min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,412 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

633 Commits

Author SHA1 Message Date
Steven Fackler 06065ddcee Release v0.9.7 2017-02-11 14:34:37 -08:00
Steven Fackler 980a71a008 Fix for libressl 2017-02-11 10:42:25 -08:00
Steven Fackler f2c69ae7e9 Merge remote-tracking branch 'origin/master' into x509-builder 2017-02-11 10:13:00 -08:00
Steven Fackler 1c25336520 Merge branch 'master' into x509_req_version_subject 2017-02-11 09:11:25 -08:00
Steven Fackler 03fe3015dc X509 signature algorithm access 2017-02-10 21:37:33 -08:00
Steven Fackler 8e5735d84c X509 signature access 2017-02-10 19:59:11 -08:00
Steven Fackler a1d7956f82 Add Asn1BitString 2017-02-10 19:38:51 -08:00
mredlek 30a634c877 Merge branch 'master' into x509_req_version_subject 2017-02-07 20:41:27 +01:00
Steven Fackler 5e3dd07ee4 Clean up pkg-config logic 
Now that we're letting the C compiler track down headers this is no
longer necessary.
 2017-02-03 20:17:22 -08:00
Brian Chin 4900d3fe5d Fixed constant names from openssl/rsa.h 
Fixed PKeyCtxRef method that didn't need to be mutable.

Added non-mutable accessors for PKeyCtxRef for Signer and Verifier.
 2017-01-31 11:59:59 -08:00
Brian Chin 302ee77d32 Adding suggestions from review. 2017-01-30 16:51:10 -08:00
Brian Chin 20eed1e762 Simplify code, so that openssl-sys really doesn't contain anything aside 
from bindings
 2017-01-30 15:04:44 -08:00
Brian Chin 588fd33552 Testing first version that works with signer. 2017-01-30 15:04:44 -08:00
Brian Chin ddc0066211 Add the necessary constants to access the pkey ctx stuff. 2017-01-30 15:04:44 -08:00
Steven Fackler 0598561f0e Macro-expand OpenSSL headers for feature checks 
Closes #564
 2017-01-28 20:22:18 -08:00
mredlek f5149eac5a Add setters to new getter-functions in X509ReqRef 2017-01-27 20:55:40 +01:00
mredlek 6a8f6f425f Style changes according to review 2017-01-27 19:13:36 +01:00
mredlek 557b936e27 Added X509ReqRef.subject_name and X509ReqRef.version 2017-01-26 21:05:33 +01:00
Steven Fackler 01e4667175 Make sure to not add system dirs to linkage 
cc #447
 2017-01-24 21:31:41 +01:00
Benjamin Fry 591022a7fa fix multi-version compat 2017-01-23 22:12:11 -08:00
Benjamin Fry 540387d5ee fix ptr types 2017-01-22 22:43:27 -08:00
Benjamin Fry 225552b823 Merge branch 'master' of github.com:sfackler/rust-openssl 2017-01-22 22:24:45 -08:00
Benjamin Fry fbfecd63ae add some documentation 2017-01-22 22:23:21 -08:00
Benjamin Fry 52c7868bb6 add pkcs12_create and to_der funcs 2017-01-22 21:27:31 -08:00
Steven Fackler 722bdb6a4c Merge pull request #550 from Keruspe/master 
LibreSSL support improvements
 2017-01-22 18:39:34 +00:00
Steven Fackler 54900976bb Support EC_GROUP_set_asn1_flag 
Closes #561
 2017-01-22 10:44:59 +00:00
Steven Fackler 26e159a5f0 Support chacha20 and chacha20_poly1305 2017-01-21 11:12:02 +00:00
Steven Fackler d353b36681 Support AES IGE 
This is a special snowflake used only by Telegram apparently.

Closes #523
 2017-01-21 09:41:13 +00:00
Steven Fackler a1122197f8 Add categories 
Closes #557
 2017-01-20 16:35:43 +00:00
Steven Fackler 920ab0d6fb OCSP functionality 2017-01-14 21:09:38 -08:00
Steven Fackler 9942643ab6 Release v0.9.6 2017-01-09 20:52:20 -08:00
Steven Fackler 192c08cdee Adjust minimum pkg-config version 
Closes #551
 2017-01-07 13:13:53 -08:00
Marc-Antoine Perennou 524e8e3c5a libressl: mark unavailable flags as such 
These flags are not available in libressl (at least for version 2.4.4 which is the last stable version)

Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
 2017-01-05 16:15:25 +01:00
Steven Fackler c6ea4f3e2a Fix time type 2017-01-04 23:04:26 -08:00
Steven Fackler 404e0341d8 Provide master key access 2017-01-04 22:01:30 -08:00
Steven Fackler 5d53405597 Provide access to the session ID 2017-01-04 21:11:06 -08:00
Steven Fackler 1ffe574298 Add SSL_SESSION functions 2017-01-04 20:57:50 -08:00
Steven Fackler 336175990c Add SSL_SESSION 2017-01-04 20:54:53 -08:00
Steven Fackler cdf388e3f4 Release v0.9.5 2017-01-03 16:09:24 -08:00
Steven Fackler 6291407b17 Add X509::stack_from_pem 
Implementation is a clone of SSL_CTX_use_certificate_chain_file
 2017-01-03 14:56:00 -08:00
Tomasz Drwięga d9e3d6ea21 Improving missing OpenSSL message on Linux 2017-01-03 11:56:32 +01:00
Josh Triplett 9ff3ce4687 Use metadeps to specify pkg-config dependencies declaratively 
This makes it easier for distribution packaging tools to generate
appropriate package dependencies.
 2016-12-24 02:38:51 -08:00
Steven Fackler 762510a5fa Release v0.9.4 2016-12-23 13:38:52 -05:00
Steven Fackler 7e035a7fd1 Merge pull request #538 from semarie/libressl 
Add LibreSSL support
 2016-12-22 11:59:19 -05:00
Sébastien Marie b3526cbd2b Add LibreSSL 2.5.0 support 2016-12-21 09:27:12 +01:00
Sébastien Marie 53c470c71a duplicate ossl10x.rs to libressl.rs 2016-12-21 08:39:25 +01:00
Steven Fackler 3cfcf13880 Merge branch 'master' of github.com:sfackler/rust-openssl 2016-12-20 14:30:56 -08:00
Aidan Hobson Sayers b090804227 Allow OPENSSL_{LIB,INCLUDE}_DIR to override OPENSSL_DIR 2016-12-12 17:51:35 +00:00
Steven Fackler 791f2c8f4d Release v0.9.3 2016-12-09 21:54:06 -08:00
Steven Fackler 26cefe7d97 Switch to docs.rs for docs 2016-12-09 21:52:43 -08:00
0xa 0850f605b1 Use EVP_bf_cfb64 instead of EVP_bf_cfb 2016-12-09 18:42:10 +00:00
0xa 0081665339 Add Blowfish support 2016-12-09 17:06:15 +00:00
Steven Fackler 0602712bf4 Release v0.9.2 2016-11-27 22:23:32 -08:00
Steven Fackler e929e09216 Add EcPoint::invert 2016-11-14 22:02:47 +01:00
Steven Fackler e9e58b27dc Remove EC_METHOD functions 
Some appear not to be defined anywhere and they're not used anyway
 2016-11-13 22:14:10 +00:00
Steven Fackler 82eb3c4f51 Add EcKey::check_key 2016-11-13 22:10:52 +00:00
Steven Fackler 35f11d555e More functionality 2016-11-13 22:06:18 +00:00
Steven Fackler 1a52649516 More functionality 2016-11-13 20:46:01 +00:00
Steven Fackler b2de36049a Add Some more elliptic curve functionality 2016-11-13 20:19:38 +00:00
Steven Fackler 48c0009418 Macroise from_der 2016-11-13 17:06:50 +00:00
Steven Fackler b0415f466c Macroise to_der 2016-11-13 16:52:19 +00:00
Steven Fackler 387e78257b Support serialization of encrypted private keys 
Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs
nonstandard PEM when encrypting.
 2016-11-13 16:09:52 +00:00
Steven Fackler 08e0c4ca90 Some serialization support for EcKey 2016-11-13 15:02:38 +00:00
Steven Fackler 796d7b4deb Add constructors for various standard primes 2016-11-12 14:20:43 +00:00
Steven Fackler 96d24c8957 Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto} 2016-11-12 13:45:54 +00:00
Steven Fackler 563754fb08 Add SslContextBuilder::set_tmp_{ec,}dh_callback 2016-11-12 12:43:44 +00:00
Steven Fackler 9b5c62b053 Add PKey::bits 2016-11-12 11:00:15 +00:00
Steven Fackler 7c9afd8c99 Fix function signature 2016-11-12 10:29:31 +00:00
Steven Fackler 26a3358a2b Add basic X509_STORE access 
There's more to do here, but this enabled addition of trusted CAs from
X509 objects.

