Joseph Birr-Pixton
bad9bd7454
Fix at base64 0.12.1
...
0.12.2 has a breaking MSRV change
2020-06-20 13:25:21 +01:00
Joseph Birr-Pixton
02910b186f
Remove unused use of Error
2020-06-20 13:10:53 +01:00
Joseph Birr-Pixton
ac3573bf98
Remove dependency on tempfile
...
This broke the MSRV build, and was bringing in the whole
of rand, wasi, and a ton of other stuff. All so we could
have a temporary directory during a few tests. 6 crates for
generating randomness just for that!
This accounted for 10% of the size of Cargo.lock alone.
2020-06-20 13:04:59 +01:00
Joseph Birr-Pixton
1b99071bc4
Test that OwnedTrustAnchor::to_trust_anchor is public
2020-06-20 11:50:26 +01:00
ctz
e5b9210cb4
Audit report with editorial changes
2020-06-15 22:15:23 +01:00
Joseph Birr-Pixton
d6176ed6ac
Update fuzz targets
...
Prepare to run them in CI
2020-06-14 11:14:40 +01:00
Joseph Birr-Pixton
5a06734777
Add audit report
2020-06-13 20:38:32 +01:00
Joseph Birr-Pixton
5efd23a068
Rewrite x509::wrap_in_sequence to be more general
...
Actually, it's only slightly more complex to make this
work for all possible usize values. So let's do that.
2020-06-12 21:01:48 +01:00
Joseph Birr-Pixton
cac66a8c18
error description() is deprecated; avoid it
2020-06-08 21:33:03 +01:00
Joseph Birr-Pixton
6f252aa812
Fix coverage: output binaries have moved in nightly
2020-06-08 21:23:50 +01:00
Joseph Birr-Pixton
8c6a76f877
Minimum rustc version is now 1.39
2020-06-08 21:06:08 +01:00
Joseph Birr-Pixton
227d9a2aff
Assert x.509 name is shorter than 64KB
...
Otherwise this function produces incorrect output.
2020-06-08 21:06:06 +01:00
Joseph Birr-Pixton
22a9a49bd4
Test for 64KB certificate chain limit
2020-06-07 18:29:24 +01:00
Joseph Birr-Pixton
1803e8e7ad
Improve msgs::message coverage
2020-06-07 17:21:11 +01:00
Joseph Birr-Pixton
39175e7252
Refactor state machine message checking
...
Instead of having check_message called separately, do all
checking inside the state transition functions.
This means certain errors need to be detected to get
the right alert behaviour. But it dramatically
decreases the number of .unwrap()s and makes things
simpler.
2020-06-07 16:50:03 +01:00
Joseph Birr-Pixton
46c259bd8e
Assert if we send several fatal alerts in session
2020-05-24 10:58:29 +01:00
Benjamin Saunders
cf457c4315
Fix out-of-phase key update
...
We were returning keys from the previous phase rather than the current
one.
2020-05-24 10:28:58 +01:00
Benjamin Saunders
b940acce5e
Improve concision
2020-05-24 10:28:58 +01:00
Benjamin Saunders
70c558b186
Don't set legacy_session_id for QUIC
2020-05-24 10:28:58 +01:00
Joseph Birr-Pixton
f07f8b135d
Refactor deframer to hopefully improve clarity
...
There were some unwraps here that we can get rid of if we unduplicate
the work Message::read already does. That goes in Message::read_with_detailed_error.
Delete a fuzz corpus file that was actually wrong, but allowed by Message::read's
previous lax semantics.
2020-05-16 18:26:02 +01:00
Joseph Birr-Pixton
e680b3b6c7
Remove writev_tls; use std::io::Write::write_vectored
...
This is just a whole lot better.
2020-05-15 21:42:03 +01:00
Marc-Antoine Perennou
2912dbffde
stream: implement write_vectored
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2020-05-15 20:40:07 +01:00
Joseph Birr-Pixton
68c276b97c
Update README for client auth issue
2020-05-15 20:37:44 +01:00
Joseph Birr-Pixton
63584de444
Remove checks on certtypes in CertificateRequest
2020-05-15 20:32:36 +01:00
Joseph Birr-Pixton
616392f4d8
Fix tlsserver on Windows
...
mio 0.6 allowed selection of level- or edge-triggered events. mio 0.7 removed
that, and on Windows events on server sockets are genuinely edge-triggered:
coalescing multiple incoming sockets into one event. Therefore, accept
sockets until we can't accept any more.
