From 5cb8947d7ec6e0c67fa40167940f313b8d6537f8 Mon Sep 17 00:00:00 2001 From: Ivan Nikulin Date: Wed, 11 Nov 2020 17:47:30 +0000 Subject: [PATCH] Rename stuff --- .circleci/config.yml | 303 ----------- .gitignore | 1 + .gitmodules | 4 +- Cargo.toml | 4 +- README.md | 18 +- THIRD_PARTY | 173 ++++-- boring-sys/Cargo.toml | 17 + {openssl-sys => boring-sys}/LICENSE-MIT | 1 + {openssl-sys => boring-sys}/README.md | 0 {openssl-sys => boring-sys}/build.rs | 17 +- {openssl-sys => boring-sys}/deps/boringssl | 0 {openssl-sys => boring-sys}/src/aes.rs | 0 {openssl-sys => boring-sys}/src/asn1.rs | 0 {openssl-sys => boring-sys}/src/bio.rs | 0 {openssl-sys => boring-sys}/src/bn.rs | 0 {openssl-sys => boring-sys}/src/conf.rs | 0 {openssl-sys => boring-sys}/src/crypto.rs | 0 {openssl-sys => boring-sys}/src/dh.rs | 0 {openssl-sys => boring-sys}/src/dsa.rs | 0 {openssl-sys => boring-sys}/src/ec.rs | 0 {openssl-sys => boring-sys}/src/err.rs | 0 {openssl-sys => boring-sys}/src/evp.rs | 0 {openssl-sys => boring-sys}/src/hmac.rs | 0 {openssl-sys => boring-sys}/src/lib.rs | 4 +- {openssl-sys => boring-sys}/src/macros.rs | 0 {openssl-sys => boring-sys}/src/obj_mac.rs | 0 {openssl-sys => boring-sys}/src/object.rs | 0 {openssl-sys => boring-sys}/src/ossl_typ.rs | 0 {openssl-sys => boring-sys}/src/pem.rs | 0 {openssl-sys => boring-sys}/src/pkcs12.rs | 0 {openssl-sys => boring-sys}/src/pkcs7.rs | 0 {openssl-sys => boring-sys}/src/rand.rs | 0 {openssl-sys => boring-sys}/src/rsa.rs | 0 {openssl-sys => boring-sys}/src/safestack.rs | 0 {openssl-sys => boring-sys}/src/sha.rs | 0 {openssl-sys => boring-sys}/src/srtp.rs | 0 {openssl-sys => boring-sys}/src/ssl.rs | 0 {openssl-sys => boring-sys}/src/ssl3.rs | 0 {openssl-sys => boring-sys}/src/stack.rs | 0 {openssl-sys => boring-sys}/src/tls1.rs | 0 {openssl-sys => boring-sys}/src/x509.rs | 0 {openssl-sys => boring-sys}/src/x509_vfy.rs | 0 {openssl-sys => boring-sys}/src/x509v3.rs | 0 boring/Cargo.toml | 21 + {openssl => boring}/LICENSE | 1 + {openssl => boring}/README.md | 0 {openssl => boring}/examples/mk_certs.rs | 0 {openssl => boring}/src/aes.rs | 0 {openssl => boring}/src/asn1.rs | 0 {openssl => boring}/src/base64.rs | 0 {openssl => boring}/src/bio.rs | 5 +- {openssl => boring}/src/bn.rs | 0 {openssl => boring}/src/conf.rs | 0 {openssl => boring}/src/derive.rs | 0 {openssl => boring}/src/dh.rs | 0 {openssl => boring}/src/dsa.rs | 0 {openssl => boring}/src/ec.rs | 0 {openssl => boring}/src/ecdsa.rs | 0 {openssl => boring}/src/error.rs | 0 {openssl => boring}/src/ex_data.rs | 0 {openssl => boring}/src/fips.rs | 0 {openssl => boring}/src/hash.rs | 2 +- {openssl => boring}/src/lib.rs | 2 +- {openssl => boring}/src/macros.rs | 0 {openssl => boring}/src/memcmp.rs | 0 {openssl => boring}/src/nid.rs | 0 {openssl => boring}/src/pkcs12.rs | 0 {openssl => boring}/src/pkcs5.rs | 0 {openssl => boring}/src/pkey.rs | 0 {openssl => boring}/src/rand.rs | 0 {openssl => boring}/src/rsa.rs | 0 {openssl => boring}/src/sha.rs | 0 {openssl => boring}/src/sign.rs | 0 {openssl => boring}/src/srtp.rs | 0 {openssl => boring}/src/ssl/bio.rs | 0 {openssl => boring}/src/ssl/callbacks.rs | 0 {openssl => boring}/src/ssl/connector.rs | 0 {openssl => boring}/src/ssl/error.rs | 0 {openssl => boring}/src/ssl/mod.rs | 0 {openssl => boring}/src/ssl/test/mod.rs | 0 {openssl => boring}/src/ssl/test/server.rs | 0 {openssl => boring}/src/stack.rs | 0 {openssl => boring}/src/string.rs | 0 {openssl => boring}/src/symm.rs | 0 {openssl => boring}/src/util.rs | 0 {openssl => boring}/src/version.rs | 0 {openssl => boring}/src/x509/extension.rs | 0 {openssl => boring}/src/x509/mod.rs | 0 {openssl => boring}/src/x509/store.rs | 0 {openssl => boring}/src/x509/tests.rs | 0 {openssl => boring}/src/x509/verify.rs | 0 {openssl => boring}/test/alt_name_cert.pem | 0 {openssl => boring}/test/cert.pem | 0 {openssl => boring}/test/certs.pem | 0 {openssl => boring}/test/cms.p12 | Bin {openssl => boring}/test/cms_pubkey.der | Bin {openssl => boring}/test/dhparams.pem | 0 {openssl => boring}/test/dsa.pem | 0 {openssl => boring}/test/dsa.pem.pub | 0 {openssl => boring}/test/dsaparam.pem | 0 {openssl => boring}/test/identity.p12 | Bin {openssl => boring}/test/key.der | Bin {openssl => boring}/test/key.der.pub | Bin {openssl => boring}/test/key.pem | 0 {openssl => boring}/test/key.pem.pub | 0 .../test/keystore-empty-chain.p12 | Bin {openssl => boring}/test/nid_test_cert.pem | 0 .../test/nid_uid_test_cert.pem | 0 {openssl => boring}/test/pkcs1.pem.pub | 0 {openssl => boring}/test/pkcs8-nocrypt.der | Bin {openssl => boring}/test/pkcs8.der | Bin {openssl => boring}/test/root-ca.key | 0 {openssl => boring}/test/root-ca.pem | 0 {openssl => boring}/test/rsa-encrypted.pem | 0 {openssl => boring}/test/rsa.pem | 0 {openssl => boring}/test/rsa.pem.pub | 0 openssl-sys/CHANGELOG.md | 164 ------ openssl-sys/Cargo.toml | 16 - openssl/CHANGELOG.md | 506 ------------------ openssl/Cargo.toml | 31 -- systest/Cargo.toml | 2 +- systest/build.rs | 4 +- systest/src/main.rs | 4 +- 123 files changed, 211 insertions(+), 1089 deletions(-) delete mode 100644 .circleci/config.yml create mode 100644 boring-sys/Cargo.toml rename {openssl-sys => boring-sys}/LICENSE-MIT (95%) rename {openssl-sys => boring-sys}/README.md (100%) rename {openssl-sys => boring-sys}/build.rs (94%) rename {openssl-sys => boring-sys}/deps/boringssl (100%) rename {openssl-sys => boring-sys}/src/aes.rs (100%) rename {openssl-sys => boring-sys}/src/asn1.rs (100%) rename {openssl-sys => boring-sys}/src/bio.rs (100%) rename {openssl-sys => boring-sys}/src/bn.rs (100%) rename {openssl-sys => boring-sys}/src/conf.rs (100%) rename {openssl-sys => boring-sys}/src/crypto.rs (100%) rename {openssl-sys => boring-sys}/src/dh.rs (100%) rename {openssl-sys => boring-sys}/src/dsa.rs (100%) rename {openssl-sys => boring-sys}/src/ec.rs (100%) rename {openssl-sys => boring-sys}/src/err.rs (100%) rename {openssl-sys => boring-sys}/src/evp.rs (100%) rename {openssl-sys => boring-sys}/src/hmac.rs (100%) rename {openssl-sys => boring-sys}/src/lib.rs (96%) rename {openssl-sys => boring-sys}/src/macros.rs (100%) rename {openssl-sys => boring-sys}/src/obj_mac.rs (100%) rename {openssl-sys => boring-sys}/src/object.rs (100%) rename {openssl-sys => boring-sys}/src/ossl_typ.rs (100%) rename {openssl-sys => boring-sys}/src/pem.rs (100%) rename {openssl-sys => boring-sys}/src/pkcs12.rs (100%) rename {openssl-sys => boring-sys}/src/pkcs7.rs (100%) rename {openssl-sys => boring-sys}/src/rand.rs (100%) rename {openssl-sys => boring-sys}/src/rsa.rs (100%) rename {openssl-sys => boring-sys}/src/safestack.rs (100%) rename {openssl-sys => boring-sys}/src/sha.rs (100%) rename {openssl-sys => boring-sys}/src/srtp.rs (100%) rename {openssl-sys => boring-sys}/src/ssl.rs (100%) rename {openssl-sys => boring-sys}/src/ssl3.rs (100%) rename {openssl-sys => boring-sys}/src/stack.rs (100%) rename {openssl-sys => boring-sys}/src/tls1.rs (100%) rename {openssl-sys => boring-sys}/src/x509.rs (100%) rename {openssl-sys => boring-sys}/src/x509_vfy.rs (100%) rename {openssl-sys => boring-sys}/src/x509v3.rs (100%) create mode 100644 boring/Cargo.toml rename {openssl => boring}/LICENSE (92%) rename {openssl => boring}/README.md (100%) rename {openssl => boring}/examples/mk_certs.rs (100%) rename {openssl => boring}/src/aes.rs (100%) rename {openssl => boring}/src/asn1.rs (100%) rename {openssl => boring}/src/base64.rs (100%) rename {openssl => boring}/src/bio.rs (99%) rename {openssl => boring}/src/bn.rs (100%) rename {openssl => boring}/src/conf.rs (100%) rename {openssl => boring}/src/derive.rs (100%) rename {openssl => boring}/src/dh.rs (100%) rename {openssl => boring}/src/dsa.rs (100%) rename {openssl => boring}/src/ec.rs (100%) rename {openssl => boring}/src/ecdsa.rs (100%) rename {openssl => boring}/src/error.rs (100%) rename {openssl => boring}/src/ex_data.rs (100%) rename {openssl => boring}/src/fips.rs (100%) rename {openssl => boring}/src/hash.rs (100%) rename {openssl => boring}/src/lib.rs (98%) rename {openssl => boring}/src/macros.rs (100%) rename {openssl => boring}/src/memcmp.rs (100%) rename {openssl => boring}/src/nid.rs (100%) rename {openssl => boring}/src/pkcs12.rs (100%) rename {openssl => boring}/src/pkcs5.rs (100%) rename {openssl => boring}/src/pkey.rs (100%) rename {openssl => boring}/src/rand.rs (100%) rename {openssl => boring}/src/rsa.rs (100%) rename {openssl => boring}/src/sha.rs (100%) rename {openssl => boring}/src/sign.rs (100%) rename {openssl => boring}/src/srtp.rs (100%) rename {openssl => boring}/src/ssl/bio.rs (100%) rename {openssl => boring}/src/ssl/callbacks.rs (100%) rename {openssl => boring}/src/ssl/connector.rs (100%) rename {openssl => boring}/src/ssl/error.rs (100%) rename {openssl => boring}/src/ssl/mod.rs (100%) rename {openssl => boring}/src/ssl/test/mod.rs (100%) rename {openssl => boring}/src/ssl/test/server.rs (100%) rename {openssl => boring}/src/stack.rs (100%) rename {openssl => boring}/src/string.rs (100%) rename {openssl => boring}/src/symm.rs (100%) rename {openssl => boring}/src/util.rs (100%) rename {openssl => boring}/src/version.rs (100%) rename {openssl => boring}/src/x509/extension.rs (100%) rename {openssl => boring}/src/x509/mod.rs (100%) rename {openssl => boring}/src/x509/store.rs (100%) rename {openssl => boring}/src/x509/tests.rs (100%) rename {openssl => boring}/src/x509/verify.rs (100%) rename {openssl => boring}/test/alt_name_cert.pem (100%) rename {openssl => boring}/test/cert.pem (100%) rename {openssl => boring}/test/certs.pem (100%) rename {openssl => boring}/test/cms.p12 (100%) rename {openssl => boring}/test/cms_pubkey.der (100%) rename {openssl => boring}/test/dhparams.pem (100%) rename {openssl => boring}/test/dsa.pem (100%) rename {openssl => boring}/test/dsa.pem.pub (100%) rename {openssl => boring}/test/dsaparam.pem (100%) rename {openssl => boring}/test/identity.p12 (100%) rename {openssl => boring}/test/key.der (100%) rename {openssl => boring}/test/key.der.pub (100%) rename {openssl => boring}/test/key.pem (100%) rename {openssl => boring}/test/key.pem.pub (100%) rename {openssl => boring}/test/keystore-empty-chain.p12 (100%) rename {openssl => boring}/test/nid_test_cert.pem (100%) rename {openssl => boring}/test/nid_uid_test_cert.pem (100%) rename {openssl => boring}/test/pkcs1.pem.pub (100%) rename {openssl => boring}/test/pkcs8-nocrypt.der (100%) rename {openssl => boring}/test/pkcs8.der (100%) rename {openssl => boring}/test/root-ca.key (100%) rename {openssl => boring}/test/root-ca.pem (100%) rename {openssl => boring}/test/rsa-encrypted.pem (100%) rename {openssl => boring}/test/rsa.pem (100%) rename {openssl => boring}/test/rsa.pem.pub (100%) delete mode 100644 openssl-sys/CHANGELOG.md delete mode 100644 openssl-sys/Cargo.toml delete mode 100644 openssl/CHANGELOG.md delete mode 100644 openssl/Cargo.toml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index dc938cf2..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,303 +0,0 @@ -version: 2.1 - -jobs: - linux: - parameters: - target: - type: string - library: - type: string - default: "" - dl_path: - type: string - default: "" - version: - type: string - default: "" - vendored: - type: boolean - default: false - no_run: - type: boolean - default: false - image: - type: string - default: 1.33.0 - minimal_build: - type: boolean - default: false - docker: - - image: rust:<< parameters.image >> - environment: - RUST_BACKTRACE: 1 - OPENSSL_DIR: /opt/openssl - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_AR: arm-linux-gnueabihf-ar - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_RUNNER: qemu-arm-static - steps: - - checkout - - run: apt-get update - - run: apt-get remove -y libssl-dev - - run: | - case "<< parameters.target >>" in - "i686-unknown-linux-gnu") - apt-get install -y --no-install-recommends gcc-multilib - ;; - "x86_64-unknown-linux-musl") - apt-get install -y --no-install-recommends musl-tools - ;; - "arm-unknown-linux-gnueabihf") - dpkg --add-architecture armhf - apt-get update - apt-get install -y --no-install-recommends \ - gcc-arm-linux-gnueabihf \ - libc6-dev:armhf \ - qemu-user-static - ;; - "x86_64-unknown-linux-gnu") - exit 0 - esac - - rustup target add << parameters.target >> - - unless: - condition: << parameters.vendored >> - steps: - - restore_cache: - key: openssl-<< parameters.target >>-<< parameters.library >>-<< parameters.version >> - - run: | - if [ -d "$OPENSSL_DIR" ]; then - exit 0 - fi - - case "<< parameters.library >>" in - "libressl") - URL="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-<< parameters.version >>.tar.gz" - ;; - "openssl") - URL="https://openssl.org/source<< parameters.dl_path >>/openssl-<< parameters.version >>.tar.gz" - ;; - esac - - case "<< parameters.target >>" in - "x86_64-unknown-linux-gnu") - OS_COMPILER=linux-x86_64 - OS_FLAGS="" - ;; - "i686-unknown-linux-gnu") - OS_COMPILER=linux-elf - OS_FLAGS=-m32 - ;; - "arm-unknown-linux-gnueabihf") - OS_COMPILER=linux-armv4 - OS_FLAGS="" - export AR=arm-linux-gnueabihf-ar - export CC=arm-linux-gnueabihf-gcc - ;; - esac - - mkdir /tmp/build - cd /tmp/build - - curl -L $URL | tar --strip-components=1 -xzf - - - case "<< parameters.library >>" in - "openssl") - ./Configure --prefix=$OPENSSL_DIR $OS_COMPILER -fPIC -g $OS_FLAGS no-shared - ;; - "libressl") - ./configure --prefix=$OPENSSL_DIR --disable-shared --with-pic - ;; - esac - - make - make install_sw - - save_cache: - key: openssl-<< parameters.target >>-<< parameters.library >>-<< parameters.version >> - paths: - - /opt/openssl - - restore_cache: - key: registry - - run: cargo generate-lockfile - - when: - condition: << parameters.minimal_build >> - steps: - - run: cargo update -p pkg-config --precise 0.3.14 - - save_cache: - key: registry-{{ .BuildNum }} - paths: - - /usr/local/cargo/registry/index - - restore_cache: - key: deps-<< parameters.image >>-<< parameters.target >>-<< parameters.library >>-<< parameters.version >>-{{ checksum "Cargo.lock" }} - - run: | - cargo build \ - --manifest-path=openssl/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> - - unless: - condition: << parameters.minimal_build >> - steps: - - run: | - cargo run \ - --manifest-path=systest/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> - - run: | - cargo test \ - --manifest-path=openssl-errors/Cargo.toml \ - <<# parameters.vendored >>--features openssl-sys/vendored<> \ - --target << parameters.target >> \ - <<# parameters.no_run >>--no-run<> - - run: | - ulimit -c unlimited - cargo test \ - --manifest-path=openssl/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> \ - <<# parameters.no_run >>--no-run<> - - save_cache: - key: deps-<< parameters.image >>-<< parameters.target >>-<< parameters.library >>-<< parameters.version >>-{{ checksum "Cargo.lock" }} - paths: - - /usr/local/cargo/registry/cache - - target - - run: - command: | - mkdir -p /tmp/core_dumps - find . -name "core.*" -exec cp \{\} /tmp/core_dumps \; - cp target/<< parameters.target >>/debug/openssl-* /tmp/core_dumps - when: on_fail - - store_artifacts: - path: /tmp/core_dumps - - macos: - parameters: - vendored: - type: boolean - default: false - image: - type: string - default: 1.33.0 - macos: - xcode: "9.0" - environment: - RUST_BACKTRACE: 1 - steps: - - checkout - - run: sudo mkdir /opt - - run: sudo chown -R $USER /usr/local/ /opt - - run: curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain << parameters.image >> - - run: sudo ln -s ~/.cargo/bin/* /usr/local/bin - - run: cargo generate-lockfile - - restore_cache: - key: deps-<< parameters.image >>-macos-<< parameters.vendored >>-{{ checksum "Cargo.lock" }} - - run: | - cargo run \ - --manifest-path=systest/Cargo.toml \ - <<# parameters.vendored >> --features vendored <> - - run: | - cargo test \ - --manifest-path=openssl-errors/Cargo.toml \ - <<# parameters.vendored >> --features openssl-sys/vendored <> - - run: | - cargo test \ - --manifest-path=openssl/Cargo.toml \ - <<# parameters.vendored >> --features vendored <> - - save_cache: - key: deps-<< parameters.image >>-macos-<< parameters.vendored >>-{{ checksum "Cargo.lock" }} - paths: - - ~/.cargo/registry/cache - - target - -openssl_111: &openssl_111 - library: openssl - version: 1.1.1h -openssl_110: &openssl_110 - library: openssl - version: 1.1.0l - dl_path: /old/1.1.0 -openssl_102: &openssl_102 - library: openssl - version: 1.0.2u - dl_path: /old/1.0.2 -openssl_101: &openssl_101 - library: openssl - version: 1.0.1u - dl_path: /old/1.0.1 - -workflows: - test: - jobs: - - linux: - name: musl-vendored - target: x86_64-unknown-linux-musl - vendored: true - - linux: - name: x86_64-vendored - target: x86_64-unknown-linux-gnu - vendored: true - - linux: - <<: *openssl_111 - name: x86_64-openssl-1.1.1 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_110 - name: x86_64-openssl-1.1.0 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_102 - name: x86_64-openssl-1.0.2 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_101 - name: x86_64-openssl-1.0.1 - target: x86_64-unknown-linux-gnu - - linux: - name: i686-vendored - target: i686-unknown-linux-gnu - vendored: true - - linux: - <<: *openssl_111 - name: i686-openssl-1.1.1 - target: i686-unknown-linux-gnu - - linux: - <<: *openssl_110 - name: i686-openssl-1.1.0 - target: i686-unknown-linux-gnu - - linux: - <<: *openssl_102 - name: i686-openssl-1.0.2 - target: i686-unknown-linux-gnu - - linux: - name: armhf-vendored - target: arm-unknown-linux-gnueabihf - vendored: true - no_run: true - - linux: - <<: *openssl_111 - name: armhf-openssl-1.1.1 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - <<: *openssl_110 - name: armhf-openssl-1.1.0 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - <<: *openssl_102 - name: armhf-openssl-1.0.2 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - name: