min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix support for LibreSSL versions other than 2.5.0

This commit is contained in:
Steven Fackler 2017-05-12 10:41:21 -07:00
parent b01743e207
commit f2ecdbe709
4 changed files with 355 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
openssl-sys/build.rs
View File

@ -240,9 +240,21 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version {
#include <openssl/opensslv.h> #include <openssl/opensslv.h>
#include <openssl/opensslconf.h> #include <openssl/opensslconf.h>
#ifdef LIBRESSL_VERSION_NUMBER #if LIBRESSL_VERSION_NUMBER >= 0x20505000
RUST_LIBRESSL RUST_LIBRESSL_NEW
#elif OPENSSL_VERSION_NUMBER >= 0x10200000 #elif LIBRESSL_VERSION_NUMBER >= 0x20504000
RUST_LIBRESSL_254
#elif LIBRESSL_VERSION_NUMBER >= 0x20503000
RUST_LIBRESSL_253
#elif LIBRESSL_VERSION_NUMBER >= 0x20502000
RUST_LIBRESSL_252
#elif LIBRESSL_VERSION_NUMBER >= 0x20501000
RUST_LIBRESSL_251
#elif LIBRESSL_VERSION_NUMBER >= 0x20500000
RUST_LIBRESSL_250
#elif defined (LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20500000
RUST_LIBRESSL_OLD
#elif OPENSSL_VERSION_NUMBER >= 0x10101000
RUST_OPENSSL_NEW RUST_OPENSSL_NEW
#elif OPENSSL_VERSION_NUMBER >= 0x10100000 #elif OPENSSL_VERSION_NUMBER >= 0x10100000
RUST_OPENSSL_110 RUST_OPENSSL_110
@ -305,8 +317,33 @@ See rust-openssl README for more information:
} }
println!("cargo:conf={}", enabled.join(",")); println!("cargo:conf={}", enabled.join(","));
if expanded.contains("RUST_LIBRESSL") { if expanded.contains("RUST_LIBRESSL_250") {
println!("cargo:rustc-cfg=libressl"); println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl250");
println!("cargo:libressl=true");
println!("cargo:version=101");
Version::Libressl
} else if expanded.contains("RUST_LIBRESSL_251") {
println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl251");
println!("cargo:libressl=true");
println!("cargo:version=101");
Version::Libressl
} else if expanded.contains("RUST_LIBRESSL_252") {
println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl252");
println!("cargo:libressl=true");
println!("cargo:version=101");
Version::Libressl
} else if expanded.contains("RUST_LIBRESSL_253") {
println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl253");
println!("cargo:libressl=true");
println!("cargo:version=101");
Version::Libressl
} else if expanded.contains("RUST_LIBRESSL_254") {
println!("cargo:rustc-cfg=libressl");
println!("cargo:rustc-cfg=libressl254");
println!("cargo:libressl=true"); println!("cargo:libressl=true");
println!("cargo:version=101"); println!("cargo:version=101");
Version::Libressl Version::Libressl
@ -325,9 +362,9 @@ See rust-openssl README for more information:
} else { } else {
panic!(" panic!("
This crate is only compatible with OpenSSL 1.0.1, 1.0.2, and 1.1.0, or LibreSSL, This crate is only compatible with OpenSSL 1.0.1, 1.0.2, and 1.1.0, or LibreSSL
but a different version of OpenSSL was found. The build is now aborting due to 2.5.0, 2.5.1, 2.5.2, 2.5.3, and 2.5.4, but a different version of OpenSSL was
this version mismatch. found. The build is now aborting due to this version mismatch.
