Loading CHANGELOG.md +47 −1 Original line number Diff line number Diff line Loading @@ -2,6 +2,50 @@ ## [Unreleased] ## [v0.10.9] - 2018-06-01 ### Fixed * Fixed a use-after-free in `CmsContentInfo::sign`. * `SslRef::servername` now returns `None` rather than panicking on a non-UTF8 name. ### Added * Added `MessageDigest::from_nid`. * Added `Nid::signature_algorithms`, `Nid::long_name`, and `Nid::short_name`. * Added early data and early keying material export support for TLS 1.3. * Added `SslRef::verified_chain`. * Added `SslRef::servername_raw` which returns a `&[u8]` rather than `&str`. * Added `SslRef::finished` and `SslRef::peer_finished`. * Added `X509Ref::digest` to replace `X509Ref::fingerprint`. * `X509StoreBuilder` and `X509Store` now implement `Sync` and `Send`. ### Deprecated * `X509Ref::fingerprint` has been deprecated in favor of `X509Ref::digest`. ## [v0.10.8] - 2018-05-20 ### Fixed * `openssl-sys` will now detect Homebrew-installed OpenSSL when installed to a non-default directory. * The `X509_V_ERR_INVALID_CALL`, `X509_V_ERR_STORE_LOOKUP`, and `X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION` constants in `openssl-sys` are now only present when building against 1.1.0g and up rather than 1.1.0. * `SslContextBuilder::max_proto_version` and `SslContextBuilder::min_proto_version` are only present when building against 1.1.0g and up rather than 1.1.0. ### Added * Added `CmsContentInfo::sign`. * Added `Clone` and `ToOwned` implementations to `Rsa` and `RsaRef` respectively. * The `min_proto_version` and `max_proto_version` methods are available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * `X509VerifyParam` is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * ALPN support is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * `Stack` and `StackRef` are now `Sync` and `Send`. ## [v0.10.7] - 2018-04-30 ### Added Loading Loading @@ -183,7 +227,9 @@ Look at the [release tags] for information about older releases. [Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.7...master [Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.9...master [v0.10.9]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.8...openssl-v0.10.9 [v0.10.8]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.7...openssl-v0.10.8 [v0.10.7]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.6...openssl-v0.10.7 [v0.10.6]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.5...openssl-v0.10.6 [v0.10.5]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.4...openssl-v0.10.5 Loading README.md +7 −7 Original line number Diff line number Diff line Loading @@ -48,25 +48,25 @@ make -j$(nproc) make install ``` ### OSX ### macOS Although OpenSSL 0.9.8 is preinstalled on OSX this library is being phased out of OSX and this crate also does not support that version of OpenSSL. To use this crate on OSX you'll need to install OpenSSL via some alternate means, typically Although OpenSSL 0.9.8 is preinstalled on macOS this library is being phased out of macOS and this crate also does not support that version of OpenSSL. To use this crate on macOS you'll need to install OpenSSL via some alternate means, typically Homebrew: ```bash brew install openssl ``` Occasionally an update of XCode or MacOS will cause the linker to fail after compilation, to rectify this you may want to try and run: Occasionally an update of XCode or macOS will cause the linker to fail after compilation, to rectify this you may want to try and run: ```bash xcode-select --install ``` If Homebrew is installed to the default location of `/usr/local`, OpenSSL will be automatically detected. If you're using latest version of Homebrew which supports `--prefix` command, OpenSSL will be automatically detected. ### Windows MSVC Loading openssl-sys/Cargo.toml +2 −1 Original line number Diff line number Diff