From 0745d6692734f8ecb255440f5672deec614dccfd Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 2 Jun 2018 13:51:56 -0700 Subject: Update to 1.1.1-pre7 The initial session ticket is now sent as part of SSL_accept, so some tests need to write a single byte through the stream to make sure that both ends have fully completed to avoid test flakes. TLSv1.3 cipher suite control has been extracted from the normal cipher list into a separate method: SslContextBuilder::set_ciphersuites. --- openssl-sys/src/openssl/v111.rs | 115 +++++++++++++++++++++++++--------------- 1 file changed, 72 insertions(+), 43 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/openssl/v111.rs b/openssl-sys/src/openssl/v111.rs index 36682663..1bb56d5a 100644 --- a/openssl-sys/src/openssl/v111.rs +++ b/openssl-sys/src/openssl/v111.rs @@ -1,29 +1,45 @@ -use libc::{c_char, c_uchar, c_int, c_uint, c_ulong, size_t, c_void}; +use libc::{c_char, c_int, c_uchar, c_uint, c_ulong, c_void, size_t}; pub type SSL_CTX_keylog_cb_func = Option; -pub type SSL_custom_ext_add_cb_ex = - Option c_int>; +pub type SSL_custom_ext_add_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut ::SSL, + ext_type: c_uint, + context: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + x: *mut ::X509, + chainidx: size_t, + al: *mut c_int, + add_arg: *mut c_void, + ) -> c_int, +>; -pub type SSL_custom_ext_free_cb_ex = - Option; +pub type SSL_custom_ext_free_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut ::SSL, + ext_type: c_uint, + context: c_uint, + out: *mut *const c_uchar, + add_arg: *mut c_void, + ), +>; -pub type SSL_custom_ext_parse_cb_ex = - Option c_int>; +pub type SSL_custom_ext_parse_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut ::SSL, + ext_type: c_uint, + context: c_uint, + input: *const c_uchar, + inlen: size_t, + x: *mut ::X509, + chainidx: size_t, + al: *mut c_int, + parse_arg: *mut c_void, + ) -> c_int, +>; pub const SSL_COOKIE_LENGTH: c_int = 4096; @@ -61,38 +77,38 @@ pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2; extern "C" { pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func); - pub fn SSL_CTX_add_custom_ext(ctx: *mut ::SSL_CTX, ext_type: c_uint, context: c_uint, - add_cb: SSL_custom_ext_add_cb_ex, - free_cb: SSL_custom_ext_free_cb_ex, - add_arg: *mut c_void, - parse_cb: SSL_custom_ext_parse_cb_ex, - parse_arg: *mut c_void) -> c_int; - pub fn SSL_stateless(s: *mut ::SSL) -> c_int; + pub fn SSL_CTX_add_custom_ext( + ctx: *mut ::SSL_CTX, + ext_type: c_uint, + context: c_uint, + add_cb: SSL_custom_ext_add_cb_ex, + free_cb: SSL_custom_ext_free_cb_ex, + add_arg: *mut c_void, + parse_cb: SSL_custom_ext_parse_cb_ex, + parse_arg: *mut c_void, + ) -> c_int; pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD; pub fn SSL_CTX_set_stateless_cookie_generate_cb( s: *mut ::SSL_CTX, - cb: Option c_int> + cb: Option< + unsafe extern "C" fn(ssl: *mut ::SSL, cookie: *mut c_uchar, cookie_len: *mut size_t) + -> c_int, + >, ); pub fn SSL_CTX_set_stateless_cookie_verify_cb( s: *mut ::SSL_CTX, - cb: Option c_int> + cb: Option< + unsafe extern "C" fn(ssl: *mut ::SSL, cookie: *const c_uchar, cookie_len: size_t) + -> c_int, + >, ); - pub fn SSL_CTX_set_max_early_data(ctx: *mut ::SSL_CTX, max_early_data: u32) -> c_int; pub fn SSL_CTX_get_max_early_data(ctx: *const ::SSL_CTX) -> u32; + pub fn SSL_CTX_set_ciphersuites(ctx: *mut ::SSL_CTX, str: *const c_char) -> c_int; + pub fn SSL_set_max_early_data(ctx: *mut ::SSL, max_early_data: u32) -> c_int; pub fn SSL_get_max_early_data(ctx: *const ::SSL) -> u32; - pub fn SSL_SESSION_set_max_early_data(ctx: *mut ::SSL_SESSION, max_early_data: u32) -> c_int; - pub fn SSL_SESSION_get_max_early_data(ctx: *const ::SSL_SESSION) -> u32; - + pub fn SSL_stateless(s: *mut ::SSL) -> c_int; pub fn SSL_export_keying_material_early( s: *mut ::SSL, out: *mut c_uchar, @@ -102,7 +118,20 @@ extern "C" { context: *const c_uchar, contextlen: size_t, ) -> c_int; + pub fn SSL_write_early_data( + s: *mut ::SSL, + buf: *const c_void, + num: size_t, + written: *mut size_t, + ) -> c_int; + pub fn SSL_read_early_data( + s: *mut ::SSL, + buf: *mut c_void, + num: size_t, + readbytes: *mut size_t, + ) -> c_int; + pub fn SSL_set_ciphersuites(ssl: *mut ::SSL, str: *const c_char) -> c_int; - pub fn SSL_write_early_data(s: *mut ::SSL, buf: *const c_void, num: size_t, written: *mut size_t) -> c_int; - pub fn SSL_read_early_data(s: *mut ::SSL, buf: *mut c_void, num: size_t, readbytes: *mut size_t) -> c_int; + pub fn SSL_SESSION_set_max_early_data(ctx: *mut ::SSL_SESSION, max_early_data: u32) -> c_int; + pub fn SSL_SESSION_get_max_early_data(ctx: *const ::SSL_SESSION) -> u32; } -- cgit v1.2.3