baede6c0af
Mid-handshake errors that occur before certificate verification currently look like this: ``` TLS handshake failed: cert verification failed - Invalid certificate verification context [WRONG_VERSION_NUMBER] ``` Despite no certificate even being received yet, the error complains about a failed verification. The cause here is that `cert verification failed` is only omitted if the verification result is `OK`. The default in BoringSSL before verification runs is `INVALID_CALL`, however. `INVALID_CALL` is set/returned in these places: - |
||
|---|---|---|
| .github/workflows | ||
| boring | ||
| boring-sys | ||
| hyper-boring | ||
| scripts | ||
| tokio-boring | ||
| .gitignore | ||
| .gitmodules | ||
| .rusty-hook.toml | ||
| Cargo.toml | ||
| README.md | ||
| RELEASE_NOTES | ||
| THIRD_PARTY | ||
| cliff.toml | ||
README.md
boring
BoringSSL bindings for the Rust programming language and TLS adapters for tokio and hyper built on top of it.
Documentation
- Boring API: https://docs.rs/boring
- tokio TLS adapters: https://docs.rs/tokio-boring
- hyper HTTPS connector: https://docs.rs/hyper-boring
- FFI bindings: https://docs.rs/boring-sys
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions.
Accolades
The project is based on a fork of rust-openssl.