min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1277 from sfackler/github-actions 

Start moving to GitHub actions
This commit is contained in:
Steven Fackler 2020-05-24 20:17:18 -04:00 committed by GitHub
parent 72048765c7 f401ba2ec1
commit 00e909849c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
44 changed files with 462 additions and 258 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
.github/workflows/ci.yml vendored Normal file
View File

@ -0,0 +1,49 @@
name: CI
on:
pull_request:
branches:
- master
push:
branches:
- master
env:
RUSTFLAGS: -Dwarnings
RUST_BACKTRACE: 1
jobs:
rustfmt:
name: rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install Rust
run: rustup update stable && rustup default stable
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install Rust
run: rustup update stable && rustup default stable
- name: Get rust version
id: rust-version
run: echo "::set-output name=version::$(rustc --version)"
- name: Create lockfile
run: cargo generate-lockfile
- name: Cache cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry/cache
key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }}
- name: Cache target directory
uses: actions/cache@v1
with:
path: target
key: clippy-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }}
- name: Check clippy
run: cargo clippy --all --all-targets

1
openssl-sys/build/cfgs.rs
View File

@ -1,3 +1,4 @@
#[allow(clippy::inconsistent_digit_grouping)]
pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&'static str> {
let mut cfgs = vec![];

46
openssl-sys/build/find_normal.rs
View File

@ -9,14 +9,15 @@ pub fn get_openssl(target: &str) -> (PathBuf, PathBuf) {
let lib_dir = env("OPENSSL_LIB_DIR").map(PathBuf::from);
let include_dir = env("OPENSSL_INCLUDE_DIR").map(PathBuf::from);
if lib_dir.is_none() || include_dir.is_none() {
match (lib_dir, include_dir) {
(Some(lib_dir), Some(include_dir)) => (lib_dir, include_dir),
(lib_dir, include_dir) => {
let openssl_dir = env("OPENSSL_DIR").unwrap_or_else(|| find_openssl_dir(&target));
let openssl_dir = Path::new(&openssl_dir);
let lib_dir = lib_dir.unwrap_or_else(|| openssl_dir.join("lib"));
let include_dir = include_dir.unwrap_or_else(|| openssl_dir.join("include"));
(lib_dir, include_dir)
} else {
(lib_dir.unwrap(), include_dir.unwrap())
}
}
}
@ -93,7 +94,7 @@ openssl-sys = {}
if host.contains("apple-darwin") && target.contains("apple-darwin") {
let system = Path::new("/usr/lib/libssl.0.9.8.dylib");
if system.exists() {
msg.push_str(&format!(
msg.push_str(
"
It looks like you're compiling on macOS, where the system contains a version of
@ -105,27 +106,28 @@ install the `openssl` package, or as a maintainer you can use the openssl-sys
Unfortunately though the compile cannot continue, so aborting.
"
));
",
);
}
}
if host.contains("unknown-linux") && target.contains("unknown-linux-gnu") {
if Command::new("pkg-config").output().is_err() {
msg.push_str(&format!(
if host.contains("unknown-linux")
&& target.contains("unknown-linux-gnu")
&& Command::new("pkg-config").output().is_err()
{
msg.push_str(
"
It looks like you're compiling on Linux and also targeting Linux. Currently this
requires the `pkg-config` utility to find OpenSSL but unfortunately `pkg-config`
could not be found. If you have OpenSSL installed you can likely fix this by
installing `pkg-config`.
"
));
}
",
);
}
if host.contains("windows") && target.contains("windows-gnu") {
msg.push_str(&format!(
msg.push_str(
"
It looks like you're compiling for MinGW but you may not have either OpenSSL or
pkg-config installed. You can install these two dependencies with:
@ -134,12 +136,12 @@ pacman -S openssl-devel pkg-config
and try building this crate again.
"
));
",
);
}
if host.contains("windows") && target.contains("windows-msvc") {
msg.push_str(&format!(
msg.push_str(
"
It looks like you're compiling for MSVC but we couldn't detect an OpenSSL
installation. If there isn't one installed then you can try the rust-openssl
@ -148,8 +150,8 @@ OpenSSL:
https://github.com/sfackler/rust-openssl#windows
"
));
",
);
}
panic!(msg);
@ -207,10 +209,7 @@ fn try_vcpkg() {
.find_package("openssl");
if let Err(e) = lib {
println!(
"note: vcpkg did not find openssl: {}",
e
);
println!("note: vcpkg did not find openssl: {}", e);
return;
}
@ -237,5 +236,6 @@ fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option<String> {
}
}
}
return None;
None
}

6
openssl-sys/build/main.rs
View File

@ -1,3 +1,5 @@
#![allow(clippy::inconsistent_digit_grouping)]
extern crate autocfg;
extern crate cc;
#[cfg(feature = "vendored")]
@ -79,11 +81,11 @@ fn main() {
);
println!("cargo:include={}", include_dir.to_string_lossy());
let version = validate_headers(&[include_dir.clone().into()]);
let version = validate_headers(&[include_dir]);
let libs_env = env("OPENSSL_LIBS");
let libs = match libs_env.as_ref().and_then(|s| s.to_str()) {
Some(ref v) => v.split(":").collect(),
Some(ref v) => v.split(':').collect(),
None => match version {
Version::Openssl10x if target.contains("windows") => vec!["ssleay32", "libeay32"],
Version::Openssl11x if target.contains("windows-msvc") => vec!["libssl", "libcrypto"],

2
openssl-sys/src/err.rs
View File

@ -9,7 +9,7 @@ const_fn! {
pub const fn ERR_PACK(l: c_int, f: c_int, r: c_int) -> c_ulong {
((l as c_ulong & 0x0FF) << 24) |
((f as c_ulong & 0xFFF) << 12) |
((r as c_ulong & 0xFFF))
(r as c_ulong & 0xFFF)
}
pub const fn ERR_GET_LIB(l: c_ulong) -> c_int {

2
openssl-sys/src/evp.rs
View File

@ -167,7 +167,7 @@ extern "C" {
pub fn EVP_DecryptFinal_ex(
ctx: *mut EVP_CIPHER_CTX,
outm: *mut c_uchar,
outl: *mut c_int
outl: *mut c_int,
) -> c_int;
}
cfg_if! {

12
openssl-sys/src/lib.rs
View File

@ -1,5 +1,13 @@
#![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)]
#![allow(dead_code, overflowing_literals, unused_imports)]
#![allow(
clippy::missing_safety_doc,
clippy::unreadable_literal,
dead_code,
non_camel_case_types,
non_snake_case,
non_upper_case_globals,
overflowing_literals,
unused_imports
)]
#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")]
extern crate libc;

4
openssl-sys/src/pem.rs
View File

@ -142,9 +142,7 @@ extern "C" {
buf: *mut *const u8,
length: c_long,
) -> *mut PKCS8_PRIV_KEY_INFO;
pub fn PKCS8_PRIV_KEY_INFO_free(
p8inf: *mut PKCS8_PRIV_KEY_INFO,
);
pub fn PKCS8_PRIV_KEY_INFO_free(p8inf: *mut PKCS8_PRIV_KEY_INFO);
pub fn PEM_read_bio_PKCS7(
bio: *mut BIO,

6
openssl/build.rs
View File

@ -1,7 +1,9 @@
#![allow(clippy::inconsistent_digit_grouping)]
use std::env;
fn main() {
if let Ok(_) = env::var("DEP_OPENSSL_LIBRESSL") {
if env::var("DEP_OPENSSL_LIBRESSL").is_ok() {
println!("cargo:rustc-cfg=libressl");
}
@ -10,7 +12,7 @@ fn main() {
}
if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
for var in vars.split(",") {
for var in vars.split(',') {
println!("cargo:rustc-cfg=osslconf=\"{}\"", var);
}
}

