From 43c951f743e68fac5f45119eda7c994882a1d489 Mon Sep 17 00:00:00 2001
From: Alex Crichton <alex@alexcrichton.com>
Date: Fri, 30 Sep 2016 00:43:05 -0700
Subject: Add support for OpenSSL 1.1.0

This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:

* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
  crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
  OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
  * Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
  * Better error messages for mismatched versions.
  * Better error messages for failing to find OpenSSL on a platform (more can be
    done here)
  * Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
    crate.
* Many Cargo features have been removed as they're now enabled by default.

As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!

Closes #452
---
 openssl/src/crypto/pkcs12.rs | 34 ++++++++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

(limited to 'openssl/src/crypto/pkcs12.rs')

diff --git a/openssl/src/crypto/pkcs12.rs b/openssl/src/crypto/pkcs12.rs
index 89bcbd5c..5f03a3d5 100644
--- a/openssl/src/crypto/pkcs12.rs
+++ b/openssl/src/crypto/pkcs12.rs
@@ -44,13 +44,14 @@ impl Pkcs12 {
 
             let pkey = PKey::from_ptr(pkey);
             let cert = X509::from_ptr(cert);
+            let chain = chain as *mut _;
 
             let mut chain_out = vec![];
-            for i in 0..(*chain).stack.num {
-                let x509 = *(*chain).stack.data.offset(i as isize) as *mut _;
-                chain_out.push(X509::from_ptr(x509));
+            for i in 0..compat::OPENSSL_sk_num(chain) {
+                let x509 = compat::OPENSSL_sk_value(chain, i);
+                chain_out.push(X509::from_ptr(x509 as *mut _));
             }
-            ffi::sk_free(&mut (*chain).stack);
+            compat::OPENSSL_sk_free(chain as *mut _);
 
             Ok(ParsedPkcs12 {
                 pkey: pkey,
@@ -69,6 +70,31 @@ pub struct ParsedPkcs12 {
     _p: (),
 }
 
+#[cfg(ossl110)]
+mod compat {
+    pub use ffi::OPENSSL_sk_free;
+    pub use ffi::OPENSSL_sk_num;
+    pub use ffi::OPENSSL_sk_value;
+}
+
+#[cfg(ossl10x)]
+#[allow(bad_style)]
+mod compat {
+    use libc::{c_int, c_void};
+    use ffi;
+
+    pub use ffi::sk_free as OPENSSL_sk_free;
+
+    pub unsafe fn OPENSSL_sk_num(stack: *mut ffi::_STACK) -> c_int {
+        (*stack).num
+    }
+
+    pub unsafe fn OPENSSL_sk_value(stack: *const ffi::_STACK, idx: c_int)
+                                   -> *mut c_void {
+        *(*stack).data.offset(idx as isize) as *mut c_void
+    }
+}
+
 #[cfg(test)]
 mod test {
     use crypto::hash::Type::SHA1;
-- 
cgit v1.2.3