x86_64-libressl-2.5 - target: x86_64-unknown-linux-gnu - library: libressl - version: 2.5.5 - - linux: - name: x86_64-libressl-3.2.0 - target: x86_64-unknown-linux-gnu - library: libressl - version: 3.2.0 - - macos: - name: macos - - macos: - name: macos-vendored - vendored: true diff --git a/.gitignore b/.gitignore index a0db182e..7fa9f844 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ Cargo.lock .idea/ *.iml .vscode/ +.DS_Store \ No newline at end of file diff --git a/.gitmodules b/.gitmodules index 5b064754..5b14c99e 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ -[submodule "openssl-sys/deps/boringssl"] - path = openssl-sys/deps/boringssl +[submodule "boring-sys/deps/boringssl"] + path = boring-sys/deps/boringssl url = https://github.com/google/boringssl.git ignore = dirty \ No newline at end of file diff --git a/Cargo.toml b/Cargo.toml index d21a25f0..33cf3f95 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [workspace] members = [ - "openssl", - "openssl-sys", + "boring", + "boring-sys", "systest" ] diff --git a/README.md b/README.md index 3bcdc0d6..0e936110 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,14 @@ -# rust-openssl +# boring -[![CircleCI](https://circleci.com/gh/sfackler/rust-openssl.svg?style=shield)](https://circleci.com/gh/sfackler/rust-openssl) -[![crates.io](https://img.shields.io/crates/v/openssl.svg)](https://crates.io/crates/openssl) +[![crates.io](https://img.shields.io/crates/v/openssl.svg)](https://crates.io/crates/boring) -OpenSSL bindings for the Rust programming language. +BoringSSL bindings for the Rust programming language. -[Documentation](https://docs.rs/openssl). +[Documentation](https://docs.rs/boring). ## Release Support -The current supported release of `openssl` is 0.10 and `openssl-sys` is 0.9. - -New major versions will be published at most once per year. After a new -release, the previous major version will be partially supported with bug -fixes for 3 months, after which support will be dropped entirely. +The crate statically links with the latest BoringSSL master branch. ### Contribution @@ -21,3 +16,6 @@ Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions. + +## Accolades +The project is based on a fork of [rust-openssl](https://github.com/sfackler/rust-openssl). \ No newline at end of file diff --git a/THIRD_PARTY b/THIRD_PARTY index aa6920c4..9ac2291b 100644 --- a/THIRD_PARTY +++ b/THIRD_PARTY @@ -1,6 +1,32 @@ -rust-openssl contains code from OpenSSL, under the following license: +rust-openssl contains code from BoringSSL, under the following license: -OpenSSL License +BoringSSL License + --------------- +BoringSSL is a fork of OpenSSL. As such, large parts of it fall under OpenSSL +licensing. Files that are completely new have a Google copyright and an ISC +license. This license is reproduced at the bottom of this file. + +Contributors to BoringSSL are required to follow the CLA rules for Chromium: +https://cla.developers.google.com/clas + +Files in third_party/ have their own licenses, as described therein. The MIT +license, for third_party/fiat, which, unlike other third_party directories, is +compiled into non-test libraries, is included below. + +The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the +OpenSSL License and the original SSLeay license apply to the toolkit. See below +for the actual license texts. Actually both licenses are BSD-style Open Source +licenses. In case of any license issues related to OpenSSL please contact +openssl-core@openssl.org. + +The following are Google-internal bug numbers where explicit permission from +some authors is recorded for use of their work. (This is purely for our own +record keeping.) + 27287199 + 27287880 + 27287883 + + OpenSSL License --------------- /* ==================================================================== @@ -11,7 +37,7 @@ OpenSSL License * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -66,21 +92,21 @@ OpenSSL License * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -95,10 +121,10 @@ OpenSSL License * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -110,39 +136,120 @@ OpenSSL License * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ -=============================================================================== -openssl-sys +ISC license used for completely new code in BoringSSL: -Copyright (c) 2014 Alex Crichton +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. +The code in third_party/fiat carries the MIT license: -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. +Copyright (c) 2015-2016 the fiat-crypto authors (see +https://github.com/mit-plv/fiat-crypto/blob/master/AUTHORS). + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + + +Licenses for support code +------------------------- + +Parts of the TLS test suite are under the Go license. This code is not included +in BoringSSL (i.e. libcrypto and libssl) when compiled, however, so +distributing code linked against BoringSSL does not trigger this license: + +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +BoringSSL uses the Chromium test infrastructure to run a continuous build, +trybots etc. The scripts which manage this, and the script for generating build +metadata, are under the Chromium license. Distributing code linked against +BoringSSL does not trigger this license. + +Copyright 2015 The Chromium Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/boring-sys/Cargo.toml b/boring-sys/Cargo.toml new file mode 100644 index 00000000..4f47c6c4 --- /dev/null +++ b/boring-sys/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "boring-sys" +version = "1.0.0" +authors = ["Alex Crichton ", + "Steven Fackler ", + "Ivan Nikulin "] +license = "MIT" +description = "FFI bindings to BoringSSL" +repository = "https://github.com/inikulin/boring" +readme = "README.md" +categories = ["cryptography", "external-ffi-bindings"] + +[dependencies] +libc = "0.2" + +[build-dependencies] +cmake = "0.1" diff --git a/openssl-sys/LICENSE-MIT b/boring-sys/LICENSE-MIT similarity index 95% rename from openssl-sys/LICENSE-MIT rename to boring-sys/LICENSE-MIT index 39e0ed66..032f2a35 100644 --- a/openssl-sys/LICENSE-MIT +++ b/boring-sys/LICENSE-MIT @@ -1,4 +1,5 @@ Copyright (c) 2014 Alex Crichton +Copyright (c) 2020 Ivan Nikulin Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated diff --git a/openssl-sys/README.md b/boring-sys/README.md similarity index 100% rename from openssl-sys/README.md rename to boring-sys/README.md diff --git a/openssl-sys/build.rs b/boring-sys/build.rs similarity index 94% rename from openssl-sys/build.rs rename to boring-sys/build.rs index 6f1f93c2..2b182e85 100644 --- a/openssl-sys/build.rs +++ b/boring-sys/build.rs @@ -1,3 +1,5 @@ +// NOTE: this build script is adopted from quiche (https://github.com/cloudflare/quiche) + // Additional parameters for Android build of BoringSSL. // // Android NDK < 18 with GCC. @@ -170,17 +172,14 @@ fn get_boringssl_cmake_config() -> cmake::Config { } fn main() { - let bssl_dir = std::env::var("QUICHE_BSSL_PATH").unwrap_or_else(|_| { - let mut cfg = get_boringssl_cmake_config(); + let mut cfg = get_boringssl_cmake_config(); - if cfg!(feature = "fuzzing") { - cfg.cxxflag("-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE") - .cxxflag("-DBORINGSSL_UNSAFE_FUZZER_MODE"); - } - - cfg.build_target("bssl").build().display().to_string() - }); + if cfg!(feature = "fuzzing") { + cfg.cxxflag("-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE") + .cxxflag("-DBORINGSSL_UNSAFE_FUZZER_MODE"); + } + let bssl_dir = cfg.build_target("bssl").build().display().to_string(); let build_path = get_boringssl_platform_output_path(); let build_dir = format!("{}/build/{}", bssl_dir, build_path); println!