From 3c51f159a7f16c95061f51355536a66f77c6c63c Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Tue, 19 Jan 2016 21:48:44 -0500
Subject: [PATCH 1/2] crypto/pkey: impl Clone for PKey using openssl's ref
 counting

---
 openssl/src/c_helpers.c    |  4 ++++
 openssl/src/crypto/pkey.rs | 14 ++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/openssl/src/c_helpers.c b/openssl/src/c_helpers.c
index 402c36ec..dfbfbf81 100644
--- a/openssl/src/c_helpers.c
+++ b/openssl/src/c_helpers.c
@@ -7,3 +7,7 @@ void rust_SSL_clone(SSL *ssl) {
 void rust_SSL_CTX_clone(SSL_CTX *ctx) {
     CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
 }
+
+void rust_EVP_PKEY_clone(EVP_PKEY *pkey) {
+    CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+}
diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index 9d653c13..934a93ed 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -52,6 +52,10 @@ fn openssl_hash_nid(hash: HashType) -> c_int {
     }
 }
 
+extern "C" {
+    fn rust_EVP_PKEY_clone(pkey: *mut ffi::EVP_PKEY);
+}
+
 pub struct PKey {
     evp: *mut ffi::EVP_PKEY,
     parts: Parts,
@@ -600,6 +604,16 @@ impl Drop for PKey {
     }
 }
 
+impl Clone for PKey {
+    fn clone(&self) -> Self {
+        unsafe {
+            rust_EVP_PKEY_clone(self.evp);
+        }
+
+        PKey::from_handle(self.evp, self.parts)
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use std::path::Path;

From 36a667be49075ddea193214b55f76f6186c6f64a Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Tue, 19 Jan 2016 22:04:18 -0500
Subject: [PATCH 2/2] x509: impl Clone using references & CRYPTO_add()

---
 openssl/src/c_helpers.c |  4 ++++
 openssl/src/x509/mod.rs | 14 ++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/openssl/src/c_helpers.c b/openssl/src/c_helpers.c
index dfbfbf81..1b48565e 100644
--- a/openssl/src/c_helpers.c
+++ b/openssl/src/c_helpers.c
@@ -11,3 +11,7 @@ void rust_SSL_CTX_clone(SSL_CTX *ctx) {
 void rust_EVP_PKEY_clone(EVP_PKEY *pkey) {
     CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
 }
+
+void rust_X509_clone(X509 *x509) {
+    CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+}
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index ffd478ef..f31de89b 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -507,6 +507,20 @@ impl<'ctx> X509<'ctx> {
     }
 }
 
+extern "C" {
+    fn rust_X509_clone(x509: *mut ffi::X509);
+}
+
+impl<'ctx> Clone for X509<'ctx> {
+    fn clone(&self) -> X509<'ctx> {
+        unsafe { rust_X509_clone(self.handle) }
+        /* FIXME: given that we now have refcounting control, 'owned' should be uneeded, the 'ctx
+         * is probably also uneeded. We can remove both to condense the x509 api quite a bit
+         */
+        X509::new(self.handle, true)
+    }
+}
+
 impl<'ctx> Drop for X509<'ctx> {
     fn drop(&mut self) {
         if self.owned {