From fd680e8a336f8870a411a3047c45b47ee72beb37 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Mon, 1 Dec 2014 13:23:43 -0800 Subject: [PATCH 1/9] Release v0.2.2 --- Cargo.toml | 4 ++-- openssl-sys/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index d3ed04e4..111cb7cb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl" -version = "0.2.1" +version = "0.2.2" authors = ["Steven Fackler "] license = "Apache-2.0" description = "OpenSSL bindings" @@ -17,4 +17,4 @@ aes_xts = ["openssl-sys/aes_xts"] [dependencies.openssl-sys] path = "openssl-sys" -version = "0.2.1" +version = "0.2.2" diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index e6f468b7..6753681c 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl-sys" -version = "0.2.1" +version = "0.2.2" authors = ["Alex Crichton ", "Steven Fackler "] license = "MIT" From 2901c279ab154933385fda86c620f87d3392a36d Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 3 Dec 2014 09:18:35 -0800 Subject: [PATCH 2/9] Fix doc test and stop doc upload --- .travis.yml | 9 --------- src/x509/mod.rs | 8 ++++---- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/.travis.yml b/.travis.yml index 5278a87f..fe30a5f2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,7 +1,5 @@ language: rust env: - global: - - secure: qLvBJoJOJcPPZ+e31175O6sMUGBHgHe/kBuI0FCPeifYmpFyeRAkEvGddEkf8t3rojV+wE14CNYzzGsT/W/+JY7xW0C1FQKW3r+8SZ1Cave/8ahee0aCQVXGf0XY8c52uG6MrLGiUlNZbOsyFSdFUc/Io+kYZas4DxrinRSOIEA= matrix: - FEATURES="" - FEATURES="tlsv1_1 tlsv1_2 aes_xts" @@ -11,11 +9,4 @@ os: before_script: - openssl s_server -accept 15418 -www -cert test/cert.pem -key test/key.pem >/dev/null 2>&1 & script: - - cargo build --features "$FEATURES" - cargo test --features "$FEATURES" - - cargo doc --features "sslv2 tlsv1_1 tlsv1_2 aes_xts" -after_success: | - [ $TRAVIS_BRANCH = master ] && - [ $TRAVIS_PULL_REQUEST = false ] && - cd target/doc && - (curl http://www.rust-ci.org/artifacts/put?t=$RUSTCI_TOKEN | sh) diff --git a/src/x509/mod.rs b/src/x509/mod.rs index 86152ac4..a06fe4e1 100644 --- a/src/x509/mod.rs +++ b/src/x509/mod.rs @@ -145,15 +145,15 @@ impl<'a, T: AsStr<'a>> ToStr for Vec { /// use std::io::{File, Open, Write}; /// # use std::io::fs; /// -/// use openssl::crypto::hash::SHA256; -/// use openssl::x509::{DigitalSignature, X509Generator}; +/// use openssl::crypto::hash::HashType; +/// use openssl::x509::{KeyUsage, X509Generator}; /// /// let gen = X509Generator::new() /// .set_bitlength(2048) /// .set_valid_period(365*2) /// .set_CN("SuperMegaCorp Inc.") -/// .set_sign_hash(SHA256) -/// .set_usage(&[DigitalSignature]); +/// .set_sign_hash(HashType::SHA256) +/// .set_usage(&[KeyUsage::DigitalSignature]); /// /// let (cert, pkey) = gen.generate().unwrap(); /// From 82db54c82279bfd91a9ab703444488d2ba6aa03c Mon Sep 17 00:00:00 2001 From: Manish Goregaokar Date: Wed, 3 Dec 2014 12:33:34 -0800 Subject: [PATCH 3/9] Allow passing in Android paths --- README.md | 5 +++++ openssl-sys/src/build.rs | 10 ++++++++++ 2 files changed, 15 insertions(+) diff --git a/README.md b/README.md index acb9b636..427f6e47 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,11 @@ For some reason, the OpenSSL distribution for Windows is structured differently, 1. Run `sudo apt-get install libssl-dev`. 