min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,230 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

1230 Commits

Author SHA1 Message Date
Jamie Turner c37767df8f Nonblocking streams support. 2015-10-20 23:14:26 -07:00
Steven Fackler 549f257376 Merge pull request #290 from jimmycuadra/master 
Expose RSA_generate_key_ex
 2015-10-17 20:23:28 -04:00
Jimmy Cuadra 214c3a60f0 Expose RSA_generate_key_ex. 2015-10-15 08:54:46 -07:00
Steven Fackler 3c18807348 Merge branch 'release' 2015-10-14 22:28:54 -04:00
Steven Fackler 38b0defd91 Merge branch 'release-v0.6.7' into release 2015-10-14 22:25:48 -04:00
Steven Fackler f318a2c84c Release v0.6.7 2015-10-14 22:25:35 -04:00
Steven Fackler f1e19c9a55 Merge pull request #288 from alexcrichton/include 
Add metadata for the include dir of openssl
 2015-10-14 21:59:10 -04:00
Steven Fackler ae3d0e36d7 Revert "Merge pull request #280 from ltratt/libressl_build" 
This reverts commit aad933e507, reversing
changes made to 60ee731408.
 2015-10-14 21:51:32 -04:00
Steven Fackler af255be98e Merge pull request #289 from larsbergstrom/version_fixup 
Version fixup
 2015-10-14 21:47:51 -04:00
Lars Bergstrom d341a6efeb Update OpenSSL version checks to 1.0 numbers instead of 0.10 numbers 2015-10-14 19:39:40 -05:00
Alex Crichton 8ed840cdf5 Add metadata for the include dir of openssl 
If OpenSSL is installed at a nonstandard location dependencies on OpenSSL may
want to know where it was found to be installed at.
 2015-10-13 15:58:45 -07:00
Steven Fackler 8f5b67fed4 Merge pull request #286 from jedisct1/use_certificate_chain 
Add set_certificate_chain_file()
 2015-10-13 09:26:18 -04:00
Steven Fackler 81bc1edb61 Merge pull request #284 from bheart/cfb-mode 
AES CFB-mode feature
 2015-10-12 21:18:27 -04:00
Steven Fackler d65ff82fbe Merge pull request #287 from radare/patch-1 
Add certs.pem in cert probe list
 2015-10-12 21:13:24 -04:00
radare 3ca5ecac74 Add certs.pem in cert probe list 
It turns out that some distributions use /etc/ssl/certs.pem, which was causing some troubles.
Related issue https://github.com/rust-lang/cargo/issues/1978#issuecomment-147515236
 2015-10-12 23:20:33 +02:00
Frank Denis a28253ee7d Add set_certificate_chain_file() 
SSL_CTX_use_certificate_chain_file() is preferred over
SSL_CTX_use_certificate_file().

It allows the use of complete certificate chains instead of loading
only the first certificate in a PEM file.
 2015-10-12 20:54:00 +02:00
Will Tange acbcb49414 AES CFB{1,8,128} mode support 2015-10-11 20:09:36 +02:00
Steven Fackler aad933e507 Merge pull request #280 from ltratt/libressl_build 
Fix build on LibreSSL.
 2015-10-10 21:56:20 -04:00
Steven Fackler 60ee731408 Merge pull request #277 from nixpulvis/read_public_pem 
Add public key PEM read function.
 2015-10-10 21:55:37 -04:00
Steven Fackler 052060674d Merge branch 'release' 2015-10-05 22:39:48 +01:00
Steven Fackler cb2c860d02 Merge branch 'release-v0.6.6' into release 2015-10-05 22:34:57 +01:00
Steven Fackler 677ed6ad1b Release v0.6.6 2015-10-05 22:34:32 +01:00
Steven Fackler 0ca71a98ff Clean up init stuff 2015-10-05 22:05:58 +01:00
Steven Fackler 201624a32d Merge pull request #282 from Manishearth/threadid 
Set threadid_func on linux/osx (fixes #281)
 2015-10-05 20:39:03 +01:00
Manish Goregaokar 6c810e7f9c Set threadid_func on linux/osx (fixes #281) 2015-10-05 21:43:49 +05:30
Laurence Tratt d7342a09a7 Fix build on LibreSSL. 
LibreSSL has deprecated SSLv3_method, so this commit makes that a compile-time
feature.

