aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/src/ssl')
-rw-r--r--openssl/src/ssl/bio.rs31
-rw-r--r--openssl/src/ssl/mod.rs45
-rw-r--r--openssl/src/ssl/tests/mod.rs40
3 files changed, 67 insertions, 49 deletions
diff --git a/openssl/src/ssl/bio.rs b/openssl/src/ssl/bio.rs
index e53545d7..b6f20cf2 100644
--- a/openssl/src/ssl/bio.rs
+++ b/openssl/src/ssl/bio.rs
@@ -23,16 +23,16 @@ pub struct BioMethod(ffi::BIO_METHOD);
impl BioMethod {
pub fn new<S: Read + Write>() -> BioMethod {
BioMethod(ffi::BIO_METHOD {
- type_: BIO_TYPE_NONE,
- name: b"rust\0".as_ptr() as *const _,
- bwrite: Some(bwrite::<S>),
- bread: Some(bread::<S>),
- bputs: Some(bputs::<S>),
- bgets: None,
- ctrl: Some(ctrl::<S>),
- create: Some(create),
- destroy: Some(destroy::<S>),
- callback_ctrl: None,
+ type_: BIO_TYPE_NONE,
+ name: b"rust\0".as_ptr() as *const _,
+ bwrite: Some(bwrite::<S>),
+ bread: Some(bread::<S>),
+ bputs: Some(bputs::<S>),
+ bgets: None,
+ ctrl: Some(ctrl::<S>),
+ create: Some(create),
+ destroy: Some(destroy::<S>),
+ callback_ctrl: None,
})
}
}
@@ -82,12 +82,16 @@ unsafe fn state<'a, S: 'a>(bio: *mut BIO) -> &'a mut StreamState<S> {
}
#[cfg(feature = "nightly")]
-fn catch_unwind<F, T>(f: F) -> Result<T, Box<Any + Send>> where F: FnOnce() -> T {
+fn catch_unwind<F, T>(f: F) -> Result<T, Box<Any + Send>>
+ where F: FnOnce() -> T
+{
::std::panic::catch_unwind(::std::panic::AssertUnwindSafe(f))
}
#[cfg(not(feature = "nightly"))]
-fn catch_unwind<F, T>(f: F) -> Result<T, Box<Any + Send>> where F: FnOnce() -> T {
+fn catch_unwind<F, T>(f: F) -> Result<T, Box<Any + Send>>
+ where F: FnOnce() -> T
+{
Ok(f())
}
@@ -137,7 +141,8 @@ unsafe extern "C" fn bread<S: Read>(bio: *mut BIO, buf: *mut c_char, len: c_int)
fn retriable_error(err: &io::Error) -> bool {
match err.kind() {
- io::ErrorKind::WouldBlock | io::ErrorKind::NotConnected => true,
+ io::ErrorKind::WouldBlock |
+ io::ErrorKind::NotConnected => true,
_ => false,
}
}
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index aa785142..f207416f 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -850,7 +850,7 @@ pub struct SslCipher<'a> {
ph: PhantomData<&'a ()>,
}
-impl <'a> SslCipher<'a> {
+impl<'a> SslCipher<'a> {
/// Returns the name of cipher.
pub fn name(&self) -> &'static str {
let name = unsafe {
@@ -874,12 +874,18 @@ impl <'a> SslCipher<'a> {
/// Returns the number of bits used for the cipher.
pub fn bits(&self) -> CipherBits {
unsafe {
- let algo_bits : *mut c_int = ptr::null_mut();
+ let algo_bits: *mut c_int = ptr::null_mut();
let secret_bits = ffi::SSL_CIPHER_get_bits(self.cipher, algo_bits);
if !algo_bits.is_null() {
- CipherBits { secret: secret_bits, algorithm: Some(*algo_bits) }
+ CipherBits {
+ secret: secret_bits,
+ algorithm: Some(*algo_bits),
+ }
} else {
- CipherBits { secret: secret_bits, algorithm: None }
+ CipherBits {
+ secret: secret_bits,
+ algorithm: None,
+ }
}
}
}
@@ -987,7 +993,9 @@ impl Ssl {
{
unsafe {
let verify = Box::new(verify);
- ffi::SSL_set_ex_data(self.ssl, get_ssl_verify_data_idx::<F>(), mem::transmute(verify));
+ ffi::SSL_set_ex_data(self.ssl,
+ get_ssl_verify_data_idx::<F>(),
+ mem::transmute(verify));
ffi::SSL_set_verify(self.ssl, mode.bits as c_int, Some(ssl_raw_verify::<F>));
}
}
@@ -999,7 +1007,10 @@ impl Ssl {
if ptr.is_null() {
None
} else {
- Some(SslCipher{ cipher: ptr, ph: PhantomData })
+ Some(SslCipher {
+ cipher: ptr,
+ ph: PhantomData,
+ })
}
}
}
@@ -1052,8 +1063,8 @@ impl Ssl {
/// Returns the name of the protocol used for the connection, e.g. "TLSv1.2", "SSLv3", etc.
pub fn version(&self) -> &'static str {
let version = unsafe {
- let ptr = ffi::SSL_get_version(self.ssl);
- CStr::from_ptr(ptr as *const _)
+ let ptr = ffi::SSL_get_version(self.ssl);
+ CStr::from_ptr(ptr as *const _)
};
str::from_utf8(version.to_bytes()).unwrap()
@@ -1224,7 +1235,8 @@ impl<S: Clone + Read + Write> Clone for SslStream<S> {
}
}
-impl<S> fmt::Debug for SslStream<S> where S: fmt::Debug
+impl<S> fmt::Debug for SslStream<S>
+ where S: fmt::Debug
{
fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
fmt.debug_struct("SslStream")
@@ -1385,7 +1397,8 @@ impl<S> SslStream<S> {
}
}
LibSslError::ErrorZeroReturn => Some(SslError::SslSessionClosed),
- LibSslError::ErrorWantWrite | LibSslError::ErrorWantRead => None,
+ LibSslError::ErrorWantWrite |
+ LibSslError::ErrorWantRead => None,
err => {
Some(SslError::StreamError(io::Error::new(io::ErrorKind::Other,
format!("unexpected error {:?}", err))))
@@ -1401,8 +1414,7 @@ impl<S> SslStream<S> {
}
#[cfg(not(feature = "nightly"))]
- fn check_panic(&mut self) {
- }
+ fn check_panic(&mut self) {}
fn get_bio_error(&mut self) -> io::Error {
let error = unsafe { bio::take_error::<S>(self.ssl.get_raw_rbio()) };
@@ -1513,7 +1525,8 @@ pub enum MaybeSslStream<S>
Normal(S),
}
-impl<S> Read for MaybeSslStream<S> where S: Read + Write
+impl<S> Read for MaybeSslStream<S>
+ where S: Read + Write
{
fn read(&mut self, buf: &mut [u8]) -> io::Result<usize> {
match *self {
@@ -1523,7 +1536,8 @@ impl<S> Read for MaybeSslStream<S> where S: Read + Write
}
}
-impl<S> Write for MaybeSslStream<S> where S: Read + Write
+impl<S> Write for MaybeSslStream<S>
+ where S: Read + Write
{
fn write(&mut self, buf: &[u8]) -> io::Result<usize> {
match *self {
@@ -1540,7 +1554,8 @@ impl<S> Write for MaybeSslStream<S> where S: Read + Write
}
}
-impl<S> MaybeSslStream<S> where S: Read + Write
+impl<S> MaybeSslStream<S>
+ where S: Read + Write
{
/// Returns a reference to the underlying stream.
pub fn get_ref(&self) -> &S {
diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs
index c3e7a363..5339f27e 100644
--- a/openssl/src/ssl/tests/mod.rs
+++ b/openssl/src/ssl/tests/mod.rs
@@ -196,7 +196,7 @@ macro_rules! run_test(
use ssl::SslMethod;
use ssl::{SslContext, Ssl, SslStream, VerifyCallback};
use ssl::SSL_VERIFY_PEER;
- use crypto::hash::Type::SHA256;
+ use crypto::hash::Type::SHA1;
use x509::X509StoreContext;
use serialize::hex::FromHex;
use super::Server;
@@ -236,7 +236,7 @@ run_test!(verify_untrusted, |method, stream| {
match SslStream::connect_generic(&ctx, stream) {
Ok(_) => panic!("expected failure"),
- Err(err) => println!("error {:?}", err)
+ Err(err) => println!("error {:?}", err),
}
});
@@ -246,11 +246,11 @@ run_test!(verify_trusted, |method, stream| {
match ctx.set_CA_file(&Path::new("test/cert.pem")) {
Ok(_) => {}
- Err(err) => panic!("Unexpected error {:?}", err)
+ Err(err) => panic!("Unexpected error {:?}", err),
}
match SslStream::connect_generic(&ctx, stream) {
Ok(_) => (),
- Err(err) => panic!("Expected success, got {:?}", err)
+ Err(err) => panic!("Expected success, got {:?}", err),
}
});
@@ -264,7 +264,7 @@ run_test!(verify_untrusted_callback_override_ok, |method, stream| {
match SslStream::connect_generic(&ctx, stream) {
Ok(_) => (),
- Err(err) => panic!("Expected success, got {:?}", err)
+ Err(err) => panic!("Expected success, got {:?}", err),
}
});
@@ -289,11 +289,11 @@ run_test!(verify_trusted_callback_override_ok, |method, stream| {
match ctx.set_CA_file(&Path::new("test/cert.pem")) {
Ok(_) => {}
- Err(err) => panic!("Unexpected error {:?}", err)
+ Err(err) => panic!("Unexpected error {:?}", err),
}
