GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mesalock-linux → Mesalink

mesalock-linux / Mesalink

Licence: other
OpenSSL compatibility layer for the Rust SSL/TLS stack

Programming Languages

rust
11053 projects
c
50402 projects - #5 most used programming language
M4
1887 projects
CMake
9771 projects
shell
77523 projects
Makefile
30231 projects
C++
36643 projects - #6 most used programming language

Labels

tls

Projects that are alternatives of or similar to Mesalink

Docker Ssllabs Scan
Qualys sslabs-scan utility in a tiny docker image
Stars: ✭ 85 (-94.18%)
Mutual labels:  tls
Nitmproxy
Proxy server based on netty
Stars: ✭ 94 (-93.57%)
Mutual labels:  tls
Websocks
A secure proxy based on WebSocket. 一个基于 WebSocket 的代理工具
Stars: ✭ 102 (-93.02%)
Mutual labels:  tls
Voyager
🚀 Secure HAProxy Ingress Controller for Kubernetes
Stars: ✭ 1,276 (-12.66%)
Mutual labels:  tls
Php Hyper Builtin Server
Reverse proxy for PHP built-in server which supports multiprocessing and TLS/SSL encryption
Stars: ✭ 93 (-93.63%)
Mutual labels:  tls
Dotweb
Simple and easy go web micro framework
Stars: ✭ 1,354 (-7.32%)
Mutual labels:  tls
Icingaweb2 Module X509
Keeps track of certificates as they are deployed in a network environment.
Stars: ✭ 78 (-94.66%)
Mutual labels:  tls
Go Tls
A bit safer approach to implement Thread Local Storage (TLS) for Go 1.7+.
Stars: ✭ 104 (-92.88%)
Mutual labels:  tls
Ssl Checker
Python script that collects SSL/TLS information from hosts
Stars: ✭ 94 (-93.57%)
Mutual labels:  tls
Sslsplit
Transparent SSL/TLS interception
Stars: ✭ 1,371 (-6.16%)
Mutual labels:  tls
Terraform Provider Tls
Provides utilities for working with Transport Layer Security keys and certificates. It provides resources that allow private keys, certificates and certficate requests to be created as part of a Terraform deployment.
Stars: ✭ 88 (-93.98%)
Mutual labels:  tls
Tls Inspector
Easily view and inspect X.509 certificates on your iOS device.
Stars: ✭ 92 (-93.7%)
Mutual labels:  tls
Gsocks5
Secure SOCKS5 server in Go
Stars: ✭ 98 (-93.29%)
Mutual labels:  tls
Base Drafts
Internet-Drafts that make up the base QUIC specification
Stars: ✭ 1,270 (-13.07%)
Mutual labels:  tls
Gcp Iot Core Examples
Google Cloud Platform IOT Core Examples
Stars: ✭ 103 (-92.95%)
Mutual labels:  tls
Tlstunnel Lwt
TLS tunnel -- an alternative to stud / stunnel
Stars: ✭ 79 (-94.59%)
Mutual labels:  tls
Minimalftp
A lightweight, simple FTP server. Pure Java, no dependencies.
Stars: ✭ 94 (-93.57%)
Mutual labels:  tls
Dnsproviders
OBSOLETE: DNS providers adapted for use in Caddy to solve the ACME DNS challenge - for Caddy v1 only. See caddy-dns for v2.
Stars: ✭ 106 (-92.74%)
Mutual labels:  tls
Nonce Disrespect
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Stars: ✭ 103 (-92.95%)
Mutual labels:  tls
Koa Sslify
Enforce HTTPS in node.js koa apps
Stars: ✭ 100 (-93.16%)
Mutual labels:  tls
View All Similar Projects ➔

An OpenSSL compatibility layer for the Rust SSL/TLS stack.

