aboutsummaryrefslogtreecommitdiff
path: root/openssl/src
diff options
context:
space:
mode:
authorSteven Fackler <[email protected]>2015-11-10 21:32:19 -0800
committerSteven Fackler <[email protected]>2015-11-16 20:16:01 -0800
commita8a10e64ad21fe900dbeef220493cc31cbeda48e (patch)
tree22677ed06cdb8956fac3a017639ee52e8baf07a5 /openssl/src
parentBump ws2_32-sys version (diff)
downloadrust-openssl-a8a10e64ad21fe900dbeef220493cc31cbeda48e.tar.xz
rust-openssl-a8a10e64ad21fe900dbeef220493cc31cbeda48e.zip
Split stuff requiring a shim out to a separate crate
Diffstat (limited to 'openssl/src')
-rw-r--r--openssl/src/bio/mod.rs5
-rw-r--r--openssl/src/crypto/hmac.rs20
-rw-r--r--openssl/src/lib.rs1
-rw-r--r--openssl/src/ssl/mod.rs93
-rw-r--r--openssl/src/x509/mod.rs3
5 files changed, 64 insertions, 58 deletions
diff --git a/openssl/src/bio/mod.rs b/openssl/src/bio/mod.rs
index 7eea16d8..a0c4b533 100644
--- a/openssl/src/bio/mod.rs
+++ b/openssl/src/bio/mod.rs
@@ -5,6 +5,7 @@ use std::ptr;
use std::cmp;
use ffi;
+use ffi_extras;
use ssl::error::{SslError};
pub struct MemBio {
@@ -60,7 +61,7 @@ impl MemBio {
/// Sets the BIO's EOF state.
pub fn set_eof(&self, eof: bool) {
let v = if eof { 0 } else { -1 };
- unsafe { ffi::BIO_set_mem_eof_return(self.bio, v); }
+ unsafe { ffi_extras::BIO_set_mem_eof_return(self.bio, v); }
}
}
@@ -72,7 +73,7 @@ impl Read for MemBio {
};
if ret <= 0 {
- let is_eof = unsafe { ffi::BIO_eof(self.bio) };
+ let is_eof = unsafe { ffi_extras::BIO_eof(self.bio) };
if is_eof != 0 {
Ok(0)
} else {
diff --git a/openssl/src/crypto/hmac.rs b/openssl/src/crypto/hmac.rs
index 5c9f7576..474cbc8a 100644
--- a/openssl/src/crypto/hmac.rs
+++ b/openssl/src/crypto/hmac.rs
@@ -21,6 +21,7 @@ use std::io::prelude::*;
use crypto::hash::Type;
use ffi;
+use ffi_extras;
#[derive(PartialEq, Copy, Clone)]
enum State {
@@ -88,9 +89,10 @@ impl HMAC {
#[inline]
fn init_once(&mut self, md: *const ffi::EVP_MD, key: &[u8]) {
unsafe {
- let r = ffi::HMAC_Init_ex(&mut self.ctx,
- key.as_ptr(), key.len() as c_int,
- md, 0 as *const _);
+ let r = ffi_extras::HMAC_Init_ex(&mut self.ctx,
+ key.as_ptr(),
+ key.len() as c_int,
+ md, 0 as *const _);
assert_eq!(r, 1);
}
self.state = Reset;
@@ -106,9 +108,9 @@ impl HMAC {
// If the key and/or md is not supplied it's reused from the last time
// avoiding redundant initializations
unsafe {
- let r = ffi::HMAC_Init_ex(&mut self.ctx,
- 0 as *const _, 0,
- 0 as *const _, 0 as *const _);
+ let r = ffi_extras::HMAC_Init_ex(&mut self.ctx,
+ 0 as *const _, 0,
+ 0 as *const _, 0 as *const _);
assert_eq!(r, 1);
}
self.state = Reset;
@@ -120,7 +122,7 @@ impl HMAC {
self.init();
}
unsafe {
- let r = ffi::HMAC_Update(&mut self.ctx, data.as_ptr(), data.len() as c_uint);
+ let r = ffi_extras::HMAC_Update(&mut self.ctx, data.as_ptr(), data.len() as c_uint);
assert_eq!(r, 1);
}
self.state = Updated;
@@ -135,7 +137,7 @@ impl HMAC {
let mut res: Vec<u8> = repeat(0).take(md_len).collect();
unsafe {
let mut len = 0;
- let r = ffi::HMAC_Final(&mut self.ctx, res.as_mut_ptr(), &mut len);
+ let r = ffi_extras::HMAC_Final(&mut self.ctx, res.as_mut_ptr(), &mut len);
self.state = Finalized;
assert_eq!(len as usize, md_len);
assert_eq!(r, 1);
@@ -181,7 +183,7 @@ impl Drop for HMAC {
if self.state != Finalized {
let mut buf: Vec<u8> = repeat(0).take(self.type_.md_len()).collect();
let mut len = 0;
- ffi::HMAC_Final(&mut self.ctx, buf.as_mut_ptr(), &mut len);
