.gitignore

@@ -6,7 +6,6 @@
 /ptth_relay.toml
 /ptth_build_L6KLMVS6/
 /ptth_server_build_BIHWLQXQ/
-/scope/untracked
 /scraper-secret.txt
 /target
 

Cargo.lock

@@ -510,15 +510,6 @@ dependencies = [
  "slab",
 ]
 
-[[package]]
-name = "fxhash"
-version = "0.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c31b6d751ae2c7f11320402d34e41349dd1016f8d5d45e48c4312bc8625af50c"
-dependencies = [
- "byteorder",
-]
-
 [[package]]
 name = "generic-array"
 version = "0.12.4"
@@ -1250,8 +1241,8 @@ dependencies = [
  "futures-util",
  "hex",
  "ptth_file_server",
- "ptth_quic",
  "ptth_server",
+ "quic_demo",
  "rand",
  "reqwest",
  "rusty_ulid",
@@ -1261,27 +1252,6 @@ dependencies = [
  "tracing-subscriber",
 ]
 
-[[package]]
-name = "ptth_quic"
-version = "0.1.0"
-dependencies = [
- "anyhow",
- "base64",
- "ctrlc",
- "futures-util",
- "hyper",
- "quinn 0.8.5",
- "rand",
- "rcgen",
- "reqwest",
- "rmp-serde",
- "rustls 0.20.4",
- "structopt",
- "tokio",
- "tracing",
- "tracing-subscriber",
-]
-
 [[package]]
 name = "ptth_quic_client_gui"
 version = "0.1.0"
@@ -1289,8 +1259,8 @@ dependencies = [
  "anyhow",
  "blake3",
  "fltk",
- "ptth_quic",
- "quinn 0.7.2",
+ "quic_demo",
+ "quinn",
  "rand",
  "rand_chacha",
  "reqwest",
@@ -1409,6 +1379,26 @@ dependencies = [
  "unicase",
 ]
 
+[[package]]
+name = "quic_demo"
+version = "0.1.0"
+dependencies = [
+ "anyhow",
+ "base64",
+ "ctrlc",
+ "futures-util",
+ "hyper",
+ "quinn",
+ "rand",
+ "rcgen",
+ "reqwest",
+ "rmp-serde",
+ "structopt",
+ "tokio",
+ "tracing",
+ "tracing-subscriber",
+]
+
 [[package]]
 name = "quick-error"
 version = "2.0.1"
@@ -1426,7 +1416,7 @@ dependencies = [
  "lazy_static",
  "libc",
  "mio 0.7.13",
- "quinn-proto 0.7.3",
+ "quinn-proto",
  "rustls 0.19.1",
  "socket2 0.3.19",
  "thiserror",
@@ -1435,25 +1425,6 @@ dependencies = [
  "webpki 0.21.4",
 ]
 
-[[package]]
-name = "quinn"
-version = "0.8.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5b435e71d9bfa0d8889927231970c51fb89c58fa63bffcab117c9c7a41e5ef8f"
-dependencies = [
- "bytes",
- "futures-channel",
- "futures-util",
- "fxhash",
- "quinn-proto 0.8.4",
- "quinn-udp",
- "rustls 0.20.4",
- "thiserror",
- "tokio",
- "tracing",
- "webpki 0.22.0",
-]
-
 [[package]]
 name = "quinn-proto"
 version = "0.7.3"
@@ -1465,7 +1436,7 @@ dependencies = [
  "rand",
  "ring",
  "rustls 0.19.1",
- "rustls-native-certs 0.5.0",
+ "rustls-native-certs",
  "slab",
  "thiserror",
  "tinyvec",
@@ -1473,40 +1444,6 @@ dependencies = [
  "webpki 0.21.4",
 ]
 
-[[package]]
-name = "quinn-proto"
-version = "0.8.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3fce546b9688f767a57530652488420d419a8b1f44a478b451c3d1ab6d992a55"
-dependencies = [
- "bytes",
- "fxhash",
- "rand",
- "ring",
- "rustls 0.20.4",
- "rustls-native-certs 0.6.2",
- "rustls-pemfile 0.2.1",
- "slab",
- "thiserror",
- "tinyvec",
- "tracing",
- "webpki 0.22.0",
-]
-
-[[package]]
-name = "quinn-udp"
-version = "0.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9f832d8958db3e84d2ec93b5eb2272b45aa23cf7f8fe6e79f578896f4e6c231b"
-dependencies = [
- "futures-util",
- "libc",
- "quinn-proto 0.8.4",
- "socket2 0.4.4",
- "tokio",
- "tracing",
-]
-
 [[package]]
 name = "quote"
 version = "1.0.9"
@@ -1638,7 +1575,7 @@ dependencies = [
  "percent-encoding",
  "pin-project-lite",
  "rustls 0.20.4",
- "rustls-pemfile 0.3.0",
+ "rustls-pemfile",
  "serde",
  "serde_json",
  "serde_urlencoded",
@@ -1761,27 +1698,6 @@ dependencies = [
  "security-framework",
 ]
 
-[[package]]
-name = "rustls-native-certs"
-version = "0.6.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50"
-dependencies = [
- "openssl-probe",
- "rustls-pemfile 1.0.1",
- "schannel",
- "security-framework",
-]
-
-[[package]]
-name = "rustls-pemfile"
-version = "0.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5eebeaeb360c87bfb72e84abdb3447159c0eaececf1bef2aecd65a8be949d1c9"
-dependencies = [
- "base64",
-]
-
 [[package]]
 name = "rustls-pemfile"
 version = "0.3.0"
@@ -1791,15 +1707,6 @@ dependencies = [
  "base64",
 ]
 
-[[package]]
-name = "rustls-pemfile"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0864aeff53f8c05aa08d86e5ef839d3dfcf07aeba2db32f12db0ef716e87bd55"
-dependencies = [
- "base64",
-]
-
 [[package]]
 name = "rusty_ulid"
 version = "0.10.1"

Cargo.toml

@@ -46,5 +46,6 @@ chrono = {version = "0.4.19", features = ["serde"]}
 
 members = [
 	"crates/*",
+	"prototypes/*",
 	"tools/*",
 ]

Dockerfile

@@ -20,7 +20,7 @@ cargo new --bin crates/ptth_server && \
 cargo new --bin crates/ptth_file_server_bin && \
 cargo new --bin tools/ptth_tail && \
 cargo new --bin crates/debug_proxy && \
-cargo new --bin crates/ptth_quic
+cargo new --bin prototypes/quic_demo
 
 # copy over your manifests
 COPY ./Cargo.lock                               ./
@@ -28,7 +28,7 @@ COPY ./Cargo.toml                               ./
 COPY ./crates/always_equal/Cargo.toml           ./crates/always_equal/
 COPY ./crates/ptth_core/Cargo.toml              ./crates/ptth_core/
 COPY ./crates/ptth_relay/Cargo.toml             ./crates/ptth_relay/
-COPY ./crates/ptth_quic/Cargo.toml              ./crates/ptth_quic/
+COPY ./prototypes/quic_demo/Cargo.toml          ./prototypes/quic_demo/
 
 # this build step will cache your dependencies
 RUN cargo build --release -p ptth_relay
@@ -39,7 +39,7 @@ src/*.rs \
 crates/always_equal/src/*.rs \
 crates/ptth_core/src/*.rs \
 crates/ptth_relay/src/*.rs \
-crates/ptth_quic/src/*.rs
+prototypes/quic_demo/src/*.rs
 
 # Copy source tree
 # Yes, I tried a few variations on the syntax. Dockerfiles are just rough.
@@ -49,7 +49,7 @@ COPY ./crates/always_equal ./crates/always_equal
 COPY ./crates/ptth_core    ./crates/ptth_core
 COPY ./crates/ptth_relay   ./crates/ptth_relay
 COPY ./handlebars/         ./handlebars
-COPY ./crates/ptth_quic    ./crates/ptth_quic
+COPY ./prototypes/quic_demo ./prototypes/quic_demo
 
 # Bug in cargo's incremental build logic, triggered by
 # Docker doing something funny with mtimes? Maybe?

crates/ptth_multi_call_server/Cargo.toml

@@ -18,7 +18,7 @@ futures-util = "0.3.9"
 hex = "0.4.3"
 ptth_file_server = { path = "../ptth_file_server_bin" }
 ptth_server = { path = "../ptth_server" }
-ptth_quic = { path = "../ptth_quic" }
+quic_demo = { path = "../../prototypes/quic_demo" }
 rand = "0.8.4"
 rusty_ulid = "0.10.1"
 sha2 = "0.9.8"

crates/ptth_multi_call_server/src/main.rs

@@ -43,7 +43,7 @@ async fn main () -> anyhow::Result <()> {
 				shutdown_tx.send (true).expect ("Couldn't forward Ctrl+C signal");
 			})?;
 			tracing::trace! ("Set Ctrl+C handler");
-			ptth_quic::executable_end_server::main (args, Some (shutdown_rx)).await?;
+			quic_demo::executable_end_server::main (args, Some (shutdown_rx)).await?;
 			
