min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,328 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

352 Commits

Author SHA1 Message Date
Benjamin Cheng 5d8a44612d
add test for psk; deprecated set_psk_callback 2018-06-02 13:47:52 -04:00
Benjamin Cheng b1eb1224f5
Merge remote-tracking branch 'origin/master' 2018-06-02 10:56:31 -04:00
Steven Fackler 3456add537 Add SslRef::verified_chain 2018-05-29 21:53:22 -07:00
Steven Fackler 3cd33cdd8b Don't panic on bogus servernames 
Also add a second version of the method to avoid filtering out non-utf8
names.

Closes #930
 2018-05-24 20:22:15 -07:00
Steven Fackler c0876cc8c6 Add bindings to SSL_get_finished and SSL_get_peer_finished 
These are used for the tls-unique SCRAM channel binding mode.
 2018-05-24 20:00:28 -07:00
Steven Fackler c7db3d18ad
Merge pull request #920 from Ralith/max-early-data-accessors 
TLS1.3 early data support
 2018-05-22 20:42:46 -07:00
Benjamin Saunders 2e478fdcf4 Expose early I/O 2018-05-22 20:25:28 -07:00
Steven Fackler 7a7f98a32c
Revert "Move proto version accessors to SslContextRef" 2018-05-20 20:55:20 -07:00
Steven Fackler b976b5fd52 Move proto version accessors to SslContextRef 
Add a Derf impl for SslContextBuilder so existing use still works.
 2018-05-20 20:47:00 -07:00
Steven Fackler 4c1fdf1d81 Support ALPN on libressl 
Closes #690
 2018-05-20 12:52:49 -07:00
Steven Fackler a6fcef01c0 Overhaul openssl cfgs 
Also expose hostname verification on libressl
 2018-05-20 12:33:02 -07:00
Steven Fackler d991566f2b Support min/max version in LibreSSL 
Their implementations of the accessors don't behave expected with no
bounds, so we ignore those bits of the tests.
 2018-05-19 19:57:12 -07:00
Benjamin Saunders 69c75a178b Expose early keying material export 2018-05-17 13:16:41 -07:00
Benjamin Saunders d5d414b16f Expose max TLS1.3 early data accessors 2018-05-17 12:02:32 -07:00
Benjamin Cheng 47a68e2929
Add wrapper for SSL_CTX_set_psk_server_callback 2018-05-16 17:49:36 -04:00
Steven Fackler ff2c7ffefd Merge Ssl impl blocks 2018-05-12 16:50:50 +01:00
Steven Fackler c25b6f3e26 Clean up SSL callbacks 
Also add an Arc to avoid a weird use after free edge case if a callback
changes a callback.
 2018-05-12 15:02:53 +01:00
Steven Fackler 5cfbe7ac6a Disable tests that talk to Google on LibreSSL 2.5.0 
They're flickering, and I'm assuming it's just because that version is
so old.
 2018-05-12 13:59:22 +01:00
Steven Fackler e5d65306e7 Change SslContext callback handling 
Use the existing infrastructure!
 2018-05-12 13:19:01 +01:00
Steven Fackler 7a1b59d605 Fix base version for min/max proto accessors 
Closes #911
 2018-05-09 20:04:43 +01:00
Benjamin Saunders 47431f66bb Expose SslSession <-> DER conversion 2018-04-29 01:54:16 -07:00
Steven Fackler e423da2d12
Merge pull request #858 from Ralith/stateless-api 
Introduce SslStreamBuilder
 2018-03-31 11:28:03 -07:00
Steven Fackler 1bbe1b6a8f Clean up a couple of holdovers from old features 2018-03-29 10:20:18 +02:00
Benjamin Saunders 99fdb2bd0b Introduce SslStreamBuilder 2018-03-28 18:14:48 -07:00
Benjamin Saunders bbb1cb61f6 Update to OpenSSL 1.1.1-pre3 2018-03-28 18:14:44 -07:00
Steven Fackler 7c33346960 Remove version-specific features 
Closes #852
 2018-03-19 00:41:33 -07:00
Benjamin Saunders 09b1fe9a0d Expose additional cipher and digest accessors 2018-03-16 20:33:23 -07:00
Steven Fackler 9f5ef88880 Add a Sync + Send bound to the custom ext type 
It's stored inside of the Ssl, so this is probably tecnically
necessarly?
 2018-03-11 15:36:47 -07:00
Steven Fackler d0329473bd
Merge branch 'master' into custom-extensions 2018-03-11 15:27:28 -07:00
Benjamin Saunders e02dbde2f7 Generic custom extension add fn return type 2018-03-10 22:30:54 -08:00
Steven Fackler 562fe79f4c Add one more set of impls 2018-03-10 08:53:46 -08:00
Benjamin Saunders b0bc1c770e High-level API for OpenSSL 1.1.1 custom extension support 2018-03-09 20:33:49 -08:00
Benjamin Saunders f92de22b8d Add SslOptions::ENABLE_MIDDLEBOX_COMPAT 2018-03-03 14:57:38 -08:00
Steven Fackler b7ba577339 Add min/max protocol version support 2018-02-25 23:20:10 -08:00
Benjamin Saunders e04dbfa3ee Expose cookie generate/verify callback setters 2018-02-25 20:05:15 -08:00
Steven Fackler f72f35e9bd Add RFC 5705 support 2018-02-23 22:04:57 -08:00
Steven Fackler 7e0591a377 Actually add version stuff 2018-02-21 23:25:28 -08:00
Steven Fackler 2daaf3fdea Add some debugging-related bindings 2018-02-17 17:49:49 -08:00
Steven Fackler 90d5f85511 Add SSL_version binding 2018-02-17 13:44:21 -08:00
Steven Fackler 3f5e3f095e Fix session cloning 2018-02-17 10:12:47 -08:00
Steven Fackler e5123d266b Bind remove and get session callbacks 2018-02-16 22:24:34 -08:00
Steven Fackler 4dffa0c33f SSL session callbacks have always been around 2018-02-16 21:31:09 -08:00
Steven Fackler af4832e145 Doc tweak 2018-02-15 21:33:39 -08:00
Steven Fackler a9d8bea33c Add more session cache support 2018-02-15 21:30:20 -08:00
Steven Fackler f4ddd66b03 Tweak features 
We should keep the version features totally separate for now.
 2018-02-14 22:11:24 -08:00
Steven Fackler 2765775535 OpenSSL 1.1.1 support 2018-02-13 22:31:37 -08:00
Steven Fackler af7aa52364 Adjust the SNI callback 
Brings it more in line with how the raw callback is structured.
 2018-01-06 22:20:20 -08:00
Steven Fackler f50dd20cb6 Fix docs 2018-01-06 21:42:37 -08:00
Steven Fackler 1553447385 Misc cleanup 2018-01-01 12:23:41 -08:00
Steven Fackler 9043cf9aa7 Move X509Filetype to SslFiletype 
These constants have the same values, but X509_FILETYPE_DEFAULT doesn't
work in the Ssl methods and using the SSL_* names is a bit less
confusing.
 2018-01-01 11:50:07 -08:00