diff options
| author | Steven Fackler <[email protected]> | 2018-06-09 21:33:35 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2018-06-09 21:49:36 -0700 |
| commit | 115cb730b0ec9a2010d7a803586a7fcce214cb83 (patch) | |
| tree | a9559c3a76b3b8e1ce43f065eb571eb48e742d0e | |
| parent | Merge pull request #936 from sfackler/windows-static (diff) | |
| download | rust-openssl-115cb730b0ec9a2010d7a803586a7fcce214cb83.tar.xz rust-openssl-115cb730b0ec9a2010d7a803586a7fcce214cb83.zip | |
Switch to accessors in libressl where possible
Some accessors are mysteriously still macros so we can't make everything
opaque yet, unfortunately.
cc #909
| -rw-r--r-- | openssl-sys/build/cfgs.rs | 3 | ||||
| -rw-r--r-- | openssl-sys/src/lib.rs | 2 | ||||
| -rw-r--r-- | openssl-sys/src/libressl/mod.rs | 4 | ||||
| -rw-r--r-- | openssl-sys/src/libressl/v273.rs | 106 | ||||
| -rw-r--r-- | openssl/build.rs | 4 | ||||
| -rw-r--r-- | openssl/src/asn1.rs | 2 | ||||
| -rw-r--r-- | openssl/src/dh.rs | 2 | ||||
| -rw-r--r-- | openssl/src/dsa.rs | 2 | ||||
| -rw-r--r-- | openssl/src/ecdsa.rs | 2 | ||||
| -rw-r--r-- | openssl/src/rsa.rs | 2 | ||||
| -rw-r--r-- | openssl/src/ssl/bio.rs | 2 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 77 | ||||
| -rw-r--r-- | openssl/src/symm.rs | 2 | ||||
| -rw-r--r-- | openssl/src/x509/mod.rs | 52 |
14 files changed, 193 insertions, 69 deletions
diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs index 4648f6f5..1634da6b 100644 --- a/openssl-sys/build/cfgs.rs +++ b/openssl-sys/build/cfgs.rs @@ -13,6 +13,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<& if libressl_version >= 0x2_07_00_00_0 { cfgs.push("libressl270"); } + if libressl_version >= 0x2_07_03_00_0 { + cfgs.push("libressl273"); + } } else { let openssl_version = openssl_version.unwrap(); diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index aaeb9713..c70d6a26 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -2616,7 +2616,7 @@ extern "C" { pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; #[cfg(all(ossl102, not(ossl110f)))] pub fn SSL_is_server(s: *mut SSL) -> c_int; - #[cfg(ossl110f)] + #[cfg(any(ossl110f, libressl273))] pub fn SSL_is_server(s: *const SSL) -> c_int; pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; diff --git a/openssl-sys/src/libressl/mod.rs b/openssl-sys/src/libressl/mod.rs index 0080fc7d..c65f6464 100644 --- a/openssl-sys/src/libressl/mod.rs +++ b/openssl-sys/src/libressl/mod.rs @@ -8,11 +8,15 @@ use std::sync::{Once, ONCE_INIT}; pub use libressl::v250::*; #[cfg(libressl251)] pub use libressl::v251::*; +#[cfg(libressl273)] +pub use libressl::v273::*; #[cfg(not(libressl251))] mod v250; #[cfg(libressl251)] mod v251; +#[cfg(libressl273)] +mod v273; #[repr(C)] pub struct stack_st_ASN1_OBJECT { diff --git a/openssl-sys/src/libressl/v273.rs b/openssl-sys/src/libressl/v273.rs new file mode 100644 index 00000000..74c331f6 --- /dev/null +++ b/openssl-sys/src/libressl/v273.rs @@ -0,0 +1,106 @@ +use libc::{c_char, c_int, c_long, c_uchar, c_void, size_t}; + +extern "C" { + pub fn ASN1_STRING_get0_data(x: *const ::ASN1_STRING) -> *const c_uchar; + + pub fn BIO_set_init(a: *mut ::BIO, init: c_int); + pub fn BIO_set_data(a: *mut ::BIO, data: *mut c_void); + pub fn BIO_get_data(a: *mut ::BIO) -> *mut c_void; + pub fn BIO_meth_new(type_: c_int, name: *const c_char) -> *mut ::BIO_METHOD; + pub fn BIO_meth_free(biom: *mut ::BIO_METHOD); + // FIXME should wrap in Option + pub fn BIO_meth_set_write( + biom: *mut ::BIO_METHOD, + write: unsafe extern "C" fn(*mut ::BIO, *const c_char, c_int) -> c_int, + ) -> c_int; + pub fn BIO_meth_set_read( + biom: *mut ::BIO_METHOD, + read: unsafe extern "C" fn(*mut ::BIO, *mut c_char, c_int) -> c_int, + ) -> c_int; + pub fn BIO_meth_set_puts( + biom: *mut ::BIO_METHOD, + read: unsafe extern "C" fn(*mut ::BIO, *const c_char) -> c_int, + ) -> c_int; + pub fn BIO_meth_set_ctrl( + biom: *mut ::BIO_METHOD, + read: unsafe extern "C" fn(*mut ::BIO, c_int, c_long, *mut c_void) -> c_long, + ) -> c_int; + pub fn BIO_meth_set_create( + biom: *mut ::BIO_METHOD, + create: unsafe extern "C" fn(*mut ::BIO) -> c_int, + ) -> c_int; + pub fn BIO_meth_set_destroy( + biom: *mut ::BIO_METHOD, + destroy: unsafe extern "C" fn(*mut ::BIO) -> c_int, + ) -> c_int; + + pub fn DH_set0_pqg( + dh: *mut ::DH, + p: *mut ::BIGNUM, + q: *mut ::BIGNUM, + g: *mut ::BIGNUM, + ) -> c_int; + + pub fn DSA_get0_pqg( + d: *const ::DSA, + p: *mut *const ::BIGNUM, + q: *mut *const ::BIGNUM, + q: *mut *const ::BIGNUM, + ); + + pub fn ECDSA_SIG_get0( + sig: *const ::ECDSA_SIG, + pr: *mut *const ::BIGNUM, + ps: *mut *const ::BIGNUM, + ); + pub fn ECDSA_SIG_set0(sig: *mut ::ECDSA_SIG, pr: *mut ::BIGNUM, ps: *mut ::BIGNUM) -> c_int; + + pub fn EVP_CIPHER_key_length(cipher: *const ::EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_block_size(cipher: *const ::EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_iv_length(cipher: *const ::EVP_CIPHER) -> c_int; + + pub fn RSA_get0_key( + r: *const ::RSA, + n: *mut *const ::BIGNUM, + e: *mut *const ::BIGNUM, + d: *mut *const ::BIGNUM, + ); + pub fn RSA_get0_factors(r: *const ::RSA, p: *mut *const ::BIGNUM, q: *mut *const ::BIGNUM); + pub fn RSA_get0_crt_params( + r: *const ::RSA, + dmp1: *mut *const ::BIGNUM, + dmq1: *mut *const ::BIGNUM, + iqmp: *mut *const ::BIGNUM, + ); + pub fn RSA_set0_key( + r: *mut ::RSA, + n: *mut ::BIGNUM, + e: *mut ::BIGNUM, + d: *mut ::BIGNUM, + ) -> c_int; + pub fn RSA_set0_factors(r: *mut ::RSA, p: *mut ::BIGNUM, q: *mut ::BIGNUM) -> c_int; + pub fn RSA_set0_crt_params( + r: *mut ::RSA, + dmp1: *mut ::BIGNUM, + dmq1: *mut ::BIGNUM, + iqmp: *mut ::BIGNUM, + ) -> c_int; + + pub fn SSL_CTX_up_ref(x: *mut ::SSL_CTX) -> c_int; + + pub fn SSL_SESSION_get_master_key( + session: *const ::SSL_SESSION, + out: *mut c_uchar, + outlen: size_t, + ) -> size_t; + pub fn SSL_SESSION_up_ref(ses: *mut ::SSL_SESSION) -> c_int; + + pub fn X509_getm_notAfter(x: *const ::X509) -> *mut ::ASN1_TIME; + pub fn X509_getm_notBefore(x: *const ::X509) -> *mut ::ASN1_TIME; + pub fn X509_get0_signature( + psig: *mut *const ::ASN1_BIT_STRING, + palg: *mut *const ::X509_ALGOR, + x: *const ::X509, + ); + pub fn X509_up_ref(x: *mut ::X509) -> c_int; +} diff --git a/openssl/build.rs b/openssl/build.rs index 5a5b86f2..f1166d62 100644 --- a/openssl/build.rs +++ b/openssl/build.rs @@ -45,5 +45,9 @@ fn main() { if version >= 0x2_07_00_00_0 { println!("cargo:rustc-cfg=libressl270"); } + + if version >= 0x2_07_03_00_0 { + println!("cargo:rustc-cfg=libressl273"); + } } } diff --git a/openssl/src/asn1.rs b/openssl/src/asn1.rs index 03546a4d..633407ea 100644 --- a/openssl/src/asn1.rs +++ b/openssl/src/asn1.rs @@ -297,7 +297,7 @@ impl fmt::Display for Asn1ObjectRef { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::ASN1_STRING_get0_data; } else { #[allow(bad_style)] diff --git a/openssl/src/dh.rs b/openssl/src/dh.rs index 730a5180..478e794f 100644 --- a/openssl/src/dh.rs +++ b/openssl/src/dh.rs @@ -107,7 +107,7 @@ impl Dh<Params> { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::DH_set0_pqg; } else { #[allow(bad_style)] diff --git a/openssl/src/dsa.rs b/openssl/src/dsa.rs index abc2e297..e8d78dcb 100644 --- a/openssl/src/dsa.rs +++ b/openssl/src/dsa.rs @@ -188,7 +188,7 @@ impl<T> fmt::Debug for Dsa<T> { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::DSA_get0_pqg; } else { #[allow(bad_style)] diff --git a/openssl/src/ecdsa.rs b/openssl/src/ecdsa.rs index d07dfda4..4edbbf50 100644 --- a/openssl/src/ecdsa.rs +++ b/openssl/src/ecdsa.rs @@ -105,7 +105,7 @@ impl EcdsaSig { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::{ECDSA_SIG_set0, ECDSA_SIG_get0}; } else { #[allow(bad_style)] diff --git a/openssl/src/rsa.rs b/openssl/src/rsa.rs index 92a5799e..d2131d28 100644 --- a/openssl/src/rsa.rs +++ b/openssl/src/rsa.rs @@ -645,7 +645,7 @@ impl<T> fmt::Debug for Rsa<T> { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::{ RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, diff --git a/openssl/src/ssl/bio.rs b/openssl/src/ssl/bio.rs index 1a149b6d..c1c5f871 100644 --- a/openssl/src/ssl/bio.rs +++ b/openssl/src/ssl/bio.rs @@ -175,7 +175,7 @@ unsafe extern "C" fn destroy<S>(bio: *mut BIO) -> c_int { } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::{BIO_get_data, BIO_set_data, BIO_set_flags, BIO_set_init}; #[allow(bad_style)] diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index e5a31e63..cd808829 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -3307,44 +3307,9 @@ pub enum ShutdownResult { } cfg_if! { - if #[cfg(ossl110)] { - use ffi::{ - SSL_CTX_up_ref, - SSL_SESSION_get_master_key, SSL_SESSION_up_ref, SSL_is_server, TLS_method, DTLS_method, - }; - - pub unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { - ffi::CRYPTO_get_ex_new_index( - ffi::CRYPTO_EX_INDEX_SSL_CTX, - 0, - ptr::null_mut(), - None, - None, - Some(f), - ) - } - - pub unsafe fn get_new_ssl_idx(f: ffi::CRYPTO_EX_free) -> c_int { - ffi::CRYPTO_get_ex_new_index( - ffi::CRYPTO_EX_INDEX_SSL, - 0, - ptr::null_mut(), - None, - None, - Some(f), - ) - } + if #[cfg(any(ossl110, libressl273))] { + use ffi::{SSL_CTX_up_ref, SSL_SESSION_get_master_key, SSL_SESSION_up_ref, SSL_is_server}; } else { - use ffi::{SSLv23_method as TLS_method, DTLSv1_method as DTLS_method}; - - pub unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { - ffi::SSL_CTX_get_ex_new_index(0, ptr::null_mut(), None, None, Some(f)) - } - - pub unsafe fn get_new_ssl_idx(f: ffi::CRYPTO_EX_free) -> c_int { - ffi::SSL_get_ex_new_index(0, ptr::null_mut(), None, None, Some(f)) - } - #[allow(bad_style)] pub unsafe fn SSL_CTX_up_ref(ssl: *mut ffi::SSL_CTX) -> c_int { ffi::CRYPTO_add_lock( @@ -3391,3 +3356,41 @@ cfg_if! { } } } + +cfg_if! { + if #[cfg(ossl110)] { + use ffi::{TLS_method, DTLS_method}; + + pub unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { + ffi::CRYPTO_get_ex_new_index( + ffi::CRYPTO_EX_INDEX_SSL_CTX, + 0, + ptr::null_mut(), + None, + None, + Some(f), + ) + } + + pub unsafe fn get_new_ssl_idx(f: ffi::CRYPTO_EX_free) -> c_int { + ffi::CRYPTO_get_ex_new_index( + ffi::CRYPTO_EX_INDEX_SSL, + 0, + ptr::null_mut(), + None, + None, + Some(f), + ) + } + } else { + use ffi::{SSLv23_method as TLS_method, DTLSv1_method as DTLS_method}; + + pub unsafe fn get_new_idx(f: ffi::CRYPTO_EX_free) -> c_int { + ffi::SSL_CTX_get_ex_new_index(0, ptr::null_mut(), None, None, Some(f)) + } + + pub unsafe fn get_new_ssl_idx(f: ffi::CRYPTO_EX_free) -> c_int { + ffi::SSL_get_ex_new_index(0, ptr::null_mut(), None, None, Some(f)) + } + } +} diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs index 33655874..0eab884b 100644 --- a/openssl/src/symm.rs +++ b/openssl/src/symm.rs @@ -719,7 +719,7 @@ pub fn decrypt_aead( } cfg_if! { - if #[cfg(ossl110)] { + if #[cfg(any(ossl110, libressl273))] { use ffi::{EVP_CIPHER_block_size, EVP_CIPHER_iv_length, EVP_CIPHER_key_length}; } else { #[allow(bad_style)] diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 5c1bb23f..a07fc1f1 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -1245,21 +1245,9 @@ impl X509AlgorithmRef { } cfg_if! { - if #[cfg(ossl110)] { - use ffi::{ - X509_ALGOR_get0, X509_REQ_get_subject_name, X509_REQ_get_version, - X509_get0_signature, X509_getm_notAfter, X509_getm_notBefore, X509_up_ref, - ASN1_STRING_get0_data, X509_STORE_CTX_get0_chain, X509_set1_notAfter, - X509_set1_notBefore, - }; + if #[cfg(any(ossl110, libressl273))] { + use ffi::{X509_getm_notAfter, X509_getm_notBefore, X509_up_ref, X509_get0_signature}; } else { - use ffi::{ - ASN1_STRING_data as ASN1_STRING_get0_data, - X509_STORE_CTX_get_chain as X509_STORE_CTX_get0_chain, - X509_set_notAfter as X509_set1_notAfter, - X509_set_notBefore as X509_set1_notBefore, - }; - #[allow(bad_style)] unsafe fn X509_getm_notAfter(x: *mut ffi::X509) -> *mut ffi::ASN1_TIME { (*(*(*x).cert_info).validity).notAfter @@ -1282,16 +1270,6 @@ cfg_if! { } #[allow(bad_style)] - unsafe fn X509_REQ_get_version(x: *mut ffi::X509_REQ) -> ::libc::c_long { - ffi::ASN1_INTEGER_get((*(*x).req_info).version) - } - - #[allow(bad_style)] - unsafe fn X509_REQ_get_subject_name(x: *mut ffi::X509_REQ) -> *mut ::ffi::X509_NAME { - (*(*x).req_info).subject - } - - #[allow(bad_style)] unsafe fn X509_get0_signature( psig: *mut *const ffi::ASN1_BIT_STRING, palg: *mut *const ffi::X509_ALGOR, @@ -1304,6 +1282,32 @@ cfg_if! { *palg = (*x).sig_alg; } } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + use ffi::{ + X509_ALGOR_get0, ASN1_STRING_get0_data, X509_STORE_CTX_get0_chain, X509_set1_notAfter, + X509_set1_notBefore, X509_REQ_get_version, X509_REQ_get_subject_name, + }; + } else { + use ffi::{ + ASN1_STRING_data as ASN1_STRING_get0_data, + X509_STORE_CTX_get_chain as X509_STORE_CTX_get0_chain, + X509_set_notAfter as X509_set1_notAfter, + X509_set_notBefore as X509_set1_notBefore, + }; + + #[allow(bad_style)] + unsafe fn X509_REQ_get_version(x: *mut ffi::X509_REQ) -> ::libc::c_long { + ffi::ASN1_INTEGER_get((*(*x).req_info).version) + } + + #[allow(bad_style)] + unsafe fn X509_REQ_get_subject_name(x: *mut ffi::X509_REQ) -> *mut ::ffi::X509_NAME { + (*(*x).req_info).subject + } #[allow(bad_style)] unsafe fn X509_ALGOR_get0( |