schreter]

@ctz & @cpu Thanks for the review and merging the fix.

I just have one question: what is the strategy to get fixes to crates.io? There is a document about how to make a release, but I didn't find details who/when is going to do it. I guess I'll simply wait until it gets picked up by the next release :-), since we are not under time pressure to consume the fix in our project.

[cpu]

I just have one question: what is the strategy to get fixes to crates.io?

Right now main has breaking changes as we work towards a 0.24 release. I think the best way to get this fix onto crates.io in a timely manner is for us to backport it to the rel-0.23 branch so we could include it in a 0.23.30 release.

I kicked the process off over here: #2576

[cpu]

I just have one question: what is the strategy to get fixes to crates.io?

The fix is now available on crates.io as part of Rustls v0.23.30.

Thanks!