 			Ok (())
 		}

docs/how-to/test-ptth-quic.md

@@ -2,12 +2,12 @@
 
 ## Initial setup
 
-- Open 3 terminals in `crates/ptth_quic`
-- Use `export RUST_LOG=ptth_quic_relay_server=debug` to enable debug logging
+- Open 3 terminals in `prototypes/quic_demo`
+- Use `export RUST_LOG=quic_demo_relay_server=debug` to enable debug logging
 for the terminal that will run the relay server (P3)
-- Use `export RUST_LOG=ptth_quic=debug` for the terminal that
+- Use `export RUST_LOG=quic_demo_end_server=debug` for the terminal that
 will run the end server (P4)
-- Use `export RUST_LOG=ptth_quic_client=debug` for the terminal that
+- Use `export RUST_LOG=quic_demo_client=debug` for the terminal that
 will run the client (P2)
 
 When the relay server is running, use curl to get the list of connected
@@ -15,10 +15,10 @@ end servers: `curl 127.0.0.1:4004`
 
 ## Test loop - Happy path
 
-- Start a relay `cargo run --bin ptth_quic_relay_server`
+- Start a relay `cargo run --bin quic_demo_relay_server`
 - Verify that the relay has no end servers connected 
-- Start an end server `cargo run --bin ptth_quic_end_server -- --debug-echo`
+- Start an end server `cargo run --bin quic_demo_end_server -- --debug-echo`
 - Verify that the end server connected
-- Start a client `cargo run --bin ptth_quic_client`
+- Start a client `cargo run --bin quic_demo_client`
 - Connect to the client and verify that the debug echo server is running
 `nc 127.0.0.1 30381`

prototypes/ptth_quic_client_gui/Cargo.toml

@@ -11,7 +11,7 @@ license = "AGPL-3.0"
 anyhow = "1.0.38"
 blake3 = "1.0.0"
 fltk = "1.2.8"
-ptth_quic = { path = "../ptth_quic" }
+quic_demo = { path = "../quic_demo" }
 quinn = "0.7.2"
 rand = "0.8.4"
 rand_chacha = "0.3.1"

prototypes/ptth_quic_client_gui/src/main.rs

@@ -19,7 +19,7 @@ use rand::{
 use structopt::StructOpt;
 use tokio::runtime::Runtime;
 
-use ptth_quic::{
+use quic_demo::{
 	client_proxy::*,
 	prelude::*,
 	protocol::PeerId,

prototypes/quic_demo/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "ptth_quic"
+name = "quic_demo"
 version = "0.1.0"
 authors = ["Trish"]
 edition = "2018"
@@ -14,11 +14,10 @@ ctrlc = "3.2.1"
 # fltk = "1.1.1"
 futures-util = "0.3.9"
 hyper = { version = "0.14.4", features = ["http1", "server", "stream", "tcp"] }
-quinn = "0.8.5"
+quinn = "0.7.2"
 rand = "0.8.4"
 rcgen = "0.8.11"
 rmp-serde = "0.15.5"
-rustls = "0.20.4"
 structopt = "0.3.20"
 tokio = { version = "1.8.1", features = ["full"] }
 tracing-subscriber = "0.2.16"

prototypes/quic_demo/Dockerfile

@@ -1,8 +1,8 @@
 # https://whitfin.io/speeding-up-rust-docker-builds/
 # TODO: https://stackoverflow.com/questions/57389547/how-to-define-the-context-for-a-docker-build-as-a-specific-commit-on-one-of-the
 
-# rust:1.64-slim-buster
-FROM rust@sha256:7da4fbd2dc7176746e8e5c371aeb0bbe742598c4906fa48cb2d87a4b89d50357 as build
+# rust:1.50-slim-buster
+FROM rust@sha256:5dd85eb0c60bbdea14a6ecba1f6fe4a0f5c878bcf06d2cdfae0aff3a19ed4b10 as build
 
 WORKDIR /
 ENV USER root
@@ -20,7 +20,7 @@ cargo new --bin crates/ptth_server && \
 cargo new --bin crates/ptth_file_server_bin && \
 cargo new --bin tools/ptth_tail && \
 cargo new --bin crates/debug_proxy && \
-cargo new --bin crates/ptth_quic
+cargo new --bin prototypes/quic_demo
 
