Expose TLS error to Subscribers using on_tls_handshake_failed

This allows propagating out the Display/Debug impl for the error, rather
than just the &'static str we can capture into s2n-quic-transport's
Errors.

Author: Mark-Simulacrum

quic/s2n-quic-core/events/connection.rs

@@ -345,6 +345,7 @@ struct TlsExporterReady<'a> {
 #[event("connectivity:tls_handshake_failed")]
 struct TlsHandshakeFailed<'a> {
     session: crate::event::TlsSession<'a>,
+    error: &'a (dyn core::error::Error + Send + Sync + 'static),
 }
 
 #[event("connectivity:path_challenge_updated")]

quic/s2n-quic-core/src/crypto/tls.rs

@@ -166,6 +166,7 @@ pub trait Context<Crypto: crate::crypto::CryptoSuite> {
     fn on_tls_handshake_failed(
         &mut self,
         session: &impl TlsSession,
+        error: &(dyn core::error::Error + Send + Sync + 'static),
     ) -> Result<(), crate::transport::Error>;
 
     /// Receives data from the initial packet space

quic/s2n-quic-core/src/crypto/tls/offload.rs

@@ -21,7 +21,11 @@ pub trait Executor {
 
 /// Allows access to the TlsSession on handshake failure and when the exporter secret is ready.
 pub trait ExporterHandler {
-    fn on_tls_handshake_failed(&self, session: &impl TlsSession) -> Option<Box<dyn Any + Send>>;
+    fn on_tls_handshake_failed(
+        &self,
+        session: &impl TlsSession,
+        e: &(dyn core::error::Error + Send + Sync + 'static),
+    ) -> Option<Box<dyn Any + Send>>;
     fn on_tls_exporter_ready(&self, session: &impl TlsSession) -> Option<Box<dyn Any + Send>>;
 }
 
@@ -30,6 +34,7 @@ impl ExporterHandler for () {
     fn on_tls_handshake_failed(
         &self,
         _session: &impl TlsSession,
+        _e: &(dyn core::error::Error + Send + Sync + 'static),
     ) -> Option<Box<dyn std::any::Any + Send>> {
         None
     }
@@ -559,8 +564,9 @@ impl<S: CryptoSuite, H: ExporterHandler> tls::Context<S> for RemoteContext<'_, R
     fn on_tls_handshake_failed(
         &mut self,
         session: &impl tls::TlsSession,
+        e: &(dyn core::error::Error + Send + Sync + 'static),
     ) -> Result<(), crate::transport::Error> {
-        if let Some(context) = self.exporter_handler.on_tls_handshake_failed(session) {
+        if let Some(context) = self.exporter_handler.on_tls_handshake_failed(session, e) {
             match self.send_to_quic.push(Request::TlsContext(context)) {
                 Ok(_) => (),
                 Err(_) => self.error = Some(SLICE_ERROR),

quic/s2n-quic-core/src/crypto/tls/slow_tls.rs

@@ -167,8 +167,9 @@ where
     fn on_tls_handshake_failed(
         &mut self,
         session: &impl tls::TlsSession,
+        e: &(dyn core::error::Error + Send + Sync + 'static),
     ) -> Result<(), transport::Error> {
-        self.0.on_tls_exporter_ready(session)
+        self.0.on_tls_handshake_failed(session, e)
     }
 
     fn receive_initial(&mut self, max_len: Option<usize>) -> Option<tls::Bytes> {

quic/s2n-quic-core/src/crypto/tls/testing.rs

@@ -779,6 +779,7 @@ where
     fn on_tls_handshake_failed(
         &mut self,
         _: &impl super::TlsSession,
+        _: &(dyn std::error::Error + Send + Sync),
     ) -> Result<(), crate::transport::Error> {
         Ok(())
     }

quic/s2n-quic-core/src/event.rs

@@ -66,7 +66,14 @@ ident_into_event!(
     connection::Error,
     endpoint::Location,
 );
-borrowed_into_event!([u8; 4], [u8; 16], [u8], [u32], [&'a [u8]]);
+borrowed_into_event!(
+    [u8; 4],
+    [u8; 16],
+    [u8],
+    [u32],
+    [&'a [u8]],
+    (dyn core::error::Error + Send + Sync + 'static)
+);
 