31
openssl/src/asn1.rs
View File

@ -124,17 +124,14 @@ impl Asn1TimeRef {
#[cfg(ossl102)]
pub fn diff(&self, compare: &Self) -> Result<TimeDiff, ErrorStack> {
let mut days = 0;
let mut seconds = 0;
let mut secs = 0;
let other = compare.as_ptr();
let err = unsafe { ffi::ASN1_TIME_diff(&mut days, &mut seconds, self.as_ptr(), other) };
let err = unsafe { ffi::ASN1_TIME_diff(&mut days, &mut secs, self.as_ptr(), other) };
match err {
0 => Err(ErrorStack::get()),
_ => Ok(TimeDiff {
days: days,
secs: seconds,
}),
_ => Ok(TimeDiff { days, secs }),
}
}
@ -256,6 +253,7 @@ impl Asn1Time {
/// This corresponds to [`ASN1_TIME_set_string`].
///
/// [`ASN1_TIME_set_string`]: https://www.openssl.org/docs/manmaster/man3/ASN1_TIME_set_string.html
#[allow(clippy::should_implement_trait)]
pub fn from_str(s: &str) -> Result<Asn1Time, ErrorStack> {
unsafe {
let s = CString::new(s).unwrap();
@ -370,9 +368,9 @@ impl Asn1StringRef {
}
}
/// Return the string as an array of bytes
/// Return the string as an array of bytes.
///
/// The bytes do not directly corespond to UTF-8 encoding. To interact with
/// The bytes do not directly correspond to UTF-8 encoding. To interact with
/// strings in rust, it is preferable to use [`as_utf8`]
///
/// [`as_utf8`]: struct.Asn1String.html#method.as_utf8
@ -380,10 +378,15 @@ impl Asn1StringRef {
unsafe { slice::from_raw_parts(ASN1_STRING_get0_data(self.as_ptr()), self.len()) }
}
/// Return the length of the Asn1String (number of bytes)
/// Returns the number of bytes in the string.
pub fn len(&self) -> usize {
unsafe { ffi::ASN1_STRING_length(self.as_ptr()) as usize }
}
/// Determines if the string is empty.
pub fn is_empty(&self) -> bool {
self.len() == 0
}
}
foreign_type_and_impl_send_sync! {
@ -467,14 +470,20 @@ foreign_type_and_impl_send_sync! {
}
impl Asn1BitStringRef {
/// Returns the Asn1BitString as a slice
/// Returns the Asn1BitString as a slice.
pub fn as_slice(&self) -> &[u8] {
unsafe { slice::from_raw_parts(ASN1_STRING_get0_data(self.as_ptr() as *mut _), self.len()) }
}
/// Length of Asn1BitString in number of bytes.
/// Returns the number of bytes in the string.
pub fn len(&self) -> usize {
unsafe { ffi::ASN1_STRING_length(self.as_ptr() as *const _) as usize }
}
/// Determines if the string is empty.
pub fn is_empty(&self) -> bool {
self.len() == 0
}
}
foreign_type_and_impl_send_sync! {

2
openssl/src/base64.rs
View File

@ -63,7 +63,7 @@ pub fn decode_block(src: &str) -> Result<Vec<u8>, ErrorStack> {
out.set_len(out_len as usize);
}
if src.ends_with("=") {
if src.ends_with('=') {
out.pop();
if src.ends_with("==") {
out.pop();

35
openssl/src/bn.rs
View File

@ -12,16 +12,13 @@
//! use openssl::bn::BigNum;
//! use openssl::error::ErrorStack;
//!
//! fn bignums() -> Result<(), ErrorStack> {
//! fn main() -> Result<(), ErrorStack> {
//! let a = BigNum::new()?; // a = 0
//! let b = BigNum::from_dec_str("1234567890123456789012345")?;
//! let c = &a * &b;
//! assert_eq!(a, c);
//! Ok(())
//! }
//! # fn main() {
//! # bignums();
//! # }
//! ```
//!
//! [`BIGNUM`]: https://wiki.openssl.org/index.php/Manual:Bn_internal(3)
@ -191,6 +188,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_div_word`]
///
/// [`BN_div_word`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_div_word.html
#[allow(clippy::identity_conversion)]
pub fn div_word(&mut self, w: u32) -> Result<u64, ErrorStack> {
unsafe {
let r = ffi::BN_div_word(self.as_ptr(), w.into());
@ -207,6 +205,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_mod_word`]
///
/// [`BN_mod_word`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_mod_word.html
#[allow(clippy::identity_conversion)]
pub fn mod_word(&self, w: u32) -> Result<u64, ErrorStack> {
unsafe {
let r = ffi::BN_mod_word(self.as_ptr(), w.into());
@ -244,6 +243,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_set_bit`]
///
/// [`BN_set_bit`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_set_bit.html
#[allow(clippy::identity_conversion)]
pub fn set_bit(&mut self, n: i32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_set_bit(self.as_ptr(), n.into())).map(|_| ()) }
}
@ -255,6 +255,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_clear_bit`]
///
/// [`BN_clear_bit`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_clear_bit.html
#[allow(clippy::identity_conversion)]
pub fn clear_bit(&mut self, n: i32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_clear_bit(self.as_ptr(), n.into())).map(|_| ()) }
}
@ -264,6 +265,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_is_bit_set`]
///
/// [`BN_is_bit_set`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_is_bit_set.html
#[allow(clippy::identity_conversion)]
pub fn is_bit_set(&self, n: i32) -> bool {
unsafe { ffi::BN_is_bit_set(self.as_ptr(), n.into()) == 1 }
}
@ -275,6 +277,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_mask_bits`]
///
/// [`BN_mask_bits`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_mask_bits.html
#[allow(clippy::identity_conversion)]
pub fn mask_bits(&mut self, n: i32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mask_bits(self.as_ptr(), n.into())).map(|_| ()) }
}
@ -322,6 +325,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_lshift`]
///
/// [`BN_lshift`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_lshift.html
#[allow(clippy::identity_conversion)]
pub fn lshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_lshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) }
}
@ -331,6 +335,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_rshift`]
///
/// [`BN_rshift`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_rshift.html
#[allow(clippy::identity_conversion)]
pub fn rshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_rshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) }
}
@ -416,6 +421,7 @@ impl BigNumRef {
///
/// [`constants`]: index.html#constants
/// [`BN_rand`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_rand.html
#[allow(clippy::identity_conversion)]
pub fn rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_rand(
@ -433,6 +439,7 @@ impl BigNumRef {
/// OpenSSL documentation at [`BN_psuedo_rand`]
///
/// [`BN_psuedo_rand`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_pseudo_rand.html
#[allow(clippy::identity_conversion)]
pub fn pseudo_rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_pseudo_rand(
@ -811,7 +818,7 @@ impl BigNumRef {
/// # Return Value
///
/// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`.
#[allow(clippy::identity_conversion)]
pub fn is_prime(&self, checks: i32, ctx: &mut BigNumContextRef) -> Result<bool, ErrorStack> {
unsafe {
cvt_n(ffi::BN_is_prime_ex(
@ -837,6 +844,7 @@ impl BigNumRef {
/// # Return Value
///
/// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`.
#[allow(clippy::identity_conversion)]
pub fn is_prime_fasttest(
&self,
checks: i32,
@ -1372,16 +1380,16 @@ mod tests {
#[test]
fn test_to_from_slice() {
let v0 = BigNum::from_u32(10203004).unwrap();
let v0 = BigNum::from_u32(10_203_004).unwrap();
let vec = v0.to_vec();
let v1 = BigNum::from_slice(&vec).unwrap();
assert!(v0 == v1);
assert_eq!(v0, v1);
}
#[test]
fn test_negation() {
let a = BigNum::from_u32(909829283).unwrap();
let a = BigNum::from_u32(909_829_283).unwrap();
assert!(!a.is_negative());
assert!((-a).is_negative());
@ -1389,15 +1397,14 @@ mod tests {
#[test]
fn test_shift() {
let a = BigNum::from_u32(909829283).unwrap();
use std::ops::{Shl, Shr};
let a = BigNum::from_u32(909_829_283).unwrap();
assert!(a == a.shl(1).shr(1));
assert_eq!(a, &(&a << 1) >> 1);
}
#[test]
fn test_rand_range() {
let range = BigNum::from_u32(909829283).unwrap();
let range = BigNum::from_u32(909_829_283).unwrap();
let mut result = BigNum::from_dec_str(&range.to_dec_str().unwrap()).unwrap();
range.rand_range(&mut result).unwrap();
assert!(result >= BigNum::from_u32(0).unwrap() && result < range);
@ -1405,7 +1412,7 @@ mod tests {
#[test]
fn test_pseudo_rand_range() {
let range = BigNum::from_u32(909829283).unwrap();
let range = BigNum::from_u32(909_829_283).unwrap();
let mut result = BigNum::from_dec_str(&range.to_dec_str().unwrap()).unwrap();
range.pseudo_rand_range(&mut result).unwrap();
assert!(result >= BigNum::from_u32(0).unwrap() && result < range);
@ -1413,7 +1420,7 @@ mod tests {
#[test]
fn test_prime_numbers() {
let a = BigNum::from_u32(19029017).unwrap();
let a = BigNum::from_u32(19_029_017).unwrap();
let mut p = BigNum::new().unwrap();
p.generate_prime(128, true, None, Some(&a)).unwrap();

