1个不稳定版本
0.10.0 | 2019年11月25日 |
---|
#38 in #ssl
285KB
6K SLoC
包含 (模糊的autoconf代码,7KB) configure.ac
Rust SSL/TLS堆栈的OpenSSL兼容层
之前为MesaLink,TabbySSL是Rust SSL/TLS堆栈的OpenSSL兼容层。
发布历史
- 0.10.0 (11/24/2019)
- 从MesaLink的master分支分叉而来
支持的加密套件
与rustls相同
- TLS13-CHACHA20-POLY1305-SHA256
- TLS13-AES-256-GCM-SHA384
- TLS13-AES-128-GCM_SHA256
- TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
- TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
- TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
- TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
- TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
- TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
Autotools的构建说明
$ sudo apt-get install m4 autoconf automake libtool make gcc curl
$ curl https://sh.rustup.rs -sSf | sh
$ git clone https://github.com/ymjing/tabbyssl.git
$ ./autogen.sh --enable-examples
$ make
CMake的构建说明
$ sudo apt-get install cmake make gcc curl
$ curl https://sh.rustup.rs -sSf | sh
$ git clone https://github.com/ymjing/tabbyssl.git
$ mkdir build && cd build
$ cmake ..
$ cmake --build .
示例
要启用示例,请使用 configure --enable-examples
或 cmake -DHAVE_EXAMPLES=on
.
$ ./examples/client/client api.ipify.org
[+] Negotiated ciphersuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, enc_length=16, version=TLS1.2
[+] Subject name: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.ipify.org
[+] Subject alternative names:*.ipify.org ipify.org
[+] Sent 85 bytes
GET / HTTP/1.0
Host: api.ipify.org
Connection: close
Accept-Encoding: identity
HTTP/1.1 200 OK
Server: Cowboy
Connection: close
Content-Type: text/plain
Vary: Origin
Date: Thu, 09 Aug 2018 21:44:35 GMT
Content-Length: 10
Via: 1.1 vegur
1.2.3.4
[+] TLS protocol version: TLS1.2
[+] Received 177 bytes
$ ./examples/server/server
Usage: ./examples/server/server <portnum> <cert_file> <private_key_file>
$ cd examples/server/server
$ ./server 8443 certificates private_key
[+] Listening at 0.0.0.0:8443
[+] Negotiated ciphersuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, enc_length=16, version=TLS1.2
[+] Received:
GET / HTTP/1.1
Host: 127.0.0.1:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
致谢
没有以下Rust社区中的高质量开源项目,TabbySSL/MesaLink将不可能实现。感谢代码和灵感!
rustls
: 由Joseph Birr-Pixton @ctz维护的现代Rust TLS库sct.rs
: rust中证书透明度SCT验证库,由Joseph Birr-Pixton @ctz维护ring
: 由Brian Smith @briansmith编写的安全、快速、小巧的加密,使用Rustwebpki
: Rust中的WebPKI X.509证书验证,由Brian Smith @briansmith维护
维护者
- 2019.11 - 现在:Yiming Jing
<yjing@apache.org>
@ymjing
许可证
TabbySSL在3-Clause BSD许可证下提供。副本请参阅LICENSE文件。
依赖关系
~13–23MB
~425K SLoC