line [package] name = "openssl-sys" version = "0.9.30" version = "0.9.32" authors = ["Alex Crichton <alex@alexcrichton.com>", "Steven Fackler <sfackler@gmail.com>"] license = "MIT" Loading @@ -9,6 +9,7 @@ repository = "https://github.com/sfackler/rust-openssl" readme = "README.md" categories = ["cryptography", "external-ffi-bindings"] links = "openssl" build = "build/main.rs" [dependencies] libc = "0.2" Loading openssl-sys/build/cfgs.rs 0 → 100644 +43 −0 Original line number Diff line number Diff line pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&'static str> { let mut cfgs = vec![]; if let Some(libressl_version) = libressl_version { cfgs.push("libressl"); if libressl_version >= 0x2_05_01_00_0 { cfgs.push("libressl251"); } if libressl_version >= 0x2_06_01_00_0 { cfgs.push("libressl261"); } if libressl_version >= 0x2_07_00_00_0 { cfgs.push("libressl270"); } } else { let openssl_version = openssl_version.unwrap(); if openssl_version >= 0x1_00_01_00_0 { cfgs.push("ossl101"); } if openssl_version >= 0x1_00_02_00_0 { cfgs.push("ossl102"); } if openssl_version >= 0x1_00_02_08_0 { cfgs.push("ossl102h"); } if openssl_version >= 0x1_01_00_00_0 { cfgs.push("ossl110"); } if openssl_version >= 0x1_01_00_06_0 { cfgs.push("ossl110f"); } if openssl_version >= 0x1_01_00_07_0 { cfgs.push("ossl110g"); } if openssl_version >= 0x1_01_01_00_0 { cfgs.push("ossl111"); } } cfgs } openssl-sys/build.rs→openssl-sys/build/main.rs +41 −19 Original line number Diff line number Diff line Loading @@ -11,6 +11,8 @@ use std::io::{BufWriter, Write}; use std::path::{Path, PathBuf}; use std::process::Command; mod cfgs; // The set of `OPENSSL_NO_<FOO>`s that we care about. const DEFINES: &'static [&'static str] = &[ "OPENSSL_NO_BUF_FREELISTS", Loading Loading @@ -104,6 +106,8 @@ fn find_openssl_dir(target: &str) -> OsString { let host = env::var("HOST").unwrap(); if host == target && target.contains("apple-darwin") { // Check up default Homebrew installation location first // for quick resolution if possible. let homebrew = Path::new("/usr/local/opt/openssl@1.1"); if homebrew.exists() { return homebrew.to_path_buf().into(); Loading @@ -112,6 +116,22 @@ fn find_openssl_dir(target: &str) -> OsString { if homebrew.exists() { return homebrew.to_path_buf().into(); } // Calling `brew --prefix <package>` command usually slow and // takes seconds, and will be used only as a last resort. let output = execute_command_and_get_output("brew", &["--prefix", "openssl@1.1"]); if let Some(ref output) = output { let homebrew = Path::new(&output); if homebrew.exists() { return homebrew.to_path_buf().into(); } } let output = execute_command_and_get_output("brew", &["--prefix", "openssl"]); if let Some(ref output) = output { let homebrew = Path::new(&output); if homebrew.exists() { return homebrew.to_path_buf().into(); } } } try_pkg_config(); Loading Loading @@ -409,6 +429,10 @@ See rust-openssl README for more information: } println!("cargo:conf={}", enabled.join(",")); for cfg in cfgs::get(openssl_version, libressl_version) { println!("cargo:rustc-cfg={}", cfg); } if let Some(libressl_version) = libressl_version { println!("cargo:libressl_version_number={:x}", libressl_version); Loading @@ -427,8 +451,6 @@ See rust-openssl README for more information: _ => version_error(), }; println!("cargo:rustc-cfg=libressl"); println!("cargo:rustc-cfg=libressl2{}{}", minor, fix); println!("cargo:libressl=true"); println!("cargo:libressl_version=2{}{}", minor, fix); println!("cargo:version=101"); Loading @@ -437,37 +459,22 @@ See rust-openssl README for more information: let openssl_version = openssl_version.unwrap(); println!("cargo:version_number={:x}", openssl_version); if openssl_version >= 0x1_00_02_08_0 { println!("cargo:rustc-cfg=ossl102h"); } if openssl_version >= 0x1_01_00_07_0 { println!