aboutsummaryrefslogtreecommitdiff
path: root/openssl-sys/src
diff options
context:
space:
mode:
authorSteven Fackler <[email protected]>2015-11-16 21:11:00 -0800
committerSteven Fackler <[email protected]>2015-11-16 21:11:00 -0800
commit094e8e5b3e6eef13b03fd8c5b67b4aaf81af5d5c (patch)
tree21e7a32e45992656ddefbf95c3179eb0f914b865 /openssl-sys/src
parentMerge branch 'release-v0.6.7' into release (diff)
parentRelease v0.7.0 (diff)
downloadrust-openssl-0.7.0.tar.xz
rust-openssl-0.7.0.zip
Merge branch 'release-v0.7.0' into releasev0.7.0
Diffstat (limited to 'openssl-sys/src')
-rw-r--r--openssl-sys/src/lib.rs103
-rw-r--r--openssl-sys/src/openssl_shim.c138
-rw-r--r--openssl-sys/src/ssl_options.rs46
3 files changed, 28 insertions, 259 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index bc177959..018f8bca 100644
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -1,6 +1,6 @@
#![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)]
#![allow(dead_code)]
-#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.7")]
+#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.7.0")]
extern crate libc;
@@ -159,14 +159,6 @@ pub const SSL_TLSEXT_ERR_ALERT_WARNING: c_int = 1;
pub const SSL_TLSEXT_ERR_ALERT_FATAL: c_int = 2;
pub const SSL_TLSEXT_ERR_NOACK: c_int = 3;
-macro_rules! import_options {
- ( $( $name:ident $val:expr )* ) => {
- $( pub const $name: u64 = $val; )*
- };
-}
-
-include!("ssl_options.rs");
-
#[cfg(any(feature = "npn", feature = "alpn"))]
pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0;
#[cfg(any(feature = "npn", feature = "alpn"))]
@@ -238,16 +230,14 @@ pub const X509_V_OK: c_int = 0;
static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = 0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
-extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char,
+unsafe extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char,
_line: c_int) {
- unsafe {
- let mutex = &(*MUTEXES)[n as usize];
+ let mutex = &(*MUTEXES)[n as usize];
- if mode & CRYPTO_LOCK != 0 {
- (*GUARDS)[n as usize] = Some(mutex.lock().unwrap());
- } else {
- &(*GUARDS)[n as usize].take();
- }
+ if mode & CRYPTO_LOCK != 0 {
+ (*GUARDS)[n as usize] = Some(mutex.lock().unwrap());
+ } else {
+ &(*GUARDS)[n as usize].take();
}
}
@@ -270,29 +260,27 @@ pub fn init() {
GUARDS = mem::transmute(guards);
CRYPTO_set_locking_callback(locking_function);
- rust_openssl_set_id_callback();
+ set_id_callback();
}
})
}
-pub unsafe fn SSL_CTX_set_options(ssl: *mut SSL_CTX, op: u64) -> u64 {
- rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_set_options_shim(ssl, rust_openssl_ssl_ctx_options_rust_to_c(op)))
-}
+#[cfg(unix)]
+fn set_id_callback() {
+ unsafe extern "C" fn thread_id() -> c_ulong {
+ libc::pthread_self() as c_ulong
+ }
-pub unsafe fn SSL_CTX_get_options(ssl: *mut SSL_CTX) -> u64 {
- rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_get_options_shim(ssl))
+ unsafe {
+ CRYPTO_set_id_callback(thread_id);
+ }
}
-pub unsafe fn SSL_CTX_clear_options(ssl: *mut SSL_CTX, op: u64) -> u64 {
- rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_clear_options_shim(ssl, rust_openssl_ssl_ctx_options_rust_to_c(op)))
-}
+#[cfg(not(unix))]
+fn set_id_callback() {}
// True functions
extern "C" {
- fn rust_openssl_ssl_ctx_options_rust_to_c(rustval: u64) -> c_long;
- fn rust_openssl_ssl_ctx_options_c_to_rust(cval: c_long) -> u64;
- fn rust_openssl_set_id_callback();
-
pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int;
pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING;
pub fn ASN1_TIME_free(tm: *mut ASN1_TIME);
@@ -375,10 +363,11 @@ extern "C" {
pub fn BN_bn2hex(a: *mut BIGNUM) -> *const c_char;
pub fn CRYPTO_num_locks() -> c_int;
- pub fn CRYPTO_set_locking_callback(func: extern "C" fn(mode: c_int,
- n: c_int,
- file: *const c_char,
- line: c_int));
+ pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int,
+ n: c_int,
+ file: *const c_char,
+ line: c_int));
+ pub fn CRYPTO_set_id_callback(func: unsafe extern "C" fn() -> c_ulong);
pub fn CRYPTO_free(buf: *mut c_void);
pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void,
len: size_t) -> c_int;
@@ -465,25 +454,6 @@ extern "C" {
pub fn HMAC_CTX_init(ctx: *mut HMAC_CTX);
pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX);
- pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *const HMAC_CTX) -> c_int;
-
- // Pre-1.0 versions of these didn't return anything, so the shims bridge that gap
- #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Init_ex_shim")]
- pub fn HMAC_Init_ex(ctx: *mut HMAC_CTX, key: *const u8, keylen: c_int, md: *const EVP_MD, imple: *const ENGINE) -> c_int;
- #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Final_shim")]
- pub fn HMAC_Final(ctx: *mut HMAC_CTX, output: *mut u8, len: *mut c_uint) -> c_int;
- #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Update_shim")]
- pub fn HMAC_Update(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint) -> c_int;
-
- /// Deprecated - use the non "_shim" version
- #[cfg_attr(target_os = "nacl", link_name = "HMAC_Init_ex")]
- pub fn HMAC_Init_ex_shim(ctx: *mut HMAC_CTX, key: *const u8, keylen: c_int, md: *const EVP_MD, imple: *const ENGINE) -> c_int;
- /// Deprecated - use the non "_shim" version
- #[cfg_attr(target_os = "nacl", link_name = "HMAC_Final")]
- pub fn HMAC_Final_shim(ctx: *mut HMAC_CTX, output: *mut u8, len: *mut c_uint) -> c_int;
- /// Deprecated - use the non "_shim" version
- #[cfg_attr(target_os = "nacl", link_name = "HMAC_Update")]
- pub fn HMAC_Update_shim(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint) -> c_int;
pub fn PEM_read_bio_DHparams(bio: *mut BIO, out: *mut *mut DH, callback: Option<PasswordCallback>,
user_data: *mut c_void) -> *mut DH;
@@ -513,8 +483,13 @@ extern "C" {
pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int;
pub fn RSA_generate_key(modsz: c_int, e: c_ulong, cb: *const c_void, cbarg: *const c_void) -> *mut RSA;
+ pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *const c_void) -> c_int;
pub fn RSA_private_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA,
pad: c_int) -> c_int;
+ pub fn RSA_public_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA,
+ pad: c_int) -> c_int;
+ pub fn RSA_private_encrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA,
+ pad: c_int) -> c_int;
pub fn RSA_public_encrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA,
pad: c_int) -> c_int;
pub fn RSA_sign(t: c_int, m: *const u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint,
@@ -673,28 +648,6 @@ extern "C" {
pub fn d2i_RSA_PUBKEY(k: *const *mut RSA, buf: *const *const u8, len: c_uint) -> *mut RSA;
pub fn i2d_RSAPrivateKey(k: *mut RSA, buf: *const *mut u8) -> c_int;
pub fn d2i_RSAPrivateKey(k: *const *mut RSA, buf: *const *const u8, len: c_uint) -> *mut RSA;
-
- // These functions are defined in OpenSSL as macros, so we shim them
