Joseph Birr-Pixton
3d874b17aa
Require interior mutability from persistence impls
2017-06-17 14:27:08 +01:00
Joseph Birr-Pixton
b5de72ecd4
Clone for ServerConfig too
...
And test for clone/debug on our types
2017-06-17 14:27:03 +01:00
ctz
10784deae2
Merge pull request #76 from stepancheg/debug
...
Dummy Debug implemnetation for ClientSession and ServerSession
2017-06-17 11:04:04 +01:00
Joseph Birr-Pixton
0d6bb1cde6
Fix build for all features
2017-06-11 10:21:16 +01:00
Joseph Birr-Pixton
72390eac17
Tighten up warnings and fix resulting issues
2017-06-10 21:29:19 +01:00
Stepan Koltsov
35c4d739dd
Dummy Debug implemnetation for ClientSession and ServerSession
...
It is not very useful per se, but at least `#[derive(Debug)]` will
work on user data structs containing `ClientSession` of `ServerSession`.
2017-06-04 22:42:44 +03:00
Joseph Birr-Pixton
a1119e260e
Prefer ? to try!
2017-06-04 18:11:27 +01:00
Joseph Birr-Pixton
9e3d7a497e
Store the verifier in a Box
...
These objects are seldom created.
2017-05-14 17:44:51 +01:00
Joseph Birr-Pixton
78e057367f
hide verifier accessor from docs
2017-05-13 18:08:21 +01:00
Joseph Birr-Pixton
02cccf3a07
Allow configuration of whole cert verifier
...
This is hidden behind the dangerous_configuration feature.
2017-05-13 18:08:20 +01:00
Joseph Birr-Pixton
3fac54a6ea
Move root stores into anchors.rs
2017-05-12 21:12:45 +01:00
Joseph Birr-Pixton
dac2274e80
Support PKCS8 private keys
...
Also follow upstream changes in ring/base64
2017-05-04 20:51:50 +01:00
Joseph Birr-Pixton
1a1904ee4b
Implement buffer limits
...
- ChunkVecBuffer now has a limit, by default 0 (no limit)
- The pending-plaintext and pending-records buffers can have their
respective limits set.
- There are tests for these limits pre- and post-handshake.
2017-04-30 16:55:26 +01:00
Joseph Birr-Pixton
3bb21abda5
Fix most clippy issues
2017-02-18 06:33:42 +00:00
Joseph Birr-Pixton
466ed6381a
Support RFC7627 extended master secret
2017-02-17 02:10:39 +00:00
Joseph Birr-Pixton
61580744ac
Refactor how ConnState/Handler works
...
There's now one source of truth for the connection state:
Client/ServerSessionImpl.state. It's the Handler (now renamed)
for the next message.
Rename a lot of the Handlers to clean things up.
2017-02-05 19:27:26 -08:00
Joseph Birr-Pixton
71b82c4e7a
Make protocol errors 'sticky'
...
It's not sensible to report a protocol error once, and then
continue the next call like nothing happened. Now process_new_packets
fails forever after any error.
This does not affect IO functions.
2017-01-29 15:48:22 +00:00
Joseph Birr-Pixton
55db8e108b
Make ResolvesServerCert have same shape as client
2017-01-29 12:13:59 +00:00
Joseph Birr-Pixton
c151a431fd
Attach Send+Sync to traits, rather than uses
2017-01-29 12:05:41 +00:00
Joseph Birr-Pixton
3c01801b88
Expose ResolvesClientCert/ResolvesServerCert
...
- make the types in these traits as standard as possible, to
avoid exposing more internal types than necessary
- but need to expose SignatureScheme
- expose sign module too, because this is a return type of these
- improve assorted docs
- add some tests to check these are called with sane arguments
Addresses issue #44
2017-01-28 22:50:14 +00:00
Joseph Birr-Pixton
ac37262391
Remove one copy in send path.
