min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,108 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

383 Commits

Author SHA1 Message Date
David Rajchenbach-Teller 0c48f9a0e0 Resolves #378 - Module version with the version information 2016-04-13 23:29:25 +02:00
Rico Huijbers 00282de2a5 Add ability to set session ID context on an SSL context 
This is necessary to make authentication with client certificates work
without session restarts.
 2016-04-13 21:38:23 +02:00
Kevin King fa5537de81 copy PKey using DER encode and decode 
test that fields of cloned private and public keys can be accessed
 2016-04-10 00:16:31 -04:00
Steven Fackler d143203f88 Release v0.7.9 2016-04-06 21:34:20 -07:00
Kevin King 4016edd4de add EVP_PKEY_copy_parameters to FFI 
copy EVP_PKEY params in PKey::clone

test that PKey::clone creates a copy
 2016-04-06 19:39:50 -04:00
Joe Wilm c4b7b85d99 Add safe wrapper BioMethod for ffi::BIO_METHOD 
Adds a wrapper for ffi::BIO_METHOD located at ssl::bio::BioMethod. This
enables SslStream to be Send without doing an unsafe impl on the ffi
struct.
 2016-04-04 16:08:38 -07:00
Steven Fackler 02f114faae Cleanup 2016-03-27 13:37:00 -07:00
Steven Fackler c4187638a8 Update for nightly changes 2016-03-27 13:29:24 -07:00
Leon Anavi 6d4bfaa490 Cast correctly c_char raw pointers (fixes build on ARM #363) 
Fix error caused by mismatched types while building crate
openssl for Raspberry Pi 2 and other ARM devices.

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
 2016-03-22 00:16:56 +02:00
Steven Fackler e0412850ec Release v0.7.8 2016-03-18 08:54:12 -07:00
Ms2ger 6d043b3700 Allow Rust to infer the type of the argument to SSL_CIPHER_description. 
This allows the code to compile on Android, where an unsigned char is
expected.
 2016-03-18 15:44:47 +01:00
Steven Fackler ade90bf004 Clean up BIO name 2016-03-17 22:27:16 -07:00
Steven Fackler a9a18cf337 Simplify panic safety logic for new nightly 2016-03-17 22:23:51 -07:00
Steven Fackler a569df29f4 Release v0.7.7 2016-03-17 09:04:23 -07:00
Alex Crichton 3467cf343f Fix nightly warnings about zero-sized fn pointers 2016-03-11 12:57:56 -08:00
Steven Fackler 23fd427900 Merge pull request #353 from bluejekyll/master 
adding functionality to directly get and set RSA public key material
 2016-03-05 13:57:53 -08:00
Benjamin Fry 3e5b65b7fa making from_raw() unsafe 2016-03-05 13:43:14 -08:00
Steven Fackler 2fe3e48487 Stop testing sslv2 feature on Travis 
OpenSSL removed support for this entirely in the most recent release.
 2016-03-01 11:05:41 -08:00
Steven Fackler 90ce50730b Update source URL for new OpenSSL release 2016-03-01 10:02:34 -08:00
Steven Fackler 1f5800fe2c Merge pull request #356 from erikjohnston/conninfo 
Add support for SSL_CIPHER
 2016-03-01 09:20:36 -08:00
Erik Johnston 80ac6e54ac Make SSLCipher.bits() return a struct. 2016-02-29 21:23:34 +00:00
Erik Johnston 04cbf049c0 Add SSL_get_version 2016-02-29 20:14:48 +00:00
Benjamin Fry 3fb2c48c98 added public key material to the constructor 2016-02-28 22:05:19 -08:00
Kalita Alexey b37bbba78f Bump bitflags to 0.4 2016-02-28 08:28:25 +04:00
Benjamin Fry 6ebe581308 review fixes, keep raw RSA initiallization private 2016-02-23 20:49:21 -08:00
Benjamin Fry ef95223d26 adding functionality to directly get and set RSA key material 2016-02-17 23:18:42 -08:00
Erik Johnston 1e9667ea89 Add support for SSL_CIPHER 2016-02-17 22:38:32 +00:00
Steven Fackler 3df4c479c9 Release v0.7.6 2016-02-10 09:36:00 -08:00
Steven Fackler 643a4a58c9 More deprecated function cleanup 2016-02-08 23:20:19 -08:00
Steven Fackler e3e4aa4472 Stop using deprecated method 2016-02-08 23:12:54 -08:00
Joe Wilm fe0f8ea1d8 Rename Nid uid/UID to prevent breakage 2016-02-02 14:32:57 -08:00
Joe Wilm 4940ca7e92 Fix Nid::UID value 
Nid::UID (userId) previously held the value of Nid::uid
(uniqueIdentifier).
 2016-02-02 09:25:52 -08:00
Steven Fackler 627f394d59 Revert "Revert "impl Clone for PKey and X509 by using their 'references' member"" 2016-01-31 20:38:36 +00:00
Steven Fackler 4e58fd10de Fix PKey RSA constructors 
`set1` functions bump the object's refcount so we were previously
leaking the RSA object. Split the decode from PEM part out to a method
on RSA and use that in the PKey constructors.

