aboutsummaryrefslogtreecommitdiffstats
path: root/components/net/connector.rs
Commit message (Collapse)AuthorAgeFilesLines
* Update rustfmt to the 2024 style edition (#35764)Simon Wülker2025-03-031-2/+2
| | | | | | | | | | | | | * Use 2024 style edition Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Reformat all code Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> --------- Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Update all network-related dependencies to the latest versions (#34630)Josh Matthews2025-01-081-39/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update all network-related dependencies to the latest versions: * rustls * hyper * http * headers * tungstenite * async-tungstenite Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix panics with 1xx responses in WPT tests. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Use reported response length when calculating available ranges. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Remove unreachable match arm. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Clean up commented fragments in blob and file handlers. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Remove unreachable match arm. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix clippy warning. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Cleanup. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Fix up unit tests for dependency upgrades. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * Update aws-lc-sys to fix Windows builds. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * net: Use ring instead of aws-lc-sys. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * embedding: Require embedder to initialize a rustls CryptoProvider. Signed-off-by: Josh Matthews <josh@joshmatthews.net> * Disable aws-lc-rs pending OhOS build fixes. Signed-off-by: Josh Matthews <josh@joshmatthews.net> --------- Signed-off-by: Josh Matthews <josh@joshmatthews.net>
* Net: fold websocket and http tokio runtime into one (#31771)tannal2024-03-211-1/+1
| | | | | | | | | * net: use the same tokio runtime in websocket loader #31648 * readability * license
* clippy: fix warnings in components/net (#31564)eri2024-03-101-1/+1
| | | | | | | * clippy: fix some warnings in components/net * fix: review comments * fix: tidy
* rustdoc: Fix many rustdoc errors (#31147)Martin Robinson2024-01-221-1/+1
| | | | This fixes many rustdoc errors that occur due to raw URLs in rustdoc comments as well as unescaped Rust code that should be in backticks.
* Update network stack dependencies (#30612)Martin Robinson2023-11-021-1/+1
| | | | | | | | - webpki-roots - webpki - async-tungstenite - rustls - rustls-webpki - ring
* Strict import formatting (grouping and granularity) (#30325)Samson2023-09-111-7/+11
| | | | | * strict imports formatting * Reformat all imports
* remove `extern crate` (#30311)Samson2023-09-081-0/+1
| | | | | | | | | | | * remove extern crate * Update components/script_plugins/lib.rs Co-authored-by: Martin Robinson <mrobinson@igalia.com> --------- Co-authored-by: Martin Robinson <mrobinson@igalia.com>
* Switch to rustls and webpki-roots (#30025)Martin Robinson2023-08-081-167/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change replaces OpenSSL with rustls and also the manually curated CA certs file with webpki-roots (effectively the same thing, but as a crate). Generally speaking the design of the network stack is the same. Changes: - Code around certificate overrides needed to be refactored to work with rustls so the various thread-safe list of certificates is refactored into `CertificateErrorOverrideManager` - hyper-rustls takes care of setting ALPN protocols for HTTP requests, so for WebSockets this is moved to the WebSocket code. - The safe set of cypher suites is chosen, which seem to correspond to the "Modern" configuration from [1]. This can be adjusted later. - Instead of passing a string of PEM CA certificates around, an enum is used that includes parsed Certificates (or the default which reads them from webpki-roots). - Code for starting up an SSL server for testing is cleaned up a little, due to the fact that the certificates need to be overriden explicitly now. This is due to the fact that the `webpki` crate is more stringent with self-signed certificates than SSL (CA certificates cannot used as end-entity certificates). [2] 1. https://wiki.mozilla.org/Security/Server_Side_TLS 2. https://github.com/briansmith/webpki/issues/114 Fixes #7888. Fixes #13749. Fixes #26835. Fixes #29291.
* Upgrade HyperNaveen Gattu2022-01-161-17/+51
|
* net: Add unit test for accepting a self-signed cert.Josh Matthews2020-06-091-4/+4
|
* net: Add option to temporarily accept certs that failed the handshake.Josh Matthews2020-06-091-1/+5
|
* net: Allow SSL websockets to use dynamic list of certs as well.Josh Matthews2020-06-091-4/+5
|
* net: Pass certs that fail the SSL handshake out of the network layer.Josh Matthews2020-06-091-23/+81
|
* net: Add an SSL verification callback to support checking a dynamic list of ↵Josh Matthews2020-06-091-3/+46
| | | | certs.
* Configure OpenSSL SECLEVEL=2Jan Andre Ikenmeyer2020-02-121-1/+1
|
* Add ALPN and signature algorithms to OpenSSL configJan Andre Ikenmeyer2019-11-301-24/+32
|
* Disable TLS 1.0 and 1.1Jan Andre Ikenmeyer2019-05-101-2/+7
|
* Redesign network response decoding to avoid creating decoders before some ↵Josh Matthews2019-01-151-105/+1
| | | | content is present.