"); ");
} }

220
openssl-sys/src/libressl.rs → openssl-sys/src/libressl/mod.rs
View File

@ -3,8 +3,17 @@ use std::sync::{Once, ONCE_INIT};
use std::mem; use std::mem;
use std::ptr; use std::ptr;
#[cfg(libressl250)]
pub use libressl::v250::*;
#[cfg(not(libressl250))]
pub use libressl::v25x::*;
use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong};
use libc::time_t;
#[cfg(libressl250)]
mod v250;
#[cfg(not(libressl250))]
mod v25x;
#[repr(C)] #[repr(C)]
pub struct stack_st_ASN1_OBJECT { pub struct stack_st_ASN1_OBJECT {
@ -322,215 +331,6 @@ pub struct X509_REQ {
references: c_int references: c_int
} }
#[repr(C)]
pub struct SSL {
version: c_int,
type_: c_int,
method: *const ::SSL_METHOD,
rbio: *mut c_void,
wbio: *mut c_void,
bbio: *mut c_void,
rwstate: c_int,
in_handshake: c_int,
handshake_func: Option<unsafe extern fn(*mut SSL) -> c_int>,
pub server: c_int,
new_session: c_int,
quiet_shutdown: c_int,
shutdown: c_int,
state: c_int,
rstate: c_int,
init_buf: *mut c_void,
init_msg: *mut c_void,
init_num: c_int,
init_off: c_int,
packet: *mut c_uchar,
packet_length: c_uint,
s3: *mut c_void,
d1: *mut c_void,
read_ahead: c_int,
msg_callback: Option<unsafe extern fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void)>,
msg_callback_arg: *mut c_void,
hit: c_int,
param: *mut c_void,
cipher_list: *mut stack_st_SSL_CIPHER,
cipher_list_by_id: *mut stack_st_SSL_CIPHER,
mac_flags: c_int,
aead_read_ctx: *mut c_void,
enc_read_ctx: *mut ::EVP_CIPHER_CTX,
read_hash: *mut ::EVP_MD_CTX,
aead_write_ctx: *mut c_void,
enc_write_ctx: *mut ::EVP_CIPHER_CTX,
write_hash: *mut ::EVP_MD_CTX,
cert: *mut c_void,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
session: *mut ::SSL_SESSION,
generate_session_id: ::GEN_SESSION_CB,
verify_mode: c_int,
verify_callback: Option<unsafe extern fn(c_int, *mut ::X509_STORE_CTX) -> c_int>,
info_callback: Option<unsafe extern fn(*mut SSL, c_int, c_int)>,
error: c_int,
error_code: c_int,
ctx: *mut ::SSL_CTX,
debug: c_int,
verify_result: c_long,
ex_data: ::CRYPTO_EX_DATA,
client_CA: *mut stack_st_X509_NAME,
references: c_int,
options: c_ulong,
mode: c_ulong,
max_cert_list: c_long,
first_packet: c_int,
client_version: c_int,
max_send_fragment: c_uint,
tlsext_debug_cb: Option<unsafe extern fn(*mut SSL, c_int, c_int, *mut c_uchar, c_int, *mut c_void)>,
tlsext_debug_arg: *mut c_void,
tlsext_hostname: *mut c_char,
servername_done: c_int,
tlsext_status_type: c_int,
tlsext_status_expected: c_int,
tlsext_ocsp_ids: *mut c_void,
tlsext_ocsp_exts: *mut c_void,
tlsext_ocsp_resp: *mut c_uchar,
tlsext_ocsp_resplen: c_int,
tlsext_ticket_expected: c_int,
tlsext_ecpointformatlist_length: size_t,
tlsext_ecpointformatlist: *mut c_uchar,
tlsext_ellipticcurvelist_length: size_t,
tlsext_ellipticcurvelist: *mut c_uchar,
tlsext_session_ticket: *mut c_void,
tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn,
tls_session_ticket_ext_cb_arg: *mut c_void,
tls_session_secret_cb: ::tls_session_secret_cb_fn,
tls_session_secret_cb_arg: *mut c_void,
initial_ctx: *mut ::SSL_CTX,
next_proto_negotiated: *mut c_uchar,
next_proto_negotiated_len: c_uchar,
srtp_profiles: *mut c_void,
srtp_profile: *mut c_void,
tlsext_heartbeat: c_uint,
tlsext_hb_pending: c_uint,
tlsext_hb_seq: c_uint,
alpn_client_proto_list: *mut c_uchar,
alpn_client_proto_list_len: c_uint,
renegotiate: c_int,
}
#[repr(C)]
pub struct SSL_CTX {
method: *mut c_void,
cipher_list: *mut c_void,
cipher_list_by_id: *mut c_void,
cert_store: *mut c_void,
sessions: *mut c_void,
session_cache_size: c_ulong,
session_cache_head: *mut c_void,
