aboutsummaryrefslogtreecommitdiff
path: root/openssl-sys
Commit message (Collapse)AuthorAgeFilesLines
* Custom BIO infrastructureSteven Fackler2015-12-081-0/+3
|
* Add BIO type definitionsSteven Fackler2015-12-071-3/+54
|
* Release v0.7.1Steven Fackler2015-11-282-3/+3
|
* Avoid empty include paths (i.e. cc -I "" ) as they are not supported by GCC. ↵Maximilian Hristache2015-11-281-2/+5
| | | | Fix #311
* Fix a leak when using `EVP_PKEY_get1_RSA`.Overmind JIANG2015-11-181-0/+1
| | | | | | `EVP_PKEY_get1_RSA` returns a RSA structure with its reference count increased by 1 and therefore we need to call `RSA_free` after finishing using that value.
* Remove unecessary build dependencySteven Fackler2015-11-162-2/+0
|
* Release v0.7.0Steven Fackler2015-11-162-3/+3
|
* Mention why the windows deps are thereSteven Fackler2015-11-161-0/+1
|
* Don't depend on wildcard windows depsSteven Fackler2015-11-161-8/+9
|
* Merge pull request #297 from retep998/patch-1Steven Fackler2015-11-171-0/+12
|\ | | | | Explicitly depend on gdi32 and user32 on Windows
| * Explicitly depend on gdi32 and user32 on WindowsPeter Atashian2015-10-251-0/+12
| | | | | | Since openssl ends up depending on functions from these system libraries, depend on -sys crates that provide these system libraries.
* | Move HMAC_CTX_copy to sys-extrasSteven Fackler2015-11-161-1/+0
| |
* | Split stuff requiring a shim out to a separate crateSteven Fackler2015-11-165-342/+24
| |
* | Switch to libc 0.2Steven Fackler2015-11-161-1/+1
| |
* | Revert "Revert "Merge pull request #280 from ltratt/libressl_build""Steven Fackler2015-11-161-0/+1
| | | | | | | | This reverts commit ae3d0e36d71bb121c2fc1a75b3bc6d97f0e61480.
* | Provide public_decrypt, private_encrypt for PKEYThom May2015-10-281-0/+4
|/
* Nonblocking streams support.Jamie Turner2015-10-202-0/+6
|
* Expose RSA_generate_key_ex.Jimmy Cuadra2015-10-151-0/+1
|
* Release v0.6.7Steven Fackler2015-10-142-3/+3
|
* Merge pull request #288 from alexcrichton/includeSteven Fackler2015-10-141-0/+1
|\ | | | | Add metadata for the include dir of openssl
| * Add metadata for the include dir of opensslAlex Crichton2015-10-131-0/+1
| | | | | | | | | | If OpenSSL is installed at a nonstandard location dependencies on OpenSSL may want to know where it was found to be installed at.
* | Revert "Merge pull request #280 from ltratt/libressl_build"Steven Fackler2015-10-141-1/+0
| | | | | | | | | | This reverts commit aad933e5077b2c73e1f05d7314e442531a562bcf, reversing changes made to 60ee731408facdc8e3dfc000fdee2f1291fad664.
* | Update OpenSSL version checks to 1.0 numbers instead of 0.10 numbersLars Bergstrom2015-10-141-2/+2
|/
* Merge pull request #286 from jedisct1/use_certificate_chainSteven Fackler2015-10-131-0/+1
|\ | | | | Add set_certificate_chain_file()
| * Add set_certificate_chain_file()Frank Denis2015-10-121-0/+1
| | | | | | | | | | | | | | | | SSL_CTX_use_certificate_chain_file() is preferred over SSL_CTX_use_certificate_file(). It allows the use of complete certificate chains instead of loading only the first certificate in a PEM file.
* | Merge pull request #284 from bheart/cfb-modeSteven Fackler2015-10-121-0/+6
|\ \ | | | | | | AES CFB-mode feature
| * | AES CFB{1,8,128} mode supportWill Tange2015-10-111-0/+6
| | |
* | | Add certs.pem in cert probe listradare2015-10-121-4/+8
| |/ |/| | | | | It turns out that some distributions use /etc/ssl/certs.pem, which was causing some troubles. Related issue https://github.com/rust-lang/cargo/issues/1978#issuecomment-147515236
* | Merge pull request #280 from ltratt/libressl_buildSteven Fackler2015-10-101-0/+1
|\ \ | | | | | | Fix build on LibreSSL.
| * | Fix build on LibreSSL.Laurence Tratt2015-10-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | LibreSSL has deprecated SSLv3_method, so this commit makes that a compile-time feature. It also removes a test referencing SSL_OP_CISCO_ANYCONNECT, as the LibreSSL header says it is amongst "Obsolete flags kept for compatibility. No sane code should use them."
