diff options
| author | Steven Fackler <[email protected]> | 2017-11-14 11:35:57 -0800 |
|---|---|---|
| committer | GitHub <[email protected]> | 2017-11-14 11:35:57 -0800 |
| commit | ca0c828d72d4d3edf556cc393d35f548762e6ae6 (patch) | |
| tree | 99fb67da55cad2d3c80cdce1bcb6419960923987 | |
| parent | Merge pull request #759 from feeeeb/libressl-v2.6.3 (diff) | |
| parent | Adjust libressl version detection (diff) | |
| download | rust-openssl-ca0c828d72d4d3edf556cc393d35f548762e6ae6.tar.xz rust-openssl-ca0c828d72d4d3edf556cc393d35f548762e6ae6.zip | |
Merge pull request #775 from sfackler/libressl-stable
Whitelist stable libressl version ranges
| -rw-r--r-- | .circleci/config.yml | 8 | ||||
| -rw-r--r-- | openssl-sys/build.rs | 38 | ||||
| -rw-r--r-- | openssl-sys/src/lib.rs | 8 | ||||
| -rw-r--r-- | openssl-sys/src/libressl/mod.rs | 8 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 4 | ||||
| -rw-r--r-- | openssl/src/ssl/tests/mod.rs | 8 |
6 files changed, 23 insertions, 51 deletions
diff --git a/.circleci/config.yml b/.circleci/config.yml index 7c6f1b33..b0ab0d0a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -79,9 +79,6 @@ openssl_101: &OPENSSL_101 libressl_250: &LIBRESSL_250 LIBRARY: libressl VERSION: 2.5.0 -libressl_261: &LIBRESSL_262 - LIBRARY: libressl - VERSION: 2.6.2 libressl_263: &LIBRESSL_263 LIBRARY: libressl VERSION: 2.6.3 @@ -143,10 +140,6 @@ jobs: <<: *JOB environment: <<: [*LIBRESSL_250, *X86_64, *BASE] - x86_64-libressl-2.6.2: - <<: *JOB - environment: - <<: [*LIBRESSL_262, *X86_64, *BASE] x86_64-libressl-2.6.3: <<: *JOB environment: @@ -165,5 +158,4 @@ workflows: - armhf-openssl-1.0.2 - armhf-openssl-1.0.1 - x86_64-libressl-2.5.0 - - x86_64-libressl-2.6.2 - x86_64-libressl-2.6.3 diff --git a/openssl-sys/build.rs b/openssl-sys/build.rs index b0163834..ff875be5 100644 --- a/openssl-sys/build.rs +++ b/openssl-sys/build.rs @@ -316,24 +316,18 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version { #include <openssl/opensslv.h> #include <openssl/opensslconf.h> -#if LIBRESSL_VERSION_NUMBER >= 0x20604000 +#if LIBRESSL_VERSION_NUMBER >= 0x20700000 RUST_LIBRESSL_NEW #elif LIBRESSL_VERSION_NUMBER >= 0x20603000 -RUST_LIBRESSL_263 +RUST_LIBRESSL_26X #elif LIBRESSL_VERSION_NUMBER >= 0x20602000 RUST_LIBRESSL_262 #elif LIBRESSL_VERSION_NUMBER >= 0x20601000 RUST_LIBRESSL_261 #elif LIBRESSL_VERSION_NUMBER >= 0x20600000 RUST_LIBRESSL_260 -#elif LIBRESSL_VERSION_NUMBER >= 0x20506000 -RUST_LIBRESSL_NEW -#elif LIBRESSL_VERSION_NUMBER >= 0x20505000 -RUST_LIBRESSL_255 -#elif LIBRESSL_VERSION_NUMBER >= 0x20504000 -RUST_LIBRESSL_254 #elif LIBRESSL_VERSION_NUMBER >= 0x20503000 -RUST_LIBRESSL_253 +RUST_LIBRESSL_25X #elif LIBRESSL_VERSION_NUMBER >= 0x20502000 RUST_LIBRESSL_252 #elif LIBRESSL_VERSION_NUMBER >= 0x20501000 @@ -435,25 +429,11 @@ See rust-openssl README for more information: println!("cargo:libressl_version=252"); println!("cargo:version=101"); Version::Libressl - } else if expanded.contains("RUST_LIBRESSL_253") { - println!("cargo:rustc-cfg=libressl"); - println!("cargo:rustc-cfg=libressl253"); - println!("cargo:libressl=true"); - println!("cargo:libressl_version=253"); - println!("cargo:version=101"); - Version::Libressl - } else if expanded.contains("RUST_LIBRESSL_254") { - println!("cargo:rustc-cfg=libressl"); - println!("cargo:rustc-cfg=libressl254"); - println!("cargo:libressl=true"); - println!("cargo:libressl_version=254"); - println!("cargo:version=101"); - Version::Libressl - } else if expanded.contains("RUST_LIBRESSL_255") { + } else if expanded.contains("RUST_LIBRESSL_25X") { println!("cargo:rustc-cfg=libressl"); - println!("cargo:rustc-cfg=libressl255"); + println!("cargo:rustc-cfg=libressl25x"); println!("cargo:libressl=true"); - println!("cargo:libressl_version=255"); + println!("cargo:libressl_version=25x"); println!("cargo:version=101"); Version::Libressl } else if expanded.contains("RUST_LIBRESSL_260") { @@ -477,11 +457,11 @@ See rust-openssl README for more information: println!("cargo:libressl_version=262"); println!("cargo:version=101"); Version::Libressl - } else if expanded.contains("RUST_LIBRESSL_263") { + } else if expanded.contains("RUST_LIBRESSL_26X") { println!("cargo:rustc-cfg=libressl"); - println!("cargo:rustc-cfg=libressl263"); + println!("cargo:rustc-cfg=libressl26x"); println!("cargo:libressl=true"); - println!("cargo:libressl_version=263"); + println!("cargo:libressl_version=26x"); println!