OpenSSL bindings for Rust

Overview

rust-openssl

CircleCI crates.io

OpenSSL bindings for the Rust programming language.

Documentation.

Release Support

The current supported release of openssl is 0.10 and openssl-sys is 0.9.

New major versions will be published at most once per year. After a new release, the previous major version will be partially supported with bug fixes for 3 months, after which support will be dropped entirely.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions.

Comments
  • Relicense under dual MIT/Apache-2.0

    Relicense under dual MIT/Apache-2.0

    This issue was automatically generated. Feel free to close without ceremony if you do not agree with re-licensing or if it is not possible for other reasons. Respond to @cmr with any questions or concerns, or pop over to #rust-offtopic on IRC to discuss.

    You're receiving this because someone (perhaps the project maintainer) published a crates.io package with the license as "MIT" xor "Apache-2.0" and the repository field pointing here.

    TL;DR the Rust ecosystem is largely Apache-2.0. Being available under that license is good for interoperation. The MIT license as an add-on can be nice for GPLv2 projects to use your code.

    Why?

    The MIT license requires reproducing countless copies of the same copyright header with different names in the copyright field, for every MIT library in use. The Apache license does not have this drawback. However, this is not the primary motivation for me creating these issues. The Apache license also has protections from patent trolls and an explicit contribution licensing clause. However, the Apache license is incompatible with GPLv2. This is why Rust is dual-licensed as MIT/Apache (the "primary" license being Apache, MIT only for GPLv2 compat), and doing so would be wise for this project. This also makes this crate suitable for inclusion and unrestricted sharing in the Rust standard distribution and other projects using dual MIT/Apache, such as my personal ulterior motive, the Robigalia project.

    Some ask, "Does this really apply to binary redistributions? Does MIT really require reproducing the whole thing?" I'm not a lawyer, and I can't give legal advice, but some Google Android apps include open source attributions using this interpretation. Others also agree with it. But, again, the copyright notice redistribution is not the primary motivation for the dual-licensing. It's stronger protections to licensees and better interoperation with the wider Rust ecosystem.

    How?

    To do this, get explicit approval from each contributor of copyrightable work (as not all contributions qualify for copyright, due to not being a "creative work", e.g. a typo fix) and then add the following to your README:

    ## License
    
    Licensed under either of
    
     * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
     * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)
    
    at your option.
    
    ### Contribution
    
    Unless you explicitly state otherwise, any contribution intentionally submitted
    for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any
    additional terms or conditions.
    

    and in your license headers, if you have them, use the following boilerplate (based on that used in Rust):

    // Copyright 2016 rust-openssl Developers
    //
    // Licensed under the Apache License, Version 2.0, <LICENSE-APACHE or
    // http://apache.org/licenses/LICENSE-2.0> or the MIT license <LICENSE-MIT or
    // http://opensource.org/licenses/MIT>, at your option. This file may not be
    // copied, modified, or distributed except according to those terms.
    

    It's commonly asked whether license headers are required. I'm not comfortable making an official recommendation either way, but the Apache license recommends it in their appendix on how to use the license.

    Be sure to add the relevant LICENSE-{MIT,APACHE} files. You can copy these from the Rust repo for a plain-text version.

    And don't forget to update the license metadata in your Cargo.toml to:

    license = "MIT OR Apache-2.0"
    

    I'll be going through projects which agree to be relicensed and have approval by the necessary contributors and doing this changes, so feel free to leave the heavy lifting to me!

    Contributor checkoff

    To agree to relicensing, comment with :

    I license past and future contributions under the dual MIT/Apache-2.0 license, allowing licensees to chose either at their option.
    

    Or, if you're a contributor, you can check the box in this repo next to your name. My scripts will pick this exact phrase up and check your checkbox, but I'll come through and manually review this issue later as well.