 # copy over your manifests
 COPY ./Cargo.lock                               ./
@@ -28,10 +28,10 @@ COPY ./Cargo.toml                               ./
 COPY ./crates/always_equal/Cargo.toml           ./crates/always_equal/
 COPY ./crates/ptth_core/Cargo.toml              ./crates/ptth_core/
 COPY ./crates/ptth_relay/Cargo.toml             ./crates/ptth_relay/
-COPY ./crates/ptth_quic/Cargo.toml              ./crates/ptth_quic/
+COPY ./prototypes/quic_demo/Cargo.toml          ./prototypes/quic_demo/
 
 # this build step will cache your dependencies
-RUN cargo build --release -p ptth_quic
+RUN cargo build --release -p quic_demo
 
 RUN \
 rm \
@@ -39,7 +39,7 @@ src/*.rs \
 crates/always_equal/src/*.rs \
 crates/ptth_core/src/*.rs \
 crates/ptth_relay/src/*.rs \
-crates/ptth_quic/src/*.rs
+prototypes/quic_demo/src/*.rs
 
 # Copy source tree
 # Yes, I tried a few variations on the syntax. Dockerfiles are just rough.
@@ -49,7 +49,7 @@ COPY ./crates/always_equal  ./crates/always_equal
 COPY ./crates/ptth_core     ./crates/ptth_core
 COPY ./crates/ptth_relay    ./crates/ptth_relay
 COPY ./handlebars/          ./handlebars
-COPY ./crates/ptth_quic     ./crates/ptth_quic
+COPY ./prototypes/quic_demo ./prototypes/quic_demo
 
 # Bug in cargo's incremental build logic, triggered by
 # Docker doing something funny with mtimes? Maybe?
@@ -58,8 +58,8 @@ RUN touch crates/ptth_core/src/lib.rs
 # build for release
 # gate only on ptth_relay tests for now
 RUN \
-cargo build --release -p ptth_quic --bin ptth_quic_relay_server && \
-cargo test --release -p ptth_quic --bin ptth_quic_relay_server
+cargo build --release -p quic_demo --bin quic_demo_relay_server && \
+cargo test --release -p quic_demo --bin quic_demo_relay_server
 
 # debian:buster-slim
 FROM debian@sha256:13f0764262a064b2dd9f8a828bbaab29bdb1a1a0ac6adc8610a0a5f37e514955
@@ -73,11 +73,11 @@ RUN addgroup --gid 10001 ptth_user && adduser --system --uid 10000 --gid 10001 p
 USER ptth_user
 WORKDIR /home/ptth_user
 
-COPY --from=build /ptth/target/release/ptth_quic_relay_server ./
+COPY --from=build /ptth/target/release/quic_demo_relay_server ./
 
 ARG git_version
 RUN \
 echo -n "$git_version" > ./git_version.txt && \
-ln -s ptth_quic_relay_server app
+ln -s quic_demo_relay_server app
 
-CMD ["/usr/bin/tini", "--", "./ptth_quic_relay_server"]
+CMD ["/usr/bin/tini", "--", "./quic_demo_relay_server"]

prototypes/quic_demo/README.md

@@ -3,9 +3,9 @@
 There are 5 processes, so you'll need 5 terminal windows or screen / tmux
 sessions. Run the processes in this order:
 
-1. QUIC relay server: `RUST_LOG=ptth_quic_relay_server=debug cargo run --bin ptth_quic_relay_server`
-2. Server-side proxy: `RUST_LOG=ptth_quic_end_server=debug cargo run --bin ptth_quic_end_server`
-3. Client-side proxy: `RUST_LOG=ptth_quic_client cargo run --bin ptth_quic_client`
+1. QUIC relay server: `RUST_LOG=quic_demo_relay_server=debug cargo run --bin quic_demo_relay_server`
+2. Server-side proxy: `RUST_LOG=quic_demo_end_server=debug cargo run --bin quic_demo_end_server`
+3. Client-side proxy: `RUST_LOG=quic_demo_client cargo run --bin quic_demo_client`
 4. TCP end server: `nc -l -p 30382`
 5. TCP end client: `nc 127.0.0.1 30381`
 

prototypes/quic_demo/build_app_package.bash

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-# Run from `ptth/`
 
 set -euo pipefail
 
@@ -9,12 +8,14 @@ DOCKER_TAG="ptth_quic:latest"
 
 mkdir -p app_packages
 
-git archive --format=tar "$GIT_COMMIT" | docker build -f crates/ptth_quic/Dockerfile -t "$DOCKER_TAG" --build-arg "git_version=$GIT_COMMIT" -
+pushd ../../
+git archive --format=tar "$GIT_COMMIT" | sudo docker build -f prototypes/quic_demo/Dockerfile -t "$DOCKER_TAG" --build-arg "git_version=$GIT_COMMIT" -
+popd
 