Build Status Build Status Coverage Status Documentation Status Release License

MesaLink is an OpenSSL compatibility layer for the Rust SSL/TLS stack, namely rustls, webpki, and ring.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Release history

  • 1.0.0/0.10.0 (Apr 2, 2019)
    • CMake support; see the updated CROSS_COMPILE.md for cross-compilation instructions
    • Windows builds (MSVC and MinGW)
    • CI/CD migrated to Azure Pipelines
    • NSIS installer for Win64 available
    • Mutex/RwLock from parking_lot
    • Session caches with hashbrown
    • Optional jemalloc memory allocator with jemallocator
    • Renovated website
  • 0.8.0 (Jan 25, 2019)
    • 40 new OpenSSL APIs, covering BIO, EVP_PKEY, PEM and X509
    • SSL_CTX and SSL are thread-safe
    • Configurable session cache
    • SHA1 signatures discontinued
    • Tested with rust-san memory and leak sanitizers
    • Rust 2018 edition
    • Based on rustls 0.15, webpki 0.19, and *ring* 0.14
    • TLS backend for curl since 7.62.0
    • TLS backend for brpc, an industrial-grade RPC framework; see the patches directory
    • Experimental SGX Remote Attestation for Untrusted Enclaves (see SGX_README.md)

See OLD_CHANGES.md for further change history.

Supported ciphersuites

  • TLS13-CHACHA20-POLY1305-SHA256
  • TLS13-AES-256-GCM-SHA384
  • TLS13-AES-128-GCM_SHA256
  • TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
  • TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
  • TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
  • TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
  • TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
  • TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256

Building instructions for Autotools

$ sudo apt-get install m4 autoconf automake libtool make gcc curl
$ curl https://sh.rustup.rs -sSf | sh

$ git clone https://github.com/mesalock-linux/mesalink.git
$ ./autogen.sh --enable-examples
$ make

Building instructions for CMake

$ sudo apt-get install cmake make gcc curl
$ curl https://sh.rustup.rs -sSf | sh

$ git clone https://github.com/mesalock-linux/mesalink.git
$ mkdir build && cd build
$ cmake ..
$ cmake --build .

Examples

MesaLink comes with two examples that demonstrate a TLS client and a TLS server. Both of them are located at examples/.

The client example connects to a remote HTTPS server and prints the server's response.

$ ./examples/client/client api.ipify.org
[+] Negotiated ciphersuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, enc_length=16, version=TLS1.2
[+] Subject name: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.ipify.org
[+] Subject alternative names:*.ipify.org ipify.org
[+] Sent 85 bytes

GET / HTTP/1.0
Host: api.ipify.org
Connection: close
Accept-Encoding: identity


HTTP/1.1 200 OK
Server: Cowboy
Connection: close
Content-Type: text/plain
Vary: Origin
Date: Thu, 09 Aug 2018 21:44:35 GMT
Content-Length: 10
Via: 1.1 vegur

1.2.3.4
[+] TLS protocol version: TLS1.2

[+] Received 177 bytes

The server example comes with a pair of certificate and private key. The certificate file is in the PEM format and contains a chain of certificates from the server's certificate to the root CA certificate. The private key file contains a PKCS8-encoded private key in the PEM format. Once the server is up and running, open https://127.0.0.1:8443 and expect to see the hello message.

$ ./examples/server/server
Usage: ./examples/server/server <portnum> <cert_file> <private_key_file>
$ cd examples/server/server
$ ./server 8443 certificates private_key
[+] Listening at 0.0.0.0:8443
[+] Negotiated ciphersuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, enc_length=16, version=TLS1.2
[+] Received:
GET / HTTP/1.1
Host: 127.0.0.1:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Unit tests

MesaLink uses cargo for unit tests. Simply run cargo test.

$ cargo test

BoringSSL SSL tests

BoGo is BoringSSL's protocol level test suite. We have ported BoGo for testing the functionality and compatibility of MesaLink. To run BoGo test cases, run the following:

$ cd bogo && ./runme

Maintainer

License

MesaLink is provided under the 3-Clause BSD license. For a copy, see the LICENSE file.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].