aboutsummaryrefslogtreecommitdiff
path: root/openssl-sys
diff options
context:
space:
mode:
authorSteven Fackler <[email protected]>2017-12-26 14:20:51 -0700
committerSteven Fackler <[email protected]>2017-12-26 14:43:10 -0700
commit129b6b9d847692810cebee52bd7f059f19ead0d2 (patch)
tree17a8dfeae9970c73f2ce0cdc9470a9bb56f17b0e /openssl-sys
parentMerge pull request #800 from sfackler/connector-construction (diff)
downloadrust-openssl-129b6b9d847692810cebee52bd7f059f19ead0d2.tar.xz
rust-openssl-129b6b9d847692810cebee52bd7f059f19ead0d2.zip
Overhaul verify error type
Also set the error in the hostname verification callback for 1.0.1
Diffstat (limited to 'openssl-sys')
-rw-r--r--openssl-sys/src/lib.rs257
-rw-r--r--openssl-sys/src/ossl10x.rs234
-rw-r--r--openssl-sys/src/ossl110.rs10
3 files changed, 219 insertions, 282 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index e2f7c830..2040358a 100644
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -1,10 +1,10 @@
#![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)]
#![allow(dead_code, overflowing_literals)]
-#![doc(html_root_url="https://docs.rs/openssl-sys/0.9")]
+#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")]
extern crate libc;
-use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t, FILE};
+use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t, FILE};
use std::ptr;
use std::mem;
@@ -65,33 +65,21 @@ pub enum BN_BLINDING {}
pub enum DSA_METHOD {}
pub enum EVP_PKEY_ASN1_METHOD {}
-pub type bio_info_cb = Option<
- unsafe extern "C" fn(*mut BIO,
- c_int,
- *const c_char,
- c_int,
- c_long,
- c_long),
->;
-pub type GEN_SESSION_CB = Option<
- unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint)
- -> c_int,
->;
-pub type tls_session_ticket_ext_cb_fn = Option<
- unsafe extern "C" fn(*mut SSL,
- *const c_uchar,
- c_int,
- *mut c_void)
- -> c_int,
->;
+pub type bio_info_cb =
+ Option<unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long)>;
+pub type GEN_SESSION_CB =
+ Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
+pub type tls_session_ticket_ext_cb_fn =
+ Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
pub type tls_session_secret_cb_fn = Option<
- unsafe extern "C" fn(*mut SSL,
- *mut c_void,
- *mut c_int,
- *mut stack_st_SSL_CIPHER,
- *mut *mut SSL_CIPHER,
- *mut c_void)
- -> c_int,
+ unsafe extern "C" fn(
+ *mut SSL,
+ *mut c_void,
+ *mut c_int,
+ *mut stack_st_SSL_CIPHER,
+ *mut *mut SSL_CIPHER,
+ *mut c_void,
+ ) -> c_int,
>;
#[repr(C)]
@@ -167,31 +155,33 @@ pub type BN_ULONG = libc::c_ulonglong;
#[cfg(target_pointer_width = "32")]
pub type BN_ULONG = c_uint;
-pub type CRYPTO_EX_new = unsafe extern "C" fn(parent: *mut c_void,
- ptr: *mut c_void,
- ad: *const CRYPTO_EX_DATA,
- idx: c_int,
- argl: c_long,
- argp: *const c_void)
- -> c_int;
-pub type CRYPTO_EX_dup = unsafe extern "C" fn(to: *mut CRYPTO_EX_DATA,
- from: *mut CRYPTO_EX_DATA,
- from_d: *mut c_void,
- idx: c_int,
- argl: c_long,
- argp: *mut c_void)
- -> c_int;
-pub type CRYPTO_EX_free = unsafe extern "C" fn(parent: *mut c_void,
- ptr: *mut c_void,
- ad: *mut CRYPTO_EX_DATA,
- idx: c_int,
- argl: c_long,
- argp: *mut c_void);
-pub type PasswordCallback = unsafe extern "C" fn(buf: *mut c_char,
- size: c_int,
- rwflag: c_int,
- user_data: *mut c_void)
- -> c_int;
+pub type CRYPTO_EX_new = unsafe extern "C" fn(
+ parent: *mut c_void,
+ ptr: *mut c_void,
+ ad: *const CRYPTO_EX_DATA,
+ idx: c_int,
+ argl: c_long,
+ argp: *const c_void,
+) -> c_int;
+pub type CRYPTO_EX_dup = unsafe extern "C" fn(
+ to: *mut CRYPTO_EX_DATA,
+ from: *mut CRYPTO_EX_DATA,
+ from_d: *mut c_void,
+ idx: c_int,
+ argl: c_long,
+ argp: *mut c_void,
+) -> c_int;
+pub type CRYPTO_EX_free = unsafe extern "C" fn(
+ parent: *mut c_void,
+ ptr: *mut c_void,
+ ad: *mut CRYPTO_EX_DATA,
+ idx: c_int,
+ argl: c_long,
+ argp: *mut c_void,
+);
+pub type PasswordCallback =
+ unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void)
+ -> c_int;
pub type SHA_LONG = c_uint;
pub type SHA_LONG64 = u64;
@@ -1265,9 +1255,9 @@ pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: c_ulong = 0x00000040;
#[cfg(not(any(libressl, ossl110f)))]
pub const SSL_OP_ALL: c_ulong = 0x80000BFF;
#[cfg(ossl110f)]
-pub const SSL_OP_ALL: c_ulong = SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS |
- SSL_OP_LEGACY_SERVER_CONNECT | SSL_OP_TLSEXT_PADDING |
- SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
+pub const SSL_OP_ALL: c_ulong = SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+ | SSL_OP_LEGACY_SERVER_CONNECT | SSL_OP_TLSEXT_PADDING
+ | SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
pub const SSL_OP_NO_QUERY_MTU: c_ulong = 0x00001000;
pub const SSL_OP_COOKIE_EXCHANGE: c_ulong = 0x00002000;
pub const SSL_OP_NO_TICKET: c_ulong = 0x00004000;
@@ -1291,8 +1281,8 @@ pub const SSL_OP_NO_DTLSv1: c_ulong = 0x04000000;
#[cfg(not(any(ossl101, libressl)))]
pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000;
#[cfg(not(any(ossl101, libressl)))]
-pub const SSL_OP_NO_SSL_MASK: c_ulong = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
- SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
+pub const SSL_OP_NO_SSL_MASK: c_ulong =
+ SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
pub const TLSEXT_NAMETYPE_host_name: c_int = 0;
@@ -1313,60 +1303,82 @@ pub const V_ASN1_UTCTIME: c_int = 23;
pub const X509_FILETYPE_ASN1: c_int = 2;
pub const X509_FILETYPE_DEFAULT: c_int = 3;
pub const X509_FILETYPE_PEM: c_int = 1;
-pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31;
-pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30;
-pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50;
-pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22;
-pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10;
-pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9;
-pub const X509_V_ERR_CERT_REJECTED: c_int = 28;
-pub const X509_V_ERR_CERT_REVOKED: c_int = 23;
+
+pub const X509_V_OK: c_int = 0;
+pub const X509_V_ERR_UNSPECIFIED: c_int = 1;
+pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2;
+pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3;
+pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4;
+pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5;
+pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6;
pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7;
-pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27;
-pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12;
-pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11;
-pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54;
pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8;
-pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18;
-pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44;
-pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14;
+pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9;
+pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10;
+pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11;
+pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12;
pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13;
+pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14;
pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15;
pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16;
-pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48;
+pub const X509_V_ERR_OUT_OF_MEM: c_int = 17;
+pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18;
+pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19;
+pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20;
+pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21;
+pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22;
+pub const X509_V_ERR_CERT_REVOKED: c_int = 23;
pub const X509_V_ERR_INVALID_CA: c_int = 24;
-pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41;
-pub const X509_V_ERR_INVALID_NON_CA: c_int = 37;
-pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42;
+pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25;
pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26;
+pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27;
+pub const X509_V_ERR_CERT_REJECTED: c_int = 28;
+pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29;
+pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30;
+pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31;
pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32;
+pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33;
+pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34;
pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35;
+pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36;
+pub const X509_V_ERR_INVALID_NON_CA: c_int = 37;
+pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38;
pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39;
+pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40;
+pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41;
+pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42;
pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43;
-pub const X509_V_ERR_OUT_OF_MEM: c_int = 17;
-pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25;
+pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44;
+pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45;
+pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46;
pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47;
-pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40;
-pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38;
-pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19;
-pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29;
+pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48;
pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49;
-pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6;
-pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4;
-pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5;
-pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3;
-pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33;
-pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2;
-pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20;
-pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21;
-pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36;
-pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34;
-pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46;
-pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52;
+pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50;
pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51;
-pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45;
+pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52;
pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53;
-pub const X509_V_OK: c_int = 0;
+pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54;
+
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61;
+
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63;
+#[cfg(not(any(ossl101, libressl)))]
+pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64;
#[cfg(not(any(ossl101, libressl)))]
pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1;
@@ -2425,35 +2437,32 @@ extern "C" {
pub fn SSL_CTX_set_next_protos_advertised_cb(
ssl: *mut SSL_CTX,
- cb: extern "C" fn(ssl: *mut SSL,
- out: *mut *const c_uchar,
- outlen: *mut c_uint,
- arg: *mut c_void)
- -> c_int,
+ cb: extern "C" fn(
+ ssl: *mut SSL,
+ out: *mut *const c_uchar,
+ outlen: *mut c_uint,
+ arg: *mut c_void,
+ ) -> c_int,
arg: *mut c_void,
);
