517fc81d40
Update openssl/src/lib.rs
2020-04-05 09:52:20 -04:00
d6772960a3
Add documentation for OPENSSL_NO_VENDOR
2020-04-04 21:18:20 -05:00
2cbc436b8b
Merge pull request #1248 from coolreader18/ssl-functions
...
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished
2020-03-26 20:52:42 -04:00
ef369f827e
Merge pull request #1249 from coolreader18/more-ssl-method
...
Add SslMethod::tls_{client,server}
2020-03-25 20:57:23 -04:00
354a984a7c
Add SslMethod::tls_{client,server}
2020-03-24 21:56:04 -05:00
e450f3fee0
Update openssl/src/ssl/mod.rs
2020-03-24 19:27:04 -04:00
f572a8306b
Add man page links
2020-03-24 17:01:14 -05:00
29f62786ff
Update openssl/src/x509/store.rs
2020-03-24 17:20:54 -04:00
1e9cc8426e
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished
2020-03-24 15:32:39 -05:00
41162e27ab
Add a shim for X509_STORE_get0_objects and X509_OBJECT_free
2020-03-24 12:33:54 -05:00
e268a5ac7e
Check null ptr for non-x509 X509Object
2020-03-23 10:20:30 -05:00
8cfb59b9ea
Add a way to get the certificates stored in an X509Store
2020-03-22 23:20:59 -05:00
e7d0e69c74
Fix the memory leak in `X509Builder::append_extension`.
...
Also add an alternative method that takes a `X509ExtensionRef`.
2020-02-26 16:23:46 +02:00
7801226796
Tweak interface a bit
2020-02-12 16:14:28 -08:00
eed35cefb0
Merge pull request #1229 from axos88/master
...
SslAcceptor and SslConnector: Ability to turn into SslContext
2020-02-12 19:10:01 -05:00
c81810d869
adds ability access the internal &SslContext of an SslAcceptor and SslConnector
2020-02-12 22:15:11 +01:00
16d93a9372
Allow bad style on pkey.rs
2020-02-11 14:28:53 -08:00
4898f60e52
Attach cfg[allow_deprecated] to methods w/ uninitialized functionality
...
Additionally - update usage of ONCE_INIT
2020-02-10 12:53:51 -08:00
4b1564ebc1
Fix mutability of oneshot sign/verify methods
2020-02-04 21:50:40 +00:00
972c7ae11a
Fix visibility of Signer::new_intern
2020-02-03 16:18:23 +00:00
9189b67326
Add NO RENEGOTIATION option
...
SSL_OP_NO_RENEGOTIATION was added in OpenSSLv1.1.1 and backported to
v1.1.0h.
2020-01-28 04:07:38 +09:00
ad37e7e07d
Merge pull request #1160 from HyeonuPark/set-dtls-mtu
...
Add ssl::set_dtls_mtu_size(usize)
2020-01-13 12:53:23 -05:00
4d5e5e1787
add SslStreamBuilder::set_dtls_mtu_size(usize)
2019-12-29 04:17:00 +09:00
bba670dc90
Avoid false-failures if underlying network connection errors
...
In Air-Gapped or otherwise network-restricted environments,
TcpStream::connect can spuriously fail due to name resolution
failure, or just in establishing the socket itself.
In this situation, the test can't give a meaningful result, and this
failure doesn't indicate a problem in the OpenSSL stack.
Bug: https://github.com/sfackler/rust-openssl/issues/1215
2019-12-27 21:15:39 +13:00
4a05dc7894
Merge pull request #1205 from npmccallum/modernize
...
Fix warnings on newer Rust
2019-12-24 07:48:04 -08:00
fc3c0a93d5
remove deprecated Error::description, replace deprecated cause with source
2019-12-21 23:53:49 +01:00
0815ac9b5d
Merge pull request #1208 from Sach1nAgarwal/comment2
...
Fix documentation typo of "the"
2019-12-20 09:14:58 -05:00
4cec131f37
Merge pull request #1207 from Sach1nAgarwal/comment1
...
In the documentation of SslContextBuilder::set_session_id_context, we…
2019-12-20 09:14:44 -05:00
3ca6974f9e
Merge pull request #1209 from Sach1nAgarwal/comment3
...
Fix documentation typo of link
2019-12-20 09:14:28 -05:00
81cd1736d9
In the documentation of SslContextBuilder::set_cipher_list, we had given
...
link of "SSL_get_client_ciphers" rather than "SSL_CTX_set_cipher_list". In this commit,
we fix the typo.
2019-12-20 08:48:38 +05:30
7599cc5b43
In the documentation of SslContextBuilder::set_certificate, we had written
...
"lthe" rather than "the". In this commit,
we fix the typo.
2019-12-20 08:40:01 +05:30
96c49eee3c
In the documentation of SslContextBuilder::set_session_id_context, we had written
...
"be be" rather than "be". In this commit,
we fix the typo.
