min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Split X509StoreContextRef::ssl up

This commit is contained in:
Steven Fackler 2017-12-26 14:53:35 -07:00
parent 129b6b9d84
commit f9866cd44f
2 changed files with 27 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openssl/src/ssl/connector.rs
View File

@ -319,7 +319,8 @@ mod verify {
use ex_data::Index; use ex_data::Index;
use nid::Nid; use nid::Nid;
use x509::{GeneralName, X509NameRef, X509Ref, X509StoreContextRef, X509VerifyResult}; use x509::{GeneralName, X509NameRef, X509Ref, X509StoreContext, X509StoreContextRef,
X509VerifyResult};
use stack::Stack; use stack::Stack;
use ssl::Ssl; use ssl::Ssl;
@ -334,11 +335,10 @@ mod verify {
let ok = match ( let ok = match (
x509_ctx.current_cert(), x509_ctx.current_cert(),
x509_ctx X509StoreContext::ssl_idx()
.ssl()
.ok() .ok()
.and_then(|s| s) .and_then(|idx| x509_ctx.ex_data(idx))
.and_then(|s| s.ex_data(*HOSTNAME_IDX)), .and_then(|ssl| ssl.ex_data(*HOSTNAME_IDX)),
) { ) {
(Some(x509), Some(domain)) => verify_hostname(domain, &x509), (Some(x509), Some(domain)) => verify_hostname(domain, &x509),
_ => true, _ => true,

37
openssl/src/x509/mod.rs
View File

@ -16,6 +16,7 @@ use asn1::{Asn1BitStringRef, Asn1IntegerRef, Asn1ObjectRef, Asn1StringRef, Asn1T
use bio::MemBioSlice; use bio::MemBioSlice;
use conf::ConfRef; use conf::ConfRef;
use error::ErrorStack; use error::ErrorStack;
use ex_data::Index;
use hash::MessageDigest; use hash::MessageDigest;
use nid::Nid; use nid::Nid;
use pkey::{PKey, PKeyRef}; use pkey::{PKey, PKeyRef};
@ -59,7 +60,26 @@ foreign_type_and_impl_send_sync! {
pub struct X509StoreContextRef; pub struct X509StoreContextRef;
} }
impl X509StoreContext {
/// Returns the index which can be used to obtain a reference to the `Ssl` associated with a
/// context.
pub fn ssl_idx() -> Result<Index<X509StoreContext, SslRef>, ErrorStack> {
unsafe { cvt_n(ffi::SSL_get_ex_data_X509_STORE_CTX_idx()).map(|idx| Index::from_raw(idx)) }
}
}
impl X509StoreContextRef { impl X509StoreContextRef {
pub fn ex_data<T>(&self, index: Index<X509StoreContext, T>) -> Option<&T> {
unsafe {
let data = ffi::X509_STORE_CTX_get_ex_data(self.as_ptr(), index.as_raw());
if data.is_null() {
None
} else {
Some(&*(data as *const T))
}
}
}
pub fn error(&self) -> X509VerifyResult { pub fn error(&self) -> X509VerifyResult {
unsafe { X509VerifyResult::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr())) } unsafe { X509VerifyResult::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr())) }
} }
@ -90,22 +110,9 @@ impl X509StoreContextRef {
let chain = X509_STORE_CTX_get_chain(self.as_ptr()); let chain = X509_STORE_CTX_get_chain(self.as_ptr());
if chain.is_null() { if chain.is_null() {
return None; None
}
Some(StackRef::from_ptr(chain))
}
}
/// Returns a reference to the `Ssl` associated with this context.
pub fn ssl(&self) -> Result<Option<&SslRef>, ErrorStack> {
unsafe {
let idx = cvt_n(ffi::SSL_get_ex_data_X509_STORE_CTX_idx())?;
let ssl = ffi::X509_STORE_CTX_get_ex_data(self.as_ptr(), idx);
if ssl.is_null() {
Ok(None)
} else { } else {
Ok(Some(SslRef::from_ptr(ssl as *mut ffi::SSL))) Some(StackRef::from_ptr(chain))
} }
} }
} }