min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add SSL::set_ecdh_auto() 

This sets automatic curve selection and enables ECDH support.
Requires LibreSSL or OpenSSL >= 1.0.2, so behind a feature gate.
This commit is contained in:
Frank Denis 2015-09-01 10:56:33 +02:00
parent def8e2ce89
commit 28320a65a7
5 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openssl-sys/Cargo.toml
View File

@ -22,6 +22,7 @@ aes_ctr = []
npn = [] npn = []
alpn = [] alpn = []
rfc5114 = [] rfc5114 = []
ecdh_auto = []
[dependencies] [dependencies]
libc = "0.1" libc = "0.1"

3
openssl-sys/src/lib.rs
View File

@ -675,6 +675,9 @@ extern "C" {
pub fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long; pub fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long;
#[link_name = "SSL_CTX_set_read_ahead_shim"] #[link_name = "SSL_CTX_set_read_ahead_shim"]
pub fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long; pub fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long;
#[cfg(feature = "ecdh_auto")]
#[link_name = "SSL_CTX_set_ecdh_auto_shim"]
pub fn SSL_CTX_set_ecdh_auto(ssl: *mut SSL_CTX, onoff: c_int) -> c_int;
#[link_name = "SSL_set_tlsext_host_name_shim"] #[link_name = "SSL_set_tlsext_host_name_shim"]
pub fn SSL_set_tlsext_host_name(s: *mut SSL, name: *const c_char) -> c_long; pub fn SSL_set_tlsext_host_name(s: *mut SSL, name: *const c_char) -> c_long;
#[link_name = "SSL_CTX_set_tmp_dh_shim"] #[link_name = "SSL_CTX_set_tmp_dh_shim"]

6
openssl-sys/src/openssl_shim.c
View File

@ -85,6 +85,12 @@ long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) {
return SSL_CTX_set_tmp_dh(ctx, dh); return SSL_CTX_set_tmp_dh(ctx, dh);
} }
#if OPENSSL_VERSION_NUMBER >= 0x1000200L
int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) {
return SSL_CTX_set_ecdh_auto(ctx, onoff);
}
#endif
DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) { DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) {
DH *dh; DH *dh;

1
openssl/Cargo.toml
View File

@ -20,6 +20,7 @@ aes_ctr = ["openssl-sys/aes_ctr"]
npn = ["openssl-sys/npn"] npn = ["openssl-sys/npn"]
alpn = ["openssl-sys/alpn"] alpn = ["openssl-sys/alpn"]
rfc5114 = ["openssl-sys/rfc5114"] rfc5114 = ["openssl-sys/rfc5114"]
ecdh_auto = ["openssl-sys/ecdh_auto"]
[dependencies.openssl-sys] [dependencies.openssl-sys]
path = "../openssl-sys" path = "../openssl-sys"

8
openssl/src/ssl/mod.rs
View File

@ -570,6 +570,14 @@ impl SslContext {
}) })
} }
#[cfg(feature = "ecdh_auto")]
pub fn set_ecdh_auto(&mut self, onoff: bool) -> Result<(),SslError> {
wrap_ssl_result(
unsafe {
ffi::SSL_CTX_set_ecdh_auto(self.ctx, onoff as c_int)
})
}
pub fn set_options(&mut self, option: SslContextOptions) -> SslContextOptions { pub fn set_options(&mut self, option: SslContextOptions) -> SslContextOptions {
let raw_bits = option.bits(); let raw_bits = option.bits();
let ret = unsafe { let ret = unsafe {