2019-12-20 08:32:51 +05:30
2e00fb371b
Replace try!() with ?
2019-12-17 16:09:06 +00:00
0d8561b58a
Merge pull request #1202 from traviscross/fix-chain-typo
...
Fix documentation typo of "chain"
2019-12-13 07:19:44 -05:00
ac8214dad3
Fix documentation typo of "chain"
...
In the documentation of `SslRef::verified_chain`, we had written
"certificate chani" rather than "certificate chain". In this commit,
we fix the typo.
2019-12-12 22:03:42 +00:00
2fe7462aa9
Fix link
...
Closes #1201
2019-12-12 07:25:29 -05:00
6202626629
fix a typo in the description of `Asn1Time`
2019-12-09 16:23:27 -05:00
9f4c489588
Use d2i_PKCS8_PRIV_KEY_INFO instead of *_bio
2019-12-04 02:02:33 +01:00
fc529b6c81
Pkey::private_key_from_pkcs8 free p8inf
2019-12-03 03:05:05 +01:00
a7fa260331
Support for PKCS#8 unencrypted private key deserialization
2019-12-01 03:02:01 +01:00
454cb6f9bc
Merge pull request #1192 from fengyc/master
...
Add EVP_md_null() and MessageDigest::md_null()
2019-11-23 10:17:07 -05:00
395142f7cf
Update openssl/src/hash.rs
...
Rename MessageDigest::md_null to MessageDigest::null
Co-Authored-By: Steven Fackler <sfackler@gmail.com>
2019-11-23 22:46:32 +08:00
605003eec8
Fix up base64 docs
2019-11-22 15:22:47 -08:00
288b189de0
Add EVP_md_null() and MessageDigest::md_null()
2019-11-22 16:33:15 +08:00
18552f1f1d
Cleanup
2019-11-21 17:10:34 -08:00
b5eafedf17
Merge pull request #1191 from sfackler/fix-seal
...
Fix IV handling in envelope
2019-11-21 20:09:21 -05:00
56335d12fc
Merge pull request #1183 from adamreichold/base64
...
Expose OpenSSL interfaces for base64 coding.
2019-11-21 20:04:18 -05:00
f85d631fcf
Merge pull request #1184 from Atul9/cargo-fmt
...
Format code using 'cargo fmt'
2019-11-21 20:01:39 -05:00
ca5474683a
Fix IV handling in envelope
...
Closes #1190
2019-11-21 16:59:44 -08:00
0fb1e55a98
Allow configuration of EC groups and signature algorithms
...
Closes #1186
2019-11-16 10:54:27 -08:00
784978bad0
Format code using 'cargo fmt'
2019-11-14 21:00:53 +05:30
86db2315d4
Avoid initialization overhead for base64 coding
2019-11-14 10:09:44 +01:00
bcbebbcace
Expose EVP_{Encode,Decode}Block interfaces for base64 coding
2019-11-14 10:06:24 +01:00
34c2b69118
Merge pull request #1180 from PrismaPhonic/master
...
Added clonability for sha hash state. Useful for incremental hashing
2019-11-11 21:01:19 -05:00
5991f425fa
Added unit test to test that new cloning feature works as intended
2019-11-11 16:40:05 -08:00
8fae1115a4
Changed all sha objects to be clonable per PR review suggestion.
2019-11-11 16:31:47 -08:00
258c49a581
Add #[cfg(ossl110)]
2019-11-11 23:03:40 +01:00
6d6429237d
Add EC_GROUP_order_bits
2019-11-11 22:04:14 +01:00
22f029064a
Added clonability for sha hash state. Useful for incremental hashing
2019-11-11 11:09:49 -08:00
80e0dd03ba
Add method to create Asn1Time from time_t value
...
This is mostly just a rework of the earlier work done by @illegalprime
in his PR #673 and credit should go to him.
2019-10-13 23:10:16 +02:00
14a6a98ebf
Add diff method and comparisons to Asn1TimeRef
...
This implements a `diff` method on `Asn1TimeRef` using `ASN1_TIME_diff`
and uses this new method to implement combinations of `PartialEq` and
`PartialOrd` for `Asn1Time` and `Asn1TimeRef`.
This is mostly just a rework of the earlier work done by @illegalprime
in his PR #673 and credit should go to him.
2019-10-13 23:09:12 +02:00
b771738a3a
Fix rustc warnings
...
- Use `..=` for inclusive ranges
- Add the `dyn` keyword for trait objects
- Switch from `ONCE_INIT` to `std::sync::Once::new()`
2019-10-08 08:35:35 -04:00
7ce0835b74
Implement Clone for PKey
2019-10-01 18:45:10 -07:00
79d6d1ff2b
Merge pull request #1153 from sturmsebastian/eddsa
...
Added support for Ed25519 and Ed448 signatures
2019-09-08 20:49:41 -04:00
cf9978bc0e
Ensure Signer::len has documentation
...
