aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Fix get session callbackSteven Fackler2018-09-171-1/+1
| | | | | This could previously open up the possibility of a double-free! Closes #996
* Support the client hello callbackSteven Fackler2018-09-154-1/+247
|
* Support libressl 2.8.0Steven Fackler2018-09-121-9/+14
| | | | Closes #988
* Small cleanupSteven Fackler2018-09-021-14/+11
| | | | Closes #981
* Fix lookup errors with SNI callback.Steven Fackler2018-08-313-14/+59
| | | | | | | | | | | | | | | | | The job of an SNI callback is typically to swap out the context associated with an SSL depending on the domain the client is trying to talk to. Typically, only the callbacks associated with the current context are used, but this is not the case for the SNI callback. If SNI is run for a second time on a connection (i.e. in a renegotiation) and the context was replaced with one that didn't itself register an SNI callback, the old callback would run but wouldn't be able to find its state in the context's ex data. To work around this, we pass the pointer to the callback data directly to the callback to make sure it's always available. It still lives in ex data to handle the lifetime management. Closes #979
* Fix doc referenceSteven Fackler2018-08-191-2/+2
|
* SRTP cleanupSteven Fackler2018-08-192-39/+32
|
* Add methods for DTLS/SRTP key handshakeAron Wieck2018-08-142-0/+209
|
* Add get_shutdown and set_shutdownSteven Fackler2018-08-082-13/+62
|
* Support builds of OpenSSL from vendored source (take 2)Alex Crichton2018-07-301-0/+6
| | | | | | This is a revival of #684 to see if I can help push it across the finish line! Closes #580
* SslSessionRef methods return static stringsSteven Fackler2018-07-191-3/+6
| | | | Closes #961
* Fix build with openssl 1.1.1 and no-pskStefan Tatschner2018-06-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I used this as build flags for openssl 1.1.1: ``` /usr/bin/perl ./Configure linux-x86_64 no-shared no-zlib no-psk no-srp no-weak-ssl-ciphers no-idea ``` rust-openssl crashed with this error: ``` Compiling openssl v0.10.10 error[E0433]: failed to resolve. Use of undeclared type or module `CStr` --> /home/stefan/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-0.10.10/src/ssl/callbacks.rs:386:16 | 386 | let line = CStr::from_ptr(line).to_bytes(); | ^^^^ Use of undeclared type or module `CStr` error[E0412]: cannot find type `c_char` in this scope --> /home/stefan/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-0.10.10/src/ssl/callbacks.rs:377:75 | 377 | pub unsafe extern "C" fn raw_keylog<F>(ssl: *const ffi::SSL, line: *const c_char) | ^^^^^^ did you mean `c_uchar`? help: possible candidates are found in other modules, you can import them into scope | 1 | use libc::c_char; | 1 | use std::os::raw::c_char; | error: aborting due to 2 previous errors Some errors occurred: E0412, E0433. For more information about an error, try `rustc --explain E0412`. error: Could not compile `openssl`. warning: build failed, waiting for other jobs to finish... ``` this patch fixes the problem
* Merge pull request #943 from lolzballs/masterSteven Fackler2018-06-173-4/+128
|\ | | | | Add wrapper for SSL_CTX_set_psk_server_callback
| * Disable TLSv1.3 for psk_ciphers testBenjamin Cheng2018-06-171-0/+7
| |
| * Ensure psk test callbacks are calledBenjamin Cheng2018-06-021-0/+6
| |
| * push PSK callback errors onto ErrorStackBenjamin Cheng2018-06-021-2/+8
| |
| * Change psk test cipher to PSK-AES128-CBC-SHABenjamin Cheng2018-06-021-2/+3
| | | | | | | | Hopefully it works on CI servers now
| * Use is_null()Benjamin Cheng2018-06-021-1/+1
| |
| * add test for psk; deprecated set_psk_callbackBenjamin Cheng2018-06-022-0/+47
| |
| * Merge remote-tracking branch 'origin/master'Benjamin Cheng2018-06-026-515/+768
| |\
| * | Add wrapper for SSL_CTX_set_psk_server_callbackBenjamin Cheng2018-05-162-3/+60
| | |
* | | Switch to accessors in libressl where possibleSteven Fackler2018-06-092-38/+41
| | | | | | | | | | | | | | | | | | | | | Some accessors are mysteriously still macros so we can't make everything opaque yet, unfortunately. cc #909
* | | Add SslRef::set_alpn_protosSteven Fackler2018-06-041-0/+26
| | |
* | | Update to 1.1.1-pre7Steven Fackler2018-06-022-43/+100
| |/ |/| | | | | | | | | | | | | | | The initial session ticket is now sent as part of SSL_accept, so some tests need to write a single byte through the stream to make sure that both ends have fully completed to avoid test flakes. TLSv1.3 cipher suite control has been extracted from the normal cipher list into a separate method: SslContextBuilder::set_ciphersuites.
