diff options
| author | Alex Crichton <[email protected]> | 2016-09-30 00:43:05 -0700 |
|---|---|---|
| committer | Alex Crichton <[email protected]> | 2016-10-12 22:49:55 -0700 |
| commit | 43c951f743e68fac5f45119eda7c994882a1d489 (patch) | |
| tree | 45169f1b92858a3ba2ad0287de1bf1ecb395804b /openssl-sys/src/probe.rs | |
| parent | Rename NoPadding to None (diff) | |
| download | rust-openssl-43c951f743e68fac5f45119eda7c994882a1d489.tar.xz rust-openssl-43c951f743e68fac5f45119eda7c994882a1d489.zip | |
Add support for OpenSSL 1.1.0
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:
* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
* Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
* Better error messages for mismatched versions.
* Better error messages for failing to find OpenSSL on a platform (more can be
done here)
* Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
crate.
* Many Cargo features have been removed as they're now enabled by default.
As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!
Closes #452
Diffstat (limited to 'openssl-sys/src/probe.rs')
| -rw-r--r-- | openssl-sys/src/probe.rs | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/openssl-sys/src/probe.rs b/openssl-sys/src/probe.rs deleted file mode 100644 index e3711b54..00000000 --- a/openssl-sys/src/probe.rs +++ /dev/null @@ -1,77 +0,0 @@ -use std::env; -use std::fs; -use std::path::PathBuf; - -pub struct ProbeResult { - pub cert_file: Option<PathBuf>, - pub cert_dir: Option<PathBuf>, -} - -/// Probe the system for the directory in which CA certificates should likely be -/// found. -/// -/// This will only search known system locations. -pub fn find_certs_dirs() -> Vec<PathBuf> { - // see http://gagravarr.org/writing/openssl-certs/others.shtml - [ - "/var/ssl", - "/usr/share/ssl", - "/usr/local/ssl", - "/usr/local/openssl", - "/usr/local/share", - "/usr/lib/ssl", - "/usr/ssl", - "/etc/openssl", - "/etc/pki/tls", - "/etc/ssl", - ].iter().map(|s| PathBuf::from(*s)).filter(|p| { - fs::metadata(p).is_ok() - }).collect() -} - -pub fn init_ssl_cert_env_vars() { - let ProbeResult { cert_file, cert_dir } = probe(); - match cert_file { - Some(path) => put("SSL_CERT_FILE", path), - None => {} - } - match cert_dir { - Some(path) => put("SSL_CERT_DIR", path), - None => {} - } - - fn put(var: &str, path: PathBuf) { - // Don't stomp over what anyone else has set - match env::var(var) { - Ok(..) => {} - Err(..) => env::set_var(var, &path), - } - } -} - -pub fn probe() -> ProbeResult { - let mut result = ProbeResult { - cert_file: env::var_os("SSL_CERT_FILE").map(PathBuf::from), - cert_dir: env::var_os("SSL_CERT_DIR").map(PathBuf::from), - }; - for certs_dir in find_certs_dirs().iter() { - // cert.pem looks to be an openssl 1.0.1 thing, while - // certs/ca-certificates.crt appears to be a 0.9.8 thing - for cert in [ - "cert.pem", - "certs.pem", - "certs/ca-certificates.crt", - "certs/ca-root-nss.crt" - ].iter() { - try(&mut result.cert_file, certs_dir.join(cert)); - } - try(&mut result.cert_dir, certs_dir.join("certs")); - } - result -} - -fn try(dst: &mut Option<PathBuf>, val: PathBuf) { - if dst.is_none() && fs::metadata(&val).is_ok() { - *dst = Some(val); - } -} |