33b511331b
As of https://boringssl-review.googlesource.com/c/boringssl/+/64141, X509_STORE_CTX_cleanup will zero the memory allocated to the X509_STORE_CTX. Because X509StoreContextRef::init invokes X509_STORE_CTX_cleanup once the with_context closure has finished, calling X509StoreContextRef::verify_result (or any API really) is going to be invalid because memory has been zerod out. This is a pretty big footgun, so maybe we should consider screaming a bit louder for this case. |
||
|---|---|---|
| .github/workflows | ||
| boring | ||
| boring-sys | ||
| hyper-boring | ||
| scripts | ||
| tokio-boring | ||
| .gitignore | ||
| .gitmodules | ||
| .rusty-hook.toml | ||
| Cargo.toml | ||
| README.md | ||
| RELEASE_NOTES | ||
| THIRD_PARTY | ||
| cliff.toml | ||
README.md
boring
BoringSSL bindings for the Rust programming language and TLS adapters for tokio and hyper built on top of it.
Documentation
- Boring API: https://docs.rs/boring
- tokio TLS adapters: https://docs.rs/tokio-boring
- hyper HTTPS connector: https://docs.rs/hyper-boring
- FFI bindings: https://docs.rs/boring-sys
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions.
Accolades
The project is based on a fork of rust-openssl.