boring2

Commit Graph

Author	SHA1	Message	Date
Steven Fackler	e2f1569500	Tweak layout a little bit	2017-01-03 12:35:52 -08:00
Philipp Keck	1767cd5464	Pointer from PKey docs to sign module. Could even add a link, but I don't know how. Someone who wants to use OpenSSL to compute an HMAC won't find a "hmac" module and won't find HMACs in the "hash" module. Unless the person knows that HMACs are used to "sign" messages (the usual term in this context would be "authenticate"), they will probably use the search function and look for "hmac", then they'll find this method. So it's helpful to include a pointer to the right API to use. Without such a pointer, the API user is left with a seemingly useless Pkey instance. Similar pointers could be helpful from the other creator methods in this file. And/or from the top-level documentation or the hash documentation towards the sign module. Another idea would be a trivial `hmac` module with a few helper functions that internally just use Pkey. If many users who just want a simple HMAC value can use that API, there are fewer dependencies on `Pkey` and `sign`, which is probably a good thing.	2017-01-03 14:48:46 +01:00
Steven Fackler	cfb2539ed4	Typo	2017-01-02 09:37:31 -08:00
Steven Fackler	0483ea767c	Little cleanup	2017-01-01 11:05:54 -08:00
Steven Fackler	0e0bee50a5	Clean up bio	2017-01-01 10:18:43 -08:00
Steven Fackler	7e75c76bb4	Stick tag description on the right function	2017-01-01 10:13:34 -08:00
Steven Fackler	cdabc1b3e3	Fix docs	2017-01-01 10:07:32 -08:00
Steven Fackler	85a6e8acca	Fix doc reference	2017-01-01 09:53:08 -08:00
Benjamin Fry	444c00955a	add EcKey creation from EcPoint, public_key	2016-12-31 10:40:56 -08:00
Steven Fackler	5c49b58a88	Indicate that memcmp::eq should be used for HMACs	2016-12-31 09:44:57 -08:00
Steven Fackler	762510a5fa	Release v0.9.4	2016-12-23 13:38:52 -05:00
Steven Fackler	7e035a7fd1	Merge pull request #538 from semarie/libressl Add LibreSSL support	2016-12-22 11:59:19 -05:00
Sébastien Marie	b3526cbd2b	Add LibreSSL 2.5.0 support	2016-12-21 09:27:12 +01:00
Alex Crichton	8e01f8d250	Handle zero-length reads/writes This commit adds some short-circuits for zero-length reads/writes to `SslStream`. Because OpenSSL returns 0 on error, then we could mistakenly confuse a 0-length success as an actual error, so we avoid writing or reading 0 bytes by returning quickly with a success.	2016-12-20 15:52:18 -08:00
Steven Fackler	791f2c8f4d	Release v0.9.3	2016-12-09 21:54:06 -08:00
Steven Fackler	26cefe7d97	Switch to docs.rs for docs	2016-12-09 21:52:43 -08:00
Steven Fackler	152d788998	Fix ErrorStack display	2016-12-09 21:32:41 -08:00
0xa	5340895249	Add Blowfish tests	2016-12-09 21:31:26 +00:00
0xa	0850f605b1	Use EVP_bf_cfb64 instead of EVP_bf_cfb	2016-12-09 18:42:10 +00:00
0xa	0081665339	Add Blowfish support	2016-12-09 17:06:15 +00:00
Steven Fackler	0602712bf4	Release v0.9.2	2016-11-27 22:23:32 -08:00
Steven Fackler	146512099b	Implement Clone for SslConnector and SslAcceptor	2016-11-27 21:35:35 -08:00
Steven Fackler	234f126d7d	Cleanup	2016-11-27 21:00:59 -08:00
Steven Fackler	8b60d4a3c2	Return Option from group	2016-11-16 15:45:15 -08:00
Steven Fackler	e58dda8990	Remove EcGroup constructors You also need a generator and possibly other stuff. Let's hold off on construction until someone has a concrete requirement for them.	2016-11-16 13:53:03 +01:00
Steven Fackler	7515510125	Test elliptic curve signatures	2016-11-15 22:06:20 +01:00
Steven Fackler	ec0fa36714	Add a test for mul_generator	2016-11-15 21:24:34 +01:00
Steven Fackler	b914f779e8	Turns out yet another variant of EC_POINT_mul is allowed!	2016-11-15 21:20:06 +01:00
Steven Fackler	6794a45d60	Rename ec_key to ec	2016-11-14 22:37:01 +01:00
Steven Fackler	90acfaea51	Split EcKey::mul	2016-11-14 22:08:04 +01:00
Steven Fackler	e929e09216	Add EcPoint::invert	2016-11-14 22:02:47 +01:00
Steven Fackler	4c60aa005d	Fix non-static EcGroup method locations	2016-11-14 19:20:08 +01:00
Steven Fackler	82eb3c4f51	Add EcKey::check_key	2016-11-13 22:10:52 +00:00
Steven Fackler	35f11d555e	More functionality	2016-11-13 22:06:18 +00:00
Steven Fackler	1a52649516	More functionality	2016-11-13 20:46:01 +00:00
Steven Fackler	3d31539ba9	Public keys are not always present	2016-11-13 20:31:44 +00:00
Steven Fackler	0d0b5080e2	Rename new_by_curve_name to from_curve_name	2016-11-13 20:21:44 +00:00
Steven Fackler	b2de36049a	Add Some more elliptic curve functionality	2016-11-13 20:19:38 +00:00
Steven Fackler	7dbef567e6	Remove some stray manual impls	2016-11-13 18:00:42 +00:00
Steven Fackler	ccef9e339d	Macroise from_pem	2016-11-13 17:56:48 +00:00
Steven Fackler	df9666c334	Macroise to_pem	2016-11-13 17:42:45 +00:00
Steven Fackler	48c0009418	Macroise from_der	2016-11-13 17:06:50 +00:00
Steven Fackler	b0415f466c	Macroise to_der	2016-11-13 16:52:19 +00:00
Steven Fackler	ed9f600e28	Make password callback return a Result	2016-11-13 16:18:52 +00:00
Steven Fackler	387e78257b	Support serialization of encrypted private keys Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs nonstandard PEM when encrypting.	2016-11-13 16:09:52 +00:00
Steven Fackler	7d411c7975	Add private_key_from_pem_passphrase	2016-11-13 15:27:39 +00:00
Steven Fackler	2a8923c050	Macro-implement private_key_to_pem	2016-11-13 15:12:50 +00:00
Steven Fackler	08e0c4ca90	Some serialization support for EcKey	2016-11-13 15:02:38 +00:00
Steven Fackler	85c1474ce6	No need to use a raw string anymore	2016-11-13 12:19:31 +00:00
Steven Fackler	64e9932ac9	Use ffdhe2048 in mozilla_intermediate	2016-11-12 17:52:58 +00:00
Steven Fackler	2f8301fc63	Be a bit more emphatic about the danger	2016-11-12 16:51:26 +00:00
Steven Fackler	6b3599d319	Add a connect method that does not perform hostname verification The method name is intentionally painful to type to discourage its use	2016-11-12 16:45:18 +00:00
