min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rustfmt

This commit is contained in:
Steven Fackler 2019-02-22 10:14:15 -07:00
parent 7f4ceb51a4
commit 7eee39f1ec
40 changed files with 451 additions and 328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openssl-sys/build/main.rs
View File

@ -404,7 +404,8 @@ VERSION(OPENSSL, OPENSSL_VERSION_NUMBER)
VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER)
#endif
"
).unwrap();
)
.unwrap();
for define in DEFINES {
write!(
@ -415,7 +416,8 @@ RUST_CONF_{define}
#endif
",
define = define
).unwrap();
)
.unwrap();
}
file.flush().unwrap();

7
openssl-sys/src/dh.rs
View File

@ -15,10 +15,5 @@ extern "C" {
pub fn DH_get_2048_256() -> *mut DH;
#[cfg(any(ossl110, libressl273))]
pub fn DH_set0_pqg(
dh: *mut DH,
p: *mut BIGNUM,
q: *mut BIGNUM,
g: *mut BIGNUM,
) -> c_int;
pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int;
}

13
openssl-sys/src/dsa.rs
View File

@ -49,18 +49,9 @@ extern "C" {
q: *mut *const BIGNUM,
);
#[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_pqg(
d: *mut DSA,
p: *mut BIGNUM,
q: *mut BIGNUM,
q: *mut BIGNUM,
) -> c_int;
pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int;
#[cfg(any(ossl110, libressl273))]
pub fn DSA_get0_key(
d: *const DSA,
pub_key: *mut *const BIGNUM,
priv_key: *mut *const BIGNUM,
);
pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int;
}

13
openssl-sys/src/lib.rs
View File

@ -25,8 +25,8 @@ pub use object::*;
pub use ocsp::*;
pub use ossl_typ::*;
pub use pem::*;
pub use pkcs7::*;
pub use pkcs12::*;
pub use pkcs7::*;
pub use rand::*;
pub use rsa::*;
pub use safestack::*;
@ -62,8 +62,8 @@ mod object;
mod ocsp;
mod ossl_typ;
mod pem;
mod pkcs7;
mod pkcs12;
mod pkcs7;
mod rand;
mod rsa;
mod safestack;
@ -78,9 +78,12 @@ mod x509_vfy;
mod x509v3;
// FIXME remove
pub type PasswordCallback =
unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void)
-> c_int;
pub type PasswordCallback = unsafe extern "C" fn(
buf: *mut c_char,
size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int;
#[cfg(ossl110)]
pub fn init() {

2
openssl-sys/src/macros.rs
View File

@ -65,5 +65,5 @@ macro_rules! stack {
}
}
}
}
};
}

2
openssl-sys/src/ossl_typ.rs
View File

@ -346,7 +346,7 @@ pub enum X509_STORE_CTX {}
cfg_if! {
if #[cfg(any(ossl110, libressl280))] {
pub enum X509_VERIFY_PARAM {}
pub enum X509_VERIFY_PARAM {}
} else if #[cfg(libressl251)] {
#[repr(C)]
pub struct X509_VERIFY_PARAM {

11
openssl-sys/src/pem.rs
View File

@ -2,9 +2,14 @@ use libc::*;
use *;
pub type pem_password_cb =
Option<unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void)
-> c_int>;
pub type pem_password_cb = Option<
unsafe extern "C" fn(
buf: *mut c_char,
size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int,
>;
extern "C" {
pub fn PEM_read_bio_X509(

4
openssl-sys/src/rsa.rs
View File

@ -143,9 +143,7 @@ extern "C" {
k: *mut RSA,
pad: c_int,
) -> c_int;
pub fn RSA_check_key(
r: *const ::RSA,
) -> c_int;
pub fn RSA_check_key(r: *const ::RSA) -> c_int;
pub fn RSA_free(rsa: *mut RSA);
pub fn RSA_up_ref(rsa: *mut RSA) -> c_int;

38
openssl-sys/src/ssl.rs
View File

@ -526,16 +526,22 @@ extern "C" {
pub fn SSL_CTX_set_stateless_cookie_generate_cb(
s: *mut SSL_CTX,
cb: Option<
unsafe extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut size_t)
-> c_int,
unsafe extern "C" fn(
ssl: *mut SSL,
cookie: *mut c_uchar,
cookie_len: *mut size_t,
) -> c_int,
>,
);
#[cfg(ossl111)]
pub fn SSL_CTX_set_stateless_cookie_verify_cb(
s: *mut SSL_CTX,
cb: Option<
unsafe extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: size_t)
-> c_int,
unsafe extern "C" fn(
ssl: *mut SSL,
cookie: *const c_uchar,
cookie_len: size_t,
) -> c_int,
>,
);
@ -609,8 +615,14 @@ extern "C" {
pub fn SSL_CTX_set_psk_client_callback(
ssl: *mut SSL_CTX,
psk_client_cb: Option<
extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint)
-> c_uint,
extern "C" fn(
*mut SSL,
*const c_char,
*mut c_char,
c_uint,
*mut c_uchar,
c_uint,
) -> c_uint,
>,
);
pub fn SSL_CTX_set_psk_server_callback(
@ -1212,15 +1224,21 @@ extern "C" {
#[cfg(not(ossl110))]
pub fn SSL_CTX_set_tmp_ecdh_callback(
ctx: *mut ::SSL_CTX,
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
-> *mut ::EC_KEY,
ecdh: unsafe extern "C" fn(
ssl: *mut ::SSL,
is_export: c_int,
keylength: c_int,
) -> *mut ::EC_KEY,
);
// FIXME should take an option
#[cfg(not(ossl110))]
pub fn SSL_set_tmp_ecdh_callback(
ssl: *mut SSL,
ecdh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int)
-> *mut EC_KEY,
ecdh: unsafe extern "C" fn(
ssl: *mut SSL,
is_export: c_int,
keylength: c_int,
) -> *mut EC_KEY,
);
}

2
openssl-sys/src/tls1.rs
View File

@ -1,6 +1,6 @@
use libc::*;
use std::ptr;
use std::mem;
use std::ptr;
use *;

