Add min/max protocol version support

author: Steven Fackler <[email protected]> 2018-02-25 23:04:54 -0800
committer: Steven Fackler <[email protected]> 2018-02-25 23:20:10 -0800
commit: b7ba5773396fb4ba7fb1ff5d770b5b2632adc471 (patch)
tree: 49bb99da6ca79f3f9973c2ff2f373157dbc9e8a4 /openssl-sys/src
parent: Restore error stack in cookie callback (diff)
download: rust-openssl-b7ba5773396fb4ba7fb1ff5d770b5b2632adc471.tar.xz
rust-openssl-b7ba5773396fb4ba7fb1ff5d770b5b2632adc471.zip
2 files changed, 63 insertions, 11 deletions
diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs
index 6eb18a2f..b02c296d 100644
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@@ -33,9 +33,10 @@ pub enum X509_ALGOR {}
 pub enum X509_VERIFY_PARAM {}
 pub enum X509_REQ {}
 
-#[cfg(ossl111)]
-pub type SSL_CTX_keylog_cb_func =
-    Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
+pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123;
+pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124;
+pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130;
+pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131;
 
 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000;
 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000;
@@ -48,9 +49,6 @@ pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00000000;
 pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00000000;
 pub const SSL_OP_NO_SSLv2: c_ulong = 0x00000000;
 
-#[cfg(ossl111)]
-pub const TLS1_3_VERSION: c_int = 0x304;
-
 pub const OPENSSL_VERSION: c_int = 0;
 pub const OPENSSL_CFLAGS: c_int = 1;
 pub const OPENSSL_BUILT_ON: c_int = 2;
@@ -81,6 +79,58 @@ pub fn init() {
     })
 }
 
+pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut ::SSL_CTX, version: c_int) -> c_int {
+    ::SSL_CTX_ctrl(
+        ctx,
+        SSL_CTRL_SET_MIN_PROTO_VERSION,
+        version as c_long,
+        ptr::null_mut(),
+    ) as c_int
+}
+
+pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut ::SSL_CTX, version: c_int) -> c_int {
+    ::SSL_CTX_ctrl(
+        ctx,
+        SSL_CTRL_SET_MAX_PROTO_VERSION,
+        version as c_long,
+        ptr::null_mut(),
+    ) as c_int
+}
+
+pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut ::SSL_CTX) -> c_int {
+    ::SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
+}
+
+pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut ::SSL_CTX) -> c_int {
+    ::SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
+}
+
+pub unsafe fn SSL_set_min_proto_version(s: *mut ::SSL, version: c_int) -> c_int {
+    ::SSL_ctrl(
+        s,
+        SSL_CTRL_SET_MIN_PROTO_VERSION,
+        version as c_long,
+        ptr::null_mut(),
+    ) as c_int
+}
+
+pub unsafe fn SSL_set_max_proto_version(s: *mut ::SSL, version: c_int) -> c_int {
+    ::SSL_ctrl(
+        s,
+        SSL_CTRL_SET_MAX_PROTO_VERSION,
+        version as c_long,
+        ptr::null_mut(),
+    ) as c_int
+}
+
+pub unsafe fn SSL_get_min_proto_version(s: *mut ::SSL) -> c_int {
+    ::SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
+}
+
+pub unsafe fn SSL_get_max_proto_version(s: *mut ::SSL) -> c_int {
+    ::SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
+}
+
 extern "C" {
     pub fn BIO_new(type_: *const BIO_METHOD) -> *mut BIO;
     pub fn BIO_s_file() -> *const BIO_METHOD;
@@ -221,8 +271,6 @@ extern "C" {
     );
     pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
     pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
-    #[cfg(ossl111)]
-    pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func);
     pub fn X509_getm_notAfter(x: *const ::X509) -> *mut ::ASN1_TIME;
     pub fn X509_getm_notBefore(x: *const ::X509) -> *mut ::ASN1_TIME;
     pub fn X509_get0_signature(
diff --git a/openssl-sys/src/ossl111.rs b/openssl-sys/src/ossl111.rs
index c22d506c..27bc4b54 100644
--- a/openssl-sys/src/ossl111.rs
+++ b/openssl-sys/src/ossl111.rs
@@ -1,11 +1,15 @@
-use libc::{c_int, c_ulong};
+use libc::{c_char, c_int, c_ulong};
 
-use ossl110::*;
+pub type SSL_CTX_keylog_cb_func =
+    Option<unsafe extern "C" fn(ssl: *const ::SSL, line: *const c_char)>;
 
 pub const SSL_COOKIE_LENGTH: c_int = 255;
 
 pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000;
 
+pub const TLS1_3_VERSION: c_int = 0x304;
+
 extern "C" {
-    pub fn SSL_stateless(s: *mut SSL) -> c_int;
+    pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func);
+    pub fn SSL_stateless(s: *mut ::SSL) -> c_int;
 }
author	Steven Fackler <[email protected]>	2018-02-25 23:04:54 -0800
committer	Steven Fackler <[email protected]>	2018-02-25 23:20:10 -0800
commit	b7ba5773396fb4ba7fb1ff5d770b5b2632adc471 (patch)
tree	49bb99da6ca79f3f9973c2ff2f373157dbc9e8a4 /openssl-sys/src
parent	Restore error stack in cookie callback (diff)
download	rust-openssl-b7ba5773396fb4ba7fb1ff5d770b5b2632adc471.tar.xz rust-openssl-b7ba5773396fb4ba7fb1ff5d770b5b2632adc471.zip