This change adds a .rustfmt.toml that includes ALL supported settings,
12 of which we have overridden to attempt to cater to our own
proclivities.
rustfmt is checked in the rust-nightly CI job.
Senders could set the available capacity greater than the current
`window_size`. This caused a panic when the sender attempted
to send more than the receiver could accept.
Previously, stream state was never released so that long-lived connections
leaked memory.
Now, stream states are reference-counted and freed from the stream slab
when complete. Locally reset streams are retained so that received frames
may be ignored.
This patch does a bunch of refactoring, mostly around error types, but it also
paves the way to allow `Codec` to be used standalone.
* `Codec` (and `FramedRead` / `FramedWrite`) is broken out into a codec module.
* An h2-codec crate is created that re-exports the frame and codec modules.
* New error types are introduced in the internals:
* `RecvError` represents errors caused by trying to receive a frame.
* `SendError` represents errors caused by trying to send a frame.
* `UserError` is an enum of potential errors caused by invalid usage
by the user of the lib.
* `ProtoError` is either a `Reason` or an `io::Error`. However it doesn't
specify connection or stream level.
* `h2::Error` is an opaque error type and is the only error type exposed
by the public API (used to be `ConnectionError`).
There are misc code changes to enable this as well. The biggest is a new "sink"
API for `Codec`. It provides buffer which queues up a frame followed by flush
which writes everything that is queued. This departs from the `Sink` trait in
order to provide more accurate error values. For example, buffer can never fail
(but it will panic if `poll_ready` is not called first).
Header fields and data frames can potentially contain sensitive data.
This change omits these from Debug output which reduces the chance that
this ends up in logs.
Malformed requests and responses should immediately result in a
RST_STREAM. To support this, received header frames are validated and
converted to Request / Response values immediately on receipt and before
buffering.
Use a temporary private fork of tokio-rustls that uses Rustls 0.12
until tokio-rustls 0.4 is released.
This upgrades, among other things, *ring* to 0.12, which will ensure
that it still builds in the Rust 1.20 release coming this week even if
backward-compatibility-breaking changes to rustc aren't fixed before
the release.