    • [ ] @sfackler
    • [ ] @manuels
    • [x] @vhbit
    • [x] @kballard
    • [x] @erickt
    • [x] @jmesmon
    • [x] @cjcole
    • [x] @alexcrichton
    • [ ] @elly
    • [ ] @gkoz
    • [x] @DiamondLovesYou
    • [x] @mlalic
    • [x] @ebfe
    • [x] @randombit
    • [x] @Geal
    • [x] @jedisct1
    • [x] @jroesch
    • [x] @mvdnes
    • [x] @andrew-d
    • [x] @Manishearth
    • [x] @josephglanville
    • [x] @zzmp
    • [x] @Cyberunner23
    • [x] @aatxe
    • [ ] @Noxivs
    • [x] @semmaz
    • [ ] @pyrho
    • [x] @cybergeek94
    • [x] @alex
    • [ ] @brson
    • [ ] @brycefisher
    • [x] @chris-morgan
    • [x] @Ryman
    • [x] @operutka
    • [x] @reaperhulk
    • [x] @retep998
    • [ ] @quentinbaradat
    • [ ] @xorpse
    • [x] @kinghajj
    • [x] @uasi
    • [ ] @wg
    • [ ] @bheart
    • [x] @bozaro
    • [x] @bombless
    • [ ] @akiss77
    • [x] @andor44
    • [ ] @ajroetker
    • [x] @brunoqc
    • [x] @CarlColglazier
    • [x] @coyotebush
    • [x] @dkhenry
    • [x] @davbo
    • [x] @ebarnard
    • [x] @cheme
    • [x] @Kroisse
    • [x] @fhartwig
    • [x] @Florob
    • [x] @glennw
    • [x] @isra17
    • [x] @jameshurst
    • [x] @jamwt
    • [x] @yjerem
    • [x] @jimmycuadra
    • [x] @jtdowney
    • [x] @reem
    • [x] @larsbergstrom
    • [x] @ltratt
    • [x] @mbrubeck
    • [x] @zr40
    • [x] @maximih
    • [ ] @miloshadzic
    • [x] @Ms2ger
    • [x] @nixpulvis
    • [x] @nstoddard
    • [x] @overminder
    • [x] @globin
    • [x] @seanmonstar
    • [x] @Byron
    • [x] @s-panferov
    • [ ] @boggle
    • [x] @thommay
    • [x] @Ummon
    • [x] @gentoo90
    • [ ] @iseki-masaya
    • [x] @panicbit
    • [ ] @radare
    opened by emberian 78
  • Faild build On OSX 10.11(Elp)

    Faild build On OSX 10.11(Elp)

    failed to run custom build command for openssl-sys v0.6.4 Process didn't exit successfully: /Users/misko/developer/rust_projects/aws-simple-sdk.rs/target/debug/build/openssl-sys-149f6ef08ad7404d/build-script-build (exit code: 101) --- stdout cargo:rustc-link-search=native=/usr/lib cargo:rustc-link-lib=ssl cargo:rustc-link-lib=crypto cargo:rustc-link-lib=z TARGET = Some("x86_64-apple-darwin") TARGET = Some("x86_64-apple-darwin") CARGO_MANIFEST_DIR = Some("/Users/misko/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-sys-0.6.4") OUT_DIR = Some("/Users/misko/developer/rust_projects/aws-simple-sdk.rs/target/debug/build/openssl-sys-149f6ef08ad7404d/out") OPT_LEVEL = Some("0") PROFILE = Some("debug") debug 0 TARGET = Some("x86_64-apple-darwin") HOST = Some("x86_64-apple-darwin") CC_x86_64-apple-darwin = None CC_x86_64_apple_darwin = None HOST_CC = None CC = None TARGET = Some("x86_64-apple-darwin") HOST = Some("x86_64-apple-darwin") CFLAGS_x86_64-apple-darwin = None CFLAGS_x86_64_apple_darwin = None HOST_CFLAGS = None CFLAGS = None running: "cc" "-O0" "-c" "-ffunction-sections" "-fdata-sections" "-g" "-m64" "-fPIC" "-o" "/Users/misko/developer/rust_projects/aws-simple-sdk.rs/target/debug/build/openssl-sys-149f6ef08ad7404d/out/src/openssl_shim.o" "/Users/misko/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-sys-0.6.4/src/openssl_shim.c"

    command did not execute successfully, got: exit code: 1

    --- stderr /Users/misko/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-sys-0.6.4/src/openssl_shim.c:1:10: fatal error: 'openssl/hmac.h' file not found

    include <openssl/hmac.h>

         ^
    

    1 error generated. thread '

    ' panicked at 'explicit panic', /Users/misko/.cargo/registry/src/github.com-1ecc6299db9ec823/gcc-0.3.13/src/lib.rs:510

    opened by imiskolee 43
  • [openssl][0.9.24] Fail to build on hosts with openssl 1.1.1

    [openssl][0.9.24] Fail to build on hosts with openssl 1.1.1

    Today I updated my host development machine and found that it was not building my source code anymore.

