min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make verification callbacks sound

This commit is contained in:
Steven Fackler 2013-11-20 21:45:05 -08:00
parent fc57ec0e43
commit 2216f86bd3
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib.rs
View File

@ -111,14 +111,14 @@ extern "C" fn raw_verify(preverify_ok: c_int, x509_ctx: *ffi::X509_STORE_CTX)
match verify {
None => preverify_ok,
Some(verify) => verify(preverify_ok != 0, ctx) as c_int
Some(verify) => verify(preverify_ok != 0, &ctx) as c_int
}
}
}
/// The signature of functions that can be used to manually verify certificates
pub type VerifyCallback = extern "Rust" fn(preverify_ok: bool,
x509_ctx: X509StoreContext) -> bool;
x509_ctx: &X509StoreContext) -> bool;
/// An SSL context object
pub struct SslContext {
@ -189,7 +189,7 @@ impl X509StoreContext {
X509ValidationError::from_raw(err)
}
pub fn get_current_cert(&self) -> Option<X509> {
pub fn get_current_cert<'a>(&'a self) -> Option<X509<'a>> {
let ptr = unsafe { ffi::X509_STORE_CTX_get_current_cert(self.ctx) };
if ptr.is_null() {
@ -201,7 +201,7 @@ impl X509StoreContext {
}
/// A public key certificate
pub struct X509 {
pub struct X509<'ctx> {
priv x509: *ffi::X509
}

14
test.rs
View File

@ -47,7 +47,7 @@ fn test_verify_trusted() {
#[test]
fn test_verify_untrusted_callback_override_ok() {
fn callback(_preverify_ok: bool, _x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool {
true
}
let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();
@ -61,7 +61,7 @@ fn test_verify_untrusted_callback_override_ok() {
#[test]
fn test_verify_untrusted_callback_override_bad() {
fn callback(_preverify_ok: bool, _x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool {
false
}
let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();
@ -72,7 +72,7 @@ fn test_verify_untrusted_callback_override_bad() {
#[test]
fn test_verify_trusted_callback_override_ok() {
fn callback(_preverify_ok: bool, _x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool {
true
}
let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();
@ -90,7 +90,7 @@ fn test_verify_trusted_callback_override_ok() {
#[test]
fn test_verify_trusted_callback_override_bad() {
fn callback(_preverify_ok: bool, _x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool {
false
}
let stream = TcpStream::connect(FromStr::from_str("127.0.0.1:15418").unwrap()).unwrap();
@ -105,7 +105,7 @@ fn test_verify_trusted_callback_override_bad() {
#[test]
fn test_verify_callback_load_certs() {
fn callback(_preverify_ok: bool, x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool {
assert!(x509_ctx.get_current_cert().is_some());
true
}
@ -117,7 +117,7 @@ fn test_verify_callback_load_certs() {
#[test]
fn test_verify_trusted_get_error_ok() {
fn callback(_preverify_ok: bool, x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool {
assert!(x509_ctx.get_error().is_none());
true
}
@ -133,7 +133,7 @@ fn test_verify_trusted_get_error_ok() {
#[test]
fn test_verify_trusted_get_error_err() {
fn callback(_preverify_ok: bool, x509_ctx: X509StoreContext) -> bool {
fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool {
assert!(x509_ctx.get_error().is_some());
false
}