diff --git a/.circleci/config.yml b/.circleci/config.yml index 2cc6cced..0e6f90e0 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -108,9 +108,9 @@ openssl_101: &OPENSSL_101 libressl_250: &LIBRESSL_250 LIBRARY: libressl VERSION: 2.5.0 -libressl_270: &LIBRESSL_272 +libressl_270: &LIBRESSL_280 LIBRARY: libressl - VERSION: 2.7.2 + VERSION: 2.8.0 x86_64: &X86_64 TARGET: x86_64-unknown-linux-gnu @@ -195,10 +195,10 @@ jobs: <<: *JOB environment: <<: [*LIBRESSL_250, *X86_64, *BASE] - x86_64-libressl-2.7.2: + x86_64-libressl-2.8.0: <<: *JOB environment: - <<: [*LIBRESSL_272, *X86_64, *BASE] + <<: [*LIBRESSL_280, *X86_64, *BASE] macos: <<: *MACOS_JOB environment: @@ -226,6 +226,6 @@ workflows: - armhf-openssl-1.1.0 - armhf-openssl-1.0.2 - x86_64-libressl-2.5.0 - - x86_64-libressl-2.7.2 + - x86_64-libressl-2.8.0 - macos - macos-vendored diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs index 38bacdf3..cfd85cbb 100644 --- a/openssl-sys/build/cfgs.rs +++ b/openssl-sys/build/cfgs.rs @@ -16,6 +16,9 @@ pub fn get(openssl_version: Option, libressl_version: Option) -> Vec<& if libressl_version >= 0x2_07_03_00_0 { cfgs.push("libressl273"); } + if libressl_version >= 0x2_08_00_00_0 { + cfgs.push("libressl280"); + } } else { let openssl_version = openssl_version.unwrap(); diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs index 4d58d248..4c615401 100644 --- a/openssl-sys/build/main.rs +++ b/openssl-sys/build/main.rs @@ -497,6 +497,7 @@ See rust-openssl README for more information: (6, 2) => ('6', '2'), (6, _) => ('6', 'x'), (7, _) => ('7', 'x'), + (8, 0) => ('8', 'x'), _ => version_error(), }; diff --git a/openssl-sys/src/asn1.rs b/openssl-sys/src/asn1.rs index 9cf321ea..90eaeffa 100644 --- a/openssl-sys/src/asn1.rs +++ b/openssl-sys/src/asn1.rs @@ -49,7 +49,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: *const ASN1_STRING) -> c_int; } diff --git a/openssl-sys/src/bio.rs b/openssl-sys/src/bio.rs index ce660145..b6bde933 100644 --- a/openssl-sys/src/bio.rs +++ b/openssl-sys/src/bio.rs @@ -36,7 +36,7 @@ pub type bio_info_cb = Option; cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum BIO_METHOD {} } else { #[repr(C)] @@ -60,24 +60,14 @@ pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn BIO_s_file() -> *const BIO_METHOD; - } - } else { - extern "C" { - pub fn BIO_s_file() -> *mut BIO_METHOD; - } - } -} -cfg_if! { - if #[cfg(ossl110)] { - extern "C" { pub fn BIO_new(type_: *const BIO_METHOD) -> *mut BIO; } } else { extern "C" { - pub fn BIO_new(type_: *mut BIO_METHOD) -> *mut BIO; + pub fn BIO_s_file() -> *mut BIO_METHOD; } } } @@ -96,7 +86,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn BIO_s_mem() -> *const BIO_METHOD; } @@ -107,7 +97,7 @@ cfg_if! { } } cfg_if! { - if #[cfg(ossl102)] { + if #[cfg(any(ossl102, libressl280))] { extern "C" { pub fn BIO_new_mem_buf(buf: *const c_void, len: c_int) -> *mut BIO; } diff --git a/openssl-sys/src/ec.rs b/openssl-sys/src/ec.rs index 3eea0d24..a33d4d46 100644 --- a/openssl-sys/src/ec.rs +++ b/openssl-sys/src/ec.rs @@ -166,7 +166,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum ECDSA_SIG {} } else { #[repr(C)] diff --git a/openssl-sys/src/evp.rs b/openssl-sys/src/evp.rs index c78f7616..53d2e22f 100644 --- a/openssl-sys/src/evp.rs +++ b/openssl-sys/src/evp.rs @@ -108,19 +108,28 @@ extern "C" { e: *mut ENGINE, pkey: *mut EVP_PKEY, ) -> c_int; - #[cfg(not(ossl102))] - pub fn EVP_DigestVerifyFinal( - ctx: *mut EVP_MD_CTX, - sigret: *mut c_uchar, - siglen: size_t, - ) -> c_int; - #[cfg(ossl102)] - pub fn EVP_DigestVerifyFinal( - ctx: *mut EVP_MD_CTX, - sigret: *const c_uchar, - siglen: size_t, - ) -> c_int; +} +cfg_if! { + if #[cfg(any(ossl102, libressl280))] { + extern "C" { + pub fn EVP_DigestVerifyFinal( + ctx: *mut EVP_MD_CTX, + sigret: *const c_uchar, + siglen: size_t, + ) -> c_int; + } + } else { + extern "C" { + pub fn EVP_DigestVerifyFinal( + ctx: *mut EVP_MD_CTX, + sigret: *mut c_uchar, + siglen: size_t, + ) -> c_int; + } + } +} +extern "C" { pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX; pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX); pub fn EVP_MD_CTX_copy_ex(dst: *mut EVP_MD_CTX, src: *const EVP_MD_CTX) -> c_int; @@ -181,7 +190,7 @@ extern "C" { pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn EVP_PKEY_bits(key: *const EVP_PKEY) -> c_int; } diff --git a/openssl-sys/src/ossl_typ.rs b/openssl-sys/src/ossl_typ.rs index 58cab8d7..96c4d002 100644 --- a/openssl-sys/src/ossl_typ.rs +++ b/openssl-sys/src/ossl_typ.rs @@ -13,7 +13,7 @@ pub enum ASN1_OBJECT {} pub enum bio_st {} // FIXME remove cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum BIO {} } else { #[repr(C)] @@ -59,7 +59,7 @@ pub enum BN_CTX {} pub enum BN_GENCB {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum EVP_CIPHER {} } else { #[repr(C)] @@ -90,7 +90,7 @@ cfg_if! { pub enum EVP_CIPHER_CTX {} pub enum EVP_MD {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum EVP_MD_CTX {} } else { #[repr(C)] @@ -105,7 +105,7 @@ cfg_if! { } } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum EVP_PKEY {} } else { #[repr(C)] @@ -127,7 +127,7 @@ pub enum EVP_PKEY_ASN1_METHOD {} pub enum EVP_PKEY_CTX {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum HMAC_CTX {} } else { #[repr(C)] @@ -143,7 +143,7 @@ cfg_if! { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum DH {} } else { #[repr(C)] @@ -172,7 +172,7 @@ cfg_if! { pub enum DH_METHOD {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum DSA {} } else { #[repr(C)] @@ -201,7 +201,7 @@ cfg_if! { pub enum DSA_METHOD {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum RSA {} } else if #[cfg(libressl)] { #[repr(C)] @@ -267,7 +267,7 @@ pub enum RSA_METHOD {} pub enum EC_KEY {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum X509 {} } else if #[cfg(libressl)] { #[repr(C)] @@ -344,7 +344,7 @@ pub enum X509_STORE {} pub enum X509_STORE_CTX {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum X509_VERIFY_PARAM {} } else if #[cfg(libressl251)] { #[repr(C)] @@ -406,7 +406,7 @@ pub enum OPENSSL_INIT_SETTINGS {} pub enum ENGINE {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum SSL {} } else if #[cfg(libressl251)] { #[repr(C)] @@ -708,7 +708,7 @@ cfg_if! { } } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum SSL_CTX {} } else if #[cfg(libressl251)] { #[repr(C)] @@ -970,7 +970,7 @@ cfg_if! { pub enum COMP_METHOD {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum CRYPTO_EX_DATA {} } else if #[cfg(libressl)] { #[repr(C)] diff --git a/openssl-sys/src/pkcs12.rs b/openssl-sys/src/pkcs12.rs index 72170ea1..9cdba7e1 100644 --- a/openssl-sys/src/pkcs12.rs +++ b/openssl-sys/src/pkcs12.rs @@ -18,7 +18,7 @@ extern "C" { ) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn PKCS12_create( pass: *const c_char, diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs index 39b165f1..e139a89c 100644 --- a/openssl-sys/src/ssl.rs +++ b/openssl-sys/src/ssl.rs @@ -25,7 +25,7 @@ pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1; pub enum SSL_METHOD {} pub enum SSL_CIPHER {} cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { pub enum SSL_SESSION {} } else if #[cfg(libressl251)] { #[repr(C)] @@ -292,7 +292,13 @@ cfg_if! { pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000; pub const SSL_OP_CIPHER_SERVER_PREFERENCE: c_ulong = 0x00400000; -pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0x00800000; +cfg_if! { + if #[cfg(libressl280)] { + pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0; + } else { + pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0x00800000; + } +} cfg_if! { @@ -466,7 +472,7 @@ extern "C" { ); } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn SSL_CTX_sess_set_get_cb( ctx: *mut ::SSL_CTX, @@ -497,7 +503,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn SSL_CTX_set_cookie_verify_cb( s: *mut SSL_CTX, @@ -843,7 +849,7 @@ extern "C" { pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char; } @@ -1036,11 +1042,20 @@ extern "C" { ) -> *mut c_char; pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509; - #[cfg(not(ossl102))] - pub fn SSL_get_privatekey(ssl: *mut SSL) -> *mut EVP_PKEY; - #[cfg(ossl102)] - pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY; +} +cfg_if! { + if #[cfg(any(ossl102, libressl280))] { + extern "C" { + pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY; + } + } else { + extern "C" { + pub fn SSL_get_privatekey(ssl: *mut SSL) -> *mut EVP_PKEY; + } + } +} +extern "C" { #[cfg(ossl102)] pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; #[cfg(ossl102)] diff --git a/openssl-sys/src/x509.rs b/openssl-sys/src/x509.rs index 1a9018a9..a0da2069 100644 --- a/openssl-sys/src/x509.rs +++ b/openssl-sys/src/x509.rs @@ -191,7 +191,7 @@ extern "C" { pub fn X509_set_issuer_name(x: *mut X509, name: *mut X509_NAME) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509_get_issuer_name(x: *const ::X509) -> *mut ::X509_NAME; } @@ -205,15 +205,24 @@ extern "C" { pub fn X509_set_subject_name(x: *mut X509, name: *mut X509_NAME) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509_get_subject_name(x: *const ::X509) -> *mut ::X509_NAME; + } + } else { + extern "C" { + pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME; + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { pub fn X509_set1_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_set1_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; } } else { extern "C" { - pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME; pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; } @@ -244,7 +253,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509_NAME_entry_count(n: *const X509_NAME) -> c_int; } @@ -255,11 +264,19 @@ cfg_if! { } } -extern "C" { - pub fn X509_NAME_get_index_by_NID(n: *mut X509_NAME, nid: c_int, last_pos: c_int) -> c_int; +cfg_if! { + if #[cfg(libressl280)] { + extern "C" { + pub fn X509_NAME_get_index_by_NID(n: *const X509_NAME, nid: c_int, last_pos: c_int) -> c_int; + } + } else { + extern "C" { + pub fn X509_NAME_get_index_by_NID(n: *mut X509_NAME, nid: c_int, last_pos: c_int) -> c_int; + } + } } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509_NAME_get_entry(n: *const X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY; pub fn X509_NAME_add_entry_by_NID( @@ -305,7 +322,7 @@ extern "C" { pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509_get_ext_d2i( x: *const ::X509, diff --git a/openssl-sys/src/x509v3.rs b/openssl-sys/src/x509v3.rs index 81203526..d355a549 100644 --- a/openssl-sys/src/x509v3.rs +++ b/openssl-sys/src/x509v3.rs @@ -41,7 +41,7 @@ pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509V3_EXT_nconf_nid( conf: *mut CONF, diff --git a/openssl/build.rs b/openssl/build.rs index f1166d62..99731c57 100644 --- a/openssl/build.rs +++ b/openssl/build.rs @@ -49,5 +49,9 @@ fn main() { if version >= 0x2_07_03_00_0 { println!("cargo:rustc-cfg=libressl273"); } + + if version >= 0x2_08_00_00_0 { + println!("cargo:rustc-cfg=libressl280"); + } } } diff --git a/openssl/src/ssl/callbacks.rs b/openssl/src/ssl/callbacks.rs index c9779416..daa58a4e 100644 --- a/openssl/src/ssl/callbacks.rs +++ b/openssl/src/ssl/callbacks.rs @@ -379,10 +379,13 @@ pub unsafe extern "C" fn raw_remove_session( callback(ctx, session) } -#[cfg(ossl110)] -type DataPtr = *const c_uchar; -#[cfg(not(ossl110))] -type DataPtr = *mut c_uchar; +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + type DataPtr = *const c_uchar; + } else { + type DataPtr = *mut c_uchar; + } +} pub unsafe extern "C" fn raw_get_session( ssl: *mut ffi::SSL, @@ -503,11 +506,13 @@ where } } -#[cfg(ossl110)] -type CookiePtr = *const c_uchar; - -#[cfg(not(ossl110))] -type CookiePtr = *mut c_uchar; +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + type CookiePtr = *const c_uchar; + } else { + type CookiePtr = *mut c_uchar; + } +} pub extern "C" fn raw_cookie_verify( ssl: *mut ffi::SSL,