Merge branch 'release-v0.7.5' into releasev0.7.5

author: Steven Fackler <[email protected]> 2016-01-22 15:57:24 -0800
committer: Steven Fackler <[email protected]> 2016-01-22 15:57:24 -0800
commit: 1417ebdd6efdad271026152da63eb0f442fb1c5e (patch)
tree: 7b480e4ddd427ee67cc912452c78fb087808eace /openssl/src/ssl/mod.rs
parent: Merge branch 'release-v0.7.4' into release (diff)
parent: Release v0.7.5 (diff)
download: rust-openssl-0.7.5.tar.xz
rust-openssl-0.7.5.zip
1 files changed, 60 insertions, 25 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 955f10fd..8e6d061d 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -26,8 +26,7 @@ use std::os::windows::io::{AsRawSocket, RawSocket};
 use ffi;
 use ffi_extras;
 use dh::DH;
-use ssl::error::{NonblockingSslError, SslError, StreamError, OpenSslErrors, OpenSslError,
-                 OpensslError};
+use ssl::error::{NonblockingSslError, SslError, OpenSslError, OpensslError};
 use x509::{X509StoreContext, X509FileType, X509};
 use crypto::pkey::PKey;
 
@@ -482,6 +481,8 @@ fn wrap_ssl_result(res: c_int) -> Result<(), SslError> {
 }
 
 /// An SSL context object
+///
+/// Internally ref-counted, use `.clone()` in the same way as Rc and Arc.
 pub struct SslContext {
     ctx: *mut ffi::SSL_CTX,
 }
@@ -489,6 +490,12 @@ pub struct SslContext {
 unsafe impl Send for SslContext {}
 unsafe impl Sync for SslContext {}
 
+impl Clone for SslContext {
+    fn clone(&self) -> Self {
+        unsafe { SslContext::new_ref(self.ctx) }
+    }
+}
+
 // TODO: add useful info here
 impl fmt::Debug for SslContext {
     fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
@@ -503,6 +510,12 @@ impl Drop for SslContext {
 }
 
 impl SslContext {
+    // Create a new SslContext given an existing ref, and incriment ref-count appropriately.
+    unsafe fn new_ref(ctx: *mut ffi::SSL_CTX) -> SslContext {
+        rust_SSL_CTX_clone(ctx);
+        SslContext { ctx: ctx }
+    }
+
     /// Creates a new SSL context.
     pub fn new(method: SslMethod) -> Result<SslContext, SslError> {
         init();
@@ -956,16 +969,27 @@ impl Ssl {
     }
 
     /// change the context corresponding to the current connection
+    ///
+    /// Returns a clone of the SslContext @ctx (ie: the new context). The old context is freed.
     pub fn set_ssl_context(&self, ctx: &SslContext) -> SslContext {
-        SslContext { ctx: unsafe { ffi::SSL_set_SSL_CTX(self.ssl, ctx.ctx) } }
+        // If duplication of @ctx's cert fails, this returns NULL. This _appears_ to only occur on
+        // allocation failures (meaning panicing is probably appropriate), but it might be nice to
+        // propogate the error.
+        assert!(unsafe { ffi::SSL_set_SSL_CTX(self.ssl, ctx.ctx) } != ptr::null_mut());
+
+        // FIXME: we return this reference here for compatibility, but it isn't actually required.
+        // This should be removed when a api-incompatabile version is to be released.
+        //
+        // ffi:SSL_set_SSL_CTX() returns copy of the ctx pointer passed to it, so it's easier for
+        // us to do the clone directly.
+        ctx.clone()
     }
 
