From b3eb8d516ca1f112fec37436bab56a061a934244 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Thu, 20 Oct 2016 22:41:42 -0700 Subject: [PATCH 1/9] Switch X509Name over to new borrow setup The use of actual references enables us to be correct with respect to mutability without needing two structs for the mutable and immutable cases and more deref impls. --- openssl/src/lib.rs | 1 + openssl/src/opaque.rs | 6 ++++++ openssl/src/x509/mod.rs | 27 +++++++++++++++++++-------- 3 files changed, 26 insertions(+), 8 deletions(-) create mode 100644 openssl/src/opaque.rs diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs index 39c9fffe..10f450dd 100644 --- a/openssl/src/lib.rs +++ b/openssl/src/lib.rs @@ -32,6 +32,7 @@ pub mod nid; pub mod ssl; pub mod version; pub mod x509; +mod opaque; pub fn cvt_p(r: *mut T) -> Result<*mut T, ErrorStack> { if r.is_null() { diff --git a/openssl/src/opaque.rs b/openssl/src/opaque.rs new file mode 100644 index 00000000..9545471c --- /dev/null +++ b/openssl/src/opaque.rs @@ -0,0 +1,6 @@ +use std::cell::UnsafeCell; + +/// This is intended to be used as the inner type for types designed to be pointed to by references +/// converted from raw C pointers. It has an `UnsafeCell` internally to inform the compiler about +/// aliasability and doesn't implement `Copy`, so it can't be dereferenced. +pub struct Opaque(UnsafeCell<()>); diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 7f891231..51c1ab29 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -18,9 +18,10 @@ use bio::{MemBio, MemBioSlice}; use crypto::hash::MessageDigest; use crypto::pkey::PKey; use crypto::rand::rand_bytes; +use error::ErrorStack; use ffi; use nid::Nid; -use error::ErrorStack; +use opaque::Opaque; #[cfg(ossl10x)] use ffi::{ @@ -401,9 +402,11 @@ impl<'a> X509Ref<'a> { self.0 } - pub fn subject_name<'b>(&'b self) -> X509Name<'b> { - let name = unsafe { ffi::X509_get_subject_name(self.0) }; - X509Name(name, PhantomData) + pub fn subject_name(&self) -> &X509NameRef { + unsafe { + let name = ffi::X509_get_subject_name(self.0); + X509NameRef::from_ptr(name) + } } /// Returns this certificate's SAN entries, if they exist. @@ -534,17 +537,25 @@ impl Drop for X509 { } } -pub struct X509Name<'x>(*mut ffi::X509_NAME, PhantomData<&'x ()>); +pub struct X509NameRef(Opaque); + +impl X509NameRef { + pub unsafe fn from_ptr<'a>(ptr: *mut ffi::X509_NAME) -> &'a X509NameRef { + &*(ptr as *mut _) + } + + pub fn as_ptr(&self) -> *mut ffi::X509_NAME { + self as *const _ as *mut _ + } -impl<'x> X509Name<'x> { pub fn text_by_nid(&self, nid: Nid) -> Option { unsafe { - let loc = ffi::X509_NAME_get_index_by_NID(self.0, nid as c_int, -1); + let loc = ffi::X509_NAME_get_index_by_NID(self.as_ptr(), nid as c_int, -1); if loc == -1 { return None; } - let ne = ffi::X509_NAME_get_entry(self.0, loc); + let ne = ffi::X509_NAME_get_entry(self.as_ptr(), loc); if ne.is_null() { return None; } From 23fc6c828bdfc7322d6e4c9a0ac8b4047f69df0f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 17:01:13 -0700 Subject: [PATCH 2/9] Convert X509Ref --- openssl/src/x509/mod.rs | 44 +++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 51c1ab29..99710fc4 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -107,7 +107,7 @@ impl X509StoreContext { } } - pub fn current_cert<'a>(&'a self) -> Option> { + pub fn current_cert<'a>(&'a self) -> Option<&'a X509Ref> { unsafe { let ptr = ffi::X509_STORE_CTX_get_current_cert(self.ctx); if ptr.is_null() { @@ -390,21 +390,21 @@ impl X509Generator { } /// A borrowed public key certificate. -pub struct X509Ref<'a>(*mut ffi::X509, PhantomData<&'a ()>); +pub struct X509Ref(Opaque); -impl<'a> X509Ref<'a> { +impl X509Ref { /// Creates a new `X509Ref` wrapping the provided handle. - pub unsafe fn from_ptr(x509: *mut ffi::X509) -> X509Ref<'a> { - X509Ref(x509, PhantomData) + pub unsafe fn from_ptr<'a>(x509: *mut ffi::X509) -> &'a X509Ref { + &*(x509 as *mut _) } pub fn as_ptr(&self) -> *mut ffi::X509 { - self.0 + self as *const _ as *mut _ } pub fn subject_name(&self) -> &X509NameRef { unsafe { - let name = ffi::X509_get_subject_name(self.0); + let name = ffi::X509_get_subject_name(self.as_ptr()); X509NameRef::from_ptr(name) } } @@ -412,7 +412,7 @@ impl<'a> X509Ref<'a> { /// Returns this certificate's SAN entries, if they exist. pub fn subject_alt_names(&self) -> Option { unsafe { - let stack = ffi::X509_get_ext_d2i(self.0, + let stack = ffi::X509_get_ext_d2i(self.as_ptr(), Nid::SubjectAltName as c_int, ptr::null_mut(), ptr::null_mut()); @@ -428,7 +428,7 @@ impl<'a> X509Ref<'a> { pub fn public_key(&self) -> Result { unsafe { - let pkey = try!(cvt_p(ffi::X509_get_pubkey(self.0))); + let pkey = try!(cvt_p(ffi::X509_get_pubkey(self.as_ptr()))); Ok(PKey::from_ptr(pkey)) } } @@ -439,25 +439,25 @@ impl<'a> X509Ref<'a> { let evp = hash_type.as_ptr(); let mut len = ffi::EVP_MAX_MD_SIZE; let mut buf = vec![0u8; len as usize]; - try!(cvt(ffi::X509_digest(self.0, evp, buf.as_mut_ptr() as *mut _, &mut len))); + try!(cvt(ffi::X509_digest(self.as_ptr(), evp, buf.as_mut_ptr() as *mut _, &mut len))); buf.truncate(len as usize); Ok(buf) } } /// Returns certificate Not After validity period. - pub fn not_after<'b>(&'b self) -> Asn1TimeRef<'b> { + pub fn not_after<'a>(&'a self) -> Asn1TimeRef<'a> { unsafe { - let date = compat::X509_get_notAfter(self.0); + let date = compat::X509_get_notAfter(self.as_ptr()); assert!