Clean up features

2016-10-13 19:46:13 -07:00 · 2016-10-13 19:46:13 -07:00 · edfc50f37d
parent 1883590c61
commit edfc50f37d
5 changed files with 21 additions and 64 deletions
--- a/openssl/Cargo.toml
+++ b/openssl/Cargo.toml
@ -12,14 +12,7 @@ build = "build.rs"
 exclude = ["test/*"]

 [features]
-# Added in OpenSSL 1.0.2
-rfc5114 = []
-aes_xts = []
-aes_ctr = []
-alpn = []
-ecdh_auto = []
 openssl-102 = []
-
 openssl-110 = ["openssl-102"]

 [dependencies]
--- a/openssl/src/crypto/symm.rs
+++ b/openssl/src/crypto/symm.rs
@ -16,31 +16,20 @@ pub enum Mode {
 pub enum Type {
    AES_128_ECB,
    AES_128_CBC,
-    /// Requires the `aes_xts` feature
-    #[cfg(feature = "aes_xts")]
    AES_128_XTS,
-    #[cfg(feature = "aes_ctr")]
    AES_128_CTR,
-    // AES_128_GCM,
    AES_128_CFB1,
    AES_128_CFB128,
    AES_128_CFB8,
-
    AES_256_ECB,
    AES_256_CBC,
-    /// Requires the `aes_xts` feature
-    #[cfg(feature = "aes_xts")]
    AES_256_XTS,
-    #[cfg(feature = "aes_ctr")]
    AES_256_CTR,
-    // AES_256_GCM,
    AES_256_CFB1,
    AES_256_CFB128,
    AES_256_CFB8,
-
    DES_CBC,
    DES_ECB,
-
    RC4_128,
 }

@ -50,29 +39,20 @@ impl Type {
            match *self {
                Type::AES_128_ECB => ffi::EVP_aes_128_ecb(),
                Type::AES_128_CBC => ffi::EVP_aes_128_cbc(),
-                #[cfg(feature = "aes_xts")]
                Type::AES_128_XTS => ffi::EVP_aes_128_xts(),
-                #[cfg(feature = "aes_ctr")]
                Type::AES_128_CTR => ffi::EVP_aes_128_ctr(),
-                // AES_128_GCM => (EVP_aes_128_gcm(), 16, 16),
                Type::AES_128_CFB1 => ffi::EVP_aes_128_cfb1(),
                Type::AES_128_CFB128 => ffi::EVP_aes_128_cfb128(),
                Type::AES_128_CFB8 => ffi::EVP_aes_128_cfb8(),
-
                Type::AES_256_ECB => ffi::EVP_aes_256_ecb(),
                Type::AES_256_CBC => ffi::EVP_aes_256_cbc(),
-                #[cfg(feature = "aes_xts")]
                Type::AES_256_XTS => ffi::EVP_aes_256_xts(),
-                #[cfg(feature = "aes_ctr")]
                Type::AES_256_CTR => ffi::EVP_aes_256_ctr(),
-                // AES_256_GCM => (EVP_aes_256_gcm(), 32, 16),
                Type::AES_256_CFB1 => ffi::EVP_aes_256_cfb1(),
                Type::AES_256_CFB128 => ffi::EVP_aes_256_cfb128(),
                Type::AES_256_CFB8 => ffi::EVP_aes_256_cfb8(),
-
                Type::DES_CBC => ffi::EVP_des_cbc(),
                Type::DES_ECB => ffi::EVP_des_ecb(),
-
                Type::RC4_128 => ffi::EVP_rc4(),
            }
        }
@ -396,7 +376,6 @@ mod tests {
    }

    #[test]
-    #[cfg(feature = "aes_xts")]
    fn test_aes256_xts() {
        // Test case 174 from
        // http://csrc.nist.gov/groups/STM/cavp/documents/aes/XTSTestVectors.zip
@ -412,7 +391,6 @@ mod tests {
    }

    #[test]
-    #[cfg(feature = "aes_ctr")]
    fn test_aes128_ctr() {

        let pt = "6BC1BEE22E409F96E93D7E117393172AAE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411\
@ -425,17 +403,6 @@ mod tests {
        cipher_test(super::Type::AES_128_CTR, pt, ct, key, iv);
    }