It also removes a test referencing SSL_OP_CISCO_ANYCONNECT, as the LibreSSL
header says it is amongst "Obsolete flags kept for compatibility. No sane code
should use them."
 2015-10-03 17:25:38 +00:59
Steven Fackler 9044cd6b9e Merge pull request #279 from jtdowney/sslv23_docs 
Update documentation about SSLv23
 2015-10-02 22:23:48 -04:00
John Downey df93e5e90b Update documentation about SSLv23 
In OpenSSL world, the SSLv23 option is a poorly name method that will
negotiate what version of TLS or SSL to use. It starts with the best
version the library supports and then precedes to keep trying all the
way down to SSL 2.0.
 2015-10-02 16:22:11 -05:00
Nathan Lilienthal ffa9d330fd Add public key PEM read function. 2015-10-01 20:33:12 -04:00
Steven Fackler d9c2213711 Merge pull request #263 from jedisct1/ecdh_auto 
Add SSL::set_ecdh_auto()
 2015-09-26 00:24:44 -04:00
Frank Denis ccc6d07da3 Add an ecdh_auto description 2015-09-25 15:23:52 +02:00
Frank Denis 28320a65a7 Add SSL::set_ecdh_auto() 
This sets automatic curve selection and enables ECDH support.
Requires LibreSSL or OpenSSL >= 1.0.2, so behind a feature gate.
 2015-09-25 13:15:37 +02:00
Steven Fackler def8e2ce89 Merge pull request #273 from alexcrichton/test-on-windows 
Enable testing on Windows via AppVeyor
 2015-09-22 23:48:29 -04:00
Alex Crichton a91b6bf3bd Enable testing on Windows via AppVeyor 
This abolishes the test.sh script which spawns a bunch of `openssl` instances to
instead run/manage the binary in-process (providing more isolation to boot). The
tests have been updated accordingly and the `connected_socket` dependency was
also dropped in favor of `net2` as it the former doesn't work on Windows.
 2015-09-22 17:37:21 -07:00
Steven Fackler b1b76f7913 Merge pull request #266 from jmesmon/alpn 
ssl/npn+alpn: adjust protocol selection to fail if no protocols match
 2015-09-16 11:51:45 -07:00
Cody P Schafer 4c28eb706e ssl/alpn: test mismatch between protocols resulting in None 2015-09-16 13:35:12 -04:00
Steven Fackler 1c3f04138f Merge pull request #261 from jedisct1/try_ssl_null 
Use try_ssl_null!() when relevant
 2015-09-16 01:13:24 -04:00
Steven Fackler 618b68f9c0 Merge pull request #262 from jedisct1/read_dhparams 
Add DH::from_pem() to load DH parameters from a file
 2015-09-16 01:11:58 -04:00
Frank Denis 6a2b4402e9 Use try_ssl_null!() when relevant 2015-09-13 12:45:05 +02:00
Frank Denis 6666a1818a Add DH::from_pem() to load DH parameters from a file 2015-09-13 12:44:50 +02:00
Steven Fackler f4bf55faa3 Merge pull request #270 from mvdnes/crypto_segv 
Check if public/private RSA key is properly loaded
 2015-09-11 11:31:15 -04:00
Mathijs van de Nes 87d5c0e429 Fix one call to RSA_size found by tests 2015-09-11 09:24:24 +02:00
Mathijs van de Nes 3be32528e5 Add tests to ensure a panic occurs instead of segv 2015-09-11 09:23:51 +02:00
Mathijs van de Nes 0eb2f0ecfa Check rsa.is_null() before passing it to RSA_size 
RSA_size will cause an segmentation fault if it is null
 2015-09-10 13:04:25 +02:00
Mathijs van de Nes 02b109bf04 Check _fromstr function for success 2015-09-10 12:58:40 +02:00
Steven Fackler d74db991ce Merge pull request #268 from alex/patch-1 
Make the docs say that load_pub/save_pub methods take DER bytes
 2015-09-09 17:26:04 -07:00
Alex Gaynor 4781a3304a Make the docs say that load_pub/save_pub methods take DER bytes 2015-09-09 19:58:45 -04:00
Cody P Schafer 50c5042c70 ssl/npn+alpn: adjust protocol selection to fail if no protocols match 
The current behavior causes a server written using rust-openssl to (if
it cannot negotiate a protocol) fallback to the first protocol it has
avaliable.

This makes it impossible to detect protocol mismatches.

This updates our selection to be more similar to how openssl's
s_server behaves: non-matching protocols are not supplied with a
fallback.

Note that some setups may actually want a fallback protocol supplied
via ALPN. To support those cases, we should consider adding a generic
callback that allows protocol selection to be entirely controlled by
the programmer.

For the purposes of having a sane default, however, not supplying a
default (and mimicing s_server's behavior) is the best choice.
 2015-09-01 17:14:04 -04:00
Cody P Schafer 164f3f0873 openssl/ssl: fix some of the comment text where I missed replacing NPN with ALPN 2015-09-01 17:13:39 -04:00
Steven Fackler 60c0b88eba Merge pull request #265 from alexcrichton/swap-order 
Swap order of linking ssl/crypto
 2015-09-01 13:18:34 -07:00