diff options
| author | Steven Fackler <[email protected]> | 2015-04-08 23:52:09 -0400 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2015-04-08 23:52:09 -0400 |
| commit | 11059e1b2dd4077fa2fd433f9d7d04da1cf175c6 (patch) | |
| tree | ca92efe9faf168a5393b32205d6c22cf8aad84d1 /openssl/src/ssl/mod.rs | |
| parent | Release v0.6.0 (diff) | |
| parent | Use latest openssl library (v1.0.2) (diff) | |
| download | rust-openssl-11059e1b2dd4077fa2fd433f9d7d04da1cf175c6.tar.xz rust-openssl-11059e1b2dd4077fa2fd433f9d7d04da1cf175c6.zip | |
Merge pull request #179 from manuels/dtls
DTLS support
Diffstat (limited to 'openssl/src/ssl/mod.rs')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 52 |
1 files changed, 50 insertions, 2 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 4c0b13f1..0dd2b3cb 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -97,6 +97,12 @@ pub enum SslMethod { #[cfg(feature = "tlsv1_2")] /// Support TLSv1.2 protocol, requires the `tlsv1_2` feature. Tlsv1_2, + #[cfg(feature = "dtlsv1")] + /// Support DTLSv1 protocol, requires the `dtlsv1` feature. + Dtlsv1, + #[cfg(feature = "dtlsv1_2")] + /// Support DTLSv1.2 protocol, requires the `dtlsv1_2` feature. + Dtlsv1_2, } impl SslMethod { @@ -110,9 +116,37 @@ impl SslMethod { #[cfg(feature = "tlsv1_1")] SslMethod::Tlsv1_1 => ffi::TLSv1_1_method(), #[cfg(feature = "tlsv1_2")] - SslMethod::Tlsv1_2 => ffi::TLSv1_2_method() + SslMethod::Tlsv1_2 => ffi::TLSv1_2_method(), + #[cfg(feature = "dtlsv1")] + SslMethod::Dtlsv1 => ffi::DTLSv1_method(), + #[cfg(feature = "dtlsv1_2")] + SslMethod::Dtlsv1_2 => ffi::DTLSv1_2_method(), } } + + #[cfg(feature = "dtlsv1")] + pub fn is_dtlsv1(&self) -> bool { + *self == SslMethod::Dtlsv1 + } + + #[cfg(feature = "dtlsv1_2")] + pub fn is_dtlsv1_2(&self) -> bool { + *self == SslMethod::Dtlsv1_2 + } + + pub fn is_dtls(&self) -> bool { + self.is_dtlsv1() || self.is_dtlsv1_2() + } + + #[cfg(not(feature = "dtlsv1"))] + pub fn is_dtlsv1(&self) -> bool { + false + } + + #[cfg(not(feature = "dtlsv1_2"))] + pub fn is_dtlsv1_2(&self) -> bool { + false + } } /// Determines the type of certificate verification used @@ -339,7 +373,13 @@ impl SslContext { return Err(SslError::get()); } - Ok(SslContext { ctx: ctx }) + let ctx = SslContext { ctx: ctx }; + + if method.is_dtls() { + ctx.set_read_ahead(1); + } + + Ok(ctx) } /// Configures the certificate verification method for new connections. @@ -350,6 +390,7 @@ impl SslContext { mem::transmute(verify)); let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int = raw_verify; + ffi::SSL_CTX_set_verify(self.ctx, mode.bits as c_int, Some(f)); } } @@ -370,6 +411,7 @@ impl SslContext { mem::transmute(data)); let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int = raw_verify_with_data::<T>; + ffi::SSL_CTX_set_verify(self.ctx, mode.bits as c_int, Some(f)); } } @@ -381,6 +423,12 @@ impl SslContext { } } + pub fn set_read_ahead(&self, m: u32) { + unsafe { + ffi::SSL_CTX_set_read_ahead(self.ctx, m as c_long); + } + } + #[allow(non_snake_case)] /// Specifies the file that contains trusted CA certificates. pub fn set_CA_file(&mut self, file: &Path) -> Result<(),SslError> { |