diff options
| author | Steven Fackler <[email protected]> | 2018-08-19 18:50:11 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2018-08-19 18:50:11 -0700 |
| commit | ef7721092dbf1e8b8572a0d9f081b2e7eed36960 (patch) | |
| tree | f2ba96394bb573c5f9559ad66942159b7b109f8f /openssl/src/ssl/mod.rs | |
| parent | Merge pull request #975 from eun-ice/master (diff) | |
| download | rust-openssl-ef7721092dbf1e8b8572a0d9f081b2e7eed36960.tar.xz rust-openssl-ef7721092dbf1e8b8572a0d9f081b2e7eed36960.zip | |
SRTP cleanup
Diffstat (limited to 'openssl/src/ssl/mod.rs')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 29 |
1 files changed, 6 insertions, 23 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index c6305dcd..99cf620d 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -98,7 +98,7 @@ use x509::store::X509Store; use x509::store::{X509StoreBuilderRef, X509StoreRef}; #[cfg(any(ossl102, libressl261))] use x509::verify::X509VerifyParamRef; -use x509::{X509, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult}; +use x509::{X509Name, X509Ref, X509StoreContextRef, X509VerifyResult, X509}; use {cvt, cvt_n, cvt_p, init}; pub use ssl::connector::{ @@ -652,6 +652,7 @@ impl SslContextBuilder { /// This corresponds to [`SSL_CTX_set_tlsext_servername_callback`]. /// /// [`SSL_CTX_set_tlsext_servername_callback`]: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_tlsext_servername_callback.html + // FIXME tlsext prefix? pub fn set_servername_callback<F>(&mut self, callback: F) where F: Fn(&mut SslRef, &mut SslAlert) -> Result<(), SniError> + 'static + Sync + Send, @@ -1166,10 +1167,7 @@ impl SslContextBuilder { unsafe { let cstr = CString::new(protocols).unwrap(); - let r = ffi::SSL_CTX_set_tlsext_use_srtp( - self.as_ptr(), - cstr.as_ptr(), - ); + let r = ffi::SSL_CTX_set_tlsext_use_srtp(self.as_ptr(), cstr.as_ptr()); // fun fact, set_tlsext_use_srtp has a reversed return code D: if r == 0 { Ok(()) @@ -2478,7 +2476,6 @@ impl SslRef { } } - /// Enables the DTLS extension "use_srtp" as defined in RFC5764. /// /// This corresponds to [`SSL_set_tlsext_use_srtp`]. @@ -2488,10 +2485,7 @@ impl SslRef { unsafe { let cstr = CString::new(protocols).unwrap(); - let r = ffi::SSL_set_tlsext_use_srtp( - self.as_ptr(), - cstr.as_ptr(), - ); + let r = ffi::SSL_set_tlsext_use_srtp(self.as_ptr(), cstr.as_ptr()); // fun fact, set_tlsext_use_srtp has a reversed return code D: if r == 0 { Ok(()) @@ -2508,7 +2502,7 @@ impl SslRef { /// This corresponds to [`SSL_get_srtp_profiles`]. /// /// [`SSL_get_srtp_profiles`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_tlsext_use_srtp.html - pub fn get_srtp_profiles(&self) -> Option<&StackRef<SrtpProtectionProfile>> { + pub fn srtp_profiles(&self) -> Option<&StackRef<SrtpProtectionProfile>> { unsafe { let chain = ffi::SSL_get_srtp_profiles(self.as_ptr()); @@ -2519,6 +2513,7 @@ impl SslRef { } } } + /// Gets the SRTP profile selected by handshake. /// /// DTLS extension "use_srtp" as defined in RFC5764 has to be enabled. @@ -2538,18 +2533,6 @@ impl SslRef { } } - /// Derives keying material for SRTP usage. - /// - /// DTLS extension "use_srtp" as defined in RFC5764 has to be enabled. - /// - /// This corresponds to [`SSL_export_keying_material`] with a label of "EXTRACTOR-dtls_srtp". - /// - /// [`SSL_export_keying_material`]: https://www.openssl.org/docs/manmaster/man3/SSL_export_keying_material.html - /// [`SSL_CTX_set_tlsext_use_srtp`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_tlsext_use_srtp.html - pub fn export_srtp_keying_material(&self, out: &mut [u8]) -> Result<(), ErrorStack> { - self.export_keying_material(out, "EXTRACTOR-dtls_srtp", None) - } - /// Returns the number of bytes remaining in the currently processed TLS record. /// /// If this is greater than 0, the next call to `read` will not call down to the underlying |