("cargo:rustc-link-search=native={}", build_dir); diff --git a/openssl-sys/deps/boringssl b/boring-sys/deps/boringssl similarity index 100% rename from openssl-sys/deps/boringssl rename to boring-sys/deps/boringssl diff --git a/openssl-sys/src/aes.rs b/boring-sys/src/aes.rs similarity index 100% rename from openssl-sys/src/aes.rs rename to boring-sys/src/aes.rs diff --git a/openssl-sys/src/asn1.rs b/boring-sys/src/asn1.rs similarity index 100% rename from openssl-sys/src/asn1.rs rename to boring-sys/src/asn1.rs diff --git a/openssl-sys/src/bio.rs b/boring-sys/src/bio.rs similarity index 100% rename from openssl-sys/src/bio.rs rename to boring-sys/src/bio.rs diff --git a/openssl-sys/src/bn.rs b/boring-sys/src/bn.rs similarity index 100% rename from openssl-sys/src/bn.rs rename to boring-sys/src/bn.rs diff --git a/openssl-sys/src/conf.rs b/boring-sys/src/conf.rs similarity index 100% rename from openssl-sys/src/conf.rs rename to boring-sys/src/conf.rs diff --git a/openssl-sys/src/crypto.rs b/boring-sys/src/crypto.rs similarity index 100% rename from openssl-sys/src/crypto.rs rename to boring-sys/src/crypto.rs diff --git a/openssl-sys/src/dh.rs b/boring-sys/src/dh.rs similarity index 100% rename from openssl-sys/src/dh.rs rename to boring-sys/src/dh.rs diff --git a/openssl-sys/src/dsa.rs b/boring-sys/src/dsa.rs similarity index 100% rename from openssl-sys/src/dsa.rs rename to boring-sys/src/dsa.rs diff --git a/openssl-sys/src/ec.rs b/boring-sys/src/ec.rs similarity index 100% rename from openssl-sys/src/ec.rs rename to boring-sys/src/ec.rs diff --git a/openssl-sys/src/err.rs b/boring-sys/src/err.rs similarity index 100% rename from openssl-sys/src/err.rs rename to boring-sys/src/err.rs diff --git a/openssl-sys/src/evp.rs b/boring-sys/src/evp.rs similarity index 100% rename from openssl-sys/src/evp.rs rename to boring-sys/src/evp.rs diff --git a/openssl-sys/src/hmac.rs b/boring-sys/src/hmac.rs similarity index 100% rename from openssl-sys/src/hmac.rs rename to boring-sys/src/hmac.rs diff --git a/openssl-sys/src/lib.rs b/boring-sys/src/lib.rs similarity index 96% rename from openssl-sys/src/lib.rs rename to boring-sys/src/lib.rs index b437dc62..a3fcb6a6 100644 --- a/openssl-sys/src/lib.rs +++ b/boring-sys/src/lib.rs @@ -8,7 +8,7 @@ overflowing_literals, unused_imports )] -#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")] +#![doc(html_root_url = "https://docs.rs/boring-sys")] extern crate libc; @@ -99,4 +99,4 @@ pub fn init() { INIT.call_once(|| unsafe { OPENSSL_init_ssl(init_options, ptr::null_mut()); }) -} \ No newline at end of file +} diff --git a/openssl-sys/src/macros.rs b/boring-sys/src/macros.rs similarity index 100% rename from openssl-sys/src/macros.rs rename to boring-sys/src/macros.rs diff --git a/openssl-sys/src/obj_mac.rs b/boring-sys/src/obj_mac.rs similarity index 100% rename from openssl-sys/src/obj_mac.rs rename to boring-sys/src/obj_mac.rs diff --git a/openssl-sys/src/object.rs b/boring-sys/src/object.rs similarity index 100% rename from openssl-sys/src/object.rs rename to boring-sys/src/object.rs diff --git a/openssl-sys/src/ossl_typ.rs b/boring-sys/src/ossl_typ.rs similarity index 100% rename from openssl-sys/src/ossl_typ.rs rename to boring-sys/src/ossl_typ.rs diff --git a/openssl-sys/src/pem.rs b/boring-sys/src/pem.rs similarity index 100% rename from openssl-sys/src/pem.rs rename to boring-sys/src/pem.rs diff --git a/openssl-sys/src/pkcs12.rs b/boring-sys/src/pkcs12.rs similarity index 100% rename from openssl-sys/src/pkcs12.rs rename to boring-sys/src/pkcs12.rs diff --git a/openssl-sys/src/pkcs7.rs b/boring-sys/src/pkcs7.rs similarity index 100% rename from openssl-sys/src/pkcs7.rs rename to boring-sys/src/pkcs7.rs diff --git a/openssl-sys/src/rand.rs b/boring-sys/src/rand.rs similarity index 100% rename from openssl-sys/src/rand.rs rename to boring-sys/src/rand.rs diff --git a/openssl-sys/src/rsa.rs b/boring-sys/src/rsa.rs similarity index 100% rename from openssl-sys/src/rsa.rs rename to boring-sys/src/rsa.rs diff --git a/openssl-sys/src/safestack.rs b/boring-sys/src/safestack.rs similarity index 100% rename from openssl-sys/src/safestack.rs rename to boring-sys/src/safestack.rs diff --git a/openssl-sys/src/sha.rs b/boring-sys/src/sha.rs similarity index 100% rename from openssl-sys/src/sha.rs rename to boring-sys/src/sha.rs diff --git a/openssl-sys/src/srtp.rs b/boring-sys/src/srtp.rs similarity index 100% rename from openssl-sys/src/srtp.rs rename to boring-sys/src/srtp.rs diff --git a/openssl-sys/src/ssl.rs b/boring-sys/src/ssl.rs similarity index 100% rename from openssl-sys/src/ssl.rs rename to boring-sys/src/ssl.rs diff --git a/openssl-sys/src/ssl3.rs b/boring-sys/src/ssl3.rs similarity index 100% rename from openssl-sys/src/ssl3.rs rename to boring-sys/src/ssl3.rs diff --git a/openssl-sys/src/stack.rs b/boring-sys/src/stack.rs similarity index 100% rename from openssl-sys/src/stack.rs rename to boring-sys/src/stack.rs diff --git a/openssl-sys/src/tls1.rs b/boring-sys/src/tls1.rs similarity index 100% rename from openssl-sys/src/tls1.rs rename to boring-sys/src/tls1.rs diff --git a/openssl-sys/src/x509.rs b/boring-sys/src/x509.rs similarity index 100% rename from openssl-sys/src/x509.rs rename to boring-sys/src/x509.rs diff --git a/openssl-sys/src/x509_vfy.rs b/boring-sys/src/x509_vfy.rs similarity index 100% rename from openssl-sys/src/x509_vfy.rs rename to boring-sys/src/x509_vfy.rs diff --git a/openssl-sys/src/x509v3.rs b/boring-sys/src/x509v3.rs similarity index 100% rename from openssl-sys/src/x509v3.rs rename to boring-sys/src/x509v3.rs diff --git a/boring/Cargo.toml b/boring/Cargo.toml new file mode 100644 index 00000000..d4f7c0f6 --- /dev/null +++ b/boring/Cargo.toml @@ -0,0 +1,21 @@ +[package] +name = "boring" +version = "1.0.0" +authors = ["Steven Fackler ", "Ivan Nikulin "] +license = "Apache-2.0" +description = "BoringSSL bindings" +repository = "https://github.com/inikulin/boring" +readme = "README.md" +keywords = ["crypto", "tls", "ssl", "dtls"] +categories = ["cryptography", "api-bindings"] + +[dependencies] +bitflags = "1.0" +foreign-types = "0.3.1" +lazy_static = "1" +libc = "0.2" +boring-sys = { version = "1.0.0", path = "../boring-sys" } + +[dev-dependencies] +tempdir = "0.3" +hex = "0.3" diff --git a/openssl/LICENSE b/boring/LICENSE similarity index 92% rename from openssl/LICENSE rename to boring/LICENSE index f259067e..2ce59494 100644 --- a/openssl/LICENSE +++ b/boring/LICENSE @@ -1,6 +1,7 @@ Copyright 2011-2017 Google Inc. 2013 Jack Lloyd 2013-2014 Steven Fackler + 2020 Ivan Nikulin Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/openssl/README.md b/boring/README.md similarity index 100% rename from openssl/README.md rename to boring/README.md diff --git a/openssl/examples/mk_certs.rs b/boring/examples/mk_certs.rs similarity index 100% rename from openssl/examples/mk_certs.rs rename to boring/examples/mk_certs.rs diff --git a/openssl/src/aes.rs b/boring/src/aes.rs similarity index 100% rename from openssl/src/aes.rs rename to boring/src/aes.rs diff --git a/openssl/src/asn1.rs b/boring/src/asn1.rs similarity index 100% rename from openssl/src/asn1.rs rename to boring/src/asn1.rs diff --git a/openssl/src/base64.rs b/boring/src/base64.rs similarity index 100% rename from openssl/src/base64.rs rename to boring/src/base64.rs diff --git a/openssl/src/bio.rs b/boring/src/bio.rs similarity index 99% rename from openssl/src/bio.rs rename to boring/src/bio.rs index d6997021..2f1ae121 100644 --- a/openssl/src/bio.rs +++ b/boring/src/bio.rs @@ -1,9 +1,9 @@ use ffi; +use ffi::BIO_new_mem_buf; use libc::c_int; use std::marker::PhantomData; use std::ptr; use std::slice; -use ffi::BIO_new_mem_buf; use cvt_p; use error::ErrorStack; @@ -68,6 +68,3 @@ impl MemBio { } } } - - - diff --git a/openssl/src/bn.rs b/boring/src/bn.rs similarity index 100% rename from openssl/src/bn.rs rename to boring/src/bn.rs diff --git a/openssl/src/conf.rs b/boring/src/conf.rs similarity index 100% rename from openssl/src/conf.rs rename to boring/src/conf.rs diff --git a/openssl/src/derive.rs b/boring/src/derive.rs similarity index 100% rename from openssl/src/derive.rs rename to boring/src/derive.rs diff --git a/openssl/src/dh.rs b/boring/src/dh.rs similarity index 100% rename from openssl/src/dh.rs rename to boring/src/dh.rs diff --git a/openssl/src/dsa.rs b/boring/src/dsa.rs similarity index 100% rename from openssl/src/dsa.rs rename to boring/src/dsa.rs diff --git a/openssl/src/ec.rs b/boring/src/ec.rs similarity index 100% rename from openssl/src/ec.rs rename to boring/src/ec.rs diff --git a/openssl/src/ecdsa.rs b/boring/src/ecdsa.rs similarity index 100% rename from openssl/src/ecdsa.rs rename to boring/src/ecdsa.rs diff --git a/openssl/src/error.rs b/boring/src/error.rs similarity index 100% rename from openssl/src/error.rs rename to boring/src/error.rs diff --git a/openssl/src/ex_data.rs b/boring/src/ex_data.rs similarity index 100% rename from openssl/src/ex_data.rs rename to boring/src/ex_data.rs diff --git a/openssl/src/fips.rs b/boring/src/fips.rs similarity index 100% rename from openssl/src/fips.rs rename to boring/src/fips.rs diff --git a/openssl/src/hash.rs b/boring/src/hash.rs similarity index 100% rename from openssl/src/hash.rs rename to boring/src/hash.rs index 9f2273ca..0f46e0f5 100644 --- a/openssl/src/hash.rs +++ b/boring/src/hash.rs @@ -6,9 +6,9 @@ use std::ops::{Deref, DerefMut}; use std::ptr; use error::ErrorStack; +use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new}; use nid::Nid; use {cvt, cvt_p}; -use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new}; #[derive(Copy, Clone, PartialEq, Eq)] pub struct MessageDigest(*const ffi::EVP_MD); diff --git a/openssl/src/lib.rs b/boring/src/lib.rs similarity index 98% rename from openssl/src/lib.rs rename to boring/src/lib.rs index c3107eb7..af8aaaa8 100644 --- a/openssl/src/lib.rs +++ b/boring/src/lib.rs @@ -10,8 +10,8 @@ extern crate bitflags; extern crate foreign_types; #[macro_use] extern crate lazy_static; +extern crate boring_sys as ffi; extern crate libc; -extern crate