Misc cleanup
This commit is contained in:
Steven Fackler
parent
0dd0df84d7
commit
1553447385
|
|
@ -2428,6 +2428,7 @@ extern "C" {
|
||||||
pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
|
pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
|
||||||
pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
|
pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
|
||||||
pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
|
pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
|
||||||
|
// FIXME should take an option
|
||||||
pub fn SSL_CTX_set_tmp_dh_callback(
|
pub fn SSL_CTX_set_tmp_dh_callback(
|
||||||
ctx: *mut SSL_CTX,
|
ctx: *mut SSL_CTX,
|
||||||
dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
|
dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ pub use libressl::v250::*;
|
||||||
#[cfg(not(libressl250))]
|
#[cfg(not(libressl250))]
|
||||||
pub use libressl::v25x::*;
|
pub use libressl::v25x::*;
|
||||||
|
|
||||||
use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong};
|
use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t};
|
||||||
|
|
||||||
#[cfg(libressl250)]
|
#[cfg(libressl250)]
|
||||||
mod v250;
|
mod v250;
|
||||||
|
|
@ -149,13 +149,7 @@ pub struct EVP_PKEY {
|
||||||
pub struct BIO {
|
pub struct BIO {
|
||||||
pub method: *mut ::BIO_METHOD,
|
pub method: *mut ::BIO_METHOD,
|
||||||
pub callback: Option<
|
pub callback: Option<
|
||||||
unsafe extern "C" fn(*mut ::BIO,
|
unsafe extern "C" fn(*mut ::BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long,
|
||||||
c_int,
|
|
||||||
*const c_char,
|
|
||||||
c_int,
|
|
||||||
c_long,
|
|
||||||
c_long)
|
|
||||||
-> c_long,
|
|
||||||
>,
|
>,
|
||||||
pub cb_arg: *mut c_char,
|
pub cb_arg: *mut c_char,
|
||||||
pub init: c_int,
|
pub init: c_int,
|
||||||
|
|
@ -195,18 +189,10 @@ pub struct EVP_CIPHER {
|
||||||
pub iv_len: c_int,
|
pub iv_len: c_int,
|
||||||
pub flags: c_ulong,
|
pub flags: c_ulong,
|
||||||
pub init: Option<
|
pub init: Option<
|
||||||
unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
|
unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int,
|
||||||
*const c_uchar,
|
|
||||||
*const c_uchar,
|
|
||||||
c_int)
|
|
||||||
-> c_int,
|
|
||||||
>,
|
>,
|
||||||
pub do_cipher: Option<
|
pub do_cipher: Option<
|
||||||
unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
|
unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int,
|
||||||
*mut c_uchar,
|
|
||||||
*const c_uchar,
|
|
||||||
size_t)
|
|
||||||
-> c_int,
|
|
||||||
>,
|
>,
|
||||||
pub cleanup: Option<unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX) -> c_int>,
|
pub cleanup: Option<unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX) -> c_int>,
|
||||||
pub ctx_size: c_int,
|
pub ctx_size: c_int,
|
||||||
|
|
@ -281,8 +267,7 @@ pub struct X509 {
|
||||||
crldp: *mut c_void,
|
crldp: *mut c_void,
|
||||||
altname: *mut c_void,
|
altname: *mut c_void,
|
||||||
nc: *mut c_void,
|
nc: *mut c_void,
|
||||||
#[cfg(not(osslconf = "OPENSSL_NO_SHA"))]
|
#[cfg(not(osslconf = "OPENSSL_NO_SHA"))] sha1_hash: [c_uchar; 20],
|
||||||
sha1_hash: [c_uchar; 20],
|
|
||||||
aux: *mut c_void,
|
aux: *mut c_void,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -382,8 +367,8 @@ pub const CRYPTO_LOCK_SSL_CTX: c_int = 12;
|
||||||
pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
|
pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
|
||||||
|
|
||||||
static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
|
static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
|
||||||
static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = 0 as
|
static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> =
|
||||||
*mut Vec<Option<MutexGuard<'static, ()>>>;
|
0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
|
||||||
|
|
||||||
unsafe extern "C" fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) {
|
unsafe extern "C" fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) {
|
||||||
let mutex = &(*MUTEXES)[n as usize];
|
let mutex = &(*MUTEXES)[n as usize];
|
||||||
|
|
@ -536,6 +521,7 @@ extern "C" {
|
||||||
dup_func: Option<::CRYPTO_EX_dup>,
|
dup_func: Option<::CRYPTO_EX_dup>,
|
||||||
free_func: Option<::CRYPTO_EX_free>,
|
free_func: Option<::CRYPTO_EX_free>,
|
||||||
) -> c_int;
|
) -> c_int;
|
||||||
|
// FIXME should take an option
|
||||||
pub fn SSL_CTX_set_tmp_ecdh_callback(
|
pub fn SSL_CTX_set_tmp_ecdh_callback(
|
||||||
ctx: *mut ::SSL_CTX,
|
ctx: *mut ::SSL_CTX,
|
||||||
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
|
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
|
||||||
|
|
|
||||||
|
|
@ -824,6 +824,7 @@ extern "C" {
|
||||||
dup_func: Option<::CRYPTO_EX_dup>,
|
dup_func: Option<::CRYPTO_EX_dup>,
|
||||||
free_func: Option<::CRYPTO_EX_free>,
|
free_func: Option<::CRYPTO_EX_free>,
|
||||||
) -> c_int;
|
) -> c_int;
|
||||||
|
// FIXME should take an option
|
||||||
pub fn SSL_CTX_set_tmp_ecdh_callback(
|
pub fn SSL_CTX_set_tmp_ecdh_callback(
|
||||||
ctx: *mut ::SSL_CTX,
|
ctx: *mut ::SSL_CTX,
|
||||||
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
|
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
|
||||||
|
|
|
||||||
|
|
@ -698,9 +698,7 @@ impl EcKey<Private> {
|
||||||
.and_then(|key| {
|
.and_then(|key| {
|
||||||
cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
|
cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
|
||||||
})
|
})
|
||||||
.and_then(|key| {
|
.and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key))
|
||||||
cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key)
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -729,7 +727,7 @@ mod test {
|
||||||
#[test]
|
#[test]
|
||||||
fn generate() {
|
fn generate() {
|
||||||
let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap();
|
let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap();
|
||||||
let key = EcKey::generate(&group).unwrap();
|
EcKey::generate(&group).unwrap();
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
|
||||||
|
|
@ -488,16 +488,7 @@ pub fn select_next_proto<'a>(server: &[u8], client: &'a [u8]) -> Option<&'a [u8]
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A builder for `SslContext`s.