Steven Fackler	7cdb58bc47	Simplify test logic a bit	2016-11-12 14:42:48 +00:00
Steven Fackler	157034d995	Add a missing init	2016-11-12 14:30:53 +00:00
Steven Fackler	796d7b4deb	Add constructors for various standard primes	2016-11-12 14:20:43 +00:00
Steven Fackler	96d24c8957	Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto}	2016-11-12 13:45:54 +00:00
Steven Fackler	2a1d7b2bcb	Pick different cipher lists on 1.0.1 and 1.0.2	2016-11-12 13:36:03 +00:00
Steven Fackler	93253ba599	Adjust cipher lists to work on older versions	2016-11-12 13:09:12 +00:00
Steven Fackler	780c46e0e7	Add SslRef::set_tmp_{ec,}dh_calback	2016-11-12 12:56:58 +00:00
Steven Fackler	563754fb08	Add SslContextBuilder::set_tmp_{ec,}dh_callback	2016-11-12 12:43:44 +00:00
Steven Fackler	b14d68f715	Drop bits to u32	2016-11-12 11:14:05 +00:00
Steven Fackler	9b5c62b053	Add PKey::bits	2016-11-12 11:00:15 +00:00
Steven Fackler	26a3358a2b	Add basic X509_STORE access There's more to do here, but this enabled addition of trusted CAs from X509 objects. Closes #394	2016-11-12 00:24:12 +00:00
Steven Fackler	6b7279eb52	Consistently support both PEM and DER encodings Closes #500	2016-11-11 20:10:10 +00:00
Steven Fackler	15490a43e3	Add EcKey <-> PKey conversions Closes #499	2016-11-11 19:17:38 +00:00
Steven Fackler	32cbed0782	PKey <-> DH conversions Closes #498	2016-11-11 19:04:54 +00:00
Steven Fackler	609a09ebb9	Add PKey::dsa Closes #501	2016-11-11 18:52:37 +00:00
Steven Fackler	0d2d4865e5	Release v0.9.1	2016-11-11 16:45:22 +00:00
Steven Fackler	898e7f02df	Fix EOF detection See https://github.com/openssl/openssl/issues/1903 for details	2016-11-11 15:10:30 +00:00
Steven Fackler	a42c6e8713	Drop rustc-serialize dependency	2016-11-09 20:35:23 +00:00
Steven Fackler	7c8ae5f664	Better docs for AEAD tag	2016-11-09 18:54:29 +00:00
Steven Fackler	aa7c27536a	Make sure to override SslContext verify callback always The 1.0.1 code has to override this to setup hostname validation, and don't want behavior to silently change depending on the OpenSSL version you're building against.	2016-11-08 22:38:48 +00:00
Steven Fackler	913723997b	Add convenience functions for AEAD encryption/decryption	2016-11-08 22:35:16 +00:00
Steven Fackler	203a02c3e6	Actually support AES GCM This is an AEAD cipher, so we need some extra functionality. As another bonus, we no longer panic if provided an IV with a different length than the cipher's default.	2016-11-08 20:35:21 +00:00
Steven Fackler	b3b7194e82	Docs	2016-11-08 19:10:56 +00:00
Steven Fackler	97872500a3	Deprecate X509Generator	2016-11-07 21:48:40 +00:00
Steven Fackler	c0e02e7e51	Use X509Builder in X509Generator	2016-11-07 21:15:36 +00:00
Steven Fackler	18c5d1f771	Add init calls to new constructors	2016-11-07 20:50:57 +00:00
Steven Fackler	d78acc729b	Add an X509ReqBuilder	2016-11-07 20:42:43 +00:00
Steven Fackler	597d05b8f8	Add stack creation and push	2016-11-06 23:46:42 -08:00
Steven Fackler	8f7df7b205	Add SubjectAlternativeName	2016-11-06 23:19:58 -08:00
Steven Fackler	d17c3355ab	More extension progress	2016-11-06 22:52:53 -08:00
Steven Fackler	5f18ffa4b3	Start of extension support	2016-11-06 21:58:43 -08:00
Steven Fackler	1939e6fd78	Add conf module	2016-11-06 14:49:26 -08:00
Steven Fackler	b83edbad0d	Start on an X509Builder	2016-11-06 14:07:34 -08:00
Steven Fackler	1edb6f682e	Support client CA advertisement	2016-11-06 12:17:14 -08:00
Steven Fackler	a4e0581e4f	Fix build on 1.0.1	2016-11-06 11:57:50 -08:00
Steven Fackler	bcb7b3f5dc	Add accessors for cert and private key Closes #340	2016-11-06 10:46:38 -08:00
Steven Fackler	72ac2a0105	Release v0.9.0	2016-11-05 20:05:50 -07:00
Steven Fackler	79e2004eef	Fixes	2016-11-05 19:28:17 -07:00
Steven Fackler	8ad1e5565b	Remove set_rsa PKey is reference counted so allowing mutation is unsound	2016-11-05 18:49:09 -07:00
Steven Fackler	96a5ccfc6b	Implement Pkcs12 via type_!	2016-11-05 18:46:34 -07:00
Steven Fackler	4e2ffe5b9b	Re-adjust BigNum API	2016-11-05 17:35:31 -07:00
Steven Fackler	8037258913	Return a Stack in Pkcs12	2016-11-05 13:57:05 -07:00
Steven Fackler	ed69d6b037	Add Stack::pop	2016-11-05 13:40:53 -07:00
Steven Fackler	52feaae59f	More cleanup	2016-11-05 13:15:14 -07:00
Steven Fackler	ac36d542fd	Simplify destructor a bit	2016-11-05 13:10:50 -07:00
Steven Fackler	398ab2fbc4	Add a consuming iterator for Stacks	2016-11-05 13:01:54 -07:00
Steven Fackler	f15c817c2d	Rustfmt	2016-11-05 10:54:17 -07:00
Steven Fackler	99b41a0050	Rename accessors	2016-11-05 10:15:40 -07:00
Steven Fackler	01ae978db0	Get rid of Ref There's unfortunately a rustdoc bug that causes all methods implemented for any Ref<T> to be inlined in the deref methods section :(	2016-11-04 17:16:59 -07:00
Steven Fackler	25443d7b48	Make utility functions private	2016-11-04 12:15:05 -07:00
Steven Fackler	6fe7dd3024	Remove an enum	2016-11-03 22:45:54 -07:00
Steven Fackler	772a506294	Clean up some bignum APIs	2016-11-03 21:06:23 -07:00
Steven Fackler	e87b75fa03	Rename BnCtx	2016-11-03 20:54:08 -07:00
Steven Fackler	62a9f89fce	Avoid lhash weirdness	2016-11-03 20:38:51 -07:00
Steven Fackler	aa0040125b	Use built in DH parameters when available Fall back to a hardcoded PEM blob on 1.0.1, but serialized from DH_get_2048_256.	2016-11-01 22:50:22 -07:00
Steven Fackler	176348630a	Don't clear BigNums in destructor Instead add a clear method.	2016-11-01 21:59:07 -07:00
Steven Fackler	888b8b696c	Fix docs	2016-11-01 21:42:39 -07:00
Steven Fackler	e67733cc4e	Cleanup X509StoreContext::chain	2016-11-01 19:45:38 -07:00
Steven Fackler	d5a9a239f6	More minor cleanup	2016-11-01 19:36:08 -07:00
Steven Fackler	c776534ad4	Clean up stack	2016-11-01 19:25:40 -07:00
Steven Fackler	79c51d5e51	Clean up stack destructor	2016-11-01 19:12:38 -07:00
Steven Fackler	77b76ed8a8	Merge pull request #506 from simias/stack Implemented a generic Stack API and use it to deal with StackOf(X509) and StackOf(GENERAL_NAME)	2016-11-01 18:59:35 -07:00