34
openssl/examples/mk_certs.rs
View File

@ -9,9 +9,11 @@ use openssl::error::ErrorStack;
use openssl::hash::MessageDigest;
use openssl::pkey::{PKey, PKeyRef, Private};
use openssl::rsa::Rsa;
use openssl::x509::{X509, X509NameBuilder, X509Ref, X509Req, X509ReqBuilder, X509VerifyResult};
use openssl::x509::extension::{AuthorityKeyIdentifier, BasicConstraints, KeyUsage,
SubjectAlternativeName, SubjectKeyIdentifier};
use openssl::x509::extension::{
AuthorityKeyIdentifier, BasicConstraints, KeyUsage, SubjectAlternativeName,
SubjectKeyIdentifier,
};
use openssl::x509::{X509NameBuilder, X509Ref, X509Req, X509ReqBuilder, X509VerifyResult, X509};
/// Make a CA certificate and private key
fn mk_ca_cert() -> Result<(X509, PKey<Private>), ErrorStack> {
@ -42,11 +44,13 @@ fn mk_ca_cert() -> Result<(X509, PKey<Private>), ErrorStack> {
cert_builder.set_not_after(&not_after)?;
cert_builder.append_extension(BasicConstraints::new().critical().ca().build()?)?;
cert_builder.append_extension(KeyUsage::new()
.critical()
.key_cert_sign()
.crl_sign()
.build()?)?;
cert_builder.append_extension(
KeyUsage::new()
.critical()
.key_cert_sign()
.crl_sign()
.build()?,
)?;
let subject_key_identifier =
SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(None, None))?;
@ -104,12 +108,14 @@ fn mk_ca_signed_cert(
cert_builder.append_extension(BasicConstraints::new().build()?)?;
cert_builder.append_extension(KeyUsage::new()
.critical()
.non_repudiation()
.digital_signature()
.key_encipherment()
.build()?)?;
cert_builder.append_extension(
KeyUsage::new()
.critical()
.non_repudiation()
.digital_signature()
.key_encipherment()
.build()?,
)?;
let subject_key_identifier =
SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(Some(ca_cert), None))?;

57
openssl/src/bn.rs
View File

@ -423,7 +423,8 @@ impl BigNumRef {
bits.into(),
msb.0,
odd as c_int,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -439,7 +440,8 @@ impl BigNumRef {
bits.into(),
msb.0,
odd as c_int,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -485,7 +487,8 @@ impl BigNumRef {
add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()),
rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()),
ptr::null_mut(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -508,7 +511,8 @@ impl BigNumRef {
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -532,7 +536,8 @@ impl BigNumRef {
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -554,7 +559,8 @@ impl BigNumRef {
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -577,7 +583,8 @@ impl BigNumRef {
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -608,7 +615,8 @@ impl BigNumRef {
a.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -631,7 +639,8 @@ impl BigNumRef {
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -654,7 +663,8 @@ impl BigNumRef {
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -677,7 +687,8 @@ impl BigNumRef {
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -698,7 +709,8 @@ impl BigNumRef {
a.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -719,7 +731,8 @@ impl BigNumRef {
a.as_ptr(),
p.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -742,7 +755,8 @@ impl BigNumRef {
p.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -759,7 +773,8 @@ impl BigNumRef {
a.as_ptr(),
n.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -780,7 +795,8 @@ impl BigNumRef {
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -803,7 +819,8 @@ impl BigNumRef {
checks.into(),
ctx.as_ptr(),
ptr::null_mut(),
)).map(|r| r != 0)
))
.map(|r| r != 0)
}
}
@ -833,7 +850,8 @@ impl BigNumRef {
ctx.as_ptr(),
do_trial_division as c_int,
ptr::null_mut(),
)).map(|r| r != 0)
))
.map(|r| r != 0)
}
}
@ -1089,7 +1107,8 @@ impl BigNum {
n.as_ptr(),
n.len() as c_int,
ptr::null_mut(),
)).map(|p| BigNum::from_ptr(p))
))
.map(|p| BigNum::from_ptr(p))
}
}
}

2
openssl/src/cms.rs
View File

@ -14,7 +14,7 @@ use error::ErrorStack;
use libc::c_uint;
use pkey::{HasPrivate, PKeyRef};
use stack::StackRef;
use x509::{X509, X509Ref};
use x509::{X509Ref, X509};
use {cvt, cvt_p};
bitflags! {

7
openssl/src/derive.rs
View File

@ -1,12 +1,12 @@
//! Shared secret derivation.
use ffi;
use foreign_types::ForeignTypeRef;
use std::marker::PhantomData;
use std::ptr;
use foreign_types::ForeignTypeRef;
use {cvt, cvt_p};
use error::ErrorStack;
use pkey::{HasPrivate, HasPublic, PKeyRef};
use {cvt, cvt_p};
/// A type used to derive a shared secret between two keys.
pub struct Deriver<'a>(*mut ffi::EVP_PKEY_CTX, PhantomData<&'a ()>);
@ -72,7 +72,8 @@ impl<'a> Deriver<'a> {
self.0,
buf.as_mut_ptr() as *mut _,
&mut len,
)).map(|_| len)
))
.map(|_| len)
}
}

3
openssl/src/dh.rs
View File

@ -164,7 +164,8 @@ mod tests {
).unwrap();
let q = BigNum::from_hex_str(
"8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3",
).unwrap();
)
.unwrap();
let dh = Dh::from_params(p, g, q).unwrap();
ctx.set_tmp_dh(&dh).unwrap();
}

12
openssl/src/dsa.rs
View File

@ -9,8 +9,8 @@ use ffi;
use foreign_types::{ForeignType, ForeignTypeRef};
use libc::c_int;
use std::fmt;
use std::ptr;
use std::mem;
use std::ptr;
use bn::{BigNum, BigNumRef};
use error::ErrorStack;
@ -321,9 +321,9 @@ cfg_if! {
mod test {
use super::*;
use bn::BigNumContext;
use sign::{Signer, Verifier};
use hash::MessageDigest;
use pkey::PKey;
use sign::{Signer, Verifier};
#[test]
pub fn test_generate() {
@ -390,14 +390,18 @@ mod test {
BigNumRef::to_owned(q).unwrap(),
BigNumRef::to_owned(g).unwrap(),
BigNumRef::to_owned(priv_key).unwrap(),
BigNumRef::to_owned(pub_key).unwrap()).unwrap();
BigNumRef::to_owned(pub_key).unwrap(),
)
.unwrap();
let priv_key = PKey::from_dsa(priv_key).unwrap();
let pub_key = Dsa::from_public_components(
BigNumRef::to_owned(p).unwrap(),
BigNumRef::to_owned(q).unwrap(),
BigNumRef::to_owned(g).unwrap(),
BigNumRef::to_owned(pub_key).unwrap()).unwrap();
BigNumRef::to_owned(pub_key).unwrap(),
)
.unwrap();
let pub_key = PKey::from_dsa(pub_key).unwrap();
let mut signer = Signer::new(MessageDigest::sha256(), &priv_key).unwrap();