("cargo:rustc-cfg=ossl110g"); } if openssl_version >= 0x1_01_02_00_0 { version_error() } else if openssl_version >= 0x1_01_01_00_0 { println!("cargo:rustc-cfg=ossl111"); println!("cargo:rustc-cfg=ossl110"); println!("cargo:version=111"); Version::Openssl11x } else if openssl_version >= 0x1_01_00_06_0 { println!("cargo:rustc-cfg=ossl110"); println!("cargo:rustc-cfg=ossl110f"); println!("cargo:version=110"); println!("cargo:patch=f"); Version::Openssl11x } else if openssl_version >= 0x1_01_00_00_0 { println!("cargo:rustc-cfg=ossl110"); println!("cargo:version=110"); Version::Openssl11x } else if openssl_version >= 0x1_00_02_00_0 { println!("cargo:rustc-cfg=ossl102"); println!("cargo:version=102"); Version::Openssl10x } else if openssl_version >= 0x1_00_01_00_0 { println!("cargo:rustc-cfg=ossl101"); println!("cargo:version=101"); Version::Openssl10x } else { Loading Loading @@ -524,10 +531,12 @@ fn determine_mode(libdir: &Path, libs: &[&str]) -> &'static str { .map(|e| e.file_name()) .filter_map(|e| e.into_string().ok()) .collect::<HashSet<_>>(); let can_static = libs.iter() let can_static = libs .iter() .all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l))); let can_dylib = libs.iter().all(|l| { files.contains(&format!("lib{}.so", l)) || files.contains(&format!("{}.dll", l)) files.contains(&format!("lib{}.so", l)) || files.contains(&format!("{}.dll", l)) || files.contains(&format!("lib{}.dylib", l)) }); match (can_static, can_dylib) { Loading @@ -548,3 +557,16 @@ fn determine_mode(libdir: &Path, libs: &[&str]) -> &'static str { // practices with security libs", let's link dynamically. "dylib" } fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option<String> { let out = Command::new(cmd).args(args).output(); if let Ok(ref r1) = out { if r1.status.success() { let r2 = String::from_utf8(r1.stdout.clone()); if let Ok(r3) = r2 { return Some(r3.trim().to_string()); } } } return None; } Loading
CHANGELOG.md +47 −1 Original line number Diff line number Diff line Loading @@ -2,6 +2,50 @@ ## [Unreleased] ## [v0.10.9] - 2018-06-01 ### Fixed * Fixed a use-after-free in `CmsContentInfo::sign`. * `SslRef::servername` now returns `None` rather than panicking on a non-UTF8 name. ### Added * Added `MessageDigest::from_nid`. * Added `Nid::signature_algorithms`, `Nid::long_name`, and `Nid::short_name`. * Added early data and early keying material export support for TLS 1.3. * Added `SslRef::verified_chain`. * Added `SslRef::servername_raw` which returns a `&[u8]` rather than `&str`. * Added `SslRef::finished` and `SslRef::peer_finished`. * Added `X509Ref::digest` to replace `X509Ref::fingerprint`. * `X509StoreBuilder` and `X509Store` now implement `Sync` and `Send`. ### Deprecated * `X509Ref::fingerprint` has been deprecated in favor of `X509Ref::digest`. ## [v0.10.8] - 2018-05-20 ### Fixed * `openssl-sys` will now detect Homebrew-installed OpenSSL when installed to a non-default directory. * The `X509_V_ERR_INVALID_CALL`, `X509_V_ERR_STORE_LOOKUP`, and `X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION` constants in `openssl-sys` are now only present when building against 1.1.0g and up rather than 1.1.0. * `SslContextBuilder::max_proto_version` and `SslContextBuilder::min_proto_version` are only present when building against 1.1.0g and up rather than 1.1.0. ### Added * Added `CmsContentInfo::sign`. * Added `Clone` and `ToOwned` implementations to `Rsa` and `RsaRef` respectively. * The `min_proto_version` and `max_proto_version` methods are available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * `X509VerifyParam` is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * ALPN support is available when linking against LibreSSL 2.6.1 and up in addition to OpenSSL. * `Stack` and `StackRef` are now `Sync` and `Send`. ## [v0.10.7] - 2018-04-30 ### Added Loading Loading @@ -183,7 +227,9 @@ Look at the [release tags] for information about older releases. [Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.7...master [Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.9...master [v0.10.9]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.8...openssl-v0.10.9 [v0.10.8]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.7...openssl-v0.10.8 [v0.10.7]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.6...openssl-v0.10.7 [v0.10.6]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.5...openssl-v0.10.6 [v0.10.5]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.4...openssl-v0.10.5 Loading
README.md +7 −7 Original line number Diff line number Diff line Loading @@ -48,25 +48,25 @@ make -j$(nproc) make install ``` ### OSX ### macOS Although OpenSSL 0.9.8 is preinstalled on OSX this library is being phased out of OSX and this crate also does not support that version of OpenSSL. To use this crate on OSX you'll need to install OpenSSL via some alternate means, typically Although OpenSSL 0.9.8 is preinstalled on macOS this library is being phased out of macOS and this crate also does not support that version of OpenSSL. To use this crate on macOS you'll need to install OpenSSL via some alternate means, typically Homebrew: ```bash brew install openssl ``` Occasionally an update of XCode or MacOS will cause the linker to fail after compilation, to rectify this you may want to try and run: Occasionally an update of XCode or macOS will cause the linker to fail after compilation, to rectify this you may want to try and run: ```bash xcode-select --install ``` If Homebrew is installed to the default location of `/usr/local`, OpenSSL will be automatically detected. If you're using latest version of Homebrew which supports `--prefix` command, OpenSSL will be automatically detected. ### Windows MSVC Loading
openssl-sys/Cargo.toml +2 −1 Original line number Diff line number Diff line [package] name = "openssl-sys" version = "0.9.30" version = "0.9.32" authors = ["Alex Crichton <alex@alexcrichton.com>", "Steven Fackler <sfackler@gmail.com>"] license = "MIT" Loading @@ -9,6 +9,7 @@ repository = "https://github.com/sfackler/rust-openssl" readme = "README.md" categories = ["cryptography", "external-ffi-bindings"] links = "openssl" build = "build/main.rs" [dependencies] libc = "0.2" Loading
openssl-sys/build/cfgs.rs 0 → 100644 +43 −0 Original line number Diff line number Diff line pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&'static str> { let mut cfgs = vec![]; if let Some(libressl_version) = libressl_version { cfgs.push("libressl"); if libressl_version >= 0x2_05_01_00_0 { cfgs.push("libressl251"); } if libressl_version >= 0x2_06_01_00_0 { cfgs.push("libressl261"); } if libressl_version >= 0x2_07_00_00_0 { cfgs.push("libressl270"); } } else { let openssl_version = openssl_version.unwrap(); if openssl_version >= 0x1_00_01_00_0 { cfgs.push("ossl101"); } if openssl_version >= 0x1_00_02_00_0 { cfgs.push("ossl102"); } if openssl_version >= 0x1_00_02_08_0 { cfgs.push("ossl102h"); } if openssl_version >= 0x1_01_00_00_0 { cfgs.push("ossl110"); } if openssl_version >= 0x1_01_00_06_0 { cfgs.push("ossl110f"); } if openssl_version >= 0x1_01_00_07_0 { cfgs.push("ossl110g"); } if openssl_version >= 0x1_01_01_00_0 { cfgs.push("ossl111"); } } cfgs }