+ ffi_extras::HMAC_Final(&mut self.ctx, buf.as_mut_ptr(), &mut len);
}
ffi::HMAC_CTX_cleanup(&mut self.ctx);
}
diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs
index c7af3113..2fedd28f 100644
--- a/openssl/src/lib.rs
+++ b/openssl/src/lib.rs
@@ -6,6 +6,7 @@ extern crate libc;
#[macro_use]
extern crate lazy_static;
extern crate openssl_sys as ffi;
+extern crate openssl_sys_extras as ffi_extras;
#[cfg(test)]
extern crate rustc_serialize as serialize;
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 735255e4..23364ef1 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -21,6 +21,7 @@ use std::slice;
use bio::{MemBio};
use ffi;
+use ffi_extras;
use dh::DH;
use ssl::error::{NonblockingSslError, SslError, SslSessionClosed, StreamError, OpenSslErrors};
use x509::{X509StoreContext, X509FileType, X509};
@@ -51,43 +52,43 @@ pub fn init() {
bitflags! {
flags SslContextOptions: u64 {
- const SSL_OP_MICROSOFT_SESS_ID_BUG = ffi::SSL_OP_MICROSOFT_SESS_ID_BUG,
- const SSL_OP_NETSCAPE_CHALLENGE_BUG = ffi::SSL_OP_NETSCAPE_CHALLENGE_BUG,
- const SSL_OP_LEGACY_SERVER_CONNECT = ffi::SSL_OP_LEGACY_SERVER_CONNECT,
- const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = ffi::SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG,
- const SSL_OP_TLSEXT_PADDING = ffi::SSL_OP_TLSEXT_PADDING,
- const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = ffi::SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER,
- const SSL_OP_SAFARI_ECDHE_ECDSA_BUG = ffi::SSL_OP_SAFARI_ECDHE_ECDSA_BUG,
- const SSL_OP_SSLEAY_080_CLIENT_DH_BUG = ffi::SSL_OP_SSLEAY_080_CLIENT_DH_BUG,
- const SSL_OP_TLS_D5_BUG = ffi::SSL_OP_TLS_D5_BUG,
- const SSL_OP_TLS_BLOCK_PADDING_BUG = ffi::SSL_OP_TLS_BLOCK_PADDING_BUG,
- const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = ffi::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS,
- const SSL_OP_NO_QUERY_MTU = ffi::SSL_OP_NO_QUERY_MTU,
- const SSL_OP_COOKIE_EXCHANGE = ffi::SSL_OP_COOKIE_EXCHANGE,
- const SSL_OP_NO_TICKET = ffi::SSL_OP_NO_TICKET,
- const SSL_OP_CISCO_ANYCONNECT = ffi::SSL_OP_CISCO_ANYCONNECT,
- const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = ffi::SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION,
- const SSL_OP_NO_COMPRESSION = ffi::SSL_OP_NO_COMPRESSION,
- const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = ffi::SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION,
- const SSL_OP_SINGLE_ECDH_USE = ffi::SSL_OP_SINGLE_ECDH_USE,
- const SSL_OP_SINGLE_DH_USE = ffi::SSL_OP_SINGLE_DH_USE,
- const SSL_OP_CIPHER_SERVER_PREFERENCE = ffi::SSL_OP_CIPHER_SERVER_PREFERENCE,
- const SSL_OP_TLS_ROLLBACK_BUG = ffi::SSL_OP_TLS_ROLLBACK_BUG,
- const SSL_OP_NO_SSLV2 = ffi::SSL_OP_NO_SSLv2,
- const SSL_OP_NO_SSLV3 = ffi::SSL_OP_NO_SSLv3,
- const SSL_OP_NO_DTLSV1 = ffi::SSL_OP_NO_DTLSv1,
- const SSL_OP_NO_TLSV1 = ffi::SSL_OP_NO_TLSv1,
- const SSL_OP_NO_DTLSV1_2 = ffi::SSL_OP_NO_DTLSv1_2,
- const SSL_OP_NO_TLSV1_2 = ffi::SSL_OP_NO_TLSv1_2,
- const SSL_OP_NO_TLSV1_1 = ffi::SSL_OP_NO_TLSv1_1,
- const SSL_OP_NETSCAPE_CA_DN_BUG = ffi::SSL_OP_NETSCAPE_CA_DN_BUG,
- const SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = ffi::SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG,
- const SSL_OP_CRYPTOPRO_TLSEXT_BUG = ffi::SSL_OP_CRYPTOPRO_TLSEXT_BUG,
- const SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = ffi::SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG,