3
openssl/src/cms.rs
View File

@ -81,7 +81,6 @@ impl CmsContentInfoRef {
let pkey = pkey.as_ptr();
let cert = cert.as_ptr();
let out = MemBio::new()?;
let flags: u32 = 0;
cvt(ffi::CMS_decrypt(
self.as_ptr(),
@ -89,7 +88,7 @@ impl CmsContentInfoRef {
cert,
ptr::null_mut(),
out.as_ptr(),
flags.into(),
0,
))?;
Ok(out.get_buf().to_owned())

4
openssl/src/conf.rs
View File

@ -18,6 +18,10 @@ impl ConfMethod {
}
/// Construct from raw pointer.
///
/// # Safety
///
/// The caller must ensure that the pointer is valid.
pub unsafe fn from_ptr(ptr: *mut ffi::CONF_METHOD) -> ConfMethod {
ConfMethod(ptr)
}

1
openssl/src/derive.rs
View File

@ -14,6 +14,7 @@ pub struct Deriver<'a>(*mut ffi::EVP_PKEY_CTX, PhantomData<&'a ()>);
unsafe impl<'a> Sync for Deriver<'a> {}
unsafe impl<'a> Send for Deriver<'a> {}
#[allow(clippy::len_without_is_empty)]
impl<'a> Deriver<'a> {
/// Creates a new `Deriver` using the provided private key.
///

1
openssl/src/dsa.rs
View File

@ -451,6 +451,7 @@ mod test {
}
#[test]
#[allow(clippy::redundant_clone)]
fn clone() {
let key = Dsa::generate(2048).unwrap();
drop(key.clone());

26
openssl/src/ec.rs
View File

@ -15,22 +15,6 @@
//! [`EcGroup`]: struct.EcGroup.html
//! [`Nid`]: ../nid/struct.Nid.html
//! [Eliptic Curve Cryptography]: https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography
//!
//! # Examples
//!
//! ```
//! use openssl::ec::{EcGroup, EcPoint};
//! use openssl::nid::Nid;
//! use openssl::error::ErrorStack;
//! fn get_ec_point() -> Result<EcPoint, ErrorStack> {
//! let group = EcGroup::from_curve_name(Nid::SECP224R1)?;
//! let point = EcPoint::new(&group)?;
//! Ok(point)
//! }
//! # fn main() {
//! # let _ = get_ec_point();
//! # }
//! ```
use ffi;
use foreign_types::{ForeignType, ForeignTypeRef};
use libc::c_int;
@ -347,6 +331,7 @@ impl EcPointRef {
group: &EcGroupRef,
q: &EcPointRef,
m: &BigNumRef,
// FIXME should be &mut
ctx: &BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
@ -367,6 +352,7 @@ impl EcPointRef {
&mut self,
group: &EcGroupRef,
n: &BigNumRef,
// FIXME should be &mut
ctx: &BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
@ -917,6 +903,7 @@ mod test {
}
#[test]
#[allow(clippy::redundant_clone)]
fn dup() {
let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap();
let key = EcKey::generate(&group).unwrap();
@ -959,7 +946,7 @@ mod test {
let mut ctx = BigNumContext::new().unwrap();
let mut public_key = EcPoint::new(&group).unwrap();
public_key
.mul_generator(&group, key.private_key(), &mut ctx)
.mul_generator(&group, key.private_key(), &ctx)
.unwrap();
assert!(public_key.eq(&group, key.public_key(), &mut ctx).unwrap());
}
@ -971,7 +958,7 @@ mod test {
let one = BigNum::from_u32(1).unwrap();
let mut ctx = BigNumContext::new().unwrap();
let mut ecp = EcPoint::new(&group).unwrap();
ecp.mul_generator(&group, &one, &mut ctx).unwrap();
ecp.mul_generator(&group, &one, &ctx).unwrap();
assert!(ecp.eq(&group, gen, &mut ctx).unwrap());
}
@ -998,9 +985,8 @@ mod test {
let dup_key =
EcKey::from_private_components(&group, key.private_key(), key.public_key()).unwrap();
let res = dup_key.check_key().unwrap();
dup_key.check_key().unwrap();
assert!(res == ());
assert!(key.private_key() == dup_key.private_key());
}

4
openssl/src/ecdsa.rs
View File

@ -197,11 +197,11 @@ mod test {
let verification2 = res
.verify(String::from("hello2").as_bytes(), &public_key)
.unwrap();
assert!(verification2 == false);
assert!(!verification2);
// Signature will not be verified using the correct data but the incorrect public key
let verification3 = res.verify(data.as_bytes(), &public_key2).unwrap();
assert!(verification3 == false);
assert!(!verification3);
}
#[test]

2
openssl/src/error.rs
View File

@ -161,7 +161,7 @@ impl Error {
None
} else {
ptr::copy_nonoverlapping(data.as_ptr(), ptr as *mut u8, data.len());
*ptr.offset(data.len() as isize) = 0;
*ptr.add(data.len()) = 0;
Some((ptr, ffi::ERR_TXT_MALLOCED))
}
}

6
openssl/src/ex_data.rs
View File

@ -16,10 +16,16 @@ impl<T, U> Clone for Index<T, U> {
}
impl<T, U> Index<T, U> {
/// Creates an `Index` from a raw integer index.
///
/// # Safety
///
/// The caller must ensure that the index correctly maps to a `U` value stored in a `T`.
pub unsafe fn from_raw(idx: c_int) -> Index<T, U> {
Index(idx, PhantomData)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}

43
openssl/src/hash.rs
View File

@ -3,6 +3,7 @@ use std::fmt;
use std::io;
use std::io::prelude::*;
use std::ops::{Deref, DerefMut};
use std::ptr;
use error::ErrorStack;
use nid::Nid;
@ -20,6 +21,11 @@ cfg_if! {
pub struct MessageDigest(*const ffi::EVP_MD);
impl MessageDigest {
/// Creates a `MessageDigest` from a raw OpenSSL pointer.
///
/// # Safety
///
/// The caller must ensure the pointer is valid.
pub unsafe fn from_ptr(x: *const ffi::EVP_MD) -> Self {
MessageDigest(x)
}
@ -102,16 +108,19 @@ impl MessageDigest {
unsafe { MessageDigest(ffi::EVP_ripemd160()) }
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_ptr(&self) -> *const ffi::EVP_MD {
self.0
}
/// The size of the digest in bytes
/// The size of the digest in bytes.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn size(&self) -> usize {
unsafe { ffi::EVP_MD_size(self.0) as usize }
}
/// The name of the digest
/// The name of the digest.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn type_(&self) -> Nid {
Nid::from_raw(unsafe { ffi::EVP_MD_type(self.0) })
}
@ -199,7 +208,7 @@ impl Hasher {
let ctx = unsafe { cvt_p(EVP_MD_CTX_new())? };
let mut h = Hasher {
ctx: ctx,
ctx,
md: ty.as_ptr(),
type_: ty,
state: Finalized,
@ -217,7 +226,7 @@ impl Hasher {
Finalized => (),
}
unsafe {
cvt(ffi::EVP_DigestInit_ex(self.ctx, self.md, 0 as *mut _))?;
cvt(ffi::EVP_DigestInit_ex(self.ctx, self.md, ptr::null_mut()))?;
}
self.state = Reset;
Ok(())
@ -254,7 +263,7 @@ impl Hasher {
))?;
self.state = Finalized;
Ok(DigestBytes {
buf: buf,
buf,
len: len as usize,
})
}
@ -301,7 +310,7 @@ impl Clone for Hasher {
ctx
};
Hasher {
ctx: ctx,
ctx,
md: self.md,
type_: self.type_,
state: self.state,
@ -407,14 +416,13 @@ mod tests {
}
fn hash_recycle_test(h: &mut Hasher, hashtest: &(&str, &str)) {
let _ = h.write_all(&Vec::from_hex(hashtest.0).unwrap()).unwrap();
h.write_all(&Vec::from_hex(hashtest.0).unwrap()).unwrap();
let res = h.finish().unwrap();
assert_eq!(hex::encode(res), hashtest.1);
}
// Test vectors from http://www.nsrl.nist.gov/testdata/
#[allow(non_upper_case_globals)]
const md5_tests: [(&'static str, &'static str); 13] = [
const MD5_TESTS: [(&str, &str); 13] = [
("", "d41d8cd98f00b204e9800998ecf8427e"),
("7F", "83acb6e67e50e31db6ed341dd2de1595"),
("EC9C", "0b07f0d4ca797d8ac58874f887cb0b68"),
@ -435,7 +443,7 @@ mod tests {
#[test]
fn test_md5() {
for test in md5_tests.iter() {
for test in MD5_TESTS.iter() {
hash_test(MessageDigest::md5(), test);
}
}
@ -443,7 +451,7 @@ mod tests {
#[test]
fn test_md5_recycle() {
let mut h = Hasher::new(MessageDigest::md5()).unwrap();
for test in md5_tests.iter() {
for test in MD5_TESTS.iter() {
hash_recycle_test(&mut h, test);
}
}
@ -451,7 +459,7 @@ mod tests {
#[test]
fn test_finish_twice() {
let mut h = Hasher::new(MessageDigest::md5()).unwrap();
h.write_all(&Vec::from_hex(md5_tests[6].0).unwrap())
h.write_all(&Vec::from_hex(MD5_TESTS[6].0).unwrap())
.unwrap();
h.finish().unwrap();
let res = h.finish().unwrap();
@ -460,9 +468,10 @@ mod tests {
}
#[test]
#[allow(clippy::redundant_clone)]
fn test_clone() {
let i = 7;
let inp = Vec::from_hex(md5_tests[i].0).unwrap();
let inp = Vec::from_hex(MD5_TESTS[i].0).unwrap();
assert!(inp.len() > 2);
let p = inp.len() / 2;
let h0 = Hasher::new(MessageDigest::md5()).unwrap();
@ -475,18 +484,18 @@ mod tests {
let mut h2 = h1.clone();
h2.write_all(&inp[p..]).unwrap();
let res = h2.finish().unwrap();
assert_eq!(hex::encode(res), md5_tests[i].1);
assert_eq!(hex::encode(res), MD5_TESTS[i].1);
}
h1.write_all(&inp[p..]).unwrap();
let res = h1.finish().unwrap();
assert_eq!(hex::encode(res), md5_tests[i].1);
assert_eq!(hex::encode(res), MD5_TESTS[i].1);
println!("Clone a finished hasher");
let mut h3 = h1.clone();
h3.write_all(&Vec::from_hex(md5_tests[i + 1].0).unwrap())
h3.write_all(&Vec::from_hex(MD5_TESTS[i + 1].0).unwrap())
.unwrap();
let res = h3.finish().unwrap();
assert_eq!(hex::encode(res), md5_tests[i + 1].1);
assert_eq!(hex::encode(res), MD5_TESTS[i + 1].1);
}
#[test]

