a88704076c
Add NIDs for cipher authentication types
2024-06-26 16:13:58 +01:00
760e99db46
Impl From for SslSignatureAlgorithm
...
This is useful for comparing raw u16s with the various sigalg constants.
2024-06-26 16:13:58 +01:00
b3eaacc33a
Updates license field to valid SPDX format
2024-06-02 10:40:17 +01:00
7b97ff7bf5
Release 4.7.0
2024-05-31 18:18:56 +01:00
d9f7e4daf6
Fix crosscompile
2024-05-31 09:38:29 +01:00
738d80a653
Expose hmac_sha256/512 functions
2024-05-31 09:38:29 +01:00
b8044706ad
Release 4.6.0
2024-04-09 11:25:44 +02:00
87ed6ab9bb
Tweak cliff config to exclude merge and release commits from changelog
2024-04-09 11:18:05 +02:00
870ccd9084
builder
2024-04-07 17:03:52 -07:00
2cee0af3d2
HttpsLayerSettings
2024-04-07 17:03:52 -07:00
8db6134c75
bound session cache
...
When establishing new TLS sessions, servers may send multiple session
tickets (RFC8446 4.6.1). hyper-boring caches tickets without placing a
limit on how many tickets are cached. This leads to unbounded growth of
hyper-boring's cache and leaves clients vulnerable to malicious servers
who might send many session tickets to exhaust a client's available
memory.
This change bounds the cache to a default of 8 tickets.
2024-04-07 17:03:52 -07:00
3d9a5e3244
add get_curve ( #226 )
2024-03-26 14:48:53 +01:00
167f5aece1
Remove kx-safe-default gate on SslCurve
...
While setting curves should be restricted by the kx-safe-default
feature, reading the curve is allowed.
2024-03-24 11:11:22 -07:00
b96d2b88a4
Enable layout tests on iOS target
2024-03-24 11:11:05 -07:00
30b33991e5
Fix clippy lints
2024-03-24 10:52:05 -07:00
713558993a
Add getters for client hello message
2024-03-22 20:44:55 +01:00
ba85412229
Removes vestigial build script
2024-02-26 13:25:46 +01:00
bc42edc552
Introduce and use read_uninit and write_uninit duplicated from openssl-0.10.61 and tokio-openssl-0.6.4
2024-02-21 09:07:39 +01:00
db01409165
Release 4.5.0
2024-02-08 11:00:16 +01:00
8ab1873d8b
Introduce SslRef::set_private_key
2024-02-08 10:10:50 +01:00
7ead83cf40
Release 4.4.1
2024-02-02 10:44:53 -08:00
d3a42b0aeb
Fix building with BORING_BSSL_PATH / BORING_BSSL_FIPS_PATH
...
When passing BORING_BSSL_FIPS_PATH, you need to add /lib/ to the search
path, and when passing BORING_BSSL_PATH you need to add /crypto/ and
/ssl/ to the search path.
2024-02-02 10:23:41 -08:00
5aed467dcb
Fix building with non bazel commits of boringssl
...
We need to add `/build/crypto` and `/build/ssl` to the library search
path to handle the case where we pass `BORING_BSSL_SOURCE_PATH` when
building without enabling any fips features. Otherwise, non bazel
commits will not work because `/build/` itself will not contain any
crypto libraries to link with
2024-02-02 14:56:55 +00:00
3cf8bc445a
Release 4.4.0
2024-01-17 17:58:57 +01:00
e370083af5
Expose `set_compliance_policy` and `get_ciphers`
2024-01-17 17:57:47 +01:00
0f5731b1d8
Expose SSL_get_error
2024-01-09 16:42:58 +01:00
20f9991c18
Fix support for fips-link-precompiled
...
This feature expects a recent boringssl checkout (such as the one
found in boring-sys/deps/boringssl), so it should not be using
the same bindings as the fips feature, which are based on
boring-sys/deps/boringssl-fips, which is older and with a different
API.
2024-01-08 14:37:55 +01:00
f9dfd2c47e
Release 4.3.0
2024-01-03 19:39:59 +01:00
dfd49f4fef
Introduce X509Flags
...
For now it has a single associated constant, X509Flags::TRUSTED_FIRST.
2024-01-03 19:37:59 +01:00
94457340ac
Move x509 tests to a subdirectory
2024-01-03 19:37:59 +01:00
1321ded678
Rearrange imports in x509 module
2024-01-03 19:37:59 +01:00
3637bfed2f
Introduce HttpsLayer::set_ssl_callback
...
This lets us customize the Ssl of each connection,
like set_callback which lets us customize the ConnectConfiguration
a step earlier.
2024-01-03 15:43:52 +01:00
9b0e422c8d
Don't use self-signed certs in hyper-boring tests
2024-01-03 15:43:52 +01:00
a8dea4a22c
Introduce X509CheckFlags::UNDERSCORE_WILDCARDS
2024-01-02 15:37:36 +01:00
3df405443a
Release 4.2.0
2023-12-14 16:35:54 +01:00
72f4bf5724
Introduce set_custom_verify_callback and set_async_custom_verify_callback
2023-12-14 16:31:09 +01:00
b97446a3c9
Restore rpk feature in tokio-boring
...
It serves no purpose as there is no additional API in tokio-boring when
this feature is enabled, but there is a test gated by it and it can't
be conditionnally enabled only when boring's feature is enabled.
2023-12-14 16:30:49 +01:00
6f5f59d7a9
Remove rpk from hyper docsrs features
...
The feature doesn't exist anymore.
2023-12-14 16:30:49 +01:00
446b65550a
Introduce tokio_boring::SslStreamBuilder
2023-12-14 16:05:09 +01:00
dd281f6ab6
Swap build and run order; always build
2023-12-14 13:25:47 +01:00
59ef71327f
Remove unused target_env from boring-sys build config
2023-12-14 13:25:47 +01:00
44f8f72a16
boring-sys: Blocklist max_align_t in bindgen
...
https://github.com/rust-lang/rust-bindgen/issues/1823
2023-12-14 13:25:47 +01:00
5dc531a38c
boring-sys: Don't check for MSVC with target_env
...
x86_64-pc-windows-gnu is identified as `target_env = "msvc"` too,
but doesn't use the Visual Studio CMake generator.
2023-12-14 13:25:47 +01:00
4d66ada007
Use gcc/g++ as the compilers for windows-gnu, not Clang
2023-12-14 13:25:47 +01:00
016d5cb61e
Always run tests in bash
...
This is only necessary for the windows-gnu target, but causes no
issues anywhere else.
2023-12-14 13:25:47 +01:00
8b86852d8a
Add arm64-macos cross-compile to CI
2023-12-14 13:25:47 +01:00
f82f3fcb0f
Add custom linker for Android cross-compilation
2023-12-14 13:25:47 +01:00
16327cf5c5
Add custom environment for ARM Linux cross-compilation
2023-12-14 13:25:47 +01:00
2f62df492b
Build tests even for cross-compiling
2023-12-14 13:25:47 +01:00
1028909b40
Remove musl test; there's no standard musl C++ setup for us to use
2023-12-14 13:25:47 +01:00
Rushil Mehra