Also make RSA a pointer and actually free it.
 2016-01-30 13:12:06 -08:00
Steven Fackler 8ab4b54541 Revert "impl Clone for PKey and X509 by using their 'references' member" 2016-01-28 23:37:27 -08:00
Steven Fackler 274715fad0 Merge pull request #343 from jimmycuadra/ordered-extensions 
Preserve X.509 extension insertion order
 2016-01-28 22:37:48 -08:00
Steven Fackler 87f94c832f Bump openssl version to test with 2016-01-28 22:21:10 -08:00
Jimmy Cuadra 5e0830286e Preserve X.509 extension insertion order. 
Ensures that extensions that are order-dependent are inserted in the
same order when calling out to OpenSSL during certificate signing.

Fixes #327.
 2016-01-28 20:02:44 -08:00
Steven Fackler 7610804c9d Remove unwraps from rsa accessors 2016-01-22 19:10:22 -08:00
Steven Fackler 18e7e2455c Merge pull request #330 from esclear/master 
Add a interface to RSA structs
 2016-01-22 19:07:38 -08:00
Steven Fackler d25858cb57 Exclude test directory from package 2016-01-22 16:34:31 -08:00
Steven Fackler 2ece5b1039 Release v0.7.5 2016-01-22 15:57:21 -08:00
Steven Fackler b7d3357f37 Fix connect and accept error reporting 
We were previously trying to create an error twice so the second
wouldn't be correct.
 2016-01-22 15:34:31 -08:00
Daniel Albert 3ee2bf9310 Fix up RSA integration 2016-01-20 20:29:06 +00:00
Daniel Albert 74db7db560 Merge branch 'master' of https://github.com/sfackler/rust-openssl 2016-01-20 19:59:41 +00:00
Steven Fackler 95a83c477c Merge pull request #334 from jmesmon/ssl-context 
ssl: fix refcounting of SslContext when set_ssl_context is used
 2016-01-19 20:04:44 -08:00
Cody P Schafer 36a667be49 x509: impl Clone using references & CRYPTO_add() 2016-01-19 22:04:51 -05:00
Cody P Schafer 3c51f159a7 crypto/pkey: impl Clone for PKey using openssl's ref counting 2016-01-19 22:04:51 -05:00
Cody P Schafer d1825c7a86 openssl/ssl/context: test that we are refcounting correctly 
Not a perfect test, on failure it _might_ exit with this output:

Process didn't exit successfully:
`/home/cody/g/rust-openssl/openssl/target/debug/openssl-8e712036e3aac4fe`
(signal: 11)

But unclear if we can do any better.
 2016-01-18 16:40:14 -05:00
Cody P Schafer dacde211c3 ssl: fix refcounting of SslContext when set_ssl_context is used 
Additionally impl Clone for SslContext to both allow us to use it &
allow external users to take advantage of SslContext's internal
refcount.

Maintain the existing signature for set_ssl_context(), but
add inline comments recommending changing it.

Fixes #333
 2016-01-18 15:37:13 -05:00
Daniel Albert 1f45723b39 Fix incorrect unsafe declaration 2016-01-12 20:57:01 +00:00
Daniel Albert 7e8df9febd Adhere to rust conventions 2016-01-12 18:15:07 +00:00
Steven Fackler 86e2f81f43 Fix should_panic check 2016-01-11 23:45:12 -08:00
Steven Fackler 1865dd7374 Test nightly on travis 2016-01-11 22:38:06 -08:00
Steven Fackler fd6454f625 Add stream panic propagation behind a nightly feature gate 2016-01-11 22:36:58 -08:00
Daniel Albert 1238405637 Make the BigNum generation from a native pointer unsafe 2016-01-09 22:09:38 +00:00
Steven Fackler b32a50797c Merge pull request #328 from Cyberunner23/PemRSA 
Add support for RSA PEM files.
 2016-01-09 13:08:00 -08:00
Cyberunner23 c0b9a4c8ec Added tests for private_rsa_key_from_pem() and public_rsa_key_from_pem() 2016-01-09 14:36:01 -05:00
Will Tange 89e88727ff Mark PKey as `Send` and `Sync` 
Provided that the locking function is set, the underlying `ffi::EVP_KEY`
type should be safe to use across threads.
 2016-01-07 06:33:25 +01:00
Cyberunner23 1d3277fbee Added private_rsa_key_from_pem and public_rsa_key_from_pem. 2016-01-05 13:22:56 -05:00
Daniel Albert 578fac7e80 Add public interface to access BigNums from RSA keys 2016-01-01 19:46:03 +00:00
Daniel Albert 5e5d24ee25 Implement the possibility to create BigNums from their ffi counterpart 2016-01-01 19:36:29 +00:00
Daniel Albert 5813ca371d Add RSA structs 2016-01-01 19:33:49 +00:00
Steven Fackler 926c8167be Release v0.7.4 2015-12-18 22:41:46 -08:00
Steven Fackler 11129aa521 Rustfmt 2015-12-18 22:34:30 -08:00
Steven Fackler a31acdbb93 Fix deprecation location 2015-12-18 22:21:23 -08:00
Steven Fackler e85b49d375 Work around the worst of clone bogusness 
SslStream::{clone,try_clone} are inherently broken since the Ssl object
shared by both streams is only going to be talking to one stream. Stuff
like hyper depends on try_clone, so we'll leave it here for now but
minimize the brokenness to "no worse than what it used to be like".
They'll be removed in 0.8.