- #[link_name = "BIO_eof_shim"]
- pub fn BIO_eof(b: *mut BIO) -> c_int;
- #[link_name = "BIO_set_mem_eof_return_shim"]
- pub fn BIO_set_mem_eof_return(b: *mut BIO, v: c_int);
- pub fn SSL_CTX_set_options_shim(ctx: *mut SSL_CTX, options: c_long) -> c_long;
- pub fn SSL_CTX_get_options_shim(ctx: *mut SSL_CTX) -> c_long;
- pub fn SSL_CTX_clear_options_shim(ctx: *mut SSL_CTX, options: c_long) -> c_long;
- #[link_name = "SSL_CTX_add_extra_chain_cert_shim"]
- pub fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long;
- #[link_name = "SSL_CTX_set_read_ahead_shim"]
- pub fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long;
- #[cfg(feature = "ecdh_auto")]
- #[link_name = "SSL_CTX_set_ecdh_auto_shim"]
- pub fn SSL_CTX_set_ecdh_auto(ssl: *mut SSL_CTX, onoff: c_int) -> c_int;
- #[link_name = "SSL_set_tlsext_host_name_shim"]
- pub fn SSL_set_tlsext_host_name(s: *mut SSL, name: *const c_char) -> c_long;
- #[link_name = "SSL_CTX_set_tmp_dh_shim"]
- pub fn SSL_CTX_set_tmp_dh(s: *mut SSL, dh: *const DH) -> c_long;
- #[link_name = "X509_get_extensions_shim"]
- pub fn X509_get_extensions(x: *mut X509) -> *mut stack_st_X509_EXTENSION;
}
pub mod probe;
diff --git a/openssl-sys/src/openssl_shim.c b/openssl-sys/src/openssl_shim.c
deleted file mode 100644
index 8ebe23ac..00000000
--- a/openssl-sys/src/openssl_shim.c
+++ /dev/null
@@ -1,138 +0,0 @@
-#include <openssl/hmac.h>
-#include <openssl/ssl.h>
-#include <openssl/dh.h>
-#include <openssl/bn.h>
-
-#if defined(__APPLE__) || defined(__linux)
-
-#include<pthread.h>
-#include<openssl/crypto.h>
-
-unsigned long thread_id()
-{
- return (unsigned long) pthread_self();
-}
-
-void rust_openssl_set_id_callback() {
- CRYPTO_set_id_callback(thread_id);
-}
-
-#else
-// Openssl already handles Windows directly, so we don't
-// need to explicitly set it
-
-void rust_openssl_set_id_callback() {
- // We don't know how to set the callback for arbitrary OSes
- // Let openssl use its defaults and hope they work.
-}
-
-#endif
-
-
-#if OPENSSL_VERSION_NUMBER < 0x10000000L
-// Copied from openssl crypto/hmac/hmac.c
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
- {
- if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
- goto err;
- if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
- goto err;
- if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
- goto err;
- memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
- dctx->key_length = sctx->key_length;
- dctx->md = sctx->md;
- return 1;
- err:
- return 0;
- }
-
-int HMAC_Init_ex_shim(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) {
- HMAC_Init_ex(ctx, key, key_len, md, impl);
- return 1;
-}
-
-int HMAC_Update_shim(HMAC_CTX *ctx, const unsigned char *data, int len) {
- HMAC_Update(ctx, data, len);
- return 1;
-}
-
-int HMAC_Final_shim(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) {
- HMAC_Final(ctx, md, len);
- return 1;
-}
-
-#else
-
-int HMAC_Init_ex_shim(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) {
- return HMAC_Init_ex(ctx, key, key_len, md, impl);
-}
-
-int HMAC_Update_shim(HMAC_CTX *ctx, const unsigned char *data, int len) {
- return HMAC_Update(ctx, data, len);
-}
-
-int HMAC_Final_shim(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) {
- return HMAC_Final(ctx, md, len);
-}
-#endif
-
-// shims for OpenSSL macros
-
-int BIO_eof_shim(BIO *b) {
- return BIO_eof(b);
-}
-
-void BIO_set_mem_eof_return_shim(BIO *b, int v) {
