9ee6f1c578
IT LIVES
2015-12-09 21:43:02 -08:00
4d883d488e
Custom BIO infrastructure
2015-12-08 23:02:38 -08:00
8cc69267fd
Bump openssl version for travis
2015-12-07 19:03:29 -08:00
f54af75eb7
Cast correctly c_char raw pointers (fixes build on ARM #314 )
2015-11-30 21:06:54 +01:00
fce7cf4d36
Release v0.7.1
2015-11-28 16:14:58 -08:00
6bb3d8f1b5
Implement try_clone for MaybeSslStream
...
Closes #308
2015-11-20 21:33:36 -08:00
38b3b4a11e
Fixed a typo in a comment.
2015-11-19 19:52:26 -05:00
3c6c4a7b3d
Fix a leak when using `EVP_PKEY_get1_RSA`.
...
`EVP_PKEY_get1_RSA` returns a RSA structure with its reference count
increased by 1 and therefore we need to call `RSA_free` after finishing
using that value.
2015-11-18 11:36:34 +08:00
82547f53d7
Release v0.7.0
2015-11-16 21:10:50 -08:00
1bc96a5b3d
Remove deprecated X509 methods
2015-11-16 20:56:02 -08:00
f36f610d07
Move HMAC_CTX_copy to sys-extras
2015-11-16 20:16:01 -08:00
a8a10e64ad
Split stuff requiring a shim out to a separate crate
2015-11-16 20:16:01 -08:00
8139fadbff
Bump ws2_32-sys version
2015-11-16 20:16:01 -08:00
309b6d9f46
Switch to libc 0.2
2015-11-16 20:16:01 -08:00
03e4908c13
Move SSL methods to Ssl object, add getter
2015-11-16 20:16:01 -08:00
fae44250f6
Fix feature gated sslv3
2015-11-16 20:16:01 -08:00
be2cbabdb7
Revert "Revert "Merge pull request #280 from ltratt/libressl_build""
...
This reverts commit ae3d0e36d7
2015-11-16 20:16:01 -08:00
b0cb0f7c40
Revert "Use AsRef for backwards compatibility with passing IV as Vec"
...
This reverts commit d2d20a8377
2015-11-16 20:16:01 -08:00
65e1d08dd3
Merge pull request #300 from thommay/pkey_private_encrypt
...
Provide public_decrypt, private_encrypt for PKEY
2015-11-16 23:16:04 -05:00
776852ff2b
Travis without sudo
2015-11-08 23:16:42 -08:00
11e3b1b563
Provide public_decrypt, private_encrypt for PKEY
2015-10-28 18:15:55 +00:00
1e7ff1d8a8
Better debug impls
2015-10-26 21:43:52 -07:00
c895b9f09f
Get nonblocking tests working on OSX/Windows
2015-10-22 08:45:29 -07:00
c37767df8f
Nonblocking streams support.
2015-10-20 23:14:26 -07:00
f318a2c84c
Release v0.6.7
2015-10-14 22:25:35 -04:00
ae3d0e36d7
Revert "Merge pull request #280 from ltratt/libressl_build"
...
This reverts commit aad933e50760ee731408
2015-10-14 21:51:32 -04:00
8f5b67fed4
Merge pull request #286 from jedisct1/use_certificate_chain
...
Add set_certificate_chain_file()
2015-10-13 09:26:18 -04:00
81bc1edb61
Merge pull request #284 from bheart/cfb-mode
...
AES CFB-mode feature
2015-10-12 21:18:27 -04:00
a28253ee7d
Add set_certificate_chain_file()
...
SSL_CTX_use_certificate_chain_file() is preferred over
SSL_CTX_use_certificate_file().
It allows the use of complete certificate chains instead of loading
only the first certificate in a PEM file.
2015-10-12 20:54:00 +02:00
acbcb49414
AES CFB{1,8,128} mode support
2015-10-11 20:09:36 +02:00
aad933e507
Merge pull request #280 from ltratt/libressl_build
...
Fix build on LibreSSL.
2015-10-10 21:56:20 -04:00
60ee731408
Merge pull request #277 from nixpulvis/read_public_pem
...
Add public key PEM read function.
2015-10-10 21:55:37 -04:00
677ed6ad1b
Release v0.6.6
2015-10-05 22:34:32 +01:00
d7342a09a7
Fix build on LibreSSL.
...
LibreSSL has deprecated SSLv3_method, so this commit makes that a compile-time
feature.
It also removes a test referencing SSL_OP_CISCO_ANYCONNECT, as the LibreSSL
header says it is amongst "Obsolete flags kept for compatibility. No sane code
should use them."
2015-10-03 17:25:38 +00:59
df93e5e90b
Update documentation about SSLv23
...
In OpenSSL world, the SSLv23 option is a poorly name method that will
negotiate what version of TLS or SSL to use. It starts with the best
version the library supports and then precedes to keep trying all the
way down to SSL 2.0.
2015-10-02 16:22:11 -05:00
ffa9d330fd
Add public key PEM read function.
2015-10-01 20:33:12 -04:00
ccc6d07da3
Add an ecdh_auto description
2015-09-25 15:23:52 +02:00
28320a65a7
Add SSL::set_ecdh_auto()
...
This sets automatic curve selection and enables ECDH support.
Requires LibreSSL or OpenSSL >= 1.0.2, so behind a feature gate.
2015-09-25 13:15:37 +02:00
a91b6bf3bd
Enable testing on Windows via AppVeyor
...
This abolishes the test.sh script which spawns a bunch of `openssl` instances to
instead run/manage the binary in-process (providing more isolation to boot). The
tests have been updated accordingly and the `connected_socket` dependency was
also dropped in favor of `net2` as it the former doesn't work on Windows.
2015-09-22 17:37:21 -07:00
b1b76f7913
Merge pull request #266 from jmesmon/alpn
...
ssl/npn+alpn: adjust protocol selection to fail if no protocols match
2015-09-16 11:51:45 -07:00
4c28eb706e
ssl/alpn: test mismatch between protocols resulting in None
2015-09-16 13:35:12 -04:00
1c3f04138f
Merge pull request #261 from jedisct1/try_ssl_null
...
Use try_ssl_null!() when relevant
2015-09-16 01:13:24 -04:00
6a2b4402e9
Use try_ssl_null!() when relevant
2015-09-13 12:45:05 +02:00
6666a1818a
Add DH::from_pem() to load DH parameters from a file
2015-09-13 12:44:50 +02:00
f4bf55faa3
Merge pull request #270 from mvdnes/crypto_segv
...
Check if public/private RSA key is properly loaded
2015-09-11 11:31:15 -04:00
87d5c0e429
Fix one call to RSA_size found by tests
2015-09-11 09:24:24 +02:00
3be32528e5
Add tests to ensure a panic occurs instead of segv
2015-09-11 09:23:51 +02:00
0eb2f0ecfa
Check rsa.is_null() before passing it to RSA_size
...
RSA_size will cause an segmentation fault if it is null
2015-09-10 13:04:25 +02:00
02b109bf04
Check _fromstr function for success
2015-09-10 12:58:40 +02:00
4781a3304a
Make the docs say that load_pub/save_pub methods take DER bytes
2015-09-09 19:58:45 -04:00
Steven Fackler