Applied conditional compilation to internal helpers
2019-09-08 14:45:06 +02:00
106d613805
Free r and s on ECDSA_SIG before overwriting them in ECDSA_SIG_set0
2019-09-06 10:52:15 +01:00
bdede43afe
Added support for Ed25519 and Ed448 signatures
2019-08-16 11:15:04 +02:00
8d2e9e783d
Hack around an unpatched OpenSSL issue
...
Why backport fixes to your LTS version? Seems like a lot of work, I
guess!
Closes #1133
2019-07-18 22:44:02 -04:00
d598f156a7
Add AES-192 tests in CTR, CFB, and OFB modes
2019-07-07 11:07:20 +08:00
88c5bd81c7
Add AES-192 and OFB mode
2019-07-06 17:11:37 +08:00
a02a962f7d
Expose pem serialize function for DSA private key
...
Expose private_key_to_pem() & private_key_to_pem_passphrase() for DsaRef
2019-06-30 23:35:50 +08:00
850e93ee85
Don't depend on NO_SSL_MASK
2019-06-28 20:07:22 -07:00
d3104955dd
Minimize test duplication
2019-06-28 19:51:52 -07:00
1b3e0c8a15
Add mozilla v5 configurations
...
Closes #1134
2019-06-28 19:42:29 -07:00
aef0517dcf
Expose EC_POINT_dup as EcPoint::to_owned
2019-06-19 21:34:48 +02:00
e8fc907da3
Expose EC_GROUP_get_cofactor as EcGroup::cofactor
2019-06-14 16:41:47 +02:00
390d71f1e5
Expose EC_GROUP_get0_generator as EcGroup::generator
2019-06-13 03:09:45 +02:00
fab6ea4727
Conditionally compile PEM functions for CMS
...
Apparently libressl does not quite support all CMS functions (well, at
least the bindings for CMS are currently compile-time guarded), so CI
checks inside the systest fail during the verification on libressl.
This is an attempt to fix it.
2019-06-12 16:48:16 +02:00
ed966a09ac
Extend CMS unit tests (pem/der conversions)
2019-06-12 10:36:44 +02:00
69ee79d435
Fix formatting in cms `to_der` implementation
2019-06-12 10:24:53 +02:00
124c05d058
Add `CmsContentInfo` <-> PEM bindings
2019-06-12 10:23:48 +02:00
d2e48e8d1f
Add Debug impl for EcKey
2019-06-10 21:57:10 +08:00
1c3f5b5f57
Address comments
2019-06-07 19:32:36 -06:00
b9341856b1
Add AES_wrap_key and AES_unwrap_key functionality
2019-06-05 21:03:34 -06:00
e3ac3f40bf
Display for Error was incorrectly showing func instead of reason.
2019-05-30 15:06:14 -04:00
b39a712076
Fix handling of session callbacks
...
The session context is used for session callbacks rather than the normal
context, which breaks state lookup when the context has been swapped out
(e.g. for SNI). Since there isn't an accessor for the session context,
we just store an extra reference in the SSL's ex data.
Closes #1115
2019-05-18 10:27:40 -07:00
2e37753790
Const-correctness
2019-05-13 19:11:15 +01:00
41fea135ad
Allow passing by non-owned reference
2019-05-13 18:49:09 +01:00
628c3b338a
Add SSL_CTX_add_client_CA on OpenSSL
2019-05-13 15:08:02 +01:00
a9b9f818a1
Merge pull request #1097 from vishwin/master
...
Support LibreSSL 2.9.1
2019-05-08 18:40:18 -07:00
801a236413
Ignore SRTP tests on libressl 2.9.1
...
SRTP is broken in that release!
2019-05-08 18:19:42 -07:00
d2b169dae6
Fix doc link bugs
2019-05-03 07:32:05 -07:00
7ad3208937
Fix output size check for stream ciphers
...
The previous output size check presumed a block cipher. Therefore, it
enforced an unnecessary extra byte in the case of stream ciphers. This
patch ensures that our size checks don't force the caller to
overallocate for stream ciphers.
2019-04-29 17:45:12 -04:00
4121ac34cb
Fix deprecation warnings in tests
2019-04-25 10:03:13 -07:00
d79090a00a
Reconcile exdata and version functions between libraries/versions.
2019-04-24 23:15:56 -04:00
98f91769e3
Add missing any() in the {,D}TLS_method usage logic.
2019-04-24 19:29:01 -04:00
f0b8a2e467
Support LibreSSL 2.9.1
...
LibreSSL 2.9.1 added generic DTLS methods.
While here, bump CircleCI.
2019-04-24 16:08:42 -04:00
2024379f17
Clean up seal/open a bit
2019-04-23 20:21:43 -07:00
f40a328d43
Remove unnecessary version req and clean up param names.
2019-04-18 10:47:50 +02:00
1b5293a977
Address comments.
2019-04-17 20:11:14 +02:00
Steven Fackler