openssl-sys/build.rs→openssl-sys/build/main.rs +41 −19 Original line number Diff line number Diff line Loading @@ -11,6 +11,8 @@ use std::io::{BufWriter, Write}; use std::path::{Path, PathBuf}; use std::process::Command; mod cfgs; // The set of `OPENSSL_NO_<FOO>`s that we care about. const DEFINES: &'static [&'static str] = &[ "OPENSSL_NO_BUF_FREELISTS", Loading Loading @@ -104,6 +106,8 @@ fn find_openssl_dir(target: &str) -> OsString { let host = env::var("HOST").unwrap(); if host == target && target.contains("apple-darwin") { // Check up default Homebrew installation location first // for quick resolution if possible. let homebrew = Path::new("/usr/local/opt/openssl@1.1"); if homebrew.exists() { return homebrew.to_path_buf().into(); Loading @@ -112,6 +116,22 @@ fn find_openssl_dir(target: &str) -> OsString { if homebrew.exists() { return homebrew.to_path_buf().into(); } // Calling `brew --prefix <package>` command usually slow and // takes seconds, and will be used only as a last resort. let output = execute_command_and_get_output("brew", &["--prefix", "openssl@1.1"]); if let Some(ref output) = output { let homebrew = Path::new(&output); if homebrew.exists() { return homebrew.to_path_buf().into(); } } let output = execute_command_and_get_output("brew", &["--prefix", "openssl"]); if let Some(ref output) = output { let homebrew = Path::new(&output); if homebrew.exists() { return homebrew.to_path_buf().into(); } } } try_pkg_config(); Loading Loading @@ -409,6 +429,10 @@ See rust-openssl README for more information: } println!("cargo:conf={}", enabled.join(",")); for cfg in cfgs::get(openssl_version, libressl_version) { println!("cargo:rustc-cfg={}", cfg); } if let Some(libressl_version) = libressl_version { println!("cargo:libressl_version_number={:x}", libressl_version); Loading @@ -427,8 +451,6 @@ See rust-openssl README for more information: _ => version_error(), }; println!("cargo:rustc-cfg=libressl"); println!("cargo:rustc-cfg=libressl2{}{}", minor, fix); println!("cargo:libressl=true"); println!("cargo:libressl_version=2{}{}", minor, fix); println!("cargo:version=101"); Loading @@ -437,37 +459,22 @@ See rust-openssl README for more information: let openssl_version = openssl_version.unwrap(); println!("cargo:version_number={:x}", openssl_version); if openssl_version >= 0x1_00_02_08_0 { println!("cargo:rustc-cfg=ossl102h"); } if openssl_version >= 0x1_01_00_07_0 { println!("cargo:rustc-cfg=ossl110g"); } if openssl_version >= 0x1_01_02_00_0 { version_error() } else if openssl_version >= 0x1_01_01_00_0 { println!("cargo:rustc-cfg=ossl111"); println!("cargo:rustc-cfg=ossl110"); println!("cargo:version=111"); Version::Openssl11x } else if openssl_version >= 0x1_01_00_06_0 { println!("cargo:rustc-cfg=ossl110"); println!("cargo:rustc-cfg=ossl110f"); println!("cargo:version=110"); println!("cargo:patch=f"); Version::Openssl11x } else if openssl_version >= 0x1_01_00_00_0 { println!("cargo:rustc-cfg=ossl110"); println!("cargo:version=110"); Version::Openssl11x } else if openssl_version >= 0x1_00_02_00_0 { println!("cargo:rustc-cfg=ossl102"); println!("cargo:version=102"); Version::Openssl10x } else if openssl_version >= 0x1_00_01_00_0 { println!("cargo:rustc-cfg=ossl101"); println!("cargo:version=101"); Version::Openssl10x } else { Loading Loading @@ -524,10 +531,12 @@ fn determine_mode(libdir: &Path, libs: &[&str]) -> &'static str { .map(|e| e.file_name()) .filter_map(|e| e.into_string().ok()) .collect::<HashSet<_>>(); let can_static = libs.iter() let can_static = libs .iter() .all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l))); let can_dylib = libs.iter().all(|l| { files.contains(&format!("lib{}.so", l)) || files.contains(&format!("{}.dll", l)) files.contains(&format!("lib{}.so", l)) || files.contains(&format!("{}.dll", l)) || files.contains(&format!("lib{}.dylib", l)) }); match (can_static, can_dylib) { Loading @@ -548,3 +557,16 @@ fn determine_mode(libdir: &Path, libs: &[&str]) -> &'static str { // practices with security libs", let's link dynamically. "dylib" } fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option<String> { let out = Command::new(cmd).args(args).output(); if let Ok(ref r1) = out { if r1.status.success() { let r2 = String::from_utf8(r1.stdout.clone()); if let Ok(r3) = r2 { return Some(r3.trim().to_string()); } } } return None; }