7
openssl/src/ecdsa.rs
View File

@ -73,7 +73,8 @@ impl EcdsaSig {
data.len() as c_int,
self.as_ptr(),
eckey.as_ptr(),
)).map(|x| x == 1)
))
.map(|x| x == 1)
}
}
@ -110,7 +111,7 @@ impl EcdsaSig {
from_der,
EcdsaSig,
ffi::d2i_ECDSA_SIG
}
}
}
impl EcdsaSigRef {
@ -120,7 +121,7 @@ impl EcdsaSigRef {
/// This corresponds to [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html
to_der,
ffi::i2d_ECDSA_SIG
}
}
}
cfg_if! {

6
openssl/src/error.rs
View File

@ -16,13 +16,13 @@
//! }
//! ```
use libc::{c_char, c_int, c_ulong};
use std::fmt;
use std::borrow::Cow;
use std::error;
use std::ffi::CStr;
use std::fmt;
use std::io;
use std::str;
use std::ptr;
use std::borrow::Cow;
use std::str;
use ffi;

31
openssl/src/hash.rs
View File

@ -254,7 +254,7 @@ impl Hasher {
/// Writes the hash of the data into the supplied buf and resets the XOF hasher.
/// The hash will be as long as the buf.
#[cfg(ossl111)]
pub fn finish_xof(&mut self, buf: &mut[u8]) -> Result<(), ErrorStack> {
pub fn finish_xof(&mut self, buf: &mut [u8]) -> Result<(), ErrorStack> {
if self.state == Finalized {
self.init()?;
}
@ -366,7 +366,7 @@ pub fn hash(t: MessageDigest, data: &[u8]) -> Result<DigestBytes, ErrorStack> {
/// Computes the hash of the `data` with the XOF hasher `t` and stores it in `buf`.
#[cfg(ossl111)]
pub fn hash_xof(t: MessageDigest, data: &[u8], buf: &mut[u8]) -> Result<(), ErrorStack> {
pub fn hash_xof(t: MessageDigest, data: &[u8], buf: &mut [u8]) -> Result<(), ErrorStack> {
let mut h = Hasher::new(t)?;
h.update(data)?;
h.finish_xof(buf)
@ -388,7 +388,12 @@ mod tests {
fn hash_xof_test(hashtype: MessageDigest, hashtest: &(&str, &str)) {
let expected = Vec::from_hex(hashtest.1).unwrap();
let mut buf = vec![0; expected.len()];
hash_xof(hashtype, &Vec::from_hex(hashtest.0).unwrap(), buf.as_mut_slice()).unwrap();
hash_xof(
hashtype,
&Vec::from_hex(hashtest.0).unwrap(),
buf.as_mut_slice(),
)
.unwrap();
assert_eq!(buf, expected);
}
@ -499,8 +504,9 @@ mod tests {
#[cfg(ossl111)]
#[test]
fn test_sha3_224() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"1de092dd9fbcbbf450f26264f4778abd48af851f2832924554c56913"
let tests = [(
"416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"1de092dd9fbcbbf450f26264f4778abd48af851f2832924554c56913",
)];
for test in tests.iter() {
@ -511,8 +517,9 @@ mod tests {
#[cfg(ossl111)]
#[test]
fn test_sha3_256() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"b38e38f08bc1c0091ed4b5f060fe13e86aa4179578513ad11a6e3abba0062f61"
let tests = [(
"416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"b38e38f08bc1c0091ed4b5f060fe13e86aa4179578513ad11a6e3abba0062f61",
)];
for test in tests.iter() {
@ -549,8 +556,9 @@ mod tests {
#[cfg(ossl111)]
#[test]
fn test_shake_128() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"49d0697ff508111d8b84f15e46daf135"
let tests = [(
"416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"49d0697ff508111d8b84f15e46daf135",
)];
for test in tests.iter() {
@ -561,8 +569,9 @@ mod tests {
#[cfg(ossl111)]
#[test]
fn test_shake_256() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"4e2dfdaa75d1e049d0eaeffe28e76b17cea47b650fb8826fe48b94664326a697"
let tests = [(
"416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"4e2dfdaa75d1e049d0eaeffe28e76b17cea47b650fb8826fe48b94664326a697",
)];
for test in tests.iter() {