session_cache_tail: *mut c_void,
session_cache_mode: c_int,
session_timeout: c_long,
new_session_cb: *mut c_void,
remove_session_cb: *mut c_void,
get_session_cb: *mut c_void,
stats: [c_int; 11],
pub references: c_int,
app_verify_callback: *mut c_void,
app_verify_arg: *mut c_void,
default_passwd_callback: *mut c_void,
default_passwd_callback_userdata: *mut c_void,
client_cert_cb: *mut c_void,
app_gen_cookie_cb: *mut c_void,
app_verify_cookie_cb: *mut c_void,
ex_dat: ::CRYPTO_EX_DATA,
rsa_md5: *mut c_void,
md5: *mut c_void,
sha1: *mut c_void,
extra_certs: *mut c_void,
comp_methods: *mut c_void,
info_callback: *mut c_void,
client_CA: *mut c_void,
options: c_ulong,
mode: c_ulong,
max_cert_list: c_long,
cert: *mut c_void,
read_ahead: c_int,
msg_callback: *mut c_void,
msg_callback_arg: *mut c_void,
verify_mode: c_int,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; 32],
default_verify_callback: *mut c_void,
generate_session_id: *mut c_void,
param: *mut c_void,
quiet_shutdown: c_int,
max_send_fragment: c_uint,
#[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))]
client_cert_engine: *mut c_void,
tlsext_servername_callback: *mut c_void,
tlsect_servername_arg: *mut c_void,
tlsext_tick_key_name: [c_uchar; 16],
tlsext_tick_hmac_key: [c_uchar; 16],
tlsext_tick_aes_key: [c_uchar; 16],
tlsext_ticket_key_cb: *mut c_void,
tlsext_status_cb: *mut c_void,
tlsext_status_arg: *mut c_void,
tlsext_opaque_prf_input_callback: *mut c_void,
tlsext_opaque_prf_input_callback_arg: *mut c_void,
next_protos_advertised_cb: *mut c_void,
next_protos_advertised_cb_arg: *mut c_void,
next_proto_select_cb: *mut c_void,
next_proto_select_cb_arg: *mut c_void,
srtp_profiles: *mut c_void,
}
#[repr(C)]
pub struct SSL_SESSION {
ssl_version: c_int,
pub master_key_length: c_int,
pub master_key: [c_uchar; 48],
session_id_length: c_uint,
session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
not_resumable: c_int,
sess_cert: *mut c_void,
peer: *mut X509,
verify_result: c_long,
timeout: c_long,
time: time_t,
pub references: c_int,
cipher: *const c_void,
cipher_id: c_ulong,
ciphers: *mut c_void,
ex_data: ::CRYPTO_EX_DATA,
prev: *mut c_void,
next: *mut c_void,
tlsext_hostname: *mut c_char,
tlsext_ecpointformatlist_length: size_t,
tlsext_ecpointformatlist: *mut u8,
tlsext_ellipticcurvelist_length: size_t,
tlsext_ellipticcurvelist: *mut u16,
tlsext_tick: *mut c_uchar,
tlsext_ticklen: size_t,
tlsext_tick_lifetime_hint: c_long,
}
#[repr(C)]
pub struct X509_VERIFY_PARAM {
pub name: *mut c_char,
pub check_time: time_t,
pub inh_flags: c_ulong,
pub flags: c_ulong,
pub purpose: c_int,
pub trust: c_int,
pub depth: c_int,
pub policies: *mut stack_st_ASN1_OBJECT,
//pub id: *mut X509_VERIFY_PARAM_ID,
}
pub enum X509_VERIFY_PARAM_ID {} pub enum X509_VERIFY_PARAM_ID {}
pub enum PKCS12 {} pub enum PKCS12 {}

212
openssl-sys/src/libressl/v250.rs Normal file
View File

@ -0,0 +1,212 @@
use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t};
use super::*;
#[repr(C)]
pub struct SSL {
version: c_int,
type_: c_int,
method: *const ::SSL_METHOD,
rbio: *mut c_void,
wbio: *mut c_void,
bbio: *mut c_void,
rwstate: c_int,
in_handshake: c_int,
handshake_func: Option<unsafe extern fn(*mut SSL) -> c_int>,
pub server: c_int,
new_session: c_int,
quiet_shutdown: c_int,
shutdown: c_int,
state: c_int,
rstate: c_int,
init_buf: *mut c_void,
init_msg: *mut c_void,
init_num: c_int,
init_off: c_int,
packet: *mut c_uchar,
packet_length: c_uint,
s3: *mut c_void,
d1: *mut c_void,
read_ahead: c_int,
msg_callback: Option<unsafe extern fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void)>,
msg_callback_arg: *mut c_void,
hit: c_int,
param: *mut c_void,
cipher_list: *mut stack_st_SSL_CIPHER,
cipher_list_by_id: *mut stack_st_SSL_CIPHER,
mac_flags: c_int,
aead_read_ctx: *mut c_void,
enc_read_ctx: *mut ::EVP_CIPHER_CTX,
read_hash: *mut ::EVP_MD_CTX,
aead_write_ctx: *mut c_void,
enc_write_ctx: *mut ::EVP_CIPHER_CTX,
write_hash: *mut ::EVP_MD_CTX,
cert: *mut c_void,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
session: *mut ::SSL_SESSION,
generate_session_id: ::GEN_SESSION_CB,
verify_mode: c_int,
verify_callback: Option<unsafe extern fn(c_int, *mut ::X509_STORE_CTX) -> c_int>,
info_callback: Option<unsafe extern fn(*mut SSL, c_int, c_int)>,
error: c_int,
error_code: c_int,
ctx: *mut ::SSL_CTX,
debug: c_int,
verify_result: c_long,
ex_data: ::CRYPTO_EX_DATA,
client_CA: *mut stack_st_X509_NAME,
references: c_int,
options: c_ulong,
mode: c_ulong,
max_cert_list: c_long,
first_packet: c_int,
client_version: c_int,
max_send_fragment: c_uint,
tlsext_debug_cb: Option<unsafe extern fn(*mut SSL, c_int, c_int, *mut c_uchar, c_int, *mut c_void)>,
tlsext_debug_arg: *mut c_void,
tlsext_hostname: *mut c_char,
servername_done: c_int,
tlsext_status_type: c_int,
tlsext_status_expected: c_int,
tlsext_ocsp_ids: *mut c_void,
tlsext_ocsp_exts: *mut c_void,
tlsext_ocsp_resp: *mut c_uchar,
tlsext_ocsp_resplen: c_int,
tlsext_ticket_expected: c_int,
tlsext_ecpointformatlist_length: size_t,
tlsext_ecpointformatlist: *mut c_uchar,
tlsext_ellipticcurvelist_length: size_t,
tlsext_ellipticcurvelist: *mut c_uchar,
tlsext_session_ticket: *mut c_void,
tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn,
tls_session_ticket_ext_cb_arg: *mut c_void,
tls_session_secret_cb: ::tls_session_secret_cb_fn,
tls_session_secret_cb_arg: *mut c_void,
initial_ctx: *mut ::SSL_CTX,
next_proto_negotiated: *mut c_uchar,
next_proto_negotiated_len: c_uchar,
srtp_profiles: *mut c_void,
srtp_profile: *mut c_void,
tlsext_heartbeat: c_uint,
tlsext_hb_pending: c_uint,
tlsext_hb_seq: c_uint,
alpn_client_proto_list: *mut c_uchar,
alpn_client_proto_list_len: c_uint,
renegotiate: c_int,
}
#[repr(C)]
pub struct SSL_CTX {
method: *mut c_void,
cipher_list: *mut c_void,
cipher_list_by_id: *mut c_void,
cert_store: *mut c_void,
sessions: *mut c_void,
session_cache_size: c_ulong,
session_cache_head: *mut c_void,
session_cache_tail: *mut c_void,
session_cache_mode: c_int,
session_timeout: c_long,
new_session_cb: *mut c_void,
remove_session_cb: *mut c_void,
get_session_cb: *mut c_void,
stats: [c_int; 11],
pub references: c_int,
app_verify_callback: *mut c_void,
app_verify_arg: *mut c_void,
default_passwd_callback: *mut c_void,
default_passwd_callback_userdata: *mut c_void,
client_cert_cb: *mut c_void,
app_gen_cookie_cb: *mut c_void,
app_verify_cookie_cb: *mut c_void,
ex_dat: ::CRYPTO_EX_DATA,
rsa_md5: *mut c_void,
md5: *mut c_void,
sha1: *mut c_void,
extra_certs: *mut c_void,
comp_methods: *mut c_void,
info_callback: *mut c_void,
client_CA: *mut c_void,
options: c_ulong,
mode: c_ulong,
max_cert_list: c_long,
cert: *mut c_void,
read_ahead: c_int,
msg_callback: *mut c_void,
msg_callback_arg: *mut c_void,
verify_mode: c_int,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; 32],
default_verify_callback: *mut c_void,
generate_session_id: *mut c_void,
param: *mut c_void,
quiet_shutdown: c_int,
max_send_fragment: c_uint,
#[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))]
client_cert_engine: *mut c_void,
tlsext_servername_callback: *mut c_void,
tlsect_servername_arg: *mut c_void,
tlsext_tick_key_name: [c_uchar; 16],
