Jan Andre Ikenmeyer
b811be764c
Add ALPN and signature algorithms to OpenSSL config
2019-11-30 05:18:00 +01:00
Jan Andre Ikenmeyer
25333b6451
Disable TLS 1.0 and 1.1
2019-05-10 14:53:32 +02:00
Josh Matthews
6404a0ef53
Redesign network response decoding to avoid creating decoders before some content is present.
2019-01-15 16:04:45 -05:00
Jan Andre Ikenmeyer
027154ecf0
Cleanup of default ciphersuite list
...
* don't offer DHE ciphersuites like Chrome
* don't offer AES-CBC-SHA2 like Firefox and Chrome
* don't offer AES-GCM for plain RSA like Firefox
* don't offer ECDSA with AES-CBC like Chrome
* don't offer weak DES-CBC3-SHA
* prefer AES256 over AES128 like Mozilla Modern, Safari and Edge
2018-11-21 22:04:30 +01:00
Jan Andre Ikenmeyer
1d6fe65401
Update MPL license to https (part 4)
2018-11-19 14:47:27 +01:00
bors-servo
dd5e5e9294
Auto merge of #22144 - Eijebong:hyperfix, r=jdm
...
Fix downloading huge files (broken since hyperup)
<!-- Reviewable:start -->
This change is [<img src="https://reviewable.io/review_button.svg " height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/22144 )
<!-- Reviewable:end -->
2018-11-08 08:47:10 -05:00
Bastien Orivel
85c6eff94a
Use chunk.as_ref() instead of &chunk.into_bytes()
2018-11-08 12:37:50 +01:00
Simon Sapin
2012be4a8b
cargo fix --edition-idioms
2018-11-08 09:28:00 +01:00
Bastien Orivel
dcbe7d36ae
Continue decompressing chunks even after hyper is done downloading the body
...
If hyper reads compressed enough data, we were decompressing 32k by 32k
but we were throwing away the end of the body because we would end up
having lots of backed up data in the cursor when hyper was done.
2018-11-08 02:40:22 +01:00
Bastien Orivel
e30440c9cc
Don't reset the buffers for each chunk we download
...
Sometimes hyper sends data that can't completely decompressed, resetting
the buffer means we're losing some data and thus breaking the body
2018-11-08 02:40:21 +01:00
Pyfisch
9e92eb205a
Reorder imports
2018-11-06 22:35:07 +01:00
Simon Sapin
45f7199eee
cargo fix --edition
2018-11-06 15:26:02 +01:00
Pyfisch
2481ad25f8
Rustfmt net crate
2018-11-03 15:29:01 +01:00
Bastien Orivel
024b40b39d
Update hyper to 0.12
2018-11-01 19:17:36 +01:00
Bastien Orivel
73ef02ff17
Handle secure websockets
...
Fixes #20816
2018-08-16 00:24:19 +02:00
Paul Rouget
9fb5795f37
delegate resource reading to embedder
2018-04-27 15:34:52 +08:00
Bastien Orivel
6c6a4159cf
Dedupe lazy_static
...
🎉 🎉 🎉
2018-03-23 18:14:20 +01:00
Simon Sapin
316cd35767
Untry
2017-06-18 13:21:51 +02:00
Anthony Ramine
16863017a9
Move the HTTP connector in HttpState
2017-04-06 19:35:11 +02:00
Josh Matthews
6f590a87bf
Move hosts module into net crate. Remove obsolete functions.
2017-04-06 19:25:47 +09:00
Josh Matthews
e9fdc4c72a
Replace hosts when making TCP connections, not when verifying SSL certs.
2017-04-06 19:25:37 +09:00
Josh Matthews
dc99104f55
Add command-line argument to use a custom SSL certificate database.
2017-04-06 19:25:34 +09:00
Anthony Ramine
20e0b6cd56
Introduce create_ssl_client
...
This lets us reuse the same SSL context for all HTTPS requests.
2017-04-02 15:27:40 +02:00
Anthony Ramine
ecd9ac9b68
Reorder and reorganise imports in net::connector
2017-04-02 14:57:19 +02:00
ddh
e527c9a991
Update Hyper and OpenSSL
2017-03-31 16:32:21 +02:00
Anthony Ramine
f66cae3f96
Revert "Introduce create_ssl_context"
...
This reverts commit 7a4632bfa2
.
2017-03-31 16:19:00 +02:00
Anthony Ramine
7a4632bfa2
Introduce create_ssl_context
2017-03-28 00:37:25 +02:00
Raghav
6020b4c15c
Implement HSTS fetch step
...
Implemented step nine of the main fetch. If current URL scheme is 'HTTP'
and current URL's host is domain and if current URL's host matched with
Known
HSTS Host Domain Name Matching results in either a superdomain match with
an asserted includeSubDomains directive or a congruent match then we
change request scheme to 'https'. This change has been made in method.rs
A test case to validate this has been added in fetch.rs. For asserting
https scheme, a https localhost was required. For this purpose I have
created a self-signed certificate and refactored fetch-context and
connector.rs to programmatically trust this certificate for running this
test case.
2016-12-29 12:55:31 +05:30
Alan Jeffrey
9be4fd56ce
Removed util.
2016-12-14 18:04:37 -06:00
Manish Goregaokar
ceb85795b1
Use Result instead of panicking when the resource dir can't be found
2016-07-21 12:07:25 +05:30
Alex Gaynor
a0f03dcfac
Disable TLS compression
...
This prevents the CRIME attack.
2016-07-01 07:19:46 -04:00
Matt Brubeck
5695da0c38
Use openssl-verify to check certificate + hostname
...
Fixes #4954 .
2016-05-10 11:30:11 -07:00
Matt Brubeck
c344461017
Move http_loader::Connector to a separate module
2016-05-10 11:20:32 -07:00