diff options
Diffstat (limited to 'openssl/src/ssl/tests')
| -rw-r--r-- | openssl/src/ssl/tests/mod.rs | 138 |
1 files changed, 68 insertions, 70 deletions
diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs index ff1d1c86..365f0168 100644 --- a/openssl/src/ssl/tests/mod.rs +++ b/openssl/src/ssl/tests/mod.rs @@ -16,13 +16,13 @@ use tempdir::TempDir; use dh::Dh; use hash::MessageDigest; -use ocsp::{OcspResponse, RESPONSE_STATUS_UNAUTHORIZED}; +use ocsp::{OcspResponse, OcspResponseStatus}; use ssl; use ssl::{Error, HandshakeError, ShutdownResult, Ssl, SslAcceptorBuilder, SslConnectorBuilder, - SslContext, SslMethod, SslStream, SSL_VERIFY_NONE, SSL_VERIFY_PEER, STATUS_TYPE_OCSP}; -use x509::{X509, X509Name, X509StoreContext, X509_FILETYPE_PEM}; + SslContext, SslMethod, SslStream, SslVerifyMode, StatusType}; +use x509::{X509, X509Filetype, X509Name, X509StoreContext}; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] -use x509::verify::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; +use x509::verify::X509CheckFlags; use pkey::PKey; use std::net::UdpSocket; @@ -131,8 +131,7 @@ macro_rules! run_test( use std::net::TcpStream; use ssl; use ssl::SslMethod; - use ssl::{SslContext, Ssl, SslStream}; - use ssl::SSL_VERIFY_PEER; + use ssl::{SslContext, Ssl, SslStream, SslVerifyMode, SslOptions}; use hash::MessageDigest; use x509::X509StoreContext; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] @@ -160,7 +159,7 @@ run_test!(new_ctx, |method, _| { run_test!(verify_untrusted, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match Ssl::new(&ctx.build()).unwrap().connect(stream) { Ok(_) => panic!("expected failure"), @@ -170,7 +169,7 @@ run_test!(verify_untrusted, |method, stream| { run_test!(verify_trusted, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -189,7 +188,7 @@ run_test!(verify_trusted_with_set_cert, |method, stream| { store.add_cert(x509).unwrap(); let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match ctx.set_verify_cert_store(store.build()) { Ok(_) => {} @@ -203,7 +202,7 @@ run_test!(verify_trusted_with_set_cert, |method, stream| { run_test!(verify_untrusted_callback_override_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| true); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| true); match Ssl::new(&ctx.build()).unwrap().connect(stream) { Ok(_) => (), @@ -213,14 +212,14 @@ run_test!(verify_untrusted_callback_override_ok, |method, stream| { run_test!(verify_untrusted_callback_override_bad, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| false); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| false); assert!(Ssl::new(&ctx.build()).unwrap().connect(stream).is_err()); }); run_test!(verify_trusted_callback_override_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| true); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| true); match ctx.set_ca_file(&Path::new("test/cert.pem")) { Ok(_) => {} @@ -234,7 +233,7 @@ run_test!(verify_trusted_callback_override_ok, |method, stream| { run_test!(verify_trusted_callback_override_bad, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| false); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| false); match ctx.set_ca_file(&Path::new("test/cert.pem")) { Ok(_) => {} @@ -245,7 +244,7 @@ run_test!(verify_trusted_callback_override_bad, |method, stream| { run_test!(verify_callback_load_certs, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.current_cert().is_some()); true }); @@ -255,7 +254,7 @@ run_test!(verify_callback_load_certs, |method, stream| { run_test!(verify_trusted_get_error_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.error().is_none()); true }); @@ -269,7 +268,7 @@ run_test!(verify_trusted_get_error_ok, |method, stream| { run_test!(verify_trusted_get_error_err, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.error().is_some()); false }); @@ -286,7 +285,7 @@ run_test!(verify_callback_data, |method, stream| { // Please update if "test/cert.pem" will ever change let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, move |_preverify_ok, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, move |_preverify_ok, x509_ctx| { let cert = x509_ctx.current_cert(); match cert { None => false, @@ -314,7 +313,7 @@ run_test!(ssl_verify_callback, |method, stream| { let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); - ssl.set_verify_callback(SSL_VERIFY_PEER, move |_, x509| { + ssl.set_verify_callback(SslVerifyMode::PEER, move |_, x509| { CHECKED.store(1, Ordering::SeqCst); match x509.current_cert() { None => false, @@ -349,10 +348,10 @@ fn test_write_hits_stream() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_verify(SslVerifyMode::PEER); + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let stream = listener.accept().unwrap().0; let mut stream = Ssl::new(&ctx.build()).unwrap().accept(stream).unwrap(); @@ -384,15 +383,15 @@ run_test!(get_ctx_options, |method, _| { run_test!(set_ctx_options, |method, _| { let mut ctx = SslContext::builder(method).unwrap(); - let opts = ctx.set_options(ssl::SSL_OP_NO_TICKET); - assert!(opts.contains(ssl::SSL_OP_NO_TICKET)); + let opts = ctx.set_options(SslOptions::NO_TICKET); + assert!(opts.contains(SslOptions::NO_TICKET)); }); run_test!(clear_ctx_options, |method, _| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_options(ssl::SSL_OP_ALL); - let opts = ctx.clear_options(ssl::SSL_OP_ALL); - assert!(!opts.contains(ssl::SSL_OP_ALL)); + ctx.set_options(SslOptions::ALL); + let opts = ctx.clear_options(SslOptions::ALL); + assert!