tlsext_tick_hmac_key: [c_uchar; 16],
tlsext_tick_aes_key: [c_uchar; 16],
tlsext_ticket_key_cb: *mut c_void,
tlsext_status_cb: *mut c_void,
tlsext_status_arg: *mut c_void,
tlsext_opaque_prf_input_callback: *mut c_void,
tlsext_opaque_prf_input_callback_arg: *mut c_void,
next_protos_advertised_cb: *mut c_void,
next_protos_advertised_cb_arg: *mut c_void,
next_proto_select_cb: *mut c_void,
next_proto_select_cb_arg: *mut c_void,
srtp_profiles: *mut c_void,
}
#[repr(C)]
pub struct SSL_SESSION {
ssl_version: c_int,
pub master_key_length: c_int,
pub master_key: [c_uchar; 48],
session_id_length: c_uint,
session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
not_resumable: c_int,
sess_cert: *mut c_void,
peer: *mut X509,
verify_result: c_long,
timeout: c_long,
time: time_t,
pub references: c_int,
cipher: *const c_void,
cipher_id: c_ulong,
ciphers: *mut c_void,
ex_data: ::CRYPTO_EX_DATA,
prev: *mut c_void,
next: *mut c_void,
tlsext_hostname: *mut c_char,
tlsext_ecpointformatlist_length: size_t,
tlsext_ecpointformatlist: *mut u8,
tlsext_ellipticcurvelist_length: size_t,
tlsext_ellipticcurvelist: *mut u16,
tlsext_tick: *mut c_uchar,
tlsext_ticklen: size_t,
tlsext_tick_lifetime_hint: c_long,
}
#[repr(C)]
pub struct X509_VERIFY_PARAM {
pub name: *mut c_char,
pub check_time: time_t,
pub inh_flags: c_ulong,
pub flags: c_ulong,
pub purpose: c_int,
pub trust: c_int,
pub depth: c_int,
pub policies: *mut stack_st_ASN1_OBJECT,
//pub id: *mut X509_VERIFY_PARAM_ID,
}

89
openssl-sys/src/libressl/v25x.rs Normal file
View File

@ -0,0 +1,89 @@
use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t};
use super::*;
#[repr(C)]
pub struct SSL {
version: c_int,
method: *const ::SSL_METHOD,
rbio: *mut ::BIO,
wbio: *mut ::BIO,
bbio: *mut ::BIO,
pub server: c_int,
s3: *mut c_void,
d1: *mut c_void,
param: *mut c_void,
cipher_list: *mut stack_st_SSL_CIPHER,
cert: *mut c_void,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
session: *mut ::SSL_SESSION,
verify_mode: c_int,
error: c_int,
error_code: c_int,
ctx: *mut ::SSL_CTX,
verify_result: c_long,
references: c_int,
client_version: c_int,
max_send_fragment: c_uint,
tlsext_hostname: *mut c_char,
tlsext_status_type: c_int,
initial_ctx: *mut ::SSL_CTX,
enc_read_ctx: *mut ::EVP_CIPHER_CTX,
read_hash: *mut EVP_MD_CTX,
internal: *mut c_void,
}
#[repr(C)]
pub struct SSL_CTX {
method: *const ::SSL_METHOD,
cipher_list: *mut stack_st_SSL_CIPHER,
cert_store: *mut c_void,
session_timeout: c_long,
pub references: c_int,
extra_certs: *mut stack_st_X509,
verify_mode: c_int,
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
param: *mut ::X509_VERIFY_PARAM,
default_passwd_callback: *mut c_void,
default_passwd_callback_userdata: *mut c_void,
internal: *mut c_void,
}
#[repr(C)]
pub struct SSL_SESSION {
ssl_version: c_int,
pub master_key_length: c_int,
pub master_key: [c_uchar; 48 /*::SSL_MAX_MASTER_KEY_LENGTH as usize */],
session_id_length: c_uint,
session_id: [c_uchar; ::SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize],
peer: *mut ::X509,
verify_result: c_long,
timeout: c_long,
time: time_t,
pub references: c_int,
cipher: *const ::SSL_CIPHER,
cipher_id: c_long,
ciphers: *mut stack_st_SSL_CIPHER,
tlsext_hostname: *mut c_char,
tlsext_tick: *mut c_uchar,
tlsext_ticklen: size_t,
tlsext_tick_lifetime_int: c_long,
internal: *mut c_void,
}
#[repr(C)]
pub struct X509_VERIFY_PARAM {
pub name: *mut c_char,
pub check_time: time_t,
pub inh_flags: c_ulong,
pub flags: c_ulong,
pub purpose: c_int,
pub trust: c_int,
pub depth: c_int,
policies: *mut stack_st_ASN1_OBJECT,
id: *mut c_void,
}