diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 04ddf947..73cffedc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,7 +35,7 @@ jobs: - uses: actions/checkout@v2 - uses: sfackler/actions/rustup@master with: - version: 1.53.0 + version: 1.63.0 - run: echo "::set-output name=version::$(rustc --version)" id: rust-version - uses: actions/cache@v1 diff --git a/Cargo.toml b/Cargo.toml index 6ed9f231..ff473a78 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -16,21 +16,21 @@ vendored = ["openssl/vendored"] alpn = ["security-framework/alpn"] [target.'cfg(any(target_os = "macos", target_os = "ios"))'.dependencies] -security-framework = "2.0.0" -security-framework-sys = "2.0.0" +security-framework = "2.7.0" +security-framework-sys = "2.6.1" lazy_static = "1.4.0" libc = "0.2" tempfile = "3.1.0" [target.'cfg(target_os = "windows")'.dependencies] -schannel = "0.1.17" +schannel = "0.1.20" [target.'cfg(not(any(target_os = "windows", target_os = "macos", target_os = "ios")))'.dependencies] log = "0.4.5" -openssl = "0.10.29" -openssl-sys = "0.9.55" -openssl-probe = "0.1" +openssl = "0.10.41" +openssl-sys = "0.9.75" +openssl-probe = "0.1.5" [dev-dependencies] tempfile = "3.0" -test-cert-gen = "0.7" +test-cert-gen = "0.9" diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs index 389caa5e..72518824 100644 --- a/src/imp/openssl.rs +++ b/src/imp/openssl.rs @@ -32,6 +32,7 @@ fn supported_protocols( Protocol::Tlsv10 => SslVersion::TLS1, Protocol::Tlsv11 => SslVersion::TLS1_1, Protocol::Tlsv12 => SslVersion::TLS1_2, + Protocol::Tlsv13 => SslVersion::TLS1_3, Protocol::__NonExhaustive => unreachable!(), } } diff --git a/src/imp/schannel.rs b/src/imp/schannel.rs index 62e5042f..faeb5dcb 100644 --- a/src/imp/schannel.rs +++ b/src/imp/schannel.rs @@ -19,6 +19,7 @@ static PROTOCOLS: &'static [Protocol] = &[ Protocol::Tls10, Protocol::Tls11, Protocol::Tls12, + Protocol::Tls13, ]; fn convert_protocols(min: Option<::Protocol>, max: Option<::Protocol>) -> &'static [Protocol] { diff --git a/src/imp/security_framework.rs b/src/imp/security_framework.rs index 0b417722..2cf8e734 100644 --- a/src/imp/security_framework.rs +++ b/src/imp/security_framework.rs @@ -48,6 +48,7 @@ fn convert_protocol(protocol: Protocol) -> SslProtocol { Protocol::Tlsv10 => SslProtocol::TLS1, Protocol::Tlsv11 => SslProtocol::TLS11, Protocol::Tlsv12 => SslProtocol::TLS12, + Protocol::Tlsv13 => SslProtocol::TLS13, Protocol::__NonExhaustive => unreachable!(), } } diff --git a/src/lib.rs b/src/lib.rs index 14dabb7b..876722f2 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -325,6 +325,8 @@ pub enum Protocol { Tlsv11, /// The TLS 1.2 protocol. Tlsv12, + /// The TLS 1.3 protocol. + Tlsv13, #[doc(hidden)] __NonExhaustive, } diff --git a/src/test.rs b/src/test.rs index d29f0d26..a01ec7e8 100644 --- a/src/test.rs +++ b/src/test.rs @@ -16,6 +16,25 @@ macro_rules! p { }; } +#[test] +fn connect_google_tls13() { + let builder = p!( + TlsConnector::builder() + .min_protocol_version(Some(Protocol::Tlsv13)) + .max_protocol_version(Some(Protocol::Tlsv13)) + .build()); + let s = p!(TcpStream::connect("google.com:443")); + let mut socket = p!(builder.connect("google.com", s)); + + p!(socket.write_all(b"GET / HTTP/1.0\r\n\r\n")); + let mut result = vec![]; + p!(socket.read_to_end(&mut result)); + + println!("{}", String::from_utf8_lossy(&result)); + assert!(result.starts_with(b"HTTP/1.0")); + assert!(result.ends_with(b"\r\n") || result.ends_with(b"")); +} + #[test] fn connect_google() { let builder = p!(TlsConnector::new());