Closes #394
 2016-11-12 00:24:12 +00:00
Steven Fackler 6b7279eb52 Consistently support both PEM and DER encodings 
Closes #500
 2016-11-11 20:10:10 +00:00
Steven Fackler 15490a43e3 Add EcKey <-> PKey conversions 
Closes #499
 2016-11-11 19:17:38 +00:00
Steven Fackler 32cbed0782 PKey <-> DH conversions 
Closes #498
 2016-11-11 19:04:54 +00:00
Steven Fackler 609a09ebb9 Add PKey::dsa 
Closes #501
 2016-11-11 18:52:37 +00:00
Steven Fackler 0d2d4865e5 Release v0.9.1 2016-11-11 16:45:22 +00:00
Steven Fackler 203a02c3e6 Actually support AES GCM 
This is an AEAD cipher, so we need some extra functionality. As another
bonus, we no longer panic if provided an IV with a different length than
the cipher's default.
 2016-11-08 20:35:21 +00:00
Steven Fackler d78acc729b Add an X509ReqBuilder 2016-11-07 20:42:43 +00:00
Steven Fackler 597d05b8f8 Add stack creation and push 2016-11-06 23:46:42 -08:00
Steven Fackler 5f18ffa4b3 Start of extension support 2016-11-06 21:58:43 -08:00
Steven Fackler 1939e6fd78 Add conf module 2016-11-06 14:49:26 -08:00
Steven Fackler b83edbad0d Start on an X509Builder 2016-11-06 14:07:34 -08:00
Steven Fackler 1edb6f682e Support client CA advertisement 2016-11-06 12:17:14 -08:00
Steven Fackler a4e0581e4f Fix build on 1.0.1 2016-11-06 11:57:50 -08:00
Steven Fackler bcb7b3f5dc Add accessors for cert and private key 
Closes #340
 2016-11-06 10:46:38 -08:00
Alex Crichton c2bf8acad8 Provide a tailored error message on Linux 
I just ran into a case where I installed OpenSSL in a docker container but I
forgot to install pkg-config. Right now openssl-sys relies on pkg-config, so
print out a nice error about this.
 2016-11-05 22:55:25 -07:00
Steven Fackler 72ac2a0105 Release v0.9.0 2016-11-05 20:05:50 -07:00
Steven Fackler fb9420fc91 Always dump openssl confs 2016-11-04 21:15:07 -07:00
Steven Fackler 91fd58b4c2 More buildscript tweaks 2016-11-04 21:10:49 -07:00
Steven Fackler 9198bcda3a Improve buildscript logic 2016-11-04 21:08:34 -07:00
Steven Fackler 62a9f89fce Avoid lhash weirdness 2016-11-03 20:38:51 -07:00
Steven Fackler 7f308aa5e1 Fix signature 2016-11-02 08:26:18 -07:00
Steven Fackler aa0040125b Use built in DH parameters when available 
Fall back to a hardcoded PEM blob on 1.0.1, but serialized from
DH_get_2048_256.
 2016-11-01 22:50:22 -07:00
Steven Fackler 176348630a Don't clear BigNums in destructor 
Instead add a clear method.
 2016-11-01 21:59:07 -07:00
Steven Fackler 343ce159ec Fix stack signatures 2016-11-01 19:51:55 -07:00
Steven Fackler c776534ad4 Clean up stack 2016-11-01 19:25:40 -07:00
Steven Fackler 77b76ed8a8 Merge pull request #506 from simias/stack 
Implemented a generic Stack API and use it to deal with StackOf(X509) and StackOf(GENERAL_NAME)
 2016-11-01 18:59:35 -07:00
Lionel Flandrin 8d0090faec Implement X509StoreContextRef::get_chain 2016-11-01 21:23:18 +01:00
Lionel Flandrin 3bdefa987a Implement a generic Stack API to deal with OpenSSL stacks 2016-11-01 21:23:13 +01:00
Lionel Flandrin 9ea27c12b9 Add method to encode a public key as a DER blob 2016-11-01 17:34:21 +01:00
Steven Fackler dc4098bdd8 Clean up x509 name entries 2016-10-31 22:43:05 -07:00
Steven Fackler cd7fa9fca2 Update x509 2016-10-31 20:54:34 -07:00
Steven Fackler 16e398e005 Update verify 2016-10-31 20:19:59 -07:00
Steven Fackler 558124b755 Expose SSL_MODEs 2016-10-30 22:02:26 -07:00
Steven Fackler 677718f8da Configure ECDH parameters in connector 2016-10-30 13:38:09 -07:00
Steven Fackler 8c58ecc2fa Implement EcKey 
cc #499
 2016-10-30 13:17:20 -07:00
Steven Fackler 781417d50f Add a macro definition 2016-10-27 19:12:55 -07:00
Steven Fackler bea53bb39b Support AES GCM 
Closes #326
 2016-10-25 20:59:33 -07:00
Steven Fackler 39279455c8 Add a shutdown method 2016-10-25 20:40:18 -07:00
Steven Fackler 04fc853ee3 Remove NIDs only defined in 1.0.2+ 2016-10-23 09:16:20 -07:00
Steven Fackler 2fd201d9c3 De-enumify Nid 2016-10-22 10:08:32 -07:00
Steven Fackler 5ab037f056 Allow the X509 verify error to be read from an SslRef 2016-10-18 22:21:06 -07:00
Steven Fackler cfd5192a7d De-enumify X509ValidationError 
Also make it an Error.