openssl_sys as ffi; #[cfg(test)] extern crate hex; diff --git a/openssl/src/macros.rs b/boring/src/macros.rs similarity index 100% rename from openssl/src/macros.rs rename to boring/src/macros.rs diff --git a/openssl/src/memcmp.rs b/boring/src/memcmp.rs similarity index 100% rename from openssl/src/memcmp.rs rename to boring/src/memcmp.rs diff --git a/openssl/src/nid.rs b/boring/src/nid.rs similarity index 100% rename from openssl/src/nid.rs rename to boring/src/nid.rs diff --git a/openssl/src/pkcs12.rs b/boring/src/pkcs12.rs similarity index 100% rename from openssl/src/pkcs12.rs rename to boring/src/pkcs12.rs diff --git a/openssl/src/pkcs5.rs b/boring/src/pkcs5.rs similarity index 100% rename from openssl/src/pkcs5.rs rename to boring/src/pkcs5.rs diff --git a/openssl/src/pkey.rs b/boring/src/pkey.rs similarity index 100% rename from openssl/src/pkey.rs rename to boring/src/pkey.rs diff --git a/openssl/src/rand.rs b/boring/src/rand.rs similarity index 100% rename from openssl/src/rand.rs rename to boring/src/rand.rs diff --git a/openssl/src/rsa.rs b/boring/src/rsa.rs similarity index 100% rename from openssl/src/rsa.rs rename to boring/src/rsa.rs diff --git a/openssl/src/sha.rs b/boring/src/sha.rs similarity index 100% rename from openssl/src/sha.rs rename to boring/src/sha.rs diff --git a/openssl/src/sign.rs b/boring/src/sign.rs similarity index 100% rename from openssl/src/sign.rs rename to boring/src/sign.rs diff --git a/openssl/src/srtp.rs b/boring/src/srtp.rs similarity index 100% rename from openssl/src/srtp.rs rename to boring/src/srtp.rs diff --git a/openssl/src/ssl/bio.rs b/boring/src/ssl/bio.rs similarity index 100% rename from openssl/src/ssl/bio.rs rename to boring/src/ssl/bio.rs diff --git a/openssl/src/ssl/callbacks.rs b/boring/src/ssl/callbacks.rs similarity index 100% rename from openssl/src/ssl/callbacks.rs rename to boring/src/ssl/callbacks.rs diff --git a/openssl/src/ssl/connector.rs b/boring/src/ssl/connector.rs similarity index 100% rename from openssl/src/ssl/connector.rs rename to boring/src/ssl/connector.rs diff --git a/openssl/src/ssl/error.rs b/boring/src/ssl/error.rs similarity index 100% rename from openssl/src/ssl/error.rs rename to boring/src/ssl/error.rs diff --git a/openssl/src/ssl/mod.rs b/boring/src/ssl/mod.rs similarity index 100% rename from openssl/src/ssl/mod.rs rename to boring/src/ssl/mod.rs diff --git a/openssl/src/ssl/test/mod.rs b/boring/src/ssl/test/mod.rs similarity index 100% rename from openssl/src/ssl/test/mod.rs rename to boring/src/ssl/test/mod.rs diff --git a/openssl/src/ssl/test/server.rs b/boring/src/ssl/test/server.rs similarity index 100% rename from openssl/src/ssl/test/server.rs rename to boring/src/ssl/test/server.rs diff --git a/openssl/src/stack.rs b/boring/src/stack.rs similarity index 100% rename from openssl/src/stack.rs rename to boring/src/stack.rs diff --git a/openssl/src/string.rs b/boring/src/string.rs similarity index 100% rename from openssl/src/string.rs rename to boring/src/string.rs diff --git a/openssl/src/symm.rs b/boring/src/symm.rs similarity index 100% rename from openssl/src/symm.rs rename to boring/src/symm.rs diff --git a/openssl/src/util.rs b/boring/src/util.rs similarity index 100% rename from openssl/src/util.rs rename to boring/src/util.rs diff --git a/openssl/src/version.rs b/boring/src/version.rs similarity index 100% rename from openssl/src/version.rs rename to boring/src/version.rs diff --git a/openssl/src/x509/extension.rs b/boring/src/x509/extension.rs similarity index 100% rename from openssl/src/x509/extension.rs rename to boring/src/x509/extension.rs diff --git a/openssl/src/x509/mod.rs b/boring/src/x509/mod.rs similarity index 100% rename from openssl/src/x509/mod.rs rename to boring/src/x509/mod.rs diff --git a/openssl/src/x509/store.rs b/boring/src/x509/store.rs similarity index 100% rename from openssl/src/x509/store.rs rename to boring/src/x509/store.rs diff --git a/openssl/src/x509/tests.rs b/boring/src/x509/tests.rs similarity index 100% rename from openssl/src/x509/tests.rs rename to boring/src/x509/tests.rs diff --git a/openssl/src/x509/verify.rs b/boring/src/x509/verify.rs similarity index 100% rename from openssl/src/x509/verify.rs rename to boring/src/x509/verify.rs diff --git a/openssl/test/alt_name_cert.pem b/boring/test/alt_name_cert.pem similarity index 100% rename from openssl/test/alt_name_cert.pem rename to boring/test/alt_name_cert.pem diff --git a/openssl/test/cert.pem b/boring/test/cert.pem similarity index 100% rename from openssl/test/cert.pem rename to boring/test/cert.pem diff --git a/openssl/test/certs.pem b/boring/test/certs.pem similarity index 100% rename from openssl/test/certs.pem rename to boring/test/certs.pem diff --git a/openssl/test/cms.p12 b/boring/test/cms.p12 similarity index 100% rename from openssl/test/cms.p12 rename to boring/test/cms.p12 diff --git a/openssl/test/cms_pubkey.der b/boring/test/cms_pubkey.der similarity index 100% rename from openssl/test/cms_pubkey.der rename to boring/test/cms_pubkey.der diff --git a/openssl/test/dhparams.pem b/boring/test/dhparams.pem similarity index 100% rename from openssl/test/dhparams.pem rename to boring/test/dhparams.pem diff --git a/openssl/test/dsa.pem b/boring/test/dsa.pem similarity index 100% rename from openssl/test/dsa.pem rename to boring/test/dsa.pem diff --git a/openssl/test/dsa.pem.pub b/boring/test/dsa.pem.pub similarity index 100% rename from openssl/test/dsa.pem.pub rename to boring/test/dsa.pem.pub diff --git a/openssl/test/dsaparam.pem b/boring/test/dsaparam.pem similarity index 100% rename from openssl/test/dsaparam.pem rename to boring/test/dsaparam.pem diff --git a/openssl/test/identity.p12 b/boring/test/identity.p12 similarity index 100% rename from openssl/test/identity.p12 rename to boring/test/identity.p12 diff --git a/openssl/test/key.der b/boring/test/key.der similarity index 100% rename from openssl/test/key.der rename to boring/test/key.der diff --git a/openssl/test/key.der.pub b/boring/test/key.der.pub similarity index 100% rename from openssl/test/key.der.pub rename to boring/test/key.der.pub diff --git a/openssl/test/key.pem b/boring/test/key.pem similarity index 100% rename from openssl/test/key.pem rename to boring/test/key.pem diff --git a/openssl/test/key.pem.pub b/boring/test/key.pem.pub similarity index 100% rename from openssl/test/key.pem.pub rename to boring/test/key.pem.pub diff --git a/openssl/test/keystore-empty-chain.p12 b/boring/test/keystore-empty-chain.p12 similarity index 100% rename from openssl/test/keystore-empty-chain.p12 rename to boring/test/keystore-empty-chain.p12 diff --git a/openssl/test/nid_test_cert.pem b/boring/test/nid_test_cert.pem similarity index 100% rename from openssl/test/nid_test_cert.pem rename to boring/test/nid_test_cert.pem diff --git a/openssl/test/nid_uid_test_cert.pem b/boring/test/nid_uid_test_cert.pem similarity index 100% rename from openssl/test/nid_uid_test_cert.pem rename to boring/test/nid_uid_test_cert.pem diff --git a/openssl/test/pkcs1.pem.pub b/boring/test/pkcs1.pem.pub similarity index 100% rename from openssl/test/pkcs1.pem.pub rename to boring/test/pkcs1.pem.pub diff --git a/openssl/test/pkcs8-nocrypt.der b/boring/test/pkcs8-nocrypt.der similarity index 100% rename from openssl/test/pkcs8-nocrypt.der rename to boring/test/pkcs8-nocrypt.der diff --git a/openssl/test/pkcs8.der b/boring/test/pkcs8.der similarity index 100% rename from openssl/test/pkcs8.der rename to boring/test/pkcs8.der diff --git a/openssl/test/root-ca.key b/boring/test/root-ca.key similarity index 100% rename from openssl/test/root-ca.key rename to boring/test/root-ca.key diff --git a/openssl/test/root-ca.pem b/boring/test/root-ca.pem similarity index 100% rename from openssl/test/root-ca.pem rename to boring/test/root-ca.pem diff --git a/openssl/test/rsa-encrypted.pem b/boring/test/rsa-encrypted.pem similarity index 100% rename from openssl/test/rsa-encrypted.pem rename to boring/test/rsa-encrypted.pem diff --git a/openssl/test/rsa.pem b/boring/test/rsa.pem similarity index 100% rename from openssl/test/rsa.pem rename to boring/test/rsa.pem diff --git a/openssl/test/rsa.pem.pub b/boring/test/rsa.pem.pub similarity index 100% rename from openssl/test/rsa.pem.pub rename to boring/test/rsa.pem.pub diff --git a/openssl-sys/CHANGELOG.md b/openssl-sys/CHANGELOG.md deleted file mode 100644 index 22e79670..00000000 --- a/openssl-sys/CHANGELOG.md +++ /dev/null @@ -1,164 +0,0 @@ -# Change Log - -## [Unreleased] - -## [v0.9.58] - 2020-06-05 - -### Added - -* Added `SSL_set_mtu`. -* Added support for LibreSSL 3.2.0. -* Added `PEM_read_bio_EC_PUBKEY`, `PEM_write_bio_EC_PUBKEY`, `d2i_EC_PUBKEY`, and `i2d_EC_PUBKEY`. -* Added `EVP_PKEY_encrypt_init`, `EVP_PKEY_encrypt`, `EVP_PKEY_decrypt_init`, `EVP_PKEY_decrypt`, - `EVP_PKEY_get_raw_public_key`, `EVP_PKEY_new_raw_public_key`, `EVP_PKEY_get_raw_private_key`, - and `EVP_PKEY_new_raw_private_key`. -* Added `OBJ_sn2nid`. - -## [v0.9.57] - 2020-05-24 - -### Added - -* Added support for LibreSSL 3.1.x. - -## [v0.9.56] - 2020-05-07 - -### Fixed - -* Fixed vendored builds on windows-gnu targets. - -### Added - -* Added support for LibreSSL 3.0.0. - -## [v0.9.55] - 2020-04-07 - -### Fixed - -* Fixed windows-msvc library names when using OpenSSL from vcpkg. - -### Added - -* If the `OPENSSL_NO_VENDOR` environment variable is set, vendoring will not be used even if enabled. -* Added `SSL_CTX_get_verify_mode` and `SSL_get_verify_mode`. -* Added `SSL_is_init_finished`. -* Added `SSL_CTX_set_cert_store`. -* Added `TLS_server_method` and `TLS_client_method`. -* Added `X509_STORE_get0_objects`. -* Added `X509_OBJECT_free`, `X509_OBJECT_get_type`, and `X509_OBJECT_get0_X509`. - -## [v0.9.54] - 2020-01-29 - -### Added - -* Added `BIO_CTRL_DGRAM_QUERY_MTU`. -* Added `EVP_EncryptInit_ex`, `EVP_EncryptFinal_ex`, `EVP_DecryptInit_ex`, and `EVP_DecryptFinal_ex`. -* Added `EVP_md_null`. -* Added `EVP_PKCS82PKEY`. -* Added `PKCS8_PRIV_KEY_INFO`, `d2i_PKCS8_PRIV_KEY_INFO`, and `PKCS8_PRIV_KEY_INFO_free`. -* Added `SSL_OP_NO_RENEGOTIATION`. - -## [v0.9.53] - 2019-11-22 - -### Added - -* Added `ASN1_TIME_diff`. -* Added `EC_GROUP_order_bits`. -* Added `EVP_EncodeBlock` and `EVP_DecodeBlock`. -* Added `SSL_CTRL_SET_GROUPS_LIST`, `SSL_CTRL_SET_SIGALGS_LIST`, `SSL_CTX_set1_groups_list`, and - `SSL_CTX_set1_sigalgs_list`. -* Added `Clone` implementations to `SHA_CTX`, `SHA256_CTX`, and `SHA512_CTX`. - -## [v0.9.52] - 2019-10-19 - -### Added - -* Added support for LibreSSL 3.0.x. - -## [v0.9.51] - 2019-10-02 - -### Added - -* Added support for LibreSSL 3.0.1. - -## [v0.9.50] - 2019-10-02 - -### Added - -* Added `CRYPTO_LOCK_EVP_PKEY`. -* Added `EVP_PKEY_ED25519` and `EVP_PKEY_ED448`. -* Added `EVP_DigestSign` and `EVP_DigestVerify`. -* Added `EVP_PKEY_up_ref`. -* Added `NID_ED25519` and `NID_ED448`. - -## [v0.9.49] - 2019-08-15 - -### Added - -* Added support for LibreSSL 3.0.0. - -## [v0.9.48] - 2019-07-19 - -### Added - -* Added `AES_wrap_key` and `AES_unwrap_key`. -* Added `EC_GROUP_get_cofactor`, `EC_GROUP_get0_generator`, and `EC_POINT_dup`. -* Added `EVP_aes_128_ofb`, `EVP_aes_192_ecb`, `EVP_aes_192_cbc`, `EVP_aes_192_cfb1`, `EVP_aes_192_cfb8`, - `EVP_aes_192_cfb_128`, `EVP_aes_192_ctr`, `EVP_aes_192_ccm`, `EVP_aes_192_gcm`, `EVP_aes_192_ofb`, and - `EVP_aes_256_ofb`. -* Added `PEM_read_bio_CMS` and `PEM_write_bio_CMS`. - -## [v0.9.47] - 2019-05-18 - -### Added - -* Added `SSL_CTX_add_client_CA`. - -## [v0.9.46] - 2019-05-08 - -### Added - -* Added support for the LibreSSL 2.9.x series. - -## [v0.9.45] - 2019-05-03 - -### Fixed - -* Reverted a change to windows-gnu library names that caused regressions. - -## [v0.9.44] - 2019-04-30 - -### Added - -* The `DEP_OPENSSL_VENDORED` environment variable tells downstream build scripts if the vendored feature was enabled. -* Added `EVP_SealInit`, `EVP_SealFinal`, `EVP_EncryptUpdate`, `EVP_OpenInit`, `EVP_OpenFinal`, and `EVP_DecryptUpdate`. -* Added `EVP_PKEY_size`. - -### Fixed - -* Fixed library names when targeting windows-gnu and pkg-config fails. - -## [v0.9.43] - 2019-03-20 - -### Added - -* Added `d2i_CMS_ContentInfo` and `CMS_encrypt`. -* Added `X509_verify` and `X509_REQ_verify`. -* Added `EVP_MD_type` and `EVP_GROUP_get_curve_name`. - -[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.58...master -[v0.9.58]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.57...openssl-sys-v0.9.58 -[v0.9.57]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.56...openssl-sys-v0.9.57 -[v0.9.56]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.55...openssl-sys-v0.9.56 -[v0.9.55]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.54...openssl-sys-v0.9.55 -[v0.9.54]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.53...openssl-sys-v0.9.54 -[v0.9.53]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.52...openssl-sys-v0.9.53 -[v0.9.52]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.51...openssl-sys-v0.9.52 -[v0.9.51]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.50...openssl-sys-v0.9.51 -[v0.9.50]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.49...openssl-sys-v0.9.50 -[v0.9.49]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.48...openssl-sys-v0.9.49 -[v0.9.48]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.47...openssl-sys-v0.9.48 -[v0.9.47]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.46...openssl-sys-v0.9.47 -[v0.9.46]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.45...openssl-sys-v0.9.46 -[v0.9.45]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.44...openssl-sys-v0.9.45 -[v0.9.44]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.43...openssl-sys-v0.9.44 -[v0.9.43]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.42...openssl-sys-v0.9.43 diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml deleted file mode 100644 index f6d2e116..00000000 --- a/openssl-sys/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "openssl-sys" -version = "0.9.58" -authors = ["Alex Crichton ", - "Steven Fackler "] -license = "MIT" -description = "FFI bindings to OpenSSL" -repository = "https://github.com/sfackler/rust-openssl" -readme = "README.md" -categories = ["cryptography", "external-ffi-bindings"] - -[dependencies] -libc = "0.2" - -[build-dependencies] -cmake = "0.1" diff --git a/openssl/CHANGELOG.md b/openssl/CHANGELOG.md deleted file mode 100644 index 28158ce8..00000000 --- a/openssl/CHANGELOG.md +++ /dev/null @@ -1,506 +0,0 @@ -# Change Log - -## [Unreleased] - -## [v0.10.30] - 2020-06-25 - -### Fixed - -* `DsaRef::private_key_to_pem` can no longer be called without a private key. - -### Changed - -* Improved the `Debug` implementations of many types. - -### Added - -* Added `is_empty` implementations for `Asn1StringRef` and `Asn1BitStringRef`. -* Added `EcPointRef::{to_pem, to_dir}` and `EcKeyRef::{public_key_from_pem, public_key_from_der}`. -* Added `Default` implementations for many types. -* Added `Debug` implementations for many types. -* Added `SslStream::from_raw_parts`. -* Added `SslRef::set_mtu`. -* Added `Cipher::{aes_128_ocb, aes_192_ocb, aes_256_ocb}`. - -### Deprecated - -* Deprecated `SslStreamBuilder::set_dtls_mtu_size` in favor of `SslRef::set_mtu`. - -## [v0.10.29] - 2020-04-07 - -### Fixed - -* Fixed a memory leak in `X509Builder::append_extension`. - -### Added - -* Added `SslConnector::into_context` and `SslConnector::context`. -* Added `SslAcceptor::into_context` and `SslAcceptor::context`. -* Added `SslMethod::tls_client` and `SslMethod::tls_server`. -* Added `SslContextBuilder::set_cert_store`. -* Added `SslContextRef::verify_mode` and `SslRef::verify_mode`. -* Added `SslRef::is_init_finished`. -* Added `X509Object`. -* Added `X509StoreRef::objects`. - -## [v0.10.28] - 2020-02-04 - -### Fixed - -* Fixed the mutability of `Signer::sign_oneshot` and `Verifier::verify_oneshot`. This is unfortunately a breaking - change, but a necessary soundness fix. - -## [v0.10.27] - 2020-01-29 - -### Added - -* Added `MessageDigest::null`. -* Added `PKey::private_key_from_pkcs8`. -* Added `SslOptions::NO_RENEGOTIATION`. -* Added `SslStreamBuilder::set_dtls_mtu_size`. - -## [v0.10.26] - 2019-11-22 - -### Fixed - -* Fixed improper handling of the IV buffer in `envelope::{Seal, Unseal}`. - -### Added - -* Added `Asn1TimeRef::{diff, compare}`. -* Added `Asn1Time::from_unix`. -* Added `PartialEq` and `PartialOrd` implementations for `Asn1Time` and `Asn1TimeRef`. -* Added `base64::{encode_block, decode_block}`. -* Added `EcGroupRef::order_bits`. -* Added `Clone` implementations for `Sha1`, `Sha224`, `Sha256`, `Sha384`, and `Sha512`. -* Added `SslContextBuilder::{set_sigalgs_list, set_groups_list}`. - -## [v0.10.25] - 2019-10-02 - -### Fixed - -* Fixed a memory leak in `EcdsaSig::from_private_components` when using OpenSSL 1.0.x. - -### Added - -* Added support for Ed25519 and Ed448 keys. -* Implemented `ToOwned` for `PKeyRef` and `Clone` for `PKey`. - -## [v0.10.24] - 2019-07-19 - -### Fixed - -* Worked around an OpenSSL 1.0.x bug triggered by code calling `SSL_set_app_data`. - -### Added - -* Added `aes::{wrap_key, unwrap_key}`. -* Added `CmsContentInfoRef::to_pem` and `CmsContentInfo::from_pem`. -* Added `DsaRef::private_key_to_pem`. -* Added `EcGroupRef::{cofactor, generator}`. -* Added `EcPointRef::to_owned`. -* Added a `Debug` implementation for `EcKey`. -* Added `SslAcceptor::{mozilla_intermediate_v5, mozilla_modern_v5}`. -* Added `Cipher::{aes_128_ofb, aes_192_ecb, aes_192_cbc, aes_192_ctr, aes_192_cfb1, aes_192_cfb128, aes_192_cfb8, - aes_192_gcm, aes_192_ccm, aes_192_ofb, aes_256_ofb}`. - -## [v0.10.23] - 2019-05-18 - -### Fixed - -* Fixed session callbacks when an `Ssl`'s context is replaced. - -### Added - -* Added `SslContextBuilder::add_client_ca`. - -## [v0.10.22] - 2019-05-08 - -### Added - -* Added