min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,691 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

530 Commits

Author SHA1 Message Date
Steven Fackler ad37e7e07d
Merge pull request #1160 from HyeonuPark/set-dtls-mtu 
Add ssl::set_dtls_mtu_size(usize)
 2020-01-13 12:53:23 -05:00
Hyeonu Park 4d5e5e1787 add SslStreamBuilder::set_dtls_mtu_size(usize) 2019-12-29 04:17:00 +09:00
Kent Fredric bba670dc90 Avoid false-failures if underlying network connection errors 
In Air-Gapped or otherwise network-restricted environments,
   TcpStream::connect can spuriously fail due to name resolution
   failure, or just in establishing the socket itself.

In this situation, the test can't give a meaningful result, and this
failure doesn't indicate a problem in the OpenSSL stack.

Bug: https://github.com/sfackler/rust-openssl/issues/1215
 2019-12-27 21:15:39 +13:00
Andrii Radyk fc3c0a93d5 remove deprecated Error::description, replace deprecated cause with source 2019-12-21 23:53:49 +01:00
Steven Fackler 0815ac9b5d
Merge pull request #1208 from Sach1nAgarwal/comment2 
Fix documentation typo of "the"
 2019-12-20 09:14:58 -05:00
Steven Fackler 4cec131f37
Merge pull request #1207 from Sach1nAgarwal/comment1 
In the documentation of SslContextBuilder::set_session_id_context, we…
 2019-12-20 09:14:44 -05:00
Steven Fackler 3ca6974f9e
Merge pull request #1209 from Sach1nAgarwal/comment3 
Fix documentation typo of link
 2019-12-20 09:14:28 -05:00
Sachin agarwal 81cd1736d9 In the documentation of SslContextBuilder::set_cipher_list, we had given 
link of "SSL_get_client_ciphers" rather than "SSL_CTX_set_cipher_list". In this commit,
we fix the typo.
 2019-12-20 08:48:38 +05:30
Sachin agarwal 7599cc5b43 In the documentation of SslContextBuilder::set_certificate, we had written 
"lthe" rather than "the". In this commit,
we fix the typo.
 2019-12-20 08:40:01 +05:30
Sachin agarwal 96c49eee3c In the documentation of SslContextBuilder::set_session_id_context, we had written 
"be be" rather than "be". In this commit,
we fix the typo.
 2019-12-20 08:32:51 +05:30
Steven Fackler 0d8561b58a
Merge pull request #1202 from traviscross/fix-chain-typo 
Fix documentation typo of "chain"
 2019-12-13 07:19:44 -05:00
Travis Cross ac8214dad3 Fix documentation typo of "chain" 
In the documentation of `SslRef::verified_chain`, we had written
"certificate chani" rather than "certificate chain".  In this commit,
we fix the typo.
 2019-12-12 22:03:42 +00:00
Steven Fackler 2fe7462aa9
Fix link 
Closes #1201
 2019-12-12 07:25:29 -05:00
Steven Fackler f85d631fcf
Merge pull request #1184 from Atul9/cargo-fmt 
Format code using 'cargo fmt'
 2019-11-21 20:01:39 -05:00
Steven Fackler 0fb1e55a98 Allow configuration of EC groups and signature algorithms 
Closes #1186
 2019-11-16 10:54:27 -08:00
Atul Bhosale 784978bad0
Format code using 'cargo fmt' 2019-11-14 21:00:53 +05:30
Matt Vertescher b771738a3a Fix rustc warnings 
- Use `..=` for inclusive ranges
- Add the `dyn` keyword for trait objects
- Switch from `ONCE_INIT` to `std::sync::Once::new()`
 2019-10-08 08:35:35 -04:00
Steven Fackler 8d2e9e783d Hack around an unpatched OpenSSL issue 
Why backport fixes to your LTS version? Seems like a lot of work, I
guess!

Closes #1133
 2019-07-18 22:44:02 -04:00
Steven Fackler 850e93ee85 Don't depend on NO_SSL_MASK 2019-06-28 20:07:22 -07:00
Steven Fackler d3104955dd Minimize test duplication 2019-06-28 19:51:52 -07:00
Steven Fackler 1b3e0c8a15 Add mozilla v5 configurations 
Closes #1134
 2019-06-28 19:42:29 -07:00
Steven Fackler b39a712076 Fix handling of session callbacks 
The session context is used for session callbacks rather than the normal
context, which breaks state lookup when the context has been swapped out
(e.g. for SNI). Since there isn't an accessor for the session context,
we just store an extra reference in the SSL's ex data.

