min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move X509_get_extensions to openssl helpers

This commit is contained in:
Steven Fackler 2016-08-09 22:15:16 -07:00
parent 0854632ff5
commit 1ac54b06e9
7 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openssl-sys-extras/src/openssl_shim.c
View File

@ -138,7 +138,3 @@ DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) {
long SSL_set_tlsext_host_name_shim(SSL *s, char *name) { long SSL_set_tlsext_host_name_shim(SSL *s, char *name) {
return SSL_set_tlsext_host_name(s, name); return SSL_set_tlsext_host_name(s, name);
} }
STACK_OF(X509_EXTENSION) *X509_get_extensions_shim(X509 *x) {
return x->cert_info ? x->cert_info->extensions : NULL;
}

1
openssl/Cargo.toml
View File

@ -28,6 +28,7 @@ pkcs5_pbkdf2_hmac = ["openssl-sys/pkcs5_pbkdf2_hmac"]
c_helpers = ["gcc"] c_helpers = ["gcc"]
x509_clone = ["c_helpers"] x509_clone = ["c_helpers"]
x509_generator_request = ["c_helpers"]
ssl_context_clone = ["c_helpers"] ssl_context_clone = ["c_helpers"]
[dependencies] [dependencies]

4
openssl/src/c_helpers.c
View File

@ -7,3 +7,7 @@ void rust_SSL_CTX_clone(SSL_CTX *ctx) {
void rust_X509_clone(X509 *x509) { void rust_X509_clone(X509 *x509) {
CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
} }
STACK_OF(X509_EXTENSION) *rust_X509_get_extensions(X509 *x) {
return x->cert_info ? x->cert_info->extensions : NULL;
}

1
openssl/src/c_helpers.rs
View File

@ -4,4 +4,5 @@ use ffi;
extern "C" { extern "C" {
pub fn rust_SSL_CTX_clone(cxt: *mut ffi::SSL_CTX); pub fn rust_SSL_CTX_clone(cxt: *mut ffi::SSL_CTX);
pub fn rust_X509_clone(x509: *mut ffi::X509); pub fn rust_X509_clone(x509: *mut ffi::X509);
pub fn rust_X509_get_extensions(x: *mut ffi::X509) -> *mut ffi::stack_st_X509_EXTENSION;
} }

6
openssl/src/x509/mod.rs
View File

@ -17,7 +17,6 @@ use crypto::hash::Type as HashType;
use crypto::pkey::PKey; use crypto::pkey::PKey;
use crypto::rand::rand_bytes; use crypto::rand::rand_bytes;
use ffi; use ffi;
use ffi_extras;
use nid::Nid; use nid::Nid;
use error::ErrorStack; use error::ErrorStack;
@ -346,6 +345,9 @@ impl X509Generator {
} }
/// Obtain a certificate signing request (CSR) /// Obtain a certificate signing request (CSR)
///
/// Requries the `x509_generator_request` feature.
#[cfg(feature = "x509_generator_request")]
pub fn request(&self, p_key: &PKey) -> Result<X509Req, ErrorStack> { pub fn request(&self, p_key: &PKey) -> Result<X509Req, ErrorStack> {
let cert = match self.sign(p_key) { let cert = match self.sign(p_key) {
Ok(c) => c, Ok(c) => c,
@ -356,7 +358,7 @@ impl X509Generator {
let req = ffi::X509_to_X509_REQ(cert.handle(), ptr::null_mut(), ptr::null()); let req = ffi::X509_to_X509_REQ(cert.handle(), ptr::null_mut(), ptr::null());
try_ssl_null!(req); try_ssl_null!(req);
let exts = ffi_extras::X509_get_extensions(cert.handle()); let exts = ::c_helpers::rust_X509_get_extensions(cert.handle());
if exts != ptr::null_mut() { if exts != ptr::null_mut() {
try_ssl!(ffi::X509_REQ_add_extensions(req, exts)); try_ssl!(ffi::X509_REQ_add_extensions(req, exts));
} }

1
openssl/src/x509/tests.rs
View File

@ -69,6 +69,7 @@ fn test_cert_gen_extension_bad_ordering() {
} }
#[test] #[test]
#[cfg(feature = "x509_generator_request")]
fn test_req_gen() { fn test_req_gen() {
let pkey = pkey(); let pkey = pkey();

2
openssl/test/run.sh
View File

@ -4,7 +4,7 @@ set -e
MAIN_TARGETS=https://static.rust-lang.org/dist MAIN_TARGETS=https://static.rust-lang.org/dist
if [ "$TEST_FEATURES" == "true" ]; then if [ "$TEST_FEATURES" == "true" ]; then
FEATURES="tlsv1_2 tlsv1_1 dtlsv1 dtlsv1_2 sslv3 aes_xts aes_ctr npn alpn rfc5114 ecdh_auto pkcs5_pbkdf2_hmac x509_clone ssl_context_clone" FEATURES="tlsv1_2 tlsv1_1 dtlsv1 dtlsv1_2 sslv3 aes_xts aes_ctr npn alpn rfc5114 ecdh_auto pkcs5_pbkdf2_hmac x509_clone ssl_context_clone x509_generator_request"
fi fi
if [ "$TRAVIS_OS_NAME" != "osx" ]; then if [ "$TRAVIS_OS_NAME" != "osx" ]; then