    Got the following failure:

    error: failed to run custom build command for `openssl v0.9.24`
    process didn't exit successfully: `.../target/debug/build/openssl-4dcd4d0c1d4575a6/build-script-build` (exit code: 101)
    --- stderr
    thread 'main' panicked at 'Unable to detect OpenSSL version', .../.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-0.9.24/build.rs:16:14
    note: Run with `RUST_BACKTRACE=1` for a backtrace.
    

    It needs to be upgraded to openssl-sys last releases. This is important as multiple vendors will start upgrading OpenSSL and more people will face it. For now, I downgraded my host to openssl 1.1.0

    opened by otavio 41
  • Ubuntu 18: failed to run custom build command for `openssl-sys v0.9.39`

    Ubuntu 18: failed to run custom build command for `openssl-sys v0.9.39`

    installed libssl-dev on ubuntu 18 and still get this error: error: failed to run custom build command for openssl-sys v0.9.39 process didn't exit successfully: /home/forecast/cs453_finalproj_backend/target/release/build/openssl-sys-864259d0b1f702fc/build-script-main (exit code: 101)

    opened by karasjoh000 40
  • Adds world to the link path; bad neighbor

    Adds world to the link path; bad neighbor

    As openssl-sys adds the world to the link path, it prevents linking against any libs that have a different version in /usr/lib

    cargo:rustc-link-search=native=/usr/lib/x86_64-linux-gnu
    cargo:rustc-link-lib=ssl
    cargo:rustc-link-lib=crypto
    

    It appears that link path order is randomized by cargo, so this will cause nicely randomized link failures if other native crates are in use (or silently cause the wrong/unpatched version of a lib to be linked instead).

    This can be fixed by producing the following output instead:

    cargo:rustc-link-search=native=/usr/lib/x86_64-linux-gnu/libssl*
    cargo:rustc-link-search=native=/usr/lib/x86_64-linux-gnu/libcrypto*
    cargo:rustc-link-lib=ssl
    cargo:rustc-link-lib=crypto
    
    opened by lilith 33
  • Improve Hasher and HMAC APIs

    Improve Hasher and HMAC APIs

    The reuse API I implemented for Hasher the last time proved to be very hard to use. Here's a better approach that relies on the borrow checker by using a mut reference. This time it's both Hasher and HMAC.

    • Add a "one stop" compute() method for the simple use case.
    • Split out update()/finalize() API into the Accumulator struct.
    • Rely on borrow checker to enforce openssl call order contract (init, update+, finalize).
    • Track the lifecycle explicitly as an optimization in HMAC case and to workaround Rust 1.0's unsafe destructor limitation (see https://github.com/rust-lang/rust/issues/17858#issuecomment-58280941).
    • Unify Hasher and HMAC implementation details for consistency.
    • Implement Writer for Accumulator.
    • Add examples.
    • Deprecate standalone hash() in favor of Hasher::compute().

    Note that Accumulator now has very similar methods update() and write(). It could make sense to drop update(), although write() requires checking the return value...

    opened by gkoz 31
  • Sporadic build failure macOS w/ brew's OpenSSL

    Sporadic build failure macOS w/ brew's OpenSSL

    I looked briefly at the rust-openssl build, but haven't had enough time to dig into this:

