min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add SSL_get_version

This commit is contained in:
Erik Johnston 2016-02-18 20:47:42 +00:00
parent 1e9667ea89
commit 04cbf049c0
2 changed files with 43 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openssl-sys/src/lib.rs
View File

@ -643,6 +643,7 @@ extern "C" {
pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD; pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD;
pub fn SSL_get_peer_certificate(ssl: *mut SSL) -> *mut X509; pub fn SSL_get_peer_certificate(ssl: *mut SSL) -> *mut X509;
pub fn SSL_get_ssl_method(ssl: *mut SSL) -> *const SSL_METHOD; pub fn SSL_get_ssl_method(ssl: *mut SSL) -> *const SSL_METHOD;
pub fn SSL_get_version(ssl: *mut SSL) -> *const c_char;
pub fn SSL_state_string(ssl: *mut SSL) -> *const c_char; pub fn SSL_state_string(ssl: *mut SSL) -> *const c_char;
pub fn SSL_state_string_long(ssl: *mut SSL) -> *const c_char; pub fn SSL_state_string_long(ssl: *mut SSL) -> *const c_char;
@ -656,8 +657,6 @@ extern "C" {
pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *const c_int) -> c_int; pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *const c_int) -> c_int;
pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char; pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
pub fn SSL_CIPHER_description(cipher: *const SSL_CIPHER, buf: *mut c_char, size: c_int) -> *const c_char; pub fn SSL_CIPHER_description(cipher: *const SSL_CIPHER, buf: *mut c_char, size: c_int) -> *const c_char;
pub fn SSL_CIPHER_get_cipher_nid(cipher: *const SSL_CIPHER) -> c_int;
pub fn SSL_CIPHER_get_digest_nid(cipher: *const SSL_CIPHER) -> c_int;
pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX; pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
pub fn SSL_CTX_free(ctx: *mut SSL_CTX); pub fn SSL_CTX_free(ctx: *mut SSL_CTX);

53
openssl/src/ssl/mod.rs
View File

@ -769,11 +769,13 @@ impl SslContext {
} }
} }
pub struct SslCipher { pub struct SslCipher<'a> {
cipher: *const ffi::SSL_CIPHER, cipher: *const ffi::SSL_CIPHER,
ph: PhantomData<&'a ()>,
} }
impl SslCipher { impl <'a> SslCipher<'a> {
/// Returns the name of cipher.
pub fn name(&self) -> &'static str { pub fn name(&self) -> &'static str {
let name = unsafe { let name = unsafe {
let ptr = ffi::SSL_CIPHER_get_name(self.cipher); let ptr = ffi::SSL_CIPHER_get_name(self.cipher);
@ -783,6 +785,7 @@ impl SslCipher {
str::from_utf8(name.to_bytes()).unwrap() str::from_utf8(name.to_bytes()).unwrap()
} }
/// Returns the SSL/TLS protocol version that first defined the cipher.
pub fn version(&self) -> &'static str { pub fn version(&self) -> &'static str {
let version = unsafe { let version = unsafe {
let ptr = ffi::SSL_CIPHER_get_version(self.cipher); let ptr = ffi::SSL_CIPHER_get_version(self.cipher);
@ -792,18 +795,36 @@ impl SslCipher {
str::from_utf8(version.to_bytes()).unwrap() str::from_utf8(version.to_bytes()).unwrap()
} }
pub fn bits(&self) -> (i32, i32) { /// Returns the number of secret bits used for the cipher.
///
/// The first element is the number of secret bits used for the cipher.
///
/// The second element, if not None, is the number of bits processed by
/// the chosen algorithm,
pub fn bits(&self) -> (i32, Option<i32>) {
unsafe { unsafe {
let mut algo_bits : c_int = 0; let algo_bits : *mut c_int = ptr::null_mut();
let actual_bits = ffi::SSL_CIPHER_get_bits(self.cipher, &mut algo_bits); let actual_bits = ffi::SSL_CIPHER_get_bits(self.cipher, algo_bits);
(actual_bits, algo_bits) if !algo_bits.is_null() {
(actual_bits, Some(*algo_bits))
} else {
(actual_bits, None)
}
} }
} }
pub fn description(&self) -> String { /// Returns a textual description of the cipher used
pub fn description(&self) -> Option<String> {
unsafe { unsafe {
let desc_ptr = ffi::SSL_CIPHER_description(self.cipher, ptr::null_mut(), 0); // SSL_CIPHER_description requires a buffer of at least 128 bytes.
String::from_utf8(CStr::from_ptr(desc_ptr).to_bytes().to_vec()).unwrap() let mut buf = [0i8; 128];
let desc_ptr = ffi::SSL_CIPHER_description(self.cipher, &mut buf[0], 128);
if !desc_ptr.is_null() {
String::from_utf8(CStr::from_ptr(desc_ptr).to_bytes().to_vec()).ok()
} else {
None
}
} }
} }
} }
@ -876,14 +897,14 @@ impl Ssl {
} }
} }
pub fn get_current_cipher(&self) -> Option<SslCipher> { pub fn get_current_cipher<'a>(&'a self) -> Option<SslCipher<'a>> {
unsafe { unsafe {
let ptr = ffi::SSL_get_current_cipher(self.ssl); let ptr = ffi::SSL_get_current_cipher(self.ssl);
if ptr.is_null() { if ptr.is_null() {
None None
} else { } else {
Some(SslCipher{ cipher: ptr }) Some(SslCipher{ cipher: ptr, ph: PhantomData })
} }
} }
} }
@ -933,6 +954,16 @@ impl Ssl {
} }
} }
/// Returns the name of the protocol used for the connection, e.g. "TLSv1.2", "SSLv3", etc.
pub fn version(&self) -> &'static str {
let version = unsafe {
let ptr = ffi::SSL_get_version(self.ssl);
CStr::from_ptr(ptr as *const _)
};
str::from_utf8(version.to_bytes()).unwrap()
}
/// Returns the protocol selected by performing Next Protocol Negotiation, if any. /// Returns the protocol selected by performing Next Protocol Negotiation, if any.
/// ///
/// The protocol's name is returned is an opaque sequence of bytes. It is up to the client /// The protocol's name is returned is an opaque sequence of bytes. It is up to the client