aboutsummaryrefslogtreecommitdiff
path: root/openssl
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Fix one call to RSA_size found by testsMathijs van de Nes2015-09-111-1/+1
| | |
| * | Add tests to ensure a panic occurs instead of segvMathijs van de Nes2015-09-111-0/+32
| | |
| * | Check rsa.is_null() before passing it to RSA_sizeMathijs van de Nes2015-09-101-1/+22
| | | | | | | | | | | | RSA_size will cause an segmentation fault if it is null
| * | Check _fromstr function for successMathijs van de Nes2015-09-101-6/+13
| |/
* / Make the docs say that load_pub/save_pub methods take DER bytesAlex Gaynor2015-09-091-2/+2
|/
* Merge pull request #259 from jedisct1/dhSteven Fackler2015-09-015-2/+108
|\ | | | | Add support for DHE for forward secrecy
| * Add support for set_tmp_dh() and RFC5114 DH parameters for forward secrecy.Frank Denis2015-08-315-2/+108
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rust-openssl didn't support forward secrecy at all. This adds support for DHE, by exposing set_tmp_dh() as well as the RFC5114 parameters, which are conveniently exposed since OpenSSL 1.0.2. With OpenSSL >= 1.0.2, and the rfc5114 feature gate, enabling DHE is as simple as (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::dh::DH; let dh = DH::get_2048_256().unwrap(); ctx.set_tmp_dh(dh).unwrap(); With OpenSSL < 1.0.2, DH::from_params() can be used to manually specify the DH parameters (here for 2048-bit MODP group with 256-bit prime order subgroup): use openssl::bn::BigNum; use openssl::dh::DH; let p = BigNum::from_hex_str("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597").unwrap(); let g = BigNum::from_hex_str("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659").unwrap(); let q = BigNum::from_hex_str("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3").unwrap(); let dh = DH::from_params(p, g, q).unwrap(); ctx.set_tmp_dh(dh).unwrap();
* | Release v0.6.5Steven Fackler2015-08-312-3/+3
|/
* Merge pull request #251 from ebarnard/evp_bytestokeySteven Fackler2015-08-234-23/+138
|\ | | | | Expose EVP_BytesToKey
| * Expose EVP_BytesToKeyEdward Barnard2015-08-234-23/+138
| | | | | | | | | | This is based on work by pyrho. Closes #88
* | Merge pull request #253 from manuels/masterSteven Fackler2015-08-192-0/+35
|\ \ | | | | | | Add get_state_string()
| * | Add get_state_string()Manuel Schölling2015-08-172-0/+35
| | |
* | | Fix openssl source link in testsSteven Fackler2015-08-151-1/+1
| | |
* | | Merge pull request #240 from jethrogb/topic/x509_req_extensionSteven Fackler2015-08-152-9/+33
|\ \ \ | |/ / |/| | Implement certificate extensions for certificate requests
| * | Implement certificate extensions for certificate requestsJethro Beekman2015-07-082-9/+33
| | |
* | | Grab errno for directstream want errorsSteven Fackler2015-08-101-7/+2
| | |
* | | Handle WantWrite and WantRead errorsSteven Fackler2015-08-081-0/+8
| |/ |/|
* | Merge pull request #243 from manuels/masterSteven Fackler2015-08-022-2/+41
|\ \ | | | | | | Fix probelms with DTLS when no packets are pending.
| * | Fix probelms with DTLS when no packets are pending.Manuel Schölling2015-07-182-2/+41
| |/ | | | | | | | | | | | | | | | | | | | | When using DTLS you might run into the situation where no packets are pending, so SSL_read returns len=0. On a TLS connection this means that the connection was closed, but on DTLS it does not (a DTLS connection cannot be closed in the usual sense). This commit fixes a bug introduced by c8d23f3. Conflicts: openssl/src/ssl/mod.rs
* | Merge pull request #242 from awelkie/masterSteven Fackler2015-08-022-11/+17
|\ \ | | | | | | Added AES CTR-mode under feature flag.