60
openssl/src/lib.rs
View File

@ -1,51 +1,51 @@
//! Bindings to OpenSSL
//!
//!
//! This crate provides a safe interface to the popular OpenSSL cryptography library. OpenSSL versions 1.0.1 through
//! 1.1.1 and LibreSSL versions 2.5 through 2.8 are supported.
//!
//!
//! # Building
//!
//!
//! Both OpenSSL libraries and headers are required to build this crate. There are multiple options available to locate
//! OpenSSL.
//!
//!
//! ## Vendored
//!
//!
//! If the `vendored` Cargo feature is enabled, the `openssl-src` crate will be used to compile and statically link to
//! a copy of OpenSSL. The build process requires a C compiler, perl, and make. The OpenSSL version will generally track
//! the newest OpenSSL release, and changes to the version are *not* considered breaking changes.
//!
//!
//! ```toml
//! [dependencies]
//! openssl = { version = "0.10", features = ["vendored"] }
//! ```
//!
//!
//! The vendored copy will not be configured to automatically find the system's root certificates, but the
//! `openssl-probe` crate can be used to do that instead.
//!
//!
//! ## Automatic
//!
//!
//! The `openssl-sys` crate will automatically detect OpenSSL installations via Homebrew on macOS and vcpkg on Windows.
//! Additionally, it will use `pkg-config` on Unix-like systems to find the system installation.
//!
//!
//! ```not_rust
//! # macOS
//! $ brew install openssl@1.1
//!
//!
//! # Arch Linux
//! $ sudo pacman -S pkg-config openssl
//!
//!
//! # Debian and Ubuntu
//! $ sudo apt-get install pkg-config libssl-dev
//!
//!
//! # Fedora
//! $ sudo dnf install pkg-config openssl-devel
//! ```
//!
//!
//! ## Manual
//!
//!
//! A set of environment variables can be used to point `openssl-sys` towards an OpenSSL installation. They will
//! override the automatic detection logic.
//!
//!
//! * `OPENSSL_DIR` - If specified, the directory of an OpenSSL installation. The directory should contain `lib` and
//! `include` subdirectories containing the libraries and headers respectively.
//! * `OPENSSL_LIB_DIR` and `OPENSSL_INCLUDE_DIR` - If specified, the directories containing the OpenSSL libraries and
@ -56,53 +56,53 @@
//!
//! Additionally, these variables can be prefixed with the upper-cased target architecture (e.g.
//! `X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR`), which can be useful when cross compiling.
//!
//!
//! # Feature Detection
//!
//!
//! APIs have been added to and removed from the various supported OpenSSL versions, and this library exposes the
//! functionality available in the version being linked against. This means that methods, constants, and even modules
//! will be present when building against one version of OpenSSL but not when building against another! APIs will
//! document any version-specific availability restrictions.
//!
//!
//! A build script can be used to detect the OpenSSL or LibreSSL version at compile time if needed. The `openssl-sys`
//! crate propagates the version via the `DEP_OPENSSL_VERSION_NUMBER` and `DEP_OPENSSL_LIBRESSL_VERSION_NUMBER`
//! environment variables to build scripts. The version format is a hex-encoding of the OpenSSL release version:
//! `0xMNNFFPPS`. For example, version 1.0.2g's encoding is `0x1_00_02_07_0`.
//!
//!
//! For example, let's say we want to adjust the TLSv1.3 cipher suites used by a client, but also want to compile
//! against OpenSSL versions that don't support TLSv1.3:
//!
//!
//! Cargo.toml:
//!
//!
//! ```toml
//! [dependencies]
//! openssl-sys = "0.9"
//! openssl = "0.10"
//! ```
//!
//!
//! build.rs:
//!
//!
//! ```
//! use std::env;
//!
//!
//! fn main() {
//! if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
//! let version = u64::from_str_radix(&v, 16).unwrap();
//!
//!
//! if version >= 0x1_01_01_00_0 {
//! println!("cargo:rustc-cfg=openssl111");
//! }
//! }
//! }
//! ```
//!
//!
//! lib.rs:
//!
//!
//! ```
//! use openssl::ssl::{SslConnector, SslMethod};
//!
//!
//! let mut ctx = SslConnector::builder(SslMethod::tls()).unwrap();
//!
//!
//! // set_ciphersuites was added in OpenSSL 1.1.1, so we can only call it when linking against that version
//! #[cfg(openssl111)]
//! ctx.set_ciphersuites("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256").unwrap();

2
openssl/src/memcmp.rs
View File

@ -29,8 +29,8 @@
//! assert!(!eq(&a, &b));
//! assert!(!eq(&a, &c));
//! ```
use libc::size_t;
use ffi;
use libc::size_t;
/// Returns `true` iff `a` and `b` contain the same bytes.
///

18
openssl/src/ocsp.rs
View File

@ -1,16 +1,16 @@
use ffi;
use foreign_types::ForeignTypeRef;
use libc::{c_int, c_long, c_ulong};
use std::ptr;
use std::mem;
use std::ptr;
use {cvt, cvt_p};
use asn1::Asn1GeneralizedTimeRef;
use error::ErrorStack;
use hash::MessageDigest;
use stack::StackRef;
use x509::store::X509StoreRef;
use x509::{X509, X509Ref};
use x509::{X509Ref, X509};
use {cvt, cvt_p};
bitflags! {
pub struct OcspFlag: c_ulong {
@ -130,7 +130,8 @@ impl<'a> OcspStatus<'a> {
self.next_update.as_ptr(),
nsec as c_long,
maxsec.map(|n| n as c_long).unwrap_or(-1),
)).map(|_| ())
))
.map(|_| ())
}
}
}
@ -160,7 +161,8 @@ impl OcspBasicResponseRef {
certs.as_ptr(),
store.as_ptr(),
flags.bits(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -222,7 +224,8 @@ impl OcspCertId {
digest.as_ptr(),
subject.as_ptr(),
issuer.as_ptr(),
)).map(OcspCertId)
))
.map(OcspCertId)
}
}
}
@ -249,7 +252,8 @@ impl OcspResponse {
cvt_p(ffi::OCSP_response_create(
status.as_raw(),
body.map(|r| r.as_ptr()).unwrap_or(ptr::null_mut()),
)).map(OcspResponse)
))
.map(OcspResponse)
}
}

7
openssl/src/pkcs12.rs
View File

@ -10,7 +10,7 @@ use error::ErrorStack;
use nid::Nid;
use pkey::{HasPrivate, PKey, PKeyRef, Private};
use stack::Stack;
use x509::{X509, X509Ref};
use x509::{X509Ref, X509};
use {cvt, cvt_p};
foreign_type_and_impl_send_sync! {
@ -196,7 +196,8 @@ impl Pkcs12Builder {
self.iter,
self.mac_iter,
keytype,
)).map(Pkcs12)
))
.map(Pkcs12)
}
}
}
@ -211,7 +212,7 @@ mod test {
use pkey::PKey;
use rsa::Rsa;
use x509::extension::KeyUsage;
use x509::{X509, X509Name};
use x509::{X509Name, X509};
use super::*;

28
openssl/src/pkcs5.rs
View File

@ -1,11 +1,11 @@
use ffi;
use libc::c_int;
use std::ptr;
use ffi;
use cvt;
use error::ErrorStack;
use hash::MessageDigest;
use symm::Cipher;
use error::ErrorStack;
#[derive(Clone, Eq, PartialEq, Hash, Debug)]
pub struct KeyIvPair {
@ -59,7 +59,8 @@ pub fn bytes_to_key(
))?;
let mut key = vec![0; len as usize];
let iv_ptr = iv.as_mut()
let iv_ptr = iv
.as_mut()
.map(|v| v.as_mut_ptr())
.unwrap_or(ptr::null_mut());
@ -101,7 +102,8 @@ pub fn pbkdf2_hmac(
hash.as_ptr(),
key.len() as c_int,
key.as_mut_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -131,7 +133,8 @@ pub fn scrypt(
maxmem,
key.as_mut_ptr() as *mut _,
key.len(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -161,7 +164,8 @@ mod tests {
80000,
MessageDigest::sha256(),
&mut buf,
).unwrap();
)
.unwrap();
assert_eq!(
buf,
&[
@ -198,7 +202,8 @@ mod tests {
1,
MessageDigest::sha512(),
&mut buf,
).unwrap();
)
.unwrap();
assert_eq!(
&buf[..],
&[
@ -219,7 +224,8 @@ mod tests {
50,
MessageDigest::sha512(),
&mut buf,
).unwrap();
)
.unwrap();
assert_eq!(
&buf[..],
&[
@ -262,7 +268,8 @@ mod tests {
&data,
Some(&salt),
1,
).unwrap(),
)
.unwrap(),
super::KeyIvPair {
key: expected_key,
iv: Some(expected_iv),
@ -290,7 +297,8 @@ mod tests {
1,
0,
&mut actual,
).unwrap();
)
.unwrap();
assert_eq!(hex::encode(&actual[..]), expected);
}
}