* | Add SslRef::verified_chainSteven Fackler2018-05-291-8/+26
| |
* | Rename X509Ref::fingerprint to X509Ref::digest and avoid allocatingSteven Fackler2018-05-241-6/+6
| |
* | Don't panic on bogus servernamesSteven Fackler2018-05-241-1/+25
| | | | | | | | | | | | | | Also add a second version of the method to avoid filtering out non-utf8 names. Closes #930
* | Add bindings to SSL_get_finished and SSL_get_peer_finishedSteven Fackler2018-05-241-6/+46
| | | | | | | | These are used for the tls-unique SCRAM channel binding mode.
* | Merge pull request #920 from Ralith/max-early-data-accessorsSteven Fackler2018-05-221-1/+186
|\ \ | | | | | | TLS1.3 early data support
| * | Expose early I/OBenjamin Saunders2018-05-221-1/+89
| | |
| * | Expose early keying material exportBenjamin Saunders2018-05-171-0/+27
| | |
| * | Expose max TLS1.3 early data accessorsBenjamin Saunders2018-05-171-0/+70
| |/
* | Revert "Move proto version accessors to SslContextRef"Steven Fackler2018-05-201-52/+44
| |
* | Move proto version accessors to SslContextRefSteven Fackler2018-05-201-44/+52
| | | | | | | | Add a Derf impl for SslContextBuilder so existing use still works.
* | Improve error Display implsSteven Fackler2018-05-201-8/+9
| |
* | Support ALPN on libresslSteven Fackler2018-05-203-17/+21
| | | | | | | | Closes #690
* | Overhaul openssl cfgsSteven Fackler2018-05-205-459/+438
| | | | | | | | Also expose hostname verification on libressl
* | Support min/max version in LibreSSLSteven Fackler2018-05-192-16/+18
|/ | | | | Their implementations of the accessors don't behave expected with no bounds, so we ignore those bits of the tests.
* Merge Ssl impl blocksSteven Fackler2018-05-121-57/+55
|
* Clean up SSL callbacksSteven Fackler2018-05-122-68/+76
| | | | | Also add an Arc to avoid a weird use after free edge case if a callback changes a callback.
* Disable tests that talk to Google on LibreSSL 2.5.0Steven Fackler2018-05-122-1/+5
| | | | | They're flickering, and I'm assuming it's just because that version is so old.
* Change SslContext callback handlingSteven Fackler2018-05-122-240/+151
| | | | Use the existing infrastructure!
* Fix base version for min/max proto accessorsSteven Fackler2018-05-092-32/+49
| | | | Closes #911
* Expose SslSession <-> DER conversionBenjamin Saunders2018-04-291-0/+23
|
* Some misc cleanupSteven Fackler2018-04-271-60/+81
|
* Merge pull request #858 from Ralith/stateless-apiSteven Fackler2018-03-313-41/+331
|\ | | | | Introduce SslStreamBuilder
| * Add test for stateless connectionBenjamin Saunders2018-03-281-2/+119
| |
| * Introduce SslStreamBuilderBenjamin Saunders2018-03-281-34/+114
| |
| * Update to OpenSSL 1.1.1-pre3Benjamin Saunders2018-03-282-5/+98
| |
* | Clean up a couple of holdovers from old featuresSteven Fackler2018-03-292-14/+10
|/
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-11 19:21:02 +0000