2020-05-10 16:19:55 +01:00
Joseph Birr-Pixton
ab9dc83d9b
tlsclient/tlsserver: reregister to reflect current state
...
Each message might lead to potentially different IO interests.
This fixes a non-deterministic hang during tests.
2020-05-10 11:58:27 +01:00
Joseph Birr-Pixton
cdd403fe98
Revert "Revert "rustls-mio: bump mio to 0.7""
...
This reverts commit 7e670c2620
.
2020-05-09 20:13:55 +01:00
Joseph Birr-Pixton
7e670c2620
Revert "rustls-mio: bump mio to 0.7"
...
This reverts commit a99d3f0a2c
.
This reverts commit d5ecfb4b75
.
This reverts commit 83c6495770
.
2020-05-08 19:16:00 +01:00
Emmanuel Gil Peyrot
d5ecfb4b75
rustls-mio: fix tlsserver for mio 0.7
2020-05-08 18:53:17 +01:00
Emmanuel Gil Peyrot
83c6495770
rustls-mio: fix tlsclient for mio 0.7
2020-05-08 18:53:17 +01:00
Emmanuel Gil Peyrot
a99d3f0a2c
rustls-mio: bump mio to 0.7
2020-05-08 18:53:17 +01:00
Joseph Birr-Pixton
1c83b3ac03
Coverage improvements in suites/server
2020-05-08 18:51:05 +01:00
Joseph Birr-Pixton
69e3b6a12d
Coveralls is no longer used
2020-05-08 17:28:02 +01:00
Joseph Birr-Pixton
7225c99f5f
Further handshake.rs coverage
2020-05-08 16:55:34 +01:00
Joseph Birr-Pixton
79b0b5d775
Remove unused code
2020-05-08 16:55:34 +01:00
Joseph Birr-Pixton
fb1970c8fc
Tests for keylog.rs
2020-05-08 16:55:34 +01:00
Joseph Birr-Pixton
cb397f0e15
Test detection of truncated handshake messages
2020-05-08 16:55:34 +01:00
Benjamin Saunders
59ee30545e
Format quic
2020-05-05 19:48:07 +01:00
Benjamin Saunders
96acad1d55
quic: Expose keys rather than secrets
...
Strengthens protection of sensitive internal state and makes life
easier for QUIC implementations.
2020-05-05 19:48:07 +01:00
Joseph Birr-Pixton
b2fa83cada
Fix coverage build
...
Upstream removed -Zno-landing-pads; unfortunately there's still
no better coverage tooling.
Fortunately -Cpanic=abort is now feasible for tests thanks to
-Zpanic-abort-tests.
2020-05-03 11:34:02 +01:00
Joseph Birr-Pixton
3d43dca1f1
Update readme
2020-04-12 19:31:53 +01:00
Nicolas Viennot
a40724db72
bench: read server entirely before sending buffer to client
...
Previously, write_tls() was always getting aligned buffers,
avoiding testing certain code paths.
2020-04-12 16:57:10 +01:00
Nicolas Viennot
cfde038d29
bench: allow MTU to be specified for the server bulk bench
2020-04-12 16:56:02 +01:00
Joseph Birr-Pixton
73755737de
Minimum tool chain is now 1.37
2020-04-12 16:26:43 +01:00
Nicolas Viennot
cc1267ed4e
Improve tls_read() performance
...
Changing a for loop in deframer with memmove() reduces CPU utilization
by 30% when downloading a 1G file over https.
2020-04-12 16:26:43 +01:00
Joseph Birr-Pixton
8e9751f9ef
Remove bogo/trytls from travis
2020-04-12 16:26:05 +01:00
Joseph Birr-Pixton
339923fc53
Get new bogo version working
2020-04-12 11:34:22 +01:00
Joseph Birr-Pixton
42c3a8c17c
Detect and reject server changing suite with 0rtt resume
2020-04-12 11:34:22 +01:00
Joseph Birr-Pixton
614abdeb0f
Clean up checking of hs joiner state
...
- Also check at the end of a handshake flight (bogo now has tests for this).
- Unduplicate the code for CCS checking.
- Send a more accurate alert type.
2020-04-12 11:34:22 +01:00
Joseph Birr-Pixton
222bfa8d12
TLS1.3: swallow user_cancelled warning alerts
2020-04-12 11:34:22 +01:00