(!date.is_null()); Asn1TimeRef::from_ptr(date) } } /// Returns certificate Not Before validity period. - pub fn not_before<'b>(&'b self) -> Asn1TimeRef<'b> { + pub fn not_before<'a>(&'a self) -> Asn1TimeRef<'a> { unsafe { - let date = compat::X509_get_notBefore(self.0); + let date = compat::X509_get_notBefore(self.as_ptr()); assert!(!date.is_null()); Asn1TimeRef::from_ptr(date) } @@ -467,7 +467,7 @@ impl<'a> X509Ref<'a> { pub fn to_pem(&self) -> Result, ErrorStack> { let mem_bio = try!(MemBio::new()); unsafe { - try!(cvt(ffi::PEM_write_bio_X509(mem_bio.as_ptr(), self.0))); + try!(cvt(ffi::PEM_write_bio_X509(mem_bio.as_ptr(), self.as_ptr()))); } Ok(mem_bio.get_buf().to_owned()) } @@ -476,19 +476,19 @@ impl<'a> X509Ref<'a> { pub fn to_der(&self) -> Result, ErrorStack> { let mem_bio = try!(MemBio::new()); unsafe { - ffi::i2d_X509_bio(mem_bio.as_ptr(), self.0); + ffi::i2d_X509_bio(mem_bio.as_ptr(), self.as_ptr()); } Ok(mem_bio.get_buf().to_owned()) } } /// An owned public key certificate. -pub struct X509(X509Ref<'static>); +pub struct X509(*mut ffi::X509); impl X509 { /// Returns a new `X509`, taking ownership of the handle. pub unsafe fn from_ptr(x509: *mut ffi::X509) -> X509 { - X509(X509Ref::from_ptr(x509)) + X509(x509) } /// Reads a certificate from DER. @@ -515,10 +515,12 @@ impl X509 { } impl Deref for X509 { - type Target = X509Ref<'static>; + type Target = X509Ref; - fn deref(&self) -> &X509Ref<'static> { - &self.0 + fn deref(&self) -> &X509Ref { + unsafe { + X509Ref::from_ptr(self.0) + } } } From b7017a7eecf57aa6f1ab18ea1da771bafcab2ea9 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 17:13:30 -0700 Subject: [PATCH 3/9] Update Asn1TimeRef --- openssl/src/asn1.rs | 67 ++++++++++++++++++++++------------------- openssl/src/x509/mod.rs | 4 +-- 2 files changed, 38 insertions(+), 33 deletions(-) diff --git a/openssl/src/asn1.rs b/openssl/src/asn1.rs index 91f920a3..7e7cb3df 100644 --- a/openssl/src/asn1.rs +++ b/openssl/src/asn1.rs @@ -2,19 +2,48 @@ use libc::c_long; use std::{ptr, fmt}; use std::marker::PhantomData; use std::ops::Deref; + use ffi; +use opaque::Opaque; use {cvt, cvt_p}; use bio::MemBio; use error::ErrorStack; +/// A borrowed Asn1Time +pub struct Asn1TimeRef(Opaque); + +impl Asn1TimeRef { + /// Creates a new `Asn1TimeRef` wrapping the provided handle. + pub unsafe fn from_ptr<'a>(handle: *mut ffi::ASN1_TIME) -> &'a Asn1TimeRef { + &*(handle as *mut _) + } + + /// Returns the raw handle + pub fn as_ptr(&self) -> *mut ffi::ASN1_TIME { + self as *const _ as *mut _ + } +} + +impl fmt::Display for Asn1TimeRef { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + let mem_bio = try!(MemBio::new()); + let as_str = unsafe { + try!(cvt(ffi::ASN1_TIME_print(mem_bio.as_ptr(), self.as_ptr()))); + String::from_utf8_unchecked(mem_bio.get_buf().to_owned()) + }; + write!(f, "{}", as_str) + } +} + + /// Corresponds to the ASN.1 structure Time defined in RFC5280 -pub struct Asn1Time(Asn1TimeRef<'static>); +pub struct Asn1Time(*mut ffi::ASN1_TIME); impl Asn1Time { /// Wraps existing ASN1_TIME and takes ownership pub unsafe fn from_ptr(handle: *mut ffi::ASN1_TIME) -> Asn1Time { - Asn1Time(Asn1TimeRef::from_ptr(handle)) + Asn1Time(handle) } fn from_period(period: c_long) -> Result { @@ -33,36 +62,12 @@ impl Asn1Time { } impl Deref for Asn1Time { - type Target = Asn1TimeRef<'static>; + type Target = Asn1TimeRef; - fn deref(&self) -> &Asn1TimeRef<'static> { - &self.0 - } -} - -/// A borrowed Asn1Time -pub struct Asn1TimeRef<'a>(*mut ffi::ASN1_TIME, PhantomData<&'a ()>); - -impl<'a> Asn1TimeRef<'a> { - /// Creates a new `Asn1TimeRef` wrapping the provided handle. - pub unsafe fn from_ptr(handle: *mut ffi::ASN1_TIME) -> Asn1TimeRef<'a> { - Asn1TimeRef(handle, PhantomData) - } - - /// Returns the raw handle - pub fn as_ptr(&self) -> *mut ffi::ASN1_TIME { - self.0 - } -} - -impl<'a> fmt::Display for Asn1TimeRef<'a> { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - let mem_bio = try!(MemBio::new()); - let as_str = unsafe { - try!(cvt(ffi::ASN1_TIME_print(mem_bio.as_ptr(), self.0))); - String::from_utf8_unchecked(mem_bio.get_buf().to_owned()) - }; - write!(f, "{}", as_str) + fn deref(&self) -> &Asn1TimeRef { + unsafe { + Asn1TimeRef::from_ptr(self.0) + } } } diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 99710fc4..9c91bfc1 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -446,7 +446,7 @@ impl X509Ref { } /// Returns certificate Not After validity period. - pub fn not_after<'a>(&'a self) -> Asn1TimeRef<'a> { + pub fn not_after<'a>(&'a self) -> &'a Asn1TimeRef { unsafe { let date = compat::X509_get_notAfter(self.as_ptr()); assert!(!date.is_null()); @@ -455,7 +455,7 @@ impl X509Ref { } /// Returns certificate Not Before validity period. - pub fn not_before<'a>(&'a self) -> Asn1TimeRef<'a> { + pub fn not_before<'a>(&'a self) -> &'a Asn1TimeRef { unsafe { let date = compat::X509_get_notBefore(self.as_ptr()); assert!