bindings: mark Connection as Sync

bindings/rust/s2n-tls-sys/templates/Cargo.template

@@ -1,7 +1,7 @@
 [package]
 name = "s2n-tls-sys"
 description = "A C99 implementation of the TLS/SSL protocols"
-version = "0.1.7"
+version = "0.2.0"
 authors = ["AWS s2n"]
 edition = "2021"
 rust-version = "1.63.0"

bindings/rust/s2n-tls-tokio/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "s2n-tls-tokio"
 description = "An implementation of TLS streams for Tokio built on top of s2n-tls"
-version = "0.1.7"
+version = "0.2.0"
 authors = ["AWS s2n"]
 edition = "2021"
 rust-version = "1.63.0"
@@ -15,7 +15,7 @@ default = []
 errno = { version = "0.3" }
 libc = { version = "0.2" }
 pin-project-lite = { version = "0.2" }
-s2n-tls = { version = "=0.1.7", path = "../s2n-tls" }
+s2n-tls = { version = "=0.2.0", path = "../s2n-tls" }
 tokio = { version = "1", features = ["net", "time"] }
 
 [dev-dependencies]

bindings/rust/s2n-tls/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "s2n-tls"
 description = "A C99 implementation of the TLS/SSL protocols"
-version = "0.1.7"
+version = "0.2.0"
 authors = ["AWS s2n"]
 edition = "2021"
 rust-version = "1.63.0"
@@ -19,7 +19,7 @@ testing = ["bytes"]
 bytes = { version = "1", optional = true }
 errno = { version = "0.3" }
 libc = "0.2"
-s2n-tls-sys = { version = "=0.1.7", path = "../s2n-tls-sys", features = ["internal"] }
+s2n-tls-sys = { version = "=0.2.0", path = "../s2n-tls-sys", features = ["internal"] }
 pin-project-lite = "0.2"
 hex = "0.4"
 

bindings/rust/s2n-tls/src/callbacks/async_cb.rs

@@ -26,7 +26,7 @@ use std::pin::Pin;
 /// if it wants to run an asynchronous operation (disk read, network call).
 /// The application can return an error ([Err(Error::application())])
 /// to indicate connection failure.
-pub trait ConnectionFuture: 'static + Send {
+pub trait ConnectionFuture: 'static + Send + Sync {
     fn poll(
         self: Pin<&mut Self>,
         connection: &mut Connection,

bindings/rust/s2n-tls/src/callbacks/client_hello.rs

@@ -48,7 +48,7 @@ impl<F: 'static + Send + Future<Output = Result<Config, Error>>> ConfigResolver<
     }
 }
 
-impl<F: 'static + Send + Future<Output = Result<Config, Error>>> ConnectionFuture
+impl<F: 'static + Send + Sync + Future<Output = Result<Config, Error>>> ConnectionFuture
     for ConfigResolver<F>
 {
     fn poll(

bindings/rust/s2n-tls/src/connection.rs

@@ -64,6 +64,21 @@ impl fmt::Debug for Connection {
 /// s2n_connection objects can be sent across threads
 unsafe impl Send for Connection {}
 
+/// # Sync
+///
+/// Although NonNull isn't Sync and allows access to mutable pointers even from
+/// immutable references, the Connection interface enforces that all mutating
+/// methods correctly require &mut self.
+///
+/// Developers and reviewers MUST ensure that new methods correctly use
+/// either &self or &mut self depending on their behavior. No mechanism enforces this.
+///
+/// Note: Although non-mutating methods like getters should be thread-safe by definition,
+/// technically the only thread safety guarantee provided by the underlying C library
+/// is that s2n_send and s2n_recv can be called concurrently.
+///
+unsafe impl Sync for Connection {}
+
 impl Connection {
     pub fn new(mode: Mode) -> Self {
         crate::init::init();
@@ -1017,4 +1032,11 @@ mod tests {
         fn assert_send<T: 'static + Send>() {}
         assert_send::<Context>();
     }
+
+    // ensure the connection context is sync
+    #[test]
+    fn context_sync_test() {
+        fn assert_sync<T: 'static + Sync>() {}
+        assert_sync::<Context>();
+    }
 }