Loading openssl-sys/src/ssl.rs +24 −0 Original line number Diff line number Diff line Loading @@ -711,9 +711,13 @@ pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; #[cfg(any(libressl, all(ossl101, not(ossl110))))] pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; #[cfg(ossl111)] pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92; #[cfg(any(libressl, all(ossl102, not(ossl110))))] pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; #[cfg(ossl102)] pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98; #[cfg(ossl102)] pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; #[cfg(ossl110)] pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; Loading Loading @@ -756,6 +760,26 @@ pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_ST SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) } #[cfg(ossl111)] pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { SSL_CTX_ctrl( ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s as *const c_void as *mut c_void, ) } #[cfg(ossl102)] pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { SSL_CTX_ctrl( ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s as *const c_void as *mut c_void, ) } #[cfg(any(libressl, all(ossl102, not(ossl110))))] pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { SSL_CTX_ctrl( Loading openssl/src/ssl/mod.rs +32 −8 Original line number Diff line number Diff line Loading @@ -486,7 +486,6 @@ impl NameType { lazy_static! { static ref INDEXES: Mutex<HashMap<TypeId, c_int>> = Mutex::new(HashMap::new()); static ref SSL_INDEXES: Mutex<HashMap<TypeId, c_int>> = Mutex::new(HashMap::new()); static ref SESSION_CTX_INDEX: Index<Ssl, SslContext> = Ssl::new_ex_index().unwrap(); } Loading Loading @@ -880,13 +879,7 @@ impl SslContextBuilder { /// [`SSL_CTX_add_client_CA`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_client_CA_list.html #[cfg(not(libressl))] pub fn add_client_ca(&mut self, cacert: &X509Ref) -> Result<(), ErrorStack> { unsafe { cvt(ffi::SSL_CTX_add_client_CA( self.as_ptr(), cacert.as_ptr() )) .map(|_| ()) } unsafe { cvt(ffi::SSL_CTX_add_client_CA(self.as_ptr(), cacert.as_ptr())).map(|_| ()) } } /// Set the context identifier for sessions. Loading Loading @@ -1705,6 +1698,37 @@ impl SslContextBuilder { unsafe { ffi::SSL_CTX_sess_set_cache_size(self.as_ptr(), size.into()).into() } } /// Sets the context's supported signature algorithms. /// /// This corresponds to [`SSL_CTX_set1_sigalgs_list`]. /// /// Requires OpenSSL 1.0.2 or newer. /// /// [`SSL_CTX_set1_sigalgs_list`]: https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set1_sigalgs_list.html #[cfg(ossl102)] pub fn set_sigalgs_list(&mut self, sigalgs: &str) -> Result<(), ErrorStack> { let sigalgs = CString::new(sigalgs).unwrap(); unsafe { cvt(ffi::SSL_CTX_set1_sigalgs_list(self.as_ptr(), sigalgs.as_ptr()) as c_int) .map(|_| ()) } } /// Sets the context's supported elliptic curve groups. /// /// This corresponds to [`SSL_CTX_set1_groups_list`]. /// /// Requires OpenSSL 1.1.1 or newer. /// /// [`SSL_CTX_set1_groups_list`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set1_groups_list.html #[cfg(ossl111)] pub fn set_groups_list(&mut self, groups: &str) -> Result<(), ErrorStack> { let groups = CString::new(groups).unwrap(); unsafe { cvt(ffi::SSL_CTX_set1_groups_list(self.as_ptr(), groups.as_ptr()) as c_int).map(|_| ()) } } /// Consumes the builder, returning a new `SslContext`. pub fn build(self) -> SslContext { self.0 Loading Loading
openssl-sys/src/ssl.rs +24 −0 Original line number Diff line number Diff line Loading @@ -711,9 +711,13 @@ pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; #[cfg(any(libressl, all(ossl101, not(ossl110))))] pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; #[cfg(ossl111)] pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92; #[cfg(any(libressl, all(ossl102, not(ossl110))))] pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; #[cfg(ossl102)] pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98; #[cfg(ossl102)] pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; #[cfg(ossl110)] pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; Loading Loading @@ -756,6 +760,26 @@ pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_ST SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) } #[cfg(ossl111)] pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { SSL_CTX_ctrl( ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s as *const c_void as *mut c_void, ) } #[cfg(ossl102)] pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { SSL_CTX_ctrl( ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s as *const c_void as *mut c_void, ) } #[cfg(any(libressl, all(ossl102, not(ossl110))))] pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { SSL_CTX_ctrl( Loading
openssl/src/ssl/mod.rs +32 −8 Original line number Diff line number Diff line Loading @@ -486,7 +486,6 @@ impl NameType { lazy_static! { static ref INDEXES: Mutex<HashMap<TypeId, c_int>> = Mutex::new(HashMap::new()); static ref SSL_INDEXES: Mutex<HashMap<TypeId, c_int>> = Mutex::new(HashMap::new()); static ref SESSION_CTX_INDEX: Index<Ssl, SslContext> = Ssl::new_ex_index().unwrap(); } Loading Loading @@ -880,13 +879,7 @@ impl SslContextBuilder { /// [`SSL_CTX_add_client_CA`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_client_CA_list.html #[cfg(not(libressl))] pub fn add_client_ca(&mut self, cacert: &X509Ref) -> Result<(), ErrorStack> { unsafe { cvt(ffi::SSL_CTX_add_client_CA( self.as_ptr(), cacert.as_ptr() )) .map(|_| ()) } unsafe { cvt(ffi::SSL_CTX_add_client_CA(self.as_ptr(), cacert.as_ptr())).map(|_| ()) } } /// Set the context identifier for sessions. Loading Loading @@ -1705,6 +1698,37 @@ impl SslContextBuilder { unsafe { ffi::SSL_CTX_sess_set_cache_size(self.as_ptr(), size.into()).into() } } /// Sets the context's supported signature algorithms. /// /// This corresponds to [`SSL_CTX_set1_sigalgs_list`]. /// /// Requires OpenSSL 1.0.2 or newer. /// /// [`SSL_CTX_set1_sigalgs_list`]: https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set1_sigalgs_list.html #[cfg(ossl102)] pub fn set_sigalgs_list(&mut self, sigalgs: &str) -> Result<(), ErrorStack> { let sigalgs = CString::new(sigalgs).unwrap(); unsafe { cvt(ffi::SSL_CTX_set1_sigalgs_list(self.as_ptr(), sigalgs.as_ptr()) as c_int) .map(|_| ()) } } /// Sets the context's supported elliptic curve groups. /// /// This corresponds to [`SSL_CTX_set1_groups_list`]. /// /// Requires OpenSSL 1.1.1 or newer. /// /// [`SSL_CTX_set1_groups_list`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set1_groups_list.html #[cfg(ossl111)] pub fn set_groups_list(&mut self, groups: &str) -> Result<(), ErrorStack> { let groups = CString::new(groups).unwrap(); unsafe { cvt(ffi::SSL_CTX_set1_groups_list(self.as_ptr(), groups.as_ptr()) as c_int).map(|_| ()) } } /// Consumes the builder, returning a new `SslContext`. pub fn build(self) -> SslContext { self.0 Loading
