Change SslVerifyMode to bitflags and add SSL_VERIFY_FAIL_IF_NO_PEER_CERT

SslVerifyMode was changed to bitflags to allow for bitwise operations like (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT).
author: Manuel Schölling <[email protected]> 2015-03-12 14:40:20 +0100
committer: Manuel Schölling <[email protected]> 2015-04-03 14:34:24 +0200
commit: b42202b858a4ccba2686eb8235502f9be932e5da (patch)
tree: 806667466946da330bc7585efce6e6ca1ff4458c /openssl/src/ssl/mod.rs
parent: Stabilize openssl! (diff)
download: rust-openssl-b42202b858a4ccba2686eb8235502f9be932e5da.tar.xz
rust-openssl-b42202b858a4ccba2686eb8235502f9be932e5da.zip
1 files changed, 12 insertions, 9 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index dc23b79d..fd2b3345 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -115,13 +115,16 @@ impl SslMethod {
 }
 
 /// Determines the type of certificate verification used
-#[derive(Copy, Clone, Debug)]
-#[repr(i32)]
-pub enum SslVerifyMode {
-    /// Verify that the server's certificate is trusted
-    SslVerifyPeer = ffi::SSL_VERIFY_PEER,
-    /// Do not verify the server's certificate
-    SslVerifyNone = ffi::SSL_VERIFY_NONE
+bitflags! {
+    flags SslVerifyMode: i32 {
+        /// Verify that the server's certificate is trusted
+        const SSL_VERIFY_PEER = ffi::SSL_VERIFY_PEER,
+        /// Do not verify the server's certificate
+        const SSL_VERIFY_NONE = ffi::SSL_VERIFY_NONE,
+        /// Terminate handshake if client did not return a certificate.
+        /// Use together with SSL_VERIFY_PEER.
+        const SSL_VERIFY_FAIL_IF_NO_PEER_CERT = ffi::SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+    }
 }
 
 lazy_static! {
@@ -346,7 +349,7 @@ impl SslContext {
                                      mem::transmute(verify));
             let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int =
                                 raw_verify;
-            ffi::SSL_CTX_set_verify(self.ctx, mode as c_int, Some(f));
+            ffi::SSL_CTX_set_verify(*self.ctx, mode.bits as c_int, Some(f));
         }
     }
 
@@ -366,7 +369,7 @@ impl SslContext {
                                      mem::transmute(data));
             let f: extern fn(c_int, *mut ffi::X509_STORE_CTX) -> c_int =
                                 raw_verify_with_data::<T>;
-            ffi::SSL_CTX_set_verify(self.ctx, mode as c_int, Some(f));
+            ffi::SSL_CTX_set_verify(*self.ctx, mode.bits as c_int, Some(f));
         }
     }
author	Manuel Schölling <[email protected]>	2015-03-12 14:40:20 +0100
committer	Manuel Schölling <[email protected]>	2015-04-03 14:34:24 +0200
commit	b42202b858a4ccba2686eb8235502f9be932e5da (patch)
tree	806667466946da330bc7585efce6e6ca1ff4458c /openssl/src/ssl/mod.rs
parent	Stabilize openssl! (diff)
download	rust-openssl-b42202b858a4ccba2686eb8235502f9be932e5da.tar.xz rust-openssl-b42202b858a4ccba2686eb8235502f9be932e5da.zip