(!opts.contains(SslOptions::ALL)); }); #[test] @@ -481,7 +480,7 @@ fn test_state() { fn test_connect_with_unilateral_alpn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -503,7 +502,7 @@ fn test_connect_with_unilateral_alpn() { fn test_connect_with_unilateral_npn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -525,7 +524,7 @@ fn test_connect_with_unilateral_npn() { fn test_connect_with_alpn_successful_multiple_matching() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1", b"http/1.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -547,7 +546,7 @@ fn test_connect_with_alpn_successful_multiple_matching() { fn test_connect_with_npn_successful_multiple_matching() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1", b"http/1.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -570,7 +569,7 @@ fn test_connect_with_npn_successful_multiple_matching() { fn test_connect_with_alpn_successful_single_match() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -585,7 +584,6 @@ fn test_connect_with_alpn_successful_single_match() { assert_eq!(b"spdy/3.1", stream.ssl().selected_alpn_protocol().unwrap()); } - /// Tests that when both the client as well as the server use NPN and their /// lists of supported protocols have an overlap -- with only ONE protocol /// being valid for both. @@ -594,7 +592,7 @@ fn test_connect_with_alpn_successful_single_match() { fn test_connect_with_npn_successful_single_match() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -619,13 +617,13 @@ fn test_npn_server_advertise_multiple() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -636,7 +634,7 @@ fn test_npn_server_advertise_multiple() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -662,13 +660,13 @@ fn test_alpn_server_advertise_multiple() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -679,7 +677,7 @@ fn test_alpn_server_advertise_multiple() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -705,13 +703,13 @@ fn test_alpn_server_select_none() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -722,7 +720,7 @@ fn test_alpn_server_select_none() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/2"]).unwrap(); ctx.set_ca_file(&Path::new("test/root-ca.pem")).unwrap(); // Now connect to the socket and make sure the protocol negotiation works... @@ -961,7 +959,7 @@ fn refcount_ssl_context() { fn default_verify_paths() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let s = TcpStream::connect("google.com:443").unwrap(); let mut socket = Ssl::new(&ctx.build()).unwrap().connect(s).unwrap(); @@ -987,11 +985,11 @@ fn add_extra_chain_cert() { fn verify_valid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.param_mut() - .set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS); ssl.param_mut().set_host("google.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); @@ -1011,11 +1009,11 @@ fn verify_valid_hostname() { fn verify_invalid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.param_mut() - .set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS); ssl.param_mut().set_host("foobar.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); @@ -1081,7 +1079,7 @@ fn connector_no_hostname_can_disable_verify() { let (_s, tcp) = Server::new(); let mut connector = SslConnectorBuilder::new(SslMethod::tls()).unwrap(); - connector.set_verify(SSL_VERIFY_NONE); + connector.set_verify(SslVerifyMode::NONE); let connector = connector.build(); connector @@ -1164,9 +1162,9 @@ fn shutdown() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap(); let mut stream = ssl.accept(stream).unwrap(); @@ -1222,9 +1220,9 @@ fn tmp_dh_callback() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_tmp_dh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); @@ -1249,7 +1247,7 @@ fn tmp_dh_callback() { all(feature = "v102", ossl102)))] fn tmp_ecdh_callback() { use ec::EcKey; - use nid; + use nid::Nid; static CALLED_BACK: AtomicBool = ATOMIC_BOOL_INIT; @@ -1259,13 +1257,13 @@ fn tmp_ecdh_callback() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_tmp_ecdh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); - EcKey::new_by_curve_name(nid::X9_62_PRIME256V1) + EcKey::new_by_curve_name(Nid::X9_62_PRIME256V1) }); let ssl = Ssl::new(&ctx.build()).unwrap(); ssl.accept(stream).unwrap(); @@ -1290,9 +1288,9 @@ fn tmp_dh_callback_ssl() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.set_tmp_dh_callback(|_, _, _| { @@ -1317,7 +1315,7 @@ fn tmp_dh_callback_ssl() { all(feature = "v102", ossl102)))] fn tmp_ecdh_callback_ssl() { use ec::EcKey; - use nid; + use nid::Nid; static CALLED_BACK: AtomicBool = ATOMIC_BOOL_INIT; @@ -1327,14 +1325,14 @@ fn tmp_ecdh_callback_ssl() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.set_tmp_ecdh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); - EcKey::new_by_curve_name(nid::X9_62_PRIME256V1) + EcKey::new_by_curve_name(Nid::X9_62_PRIME256V1) }); ssl.accept(stream).unwrap(); }); @@ -1382,13 +1380,13 @@ fn status_callbacks() { let guard = thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_status_callback(|ssl| { CALLED_BACK_SERVER.store(true, Ordering::SeqCst); - let response = OcspResponse::create(RESPONSE_STATUS_UNAUTHORIZED, None).unwrap(); + let response = OcspResponse::create(OcspResponseStatus::UNAUTHORIZED, None).unwrap(); let response = response.to_der().unwrap(); ssl.set_ocsp_status(&response).unwrap(); Ok(true) @@ -1402,11 +1400,11 @@ fn status_callbacks() { ctx.set_status_callback(|ssl| { CALLED_BACK_CLIENT.store(true, Ordering::SeqCst); let response = OcspResponse::from_der(ssl.ocsp_status().unwrap()).unwrap(); - assert_eq!(response.status(), RESPONSE_STATUS_UNAUTHORIZED); + assert_eq!(response.status(), OcspResponseStatus::UNAUTHORIZED); Ok(true) }).unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); - ssl.set_status_type(STATUS_TYPE_OCSP).unwrap(); + ssl.set_status_type(StatusType::OCSP).unwrap(); ssl.connect(stream).unwrap(); assert!(CALLED_BACK_SERVER.load(Ordering::SeqCst)); |