(!date.is_null()); From fe98a90719802d1503637f081c7b2a13f909483e Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 19:15:09 -0700 Subject: [PATCH 4/9] Convert SslContextRef --- openssl/src/asn1.rs | 1 - openssl/src/ssl/mod.rs | 37 +++++++++++++++++++++++-------------- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/openssl/src/asn1.rs b/openssl/src/asn1.rs index 7e7cb3df..e9c58e76 100644 --- a/openssl/src/asn1.rs +++ b/openssl/src/asn1.rs @@ -1,6 +1,5 @@ use libc::c_long; use std::{ptr, fmt}; -use std::marker::PhantomData; use std::ops::Deref; use ffi; diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 83c7b7a1..5218ac64 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -26,6 +26,7 @@ use x509::{X509StoreContext, X509FileType, X509, X509Ref, X509VerifyError}; use x509::verify::X509VerifyParamRef; use crypto::pkey::PKey; use error::ErrorStack; +use opaque::Opaque; pub mod error; mod bio; @@ -335,15 +336,19 @@ pub enum SniError { } /// A borrowed SSL context object. -pub struct SslContextRef<'a>(*mut ffi::SSL_CTX, PhantomData<&'a ()>); +pub struct SslContextRef(Opaque); -impl<'a> SslContextRef<'a> { - pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextRef<'a> { - SslContextRef(ctx, PhantomData) +impl SslContextRef { + pub unsafe fn from_ptr<'a>(ctx: *mut ffi::SSL_CTX) -> &'a SslContextRef { + &*(ctx as *mut _) + } + + pub unsafe fn from_ptr_mut<'a>(ctx: *mut ffi::SSL_CTX) -> &'a mut SslContextRef { + &mut *(ctx as *mut _) } pub fn as_ptr(&self) -> *mut ffi::SSL_CTX { - self.0 + self as *const _ as *mut _ } /// Configures the certificate verification method for new connections. @@ -626,7 +631,7 @@ impl<'a> SslContextRef<'a> { } /// An owned SSL context object. -pub struct SslContext(SslContextRef<'static>); +pub struct SslContext(*mut ffi::SSL_CTX); unsafe impl Send for SslContext {} unsafe impl Sync for SslContext {} @@ -654,16 +659,20 @@ impl Drop for SslContext { } impl Deref for SslContext { - type Target = SslContextRef<'static>; + type Target = SslContextRef; - fn deref(&self) -> &SslContextRef<'static> { - &self.0 + fn deref(&self) -> &SslContextRef { + unsafe { + SslContextRef::from_ptr(self.0) + } } } impl DerefMut for SslContext { - fn deref_mut(&mut self) -> &mut SslContextRef<'static> { - &mut self.0 + fn deref_mut(&mut self) -> &mut SslContextRef { + unsafe { + SslContextRef::from_ptr_mut(self.0) + } } } @@ -683,11 +692,11 @@ impl SslContext { } pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContext { - SslContext(SslContextRef::from_ptr(ctx)) + SslContext(ctx) } pub fn as_ptr(&self) -> *mut ffi::SSL_CTX { - (**self).as_ptr() + self.0 } } @@ -982,7 +991,7 @@ impl<'a> SslRef<'a> { } /// Returns the context corresponding to the current connection - pub fn ssl_context(&self) -> SslContextRef<'a> { + pub fn ssl_context(&self) -> &SslContextRef { unsafe { let ssl_ctx = ffi::SSL_get_SSL_CTX(self.as_ptr()); SslContextRef::from_ptr(ssl_ctx) From 2bbeddd14a8050d4e03c08ffe60707a3ae21d5e0 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 19:33:56 -0700 Subject: [PATCH 5/9] Convert SslRef --- openssl/src/ssl/mod.rs | 48 +++++++++++++++++++++--------------- openssl/src/ssl/tests/mod.rs | 2 +- 2 files changed, 29 insertions(+), 21 deletions(-) diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 5218ac64..ce36b97d 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -211,9 +211,9 @@ extern fn raw_sni(ssl: *mut ffi::SSL, al: *mut c_int, _arg: *mut c_void) -> c let ssl_ctx = ffi::SSL_get_SSL_CTX(ssl); let callback = ffi::SSL_CTX_get_ex_data(ssl_ctx, get_verify_data_idx::()); let callback: &F = &*(callback as *mut F); - let mut ssl = SslRef::from_ptr(ssl); + let ssl = SslRef::from_ptr_mut(ssl); - match callback(&mut ssl) { + match callback(ssl) { Ok(()) => ffi::SSL_TLSEXT_ERR_OK, Err(SniError::Fatal(e)) => { *al = e; @@ -763,12 +763,12 @@ impl<'a> SslCipher<'a> { } } -pub struct SslRef<'a>(*mut ffi::SSL, PhantomData<&'a ()>); +pub struct SslRef(Opaque); -unsafe impl<'a> Send for SslRef<'a> {} -unsafe impl<'a> Sync for SslRef<'a> {} +unsafe impl Send for SslRef {} +unsafe impl Sync for SslRef {} -impl<'a> fmt::Debug for SslRef<'a> { +impl fmt::Debug for SslRef { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { let mut builder = fmt.debug_struct("SslRef"); builder.field("state", &self.state_string_long()); @@ -779,13 +779,17 @@ impl<'a> fmt::Debug for SslRef<'a> { } } -impl<'a> SslRef<'a> { - pub unsafe fn from_ptr(ssl: *mut ffi::SSL) -> SslRef<'a> { - SslRef(ssl, PhantomData) +impl SslRef { + pub unsafe fn from_ptr<'a>(ssl: *mut ffi::SSL) -> &'a SslRef { + &*(ssl as *mut _) + } + + pub unsafe fn from_ptr_mut<'a>(ssl: *mut ffi::SSL) -> &'a mut SslRef { + &mut *(ssl as *mut _) } pub fn as_ptr(&self) -> *mut ffi::SSL { - self.0 + self as *const _ as *mut _ } fn get_raw_rbio(&self) -> *mut ffi::BIO { @@ -832,7 +836,7 @@ impl<'a> SslRef<'a> { } } - pub fn current_cipher(&self) -> Option> { + pub fn current_cipher<'a>(&'a self) -> Option> { unsafe { let ptr = ffi::SSL_get_current_cipher(self.as_ptr()); @@ -1002,7 +1006,7 @@ impl<'a> SslRef<'a> { /// /// Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0. #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] - pub fn param(&mut self) -> X509VerifyParamRef<'a> { + pub fn param<'a>(&'a mut self) -> X509VerifyParamRef<'a> { unsafe { X509VerifyParamRef::from_ptr(ffi::SSL_get0_param(self.as_ptr())) } @@ -1011,12 +1015,12 @@ impl<'a> SslRef<'a> { /// Returns the result of X509 certificate verification. pub fn verify_result(&self) -> Option { unsafe { - X509VerifyError::from_raw(ffi::SSL_get_verify_result(self.0)) + X509VerifyError::from_raw(ffi::SSL_get_verify_result(self.as_ptr())) } } } -pub struct Ssl(SslRef<'static>); +pub struct Ssl(*mut ffi::SSL); impl fmt::Debug for Ssl { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { @@ -1036,16 +1040,20 @@ impl Drop for Ssl { } impl Deref for Ssl { - type Target = SslRef<'static>; + type Target = SslRef; - fn deref(&self) -> &SslRef<'static> { - &self.0 + fn deref(&self) -> &SslRef { + unsafe { + SslRef::from_ptr(self.0) + } } } impl DerefMut for Ssl { - fn deref_mut(&mut self) -> &mut SslRef<'static> { - &mut self.0 + fn deref_mut(&mut self) -> &mut SslRef { + unsafe { + SslRef::from_ptr_mut(self.0) + } } } @@ -1058,7 +1066,7 @@ impl Ssl { } pub unsafe fn from_ptr(ssl: *mut ffi::SSL) -> Ssl { - Ssl(SslRef::from_ptr(ssl)) + Ssl(ssl) } /// Creates an SSL/TLS client operating over the provided stream. diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs index 94cea935..b255d01d 100644 --- a/openssl/src/ssl/tests/mod.rs +++ b/openssl/src/ssl/tests/mod.rs @@ -479,7 +479,7 @@ fn test_pending() { fn test_state() { let (_s, tcp) = Server::new(); let ctx = SslContext::new(SslMethod::tls()).unwrap(); - let mut stream = Ssl::new(&ctx).unwrap().connect(tcp).unwrap(); + let stream = Ssl::new(&ctx).unwrap().connect(tcp).unwrap(); assert_eq!(stream.ssl().state_string(), "SSLOK "); assert_eq!(stream.ssl().state_string_long(), "SSL negotiation finished successfully"); From fcb86b839456a2f925a663d55f95b75db6f36721 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 19:45:46 -0700 Subject: [PATCH 6/9] Convert SslCipherRef --- openssl/src/ssl/mod.rs | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index ce36b97d..fbb03104 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -709,16 +709,21 @@ pub struct CipherBits { pub algorithm: i32, } -pub struct SslCipher<'a> { - cipher: *const ffi::SSL_CIPHER, - ph: PhantomData<&'a ()>, -} +pub struct SslCipherRef(Opaque); + +impl SslCipherRef { + pub unsafe fn from_ptr<'a>(ptr: *const ffi::SSL_CIPHER) -> &'a SslCipherRef { + &*(ptr as *const _) + } + + pub fn as_ptr(&self) -> *const ffi::SSL_CIPHER { + self as *const _ as *const _ + } -impl<'a> SslCipher<'a> { /// Returns the name of cipher. pub fn name(&self) -> &'static str { let name = unsafe { - let ptr = ffi::SSL_CIPHER_get_name(self.cipher); + let ptr = ffi::SSL_CIPHER_get_name(self.as_ptr()); CStr::from_ptr(ptr as *const _) }; @@ -728,7 +733,7 @@ impl<'a> SslCipher<'a> { /// Returns the SSL/TLS protocol version that first defined the cipher. pub fn version(&self) -> &'static str { let version = unsafe { - let ptr = ffi::SSL_CIPHER_get_version(self.cipher); + let ptr = ffi::SSL_CIPHER_get_version(self.as_ptr()); CStr::from_ptr(ptr as *const _) }; @@ -739,7 +744,7 @@ impl<'a> SslCipher<'a> { pub fn bits(&self) -> CipherBits { unsafe { let mut algo_bits = 0; - let secret_bits = ffi::SSL_CIPHER_get_bits(self.cipher, &mut algo_bits); + let secret_bits = ffi::SSL_CIPHER_get_bits(self.as_ptr(), &mut algo_bits); CipherBits { secret: secret_bits.into(), algorithm: algo_bits.into(), @@ -752,7 +757,7 @@ impl<'a> SslCipher<'a> { unsafe { // SSL_CIPHER_description requires a buffer of at least 128 bytes. let mut buf = [0; 128]; - let desc_ptr = ffi::SSL_CIPHER_description(self.cipher, buf.as_mut_ptr(), 128); + let desc_ptr = ffi::SSL_CIPHER_description(self.as_ptr(), buf.as_mut_ptr(), 128); if !desc_ptr.is_null() { String::from_utf8(CStr::from_ptr(desc_ptr as *const _).to_bytes().to_vec()).ok() @@ -836,17 +841,14 @@ impl SslRef { } } - pub fn current_cipher<'a>(&'a self) -> Option> { + pub fn current_cipher(&self) -> Option<&SslCipherRef> { unsafe { let ptr = ffi::SSL_get_current_cipher(self.as_ptr()); if ptr.is_null() { None } else { - Some(SslCipher { - cipher: ptr, - ph: PhantomData, - }) + Some(SslCipherRef::from_ptr(ptr)) } } } From f0cde389290d7ec20a9650a09096b742c6b9aa1f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 19:54:30 -0700 Subject: [PATCH 7/9] Borrowed servername --- openssl/src/ssl/mod.rs | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index fbb03104..d03b495f 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -980,13 +980,15 @@ impl SslRef { } /// Returns the server's name for the current connection - pub fn servername(&self) -> Option { - let name = unsafe { ffi::SSL_get_servername(self.as_ptr(), ffi::TLSEXT_NAMETYPE_host_name) }; - if name == ptr::null() { - return None; - } + pub fn servername(&self) -> Option<&str> { + unsafe { + let name = ffi::SSL_get_servername(self.as_ptr(), ffi::TLSEXT_NAMETYPE_host_name); + if name == ptr::null() { + return None; + } - unsafe { String::from_utf8(CStr::from_ptr(name as *const _).to_bytes().to_vec()).ok() } + Some(str::from_utf8(CStr::from_ptr(name as *const _).to_bytes()).unwrap()) + } } /// Changes the context corresponding to the current connection. From 02b4385c5d18534d7b02a3ebc3323b662251c36e Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 19:58:06 -0700 Subject: [PATCH 8/9] Convert X509VerifyParamRef --- openssl/src/ssl/mod.rs | 4 ++-- openssl/src/ssl/tests/mod.rs | 8 ++++---- openssl/src/x509/verify.rs | 17 +++++++++++------ 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index d03b495f..26cafa9a 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -1010,9 +1010,9 @@ impl SslRef { /// /// Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0. #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] - pub fn param<'a>(&'a mut self) -> X509VerifyParamRef<'a> { + pub fn param_mut(&mut self) -> &mut X509VerifyParamRef { unsafe { - X509VerifyParamRef::from_ptr(ffi::SSL_get0_param(self.as_ptr())) + X509VerifyParamRef::from_ptr_mut(ffi::SSL_get0_param(self.as_ptr())) } } diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs index b255d01d..684f77ac 100644 --- a/openssl/src/ssl/tests/mod.rs +++ b/openssl/src/ssl/tests/mod.rs @@ -1053,8 +1053,8 @@ fn valid_hostname() { ctx.set_verify(SSL_VERIFY_PEER); let mut ssl = Ssl::new(&ctx).unwrap(); - ssl.param().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); - ssl.param().set_host("google.com").unwrap(); + ssl.param_mut().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + ssl.param_mut().set_host("google.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); let mut socket = ssl.connect(s).unwrap(); @@ -1077,8 +1077,8 @@ fn invalid_hostname() { ctx.set_verify(SSL_VERIFY_PEER); let mut ssl = Ssl::new(&ctx).unwrap(); - ssl.param().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); - ssl.param().set_host("foobar.com").unwrap(); + ssl.param_mut().set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + ssl.param_mut().set_host("foobar.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); assert!(ssl.connect(s).is_err()); diff --git a/openssl/src/x509/verify.rs b/openssl/src/x509/verify.rs index be8d3d7e..11c65dca 100644 --- a/openssl/src/x509/verify.rs +++ b/openssl/src/x509/verify.rs @@ -8,6 +8,7 @@ use ffi; use cvt; use error::ErrorStack; +use opaque::Opaque; bitflags! { pub flags X509CheckFlags: c_uint { @@ -23,22 +24,26 @@ bitflags! { } } -pub struct X509VerifyParamRef<'a>(*mut ffi::X509_VERIFY_PARAM, PhantomData<&'a mut ()>); +pub struct X509VerifyParamRef(Opaque); -impl<'a> X509VerifyParamRef<'a> { - pub unsafe fn from_ptr(ptr: *mut ffi::X509_VERIFY_PARAM) -> X509VerifyParamRef<'a> { - X509VerifyParamRef(ptr, PhantomData) +impl X509VerifyParamRef { + pub unsafe fn from_ptr_mut<'a>(ptr: *mut ffi::X509_VERIFY_PARAM) -> &'a mut X509VerifyParamRef { + &mut *(ptr as *mut _) + } + + pub fn as_ptr(&self) -> *mut ffi::X509_VERIFY_PARAM { + self as *const _ as *mut _ } pub fn set_hostflags(&mut self, hostflags: X509CheckFlags) { unsafe { - ffi::X509_VERIFY_PARAM_set_hostflags(self.0, hostflags.bits); + ffi::X509_VERIFY_PARAM_set_hostflags(self.as_ptr(), hostflags.bits); } } pub fn set_host(&mut self, host: &str) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::X509_VERIFY_PARAM_set1_host(self.0, + cvt(ffi::X509_VERIFY_PARAM_set1_host(self.as_ptr(), host.as_ptr() as *const _, host.len())) .map(|_| ()) From 6f1a3f2834b45a546edd0a3e736b498599c996bb Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 21 Oct 2016 20:26:53 -0700 Subject: [PATCH 9/9] Update BigNumRef --- openssl/src/bn.rs | 174 +++++++++++++++++++------------------ openssl/src/crypto/dsa.rs | 6 +- openssl/src/crypto/rsa.rs | 10 +-- openssl/src/x509/verify.rs | 1 - 4 files changed, 97 insertions(+), 94 deletions(-) diff --git a/openssl/src/bn.rs b/openssl/src/bn.rs index 512c58d3..700367bd 100644 --- a/openssl/src/bn.rs +++ b/openssl/src/bn.rs @@ -3,11 +3,11 @@ use libc::{c_int, c_void}; use std::cmp::Ordering; use std::ffi::{CStr, CString}; use std::{fmt, ptr}; -use std::marker::PhantomData; use std::ops::{Add, Div, Mul, Neg, Rem, Shl, Shr, Sub, Deref, DerefMut}; use {cvt, cvt_p, cvt_n}; use error::ErrorStack; +use opaque::Opaque; /// Specifies the desired properties of a randomly generated `BigNum`. #[derive(Copy, Clone)] @@ -41,6 +41,10 @@ impl BnCtx { } } + pub fn as_ptr(&self) -> *mut ffi::BN_CTX { + self.0 + } + /// Places the result of `a * b` in `r`. pub fn mul(&mut self, r: &mut BigNumRef, @@ -48,7 +52,7 @@ impl BnCtx { b: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_mul(r.0, a.0, b.0, self.0)).map(|_| ()) + cvt(ffi::BN_mul(r.as_ptr(), a.as_ptr(), b.as_ptr(), self.as_ptr())).map(|_| ()) } } @@ -60,11 +64,11 @@ impl BnCtx { b: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_div(dv.map(|b| b.0).unwrap_or(ptr::null_mut()), - rem.map(|b| b.0).unwrap_or(ptr::null_mut()), - a.0, - b.0, - self.0)) + cvt(ffi::BN_div(dv.map(|b| b.as_ptr()).unwrap_or(ptr::null_mut()), + rem.map(|b| b.as_ptr()).unwrap_or(ptr::null_mut()), + a.as_ptr(), + b.as_ptr(), + self.as_ptr())) .map(|_| ()) } } @@ -72,7 +76,7 @@ impl BnCtx { /// Places the result of `a²` in `r`. pub fn sqr(&mut self, r: &mut BigNumRef, a: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_sqr(r.as_ptr(), a.as_ptr(), self.0)).map(|_| ()) + cvt(ffi::BN_sqr(r.as_ptr(), a.as_ptr(), self.as_ptr())).map(|_| ()) } } @@ -159,7 +163,7 @@ impl BnCtx { a: &BigNumRef, n: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt_p(ffi::BN_mod_inverse(r.0, a.0, n.0, self.0)).map(|_| ()) + cvt_p(ffi::BN_mod_inverse(r.as_ptr(), a.as_ptr(), n.as_ptr(), self.as_ptr())).map(|_| ()) } } @@ -169,7 +173,7 @@ impl