History

Leo Blöcher baede6c0af Remove INVALID_CALL from mid-handshake error message Mid-handshake errors that occur before certificate verification currently look like this: ``` TLS handshake failed: cert verification failed - Invalid certificate verification context [WRONG_VERSION_NUMBER] ``` Despite no certificate even being received yet, the error complains about a failed verification. The cause here is that `cert verification failed` is only omitted if the verification result is `OK`. The default in BoringSSL before verification runs is `INVALID_CALL`, however. `INVALID_CALL` is set/returned in these places: - `44b3df6f03/src/ssl/internal.h (L3904)` - `44b3df6f03/src/ssl/ssl_session.cc (L396)` - `44b3df6f03/src/ssl/ssl_x509.cc (L713)` It is not used anywhere else as a verification result code. To improve the error message, this commit adds `INVALID_CALL` as a verification result for which no additional error is dislayed.		2025-01-06 16:12:05 +00:00
..
examples	Change X509VerifyResult to Result<(), X509VerifyError>	2023-10-11 14:42:59 +02:00
src	Remove INVALID_CALL from mid-handshake error message	2025-01-06 16:12:05 +00:00
test	Introduce X509Flags	2024-01-03 19:37:59 +01:00
Cargo.toml	Clippy	2024-11-28 11:21:39 -08:00
LICENSE	Rename stuff	2020-11-11 17:47:30 +00:00
README.md	Rename stuff	2020-11-11 17:47:30 +00:00

README.md

boring

BoringSSL bindings for the Rust programming language and TLS adapters for tokio and hyper built on top of it.

Documentation

Boring API: https://docs.rs/boring
tokio TLS adapters: https://docs.rs/tokio-boring
hyper HTTPS connector: https://docs.rs/hyper-boring
FFI bindings: https://docs.rs/boring-sys

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions.

Accolades

The project is based on a fork of rust-openssl.