* Cleanup of default ciphersuite listJan Andre Ikenmeyer2018-11-211-10/+3
| | | | | | | | | * don't offer DHE ciphersuites like Chrome * don't offer AES-CBC-SHA2 like Firefox and Chrome * don't offer AES-GCM for plain RSA like Firefox * don't offer ECDSA with AES-CBC like Chrome * don't offer weak DES-CBC3-SHA * prefer AES256 over AES128 like Mozilla Modern, Safari and Edge
* Update MPL license to https (part 4)Jan Andre Ikenmeyer2018-11-191-1/+1
|
* Auto merge of #22144 - Eijebong:hyperfix, r=jdmbors-servo2018-11-081-4/+34
|\ | | | | | | | | | | | | | | Fix downloading huge files (broken since hyperup) <!-- Reviewable:start --> This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/22144) <!-- Reviewable:end -->
| * Use chunk.as_ref() instead of &chunk.into_bytes()Bastien Orivel2018-11-081-3/+3
| |
| * Continue decompressing chunks even after hyper is done downloading the bodyBastien Orivel2018-11-081-1/+31
| | | | | | | | | | | | If hyper reads compressed enough data, we were decompressing 32k by 32k but we were throwing away the end of the body because we would end up having lots of backed up data in the cursor when hyper was done.
| * Don't reset the buffers for each chunk we downloadBastien Orivel2018-11-081-2/+2
| | | | | | | | | | Sometimes hyper sends data that can't completely decompressed, resetting the buffer means we're losing some data and thus breaking the body
* | `cargo fix --edition-idioms`Simon Sapin2018-11-081-1/+1
|/
* Reorder importsPyfisch2018-11-061-3/+3
|
* `cargo fix --edition`Simon Sapin2018-11-061-2/+2
|
* Rustfmt net cratePyfisch2018-11-031-31/+39
|
* Update hyper to 0.12Bastien Orivel2018-11-011-43/+114
|
* Handle secure websocketsBastien Orivel2018-08-161-3/+7
| | | | Fixes #20816
* delegate resource reading to embedderPaul Rouget2018-04-271-3/+27
|
* Dedupe lazy_staticBastien Orivel2018-03-231-6/+3
| | | | :tada: :tada: :tada:
* UntrySimon Sapin2017-06-181-1/+1
|
* Move the HTTP connector in HttpStateAnthony Ramine2017-04-061-3/+2
|
* Move hosts module into net crate. Remove obsolete functions.Josh Matthews2017-04-061-1/+1
|
* Replace hosts when making TCP connections, not when verifying SSL certs.Josh Matthews2017-04-061-2/+41
|
* Add command-line argument to use a custom SSL certificate database.Josh Matthews2017-04-061-6/+2
|
* Introduce create_ssl_clientAnthony Ramine2017-04-021-3/+5
| | | | This lets us reuse the same SSL context for all HTTPS requests.
* Reorder and reorganise imports in net::connectorAnthony Ramine2017-04-021-21/+21
|
* Update Hyper and OpenSSLddh2017-03-311-32/+20
|
* Revert "Introduce create_ssl_context"Anthony Ramine2017-03-311-6/+2
| | | | This reverts commit 7a4632bfa22c8bb83fbfe0c0241411362ee4dffd.
* Introduce create_ssl_contextAnthony Ramine2017-03-281-2/+6
|
* Implement HSTS fetch stepRaghav2016-12-291-2/+2
| | | | | | | | | | | | | | | Implemented step nine of the main fetch. If current URL scheme is 'HTTP' and current URL's host is domain and if current URL's host matched with Known HSTS Host Domain Name Matching results in either a superdomain match with an asserted includeSubDomains directive or a congruent match then we change request scheme to 'https'. This change has been made in method.rs A test case to validate this has been added in fetch.rs. For asserting https scheme, a https localhost was required. For this purpose I have created a self-signed certificate and refactored fetch-context and connector.rs to programmatically trust this certificate for running this test case.
* Removed util.Alan Jeffrey2016-12-141-1/+1
|
* Use Result instead of panicking when the resource dir can't be foundManish Goregaokar2016-07-211-1/+3
|
* Disable TLS compressionAlex Gaynor2016-07-011-2/+2
| | | This prevents the CRIME attack.
* Use openssl-verify to check certificate + hostnameMatt Brubeck2016-05-101-5/+23
| | | | Fixes #4954.
* Move http_loader::Connector to a separate moduleMatt Brubeck2016-05-101-0/+40
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-22 04:13:17 +0000