min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add an API to install extra data

This commit is contained in:
Steven Fackler 2017-07-15 16:34:07 -07:00
parent e3c7a2785c
commit fd52bbe85c
5 changed files with 123 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@ target/
Cargo.lock Cargo.lock
.idea/ .idea/
*.iml *.iml
.vscode/

26
openssl/src/ex_data.rs Normal file
View File

@ -0,0 +1,26 @@
use libc::c_int;
use std::marker::PhantomData;
/// A slot in a type's "extra data" structure.
///
/// It is parameterized over the type containing the extra data as well as the
/// type of the data in the slot.
pub struct Index<T, U>(c_int, PhantomData<(T, U)>);
impl<T, U> Copy for Index<T, U> {}
impl<T, U> Clone for Index<T, U> {
fn clone(&self) -> Index<T, U> {
*self
}
}
impl<T, U> Index<T, U> {
pub unsafe fn from_raw(idx: c_int) -> Index<T, U> {
Index(idx, PhantomData)
}
pub fn as_raw(&self) -> c_int {
self.0
}
}

1
openssl/src/lib.rs
View File

@ -36,6 +36,7 @@ pub mod dsa;
pub mod ec; pub mod ec;
pub mod ec_key; pub mod ec_key;
pub mod error; pub mod error;
pub mod ex_data;
pub mod hash; pub mod hash;
pub mod memcmp; pub mod memcmp;
pub mod nid; pub mod nid;

86
openssl/src/ssl/mod.rs
View File

@ -93,7 +93,7 @@ use std::slice;
use std::str; use std::str;
use std::sync::Mutex; use std::sync::Mutex;
use {init, cvt, cvt_p}; use {init, cvt, cvt_p, cvt_n};
use dh::{Dh, DhRef}; use dh::{Dh, DhRef};
use ec::EcKeyRef; use ec::EcKeyRef;
#[cfg(any(all(feature = "v101", ossl101), all(feature = "v102", ossl102)))] #[cfg(any(all(feature = "v101", ossl101), all(feature = "v102", ossl102)))]
@ -106,8 +106,15 @@ use x509::store::X509Store;
use verify::X509VerifyParamRef; use verify::X509VerifyParamRef;
use pkey::PKeyRef; use pkey::PKeyRef;
use error::ErrorStack; use error::ErrorStack;
use ex_data::Index;
use util::Opaque; use util::Opaque;
use stack::{Stack, StackRef}; use stack::{Stack, StackRef};
use ssl::bio::BioMethod;
use ssl::callbacks::*;
pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor,
ConnectConfiguration};
pub use ssl::error::{Error, HandshakeError};
mod error; mod error;
mod callbacks; mod callbacks;
@ -116,13 +123,6 @@ mod bio;
#[cfg(test)] #[cfg(test)]
mod tests; mod tests;
use ssl::bio::BioMethod;
use ssl::callbacks::*;
pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor,
ConnectConfiguration};
pub use ssl::error::{Error, HandshakeError};
// FIXME drop SSL_ prefix // FIXME drop SSL_ prefix
// FIXME remvove flags not used in OpenSSL 1.1 // FIXME remvove flags not used in OpenSSL 1.1
bitflags! { bitflags! {
@ -741,6 +741,14 @@ impl SslContextBuilder {
} }
} }
/// Sets the extra data at the specified index.
pub fn set_ex_data<T>(&mut self, index: Index<SslContext, T>, data: T) {
unsafe {
let data = Box::new(data);
ffi::SSL_CTX_set_ex_data(self.as_ptr(), index.as_raw(), Box::into_raw(data) as *mut c_void);
}
}
pub fn build(self) -> SslContext { pub fn build(self) -> SslContext {
let ctx = SslContext(self.0); let ctx = SslContext(self.0);
mem::forget(self); mem::forget(self);
@ -779,6 +787,20 @@ impl SslContext {
pub fn builder(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> { pub fn builder(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> {
SslContextBuilder::new(method) SslContextBuilder::new(method)
} }
/// Returns a new extra data index.
///
/// Each invocation of this function is guaranteed to return a distinct
/// index.
pub fn new_ex_index<T>() -> Result<Index<SslContext, T>, ErrorStack>
where
T: 'static + Sync + Send
{
unsafe {
let idx = try!(cvt_n(compat::get_new_idx(free_data_box::<T>)));
Ok(Index::from_raw(idx))
}
}
} }
impl SslContextRef { impl SslContextRef {
@ -825,6 +847,18 @@ impl SslContextRef {
StackRef::from_ptr(chain) StackRef::from_ptr(chain)
} }
} }
/// Returns a reference to the extra data at the specified index.
pub fn ex_data<T>(&self, index: Index<SslContext, T>) -> Option<&T> {
unsafe {
let data = ffi::SSL_CTX_get_ex_data(self.as_ptr(), index.as_raw());
if data.is_null() {
None
} else {
Some(&*(data as *const T))
}
}
}
} }
pub struct CipherBits { pub struct CipherBits {
@ -981,6 +1015,22 @@ foreign_type! {
pub struct SslRef; pub struct SslRef;
} }
impl Ssl {
/// Returns a new extra data index.
///
/// Each invocation of this function is guaranteed to return a distinct
/// index.
pub fn new_ex_index<T>() -> Result<Index<Ssl, T>, ErrorStack>
where
T: 'static + Sync + Send
{
unsafe {
let idx = try!(cvt_n(compat::get_new_ssl_idx(free_data_box::<T>)));
Ok(Index::from_raw(idx))
}
}
}
impl fmt::Debug for SslRef { impl fmt::Debug for SslRef {
fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
let mut builder = fmt.debug_struct("Ssl"); let mut builder = fmt.debug_struct("Ssl");
@ -1353,6 +1403,26 @@ impl SslRef {
pub fn is_server(&self) -> bool { pub fn is_server(&self) -> bool {
unsafe { compat::SSL_is_server(self.as_ptr()) != 0 } unsafe { compat::SSL_is_server(self.as_ptr()) != 0 }
} }
/// Sets the extra data at the specified index.
pub fn set_ex_data<T>(&mut self, index: Index<Ssl, T>, data: T) {
unsafe {
let data = Box::new(data);
ffi::SSL_set_ex_data(self.as_ptr(), index.as_raw(), Box::into_raw(data) as *mut c_void);
}
}
/// Returns a reference to the extra data at the specified index.
pub fn ex_data<T>(&self, index: Index<Ssl, T>) -> Option<&T> {
unsafe {
let data = ffi::SSL_get_ex_data(self.as_ptr(), index.as_raw());
if data.is_null() {
None
} else {
Some(&*(data as *const T))
}
}
}
} }
unsafe impl Sync for Ssl {} unsafe impl Sync for Ssl {}

