Commit Graph

8 Commits

Author SHA1 Message Date
Abdullah Alyan ce92c5dd76 Update rustls to 0.23. Support 'CryptoProvider's.
This commit updates rustls to 0.23 and adds support for custom
'CryptoProvider's installable via 'CryptoProvider::install_default()'.
In particular, this enables using `aws-lc-rs` for cryptography related
operation in TLS. The 'TLS' example was updated to test use of
'aws-lc-rs' on Unix.
2024-03-31 11:46:56 -07:00
Sergio Benitez 0a0f540988 Support TLS keys in SEC1 format. 2023-03-23 14:57:54 -07:00
Sergio Benitez bbc36ba27f Initial implementation of mTLS.
Co-authored-by: Howard Su <howard0su@gmail.com>
Co-authored-by: Mikail Bagishov <bagishov.mikail@yandex.ru>
2021-07-09 00:05:20 -07:00
Sergio Benitez 50c9e88cf9 Completely revamp, redo examples.
The new examples directory...

  * Contains a `README.md` explaining each example.
  * Consolidates examples into more complete chunks.
  * Is just better.

Resolves #1447.
2021-04-07 23:09:05 -07:00
Sergio Benitez b24e53454a Generate CA cert in 'gen_certs.sh'. 2021-03-17 18:25:06 -07:00
Abdullah Alyan af48d1f2e6 Support more TLS key types in PKCS format.
Closes #1449.
Resolves #1461.
2021-03-17 18:23:15 -07:00
Sergio Benitez 237370533c Update cert in 'tls' example for new 'rustls'.
The latest version of `rustls` acts on the SNI extension to TLS without
the apparent ability to disable the behavior. `rustls` requires that the
server's certificate match the client's requested server. The matching
is done by looking at DNS names in the `subjectAltName` extension and
checking if the requested server name is present. Since the certificate
in the `tls` example did not have the `subjectAltName` extension, this
check always failed, and the TLS connection was aborted. This commit
adds the extension to the certificate with a DNS name of `localhost`,
ensuring that TLS succeeds on `localhost`.
2017-09-01 03:16:36 -07:00
Sergio Benitez b8ba7b855f Remove Session in favor of private cookies. New testing API.
Sessions
--------

This commit removes the `Session` type in favor of methods on the
`Cookies` types that allow for adding, removing, and getting private
(signed and encrypted) cookies. These methods provide a superset of
the functionality of `Session` while also being a minimal addition to
the existing API. They can be used to implement the previous `Session`
type as well as other forms of session storage. The new methods are:

  * Cookie::add_private(&mut self, Cookie)
  * Cookie::remove_private(&mut self, Cookie)
  * Cookie::get_private(&self, &str)

Resolves #20

Testing
-------

This commit removes the `rocket::testing` module. It adds the
`rocket::local` module which provides a `Client` type for local
dispatching of requests against a `Rocket` instance. This `local`
package subsumes the previous `testing` package.

Rocket Examples
---------------

The `forms`, `optional_result`, and `hello_alt_methods` examples have
been removed. The following example have been renamed:

  * extended_validation -> form_validation
  * hello_ranks -> ranking
  * from_request -> request_guard
  * hello_tls -> tls

Other Changes
-------------

This commit also includes the following smaller changes:

  * Config::{development, staging, production} constructors have been
    added for easier creation of default `Config` structures.
  * The `Config` type is exported from the root.
  * `Request` implements `Clone` and `Debug`.
  * `Request::new` is no longer exported.
  * A `Response::body_bytes` method was added to easily retrieve a
    response's body as a `Vec<u8>`.
2017-06-08 17:34:50 -07:00