pub fn SSL_CTX_set_next_proto_select_cb(
ssl: *mut SSL_CTX,
- cb: extern "C" fn(ssl: *mut SSL,
- out: *mut *mut c_uchar,
- outlen: *mut c_uchar,
- inbuf: *const c_uchar,
- inlen: c_uint,
- arg: *mut c_void)
- -> c_int,
+ cb: extern "C" fn(
+ ssl: *mut SSL,
+ out: *mut *mut c_uchar,
+ outlen: *mut c_uchar,
+ inbuf: *const c_uchar,
+ inlen: c_uint,
+ arg: *mut c_void,
+ ) -> c_int,
arg: *mut c_void,
);
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
pub fn SSL_CTX_set_psk_client_callback(
ssl: *mut SSL_CTX,
psk_client_cb: Option<
- extern "C" fn(*mut SSL,
- *const c_char,
- *mut c_char,
- c_uint,
- *mut c_uchar,
- c_uint)
- -> c_uint,
+ extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint)
+ -> c_uint,
>,
);
pub fn SSL_select_next_proto(
@@ -2488,13 +2497,14 @@ extern "C" {
#[cfg(not(ossl101))]
pub fn SSL_CTX_set_alpn_select_cb(
ssl: *mut SSL_CTX,
- cb: extern "C" fn(ssl: *mut SSL,
- out: *mut *const c_uchar,
- outlen: *mut c_uchar,
- inbuf: *const c_uchar,
- inlen: c_uint,
- arg: *mut c_void)
- -> c_int,
+ cb: extern "C" fn(
+ ssl: *mut SSL,
+ out: *mut *const c_uchar,
+ outlen: *mut c_uchar,
+ inbuf: *const c_uchar,
+ inlen: c_uint,
+ arg: *mut c_void,
+ ) -> c_int,
arg: *mut c_void,
);
#[cfg(not(ossl101))]
@@ -2556,6 +2566,7 @@ extern "C" {
pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX);
pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509;
pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;
+ pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int);
pub fn X509_STORE_CTX_get_ex_data(ctx: *mut X509_STORE_CTX, idx: c_int) -> *mut c_void;
pub fn X509_STORE_CTX_get_error_depth(ctx: *mut X509_STORE_CTX) -> c_int;
diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs
index b5adb828..8bf5e35b 100644
--- a/openssl-sys/src/ossl10x.rs
+++ b/openssl-sys/src/ossl10x.rs
@@ -5,7 +5,7 @@ use std::ptr;
use std::process;
use std::io::{self, Write};
-use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong};
+use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t};
#[cfg(not(ossl101))]
use libc::time_t;
@@ -144,13 +144,7 @@ pub struct EVP_PKEY {
pub struct BIO {
pub method: *mut ::BIO_METHOD,
pub callback: Option<
- unsafe extern "C" fn(*mut ::BIO,
- c_int,
- *const c_char,
- c_int,
- c_long,
- c_long)
- -> c_long,
+ unsafe extern "C" fn(*mut ::BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long,
>,
pub cb_arg: *mut c_char,
pub init: c_int,
@@ -191,18 +185,10 @@ pub struct EVP_CIPHER {
pub iv_len: c_int,
pub flags: c_ulong,
pub init: Option<
- unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
- *const c_uchar,
- *const c_uchar,
- c_int)
- -> c_int,
+ unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int,
>,
pub do_cipher: Option<
- unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX,
- *mut c_uchar,
- *const c_uchar,
- size_t)
- -> c_int,
+ unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int,
>,
pub cleanup: Option<unsafe extern "C" fn(*mut ::EVP_CIPHER_CTX) -> c_int>,
pub ctx_size: c_int,
@@ -277,12 +263,9 @@ pub struct X509 {
crldp: *mut c_void,
altname: *mut c_void,
nc: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))]
- rfc3779_addr: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))]
- rfc3779_asid: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_SHA"))]
- sha1_hash: [c_uchar; 20],
+ #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] rfc3779_addr: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] rfc3779_asid: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] sha1_hash: [c_uchar; 20],
aux: *mut c_void,
}
@@ -365,13 +348,7 @@ pub struct SSL {
d1: *mut c_void,
read_ahead: c_int,
msg_callback: Option<
- unsafe extern "C" fn(c_int,
- c_int,
- c_int,
- *const c_void,
- size_t,
- *mut SSL,
- *mut c_void),
+ unsafe extern "C" fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void),
>,
msg_callback_arg: *mut c_void,
hit: c_int,
@@ -395,17 +372,11 @@ pub struct SSL {
info_callback: Option<unsafe extern "C" fn(*mut SSL, c_int, c_int)>,
error: c_int,
error_code: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
- kssl_ctx: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] kssl_ctx: *mut c_void,
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
psk_client_callback: Option<
- unsafe extern "C" fn(*mut SSL,
- *const c_char,
- *mut c_char,
- c_uint,
- *mut c_uchar,
- c_uint)
- -> c_uint,
+ unsafe extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint)
+ -> c_uint,
>,
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
psk_server_callback:
@@ -425,26 +396,16 @@ pub struct SSL {
#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
tlsext_debug_cb:
Option<unsafe extern "C" fn(*mut SSL, c_int, c_int, *mut c_uchar, c_int, *mut c_void)>,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_debug_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_hostname: *mut c_char,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- servername_done: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_status_type: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_status_expected: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ocsp_ids: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ocsp_exts: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ocsp_resp: *mut c_uchar,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ocsp_resplen: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ticket_expected: c_int,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_debug_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_hostname: *mut c_char,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] servername_done: c_int,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_type: c_int,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_expected: c_int,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ocsp_ids: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ocsp_exts: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ocsp_resp: *mut c_uchar,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ocsp_resplen: c_int,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ticket_expected: c_int,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