18
openssl/src/pkcs7.rs
View File

@ -110,7 +110,8 @@ impl Pkcs7 {
input_bio.as_ptr(),
cipher.as_ptr(),
flags.bits,
)).map(Pkcs7)
))
.map(Pkcs7)
}
}
@ -142,7 +143,8 @@ impl Pkcs7 {
certs.as_ptr(),
input_bio.as_ptr(),
flags.bits,
)).map(Pkcs7)
))
.map(Pkcs7)
}
}
}
@ -162,7 +164,8 @@ impl Pkcs7Ref {
self.as_ptr(),
input_bio.as_ptr(),
flags.bits,
)).map(|_| output.get_buf().to_owned())
))
.map(|_| output.get_buf().to_owned())
}
}
@ -206,7 +209,8 @@ impl Pkcs7Ref {
cert.as_ptr(),
output.as_ptr(),
flags.bits,
)).map(|_| output.get_buf().to_owned())
))
.map(|_| output.get_buf().to_owned())
}
}
@ -244,7 +248,8 @@ impl Pkcs7Ref {
indata_bio_ptr,
out_bio.as_ptr(),
flags.bits,
)).map(|_| ())?
))
.map(|_| ())?
}
if let Some(data) = out {
@ -328,7 +333,8 @@ mod tests {
Some(message.as_bytes()),
Some(&mut output),
flags,
).expect("should succeed");
)
.expect("should succeed");
assert_eq!(message.clone().into_bytes(), output);
assert_eq!(

40
openssl/src/pkey.rs
View File

@ -45,21 +45,21 @@
//! }
//! ```
use libc::c_int;
use std::ptr;
use std::mem;
use std::ffi::CString;
use ffi;
use foreign_types::{ForeignType, ForeignTypeRef};
use libc::c_int;
use std::ffi::CString;
use std::mem;
use std::ptr;
use {cvt, cvt_p};
use bio::MemBioSlice;
use dh::Dh;
use dsa::Dsa;
use ec::EcKey;
use rsa::Rsa;
use error::ErrorStack;
use rsa::Rsa;
use util::{invoke_passwd_cb, CallbackState};
use {cvt, cvt_p};
/// A tag type indicating that a key only has parameters.
pub enum Params {}
@ -97,22 +97,14 @@ pub unsafe trait HasParams {}
unsafe impl HasParams for Params {}
unsafe impl<T> HasParams for T
where
T: HasPublic,
{
}
unsafe impl<T> HasParams for T where T: HasPublic {}
/// A trait indicating that a key has public components.
pub unsafe trait HasPublic {}
unsafe impl HasPublic for Public {}
unsafe impl<T> HasPublic for T
where
T: HasPrivate,
{
}
unsafe impl<T> HasPublic for T where T: HasPrivate {}
/// A trait indicating that a key has private components.
pub unsafe trait HasPrivate {}
@ -488,7 +480,8 @@ impl PKey<Private> {
ptr::null_mut(),
Some(invoke_passwd_cb::<F>),
&mut cb as *mut _ as *mut _,
)).map(|p| PKey::from_ptr(p))
))
.map(|p| PKey::from_ptr(p))
}
}
@ -511,7 +504,8 @@ impl PKey<Private> {
ptr::null_mut(),
None,
passphrase.as_ptr() as *const _ as *mut _,
)).map(|p| PKey::from_ptr(p))
))
.map(|p| PKey::from_ptr(p))
}
}
}
@ -544,12 +538,12 @@ impl PKey<Public> {
#[cfg(test)]
mod tests {
use symm::Cipher;
use dh::Dh;
use dsa::Dsa;
use ec::EcKey;
use rsa::Rsa;
use nid::Nid;
use rsa::Rsa;
use symm::Cipher;
use super::*;
@ -557,7 +551,8 @@ mod tests {
fn test_to_password() {
let rsa = Rsa::generate(2048).unwrap();
let pkey = PKey::from_rsa(rsa).unwrap();
let pem = pkey.private_key_to_pem_pkcs8_passphrase(Cipher::aes_128_cbc(), b"foobar")
let pem = pkey
.private_key_to_pem_pkcs8_passphrase(Cipher::aes_128_cbc(), b"foobar")
.unwrap();
PKey::private_key_from_pem_passphrase(&pem, b"foobar").unwrap();
assert!(PKey::private_key_from_pem_passphrase(&pem, b"fizzbuzz").is_err());
@ -577,7 +572,8 @@ mod tests {
password_queried = true;
password[..6].copy_from_slice(b"mypass");
Ok(6)
}).unwrap();
})
.unwrap();
assert!(password_queried);
}

5
openssl/src/rsa.rs
View File

@ -286,7 +286,7 @@ where
/// [`RSA_check_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_check_key.html
pub fn check_key(&self) -> Result<bool, ErrorStack> {
unsafe {
let result = ffi::RSA_check_key(self.as_ptr()) as i32;
let result = ffi::RSA_check_key(self.as_ptr()) as i32;
if result == -1 {
Err(ErrorStack::get())
} else {
@ -789,7 +789,8 @@ mod test {
password_queried = true;
password[..6].copy_from_slice(b"mypass");
Ok(6)
}).unwrap();
})
.unwrap();
assert!(password_queried);
}

