diff options
author | Jacob Hoffman-Andrews <github@hoffman-andrews.com> | 2023-02-17 12:10:38 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-17 12:10:38 -0800 |
commit | fe5f9634d527fcabdb1dbb23267e75a5724ef302 (patch) | |
tree | aaed19c06137bbf999d6ddcc974af3292d3e62c7 | |
parent | 37b5ce06bc75c8ea18e68d0b67d1a3be956b6c1a (diff) |
Prepare 0.9.2 release (#288)v0.9.2
Update CHANGELOG and README.
Bump dependency versions.
Bump minimum supported Rust version, and versions of Rust used in CI.
Update crate description and Rust edition.
-rw-r--r-- | .github/workflows/test.yaml | 6 | ||||
-rw-r--r-- | CHANGELOG.md | 21 | ||||
-rw-r--r-- | CONTRIBUTING.md | 16 | ||||
-rw-r--r-- | Cargo.toml | 14 | ||||
-rw-r--r-- | README-crates.io.md | 7 | ||||
-rw-r--r-- | README.md | 30 | ||||
-rw-r--r-- | build.rs | 2 |
7 files changed, 65 insertions, 31 deletions
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index f69eca2..445c6fa 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -17,7 +17,7 @@ jobs: - stable - beta - nightly - - 1.56.0 # MSRV - keep in sync with what rustls considers MSRV + - 1.57.0 # MSRV - keep in sync with what rustls considers MSRV os: [ubuntu-18.04] # but only stable on macos/windows (slower platforms) include: @@ -156,7 +156,7 @@ jobs: - name: Install rust toolchain uses: actions-rs/toolchain@v1 with: - toolchain: 1.65.0 + toolchain: 1.67.1 override: true default: true components: rustfmt @@ -177,7 +177,7 @@ jobs: - name: Install rust toolchain uses: actions-rs/toolchain@v1 with: - toolchain: 1.65.0 + toolchain: 1.67.1 override: true default: true components: clippy diff --git a/CHANGELOG.md b/CHANGELOG.md index d0fba02..8e81084 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,17 +1,34 @@ # Changelog +## 0.9.2 (2023-02-17) + +### Added + + - Added support for Acceptor, allowing more flexible server-side handshake + handling (#243). + +### Fixed + + - Fixed violation of stacked borrows when freeing Arcs, detected by Miri (#283). + +### Changed + + - Update minimum supported Rust version to 1.57.0, following rustls (#276). + - Update rustls (#279). + - Update list of libraries required to link against (#281). + ## 0.9.1 (2022-06-10) ### Fixed - rustls_server_config_builder_set_client_verifier and rustls_server_config_builder_set_client_verifier_optional: fix a double - free (#263) + free (#263). - rustls_server_connection_get_sni_hostname: actually set \*out_n when SNI unavailable (#262). - rustls_client_cert_verifier_new and rustls_client_cert_verifier_optional_new: change to const and fix some lifecycle comments (#260). - - Fixed documentation for rustls_certified_key_build (#257) + - Fixed documentation for rustls_certified_key_build (#257). ## 0.9.0 (2022-05-12) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 42a7f3b..3c8b3d5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -12,5 +12,17 @@ the summary of your PR, and the description set to the description of your PR. That way we maintain a linear git history, where each commit corresponds to a fully reviewed PR that passed tests. -Check out README.md if you haven't already to find the conventions we follow. -All code must be rustfmt'ed, which we enforce in CI. +In README.md, under the "Conventions" section, are described the the API +conventions we follow. + +All code must be rustfmt'ed, which we enforce in CI. Check +.github/workflows/test.yml for the current Rust version against which we enforce +rustfmt, since rustfmt's output sometimes changes between Rust versions. + +## Dev dependencies + +If you're making changes to rustls-ffi, you'll need +`cbindgen` (run `cargo install cbindgen`). After you've made your changes, +regenerate the header file: + + make src/rustls.h @@ -1,16 +1,16 @@ [package] name = "rustls-ffi" -version = "0.9.2-alpha1" +version = "0.9.2" authors = ["Jacob Hoffman-Andrews <github@hoffman-andrews.com>"] license = "Apache-2.0/ISC/MIT" readme = "README-crates.io.md" -description = "C-to-rustls bindings" +description = "Rustls bindings for non-Rust