-docker run --rm "$DOCKER_TAG" \
+sudo docker run --rm "$DOCKER_TAG" \
 tar -c \
 app \
-ptth_quic_relay_server \
+quic_demo_relay_server \
 | gzip > "app_packages/ptth_quic_relay_$GIT_COMMIT_SHORT.tar.gz"
 
 # sudo docker build -f app_package_Dockerfile -t ptth_app_host:latest .

prototypes/quic_demo/src/bin/quic_demo_client.rs

@@ -4,7 +4,7 @@ use tokio::{
 	sync::watch,
 };
 
-use ptth_quic::{
+use quic_demo::{
 	client_proxy::{
 		ForwardingParams,
 		forward_port,
@@ -64,7 +64,7 @@ impl P2Client {
 		let quinn::NewConnection {
 			connection,
 			..
-		} = protocol::p2_connect_to_p3 (&self.endpoint, conf.relay_addr, &conf.client_id).await?;
+		} = protocol::p2_connect_to_p3 (&self.endpoint, &conf.relay_addr, &conf.client_id).await?;
 		
 		let client_tcp_port = conf.client_tcp_port;
 		

prototypes/quic_demo/src/bin/quic_demo_end_server.rs

@@ -4,7 +4,7 @@ use std::{
 
 use tokio::sync::watch;
 
-use ptth_quic::prelude::*;
+use quic_demo::prelude::*;
 
 #[tokio::main]
 async fn main () -> anyhow::Result <()> {
@@ -19,5 +19,5 @@ async fn main () -> anyhow::Result <()> {
 	})?;
 	trace! ("Set Ctrl+C handler");
 	
-	ptth_quic::executable_end_server::main (&args, Some (shutdown_rx)).await
+	quic_demo::executable_end_server::main (&args, Some (shutdown_rx)).await
 }

prototypes/quic_demo/src/bin/quic_demo_relay_server.rs

@@ -15,7 +15,7 @@ use tokio::{
 	sync::watch,
 };
 
-use ptth_quic::prelude::*;
+use quic_demo::prelude::*;
 use protocol::PeerId;
 
 #[derive (Debug, StructOpt)]
@@ -75,7 +75,7 @@ async fn main () -> anyhow::Result <()> {
 					
 					match handle_quic_connection (Arc::clone (&relay_state), conn).await {
 						Ok (_) => (),
-						Err (e) => warn! ("handle_quic_connection `{:?}`", e),
+						Err (e) => warn! ("handle_quic_connection {:?}", e),
 					}
 					
 					let active = relay_state.stats.quic.disconnect ();
@@ -320,15 +320,13 @@ async fn handle_quic_connection (
 	
 	match peer {
 		protocol::P3Peer::P2ClientProxy (peer) => {
-			trace! ("Accepting connection from P2 client");
 			// TODO: Check authorization for P2 peers
 			
 			protocol::p3_authorize_p2_peer (&mut send).await?;
 			handle_p2_connection (relay_state, conn, peer).await?;
 		},
 		protocol::P3Peer::P4ServerProxy (peer) => {
-			trace! ("Accepting connection from P4 end server");
-			// TODO: Check authorization for P4 peers
+			// TODO: Check authorization for P2 peers
 			
 			protocol::p3_authorize_p4_peer (&mut send).await?;
 			handle_p4_connection (relay_state, conn, peer).await?;

prototypes/quic_demo/src/executable_end_server.rs

@@ -22,7 +22,6 @@ struct Opt {
 }
 
 pub async fn main (args: &[OsString], shutdown_rx: Option <watch::Receiver <bool>>) -> anyhow::Result <()> {
-	trace! ("executable_end_server::main");
 	let opt = Opt::from_iter (args);
 	let conf = opt.into_config ().await?;
 	
