From ffa9d330fda20d8b7ae9289383151a32e8017d12 Mon Sep 17 00:00:00 2001 From: Nathan Lilienthal Date: Thu, 1 Oct 2015 20:33:12 -0400 Subject: Add public key PEM read function. --- openssl-sys/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 45d03ac8..49e76a11 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -485,6 +485,8 @@ extern "C" { user_data: *mut c_void) -> *mut X509_REQ; pub fn PEM_read_bio_PrivateKey(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option, user_data: *mut c_void) -> *mut X509; + pub fn PEM_read_bio_PUBKEY(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option, + user_data: *mut c_void) -> *mut X509; pub fn PEM_write_bio_PrivateKey(bio: *mut BIO, pkey: *mut EVP_PKEY, cipher: *const EVP_CIPHER, kstr: *mut c_char, klen: c_int, -- cgit v1.2.3 From acbcb49414e5b5697b601cc09f5e0f78179fbf06 Mon Sep 17 00:00:00 2001 From: Will Tange Date: Fri, 9 Oct 2015 17:35:20 +0200 Subject: AES CFB{1,8,128} mode support --- openssl-sys/src/lib.rs | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 3bc9e59a..b07d243b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -417,6 +417,9 @@ extern "C" { #[cfg(feature = "aes_ctr")] pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; // fn EVP_aes_128_gcm() -> EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; #[cfg(feature = "aes_xts")] @@ -424,6 +427,9 @@ extern "C" { #[cfg(feature = "aes_ctr")] pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; // fn EVP_aes_256_gcm() -> EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; pub fn EVP_rc4() -> *const EVP_CIPHER; pub fn EVP_BytesToKey(typ: *const EVP_CIPHER, md: *const EVP_MD, -- cgit v1.2.3 From a28253ee7d73250abff2ce3934acca36175f9866 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 12 Oct 2015 20:54:00 +0200 Subject: Add set_certificate_chain_file() SSL_CTX_use_certificate_chain_file() is preferred over SSL_CTX_use_certificate_file(). It allows the use of complete certificate chains instead of loading only the first certificate in a PEM file. --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 29d87214..691934ab 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -575,6 +575,7 @@ extern "C" { pub fn SSL_CTX_get_ex_data(ctx: *mut SSL_CTX, idx: c_int) -> *mut c_void; pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int; + pub fn SSL_CTX_use_certificate_chain_file(ctx: *mut SSL_CTX, cert_chain_file: *const c_char, file_type: c_int) -> c_int; pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int; -- cgit v1.2.3 From 3ca5ecac7427cd37947352552cc517c7db8fd4fd Mon Sep 17 00:00:00 2001 From: radare Date: Mon, 12 Oct 2015 23:20:33 +0200 Subject: Add certs.pem in cert probe list It turns out that some distributions use /etc/ssl/certs.pem, which was causing some troubles. Related issue https://github.com/rust-lang/cargo/issues/1978#issuecomment-147515236 --- openssl-sys/src/probe.rs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/probe.rs b/openssl-sys/src/probe.rs index 6a67e478..e3711b54 100644 --- a/openssl-sys/src/probe.rs +++ b/openssl-sys/src/probe.rs @@ -57,10 +57,14 @@ pub fn probe() -> ProbeResult { for certs_dir in find_certs_dirs().iter() { // cert.pem looks to be an openssl 1.0.1 thing, while // certs/ca-certificates.crt appears to be a 0.9.8 thing - try(&mut result.cert_file, certs_dir.join("cert.pem")); - try(&mut result.cert_file, certs_dir.join("certs/ca-certificates.crt")); - try(&mut result.cert_file, certs_dir.join("certs/ca-root-nss.crt")); - + for cert in [ + "cert.pem", + "certs.pem", + "certs/ca-certificates.crt", + "certs/ca-root-nss.crt" + ].iter() { + try(&mut result.cert_file, certs_dir.join(cert)); + } try(&mut result.cert_dir, certs_dir.join("certs")); } result -- cgit v1.2.3 From d341a6efebfb569b387465180b7db651504d8444 Mon Sep 17 00:00:00 2001 From: Lars Bergstrom Date: Wed, 14 Oct 2015 19:39:40 -0500 Subject: Update OpenSSL version checks to 1.0 numbers instead of 0.10 numbers --- openssl-sys/src/openssl_shim.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/openssl_shim.c b/openssl-sys/src/openssl_shim.c index f0f55b27..8ebe23ac 100644 --- a/openssl-sys/src/openssl_shim.c +++ b/openssl-sys/src/openssl_shim.c @@ -29,7 +29,7 @@ void rust_openssl_set_id_callback() { #endif -#if OPENSSL_VERSION_NUMBER < 0x1000000L +#if OPENSSL_VERSION_NUMBER < 0x10000000L // Copied from openssl crypto/hmac/hmac.c int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { @@ -111,7 +111,7 @@ long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) { return SSL_CTX_set_tmp_dh(ctx, dh); } -#if OPENSSL_VERSION_NUMBER >= 0x1000200L +#if OPENSSL_VERSION_NUMBER >= 0x10002000L int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) { return SSL_CTX_set_ecdh_auto(ctx, onoff); } -- cgit v1.2.3 From f318a2c84cd649085891aafe8b0a5cb385d37f67 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 14 Oct 2015 22:25:03 -0400 Subject: Release v0.6.7 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index df9190e5..bc177959 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.6")] +#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.7")] extern crate libc; -- cgit v1.2.3