2. Run `cargo build`. +###Android +1. Follow the steps [here](wiki.openssl.org/index.php/Android) to build OpenSSL for android +2. Provide the path to the libssl and libcrypto binaries via `$OPENSSL_PATH` +3. Build the package with `cargo build` + ###Windows 1. Grab the latest Win32 OpenSSL installer [here][1]. At the time of this writing, it's v1.0.1i. If you're using 64-bit Rust (coming to Windows soon), then you should get the Win64 installer instead. diff --git a/openssl-sys/src/build.rs b/openssl-sys/src/build.rs index f32ced0e..df284c0f 100644 --- a/openssl-sys/src/build.rs +++ b/openssl-sys/src/build.rs @@ -17,6 +17,16 @@ fn main() { if win_pos.is_some() { flags.push_str(" -l gdi32 -l wsock32"); } + + // Android doesn't have libcrypto/libssl, + // the toplevel Rust program should compile it themselves + if target.find_str("android").is_some() { + os::getenv("OPENSSL_PATH").expect("Android does not provide openssl libraries, please \ + build them yourselves (instructions in the README) \ + and provide their location through $OPENSSL_PATH."); + flags.push_str(" -L ${OPENSSL_PATH}"); + } + println!("cargo:rustc-flags={}", flags); } } From 31d188e3130f7d522f929ba51d6408795651f72f Mon Sep 17 00:00:00 2001 From: Manish Goregaokar Date: Fri, 5 Dec 2014 06:43:18 -0800 Subject: [PATCH 4/9] Directly substitute $OPENSSL_PATH --- openssl-sys/src/build.rs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/openssl-sys/src/build.rs b/openssl-sys/src/build.rs index df284c0f..707a8e65 100644 --- a/openssl-sys/src/build.rs +++ b/openssl-sys/src/build.rs @@ -18,13 +18,11 @@ fn main() { flags.push_str(" -l gdi32 -l wsock32"); } - // Android doesn't have libcrypto/libssl, - // the toplevel Rust program should compile it themselves if target.find_str("android").is_some() { - os::getenv("OPENSSL_PATH").expect("Android does not provide openssl libraries, please \ - build them yourselves (instructions in the README) \ - and provide their location through $OPENSSL_PATH."); - flags.push_str(" -L ${OPENSSL_PATH}"); + let path = os::getenv("OPENSSL_PATH").expect("Android does not provide openssl libraries, please \ + build them yourselves (instructions in the README) \ + and provide their location through $OPENSSL_PATH."); + flags.push_str(format!(" -L {}", path).as_slice()); } println!("cargo:rustc-flags={}", flags); From 6cdd2cf577434ca3473c217e8a272ee965ef131f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 6 Dec 2014 11:17:46 -0800 Subject: [PATCH 5/9] Speed up SslStream initialization a bit --- src/ssl/mod.rs | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index d29d633e..6112bc8d 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -410,7 +410,14 @@ impl SslStream { stream: stream, ssl: Arc::new(ssl), // Maximum TLS record size is 16k - buf: Vec::from_elem(16 * 1024, 0u8) + // We're just using this as a buffer, so there's no reason to pay + // to memset it + buf: { + const CAP: uint = 16 * 1024; + let mut v = Vec::with_capacity(CAP); + unsafe { v.set_len(CAP); } + v + } } } From 0dff5268de2e072d162ad492304e15d079d2d4f8 Mon Sep 17 00:00:00 2001 From: Richard Diamond Date: Fri, 5 Dec 2014 23:38:15 -0600 Subject: [PATCH 6/9] Add a feature to openssl-sys to cause it to build a local copy of libressl for use instead of whatever pkg-config says (which in the case of crosses, is almost certainly incorrect). This is for PNaCl. --- openssl-sys/Cargo.toml | 9 +++++++++ openssl-sys/src/build.rs | 5 +++++ openssl-sys/src/lib.rs | 3 +++ 3 files changed, 17 insertions(+) diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index 6753681c..c434be49 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -18,3 +18,12 @@ aes_xts = [] [build-dependencies] pkg-config = "0.1" + +[target.le32-unknown-nacl.dependencies] +libressl-pnacl-sys = "2.1.0" +[target.x86_64-unknown-nacl.dependencies] +libressl-pnacl-sys = "2.1.0" +[target.i686-unknown-nacl.dependencies] +libressl-pnacl-sys = "2.1.0" +[target.arm-unknown-nacl.dependencies] +libressl-pnacl-sys = "2.1.0" diff --git a/openssl-sys/src/build.rs b/openssl-sys/src/build.rs index f32ced0e..0ee0dd2c 100644 --- a/openssl-sys/src/build.rs +++ b/openssl-sys/src/build.rs @@ -3,6 +3,11 @@ extern crate "pkg-config" as pkg_config; use std::os; fn