    = note: "cc" "-m64" "-L" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/secure_client_handle_tests-1186407fd8b3feb4.0.o" "-o" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/secure_client_handle_tests-1186407fd8b3feb4" "-Wl,-dead_strip" "-nodefaultlibs" "-L" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps" "-L" "/usr/lib" "-L" "/usr/local/opt/openssl/lib" "-L" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/build/ring-b04a0c9d4dc7829a/out/lib" "-L" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libtrust_dns_server.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libtrust_dns.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libtokio_core-7d79a0061e4987e4.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libscoped_tls-53036341d2dbbe26.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libmio-d8a3ebfe89185cdb.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libslab-69010361762af86e.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/librand-8ea7d489d4a383a0.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libopenssl-c9e7b933bde3d3a6.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libdata_encoding-8503efda09142c21.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libchrono-7342810e34d1c30d.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/librusqlite-a221a739db38f0bf.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libtime-750bfdd52feafcb7.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libbitflags-0e272044714c8076.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libtoml-1a75b37a708f335b.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/librustc_serialize-6b938435173797f7.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblazycell-d53b754addaf1d91.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnix-56d9e0b660233faa.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libring-863fd845bbadbb87.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libfutures-21d097dc8f05f683.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libbitflags-75746cc7f0e9d928.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblibsqlite3_sys-02dacca8e9891790.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblazy_static-7f1b96a3a3eb529d.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libtest-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libterm-f5a209a9.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libopenssl_sys-6c510e83c5b0b664.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liberror_chain-5731652bab0d1a8e.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libbacktrace-dffaf784d6265843.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/librustc_demangle-9f84838926c47318.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libdbghelp-72843bd5c387f78b.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libwinapi-0889532d327ff4e2.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnum-1fa4854b44bb6a54.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnum_iter-50df698bc905252c.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnum_integer-52fdddf28cd8e924.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnet2-755d3e4f87237d0e.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libcfg_if-72c1f992b13d5087.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblibc-e1db4c5f3a4f3c2f.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libuntrusted-6d5be7309ea48309.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblru_cache-5df7c7dfb11fae93.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblinked_hash_map-8bca62f90f0f04c7.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libnum_traits-92bb90166cd1857c.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libvoid-2cc31605fcb01ba1.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libgetopts-f5a209a9.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/liblog-bf16bb9a4912b11d.rlib" "/Users/benjaminfry/Development/rust/trust-dns/target/debug/deps/libkernel32-df86a08647459244.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libstd-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libpanic_unwind-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libunwind-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/librand-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libcollections-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/liballoc-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/liballoc_jemalloc-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/liblibc-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/librustc_unicode-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libcore-f5a209a9.rlib" "/Users/benjaminfry/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libcompiler_builtins-f5a209a9.rlib" "-l" "c++" "-l" "sqlite3" "-l" "sqlite3" "-l" "sqlite3" "-l" "ssl" "-l" "crypto" "-l" "System" "-l" "pthread" "-l" "c" "-l" "m"
      = note: Undefined symbols for architecture x86_64:
      "_EVP_DigestVerifyFinal", referenced from:
          openssl::sign::Verifier::finish::h2254ce4db54d0d04 in libopenssl-c9e7b933bde3d3a6.rlib(openssl-c9e7b933bde3d3a6.0.o)
      "_EVP_DigestSignFinal", referenced from:
          openssl::sign::Signer::finish::hd5e70040d912dd63 in libopenssl-c9e7b933bde3d3a6.rlib(openssl-c9e7b933bde3d3a6.0.o)
      "_EVP_DigestVerifyInit", referenced from:
          openssl::sign::Verifier::new::hb1fc11f25f026f4f in libopenssl-c9e7b933bde3d3a6.rlib(openssl-c9e7b933bde3d3a6.0.o)
      "_EVP_DigestSignInit", referenced from:
          openssl::sign::Signer::new::h3ca1d35e4b331ef5 in libopenssl-c9e7b933bde3d3a6.rlib(openssl-c9e7b933bde3d3a6.0.o)
    ld: symbol(s) not found for architecture x86_64
    clang: error: linker command failed with exit code 1 (use -v to see invocation)
    

    It seems to be a race condition and happens more regularly on TravisCI macOS builds, but I see it regularly on my local machine as well.

    opened by bluejekyll 29
  • Panicking when conecting with a SSL server

    Panicking when conecting with a SSL server

    Runtime error: thread 'main' panicked at 'calledResult::unwrap()on anErrvalue: Failure(MidHandshakeSslStream { stream: SslStream { stream: TcpStream { addr: V4(127.0.0.1:39962), peer: V4(127.0.0.1:6666), fd: 3 }, ssl: Ssl { state: "SSLv3/TLS write client hello", verify_result: X509VerifyResult { code: 0, error: "ok" } } }, error: Error { code: ErrorCode(5), cause: None } })', /checkout/src/libcore/result.rs:916:5