Lionel Flandrin	8d0090faec	Implement X509StoreContextRef::get_chain	2016-11-01 21:23:18 +01:00
Lionel Flandrin	36bf0bb387	Replace GeneralNames by the new Stack API	2016-11-01 21:23:18 +01:00
Lionel Flandrin	3bdefa987a	Implement a generic Stack API to deal with OpenSSL stacks	2016-11-01 21:23:13 +01:00
Lionel Flandrin	9ea27c12b9	Add method to encode a public key as a DER blob	2016-11-01 17:34:21 +01:00
Steven Fackler	43911db26c	Avoid extra allocations in Asn1Time Display impl	2016-10-31 23:09:07 -07:00
Steven Fackler	dd4836cdf6	Fix 1.1.0 build	2016-10-31 23:06:27 -07:00
Steven Fackler	f71395c600	Little cfg cleanup	2016-10-31 22:45:51 -07:00
Steven Fackler	dc4098bdd8	Clean up x509 name entries	2016-10-31 22:43:05 -07:00
Steven Fackler	ab30ad0ce7	Documentation	2016-10-31 21:00:26 -07:00
Steven Fackler	96a77cf5a8	Remove Opaque	2016-10-31 20:56:51 -07:00
Steven Fackler	cd7fa9fca2	Update x509	2016-10-31 20:54:34 -07:00
Steven Fackler	ff12d37aef	Update ssl	2016-10-31 20:32:55 -07:00
Steven Fackler	16e398e005	Update verify	2016-10-31 20:19:59 -07:00
Steven Fackler	e9d78181c3	Update Rsa	2016-10-31 20:15:12 -07:00
Steven Fackler	f640613863	Update PKey	2016-10-31 20:12:55 -07:00
Steven Fackler	d6579ab058	Update EcKey	2016-10-31 20:06:06 -07:00
Steven Fackler	fe5fb75d45	Update Dsa	2016-10-31 20:04:55 -07:00
Steven Fackler	28f375974a	Convert Dh	2016-10-31 20:02:24 -07:00
Steven Fackler	849fca4a7b	Convert Asn1Time	2016-10-31 20:02:24 -07:00
Steven Fackler	3363046c34	Update bignum	2016-10-31 20:02:24 -07:00
Steven Fackler	927c3e924c	Add a generic Ref type	2016-10-31 20:02:24 -07:00
Steven Fackler	006da59285	Return an SslRef	2016-10-30 22:42:32 -07:00
Steven Fackler	558124b755	Expose SSL_MODEs	2016-10-30 22:02:26 -07:00
Steven Fackler	e0211dac30	Rename set_CA_file	2016-10-30 21:39:26 -07:00
Steven Fackler	5b0fc9a185	Impl Sync and Send for SslContextBuilder	2016-10-30 20:34:35 -07:00
Steven Fackler	add8e4023e	Rename connectors	2016-10-30 19:39:18 -07:00
Steven Fackler	997e92e052	Merge ssl option setup The client will ignore server-side options so we may as well stick them all in the same spot.	2016-10-30 18:49:29 -07:00
Steven Fackler	bd457dba18	Move HandshakeError to submodule	2016-10-30 17:23:03 -07:00
Steven Fackler	287f6df6c6	Remove DsaParams	2016-10-30 17:04:55 -07:00
Steven Fackler	610403a562	Add RsaRef	2016-10-30 17:00:54 -07:00
Steven Fackler	c3b6eff191	Add DsaRef	2016-10-30 16:44:21 -07:00
Steven Fackler	f75f82e466	Rustfmt	2016-10-30 16:37:45 -07:00
Steven Fackler	7869651407	Remove out of date comment	2016-10-30 16:34:50 -07:00
Steven Fackler	9abbf6f80e	Use Python's cipher list on the client side.	2016-10-30 16:29:33 -07:00
Steven Fackler	d1179f1ad2	Update docs	2016-10-30 15:14:29 -07:00
Steven Fackler	52f288e090	Add a mozilla modern profile	2016-10-30 14:57:22 -07:00
Steven Fackler	7d13176cd1	Rename nwe to mozilla_intermediate	2016-10-30 14:34:05 -07:00
Steven Fackler	43b430e5b0	Pass SslMethod into constructors	2016-10-30 14:26:28 -07:00
Steven Fackler	ee79db61c2	Enable single ECDH use	2016-10-30 13:41:24 -07:00
Steven Fackler	677718f8da	Configure ECDH parameters in connector	2016-10-30 13:38:09 -07:00
Steven Fackler	8c58ecc2fa	Implement EcKey cc #499	2016-10-30 13:17:20 -07:00
Steven Fackler	eb735f519a	Clean up generics a bit	2016-10-30 11:05:29 -07:00
Steven Fackler	23fe1e85e9	Pull Curl's CA list for Windows tests	2016-10-29 18:17:46 -07:00
Steven Fackler	761dd780c1	Add module level docs	2016-10-29 18:04:38 -07:00
Steven Fackler	c89f2c0be0	Use PKeyRef in X509Generator	2016-10-29 16:37:56 -07:00
Steven Fackler	c2b38d8bb3	Move docs	2016-10-29 15:02:36 -07:00
Steven Fackler	85169e5a61	Fix reexport	2016-10-29 15:02:07 -07:00
Steven Fackler	e72533c058	Docs for connectors	2016-10-29 15:00:46 -07:00
Steven Fackler	57d10ebbc3	Add PKeyRef	2016-10-29 14:19:09 -07:00
Steven Fackler	4c7a5a418e	Implement client and server connectors	2016-10-29 14:02:26 -07:00
Steven Fackler	1a288da86c	Make verification unconditionally exposed internally	2016-10-28 22:14:44 -07:00
Steven Fackler	c0cf4ab1c2	Remove private field in ParsedPkcs12 The function definition is fixed - nothing else is going to be coming out of a PKCS#12 archive	2016-10-27 20:33:38 -07:00
Steven Fackler	dafb46fc51	Camel case DH	2016-10-27 20:26:18 -07:00
Steven Fackler	8604668a18	Make padding types consts	2016-10-27 19:56:52 -07:00
Steven Fackler	781417d50f	Add a macro definition	2016-10-27 19:12:55 -07:00
Steven Fackler	8e129af256	Fix description	2016-10-26 22:15:41 -07:00
Steven Fackler	63b1ec1a12	Stop returning an Option from cipher description	2016-10-26 22:13:10 -07:00
Steven Fackler	2234899e59	Fix drop signature	2016-10-26 22:00:33 -07:00
Steven Fackler	548c8b5fba	Remove macros module	2016-10-26 21:55:13 -07:00
Steven Fackler	654f0941e1	Don't double-allocate strings	2016-10-26 21:42:09 -07:00
Steven Fackler	4f59d57675	Move SslString to a shared location	2016-10-26 21:28:00 -07:00
Steven Fackler	ebc4c56c34	Add SslMethod::from_ptr	2016-10-26 20:43:43 -07:00
Steven Fackler	f4b7006771	Don't allow mutation of SslContexts SslContext is reference counted and the various setter methods don't take out locks where necessary. Fix this by adding a builder for the context.	2016-10-25 23:12:56 -07:00
Steven Fackler	bea53bb39b	Support AES GCM Closes #326	2016-10-25 20:59:33 -07:00
Steven Fackler	39279455c8	Add a shutdown method	2016-10-25 20:40:18 -07:00
Steven Fackler	eb655bddbc	Fix ordering	2016-10-25 20:01:28 -07:00
Steven Fackler	938fdd7137	Add into_error	2016-10-23 21:54:49 -07:00
Steven Fackler	ca71e00878	Fix Send + Sync-ness of SslStream	2016-10-23 20:55:31 -07:00
Steven Fackler	04fc853ee3	Remove NIDs only defined in 1.0.2+	2016-10-23 09:16:20 -07:00
Steven Fackler	d39a2cedad	Fix tests	2016-10-22 16:01:26 -07:00