 impl<T: IntoEvent<U>, U> IntoEvent<Option<U>> for Option<T> {
     #[inline]

quic/s2n-quic-core/src/event/generated.rs

@@ -2468,12 +2468,14 @@ pub mod api {
     #[non_exhaustive]
     pub struct TlsHandshakeFailed<'a> {
         pub session: crate::event::TlsSession<'a>,
+        pub error: &'a (dyn core::error::Error + Send + Sync + 'static),
     }
     #[cfg(any(test, feature = "testing"))]
     impl<'a> crate::event::snapshot::Fmt for TlsHandshakeFailed<'a> {
         fn fmt(&self, fmt: &mut core::fmt::Formatter) -> core::fmt::Result {
             let mut fmt = fmt.debug_struct("TlsHandshakeFailed");
             fmt.field("session", &self.session);
+            fmt.field("error", &self.error);
             fmt.finish()
         }
     }
@@ -4132,8 +4134,8 @@ pub mod tracing {
             event: &api::TlsHandshakeFailed,
         ) {
             let id = context.id();
-            let api::TlsHandshakeFailed { session } = event;
-            tracing :: event ! (target : "tls_handshake_failed" , parent : id , tracing :: Level :: DEBUG , { session = tracing :: field :: debug (session) });
+            let api::TlsHandshakeFailed { session, error } = event;
+            tracing :: event ! (target : "tls_handshake_failed" , parent : id , tracing :: Level :: DEBUG , { session = tracing :: field :: debug (session) , error = tracing :: field :: debug (error) });
         }
         #[inline]
         fn on_path_challenge_updated(
@@ -6300,13 +6302,15 @@ pub mod builder {
     #[derive(Clone, Debug)]
     pub struct TlsHandshakeFailed<'a> {
         pub session: crate::event::TlsSession<'a>,
+        pub error: &'a (dyn core::error::Error + Send + Sync + 'static),
     }
     impl<'a> IntoEvent<api::TlsHandshakeFailed<'a>> for TlsHandshakeFailed<'a> {
         #[inline]
         fn into_event(self) -> api::TlsHandshakeFailed<'a> {
-            let TlsHandshakeFailed { session } = self;
+            let TlsHandshakeFailed { session, error } = self;
             api::TlsHandshakeFailed {
                 session: session.into_event(),
+                error: error.into_event(),
             }
         }
     }

quic/s2n-quic-rustls/src/session.rs

@@ -381,8 +381,8 @@ impl tls::Session for Session {
         context: &mut C,
     ) -> Poll<Result<(), transport::Error>> {
         let result = self.poll_impl(context);
-        if let Poll::Ready(Err(_)) = &result {
-            context.on_tls_handshake_failed(self)?;
+        if let Poll::Ready(Err(e)) = &result {
+            context.on_tls_handshake_failed(self, e)?;
         }
         // attempt to emit server_name and application_protocol events prior to possibly
         // returning with an error

quic/s2n-quic-tls/src/session.rs

@@ -162,7 +162,7 @@ impl tls::Session for Session {
                 Poll::Ready(Ok(()))
             }
             Poll::Ready(Err(e)) => {
-                context.on_tls_handshake_failed(self)?;
+                context.on_tls_handshake_failed(self, &e)?;
 
                 Poll::Ready(Err(e
                     .alert()

quic/s2n-quic-transport/src/space/session_context.rs

@@ -570,10 +570,12 @@ impl<Config: endpoint::Config, Pub: event::ConnectionPublisher>
     fn on_tls_handshake_failed(
         &mut self,
         session: &impl tls::TlsSession,
+        e: &(dyn std::error::Error + Send + Sync + 'static),
     ) -> Result<(), transport::Error> {
         self.publisher
             .on_tls_handshake_failed(event::builder::TlsHandshakeFailed {
                 session: s2n_quic_core::event::TlsSession::new(session),
+                error: e,
             });
         Ok(())
     }