4
openssl/src/nid.rs
View File

@ -55,6 +55,7 @@ impl Nid {
}
/// Return the integer representation of a `Nid`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
@ -62,6 +63,7 @@ impl Nid {
/// Returns the `Nid`s of the digest and public key algorithms associated with a signature ID.
///
/// This corresponds to `OBJ_find_sigid_algs`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn signature_algorithms(&self) -> Option<SignatureAlgorithms> {
unsafe {
let mut digest = 0;
@ -81,6 +83,7 @@ impl Nid {
/// This corresponds to [`OBJ_nid2ln`]
///
/// [`OBJ_nid2ln`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2ln.html
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn long_name(&self) -> Result<&'static str, ErrorStack> {
unsafe {
cvt_p(ffi::OBJ_nid2ln(self.0) as *mut c_char)
@ -92,6 +95,7 @@ impl Nid {
/// This corresponds to [`OBJ_nid2sn`]
///
/// [`OBJ_nid2sn`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2sn.html
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn short_name(&self) -> Result<&'static str, ErrorStack> {
unsafe {
cvt_p(ffi::OBJ_nid2sn(self.0) as *mut c_char)

46
openssl/src/ocsp.rs
View File

@ -32,14 +32,6 @@ bitflags! {
pub struct OcspResponseStatus(c_int);
impl OcspResponseStatus {
pub fn from_raw(raw: c_int) -> OcspResponseStatus {
OcspResponseStatus(raw)
}
pub fn as_raw(&self) -> c_int {
self.0
}
pub const SUCCESSFUL: OcspResponseStatus =
OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SUCCESSFUL);
pub const MALFORMED_REQUEST: OcspResponseStatus =
@ -52,37 +44,39 @@ impl OcspResponseStatus {
OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SIGREQUIRED);
pub const UNAUTHORIZED: OcspResponseStatus =
OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_UNAUTHORIZED);
pub fn from_raw(raw: c_int) -> OcspResponseStatus {
OcspResponseStatus(raw)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
}
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub struct OcspCertStatus(c_int);
impl OcspCertStatus {
pub const GOOD: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_GOOD);
pub const REVOKED: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_REVOKED);
pub const UNKNOWN: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_UNKNOWN);
pub fn from_raw(raw: c_int) -> OcspCertStatus {
OcspCertStatus(raw)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
pub const GOOD: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_GOOD);
pub const REVOKED: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_REVOKED);
pub const UNKNOWN: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_UNKNOWN);
}
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub struct OcspRevokedStatus(c_int);
impl OcspRevokedStatus {
pub fn from_raw(raw: c_int) -> OcspRevokedStatus {
OcspRevokedStatus(raw)
}
pub fn as_raw(&self) -> c_int {
self.0
}
pub const NO_STATUS: OcspRevokedStatus = OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_NOSTATUS);
pub const UNSPECIFIED: OcspRevokedStatus =
OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_UNSPECIFIED);
@ -100,6 +94,15 @@ impl OcspRevokedStatus {
OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CERTIFICATEHOLD);
pub const REMOVE_FROM_CRL: OcspRevokedStatus =
OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_REMOVEFROMCRL);
pub fn from_raw(raw: c_int) -> OcspRevokedStatus {
OcspRevokedStatus(raw)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
}
pub struct OcspStatus<'a> {
@ -190,10 +193,11 @@ impl OcspBasicResponseRef {
} else {
Some(Asn1GeneralizedTimeRef::from_ptr(revocation_time))
};
Some(OcspStatus {
status: OcspCertStatus(status),
reason: OcspRevokedStatus(status),
revocation_time: revocation_time,
revocation_time,
this_update: Asn1GeneralizedTimeRef::from_ptr(this_update),
next_update: Asn1GeneralizedTimeRef::from_ptr(next_update),
})

6
openssl/src/pkcs12.rs
View File

@ -58,11 +58,7 @@ impl Pkcs12Ref {
Some(Stack::from_ptr(chain))
};
Ok(ParsedPkcs12 {
pkey: pkey,
cert: cert,
chain: chain,
})
Ok(ParsedPkcs12 { pkey, cert, chain })
}
}
}

3
openssl/src/pkcs5.rs
View File

@ -23,6 +23,7 @@ pub struct KeyIvPair {
///
/// New applications should not use this and instead use
/// `pbkdf2_hmac` or another more modern key derivation algorithm.
#[allow(clippy::identity_conversion)]
pub fn bytes_to_key(
cipher: Cipher,
digest: MessageDigest,
@ -75,7 +76,7 @@ pub fn bytes_to_key(
iv_ptr,
))?;
Ok(KeyIvPair { key: key, iv: iv })
Ok(KeyIvPair { key, iv })
}
}

13
openssl/src/pkcs7.rs
View File

@ -303,7 +303,7 @@ mod tests {
let cert = include_bytes!("../test/cert.pem");
let cert = X509::from_pem(cert).unwrap();
let certs = Stack::new().unwrap();
let message: String = String::from("foo");
let message = "foo";
let flags = Pkcs7Flags::STREAM | Pkcs7Flags::DETACHED;
let pkey = include_bytes!("../test/key.pem");
let pkey = PKey::private_key_from_pem(pkey).unwrap();
@ -336,11 +336,8 @@ mod tests {
)
.expect("should succeed");
assert_eq!(message.clone().into_bytes(), output);
assert_eq!(
message.clone().into_bytes(),
content.expect("should be non-empty")
);
assert_eq!(output, message.as_bytes());
assert_eq!(content.expect("should be non-empty"), message.as_bytes());
}
#[test]
@ -348,7 +345,7 @@ mod tests {
let cert = include_bytes!("../test/cert.pem");
let cert = X509::from_pem(cert).unwrap();
let certs = Stack::new().unwrap();
let message: String = String::from("foo");
let message = "foo";
let flags = Pkcs7Flags::STREAM;
let pkey = include_bytes!("../test/key.pem");
let pkey = PKey::private_key_from_pem(pkey).unwrap();
@ -375,7 +372,7 @@ mod tests {
.verify(&certs, &store, None, Some(&mut output), flags)
.expect("should succeed");
assert_eq!(message.clone().into_bytes(), output);
assert_eq!(output, message.as_bytes());
assert!(content.is_none());
}