Closes #1115
 2019-05-18 10:27:40 -07:00
Andy Caldwell 2e37753790
Const-correctness 2019-05-13 19:11:15 +01:00
Andy Caldwell 41fea135ad
Allow passing by non-owned reference 2019-05-13 18:49:09 +01:00
Andy Caldwell 628c3b338a
Add SSL_CTX_add_client_CA on OpenSSL 2019-05-13 15:08:02 +01:00
Steven Fackler a9b9f818a1
Merge pull request #1097 from vishwin/master 
Support LibreSSL 2.9.1
 2019-05-08 18:40:18 -07:00
Steven Fackler 801a236413 Ignore SRTP tests on libressl 2.9.1 
SRTP is broken in that release!
 2019-05-08 18:19:42 -07:00
Steven Fackler 4121ac34cb Fix deprecation warnings in tests 2019-04-25 10:03:13 -07:00
Charlie Li d79090a00a Reconcile exdata and version functions between libraries/versions. 2019-04-24 23:15:56 -04:00
Charlie Li 98f91769e3 Add missing any() in the {,D}TLS_method usage logic. 2019-04-24 19:29:01 -04:00
Charlie Li f0b8a2e467 Support LibreSSL 2.9.1 
LibreSSL 2.9.1 added generic DTLS methods.

While here, bump CircleCI.
 2019-04-24 16:08:42 -04:00
Steven Fackler 0b1c2a1048 Cleanup ssl tests 2019-03-20 19:34:50 -07:00
Steven Fackler 404670691c Use into for infallible conversions 2019-03-01 12:36:01 -08:00
Steven Fackler 404b7f1790 Add session cache size accessors 2019-03-01 10:07:51 -08:00
Steven Fackler a16482f972 Add session info accessors 2019-02-28 22:08:48 -08:00
Steven Fackler 913267e68a Add SslCtx::{add,remove}_session 2019-02-28 19:48:10 -08:00
Steven Fackler 58ccea26ad Fix cipher_name return value 2019-02-22 12:33:41 -07:00
Steven Fackler 70afbb8393 Add standard ciphername support 2019-02-22 10:33:12 -07:00
Steven Fackler 7eee39f1ec Rustfmt 2019-02-22 10:14:15 -07:00
Steven Fackler 4256cfbf19 Fix some accidentally-public functions 2018-10-18 11:37:36 -07:00
Steven Fackler 5894cdfdc5
Fix get session callback 
This could previously open up the possibility of a double-free!

Closes #996
 2018-09-17 09:30:16 -07:00
Steven Fackler 22231d7547 Support the client hello callback 2018-09-15 13:29:18 -07:00
Steven Fackler 8c6bc774db Support libressl 2.8.0 
Closes #988
 2018-09-12 20:44:22 -07:00
Steven Fackler 947dfbd143 Small cleanup 
Closes #981
 2018-09-02 14:26:27 -07:00
Steven Fackler bc4e47a321 Fix lookup errors with SNI callback. 
The job of an SNI callback is typically to swap out the context
associated with an SSL depending on the domain the client is trying to
talk to. Typically, only the callbacks associated with the current
context are used, but this is not the case for the SNI callback.

If SNI is run for a second time on a connection (i.e. in a
renegotiation) and the context was replaced with one that didn't itself
register an SNI callback, the old callback would run but wouldn't be
able to find its state in the context's ex data. To work around this, we
pass the pointer to the callback data directly to the callback to make
sure it's always available. It still lives in ex data to handle the
lifetime management.

Closes #979
 2018-08-31 20:23:55 -07:00
Steven Fackler 2df87cfd59 Fix doc reference 2018-08-19 20:19:10 -07:00
Steven Fackler ef7721092d SRTP cleanup 2018-08-19 18:50:11 -07:00
Aron Wieck 59c578cf04 Add methods for DTLS/SRTP key handshake 2018-08-14 16:04:33 +02:00
Steven Fackler 1396143c66 Add get_shutdown and set_shutdown 2018-08-08 13:19:55 -07:00
Alex Crichton 71ee9439ca Support builds of OpenSSL from vendored source (take 2) 
This is a revival of #684 to see if I can help push it across the finish line!

Closes #580
 2018-07-30 15:15:24 -07:00