rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity
410 Commits 46 Branches 72 Tags 35 MiB
Commit Graph

82 Commits

Author SHA1 Message Date
Joseph Birr-Pixton 3d874b17aa Require interior mutability from persistence impls 2017-06-17 14:27:08 +01:00
Joseph Birr-Pixton b5de72ecd4 Clone for ServerConfig too 
And test for clone/debug on our types
 2017-06-17 14:27:03 +01:00
ctz 10784deae2 Merge pull request #76 from stepancheg/debug 
Dummy Debug implemnetation for ClientSession and ServerSession
 2017-06-17 11:04:04 +01:00
Joseph Birr-Pixton 0d6bb1cde6 Fix build for all features 2017-06-11 10:21:16 +01:00
Joseph Birr-Pixton 72390eac17 Tighten up warnings and fix resulting issues 2017-06-10 21:29:19 +01:00
Stepan Koltsov 35c4d739dd Dummy Debug implemnetation for ClientSession and ServerSession 
It is not very useful per se, but at least `#[derive(Debug)]` will
work on user data structs containing `ClientSession` of `ServerSession`.
 2017-06-04 22:42:44 +03:00
Joseph Birr-Pixton a1119e260e Prefer ? to try! 2017-06-04 18:11:27 +01:00
Joseph Birr-Pixton 9e3d7a497e Store the verifier in a Box 
These objects are seldom created.
 2017-05-14 17:44:51 +01:00
Joseph Birr-Pixton 78e057367f hide verifier accessor from docs 2017-05-13 18:08:21 +01:00
Joseph Birr-Pixton 02cccf3a07 Allow configuration of whole cert verifier 
This is hidden behind the dangerous_configuration feature.
 2017-05-13 18:08:20 +01:00
Joseph Birr-Pixton 3fac54a6ea Move root stores into anchors.rs 2017-05-12 21:12:45 +01:00
Joseph Birr-Pixton dac2274e80 Support PKCS8 private keys 
Also follow upstream changes in ring/base64
 2017-05-04 20:51:50 +01:00
Joseph Birr-Pixton 1a1904ee4b Implement buffer limits 
- ChunkVecBuffer now has a limit, by default 0 (no limit)
- The pending-plaintext and pending-records buffers can have their
  respective limits set.
- There are tests for these limits pre- and post-handshake.
 2017-04-30 16:55:26 +01:00
Joseph Birr-Pixton 3bb21abda5 Fix most clippy issues 2017-02-18 06:33:42 +00:00
Joseph Birr-Pixton 466ed6381a Support RFC7627 extended master secret 2017-02-17 02:10:39 +00:00
Joseph Birr-Pixton 61580744ac Refactor how ConnState/Handler works 
There's now one source of truth for the connection state:
Client/ServerSessionImpl.state.  It's the Handler (now renamed)
for the next message.

Rename a lot of the Handlers to clean things up.
 2017-02-05 19:27:26 -08:00
Joseph Birr-Pixton 71b82c4e7a Make protocol errors 'sticky' 
It's not sensible to report a protocol error once, and then
continue the next call like nothing happened.  Now process_new_packets
fails forever after any error.

This does not affect IO functions.
 2017-01-29 15:48:22 +00:00
Joseph Birr-Pixton 55db8e108b Make ResolvesServerCert have same shape as client 2017-01-29 12:13:59 +00:00
Joseph Birr-Pixton c151a431fd Attach Send+Sync to traits, rather than uses 2017-01-29 12:05:41 +00:00
Joseph Birr-Pixton 3c01801b88 Expose ResolvesClientCert/ResolvesServerCert 
- make the types in these traits as standard as possible, to
  avoid exposing more internal types than necessary
- but need to expose SignatureScheme
- expose sign module too, because this is a return type of these
- improve assorted docs
- add some tests to check these are called with sane arguments

