aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Add SslRef::verified_chainSteven Fackler2018-05-291-8/+26
|
* Rename X509Ref::fingerprint to X509Ref::digest and avoid allocatingSteven Fackler2018-05-241-6/+6
|
* Don't panic on bogus servernamesSteven Fackler2018-05-241-1/+25
| | | | | | | Also add a second version of the method to avoid filtering out non-utf8 names. Closes #930
* Add bindings to SSL_get_finished and SSL_get_peer_finishedSteven Fackler2018-05-241-6/+46
| | | | These are used for the tls-unique SCRAM channel binding mode.
* Merge pull request #920 from Ralith/max-early-data-accessorsSteven Fackler2018-05-221-1/+186
|\ | | | | TLS1.3 early data support
| * Expose early I/OBenjamin Saunders2018-05-221-1/+89
| |
| * Expose early keying material exportBenjamin Saunders2018-05-171-0/+27
| |
| * Expose max TLS1.3 early data accessorsBenjamin Saunders2018-05-171-0/+70
| |
* | Revert "Move proto version accessors to SslContextRef"Steven Fackler2018-05-201-52/+44
| |
* | Move proto version accessors to SslContextRefSteven Fackler2018-05-201-44/+52
| | | | | | | | Add a Derf impl for SslContextBuilder so existing use still works.
* | Improve error Display implsSteven Fackler2018-05-201-8/+9
| |
* | Support ALPN on libresslSteven Fackler2018-05-203-17/+21
| | | | | | | | Closes #690
* | Overhaul openssl cfgsSteven Fackler2018-05-205-459/+438
| | | | | | | | Also expose hostname verification on libressl
* | Support min/max version in LibreSSLSteven Fackler2018-05-192-16/+18
|/ | | | | Their implementations of the accessors don't behave expected with no bounds, so we ignore those bits of the tests.
* Merge Ssl impl blocksSteven Fackler2018-05-121-57/+55
|
* Clean up SSL callbacksSteven Fackler2018-05-122-68/+76
| | | | | Also add an Arc to avoid a weird use after free edge case if a callback changes a callback.
* Disable tests that talk to Google on LibreSSL 2.5.0Steven Fackler2018-05-122-1/+5
| | | | | They're flickering, and I'm assuming it's just because that version is so old.
* Change SslContext callback handlingSteven Fackler2018-05-122-240/+151
| | | | Use the existing infrastructure!
* Fix base version for min/max proto accessorsSteven Fackler2018-05-092-32/+49
| | | | Closes #911
* Expose SslSession <-> DER conversionBenjamin Saunders2018-04-291-0/+23
|
* Some misc cleanupSteven Fackler2018-04-271-60/+81
|
* Merge pull request #858 from Ralith/stateless-apiSteven Fackler2018-03-313-41/+331
|\ | | | | Introduce SslStreamBuilder
| * Add test for stateless connectionBenjamin Saunders2018-03-281-2/+119
| |
| * Introduce SslStreamBuilderBenjamin Saunders2018-03-281-34/+114
| |
| * Update to OpenSSL 1.1.1-pre3Benjamin Saunders2018-03-282-5/+98
| |
* | Clean up a couple of holdovers from old featuresSteven Fackler2018-03-292-14/+10
|/
* Remove version-specific featuresSteven Fackler2018-03-194-143/+125
| | | | Closes #852
* Expose additional cipher and digest accessorsBenjamin Saunders2018-03-161-0/+26
|
* Add a Sync + Send bound to the custom ext typeSteven Fackler2018-03-112-38/+76
| | | | | It's stored inside of the Ssl, so this is probably tecnically necessarly?
* Merge branch 'master' into custom-extensionsSteven Fackler2018-03-111-0/+3
|\
| * Add one more set of implsSteven Fackler2018-03-101-0/+3
| |
* | Generic custom extension add fn return typeBenjamin Saunders2018-03-103-30/+30
| |
* | High-level API for OpenSSL 1.1.1 custom extension supportBenjamin Saunders2018-03-093-0/+207
|/
* Add SslOptions::ENABLE_MIDDLEBOX_COMPATBenjamin Saunders2018-03-031-0/+7
|
* Add min/max protocol version supportSteven Fackler2018-02-252-4/+133
|
* Restore error stack in cookie callbackSteven Fackler2018-02-251-7/+12
|
* Expose cookie generate/verify callback settersBenjamin Saunders2018-02-252-0/+95
|
* Merge pull request #850 from sfackler/put-errorSteven Fackler2018-02-241-12/+12
|\ | | | | Add the ability to push errors back onto the error stack.
| * Add the ability to push errors back onto the error stack.Steven Fackler2018-02-241-12/+12
| |
* | Add RFC 5705 supportSteven Fackler2018-02-232-2/+72
|/
* Actually add version stuffSteven Fackler2018-02-211-2/+16
|
* Inline connector constantsSteven Fackler2018-02-211-17/+15
|
* Don't special case 1.0.1Steven Fackler2018-02-211-7/+0
| | | | It appears that 1.0.1's defaults are actually okay.
* Update SslConnector cipher listSteven Fackler2018-02-201-6/+11
| | | | | | | | Based off of python/cpython#3532, we use OpenSSL's default cipher list and turn of things we don't like. This can't be used with 1.0.1, however, which had a poor default set. There, we use the old defaults, with the bits that aren't implemented in 1.0.1 removed (namely TLSv1.3 suites and ChaCha).
* Add some debugging-related bindingsSteven Fackler2018-02-172-23/+88
|
* Add SSL_version bindingSteven Fackler2018-02-171-2/+40
|
* Fix session cloningSteven Fackler2018-02-171-1/+1
|
* Bind remove and get session callbacksSteven Fackler2018-02-162-1/+101
|
* SSL session callbacks have always been aroundSteven Fackler2018-02-163-12/+2
|
* Doc tweakSteven Fackler2018-02-151-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-17 08:11:55 +0000