mirror of https://github.com/curl/curl.git synced 2024-11-21 01:16:58 +08:00

Daniel McCarney 8972845123

Now that the curl rustls vtls backend is using rustls 0.14 we can
address the weak random situation by using
`rustls_default_crypto_provider_random()` to provide a `Curl_ssl`
`random` callback that fills the provided buffer with cryptographically
secure random data.

The mentions in `docs/` about weak RNG when using rustls are removed as
they are no longer applicable.

Closes #14889

2024-09-13 14:11:56 +02:00

1.1 KiB

Raw Permalink Blame History

Rustls

Rustls is a TLS backend written in Rust. Curl can be built to use it as an alternative to OpenSSL or other TLS backends. We use the rustls-ffi C bindings. This version of curl depends on version v0.14.0 of rustls-ffi.

Building with Rustls

First, install Rust.

Next, check out, build, and install the appropriate version of rustls-ffi:

% git clone https://github.com/rustls/rustls-ffi -b v0.14.0
% cd rustls-ffi
% make
% make DESTDIR=${HOME}/rustls-ffi-built/ install

Now configure and build curl with Rustls:

% git clone https://github.com/curl/curl
% cd curl
% autoreconf -fi
% ./configure --with-rustls=${HOME}/rustls-ffi-built
% make

See the rustls-ffi README for more information on cryptography providers and their build/platform requirements.

1.1 KiB Raw Permalink Blame History

Rustls

Building with Rustls

1.1 KiB

Raw Permalink Blame History