aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #471 from sfackler/no-compSteven Fackler2016-10-141-0/+10
|\ | | | | Handle OPENSSL_NO_COMP
| * Handle OPENSSL_NO_COMPSteven Fackler2016-10-141-0/+10
| | | | | | | | Closes #459
* | Fix test_alpn_server_select_noneSteven Fackler2016-10-141-12/+34
|/ | | | | | | | | | | | In OpenSSL 1.1, a failure to negotiate a protocol is a fatal error, so fork that test. This also popped up an issue where we assumed all errors had library, function, and reason strings which is not necessarily the case. While we're in here, adjust the Display impl to match what OpenSSL prints out. Closes #465
* Enable hostname verification on 1.0.2Steven Fackler2016-10-142-7/+7
|
* Support hostname verificationSteven Fackler2016-10-142-0/+56
| | | | Closes #206
* Ignore DTLS tests on Windows/ARM for nowAlex Crichton2016-10-141-1/+4
| | | | cc #467
* CleanupSteven Fackler2016-10-131-2/+0
|
* Use stdlib logic for udpSteven Fackler2016-10-131-38/+2
|
* Fix windows for realSteven Fackler2016-10-131-1/+2
|
* Disable npn tests on < 1.0.2Steven Fackler2016-10-131-0/+2
| | | | s_client doesn't seem to support the required flag before then.
* Fix tests on windowsSteven Fackler2016-10-131-5/+6
|
* Reenable dtls testsSteven Fackler2016-10-131-26/+6
|
* Clean up featuresSteven Fackler2016-10-132-20/+17
|
* Flag off dtls and mask ssl_opsSteven Fackler2016-10-131-13/+3
| | | | Also un-feature gate npn as it ships with 1.0.1
* Ignore a test on OpenSSL 1.1.0Alex Crichton2016-10-121-0/+3
|
* Add remaining SSL_OP constantsSteven Fackler2016-10-121-0/+5
|
* Add support for OpenSSL 1.1.0Alex Crichton2016-10-123-262/+388
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit is relatively major refactoring of the `openssl-sys` crate as well as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0, and lots of other various tweaks happened along the way. The major new features are: * OpenSSL 1.1.0 is supported * OpenSSL 0.9.8 is no longer supported (aka all OSX users by default) * All FFI bindings are verified with the `ctest` crate (same way as the `libc` crate) * CI matrixes are vastly expanded to include 32/64 of all platforms, more OpenSSL version coverage, as well as ARM coverage on Linux * The `c_helpers` module is completely removed along with the `gcc` dependency. * The `openssl-sys` build script was completely rewritten * Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars. * Better error messages for mismatched versions. * Better error messages for failing to find OpenSSL on a platform (more can be done here) * Probing of OpenSSL build-time configuration to inform the API of the `*-sys` crate. * Many Cargo features have been removed as they're now enabled by default. As this is a breaking change to both the `openssl` and `openssl-sys` crates this will necessitate a major version bump of both. There's still a few more API questions remaining but let's hash that out on a PR! Closes #452
* Fix SslContext::add_extra_chain_certSteven Fackler2016-08-172-3/+16
| | | | | | | | | SSL_CTX_add_extra_chain_cert assumes ownership of the certificate, so the method really needs to take an X509 by value. Work around this by manually cloning the cert. This method has been around for over a year but I'm guessing nobody actually used it since it produces a nice double free into segfault!
* Ignore flickering test on windowsSteven Fackler2016-08-161-0/+1
|
* PKCS #12 supportSteven Fackler2016-08-141-1/+1
|
* More test fixesSteven Fackler2016-08-141-1/+1
|
* Fix testsSteven Fackler2016-08-141-9/+9
|
* Start on PKCS #12 supportSteven Fackler2016-08-141-4/+4
|
* Mangle c helper functionsSteven Fackler2016-08-131-1/+1
| | | | | | | We want to make sure that multiple openssl versions can coexist in the same dependency tree. Closes #438
* Fix testsSteven Fackler2016-08-101-1/+1
|
* Little tweaksSteven Fackler2016-08-101-3/+6
|
* Method renamesSteven Fackler2016-08-101-3/+3
|
* More API cleanupSteven Fackler2016-08-101-1/+1
|
* Make c_helpers optionalSteven Fackler2016-08-091-108/+137
|
* Remove rust_SSL_cloneSteven Fackler2016-08-092-60/+95
|
* Move init to crate rootSteven Fackler2016-08-071-7/+2
|
* get_error -> errorSteven Fackler2016-08-071-2/+2
|
* Clean up asn1timeSteven Fackler2016-08-061-33/+37
|
* Fix pkey method safetySteven Fackler2016-08-051-1/+1
|
* Clean up x509Steven Fackler2016-08-052-9/+9
|
* Move SSL_CTX_set_ecdh_auto to -sysSteven Fackler2016-08-041-1/+1
|
* Mvoe SSL_CTX_add_extra_chain_cert to -sysSteven Fackler2016-08-041-3/+2
|
* Move SSL_CTX_set_tmp_dh to -sysSteven Fackler2016-08-041-1/+1
|
* Move SSL_CTX_set_read_ahead to -sysSteven Fackler2016-08-041-1/+1
|
* Move SSL_CTX_set_tlsext_servername_callback to -sysSteven Fackler2016-08-041-1/+1
|
* Move SSL_set_tlsext_host_name to -sysSteven Fackler2016-08-041-1/+1
|
* Move BIO macros into -sysSteven Fackler2016-08-041-2/+2
|
* Stop once-ing init wrapperSteven Fackler2016-08-041-3/+2
| | | | The underlying function already once-s itself
* Support basic SSL options without C shimsSteven Fackler2016-08-041-51/+31
|
* Define SSL_CTX_set_mode in openssl-sysSteven Fackler2016-08-021-1/+1
|
* Restructure PEM input/output methodsSteven Fackler2016-08-021-11/+4
| | | | | Dealing with byte buffers directly avoids error handling weirdness and we were loading it all into memory before anyway.
* Merge pull request #432 from alexcrichton/mid-handshakeSteven Fackler2016-07-312-19/+136
|\ | | | | Add MidHandshakeSslStream
| * Add MidHandshakeSslStreamAlex Crichton2016-07-312-19/+136
| | | | | | | | | | | | Allows recognizing when a stream is still in handshake mode and can gracefully transition when ready. The blocking usage of the API should still be the same, just helps nonblocking implementations!
* | Fix build with dtlsSteven Fackler2016-07-311-2/+2
|/
* Merge remote-tracking branch 'origin/master' into breaksSteven Fackler2016-07-313-43/+64
|\
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-01 17:09:05 +0000