#
89728451 |
| 12-Sep-2024 |
Daniel McCarney |
vtls/rustls: support strong CSRNG data Now that the curl rustls vtls backend is using rustls 0.14 we can address the weak random situation by using `rustls_default_crypto_provider_ra
vtls/rustls: support strong CSRNG data Now that the curl rustls vtls backend is using rustls 0.14 we can address the weak random situation by using `rustls_default_crypto_provider_random()` to provide a `Curl_ssl` `random` callback that fills the provided buffer with cryptographically secure random data. The mentions in `docs/` about weak RNG when using rustls are removed as they are no longer applicable. Closes #14889
show more ...
|
#
f09adc3a |
| 12-Sep-2024 |
Daniel McCarney |
vtls/rustls: rustls-ffi 0.14.0 update * Documentation is updated to describe new required version, and to link to the upstream README about cryptography providers. * GitHub workflo
vtls/rustls: rustls-ffi 0.14.0 update * Documentation is updated to describe new required version, and to link to the upstream README about cryptography providers. * GitHub workflow is updated to fetch 0.14.0. * Breaking changes in`lib/vtls/rustls.c` are addressed: * The `rustls_client_config_builder_build()` function now uses an out parameter for the built config instead of returning it directly. This allows the building process to fail if the default crypto provider state isn't appropriate, or another error condition occurs. * Default ciphersuites are collected using renamed functions named to make it clear the ciphersuites are associated with the default crypto provider. * Customization of ciphersuites is now done via a `rustls_crypto_provider_builder` used to instantiate a `rustls_crypto_provider`. The customized provider can then can be used with `rustls_client_config_builder_new_custom` in place of providing ciphersuites directly. * `rustls_connection_get_negotiated_ciphersuite()` now returns the ciphersuite ID directly. Closes #14889
show more ...
|
#
9e629a14 |
| 03-Sep-2024 |
Daniel Stenberg |
docs: document the (weak) random value situation in rustls builds Closes #14770
|
#
c5cb8e7c |
| 19-Aug-2024 |
Viktor Szakats |
tidy-up: spelling quiche and Rustls Closes #14605
|
#
86d33001 |
| 31-Mar-2024 |
Daniel Stenberg |
reuse: add copyright + license info to individual docs/*.md files Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide- matching wildcard. + Remove mention of old
reuse: add copyright + license info to individual docs/*.md files Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide- matching wildcard. + Remove mention of old files from .reuse/dep5 + add info to .github/dependabot.yml + make scripts/copyright.pl warn on non-matching patterns Closes #13245
show more ...
|
#
5b1a88e2 |
| 30-Mar-2024 |
Daniel McCarney |
deps: update librustls 0.12.0 -> 0.13.0 This commit updates the optional rustls-ffi librustls dependency from 0.12.0 to 0.13.0. This version is based on the latest available rustls r
deps: update librustls 0.12.0 -> 0.13.0 This commit updates the optional rustls-ffi librustls dependency from 0.12.0 to 0.13.0. This version is based on the latest available rustls release (0.23.4). The breaking API changes from 0.12.0 to 0.13.0 are in API surface unused by curl, so this is an in-place update without any code changes. The `RUSTLS.md` documentation is updated to reflect the new version in use, and to clarify that `cbindgen` isn't required to build `librustls` - it's only used by developers to update the vendored `rustls.h` header file maintained upstream. Closes #13238
show more ...
|
#
e3a4273c |
| 25-Feb-2024 |
kpcyrd |
rustls: make curl compile with 0.12.0 Closes #12989
|
#
69c536b9 |
| 29-Mar-2023 |
Jacob Hoffman-Andrews |
rustls: update rustls-ffi 0.10.0 This brings in version 0.21.0 of the upstream rustls implementation, which notable includes support for IP address certificates. Closes #10865
|
#
30411d72 |
| 17-Feb-2023 |
Jacob Hoffman-Andrews |
GHA: update rustls dependency to 0.9.2 This allows re-enabling test 312 for the rustls backend. Closes #10553
|
#
4484270a |
| 26-Oct-2022 |
Ayesh Karunaratne |
misc: typo and grammar fixes - Replace `Github` with `GitHub`. - Replace `windows` with `Windows` - Replace `advice` with `advise` where a verb is used. - A few fixes on removing
misc: typo and grammar fixes - Replace `Github` with `GitHub`. - Replace `windows` with `Windows` - Replace `advice` with `advise` where a verb is used. - A few fixes on removing repeated words. - Replace `a HTTP` with `an HTTP` Closes #9802
show more ...
|
#
5e9a703c |
| 02-May-2022 |
Philip H <47042125+pheiduck@users.noreply.github.com> |
misc: use "autoreconf -fi" instead buildconf Signed-off-by: Philip H <47042125+pheiduck@users.noreply.github.com> Closes #8777
|
#
6ec28eb6 |
| 15-Nov-2021 |
Kevin Burke |
zuul.d: update rustls-ffi to version 0.8.2 This version fixes errors with ALPN negotiation in rustls, which is necessary for HTTP/2 support. For more information see the rustls-ffi c
zuul.d: update rustls-ffi to version 0.8.2 This version fixes errors with ALPN negotiation in rustls, which is necessary for HTTP/2 support. For more information see the rustls-ffi changelog. Closes #8013
show more ...
|
#
76d9e07c |
| 04-Nov-2021 |
Daniel Stenberg |
vtls/rustls: adapt to the updated rustls_version proto Closes #7956
|
#
8ccc066b |
| 29-Jun-2021 |
Daniel Stenberg |
zuul: use the new rustls directory name Follow-up to 6d972c8b1cbb3 which missed updating this directory name. Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.
zuul: use the new rustls directory name Follow-up to 6d972c8b1cbb3 which missed updating this directory name. Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1 Closes #7311
show more ...
|
#
6d972c8b |
| 25-Jun-2021 |
Jacob Hoffman-Andrews |
curstls: bump crustls version and use new URL crustls moved to https://github.com/rustls/rustls-ffi. This also bumps the expected version to 0.7.0. Closes #7297
|
#
a62e6435 |
| 15-May-2021 |
Jacob Hoffman-Andrews |
rustls: switch read_tls and write_tls to callbacks And update to 0.6.0, including a rename from session to connection for many fields. Closes #7071
|
#
8228002c |
| 25-Apr-2021 |
Jacob Hoffman-Andrews |
rustls: use ALPN Update required rustls to 0.5.0 Closes #6960
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
#
2e444a17 |
| 17-Mar-2021 |
Jacob Hoffman-Andrews |
docs: document version of crustls dependency This also pins a specific release in the Travis test so future API-breaking changins in crustls won't break curl builds. Add RUSTLS
docs: document version of crustls dependency This also pins a specific release in the Travis test so future API-breaking changins in crustls won't break curl builds. Add RUSTLS documentation to release tarball. Enable running tests for rustls, minus FTP tests (require connect_blocking, which rustls doesn't implement) and 313 (requires CRL handling). Closes #6763
show more ...
|