BnCtx { a: &BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_gcd(r.0, a.0, b.0, self.0)).map(|_| ()) + cvt(ffi::BN_gcd(r.as_ptr(), a.as_ptr(), b.as_ptr(), self.as_ptr())).map(|_| ()) } } @@ -180,7 +184,7 @@ impl BnCtx { /// Returns `true` if `p` is prime with an error probability of less than `0.25 ^ checks`. pub fn is_prime(&mut self, p: &BigNumRef, checks: i32) -> Result { unsafe { - cvt_n(ffi::BN_is_prime_ex(p.0, checks.into(), self.0, ptr::null_mut())).map(|r| r != 0) + cvt_n(ffi::BN_is_prime_ex(p.as_ptr(), checks.into(), self.as_ptr(), ptr::null_mut())).map(|r| r != 0) } } @@ -198,9 +202,9 @@ impl BnCtx { checks: i32, do_trial_division: bool) -> Result { unsafe { - cvt_n(ffi::BN_is_prime_fasttest_ex(p.0, + cvt_n(ffi::BN_is_prime_fasttest_ex(p.as_ptr(), checks.into(), - self.0, + self.as_ptr(), do_trial_division as c_int, ptr::null_mut())) .map(|r| r != 0) @@ -220,7 +224,7 @@ impl BnCtx { odd: bool) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_rand(r.0, bits.into(), prop as c_int, odd as c_int)).map(|_| ()) + cvt(ffi::BN_rand(r.as_ptr(), bits.into(), prop as c_int, odd as c_int)).map(|_| ()) } } @@ -231,45 +235,52 @@ impl BnCtx { odd: bool) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_pseudo_rand(r.0, bits.into(), prop as c_int, odd as c_int)).map(|_| ()) + cvt(ffi::BN_pseudo_rand(r.as_ptr(), bits.into(), prop as c_int, odd as c_int)).map(|_| ()) } } } /// A borrowed, signed, arbitrary-precision integer. -#[derive(Copy, Clone)] -pub struct BigNumRef<'a>(*mut ffi::BIGNUM, PhantomData<&'a ()>); +pub struct BigNumRef(Opaque); -impl<'a> BigNumRef<'a> { - pub unsafe fn from_ptr(handle: *mut ffi::BIGNUM) -> BigNumRef<'a> { - BigNumRef(handle, PhantomData) +impl BigNumRef { + pub unsafe fn from_ptr<'a>(handle: *mut ffi::BIGNUM) -> &'a BigNumRef { + &*(handle as *mut _) + } + + pub unsafe fn from_ptr_mut<'a>(handle: *mut ffi::BIGNUM) -> &'a mut BigNumRef { + &mut *(handle as *mut _) + } + + pub fn as_ptr(&self) -> *mut ffi::BIGNUM { + self as *const _ as *mut _ } /// Adds a `u32` to `self`. pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_add_word(self.0, w as ffi::BN_ULONG)).map(|_| ()) + cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } } /// Subtracts a `u32` from `self`. pub fn sub_word(&mut self, w: u32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_sub_word(self.0, w as ffi::BN_ULONG)).map(|_| ()) + cvt(ffi::BN_sub_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } } /// Multiplies a `u32` by `self`. pub fn mul_word(&mut self, w: u32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_mul_word(self.0, w as ffi::BN_ULONG)).map(|_| ()) + cvt(ffi::BN_mul_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } } /// Divides `self` by a `u32`, returning the remainder. pub fn div_word(&mut self, w: u32) -> Result { unsafe { - let r = ffi::BN_div_word(self.0, w.into()); + let r = ffi::BN_div_word(self.as_ptr(), w.into()); if r == ffi::BN_ULONG::max_value() { Err(ErrorStack::get()) } else { @@ -281,7 +292,7 @@ impl<'a> BigNumRef<'a> { /// Returns the result of `self` modulo `w`. pub fn mod_word(&self, w: u32) -> Result { unsafe { - let r = ffi::BN_mod_word(self.0, w.into()); + let r = ffi::BN_mod_word(self.as_ptr(), w.into()); if r == ffi::BN_ULONG::max_value() { Err(ErrorStack::get()) } else { @@ -294,14 +305,14 @@ impl<'a> BigNumRef<'a> { /// number less than `self` in `rnd`. pub fn rand_in_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_rand_range(self.0, rnd.0)).map(|_| ()) + cvt(ffi::BN_rand_range(self.as_ptr(), rnd.as_ptr())).map(|_| ()) } } /// The cryptographically weak counterpart to `rand_in_range`. pub fn pseudo_rand_in_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_pseudo_rand_range(self.0, rnd.0)).map(|_| ()) + cvt(ffi::BN_pseudo_rand_range(self.as_ptr(), rnd.as_ptr())).map(|_| ()) } } @@ -310,7 +321,7 @@ impl<'a> BigNumRef<'a> { /// When setting a bit outside of `self`, it is expanded. pub fn set_bit(&mut self, n: i32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_set_bit(self.0, n.into())).map(|_| ()) + cvt(ffi::BN_set_bit(self.as_ptr(), n.into())).map(|_| ()) } } @@ -319,14 +330,14 @@ impl<'a> BigNumRef<'a> { /// When clearing a bit outside of `self`, an error is returned. pub fn clear_bit(&mut self, n: i32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_clear_bit(self.0, n.into())).map(|_| ()) + cvt(ffi::BN_clear_bit(self.as_ptr(), n.into())).map(|_| ()) } } /// Returns `true` if the `n`th bit of `self` is set to 1, `false` otherwise. pub fn is_bit_set(&self, n: i32) -> bool { unsafe { - ffi::BN_is_bit_set(self.0, n.into()) == 1 + ffi::BN_is_bit_set(self.as_ptr(), n.into()) == 1 } } @@ -335,62 +346,62 @@ impl<'a> BigNumRef<'a> { /// An error occurs if `self` is already shorter than `n` bits. pub fn mask_bits(&mut self, n: i32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_mask_bits(self.0, n.into())).map(|_| ()) + cvt(ffi::BN_mask_bits(self.as_ptr(), n.into())).map(|_| ()) } } /// Places `self << 1` in `r`. pub fn lshift1(&self, r: &mut BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_lshift1(r.0, self.0)).map(|_| ()) + cvt(ffi::BN_lshift1(r.as_ptr(), self.as_ptr())).map(|_| ()) } } /// Places `self >> 1` in `r`. pub fn rshift1(&self, r: &mut BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_rshift1(r.0, self.0)).map(|_| ()) + cvt(ffi::BN_rshift1(r.as_ptr(), self.as_ptr())).map(|_| ()) } } /// Places `self + b` in `r`. pub fn add(&self, r: &mut BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_add(r.0, self.0, b.0)).map(|_| ()) + cvt(ffi::BN_add(r.as_ptr(), self.as_ptr(), b.as_ptr())).map(|_| ()) } } /// Places `self - b` in `r`. pub fn sub(&self, r: &mut BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_sub(r.0, self.0, b.0)).map(|_| ()) + cvt(ffi::BN_sub(r.as_ptr(), self.as_ptr(), b.as_ptr())).map(|_| ()) } } /// Places `self << n` in `r`. pub fn lshift(&self, r: &mut BigNumRef, b: i32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_lshift(r.0, self.0, b.into())).map(|_| ()) + cvt(ffi::BN_lshift(r.as_ptr(), self.as_ptr(), b.into())).map(|_| ()) } } /// Places `self >> n` in `r`. pub fn rshift(&self, r: &mut BigNumRef, n: i32) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_rshift(r.0, self.0, n.into())).map(|_| ()) + cvt(ffi::BN_rshift(r.as_ptr(), self.as_ptr(), n.into())).map(|_| ()) } } pub fn to_owned(&self) -> Result { unsafe { - cvt_p(ffi::BN_dup(self.0)).map(|b| BigNum::from_ptr(b)) + cvt_p(ffi::BN_dup(self.as_ptr())).map(|b| BigNum::from_ptr(b)) } } /// Sets the sign of `self`. pub fn set_negative(&mut self, negative: bool) { unsafe { - ffi::BN_set_negative(self.0, negative as c_int) + ffi::BN_set_negative(self.as_ptr(), negative as c_int) } } @@ -406,14 +417,7 @@ impl<'a> BigNumRef<'a> { /// ``` pub fn ucmp(&self, oth: &BigNumRef) -> Ordering { unsafe { - let res = ffi::BN_ucmp(self.as_ptr(), oth.as_ptr()); - if res < 0 { - Ordering::Less - } else if res > 0 { - Ordering::Greater - } else { - Ordering::Equal - } + ffi::BN_ucmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } } @@ -441,10 +445,6 @@ impl<'a> BigNumRef<'a> { (self.num_bits() + 7) / 8 } - pub fn as_ptr(&self) -> *mut ffi::BIGNUM { - self.0 - } - /// Returns a big-endian byte vector representation of the absolute value of `self`. /// /// `self` can be recreated by using `new_from_slice`. @@ -510,7 +510,7 @@ impl<'a> BigNumRef<'a> { /// Additionally, it implements the standard operators (`std::ops`), which /// perform unchecked arithmetic, unwrapping the returned `Result` of the /// checked operations. -pub struct BigNum(BigNumRef<'static>); +pub struct BigNum(*mut ffi::BIGNUM); impl BigNum { /// Creates a new `BigNum` with the value 0. @@ -550,7 +550,7 @@ impl BigNum { } pub unsafe fn from_ptr(handle: *mut ffi::BIGNUM) -> BigNum { - BigNum(BigNumRef::from_ptr(handle)) + BigNum(handle) } /// Creates a new `BigNum` from an unsigned, big-endian encoded number of arbitrary length. @@ -584,11 +584,11 @@ impl BigNum { rem: Option<&BigNumRef>) -> Result<(), ErrorStack> { unsafe { - cvt(ffi::BN_generate_prime_ex(r.0, + cvt(ffi::BN_generate_prime_ex(r.as_ptr(), bits as c_int, safe as c_int, - add.map(|n| n.0).unwrap_or(ptr::null_mut()), - rem.map(|n| n.0).unwrap_or(ptr::null_mut()), + add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), + rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), ptr::null_mut())) .map(|_| ()) } @@ -602,26 +602,30 @@ impl Drop for BigNum { } impl Deref for BigNum { - type Target = BigNumRef<'static>; + type Target = BigNumRef; - fn deref(&self) -> &BigNumRef<'static> { - &self.0 + fn deref(&self) -> &BigNumRef { + unsafe { + BigNumRef::from_ptr(self.0) + } } } impl DerefMut for BigNum { - fn deref_mut(&mut self) -> &mut BigNumRef<'static> { - &mut self.0 + fn deref_mut(&mut self) -> &mut BigNumRef { + unsafe { + BigNumRef::from_ptr_mut(self.0) + } } } -impl AsRef> for BigNum { - fn as_ref(&self) -> &BigNumRef<'static> { +impl AsRef for BigNum { + fn as_ref(&self) -> &BigNumRef { self.deref() } } -impl<'a> fmt::Debug for BigNumRef<'a> { +impl fmt::Debug for BigNumRef { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match self.to_dec_str() { Ok(s) => f.write_str(&s), @@ -639,7 +643,7 @@ impl fmt::Debug for BigNum { } } -impl<'a> fmt::Display for BigNumRef<'a> { +impl fmt::Display for BigNumRef { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match self.to_dec_str() { Ok(s) => f.write_str(&s), @@ -657,19 +661,19 @@ impl fmt::Display for BigNum { } } -impl<'a, 'b> PartialEq> for BigNumRef<'a> { +impl PartialEq for BigNumRef { fn eq(&self, oth: &BigNumRef) -> bool { self.cmp(oth) == Ordering::Equal } } -impl<'a> PartialEq for BigNumRef<'a> { +impl PartialEq for BigNumRef { fn eq(&self, oth: &BigNum) -> bool { self.eq(oth.deref()) } } -impl<'a> Eq for BigNumRef<'a> {} +impl Eq for BigNumRef {} impl PartialEq for BigNum { fn eq(&self, oth: &BigNum) -> bool { @@ -677,7 +681,7 @@ impl PartialEq for BigNum { } } -impl<'a> PartialEq> for BigNum { +impl PartialEq for BigNum { fn eq(&self, oth: &BigNumRef) -> bool { self.deref().eq(oth) } @@ -685,19 +689,19 @@ impl<'a> PartialEq> for BigNum { impl Eq for BigNum {} -impl<'a, 'b> PartialOrd> for BigNumRef<'a> { +impl PartialOrd for BigNumRef { fn partial_cmp(&self, oth: &BigNumRef) -> Option { Some(self.cmp(oth)) } } -impl<'a> PartialOrd for BigNumRef<'a> { +impl PartialOrd for BigNumRef { fn partial_cmp(&self, oth: &BigNum) -> Option { Some(self.cmp(oth.deref())) } } -impl<'a> Ord for BigNumRef<'a> { +impl