Steven Fackler	787cad3c82	Use constants rather than constructors for Nid	2016-10-22 15:58:06 -07:00
Steven Fackler	3c50c74444	Camel case Rsa	2016-10-22 10:21:16 -07:00
Steven Fackler	b619c4e885	Camel case Dsa	2016-10-22 10:16:49 -07:00
Steven Fackler	2fd201d9c3	De-enumify Nid	2016-10-22 10:08:32 -07:00
Steven Fackler	ae72cbd28b	Fix hasher docs	2016-10-22 09:17:41 -07:00
Steven Fackler	98b7f2f935	Flatten crypto module	2016-10-22 09:16:38 -07:00
Steven Fackler	58f6d1138a	Properly propagate panics	2016-10-21 21:52:02 -07:00
Steven Fackler	9be0aab9ac	Borrow compression string	2016-10-21 21:46:32 -07:00
Steven Fackler	f1c68e3544	Rename SslContextOptions	2016-10-21 21:22:05 -07:00
Steven Fackler	8ec53eb0e1	Fix X509StoreContext	2016-10-21 20:59:07 -07:00
Steven Fackler	6f1a3f2834	Update BigNumRef	2016-10-21 20:26:53 -07:00
Steven Fackler	02b4385c5d	Convert X509VerifyParamRef	2016-10-21 19:58:06 -07:00
Steven Fackler	f0cde38929	Borrowed servername	2016-10-21 19:54:30 -07:00
Steven Fackler	fcb86b8394	Convert SslCipherRef	2016-10-21 19:45:46 -07:00
Steven Fackler	2bbeddd14a	Convert SslRef	2016-10-21 19:33:56 -07:00
Steven Fackler	fe98a90719	Convert SslContextRef	2016-10-21 19:15:09 -07:00
Steven Fackler	b7017a7eec	Update Asn1TimeRef	2016-10-21 17:13:30 -07:00
Steven Fackler	23fc6c828b	Convert X509Ref	2016-10-21 17:01:13 -07:00
Steven Fackler	b3eb8d516c	Switch X509Name over to new borrow setup The use of actual references enables us to be correct with respect to mutability without needing two structs for the mutable and immutable cases and more deref impls.	2016-10-20 22:51:10 -07:00
Steven Fackler	bd0c0c60bd	Store a MidHandshakeSslStream in fatal errors This in particular allows the X509 verification error to be retrieved, as well as the stream itself.	2016-10-20 20:57:53 -07:00
Steven Fackler	8f3511c0cd	Redo SslStream construction SslStream is now constructed via methods on Ssl. You realistically want to create an Ssl for SNI and hostname verification so making it harder to construct a stream directly from an SslContext is a good thing.	2016-10-20 19:59:09 -07:00
Steven Fackler	5ab037f056	Allow the X509 verify error to be read from an SslRef	2016-10-18 22:21:06 -07:00
Steven Fackler	cfd5192a7d	De-enumify X509ValidationError Also make it an Error. Closes #352.	2016-10-18 22:10:37 -07:00
Steven Fackler	080050e10d	Drop lifetime on GeneralNames	2016-10-18 21:52:49 -07:00
Steven Fackler	c4459c37d9	Callback cleanup	2016-10-18 21:13:13 -07:00
Steven Fackler	f7e6d7fce6	Don't ignore errors in NPN/ALPN logic Closes #479	2016-10-18 21:12:55 -07:00
Steven Fackler	194298a057	Implement new feature setup The basic idea here is that there is a feature for each supported OpenSSL version. Enabling multiple features represents support for multiple OpenSSL versions, but it's then up to you to check which version you link against (probably by depending on openssl-sys and making a build script similar to what openssl does).	2016-10-17 21:57:54 -07:00
Steven Fackler	a938a001a7	Fix missing import	2016-10-16 23:26:38 -07:00
Steven Fackler	b7400d56e8	Fix algorithm field	2016-10-16 23:22:00 -07:00
Steven Fackler	68954cfc51	Finish BN overhaul	2016-10-16 23:13:00 -07:00
Steven Fackler	7ec015325b	Finish error overhaul	2016-10-16 21:07:17 -07:00
Steven Fackler	78daed2d58	ssl error handling cleanup	2016-10-16 20:14:04 -07:00
Steven Fackler	89a366d9f7	Finish crypto error cleanup	2016-10-16 19:24:04 -07:00
Steven Fackler	19440c2981	More error cleanup Also allocation free RSA	2016-10-16 19:06:02 -07:00
Steven Fackler	73ccfe7a29	Continue error handling cleanup Also overhaul/clean up pkcs5 internals	2016-10-16 16:42:56 -07:00
Steven Fackler	8f89f0bfa9	Start on error + BN refactor	2016-10-16 15:54:09 -07:00
Steven Fackler	6ea551dc82	Fix set_read_ahead signature	2016-10-15 16:53:10 -07:00
Steven Fackler	4ba5292a0a	De-enumify Padding	2016-10-15 16:19:19 -07:00
Steven Fackler	ee18988584	De-enumify SslMethod	2016-10-15 16:10:03 -07:00
Steven Fackler	1cecaeb62d	De-enumify Cipher	2016-10-15 15:47:40 -07:00
Steven Fackler	c171be551a	De-enumify message digests	2016-10-15 15:23:29 -07:00
Steven Fackler	6609a81685	Migrate DSA sign/verify to EVP APIs	2016-10-15 15:02:02 -07:00
Steven Fackler	228b8fbc5b	Correctly bind BIO_new_mem_buf	2016-10-15 13:39:47 -07:00
Steven Fackler	4ed81d6426	Fix EVP_DigestVerifyFinal version support	2016-10-15 13:12:37 -07:00
Steven Fackler	2ff82649b5	Add examples to crypto::sign	2016-10-15 12:50:03 -07:00
Steven Fackler	ea8cbbe9dc	Fix typo	2016-10-15 12:31:30 -07:00
Steven Fackler	4d567358a1	Distinguish between verification errors and "other" errors.	2016-10-15 12:31:06 -07:00
Steven Fackler	bb23b33829	Fix signature of EVP_DigestVerifyFinal on 1.0.1	2016-10-15 12:24:20 -07:00
Steven Fackler	6ae472487f	Support HMAC PKeys and remove hmac module	2016-10-15 11:06:11 -07:00
Steven Fackler	cce1d44f28	Remove old RSA sign and verify methods	2016-10-15 10:43:19 -07:00
Steven Fackler	f73313d688	Signature and verification support	2016-10-15 10:36:59 -07:00
Steven Fackler	64b8e5e553	Merge pull request #471 from sfackler/no-comp Handle OPENSSL_NO_COMP	2016-10-14 23:09:11 -07:00
Steven Fackler	7ac0599638	Fix test_alpn_server_select_none In OpenSSL 1.1, a failure to negotiate a protocol is a fatal error, so fork that test. This also popped up an issue where we assumed all errors had library, function, and reason strings which is not necessarily the case. While we're in here, adjust the Display impl to match what OpenSSL prints out. Closes #465	2016-10-14 22:01:21 -07:00
Steven Fackler	f520aa2860	Handle OPENSSL_NO_COMP Closes #459	2016-10-14 20:50:45 -07:00
Steven Fackler	d976b8f595	Enable hostname verification on 1.0.2	2016-10-14 18:56:15 -07:00
Steven Fackler	af51b263b1	Support hostname verification Closes #206	2016-10-14 17:39:31 -07:00