- const SSL_OP_MSIE_SSLV2_RSA_PADDING = ffi::SSL_OP_MSIE_SSLV2_RSA_PADDING,
- const SSL_OP_PKCS1_CHECK_1 = ffi::SSL_OP_PKCS1_CHECK_1,
- const SSL_OP_PKCS1_CHECK_2 = ffi::SSL_OP_PKCS1_CHECK_2,
- const SSL_OP_EPHEMERAL_RSA = ffi::SSL_OP_EPHEMERAL_RSA,
+ const SSL_OP_MICROSOFT_SESS_ID_BUG = ffi_extras::SSL_OP_MICROSOFT_SESS_ID_BUG,
+ const SSL_OP_NETSCAPE_CHALLENGE_BUG = ffi_extras::SSL_OP_NETSCAPE_CHALLENGE_BUG,
+ const SSL_OP_LEGACY_SERVER_CONNECT = ffi_extras::SSL_OP_LEGACY_SERVER_CONNECT,
+ const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = ffi_extras::SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG,
+ const SSL_OP_TLSEXT_PADDING = ffi_extras::SSL_OP_TLSEXT_PADDING,
+ const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = ffi_extras::SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER,
+ const SSL_OP_SAFARI_ECDHE_ECDSA_BUG = ffi_extras::SSL_OP_SAFARI_ECDHE_ECDSA_BUG,
+ const SSL_OP_SSLEAY_080_CLIENT_DH_BUG = ffi_extras::SSL_OP_SSLEAY_080_CLIENT_DH_BUG,
+ const SSL_OP_TLS_D5_BUG = ffi_extras::SSL_OP_TLS_D5_BUG,
+ const SSL_OP_TLS_BLOCK_PADDING_BUG = ffi_extras::SSL_OP_TLS_BLOCK_PADDING_BUG,
+ const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = ffi_extras::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS,
+ const SSL_OP_NO_QUERY_MTU = ffi_extras::SSL_OP_NO_QUERY_MTU,
+ const SSL_OP_COOKIE_EXCHANGE = ffi_extras::SSL_OP_COOKIE_EXCHANGE,
+ const SSL_OP_NO_TICKET = ffi_extras::SSL_OP_NO_TICKET,
+ const SSL_OP_CISCO_ANYCONNECT = ffi_extras::SSL_OP_CISCO_ANYCONNECT,
+ const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = ffi_extras::SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION,
+ const SSL_OP_NO_COMPRESSION = ffi_extras::SSL_OP_NO_COMPRESSION,
+ const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = ffi_extras::SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION,
+ const SSL_OP_SINGLE_ECDH_USE = ffi_extras::SSL_OP_SINGLE_ECDH_USE,
+ const SSL_OP_SINGLE_DH_USE = ffi_extras::SSL_OP_SINGLE_DH_USE,
+ const SSL_OP_CIPHER_SERVER_PREFERENCE = ffi_extras::SSL_OP_CIPHER_SERVER_PREFERENCE,
+ const SSL_OP_TLS_ROLLBACK_BUG = ffi_extras::SSL_OP_TLS_ROLLBACK_BUG,
+ const SSL_OP_NO_SSLV2 = ffi_extras::SSL_OP_NO_SSLv2,
+ const SSL_OP_NO_SSLV3 = ffi_extras::SSL_OP_NO_SSLv3,
+ const SSL_OP_NO_DTLSV1 = ffi_extras::SSL_OP_NO_DTLSv1,
+ const SSL_OP_NO_TLSV1 = ffi_extras::SSL_OP_NO_TLSv1,
+ const SSL_OP_NO_DTLSV1_2 = ffi_extras::SSL_OP_NO_DTLSv1_2,
+ const SSL_OP_NO_TLSV1_2 = ffi_extras::SSL_OP_NO_TLSv1_2,
+ const SSL_OP_NO_TLSV1_1 = ffi_extras::SSL_OP_NO_TLSv1_1,
+ const SSL_OP_NETSCAPE_CA_DN_BUG = ffi_extras::SSL_OP_NETSCAPE_CA_DN_BUG,
+ const SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = ffi_extras::SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG,
+ const SSL_OP_CRYPTOPRO_TLSEXT_BUG = ffi_extras::SSL_OP_CRYPTOPRO_TLSEXT_BUG,
+ const SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = ffi_extras::SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG,
+ const SSL_OP_MSIE_SSLV2_RSA_PADDING = ffi_extras::SSL_OP_MSIE_SSLV2_RSA_PADDING,
+ const SSL_OP_PKCS1_CHECK_1 = ffi_extras::SSL_OP_PKCS1_CHECK_1,
+ const SSL_OP_PKCS1_CHECK_2 = ffi_extras::SSL_OP_PKCS1_CHECK_2,
+ const SSL_OP_EPHEMERAL_RSA = ffi_extras::SSL_OP_EPHEMERAL_RSA,
const SSL_OP_ALL = SSL_OP_MICROSOFT_SESS_ID_BUG.bits|SSL_OP_NETSCAPE_CHALLENGE_BUG.bits