Closes #352.
 2016-10-18 22:10:37 -07:00
Steven Fackler c4459c37d9 Callback cleanup 2016-10-18 21:13:13 -07:00
Steven Fackler 6609a81685 Migrate DSA sign/verify to EVP APIs 2016-10-15 15:02:02 -07:00
Steven Fackler 228b8fbc5b Correctly bind BIO_new_mem_buf 2016-10-15 13:39:47 -07:00
Steven Fackler bb23b33829 Fix signature of EVP_DigestVerifyFinal on 1.0.1 2016-10-15 12:24:20 -07:00
Steven Fackler 6ae472487f Support HMAC PKeys and remove hmac module 2016-10-15 11:06:11 -07:00
Steven Fackler b564cb5db7 Add digest signature methods 2016-10-15 09:48:34 -07:00
Steven Fackler 64b8e5e553 Merge pull request #471 from sfackler/no-comp 
Handle OPENSSL_NO_COMP
 2016-10-14 23:09:11 -07:00
Steven Fackler ba997c590e Prefer 1.1 when looking for Homebrew installs 2016-10-14 22:55:44 -07:00
Steven Fackler 7ac0599638 Fix test_alpn_server_select_none 
In OpenSSL 1.1, a failure to negotiate a protocol is a fatal error, so
fork that test. This also popped up an issue where we assumed all errors
had library, function, and reason strings which is not necessarily the
case.

While we're in here, adjust the Display impl to match what OpenSSL
prints out.

Closes #465
 2016-10-14 22:01:21 -07:00
Steven Fackler f520aa2860 Handle OPENSSL_NO_COMP 
Closes #459
 2016-10-14 20:50:45 -07:00
Steven Fackler d7a433bdef Respect osslconf in systest 
Also cfg off SSLv3_method, since it's disabled in the OpenSSL that ships
with Arch Linux. More such flags can be added on demand - it doesn't
seem worth auditing everything for them.
 2016-10-14 19:16:08 -07:00
Steven Fackler d976b8f595 Enable hostname verification on 1.0.2 2016-10-14 18:56:15 -07:00
Steven Fackler af51b263b1 Support hostname verification 
Closes #206
 2016-10-14 17:39:31 -07:00
Steven Fackler ae282a78e2 Remove link_name usage 2016-10-14 16:15:50 -07:00
Steven Fackler b610e01793 Flag off dtls and mask ssl_ops 
Also un-feature gate npn as it ships with 1.0.1
 2016-10-13 19:06:53 -07:00
Steven Fackler af3e06d3e8 Add remaining SSL_OP constants 2016-10-12 22:50:08 -07:00
Alex Crichton 43c951f743 Add support for OpenSSL 1.1.0 
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:

* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
  crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
  OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
  * Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
  * Better error messages for mismatched versions.
  * Better error messages for failing to find OpenSSL on a platform (more can be
    done here)
  * Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
    crate.
* Many Cargo features have been removed as they're now enabled by default.

As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!

Closes #452
 2016-10-12 22:49:55 -07:00
manuels 44ed665f02 Add RAND_status() 
RAND_status() returns 1 if the PRNG has been seeded with enough data, 0 otherwise.
 2016-10-01 13:42:13 +02:00
manuels 4cc55b65e0 Add RSA_*_PADDING constants 2016-10-01 13:39:33 +02:00
Steven Fackler 4718a88e04 Release openssl-sys v0.7.17, openssl v0.8.2 2016-08-18 12:59:22 -07:00
Steven Fackler cd69343d67 Fix SslContext::add_extra_chain_cert 
SSL_CTX_add_extra_chain_cert assumes ownership of the certificate, so
the method really needs to take an X509 by value. Work around this by
manually cloning the cert.