-    // #[test]
-    // fn test_aes128_gcm() {
-    // Test case 3 in GCM spec
-    // let pt = ~"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255";
-    // let ct = ~"42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f59854d5c2af327cd64a62cf35abd2ba6fab4";
-    // let key = ~"feffe9928665731c6d6a8f9467308308";
-    // let iv = ~"cafebabefacedbaddecaf888";
-    //
-    // cipher_test(super::AES_128_GCM, pt, ct, key, iv);
-    // }
-
    #[test]
    fn test_aes128_cfb1() {
        // Lifted from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
--- a/openssl/src/dh/mod.rs
+++ b/openssl/src/dh/mod.rs
@ -30,19 +30,19 @@ impl DH {
        Ok(DH(dh))
    }

-    #[cfg(all(feature = "rfc5114", not(ossl101)))]
+    #[cfg(feature = "openssl-102")]
    pub fn get_1024_160() -> Result<DH, ErrorStack> {
        let dh = try_ssl_null!(unsafe { ffi::DH_get_1024_160() });
        Ok(DH(dh))
    }

-    #[cfg(all(feature = "rfc5114", not(ossl101)))]
+    #[cfg(feature = "openssl-102")]
    pub fn get_2048_224() -> Result<DH, ErrorStack> {
        let dh = try_ssl_null!(unsafe { ffi::DH_get_2048_224() });
        Ok(DH(dh))
    }

-    #[cfg(all(feature = "rfc5114", not(ossl101)))]
+    #[cfg(feature = "openssl-102")]
    pub fn get_2048_256() -> Result<DH, ErrorStack> {
        let dh = try_ssl_null!(unsafe { ffi::DH_get_2048_256() });
        Ok(DH(dh))
@ -92,7 +92,7 @@ mod tests {
    use ssl::SslMethod::Tls;

    #[test]
-    #[cfg(all(feature = "rfc5114", not(ossl101)))]
+    #[cfg(feature = "openssl-102")]
    fn test_dh_rfc5114() {
        let mut ctx = SslContext::new(Tls).unwrap();
        let dh1 = DH::get_1024_160().unwrap();
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@ -117,7 +117,7 @@ fn get_ssl_verify_data_idx<T: Any + 'static>() -> c_int {
 lazy_static! {
    static ref NPN_PROTOS_IDX: c_int = get_new_idx::<Vec<u8>>();
 }
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 lazy_static! {
    static ref ALPN_PROTOS_IDX: c_int = get_new_idx::<Vec<u8>>();
 }
@ -260,7 +260,7 @@ extern fn raw_next_proto_select_cb(ssl: *mut ffi::SSL,
    unsafe { select_proto_using(ssl, out, outlen, inbuf, inlen, *NPN_PROTOS_IDX) }
 }

-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 extern fn raw_alpn_select_cb(ssl: *mut ffi::SSL,
                             out: *mut *const c_uchar,
                             outlen: *mut c_uchar,
@ -512,14 +512,16 @@ impl<'a> SslContextRef<'a> {
    /// compatible clients, and automatically select an appropriate elliptic
    /// curve.
    ///
-    /// This method requires OpenSSL >= 1.0.2 or LibreSSL and the `ecdh_auto`
-    /// feature.
-    #[cfg(all(feature = "ecdh_auto", not(ossl101)))]
+    /// This feature is always enabled on OpenSSL 1.1.0, and calling this
+    /// method does nothing.
+    ///
+    /// This method requires the `openssl-102` feature.
+    #[cfg(feature = "openssl-102")]
    pub fn set_ecdh_auto(&mut self, onoff: bool) -> Result<(), ErrorStack> {
        self._set_ecdh_auto(onoff)
    }

-    #[cfg(all(feature = "ecdh_auto", ossl102))]
+    #[cfg(all(feature = "openssl-102", ossl102))]
    fn _set_ecdh_auto(&mut self, onoff: bool) -> Result<(), ErrorStack> {
        wrap_ssl_result(unsafe {
            ffi::SSL_CTX_ctrl(self.as_ptr(),
@ -529,7 +531,7 @@ impl<'a> SslContextRef<'a> {
        })
    }

