Skip to content

feat: add additional application context into Connection #5637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
boquan-fang merged 4 commits into from
Dec 3, 2025
Merged

feat: add additional application context into Connection #5637

boquan-fang merged 4 commits into from
Dec 3, 2025

Conversation

@boquan-fang
Copy link
Contributor

@boquan-fang boquan-fang commented Nov 25, 2025
edited
Loading

Goal

This PR changes the behavior of the set_application_context API to add multiple arbitrary application contexts which can be queried during handshakes. The definition of the app_context is changed from only accepting one application context to accept a map of application contexts.

Why

We are trying to allow s2n-quic to query the remote address information about the client during the handshake. This PR in s2n-tls allows that addressing information to be added with the connection.

How

Change the definition of the Context for the connection to be a HashMap of connection context. In this way, we can add as many application data as we want. Hence, we can add the remote address on top of context that were originally needed.

I also added a remove_application_context API to help users managing memory usage.

Callouts

I need to modify the memory_test's memory usage in order for this PR to pass the CI. My change involves changing a variable in the Context struct from Option to a HashMap which will definitely increase many usage by about 100 bytes per connection.

"/home/runner/work/s2n-tls/s2n-tls/bindings/rust/extended/s2n-tls/../../../../tests/pems/rsa_4096_sha512_client_cert.pem"
| stage               | total_blocks | total_bytes | curr_blocks | curr_bytes | max_blocks | max_bytes | test_pair_size |
|---------------------|--------------|-------------|-------------|------------|------------|-----------|----------------|
| ConnectionInit      | 134          | 64778       | 108         | 61578      | 84         | 19698     | 0              |
| AfterClientHello    | 149          | 91991       | 116         | 88406      | 92         | 46526     | 248            |
| AfterServerHello    | 353          | 170487      | 121         | 116773     | 123        | 102673    | 3524           |
| AfterClientFinished | 851          | 211414      | 257         | 108080     | 123        | 102673    | 3524           |
| HandshakeComplete   | 875          | 213526      | 256         | 90667      | 123        | 102673    | 3524           |
| ApplicationData     | 875          | 213526      | 256         | 90667      | 123        | 102673    | 3524           |
actual: 61578, expected: 61482
actual: 88406, expected: 88302

Refers to https://github.com/aws/s2n-tls/pull/5637/files#diff-63ac16ef5c47eee35caf3e2bbf1909d5a3062a8343d888d399eaf960acf7326b for the change.

Testing

This PR has unit tests for all new APIs it introduced. Also, I have implemented relevant changes for s2n-quic which can be found in aws/s2n-quic@main...boquan-fang:s2n-quic:get-ip-from-connection. s2n-quic's new_server_session API can now add the client's remote address into the connection.

Related

N/A

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Nov 25, 2025
@boquan-fang boquan-fang force-pushed the add_ip_into_connection branch 4 times, most recently from 0ec4885 to 1535232 Compare November 25, 2025 17:55
@boquan-fang boquan-fang force-pushed the add_ip_into_connection branch from 1535232 to adfff1a Compare November 25, 2025 19:19
@boquan-fang boquan-fang marked this pull request as ready for review November 25, 2025 19:35
maddeleine
maddeleine reviewed Dec 2, 2025
View reviewed changes
@boquan-fang
address PR comments:
e4968bf 
* use the generic type to query the TypeId
@boquan-fang boquan-fang force-pushed the add_ip_into_connection branch from 6661da9 to e4968bf Compare December 2, 2025 23:01
maddeleine
maddeleine reviewed Dec 2, 2025
View reviewed changes
@boquan-fang
address PR comments:
cac59ac 
* nit fix for comments
WesleyRosenblum
WesleyRosenblum reviewed Dec 3, 2025
View reviewed changes
@boquan-fang
address PR comments:
2748fc6 
* Fixing comments and make them more precise
* Simplify the match with and_then method
* Recover test coverage for context override
WesleyRosenblum
WesleyRosenblum approved these changes Dec 3, 2025
View reviewed changes
bindings/rust/extended/s2n-tls/src/connection.rs
self.context()
.app_context
.get(&context_type_id)
.and_then(|app_context| app_context.downcast_ref::<T>())
Copy link
Contributor

@WesleyRosenblum WesleyRosenblum Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice

@boquan-fang boquan-fang added this pull request to the merge queue Dec 3, 2025
Merged via the queue into aws:main with commit f92aee8 Dec 3, 2025
53 checks passed
@boquan-fang boquan-fang deleted the add_ip_into_connection branch December 3, 2025 20:09
@boquan-fang boquan-fang mentioned this pull request Dec 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maddeleine maddeleine maddeleine approved these changes

@WesleyRosenblum WesleyRosenblum Awaiting requested review from WesleyRosenblum

Assignees

No one assigned

Labels

s2n-core team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@boquan-fang @WesleyRosenblum @maddeleine