From 1a288da86ce1ca94b5a0b3eac8750e5ffd03e8e7 Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Fri, 28 Oct 2016 22:14:44 -0700
Subject: Make verification unconditionally exposed internally

---
 openssl/src/lib.rs         |  2 ++
 openssl/src/verify.rs      | 51 ++++++++++++++++++++++++++++++++++++++++++++++
 openssl/src/x509/mod.rs    |  8 ++++----
 openssl/src/x509/verify.rs | 51 ----------------------------------------------
 4 files changed, 57 insertions(+), 55 deletions(-)
 create mode 100644 openssl/src/verify.rs
 delete mode 100644 openssl/src/x509/verify.rs

(limited to 'openssl/src')

diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs
index b191ec5b..acdc2ea8 100644
--- a/openssl/src/lib.rs
+++ b/openssl/src/lib.rs
@@ -42,6 +42,8 @@ pub mod ssl;
 pub mod symm;
 pub mod version;
 pub mod x509;
+#[cfg(any(ossl102, ossl110))]
+mod verify;
 
 pub fn cvt_p<T>(r: *mut T) -> Result<*mut T, ErrorStack> {
     if r.is_null() {
diff --git a/openssl/src/verify.rs b/openssl/src/verify.rs
new file mode 100644
index 00000000..77095edc
--- /dev/null
+++ b/openssl/src/verify.rs
@@ -0,0 +1,51 @@
+//! X509 certificate verification
+//!
+//! Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0.
+
+use libc::c_uint;
+use ffi;
+
+use cvt;
+use error::ErrorStack;
+use opaque::Opaque;
+
+bitflags! {
+    pub flags X509CheckFlags: c_uint {
+        const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT,
+        const X509_CHECK_FLAG_NO_WILDCARDS = ffi::X509_CHECK_FLAG_NO_WILDCARDS,
+        const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = ffi::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS,
+        const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = ffi::X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS,
+        const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS
+            = ffi::X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS,
+        /// Requires the `v110` feature and OpenSSL 1.1.0.
+        #[cfg(all(feature = "v110", ossl110))]
+        const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_NEVER_CHECK_SUBJECT,
+    }
+}
+
+pub struct X509VerifyParamRef(Opaque);
+
+impl X509VerifyParamRef {
+    pub unsafe fn from_ptr_mut<'a>(ptr: *mut ffi::X509_VERIFY_PARAM) -> &'a mut X509VerifyParamRef {
+        &mut *(ptr as *mut _)
+    }
+
+    pub fn as_ptr(&self) -> *mut ffi::X509_VERIFY_PARAM {
+        self as *const _ as *mut _
+    }
+
+    pub fn set_hostflags(&mut self, hostflags: X509CheckFlags) {
+        unsafe {
+            ffi::X509_VERIFY_PARAM_set_hostflags(self.as_ptr(), hostflags.bits);
+        }
+    }
+
+    pub fn set_host(&mut self, host: &str) -> Result<(), ErrorStack> {
+        unsafe {
+            cvt(ffi::X509_VERIFY_PARAM_set1_host(self.as_ptr(),
+                                                 host.as_ptr() as *const _,
+                                                 host.len()))
+                .map(|_| ())
+        }
+    }
+}
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index b92462d4..cc6b73bb 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -37,12 +37,12 @@ use ffi::{
     ASN1_STRING_get0_data as ASN1_STRING_data,
 };
 
-pub mod extension;
-
 #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
-pub mod verify;
+pub use verify;
 
-use self::extension::{ExtensionType, Extension};
+use x509::extension::{ExtensionType, Extension};
+
+pub mod extension;
 
 #[cfg(test)]
 mod tests;
diff --git a/openssl/src/x509/verify.rs b/openssl/src/x509/verify.rs
deleted file mode 100644
index 77095edc..00000000
--- a/openssl/src/x509/verify.rs
+++ /dev/null
@@ -1,51 +0,0 @@
-//! X509 certificate verification
-//!
-//! Requires the `v102` or `v110` features and OpenSSL 1.0.2 or 1.1.0.
-
-use libc::c_uint;
-use ffi;
-
-use cvt;
-use error::ErrorStack;
-use opaque::Opaque;
-
-bitflags! {
-    pub flags X509CheckFlags: c_uint {
-        const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT,
-        const X509_CHECK_FLAG_NO_WILDCARDS = ffi::X509_CHECK_FLAG_NO_WILDCARDS,
-        const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = ffi::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS,
-        const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = ffi::X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS,
-        const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS
-            = ffi::X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS,
-        /// Requires the `v110` feature and OpenSSL 1.1.0.
-        #[cfg(all(feature = "v110", ossl110))]
-        const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_NEVER_CHECK_SUBJECT,
-    }
-}
-
-pub struct X509VerifyParamRef(Opaque);
-
-impl X509VerifyParamRef {
-    pub unsafe fn from_ptr_mut<'a>(ptr: *mut ffi::X509_VERIFY_PARAM) -> &'a mut X509VerifyParamRef {
-        &mut *(ptr as *mut _)
-    }
-
-    pub fn as_ptr(&self) -> *mut ffi::X509_VERIFY_PARAM {
-        self as *const _ as *mut _
-    }
-
-    pub fn set_hostflags(&mut self, hostflags: X509CheckFlags) {
-        unsafe {
-            ffi::X509_VERIFY_PARAM_set_hostflags(self.as_ptr(), hostflags.bits);
-        }
-    }
-
-    pub fn set_host(&mut self, host: &str) -> Result<(), ErrorStack> {
-        unsafe {
-            cvt(ffi::X509_VERIFY_PARAM_set1_host(self.as_ptr(),
-                                                 host.as_ptr() as *const _,
-                                                 host.len()))
-                .map(|_| ())
-        }
-    }
-}
-- 
cgit v1.2.3