34
openssl/src/pkey.rs
View File

@ -58,6 +58,8 @@ use dsa::Dsa;
use ec::EcKey;
use error::ErrorStack;
use rsa::Rsa;
#[cfg(ossl110)]
use symm::Cipher;
use util::{invoke_passwd_cb, CallbackState};
use {cvt, cvt_p};
@ -75,16 +77,6 @@ pub enum Private {}
pub struct Id(c_int);
impl Id {
/// Creates a `Id` from an integer representation.
pub fn from_raw(value: c_int) -> Id {
Id(value)
}
/// Returns the integer representation of the `Id`.
pub fn as_raw(&self) -> c_int {
self.0
}
pub const RSA: Id = Id(ffi::EVP_PKEY_RSA);
pub const HMAC: Id = Id(ffi::EVP_PKEY_HMAC);
pub const DSA: Id = Id(ffi::EVP_PKEY_DSA);
@ -95,6 +87,17 @@ impl Id {
pub const ED25519: Id = Id(ffi::EVP_PKEY_ED25519);
#[cfg(ossl111)]
pub const ED448: Id = Id(ffi::EVP_PKEY_ED448);
/// Creates a `Id` from an integer representation.
pub fn from_raw(value: c_int) -> Id {
Id(value)
}
/// Returns the integer representation of the `Id`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
}
/// A trait indicating that a key has parameters.
@ -394,7 +397,8 @@ impl PKey<Private> {
///
/// To compute CMAC values, use the `sign` module.
#[cfg(ossl110)]
pub fn cmac(cipher: &::symm::Cipher, key: &[u8]) -> Result<PKey<Private>, ErrorStack> {
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn cmac(cipher: &Cipher, key: &[u8]) -> Result<PKey<Private>, ErrorStack> {
unsafe {
assert!(key.len() <= c_int::max_value() as usize);
let kctx = cvt_p(ffi::EVP_PKEY_CTX_new_id(
@ -527,10 +531,7 @@ impl PKey<Private> {
/// Deserializes a DER-formatted PKCS#8 unencrypted private key.
///
/// This method is mainly for interoperability reasons. Encrypted keyfiles should be preferred.
pub fn private_key_from_pkcs8(
der: &[u8],
) -> Result<PKey<Private>, ErrorStack>
{
pub fn private_key_from_pkcs8(der: &[u8]) -> Result<PKey<Private>, ErrorStack> {
unsafe {
ffi::init();
let len = der.len().min(c_long::max_value() as usize) as c_long;
@ -539,8 +540,7 @@ impl PKey<Private> {
&mut der.as_ptr(),
len,
))?;
let res = cvt_p(ffi::EVP_PKCS82PKEY(p8inf))
.map(|p| PKey::from_ptr(p));
let res = cvt_p(ffi::EVP_PKCS82PKEY(p8inf)).map(|p| PKey::from_ptr(p));
ffi::PKCS8_PRIV_KEY_INFO_free(p8inf);
res
}

25
openssl/src/rsa.rs
View File

@ -49,20 +49,21 @@ use {cvt, cvt_n, cvt_p};
pub struct Padding(c_int);
impl Padding {
pub const NONE: Padding = Padding(ffi::RSA_NO_PADDING);
pub const PKCS1: Padding = Padding(ffi::RSA_PKCS1_PADDING);
pub const PKCS1_OAEP: Padding = Padding(ffi::RSA_PKCS1_OAEP_PADDING);
pub const PKCS1_PSS: Padding = Padding(ffi::RSA_PKCS1_PSS_PADDING);
/// Creates a `Padding` from an integer representation.
pub fn from_raw(value: c_int) -> Padding {
Padding(value)
}
/// Returns the integer representation of `Padding`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
pub const NONE: Padding = Padding(ffi::RSA_NO_PADDING);
pub const PKCS1: Padding = Padding(ffi::RSA_PKCS1_PADDING);
pub const PKCS1_OAEP: Padding = Padding(ffi::RSA_PKCS1_OAEP_PADDING);
pub const PKCS1_PSS: Padding = Padding(ffi::RSA_PKCS1_PSS_PADDING);
}
generic_foreign_type_and_impl_send_sync! {
@ -579,6 +580,7 @@ impl Rsa<Private> {
///
/// This a convenience method over
/// `Rsa::build(n, e, d)?.set_factors(p, q)?.set_crt_params(dmp1, dmq1, iqmp)?.build()`
#[allow(clippy::too_many_arguments, clippy::many_single_char_names)]
pub fn from_private_components(
n: BigNum,
e: BigNum,
@ -895,11 +897,11 @@ mod test {
let keypair = super::Rsa::generate(2048).unwrap();
let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap();
let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap();
let msg = "Hello, world!".as_bytes();
let msg = b"Hello, world!";
let mut encrypted = vec![0; pubkey.size() as usize];
let len = pubkey
.public_encrypt(&msg, &mut encrypted, Padding::PKCS1)
.public_encrypt(msg, &mut encrypted, Padding::PKCS1)
.unwrap();
assert!(len > msg.len());
let mut decrypted = vec![0; keypair.size() as usize];
@ -907,7 +909,7 @@ mod test {
.private_decrypt(&encrypted, &mut decrypted, Padding::PKCS1)
.unwrap();
assert_eq!(len, msg.len());
assert_eq!("Hello, world!", String::from_utf8_lossy(&decrypted[..len]));
assert_eq!(&decrypted[..len], msg);
}
#[test]
@ -915,15 +917,15 @@ mod test {
let keypair = super::Rsa::generate(2048).unwrap();
let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap();
let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap();
let msg = "foo".as_bytes();
let msg = b"foo";
let mut encrypted1 = vec![0; pubkey.size() as usize];
let mut encrypted2 = vec![0; pubkey.size() as usize];
let len1 = pubkey
.public_encrypt(&msg, &mut encrypted1, Padding::PKCS1)
.public_encrypt(msg, &mut encrypted1, Padding::PKCS1)
.unwrap();
let len2 = pubkey
.public_encrypt(&msg, &mut encrypted2, Padding::PKCS1)
.public_encrypt(msg, &mut encrypted2, Padding::PKCS1)
.unwrap();
assert!(len1 > (msg.len() + 1));
assert_eq!(len1, len2);
@ -931,6 +933,7 @@ mod test {
}
#[test]
#[allow(clippy::redundant_clone)]
fn clone() {
let key = Rsa::generate(2048).unwrap();
drop(key.clone());

35
openssl/src/sha.rs
View File

@ -118,6 +118,13 @@ pub fn sha512(data: &[u8]) -> [u8; 64] {
#[derive(Clone)]
pub struct Sha1(ffi::SHA_CTX);
impl Default for Sha1 {
#[inline]
fn default() -> Sha1 {
Sha1::new()
}
}
impl Sha1 {
/// Creates a new hasher.
#[inline]
@ -156,6 +163,13 @@ impl Sha1 {
#[derive(Clone)]
pub struct Sha224(ffi::SHA256_CTX);
impl Default for Sha224 {
#[inline]
fn default() -> Sha224 {
Sha224::new()
}
}
impl Sha224 {
/// Creates a new hasher.
#[inline]
@ -194,6 +208,13 @@ impl Sha224 {
#[derive(Clone)]
pub struct Sha256(ffi::SHA256_CTX);
impl Default for Sha256 {
#[inline]
fn default() -> Sha256 {
Sha256::new()
}
}
impl Sha256 {
/// Creates a new hasher.
#[inline]
@ -232,6 +253,13 @@ impl Sha256 {
#[derive(Clone)]
pub struct Sha384(ffi::SHA512_CTX);
impl Default for Sha384 {
#[inline]
fn default() -> Sha384 {
Sha384::new()
}
}
impl Sha384 {
/// Creates a new hasher.
#[inline]
@ -270,6 +298,13 @@ impl Sha384 {
#[derive(Clone)]
pub struct Sha512(ffi::SHA512_CTX);
impl Default for Sha512 {
#[inline]
fn default() -> Sha512 {
Sha512::new()
}
}
impl Sha512 {
/// Creates a new hasher.
#[inline]

11
openssl/src/sign.rs
View File

@ -123,6 +123,7 @@ impl<'a> Drop for Signer<'a> {
}
}
#[allow(clippy::len_without_is_empty)]
impl<'a> Signer<'a> {
/// Creates a new `Signer`.
///
@ -354,7 +355,11 @@ impl<'a> Signer<'a> {
///
/// [`EVP_DigestSign`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestSign.html
#[cfg(ossl111)]
pub fn sign_oneshot(&mut self, sig_buf: &mut [u8], data_buf: &[u8]) -> Result<usize, ErrorStack> {
pub fn sign_oneshot(
&mut self,
sig_buf: &mut [u8],
data_buf: &[u8],
) -> Result<usize, ErrorStack> {
unsafe {
let mut sig_len = sig_buf.len();
cvt(ffi::EVP_DigestSign(
@ -641,12 +646,12 @@ mod test {
use rsa::{Padding, Rsa};
use sign::{RsaPssSaltlen, Signer, Verifier};
const INPUT: &'static str =
const INPUT: &str =
"65794a68624763694f694a53557a49314e694a392e65794a7063334d694f694a71623255694c41304b49434a6c\
654841694f6a457a4d4441344d546b7a4f44417344516f67496d6830644841364c79396c654746746347786c4c\
6d4e76625339706331397962323930496a7030636e566c6651";
const SIGNATURE: &'static str =
const SIGNATURE: &str =
"702e218943e88fd11eb5d82dbf7845f34106ae1b81fff7731116add1717d83656d420afd3c96eedd73a2663e51\
66687b000b87226e0187ed1073f945e582adfcef16d85a798ee8c66ddb3db8975b17d09402beedd5d9d9700710\
8db28160d5f8040ca7445762b81fbe7ff9d92e0ae76f24f25b33bbe6f44ae61eb1040acb20044d3ef9128ed401\

