min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,742 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

400 Commits

Author SHA1 Message Date
Kirill Fomichev 5d7d83e869
Fix function name in peer_finished documentation 2020-04-12 16:20:13 +03:00
Steven Fackler 1ed175f85f FIx build 2020-04-07 17:39:56 -07:00
Steven Fackler 40e66bab6b Add SslContextBuilder::set_cert_store 2020-04-07 17:05:38 -07:00
Steven Fackler 2cbc436b8b
Merge pull request #1248 from coolreader18/ssl-functions 
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished
 2020-03-26 20:52:42 -04:00
Noah 354a984a7c
Add SslMethod::tls_{client,server} 2020-03-24 21:56:04 -05:00
Steven Fackler e450f3fee0
Update openssl/src/ssl/mod.rs 2020-03-24 19:27:04 -04:00
Noah f572a8306b
Add man page links 2020-03-24 17:01:14 -05:00
Noah 1e9cc8426e
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished 2020-03-24 15:32:39 -05:00
Nipunn Koorapati 4898f60e52 Attach cfg[allow_deprecated] to methods w/ uninitialized functionality 
Additionally - update usage of ONCE_INIT
 2020-02-10 12:53:51 -08:00
Hiroki Noda 9189b67326 Add NO RENEGOTIATION option 
SSL_OP_NO_RENEGOTIATION was added in OpenSSLv1.1.1 and backported to
v1.1.0h.
 2020-01-28 04:07:38 +09:00
Hyeonu Park 4d5e5e1787 add SslStreamBuilder::set_dtls_mtu_size(usize) 2019-12-29 04:17:00 +09:00
Steven Fackler 0815ac9b5d
Merge pull request #1208 from Sach1nAgarwal/comment2 
Fix documentation typo of "the"
 2019-12-20 09:14:58 -05:00
Steven Fackler 4cec131f37
Merge pull request #1207 from Sach1nAgarwal/comment1 
In the documentation of SslContextBuilder::set_session_id_context, we…
 2019-12-20 09:14:44 -05:00
Steven Fackler 3ca6974f9e
Merge pull request #1209 from Sach1nAgarwal/comment3 
Fix documentation typo of link
 2019-12-20 09:14:28 -05:00
Sachin agarwal 81cd1736d9 In the documentation of SslContextBuilder::set_cipher_list, we had given 
link of "SSL_get_client_ciphers" rather than "SSL_CTX_set_cipher_list". In this commit,
we fix the typo.
 2019-12-20 08:48:38 +05:30
Sachin agarwal 7599cc5b43 In the documentation of SslContextBuilder::set_certificate, we had written 
"lthe" rather than "the". In this commit,
we fix the typo.
 2019-12-20 08:40:01 +05:30
Sachin agarwal 96c49eee3c In the documentation of SslContextBuilder::set_session_id_context, we had written 
"be be" rather than "be". In this commit,
we fix the typo.
 2019-12-20 08:32:51 +05:30
Steven Fackler 0d8561b58a
Merge pull request #1202 from traviscross/fix-chain-typo 
Fix documentation typo of "chain"
 2019-12-13 07:19:44 -05:00
Travis Cross ac8214dad3 Fix documentation typo of "chain" 
In the documentation of `SslRef::verified_chain`, we had written
"certificate chani" rather than "certificate chain".  In this commit,
we fix the typo.
 2019-12-12 22:03:42 +00:00
Steven Fackler 2fe7462aa9
Fix link 
Closes #1201
 2019-12-12 07:25:29 -05:00
Steven Fackler 0fb1e55a98 Allow configuration of EC groups and signature algorithms 
Closes #1186
 2019-11-16 10:54:27 -08:00
Steven Fackler 8d2e9e783d Hack around an unpatched OpenSSL issue 
Why backport fixes to your LTS version? Seems like a lot of work, I
guess!

Closes #1133
 2019-07-18 22:44:02 -04:00
Steven Fackler b39a712076 Fix handling of session callbacks 
The session context is used for session callbacks rather than the normal
context, which breaks state lookup when the context has been swapped out
(e.g. for SNI). Since there isn't an accessor for the session context,
we just store an extra reference in the SSL's ex data.