("cargo:version=101"); Version::Libressl } else if expanded.contains("RUST_OPENSSL_110F") { diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0bc7075f..e2f7c830 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1250,14 +1250,14 @@ pub const SSL_VERIFY_NONE: c_int = 0; pub const SSL_VERIFY_PEER: c_int = 1; pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; -#[cfg(not(any(libressl261, libressl262, libressl263, ossl101)))] +#[cfg(not(any(libressl261, libressl262, libressl26x, ossl101)))] pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010; -#[cfg(any(libressl261, libressl262, libressl263))] +#[cfg(any(libressl261, libressl262, libressl26x))] pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0; pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800; -#[cfg(not(any(libressl261, libressl262, libressl263)))] +#[cfg(not(any(libressl261, libressl262, libressl26x)))] pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000; -#[cfg(any(libressl261, libressl262, libressl263))] +#[cfg(any(libressl261, libressl262, libressl26x))] pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0; pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004; #[cfg(not(libressl))] diff --git a/openssl-sys/src/libressl/mod.rs b/openssl-sys/src/libressl/mod.rs index 40092256..7eb119c2 100644 --- a/openssl-sys/src/libressl/mod.rs +++ b/openssl-sys/src/libressl/mod.rs @@ -345,9 +345,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; -#[cfg(any(libressl261, libressl262, libressl263))] +#[cfg(any(libressl261, libressl262, libressl26x))] pub const SSL_OP_ALL: c_ulong = 0x4; -#[cfg(not(any(libressl261, libressl262, libressl263)))] +#[cfg(not(any(libressl261, libressl262, libressl26x)))] pub const SSL_OP_ALL: c_ulong = 0x80000014; pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0; pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0; @@ -360,9 +360,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0; pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0; -#[cfg(any(libressl261, libressl262, libressl263))] +#[cfg(any(libressl261, libressl262, libressl26x))] pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0; -#[cfg(not(any(libressl261, libressl262, libressl263)))] +#[cfg(not(any(libressl261, libressl262, libressl26x)))] pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 6bba8635..176863d6 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -649,7 +649,7 @@ impl SslContextBuilder { /// Set the protocols to be used during Next Protocol Negotiation (the protocols /// supported by the application). - #[cfg(not(any(libressl261, libressl262, libressl263)))] + #[cfg(not(any(libressl261, libressl262, libressl26x)))] pub fn set_npn_protocols(&mut self, protocols: &[&[u8]]) -> Result<(), ErrorStack> { // Firstly, convert the list of protocols to a byte-array that can be passed to OpenSSL // APIs -- a list of length-prefixed strings. @@ -1307,7 +1307,7 @@ impl SslRef { /// /// The protocol's name is returned is an opaque sequence of bytes. It is up to the client /// to interpret it. - #[cfg(not(any(libressl261, libressl262, libressl263)))] + #[cfg(not(any(libressl261, libressl262, libressl26x)))] pub fn selected_npn_protocol(&self) -> Option<&[u8]> { unsafe { let mut data: *const c_uchar = ptr::null(); diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs index ffa9b349..e400c19f 100644 --- a/openssl/src/ssl/tests/mod.rs +++ b/openssl/src/ssl/tests/mod.rs @@ -503,7 +503,7 @@ fn test_connect_with_unilateral_alpn() { /// Tests that connecting with the client using NPN, but the server not does not /// break the existing connection behavior. #[test] -#[cfg(not(any(libressl261, libressl262, libressl263)))] +#[cfg(not(any(libressl261, libressl262, libressl26x)))] fn test_connect_with_unilateral_npn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); @@ -616,7 +616,7 @@ fn test_connect_with_npn_successful_single_match() { /// Tests that when the `SslStream` is created as a server stream, the protocols /// are correctly advertised to the client. #[test] -#[cfg(not(any(libressl261, libressl262, libressl263)))] +#[cfg(not(any(libressl261, libressl262, libressl26x)))] fn test_npn_server_advertise_multiple() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let localhost = listener.local_addr().unwrap(); @@ -1241,7 +1241,7 @@ fn tmp_dh_callback() { } #[test] -#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl263))), all(feature = "v102", ossl102)))] +#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl26x))), all(feature = "v102", ossl102)))] fn tmp_ecdh_callback() { use ec::EcKey; use nid; @@ -1308,7 +1308,7 @@ fn tmp_dh_callback_ssl() { } #[test] -#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl263))), all(feature = "v102", ossl102)))] +#[cfg(any(all(feature = "v101", ossl101, not(any(libressl261, libressl262, libressl26x))), all(feature = "v102", ossl102)))] fn tmp_ecdh_callback_ssl() { use ec::EcKey; use nid; |