21
openssl/src/srtp.rs
View File

@ -38,20 +38,21 @@ impl SrtpProtectionProfileRef {
pub struct SrtpProfileId(c_ulong);
impl SrtpProfileId {
/// Creates a `SrtpProfileId` from an integer representation.
pub fn from_raw(value: c_ulong) -> SrtpProfileId {
SrtpProfileId(value)
}
/// Returns the integer representation of `SrtpProfileId`.
pub fn as_raw(&self) -> c_ulong {
self.0
}
pub const SRTP_AES128_CM_SHA1_80: SrtpProfileId = SrtpProfileId(ffi::SRTP_AES128_CM_SHA1_80);
pub const SRTP_AES128_CM_SHA1_32: SrtpProfileId = SrtpProfileId(ffi::SRTP_AES128_CM_SHA1_32);
pub const SRTP_AES128_F8_SHA1_80: SrtpProfileId = SrtpProfileId(ffi::SRTP_AES128_F8_SHA1_80);
pub const SRTP_AES128_F8_SHA1_32: SrtpProfileId = SrtpProfileId(ffi::SRTP_AES128_F8_SHA1_32);
pub const SRTP_NULL_SHA1_80: SrtpProfileId = SrtpProfileId(ffi::SRTP_NULL_SHA1_80);
pub const SRTP_NULL_SHA1_32: SrtpProfileId = SrtpProfileId(ffi::SRTP_NULL_SHA1_32);
/// Creates a `SrtpProfileId` from an integer representation.
pub fn from_raw(value: c_ulong) -> SrtpProfileId {
SrtpProfileId(value)
}
/// Returns the integer representation of `SrtpProfileId`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_ulong {
self.0
}
}

16
openssl/src/ssl/bio.rs
View File

@ -1,12 +1,11 @@
use ffi::{
self, BIO_clear_retry_flags, BIO_new, BIO_set_retry_read, BIO_set_retry_write, BIO,
BIO_CTRL_FLUSH, BIO_CTRL_DGRAM_QUERY_MTU,
BIO_CTRL_DGRAM_QUERY_MTU, BIO_CTRL_FLUSH,
};
use libc::{c_char, c_int, c_long, c_void, strlen};
use std::any::Any;
use std::io;
use std::io::prelude::*;
use std::mem;
use std::panic::{catch_unwind, AssertUnwindSafe};
use std::ptr;
use std::slice;
@ -37,7 +36,7 @@ pub fn new<S: Read + Write>(stream: S) -> Result<(*mut BIO, BioMethod), ErrorSta
let method = BioMethod::new::<S>();
let state = Box::new(StreamState {
stream: stream,
stream,
error: None,
panic: None,
dtls_mtu_size: 0,
@ -48,7 +47,7 @@ pub fn new<S: Read + Write>(stream: S) -> Result<(*mut BIO, BioMethod), ErrorSta
BIO_set_data(bio, Box::into_raw(state) as *mut _);
BIO_set_init(bio, 1);
return Ok((bio, method));
Ok((bio, method))
}
}
@ -63,7 +62,7 @@ pub unsafe fn take_panic<S>(bio: *mut BIO) -> Option<Box<dyn Any + Send>> {
}
pub unsafe fn get_ref<'a, S: 'a>(bio: *mut BIO) -> &'a S {
let state: &'a StreamState<S> = mem::transmute(BIO_get_data(bio));
let state = &*(BIO_get_data(bio) as *const StreamState<S>);
&state.stream
}
@ -73,7 +72,10 @@ pub unsafe fn get_mut<'a, S: 'a>(bio: *mut BIO) -> &'a mut S {
pub unsafe fn set_dtls_mtu_size<S>(bio: *mut BIO, mtu_size: usize) {
if mtu_size as u64 > c_long::max_value() as u64 {
panic!("Given MTU size {} can't be represented in a positive `c_long` range")
panic!(
"Given MTU size {} can't be represented in a positive `c_long` range",
mtu_size
)
}
state::<S>(bio).dtls_mtu_size = mtu_size as c_long;
}
@ -207,7 +209,7 @@ cfg_if! {
assert!(ffi::BIO_meth_set_ctrl(ptr, ctrl::<S>) != 0);
assert!(ffi::BIO_meth_set_create(ptr, create) != 0);
assert!(ffi::BIO_meth_set_destroy(ptr, destroy::<S>) != 0);
return ret;
ret
}
}

6
openssl/src/ssl/callbacks.rs
View File

@ -116,10 +116,10 @@ where
.ssl_context()
.ex_data(callback_idx)
.expect("BUG: psk callback missing") as *const F;
let identity = if identity != ptr::null() {
Some(CStr::from_ptr(identity).to_bytes())
} else {
let identity = if identity.is_null() {
None
} else {
Some(CStr::from_ptr(identity).to_bytes())
};
// Give the callback mutable slices into which it can write the psk.
let psk_sl = slice::from_raw_parts_mut(psk as *mut u8, max_psk_len as usize);

1
openssl/src/ssl/connector.rs
View File

@ -20,6 +20,7 @@ ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
-----END DH PARAMETERS-----
";
#[allow(clippy::inconsistent_digit_grouping)]
fn ctx(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> {
let mut ctx = SslContextBuilder::new(method)?;

17
openssl/src/ssl/error.rs
View File

@ -14,14 +14,6 @@ use x509::X509VerifyResult;
pub struct ErrorCode(c_int);
impl ErrorCode {
pub fn from_raw(raw: c_int) -> ErrorCode {
ErrorCode(raw)
}
pub fn as_raw(&self) -> c_int {
self.0
}
/// The SSL session has been closed.
pub const ZERO_RETURN: ErrorCode = ErrorCode(ffi::SSL_ERROR_ZERO_RETURN);
@ -46,6 +38,15 @@ impl ErrorCode {
/// Requires OpenSSL 1.1.1 or newer.
#[cfg(ossl111)]
pub const WANT_CLIENT_HELLO_CB: ErrorCode = ErrorCode(ffi::SSL_ERROR_WANT_CLIENT_HELLO_CB);
pub fn from_raw(raw: c_int) -> ErrorCode {
ErrorCode(raw)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
}
#[derive(Debug)]

