min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #759 from feeeeb/libressl-v2.6.3 

Libressl v2.6.3
This commit is contained in:
Steven Fackler 2017-11-13 08:53:35 -08:00 committed by GitHub
parent 2b3dda12a4 a8b7e357f3
commit b91aed22c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 32 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.circleci/config.yml
View File

@ -82,6 +82,9 @@ libressl_250: &LIBRESSL_250
libressl_261: &LIBRESSL_262 libressl_261: &LIBRESSL_262
LIBRARY: libressl LIBRARY: libressl
VERSION: 2.6.2 VERSION: 2.6.2
libressl_263: &LIBRESSL_263
LIBRARY: libressl
VERSION: 2.6.3
x86_64: &X86_64 x86_64: &X86_64
TARGET: x86_64-unknown-linux-gnu TARGET: x86_64-unknown-linux-gnu
@ -144,6 +147,10 @@ jobs:
<<: *JOB <<: *JOB
environment: environment:
<<: [*LIBRESSL_262, *X86_64, *BASE] <<: [*LIBRESSL_262, *X86_64, *BASE]
x86_64-libressl-2.6.3:
<<: *JOB
environment:
<<: [*LIBRESSL_263, *X86_64, *BASE]
workflows: workflows:
version: 2 version: 2
tests: tests:
@ -159,3 +166,4 @@ workflows:
- armhf-openssl-1.0.1 - armhf-openssl-1.0.1
- x86_64-libressl-2.5.0 - x86_64-libressl-2.5.0
- x86_64-libressl-2.6.2 - x86_64-libressl-2.6.2
- x86_64-libressl-2.6.3

11
openssl-sys/build.rs
View File

@ -316,8 +316,10 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version {
#include <openssl/opensslv.h> #include <openssl/opensslv.h>
#include <openssl/opensslconf.h> #include <openssl/opensslconf.h>
#if LIBRESSL_VERSION_NUMBER >= 0x20603000 #if LIBRESSL_VERSION_NUMBER >= 0x20604000
RUST_LIBRESSL_NEW RUST_LIBRESSL_NEW
#elif LIBRESSL_VERSION_NUMBER >= 0x20603000
RUST_LIBRESSL_263
#elif LIBRESSL_VERSION_NUMBER >= 0x20602000 #elif LIBRESSL_VERSION_NUMBER >= 0x20602000
RUST_LIBRESSL_262 RUST_LIBRESSL_262
#elif LIBRESSL_VERSION_NUMBER >= 0x20601000 #elif LIBRESSL_VERSION_NUMBER >= 0x20601000
@ -475,6 +477,13 @@ See rust-openssl README for more information:
println!("cargo:libressl_version=262"); println!("cargo:libressl_version=262");
println!("cargo:version=101"); println!("cargo:version=101");
Version::Libressl Version::Libressl
} else if expanded.contains("RUST_LIBRESSL_263") {
println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl263");
println!("cargo:libressl=true");
println!("cargo:libressl_version=263");
println!("cargo:version=101");
Version::Libressl
} else if expanded.contains("RUST_OPENSSL_110F") { } else if expanded.contains("RUST_OPENSSL_110F") {
println!("cargo:rustc-cfg=ossl110"); println!("cargo:rustc-cfg=ossl110");
println!("cargo:rustc-cfg=ossl110f"); println!("cargo:rustc-cfg=ossl110f");

8
openssl-sys/src/lib.rs
View File

@ -1250,14 +1250,14 @@ pub const SSL_VERIFY_NONE: c_int = 0;
pub const SSL_VERIFY_PEER: c_int = 1; pub const SSL_VERIFY_PEER: c_int = 1;
pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2;
#[cfg(not(any(libressl261, libressl262, ossl101)))] #[cfg(not(any(libressl261, libressl262, libressl263, ossl101)))]
pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010; pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010;
#[cfg(any(libressl261, libressl262))] #[cfg(any(libressl261, libressl262, libressl263))]
pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0; pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0;
pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800; pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800;
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000; pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000;
#[cfg(any(libressl261, libressl262))] #[cfg(any(libressl261, libressl262, libressl263))]
pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0; pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0;
pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004; pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004;
#[cfg(not(libressl))] #[cfg(not(libressl))]

