Book Image

Network Programming with Rust

By : Abhishek Chanda
Book Image

Network Programming with Rust

By: Abhishek Chanda

Overview of this book

Rust is low-level enough to provide fine-grained control over memory while providing safety through compile-time validation. This makes it uniquely suitable for writing low-level networking applications. This book is divided into three main parts that will take you on an exciting journey of building a fully functional web server. The book starts with a solid introduction to Rust and essential networking concepts. This will lay a foundation for, and set the tone of, the entire book. In the second part, we will take an in-depth look at using Rust for networking software. From client-server networking using sockets to IPv4/v6, DNS, TCP, UDP, you will also learn about serializing and deserializing data using serde. The book shows how to communicate with REST servers over HTTP. The final part of the book discusses asynchronous network programming using the Tokio stack. Given the importance of security for modern systems, you will see how Rust supports common primitives such as TLS and public-key cryptography. After reading this book, you will be more than confident enough to use Rust to build effective networking software
Table of Contents (11 chapters)

Securing the web

In a previous chapter, we studied HTTP. We noted how important it has been in making our lives easier. However, HTTP is vulnerable to a range of attacks that might result in leaking the payload. Thus, it was necessary to add some form of security between parties using HTTP to communicate. RFC 2818 proposed HTTPS (HTTP Secure) as a version of HTTP that uses a secure streaming protocol underneath. Initially, this was Secure Socket Layer (SSL), and later evolved into Transport Layer Security (TLS).

The basic scheme of things goes like this:

  • The Client and Server establish a TCP connection.
  • The Client and Server agree upon a cipher and hash function to use throughout the connection. For this, the client sends a list of ciphers and hash functions. The Server picks one from that list and lets the Client know.
  • The Server sends a certificate to the Client. The Client...