55
openssl/src/ssl/mod.rs
View File

@ -338,11 +338,16 @@ impl SslMethod {
}
/// Constructs an `SslMethod` from a pointer to the underlying OpenSSL value.
///
/// # Safety
///
/// The caller must ensure the pointer is valid.
pub unsafe fn from_ptr(ptr: *const ffi::SSL_METHOD) -> SslMethod {
SslMethod(ptr)
}
/// Returns a pointer to the underlying OpenSSL value.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_ptr(&self) -> *const ffi::SSL_METHOD {
self.0
}
@ -444,16 +449,6 @@ bitflags! {
pub struct SslFiletype(c_int);
impl SslFiletype {
/// Constructs an `SslFiletype` from a raw OpenSSL value.
pub fn from_raw(raw: c_int) -> SslFiletype {
SslFiletype(raw)
}
/// Returns the raw OpenSSL value represented by this type.
pub fn as_raw(&self) -> c_int {
self.0
}
/// The PEM format.
///
/// This corresponds to `SSL_FILETYPE_PEM`.
@ -463,6 +458,17 @@ impl SslFiletype {
///
/// This corresponds to `SSL_FILETYPE_ASN1`.
pub const ASN1: SslFiletype = SslFiletype(ffi::SSL_FILETYPE_ASN1);
/// Constructs an `SslFiletype` from a raw OpenSSL value.
pub fn from_raw(raw: c_int) -> SslFiletype {
SslFiletype(raw)
}
/// Returns the raw OpenSSL value represented by this type.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
}
/// An identifier of a certificate status type.
@ -470,18 +476,19 @@ impl SslFiletype {
pub struct StatusType(c_int);
impl StatusType {
/// An OSCP status.
pub const OCSP: StatusType = StatusType(ffi::TLSEXT_STATUSTYPE_ocsp);
/// Constructs a `StatusType` from a raw OpenSSL value.
pub fn from_raw(raw: c_int) -> StatusType {
StatusType(raw)
}
/// Returns the raw OpenSSL value represented by this type.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
/// An OSCP status.
pub const OCSP: StatusType = StatusType(ffi::TLSEXT_STATUSTYPE_ocsp);
}
/// An identifier of a session name type.
@ -489,18 +496,19 @@ impl StatusType {
pub struct NameType(c_int);
impl NameType {
/// A host name.
pub const HOST_NAME: NameType = NameType(ffi::TLSEXT_NAMETYPE_host_name);
/// Constructs a `StatusType` from a raw OpenSSL value.
pub fn from_raw(raw: c_int) -> StatusType {
StatusType(raw)
}
/// Returns the raw OpenSSL value represented by this type.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
/// A host name.
pub const HOST_NAME: NameType = NameType(ffi::TLSEXT_NAMETYPE_host_name);
}
lazy_static! {
@ -658,6 +666,10 @@ impl SslContextBuilder {
}
/// Creates an `SslContextBuilder` from a pointer to a raw OpenSSL value.
///
/// # Safety
///
/// The caller must ensure that the pointer is valid and uniquely owned by the builder.
pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder {
SslContextBuilder(SslContext::from_ptr(ctx))
}
@ -1726,6 +1738,7 @@ impl SslContextBuilder {
/// This corresponds to [`SSL_CTX_sess_get_cache_size`].
///
/// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html
#[allow(clippy::identity_conversion)]
pub fn set_session_cache_size(&mut self, size: i32) -> i64 {
unsafe { ffi::SSL_CTX_sess_set_cache_size(self.as_ptr(), size.into()).into() }
}
@ -1967,6 +1980,7 @@ impl SslContextRef {
/// This corresponds to [`SSL_CTX_sess_get_cache_size`].
///
/// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html
#[allow(clippy::identity_conversion)]
pub fn session_cache_size(&self) -> i64 {
unsafe { ffi::SSL_CTX_sess_get_cache_size(self.as_ptr()).into() }
}
@ -2084,6 +2098,7 @@ impl SslCipherRef {
/// This corresponds to [`SSL_CIPHER_get_bits`].
///
/// [`SSL_CIPHER_get_bits`]: https://www.openssl.org/docs/manmaster/man3/SSL_CIPHER_get_name.html
#[allow(clippy::identity_conversion)]
pub fn bits(&self) -> CipherBits {
unsafe {
let mut algo_bits = 0;
@ -2242,6 +2257,7 @@ impl SslSessionRef {
/// This corresponds to [`SSL_SESSION_get_time`].
///
/// [`SSL_SESSION_get_time`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html
#[allow(clippy::identity_conversion)]
pub fn time(&self) -> i64 {
unsafe { ffi::SSL_SESSION_get_time(self.as_ptr()).into() }
}
@ -2253,6 +2269,7 @@ impl SslSessionRef {
/// This corresponds to [`SSL_SESSION_get_timeout`].
///
/// [`SSL_SESSION_get_timeout`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html
#[allow(clippy::identity_conversion)]
pub fn timeout(&self) -> i64 {
unsafe { ffi::SSL_SESSION_get_timeout(self.as_ptr()).into() }
}
@ -2868,7 +2885,7 @@ impl SslRef {
pub fn servername_raw(&self, type_: NameType) -> Option<&[u8]> {
unsafe {
let name = ffi::SSL_get_servername(self.as_ptr(), type_.0);
if name == ptr::null() {
if name.is_null() {
None
} else {
Some(CStr::from_ptr(name as *const _).to_bytes())
@ -3464,7 +3481,7 @@ impl<S: Read + Write> SslStream<S> {
// that it read zero bytes, but zero is also the sentinel for "error".
// To avoid that confusion short-circuit that logic and return quickly
// if `buf` has a length of zero.
if buf.len() == 0 {
if buf.is_empty() {
return Ok(0);
}
@ -3486,7 +3503,7 @@ impl<S: Read + Write> SslStream<S> {
/// [`SSL_write`]: https://www.openssl.org/docs/manmaster/man3/SSL_write.html
pub fn ssl_write(&mut self, buf: &[u8]) -> Result<usize, Error> {
// See above for why we short-circuit on zero-length buffers
if buf.len() == 0 {
if buf.is_empty() {
return Ok(0);
}

10
openssl/src/ssl/test/mod.rs
View File

@ -41,9 +41,9 @@ use x509::{X509Name, X509StoreContext, X509VerifyResult, X509};
mod server;
static ROOT_CERT: &'static [u8] = include_bytes!("../../../test/root-ca.pem");
static CERT: &'static [u8] = include_bytes!("../../../test/cert.pem");
static KEY: &'static [u8] = include_bytes!("../../../test/key.pem");
static ROOT_CERT: &[u8] = include_bytes!("../../../test/root-ca.pem");
static CERT: &[u8] = include_bytes!("../../../test/cert.pem");
static KEY: &[u8] = include_bytes!("../../../test/key.pem");
#[test]
fn verify_untrusted() {
@ -385,7 +385,7 @@ fn test_connect_with_srtp_ssl() {
.unwrap();
let mut profilenames = String::new();
for profile in ssl.srtp_profiles().unwrap() {
if profilenames.len() > 0 {
if !profilenames.is_empty() {
profilenames.push(':');
}
profilenames += profile.name();
@ -1310,7 +1310,7 @@ fn stateless() {
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
#[test]
fn psk_ciphers() {
const CIPHER: &'static str = "PSK-AES128-CBC-SHA";
const CIPHER: &str = "PSK-AES128-CBC-SHA";
const PSK: &[u8] = b"thisisaverysecurekey";
const CLIENT_IDENT: &[u8] = b"thisisaclient";
static CLIENT_CALLED: AtomicBool = AtomicBool::new(false);

7
openssl/src/stack.rs
View File

@ -178,11 +178,16 @@ impl<T: Stackable> StackRef<T> {
self.as_ptr() as *mut _
}
/// Returns the number of items in the stack
/// Returns the number of items in the stack.
pub fn len(&self) -> usize {
unsafe { OPENSSL_sk_num(self.as_stack()) as usize }
}
/// Determines if the stack is empty.
pub fn is_empty(&self) -> bool {
self.len() == 0
}
pub fn iter(&self) -> Iter<T> {
Iter {
stack: self,

34
openssl/src/symm.rs
View File

@ -276,21 +276,29 @@ impl Cipher {
unsafe { Cipher(ffi::EVP_chacha20_poly1305()) }
}
/// Creates a `Cipher` from a raw pointer to its OpenSSL type.
///
/// # Safety
///
/// The caller must ensure the pointer is valid for the `'static` lifetime.
pub unsafe fn from_ptr(ptr: *const ffi::EVP_CIPHER) -> Cipher {
Cipher(ptr)
}
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_ptr(&self) -> *const ffi::EVP_CIPHER {
self.0
}
/// Returns the length of keys used with this cipher.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn key_len(&self) -> usize {
unsafe { EVP_CIPHER_key_length(self.0) as usize }
}
/// Returns the length of the IV used with this cipher, or `None` if the
/// cipher does not use an IV.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn iv_len(&self) -> Option<usize> {
unsafe {
let len = EVP_CIPHER_iv_length(self.0) as usize;
@ -307,26 +315,27 @@ impl Cipher {
/// # Note
///
/// Stream ciphers such as RC4 have a block size of 1.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn block_size(&self) -> usize {
unsafe { EVP_CIPHER_block_size(self.0) as usize }
}
/// Determines whether the cipher is using CCM mode
fn is_ccm(&self) -> bool {
fn is_ccm(self) -> bool {
// NOTE: OpenSSL returns pointers to static structs, which makes this work as expected
*self == Cipher::aes_128_ccm() || *self == Cipher::aes_256_ccm()
self == Cipher::aes_128_ccm() || self == Cipher::aes_256_ccm()
}
/// Determines whether the cipher is using OCB mode
#[cfg(ossl110)]
fn is_ocb(&self) -> bool {
*self == Cipher::aes_128_ocb() ||
*self == Cipher::aes_192_ocb() ||
*self == Cipher::aes_256_ocb()
fn is_ocb(self) -> bool {
self == Cipher::aes_128_ocb()
|| self == Cipher::aes_192_ocb()
|| self == Cipher::aes_256_ocb()
}
#[cfg(not(ossl110))]
const fn is_ocb(&self) -> bool {
const fn is_ocb(self) -> bool {
false
}
}
@ -421,7 +430,7 @@ impl Crypter {
unsafe {
let ctx = cvt_p(ffi::EVP_CIPHER_CTX_new())?;
let crypter = Crypter {
ctx: ctx,
ctx,
block_size: t.block_size(),
};
@ -808,12 +817,13 @@ pub fn decrypt_aead(
c.aad_update(aad)?;
let count = c.update(data, &mut out)?;
let mut rest = 0;
if !t.is_ccm() {
let rest = if t.is_ccm() {
0
} else {
c.set_tag(tag)?;
rest = c.finalize(&mut out[count..])?;
}
c.finalize(&mut out[count..])?
};
out.truncate(count + rest);
Ok(out)

