Merge remote-tracking branch 'upstream/master'

.travis.yml

@@ -1,7 +1,5 @@
 language: rust
 env:
-  global:
-    - secure: qLvBJoJOJcPPZ+e31175O6sMUGBHgHe/kBuI0FCPeifYmpFyeRAkEvGddEkf8t3rojV+wE14CNYzzGsT/W/+JY7xW0C1FQKW3r+8SZ1Cave/8ahee0aCQVXGf0XY8c52uG6MrLGiUlNZbOsyFSdFUc/Io+kYZas4DxrinRSOIEA=
   matrix:
     - FEATURES=""
     - FEATURES="tlsv1_1 tlsv1_2 aes_xts"
@@ -11,11 +9,4 @@ os:
 before_script:
   - openssl s_server -accept 15418 -www -cert test/cert.pem -key test/key.pem >/dev/null 2>&1 &
 script:
-  - cargo build --features "$FEATURES"
   - cargo test --features "$FEATURES"
-  - cargo doc --features "sslv2 tlsv1_1 tlsv1_2 aes_xts"
-after_success: |
-  [ $TRAVIS_BRANCH = master ] &&
-  [ $TRAVIS_PULL_REQUEST = false ] &&
-  cd target/doc &&
-  (curl http://www.rust-ci.org/artifacts/put?t=$RUSTCI_TOKEN | sh)

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "openssl"
-version = "0.2.1"
+version = "0.2.3"
 authors = ["Steven Fackler <sfackler@gmail.com>"]
 license = "Apache-2.0"
 description = "OpenSSL bindings"
@@ -17,4 +17,4 @@ aes_xts = ["openssl-sys/aes_xts"]
 
 [dependencies.openssl-sys]
 path = "openssl-sys"
-version = "0.2.1"
+version = "0.2.3"

README.md

@@ -14,6 +14,11 @@ For some reason, the OpenSSL distribution for Windows is structured differently,
 1. Run `sudo apt-get install libssl-dev`.
 2. Run `cargo build`.
 
+###Android
+1. Follow the steps [here](wiki.openssl.org/index.php/Android) to build OpenSSL for android
+2. Provide the path to the libssl and libcrypto binaries via `$OPENSSL_PATH`
+3. Build the package with `cargo build`
+
 ###Windows
 
 1. Grab the latest Win32 OpenSSL installer [here][1]. At the time of this writing, it's v1.0.1i. If you're using 64-bit Rust (coming to Windows soon), then you should get the Win64 installer instead.

openssl-sys/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "openssl-sys"
-version = "0.2.1"
+version = "0.2.3"
 authors = ["Alex Crichton <alex@alexcrichton.com>",
            "Steven Fackler <sfackler@gmail.com>"]
 license = "MIT"
@@ -17,4 +17,13 @@ sslv2 = []
 aes_xts = []
 
 [build-dependencies]
-pkg-config = "0.1"
+pkg-config = "0.1.1"
+
+[target.le32-unknown-nacl.dependencies]
+libressl-pnacl-sys = "2.1.0"
+[target.x86_64-unknown-nacl.dependencies]
+libressl-pnacl-sys = "2.1.0"
+[target.i686-unknown-nacl.dependencies]
+libressl-pnacl-sys = "2.1.0"
+[target.arm-unknown-nacl.dependencies]
+libressl-pnacl-sys = "2.1.0"

openssl-sys/src/build.rs

@@ -3,6 +3,11 @@ extern crate "pkg-config" as pkg_config;
 use std::os;
 
 fn main() {
+    // Without hackory, pkg-config will only look for host libraries.
+    // So, abandon ship if we're cross compiling.
+    if !pkg_config::target_supported() { return; }
+
+
     if pkg_config::find_library("openssl").is_err() {
         let mut flags = " -l crypto -l ssl".to_string();
 
@@ -17,6 +22,14 @@ fn main() {
         if win_pos.is_some() {
            flags.push_str(" -l gdi32 -l wsock32");
         }
+
+        if target.find_str("android").is_some() {
+            let path = os::getenv("OPENSSL_PATH").expect("Android does not provide openssl libraries, please \
+                                                          build them yourselves (instructions in the README) \
+                                                          and provide their location through $OPENSSL_PATH.");
+            flags.push_str(format!(" -L {}", path).as_slice());
+        }
+
         println!("cargo:rustc-flags={}", flags);
     }
 }

openssl-sys/src/lib.rs

@@ -4,6 +4,9 @@
 extern crate libc;
 extern crate rustrt;
 
+#[cfg(feature = "libressl-pnacl-sys")]
+extern crate "libressl-pnacl-sys" as _for_linkage;
+
 use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t};
 use std::mem;
 use std::ptr;
@@ -359,6 +362,7 @@ extern "C" {
     pub fn HMAC_Init_ex(ctx: *mut HMAC_CTX, key: *const u8, keylen: c_int, md: *const EVP_MD, imple: *const ENGINE);
     pub fn HMAC_Final(ctx: *mut HMAC_CTX, output: *mut u8, len: *mut c_uint);
     pub fn HMAC_Update(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint);
+    pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX);
 
 
     pub fn PEM_read_bio_X509(bio: *mut BIO, out: *mut *mut X509, callback: Option<PasswordCallback>,

src/crypto/hmac.rs

@@ -61,6 +61,14 @@ impl HMAC {
     }
 }
 
+impl Drop for HMAC {
+    fn drop(&mut self) {
+        unsafe {
+            ffi::HMAC_CTX_cleanup(&mut self.ctx);
+        }
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use serialize::hex::FromHex;

src/ssl/mod.rs

@@ -410,7 +410,14 @@ impl<S: Stream> SslStream<S> {
             stream: stream,
             ssl: Arc::new(ssl),
             // Maximum TLS record size is 16k
-            buf: Vec::from_elem(16 * 1024, 0u8)
+            // We're just using this as a buffer, so there's no reason to pay
+            // to memset it
+            buf: {
+                const CAP: uint = 16 * 1024;
+                let mut v = Vec::with_capacity(CAP);
+                unsafe { v.set_len(CAP); }
+                v
+            }
         }
     }
 

src/x509/mod.rs

@@ -145,15 +145,15 @@ impl<'a, T: AsStr<'a>> ToStr for Vec<T> {
 /// use std::io::{File, Open, Write};
 /// # use std::io::fs;
 ///
-/// use openssl::crypto::hash::SHA256;
-/// use openssl::x509::{DigitalSignature, X509Generator};
+/// use openssl::crypto::hash::HashType;
+/// use openssl::x509::{KeyUsage, X509Generator};
 ///
 /// let gen = X509Generator::new()
 ///        .set_bitlength(2048)
 ///        .set_valid_period(365*2)
 ///        .set_CN("SuperMegaCorp Inc.")
-///        .set_sign_hash(SHA256)
-///        .set_usage(&[DigitalSignature]);
+///        .set_sign_hash(HashType::SHA256)
+///        .set_usage(&[KeyUsage::DigitalSignature]);
 ///
 /// let (cert, pkey) = gen.generate().unwrap();
 ///