diff options
| author | Paul Kehrer <[email protected]> | 2015-02-22 15:44:02 -0600 |
|---|---|---|
| committer | Paul Kehrer <[email protected]> | 2015-02-22 15:45:00 -0600 |
| commit | 06ba41ad47e55d8075d74ee0d3041fbd6ee206b5 (patch) | |
| tree | 82aad1b50f831122497c79d1cb481e78397e5656 | |
| parent | Use new path API in buildscript (diff) | |
| download | rust-openssl-06ba41ad47e55d8075d74ee0d3041fbd6ee206b5.tar.xz rust-openssl-06ba41ad47e55d8075d74ee0d3041fbd6ee206b5.zip | |
add support for SSL_CTX_set_options and SSL_CTX_get_options
fixes #168
| -rw-r--r-- | openssl-sys/src/lib.rs | 12 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 12 | ||||
| -rw-r--r-- | openssl/src/ssl/tests.rs | 14 |
3 files changed, 38 insertions, 0 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 92d88052..e575b8be 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -117,6 +117,8 @@ pub const MBSTRING_UTF8: c_int = MBSTRING_FLAG; pub const NID_ext_key_usage: c_int = 126; pub const NID_key_usage: c_int = 83; +pub const SSL_CTRL_OPTIONS: c_int = 32; + pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; pub const SSL_ERROR_NONE: c_int = 0; pub const SSL_ERROR_SSL: c_int = 1; @@ -237,6 +239,14 @@ pub unsafe fn BIO_eof(b: *mut BIO) -> bool { BIO_ctrl(b, BIO_CTRL_EOF, 0, ptr::null_mut()) == 1 } +pub unsafe fn SSL_CTX_set_options(ssl: *mut SSL_CTX, op: c_long) -> c_long { + SSL_CTX_ctrl(ssl, SSL_CTRL_OPTIONS, op, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_get_options(ssl: *mut SSL_CTX) -> c_long { + SSL_CTX_ctrl(ssl, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) +} + // True functions extern "C" { pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; @@ -475,6 +485,8 @@ extern "C" { pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int; + pub fn SSL_CTX_ctrl(ssl: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; pub fn X509_digest(x: *mut X509, digest: *const EVP_MD, buf: *mut c_char, len: *mut c_uint) -> c_int; pub fn X509_free(x: *mut X509); diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 5d3549ff..fe04e8ec 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -279,6 +279,18 @@ impl SslContext { ffi::SSL_CTX_set_cipher_list(*self.ctx, cipher_list.as_ptr()) }) } + + pub fn set_options(&mut self, option: c_long) -> c_long { + unsafe { + ffi::SSL_CTX_set_options(*self.ctx, option) + } + } + + pub fn get_options(&mut self) -> c_long { + unsafe { + ffi::SSL_CTX_get_options(*self.ctx) + } + } } #[allow(dead_code)] diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 4bb3c2ca..c5e9c5e9 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -174,6 +174,20 @@ fn test_verify_callback_data() { } } +#[test] +fn test_get_ctx_options() { + let mut ctx = SslContext::new(Sslv23).unwrap(); + ctx.get_options(); +} + +#[test] +fn test_set_ctx_options() { + let mut ctx = SslContext::new(Sslv23).unwrap(); + let start_opts = ctx.get_options(); + let ssl_op_no_sslv3 = 0x02000000; + let res = ctx.set_options(ssl_op_no_sslv3); + assert_eq!(res, start_opts | ssl_op_no_sslv3); +} #[test] fn test_write() { |