Steven Fackler	ae282a78e2	Remove link_name usage	2016-10-14 16:15:50 -07:00
Alex Crichton	0908fddc74	Ignore DTLS tests on Windows/ARM for now cc #467	2016-10-14 11:15:22 -07:00
Steven Fackler	f44cff29e6	Cleanup	2016-10-13 22:34:39 -07:00
Steven Fackler	3d535f661f	Use stdlib logic for udp	2016-10-13 20:15:26 -07:00
Steven Fackler	a09f46266d	Fix windows for real	2016-10-13 20:09:43 -07:00
Steven Fackler	5b29fc9d69	Disable npn tests on < 1.0.2 s_client doesn't seem to support the required flag before then.	2016-10-13 20:03:02 -07:00
Steven Fackler	140ef1b988	Fix tests on windows	2016-10-13 20:01:31 -07:00
Steven Fackler	143556078b	Reenable dtls tests	2016-10-13 19:48:30 -07:00
Steven Fackler	edfc50f37d	Clean up features	2016-10-13 19:46:13 -07:00
Steven Fackler	b610e01793	Flag off dtls and mask ssl_ops Also un-feature gate npn as it ships with 1.0.1	2016-10-13 19:06:53 -07:00
Alex Crichton	715b700aff	Ignore a test on OpenSSL 1.1.0	2016-10-12 22:51:47 -07:00
Steven Fackler	af3e06d3e8	Add remaining SSL_OP constants	2016-10-12 22:50:08 -07:00
Alex Crichton	43c951f743	Add support for OpenSSL 1.1.0 This commit is relatively major refactoring of the `openssl-sys` crate as well as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0, and lots of other various tweaks happened along the way. The major new features are: * OpenSSL 1.1.0 is supported * OpenSSL 0.9.8 is no longer supported (aka all OSX users by default) * All FFI bindings are verified with the `ctest` crate (same way as the `libc` crate) * CI matrixes are vastly expanded to include 32/64 of all platforms, more OpenSSL version coverage, as well as ARM coverage on Linux * The `c_helpers` module is completely removed along with the `gcc` dependency. * The `openssl-sys` build script was completely rewritten * Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars. * Better error messages for mismatched versions. * Better error messages for failing to find OpenSSL on a platform (more can be done here) * Probing of OpenSSL build-time configuration to inform the API of the `-sys` crate. Many Cargo features have been removed as they're now enabled by default. As this is a breaking change to both the `openssl` and `openssl-sys` crates this will necessitate a major version bump of both. There's still a few more API questions remaining but let's hash that out on a PR! Closes #452	2016-10-12 22:49:55 -07:00
Steven Fackler	c1e41349fb	Rename NoPadding to None	2016-10-07 08:10:01 -07:00
Steven Fackler	b6719de92e	Rename EncryptionPadding to Padding	2016-10-07 08:09:02 -07:00
Andrei Oprisan	50648b7dac	Removed max_size; removed all encrypt/decrypt methods except private/public encrypt/decrypt which take the padding	2016-10-07 10:01:16 +03:00
Andrei Oprisan	f16cd5586f	added try_ssl_size, which handles -1 as error and returns the value otherwise; added RSA private_decrypt and public encrypt lift_ssl_size Added public/private encrypt/decrypt to RSA from the original commit + tests; added try_ssl_returns_size macro to check for -1 in case of SSL functions which return size	2016-10-05 14:39:11 +03:00
Steven Fackler	c5da7131f5	Make sure private component exists when signing Closes #457	2016-09-29 00:09:31 +02:00
Steven Fackler	8d95383f32	Release v0.8.3	2016-09-09 09:19:24 -07:00
Steven Fackler	9a449dbd6e	Fix password callback on ARM Closes #449	2016-09-08 09:35:56 -07:00
Novotnik, Petr	5e08ad0085	Implement Clone for openssl::error::ErrorStack	2016-09-01 20:10:02 +02:00
Steven Fackler	4718a88e04	Release openssl-sys v0.7.17, openssl v0.8.2	2016-08-18 12:59:22 -07:00
Steven Fackler	cd69343d67	Fix SslContext::add_extra_chain_cert SSL_CTX_add_extra_chain_cert assumes ownership of the certificate, so the method really needs to take an X509 by value. Work around this by manually cloning the cert. This method has been around for over a year but I'm guessing nobody actually used it since it produces a nice double free into segfault!	2016-08-17 19:30:57 -07:00
Steven Fackler	80ed1ef8ab	Ignore flickering test on windows	2016-08-16 22:41:36 -07:00
David Weinstein	7a653282a9	Get rid of use Asn1TimeRef warning for some builds	2016-08-17 01:23:54 -04:00
David Weinstein	06f19cf285	Be explicit regarding Asn1TimeRef lifetimes	2016-08-17 01:23:54 -04:00
David Weinstein	90c42fc026	Fix docs	2016-08-17 01:23:54 -04:00
David Weinstein	234ce581f9	Add x509_validity feature to travis tests - also update docs for new x509 `not_before`, `not_after`	2016-08-17 01:23:54 -04:00
David Weinstein	8fa4059b82	Add test for `"x509_validity"` feature	2016-08-17 01:23:54 -04:00
David Weinstein	96b1ef829c	Add `"x509_expiry"` feature flag - fix return of `ASN1_TIME_print` - assert on null `date`	2016-08-17 01:23:54 -04:00
David Weinstein	32a4e2ba50	Introduce `Asn1TimeRef`	2016-08-17 01:23:54 -04:00
David Weinstein	f9cd4bff1f	Progress on asn1 expiry - Use MemBio and implement `Display` for Asn1Time - Tweak doc for asn1 `not_before`, `not_after`	2016-08-17 01:23:54 -04:00
Steven Fackler	629f638f08	Release openssl-sys v0.7.16, openssl v0.8.1	2016-08-15 18:44:57 -07:00
Steven Fackler	88dcb1c81d	Add a little comment to sketchy transmute	2016-08-15 18:41:18 -07:00
Steven Fackler	e6c4135c53	Docs for pkcs12	2016-08-14 11:24:18 -07:00
Steven Fackler	e5299fd7c9	Fix memory leak in general name stack	2016-08-14 11:16:53 -07:00
Steven Fackler	6b12a0cdde	PKCS #12 support	2016-08-14 11:11:26 -07:00
Steven Fackler	ad4a8cc140	More test fixes	2016-08-14 11:05:53 -07:00
Steven Fackler	3876332734	Fix tests	2016-08-14 10:29:55 -07:00
Steven Fackler	773a6f0735	Start on PKCS #12 support	2016-08-14 10:11:38 -07:00
Steven Fackler	5042d3d170	Mangle c helper functions We want to make sure that multiple openssl versions can coexist in the same dependency tree. Closes #438	2016-08-13 12:05:29 -07:00
