Fix X509StoreContext
This commit is contained in:
Steven Fackler
parent
7267cbeae8
commit
8ec53eb0e1
|
|
@ -21,7 +21,7 @@ use ffi;
|
|||
|
||||
use {init, cvt, cvt_p};
|
||||
use dh::DH;
|
||||
use x509::{X509StoreContext, X509FileType, X509, X509Ref, X509VerifyError};
|
||||
use x509::{X509StoreContextRef, X509FileType, X509, X509Ref, X509VerifyError};
|
||||
#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
|
||||
use x509::verify::X509VerifyParamRef;
|
||||
use crypto::pkey::PKey;
|
||||
|
|
@ -173,7 +173,7 @@ fn get_new_ssl_idx<T>() -> c_int {
|
|||
}
|
||||
|
||||
extern fn raw_verify<F>(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) -> c_int
|
||||
where F: Fn(bool, &X509StoreContext) -> bool + Any + 'static + Sync + Send
|
||||
where F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send
|
||||
{
|
||||
unsafe {
|
||||
let idx = ffi::SSL_get_ex_data_X509_STORE_CTX_idx();
|
||||
|
|
@ -182,14 +182,14 @@ extern fn raw_verify<F>(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX)
|
|||
let verify = ffi::SSL_CTX_get_ex_data(ssl_ctx, get_verify_data_idx::<F>());
|
||||
let verify: &F = &*(verify as *mut F);
|
||||
|
||||
let ctx = X509StoreContext::new(x509_ctx);
|
||||
let ctx = X509StoreContextRef::from_ptr(x509_ctx);
|
||||
|
||||
verify(preverify_ok != 0, &ctx) as c_int
|
||||
verify(preverify_ok != 0, ctx) as c_int
|
||||
}
|
||||
}
|
||||
|
||||
extern fn ssl_raw_verify<F>(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) -> c_int
|
||||
where F: Fn(bool, &X509StoreContext) -> bool + Any + 'static + Sync + Send
|
||||
where F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send
|
||||
{
|
||||
unsafe {
|
||||
let idx = ffi::SSL_get_ex_data_X509_STORE_CTX_idx();
|
||||
|
|
@ -198,9 +198,9 @@ extern fn ssl_raw_verify<F>(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_
|
|||
get_ssl_verify_data_idx::<F>());
|
||||
let verify: &F = &*(verify as *mut F);
|
||||
|
||||
let ctx = X509StoreContext::new(x509_ctx);
|
||||
let ctx = X509StoreContextRef::from_ptr(x509_ctx);
|
||||
|
||||
verify(preverify_ok != 0, &ctx) as c_int
|
||||
verify(preverify_ok != 0, ctx) as c_int
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -361,7 +361,7 @@ impl SslContextRef {
|
|||
/// Configures the certificate verification method for new connections and
|
||||
/// registers a verification callback.
|
||||
pub fn set_verify_callback<F>(&mut self, mode: SslVerifyMode, verify: F)
|
||||
where F: Fn(bool, &X509StoreContext) -> bool + Any + 'static + Sync + Send
|
||||
where F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send
|
||||
{
|
||||
unsafe {
|
||||
let verify = Box::new(verify);
|
||||
|
|
@ -830,7 +830,7 @@ impl SslRef {
|
|||
/// to the certificate chain. It should return `true` if the certificate
|
||||
/// chain is valid and `false` otherwise.
|
||||
pub fn set_verify_callback<F>(&mut self, mode: SslVerifyMode, verify: F)
|
||||
where F: Fn(bool, &X509StoreContext) -> bool + Any + 'static + Sync + Send
|
||||
where F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send
|
||||
{
|
||||
unsafe {
|
||||
let verify = Box::new(verify);
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ use ssl::SSL_VERIFY_PEER;
|
|||
use ssl::{SslMethod, HandshakeError};
|
||||
use ssl::error::Error;
|
||||
use ssl::{SslContext, SslStream, Ssl};
|
||||
use x509::X509StoreContext;
|
||||
use x509::X509StoreContextRef;
|
||||
use x509::X509FileType;
|
||||
use x509::X509;
|
||||
#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
|
||||
|
|
@ -168,7 +168,7 @@ macro_rules! run_test(
|
|||
use ssl::{SslContext, Ssl, SslStream};
|
||||
use ssl::SSL_VERIFY_PEER;
|
||||
use crypto::hash::MessageDigest;
|
||||
use x509::X509StoreContext;
|
||||
use x509::X509StoreContextRef;
|
||||
use serialize::hex::FromHex;
|
||||
use super::Server;
|
||||
|
||||
|
|
@ -778,7 +778,7 @@ mod dtlsv1 {
|
|||
use ssl::SslMethod;
|
||||
use ssl::{SslContext, SslStream};
|
||||
use ssl::SSL_VERIFY_PEER;
|
||||
use x509::X509StoreContext;
|
||||
use x509::X509StoreContextRef;
|
||||
|
||||
#[test]
|
||||
fn test_new_ctx() {
|
||||
|
|
|
|||
|
|
@ -91,25 +91,26 @@ pub enum X509FileType {
|
|||
Default = ffi::X509_FILETYPE_DEFAULT,
|
||||
}
|
||||
|
||||
#[allow(missing_copy_implementations)]
|
||||
pub struct X509StoreContext {
|
||||
ctx: *mut ffi::X509_STORE_CTX,
|
||||
}
|
||||
pub struct X509StoreContextRef(Opaque);
|
||||
|
||||
impl X509StoreContext {
|
||||
pub fn new(ctx: *mut ffi::X509_STORE_CTX) -> X509StoreContext {
|
||||
X509StoreContext { ctx: ctx }
|
||||
impl X509StoreContextRef {
|
||||
pub unsafe fn from_ptr<'a>(ctx: *mut ffi::X509_STORE_CTX) -> &'a X509StoreContextRef {
|
||||
&*(ctx as *mut _)
|
||||
}
|
||||
|
||||
pub fn as_ptr(&self) -> *mut ffi::X509_STORE_CTX {
|
||||
self as *const _ as *mut _
|
||||
}
|
||||
|
||||
pub fn error(&self) -> Option<X509VerifyError> {
|
||||
unsafe {
|
||||
X509VerifyError::from_raw(ffi::X509_STORE_CTX_get_error(self.ctx) as c_long)
|
||||
X509VerifyError::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr()) as c_long)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn current_cert<'a>(&'a self) -> Option<&'a X509Ref> {
|
||||
pub fn current_cert(&self) -> Option<&X509Ref> {
|
||||
unsafe {
|
||||
let ptr = ffi::X509_STORE_CTX_get_current_cert(self.ctx);
|
||||
let ptr = ffi::X509_STORE_CTX_get_current_cert(self.as_ptr());
|
||||
if ptr.is_null() {
|
||||
None
|
||||
} else {
|
||||
|
|
@ -119,7 +120,7 @@ impl X509StoreContext {
|
|||
}
|
||||
|
||||
pub fn error_depth(&self) -> u32 {
|
||||
unsafe { ffi::X509_STORE_CTX_get_error_depth(self.ctx) as u32 }
|
||||
unsafe { ffi::X509_STORE_CTX_get_error_depth(self.as_ptr()) as u32 }
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue