diff options
| author | Steven Fackler <[email protected]> | 2016-10-18 22:18:09 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2016-10-18 22:21:06 -0700 |
| commit | 5ab037f056174b4d69024f58fe42cf0c41a34db6 (patch) | |
| tree | db69ff63d60f1efcb9ae90124118814387520b1d /openssl/src | |
| parent | De-enumify X509ValidationError (diff) | |
| download | rust-openssl-5ab037f056174b4d69024f58fe42cf0c41a34db6.tar.xz rust-openssl-5ab037f056174b4d69024f58fe42cf0c41a34db6.zip | |
Allow the X509 verify error to be read from an SslRef
Diffstat (limited to 'openssl/src')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 9 | ||||
| -rw-r--r-- | openssl/src/x509/mod.rs | 35 |
2 files changed, 26 insertions, 18 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index fafac45c..d7adb43f 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -21,7 +21,7 @@ use ffi; use {init, cvt, cvt_p}; use dh::DH; -use x509::{X509StoreContext, X509FileType, X509, X509Ref}; +use x509::{X509StoreContext, X509FileType, X509, X509Ref, X509VerifyError}; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] use x509::verify::X509VerifyParamRef; use crypto::pkey::PKey; @@ -1007,6 +1007,13 @@ impl<'a> SslRef<'a> { X509VerifyParamRef::from_ptr(ffi::SSL_get0_param(self.as_ptr())) } } + + /// Returns the result of X509 certificate verification. + pub fn verify_result(&self) -> Option<X509VerifyError> { + unsafe { + X509VerifyError::from_raw(ffi::SSL_get_verify_result(self.0)) + } + } } pub struct Ssl(SslRef<'static>); diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 50d75d63..7f891231 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -100,14 +100,9 @@ impl X509StoreContext { X509StoreContext { ctx: ctx } } - pub fn error(&self) -> Option<X509ValidationError> { + pub fn error(&self) -> Option<X509VerifyError> { unsafe { - let err = ffi::X509_STORE_CTX_get_error(self.ctx) as c_long; - if err == ffi::X509_V_OK as c_long { - None - } else { - Some(X509ValidationError::from_raw(err)) - } + X509VerifyError::from_raw(ffi::X509_STORE_CTX_get_error(self.ctx) as c_long) } } @@ -691,38 +686,44 @@ impl<'a> Iterator for ExtensionsIter<'a> { } } -pub struct X509ValidationError(c_long); +pub struct X509VerifyError(c_long); -impl fmt::Debug for X509ValidationError { +impl fmt::Debug for X509VerifyError { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { - fmt.debug_struct("X509ValidationError") + fmt.debug_struct("X509VerifyError") .field("code", &self.0) .field("error", &self.error_string()) .finish() } } -impl fmt::Display for X509ValidationError { +impl fmt::Display for X509VerifyError { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { fmt.write_str(self.error_string()) } } -impl Error for X509ValidationError { +impl Error for X509VerifyError { fn description(&self) -> &str { "an X509 validation error" } } -impl X509ValidationError { - /// Creates an `X509ValidationError` from a raw error number. +impl X509VerifyError { + /// Creates an `X509VerifyError` from a raw error number. + /// + /// `None` will be returned if `err` is `X509_V_OK`. /// /// # Safety /// - /// Some methods on `X509ValidationError` are not thread safe if the error + /// Some methods on `X509VerifyError` are not thread safe if the error /// number is invalid. - pub unsafe fn from_raw(err: c_long) -> X509ValidationError { - X509ValidationError(err) + pub unsafe fn from_raw(err: c_long) -> Option<X509VerifyError> { + if err == ffi::X509_V_OK as c_long { + None + } else { + Some(X509VerifyError(err)) + } } pub fn as_raw(&self) -> c_long { |