36
openssl/src/x509/extension.rs
View File

@ -33,6 +33,12 @@ pub struct BasicConstraints {
pathlen: Option<u32>,
}
impl Default for BasicConstraints {
fn default() -> BasicConstraints {
BasicConstraints::new()
}
}
impl BasicConstraints {
/// Construct a new `BasicConstraints` extension.
pub fn new() -> BasicConstraints {
@ -95,6 +101,12 @@ pub struct KeyUsage {
decipher_only: bool,
}
impl Default for KeyUsage {
fn default() -> KeyUsage {
KeyUsage::new()
}
}
impl KeyUsage {
/// Construct a new `KeyUsage` extension.
pub fn new() -> KeyUsage {
@ -228,6 +240,12 @@ pub struct ExtendedKeyUsage {
other: Vec<String>,
}
impl Default for ExtendedKeyUsage {
fn default() -> ExtendedKeyUsage {
ExtendedKeyUsage::new()
}
}
impl ExtendedKeyUsage {
/// Construct a new `ExtendedKeyUsage` extension.
pub fn new() -> ExtendedKeyUsage {
@ -354,6 +372,12 @@ pub struct SubjectKeyIdentifier {
critical: bool,
}
impl Default for SubjectKeyIdentifier {
fn default() -> SubjectKeyIdentifier {
SubjectKeyIdentifier::new()
}
}
impl SubjectKeyIdentifier {
/// Construct a new `SubjectKeyIdentifier` extension.
pub fn new() -> SubjectKeyIdentifier {
@ -384,6 +408,12 @@ pub struct AuthorityKeyIdentifier {
issuer: Option<bool>,
}
impl Default for AuthorityKeyIdentifier {
fn default() -> AuthorityKeyIdentifier {
AuthorityKeyIdentifier::new()
}
}
impl AuthorityKeyIdentifier {
/// Construct a new `AuthorityKeyIdentifier` extension.
pub fn new() -> AuthorityKeyIdentifier {
@ -438,6 +468,12 @@ pub struct SubjectAlternativeName {
names: Vec<String>,
}
impl Default for SubjectAlternativeName {
fn default() -> SubjectAlternativeName {
SubjectAlternativeName::new()
}
}
impl SubjectAlternativeName {
/// Construct a new `SubjectAlternativeName` extension.
pub fn new() -> SubjectAlternativeName {

8
openssl/src/x509/mod.rs
View File

@ -68,7 +68,7 @@ impl X509StoreContext {
pub fn new() -> Result<X509StoreContext, ErrorStack> {
unsafe {
ffi::init();
cvt_p(ffi::X509_STORE_CTX_new()).map(|p| X509StoreContext(p))
cvt_p(ffi::X509_STORE_CTX_new()).map(X509StoreContext)
}
}
}
@ -849,7 +849,7 @@ impl Stackable for X509Name {
impl X509NameRef {
/// Returns the name entries by the nid.
pub fn entries_by_nid<'a>(&'a self, nid: Nid) -> X509NameEntries<'a> {
pub fn entries_by_nid(&self, nid: Nid) -> X509NameEntries<'_> {
X509NameEntries {
name: self,
nid: Some(nid),
@ -858,7 +858,7 @@ impl X509NameRef {
}
/// Returns an iterator over all `X509NameEntry` values
pub fn entries<'a>(&'a self) -> X509NameEntries<'a> {
pub fn entries(&self) -> X509NameEntries<'_> {
X509NameEntries {
name: self,
nid: None,
@ -1213,6 +1213,7 @@ impl X509VerifyResult {
}
/// Return the integer representation of an `X509VerifyResult`.
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn as_raw(&self) -> c_int {
self.0
}
@ -1222,6 +1223,7 @@ impl X509VerifyResult {
/// This corresponds to [`X509_verify_cert_error_string`].
///
/// [`X509_verify_cert_error_string`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_verify_cert_error_string.html
#[allow(clippy::trivially_copy_pass_by_ref)]
pub fn error_string(&self) -> &'static str {
ffi::init();

15
openssl/src/x509/tests.rs
View File

@ -22,7 +22,7 @@ fn pkey() -> PKey<Private> {
#[test]
fn test_cert_loading() {
let cert = include_bytes!("../../test/cert.pem");
let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
let cert = X509::from_pem(cert).unwrap();
let fingerprint = cert.digest(MessageDigest::sha1()).unwrap();
let hash_str = "59172d9313e84459bcff27f967e79e6e9217e584";
@ -34,7 +34,7 @@ fn test_cert_loading() {
#[test]
fn test_cert_issue_validity() {
let cert = include_bytes!("../../test/cert.pem");
let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
let cert = X509::from_pem(cert).unwrap();
let not_before = cert.not_before().to_string();
let not_after = cert.not_after().to_string();
@ -45,7 +45,7 @@ fn test_cert_issue_validity() {
#[test]
fn test_save_der() {
let cert = include_bytes!("../../test/cert.pem");
let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
let cert = X509::from_pem(cert).unwrap();
let der = cert.to_der().unwrap();
assert!(!der.is_empty());
@ -101,8 +101,8 @@ fn test_nameref_iterator() {
assert_eq!(friendly.object().nid().as_raw(), Nid::FRIENDLYNAME.as_raw());
assert_eq!(&**friendly.data().as_utf8().unwrap(), "Example");
if let Some(_) = all_entries.next() {
assert!(false);
if all_entries.next().is_some() {
panic!();
}
}
@ -136,7 +136,7 @@ fn test_subject_alt_name() {
#[test]
fn test_subject_alt_name_iter() {
let cert = include_bytes!("../../test/alt_name_cert.pem");
let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
let cert = X509::from_pem(cert).unwrap();
let subject_alt_names = cert.subject_alt_names().unwrap();
let mut subject_alt_names_iter = subject_alt_names.iter();
@ -232,7 +232,7 @@ fn x509_builder() {
.entries_by_nid(Nid::COMMONNAME)
.next()
.unwrap();
assert_eq!("foobar.com".as_bytes(), cn.data().as_slice());
assert_eq!(cn.data().as_slice(), b"foobar.com");
assert_eq!(serial, x509.serial_number().to_bn().unwrap());
}
@ -320,6 +320,7 @@ fn signature() {
}
#[test]
#[allow(clippy::redundant_clone)]
fn clone_x509() {
let cert = include_bytes!("../../test/cert.pem");
let cert = X509::from_pem(cert).unwrap();

15
systest/build.rs
View File

@ -40,7 +40,7 @@ fn main() {
}
if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
for var in vars.split(",") {
for var in vars.split(',') {
cfg.cfg("osslconf", Some(var));
}
}
@ -68,15 +68,16 @@ fn main() {
cfg.header("openssl/cms.h");
}
#[allow(clippy::if_same_then_else)]
cfg.type_name(|s, is_struct, _is_union| {
// Add some `*` on some callback parameters to get function pointer to
// typecheck in C, especially on MSVC.
if s == "PasswordCallback" {
format!("pem_password_cb*")
"pem_password_cb*".to_string()
} else if s == "bio_info_cb" {
format!("bio_info_cb*")
"bio_info_cb*".to_string()
} else if s == "_STACK" {
format!("struct stack_st")
"struct stack_st".to_string()
// This logic should really be cleaned up
} else if is_struct
&& s != "point_conversion_form_t"
@ -86,7 +87,7 @@ fn main() {
} else if s.starts_with("stack_st_") {
format!("struct {}", s)
} else {
format!("{}", s)
s.to_string()
}
});
cfg.skip_type(|s| {
@ -130,9 +131,9 @@ fn main() {
});
cfg.field_name(|_s, field| {
if field == "type_" {
format!("type")
"type".to_string()
} else {
format!("{}", field)
field.to_string()
}
});
cfg.fn_cname(|rust, link_name| link_name.unwrap_or(rust).to_string());

2
systest/src/main.rs
View File

@ -1,4 +1,4 @@
#![allow(bad_style)]
#![allow(bad_style, clippy::all)]
extern crate libc;
extern crate openssl_sys;