Merge pull request #913 from sfackler/fix-get-version

Fix base version for min/max proto accessors
2018-05-09 20:13:27 +01:00 · 2018-05-09 20:13:27 +01:00 · 436afb8f57
parent 5b0a0e5692 7a1b59d605
commit 436afb8f57
5 changed files with 68 additions and 33 deletions
--- a/openssl-sys/build.rs
+++ b/openssl-sys/build.rs
@ -441,6 +441,10 @@ See rust-openssl README for more information:
            println!("cargo:rustc-cfg=ossl102h");
        }
        if openssl_version >= 0x1_01_00_07_0 {
            println!("cargo:rustc-cfg=ossl110g");
        }
        if openssl_version >= 0x1_01_02_00_0 {
            version_error()
        } else if openssl_version >= 0x1_01_01_00_0 {
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@ -1,6 +1,6 @@
 use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t};
 use std::sync::{Once, ONCE_INIT};
 use std::ptr;
 use std::sync::{Once, ONCE_INIT};
 pub enum BIGNUM {}
 pub enum BIO {}
@ -36,7 +36,9 @@ pub enum X509_REQ {}
 pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123;
 pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124;
 #[cfg(ossl110g)]
 pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130;
 #[cfg(ossl110g)]
 pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131;
 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000;
@ -98,10 +100,12 @@ pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut ::SSL_CTX, version: c_int)
    ) as c_int
 }
 #[cfg(ossl110g)]
 pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut ::SSL_CTX) -> c_int {
    ::SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
 }
 #[cfg(ossl110g)]
 pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut ::SSL_CTX) -> c_int {
    ::SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
 }
@ -124,10 +128,12 @@ pub unsafe fn SSL_set_max_proto_version(s: *mut ::SSL, version: c_int) -> c_int
    ) as c_int
 }
 #[cfg(ossl110g)]
 pub unsafe fn SSL_get_min_proto_version(s: *mut ::SSL) -> c_int {
    ::SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
 }
 #[cfg(ossl110g)]
 pub unsafe fn SSL_get_max_proto_version(s: *mut ::SSL) -> c_int {
    ::SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
 }
--- a/openssl/build.rs
+++ b/openssl/build.rs
@ -33,4 +33,12 @@ fn main() {
            println!("cargo:rustc-cfg=osslconf=\"{}\"", var);
        }
    }
    if let Ok(version) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
        let version = u64::from_str_radix(&version, 16).unwrap();
        if version >= 0x1_01_00_07_0 {
            println!("cargo:rustc-cfg=ossl110g");
        }
    }
 }
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@ -77,36 +77,37 @@ use std::slice;
 use std::str;
 use std::sync::Mutex;
 use {cvt, cvt_n, cvt_p, init};
 use dh::{Dh, DhRef};
 use ec::EcKeyRef;
 #[cfg(any(ossl101, ossl102))]
 use ec::EcKey;
-use x509::{X509, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult};
+use ec::EcKeyRef;
 use x509::store::{X509StoreBuilderRef, X509StoreRef};
 #[cfg(any(ossl102, ossl110))]
 use x509::store::X509Store;
 #[cfg(any(ossl102, ossl110))]
 use x509::verify::X509VerifyParamRef;
 use pkey::{HasPrivate, PKeyRef, Params, Private};
 use error::ErrorStack;
 use ex_data::Index;
 use stack::{Stack, StackRef};
 use ssl::bio::BioMethod;
 use ssl::error::InnerError;
 use ssl::callbacks::*;
 use nid::Nid;
 #[cfg(ossl111)]
 use hash::MessageDigest;
 use nid::Nid;
 use pkey::{HasPrivate, PKeyRef, Params, Private};
 use ssl::bio::BioMethod;
 use ssl::callbacks::*;
 use ssl::error::InnerError;
 use stack::{Stack, StackRef};
 #[cfg(any(ossl102, ossl110))]
 use x509::store::X509Store;
 use x509::store::{X509StoreBuilderRef, X509StoreRef};
 #[cfg(any(ossl102, ossl110))]
 use x509::verify::X509VerifyParamRef;
 use x509::{X509, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult};
 use {cvt, cvt_n, cvt_p, init};
-pub use ssl::connector::{ConnectConfiguration, SslAcceptor, SslAcceptorBuilder, SslConnector,
+pub use ssl::connector::{
-                         SslConnectorBuilder};
+    ConnectConfiguration, SslAcceptor, SslAcceptorBuilder, SslConnector, SslConnectorBuilder,
 };
 pub use ssl::error::{Error, ErrorCode, HandshakeError};
-mod error;
+mod bio;
 mod callbacks;
 mod connector;
-mod bio;
+mod error;
 #[cfg(test)]
 mod test;
@ -1119,10 +1120,10 @@ impl SslContextBuilder {
    ///
    /// This corresponds to [`SSL_CTX_get_min_proto_version`].
    ///
-    /// Requires OpenSSL 1.1.0 or newer.
+    /// Requires OpenSSL 1.1.0g or newer.
    ///
    /// [`SSL_CTX_get_min_proto_version`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_set_min_proto_version.html
-    #[cfg(any(ossl110))]
+    #[cfg(any(ossl110g))]
    pub fn min_proto_version(&mut self) -> Option<SslVersion> {
        unsafe {
            let r = ffi::SSL_CTX_get_min_proto_version(self.as_ptr());
@ -1141,10 +1142,10 @@ impl SslContextBuilder {
    ///
    /// This corresponds to [`SSL_CTX_get_max_proto_version`].