Ord for BigNumRef { fn cmp(&self, oth: &BigNumRef) -> Ordering { unsafe { ffi::BN_cmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } } @@ -709,7 +713,7 @@ impl PartialOrd for BigNum { } } -impl<'a> PartialOrd> for BigNum { +impl PartialOrd for BigNum { fn partial_cmp(&self, oth: &BigNumRef) -> Option { self.deref().partial_cmp(oth) } @@ -723,7 +727,7 @@ impl Ord for BigNum { macro_rules! delegate { ($t:ident, $m:ident) => { - impl<'a, 'b> $t<&'b BigNum> for &'a BigNumRef<'a> { + impl<'a, 'b> $t<&'b BigNum> for &'a BigNumRef { type Output = BigNum; fn $m(self, oth: &BigNum) -> BigNum { @@ -731,7 +735,7 @@ macro_rules! delegate { } } - impl<'a, 'b> $t<&'b BigNumRef<'b>> for &'a BigNum { + impl<'a, 'b> $t<&'b BigNumRef> for &'a BigNum { type Output = BigNum; fn $m(self, oth: &BigNumRef) -> BigNum { @@ -749,7 +753,7 @@ macro_rules! delegate { } } -impl<'a, 'b> Add<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { +impl<'a, 'b> Add<&'b BigNumRef> for &'a BigNumRef { type Output = BigNum; fn add(self, oth: &BigNumRef) -> BigNum { @@ -761,7 +765,7 @@ impl<'a, 'b> Add<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { delegate!(Add, add); -impl<'a, 'b> Sub<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { +impl<'a, 'b> Sub<&'b BigNumRef> for &'a BigNumRef { type Output = BigNum; fn sub(self, oth: &BigNumRef) -> BigNum { @@ -773,7 +777,7 @@ impl<'a, 'b> Sub<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { delegate!(Sub, sub); -impl<'a, 'b> Mul<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { +impl<'a, 'b> Mul<&'b BigNumRef> for &'a BigNumRef { type Output = BigNum; fn mul(self, oth: &BigNumRef) -> BigNum { @@ -786,10 +790,10 @@ impl<'a, 'b> Mul<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { delegate!(Mul, mul); -impl<'a, 'b> Div<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { +impl<'a, 'b> Div<&'b BigNumRef> for &'a BigNumRef { type Output = BigNum; - fn div(self, oth: &'b BigNumRef<'b>) -> BigNum { + fn div(self, oth: &'b BigNumRef) -> BigNum { let mut ctx = BnCtx::new().unwrap(); let mut dv = BigNum::new().unwrap(); ctx.div(Some(&mut dv), None, self, oth).unwrap(); @@ -799,10 +803,10 @@ impl<'a, 'b> Div<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { delegate!(Div, div); -impl<'a, 'b> Rem<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { +impl<'a, 'b> Rem<&'b BigNumRef> for &'a BigNumRef { type Output = BigNum; - fn rem(self, oth: &'b BigNumRef<'b>) -> BigNum { + fn rem(self, oth: &'b BigNumRef) -> BigNum { let mut ctx = BnCtx::new().unwrap(); let mut rem = BigNum::new().unwrap(); ctx.div(None, Some(&mut rem), self, oth).unwrap(); @@ -812,7 +816,7 @@ impl<'a, 'b> Rem<&'b BigNumRef<'b>> for &'a BigNumRef<'a> { delegate!(Rem, rem); -impl<'a> Shl for &'a BigNumRef<'a> { +impl<'a> Shl for &'a BigNumRef { type Output = BigNum; fn shl(self, n: i32) -> BigNum { @@ -830,7 +834,7 @@ impl<'a> Shl for &'a BigNum { } } -impl<'a> Shr for &'a BigNumRef<'a> { +impl<'a> Shr for &'a BigNumRef { type Output = BigNum; fn shr(self, n: i32) -> BigNum { @@ -848,7 +852,7 @@ impl<'a> Shr for &'a BigNum { } } -impl<'a> Neg for &'a BigNumRef<'a> { +impl<'a> Neg for &'a BigNumRef { type Output = BigNum; fn neg(self) -> BigNum { diff --git a/openssl/src/crypto/dsa.rs b/openssl/src/crypto/dsa.rs index f9044661..f5b0f4e4 100644 --- a/openssl/src/crypto/dsa.rs +++ b/openssl/src/crypto/dsa.rs @@ -155,7 +155,7 @@ impl DSA { self.0 } - pub fn p<'a>(&'a self) -> Option> { + pub fn p(&self) -> Option<&BigNumRef> { unsafe { let p = compat::pqg(self.0)[0]; if p.is_null() { @@ -166,7 +166,7 @@ impl DSA { } } - pub fn q<'a>(&'a self) -> Option> { + pub fn q(&self) -> Option<&BigNumRef> { unsafe { let q = compat::pqg(self.0)[1]; if q.is_null() { @@ -177,7 +177,7 @@ impl DSA { } } - pub fn g<'a>(&'a self) -> Option> { + pub fn g(&self) -> Option<&BigNumRef> { unsafe { let g = compat::pqg(self.0)[2]; if g.is_null() { diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs index a6a4f2b7..1b9e0e76 100644 --- a/openssl/src/crypto/rsa.rs +++ b/openssl/src/crypto/rsa.rs @@ -267,7 +267,7 @@ impl RSA { self.0 } - pub fn n<'a>(&'a self) -> Option> { + pub fn n(&self) -> Option<&BigNumRef> { unsafe { let n = compat::key(self.0)[0]; if n.is_null() { @@ -278,7 +278,7 @@ impl RSA { } } - pub fn d<'a>(&self) -> Option> { + pub fn d(&self) -> Option<&BigNumRef> { unsafe { let d = compat::key(self.0)[2]; if d.is_null() { @@ -289,7 +289,7 @@ impl RSA { } } - pub fn e<'a>(&'a self) -> Option> { + pub fn e(&self) -> Option<&BigNumRef> { unsafe { let e = compat::key(self.0)[1]; if e.is_null() { @@ -300,7 +300,7 @@ impl RSA { } } - pub fn p<'a>(&'a self) -> Option> { + pub fn p(&self) -> Option<&BigNumRef> { unsafe { let p = compat::factors(self.0)[0]; if p.is_null() { @@ -311,7 +311,7 @@ impl RSA { } } - pub fn q<'a>(&'a self) -> Option> { + pub fn q(&self) -> Option<&BigNumRef> { unsafe { let q = compat::factors(self.0)[1]; if q.is_null() { diff --git a/openssl/src/x509/verify.rs b/openssl/src/x509/verify.rs index 11c65dca..77095edc 100644 --- a/openssl/src/x509/verify.rs +++ b/openssl/src/x509/verify.rs @@ -2,7 +2,6 @@ //! //! Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0. -use std::marker::PhantomData; use libc::c_uint; use ffi;