From ffa9d330fda20d8b7ae9289383151a32e8017d12 Mon Sep 17 00:00:00 2001 From: Nathan Lilienthal Date: Thu, 1 Oct 2015 20:33:12 -0400 Subject: Add public key PEM read function. --- openssl-sys/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'openssl-sys') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 45d03ac8..49e76a11 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -485,6 +485,8 @@ extern "C" { user_data: *mut c_void) -> *mut X509_REQ; pub fn PEM_read_bio_PrivateKey(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option, user_data: *mut c_void) -> *mut X509; + pub fn PEM_read_bio_PUBKEY(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option, + user_data: *mut c_void) -> *mut X509; pub fn PEM_write_bio_PrivateKey(bio: *mut BIO, pkey: *mut EVP_PKEY, cipher: *const EVP_CIPHER, kstr: *mut c_char, klen: c_int, -- cgit v1.2.3 From d7342a09a77088e096535205944ffc4a201b8c5d Mon Sep 17 00:00:00 2001 From: Laurence Tratt Date: Sat, 3 Oct 2015 17:25:38 +0059 Subject: Fix build on LibreSSL. LibreSSL has deprecated SSLv3_method, so this commit makes that a compile-time feature. It also removes a test referencing SSL_OP_CISCO_ANYCONNECT, as the LibreSSL header says it is amongst "Obsolete flags kept for compatibility. No sane code should use them." --- openssl-sys/Cargo.toml | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys') diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index 5a01318c..0bdb814b 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -17,6 +17,7 @@ tlsv1_1 = [] dtlsv1 = [] dtlsv1_2 = [] sslv2 = [] +sslv3 = [] aes_xts = [] aes_ctr = [] npn = [] -- cgit v1.2.3 From acbcb49414e5b5697b601cc09f5e0f78179fbf06 Mon Sep 17 00:00:00 2001 From: Will Tange Date: Fri, 9 Oct 2015 17:35:20 +0200 Subject: AES CFB{1,8,128} mode support --- openssl-sys/src/lib.rs | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'openssl-sys') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 3bc9e59a..b07d243b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -417,6 +417,9 @@ extern "C" { #[cfg(feature = "aes_ctr")] pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; // fn EVP_aes_128_gcm() -> EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; #[cfg(feature = "aes_xts")] @@ -424,6 +427,9 @@ extern "C" { #[cfg(feature = "aes_ctr")] pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; // fn EVP_aes_256_gcm() -> EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; pub fn EVP_rc4() -> *const EVP_CIPHER; pub fn EVP_BytesToKey(typ: *const EVP_CIPHER, md: *const EVP_MD, -- cgit v1.2.3 From a28253ee7d73250abff2ce3934acca36175f9866 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 12 Oct 2015 20:54:00 +0200 Subject: Add set_certificate_chain_file() SSL_CTX_use_certificate_chain_file() is preferred over SSL_CTX_use_certificate_file(). It allows the use of complete certificate chains instead of loading only the first certificate in a PEM file. --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 29d87214..691934ab 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -575,6 +575,7 @@ extern "C" { pub fn SSL_CTX_get_ex_data(ctx: *mut SSL_CTX, idx: c_int) -> *mut c_void; pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int; + pub fn SSL_CTX_use_certificate_chain_file(ctx: *mut SSL_CTX, cert_chain_file: *const c_char, file_type: c_int) -> c_int; pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int; -- cgit v1.2.3 From 3ca5ecac7427cd37947352552cc517c7db8fd4fd Mon Sep 17 00:00:00 2001 From: radare Date: Mon, 12 Oct 2015 23:20:33 +0200 Subject: Add certs.pem in cert probe list It turns out that some distributions use /etc/ssl/certs.pem, which was causing some troubles. Related issue https://github.com/rust-lang/cargo/issues/1978#issuecomment-147515236 --- openssl-sys/src/probe.rs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'openssl-sys') diff --git a/openssl-sys/src/probe.rs b/openssl-sys/src/probe.rs index 6a67e478..e3711b54 100644 --- a/openssl-sys/src/probe.rs +++ b/openssl-sys/src/probe.rs @@ -57,10 +57,14 @@ pub fn probe() -> ProbeResult { for certs_dir in find_certs_dirs().iter() { // cert.pem