8
openssl-sys/src/libressl/mod.rs
View File

@ -345,9 +345,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32;
pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77;
pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94;
#[cfg(any(libressl261, libressl262))] #[cfg(any(libressl261, libressl262, libressl263))]
pub const SSL_OP_ALL: c_ulong = 0x4; pub const SSL_OP_ALL: c_ulong = 0x4;
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
pub const SSL_OP_ALL: c_ulong = 0x80000014; pub const SSL_OP_ALL: c_ulong = 0x80000014;
pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0; pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0;
pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0; pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0;
@ -360,9 +360,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0;
pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0; pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0;
pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0;
pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0;
#[cfg(any(libressl261, libressl262))] #[cfg(any(libressl261, libressl262, libressl263))]
pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0; pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0;
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000;
pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000;
pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; pub const SSL_OP_NO_SSLv2: c_ulong = 0x0;

4
openssl/src/ssl/mod.rs
View File

@ -649,7 +649,7 @@ impl SslContextBuilder {
/// Set the protocols to be used during Next Protocol Negotiation (the protocols /// Set the protocols to be used during Next Protocol Negotiation (the protocols
/// supported by the application). /// supported by the application).
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
pub fn set_npn_protocols(&mut self, protocols: &[&[u8]]) -> Result<(), ErrorStack> { pub fn set_npn_protocols(&mut self, protocols: &[&[u8]]) -> Result<(), ErrorStack> {
// Firstly, convert the list of protocols to a byte-array that can be passed to OpenSSL // Firstly, convert the list of protocols to a byte-array that can be passed to OpenSSL
// APIs -- a list of length-prefixed strings. // APIs -- a list of length-prefixed strings.
@ -1307,7 +1307,7 @@ impl SslRef {
/// ///
/// The protocol's name is returned is an opaque sequence of bytes. It is up to the client /// The protocol's name is returned is an opaque sequence of bytes. It is up to the client
/// to interpret it. /// to interpret it.
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
pub fn selected_npn_protocol(&self) -> Option<&[u8]> { pub fn selected_npn_protocol(&self) -> Option<&[u8]> {
unsafe { unsafe {
let mut data: *const c_uchar = ptr::null(); let mut data: *const c_uchar = ptr::null();

8
openssl/src/ssl/tests/mod.rs
View File

@ -503,7 +503,7 @@ fn test_connect_with_unilateral_alpn() {
/// Tests that connecting with the client using NPN, but the server not does not /// Tests that connecting with the client using NPN, but the server not does not
/// break the existing connection behavior. /// break the existing connection behavior.
#[test] #[test]
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
fn test_connect_with_unilateral_npn() { fn test_connect_with_unilateral_npn() {
let (_s, stream) = Server::new(); let (_s, stream) = Server::new();
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
@ -616,7 +616,7 @@ fn test_connect_with_npn_successful_single_match() {
/// Tests that when the `SslStream` is created as a server stream, the protocols /// Tests that when the `SslStream` is created as a server stream, the protocols
/// are correctly advertised to the client. /// are correctly advertised to the client.
#[test] #[test]
#[cfg(not(any(libressl261, libressl262)))] #[cfg(not(any(libressl261, libressl262, libressl263)))]
fn test_npn_server_advertise_multiple() { fn test_npn_server_advertise_multiple() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let localhost = listener.local_addr().unwrap(); let localhost = listener.local_addr().unwrap();
@ -1241,7 +1241,7 @@ fn tmp_dh_callback() {
} }
#[test] #[test]
#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262))), all(feature = "v102", ossl102)))] #[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl263))), all(feature = "v102", ossl102)))]
fn tmp_ecdh_callback() { fn tmp_ecdh_callback() {
use ec::EcKey; use ec::EcKey;
use nid; use nid;
@ -1308,7 +1308,7 @@ fn tmp_dh_callback_ssl() {
} }
#[test] #[test]
#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262))), all(feature = "v102", ossl102)))] #[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl263))), all(feature = "v102", ossl102)))]
fn tmp_ecdh_callback_ssl() { fn tmp_ecdh_callback_ssl() {
use ec::EcKey; use ec::EcKey;
use nid; use nid;