20
openssl/src/x509/mod.rs
View File

@ -14,7 +14,7 @@ use std::ptr;
use std::slice; use std::slice;
use std::str; use std::str;
use {cvt, cvt_p}; use {cvt, cvt_p, cvt_n};
use asn1::{Asn1StringRef, Asn1Time, Asn1TimeRef, Asn1BitStringRef, Asn1IntegerRef, Asn1ObjectRef}; use asn1::{Asn1StringRef, Asn1Time, Asn1TimeRef, Asn1BitStringRef, Asn1IntegerRef, Asn1ObjectRef};
use bio::MemBioSlice; use bio::MemBioSlice;
use bn::{BigNum, MSB_MAYBE_ZERO}; use bn::{BigNum, MSB_MAYBE_ZERO};
@ -25,6 +25,7 @@ use nid::{self, Nid};
use pkey::{PKey, PKeyRef}; use pkey::{PKey, PKeyRef};
use stack::{Stack, StackRef, Stackable}; use stack::{Stack, StackRef, Stackable};
use string::OpensslString; use string::OpensslString;
use ssl::SslRef;
#[cfg(ossl10x)] #[cfg(ossl10x)]
use ffi::{X509_set_notBefore, X509_set_notAfter, ASN1_STRING_data, X509_STORE_CTX_get_chain}; use ffi::{X509_set_notBefore, X509_set_notAfter, ASN1_STRING_data, X509_STORE_CTX_get_chain};
@ -95,6 +96,19 @@ impl X509StoreContextRef {
Some(StackRef::from_ptr(chain)) Some(StackRef::from_ptr(chain))
} }
} }
/// Returns a reference to the `Ssl` associated with this context.
pub fn ssl(&self) -> Result<Option<&SslRef>, ErrorStack> {
unsafe {
let idx = try!(cvt_n(ffi::SSL_get_ex_data_X509_STORE_CTX_idx()));
let ssl = ffi::X509_STORE_CTX_get_ex_data(self.as_ptr(), idx);
if ssl.is_null() {
Ok(None)
} else {
Ok(Some(SslRef::from_ptr(ssl as *mut ffi::SSL)))
}
}
}
} }
#[deprecated(since = "0.9.7", note = "use X509Builder and X509ReqBuilder instead")] #[deprecated(since = "0.9.7", note = "use X509Builder and X509ReqBuilder instead")]
@ -1142,9 +1156,9 @@ mod compat {
{ {
(*(*x).req_info).subject (*(*x).req_info).subject
} }
pub unsafe fn X509_get0_signature(psig: *mut *const ffi::ASN1_BIT_STRING, pub unsafe fn X509_get0_signature(psig: *mut *const ffi::ASN1_BIT_STRING,
palg: *mut *const ffi::X509_ALGOR, palg: *mut *const ffi::X509_ALGOR,
x: *const ffi::X509) { x: *const ffi::X509) {
if !psig.is_null() { if !psig.is_null() {
*psig = (*x).signature; *psig = (*x).signature;