|
/// A builder for `SslContext`s.
|
||||||
pub struct SslContextBuilder(*mut ffi::SSL_CTX);
|
pub struct SslContextBuilder(SslContext);
|
||||||
|
|
||||||
unsafe impl Sync for SslContextBuilder {}
|
|
||||||
unsafe impl Send for SslContextBuilder {}
|
|
||||||
|
|
||||||
impl Drop for SslContextBuilder {
|
|
||||||
fn drop(&mut self) {
|
|
||||||
unsafe { ffi::SSL_CTX_free(self.as_ptr()) }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl SslContextBuilder {
|
impl SslContextBuilder {
|
||||||
/// Creates a new `SslContextBuilder`.
|
/// Creates a new `SslContextBuilder`.
|
||||||
|
|
@ -516,12 +507,12 @@ impl SslContextBuilder {
|
||||||
|
|
||||||
/// Creates an `SslContextBuilder` from a pointer to a raw OpenSSL value.
|
/// Creates an `SslContextBuilder` from a pointer to a raw OpenSSL value.
|
||||||
pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder {
|
pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder {
|
||||||
SslContextBuilder(ctx)
|
SslContextBuilder(SslContext::from_ptr(ctx))
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Returns a pointer to the raw OpenSSL value.
|
/// Returns a pointer to the raw OpenSSL value.
|
||||||
pub fn as_ptr(&self) -> *mut ffi::SSL_CTX {
|
pub fn as_ptr(&self) -> *mut ffi::SSL_CTX {
|
||||||
self.0
|
self.0.as_ptr()
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Configures the certificate verification method for new connections.
|
/// Configures the certificate verification method for new connections.
|
||||||
|
|
@ -896,10 +887,11 @@ impl SslContextBuilder {
|
||||||
|
|
||||||
/// Sets the list of supported ciphers.
|
/// Sets the list of supported ciphers.
|
||||||
///
|
///
|
||||||
/// See `man 1 ciphers` for details on the format.
|
/// See [`ciphers`] for details on the format.
|
||||||
///
|
///
|
||||||
/// This corresponds to [`SSL_CTX_set_cipher_list`].
|
/// This corresponds to [`SSL_CTX_set_cipher_list`].
|
||||||
///
|
///
|
||||||
|
/// [`ciphers`]: https://www.openssl.org/docs/man1.1.0/apps/ciphers.html
|
||||||
/// [`SSL_CTX_set_cipher_list`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_get_client_ciphers.html
|
/// [`SSL_CTX_set_cipher_list`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_get_client_ciphers.html
|
||||||
pub fn set_cipher_list(&mut self, cipher_list: &str) -> Result<(), ErrorStack> {
|
pub fn set_cipher_list(&mut self, cipher_list: &str) -> Result<(), ErrorStack> {
|
||||||
let cipher_list = CString::new(cipher_list).unwrap();
|
let cipher_list = CString::new(cipher_list).unwrap();
|
||||||
|
|
@ -1133,13 +1125,11 @@ impl SslContextBuilder {
|
||||||
|
|
||||||
/// Consumes the builder, returning a new `SslContext`.
|
/// Consumes the builder, returning a new `SslContext`.
|
||||||
pub fn build(self) -> SslContext {
|
pub fn build(self) -> SslContext {
|
||||||
let ctx = SslContext(self.0);
|
self.0
|
||||||
mem::forget(self);
|
|
||||||
ctx
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
foreign_type! {
|
foreign_type_and_impl_send_sync! {
|
||||||
type CType = ffi::SSL_CTX;
|
type CType = ffi::SSL_CTX;
|
||||||
fn drop = ffi::SSL_CTX_free;
|
fn drop = ffi::SSL_CTX_free;
|
||||||
|
|
||||||
|
|
@ -1155,9 +1145,6 @@ foreign_type! {
|
||||||
pub struct SslContextRef;
|
pub struct SslContextRef;
|
||||||
}
|
}
|
||||||
|
|
||||||
unsafe impl Send for SslContext {}
|
|
||||||
unsafe impl Sync for SslContext {}
|
|
||||||
|
|
||||||
impl Clone for SslContext {
|
impl Clone for SslContext {
|
||||||
fn clone(&self) -> Self {
|
fn clone(&self) -> Self {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue