min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Baseline server support 

Allows calling SSL_accept() instead of SSL_connect() when creating an
SslStream.
This commit is contained in:
Cody P Schafer 2014-09-23 16:11:34 -04:00
parent af5533d936
commit b9e3ed50ad
2 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openssl-sys/src/lib.rs
View File

@ -403,6 +403,7 @@ extern "C" {
pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO); pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
pub fn SSL_get_rbio(ssl: *mut SSL) -> *mut BIO; pub fn SSL_get_rbio(ssl: *mut SSL) -> *mut BIO;
pub fn SSL_get_wbio(ssl: *mut SSL) -> *mut BIO; pub fn SSL_get_wbio(ssl: *mut SSL) -> *mut BIO;
pub fn SSL_accept(ssl: *mut SSL) -> c_int;
pub fn SSL_connect(ssl: *mut SSL) -> c_int; pub fn SSL_connect(ssl: *mut SSL) -> c_int;
pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long,
parg: *mut c_void) -> c_long; parg: *mut c_void) -> c_long;

37
src/ssl/mod.rs
View File

@ -326,6 +326,10 @@ impl Ssl {
unsafe { ffi::SSL_connect(self.ssl) } unsafe { ffi::SSL_connect(self.ssl) }
} }
fn accept(&self) -> c_int {
unsafe { ffi::SSL_accept(self.ssl) }
}
fn read(&self, buf: &mut [u8]) -> c_int { fn read(&self, buf: &mut [u8]) -> c_int {
unsafe { ffi::SSL_read(self.ssl, buf.as_ptr() as *mut c_void, unsafe { ffi::SSL_read(self.ssl, buf.as_ptr() as *mut c_void,
buf.len() as c_int) } buf.len() as c_int) }
@ -390,31 +394,38 @@ pub struct SslStream<S> {
} }
impl<S: Stream> SslStream<S> { impl<S: Stream> SslStream<S> {
/// Attempts to create a new SSL stream from a given `Ssl` instance. fn new_base(ssl:Ssl, stream: S) -> SslStream<S> {
pub fn new_from(ssl: Ssl, stream: S) -> Result<SslStream<S>, SslError> { SslStream {
let mut ssl = SslStream {
stream: stream, stream: stream,
ssl: ssl, ssl: ssl,
// Maximum TLS record size is 16k // Maximum TLS record size is 16k
buf: Vec::from_elem(16 * 1024, 0u8) buf: Vec::from_elem(16 * 1024, 0u8)
};
match ssl.in_retry_wrapper(|ssl| { ssl.connect() }) {
Ok(_) => Ok(ssl),
Err(err) => Err(err)
} }
} }
pub fn new_server_from(ssl: Ssl, stream: S) -> Result<SslStream<S>, SslError> {
let mut ssl = SslStream::new_base(ssl, stream);
ssl.in_retry_wrapper(|ssl| { ssl.accept() }).and(Ok(ssl))
}
/// Attempts to create a new SSL stream from a given `Ssl` instance.
pub fn new_from(ssl: Ssl, stream: S) -> Result<SslStream<S>, SslError> {
let mut ssl = SslStream::new_base(ssl, stream);
ssl.in_retry_wrapper(|ssl| { ssl.connect() }).and(Ok(ssl))
}
/// Creates a new SSL stream /// Creates a new SSL stream
pub fn new(ctx: &SslContext, stream: S) -> Result<SslStream<S>, SslError> { pub fn new(ctx: &SslContext, stream: S) -> Result<SslStream<S>, SslError> {
let ssl = match Ssl::new(ctx) { let ssl = try!(Ssl::new(ctx));
Ok(ssl) => ssl,
Err(err) => return Err(err)
};
SslStream::new_from(ssl, stream) SslStream::new_from(ssl, stream)
} }
/// Creates a new SSL server stream
pub fn new_server(ctx: &SslContext, stream: S) -> Result<SslStream<S>, SslError> {
let ssl = try!(Ssl::new(ctx));
SslStream::new_server_from(ssl, stream)
}
fn in_retry_wrapper(&mut self, blk: |&Ssl| -> c_int) fn in_retry_wrapper(&mut self, blk: |&Ssl| -> c_int)
-> Result<c_int, SslError> { -> Result<c_int, SslError> {
loop { loop {