30
openssl/src/sha.rs
View File

@ -16,15 +16,15 @@
//! ```rust
//! extern crate openssl;
//! extern crate hex;
//!
//!
//! use openssl::sha;
//!
//!
//! fn main() {
//! let mut hasher = sha::Sha256::new();
//!
//!
//! hasher.update(b"Hello, ");
//! hasher.update(b"world");
//!
//!
//! let hash = hasher.finish();
//! println!("Hashed \"Hello, world\" to {}", hex::encode(hash));
//! }
@ -45,8 +45,8 @@
//! println!("Hash = {}", hex::encode(hash));
//! }
//! ```
use libc::c_void;
use ffi;
use libc::c_void;
use std::mem;
/// Computes the SHA1 hash of some data.
@ -347,16 +347,18 @@ mod test {
#[test]
fn standalone_384() {
let data = b"abc";
let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
let expected =
"cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
assert_eq!(hex::encode(&sha384(data)[..]), expected);
}
#[test]
fn struct_384() {
let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
let expected =
"cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
let mut hasher = Sha384::new();
hasher.update(b"a");
@ -367,16 +369,18 @@ mod test {
#[test]
fn standalone_512() {
let data = b"abc";
let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
let expected =
"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
assert_eq!(hex::encode(&sha512(data)[..]), expected);
}
#[test]
fn struct_512() {
let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
let expected =
"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
let mut hasher = Sha512::new();
hasher.update(b"a");

24
openssl/src/sign.rs
View File

@ -208,7 +208,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
self.pctx,
padding.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -224,7 +225,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
self.pctx,
len.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -240,7 +242,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
self.pctx,
md.as_ptr() as *mut _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -255,7 +258,8 @@ impl<'a> Signer<'a> {
self.md_ctx,
buf.as_ptr() as *const _,
buf.len(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -403,7 +407,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
self.pctx,
padding.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -419,7 +424,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
self.pctx,
len.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -435,7 +441,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
self.pctx,
md.as_ptr() as *mut _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -450,7 +457,8 @@ impl<'a> Verifier<'a> {
self.md_ctx,
buf.as_ptr() as *const _,
buf.len(),
)).map(|_| ())
))
.map(|_| ())
}
}

2
openssl/src/ssl/callbacks.rs
View File

@ -23,7 +23,7 @@ use pkey::Params;
#[cfg(any(ossl102, libressl261))]
use ssl::AlpnError;
#[cfg(ossl111)]
use ssl::{ExtensionContext, ClientHelloResponse};
use ssl::{ClientHelloResponse, ExtensionContext};
use ssl::{SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef};
#[cfg(ossl111)]
use x509::X509Ref;

2
openssl/src/ssl/error.rs
View File

@ -42,7 +42,7 @@ impl ErrorCode {
pub const SSL: ErrorCode = ErrorCode(ffi::SSL_ERROR_SSL);
/// The client hello callback indicated that it needed to be retried.
///
///
/// Requires OpenSSL 1.1.1 or newer.
#[cfg(ossl111)]
pub const WANT_CLIENT_HELLO_CB: ErrorCode = ErrorCode(ffi::SSL_ERROR_WANT_CLIENT_HELLO_CB);

121
openssl/src/ssl/mod.rs
View File

@ -830,7 +830,8 @@ impl SslContextBuilder {
self.as_ptr(),
file.as_ptr() as *const _,
ptr::null(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -868,7 +869,8 @@ impl SslContextBuilder {
self.as_ptr(),
sid_ctx.as_ptr(),
sid_ctx.len() as c_uint,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -892,7 +894,8 @@ impl SslContextBuilder {
self.as_ptr(),
file.as_ptr() as *const _,
file_type.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -914,7 +917,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_use_certificate_chain_file(
self.as_ptr(),
file.as_ptr() as *const _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -961,7 +965,8 @@ impl SslContextBuilder {
self.as_ptr(),
file.as_ptr() as *const _,
file_type.as_raw(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -993,7 +998,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_cipher_list(
self.as_ptr(),
cipher_list.as_ptr() as *const _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -1016,7 +1022,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_ciphersuites(
self.as_ptr(),
cipher_list.as_ptr() as *const _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -1083,7 +1090,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_min_proto_version(
self.as_ptr(),
version.map_or(0, |v| v.0 as _),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -1103,7 +1111,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_max_proto_version(
self.as_ptr(),
version.map_or(0, |v| v.0 as _),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -1282,7 +1291,8 @@ impl SslContextBuilder {
cvt(
ffi::SSL_CTX_set_tlsext_status_cb(self.as_ptr(), Some(raw_tlsext_status::<F>))
as c_int,
).map(|_| ())
)
.map(|_| ())
}
}
@ -1309,10 +1319,7 @@ impl SslContextBuilder {
}
}
#[deprecated(
since = "0.10.10",
note = "renamed to `set_psk_client_callback`"
)]
#[deprecated(since = "0.10.10", note = "renamed to `set_psk_client_callback`")]
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
pub fn set_psk_callback<F>(&mut self, callback: F)
where
@ -1564,14 +1571,21 @@ impl SslContextBuilder {
parse_cb: ParseFn,
) -> Result<(), ErrorStack>
where
AddFn: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>)
-> Result<Option<T>, SslAlert>
AddFn: Fn(
&mut SslRef,
ExtensionContext,
Option<(usize, &X509Ref)>,
) -> Result<Option<T>, SslAlert>
+ 'static
+ Sync
+ Send,
T: AsRef<[u8]> + 'static + Sync + Send,
ParseFn: Fn(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>)
-> Result<(), SslAlert>
ParseFn: Fn(
&mut SslRef,
ExtensionContext,
&[u8],
Option<(usize, &X509Ref)>,
) -> Result<(), SslAlert>
+ 'static
+ Sync
+ Send,
@ -1617,9 +1631,9 @@ impl SslContextBuilder {
}
/// Sets a callback which will be invoked just after the client's hello message is received.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_CTX_set_client_hello_cb`].
///
/// [`SSL_CTX_set_client_hello_cb`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
@ -2753,7 +2767,8 @@ impl SslRef {
context,
contextlen,
use_context,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -2783,7 +2798,8 @@ impl SslRef {
label.len(),
context.as_ptr() as *const c_uchar,
context.len(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -2861,7 +2877,8 @@ impl SslRef {
self.as_ptr(),
p as *mut c_uchar,
response.len() as c_long,
) as c_int).map(|_| ())
) as c_int)
.map(|_| ())
}
}
@ -2977,29 +2994,27 @@ impl SslRef {
}
/// Determines if the client's hello message is in the SSLv2 format.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `false` is returned.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_isv2`].
///
///
/// [`SSL_client_hello_isv2`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_isv2(&self) -> bool {
unsafe {
ffi::SSL_client_hello_isv2(self.as_ptr()) != 0
}
unsafe { ffi::SSL_client_hello_isv2(self.as_ptr()) != 0 }
}
/// Returns the legacy version field of the client's hello message.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returned.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_get0_legacy_version`].
///
///
/// [`SSL_client_hello_get0_legacy_version`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_legacy_version(&self) -> Option<SslVersion> {
@ -3014,13 +3029,13 @@ impl SslRef {
}
/// Returns the random field of the client's hello message.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_get0_random`].
///
///
/// [`SSL_client_hello_get0_random`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_random(&self) -> Option<&[u8]> {
@ -3036,13 +3051,13 @@ impl SslRef {
}
/// Returns the session ID field of the client's hello message.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_get0_session_id`].
///
///
/// [`SSL_client_hello_get0_session_id`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_session_id(&self) -> Option<&[u8]> {
@ -3058,13 +3073,13 @@ impl SslRef {
}
/// Returns the ciphers field of the client's hello message.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_get0_ciphers`].
///
///
/// [`SSL_client_hello_get0_ciphers`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_ciphers(&self) -> Option<&[u8]> {
@ -3080,13 +3095,13 @@ impl SslRef {
}
/// Returns the compression methods field of the client's hello message.
///
///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
///
///
/// Requires OpenSSL 1.1.1 or newer.
///
///
/// This corresponds to [`SSL_client_hello_get0_compression_methods`].
///
///
/// [`SSL_client_hello_get0_compression_methods`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)]
pub fn client_hello_compression_methods(&self) -> Option<&[u8]> {
@ -3363,13 +3378,13 @@ impl<S: Read + Write> Read for SslStream<S> {
Ok(n) => return Ok(n),
Err(ref e) if e.code() == ErrorCode::ZERO_RETURN => return Ok(0),
Err(ref e) if e.code() == ErrorCode::SYSCALL && e.io_error().is_none() => {
return Ok(0)
return Ok(0);
}
Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {}
Err(e) => {
return Err(e
.into_io_error()
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)))
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)));
}
}
}
@ -3385,7 +3400,7 @@ impl<S: Read + Write> Write for SslStream<S> {
Err(e) => {
return Err(e
.into_io_error()
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)))
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)));
}
}
}