This method has been around for over a year but I'm guessing nobody
actually used it since it produces a nice double free into segfault!
 2016-08-17 19:30:57 -07:00
David Weinstein 96b1ef829c Add `"x509_expiry"` feature flag 
- fix return of `ASN1_TIME_print`
- assert on null `date`
 2016-08-17 01:23:54 -04:00
David Weinstein f9cd4bff1f Progress on asn1 expiry 
- Use MemBio and implement `Display` for Asn1Time

- Tweak doc for asn1 `not_before`, `not_after`
 2016-08-17 01:23:54 -04:00
Steven Fackler 629f638f08 Release openssl-sys v0.7.16, openssl v0.8.1 2016-08-15 18:44:57 -07:00
Steven Fackler 912f7499cd Initialize algorithms in init 
Required to deserialize PKCS12 on 0.9.8, looks like
 2016-08-14 12:51:33 -07:00
Steven Fackler e5299fd7c9 Fix memory leak in general name stack 2016-08-14 11:16:53 -07:00
Steven Fackler 6b12a0cdde PKCS #12 support 2016-08-14 11:11:26 -07:00
Steven Fackler 773a6f0735 Start on PKCS #12 support 2016-08-14 10:11:38 -07:00
Steven Fackler 2e8f19ca2f Release openssl-sys v0.7.15, openssl v0.8.0 2016-08-11 21:00:43 -07:00
Steven Fackler 207d8e6b30 Undelete bogus extern declaration 
Old rust-openssl versions rely on it being there
 2016-08-10 22:16:58 -07:00
Steven Fackler 0cc863e857 Use new target syntax for windows stuff 2016-08-10 22:13:17 -07:00
Steven Fackler 35c79d1768 Fix build 2016-08-09 23:13:56 -07:00
Steven Fackler 67b5b4d814 Make hmac support optional and remove openssl-sys-extras 
rust-openssl no longer requires headers for the default feature set.
 2016-08-09 22:52:12 -07:00
Steven Fackler a8224d199b symm reform 2016-08-08 23:10:03 -07:00
Steven Fackler 522447378e Copy over getter macros 2016-08-08 20:37:48 -07:00
Steven Fackler bf07dd9a4e Remove symm_internal 2016-08-08 20:26:04 -07:00
Steven Fackler 6b1016c86e Add PKey::from_rsa 2016-08-07 22:56:44 -07:00
Steven Fackler 2a3e9a2856 Add RSA::generate 2016-08-07 22:35:37 -07:00
Steven Fackler 7855f428aa PKey reform 
This deletes the vast majority of PKey's API, since it was weirdly tied
to RSA and super broken.
 2016-08-07 20:38:46 -07:00
Steven Fackler 7ca5ccf064 Hash reform 
Closes #430
 2016-08-07 16:29:36 -07:00
Steven Fackler c47be8b14b Move SSL_CTX_set_ecdh_auto to -sys 2016-08-04 22:52:40 -07:00
Steven Fackler ee67ea8ea0 Mvoe SSL_CTX_add_extra_chain_cert to -sys 2016-08-04 22:46:47 -07:00
Steven Fackler 378b86326c Move SSL_CTX_set_tmp_dh to -sys 2016-08-04 22:43:24 -07:00
Steven Fackler 7fb7f4671d Move SSL_CTX_set_read_ahead to -sys 2016-08-04 22:40:01 -07:00
Steven Fackler 77dbab2cad Move SSL_CTX_set_tlsext_servername_callback to -sys 2016-08-04 22:37:39 -07:00
Steven Fackler c2a7c5b7f0 Move SSL_set_tlsext_host_name to -sys 2016-08-04 22:28:33 -07:00
Steven Fackler b29ea62491 Move BIO macros into -sys 2016-08-04 22:22:55 -07:00
Steven Fackler 17474520bc Support basic SSL options without C shims 2016-08-04 22:14:18 -07:00
Steven Fackler abacc8bb18 Define SSL_CTX_set_mode in openssl-sys 2016-08-02 22:14:44 -07:00
Steven Fackler 08e27f31ed Restructure PEM input/output methods 
Dealing with byte buffers directly avoids error handling weirdness and
we were loading it all into memory before anyway.
 2016-08-02 20:49:28 -07:00
Alex Crichton 3539be3366 Add MidHandshakeSslStream 
Allows recognizing when a stream is still in handshake mode and can gracefully
transition when ready. The blocking usage of the API should still be the same,
just helps nonblocking implementations!
 2016-07-31 16:01:06 -07:00
Steven Fackler df30e9e700 Merge pull request #402 from bbatha/feat/dsa-ffi 
DSA bindings
 2016-07-29 22:35:50 -07:00
Ben Batha a3a602be51 add low level dsa primitives 2016-07-29 19:04:37 -04:00
Onur Aslan 5ed77df197 Implement save_der for X509 and X509Req 2016-07-29 12:14:49 +03:00
Shaun Taheri 722a2bd673 Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER flag 2016-07-24 20:55:15 +02:00
Steven Fackler 5135fca87f Release v0.7.14 2016-07-01 18:43:39 -04:00
Steven Fackler 121169c1f5 Set auto retry 
SSL_read returns a WANT_READ after a renegotiation by default which ends
up bubbling up as a weird BUG error. Tell OpenSSL to just do the read
again.
 2016-07-01 18:31:47 -04:00
Steven Fackler f6b612df5f Release v0.7.13 2016-05-20 15:57:57 -07:00
Anthony Ramine ed969d5d8a Update user32-sys and gdi32-sys to 0.2 2016-05-19 22:00:14 +02:00
Steven Fackler 95051b060d Release v0.7.12 2016-05-16 23:04:03 -07:00
Steven Fackler dce59a63c5 Merge pull request #389 from cmsd2/master 
expose rsa from raw private key and rsa sign and verify
 2016-05-06 15:12:19 -07:00
Chris Dawes f82a1c4f75 add rsa signature tests 2016-05-05 23:41:55 +01:00
Steven Fackler 78122a9d68 Release v0.7.11 2016-05-05 13:32:27 -07:00
Steven Fackler 7b73003b67 Add X509StoreContext::error_depth 2016-04-30 09:27:50 -07:00
Steven Fackler 62a7dd10e5 Add Ssl::set_verify 
It also uses a better, closure based API than the existing callback
    methods.
 2016-04-30 08:09:12 -07:00
Steven Fackler a7bade104c Merge pull request #381 from chaaz/master 
Add 1DES symm ciphers (des-cbc, des-ecb, des-cfb, des-ofb)
 2016-04-29 21:17:17 -07:00
Steven Fackler 32722e1850 Add accessors for x509 subject alt names 2016-04-29 21:15:32 -07:00
Steven Fackler caf9272c85 Start on GeneralName 2016-04-28 22:16:29 -07:00
Charlie Ozinga 5682c04469 Remove des_cfb and des_ofb, since they appear on limit platforms 2016-04-19 17:28:19 -06:00
Steven Fackler 54fc1df712 Release v0.7.10 2016-04-16 20:57:12 -07:00
Steven Fackler c2e72f6641 Add SslContext::set_default_verify_paths 2016-04-16 20:47:32 -07:00
Charlie Ozinga 2062d48dd2 Add 1DES symm ciphers (des-cbc, des-ecb, des-cfb, des-ofb) 
1DES is well and truly dead for actual sensitive information, (its
keysize is too small for modern purposes), but it can still find use in
backwards compatiblity or educational applications.
 2016-04-14 03:44:43 -06:00
Steven Fackler 9511a9bc19 Merge pull request #380 from Yoric/master 
Resolves #378 - Module version with the version information
 2016-04-13 14:45:49 -07:00
David Rajchenbach-Teller 0c48f9a0e0 Resolves #378 - Module version with the version information 2016-04-13 23:29:25 +02:00
Rico Huijbers 00282de2a5 Add ability to set session ID context on an SSL context 
This is necessary to make authentication with client certificates work
without session restarts.
 2016-04-13 21:38:23 +02:00
Steven Fackler d143203f88 Release v0.7.9 2016-04-06 21:34:20 -07:00
Kevin King 4016edd4de add EVP_PKEY_copy_parameters to FFI 
copy EVP_PKEY params in PKey::clone

test that PKey::clone creates a copy
 2016-04-06 19:39:50 -04:00
Steven Fackler e0412850ec Release v0.7.8 2016-03-18 08:54:12 -07:00
Steven Fackler a569df29f4 Release v0.7.7 2016-03-17 09:04:23 -07:00
Steven Fackler 23fd427900 Merge pull request #353 from bluejekyll/master 
adding functionality to directly get and set RSA public key material
 2016-03-05 13:57:53 -08:00
Erik Johnston 04cbf049c0 Add SSL_get_version 2016-02-29 20:14:48 +00:00
Benjamin Fry ef95223d26 adding functionality to directly get and set RSA key material 2016-02-17 23:18:42 -08:00
Erik Johnston 1e9667ea89 Add support for SSL_CIPHER 2016-02-17 22:38:32 +00:00
Steven Fackler 3df4c479c9 Release v0.7.6 2016-02-10 09:36:00 -08:00
Steven Fackler 18e7e2455c Merge pull request #330 from esclear/master 
Add a interface to RSA structs
 2016-01-22 19:07:38 -08:00
Steven Fackler 2ece5b1039 Release v0.7.5 2016-01-22 15:57:21 -08:00
Jimmy Cuadra d30d1aa277 Remove raw_pointer_derive lint. 2016-01-22 04:45:52 -08:00
Daniel Albert 74db7db560 Merge branch 'master' of https://github.com/sfackler/rust-openssl 2016-01-20 19:59:41 +00:00
Daniel Albert 6ae8298f2c Make all ffi structs' fields public 2016-01-12 17:46:35 +00:00
Cyberunner23 c0b9a4c8ec Added tests for private_rsa_key_from_pem() and public_rsa_key_from_pem() 2016-01-09 14:36:01 -05:00
Cyberunner23 be23ff3dce Added PEM_read_bio_RSAPrivateKey and PEM_read_bio_RSA_PUBKEY 2016-01-05 11:23:14 -05:00
Daniel Albert 5813ca371d Add RSA structs 2016-01-01 19:33:49 +00:00
Steven Fackler 926c8167be Release v0.7.4 2015-12-18 22:41:46 -08:00
gentoo90 9436027866 Fix Cargo.toml to actually depend on gdi32-sys and user32-sys 2015-12-18 23:18:03 +02:00
Steven Fackler 5fa46d428d Release v0.7.3 2015-12-17 21:25:48 -08:00
Steven Fackler 13f7cfd9d8 Release v0.7.2 2015-12-15 19:41:57 -08:00
Steven Fackler 167008d247 Merge pull request #320 from uasi/add-variations-of-pbkdf2 
Add PBKDF2-HMAC-SHA256 and -SHA512 functions
 2015-12-15 19:30:57 -08:00
Steven Fackler 514c5ec415 Merge pull request #309 from Geal/master 
Add support for Server Name indication (SNI) on the server's side
 2015-12-15 19:22:39 -08:00
Tomoki Aonuma b6647cc610 Put pbkdf2_hmac_{256,512}() behind feature gate 
PKCS5_PBKDF2_HMAC is not available with openssl-0.9.8 on os x
 2015-12-10 23:00:49 +09:00
Tomoki Aonuma e9b8627af2 Add PBKDF2-HMAC-SHA256 and -SHA512 functions 2015-12-10 20:29:52 +09:00
Steven Fackler 91f8c542f7 Replace SslStream implementation! 2015-12-09 23:30:29 -08:00
Steven Fackler 9ee6f1c578 IT LIVES 2015-12-09 21:43:02 -08:00
Steven Fackler 4d883d488e Custom BIO infrastructure 2015-12-08 23:02:38 -08:00
Steven Fackler f79fd8cea9 Add BIO type definitions 2015-12-07 23:28:28 -08:00
Steven Fackler fce7cf4d36 Release v0.7.1 2015-11-28 16:14:58 -08:00
Maximilian Hristache fcc6be2b01 Avoid empty include paths (i.e. cc -I "" ) as they are not supported by GCC. Fix #311 2015-11-28 16:26:58 +01:00
Geoffroy Couprie 7835ea1c90 Make shims for SSL_CTX_ctrl and SSL_CTX_callback_ctrl macro wrappers 2015-11-25 08:10:36 +01:00
Geoffroy Couprie dba3a0ced2 implement get/set ssl context 2015-11-24 17:11:00 +01:00