Steven Fackler	2e8f19ca2f	Release openssl-sys v0.7.15, openssl v0.8.0	2016-08-11 21:00:43 -07:00
Steven Fackler	b21805f541	Fix tests	2016-08-10 22:10:32 -07:00
Steven Fackler	0359afb99e	Little tweaks	2016-08-10 22:02:36 -07:00
Steven Fackler	9a3fa4d98d	Fix build	2016-08-10 21:37:24 -07:00
Steven Fackler	59fe901357	Method renames	2016-08-10 21:28:17 -07:00
Steven Fackler	c15642ccea	Tweaks	2016-08-10 21:25:18 -07:00
Steven Fackler	5e6b8e68fd	More API cleanup	2016-08-10 21:07:41 -07:00
Steven Fackler	c4e7743c57	Asn1 and Bignum renames	2016-08-10 20:51:06 -07:00
Steven Fackler	35c79d1768	Fix build	2016-08-09 23:13:56 -07:00
Steven Fackler	67b5b4d814	Make hmac support optional and remove openssl-sys-extras rust-openssl no longer requires headers for the default feature set.	2016-08-09 22:52:12 -07:00
Steven Fackler	966c5385ea	Fix build	2016-08-09 22:26:18 -07:00
Steven Fackler	1ac54b06e9	Move X509_get_extensions to openssl helpers	2016-08-09 22:15:16 -07:00
Steven Fackler	0854632ff5	Make c_helpers optional	2016-08-09 22:02:49 -07:00
Steven Fackler	2f46c793e5	Remove rust_SSL_clone	2016-08-09 21:23:54 -07:00
Steven Fackler	15e8997052	Docs for Crypter::new	2016-08-08 23:31:25 -07:00
Steven Fackler	b8712c5c51	Fix size check Decryption requires an extra byte of space	2016-08-08 23:25:06 -07:00
Steven Fackler	a8224d199b	symm reform	2016-08-08 23:10:03 -07:00
Steven Fackler	522447378e	Copy over getter macros	2016-08-08 20:37:48 -07:00
Steven Fackler	bf07dd9a4e	Remove symm_internal	2016-08-08 20:26:04 -07:00
Steven Fackler	e4b97921a9	Clean up RSA and DSA accessors	2016-08-08 19:04:30 -07:00
Steven Fackler	deb94a904b	Fix build on 1.9	2016-08-07 22:58:20 -07:00
Steven Fackler	6b1016c86e	Add PKey::from_rsa	2016-08-07 22:56:44 -07:00
Steven Fackler	6e5cd7ef47	Remove X509Generator::bitlenth	2016-08-07 22:46:14 -07:00
Steven Fackler	a8f827d28c	Fix example	2016-08-07 22:44:42 -07:00
Steven Fackler	1968956536	Restore disabled tests	2016-08-07 22:40:51 -07:00
Steven Fackler	2a3e9a2856	Add RSA::generate	2016-08-07 22:35:37 -07:00
Steven Fackler	25752280ae	Move init to crate root	2016-08-07 22:09:19 -07:00
Steven Fackler	77ba043acf	x509 cleanup	2016-08-07 21:53:05 -07:00
Steven Fackler	79602b6af4	get_error -> error	2016-08-07 21:34:58 -07:00
Steven Fackler	a0a6c03d74	DH cleanup	2016-08-07 21:19:40 -07:00
Steven Fackler	4d3c6868e7	pkcs5 reform	2016-08-07 20:57:44 -07:00
Steven Fackler	7855f428aa	PKey reform This deletes the vast majority of PKey's API, since it was weirdly tied to RSA and super broken.	2016-08-07 20:38:46 -07:00
Steven Fackler	7515272692	Fix RSA::verify It never returns -1 - all errors are indicated by 0	2016-08-07 18:03:13 -07:00
Steven Fackler	6091c674c9	Fix bn tests on 32 bit	2016-08-07 17:52:13 -07:00
Steven Fackler	b56908a392	Take a c_ulong directly in BN construction Closes #416	2016-08-07 17:48:18 -07:00
Steven Fackler	7ca5ccf064	Hash reform Closes #430	2016-08-07 16:29:36 -07:00
Steven Fackler	05089bacb3	Refactor BigNum	2016-08-07 14:33:18 -07:00
Steven Fackler	5af01a5dbd	Clean up asn1time	2016-08-06 22:23:03 -07:00
Steven Fackler	bc97d088b0	get_handle -> handle	2016-08-05 21:07:17 -07:00
Steven Fackler	fe47e93f2f	Fix pkey method safety	2016-08-05 21:04:40 -07:00
Steven Fackler	b4145c6fa5	Clean up x509	2016-08-05 20:55:05 -07:00
Steven Fackler	4e911e7972	Make x509 constructors unsafe	2016-08-05 19:51:59 -07:00
Steven Fackler	c47be8b14b	Move SSL_CTX_set_ecdh_auto to -sys	2016-08-04 22:52:40 -07:00
Steven Fackler	ee67ea8ea0	Mvoe SSL_CTX_add_extra_chain_cert to -sys	2016-08-04 22:46:47 -07:00
Steven Fackler	378b86326c	Move SSL_CTX_set_tmp_dh to -sys	2016-08-04 22:43:24 -07:00
Steven Fackler	7fb7f4671d	Move SSL_CTX_set_read_ahead to -sys	2016-08-04 22:40:01 -07:00
Steven Fackler	77dbab2cad	Move SSL_CTX_set_tlsext_servername_callback to -sys	2016-08-04 22:37:39 -07:00
Steven Fackler	c2a7c5b7f0	Move SSL_set_tlsext_host_name to -sys	2016-08-04 22:28:33 -07:00
Steven Fackler	b29ea62491	Move BIO macros into -sys	2016-08-04 22:22:55 -07:00
Steven Fackler	dd16f64f89	Stop once-ing init wrapper The underlying function already once-s itself	2016-08-04 22:15:50 -07:00
Steven Fackler	17474520bc	Support basic SSL options without C shims	2016-08-04 22:14:18 -07:00
Steven Fackler	abacc8bb18	Define SSL_CTX_set_mode in openssl-sys	2016-08-02 22:14:44 -07:00
Steven Fackler	c5b2ede282	Merge remote-tracking branch 'origin/breaks'	2016-08-02 20:52:07 -07:00
Steven Fackler	08e27f31ed	Restructure PEM input/output methods Dealing with byte buffers directly avoids error handling weirdness and we were loading it all into memory before anyway.	2016-08-02 20:49:28 -07:00
Tomasz Miąsko	635bdb45a8	BigNum binary operators with different lifetimes.	2016-08-01 22:23:26 +02:00
Steven Fackler	92abf49b96	Drop unused feature gate	2016-07-31 16:23:48 -07:00
Steven Fackler	2574bff52d	Merge pull request #432 from alexcrichton/mid-handshake Add MidHandshakeSslStream	2016-07-31 16:20:10 -07:00
Steven Fackler	f1b64aa2ee	Fix weird inference issue on 1.9	2016-07-31 16:04:03 -07:00
Alex Crichton	3539be3366	Add MidHandshakeSslStream Allows recognizing when a stream is still in handshake mode and can gracefully transition when ready. The blocking usage of the API should still be the same, just helps nonblocking implementations!	2016-07-31 16:01:06 -07:00
Steven Fackler	e86eb68624	Fix catch_unwind feature and drop feature gate	2016-07-31 15:51:22 -07:00
Steven Fackler	5cb04db787	Fix build with dtls	2016-07-31 15:35:45 -07:00
Steven Fackler	f0ffa246b8	Merge remote-tracking branch 'origin/master' into breaks	2016-07-31 15:15:47 -07:00
Steven Fackler	18c1ded8c7	Revert "Add a new trait based Nid setup" This reverts commit `49db4c84df`. Unclear that this is a good idea	2016-07-31 14:41:11 -07:00
Steven Fackler	df30e9e700	Merge pull request #402 from bbatha/feat/dsa-ffi DSA bindings	2016-07-29 22:35:50 -07:00