2017-01-22 20:52:40 +00:00
Joseph Birr-Pixton
4cf865ad48
Only do HRR once
2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton
19064158a2
More alert/error case fixes
2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton
3a7abe39e2
tls1.3: switch keys at the right times
2017-01-22 19:12:12 +00:00
Joseph Birr-Pixton
16ad9043ee
Reformat uses of try!()
2017-01-08 20:28:54 +00:00
Joseph Birr-Pixton
36d4826b6d
Server-side key updates (untested)
2017-01-05 21:20:52 +00:00
Joseph Birr-Pixton
2d7a359ee9
Allow switching versions on/off
...
And seeing negotiated version.
2017-01-05 21:20:32 +00:00
Joseph Birr-Pixton
924afe1afe
Server-side client auth support
2017-01-05 21:19:46 +00:00
Joseph Birr-Pixton
6b7d6ff817
More work on TLS1.3 client auth
2017-01-05 21:19:20 +00:00
Joseph Birr-Pixton
c44b246352
Server-side TLS1.3
...
Most tests pass, except that client certs aren't yet implemented.
2017-01-05 21:17:57 +00:00
Joseph Birr-Pixton
2a35c6c73b
Support TLS1.3 KeyUpdate
...
This involved quite a lot of reorganisation.
2017-01-05 21:16:55 +00:00
Joseph Birr-Pixton
4f65466c7b
I broke is_handshaking, unittests++
2017-01-05 21:10:27 +00:00
Joseph Birr-Pixton
deb4228b58
Basic unverified handshake works
2017-01-05 21:09:34 +00:00
Joseph Birr-Pixton
45d50a23ac
Support assorted TLS1.3 types
2017-01-05 21:05:29 +00:00
Joseph Birr-Pixton
dc1d0d08db
cargo fmt
...
Formatting only commit: no functional change.
More cargo fmt
2017-01-04 19:49:01 +00:00
Joseph Birr-Pixton
34c8a771ae
Fix line lengths, and make SessionID saner
2017-01-04 19:47:07 +00:00
Pierre-Étienne Meunier
1d0d5a5497
Adding Certificate/PrivateKey types everywhere.
2016-12-07 11:25:36 +01:00
Joseph Birr-Pixton
eada6c0301
Fix docs for issue #34
2016-11-30 20:13:21 +00:00
Joseph Birr-Pixton
76408b78f6
Boxed traits need to be Send and sometimes Sync
2016-10-05 21:31:14 +01:00
Corey Farwell
3d5fbc0f7d
Utilize `Option::cloned` instead of `map` with `clone`.
2016-09-27 22:14:09 -04:00
Joseph Birr-Pixton
4063e36403
Add missing docs
2016-09-27 21:10:32 +01:00
Joseph Birr-Pixton
86267cef83
assert -> debug_assert in data path
2016-09-27 00:01:23 +01:00
Joseph Birr-Pixton
182fe0a13d
Send alert if we get close to wrapping counter
2016-09-26 19:35:23 +01:00
Joseph Birr-Pixton
d038633b31
expose alpn negotiation result, and improve tests
2016-09-21 21:36:38 +01:00
Joseph Birr-Pixton
d97049df47
Further copy optimisations
2016-09-20 01:52:30 +01:00
Joseph Birr-Pixton
ebea1df62f
Reduce clones/copies of big application data
2016-09-20 00:42:11 +01:00
Joseph Birr-Pixton
3081d2b17b
Support server tickets
...
Needs tests
2016-09-20 00:00:23 +01:00
Joseph Birr-Pixton
8f19bc7c77
Split up SessionRandoms/SessionSecrets
2016-09-11 22:01:27 +01:00
Corey Farwell
2e2afdfc71
Prefer `while let` over `loop` with `match`.
2016-09-09 22:50:42 -04:00
Joseph Birr-Pixton
c8d31c1e29
Let callers know when we're handshaking
...
Should fix issue #21
2016-09-03 16:06:25 +01:00