@@ -120,7 +119,7 @@ impl P4EndServer {
 			..
 		} = protocol::p4_connect_to_p3 (
 			&self.endpoint, 
-			self.conf.relay_addr, 
+			&self.conf.relay_addr, 
 			&self.conf.id
 		).await?;
 		

prototypes/quic_demo/src/protocol.rs

@@ -31,7 +31,7 @@ impl Command {
 
 pub async fn p2_connect_to_p3 (
 	endpoint: &quinn::Endpoint,
-	relay_addr: std::net::SocketAddr,
+	relay_addr: &std::net::SocketAddr,
 	client_id: &str,
 ) -> Result <quinn::NewConnection> 
 {
@@ -249,7 +249,7 @@ pub async fn p3_authorize_p2_to_p4_direc (
 
 pub async fn p4_connect_to_p3 (
 	endpoint: &quinn::Endpoint,
-	relay_addr: std::net::SocketAddr,
+	relay_addr: &std::net::SocketAddr,
 	server_id: &str,
 ) -> Result <quinn::NewConnection> 
 {

prototypes/quic_demo/src/quinn_utils.rs

@@ -8,8 +8,8 @@ use std::{
 };
 
 use quinn::{
-	ClientConfig, Endpoint, Incoming,
-	ServerConfig, TransportConfig,
+	Certificate, CertificateChain, ClientConfig, ClientConfigBuilder, Endpoint, Incoming,
+	PrivateKey, ServerConfig, ServerConfigBuilder, TransportConfig,
 };
 
 /// Constructs a QUIC endpoint configured for use a client only.
@@ -28,8 +28,9 @@ pub fn make_client_endpoint(
 	
 	client_cfg.transport = Arc::new (transport);
 	
-	let mut endpoint = Endpoint::client (bind_addr)?;
-	endpoint.set_default_client_config (client_cfg);
+	let mut endpoint_builder = Endpoint::builder ();
+	endpoint_builder.default_client_config (client_cfg);
+	let (endpoint, _incoming) = endpoint_builder.bind(&bind_addr)?;
 	Ok(endpoint)
 }
 
@@ -43,7 +44,9 @@ pub fn make_client_endpoint(
 #[allow(unused)]
 pub fn make_server_endpoint(bind_addr: SocketAddr) -> anyhow::Result<(Incoming, Vec<u8>)> {
 	let (server_config, server_cert) = configure_server()?;
-	let (_endpoint, incoming) = Endpoint::server (server_config, bind_addr)?;
+	let mut endpoint_builder = Endpoint::builder();
+	endpoint_builder.listen(server_config);
+	let (_endpoint, incoming) = endpoint_builder.bind(&bind_addr)?;
 	Ok((incoming, server_cert))
 }
 
@@ -53,12 +56,11 @@ pub fn make_server_endpoint(bind_addr: SocketAddr) -> anyhow::Result<(Incoming,
 ///
 /// - server_certs: a list of trusted certificates in DER format.
 fn configure_client(server_certs: &[&[u8]]) -> anyhow::Result<ClientConfig> {
-	let mut certs = rustls::RootCertStore::empty ();
+	let mut cfg_builder = ClientConfigBuilder::default();
 	for cert in server_certs {
-		certs.add (&rustls::Certificate (cert.to_vec ()))?;
+		cfg_builder.add_certificate_authority(Certificate::from_der(cert)?)?;
 	}
-	
-	Ok (ClientConfig::with_root_certificates (certs))
+	Ok(cfg_builder.build())
 }
 
 /// Returns default server configuration along with its certificate.
@@ -67,13 +69,15 @@ fn configure_server () -> anyhow::Result<(ServerConfig, Vec<u8>)> {
 	let cert = rcgen::generate_simple_self_signed(vec!["localhost".into()]).unwrap();
 	let cert_der = cert.serialize_der().unwrap();
 	let priv_key = cert.serialize_private_key_der();
-	let priv_key = rustls::PrivateKey (priv_key);
-	let cert_chain = vec! [rustls::Certificate (cert_der.clone ())];
+	let priv_key = PrivateKey::from_der(&priv_key)?;
 
-	let mut server_config = ServerConfig::with_single_cert (cert_chain, priv_key)?;
-	Arc::get_mut (&mut server_config.transport)
-	.unwrap ()
-	.max_concurrent_uni_streams (0_u8.into ());
+	let mut transport_config = TransportConfig::default();
+	transport_config.max_concurrent_uni_streams(0).unwrap();
+	let mut server_config = ServerConfig::default();
+	server_config.transport = Arc::new(transport_config);
+	let mut cfg_builder = ServerConfigBuilder::new(server_config);
+	let cert = Certificate::from_der(&cert_der)?;
+	cfg_builder.certificate(CertificateChain::from_certs(vec![cert]), priv_key)?;
 
-	Ok ((server_config, cert_der))
+	Ok((cfg_builder.build(), cert_der))
 }