138 lines
4.8 KiB
Rust
138 lines
4.8 KiB
Rust
use libc::{c_char, c_int, c_uchar, c_uint, c_ulong, c_void, size_t};
|
|
|
|
pub type SSL_CTX_keylog_cb_func =
|
|
Option<unsafe extern "C" fn(ssl: *const ::SSL, line: *const c_char)>;
|
|
|
|
pub type SSL_custom_ext_add_cb_ex = Option<
|
|
unsafe extern "C" fn(
|
|
ssl: *mut ::SSL,
|
|
ext_type: c_uint,
|
|
context: c_uint,
|
|
out: *mut *const c_uchar,
|
|
outlen: *mut size_t,
|
|
x: *mut ::X509,
|
|
chainidx: size_t,
|
|
al: *mut c_int,
|
|
add_arg: *mut c_void,
|
|
) -> c_int,
|
|
>;
|
|
|
|
pub type SSL_custom_ext_free_cb_ex = Option<
|
|
unsafe extern "C" fn(
|
|
ssl: *mut ::SSL,
|
|
ext_type: c_uint,
|
|
context: c_uint,
|
|
out: *mut *const c_uchar,
|
|
add_arg: *mut c_void,
|
|
),
|
|
>;
|
|
|
|
pub type SSL_custom_ext_parse_cb_ex = Option<
|
|
unsafe extern "C" fn(
|
|
ssl: *mut ::SSL,
|
|
ext_type: c_uint,
|
|
context: c_uint,
|
|
input: *const c_uchar,
|
|
inlen: size_t,
|
|
x: *mut ::X509,
|
|
chainidx: size_t,
|
|
al: *mut c_int,
|
|
parse_arg: *mut c_void,
|
|
) -> c_int,
|
|
>;
|
|
|
|
pub const SSL_COOKIE_LENGTH: c_int = 4096;
|
|
|
|
pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000;
|
|
pub const SSL_OP_NO_TLSv1_3: c_ulong = 0x20000000;
|
|
|
|
pub const TLS1_3_VERSION: c_int = 0x304;
|
|
|
|
pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001;
|
|
/* This extension is only allowed in DTLS */
|
|
pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002;
|
|
/* Some extensions may be allowed in DTLS but we don't implement them for it */
|
|
pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004;
|
|
/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
|
|
pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008;
|
|
/* Extension is only defined for TLS1.2 and below */
|
|
pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010;
|
|
/* Extension is only defined for TLS1.3 and above */
|
|
pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020;
|
|
/* Ignore this extension during parsing if we are resuming */
|
|
pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040;
|
|
pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080;
|
|
/* Really means TLS1.2 or below */
|
|
pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100;
|
|
pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200;
|
|
pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400;
|
|
pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800;
|
|
pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000;
|
|
pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000;
|
|
pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000;
|
|
|
|
pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0;
|
|
pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1;
|
|
pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2;
|
|
|
|
extern "C" {
|
|
pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func);
|
|
pub fn SSL_CTX_add_custom_ext(
|
|
ctx: *mut ::SSL_CTX,
|
|
ext_type: c_uint,
|
|
context: c_uint,
|
|
add_cb: SSL_custom_ext_add_cb_ex,
|
|
free_cb: SSL_custom_ext_free_cb_ex,
|
|
add_arg: *mut c_void,
|
|
parse_cb: SSL_custom_ext_parse_cb_ex,
|
|
parse_arg: *mut c_void,
|
|
) -> c_int;
|
|
pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD;
|
|
pub fn SSL_CTX_set_stateless_cookie_generate_cb(
|
|
s: *mut ::SSL_CTX,
|
|
cb: Option<
|
|
unsafe extern "C" fn(ssl: *mut ::SSL, cookie: *mut c_uchar, cookie_len: *mut size_t)
|
|
-> c_int,
|
|
>,
|
|
);
|
|
pub fn SSL_CTX_set_stateless_cookie_verify_cb(
|
|
s: *mut ::SSL_CTX,
|
|
cb: Option<
|
|
unsafe extern "C" fn(ssl: *mut ::SSL, cookie: *const c_uchar, cookie_len: size_t)
|
|
-> c_int,
|
|
>,
|
|
);
|
|
pub fn SSL_CTX_set_max_early_data(ctx: *mut ::SSL_CTX, max_early_data: u32) -> c_int;
|
|
pub fn SSL_CTX_get_max_early_data(ctx: *const ::SSL_CTX) -> u32;
|
|
pub fn SSL_CTX_set_ciphersuites(ctx: *mut ::SSL_CTX, str: *const c_char) -> c_int;
|
|
|
|
pub fn SSL_set_max_early_data(ctx: *mut ::SSL, max_early_data: u32) -> c_int;
|
|
pub fn SSL_get_max_early_data(ctx: *const ::SSL) -> u32;
|
|
pub fn SSL_stateless(s: *mut ::SSL) -> c_int;
|
|
pub fn SSL_export_keying_material_early(
|
|
s: *mut ::SSL,
|
|
out: *mut c_uchar,
|
|
olen: size_t,
|
|
label: *const c_char,
|
|
llen: size_t,
|
|
context: *const c_uchar,
|
|
contextlen: size_t,
|
|
) -> c_int;
|
|
pub fn SSL_write_early_data(
|
|
s: *mut ::SSL,
|
|
buf: *const c_void,
|
|
num: size_t,
|
|
written: *mut size_t,
|
|
) -> c_int;
|
|
pub fn SSL_read_early_data(
|
|
s: *mut ::SSL,
|
|
buf: *mut c_void,
|
|
num: size_t,
|
|
readbytes: *mut size_t,
|
|
) -> c_int;
|
|
pub fn SSL_set_ciphersuites(ssl: *mut ::SSL, str: *const c_char) -> c_int;
|
|
|
|
pub fn SSL_SESSION_set_max_early_data(ctx: *mut ::SSL_SESSION, max_early_data: u32) -> c_int;
|
|
pub fn SSL_SESSION_get_max_early_data(ctx: *const ::SSL_SESSION) -> u32;
|
|
}
|