diff options
| author | Steven Fackler <[email protected]> | 2016-10-14 19:07:33 -0700 |
|---|---|---|
| committer | GitHub <[email protected]> | 2016-10-14 19:07:33 -0700 |
| commit | ed076de2ca00e678a9586c8021b86a2bbe1bff0f (patch) | |
| tree | 7aa7dd167c34fe0c3356e3231c358c4facdf392a /openssl-sys/src | |
| parent | Merge pull request #468 from sfackler/no-link-name (diff) | |
| parent | Enable hostname verification on 1.0.2 (diff) | |
| download | rust-openssl-ed076de2ca00e678a9586c8021b86a2bbe1bff0f.tar.xz rust-openssl-ed076de2ca00e678a9586c8021b86a2bbe1bff0f.zip | |
Merge pull request #469 from sfackler/hostname
Support hostname verification
Diffstat (limited to 'openssl-sys/src')
| -rw-r--r-- | openssl-sys/src/lib.rs | 24 | ||||
| -rw-r--r-- | openssl-sys/src/ossl10x.rs | 24 | ||||
| -rw-r--r-- | openssl-sys/src/ossl110.rs | 35 |
3 files changed, 64 insertions, 19 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index de201332..300ed056 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -252,6 +252,17 @@ pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; pub const X509_V_OK: c_int = 0; +#[cfg(not(ossl101))] +pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; +#[cfg(not(ossl101))] +pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; +#[cfg(not(ossl101))] +pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; +#[cfg(not(ossl101))] +pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; +#[cfg(not(ossl101))] +pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; + pub const GEN_OTHERNAME: c_int = 0; pub const GEN_EMAIL: c_int = 1; pub const GEN_DNS: c_int = 2; @@ -587,13 +598,13 @@ extern { verify_callback: Option<extern fn(c_int, *mut X509_STORE_CTX) -> c_int>); pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int; pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void; - pub fn SSL_get_servername(ssl: *const SSL, name_type: c_int) -> *const c_char; + pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; + #[cfg(not(ossl101))] + pub fn SSL_get0_param(ssl: *mut ::SSL) -> *mut X509_VERIFY_PARAM; pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; - pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; - pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; pub fn SSL_CIPHER_description(cipher: *const SSL_CIPHER, buf: *mut c_char, size: c_int) -> *mut c_char; @@ -693,6 +704,13 @@ extern { pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION) -> c_int; pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + #[cfg(not(ossl101))] + pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); + #[cfg(not(ossl101))] + pub fn X509_VERIFY_PARAM_set1_host(param: *mut X509_VERIFY_PARAM, + name: *const c_char, + namelen: size_t) -> c_int; + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; pub fn i2d_X509_bio(b: *mut BIO, x: *mut X509) -> c_int; pub fn i2d_X509_REQ_bio(b: *mut BIO, x: *mut X509_REQ) -> c_int; diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 70514cc8..86451a0c 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -2,7 +2,12 @@ use std::sync::{Mutex, MutexGuard}; use std::sync::{Once, ONCE_INIT}; use std::mem; -use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t}; + +#[repr(C)] +pub struct stack_st_ASN1_OBJECT { + pub stack: _STACK, +} #[repr(C)] pub struct stack_st_X509 { @@ -425,6 +430,23 @@ pub struct SRP_CTX { srp_Mask: c_ulong, } +#[repr(C)] +#[cfg(not(ossl101))] +pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + pub id: *mut X509_VERIFY_PARAM_ID, +} + +#[cfg(not(ossl101))] +pub enum X509_VERIFY_PARAM_ID {} + pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; #[cfg(ossl102)] diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 5fee4045..1a7c9e00 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -1,25 +1,28 @@ -use libc::{c_int, c_void, c_char, c_uchar, c_ulong, c_long}; +use libc::{c_int, c_void, c_char, c_uchar, c_ulong, c_long, c_uint}; -pub enum stack_st_X509 {} -pub enum stack_st_X509_ATTRIBUTE {} -pub enum stack_st_X509_EXTENSION {} -pub enum stack_st_GENERAL_NAME {} -pub enum stack_st_void {} -pub enum _STACK {} -pub enum BIO_METHOD {} -pub enum RSA {} -pub enum DSA {} -pub enum EVP_PKEY {} +pub enum BIGNUM {} pub enum BIO {} +pub enum BIO_METHOD {} pub enum CRYPTO_EX_DATA {} -pub enum EVP_MD_CTX {} +pub enum DH {} +pub enum DSA {} pub enum EVP_CIPHER {} +pub enum EVP_MD_CTX {} +pub enum EVP_PKEY {} pub enum HMAC_CTX {} -pub enum BIGNUM {} pub enum OPENSSL_STACK {} -pub enum DH {} -pub enum X509 {} +pub enum RSA {} pub enum SSL_CTX {} +pub enum _STACK {} +pub enum stack_st_ASN1_OBJECT {} +pub enum stack_st_GENERAL_NAME {} +pub enum stack_st_OPENSSL_STRING {} +pub enum stack_st_void {} +pub enum stack_st_X509 {} +pub enum stack_st_X509_ATTRIBUTE {} +pub enum stack_st_X509_EXTENSION {} +pub enum X509 {} +pub enum X509_VERIFY_PARAM {} pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000; pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000; @@ -41,6 +44,8 @@ pub const OPENSSL_DIR: c_int = 4; pub const CRYPTO_EX_INDEX_SSL: c_int = 0; pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1; +pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; + pub fn init() {} extern { |