49
openssl/src/ssl/test.rs
View File

@ -29,7 +29,7 @@ use ssl::{
};
#[cfg(any(ossl102, ossl110))]
use x509::verify::X509CheckFlags;
use x509::{X509, X509Name, X509StoreContext, X509VerifyResult};
use x509::{X509Name, X509StoreContext, X509VerifyResult, X509};
use std::net::UdpSocket;
@ -683,10 +683,9 @@ fn test_alpn_server_advertise_multiple() {
ctx.set_alpn_select_callback(|_, client| {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
});
assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok()
);
assert!(ctx
.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok());
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap();
ctx.build()
@ -731,10 +730,9 @@ fn test_alpn_server_select_none_fatal() {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client)
.ok_or(ssl::AlpnError::ALERT_FATAL)
});
assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok()
);
assert!(ctx
.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok());
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap();
ctx.build()
@ -764,10 +762,9 @@ fn test_alpn_server_select_none() {
ctx.set_alpn_select_callback(|_, client| {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
});
assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok()
);
assert!(ctx
.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok());
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap();
ctx.build()
@ -1018,14 +1015,12 @@ fn connector_no_hostname_still_verifies() {
let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();
assert!(
connector
.configure()
.unwrap()
.verify_hostname(false)
.connect("fizzbuzz.com", tcp)
.is_err()
);
assert!(connector
.configure()
.unwrap()
.verify_hostname(false)
.connect("fizzbuzz.com", tcp)
.is_err());
}
#[test]
@ -1375,7 +1370,8 @@ fn status_callbacks() {
let response = response.to_der().unwrap();
ssl.set_ocsp_status(&response).unwrap();
Ok(true)
}).unwrap();
})
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.accept(stream).unwrap();
stream.write_all(&[0]).unwrap();
@ -1388,7 +1384,8 @@ fn status_callbacks() {
let response = OcspResponse::from_der(ssl.ocsp_status().unwrap()).unwrap();
assert_eq!(response.status(), OcspResponseStatus::UNAUTHORIZED);
Ok(true)
}).unwrap();
})
.unwrap();
let mut ssl = Ssl::new(&ctx.build()).unwrap();
ssl.set_status_type(StatusType::OCSP).unwrap();
let mut stream = ssl.connect(stream).unwrap();
@ -1539,7 +1536,8 @@ fn custom_extensions() {
FOUND_EXTENSION.store(data == b"hello", Ordering::SeqCst);
Ok(())
},
).unwrap();
)
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.accept(stream).unwrap();
stream.write_all(&[0]).unwrap();
@ -1552,7 +1550,8 @@ fn custom_extensions() {
ssl::ExtensionContext::CLIENT_HELLO,
|_, _, _| Ok(Some(b"hello")),
|_, _, _, _| unreachable!(),
).unwrap();
)
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.connect(stream).unwrap();
stream.read_exact(&mut [0]).unwrap();

48
openssl/src/symm.rs
View File

@ -422,7 +422,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_SET_TAG,
tag.len() as c_int,
tag.as_ptr() as *mut _,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -439,7 +440,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_SET_TAG,
tag_len as c_int,
ptr::null_mut(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -457,7 +459,8 @@ impl Crypter {
&mut len,
ptr::null_mut(),
data_len as c_int,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -476,7 +479,8 @@ impl Crypter {
&mut len,
input.as_ptr(),
input.len() as c_int,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -551,7 +555,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_GET_TAG,
tag.len() as c_int,
tag.as_mut_ptr() as *mut _,
)).map(|_| ())
))
.map(|_| ())
}
}
}
@ -770,7 +775,8 @@ mod tests {
super::Mode::Encrypt,
&k0,
None,
).unwrap();
)
.unwrap();
c.pad(false);
let mut r0 = vec![0; c0.len() + super::Cipher::aes_256_ecb().block_size()];
let count = c.update(&p0, &mut r0).unwrap();
@ -783,7 +789,8 @@ mod tests {
super::Mode::Decrypt,
&k0,
None,
).unwrap();
)
.unwrap();
c.pad(false);
let mut p1 = vec![0; r0.len() + super::Cipher::aes_256_ecb().block_size()];
let count = c.update(&r0, &mut p1).unwrap();
@ -812,7 +819,8 @@ mod tests {
super::Mode::Decrypt,
&data,
Some(&iv),
).unwrap();
)
.unwrap();
cr.pad(false);
let mut unciphered_data = vec![0; data.len() + super::Cipher::aes_256_cbc().block_size()];
let count = cr.update(&ciphered_data, &mut unciphered_data).unwrap();
@ -1094,7 +1102,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(),
&mut actual_tag,
).unwrap();
)
.unwrap();
assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag));
@ -1105,7 +1114,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(),
).unwrap();
)
.unwrap();
assert_eq!(pt, hex::encode(out));
}
@ -1127,7 +1137,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(),
&mut actual_tag,
).unwrap();
)
.unwrap();
assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag));
@ -1139,7 +1150,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(),
).unwrap();
)
.unwrap();
assert_eq!(pt, hex::encode(out));
}
@ -1181,7 +1193,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(),
&mut actual_tag,
).unwrap();
)
.unwrap();
assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag));
@ -1193,7 +1206,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(),
).unwrap();
)
.unwrap();
assert_eq!(pt, hex::encode(out));
}
@ -1256,7 +1270,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(),
&mut actual_tag,
).unwrap();
)
.unwrap();
assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag));
@ -1267,7 +1282,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(),
).unwrap();
)
.unwrap();
assert_eq!(pt, hex::encode(out));
}
}

