Add DTLSv1 and DTLSv1.2 support

author: Manuel Schölling <[email protected]> 2015-03-10 14:31:54 +0100
committer: Manuel Schölling <[email protected]> 2015-04-06 12:22:50 +0200
commit: 664600eadff8a0388bc9ab2544b382e56e4fae9d (patch)
tree: 782893fbf9232424f4d67f374012da6f33f6262f /openssl/src/ssl/mod.rs
parent: Add connect() support for UDP sockets (diff)
download: rust-openssl-664600eadff8a0388bc9ab2544b382e56e4fae9d.tar.xz
rust-openssl-664600eadff8a0388bc9ab2544b382e56e4fae9d.zip
1 files changed, 45 insertions, 2 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 710a287d..9cf09bc8 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -101,6 +101,9 @@ pub enum SslMethod {
     #[cfg(feature = "dtlsv1")]
     /// Support DTLSv1 protocol, requires the `dtlsv1` feature.
     Dtlsv1,
+    #[cfg(feature = "dtlsv1_2")]
+    /// Support DTLSv1.2 protocol, requires the `dtlsv1_2` feature.
+    Dtlsv1_2,
 }
 
 impl SslMethod {
@@ -116,9 +119,35 @@ impl SslMethod {
             #[cfg(feature = "tlsv1_2")]
             SslMethod::Tlsv1_2 => ffi::TLSv1_2_method(),
             #[cfg(feature = "dtlsv1")]
-            SslMethod::Dtlsv1 => ffi::TLSv1_method(),
+            SslMethod::Dtlsv1 => ffi::DTLSv1_method(),
+            #[cfg(feature = "dtlsv1_2")]
+            SslMethod::Dtlsv1_2 => ffi::DTLSv1_2_method(),
         }
     }
+
+    #[cfg(feature = "dtlsv1")]
+    pub fn is_dtlsv1(&self) -> bool {
+        *self == SslMethod::Dtlsv1
+    }
+
+    #[cfg(feature = "dtlsv1_2")]
+    pub fn is_dtlsv1_2(&self) -> bool {
+        *self == SslMethod::Dtlsv1
+    }
+
+    pub fn is_dtls(&self) -> bool {
+        self.is_dtlsv1() || self.is_dtlsv1_2()
+    }
+
+    #[cfg(not(feature = "dtlsv1"))]
+    pub fn is_dtlsv1(&self) -> bool {
+        false
+    }
+
+    #[cfg(not(feature = "dtlsv1_2"))]
+    pub fn is_dtlsv1_2(&self) -> bool {
+        false
+    }
 }
 
 /// Determines the type of certificate verification used
@@ -345,7 +374,13 @@ impl SslContext {
             return Err(SslError::get());
         }
 
-        Ok(SslContext { ctx: ctx })
+        let ctx = SslContext { ctx: ctx };
+
+        if method.is_dtls() {
+            ctx.set_read_ahead();
+        }
+
+        Ok(ctx)
     }
 
     /// Configures the certificate verification method for new connections.
@@ -356,6 +391,7 @@ impl SslContext {
                                      mem::transmute(verify));
             let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int =
                                 raw_verify;
+
             ffi::SSL_CTX_set_verify(self.ctx, mode.bits as c_int, Some(f));
         }
     }
@@ -376,6 +412,7 @@ impl SslContext {
                                      mem::transmute(data));
             let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int =
                                 raw_verify_with_data::<T>;
+
             ffi::SSL_CTX_set_verify(self.ctx, mode.bits as c_int, Some(f));
         }
     }
@@ -387,6 +424,12 @@ impl SslContext {
         }
     }
 
+    pub fn set_read_ahead(&self) {
+        unsafe {
+            ffi::SSL_CTX_ctrl(*self.ctx, ffi::SSL_CTRL_SET_READ_AHEAD, 1, ptr::null_mut());
+        }
+    }
+
     #[allow(non_snake_case)]
     /// Specifies the file that contains trusted CA certificates.
     pub fn set_CA_file(&mut self, file: &Path) -> Result<(),SslError> {
author	Manuel Schölling <[email protected]>	2015-03-10 14:31:54 +0100
committer	Manuel Schölling <[email protected]>	2015-04-06 12:22:50 +0200
commit	664600eadff8a0388bc9ab2544b382e56e4fae9d (patch)
tree	782893fbf9232424f4d67f374012da6f33f6262f /openssl/src/ssl/mod.rs
parent	Add connect() support for UDP sockets (diff)
download	rust-openssl-664600eadff8a0388bc9ab2544b382e56e4fae9d.tar.xz rust-openssl-664600eadff8a0388bc9ab2544b382e56e4fae9d.zip