boring2

Commit Graph

Author	SHA1	Message	Date
Mathijs van de Nes	0eb2f0ecfa	Check rsa.is_null() before passing it to RSA_size RSA_size will cause an segmentation fault if it is null	2015-09-10 13:04:25 +02:00
Mathijs van de Nes	02b109bf04	Check _fromstr function for success	2015-09-10 12:58:40 +02:00
Steven Fackler	60c0b88eba	Merge pull request #265 from alexcrichton/swap-order Swap order of linking ssl/crypto	2015-09-01 13:18:34 -07:00
Alex Crichton	bf16c19f31	Swap order of linking ssl/crypto GNU linkers will sometimes aggressively try to strip objects and archives from a linker command line in a left-to-right fashion. When a linker hits an object file that doesn't satisfy any unresolved symbols, it will discard the object and not re-visit it. This means that currently if symbols are depended upon in libssl then some of the dependencies of libssl (in libcrypto) may have already been stripped, causing a link error. By swapping the order of what's linked it reflects the natural flow of dependencies and the linker should figure everything out for us.	2015-09-01 11:24:32 -07:00
Steven Fackler	e28b73e1f6	Merge pull request #259 from jedisct1/dh Add support for DHE for forward secrecy	2015-09-01 00:10:03 -04:00
Steven Fackler	ad47598963	Merge branch 'release'	2015-08-31 19:11:28 -07:00
Steven Fackler	abde5382c9	Merge branch 'release-v0.6.5' into release	2015-08-31 19:11:10 -07:00
Steven Fackler	7b0b70bd13	Release v0.6.5	2015-08-31 19:10:27 -07:00
Frank Denis	9add4e1001	Add support for set_tmp_dh() and RFC5114 DH parameters for forward secrecy. rust-openssl didn't support forward secrecy at all. This adds support for DHE, by exposing set_tmp_dh() as well as the RFC5114 parameters, which are conveniently exposed since OpenSSL 1.0.2. With OpenSSL >= 1.0.2, and the rfc5114 feature gate, enabling DHE is as simple as (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::dh::DH; let dh = DH::get_2048_256().unwrap(); ctx.set_tmp_dh(dh).unwrap(); With OpenSSL < 1.0.2, DH::from_params() can be used to manually specify the DH parameters (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::bn::BigNum; use openssl::dh::DH; let p = BigNum::from_hex_str("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597").unwrap(); let g = BigNum::from_hex_str("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659").unwrap(); let q = BigNum::from_hex_str("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3").unwrap(); let dh = DH::from_params(p, g, q).unwrap(); ctx.set_tmp_dh(dh).unwrap();	2015-08-31 23:12:57 +02:00
Steven Fackler	dc8cba4822	Merge pull request #251 from ebarnard/evp_bytestokey Expose EVP_BytesToKey	2015-08-23 13:37:55 -04:00
Edward Barnard	8067565707	Expose EVP_BytesToKey This is based on work by pyrho. Closes #88	2015-08-23 17:08:18 +07:00
Steven Fackler	4cb68efd99	Merge pull request #253 from manuels/master Add get_state_string()	2015-08-19 02:31:15 -04:00
Manuel Schölling	3fe3d57976	Add get_state_string()	2015-08-17 19:01:43 +02:00
Steven Fackler	fa5c4cb5df	Fix openssl source link in tests	2015-08-15 14:37:03 -07:00
Steven Fackler	769b8312d8	Merge pull request #240 from jethrogb/topic/x509_req_extension Implement certificate extensions for certificate requests	2015-08-15 16:04:42 -04:00
Steven Fackler	df32e53afa	Grab errno for directstream want errors	2015-08-10 22:29:34 -04:00
Steven Fackler	69cbd14540	Handle WantWrite and WantRead errors	2015-08-08 12:25:16 -07:00
Steven Fackler	a10604e15d	Merge pull request #243 from manuels/master Fix probelms with DTLS when no packets are pending.	2015-08-02 22:27:19 -04:00
Steven Fackler	d193198ae9	Add new feature to travis tests	2015-08-02 22:25:33 -04:00
Steven Fackler	02dc3eda2f	Merge pull request #242 from awelkie/master Added AES CTR-mode under feature flag.	2015-08-02 22:25:09 -04:00
Steven Fackler	322c784510	Merge pull request #247 from panicbit/pub-init Expose ssl::init	2015-07-26 14:06:25 -04:00
panicbit	c7eded31a7	Expose ssl::init	2015-07-26 18:28:25 +02:00
Steven Fackler	87b8d8e318	Merge pull request #244 from andrew-d/andrew-save-pubkey Add function to write RSA public key as PEM	2015-07-24 11:32:43 -04:00
Andrew Dunham	ab7bfad225	Add function to write RSA public key as PEM	2015-07-23 22:30:07 -07:00
Steven Fackler	3fc8482d36	Make curl follow redirects	2015-07-23 21:51:06 -07:00
Manuel Schölling	a43011d77c	Fix probelms with DTLS when no packets are pending. When using DTLS you might run into the situation where no packets are pending, so SSL_read returns len=0. On a TLS connection this means that the connection was closed, but on DTLS it does not (a DTLS connection cannot be closed in the usual sense). This commit fixes a bug introduced by `c8d23f3`. Conflicts: openssl/src/ssl/mod.rs	2015-07-18 13:00:34 +02:00
Allen Welkie	b478c29151	Added AES CTR-mode under feature flag.	2015-07-15 20:45:18 -04:00
Jethro Beekman	90dd54b541	Implement certificate extensions for certificate requests	2015-07-08 13:37:35 -07:00
Steven Fackler	2e0ae7a8ca	Merge pull request #239 from jethrogb/topic/x509_extension_fix Add missing C-string conversion, fixing recent build errors	2015-07-08 11:23:10 -07:00
Jethro Beekman	1e4cba36e8	Add missing C-string conversion, fixing recent build errors	2015-07-08 11:05:18 -07:00
Steven Fackler	3351d5b807	Merge pull request #227 from jethrogb/topic/x509_name Allow setting of arbitrary X509 names	2015-07-08 10:21:19 -07:00
Steven Fackler	0cb4368ef8	Merge pull request #221 from jethrogb/topic/ssl_options Several SSL option fixes	2015-07-08 10:20:33 -07:00
Jethro Beekman	e3c562d6a0	Fix/add more X509generator tests	2015-07-08 10:09:40 -07:00
Jethro Beekman	1bcbe8f4bc	Add X509generator.add_names method	2015-07-08 10:09:40 -07:00
Jethro Beekman	f2b0da1de7	Add public add_name method to X509Generator	2015-07-08 10:08:41 -07:00
Jethro Beekman	11bcac01ec	Replace CN field by names vector	2015-07-08 10:06:52 -07:00
Steven Fackler	3229296105	Merge pull request #233 from jethrogb/topic/x509_extension Allow setting of arbitrary X509 extensions	2015-07-08 03:10:40 -04:00
Steven Fackler	5f8d6a2afd	Merge branch 'release'	2015-07-06 11:11:17 -07:00
Steven Fackler	114e8a5a58	Merge branch 'release-v0.6.4' into release	2015-07-06 11:09:19 -07:00
Steven Fackler	cc497b4768	Release v0.6.4	2015-07-06 11:09:03 -07:00
Steven Fackler	4ab1d570bf	Merge pull request #236 from servo/unpin Unpin the bitflags version.	2015-07-06 11:04:59 -07:00
Ms2ger	f4afe615dd	Unpin the bitflags version. This dependency causes Servo to depend on multiple versions of the bitflags crate.	2015-07-06 19:47:59 +02:00
Jethro Beekman	6a725acf4d	Remove #ifs for same-value shimmed SSL options. Depend on compiler optimization instead.	2015-07-01 21:49:27 -07:00
Jethro Beekman	aeefa364b7	Decouple C SSL Option bit flags from Rust version The OpenSSL "SSL_OP_*" flags are in constant flux between different OpenSSL versions. To avoid having to change the Rust definitions, we implement our own numbering system in Rust, and use an automatically-generated C shim to convert the bitflags at runtime.	2015-07-01 21:49:11 -07:00
Jethro Beekman	f9a836fae9	tabs to spaces	2015-07-01 00:18:45 -07:00
Jethro Beekman	93eb0cfa2d	Add documentation on X509 Extensions	2015-07-01 00:18:45 -07:00
Jethro Beekman	e9cc8cb121	Add Issuer Alternative Name extension	2015-07-01 00:18:45 -07:00
Jethro Beekman	f4168b1161	Add Subject Alternate Name extension	2015-07-01 00:18:45 -07:00
Jethro Beekman	b46574b635	Add arbitrary X509 extensions by OID string	2015-07-01 00:18:45 -07:00
Jethro Beekman	e367567d00	Add arbitrary X509 extensions by NID	2015-07-01 00:18:45 -07:00

1 2 3 4 5 ...

783 Commits All Branches Search

783 Commits

All Branches