min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,152 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

2152 Commits

Author SHA1 Message Date
Bastian Köcher a5d7f8a718 Moves store context init into its own function 2018-03-10 00:15:03 +01:00
Bastian Köcher 1a0b085377 Extends the test to verify the certificate two times 2018-03-08 12:10:29 +01:00
Bastian Köcher 810ddeb4ca Moves `cleanup` into its own function 2018-03-08 12:08:39 +01:00
Bastian Köcher 888f4ccaab Fixes the implementation of `X509StoreContextRef::verify_cert` 
The certificate, the store and the certificates chain does not need to be
consumed by `verify_cert` and instead are taken as references. We also call
`X509_STORE_CTX_cleanup`, after the verification succeeded.
 2018-03-07 16:07:57 +01:00
Benjamin Fry 53adf0e6a4 delay return until after forgets 2018-03-07 13:54:35 +01:00
Benjamin Fry 6abac82f13 cleanup and add negative test 2018-03-07 13:54:35 +01:00
Benjamin Fry a1cfde765a add cleanup ffi to store context 2018-03-07 13:54:15 +01:00
Benjamin Fry 3187366cc5 restructure to self contained function 2018-03-07 13:53:29 +01:00
Steven Fackler 2251a6f2b6 Little tweaks 2018-03-07 13:51:58 +01:00
Benjamin Fry d8a11973e2 convert to raw pass-through methods 2018-03-07 13:51:58 +01:00
Benjamin Fry 910386027d add comment about consuming self in verify_cert 2018-03-07 13:50:12 +01:00
Benjamin Fry 35cad33d51 fix error check 2018-03-07 13:50:12 +01:00
Benjamin Fry 847fac25f8 properly version library functions 2018-03-07 13:48:09 +01:00
Benjamin Fry 3595ff9e51 Fix memory mgmt 2018-03-07 13:42:39 +01:00
Benjamin Fry eb6296e892 add verify_cert and store_context_builder 2018-03-07 13:41:44 +01:00
Steven Fackler f645165ee2 Remove the x509 module-level example 
The example generated a bogus certificate that was missing a serial
number, a validity range, etc.

Generating a correct x509 certificate is complex enough that doing it
correctly is too long to be a reasonable doc example. There's already
a more complete example in the examples directory that handles things
more correctly.

Closes #859
 2018-03-05 19:25:01 -08:00
Steven Fackler 5760ded1ce
Merge pull request #857 from Ralith/middlebox-compat 
Add SslOptions::ENABLE_MIDDLEBOX_COMPAT
 2018-03-03 15:06:47 -08:00
Benjamin Saunders f92de22b8d Add SslOptions::ENABLE_MIDDLEBOX_COMPAT 2018-03-03 14:57:38 -08:00
Steven Fackler b6985c7e8d Release openssl v0.10.5 2018-02-28 14:33:04 -08:00
Steven Fackler aa9addf532 Release openssl-sys 0.9.27 2018-02-28 14:31:23 -08:00
Steven Fackler 7fcd1ba96d Update changelog 2018-02-28 14:23:44 -08:00
Steven Fackler 65e124055c
Merge pull request #854 from sfackler/error-description 
Always include something in ErrorStack's Display
 2018-02-27 17:30:48 -08:00
Steven Fackler 85d8db21d2 Always include something in ErrorStack's Display 
The error stack can be empty after a some kinds of errors (AEAD
validation failure in Crypter is one example), and we don't want to
display as an empty string in that case.
 2018-02-27 15:56:23 -08:00
Steven Fackler 42ec251b55
Merge pull request #853 from sfackler/min-max-version 
Add min/max protocol version support
 2018-02-26 11:39:31 -08:00
Steven Fackler b7ba577339 Add min/max protocol version support 2018-02-25 23:20:10 -08:00
Steven Fackler d5dd6575c1 Restore error stack in cookie callback 2018-02-25 22:11:08 -08:00
Steven Fackler b94b0f67c5
Merge pull request #835 from Ralith/stateless 
[WIP] Expose bindings needed for TLS1.3 stateless handshakes
 2018-02-25 22:10:17 -08:00
Benjamin Saunders e04dbfa3ee Expose cookie generate/verify callback setters 2018-02-25 20:05:15 -08:00
Benjamin Saunders e06a209e72 Expose FFI bindings needed for SSL_stateless 2018-02-25 19:58:49 -08:00
Steven Fackler cebfbd9a25
Merge pull request #850 from sfackler/put-error 
Add the ability to push errors back onto the error stack.
 2018-02-24 20:58:07 -08:00
Steven Fackler 5fd23d38d5 Add the ability to push errors back onto the error stack. 2018-02-24 20:46:03 -08:00
Steven Fackler 6a5845c875
Merge pull request #849 from sfackler/key-export 
Add RFC 5705 support
 2018-02-24 14:15:11 -08:00
Steven Fackler f72f35e9bd Add RFC 5705 support 2018-02-23 22:04:57 -08:00
Steven Fackler c1a106fc68
Merge pull request #847 from sfackler/version2 
Actually add version stuff
 2018-02-21 23:30:33 -08:00
Steven Fackler 7e0591a377 Actually add version stuff 2018-02-21 23:25:28 -08:00
Steven Fackler 950c39c2e6
Merge pull request #840 from olehermanse/master 
Add des_ede3_cbc cipher and more tests/examples
 2018-02-21 23:03:33 -08:00
Steven Fackler 38470bd351
Merge pull request #846 from sfackler/client-cipher-update 
Update SslConnector cipher list
 2018-02-21 19:56:46 -08:00
Steven Fackler 15048f4c02 Inline connector constants 2018-02-21 19:41:06 -08:00
Steven Fackler 6977e9e89f Don't special case 1.0.1 
It appears that 1.0.1's defaults are actually okay.
 2018-02-21 18:44:04 -08:00
Ole Herman Schumacher Elgesem 7e02c09861
Added example/test in symm.rs for encrypting a private key with a symmetric cipher 
Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
 2018-02-21 13:16:04 +01:00
Steven Fackler 7192a5291f Update SslConnector cipher list 
Based off of python/cpython#3532, we use OpenSSL's default cipher list
and turn of things we don't like. This can't be used with 1.0.1,
however, which had a poor default set. There, we use the old defaults,
with the bits that aren't implemented in 1.0.1 removed (namely TLSv1.3
suites and ChaCha).
 2018-02-20 22:27:54 -08:00
Steven Fackler 69a91815b8 Release openssl v0.10.4 2018-02-18 10:50:13 -08:00
Steven Fackler 402d81bb72 Release openssl-sys 0.9.26 2018-02-18 10:48:08 -08:00
Steven Fackler 78aed77cf3 Update changelog 2018-02-18 10:15:00 -08:00
Steven Fackler 9693c7ccf8
Merge pull request #845 from sfackler/ssl-version 
Ssl version
 2018-02-17 17:54:46 -08:00
Steven Fackler 2daaf3fdea Add some debugging-related bindings 2018-02-17 17:49:49 -08:00
Steven Fackler 90d5f85511 Add SSL_version binding 2018-02-17 13:44:21 -08:00
Steven Fackler 8f8895697d
Merge pull request #844 from sfackler/fix-session-clone 
Fix session cloning
 2018-02-17 10:20:07 -08:00
Steven Fackler 3f5e3f095e Fix session cloning 2018-02-17 10:12:47 -08:00
Steven Fackler b1e7bf4d54
Merge pull request #843 from sfackler/session-callback-2 
Session callback 2
 2018-02-16 22:37:14 -08:00