Rust in the news: Rustls substantially outperforms OpenSSL

ZDNet: A Rust-based TLS library outperformed OpenSSL in almost every category

6 Likes

And the code starts with #![forbid(unsafe_code)], showing that unsafe is not always required for performance :slight_smile:

10 Likes

That annotation provides significant assurance that this code, by avoiding unsafe in its specific implementation (though of course using some stdlib functions that necessarily use unsafe), is not repeating the invitation to malware of the OpenSSL library that it replaces.

3 Likes

I'm not sure this necessary shows that, though it does demonstrate that when one needs unsafe for performance, it can be separated out to a separate crate that exposes a safe abstraction, which in some ways is even better :slight_smile:

5 Likes

Does this crate support StartTLS?

Last time I looked at the API I could not work out
how to pass a file descriptor to start negotiation and I ended up using OpenSSL.