diff options
| author | Steven Fackler <[email protected]> | 2018-03-22 20:20:47 +0000 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2018-03-22 20:22:07 +0000 |
| commit | f0614f4acd6d24fbb100b8365bc54662d4f62df2 (patch) | |
| tree | c295bcfcb9060b41bba7ade78211b70865c40e71 | |
| parent | Merge pull request #881 from sfackler/no-features-2 (diff) | |
| download | rust-openssl-f0614f4acd6d24fbb100b8365bc54662d4f62df2.tar.xz rust-openssl-f0614f4acd6d24fbb100b8365bc54662d4f62df2.zip | |
Support LibreSSL 2.7.0
Closes #883
Closes #805
| -rw-r--r-- | .circleci/config.yml | 10 | ||||
| -rw-r--r-- | openssl-sys/build.rs | 11 | ||||
| -rw-r--r-- | openssl-sys/src/lib.rs | 54 | ||||
| -rw-r--r-- | openssl-sys/src/libressl/mod.rs | 10 |
4 files changed, 50 insertions, 35 deletions
diff --git a/.circleci/config.yml b/.circleci/config.yml index 35c23548..353c27cd 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -104,9 +104,9 @@ openssl_101: &OPENSSL_101 libressl_250: &LIBRESSL_250 LIBRARY: libressl VERSION: 2.5.0 -libressl_263: &LIBRESSL_263 +libressl_263: &LIBRESSL_270 LIBRARY: libressl - VERSION: 2.6.3 + VERSION: 2.7.0 x86_64: &X86_64 TARGET: x86_64-unknown-linux-gnu @@ -171,10 +171,10 @@ jobs: <<: *JOB environment: <<: [*LIBRESSL_250, *X86_64, *BASE] - x86_64-libressl-2.6.3: + x86_64-libressl-2.7.0: <<: *JOB environment: - <<: [*LIBRESSL_263, *X86_64, *BASE] + <<: [*LIBRESSL_270, *X86_64, *BASE] macos: <<: *MACOS_JOB workflows: @@ -192,5 +192,5 @@ workflows: - armhf-openssl-1.1.0 - armhf-openssl-1.0.2 - x86_64-libressl-2.5.0 - - x86_64-libressl-2.6.3 + - x86_64-libressl-2.7.0 - macos diff --git a/openssl-sys/build.rs b/openssl-sys/build.rs index 7df226f2..3f0f934e 100644 --- a/openssl-sys/build.rs +++ b/openssl-sys/build.rs @@ -323,8 +323,10 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version { #include <openssl/opensslv.h> #include <openssl/opensslconf.h> -#if LIBRESSL_VERSION_NUMBER >= 0x20700000 +#if LIBRESSL_VERSION_NUMBER >= 0x20701000 RUST_LIBRESSL_NEW +#elif LIBRESSL_VERSION_NUMBER >= 0x20700000 +RUST_LIBRESSL_270 #elif LIBRESSL_VERSION_NUMBER >= 0x20603000 RUST_LIBRESSL_26X #elif LIBRESSL_VERSION_NUMBER >= 0x20602000 @@ -473,6 +475,13 @@ See rust-openssl README for more information: println!("cargo:libressl_version=26x"); println!("cargo:version=101"); Version::Libressl + } else if expanded.contains("RUST_LIBRESSL_270") { + println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl270"); + println!("cargo:libressl=true"); + println!("cargo:libressl_version=270"); + println!("cargo:version=101"); + Version::Libressl } else if expanded.contains("RUST_OPENSSL_111") { println!("cargo:rustc-cfg=ossl111"); println!("cargo:rustc-cfg=ossl110"); diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 8326e1dc..27ef7e91 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -247,7 +247,8 @@ pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9; pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY - | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX; + | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX + | EVP_PKEY_OP_VERIFYCTX; pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT; @@ -1276,14 +1277,14 @@ pub const SSL_VERIFY_NONE: c_int = 0; pub const SSL_VERIFY_PEER: c_int = 1; pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; -#[cfg(not(any(libressl261, libressl262, libressl26x, ossl101)))] +#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270, ossl101)))] pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010; -#[cfg(any(libressl261, libressl262, libressl26x))] +#[cfg(any(libressl261, libressl262, libressl26x, libressl270))] pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0; pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800; -#[cfg(not(any(libressl261, libressl262, libressl26x)))] +#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))] pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000; -#[cfg(any(libressl261, libressl262, libressl26x))] +#[cfg(any(libressl261, libressl262, libressl26x, libressl270))] pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0; pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004; #[cfg(not(libressl))] @@ -1927,9 +1928,17 @@ extern "C" { pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG; pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG); - pub fn ECDSA_do_verify(dgst: *const c_uchar, dgst_len: c_int, - sig: *const ECDSA_SIG, eckey: *mut EC_KEY) -> c_int; - pub fn ECDSA_do_sign(dgst: *const c_uchar, dgst_len: c_int, eckey: *mut EC_KEY) -> *mut ECDSA_SIG; + pub fn ECDSA_do_verify( + dgst: *const c_uchar, + dgst_len: c_int, + sig: *const ECDSA_SIG, + eckey: *mut EC_KEY, + ) -> c_int; + pub fn ECDSA_do_sign( + dgst: *const c_uchar, + dgst_len: c_int, + eckey: *mut EC_KEY, + ) -> *mut ECDSA_SIG; pub fn ERR_peek_last_error() -> c_ulong; pub fn ERR_get_error() -> c_ulong; @@ -2704,7 +2713,12 @@ extern "C" { pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); - pub fn X509_STORE_CTX_init(ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509) -> c_int; + pub fn X509_STORE_CTX_init( + ctx: *mut X509_STORE_CTX, + store: *mut X509_STORE, + x509: *mut X509, + chain: *mut stack_st_X509, + ) -> c_int; pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int; @@ -2839,31 +2853,23 @@ extern "C" { pub fn SSL_CTX_set_cookie_generate_cb( s: *mut SSL_CTX, - cb: Option<extern "C" fn( - ssl: *mut SSL, - cookie: *mut c_uchar, - cookie_len: *mut c_uint - ) -> c_int> + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, + >, ); #[cfg(ossl110)] pub fn SSL_CTX_set_cookie_verify_cb( s: *mut SSL_CTX, - cb: Option<extern "C" fn( - ssl: *mut SSL, - cookie: *const c_uchar, - cookie_len: c_uint - ) -> c_int> + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int, + >, ); #[cfg(not(ossl110))] pub fn SSL_CTX_set_cookie_verify_cb( s: *mut SSL_CTX, - cb: Option<extern "C" fn( - ssl: *mut SSL, - cookie: *mut c_uchar, - cookie_len: c_uint - ) -> c_int> + cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>, ); pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; diff --git a/openssl-sys/src/libressl/mod.rs b/openssl-sys/src/libressl/mod.rs index c47363ca..0bc8cccc 100644 --- a/openssl-sys/src/libressl/mod.rs +++ b/openssl-sys/src/libressl/mod.rs @@ -136,7 +136,7 @@ pub struct DSA { #[repr(C)] pub struct ECDSA_SIG { pub r: *mut ::BIGNUM, - pub s: *mut ::BIGNUM + pub s: *mut ::BIGNUM, } #[repr(C)] @@ -337,9 +337,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; -#[cfg(any(libressl261, libressl262, libressl26x))] +#[cfg(any(libressl261, libressl262, libressl26x, libressl270))] pub const SSL_OP_ALL: c_ulong = 0x4; -#[cfg(not(any(libressl261, libressl262, libressl26x)))] +#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))] pub const SSL_OP_ALL: c_ulong = 0x80000014; pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0; pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0; @@ -352,9 +352,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0; pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0; pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0; -#[cfg(any(libressl261, libressl262, libressl26x))] +#[cfg(any(libressl261, libressl262, libressl26x, libressl270))] pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0; -#[cfg(not(any(libressl261, libressl262, libressl26x)))] +#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))] pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; |