support for the LibreSSL 2.9.x series. - -## [v0.10.21] - 2019-04-30 - -### Fixed - -* Fixed overly conservatifve buffer size checks in `Crypter` when using stream ciphers. - -### Added - -* Added bindings to envelope encryption APIs. -* Added `PkeyRef::size`. - -## [v0.10.20] - 2019-03-20 - -### Added - -* Added `CmsContentInfo::from_der` and `CmsContentInfo::encrypt`. -* Added `X509Ref::verify` and `X509ReqRef::verify`. -* Implemented `PartialEq` and `Eq` for `MessageDigest`. -* Added `MessageDigest::type_` and `EcGroupRef::curve_name`. - -## [v0.10.19] - 2019-03-01 - -### Added - -* The openssl-sys build script now logs the values of environment variables. -* Added `ERR_PACK` to openssl-sys. -* The `ERR_*` functions in openssl-sys are const functions when building against newer Rust versions. -* Implemented `Clone` for `Dsa`. -* Added `SslContextRef::add_session` and `SslContextRef::remove_session`. -* Added `SslSessionRef::time`, `SslSessionRef::timeout`, and `SslSessionRef::protocol_version`. -* Added `SslContextBuilder::set_session_cache_size` and `SslContextRef::session_cache_size`. - -## [v0.10.18] - 2019-02-22 - -### Fixed - -* Fixed the return type of `ssl::cipher_name`. - -## [v0.10.17] - 2019-02-22 - -### Added - -* Implemented `AsRef` and `AsRef<[u8]>` for `OpenSslString`. -* Added `Asn1Integer::from_bn`. -* Added `RsaRef::check_key`. -* Added `Asn1Time::from_str` and `Asn1Time::from_str_x509`. -* Added `Rsa::generate_with_e`. -* Added `Cipher::des_ede3_cfb64`. -* Added `SslCipherRef::standard_name` and `ssl::cipher_name`. - -## [v0.10.16] - 2018-12-16 - -### Added - -* Added SHA3 and SHAKE to `MessageDigest`. -* Added `rand::keep_random_devices_open`. -* Added support for LibreSSL 2.9.0. - -## [v0.10.15] - 2018-10-22 - -### Added - -* Implemented `DoubleEndedIterator` for stack iterators. - -## [v0.10.14] - 2018-10-18 - -### Fixed - -* Made some accidentally exposed internal functions private. - -### Added - -* Added support for LibreSSL 2.8. - -### Changed - -* The OpenSSL version used with the `vendored` feature has been upgraded from 1.1.0 to 1.1.1. - -## [v0.10.13] - 2018-10-14 - -### Fixed - -* Fixed a double-free in the `SslContextBuilder::set_get_session_callback` API. - -### Added - -* Added `SslContextBuilder::set_client_hello_callback`. -* Added support for LibreSSL 2.8.1. -* Added `EcdsaSig::from_der` and `EcdsaSig::to_der`. -* Added PKCS#7 support. - -## [v0.10.12] - 2018-09-13 - -### Fixed - -* Fixed handling of SNI callbacks during renegotiation. - -### Added - -* Added `SslRef::get_shutdown` and `SslRef::set_shutdown`. -* Added support for SRTP in DTLS sessions. -* Added support for LibreSSL 2.8.0. - -## [v0.10.11] - 2018-08-04 - -### Added - -* The new `vendored` cargo feature will cause openssl-sys to compile and statically link to a - vendored copy of OpenSSL. -* Added `SslContextBuilder::set_psk_server_callback`. -* Added `DsaRef::pub_key` and `DsaRef::priv_key`. -* Added `Dsa::from_private_components` and `Dsa::from_public_components`. -* Added `X509NameRef::entries`. - -### Deprecated - -* `SslContextBuilder::set_psk_callback` has been renamed to - `SslContextBuilder::set_psk_client_callback` and deprecated. - -## [v0.10.10] - 2018-06-06 - -### Added - -* Added `SslRef::set_alpn_protos`. -* Added `SslContextBuilder::set_ciphersuites`. - -## [v0.10.9] - 2018-06-01 - -### Fixed - -* Fixed a use-after-free in `CmsContentInfo::sign`. -* `SslRef::servername` now returns `None` rather than panicking on a non-UTF8 name. - -### Added - -* Added `MessageDigest::from_nid`. -* Added `Nid::signature_algorithms`, `Nid::long_name`, and `Nid::short_name`. -* Added early data and early keying material export support for TLS 1.3. -* Added `SslRef::verified_chain`. -* Added `SslRef::servername_raw` which returns a `&[u8]` rather than `&str`. -* Added `SslRef::finished` and `SslRef::peer_finished`. -* Added `X509Ref::digest` to replace `X509Ref::fingerprint`. -* `X509StoreBuilder` and `X509Store` now implement `Sync` and `Send`. - -### Deprecated - -* `X509Ref::fingerprint` has been deprecated in favor of `X509Ref::digest`. - -## [v0.10.8] - 2018-05-20 - -### Fixed - -* `openssl-sys` will now detect Homebrew-installed OpenSSL when installed to a non-default - directory. -* The `X509_V_ERR_INVALID_CALL`, `X509_V_ERR_STORE_LOOKUP`, and - `X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION` constants in `openssl-sys` are now only present when - building against 1.1.0g and up rather than 1.1.0. -* `SslContextBuilder::max_proto_version` and `SslContextBuilder::min_proto_version` are only present - when building against 1.1.0g and up rather than 1.1.0. - -### Added - -* Added `CmsContentInfo::sign`. -* Added `Clone` and `ToOwned` implementations to `Rsa` and `RsaRef` respectively. -* The `min_proto_version` and `max_proto_version` methods are available when linking against - LibreSSL 2.6.1 and up in addition to OpenSSL. -* `X509VerifyParam` is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. -* ALPN support is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. -* `Stack` and `StackRef` are now `Sync` and `Send`. - -## [v0.10.7] - 2018-04-30 - -### Added - -* Added `X509Req::public_key` and `X509Req::extensions`. -* Added `RsaPrivateKeyBuilder` to allow control over initialization of optional components of an RSA - private key. -* Added DER encode/decode support to `SslSession`. -* openssl-sys now provides the `DEP_OPENSSL_VERSION_NUMBER` and - `DEP_OPENSSL_LIBRESSL_VERSION_NUMBER` environment variables to downstream build scripts which - contains the hex-encoded version number of the OpenSSL or LibreSSL distribution being built - against. The other variables are deprecated. - -## [v0.10.6] - 2018-03-05 - -### Added - -* Added `SslOptions::ENABLE_MIDDLEBOX_COMPAT`. -* Added more `Sync` and `Send` implementations. -* Added `PKeyRef::id`. -* Added `Padding::PKCS1_PSS`. -* Added `Signer::set_rsa_pss_saltlen`, `Signer::set_rsa_mgf1_md`, `Signer::set_rsa_pss_saltlen`, and - `Signer::set_rsa_mgf1_md` -* Added `X509StoreContextRef::verify` to directly verify certificates. -* Added low level ECDSA support. -* Added support for TLSv1.3 custom extensions. (OpenSSL 1.1.1 only) -* Added AES-CCM support. -* Added `EcKey::from_private_components`. -* Added CMAC support. -* Added support for LibreSSL 2.7. -* Added `X509Ref::serial_number`. -* Added `Asn1IntegerRef::to_bn`. -* Added support for TLSv1.3 stateless handshakes. (OpenSSL 1.1.1 only) - -### Changed - -* The Cargo features previously used to gate access to version-specific OpenSSL APIs have been - removed. Those APIs will be available automatically when building against an appropriate OpenSSL - version. -* Fixed `PKey::private_key_from_der` to return a `PKey` rather than a `PKey`. This - is technically a breaking change but the function was pretty useless previously. - -### Deprecated - -* `X509CheckFlags::FLAG_NO_WILDCARDS` has been renamed to `X509CheckFlags::NO_WILDCARDS` and the old - name deprecated. - -## [v0.10.5] - 2018-02-28 - -### Fixed - -* `ErrorStack`'s `Display` implementation no longer writes an empty string if it contains no errors. - -### Added - -* Added `SslRef::version2`. -* Added `Cipher::des_ede3_cbc`. -* Added `SslRef::export_keying_material`. -* Added the ability to push an `Error` or `ErrorStack` back onto OpenSSL's error stack. Various - callback bindings use this to propagate errors properly. -* Added `SslContextBuilder::set_cookie_generate_cb` and `SslContextBuilder::set_cookie_verify_cb`. -* Added `SslContextBuilder::set_max_proto_version`, `SslContextBuilder::set_min_proto_version`, - `SslContextBuilder::max_proto_version`, and `SslContextBuilder::min_proto_version`. - -### Changed - -* Updated `SslConnector`'s default cipher list to match Python's. - -### Deprecated - -* `SslRef::version` has been deprecated. Use `SslRef::version_str` instead. - -## [v0.10.4] - 2018-02-18 - -### Added - -* Added OpenSSL 1.1.1 support. -* Added `Rsa::public_key_from_pem_pkcs1`. -* Added `SslOptions::NO_TLSV1_3`. (OpenSSL 1.1.1 only) -* Added `SslVersion`. -* Added `SslSessionCacheMode` and `SslContextBuilder::set_session_cache_mode`. -* Added `SslContextBuilder::set_new_session_callback`, - `SslContextBuilder::set_remove_session_callback`, and - `SslContextBuilder::set_get_session_callback`. -* Added `SslContextBuilder::set_keylog_callback`. (OpenSSL 1.1.1 only) -* Added `SslRef::client_random` and `SslRef::server_random`. (OpenSSL 1.1.0+ only) - -### Fixed - -* The `SslAcceptorBuilder::mozilla_modern` constructor now disables TLSv1.0 and TLSv1.1 in - accordance with Mozilla's recommendations. - -## [v0.10.3] - 2018-02-12 - -### Added - -* OpenSSL is now automatically detected on FreeBSD systems. -* Added `GeneralName` accessors for `rfc822Name` and `uri` variants. -* Added DES-EDE3 support. - -### Fixed - -* Fixed a memory leak in `X509StoreBuilder::add_cert`. - -## [v0.10.2] - 2018-01-11 - -### Added - -* Added `ConnectConfiguration::set_use_server_name_indication` and - `ConnectConfiguration::set_verify_hostname` for use in contexts where you don't have ownership - of the `ConnectConfiguration`. - -## [v0.10.1] - 2018-01-10 - -### Added - -* Added a `From for ssl::Error` implementation. - -## [v0.10.0] - 2018-01-10 - -### Compatibility - -* openssl 0.10 still uses openssl-sys 0.9, so openssl 0.9 and 0.10 can coexist without issue. - -### Added - -* The `ssl::select_next_proto` function can be used to easily implement the ALPN selection callback - in a "standard" way. -* FIPS mode support is available in the `fips` module. -* Accessors for the Issuer and Issuer Alternative Name fields of X509 certificates have been added. -* The `X509VerifyResult` can now be set in the certificate verification callback via - `X509StoreContextRef::set_error`. - -### Changed - -* All constants have been moved to associated constants of their type. For example, `bn::MSB_ONE` - is now `bn::MsbOption::ONE`. -* Asymmetric key types are now parameterized over what they contain. In OpenSSL, the same type is - used for key parameters, public keys, and private keys. Unfortunately, some APIs simply assume - that certain components are present and will segfault trying to use things that aren't there. - - The `pkey` module contains new tag types named `Params`, `Public`, and `Private`, and the - `Dh`, `Dsa`, `EcKey`, `Rsa`, and `PKey` have a type parameter set to one of those values. This - allows the `Signer` constructor to indicate that it requires a private key at compile time for - example. Previously, `Signer` would simply segfault if provided a key without private - components. -* ALPN support has been changed to more directly model OpenSSL's own APIs. Instead of a single - method used for both the server and client sides which performed everything automatically, the - `SslContextBuilder::set_alpn_protos` and `SslContextBuilder::set_alpn_select_callback` handle - the client and server sides respectively. -* `SslConnector::danger_connect_without_providing_domain_for_certificate_verification_and_server_name_indication` - has been removed in favor of new methods which provide more control. The - `ConnectConfiguration::use_server_name_indication` method controls the use of Server Name - Indication (SNI), and the `ConnectConfiguration::verify_hostname` method controls the use of - hostname verification. These can be controlled independently, and if both are disabled, the - domain argument to `ConnectConfiguration::connect` is ignored. -* Shared secret derivation is now handled by the new `derive::Deriver` type rather than - `pkey::PKeyContext`, which has been removed. -* `ssl::Error` is now no longer an enum, and provides more direct access to the relevant state. -* `SslConnectorBuilder::new` has been moved and renamed to `SslConnector::builder`. -* `SslAcceptorBuilder::mozilla_intermediate` and `SslAcceptorBuilder::mozilla_modern` have been - moved to `SslAcceptor` and no longer take the private key and certificate chain. Install those - manually after creating the builder. -* `X509VerifyError` is now `X509VerifyResult` and can now have the "ok" value in addition to error - values. -* `x509::X509FileType` is now `ssl::SslFiletype`. -* Asymmetric key serialization and deserialization methods now document the formats that they - correspond to, and some have been renamed to better indicate that. - -### Removed - -* All deprecated APIs have been removed. -* NPN support has been removed. It has been supersceded by ALPN, and is hopefully no longer being - used in practice. If you still depend on it, please file an issue! -* `SslRef::compression` has been removed. -* Some `ssl::SslOptions` flags have been removed as they no longer do anything. - -## Older - -Look at the [release tags] for information about older releases. - -[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.30...master -[v0.10.30]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.29...openssl-v0.10.30 -[v0.10.29]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.28...openssl-v0.10.29 -[v0.10.28]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.27...openssl-v0.10.28 -[v0.10.27]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.26...openssl-v0.10.27 -[v0.10.26]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.25...openssl-v0.10.26 -[v0.10.25]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.24...openssl-v0.10.25 -[v0.10.24]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.23...openssl-v0.10.24 -[v0.10.23]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.22...openssl-v0.10.23 -[v0.10.22]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.21...openssl-v0.10.22 -[v0.10.21]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.20...openssl-v0.10.21 -[v0.10.20]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.19...openssl-v0.10.20 -[v0.10.19]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.18...openssl-v0.10.19 -[v0.10.18]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.17...openssl-v0.10.18 -[v0.10.17]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.16...openssl-v0.10.17 -[v0.10.16]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.15...openssl-v0.10.16 -[v0.10.15]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.14...openssl-v0.10.15 -[v0.10.14]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.13...openssl-v0.10.14 -[v0.10.13]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.12...openssl-v0.10.13 -[v0.10.12]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.11...openssl-v0.10.12 -[v0.10.11]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.10...openssl-v0.10.11 -[v0.10.10]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.9...openssl-v0.10.10 -[v0.10.9]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.8...openssl-v0.10.9 -[v0.10.8]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.7...openssl-v0.10.8 -[v0.10.7]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.6...openssl-v0.10.7 -[v0.10.6]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.5...openssl-v0.10.6 -[v0.10.5]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.4...openssl-v0.10.5 -[v0.10.4]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.3...openssl-v0.10.4 -[v0.10.3]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.2...openssl-v0.10.3 -[v0.10.2]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.1...openssl-v0.10.2 -[v0.10.1]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.0...openssl-v0.10.1 -[v0.10.0]: https://github.com/sfackler/rust-openssl/compare/v0.9.23...openssl-v0.10.0 -[release tags]: https://github.com/sfackler/rust-openssl/releases diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml deleted file mode 100644 index efd1a25d..00000000 --- a/openssl/Cargo.toml +++ /dev/null @@ -1,31 +0,0 @@ -[package] -name = "openssl" -version = "0.10.30" -authors = ["Steven Fackler "] -license = "Apache-2.0" -description = "OpenSSL bindings" -repository = "https://github.com/sfackler/rust-openssl" -readme = "README.md" -keywords = ["crypto", "tls", "ssl", "dtls"] -categories = ["cryptography", "api-bindings"] - -# these are deprecated and don't do anything anymore -[features] -v101 = [] -v102 = [] -v110 = [] -v111 = [] - - -[dependencies] -bitflags = "1.0" -cfg-if = "1.0" -foreign-types = "0.3.1" -lazy_static = "1" -libc = "0.2" - -openssl-sys = { version = "0.9.58", path = "../openssl-sys" } - -[dev-dependencies] -tempdir = "0.3" -hex = "0.3" diff --git a/systest/Cargo.toml b/systest/Cargo.toml index 1b05c80e..60718243 100644 --- a/systest/Cargo.toml +++ b/systest/Cargo.toml @@ -5,7 +5,7 @@ authors = ["Alex Crichton "] [dependencies] libc = "0.2" -openssl-sys = { path = "../openssl-sys" } +boring-sys = { path = "../boring-sys" } [build-dependencies] ctest = "0.2" diff --git a/systest/build.rs b/systest/build.rs index d3b45926..4793b050 100644 --- a/systest/build.rs +++ b/systest/build.rs @@ -6,7 +6,7 @@ fn main() { let mut cfg = ctest::TestGenerator::new(); let target = env::var("TARGET").unwrap(); - cfg.include("../openssl-sys/deps/boringssl/src/include"); + cfg.include("../boring-sys/deps/boringssl/src/include"); // Needed to get OpenSSL to correctly undef symbols that are already on // Windows like X509_NAME @@ -109,5 +109,5 @@ fn main() { } }); cfg.fn_cname(|rust, link_name| link_name.unwrap_or(rust).to_string()); - cfg.generate("../openssl-sys/src/lib.rs", "all.rs"); + cfg.generate("../boring-sys/src/lib.rs", "all.rs"); } diff --git a/systest/src/main.rs b/systest/src/main.rs index 3e5888c8..d139c52e 100644 --- a/systest/src/main.rs +++ b/systest/src/main.rs @@ -1,9 +1,9 @@ #![allow(bad_style, clippy::all)] +extern crate boring_sys; extern crate libc; -extern crate openssl_sys; +use boring_sys::*; use libc::*; -use openssl_sys::*; include!(concat!(env!("OUT_DIR"), "/all.rs"));