cc #325
 2015-12-18 21:20:47 -08:00
Steven Fackler 5fa46d428d Release v0.7.3 2015-12-17 21:25:48 -08:00
Steven Fackler e077ed0b4d Disable cross compilation for now 2015-12-17 21:13:44 -08:00
Steven Fackler 053c924d5a Fix nonblocking behavior 
A new nonblocking socket may not have finished connecting yet, so reads
and writes can return ENOTCONNECTED which we should reinterpret into a
WantRead or WantWrite

Closes #323
 2015-12-17 16:54:11 -08:00
Steven Fackler ccab187f5a Travis fixes 2015-12-16 23:51:19 -08:00
Steven Fackler 2cf65fc68d Stop using manifest-path for now 
Some ssl tests depend on the working directory being openssl
 2015-12-16 23:39:29 -08:00
Steven Fackler e7744874f4 Try cross compiling 2015-12-16 23:25:19 -08:00
Steven Fackler 2531ac9a45 Test overhaul + add an arm cross compile build 
The ARM build doesn't do anything yet
 2015-12-16 22:52:30 -08:00
Ondrej Perutka 02d2230a76 Fix regression of c_char type mismatches on ARM 2015-12-16 11:11:14 +01:00
Steven Fackler 157e6aa961 Rustfmt 2015-12-15 21:51:20 -08:00
Steven Fackler edfb318e0b Fix bounds on ssl_read and ssl_write 2015-12-15 20:06:07 -08:00
Steven Fackler 13f7cfd9d8 Release v0.7.2 2015-12-15 19:41:57 -08:00
Steven Fackler 6d559bf1da Cleanup SNI stuff 2015-12-15 19:39:24 -08:00
Steven Fackler 3a0e64dca5 Cleanup 2015-12-15 19:33:36 -08:00
Steven Fackler 167008d247 Merge pull request #320 from uasi/add-variations-of-pbkdf2 
Add PBKDF2-HMAC-SHA256 and -SHA512 functions
 2015-12-15 19:30:57 -08:00
Steven Fackler 514c5ec415 Merge pull request #309 from Geal/master 
Add support for Server Name indication (SNI) on the server's side
 2015-12-15 19:22:39 -08:00
Steven Fackler f2fae1f83f Document unused variant 
No reason to hide it
 2015-12-14 23:44:28 -08:00
Steven Fackler b8c8b770e3 Yet more AsRawSocket fixes 2015-12-12 18:01:21 -08:00
Steven Fackler ddedda1d03 More AsRawSocket fixes 2015-12-12 16:47:03 -08:00
Steven Fackler 63a45ac622 Fix AsRawSocket impls 2015-12-12 16:33:58 -08:00
Steven Fackler d6ce9afdf3 Have NonblockingSslStream delegate to SslStream 2015-12-12 15:46:17 -08:00
Steven Fackler 1df131ff81 Build out a new error type 2015-12-12 15:01:16 -08:00
Steven Fackler aa37dba0bc Make error handling more reliable 2015-12-10 21:58:22 -08:00
Tomoki Aonuma b6647cc610 Put pbkdf2_hmac_{256,512}() behind feature gate 
PKCS5_PBKDF2_HMAC is not available with openssl-0.9.8 on os x
 2015-12-10 23:00:49 +09:00
Tomoki Aonuma e9b8627af2 Add PBKDF2-HMAC-SHA256 and -SHA512 functions 2015-12-10 20:29:52 +09:00
Steven Fackler 91f8c542f7 Replace SslStream implementation! 2015-12-09 23:30:29 -08:00
Steven Fackler 8f56897043 Implement read and write 2015-12-09 22:02:02 -08:00
Steven Fackler 9ee6f1c578 IT LIVES 2015-12-09 21:43:02 -08:00
Steven Fackler 4d883d488e Custom BIO infrastructure 2015-12-08 23:02:38 -08:00
Steven Fackler 8cc69267fd Bump openssl version for travis 2015-12-07 19:03:29 -08:00
Geoffroy Couprie 6850c810d3 Increment SSL_CTX's reference count in Ssl::get_ssl_context() 
Without this, whenever the returned SslContext is released,
the refcount of the underlying SSL_CTX will decrease and it
will be freed too soon
 2015-12-03 12:26:55 +01:00
Ondrej Perutka f54af75eb7 Cast correctly c_char raw pointers (fixes build on ARM #314) 2015-11-30 21:06:54 +01:00
Steven Fackler fce7cf4d36 Release v0.7.1 2015-11-28 16:14:58 -08:00
Geoffroy Couprie 7835ea1c90 Make shims for SSL_CTX_ctrl and SSL_CTX_callback_ctrl macro wrappers 2015-11-25 08:10:36 +01:00