looks to be an openssl 1.0.1 thing, while // certs/ca-certificates.crt appears to be a 0.9.8 thing - try(&mut result.cert_file, certs_dir.join("cert.pem")); - try(&mut result.cert_file, certs_dir.join("certs/ca-certificates.crt")); - try(&mut result.cert_file, certs_dir.join("certs/ca-root-nss.crt")); - + for cert in [ + "cert.pem", + "certs.pem", + "certs/ca-certificates.crt", + "certs/ca-root-nss.crt" + ].iter() { + try(&mut result.cert_file, certs_dir.join(cert)); + } try(&mut result.cert_dir, certs_dir.join("certs")); } result -- cgit v1.2.3 From 8ed840cdf5e5b36933aed527c5412225d3d222a3 Mon Sep 17 00:00:00 2001 From: Alex Crichton Date: Tue, 13 Oct 2015 15:58:45 -0700 Subject: Add metadata for the include dir of openssl If OpenSSL is installed at a nonstandard location dependencies on OpenSSL may want to know where it was found to be installed at. --- openssl-sys/build.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys') diff --git a/openssl-sys/build.rs b/openssl-sys/build.rs index 5f934888..aa47f2de 100644 --- a/openssl-sys/build.rs +++ b/openssl-sys/build.rs @@ -62,6 +62,7 @@ fn main() { let mut include_dirs = vec![]; if let Some(include_dir) = include_dir { + println!("cargo:include={}", include_dir); include_dirs.push(PathBuf::from(&include_dir)); } -- cgit v1.2.3 From d341a6efebfb569b387465180b7db651504d8444 Mon Sep 17 00:00:00 2001 From: Lars Bergstrom Date: Wed, 14 Oct 2015 19:39:40 -0500 Subject: Update OpenSSL version checks to 1.0 numbers instead of 0.10 numbers --- openssl-sys/src/openssl_shim.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'openssl-sys') diff --git a/openssl-sys/src/openssl_shim.c b/openssl-sys/src/openssl_shim.c index f0f55b27..8ebe23ac 100644 --- a/openssl-sys/src/openssl_shim.c +++ b/openssl-sys/src/openssl_shim.c @@ -29,7 +29,7 @@ void rust_openssl_set_id_callback() { #endif -#if OPENSSL_VERSION_NUMBER < 0x1000000L +#if OPENSSL_VERSION_NUMBER < 0x10000000L // Copied from openssl crypto/hmac/hmac.c int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { @@ -111,7 +111,7 @@ long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) { return SSL_CTX_set_tmp_dh(ctx, dh); } -#if OPENSSL_VERSION_NUMBER >= 0x1000200L +#if OPENSSL_VERSION_NUMBER >= 0x10002000L int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) { return SSL_CTX_set_ecdh_auto(ctx, onoff); } -- cgit v1.2.3 From ae3d0e36d71bb121c2fc1a75b3bc6d97f0e61480 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 14 Oct 2015 21:51:32 -0400 Subject: Revert "Merge pull request #280 from ltratt/libressl_build" This reverts commit aad933e5077b2c73e1f05d7314e442531a562bcf, reversing changes made to 60ee731408facdc8e3dfc000fdee2f1291fad664. --- openssl-sys/Cargo.toml | 1 - 1 file changed, 1 deletion(-) (limited to 'openssl-sys') diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index 1d4db475..b13fc80a 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -17,7 +17,6 @@ tlsv1_1 = [] dtlsv1 = [] dtlsv1_2 = [] sslv2 = [] -sslv3 = [] aes_xts = [] aes_ctr = [] npn = [] -- cgit v1.2.3 From f318a2c84cd649085891aafe8b0a5cb385d37f67 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 14 Oct 2015 22:25:03 -0400 Subject: Release v0.6.7 --- openssl-sys/Cargo.toml | 4 ++-- openssl-sys/src/lib.rs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'openssl-sys') diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index b13fc80a..045e15eb 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -1,12 +1,12 @@ [package] name = "openssl-sys" -version = "0.6.6" +version = "0.6.7" authors = ["Alex Crichton ", "Steven Fackler "] license = "MIT" description = "FFI bindings to OpenSSL" repository = "https://github.com/sfackler/rust-openssl" -documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.6/openssl_sys" +documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.7/openssl_sys" links = "openssl" build = "build.rs" diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index df9190e5..bc177959 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.6")] +#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.7")] extern crate libc; -- cgit v1.2.3