main() { + // Without hackory, pkg-config will only look for host libraries. + // So, abandon ship if we're cross compiling. + if os::getenv("HOST") != os::getenv("TARGET") { return; } + + if pkg_config::find_library("openssl").is_err() { let mut flags = " -l crypto -l ssl".to_string(); diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 2b0c9292..0644a674 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -4,6 +4,9 @@ extern crate libc; extern crate rustrt; +#[cfg(feature = "libressl-pnacl-sys")] +extern crate "libressl-pnacl-sys" as _for_linkage; + use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t}; use std::mem; use std::ptr; From 10e8a8f8e3b45c7a89f89b16c74aa3fa5477fa22 Mon Sep 17 00:00:00 2001 From: Richard Diamond Date: Tue, 9 Dec 2014 23:00:05 -0600 Subject: [PATCH 7/9] Now that pkg-config 0.1.1 has been published, delegate to bailout detection to pkg-config. Also bump version minors for publishing. :) --- Cargo.toml | 2 +- openssl-sys/Cargo.toml | 4 ++-- openssl-sys/src/build.rs | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 111cb7cb..f4205d7c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl" -version = "0.2.2" +version = "0.2.3" authors = ["Steven Fackler "] license = "Apache-2.0" description = "OpenSSL bindings" diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index c434be49..60ebc8c3 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl-sys" -version = "0.2.2" +version = "0.2.3" authors = ["Alex Crichton ", "Steven Fackler "] license = "MIT" @@ -17,7 +17,7 @@ sslv2 = [] aes_xts = [] [build-dependencies] -pkg-config = "0.1" +pkg-config = "0.1.1" [target.le32-unknown-nacl.dependencies] libressl-pnacl-sys = "2.1.0" diff --git a/openssl-sys/src/build.rs b/openssl-sys/src/build.rs index 0ee0dd2c..ab42b159 100644 --- a/openssl-sys/src/build.rs +++ b/openssl-sys/src/build.rs @@ -5,7 +5,7 @@ use std::os; fn main() { // Without hackory, pkg-config will only look for host libraries. // So, abandon ship if we're cross compiling. - if os::getenv("HOST") != os::getenv("TARGET") { return; } + if !pkg_config::target_supported() { return; } if pkg_config::find_library("openssl").is_err() { From 93c6c867e0fa534e56e05886ca3ce2600defa8e0 Mon Sep 17 00:00:00 2001 From: Richard Diamond Date: Wed, 10 Dec 2014 00:04:21 -0600 Subject: [PATCH 8/9] Don't forget to bump the openssl-sys dep version! --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index f4205d7c..321873e9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,4 +17,4 @@ aes_xts = ["openssl-sys/aes_xts"] [dependencies.openssl-sys] path = "openssl-sys" -version = "0.2.2" +version = "0.2.3" From 6d2f8d67f2423ba6a337359ecf0188bd52227dce Mon Sep 17 00:00:00 2001 From: Ummon Date: Wed, 10 Dec 2014 22:25:32 +0100 Subject: [PATCH 9/9] Add the openssl function prototype 'HMAC_CTX_cleanup'. --- openssl-sys/src/lib.rs | 1 + src/crypto/hmac.rs | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0644a674..1faf749e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -361,6 +361,7 @@ extern "C" { pub fn HMAC_Init_ex(ctx: *mut HMAC_CTX, key: *const u8, keylen: c_int, md: *const EVP_MD, imple: *const ENGINE); pub fn HMAC_Final(ctx: *mut HMAC_CTX, output: *mut u8, len: *mut c_uint); pub fn HMAC_Update(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint); + pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX); pub fn PEM_read_bio_X509(bio: *mut BIO, out: *mut *mut X509, callback: Option, diff --git a/src/crypto/hmac.rs b/src/crypto/hmac.rs index a7a854b7..8096a948 100644 --- a/src/crypto/hmac.rs +++ b/src/crypto/hmac.rs @@ -61,6 +61,14 @@ impl HMAC { } } +impl Drop for HMAC { + fn drop(&mut self) { + unsafe { + ffi::HMAC_CTX_cleanup(&mut self.ctx); + } + } +} + #[cfg(test)] mod tests { use serialize::hex::FromHex;