vtls/rustls: support strong CSRNG data

Now that the curl rustls vtls backend is using rustls 0.14 we can
address the weak random situation by using
`rustls_default_crypto_provider_ra

vtls/rustls: support strong CSRNG data

Now that the curl rustls vtls backend is using rustls 0.14 we can
address the weak random situation by using
`rustls_default_crypto_provider_random()` to provide a `Curl_ssl`
`random` callback that fills the provided buffer with cryptographically
secure random data.

The mentions in `docs/` about weak RNG when using rustls are removed as
they are no longer applicable.

Closes #14889

show more ...

vtls/rustls: rustls-ffi 0.14.0 update

* Documentation is updated to describe new required version, and to link
to the upstream README about cryptography providers.
* GitHub workflo

vtls/rustls: rustls-ffi 0.14.0 update

* Documentation is updated to describe new required version, and to link
to the upstream README about cryptography providers.
* GitHub workflow is updated to fetch 0.14.0.
* Breaking changes in`lib/vtls/rustls.c` are addressed:
* The `rustls_client_config_builder_build()` function now uses an out
parameter for the built config instead of returning it directly.
This allows the building process to fail if the default crypto
provider state isn't appropriate, or another error condition occurs.
* Default ciphersuites are collected using renamed functions named to
make it clear the ciphersuites are associated with the default
crypto provider.
* Customization of ciphersuites is now done via
a `rustls_crypto_provider_builder` used to instantiate a
`rustls_crypto_provider`. The customized provider can then can be
used with `rustls_client_config_builder_new_custom` in place of
providing ciphersuites directly.
* `rustls_connection_get_negotiated_ciphersuite()` now returns the
ciphersuite ID directly.

Closes #14889

show more ...

docs: document the (weak) random value situation in rustls builds

Closes #14770

tidy-up: spelling quiche and Rustls

Closes #14605

reuse: add copyright + license info to individual docs/*.md files

Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide-
matching wildcard.

+ Remove mention of old

reuse: add copyright + license info to individual docs/*.md files

Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide-
matching wildcard.

+ Remove mention of old files from .reuse/dep5
+ add info to .github/dependabot.yml
+ make scripts/copyright.pl warn on non-matching patterns

Closes #13245

show more ...

deps: update librustls 0.12.0 -> 0.13.0

This commit updates the optional rustls-ffi librustls dependency from
0.12.0 to 0.13.0. This version is based on the latest available rustls
r

deps: update librustls 0.12.0 -> 0.13.0

This commit updates the optional rustls-ffi librustls dependency from
0.12.0 to 0.13.0. This version is based on the latest available rustls
release (0.23.4).

The breaking API changes from 0.12.0 to 0.13.0 are in API surface unused
by curl, so this is an in-place update without any code changes.

The `RUSTLS.md` documentation is updated to reflect the new version in
use, and to clarify that `cbindgen` isn't required to build `librustls`
- it's only used by developers to update the vendored `rustls.h` header
file maintained upstream.

Closes #13238

show more ...

rustls: make curl compile with 0.12.0

Closes #12989

rustls: update rustls-ffi 0.10.0

This brings in version 0.21.0 of the upstream rustls implementation,
which notable includes support for IP address certificates.

Closes #10865

GHA: update rustls dependency to 0.9.2

This allows re-enabling test 312 for the rustls backend.

Closes #10553

misc: typo and grammar fixes

- Replace `Github` with `GitHub`.
- Replace `windows` with `Windows`
- Replace `advice` with `advise` where a verb is used.
- A few fixes on removing

misc: typo and grammar fixes

- Replace `Github` with `GitHub`.
- Replace `windows` with `Windows`
- Replace `advice` with `advise` where a verb is used.
- A few fixes on removing repeated words.
- Replace `a HTTP` with `an HTTP`

Closes #9802

show more ...

misc: use "autoreconf -fi" instead buildconf

Signed-off-by: Philip H <47042125+pheiduck@users.noreply.github.com>
Closes #8777

zuul.d: update rustls-ffi to version 0.8.2

This version fixes errors with ALPN negotiation in rustls, which is
necessary for HTTP/2 support. For more information see the rustls-ffi
c

zuul.d: update rustls-ffi to version 0.8.2

This version fixes errors with ALPN negotiation in rustls, which is
necessary for HTTP/2 support. For more information see the rustls-ffi
changelog.

Closes #8013

show more ...

vtls/rustls: adapt to the updated rustls_version proto

Closes #7956

zuul: use the new rustls directory name

Follow-up to 6d972c8b1cbb3 which missed updating this directory name.

Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.

zuul: use the new rustls directory name

Follow-up to 6d972c8b1cbb3 which missed updating this directory name.

Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1

Closes #7311

show more ...

curstls: bump crustls version and use new URL

crustls moved to https://github.com/rustls/rustls-ffi. This also bumps
the expected version to 0.7.0.

Closes #7297

rustls: switch read_tls and write_tls to callbacks

And update to 0.6.0, including a rename from session to connection for
many fields.

Closes #7071

rustls: use ALPN

Update required rustls to 0.5.0

Closes #6960

docs: document version of crustls dependency

This also pins a specific release in the Travis test so future
API-breaking changins in crustls won't break curl builds.

Add RUSTLS

docs: document version of crustls dependency

This also pins a specific release in the Travis test so future
API-breaking changins in crustls won't break curl builds.

Add RUSTLS documentation to release tarball.

Enable running tests for rustls, minus FTP tests (require
connect_blocking, which rustls doesn't implement) and 313 (requires CRL
handling).

Closes #6763

show more ...