feat: TLS 1.3 session resumption

2026-04-28 10:56:29 +03:00 · 2024-11-07 19:22:19 +00:00
parent 460d2f3c2a
commit eb1bd1d200
7 changed files with 179 additions and 24 deletions
--- a/src/imap/client.rs
+++ b/src/imap/client.rs
@@ -210,7 +210,15 @@ impl Client {
        let account_id = context.get_id();
        let events = context.events.clone();
        let logging_stream = LoggingStream::new(tcp_stream, account_id, events)?;
-        let tls_stream = wrap_tls(strict_tls, hostname, alpn(addr.port()), logging_stream).await?;
+        let tls_stream = wrap_tls(
+            strict_tls,
+            hostname,
+            addr.port(),
+            alpn(addr.port()),
+            logging_stream,
+            &context.tls_session_store,
+        )
+        .await?;
        let buffered_stream = BufWriter::new(tls_stream);
        let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
        let mut client = Client::new(session_stream);
@@ -262,9 +270,16 @@ impl Client {
        let buffered_tcp_stream = client.into_inner();
        let tcp_stream = buffered_tcp_stream.into_inner();

-        let tls_stream = wrap_tls(strict_tls, host, "", tcp_stream)
-            .await
-            .context("STARTTLS upgrade failed")?;
+        let tls_stream = wrap_tls(
+            strict_tls,
+            host,
+            addr.port(),
+            "",
+            tcp_stream,
+            &context.tls_session_store,
+        )
+        .await
+        .context("STARTTLS upgrade failed")?;
        let buffered_stream = BufWriter::new(tls_stream);
        let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
        let client = Client::new(session_stream);
@@ -281,7 +296,15 @@ impl Client {
        let proxy_stream = proxy_config
            .connect(context, domain, port, strict_tls)
            .await?;
-        let tls_stream = wrap_tls(strict_tls, domain, alpn(port), proxy_stream).await?;
+        let tls_stream = wrap_tls(
+            strict_tls,
+            domain,
+            port,
+            alpn(port),
+            proxy_stream,
+            &context.tls_session_store,
+        )
+        .await?;
        let buffered_stream = BufWriter::new(tls_stream);
        let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
        let mut client = Client::new(session_stream);
@@ -334,9 +357,16 @@ impl Client {
        let buffered_proxy_stream = client.into_inner();
        let proxy_stream = buffered_proxy_stream.into_inner();

-        let tls_stream = wrap_tls(strict_tls, hostname, "", proxy_stream)
-            .await
-            .context("STARTTLS upgrade failed")?;
+        let tls_stream = wrap_tls(
+            strict_tls,
+            hostname,
+            port,
+            "",
+            proxy_stream,
+            &context.tls_session_store,
+        )
+        .await
+        .context("STARTTLS upgrade failed")?;
        let buffered_stream = BufWriter::new(tls_stream);
        let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
        let client = Client::new(session_stream);