|SSL_OP_LEGACY_SERVER_CONNECT.bits|SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG.bits
|SSL_OP_TLSEXT_PADDING.bits|SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER.bits
@@ -493,13 +494,13 @@ impl SslContext {
pub fn set_read_ahead(&self, m: u32) {
unsafe {
- ffi::SSL_CTX_set_read_ahead(self.ctx, m as c_long);
+ ffi_extras::SSL_CTX_set_read_ahead(self.ctx, m as c_long);
}
}
pub fn set_tmp_dh(&self, dh: DH) -> Result<(),SslError> {
wrap_ssl_result(unsafe {
- ffi::SSL_CTX_set_tmp_dh(self.ctx, dh.raw()) as i32
+ ffi_extras::SSL_CTX_set_tmp_dh(self.ctx, dh.raw()) as i32
})
}
@@ -546,7 +547,7 @@ impl SslContext {
pub fn add_extra_chain_cert(&mut self, cert: &X509) -> Result<(),SslError> {
wrap_ssl_result(
unsafe {
- ffi::SSL_CTX_add_extra_chain_cert(self.ctx, cert.get_handle()) as c_int
+ ffi_extras::SSL_CTX_add_extra_chain_cert(self.ctx, cert.get_handle()) as c_int
})
}
@@ -592,21 +593,21 @@ impl SslContext {
pub fn set_ecdh_auto(&mut self, onoff: bool) -> Result<(),SslError> {
wrap_ssl_result(
unsafe {
- ffi::SSL_CTX_set_ecdh_auto(self.ctx, onoff as c_int)
+ ffi_extras::SSL_CTX_set_ecdh_auto(self.ctx, onoff as c_int)
})
}
pub fn set_options(&mut self, option: SslContextOptions) -> SslContextOptions {
let raw_bits = option.bits();
let ret = unsafe {
- ffi::SSL_CTX_set_options(self.ctx, raw_bits)
+ ffi_extras::SSL_CTX_set_options(self.ctx, raw_bits)
};
SslContextOptions::from_bits(ret).unwrap()
}
pub fn get_options(&mut self) -> SslContextOptions {
let ret = unsafe {
- ffi::SSL_CTX_get_options(self.ctx)
+ ffi_extras::SSL_CTX_get_options(self.ctx)
};
SslContextOptions::from_bits(ret).unwrap()
}
@@ -614,7 +615,7 @@ impl SslContext {
pub fn clear_options(&mut self, option: SslContextOptions) -> SslContextOptions {
let raw_bits = option.bits();
let ret = unsafe {
- ffi::SSL_CTX_clear_options(self.ctx, raw_bits)
+ ffi_extras::SSL_CTX_clear_options(self.ctx, raw_bits)
};
SslContextOptions::from_bits(ret).unwrap()
}
@@ -785,7 +786,7 @@ impl Ssl {
/// Sets the host name to be used with SNI (Server Name Indication).
pub fn set_hostname(&self, hostname: &str) -> Result<(), SslError> {
let cstr = CString::new(hostname).unwrap();
- let ret = unsafe { ffi::SSL_set_tlsext_host_name(self.ssl, cstr.as_ptr()) };
+ let ret = unsafe { ffi_extras::SSL_set_tlsext_host_name(self.ssl, cstr.as_ptr()) };
// For this case, 0 indicates failure.
if ret == 0 {
@@ -1435,7 +1436,7 @@ impl<S> NonblockingSslStream<S> {
fn new_base(ssl: Ssl, stream: S, sock: c_int) -> Result<NonblockingSslStream<S>, SslError> {
unsafe {
let bio = try_ssl_null!(ffi::BIO_new_socket(sock, 0));
- ffi::BIO_set_nbio(bio, 1);
+ ffi_extras::BIO_set_nbio(bio, 1);
ffi::SSL_set_bio(ssl.ssl, bio, bio);
}
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 91daa66a..8148749a 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -18,6 +18,7 @@ use crypto::hash::Type as HashType;
use crypto::pkey::{PKey,Parts};
use crypto::rand::rand_bytes;
use ffi;
+use ffi_extras;
use ssl::error::{SslError, StreamError};
use nid;
@@ -400,7 +401,7 @@ impl X509Generator {
let req = ffi::X509_to_X509_REQ(cert.handle, ptr::null_mut(), ptr::null());
try_ssl_null!(req);
- let exts = ffi::X509_get_extensions(cert.handle);
+ let exts = ffi_extras::X509_get_extensions(cert.handle);
if exts != ptr::null_mut() {
try_ssl!(ffi::X509_REQ_add_extensions(req,exts));
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-14 08:27:52 +0000