6
openssl/src/x509/extension.rs
View File

@ -1,4 +1,4 @@
//! Add extensions to an `X509` certificate or certificate request.
//! Add extensions to an `X509` certificate or certificate request.
//!
//! The extensions defined for X.509 v3 certificates provide methods for
//! associating additional attributes with users or public keys and for
@ -11,11 +11,11 @@
//! extern crate openssl;
//!
//! use openssl::x509::extension::BasicConstraints;
//! use openssl::x509::X509Extension;
//! use openssl::x509::X509Extension;
//!
//! fn main() {
//! let mut bc = BasicConstraints::new();
//! let bc = bc.critical().ca().pathlen(1);
//! let bc = bc.critical().ca().pathlen(1);
//!
//! let extension: X509Extension = bc.build().unwrap();
//! }

26
openssl/src/x509/mod.rs
View File

@ -255,7 +255,8 @@ impl X509Builder {
cvt(ffi::X509_set_serialNumber(
self.0.as_ptr(),
serial_number.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -265,7 +266,8 @@ impl X509Builder {
cvt(ffi::X509_set_issuer_name(
self.0.as_ptr(),
issuer_name.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -292,7 +294,8 @@ impl X509Builder {
cvt(ffi::X509_set_subject_name(
self.0.as_ptr(),
subject_name.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -756,7 +759,8 @@ impl X509NameBuilder {
value.len() as c_int,
-1,
0,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -776,7 +780,8 @@ impl X509NameBuilder {
value.len() as c_int,
-1,
0,
)).map(|_| ())
))
.map(|_| ())
}
}
@ -830,7 +835,7 @@ impl X509NameRef {
X509NameEntries {
name: self,
nid: None,
loc: -1
loc: -1,
}
}
}
@ -945,7 +950,8 @@ impl X509ReqBuilder {
cvt(ffi::X509_REQ_set_subject_name(
self.0.as_ptr(),
subject_name.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -994,7 +1000,8 @@ impl X509ReqBuilder {
cvt(ffi::X509_REQ_add_extensions(
self.0.as_ptr(),
extensions.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -1012,7 +1019,8 @@ impl X509ReqBuilder {
self.0.as_ptr(),
key.as_ptr(),
hash.as_ptr(),
)).map(|_| ())
))
.map(|_| ())
}
}

23
openssl/src/x509/tests.rs
View File

@ -12,7 +12,7 @@ use x509::extension::{
SubjectKeyIdentifier,
};
use x509::store::X509StoreBuilder;
use x509::{X509, X509Name, X509Req, X509StoreContext, X509VerifyResult};
use x509::{X509Name, X509Req, X509StoreContext, X509VerifyResult, X509};
fn pkey() -> PKey<Private> {
let rsa = Rsa::generate(2048).unwrap();
@ -87,7 +87,10 @@ fn test_nameref_iterator() {
let mut all_entries = subject.entries();
let email = all_entries.next().unwrap();
assert_eq!(email.object().nid().as_raw(), Nid::PKCS9_EMAILADDRESS.as_raw());
assert_eq!(
email.object().nid().as_raw(),
Nid::PKCS9_EMAILADDRESS.as_raw()
);
assert_eq!(email.data().as_slice(), b"test@example.com");
let cn = all_entries.next().unwrap();
@ -334,16 +337,12 @@ fn test_verify_cert() {
let store = store_bldr.build();
let mut context = X509StoreContext::new().unwrap();
assert!(
context
.init(&store, &cert, &chain, |c| c.verify_cert())
.unwrap()
);
assert!(
context
.init(&store, &cert, &chain, |c| c.verify_cert())
.unwrap()
);
assert!(context
.init(&store, &cert, &chain, |c| c.verify_cert())
.unwrap());
assert!(context
.init(&store, &cert, &chain, |c| c.verify_cert())
.unwrap());
}
#[test]

6
openssl/src/x509/verify.rs
View File

@ -56,7 +56,8 @@ impl X509VerifyParamRef {
self.as_ptr(),
host.as_ptr() as *const _,
host.len(),
)).map(|_| ())
))
.map(|_| ())
}
}
@ -82,7 +83,8 @@ impl X509VerifyParamRef {
self.as_ptr(),
buf.as_ptr() as *const _,
len,
)).map(|_| ())
))
.map(|_| ())
}
}
}

5
systest/build.rs
View File

@ -91,7 +91,10 @@ fn main() {
cfg.skip_type(|s| {
// function pointers are declared without a `*` in openssl so their
// sizeof is 1 which isn't what we want.
s == "PasswordCallback" || s == "pem_password_cb" || s == "bio_info_cb" || s.starts_with("CRYPTO_EX_")
s == "PasswordCallback"
|| s == "pem_password_cb"
|| s == "bio_info_cb"
|| s.starts_with("CRYPTO_EX_")
});
cfg.skip_struct(|s| s == "ProbeResult");
cfg.skip_fn(move |s| {

2
systest/src/main.rs
View File

@ -1,7 +1,7 @@
#![allow(bad_style)]
extern crate openssl_sys;
extern crate libc;
extern crate openssl_sys;
use libc::*;
use openssl_sys::*;