diff --git a/.circleci/config.yml b/.circleci/config.yml index e3eb2905..95e63d81 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -291,7 +291,7 @@ workflows: name: x86_64-libressl-2.9 target: x86_64-unknown-linux-gnu library: libressl - version: 2.9.0 + version: 2.9.1 - macos: name: macos - macos: diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs index dc7240e2..c74c2bb0 100644 --- a/openssl-sys/build/cfgs.rs +++ b/openssl-sys/build/cfgs.rs @@ -13,6 +13,9 @@ pub fn get(openssl_version: Option, libressl_version: Option) -> Vec<& if libressl_version >= 0x2_07_00_00_0 { cfgs.push("libressl270"); } + if libressl_version >= 0x2_07_01_00_0 { + cfgs.push("libressl271"); + } if libressl_version >= 0x2_07_03_00_0 { cfgs.push("libressl273"); } @@ -22,6 +25,9 @@ pub fn get(openssl_version: Option, libressl_version: Option) -> Vec<& if libressl_version >= 0x2_08_01_00_0 { cfgs.push("libressl281"); } + if libressl_version >= 0x2_09_01_00_0 { + cfgs.push("libressl291"); + } } else { let openssl_version = openssl_version.unwrap(); diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs index a1677a69..7f803a5b 100644 --- a/openssl-sys/build/main.rs +++ b/openssl-sys/build/main.rs @@ -199,6 +199,7 @@ See rust-openssl README for more information: (8, 1) => ('8', '1'), (8, _) => ('8', 'x'), (9, 0) => ('9', '0'), + (9, _) => ('9', 'x'), _ => version_error(), }; @@ -239,7 +240,7 @@ fn version_error() -> ! { " This crate is only compatible with OpenSSL 1.0.1 through 1.1.1, or LibreSSL 2.5 -through 2.9.0, but a different version of OpenSSL was found. The build is now aborting +through 2.9.x, but a different version of OpenSSL was found. The build is now aborting due to this version mismatch. " diff --git a/openssl-sys/src/crypto.rs b/openssl-sys/src/crypto.rs index 48f4e062..24e495cd 100644 --- a/openssl-sys/src/crypto.rs +++ b/openssl-sys/src/crypto.rs @@ -15,7 +15,13 @@ cfg_if! { if #[cfg(ossl110)] { pub const CRYPTO_EX_INDEX_SSL: c_int = 0; pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1; - + } else if #[cfg(libressl)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 1; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 2; + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { extern "C" { pub fn OpenSSL_version_num() -> c_ulong; pub fn OpenSSL_version(key: c_int) -> *const c_char; @@ -64,7 +70,7 @@ pub type CRYPTO_EX_free = unsafe extern "C" fn( argp: *mut c_void, ); extern "C" { - #[cfg(ossl110)] + #[cfg(any(ossl110, libressl))] pub fn CRYPTO_get_ex_new_index( class_index: c_int, argl: c_long, diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs index fcbac300..84db6e26 100644 --- a/openssl-sys/src/ssl.rs +++ b/openssl-sys/src/ssl.rs @@ -1057,7 +1057,7 @@ extern "C" { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl291))] { extern "C" { pub fn TLS_method() -> *const SSL_METHOD; diff --git a/openssl/build.rs b/openssl/build.rs index 99731c57..c1a5ccff 100644 --- a/openssl/build.rs +++ b/openssl/build.rs @@ -46,6 +46,10 @@ fn main() { println!("cargo:rustc-cfg=libressl270"); } + if version >= 0x2_07_01_00_0 { + println!("cargo:rustc-cfg=libressl271"); + } + if version >= 0x2_07_03_00_0 { println!("cargo:rustc-cfg=libressl273"); } @@ -53,5 +57,9 @@ fn main() { if version >= 0x2_08_00_00_0 { println!("cargo:rustc-cfg=libressl280"); } + + if version >= 0x2_09_01_00_0 { + println!("cargo:rustc-cfg=libressl291"); + } } } diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index f433f74d..8f173637 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -3831,9 +3831,14 @@ cfg_if! { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl291))] { use ffi::{TLS_method, DTLS_method}; - + } else { + use ffi::{SSLv23_method as TLS_method, DTLSv1_method as DTLS_method}; + } +} +cfg_if! { + if #[cfg(ossl110)] { unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { ffi::CRYPTO_get_ex_new_index( ffi::CRYPTO_EX_INDEX_SSL_CTX, @@ -3856,8 +3861,6 @@ cfg_if! { ) } } else { - use ffi::{SSLv23_method as TLS_method, DTLSv1_method as DTLS_method}; - unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { ffi::SSL_CTX_get_ex_new_index(0, ptr::null_mut(), None, None, Some(f)) } diff --git a/openssl/src/ssl/test/mod.rs b/openssl/src/ssl/test/mod.rs index 136846f3..e0f3c565 100644 --- a/openssl/src/ssl/test/mod.rs +++ b/openssl/src/ssl/test/mod.rs @@ -306,6 +306,7 @@ fn state() { /// lists of supported protocols have an overlap -- with only ONE protocol /// being valid for both. #[test] +#[cfg_attr(libressl291, ignore)] fn test_connect_with_srtp_ctx() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let addr = listener.local_addr().unwrap(); @@ -362,6 +363,7 @@ fn test_connect_with_srtp_ctx() { /// lists of supported protocols have an overlap -- with only ONE protocol /// being valid for both. #[test] +#[cfg_attr(libressl291, ignore)] fn test_connect_with_srtp_ssl() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let addr = listener.local_addr().unwrap(); diff --git a/openssl/src/version.rs b/openssl/src/version.rs index dc8508d1..0d2d5bb6 100644 --- a/openssl/src/version.rs +++ b/openssl/src/version.rs @@ -14,7 +14,7 @@ use std::ffi::CStr; cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl271))] { use ffi::{ OPENSSL_VERSION, OPENSSL_CFLAGS, OPENSSL_BUILT_ON, OPENSSL_PLATFORM, OPENSSL_DIR, OpenSSL_version_num, OpenSSL_version,