Geoffroy Couprie cb4263f91e test SNI support 2015-11-24 17:11:00 +01:00
Overmind JIANG 3c6c4a7b3d Fix a leak when using `EVP_PKEY_get1_RSA`. 
`EVP_PKEY_get1_RSA` returns a RSA structure with its reference count
increased by 1 and therefore we need to call `RSA_free` after finishing
using that value.
 2015-11-18 11:36:34 +08:00
Steven Fackler c0a0b80020 Remove unecessary build dependency 2015-11-16 22:28:56 -08:00
Steven Fackler 82547f53d7 Release v0.7.0 2015-11-16 21:10:50 -08:00
Steven Fackler 9ebf094437 Mention why the windows deps are there 2015-11-16 21:03:42 -08:00
Steven Fackler be7171ee10 Don't depend on wildcard windows deps 2015-11-16 21:02:23 -08:00
Steven Fackler b82b93b813 Merge pull request #297 from retep998/patch-1 
Explicitly depend on gdi32 and user32 on Windows
 2015-11-17 00:01:21 -05:00
Steven Fackler f36f610d07 Move HMAC_CTX_copy to sys-extras 2015-11-16 20:16:01 -08:00
Steven Fackler a8a10e64ad Split stuff requiring a shim out to a separate crate 2015-11-16 20:16:01 -08:00
Steven Fackler 309b6d9f46 Switch to libc 0.2 2015-11-16 20:16:01 -08:00
Steven Fackler be2cbabdb7 Revert "Revert "Merge pull request #280 from ltratt/libressl_build"" 
This reverts commit ae3d0e36d7.
 2015-11-16 20:16:01 -08:00
Thom May 11e3b1b563 Provide public_decrypt, private_encrypt for PKEY 2015-10-28 18:15:55 +00:00
Peter Atashian 613a9ff721 Explicitly depend on gdi32 and user32 on Windows 
Since openssl ends up depending on functions from these system libraries, depend on -sys crates that provide these system libraries.
 2015-10-25 05:11:23 -04:00
Jamie Turner c37767df8f Nonblocking streams support. 2015-10-20 23:14:26 -07:00
Jimmy Cuadra 214c3a60f0 Expose RSA_generate_key_ex. 2015-10-15 08:54:46 -07:00
Steven Fackler f318a2c84c Release v0.6.7 2015-10-14 22:25:35 -04:00
Steven Fackler f1e19c9a55 Merge pull request #288 from alexcrichton/include 
Add metadata for the include dir of openssl
 2015-10-14 21:59:10 -04:00
Steven Fackler ae3d0e36d7 Revert "Merge pull request #280 from ltratt/libressl_build" 
This reverts commit aad933e507, reversing
changes made to 60ee731408.
 2015-10-14 21:51:32 -04:00
Lars Bergstrom d341a6efeb Update OpenSSL version checks to 1.0 numbers instead of 0.10 numbers 2015-10-14 19:39:40 -05:00
Alex Crichton 8ed840cdf5 Add metadata for the include dir of openssl 
If OpenSSL is installed at a nonstandard location dependencies on OpenSSL may
want to know where it was found to be installed at.
 2015-10-13 15:58:45 -07:00
Steven Fackler 8f5b67fed4 Merge pull request #286 from jedisct1/use_certificate_chain 
Add set_certificate_chain_file()
 2015-10-13 09:26:18 -04:00
Steven Fackler 81bc1edb61 Merge pull request #284 from bheart/cfb-mode 
AES CFB-mode feature
 2015-10-12 21:18:27 -04:00
radare 3ca5ecac74 Add certs.pem in cert probe list 
It turns out that some distributions use /etc/ssl/certs.pem, which was causing some troubles.
Related issue https://github.com/rust-lang/cargo/issues/1978#issuecomment-147515236
 2015-10-12 23:20:33 +02:00
Frank Denis a28253ee7d Add set_certificate_chain_file() 
SSL_CTX_use_certificate_chain_file() is preferred over
SSL_CTX_use_certificate_file().

