From 02b4385c5d18534d7b02a3ebc3323b662251c36e Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Fri, 21 Oct 2016 19:58:06 -0700
Subject: [PATCH] Convert X509VerifyParamRef

---
 openssl/src/ssl/mod.rs       |  4 ++--
 openssl/src/ssl/tests/mod.rs |  8 ++++----
 openssl/src/x509/verify.rs   | 17 +++++++++++------
 3 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index d03b495f..26cafa9a 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -1010,9 +1010,9 @@ impl SslRef {
     ///
     /// Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0.
     #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
-    pub fn param<'a>(&'a mut self) -> X509VerifyParamRef<'a> {
+    pub fn param_mut(&mut self) -> &mut X509VerifyParamRef {
         unsafe {
-            X509VerifyParamRef::from_ptr(ffi::SSL_get0_param(self.as_ptr()))
+            X509VerifyParamRef::from_ptr_mut(ffi::SSL_get0_param(self.as_ptr()))
         }
     }
 
diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs
index b255d01d..684f77ac 100644
--- a/openssl/src/ssl/tests/mod.rs
+++ b/openssl/src/ssl/tests/mod.rs
@@ -1053,8 +1053,8 @@ fn valid_hostname() {
     ctx.set_verify(SSL_VERIFY_PEER);
 
     let mut ssl = Ssl::new(&ctx).unwrap();
-    ssl.param().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
-    ssl.param().set_host("google.com").unwrap();
+    ssl.param_mut().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+    ssl.param_mut().set_host("google.com").unwrap();
 
     let s = TcpStream::connect("google.com:443").unwrap();
     let mut socket = ssl.connect(s).unwrap();
@@ -1077,8 +1077,8 @@ fn invalid_hostname() {
     ctx.set_verify(SSL_VERIFY_PEER);
 
     let mut ssl = Ssl::new(&ctx).unwrap();
-    ssl.param().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
-    ssl.param().set_host("foobar.com").unwrap();
+    ssl.param_mut().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+    ssl.param_mut().set_host("foobar.com").unwrap();
 
     let s = TcpStream::connect("google.com:443").unwrap();
     assert!(ssl.connect(s).is_err());
diff --git a/openssl/src/x509/verify.rs b/openssl/src/x509/verify.rs
index be8d3d7e..11c65dca 100644
--- a/openssl/src/x509/verify.rs
+++ b/openssl/src/x509/verify.rs
@@ -8,6 +8,7 @@ use ffi;
 
 use cvt;
 use error::ErrorStack;
+use opaque::Opaque;
 
 bitflags! {
     pub flags X509CheckFlags: c_uint {
@@ -23,22 +24,26 @@ bitflags! {
     }
 }
 
-pub struct X509VerifyParamRef<'a>(*mut ffi::X509_VERIFY_PARAM, PhantomData<&'a mut ()>);
+pub struct X509VerifyParamRef(Opaque);
 
-impl<'a> X509VerifyParamRef<'a> {
-    pub unsafe fn from_ptr(ptr: *mut ffi::X509_VERIFY_PARAM) -> X509VerifyParamRef<'a> {
-        X509VerifyParamRef(ptr, PhantomData)
+impl X509VerifyParamRef {
+    pub unsafe fn from_ptr_mut<'a>(ptr: *mut ffi::X509_VERIFY_PARAM) -> &'a mut X509VerifyParamRef {
+        &mut *(ptr as *mut _)
+    }
+
+    pub fn as_ptr(&self) -> *mut ffi::X509_VERIFY_PARAM {
+        self as *const _ as *mut _
     }
 
     pub fn set_hostflags(&mut self, hostflags: X509CheckFlags) {
         unsafe {
-            ffi::X509_VERIFY_PARAM_set_hostflags(self.0, hostflags.bits);
+            ffi::X509_VERIFY_PARAM_set_hostflags(self.as_ptr(), hostflags.bits);
         }
     }
 
     pub fn set_host(&mut self, host: &str) -> Result<(), ErrorStack> {
         unsafe {
-            cvt(ffi::X509_VERIFY_PARAM_set1_host(self.0,
+            cvt(ffi::X509_VERIFY_PARAM_set1_host(self.as_ptr(),
                                                  host.as_ptr() as *const _,
                                                  host.len()))
                 .map(|_| ())