Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14): Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14):badeend requested wasmtime-wasi-reviewers for a review on PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14):badeend opened PR #12834 from badeend:wasi-tls-p3 to bytecodealliance:main:
This implements the
wasi:tlsP3 host, superseding #12174 (shoutout @rvolosatovs for laying the groundwork).Builds on the existing
TlsProviderabstraction already used by the P2 implementation, delegating async I/O and waker marshalling to the established tokio TLS wrappers (tokio-rustls,tokio-native-tls,tokio-openssl). This means it runs on all three backends.Quick overview
The
Connectorresource holds aShared<Deferred<TlsStream>>which represents a lazily-resolved handle to a TLS stream. When the guest callssendandreceive, pipes are set up between the guest streams and the (not-yet-known) TLS stream. Whenconnectis called, the TLS handshake is performed; on success the connectedTlsStreamis installed into the shared handle, unblocking both the read and write sides simultaneously. On failure, aClosedsentinel is installed instead, which will wake up the reader/writers with an error.The close_notify shutdown sequence is driven by a component-model task spawned on the Store. The task sits idle throughout the entire connection and waits for the guest to close the cleartext send stream. At that point it calls
.shutdown().awaiton the TLS stream to emit and flush the close_notify alert.Future improvements
For now I've focused on portability and correctness, leaving as much of the tricky bits to external packages. Ideally:
- We shouldn't need to spawn tasks and instead somehow drive the close_notify sequence from within the StreamProducer returned by
send.- We shouldn't need the
pipe()and its buffer when using the rustls backend. rustls provides direct read/write access into its internal buffer, so thepipe()introduces a redundant intermediate copy. The other backends don't offer that possibility, though. So I don't know what the best approach is yet on this point.
Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14):badeend requested cfallin for a review on PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14):badeend requested wasmtime-core-reviewers for a review on PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 19:14):badeend requested wasmtime-default-reviewers for a review on PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 19:57):badeend updated PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 20:08):badeend updated PR #12834.
Wasmtime GitHub notifications bot (Mar 24 2026 at 20:14):badeend updated PR #12834.
Wasmtime GitHub notifications bot (Mar 26 2026 at 16:19):cfallin unassigned cfallin from PR #12834 feat(p3): implement wasi:tls.
Wasmtime GitHub notifications bot (Mar 26 2026 at 16:19):cfallin requested dicej for a review on PR #12834.
Wasmtime GitHub notifications bot (Mar 26 2026 at 18:12):dicej created PR review comment:
Nit: I'd suggest renaming this to
BoxFutureTlsStream.
Wasmtime GitHub notifications bot (Mar 26 2026 at 18:12):dicej submitted PR review:
LGTM, thanks!
At some point, we should probably move some of the utility code under p3/util into its own crate since it seems generally useful.
Wasmtime GitHub notifications bot (Mar 26 2026 at 19:32):badeend updated PR #12834.
Wasmtime GitHub notifications bot (Mar 26 2026 at 19:32):badeend submitted PR review.
Wasmtime GitHub notifications bot (Mar 26 2026 at 19:32):badeend created PR review comment:
Oh, hehe. Yes indeed ;)
Wasmtime GitHub notifications bot (Mar 30 2026 at 13:46):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Mar 30 2026 at 13:46):alexcrichton created PR review comment:
Could this view type and view trait be promoted to the crate root? My hope is that we can have the same view struct/trait for the entire crate spanning all API versions, effectively meaning that all APIs are built on the same underlying data structures the entire time (where possible at least)
Wasmtime GitHub notifications bot (Mar 30 2026 at 13:46):alexcrichton added PR #12834 feat(p3): implement wasi:tls to the merge queue.
Wasmtime GitHub notifications bot (Mar 30 2026 at 16:04):alexcrichton merged PR #12834.
Wasmtime GitHub notifications bot (Mar 30 2026 at 16:04):alexcrichton removed PR #12834 feat(p3): implement wasi:tls from the merge queue.
Wasmtime GitHub notifications bot (Mar 30 2026 at 18:12):badeend created PR review comment:
Sure :+1:
Wasmtime GitHub notifications bot (Mar 30 2026 at 18:12):badeend submitted PR review.
Last updated: Apr 12 2026 at 23:10 UTC