Ben Batha	67d3067dbf	improve error handling in rsa	2016-07-29 20:01:54 -04:00
Ben Batha	a3a602be51	add low level dsa primitives	2016-07-29 19:04:37 -04:00
Steven Fackler	4eaada2c4b	Merge pull request #427 from onur/save_der Implement save_der for X509 and X509Req	2016-07-29 09:05:51 -07:00
Onur Aslan	7c082904fc	Implement get_handle for X509Req	2016-07-29 16:30:24 +03:00
Onur Aslan	5ed77df197	Implement save_der for X509 and X509Req	2016-07-29 12:14:49 +03:00
Shaun Taheri	722a2bd673	Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER flag	2016-07-24 20:55:15 +02:00
Steven Fackler	85f5b8629c	Merge pull request #410 from jonas-schievink/passwd-callbacks Password callbacks	2016-07-03 13:42:57 -04:00
Steven Fackler	5135fca87f	Release v0.7.14	2016-07-01 18:43:39 -04:00
Steven Fackler	121169c1f5	Set auto retry SSL_read returns a WANT_READ after a renegotiation by default which ends up bubbling up as a weird BUG error. Tell OpenSSL to just do the read again.	2016-07-01 18:31:47 -04:00
Jonas Schievink	f24ab26936	FnMut -> FnOnce, update docs	2016-06-26 19:44:53 +02:00
Jonas Schievink	351bc569a4	Put the test behind the catch_unwind feature And fix an unused variable warning	2016-06-26 18:25:54 +02:00
Jonas Schievink	d176ea1c6e	Add an RSA key decryption test	2016-06-26 18:25:54 +02:00
Jonas Schievink	41b78547ad	Put password callbacks behind a cargo feature	2016-06-26 18:25:54 +02:00
Jonas Schievink	c1b7cd2420	Make the callback take a `&mut [c_char]`	2016-06-26 18:25:54 +02:00
Jonas Schievink	c399c2475d	Add RSA::private_key_from_pem_cb	2016-06-26 18:25:54 +02:00
Jonas Schievink	8119f06ca5	Move into utility module	2016-06-26 18:25:54 +02:00
Jonas Schievink	f0b4a032d5	Try to propagate callback panics	2016-06-26 18:25:54 +02:00
Jonas Schievink	311af7c3be	Add PKey::private_key_from_pem_cb	2016-06-26 18:25:54 +02:00
Jonas Schievink	f134b94729	Document BigNum	2016-06-13 16:56:48 +02:00
Corey Farwell	f4f6412fcb	Fix a few mutable types for `self` parameters.	2016-06-02 10:25:33 -04:00
Steven Fackler	f6b612df5f	Release v0.7.13	2016-05-20 15:57:57 -07:00
Steven Fackler	95051b060d	Release v0.7.12	2016-05-16 23:04:03 -07:00
Steven Fackler	1b0757409d	Rustfmt	2016-05-16 23:03:13 -07:00
Steven Fackler	2077449bc8	Clean up RSA signature API	2016-05-16 23:03:13 -07:00
Steven Fackler	62c29b54c1	Update cert Now with a 10 year expriation	2016-05-15 22:11:10 -07:00
Steven Fackler	dce59a63c5	Merge pull request #389 from cmsd2/master expose rsa from raw private key and rsa sign and verify	2016-05-06 15:12:19 -07:00
Chris Dawes	f82a1c4f75	add rsa signature tests	2016-05-05 23:41:55 +01:00
Steven Fackler	78122a9d68	Release v0.7.11	2016-05-05 13:32:27 -07:00
Chris Dawes	a5ede6a851	add missing NIDs and use Nid as input to signing	2016-05-04 09:00:05 +01:00
Steven Fackler	49db4c84df	Add a new trait based Nid setup	2016-05-03 21:15:39 -07:00
Steven Fackler	356d4a0420	Remove AsRaw{Fd, Socket} impls An SslStream can't really act as a raw socket since you'd skip the whole TLS layer	2016-05-03 20:24:07 -07:00
Steven Fackler	f1846bce78	Remove silly internal error enum	2016-05-03 20:24:07 -07:00
Steven Fackler	00f517d2cd	Drop MaybeSslStream It should be inlined into crates that depend on it.	2016-05-03 20:24:07 -07:00
Steven Fackler	085b2e6f03	Drop is_dtls methods on SslMethod	2016-05-03 20:24:07 -07:00
Steven Fackler	f09ca6fee2	Clean up SNI APIs	2016-05-03 20:24:07 -07:00
Steven Fackler	61f65cd8d6	Move SslContext::set_verify to a closure based API	2016-05-03 20:24:07 -07:00
Steven Fackler	696b1961ce	Rename getters in line with conventions	2016-05-03 20:24:07 -07:00
Steven Fackler	a0549c1606	Adjust set_ssl_context API	2016-05-03 20:24:07 -07:00
Steven Fackler	fa62232649	Error reform	2016-05-03 20:24:07 -07:00
Steven Fackler	58654bc491	Remove deprecated methods	2016-05-03 20:24:07 -07:00
Steven Fackler	de47d158c2	Remove NonblockingSslStream	2016-05-03 20:24:07 -07:00
Chris Dawes	6f410a25b2	take enum instead of ints from openssl header file	2016-05-03 22:17:07 +01:00
Chris Dawes	6bbb21779b	add constructor for private keys from bignums	2016-05-03 19:46:08 +01:00
Steven Fackler	9b1eb6d94d	Add a version of Ssl::set_verify that doesn't set a callback	2016-05-01 20:45:49 -07:00
Steven Fackler	c7e68637bb	Merge pull request #388 from frewsxcv/lifetimes Remove unnecessary explicit lifetimes.	2016-05-01 19:20:25 -07:00
Corey Farwell	487232b52d	Remove unnecessary explicit lifetime.	2016-05-01 21:28:51 -04:00
Steven Fackler	59c13aea84	Still check UTF validity in dnsname	2016-05-01 18:14:33 -07:00
Steven Fackler	2cfb25136f	Document SAN APIs and tweak accessor names	2016-05-01 09:09:51 -07:00
Steven Fackler	87782b22cf	Implement IntoIterator for &GeneralNames	2016-04-30 21:32:29 -07:00
Corey Farwell	bf7076b785	Implement `iter` method on `GeneralNames`.	2016-05-01 00:02:10 -04:00
Steven Fackler	7b73003b67	Add X509StoreContext::error_depth	2016-04-30 09:27:50 -07:00
Steven Fackler	62a7dd10e5	Add Ssl::set_verify It also uses a better, closure based API than the existing callback methods.	2016-04-30 08:09:12 -07:00
Steven Fackler	50024ce33b	Ignore default verify paths test on windows	2016-04-29 21:40:16 -07:00
Steven Fackler	8a5d3ea015	Merge pull request #385 from mbrubeck/bitflags-0.6 Upgrade to work with bitflags 0.5 and 0.6	2016-04-29 21:18:03 -07:00
Steven Fackler	a7bade104c	Merge pull request #381 from chaaz/master Add 1DES symm ciphers (des-cbc, des-ecb, des-cfb, des-ofb)	2016-04-29 21:17:17 -07:00
Steven Fackler	32722e1850	Add accessors for x509 subject alt names	2016-04-29 21:15:32 -07:00
Matt Brubeck	ee12087743	Upgrade to work with bitflags 0.5 and 0.6	2016-04-29 13:19:39 -07:00
Steven Fackler	caf9272c85	Start on GeneralName	2016-04-28 22:16:29 -07:00
Charlie Ozinga	5682c04469	Remove des_cfb and des_ofb, since they appear on limit platforms	2016-04-19 17:28:19 -06:00
