min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
855 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

224 Commits

Author SHA1 Message Date
Steven Fackler 769b8312d8 Merge pull request #240 from jethrogb/topic/x509_req_extension 
Implement certificate extensions for certificate requests
 2015-08-15 16:04:42 -04:00
Steven Fackler df32e53afa Grab errno for directstream want errors 2015-08-10 22:29:34 -04:00
Steven Fackler 69cbd14540 Handle WantWrite and WantRead errors 2015-08-08 12:25:16 -07:00
Steven Fackler a10604e15d Merge pull request #243 from manuels/master 
Fix probelms with DTLS when no packets are pending.
 2015-08-02 22:27:19 -04:00
Steven Fackler 02dc3eda2f Merge pull request #242 from awelkie/master 
Added AES CTR-mode under feature flag.
 2015-08-02 22:25:09 -04:00
panicbit c7eded31a7 Expose ssl::init 2015-07-26 18:28:25 +02:00
Andrew Dunham ab7bfad225 Add function to write RSA public key as PEM 2015-07-23 22:30:07 -07:00
Steven Fackler 3fc8482d36 Make curl follow redirects 2015-07-23 21:51:06 -07:00
Manuel Schölling a43011d77c Fix probelms with DTLS when no packets are pending. 
When using DTLS you might run into the situation where no packets
are pending, so SSL_read returns len=0. On a TLS connection this
means that the connection was closed, but on DTLS it does not
(a DTLS connection cannot be closed in the usual sense).
This commit fixes a bug introduced by c8d23f3.

Conflicts:
	openssl/src/ssl/mod.rs
 2015-07-18 13:00:34 +02:00
Allen Welkie b478c29151 Added AES CTR-mode under feature flag. 2015-07-15 20:45:18 -04:00
Jethro Beekman 90dd54b541 Implement certificate extensions for certificate requests 2015-07-08 13:37:35 -07:00
Jethro Beekman 1e4cba36e8 Add missing C-string conversion, fixing recent build errors 2015-07-08 11:05:18 -07:00
Steven Fackler 3351d5b807 Merge pull request #227 from jethrogb/topic/x509_name 
Allow setting of arbitrary X509 names
 2015-07-08 10:21:19 -07:00
Steven Fackler 0cb4368ef8 Merge pull request #221 from jethrogb/topic/ssl_options 
Several SSL option fixes
 2015-07-08 10:20:33 -07:00
Jethro Beekman e3c562d6a0 Fix/add more X509generator tests 2015-07-08 10:09:40 -07:00
Jethro Beekman 1bcbe8f4bc Add X509generator.add_names method 2015-07-08 10:09:40 -07:00
Jethro Beekman f2b0da1de7 Add public add_name method to X509Generator 2015-07-08 10:08:41 -07:00
Jethro Beekman 11bcac01ec Replace CN field by names vector 2015-07-08 10:06:52 -07:00
Steven Fackler 3229296105 Merge pull request #233 from jethrogb/topic/x509_extension 
Allow setting of arbitrary X509 extensions
 2015-07-08 03:10:40 -04:00
Steven Fackler cc497b4768 Release v0.6.4 2015-07-06 11:09:03 -07:00
Ms2ger f4afe615dd Unpin the bitflags version. 
This dependency causes Servo to depend on multiple versions of the bitflags
crate.
 2015-07-06 19:47:59 +02:00
Jethro Beekman aeefa364b7 Decouple C SSL Option bit flags from Rust version 
The OpenSSL "SSL_OP_*" flags are in constant flux between different OpenSSL
versions. To avoid having to change the Rust definitions, we implement our
own numbering system in Rust, and use an automatically-generated C shim to
convert the bitflags at runtime.
 2015-07-01 21:49:11 -07:00
Jethro Beekman f9a836fae9 tabs to spaces 2015-07-01 00:18:45 -07:00
Jethro Beekman 93eb0cfa2d Add documentation on X509 Extensions 2015-07-01 00:18:45 -07:00
Jethro Beekman e9cc8cb121 Add Issuer Alternative Name extension 2015-07-01 00:18:45 -07:00
Jethro Beekman f4168b1161 Add Subject Alternate Name extension 2015-07-01 00:18:45 -07:00
Jethro Beekman b46574b635 Add arbitrary X509 extensions by OID string 2015-07-01 00:18:45 -07:00
Jethro Beekman e367567d00 Add arbitrary X509 extensions by NID 2015-07-01 00:18:45 -07:00
Jethro Beekman 2fa1344367 Add public generic extension interface to X509Generator 
* Add add_extension and add_extensions functions
* Deprecate set_usage and set_ext_usage
* Change test to use add_extension
 2015-07-01 00:18:45 -07:00
Jethro Beekman 53b868697a Implement arbitrary X509 Extended Key Usage values 2015-07-01 00:18:45 -07:00
Jethro Beekman 8d1abf5156 Implement "extensions" field in X509generator, and change existing extensions to use that 2015-07-01 00:18:45 -07:00
Jethro Beekman d5a4d48cab Turn assertions into unwraps such that tests provide useful output on panic. 2015-07-01 00:18:44 -07:00
Jethro Beekman c4e398d397 Turn "dirty hack" into slightly less dirty hack, with potential to become non-dirty 2015-07-01 00:18:44 -07:00
Jethro Beekman 14a2f5c5e9 Move X509 extensions to seperate module, implement ToString instead of custom AsStr 2015-07-01 00:18:44 -07:00
Jethro Beekman 9074af5bdd Add a test that checks whether 3 known subject attributes can be retrieved by NID 2015-06-30 23:51:54 -07:00
Jethro Beekman 1d214bce61 Fix NID definitions to match OpenSSL. The previous numbers were introduced incorrectly in #213 2015-06-30 23:34:17 -07:00
Steven Fackler a6ff56209d Revert "Don't build a custom openssl on OSX" 
This reverts commit 645430602d.