match SslStream::connect_generic(&ctx, stream) {
Ok(_) => (),
- Err(err) => panic!("Expected success, got {:?}", err)
+ Err(err) => panic!("Expected success, got {:?}", err),
}
});
@@ -307,7 +307,7 @@ run_test!(verify_trusted_callback_override_bad, |method, stream| {
match ctx.set_CA_file(&Path::new("test/cert.pem")) {
Ok(_) => {}
- Err(err) => panic!("Unexpected error {:?}", err)
+ Err(err) => panic!("Unexpected error {:?}", err),
}
assert!(SslStream::connect_generic(&ctx, stream).is_err());
});
@@ -335,7 +335,7 @@ run_test!(verify_trusted_get_error_ok, |method, stream| {
match ctx.set_CA_file(&Path::new("test/cert.pem")) {
Ok(_) => {}
- Err(err) => panic!("Unexpected error {:?}", err)
+ Err(err) => panic!("Unexpected error {:?}", err),
}
assert!(SslStream::connect_generic(&ctx, stream).is_ok());
});
@@ -353,13 +353,12 @@ run_test!(verify_trusted_get_error_err, |method, stream| {
});
run_test!(verify_callback_data, |method, stream| {
- fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext,
- node_id: &Vec<u8>) -> bool {
+ fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext, node_id: &Vec<u8>) -> bool {
let cert = x509_ctx.get_current_cert();
match cert {
None => false,
Some(cert) => {
- let fingerprint = cert.fingerprint(SHA256).unwrap();
+ let fingerprint = cert.fingerprint(SHA1).unwrap();
&fingerprint == node_id
}
}
@@ -370,14 +369,14 @@ run_test!(verify_callback_data, |method, stream| {
// in DER format.
// Command: openssl x509 -in test/cert.pem -outform DER | openssl dgst -sha256
// Please update if "test/cert.pem" will ever change
- let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+ let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
let node_id = node_hash_str.from_hex().unwrap();
ctx.set_verify_with_data(SSL_VERIFY_PEER, callback, node_id);
ctx.set_verify_depth(1);
match SslStream::connect_generic(&ctx, stream) {
Ok(_) => (),
- Err(err) => panic!("Expected success, got {:?}", err)
+ Err(err) => panic!("Expected success, got {:?}", err),
}
});
@@ -390,14 +389,14 @@ run_test!(ssl_verify_callback, |method, stream| {
let ctx = SslContext::new(method).unwrap();
let mut ssl = ctx.into_ssl().unwrap();
- let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+ let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
let node_id = node_hash_str.from_hex().unwrap();
ssl.set_verify_callback(SSL_VERIFY_PEER, move |_, x509| {
CHECKED.store(1, Ordering::SeqCst);
match x509.get_current_cert() {
None => false,
Some(cert) => {
- let fingerprint = cert.fingerprint(SHA256).unwrap();
+ let fingerprint = cert.fingerprint(SHA1).unwrap();
fingerprint == node_id
}
}
@@ -405,7 +404,7 @@ run_test!(ssl_verify_callback, |method, stream| {
match SslStream::connect_generic(ssl, stream) {
Ok(_) => (),
- Err(err) => panic!("Expected success, got {:?}", err)
+ Err(err) => panic!("Expected success, got {:?}", err),
}
assert_eq!(CHECKED.load(Ordering::SeqCst), 1);
@@ -499,11 +498,10 @@ fn test_write_direct() {
}
run_test!(get_peer_certificate, |method, stream| {
- let stream = SslStream::connect_generic(&SslContext::new(method).unwrap(),
- stream).unwrap();
+ let stream = SslStream::connect_generic(&SslContext::new(method).unwrap(), stream).unwrap();
let cert = stream.ssl().peer_certificate().unwrap();
- let fingerprint = cert.fingerprint(SHA256).unwrap();
- let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+ let fingerprint = cert.fingerprint(SHA1).unwrap();
+ let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
let node_id = node_hash_str.from_hex().unwrap();
assert_eq!(node_id, fingerprint)
});
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-11 09:21:08 +0000