A Go programmer continues to learn Rust

I went looking for the equivalent of goimports and didn’t find it. Sad.

I wanted to use std::fmt to do the same thing as sprintf or fmt.Sprintf. I got stuck on “expected &str, found struct `std::string::String`”. I found a blog posting trying to explain it but I don’t understand enough yet to understand it. What I do understand is that it is highly suspicious that a language has two incompatible types for string. WTF, Rust? I’m trying to write a program here and you want me to sprinkle magic to_string()s in it? How about you STFU and let me be a human, and you be the computer doing the boring crap for me?

So back to basics, how about search for “rust format a string”. Top 3 hits are 3 different pages from the Rust reference manual, with 3 different import paths for apparently different ways to format strings? Well, just try one. Compiler says add a &. Fixed! So “give stuff to macros format!, get back a std::string::String, borrow a reference to it (which somehow magically does some type conversion between the 2 kinds of strings?), and give that to expect”. Right, got it.

I want to detect if nothing was read from io::stdin().read_line(). Hmm, how about `if guess.trim() == “”`? Bingo! Maybe this isn’t so hard after all!

Ugh, so many semi-colons. Bro, do you even semi-colon?

Aiee, the tutorial ran out and now I’m into a boring reference book. Let’s switch to this.

What’s #[]? Is that a macro? A compiler directive? A pre-processor directive? Tutorials that don’t give links to fundamental docs are annoying. I’m not a child…

Well, let’s go see what kind of crypto libraries are available. Hmm. Curious, the TLS connector for Hyper uses Rust Native TLS, which uses OpenSSL. Rust: fast, modern, and safe. Unless you are doing security critical work, then we hand that off to C programmers from 1990, because they never made any mistakes. Doh.

So, search for a pure Rust TLS, and I find rustls. Which uses ring for crypto. Which… wait for it… is made from Rust and C, with the C copied from OpenSSL.

Come on guys, this is not very impressive so far.

However, ring uses something called “untrusted” to parse attacker-controlled input more safely. That’s really interesting.


Leave a Reply

Your email address will not be published. Required fields are marked *