We actually need 1.0.2 for DTLSv1.2 and ALPN
 2015-06-30 00:07:38 -07:00
Steven Fackler 61e61bbae4 Fix backcompat method 2015-06-29 22:04:31 -07:00
Steven Fackler dfacea1df6 Fix build with alpn feature 2015-06-29 21:58:54 -07:00
Cody P Schafer 01e01e3747 ssl: support ALPN 
Heavily based on the existing NPN wrapping code. Naming of public
functions is identical to the NPN ones with `s/npn/alpn/` applied to
prevent devs from needing to remember 2 names (and to let my copy the
npn tests and perform the subistution to generate the apln tests).

It might make sense to (at some point) use macros or a trait to cut down
the duplication.
 2015-06-29 10:58:45 -04:00
Cody P Schafer 539ae2eebf ssl/NPN: factor out encoding of the protocol list 
The intention is to allow the encoding to be reused by the ALPN support
code.
 2015-06-29 10:57:44 -04:00
Cody P Schafer a94ea78d8a ssl: use a common helper to generate new ex data indexes, switch NPN to a lazyref 
Rather than having the verification data idx generation and NPN use
there own (similar) impls to generate indexes with destructors, unify
them.

Make NPNs use of indexes more idomatic by storing the index in a
lazyref rather than having a function with static data members.
 2015-06-29 10:57:44 -04:00
Steven Fackler 8fdd0e2ec1 More docs 2015-06-28 11:30:49 -07:00
Steven Fackler 94b0f26c10 Fix windows build 2015-06-28 10:21:06 -07:00
Steven Fackler b1dd46ae6a Docs 2015-06-28 10:15:33 -07:00
Steven Fackler 3325e6b474 Make the direct constructors the defaults 2015-06-28 10:06:42 -07:00
Steven Fackler 797488dd09 Add docs for accept and connect 2015-06-28 00:21:41 -07:00
Steven Fackler b1a30ce4ba Rename new_client to connect and new_server to accept 2015-06-28 00:12:47 -07:00
Steven Fackler 1373a76ce1 Implement direct IO support 2015-06-28 00:06:14 -07:00
Steven Fackler 9b235a7b91 Prepare for direct stream support 2015-06-27 22:37:10 -07:00
Steven Fackler c722f889c1 Docs tweak 2015-06-27 21:40:55 -07:00
Steven Fackler 0cff370f1d Reduce SslStream constructor duplication 2015-06-27 21:40:00 -07:00
Steven Fackler a80a77bbb8 Initialize stream buffer 2015-06-27 19:42:13 -07:00
Steven Fackler 9d0acfe615 Fix set_hostname 
It was previously failing to null terminate the hostname string (was
anyone actually using this?). Also move the macro expansion to the C
shim.
 2015-06-27 19:37:45 -07:00
Steven Fackler 645430602d Don't build a custom openssl on OSX 
I don't believe the bugfix the required this is needed anymore
 2015-06-27 15:45:48 -07:00
Steven Fackler cb7248d8cb Import shim'd HMAC stuff with the original name 2015-06-27 15:23:19 -07:00
Steven Fackler d0b769c93c Move macro replicas into C shim 2015-06-27 15:11:11 -07:00
Steven Fackler 524c1e63aa Release v0.6.3 2015-06-25 23:22:04 -07:00
Steven Fackler 212acf0bb8 Add a test for connection negotiation failure 2015-06-25 23:07:25 -07:00
Steven Fackler c8d23f37a4 Fix EOF handling in retry wrapper 2015-06-25 22:47:53 -07:00
Jethro Beekman 2c18bc7f52 Remove superfluous vec! usage 2015-06-14 21:56:48 -07:00
Jethro Beekman d2d20a8377 Use AsRef for backwards compatibility with passing IV as Vec 2015-06-14 21:56:23 -07:00
Jethro Beekman cbf0cbafbf Pass symmetric crypto initialization vector as a slice 
Note: This change is backwards-incompatible. Users will need to add turn their
parameters into references.
 2015-06-12 18:38:52 -07:00
Manish Goregaokar 7344b2703a Bump bitflags version 2015-06-02 14:33:10 +05:30
Emeric Chevalier 7320c1619f Correction on sign and verify documentation to be more explicit of right 
behaviour (no hash done by the functions).
 2015-05-30 13:08:45 +02:00