    ///
-    /// Requires OpenSSL 1.1.0 or newer.
+    /// Requires OpenSSL 1.1.0g or newer.
    ///
    /// [`SSL_CTX_get_max_proto_version`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_set_min_proto_version.html
-    #[cfg(any(ossl110))]
+    #[cfg(any(ossl110g))]
    pub fn max_proto_version(&mut self) -> Option<SslVersion> {
        unsafe {
            let r = ffi::SSL_CTX_get_max_proto_version(self.as_ptr());
@ -1451,7 +1452,10 @@ impl SslContextBuilder {
                get_callback_idx::<F>(),
                Box::into_raw(callback) as *mut _,
            );
-            ffi::SSL_CTX_set_stateless_cookie_generate_cb(self.as_ptr(), Some(raw_stateless_cookie_generate::<F>))
+            ffi::SSL_CTX_set_stateless_cookie_generate_cb(
                self.as_ptr(),
                Some(raw_stateless_cookie_generate::<F>),
            )
        }
    }
@ -1477,7 +1481,10 @@ impl SslContextBuilder {
                get_callback_idx::<F>(),
                Box::into_raw(callback) as *mut _,
            );
-            ffi::SSL_CTX_set_stateless_cookie_verify_cb(self.as_ptr(), Some(raw_stateless_cookie_verify::<F>))
+            ffi::SSL_CTX_set_stateless_cookie_verify_cb(
                self.as_ptr(),
                Some(raw_stateless_cookie_verify::<F>),
            )
        }
    }
@ -2950,11 +2957,12 @@ impl<S: Read + Write> Write for SslStream<S> {
 /// A partially constructed `SslStream`, useful for unusual handshakes.
 pub struct SslStreamBuilder<S> {
-    inner: SslStream<S>
+    inner: SslStream<S>,
 }
 impl<S> SslStreamBuilder<S>
-    where S: Read + Write
+where
    S: Read + Write,
 {
    /// Begin creating an `SslStream` atop `stream`
    pub fn new(ssl: Ssl, stream: S) -> Self {
@ -3053,7 +3061,9 @@ impl<S> SslStreamBuilder<S> {
    }
    /// Returns a shared reference to the `Ssl` object associated with this builder.
-    pub fn ssl(&self) -> &SslRef { &self.inner.ssl }
+    pub fn ssl(&self) -> &SslRef {
        &self.inner.ssl
    }
 }
 /// The result of a shutdown request.
@ -3073,8 +3083,10 @@ mod compat {
    use ffi;
    use libc::c_int;
-    pub use ffi::{SSL_CTX_clear_options, SSL_CTX_get_options, SSL_CTX_set_options, SSL_CTX_up_ref,
+    pub use ffi::{
-                  SSL_SESSION_get_master_key, SSL_SESSION_up_ref, SSL_is_server};
+        SSL_CTX_clear_options, SSL_CTX_get_options, SSL_CTX_set_options, SSL_CTX_up_ref,
        SSL_SESSION_get_master_key, SSL_SESSION_up_ref, SSL_is_server,
    };
    pub unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int {
        ffi::CRYPTO_get_ex_new_index(
--- a/openssl/src/ssl/test.rs
+++ b/openssl/src/ssl/test.rs
@ -21,9 +21,10 @@ use pkey::PKey;
 use ssl;
 #[cfg(any(ossl110, ossl111))]
 use ssl::SslVersion;
-use ssl::{Error, HandshakeError, MidHandshakeSslStream, ShutdownResult, Ssl, SslAcceptor,
+use ssl::{
-          SslConnector, SslContext, SslFiletype, SslMethod, SslSessionCacheMode, SslStream,
+    Error, HandshakeError, MidHandshakeSslStream, ShutdownResult, Ssl, SslAcceptor, SslConnector,
-          SslVerifyMode, StatusType};
+    SslContext, SslFiletype, SslMethod, SslSessionCacheMode, SslStream, SslVerifyMode, StatusType,
 };
 #[cfg(any(ossl102, ossl110))]
 use x509::verify::X509CheckFlags;
 use x509::{X509, X509Name, X509StoreContext, X509VerifyResult};
@ -1323,7 +1324,9 @@ fn no_version_overlap() {
        ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
            .unwrap();
        ctx.set_max_proto_version(Some(SslVersion::TLS1_1)).unwrap();
        #[cfg(ossl110g)]
        assert_eq!(ctx.min_proto_version(), None);
        #[cfg(ossl110g)]
        assert_eq!(ctx.max_proto_version(), Some(SslVersion::TLS1_1));
        let ssl = Ssl::new(&ctx.build()).unwrap();
        ssl.accept(stream).unwrap_err();
@ -1332,7 +1335,9 @@ fn no_version_overlap() {
    let stream = TcpStream::connect(addr).unwrap();
    let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
    ctx.set_min_proto_version(Some(SslVersion::TLS1_2)).unwrap();
    #[cfg(ossl110g)]
    assert_eq!(ctx.min_proto_version(), Some(SslVersion::TLS1_2));
    #[cfg(ossl110g)]
    assert_eq!(ctx.max_proto_version(), None);
    let ssl = Ssl::new(&ctx.build()).unwrap();
    ssl.connect(stream).unwrap_err();