min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
952 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

41 Commits

Author SHA1 Message Date
Steven Fackler 2ece5b1039 Release v0.7.5 2016-01-22 15:57:21 -08:00
Steven Fackler fd6454f625 Add stream panic propagation behind a nightly feature gate 2016-01-11 22:36:58 -08:00
Steven Fackler 926c8167be Release v0.7.4 2015-12-18 22:41:46 -08:00
Steven Fackler 5fa46d428d Release v0.7.3 2015-12-17 21:25:48 -08:00
Steven Fackler 13f7cfd9d8 Release v0.7.2 2015-12-15 19:41:57 -08:00
Steven Fackler fce7cf4d36 Release v0.7.1 2015-11-28 16:14:58 -08:00
Steven Fackler 82547f53d7 Release v0.7.0 2015-11-16 21:10:50 -08:00
Steven Fackler a8a10e64ad Split stuff requiring a shim out to a separate crate 2015-11-16 20:16:01 -08:00
Steven Fackler f318a2c84c Release v0.6.7 2015-10-14 22:25:35 -04:00
Steven Fackler 677ed6ad1b Release v0.6.6 2015-10-05 22:34:32 +01:00
Alex Crichton a91b6bf3bd Enable testing on Windows via AppVeyor 
This abolishes the test.sh script which spawns a bunch of `openssl` instances to
instead run/manage the binary in-process (providing more isolation to boot). The
tests have been updated accordingly and the `connected_socket` dependency was
also dropped in favor of `net2` as it the former doesn't work on Windows.
 2015-09-22 17:37:21 -07:00
Steven Fackler e28b73e1f6 Merge pull request #259 from jedisct1/dh 
Add support for DHE for forward secrecy
 2015-09-01 00:10:03 -04:00
Steven Fackler 7b0b70bd13 Release v0.6.5 2015-08-31 19:10:27 -07:00
Frank Denis 9add4e1001 Add support for set_tmp_dh() and RFC5114 DH parameters for forward secrecy. 
rust-openssl didn't support forward secrecy at all.

This adds support for DHE, by exposing set_tmp_dh() as well as the RFC5114
parameters, which are conveniently exposed since OpenSSL 1.0.2.

With OpenSSL >= 1.0.2, and the rfc5114 feature gate, enabling DHE is as simple
as (here for 2048-bit MODP group with 256-bit prime order subgroup):

    use openssl::dh::DH;
    let dh = DH::get_2048_256().unwrap();
    ctx.set_tmp_dh(dh).unwrap();

With OpenSSL < 1.0.2, DH::from_params() can be used to manually specify the
DH parameters (here for 2048-bit MODP group with 256-bit prime order subgroup):

    use openssl::bn::BigNum;
    use openssl::dh::DH;
    let p = BigNum::from_hex_str("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597").unwrap();
    let g = BigNum::from_hex_str("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659").unwrap();
    let q = BigNum::from_hex_str("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3").unwrap();
    let dh = DH::from_params(p, g, q).unwrap();
    ctx.set_tmp_dh(dh).unwrap();
 2015-08-31 23:12:57 +02:00
Steven Fackler cc497b4768 Release v0.6.4 2015-07-06 11:09:03 -07:00
Steven Fackler 524c1e63aa Release v0.6.3 2015-06-25 23:22:04 -07:00
Joseph Glanville e88f1567b4 Add support for reading X509 subject information 2015-05-18 02:41:42 +10:00
Steven Fackler d723481f77 Fix doc root 2015-05-13 16:31:27 -07:00
Manuel Schölling 6f1e9cf47c Make connected_socket a dev-dependency 2015-04-06 13:00:12 +02:00
Manuel Schölling 912cacf4bc Fix rebase errors 2015-04-06 12:26:10 +02:00
Manuel Schölling dbef985e32 Move connected_socket to its own crate and fix SSL_CTX_set_read_ahead() 2015-04-06 12:23:11 +02:00
Manuel Schölling 664600eadf Add DTLSv1 and DTLSv1.2 support 2015-04-06 12:22:50 +02:00
Steven Fackler 4606687829 Stabilize openssl! 2015-04-02 21:12:05 -07:00
Steven Fackler f4761bb292 Remove two features 2015-04-02 13:59:55 -07:00
Sean McArthur 24b876521b rustup: changes to io::Error 2015-04-02 11:12:18 -07:00
Steven Fackler c101abac6b Remove unsafe_destructor 2015-03-30 21:24:34 -07:00
Steven Fackler 2b1a9a7814 Fix verify data free function 
Turns out this is called with a null pointer if you never set the data
which didn't end up doing anything until the recent zeroing drop
changes.

Also use a map of indexes since statics in generic functions don't
monomorphize
 2015-03-29 10:18:30 -07:00
Alex Crichton 5a80cc8aae Update to rust master 2015-03-25 10:51:28 -07:00
Steven Fackler ac24bc5422 Fix warnings and build issues 2015-03-20 08:33:42 -07:00
Steven Fackler a65b03c89e Fix warnings 2015-03-10 19:38:44 -07:00
Steven Fackler 8b8736fb46 Merge pull request #172 from reaperhulk/add-ssl-ctx-set-get-options 
add support for SSL_CTX_set_options and SSL_CTX_get_options
 2015-03-07 08:43:30 -08:00
Aaron Weiss c3eee3b194 Added try_clone to SslStream for SslStream<TcpStream>. 2015-03-02 16:32:25 -05:00
Steven Fackler 2789764fe3 Merge branch 'breaks' 
Conflicts:
	openssl/src/lib.rs
 2015-02-27 19:47:24 -08:00
Steven Fackler 14e6b1b530 Silence stability warning 2015-02-26 09:02:16 -08:00
Steven Fackler 6991cc6a30 Convert to new IO. 2015-02-24 23:01:57 -08:00
Steven Fackler 1b4a2eef0e Switch to cargo liblibc 2015-02-24 21:47:30 -08:00
Paul Kehrer 8940bd767b add support for SSL_CTX_clear_options and use bitflags 2015-02-23 19:39:23 -06:00
Steven Fackler 69e371aafd Remove old attributes 2015-02-21 16:48:32 -08:00
Kevin Butler cb0e1688c8 Update depreciated code 2015-02-20 21:04:01 +00:00
Steven Fackler 6bfc4d986b Fix warnings 2015-02-19 09:13:22 -08:00
Steven Fackler ec65b0c67b Move docs to this repo and auto build 2015-02-07 21:30:05 -08:00