    Client code:

    pub fn connect() { let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();

    let stream = TcpStream::connect("127.0.0.1:6666").unwrap();
    
    let mut finalstream = connector.connect("127.0.0.1:6666", stream).unwrap(); //This line is having problems
    

    }

    Server code: pub fn start() { let listener = TcpListener::bind("127.0.0.1:6666").unwrap(); let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()) .unwrap() .build();

    for stream in listener.incoming() {
        match stream {
            Ok(stream) => handle_client(stream),
            Err(e) => { /* connection failed */ }
        }
    }
    

    }

    opened by hellbound22 26
  • Missing ssl32.lib using cargo

    Missing ssl32.lib using cargo

    Hi everyone,

    I'm trying to get a simple project setup, but I can't get openssl working (its one of the dependencies). I've followed all the steps for the windows toolchain, but it's failing in the linker saying it's missing ssl32.lib. Any ideas?

    Here's cargo test --verbose:

    c:\Users\Charles\Repos\rust-openssl\openssl>cargo test --verbose
           Fresh lazy_static v0.1.15
           Fresh libc v0.1.10
           Fresh rustc-serialize v0.3.16
           Fresh pkg-config v0.3.6
           Fresh bitflags v0.3.2
           Fresh winapi-build v0.1.1
           Fresh winapi v0.2.4
           Fresh cfg-if v0.1.0
           Fresh kernel32-sys v0.1.4
           Fresh advapi32-sys v0.1.2
           Fresh ws2_32-sys v0.1.0
           Fresh gcc v0.3.18
           Fresh net2 v0.2.15
           Fresh openssl-sys v0.6.7 (file:///C:/Users/Charles/Repos/rust-openssl/openssl)
       Compiling openssl v0.6.7 (file:///C:/Users/Charles/Repos/rust-openssl/openssl)
         Running `rustc src\lib.rs --crate-name openssl --crate-type lib -g --test -C metadata=08be2358417965a0 -C extra-filename=-08be2358417965a0 --out-dir C:\Users\Charles\Repos\rust-openssl\openssl\target\debug --emit=dep-info,link -L     dependency=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug -L dependency=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps --extern net2=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libnet2-2ffd8b554b04092b.rlib --extern     bitflags=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libbitflags-c495827ddcd6a202.rlib --extern lazy_static=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\liblazy_static-f3aa6dfcc7c157cc.rlib --extern     openssl_sys=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libopenssl_sys-58120a0dd01cdf9f.rlib --extern rustc_serialize=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\librustc_serialize-7ff5bfc027146194.rlib --extern     libc=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\liblibc-144c435538abd757.rlib -L native=C:\OpenSSL-Win64 -L native=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\build\openssl-sys-90e2af8b7f885723\out`
    error: linking with `link.exe` failed: exit code: 1181
    note: "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\bin\\link.exe" "/LIBPATH:C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC/lib\\amd64" "/LIBPATH:C:\\Program Files (x86)\\Windows Kits\\10\\Lib\\10.0.10150.0\\ucrt\\x64" "/LIBPATH:C:\\Program Files (x86)\\Windows     Kits\\8.1\\Lib\\winv6.3\\um\\x64" "/NOLOGO" "/NXCOMPAT" "/LIBPATH:C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\openssl-08be2358417965a0.0.o"     "/OUT:C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\openssl-08be2358417965a0.exe" "/OPT:REF,ICF" "/DEBUG" "/LIBPATH:C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug" "/LIBPATH:C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps"     "/LIBPATH:C:\\OpenSSL-Win64" "/LIBPATH:C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\build\\openssl-sys-90e2af8b7f885723\\out" "/LIBPATH:C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib"     "/LIBPATH:c:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\.rust\\bin\\x86_64-pc-windows-msvc" "/LIBPATH:c:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\bin\\x86_64-pc-windows-msvc" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\liblazy_static-f3aa6dfcc7c157cc.rlib"     "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libnet2-2ffd8b554b04092b.rlib" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libopenssl_sys-58120a0dd01cdf9f.rlib" "C:\\Program Files\\Rust nightly     1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libtest-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libterm-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libserialize-10cbabc2.rlib"     "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\liblibc-144c435538abd757.rlib" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libbitflags-c495827ddcd6a202.rlib"     "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libcfg_if-0dcf5e6d515dd4d2.rlib" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\librustc_serialize-7ff5bfc027146194.rlib"     "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libws2_32-f4c2e6f3694418f6.rlib" "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libkernel32-62844336d3806e02.rlib"     "C:\\Users\\Charles\\Repos\\rust-openssl\\openssl\\target\\debug\\deps\\libwinapi-21b078e9a1931364.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\liblog-10cbabc2.rlib" "C:\\Program Files\\Rust nightly     1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libgetopts-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libstd-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libcollections-10cbabc2.rlib"     "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\librustc_unicode-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\librand-10cbabc2.rlib" "C:\\Program Files\\Rust nightly     1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\liballoc-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\liballoc_system-10cbabc2.rlib" "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\liblibc-10cbabc2.rlib"     "C:\\Program Files\\Rust nightly 1.5\\bin\\rustlib\\x86_64-pc-windows-msvc\\lib\\libcore-10cbabc2.rlib" "ssl32.lib" "eay32.lib" "kernel32.lib" "kernel32.lib" "shell32.lib" "msvcrt.lib" "ws2_32.lib" "kernel32.lib" "ws2_32.lib" "userenv.lib" "advapi32.lib" "kernel32.lib" "shell32.lib" "msvcrt.lib"     "compiler-rt.lib"
    note: LINK : fatal error LNK1181: cannot open input file 'ssl32.lib'
    
    error: aborting due to previous error
    Could not compile `openssl`.
    
    Caused by:
      Process didn't exit successfully: `rustc src\lib.rs --crate-name openssl --crate-type lib -g --test -C metadata=08be2358417965a0 -C extra-filename=-08be2358417965a0 --out-dir C:\Users\Charles\Repos\rust-openssl\openssl\target\debug --emit=dep-info,link -L     dependency=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug -L dependency=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps --extern net2=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libnet2-2ffd8b554b04092b.rlib --extern     bitflags=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libbitflags-c495827ddcd6a202.rlib --extern lazy_static=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\liblazy_static-f3aa6dfcc7c157cc.rlib --extern     openssl_sys=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\libopenssl_sys-58120a0dd01cdf9f.rlib --extern rustc_serialize=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\librustc_serialize-7ff5bfc027146194.rlib --extern     libc=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\deps\liblibc-144c435538abd757.rlib -L native=C:\OpenSSL-Win64 -L native=C:\Users\Charles\Repos\rust-openssl\openssl\target\debug\build\openssl-sys-90e2af8b7f885723\out` (exit code: 101)
    
    opened by ghost 24
  • Add support for OpenSSL 1.1.0

    Add support for OpenSSL 1.1.0

    This commit is relatively major refactoring of the openssl-sys crate as well as the openssl crate itself. The end goal here was to support OpenSSL 1.1.0, and lots of other various tweaks happened along the way. The major new features are:

    • OpenSSL 1.1.0 is supported
    • OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
    • All FFI bindings are verified with the ctest crate (same way as the libc crate)
    • CI matrixes are vastly expanded to include 32/64 of all platforms, more OpenSSL version coverage, as well as ARM coverage on Linux
    • The c_helpers module is completely removed along with the gcc dependency.
    • The openssl-sys build script was completely rewritten
      • Now uses OPENSSL_DIR to find the installation, not include/lib env vars.
      • Better error messages for mismatched versions.
      • Better error messages for failing to find OpenSSL on a platform (more can be done here)
      • Probing of OpenSSL build-time configuration to inform the API of the *-sys crate.
    • Many Cargo features have been removed as they're now enabled by default.

    As this is a breaking change to both the openssl and openssl-sys crates this will necessitate a major version bump of both. There's still a few more API questions remaining but let's hash that out on a PR!

    Closes #452

    opened by alexcrichton 22
  • Automatic lib detection not working

    Automatic lib detection not working

    Using homebrew on M1 Mac, installed [email protected]. Only works if I manually set OPENSSL_DIR to /opt/homebrew/Cellar/[email protected]/1.1.1o/, where the installation is located.

    opened by ghost 20
  • brew: prefer to install openssl@3

    brew: prefer to install [email protected]

    opened by chenrui333 2
  • Specify the digest algorithm when sign file with certificate?

    Specify the digest algorithm when sign file with certificate?

    Code below can be used to sign data with private key and certificate

    let cms_signature = CmsContentInfo::sign(
            Some(&certificate),
            Some(&private_key),
            None,
            Some(content),
            CMSOptions::DETACHED
                | CMSOptions::CMS_NOCERTS
                | CMSOptions::BINARY
                | CMSOptions::NOSMIMECAP,
        )?;
    

    Is there any way to specify the digest algorithm when signing? It's available in the CMS_add1_signer method of openssl library: 1

    enhancement 
    opened by TommyLike 1
  • Detect boringssl in expando.c?

    Detect boringssl in expando.c?

    Right now if you compile against BoringSSL (i.e., point OPENSSL_DIR at it), but don't specify unstable_boringssl it will silently build, but many things won't work (e.g. https://github.com/pyca/cryptography/pull/7933#issuecomment-1364703766).

    At a minimum, would it make sense to detect this situation with expando.c and fail the build, rather than silently proceeding?

    Even better would be if it could detect this and work -- perhaps by BoringSSL putting the generated bssl-sys crate somewhere that could be detected.

    cc: @davidben, @maurer, @benbrittain, @durin42

    opened by alex 8
  • SslRef::set_mtu() should-not/cannot deprecate SslStreamBuilder::set_dtls_mtu_size()

    SslRef::set_mtu() should-not/cannot deprecate SslStreamBuilder::set_dtls_mtu_size()

    I suspect the right answer is to submit a PR, but I'll save this here for everyones history.

    History:

    1. In late 2019 someone needed set DTLS MTU, and observed that responding to BIO_CTRL_DGRAM_QUERY_MTU would do so. See #1155
    2. Code to support responding to BIO_CTRL_DGRAM_QUERY_MTU got merged in #1160
    3. SslStreamBuilder::set_dtls_mtu_size() gets deprecated around #1280 with SslRef::set_mtu() INCORRECTLY!
    4. I observered that SslRef::set_mtu() isn't working to set the DTLS mtu in #1732

    SslRef::set_mtu() ends here:

    pub unsafe fn SSL_set_mtu(ssl: *mut SSL, mtu: c_long) -> c_long {
        SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut())
    }
    

    But to set the DTLS MTU in 1.x.x you need to respond to BIO_CTRL_DGRAM_QUERY_MTU. SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut()) will NOT set the dtls mtu.

    I also tried SSL_ctrl(ssl,DTLS_CTRL_SET_LINK_MTU..., but this doesn't work either. Note, DTLS_CTRL_SET_LINK_MTU is NOT in the rust-openssl headers, so I think its not supported by openssl 1.1.x, maybe in 3.x.x ?

    Currently the only way to set the DTLS mtu without patches is to use the deprecated SslStreamBuilder::set_dtls_mtu_size()

    opened by cameronelliott 0
  • Help with DTLSv1_listen, and   #[test] fn stateless_DTLS()

    Help with DTLSv1_listen, and #[test] fn stateless_DTLS()

    I am seeking help with a new test-func: #[test] fn statless_DTLS() based upon the existing #[test] fn stateless(), which is for TLS found here.

    Unless, a more experienced person is willing to show how to do it, I will take a stab at it. (I vaguely understand some of this)

    1. It seems that DTLSv1_listen will need to be written to make this happen.
    2. If there is a DTLS MTU issue #1732 (hopefully I'm wrong). Then that would probably need resolution also, as I think the ClientHello needs to fit an a single message.

    I would sure appreciate any tips or ideas on converting the stateless() test to DTLS_stateless other than what I have mentioned.

    Thank you.

    opened by cameronelliott 0
Releases(openssl-v0.10.45)
Owner
Steven Fackler
Steven Fackler
OpenSSL compatibility layer for the Rust SSL/TLS stack

An OpenSSL compatibility layer for the Rust SSL/TLS stack. MesaLink is an OpenSSL compatibility layer for the Rust SSL/TLS stack, namely rustls, webpk

MesaLock Linux 1.5k Dec 23, 2022
Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium)

sodiumoxide |Crate|Documentation|Gitter| |:---:|:-----------:|:--------:|:-----:|:------:|:----:| |||| NaCl (pronounced "salt") is a new easy-to-use h

sodiumoxide 642 Dec 17, 2022
rust-native-tls — Bindings for native TLS libraries

rust-native-tls Documentation An abstraction over platform-specific TLS implementations. Specifically, this crate uses SChannel on Windows (via the sc

Steven Fackler 371 Jan 8, 2023
Rust FFI bindings for StarkWare's crypto-cpp library

starkware-crypto-rs Rust FFI bindings for StarkWare's crypto-cpp library Note that currently target x86_64-pc-windows-msvc is not supported. If you're

Jonathan LEI 11 Aug 22, 2022
Python bindings for rage (age in Rust)

pyrage Python bindings for the Rust implementation of age. Index Installation Usage Development Licensing Installation You can install pyrage with pip

William Woodruff 14 Nov 23, 2022
Bindings to the macOS Security.framework

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

Kornel 172 Dec 24, 2022
Package used by the cosmos-rust-interface. Makes direct use of cosmos-rust.

Package used by the cosmos-rust-interface. Makes direct use of cosmos-rust (cosmos‑sdk‑proto, osmosis-proto, cosmrs).

Philipp 4 Dec 26, 2022
Rust project for working with ETH - Ethereum transactions with Rust on Ganache and also deploy smart contracts :)

Just a test project to work with Ethereum but using Rust. I'm using plain Rust here, not Foundry. In future we will use Foundry. Hope you're already f

Akhil Sharma 2 Dec 20, 2022
An open source Rust high performance cryptocurrency trading API with support for multiple exchanges and language wrappers. written in rust(🦀) with ❤️

Les.rs - Rust Cryptocurrency Exchange Library An open source Rust high performance cryptocurrency trading API with support for multiple exchanges and

Crabby AI 4 Jan 9, 2023
A Rust library for working with Bitcoin SV

Rust-SV A library to build Bitcoin SV applications in Rust. Documentation Features P2P protocol messages (construction and serialization) Address enco

Brenton Gunning 51 Oct 13, 2022
Coinbase pro client for Rust

Coinbase pro client for Rust Supports SYNC/ASYNC/Websocket-feed data support Features private and public API sync and async support websocket-feed sup

null 126 Dec 30, 2022
Custom Ethereum vanity address generator made in Rust

ethaddrgen Custom Ethereum address generator Get a shiny ethereum address and stand out from the crowd! Disclaimer: Do not use the private key shown i

Jakub Hlusička 153 Dec 27, 2022
The new, performant, and simplified version of Holochain on Rust (sometimes called Holochain RSM for Refactored State Model)

Holochain License: This repository contains the core Holochain libraries and binaries. This is the most recent and well maintained version of Holochai

Holochain 741 Jan 5, 2023
IBC modules and relayer - Formal specifications and Rust implementation

ibc-rs Rust implementation of the Inter-Blockchain Communication (IBC) protocol. This project comprises primarily four crates: The ibc crate defines t

Informal Systems 296 Dec 31, 2022
A Rust implementation of BIP-0039

bip39-rs A Rust implementation of BIP0039 Changes See the changelog file, or the Github releases for specific tags. Documentation Add bip39 to your Ca

Infincia LLC 49 Dec 9, 2022
Rust Ethereum 2.0 Client

Lighthouse: Ethereum 2.0 An open-source Ethereum 2.0 client, written in Rust and maintained by Sigma Prime. Documentation Overview Lighthouse is: Read

Sigma Prime 2.1k Jan 6, 2023
Official Rust implementation of the Nimiq protocol

Nimiq Core implementation in Rust (core-rs) Rust implementation of the Nimiq Blockchain Core Nimiq is a frictionless payment protocol for the web. Thi

Nimiq 72 Sep 23, 2022
Rust implementation of Zcash protocol

The Parity Zcash client. Gitter Blog: Parity teams up with Zcash Foundation for Parity Zcash client Installing from source Installing the snap Running

Parity Technologies 183 Sep 8, 2022
rust client libraries to deal with the current cardano mainnet (byron / cardano-sl)

Rust implementation of Cardano primitives, helpers, and related applications Cardano Rust is a modular toolbox of Cardano’s cryptographic primitives,

Input Output 275 Oct 9, 2022