Steven Fackler	54fc1df712	Release v0.7.10	2016-04-16 20:57:12 -07:00
Steven Fackler	c60e831cc4	Add docs for set_default_verify_paths	2016-04-16 20:49:46 -07:00
Steven Fackler	c2e72f6641	Add SslContext::set_default_verify_paths	2016-04-16 20:47:32 -07:00
Charlie Ozinga	2062d48dd2	Add 1DES symm ciphers (des-cbc, des-ecb, des-cfb, des-ofb) 1DES is well and truly dead for actual sensitive information, (its keysize is too small for modern purposes), but it can still find use in backwards compatiblity or educational applications.	2016-04-14 03:44:43 -06:00
Steven Fackler	b94ea8598c	Update for nightly changes	2016-04-13 19:30:08 -07:00
Steven Fackler	9511a9bc19	Merge pull request #380 from Yoric/master Resolves #378 - Module version with the version information	2016-04-13 14:45:49 -07:00
David Rajchenbach-Teller	0c48f9a0e0	Resolves #378 - Module version with the version information	2016-04-13 23:29:25 +02:00
Rico Huijbers	00282de2a5	Add ability to set session ID context on an SSL context This is necessary to make authentication with client certificates work without session restarts.	2016-04-13 21:38:23 +02:00
Kevin King	fa5537de81	copy PKey using DER encode and decode test that fields of cloned private and public keys can be accessed	2016-04-10 00:16:31 -04:00
Steven Fackler	d143203f88	Release v0.7.9	2016-04-06 21:34:20 -07:00
Kevin King	4016edd4de	add EVP_PKEY_copy_parameters to FFI copy EVP_PKEY params in PKey::clone test that PKey::clone creates a copy	2016-04-06 19:39:50 -04:00
Joe Wilm	c4b7b85d99	Add safe wrapper BioMethod for ffi::BIO_METHOD Adds a wrapper for ffi::BIO_METHOD located at ssl::bio::BioMethod. This enables SslStream to be Send without doing an unsafe impl on the ffi struct.	2016-04-04 16:08:38 -07:00
Steven Fackler	02f114faae	Cleanup	2016-03-27 13:37:00 -07:00
Steven Fackler	c4187638a8	Update for nightly changes	2016-03-27 13:29:24 -07:00
Leon Anavi	6d4bfaa490	Cast correctly c_char raw pointers (fixes build on ARM #363 ) Fix error caused by mismatched types while building crate openssl for Raspberry Pi 2 and other ARM devices. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>	2016-03-22 00:16:56 +02:00
Steven Fackler	e0412850ec	Release v0.7.8	2016-03-18 08:54:12 -07:00
Ms2ger	6d043b3700	Allow Rust to infer the type of the argument to SSL_CIPHER_description. This allows the code to compile on Android, where an unsigned char is expected.	2016-03-18 15:44:47 +01:00
Steven Fackler	ade90bf004	Clean up BIO name	2016-03-17 22:27:16 -07:00
Steven Fackler	a9a18cf337	Simplify panic safety logic for new nightly	2016-03-17 22:23:51 -07:00
Steven Fackler	a569df29f4	Release v0.7.7	2016-03-17 09:04:23 -07:00
Alex Crichton	3467cf343f	Fix nightly warnings about zero-sized fn pointers	2016-03-11 12:57:56 -08:00
Steven Fackler	23fd427900	Merge pull request #353 from bluejekyll/master adding functionality to directly get and set RSA public key material	2016-03-05 13:57:53 -08:00
Benjamin Fry	3e5b65b7fa	making from_raw() unsafe	2016-03-05 13:43:14 -08:00
Erik Johnston	80ac6e54ac	Make SSLCipher.bits() return a struct.	2016-02-29 21:23:34 +00:00
Erik Johnston	04cbf049c0	Add SSL_get_version	2016-02-29 20:14:48 +00:00
Benjamin Fry	3fb2c48c98	added public key material to the constructor	2016-02-28 22:05:19 -08:00
Benjamin Fry	6ebe581308	review fixes, keep raw RSA initiallization private	2016-02-23 20:49:21 -08:00
Benjamin Fry	ef95223d26	adding functionality to directly get and set RSA key material	2016-02-17 23:18:42 -08:00
Erik Johnston	1e9667ea89	Add support for SSL_CIPHER	2016-02-17 22:38:32 +00:00
Steven Fackler	3df4c479c9	Release v0.7.6	2016-02-10 09:36:00 -08:00
Steven Fackler	643a4a58c9	More deprecated function cleanup	2016-02-08 23:20:19 -08:00
Steven Fackler	e3e4aa4472	Stop using deprecated method	2016-02-08 23:12:54 -08:00
Joe Wilm	fe0f8ea1d8	Rename Nid uid/UID to prevent breakage	2016-02-02 14:32:57 -08:00
Joe Wilm	4940ca7e92	Fix Nid::UID value Nid::UID (userId) previously held the value of Nid::uid (uniqueIdentifier).	2016-02-02 09:25:52 -08:00
Steven Fackler	627f394d59	Revert "Revert "impl Clone for PKey and X509 by using their 'references' member""	2016-01-31 20:38:36 +00:00
Steven Fackler	4e58fd10de	Fix PKey RSA constructors `set1` functions bump the object's refcount so we were previously leaking the RSA object. Split the decode from PEM part out to a method on RSA and use that in the PKey constructors. Also make RSA a pointer and actually free it.	2016-01-30 13:12:06 -08:00
Steven Fackler	8ab4b54541	Revert "impl Clone for PKey and X509 by using their 'references' member"	2016-01-28 23:37:27 -08:00
Jimmy Cuadra	5e0830286e	Preserve X.509 extension insertion order. Ensures that extensions that are order-dependent are inserted in the same order when calling out to OpenSSL during certificate signing. Fixes #327.	2016-01-28 20:02:44 -08:00
Steven Fackler	7610804c9d	Remove unwraps from rsa accessors	2016-01-22 19:10:22 -08:00
Steven Fackler	18e7e2455c	Merge pull request #330 from esclear/master Add a interface to RSA structs	2016-01-22 19:07:38 -08:00
Steven Fackler	2ece5b1039	Release v0.7.5	2016-01-22 15:57:21 -08:00
Steven Fackler	b7d3357f37	Fix connect and accept error reporting We were previously trying to create an error twice so the second wouldn't be correct.	2016-01-22 15:34:31 -08:00
Daniel Albert	3ee2bf9310	Fix up RSA integration	2016-01-20 20:29:06 +00:00
Daniel Albert	74db7db560	Merge branch 'master' of https://github.com/sfackler/rust-openssl	2016-01-20 19:59:41 +00:00
Steven Fackler	95a83c477c	Merge pull request #334 from jmesmon/ssl-context ssl: fix refcounting of SslContext when set_ssl_context is used	2016-01-19 20:04:44 -08:00
Cody P Schafer	36a667be49	x509: impl Clone using references & CRYPTO_add()	2016-01-19 22:04:51 -05:00

... 7 8 9 10 11 ...

1096 Commits