tlsext_ecpointformatlist_length: size_t,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
@@ -453,43 +414,28 @@ pub struct SSL {
tlsext_ellipticcurvelist_length: size_t,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
tlsext_ellipticcurvelist: *mut c_uchar,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_opaque_prf_input: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_opaque_prf_input_len: size_t,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_session_ticket: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input_len: size_t,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_session_ticket: *mut c_void,
#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tls_session_ticket_ext_cb_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tls_session_secret_cb: ::tls_session_secret_cb_fn,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tls_session_secret_cb_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- initial_ctx: *mut ::SSL_CTX,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tls_session_ticket_ext_cb_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tls_session_secret_cb: ::tls_session_secret_cb_fn,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tls_session_secret_cb_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] initial_ctx: *mut ::SSL_CTX,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))]
next_proto_negotiated: *mut c_uchar,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))]
next_proto_negotiated_len: c_uchar,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- srtp_profiles: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- srtp_profile: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_heartbeat: c_uint,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_hb_pending: c_uint,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_hb_seq: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] srtp_profiles: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] srtp_profile: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_heartbeat: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_hb_pending: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_hb_seq: c_uint,
renegotiate: c_int,
- #[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
- srp_ctx: ::SRP_CTX,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_client_proto_list: *mut c_uchar,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_client_proto_list_len: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] srp_ctx: ::SRP_CTX,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_client_proto_list: *mut c_uchar,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_client_proto_list_len: c_uint,
}
#[repr(C)]
@@ -540,46 +486,28 @@ pub struct SSL_CTX {
quiet_shutdown: c_int,
max_send_fragment: c_uint,
- #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))]
- client_cert_engine: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] client_cert_engine: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_servername_callback: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsect_servername_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_tick_key_name: [c_uchar; 16],
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_tick_hmac_key: [c_uchar; 16],
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_tick_aes_key: [c_uchar; 16],
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ticket_key_cb: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_status_cb: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_status_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_opaque_prf_input_callback: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_opaque_prf_input_callback_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_servername_callback: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsect_servername_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_key_name: [c_uchar; 16],
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_hmac_key: [c_uchar; 16],
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_aes_key: [c_uchar; 16],
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ticket_key_cb: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_cb: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_arg: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input_callback: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input_callback_arg: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
- psk_identity_hint: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
- psk_client_callback: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
- psk_server_callback: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_identity_hint: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_client_callback: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_server_callback: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))]
- freelist_max_len: c_uint,
- #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))]
- wbuf_freelist: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))]
- rbuf_freelist: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] freelist_max_len: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] wbuf_freelist: *mut c_void,
+ #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] rbuf_freelist: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