It allows the use of complete certificate chains instead of loading
only the first certificate in a PEM file.
 2015-10-12 20:54:00 +02:00
Will Tange acbcb49414 AES CFB{1,8,128} mode support 2015-10-11 20:09:36 +02:00
Steven Fackler aad933e507 Merge pull request #280 from ltratt/libressl_build 
Fix build on LibreSSL.
 2015-10-10 21:56:20 -04:00
Steven Fackler 60ee731408 Merge pull request #277 from nixpulvis/read_public_pem 
Add public key PEM read function.
 2015-10-10 21:55:37 -04:00
Steven Fackler 677ed6ad1b Release v0.6.6 2015-10-05 22:34:32 +01:00
Steven Fackler 0ca71a98ff Clean up init stuff 2015-10-05 22:05:58 +01:00
Manish Goregaokar 6c810e7f9c Set threadid_func on linux/osx (fixes #281) 2015-10-05 21:43:49 +05:30
Laurence Tratt d7342a09a7 Fix build on LibreSSL. 
LibreSSL has deprecated SSLv3_method, so this commit makes that a compile-time
feature.

It also removes a test referencing SSL_OP_CISCO_ANYCONNECT, as the LibreSSL
header says it is amongst "Obsolete flags kept for compatibility. No sane code
should use them."
 2015-10-03 17:25:38 +00:59