-    #[cfg(all(feature = "ecdh_auto", ossl110))]
+    #[cfg(all(feature = "openssl-102", ossl110))]
    fn _set_ecdh_auto(&mut self, _onoff: bool) -> Result<(), ErrorStack> {
        Ok(())
    }
@ -581,8 +583,8 @@ impl<'a> SslContextRef<'a> {
    ///
    /// Note that ordering of the protocols controls the priority with which they are chosen.
    ///
-    /// This method needs the `alpn` feature.
-    #[cfg(all(feature = "alpn", not(ossl101)))]
+    /// This method needs the `openssl-102` feature.
+    #[cfg(feature = "openssl-102")]
    pub fn set_alpn_protocols(&mut self, protocols: &[&[u8]]) {
        let protocols: Box<Vec<u8>> = Box::new(ssl_encode_byte_strings(protocols));
        unsafe {
@ -922,7 +924,7 @@ impl<'a> SslRef<'a> {
    /// to interpret it.
    ///
    /// This method needs the `alpn` feature.
-    #[cfg(all(feature = "alpn", not(ossl101)))]
+    #[cfg(feature = "openssl-102")]
    pub fn selected_alpn_protocol(&self) -> Option<&[u8]> {
        unsafe {
            let mut data: *const c_uchar = ptr::null();
--- a/openssl/src/ssl/tests/mod.rs
+++ b/openssl/src/ssl/tests/mod.rs
@ -104,7 +104,6 @@ impl Server {
        Server::new_tcp(&["-www"])
    }

-    #[cfg(all(any(feature = "alpn", feature = "npn"), not(ossl101)))]
    fn new_alpn() -> (Server, TcpStream) {
        Server::new_tcp(&["-www",
                          "-nextprotoneg",
@ -549,7 +548,7 @@ fn test_state() {
 /// Tests that connecting with the client using ALPN, but the server not does not
 /// break the existing connection behavior.
 #[test]
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 fn test_connect_with_unilateral_alpn() {
    let (_s, stream) = Server::new();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -571,7 +570,6 @@ fn test_connect_with_unilateral_alpn() {
 /// Tests that connecting with the client using NPN, but the server not does not
 /// break the existing connection behavior.
 #[test]
-#[cfg(all(feature = "npn", not(ossl101)))]
 fn test_connect_with_unilateral_npn() {
    let (_s, stream) = Server::new();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -593,7 +591,7 @@ fn test_connect_with_unilateral_npn() {
 /// Tests that when both the client as well as the server use ALPN and their
 /// lists of supported protocols have an overlap, the correct protocol is chosen.
 #[test]
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 fn test_connect_with_alpn_successful_multiple_matching() {
    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -615,7 +613,6 @@ fn test_connect_with_alpn_successful_multiple_matching() {
 /// Tests that when both the client as well as the server use NPN and their
 /// lists of supported protocols have an overlap, the correct protocol is chosen.
 #[test]
-#[cfg(all(feature = "npn", not(ossl101)))]
 fn test_connect_with_npn_successful_multiple_matching() {
    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -638,7 +635,7 @@ fn test_connect_with_npn_successful_multiple_matching() {
 /// lists of supported protocols have an overlap -- with only ONE protocol
 /// being valid for both.
 #[test]
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 fn test_connect_with_alpn_successful_single_match() {
    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -662,7 +659,6 @@ fn test_connect_with_alpn_successful_single_match() {
 /// lists of supported protocols have an overlap -- with only ONE protocol
 /// being valid for both.
 #[test]
-#[cfg(all(feature = "npn", not(ossl101)))]
 fn test_connect_with_npn_successful_single_match() {
    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Tls).unwrap();
@ -684,7 +680,6 @@ fn test_connect_with_npn_successful_single_match() {
 /// Tests that when the `SslStream` is created as a server stream, the protocols
 /// are correctly advertised to the client.
 #[test]
-#[cfg(all(feature = "npn", not(ossl101)))]
 fn test_npn_server_advertise_multiple() {
    let listener = TcpListener::bind("127.0.0.1:0").unwrap();
    let localhost = listener.local_addr().unwrap();
@ -725,7 +720,7 @@ fn test_npn_server_advertise_multiple() {
 /// Tests that when the `SslStream` is created as a server stream, the protocols
 /// are correctly advertised to the client.
 #[test]
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 fn test_alpn_server_advertise_multiple() {
    let listener = TcpListener::bind("127.0.0.1:0").unwrap();
    let localhost = listener.local_addr().unwrap();
@ -766,7 +761,7 @@ fn test_alpn_server_advertise_multiple() {
 /// Test that Servers supporting ALPN don't report a protocol when none of their protocols match
 /// the client's reported protocol.
 #[test]
-#[cfg(all(feature = "alpn", not(ossl101)))]
+#[cfg(feature = "openssl-102")]
 // TODO: not sure why this test is failing on OpenSSL 1.1.0, may be related to
 //       something about SSLv3 though?
 #[cfg_attr(ossl110, ignore)]