languages" homepage = "https://github.com/rustls/rustls-ffi" repository = "https://github.com/rustls/rustls-ffi" categories = ["network-programming", "cryptography"] -edition = "2018" +edition = "2021" links = "rustls_ffi" -rust-version = "1.56" +rust-version = "1.57" [features] # Enable this feature when building as Rust dependency. It inhibits the @@ -23,13 +23,13 @@ read_buf = ["rustls/read_buf"] [dependencies] # Keep in sync with RUSTLS_CRATE_VERSION in build.rs -rustls = { version = "=0.20.7", features = [ "dangerous_configuration" ] } +rustls = { version = "=0.20.8", features = [ "dangerous_configuration" ] } webpki = "0.22" libc = "0.2" sct = "0.7" rustls-pemfile = "0.2.1" -log = "0.4.14" -num_enum = "0.5.4" +log = "0.4.17" +num_enum = "0.5.10" [lib] name = "rustls_ffi" diff --git a/README-crates.io.md b/README-crates.io.md index 577ae49..eeac516 100644 --- a/README-crates.io.md +++ b/README-crates.io.md @@ -1,10 +1,11 @@ # Rustls-FFI -This package contains bindings for using rustls via a C API. If +This package contains bindings for using rustls in a non-Rust language. If you're looking at this on crates.io, [you may want the rustls crate instead](https://crates.io/crates/rustls). -Even though this is a C API, it is published on crates.io so other crates that -wrap a different C API (like curl) can depend on it. +Even though this is a non-Rust API, it is published on crates.io so other +crates that wrap a different non-Rust API (for instance: the curl crate +wraps libcurl) can depend on it. [You may also want to read the rustls-ffi README](https://github.com/rustls/rustls-ffi#rustls-ffi-bindings). @@ -1,22 +1,32 @@ -# Rustls FFI bindings +# Rustls FFI bindings - use Rustls from any language [![Build Status](https://github.com/rustls/rustls-ffi/actions/workflows/test.yaml/badge.svg)](https://github.com/rustls/rustls-ffi/actions/workflows/test.yaml) This crate contains FFI bindings for the [rustls](https://docs.rs/rustls) TLS -library, so you can use the library in C programs or any other language that -supports FFI. It also contains a small demo C program that uses those bindings -to make an HTTPS request. Note: this crate was recently renamed from "crustls." +library, so you can use the library in any language that supports FFI (C, C++, Python, etc). +It also contains demo C programs that use those bindings to run an HTTPS server, and to +make an HTTPS request. + +Rustls is a modern TLS library written in Rust, meaning it is less likely to +have memory safety vulnerabilities that equivalent TLS libraries written in +memory unsafe languages. + +If you are using rustls-ffi to replace OpenSSL, note that OpenSSL provides +[cryptographic primitives](https://www.openssl.org/docs/man3.0/man7/crypto.html) +in addition to a TLS library. Rustls-ffi only provides the TLS library. If you +use the cryptographic primitives from OpenSSL you may need to +need to find another library to provide the cryptographic primitives. # Build -You'll need to [install the Rust toolchain](https://rustup.rs/) version 1.52.1 +You'll need to [install the Rust toolchain](https://rustup.rs/) version 1.57 or above and a C compiler (gcc and clang should both work). To build in optimized mode: make -To install: +To install in /usr/local/: - make install + sudo make install To build in debug mode: @@ -35,12 +45,6 @@ via](https://doc.rust-lang.org/rustc/command-line-arguments.html#--print-print-c RUSTFLAGS="--print native-static-libs" cargo build -If you're making changes to rustls-ffi, you'll need Rust 1.56.1 or above, plus -`cbindgen` (run `cargo install cbindgen`). After you've made your changes, -regenerate the header file: - - make src/rustls.h - # Overview Rustls doesn't do any I/O on its own. It provides the protocol handling, and @@ -3,7 +3,7 @@ use std::io::Write; use std::{env, fs, path::PathBuf}; // Keep in sync with Cargo.toml. -const RUSTLS_CRATE_VERSION: &str = "0.20.7"; +const RUSTLS_CRATE_VERSION: &str = "0.20.8"; fn main() { let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); |