* | | Merge pull request #277 from nixpulvis/read_public_pemSteven Fackler2015-10-101-0/+2
|\ \ \ | |_|/ |/| | Add public key PEM read function.
| * | Add public key PEM read function.Nathan Lilienthal2015-10-011-0/+2
| |/
* | Release v0.6.6Steven Fackler2015-10-052-3/+3
| |
* | Clean up init stuffSteven Fackler2015-10-052-9/+8
| |
* | Set threadid_func on linux/osx (fixes #281)Manish Goregaokar2015-10-052-0/+29
|/
* Add SSL::set_ecdh_auto()Frank Denis2015-09-253-0/+10
| | | | | This sets automatic curve selection and enables ECDH support. Requires LibreSSL or OpenSSL >= 1.0.2, so behind a feature gate.
* Merge pull request #266 from jmesmon/alpnSteven Fackler2015-09-161-3/+3
|\ | | | | ssl/npn+alpn: adjust protocol selection to fail if no protocols match
| * ssl/npn+alpn: adjust protocol selection to fail if no protocols matchCody P Schafer2015-09-011-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current behavior causes a server written using rust-openssl to (if it cannot negotiate a protocol) fallback to the first protocol it has avaliable. This makes it impossible to detect protocol mismatches. This updates our selection to be more similar to how openssl's s_server behaves: non-matching protocols are not supplied with a fallback. Note that some setups may actually want a fallback protocol supplied via ALPN. To support those cases, we should consider adding a generic callback that allows protocol selection to be entirely controlled by the programmer. For the purposes of having a sane default, however, not supplying a default (and mimicing s_server's behavior) is the best choice.
* | Add DH::from_pem() to load DH parameters from a fileFrank Denis2015-09-131-1/+2
| |
* | Swap order of linking ssl/cryptoAlex Crichton2015-09-011-3/+3
|/ | | | | | | | | | | | GNU linkers will sometimes aggressively try to strip objects and archives from a linker command line in a left-to-right fashion. When a linker hits an object file that doesn't satisfy any unresolved symbols, it will discard the object and not re-visit it. This means that currently if symbols are depended upon in libssl then some of the dependencies of libssl (in libcrypto) may have already been stripped, causing a link error. By swapping the order of what's linked it reflects the natural flow of dependencies and the linker should figure everything out for us.
* Merge pull request #259 from jedisct1/dhSteven Fackler2015-09-013-0/+33
|\ | | | | Add support for DHE for forward secrecy
| * Add support for set_tmp_dh() and RFC5114 DH parameters for forward secrecy.Frank Denis2015-08-313-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rust-openssl didn't support forward secrecy at all. This adds support for DHE, by exposing set_tmp_dh() as well as the RFC5114 parameters, which are conveniently exposed since OpenSSL 1.0.2. With OpenSSL >= 1.0.2, and the rfc5114 feature gate, enabling DHE is as simple as (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::dh::DH; let dh = DH::get_2048_256().unwrap(); ctx.set_tmp_dh(dh).unwrap(); With OpenSSL < 1.0.2, DH::from_params() can be used to manually specify the DH parameters (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::bn::BigNum; use openssl::dh::DH; let p = BigNum::from_hex_str("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597").unwrap(); let g = BigNum::from_hex_str("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659").unwrap(); let q = BigNum::from_hex_str("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3").unwrap(); let dh = DH::from_params(p, g, q).unwrap(); ctx.set_tmp_dh(dh).unwrap();
* | Release v0.6.5Steven Fackler2015-08-312-3/+3
|/
* Merge pull request #251 from ebarnard/evp_bytestokeySteven Fackler2015-08-231-0/+6
|\ | | | | Expose EVP_BytesToKey
| * Expose EVP_BytesToKeyEdward Barnard2015-08-231-0/+6
| | | | | | | | | | This is based on work by pyrho. Closes #88
* | Merge pull request #253 from manuels/masterSteven Fackler2015-08-191-0/+2
|\ \ | | | | | | Add get_state_string()
| * | Add get_state_string()Manuel Schölling2015-08-171-0/+2
| |/
* | Merge pull request #240 from jethrogb/topic/x509_req_extensionSteven Fackler2015-08-152-0/+10
|\ \ | |/ |/| Implement certificate extensions for certificate requests
| * Implement certificate extensions for certificate requestsJethro Beekman2015-07-082-0/+10
| |
* | Merge pull request #243 from manuels/masterSteven Fackler2015-08-021-0/+1
|\ \ | | | | | | Fix probelms with DTLS when no packets are pending.
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-22 01:11:44 +0000