min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,387 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

360 Commits

Author SHA1 Message Date
Steven Fackler ef7721092d SRTP cleanup 2018-08-19 18:50:11 -07:00
Aron Wieck 59c578cf04 Add methods for DTLS/SRTP key handshake 2018-08-14 16:04:33 +02:00
Steven Fackler 1396143c66 Add get_shutdown and set_shutdown 2018-08-08 13:19:55 -07:00
Steven Fackler ee5215bd31 SslSessionRef methods return static strings 
Closes #961
 2018-07-19 20:22:57 -07:00
Steven Fackler 6440ee04ef
Merge pull request #943 from lolzballs/master 
Add wrapper for SSL_CTX_set_psk_server_callback
 2018-06-17 15:47:00 -07:00
Steven Fackler 115cb730b0 Switch to accessors in libressl where possible 
Some accessors are mysteriously still macros so we can't make everything
opaque yet, unfortunately.

cc #909
 2018-06-09 21:49:36 -07:00
Steven Fackler cdc90c7e9d Add SslRef::set_alpn_protos 2018-06-04 20:19:27 -07:00
Steven Fackler 0745d66927 Update to 1.1.1-pre7 
The initial session ticket is now sent as part of SSL_accept, so some
tests need to write a single byte through the stream to make sure that
both ends have fully completed to avoid test flakes.

TLSv1.3 cipher suite control has been extracted from the normal cipher
list into a separate method: SslContextBuilder::set_ciphersuites.
 2018-06-02 13:58:56 -07:00
Benjamin Cheng 5d8a44612d
add test for psk; deprecated set_psk_callback 2018-06-02 13:47:52 -04:00
Benjamin Cheng b1eb1224f5
Merge remote-tracking branch 'origin/master' 2018-06-02 10:56:31 -04:00
Steven Fackler 3456add537 Add SslRef::verified_chain 2018-05-29 21:53:22 -07:00
Steven Fackler 3cd33cdd8b Don't panic on bogus servernames 
Also add a second version of the method to avoid filtering out non-utf8
names.

Closes #930
 2018-05-24 20:22:15 -07:00
Steven Fackler c0876cc8c6 Add bindings to SSL_get_finished and SSL_get_peer_finished 
These are used for the tls-unique SCRAM channel binding mode.
 2018-05-24 20:00:28 -07:00
Steven Fackler c7db3d18ad
Merge pull request #920 from Ralith/max-early-data-accessors 
TLS1.3 early data support
 2018-05-22 20:42:46 -07:00
Benjamin Saunders 2e478fdcf4 Expose early I/O 2018-05-22 20:25:28 -07:00
Steven Fackler 7a7f98a32c
Revert "Move proto version accessors to SslContextRef" 2018-05-20 20:55:20 -07:00
Steven Fackler b976b5fd52 Move proto version accessors to SslContextRef 
Add a Derf impl for SslContextBuilder so existing use still works.
 2018-05-20 20:47:00 -07:00
Steven Fackler 4c1fdf1d81 Support ALPN on libressl 
Closes #690
 2018-05-20 12:52:49 -07:00
Steven Fackler a6fcef01c0 Overhaul openssl cfgs 
Also expose hostname verification on libressl
 2018-05-20 12:33:02 -07:00
Steven Fackler d991566f2b Support min/max version in LibreSSL 
Their implementations of the accessors don't behave expected with no
bounds, so we ignore those bits of the tests.
 2018-05-19 19:57:12 -07:00
Benjamin Saunders 69c75a178b Expose early keying material export 2018-05-17 13:16:41 -07:00
Benjamin Saunders d5d414b16f Expose max TLS1.3 early data accessors 2018-05-17 12:02:32 -07:00
Benjamin Cheng 47a68e2929
Add wrapper for SSL_CTX_set_psk_server_callback 2018-05-16 17:49:36 -04:00
Steven Fackler ff2c7ffefd Merge Ssl impl blocks 2018-05-12 16:50:50 +01:00
Steven Fackler c25b6f3e26 Clean up SSL callbacks 
Also add an Arc to avoid a weird use after free edge case if a callback
changes a callback.
 2018-05-12 15:02:53 +01:00
Steven Fackler 5cfbe7ac6a Disable tests that talk to Google on LibreSSL 2.5.0 
They're flickering, and I'm assuming it's just because that version is
so old.
 2018-05-12 13:59:22 +01:00
Steven Fackler e5d65306e7 Change SslContext callback handling 
Use the existing infrastructure!
 2018-05-12 13:19:01 +01:00
Steven Fackler 7a1b59d605 Fix base version for min/max proto accessors 
Closes #911
 2018-05-09 20:04:43 +01:00
Benjamin Saunders 47431f66bb Expose SslSession <-> DER conversion 2018-04-29 01:54:16 -07:00
Steven Fackler e423da2d12
Merge pull request #858 from Ralith/stateless-api 
Introduce SslStreamBuilder
 2018-03-31 11:28:03 -07:00
Steven Fackler 1bbe1b6a8f Clean up a couple of holdovers from old features 2018-03-29 10:20:18 +02:00
Benjamin Saunders 99fdb2bd0b Introduce SslStreamBuilder 2018-03-28 18:14:48 -07:00
Benjamin Saunders bbb1cb61f6 Update to OpenSSL 1.1.1-pre3 2018-03-28 18:14:44 -07:00
Steven Fackler 7c33346960 Remove version-specific features 
Closes #852
 2018-03-19 00:41:33 -07:00
Benjamin Saunders 09b1fe9a0d Expose additional cipher and digest accessors 2018-03-16 20:33:23 -07:00
Steven Fackler 9f5ef88880 Add a Sync + Send bound to the custom ext type 
It's stored inside of the Ssl, so this is probably tecnically
necessarly?
 2018-03-11 15:36:47 -07:00
Steven Fackler d0329473bd
Merge branch 'master' into custom-extensions 2018-03-11 15:27:28 -07:00
Benjamin Saunders e02dbde2f7 Generic custom extension add fn return type 2018-03-10 22:30:54 -08:00
Steven Fackler 562fe79f4c Add one more set of impls 2018-03-10 08:53:46 -08:00
Benjamin Saunders b0bc1c770e High-level API for OpenSSL 1.1.1 custom extension support 2018-03-09 20:33:49 -08:00
Benjamin Saunders f92de22b8d Add SslOptions::ENABLE_MIDDLEBOX_COMPAT 2018-03-03 14:57:38 -08:00
Steven Fackler b7ba577339 Add min/max protocol version support 2018-02-25 23:20:10 -08:00
Benjamin Saunders e04dbfa3ee Expose cookie generate/verify callback setters 2018-02-25 20:05:15 -08:00
Steven Fackler f72f35e9bd Add RFC 5705 support 2018-02-23 22:04:57 -08:00
Steven Fackler 7e0591a377 Actually add version stuff 2018-02-21 23:25:28 -08:00
Steven Fackler 2daaf3fdea Add some debugging-related bindings 2018-02-17 17:49:49 -08:00
Steven Fackler 90d5f85511 Add SSL_version binding 2018-02-17 13:44:21 -08:00
Steven Fackler 3f5e3f095e Fix session cloning 2018-02-17 10:12:47 -08:00
Steven Fackler e5123d266b Bind remove and get session callbacks 2018-02-16 22:24:34 -08:00
Steven Fackler 4dffa0c33f SSL session callbacks have always been around 2018-02-16 21:31:09 -08:00