2200 Commits

All Branches

Search

Author	SHA1	Message	Date
Bastian Köcher	888f4ccaab	Fixes the implementation of `X509StoreContextRef::verify_cert` ... The certificate, the store and the certificates chain does not need to be consumed by `verify_cert` and instead are taken as references. We also call `X509_STORE_CTX_cleanup`, after the verification succeeded.	2018-03-07 16:07:57 +01:00
Benjamin Fry	53adf0e6a4	delay return until after forgets	2018-03-07 13:54:35 +01:00
Benjamin Fry	6abac82f13	cleanup and add negative test	2018-03-07 13:54:35 +01:00
Benjamin Fry	a1cfde765a	add cleanup ffi to store context	2018-03-07 13:54:15 +01:00
Benjamin Fry	3187366cc5	restructure to self contained function	2018-03-07 13:53:29 +01:00
Steven Fackler	2251a6f2b6	Little tweaks	2018-03-07 13:51:58 +01:00
Benjamin Fry	d8a11973e2	convert to raw pass-through methods	2018-03-07 13:51:58 +01:00
Benjamin Fry	910386027d	add comment about consuming self in verify_cert	2018-03-07 13:50:12 +01:00
Benjamin Fry	35cad33d51	fix error check	2018-03-07 13:50:12 +01:00
Benjamin Fry	847fac25f8	properly version library functions	2018-03-07 13:48:09 +01:00
Benjamin Fry	3595ff9e51	Fix memory mgmt	2018-03-07 13:42:39 +01:00
Benjamin Fry	eb6296e892	add verify_cert and store_context_builder	2018-03-07 13:41:44 +01:00
Steven Fackler	f645165ee2	Remove the x509 module-level example ... The example generated a bogus certificate that was missing a serial number, a validity range, etc. Generating a correct x509 certificate is complex enough that doing it correctly is too long to be a reasonable doc example. There's already a more complete example in the examples directory that handles things more correctly. Closes #859	2018-03-05 19:25:01 -08:00
Benjamin Saunders	38f4705b1d	FFI for OpenSSL 1.1.1 custom extension support	2018-03-05 17:45:08 -08:00
Steven Fackler	5760ded1ce	Merge pull request #857 from Ralith/middlebox-compat ... Add SslOptions::ENABLE_MIDDLEBOX_COMPAT	2018-03-03 15:06:47 -08:00
Benjamin Saunders	f92de22b8d	Add SslOptions::ENABLE_MIDDLEBOX_COMPAT	2018-03-03 14:57:38 -08:00
Steven Fackler	b6985c7e8d	Release openssl v0.10.5	2018-02-28 14:33:04 -08:00
Steven Fackler	aa9addf532	Release openssl-sys 0.9.27	2018-02-28 14:31:23 -08:00
Steven Fackler	7fcd1ba96d	Update changelog	2018-02-28 14:23:44 -08:00
Steven Fackler	65e124055c	Merge pull request #854 from sfackler/error-description ... Always include something in ErrorStack's Display	2018-02-27 17:30:48 -08:00
Steven Fackler	85d8db21d2	Always include something in ErrorStack's Display ... The error stack can be empty after a some kinds of errors (AEAD validation failure in Crypter is one example), and we don't want to display as an empty string in that case.	2018-02-27 15:56:23 -08:00
Steven Fackler	42ec251b55	Merge pull request #853 from sfackler/min-max-version ... Add min/max protocol version support	2018-02-26 11:39:31 -08:00
Steven Fackler	b7ba577339	Add min/max protocol version support	2018-02-25 23:20:10 -08:00
Steven Fackler	d5dd6575c1	Restore error stack in cookie callback	2018-02-25 22:11:08 -08:00
Steven Fackler	b94b0f67c5	Merge pull request #835 from Ralith/stateless ... [WIP] Expose bindings needed for TLS1.3 stateless handshakes	2018-02-25 22:10:17 -08:00
Benjamin Saunders	e04dbfa3ee	Expose cookie generate/verify callback setters	2018-02-25 20:05:15 -08:00
Benjamin Saunders	e06a209e72	Expose FFI bindings needed for SSL_stateless	2018-02-25 19:58:49 -08:00
Steven Fackler	cebfbd9a25	Merge pull request #850 from sfackler/put-error ... Add the ability to push errors back onto the error stack.	2018-02-24 20:58:07 -08:00
Steven Fackler	5fd23d38d5	Add the ability to push errors back onto the error stack.	2018-02-24 20:46:03 -08:00
Steven Fackler	6a5845c875	Merge pull request #849 from sfackler/key-export ... Add RFC 5705 support	2018-02-24 14:15:11 -08:00
Steven Fackler	f72f35e9bd	Add RFC 5705 support	2018-02-23 22:04:57 -08:00
Steven Fackler	c1a106fc68	Merge pull request #847 from sfackler/version2 ... Actually add version stuff	2018-02-21 23:30:33 -08:00
Steven Fackler	7e0591a377	Actually add version stuff	2018-02-21 23:25:28 -08:00
Steven Fackler	950c39c2e6	Merge pull request #840 from olehermanse/master ... Add des_ede3_cbc cipher and more tests/examples	2018-02-21 23:03:33 -08:00
Steven Fackler	38470bd351	Merge pull request #846 from sfackler/client-cipher-update ... Update SslConnector cipher list	2018-02-21 19:56:46 -08:00
Steven Fackler	15048f4c02	Inline connector constants	2018-02-21 19:41:06 -08:00
Steven Fackler	6977e9e89f	Don't special case 1.0.1 ... It appears that 1.0.1's defaults are actually okay.	2018-02-21 18:44:04 -08:00
Ole Herman Schumacher Elgesem	7e02c09861	Added example/test in symm.rs for encrypting a private key with a symmetric cipher ... Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>	2018-02-21 13:16:04 +01:00
Steven Fackler	7192a5291f	Update SslConnector cipher list ... Based off of python/cpython#3532, we use OpenSSL's default cipher list and turn of things we don't like. This can't be used with 1.0.1, however, which had a poor default set. There, we use the old defaults, with the bits that aren't implemented in 1.0.1 removed (namely TLSv1.3 suites and ChaCha).	2018-02-20 22:27:54 -08:00
Steven Fackler	69a91815b8	Release openssl v0.10.4	2018-02-18 10:50:13 -08:00
Steven Fackler	402d81bb72	Release openssl-sys 0.9.26	2018-02-18 10:48:08 -08:00
Steven Fackler	78aed77cf3	Update changelog	2018-02-18 10:15:00 -08:00
Steven Fackler	9693c7ccf8	Merge pull request #845 from sfackler/ssl-version ... Ssl version	2018-02-17 17:54:46 -08:00
Steven Fackler	2daaf3fdea	Add some debugging-related bindings	2018-02-17 17:49:49 -08:00
Steven Fackler	90d5f85511	Add SSL_version binding	2018-02-17 13:44:21 -08:00
Steven Fackler	8f8895697d	Merge pull request #844 from sfackler/fix-session-clone ... Fix session cloning	2018-02-17 10:20:07 -08:00
Steven Fackler	3f5e3f095e	Fix session cloning	2018-02-17 10:12:47 -08:00
Steven Fackler	b1e7bf4d54	Merge pull request #843 from sfackler/session-callback-2 ... Session callback 2	2018-02-16 22:37:14 -08:00
Steven Fackler	18b87e65e3	Fix libressl	2018-02-16 22:28:38 -08:00
Steven Fackler	e5123d266b	Bind remove and get session callbacks	2018-02-16 22:24:34 -08:00