| * | Added AES CTR-mode under feature flag.Allen Welkie2015-07-152-11/+17
| |/
* | Expose ssl::initpanicbit2015-07-261-1/+3
| |
* | Add function to write RSA public key as PEMAndrew Dunham2015-07-231-0/+32
| |
* | Make curl follow redirectsSteven Fackler2015-07-231-1/+1
|/
* Add missing C-string conversion, fixing recent build errorsJethro Beekman2015-07-081-3/+6
|
* Merge pull request #227 from jethrogb/topic/x509_nameSteven Fackler2015-07-082-7/+47
|\ | | | | Allow setting of arbitrary X509 names
| * Fix/add more X509generator testsJethro Beekman2015-07-082-4/+6
| |
| * Add X509generator.add_names methodJethro Beekman2015-07-081-0/+11
| |
| * Add public add_name method to X509GeneratorJethro Beekman2015-07-081-3/+16
| |
| * Replace CN field by names vectorJethro Beekman2015-07-081-4/+18
| |
* | Merge pull request #221 from jethrogb/topic/ssl_optionsSteven Fackler2015-07-081-29/+46
|\ \ | |/ |/| Several SSL option fixes
| * Decouple C SSL Option bit flags from Rust versionJethro Beekman2015-07-011-29/+46
| | | | | | | | | | | | | | The OpenSSL "SSL_OP_*" flags are in constant flux between different OpenSSL versions. To avoid having to change the Rust definitions, we implement our own numbering system in Rust, and use an automatically-generated C shim to convert the bitflags at runtime.
* | Merge pull request #233 from jethrogb/topic/x509_extensionSteven Fackler2015-07-084-122/+289
|\ \ | | | | | | Allow setting of arbitrary X509 extensions
| * | tabs to spacesJethro Beekman2015-07-011-76/+76
| | |
| * | Add documentation on X509 ExtensionsJethro Beekman2015-07-011-0/+42
| | |
| * | Add Issuer Alternative Name extensionJethro Beekman2015-07-011-0/+5
| | |
| * | Add Subject Alternate Name extensionJethro Beekman2015-07-012-1/+35
| | |
| * | Add arbitrary X509 extensions by OID stringJethro Beekman2015-07-013-15/+35
| | |
| * | Add arbitrary X509 extensions by NIDJethro Beekman2015-07-012-2/+8
| | |
| * | Add public generic extension interface to X509GeneratorJethro Beekman2015-07-012-13/+49
| | | | | | | | | | | | | | | | | | * Add add_extension and add_extensions functions * Deprecate set_usage and set_ext_usage * Change test to use add_extension
| * | Implement arbitrary X509 Extended Key Usage valuesJethro Beekman2015-07-012-3/+6
| | |
| * | Implement "extensions" field in X509generator, and change existing ↵Jethro Beekman2015-07-013-25/+53
| | | | | | | | | | | | extensions to use that
| * | Turn assertions into unwraps such that tests provide useful output on panic.Jethro Beekman2015-07-011-7/+3
| | |
| * | Turn "dirty hack" into slightly less dirty hack, with potential to become ↵Jethro Beekman2015-07-011-18/+10
| | | | | | | | | | | | non-dirty
| * | Move X509 extensions to seperate module, implement ToString instead of ↵Jethro Beekman2015-07-012-70/+75
| |/ | | | | | | custom AsStr
* | Release v0.6.4Steven Fackler2015-07-062-4/+4
| |
* | Unpin the bitflags version.Ms2ger2015-07-061-1/+1
|/ | | | | This dependency causes Servo to depend on multiple versions of the bitflags crate.
* Add a test that checks whether 3 known subject attributes can be retrieved ↵Jethro Beekman2015-06-302-0/+41
| | | | by NID
* Fix NID definitions to match OpenSSL. The previous numbers were introduced ↵Jethro Beekman2015-06-301-2/+5
| | | | incorrectly in #213
* Revert "Don't build a custom openssl on OSX"Steven Fackler2015-06-301-0/+10
| | | | | | This reverts commit 645430602d0f4d56c6ab153b68a11c6be6d8b183. We actually need 1.0.2 for DTLSv1.2 and ALPN
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-29 10:09:17 +0000