Misc cleanup

openssl-sys/src/lib.rs

@@ -2428,6 +2428,7 @@ extern "C" {
     pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
     pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
     pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
+    // FIXME should take an option
     pub fn SSL_CTX_set_tmp_dh_callback(
         ctx: *mut SSL_CTX,
         dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,

openssl-sys/src/libressl/mod.rs

@@ -8,7 +8,7 @@ pub use libressl::v250::*;
 #[cfg(not(libressl250))]
 pub use libressl::v25x::*;
 
-use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong};
+use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t};
 
 #[cfg(libressl250)]
 mod v250;
@@ -149,13 +149,7 @@ pub struct EVP_PKEY {
 pub struct BIO {
     pub method: *mut ::BIO_METHOD,
     pub callback: Option<
-        unsafe extern "C" fn(*mut ::BIO,
+        unsafe extern "C" fn(*mut ::BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long,
-                             c_int,
-                             *const c_char,
-                             c_int,
-                             c_long,
-                             c_long)
-                             -> c_long,
     >,
     pub cb_arg: *mut c_char,
     pub init: c_int,
@@ -195,18 +189,10 @@ pub struct EVP_CIPHER {
     pub iv_len: c_int,
     pub flags: c_ulong,
     pub init: Option<
-        unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
+        unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int,
-                             *const c_uchar,
-                             *const c_uchar,
-                             c_int)
-                             -> c_int,
     >,
     pub do_cipher: Option<
-        unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
+        unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int,
-                             *mut c_uchar,
-                             *const c_uchar,
-                             size_t)
-                             -> c_int,
     >,
     pub cleanup: Option<unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX) -> c_int>,
     pub ctx_size: c_int,
@@ -281,8 +267,7 @@ pub struct X509 {
     crldp: *mut c_void,
     altname: *mut c_void,
     nc: *mut c_void,
-    #[cfg(not(osslconf = "OPENSSL_NO_SHA"))]
+    #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] sha1_hash: [c_uchar; 20],
-    sha1_hash: [c_uchar; 20],
     aux: *mut c_void,
 }
 
@@ -382,8 +367,8 @@ pub const CRYPTO_LOCK_SSL_CTX: c_int = 12;
 pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
 
 static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
-static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = 0 as
+static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> =
-    *mut Vec<Option<MutexGuard<'static, ()>>>;
+    0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
 
 unsafe extern "C" fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) {
     let mutex = &(*MUTEXES)[n as usize];
@@ -526,7 +511,7 @@ extern "C" {
     pub fn SSL_set_tmp_ecdh_callback(
         ssl: *mut ::SSL,
         ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
-                                   -> *mut ::EC_KEY,
+            -> *mut ::EC_KEY,
     );
     pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *mut c_char;
     pub fn SSL_CTX_get_ex_new_index(
@@ -536,10 +521,11 @@ extern "C" {
         dup_func: Option<::CRYPTO_EX_dup>,
         free_func: Option<::CRYPTO_EX_free>,
     ) -> c_int;
+    // FIXME should take an option
     pub fn SSL_CTX_set_tmp_ecdh_callback(
         ctx: *mut ::SSL_CTX,
         ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
-                                   -> *mut ::EC_KEY,
+            -> *mut ::EC_KEY,
     );
     pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME;
     pub fn X509_get_issuer_name(x: *mut ::X509) -> *mut ::X509_NAME;

openssl-sys/src/ossl10x.rs

@@ -824,6 +824,7 @@ extern "C" {
         dup_func: Option<::CRYPTO_EX_dup>,
         free_func: Option<::CRYPTO_EX_free>,
     ) -> c_int;
+    // FIXME should take an option
     pub fn SSL_CTX_set_tmp_ecdh_callback(
         ctx: *mut ::SSL_CTX,
         ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)

openssl/src/ec.rs

@@ -698,9 +698,7 @@ impl EcKey<Private> {
                 .and_then(|key| {
                     cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
                 })
-                .and_then(|key| {
+                .and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key))
-                    cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key)
-                })
         }
     }
 
@@ -729,7 +727,7 @@ mod test {
     #[test]
     fn generate() {
         let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap();
-        let key = EcKey::generate(&group).unwrap();
+        EcKey::generate(&group).unwrap();
     }
 
     #[test]

openssl/src/ssl/mod.rs

@@ -488,16 +488,7 @@ pub fn select_next_proto<'a>(server: &[u8], client: &'a [u8]) -> Option<&'a [u8]
 }
 
 /// A builder for `SslContext`s.
-pub struct SslContextBuilder(*mut ffi::SSL_CTX);
+pub struct SslContextBuilder(SslContext);
-
-unsafe impl Sync for SslContextBuilder {}
-unsafe impl Send for SslContextBuilder {}
-
-impl Drop for SslContextBuilder {
-    fn drop(&mut self) {
-        unsafe { ffi::SSL_CTX_free(self.as_ptr()) }
-    }
-}
 
 impl SslContextBuilder {
     /// Creates a new `SslContextBuilder`.
@@ -516,12 +507,12 @@ impl SslContextBuilder {
 
     /// Creates an `SslContextBuilder` from a pointer to a raw OpenSSL value.
     pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder {
-        SslContextBuilder(ctx)
+        SslContextBuilder(SslContext::from_ptr(ctx))
     }
 
     /// Returns a pointer to the raw OpenSSL value.
     pub fn as_ptr(&self) -> *mut ffi::SSL_CTX {
-        self.0
+        self.0.as_ptr()
     }
 
     /// Configures the certificate verification method for new connections.
@@ -896,10 +887,11 @@ impl SslContextBuilder {
 
     /// Sets the list of supported ciphers.
     ///
-    /// See `man 1 ciphers` for details on the format.
+    /// See [`ciphers`] for details on the format.
     ///
     /// This corresponds to [`SSL_CTX_set_cipher_list`].
     ///
+    /// [`ciphers`]: https://www.openssl.org/docs/man1.1.0/apps/ciphers.html
     /// [`SSL_CTX_set_cipher_list`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_get_client_ciphers.html
     pub fn set_cipher_list(&mut self, cipher_list: &str) -> Result<(), ErrorStack> {
         let cipher_list = CString::new(cipher_list).unwrap();
@@ -1133,13 +1125,11 @@ impl SslContextBuilder {
 
     /// Consumes the builder, returning a new `SslContext`.
     pub fn build(self) -> SslContext {
-        let ctx = SslContext(self.0);
+        self.0
-        mem::forget(self);
-        ctx
     }
 }
 
-foreign_type! {
+foreign_type_and_impl_send_sync! {
     type CType = ffi::SSL_CTX;
     fn drop = ffi::SSL_CTX_free;
 
@@ -1155,9 +1145,6 @@ foreign_type! {
     pub struct SslContextRef;
 }
 
-unsafe impl Send for SslContext {}
-unsafe impl Sync for SslContext {}
-
 impl Clone for SslContext {
     fn clone(&self) -> Self {
         unsafe {