diff options
| author | Frank Denis <[email protected]> | 2015-09-01 10:56:33 +0200 |
|---|---|---|
| committer | Frank Denis <[email protected]> | 2015-09-25 13:15:37 +0200 |
| commit | 28320a65a734b2b38301ef149746a44cb23cd366 (patch) | |
| tree | 09b7dc6595d4d83dec38c99c7bdd85c8ad2277f1 | |
| parent | Merge pull request #273 from alexcrichton/test-on-windows (diff) | |
| download | rust-openssl-28320a65a734b2b38301ef149746a44cb23cd366.tar.xz rust-openssl-28320a65a734b2b38301ef149746a44cb23cd366.zip | |
Add SSL::set_ecdh_auto()
This sets automatic curve selection and enables ECDH support.
Requires LibreSSL or OpenSSL >= 1.0.2, so behind a feature gate.
| -rw-r--r-- | openssl-sys/Cargo.toml | 1 | ||||
| -rw-r--r-- | openssl-sys/src/lib.rs | 3 | ||||
| -rw-r--r-- | openssl-sys/src/openssl_shim.c | 6 | ||||
| -rw-r--r-- | openssl/Cargo.toml | 1 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 8 |
5 files changed, 19 insertions, 0 deletions
diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index 0e78b0ea..5a01318c 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -22,6 +22,7 @@ aes_ctr = [] npn = [] alpn = [] rfc5114 = [] +ecdh_auto = [] [dependencies] libc = "0.1" diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 3f5f7623..45d03ac8 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -675,6 +675,9 @@ extern "C" { pub fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long; #[link_name = "SSL_CTX_set_read_ahead_shim"] pub fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long; + #[cfg(feature = "ecdh_auto")] + #[link_name = "SSL_CTX_set_ecdh_auto_shim"] + pub fn SSL_CTX_set_ecdh_auto(ssl: *mut SSL_CTX, onoff: c_int) -> c_int; #[link_name = "SSL_set_tlsext_host_name_shim"] pub fn SSL_set_tlsext_host_name(s: *mut SSL, name: *const c_char) -> c_long; #[link_name = "SSL_CTX_set_tmp_dh_shim"] diff --git a/openssl-sys/src/openssl_shim.c b/openssl-sys/src/openssl_shim.c index ce0ee692..7fabe06e 100644 --- a/openssl-sys/src/openssl_shim.c +++ b/openssl-sys/src/openssl_shim.c @@ -85,6 +85,12 @@ long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) { return SSL_CTX_set_tmp_dh(ctx, dh); } +#if OPENSSL_VERSION_NUMBER >= 0x1000200L +int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) { + return SSL_CTX_set_ecdh_auto(ctx, onoff); +} +#endif + DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) { DH *dh; diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index 8ade8101..c70c3ad3 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -20,6 +20,7 @@ aes_ctr = ["openssl-sys/aes_ctr"] npn = ["openssl-sys/npn"] alpn = ["openssl-sys/alpn"] rfc5114 = ["openssl-sys/rfc5114"] +ecdh_auto = ["openssl-sys/ecdh_auto"] [dependencies.openssl-sys] path = "../openssl-sys" diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 3adf89e6..40e06e93 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -570,6 +570,14 @@ impl SslContext { }) } + #[cfg(feature = "ecdh_auto")] + pub fn set_ecdh_auto(&mut self, onoff: bool) -> Result<(),SslError> { + wrap_ssl_result( + unsafe { + ffi::SSL_CTX_set_ecdh_auto(self.ctx, onoff as c_int) + }) + } + pub fn set_options(&mut self, option: SslContextOptions) -> SslContextOptions { let raw_bits = option.bits(); let ret = unsafe { |