Expose cookie generate/verify callback setters

author: Benjamin Saunders <[email protected]> 2018-02-25 19:36:47 -0800
committer: Benjamin Saunders <[email protected]> 2018-02-25 20:05:15 -0800
commit: e04dbfa3ee47741d7f74987803e0a8405550f5f3 (patch)
tree: 9fa69507023a25cb94717edcdfe5e87c79de4372 /openssl/src/ssl/mod.rs
parent: Expose FFI bindings needed for SSL_stateless (diff)
download: rust-openssl-e04dbfa3ee47741d7f74987803e0a8405550f5f3.tar.xz
rust-openssl-e04dbfa3ee47741d7f74987803e0a8405550f5f3.zip
1 files changed, 45 insertions, 0 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index fb7db988..91b97818 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -1311,6 +1311,51 @@ impl SslContextBuilder {
         }
     }
 
+    /// Sets the callback for generating an application cookie for stateless handshakes.
+    ///
+    /// The callback will be called with the SSL context and a slice into which the cookie
+    /// should be written. The callback should return the number of bytes written.
+    ///
+    /// This corresponds to `SSL_CTX_set_cookie_generate_cb`.
+    pub fn set_cookie_generate_cb<F>(&mut self, callback: F)
+    where
+        F: Fn(&mut SslRef, &mut [u8]) -> Result<usize, ErrorStack> + 'static + Sync + Send
+    {
+        unsafe {
+            let callback = Box::new(callback);
+            ffi::SSL_CTX_set_ex_data(
+                self.as_ptr(),
+                get_callback_idx::<F>(),
+                mem::transmute(callback),
+            );
+            ffi::SSL_CTX_set_cookie_generate_cb(self.as_ptr(), Some(raw_cookie_generate::<F>))
+        }
+    }
+
+    /// Sets the callback for verifying an application cookie for stateless handshakes.
+    ///
+    /// The callback will be called with the SSL context and the cookie supplied by the
+    /// client. It should return true if and only if the cookie is valid.
+    ///
+    /// Note that the OpenSSL implementation independently verifies the integrity of
+    /// application cookies using an HMAC before invoking the supplied callback.
+    ///
+    /// This corresponds to `SSL_CTX_set_cookie_verify_cb`.
+    pub fn set_cookie_verify_cb<F>(&mut self, callback: F)
+    where
+        F: Fn(&mut SslRef, &[u8]) -> bool + 'static + Sync + Send
+    {
+        unsafe {
+            let callback = Box::new(callback);
+            ffi::SSL_CTX_set_ex_data(
+                self.as_ptr(),
+                get_callback_idx::<F>(),
+                mem::transmute(callback),
+            );
+            ffi::SSL_CTX_set_cookie_verify_cb(self.as_ptr(), Some(raw_cookie_verify::<F>))
+        }
+    }
+
     /// Sets the extra data at the specified index.
     ///
     /// This can be used to provide data to callbacks registered with the context. Use the
author	Benjamin Saunders <[email protected]>	2018-02-25 19:36:47 -0800
committer	Benjamin Saunders <[email protected]>	2018-02-25 20:05:15 -0800
commit	e04dbfa3ee47741d7f74987803e0a8405550f5f3 (patch)
tree	9fa69507023a25cb94717edcdfe5e87c79de4372 /openssl/src/ssl/mod.rs
parent	Expose FFI bindings needed for SSL_stateless (diff)
download	rust-openssl-e04dbfa3ee47741d7f74987803e0a8405550f5f3.tar.xz rust-openssl-e04dbfa3ee47741d7f74987803e0a8405550f5f3.zip