- srp_ctx: SRP_CTX,
+ #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] srp_ctx: SRP_CTX,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))]
next_protos_advertised_cb: *mut c_void,
@@ -590,19 +518,13 @@ pub struct SSL_CTX {
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))]
next_proto_select_cb_arg: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))]
- srtp_profiles: *mut c_void,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] srtp_profiles: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- srtp_profiles: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_select_cb: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_select_cb_arg: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_client_proto_list: *mut c_void,
- #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))]
- alpn_client_proto_list_len: c_uint,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] srtp_profiles: *mut c_void,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_select_cb: *mut c_void,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_select_cb_arg: *mut c_void,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_client_proto_list: *mut c_void,
+ #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] alpn_client_proto_list_len: c_uint,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))]
tlsext_ecpointformatlist_length: size_t,
@@ -625,14 +547,11 @@ pub struct SSL_SESSION {
session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
sid_ctx_length: c_uint,
sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
- #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
- krb5_client_princ_len: c_uint,
+ #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] krb5_client_princ_len: c_uint,
#[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize],
- #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
- psk_identity_hint: *mut c_char,
- #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
- psk_identity: *mut c_char,
+ #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_identity_hint: *mut c_char,
+ #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_identity: *mut c_char,
not_resumable: c_int,
sess_cert: *mut c_void,
peer: *mut X509,
@@ -647,8 +566,7 @@ pub struct SSL_SESSION {
ex_data: ::CRYPTO_EX_DATA,
prev: *mut c_void,
next: *mut c_void,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_hostname: *mut c_char,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_hostname: *mut c_char,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
tlsext_ecpointformatlist_length: size_t,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
@@ -657,14 +575,10 @@ pub struct SSL_SESSION {
tlsext_ellipticcurvelist_length: size_t,
#[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))]
tlsext_ellipticcurvelist: *mut c_uchar,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_tick: *mut c_uchar,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_ticklen: size_t,
- #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
- tlsext_tick_lifetime_hint: c_long,
- #[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
- srp_username: *mut c_char,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick: *mut c_uchar,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ticklen: size_t,
+ #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_lifetime_hint: c_long,
+ #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] srp_username: *mut c_char,
}
#[repr(C)]
@@ -738,9 +652,13 @@ pub const CRYPTO_LOCK_X509: c_int = 3;
pub const CRYPTO_LOCK_SSL_CTX: c_int = 12;
pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
+pub const X509_V_ERR_INVALID_CALL: c_int = 65;
+pub const X509_V_ERR_STORE_LOOKUP: c_int = 66;
+pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67;
+
static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
-static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = 0 as
- *mut Vec<Option<MutexGuard<'static, ()>>>;
+static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> =
+ 0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
unsafe extern "C" fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) {
let mutex = &(*MUTEXES)[n as usize];
@@ -896,7 +814,7 @@ extern "C" {
pub fn SSL_set_tmp_ecdh_callback(
ssl: *mut ::SSL,
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
- -> *mut ::EC_KEY,
+ -> *mut ::EC_KEY,
);
pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *mut c_char;
pub fn SSL_CTX_get_ex_new_index(
@@ -909,7 +827,7 @@ extern "C" {
pub fn SSL_CTX_set_tmp_ecdh_callback(
ctx: *mut ::SSL_CTX,
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int)
- -> *mut ::EC_KEY,
+ -> *mut ::EC_KEY,
);
pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME;
pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs
index fabfb2b6..8b862443 100644
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@@ -1,4 +1,4 @@
-use libc::{c_int, c_void, c_char, c_uchar, c_ulong, c_long, c_uint, size_t};
+use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t};
use std::sync::{Once, ONCE_INIT};
use std::ptr;
@@ -55,6 +55,14 @@ pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1;
pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000;
+pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65;
+pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66;
+pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67;
+pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68;
+pub const X509_V_ERR_INVALID_CALL: c_int = 69;
+pub const X509_V_ERR_STORE_LOOKUP: c_int = 70;
+pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71;
+
pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20;
pub fn init() {
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-13 12:09:56 +0000