Steven Fackler 8e180371ec Merge pull request #219 from jethrogb/topic/x509req 
Implement limited X509_REQ functionality
 2015-05-29 00:01:21 -04:00
Jethro Beekman ed6f7997a2 Remove superfluous dead_code attribute 2015-05-28 20:47:53 -07:00
Jethro Beekman c1232f3035 Implement limited X509_REQ functionality 2015-05-28 00:22:14 -07:00
Jethro Beekman a0cbcf56cf Clarify which keys are used where 2015-05-27 23:46:02 -07:00
Steven Fackler 1123c7387e Fix SslString Debug impl and drop lifetime 2015-05-17 11:22:42 -07:00
Joseph Glanville 6d53a3ed20 Test reading CN from test certificate 2015-05-18 02:41:42 +10:00
Joseph Glanville e88f1567b4 Add support for reading X509 subject information 2015-05-18 02:41:42 +10:00
Joseph Glanville e7a5ecc8dd Add test for get_peer_certificate() 2015-05-16 19:37:31 +10:00
Joseph Glanville 5d9eaf53da Add accessor for peer_certificate 2015-05-16 19:20:38 +10:00
Steven Fackler d723481f77 Fix doc root 2015-05-13 16:31:27 -07:00
Steven Fackler 8a9aa0c657 Merge pull request #210 from manuels/pending 
Add SslStream.pending()
 2015-05-05 22:57:14 -04:00
Steven Fackler fb2822d5c7 Merge pull request #201 from manuels/pkey_cmp 
Add comparison for PKeys
 2015-05-04 10:19:13 -07:00
Steven Fackler 00c17035ec Abstract over AsRef<Path> 2015-05-02 13:59:11 -07:00
Steven Fackler d044d87c1b Release v0.6.2 2015-05-01 10:43:54 -07:00
Manuel Schölling b0bcb44556 Move PKey comparison func to public_eq() 2015-05-01 10:58:15 +02:00
Manuel Schölling c8fae312ad Add SslStream.pending() 2015-04-30 20:00:30 +02:00
Steven Fackler 73617dabfa Write through to underlying stream for every write call 
cc #208
 2015-04-30 00:18:23 -07:00
Steven Fackler bce84a6d53 Release v0.6.1 2015-04-22 15:08:56 -07:00
Manuel Schölling 123d400277 Add comparison for PKeys 2015-04-16 17:14:21 +02:00
Manuel Schölling 7db00b97ba Add X509::public_key() 2015-04-15 22:59:07 +02:00
Steven Fackler 8027fff782 Fix nightly build issues 2015-04-15 09:10:22 -07:00
Steven Fackler 8eb5db45bf Fix non-dtls tests 2015-04-08 22:12:57 -07:00
Steven Fackler c5a16db97e Fix dtls tests 
There's a reason static mut is unsafe...
 2015-04-08 22:10:13 -07:00
Steven Fackler 483e0b1f0a Clean up build infrastructure 2015-04-08 21:52:54 -07:00
Manuel Schölling 6f1e9cf47c Make connected_socket a dev-dependency 2015-04-06 13:00:12 +02:00
Manuel Schölling b3eae0e3f6 Adapt code for rust-1.0.0-beta 2015-04-06 12:56:38 +02:00
Manuel Schölling 912cacf4bc Fix rebase errors 2015-04-06 12:26:10 +02:00
Manuel Schölling fb98f482e2 Add ability to load private keys from files and use raw keys and certificates for SslContext 
Conflicts:
	openssl/src/crypto/pkey.rs
	openssl/src/ssl/tests.rs
 2015-04-06 12:25:37 +02:00
Manuel Schölling 3c03dd9535 Add ability to load private keys from files and use raw keys and certificates for SslContext 
Conflicts:
	openssl/src/ssl/tests.rs
 2015-04-06 12:25:15 +02:00
Manuel Schölling 114253c55e Change SslContext::set_read_ahead(c_long) to SslContext::set_read_ahead(u32) 2015-04-06 12:23:11 +02:00
Manuel Schölling 62b19e87e8 Fix preemtively exiting openssl dtls server for tests 2015-04-06 12:23:11 +02:00
Manuel Schölling 362a7dfc93 Debug halteproblem with tests 2015-04-06 12:23:11 +02:00
Manuel Schölling dbef985e32 Move connected_socket to its own crate and fix SSL_CTX_set_read_ahead() 2015-04-06 12:23:11 +02:00
Manuel Schölling 5788f3bec8 Use latest OpenSSL version in travis tests and more verbose error message in ConnectedSocket 2015-04-06 12:22:51 +02:00
Manuel Schölling 014f59ae60 Fix detect_invalid_ipv4 test on OSX 
Looks like the invalid IP 254.254.254.254 is fine for OSX
 2015-04-06 12:22:51 +02:00