- BIO_set_mem_eof_return(b, v);
-}
-
-long SSL_CTX_set_options_shim(SSL_CTX *ctx, long options) {
- return SSL_CTX_set_options(ctx, options);
-}
-
-long SSL_CTX_get_options_shim(SSL_CTX *ctx) {
- return SSL_CTX_get_options(ctx);
-}
-
-long SSL_CTX_clear_options_shim(SSL_CTX *ctx, long options) {
- return SSL_CTX_clear_options(ctx, options);
-}
-
-long SSL_CTX_add_extra_chain_cert_shim(SSL_CTX *ctx, X509 *x509) {
- return SSL_CTX_add_extra_chain_cert(ctx, x509);
-}
-
-long SSL_CTX_set_read_ahead_shim(SSL_CTX *ctx, long m) {
- return SSL_CTX_set_read_ahead(ctx, m);
-}
-
-long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) {
- return SSL_CTX_set_tmp_dh(ctx, dh);
-}
-
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
-int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) {
- return SSL_CTX_set_ecdh_auto(ctx, onoff);
-}
-#endif
-
-DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) {
- DH *dh;
-
- if ((dh = DH_new()) == NULL) {
- return NULL;
- }
- dh->p = p;
- dh->g = g;
- dh->q = q;
- return dh;
-}
-
-long SSL_set_tlsext_host_name_shim(SSL *s, char *name) {
- return SSL_set_tlsext_host_name(s, name);
-}
-
-STACK_OF(X509_EXTENSION) *X509_get_extensions_shim(X509 *x) {
- return x->cert_info ? x->cert_info->extensions : NULL;
-}
diff --git a/openssl-sys/src/ssl_options.rs b/openssl-sys/src/ssl_options.rs
deleted file mode 100644
index a1c778ac..00000000
--- a/openssl-sys/src/ssl_options.rs
+++ /dev/null
@@ -1,46 +0,0 @@
-import_options!{
-// The following values are directly from recent OpenSSL
-SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001
-SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002
-SSL_OP_LEGACY_SERVER_CONNECT 0x00000004
-SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008
-SSL_OP_TLSEXT_PADDING 0x00000010
-SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020
-SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040
-SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080
-SSL_OP_TLS_D5_BUG 0x00000100
-SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200
-// unused: 0x00000400
-SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800
-SSL_OP_NO_QUERY_MTU 0x00001000
-SSL_OP_COOKIE_EXCHANGE 0x00002000
-SSL_OP_NO_TICKET 0x00004000
-SSL_OP_CISCO_ANYCONNECT 0x00008000
-SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000
-SSL_OP_NO_COMPRESSION 0x00020000
-SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000
-SSL_OP_SINGLE_ECDH_USE 0x00080000
-SSL_OP_SINGLE_DH_USE 0x00100000
-// unused: 0x00200000
-SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000
-SSL_OP_TLS_ROLLBACK_BUG 0x00800000
-SSL_OP_NO_SSLv2 0x01000000
-SSL_OP_NO_SSLv3 0x02000000
-SSL_OP_NO_DTLSv1 0x04000000
-SSL_OP_NO_TLSv1 0x04000000
-SSL_OP_NO_DTLSv1_2 0x08000000
-SSL_OP_NO_TLSv1_2 0x08000000
-SSL_OP_NO_TLSv1_1 0x10000000
-SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000
-SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000
-SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000
-
-// The following values were in 32-bit range in old OpenSSL
-SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x100000000
-SSL_OP_MSIE_SSLV2_RSA_PADDING 0x200000000
-SSL_OP_PKCS1_CHECK_1 0x400000000
-SSL_OP_PKCS1_CHECK_2 0x800000000
-
-// The following values were redefined to 0 for security reasons
-SSL_OP_EPHEMERAL_RSA 0x0
-}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-12 00:39:33 +0000