     /// obtain the context corresponding to the current connection
     pub fn get_ssl_context(&self) -> SslContext {
         unsafe {
             let ssl_ctx = ffi::SSL_get_SSL_CTX(self.ssl);
-            rust_SSL_CTX_clone(ssl_ctx);
-            SslContext { ctx: ssl_ctx }
+            SslContext::new_ref(ssl_ctx)
         }
     }
 }
@@ -1070,10 +1094,9 @@ impl<S: Read + Write> SslStream<S> {
         if ret > 0 {
             Ok(stream)
         } else {
-            match stream.make_error(ret) {
-                // This is fine - nonblocking sockets will finish the handshake in read/write
-                Error::WantRead(..) | Error::WantWrite(..) => Ok(stream),
-                _ => Err(stream.make_old_error(ret)),
+            match stream.make_old_error(ret) {
+                Some(err) => Err(err),
+                None => Ok(stream),
             }
         }
     }
@@ -1086,10 +1109,9 @@ impl<S: Read + Write> SslStream<S> {
         if ret > 0 {
             Ok(stream)
         } else {
-            match stream.make_error(ret) {
-                // This is fine - nonblocking sockets will finish the handshake in read/write
-                Error::WantRead(..) | Error::WantWrite(..) => Ok(stream),
-                _ => Err(stream.make_old_error(ret)),
+            match stream.make_old_error(ret) {
+                Some(err) => Err(err),
+                None => Ok(stream),
             }
         }
     }
@@ -1137,6 +1159,8 @@ impl<S: Read + Write> SslStream<S> {
 
 impl<S> SslStream<S> {
     fn make_error(&mut self, ret: c_int) -> Error {
+        self.check_panic();
+
         match self.ssl.get_error(ret) {
             LibSslError::ErrorSsl => Error::Ssl(OpenSslError::get_stack()),
             LibSslError::ErrorSyscall => {
@@ -1162,9 +1186,11 @@ impl<S> SslStream<S> {
         }
     }
 
-    fn make_old_error(&mut self, ret: c_int) -> SslError {
+    fn make_old_error(&mut self, ret: c_int) -> Option<SslError> {
+        self.check_panic();
+
         match self.ssl.get_error(ret) {
-            LibSslError::ErrorSsl => SslError::get(),
+            LibSslError::ErrorSsl => Some(SslError::get()),
             LibSslError::ErrorSyscall => {
                 let err = SslError::get();
                 let count = match err {
@@ -1173,26 +1199,35 @@ impl<S> SslStream<S> {
                 };
                 if count == 0 {
                     if ret == 0 {
-                        SslError::StreamError(io::Error::new(io::ErrorKind::ConnectionAborted,
-                                                             "unexpected EOF observed"))
+                        Some(SslError::StreamError(io::Error::new(io::ErrorKind::ConnectionAborted,
+                                                                  "unexpected EOF observed")))
                     } else {
-                        SslError::StreamError(self.get_bio_error())
+                        Some(SslError::StreamError(self.get_bio_error()))
                     }
                 } else {
-                    err
+                    Some(err)
                 }
             }
-            LibSslError::ErrorZeroReturn => SslError::SslSessionClosed,
-            LibSslError::ErrorWantWrite | LibSslError::ErrorWantRead => {
-                SslError::StreamError(self.get_bio_error())
-            }
+            LibSslError::ErrorZeroReturn => Some(SslError::SslSessionClosed),
+            LibSslError::ErrorWantWrite | LibSslError::ErrorWantRead => None,
             err => {
-                SslError::StreamError(io::Error::new(io::ErrorKind::Other,
-                                                     format!("unexpected error {:?}", err)))
+                Some(SslError::StreamError(io::Error::new(io::ErrorKind::Other,
+                                                          format!("unexpected error {:?}", err))))
             }
         }
     }
 
+    #[cfg(feature = "nightly")]
+    fn check_panic(&mut self) {
+        if let Some(err) = unsafe { bio::take_panic::<S>(self.ssl.get_raw_rbio()) } {
+            ::std::panic::propagate(err)
+        }
+    }
+
+    #[cfg(not(feature = "nightly"))]
+    fn check_panic(&mut self) {
+    }
+
     fn get_bio_error(&mut self) -> io::Error {
         let error = unsafe { bio::take_error::<S>(self.ssl.get_raw_rbio()) };
         match error {
author	Steven Fackler <[email protected]>	2016-01-22 15:57:24 -0800
committer	Steven Fackler <[email protected]>	2016-01-22 15:57:24 -0800
commit	1417ebdd6efdad271026152da63eb0f442fb1c5e (patch)
tree	7b480e4ddd427ee67cc912452c78fb087808eace /openssl/src/ssl/mod.rs
parent	Merge branch 'release-v0.7.4' into release (diff)
parent	Release v0.7.5 (diff)
download	rust-openssl-0.7.5.tar.xz rust-openssl-0.7.5.zip