From 066c54a34cbdb3a946100bacda2d2a861d57a940 Mon Sep 17 00:00:00 2001 From: Cody P Schafer Date: Mon, 29 Dec 2014 16:32:56 -0500 Subject: [PATCH 1/6] ssl: use std::ptr::Unique to fix for opt-in Sync Modifies Ssl & SslContext. This removes the errors like: src/ssl/tests.rs:202:14: 202:27 error: the trait `core::kinds::Send` is not implemented for the type `*mut libc::types::common::c95::c_void` src/ssl/tests.rs:202 let _t = Thread::spawn(move || { ^~~~~~~~~~~~~ src/ssl/tests.rs:202:14: 202:27 note: the type `*mut libc::types::common::c95::c_void` must implement `core::kinds::Send` because it appears within the type `ssl::Ssl` We may want some locking around calls that do multiple operations on the underlying Ssl and SslContext objects, but this lets us preserve functionality for now. --- src/ssl/mod.rs | 56 +++++++++++++++++++++++++------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index 43673596..1bd36147 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -172,12 +172,12 @@ fn wrap_ssl_result(res: c_int) -> Option { /// An SSL context object pub struct SslContext { - ctx: *mut ffi::SSL_CTX + ctx: ptr::Unique } impl Drop for SslContext { fn drop(&mut self) { - unsafe { ffi::SSL_CTX_free(self.ctx) } + unsafe { ffi::SSL_CTX_free(self.ctx.0) } } } @@ -191,18 +191,18 @@ impl SslContext { return Err(SslError::get()); } - Ok(SslContext { ctx: ctx }) + Ok(SslContext { ctx: ptr::Unique(ctx) }) } /// Configures the certificate verification method for new connections. pub fn set_verify(&mut self, mode: SslVerifyMode, verify: Option) { unsafe { - ffi::SSL_CTX_set_ex_data(self.ctx, VERIFY_IDX, + ffi::SSL_CTX_set_ex_data(self.ctx.0, VERIFY_IDX, mem::transmute(verify)); let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int = raw_verify; - ffi::SSL_CTX_set_verify(self.ctx, mode as c_int, Some(f)); + ffi::SSL_CTX_set_verify(self.ctx.0, mode as c_int, Some(f)); } } @@ -215,20 +215,20 @@ impl SslContext { data: T) { let data = box data; unsafe { - ffi::SSL_CTX_set_ex_data(self.ctx, VERIFY_IDX, + ffi::SSL_CTX_set_ex_data(self.ctx.0, VERIFY_IDX, mem::transmute(Some(verify))); - ffi::SSL_CTX_set_ex_data(self.ctx, get_verify_data_idx::(), + ffi::SSL_CTX_set_ex_data(self.ctx.0, get_verify_data_idx::(), mem::transmute(data)); let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int = raw_verify_with_data::; - ffi::SSL_CTX_set_verify(self.ctx, mode as c_int, Some(f)); + ffi::SSL_CTX_set_verify(self.ctx.0, mode as c_int, Some(f)); } } /// Sets verification depth pub fn set_verify_depth(&mut self, depth: uint) { unsafe { - ffi::SSL_CTX_set_verify_depth(self.ctx, depth as c_int); + ffi::SSL_CTX_set_verify_depth(self.ctx.0, depth as c_int); } } @@ -237,7 +237,7 @@ impl SslContext { pub fn set_CA_file(&mut self, file: &Path) -> Option { wrap_ssl_result(file.with_c_str(|file| { unsafe { - ffi::SSL_CTX_load_verify_locations(self.ctx, file, ptr::null()) + ffi::SSL_CTX_load_verify_locations(self.ctx.0, file, ptr::null()) } })) } @@ -247,7 +247,7 @@ impl SslContext { file_type: X509FileType) -> Option { wrap_ssl_result(file.with_c_str(|file| { unsafe { - ffi::SSL_CTX_use_certificate_file(self.ctx, file, file_type as c_int) + ffi::SSL_CTX_use_certificate_file(self.ctx.0, file, file_type as c_int) } })) } @@ -257,7 +257,7 @@ impl SslContext { file_type: X509FileType) -> Option { wrap_ssl_result(file.with_c_str(|file| { unsafe { - ffi::SSL_CTX_use_PrivateKey_file(self.ctx, file, file_type as c_int) + ffi::SSL_CTX_use_PrivateKey_file(self.ctx.0, file, file_type as c_int) } })) } @@ -265,7 +265,7 @@ impl SslContext { pub fn set_cipher_list(&mut self, cipher_list: &str) -> Option { wrap_ssl_result(cipher_list.with_c_str(|cipher_list| { unsafe { - ffi::SSL_CTX_set_cipher_list(self.ctx, cipher_list) + ffi::SSL_CTX_set_cipher_list(self.ctx.0, cipher_list) } })) } @@ -288,36 +288,36 @@ impl<'ssl> MemBioRef<'ssl> { } pub struct Ssl { - ssl: *mut ffi::SSL + ssl: ptr::Unique } impl Drop for Ssl { fn drop(&mut self) { - unsafe { ffi::SSL_free(self.ssl) } + unsafe { ffi::SSL_free(self.ssl.0) } } } impl Ssl { pub fn new(ctx: &SslContext) -> Result { - let ssl = unsafe { ffi::SSL_new(ctx.ctx) }; + let ssl = unsafe { ffi::SSL_new(ctx.ctx.0) }; if ssl == ptr::null_mut() { return Err(SslError::get()); } - let ssl = Ssl { ssl: ssl }; + let ssl = Ssl { ssl: ptr::Unique(ssl) }; let rbio = try!(MemBio::new()); let wbio = try!(MemBio::new()); - unsafe { ffi::SSL_set_bio(ssl.ssl, rbio.unwrap(), wbio.unwrap()) } + unsafe { ffi::SSL_set_bio(ssl.ssl.0, rbio.unwrap(), wbio.unwrap()) } Ok(ssl) } fn get_rbio<'a>(&'a self) -> MemBioRef<'a> { - unsafe { self.wrap_bio(ffi::SSL_get_rbio(self.ssl)) } + unsafe { self.wrap_bio(ffi::SSL_get_rbio(self.ssl.0)) } } fn get_wbio<'a>(&'a self) -> MemBioRef<'a> { - unsafe { self.wrap_bio(ffi::SSL_get_wbio(self.ssl)) } + unsafe { self.wrap_bio(ffi::SSL_get_wbio(self.ssl.0)) } } fn wrap_bio<'a>(&'a self, bio: *mut ffi::BIO) -> MemBioRef<'a> { @@ -329,25 +329,25 @@ impl Ssl { } fn connect(&self) -> c_int { - unsafe { ffi::SSL_connect(self.ssl) } + unsafe { ffi::SSL_connect(self.ssl.0) } } fn accept(&self) -> c_int { - unsafe { ffi::SSL_accept(self.ssl) } + unsafe { ffi::SSL_accept(self.ssl.0) } } fn read(&self, buf: &mut [u8]) -> c_int { - unsafe { ffi::SSL_read(self.ssl, buf.as_ptr() as *mut c_void, + unsafe { ffi::SSL_read(self.ssl.0, buf.as_ptr() as *mut c_void, buf.len() as c_int) } } fn write(&self, buf: &[u8]) -> c_int { - unsafe { ffi::SSL_write(self.ssl, buf.as_ptr() as *const c_void, + unsafe { ffi::SSL_write(self.ssl.0, buf.as_ptr() as *const c_void, buf.len() as c_int) } } fn get_error(&self, ret: c_int) -> LibSslError { - let err = unsafe { ffi::SSL_get_error(self.ssl, ret) }; + let err = unsafe { ffi::SSL_get_error(self.ssl.0, ret) }; match FromPrimitive::from_int(err as int) { Some(err) => err, None => unreachable!() @@ -362,7 +362,7 @@ impl Ssl { // #define SSL_set_tlsext_host_name(s,name) \ // SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name) - ffi::SSL_ctrl(self.ssl, ffi::SSL_CTRL_SET_TLSEXT_HOSTNAME, + ffi::SSL_ctrl(self.ssl.0, ffi::SSL_CTRL_SET_TLSEXT_HOSTNAME, ffi::TLSEXT_NAMETYPE_host_name, hostname as *const c_void as *mut c_void) } @@ -378,7 +378,7 @@ impl Ssl { pub fn get_peer_certificate(&self) -> Option { unsafe { - let ptr = ffi::SSL_get_peer_certificate(self.ssl); + let ptr = ffi::SSL_get_peer_certificate(self.ssl.0); if ptr.is_null() { None } else { @@ -513,7 +513,7 @@ impl SslStream { /// either None, indicating no compression is in use, or a string /// with the compression name. pub fn get_compression(&self) -> Option { - let ptr = unsafe { ffi::SSL_get_current_compression(self.ssl.ssl) }; + let ptr = unsafe { ffi::SSL_get_current_compression(self.ssl.ssl.0) }; if ptr == ptr::null() { return None; } From 651a1eab0b051fc418d5a7e696f1eda2f2d08a11 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Mon, 29 Dec 2014 14:44:48 -0800 Subject: [PATCH 2/6] Release v0.2.9 --- Cargo.toml | 4 ++-- openssl-sys/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index c56b593d..5e1dab2c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl" -version = "0.2.8" +version = "0.2.9" authors = ["Steven Fackler "] license = "Apache-2.0" description = "OpenSSL bindings" @@ -17,4 +17,4 @@ aes_xts = ["openssl-sys/aes_xts"] [dependencies.openssl-sys] path = "openssl-sys" -version = "0.2.8" +version = "0.2.9" diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index b9695f49..d1e4e486 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl-sys" -version = "0.2.8" +version = "0.2.9" authors = ["Alex Crichton ", "Steven Fackler "] license = "MIT" From dfdd4c0e4f647cf47c4a1cdb52de7e231dbfc86e Mon Sep 17 00:00:00 2001 From: Samuel Fredrickson Date: Tue, 30 Dec 2014 16:39:49 -0800 Subject: [PATCH 3/6] Change to use updated Mutex API in latest Rust master. --- openssl-sys/src/lib.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 104f71b5..f4173aff 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -9,7 +9,7 @@ extern crate "libressl-pnacl-sys" as _for_linkage; use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t}; use std::mem; use std::ptr; -use std::sync::{StaticMutex, StaticMutexGuard, MUTEX_INIT}; +use std::sync::{StaticMutex, MutexGuard, MUTEX_INIT}; use std::sync::{Once, ONCE_INIT}; pub type ASN1_INTEGER = c_void; @@ -192,7 +192,7 @@ pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; pub const X509_V_OK: c_int = 0; static mut MUTEXES: *mut Vec = 0 as *mut Vec; -static mut GUARDS: *mut Vec> = 0 as *mut Vec>; +static mut GUARDS: *mut Vec>> = 0 as *mut Vec>>; extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) { @@ -200,7 +200,7 @@ extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char, let mutex = &(*MUTEXES)[n as uint]; if mode & CRYPTO_LOCK != 0 { - (*GUARDS)[n as uint] = Some(mutex.lock()); + (*GUARDS)[n as uint] = Some(mutex.lock().unwrap()); } else { &(*GUARDS)[n as uint].take(); } @@ -218,7 +218,7 @@ pub fn init() { let num_locks = CRYPTO_num_locks(); let mutexes = box Vec::from_fn(num_locks as uint, |_| MUTEX_INIT); MUTEXES = mem::transmute(mutexes); - let guards: Box>> = box Vec::from_fn(num_locks as uint, |_| None); + let guards: Box>>> = box Vec::from_fn(num_locks as uint, |_| None); GUARDS = mem::transmute(guards); CRYPTO_set_locking_callback(locking_function); From d6ee6863b01424e8a77a79051a395be30334c203 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 31 Dec 2014 21:16:52 -0800 Subject: [PATCH 4/6] Release v0.2.10 --- Cargo.toml | 4 ++-- openssl-sys/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 5e1dab2c..02be783d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl" -version = "0.2.9" +version = "0.2.10" authors = ["Steven Fackler "] license = "Apache-2.0" description = "OpenSSL bindings" @@ -17,4 +17,4 @@ aes_xts = ["openssl-sys/aes_xts"] [dependencies.openssl-sys] path = "openssl-sys" -version = "0.2.9" +version = "0.2.10" diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index d1e4e486..24912cbc 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl-sys" -version = "0.2.9" +version = "0.2.10" authors = ["Alex Crichton ", "Steven Fackler "] license = "MIT" From 8a7e7b67d89561176d813f318a6f2e72e0c8fae6 Mon Sep 17 00:00:00 2001 From: Richard Diamond Date: Fri, 2 Jan 2015 03:36:33 -0600 Subject: [PATCH 5/6] OpenSSL-sys: Cfg off target_os instead off feature. It seems cargo doesn't provide --cfg entries for dep crates after all. --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index f4173aff..6c4c9bbe 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -3,7 +3,7 @@ extern crate libc; -#[cfg(feature = "libressl-pnacl-sys")] +#[cfg(target_os = "nacl")] extern crate "libressl-pnacl-sys" as _for_linkage; use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t}; From afffffc730729248582a2231afdbd9ddeedcc343 Mon Sep 17 00:00:00 2001 From: Valerii Hiora Date: Fri, 2 Jan 2015 13:50:52 +0200 Subject: [PATCH 6/6] Array syntax fallout --- openssl-sys/src/lib.rs | 2 +- src/crypto/hmac.rs | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index f4173aff..0fbbb6f7 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -57,7 +57,7 @@ pub struct HMAC_CTX { i_ctx: EVP_MD_CTX, o_ctx: EVP_MD_CTX, key_length: c_uint, - key: [c_uchar, ..128] + key: [c_uchar; 128] } impl Copy for HMAC_CTX {} diff --git a/src/crypto/hmac.rs b/src/crypto/hmac.rs index aab0c014..9e8b6361 100644 --- a/src/crypto/hmac.rs +++ b/src/crypto/hmac.rs @@ -78,7 +78,7 @@ mod tests { #[test] fn test_hmac_md5() { // test vectors from RFC 2202 - let tests: [(Vec, Vec, Vec), ..7] = [ + let tests: [(Vec, Vec, Vec); 7] = [ (Vec::from_elem(16, 0x0b_u8), b"Hi There".to_vec(), "9294727a3638bb1c13f48ef8158bfc9d".from_hex().unwrap()), (b"Jefe".to_vec(), @@ -111,7 +111,7 @@ mod tests { #[test] fn test_hmac_sha1() { // test vectors from RFC 2202 - let tests: [(Vec, Vec, Vec), ..7] = [ + let tests: [(Vec, Vec, Vec); 7] = [ (Vec::from_elem(20, 0x0b_u8), b"Hi There".to_vec(), "b617318655057264e28bc0b6fb378c8ef146be00".from_hex().unwrap()), (b"Jefe".to_vec(), @@ -143,7 +143,7 @@ mod tests { fn test_sha2(ty: HashType, results: &[Vec]) { // test vectors from RFC 4231 - let tests: [(Vec, Vec), ..6] = [ + let tests: [(Vec, Vec); 6] = [ (Vec::from_elem(20, 0x0b_u8), b"Hi There".to_vec()), (b"Jefe".to_vec(), b"what do ya want for nothing?".to_vec()),