Closes #1115
 2019-05-18 10:27:40 -07:00
Andy Caldwell 2e37753790
Const-correctness 2019-05-13 19:11:15 +01:00
Andy Caldwell 41fea135ad
Allow passing by non-owned reference 2019-05-13 18:49:09 +01:00
Andy Caldwell 628c3b338a
Add SSL_CTX_add_client_CA on OpenSSL 2019-05-13 15:08:02 +01:00
Charlie Li d79090a00a Reconcile exdata and version functions between libraries/versions. 2019-04-24 23:15:56 -04:00
Charlie Li 98f91769e3 Add missing any() in the {,D}TLS_method usage logic. 2019-04-24 19:29:01 -04:00
Charlie Li f0b8a2e467 Support LibreSSL 2.9.1 
LibreSSL 2.9.1 added generic DTLS methods.

While here, bump CircleCI.
 2019-04-24 16:08:42 -04:00
Steven Fackler 404670691c Use into for infallible conversions 2019-03-01 12:36:01 -08:00
Steven Fackler 404b7f1790 Add session cache size accessors 2019-03-01 10:07:51 -08:00
Steven Fackler a16482f972 Add session info accessors 2019-02-28 22:08:48 -08:00
Steven Fackler 913267e68a Add SslCtx::{add,remove}_session 2019-02-28 19:48:10 -08:00
Steven Fackler 58ccea26ad Fix cipher_name return value 2019-02-22 12:33:41 -07:00
Steven Fackler 70afbb8393 Add standard ciphername support 2019-02-22 10:33:12 -07:00
Steven Fackler 7eee39f1ec Rustfmt 2019-02-22 10:14:15 -07:00
Steven Fackler 4256cfbf19 Fix some accidentally-public functions 2018-10-18 11:37:36 -07:00
Steven Fackler 22231d7547 Support the client hello callback 2018-09-15 13:29:18 -07:00
Steven Fackler bc4e47a321 Fix lookup errors with SNI callback. 
The job of an SNI callback is typically to swap out the context
associated with an SSL depending on the domain the client is trying to
talk to. Typically, only the callbacks associated with the current
context are used, but this is not the case for the SNI callback.

If SNI is run for a second time on a connection (i.e. in a
renegotiation) and the context was replaced with one that didn't itself
register an SNI callback, the old callback would run but wouldn't be
able to find its state in the context's ex data. To work around this, we
pass the pointer to the callback data directly to the callback to make
sure it's always available. It still lives in ex data to handle the
lifetime management.

Closes #979
 2018-08-31 20:23:55 -07:00
Steven Fackler 2df87cfd59 Fix doc reference 2018-08-19 20:19:10 -07:00
Steven Fackler ef7721092d SRTP cleanup 2018-08-19 18:50:11 -07:00
Aron Wieck 59c578cf04 Add methods for DTLS/SRTP key handshake 2018-08-14 16:04:33 +02:00
Steven Fackler 1396143c66 Add get_shutdown and set_shutdown 2018-08-08 13:19:55 -07:00
Steven Fackler ee5215bd31 SslSessionRef methods return static strings 
Closes #961
 2018-07-19 20:22:57 -07:00
Steven Fackler 6440ee04ef
Merge pull request #943 from lolzballs/master 
Add wrapper for SSL_CTX_set_psk_server_callback
 2018-06-17 15:47:00 -07:00
Steven Fackler 115cb730b0 Switch to accessors in libressl where possible 
Some accessors are mysteriously still macros so we can't make everything
opaque yet, unfortunately.

cc #909
 2018-06-09 21:49:36 -07:00
Steven Fackler cdc90c7e9d Add SslRef::set_alpn_protos 2018-06-04 20:19:27 -07:00
Steven Fackler 0745d66927 Update to 1.1.1-pre7 
The initial session ticket is now sent as part of SSL_accept, so some
tests need to write a single byte through the stream to make sure that
both ends have fully completed to avoid test flakes.

TLSv1.3 cipher suite control has been extracted from the normal cipher
list into a separate method: SslContextBuilder::set_ciphersuites.
 2018-06-02 13:58:56 -07:00
Benjamin Cheng 5d8a44612d
add test for psk; deprecated set_psk_callback 2018-06-02 13:47:52 -04:00
Benjamin Cheng b1eb1224f5
Merge remote-tracking branch 'origin/master' 2018-06-02 10:56:31 -04:00