Addresses issue #44
 2017-01-28 22:50:14 +00:00
Joseph Birr-Pixton ac37262391 Remove one copy in send path. 2017-01-22 20:52:40 +00:00
Joseph Birr-Pixton 4cf865ad48 Only do HRR once 2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton 19064158a2 More alert/error case fixes 2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton 3a7abe39e2 tls1.3: switch keys at the right times 2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton 16ad9043ee Reformat uses of try!() 2017-01-08 20:28:54 +00:00
Joseph Birr-Pixton 36d4826b6d Server-side key updates (untested) 2017-01-05 21:20:52 +00:00
Joseph Birr-Pixton 2d7a359ee9 Allow switching versions on/off 
And seeing negotiated version.
 2017-01-05 21:20:32 +00:00
Joseph Birr-Pixton 924afe1afe Server-side client auth support 2017-01-05 21:19:46 +00:00
Joseph Birr-Pixton 6b7d6ff817 More work on TLS1.3 client auth 2017-01-05 21:19:20 +00:00
Joseph Birr-Pixton c44b246352 Server-side TLS1.3 
Most tests pass, except that client certs aren't yet implemented.
 2017-01-05 21:17:57 +00:00
Joseph Birr-Pixton 2a35c6c73b Support TLS1.3 KeyUpdate 
This involved quite a lot of reorganisation.
 2017-01-05 21:16:55 +00:00
Joseph Birr-Pixton 4f65466c7b I broke is_handshaking, unittests++ 2017-01-05 21:10:27 +00:00
Joseph Birr-Pixton deb4228b58 Basic unverified handshake works 2017-01-05 21:09:34 +00:00
Joseph Birr-Pixton 45d50a23ac Support assorted TLS1.3 types 2017-01-05 21:05:29 +00:00
Joseph Birr-Pixton dc1d0d08db cargo fmt 
Formatting only commit: no functional change.

More cargo fmt
 2017-01-04 19:49:01 +00:00
Joseph Birr-Pixton 34c8a771ae Fix line lengths, and make SessionID saner 2017-01-04 19:47:07 +00:00
Pierre-Étienne Meunier 1d0d5a5497 Adding Certificate/PrivateKey types everywhere. 2016-12-07 11:25:36 +01:00
Joseph Birr-Pixton eada6c0301 Fix docs for issue #34 2016-11-30 20:13:21 +00:00
Joseph Birr-Pixton 76408b78f6 Boxed traits need to be Send and sometimes Sync 2016-10-05 21:31:14 +01:00
Corey Farwell 3d5fbc0f7d Utilize `Option::cloned` instead of `map` with `clone`. 2016-09-27 22:14:09 -04:00
Joseph Birr-Pixton 4063e36403 Add missing docs 2016-09-27 21:10:32 +01:00
Joseph Birr-Pixton 86267cef83 assert -> debug_assert in data path 2016-09-27 00:01:23 +01:00
Joseph Birr-Pixton 182fe0a13d Send alert if we get close to wrapping counter 2016-09-26 19:35:23 +01:00
Joseph Birr-Pixton d038633b31 expose alpn negotiation result, and improve tests 2016-09-21 21:36:38 +01:00
Joseph Birr-Pixton d97049df47 Further copy optimisations 2016-09-20 01:52:30 +01:00
Joseph Birr-Pixton ebea1df62f Reduce clones/copies of big application data 2016-09-20 00:42:11 +01:00
Joseph Birr-Pixton 3081d2b17b Support server tickets 
Needs tests
 2016-09-20 00:00:23 +01:00
Joseph Birr-Pixton 8f19bc7c77 Split up SessionRandoms/SessionSecrets 2016-09-11 22:01:27 +01:00
Corey Farwell 2e2afdfc71 Prefer `while let` over `loop` with `match`. 2016-09-09 22:50:42 -04:00
Joseph Birr-Pixton c8d31c1e29 Let callers know when we're handshaking 
Should fix issue #21
 2016-09-03 16:06:25 +01:00