Quinn is an implementation of the QUIC transport protocol undergoing standardization by the IETF. It is suitable for experimental use. The implementation is split up into the state machine crate quinn-proto which performs no I/O internally and can be tested deterministically, and a high-level tokio-compatible API in quinn. See quinn/examples/ for usage.

Quinn is the subject of a RustFest Paris (May 2018) presentation; you can also get the slides (and the animation about head-of-line blocking). Video of the talk is available on YouTube. Since this presentation, Quinn has been merged with quicr, another Rust implementation.

All feedback welcome. Feel free to file bugs, requests for documentation and any other feedback to the issue tracker.

Quinn was created and is maintained by Dirkjan Ochtman and Benjamin Saunders.

• Simultaneous client/server operation
• Ordered and unordered reads for improved performance
• Works on stable Rust
• Uses rustls for all TLS operations and ring for cryptography

• QUIC draft 17 with TLS 1.3
• Cryptographic handshake
• Stream data w/ flow control and congestion control
• Connection close
• Stateless retry
• Explicit congestion notification
• Migration
• 0-RTT data
• Session resumption
• HTTP over QUIC

The server currently always requires certificates to be supplied. Example certificates are included in the repository for test purposes. The client must be configured to trust the test certificate authority unless the client is built with the dangerous_configuration feature and passed --accept-insecure-certs.

$ cargo run --example server -- --cert ./certs/server.chain --key ./certs/server.rsa ./
$ cargo run --example client -- --ca ./certs/ca.der https://localhost:4433/Cargo.toml

In the above example, the server will run on localhost and serve the "." folder to the client. The client will request the "Cargo.toml" file.

To run the example client/server across a network you need to update the certs/openssl.cnf file and change the DNS.3 entry to suit the DNS name of the server, and then regenerate the certificates using the certs/generate.sh script.
For real-world use, a certificate signed by a legitimate CA is recommended when possible.

The quinn-proto test suite uses simulated IO for reproducibility and to avoid long sleeps in certain timing-sensitive tests. If the SSLKEYLOGFILE environment variable is set, the tests will emit UDP packets for inspection using external protocol analyzers like Wireshark, and NSS-compatible key logs for the client side of each connection will be written to the path specified in the variable.