Merge pull request #873 from sfackler/tweaks (170adae3) · Commits · Public Repositories / Rust Openssl

openssl/src/ssl/callbacks.rs

+50 −25

Original line number	Diff line number	Diff line
		@@ -427,15 +427,21 @@ where
		pub struct CustomExtAddState<T>(Option<T>);

		#[cfg(all(feature = "v111", ossl111))]
		pub extern "C" fn raw_custom_ext_add<F, T>(ssl: *mut ffi::SSL, _: c_uint,
		pub extern "C" fn raw_custom_ext_add<F, T>(
		ssl: *mut ffi::SSL,
		_: c_uint,
		context: c_uint,
		out: mut const c_uchar,
		outlen: mut size_t, x: mut ffi::X509,
		chainidx: size_t, al: *mut c_int,
		_: *mut c_void)
		-> c_int
		where F: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>) -> Result<Option<T>, SslAlert> + 'static,
		T: AsRef<[u8]> + 'static,
		outlen: *mut size_t,
		x: *mut ffi::X509,
		chainidx: size_t,
		al: *mut c_int,
		_: *mut c_void,
		) -> c_int
		where
		F: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>) -> Result<Option<T>, SslAlert>
		+ 'static,
		T: AsRef<[u8]> + 'static + Sync + Send,
		{
		unsafe {
		let ssl_ctx = ffi::SSL_get_SSL_CTX(ssl as *const _);
		@@ -443,7 +449,11 @@ pub extern "C" fn raw_custom_ext_add<F, T>(ssl: *mut ffi::SSL, _: c_uint,
		let callback = &(callback as mut F);
		let ssl = SslRef::from_ptr_mut(ssl);
		let ectx = ExtensionContext::from_bits_truncate(context);
		let cert = if ectx.contains(ExtensionContext::TLS1_3_CERTIFICATE) { Some((chainidx, X509Ref::from_ptr(x))) } else { None };
		let cert = if ectx.contains(ExtensionContext::TLS1_3_CERTIFICATE) {
		Some((chainidx, X509Ref::from_ptr(x)))
		} else {
		None
		};
		match (callback)(ssl, ectx, cert) {
		Ok(None) => 0,
		Ok(Some(buf)) => {
		@@ -453,7 +463,9 @@ pub extern "C" fn raw_custom_ext_add<F, T>(ssl: *mut ffi::SSL, _: c_uint,
		let idx = get_ssl_callback_idx::<CustomExtAddState<T>>();
		let ptr = ffi::SSL_get_ex_data(ssl.as_ptr(), idx);
		if ptr.is_null() {
		let x = Box::into_raw(Box::<CustomExtAddState<T>>::new(CustomExtAddState(Some(buf)))) as *mut c_void;
		let x = Box::into_raw(Box::<CustomExtAddState<T>>::new(CustomExtAddState(
		Some(buf),
		))) as *mut c_void;
		ffi::SSL_set_ex_data(ssl.as_ptr(), idx, x);
		} else {
		(ptr as mut _) = CustomExtAddState(Some(buf))
		@@ -469,11 +481,14 @@ pub extern "C" fn raw_custom_ext_add<F, T>(ssl: *mut ffi::SSL, _: c_uint,
		}

		#[cfg(all(feature = "v111", ossl111))]
		pub extern "C" fn raw_custom_ext_free<T>(ssl: *mut ffi::SSL, _: c_uint,
		pub extern "C" fn raw_custom_ext_free<T>(
		ssl: *mut ffi::SSL,
		_: c_uint,
		_: c_uint,
		_: mut const c_uchar,
		_: *mut c_void)
		where T: 'static
		_: *mut c_void,
		) where
		T: 'static + Sync + Send,
		{
		unsafe {
		let state = ffi::SSL_get_ex_data(ssl, get_ssl_callback_idx::<CustomExtAddState<T>>());
		@@ -483,14 +498,20 @@ pub extern "C" fn raw_custom_ext_free<T>(ssl: *mut ffi::SSL, _: c_uint,
		}

		#[cfg(all(feature = "v111", ossl111))]
		pub extern "C" fn raw_custom_ext_parse<F>(ssl: *mut ffi::SSL, _: c_uint,
		pub extern "C" fn raw_custom_ext_parse<F>(
		ssl: *mut ffi::SSL,
		_: c_uint,
		context: c_uint,
		input: *const c_uchar,
		inlen: size_t, x: *mut ffi::X509,
		chainidx: size_t, al: *mut c_int,
		_: *mut c_void)
		-> c_int
		where F: FnMut(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>) -> Result<(), SslAlert> + 'static
		inlen: size_t,
		x: *mut ffi::X509,
		chainidx: size_t,
		al: *mut c_int,
		_: *mut c_void,
		) -> c_int
		where
		F: FnMut(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>) -> Result<(), SslAlert>
		+ 'static,
		{
		unsafe {
		let ssl_ctx = ffi::SSL_get_SSL_CTX(ssl as *const _);
		@@ -499,7 +520,11 @@ pub extern "C" fn raw_custom_ext_parse<F>(ssl: *mut ffi::SSL, _: c_uint,
		let callback = &mut (callback as mut F);
		let ectx = ExtensionContext::from_bits_truncate(context);
		let slice = slice::from_raw_parts(input as *const u8, inlen as usize);
		let cert = if ectx.contains(ExtensionContext::TLS1_3_CERTIFICATE) { Some((chainidx, X509Ref::from_ptr(x))) } else { None };
		let cert = if ectx.contains(ExtensionContext::TLS1_3_CERTIFICATE) {
		Some((chainidx, X509Ref::from_ptr(x)))
		} else {
		None
		};
		match callback(ssl, ectx, slice, cert) {
		Ok(()) => 1,
		Err(alert) => {

openssl/src/ssl/mod.rs

+26 −13

Original line number	Diff line number	Diff line
		@@ -1513,20 +1513,29 @@ impl SslContextBuilder {
		/// [`SSL_CTX_add_custom_ext`]: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_add_custom_ext.html
		#[cfg(all(feature = "v111", ossl111))]
		pub fn add_custom_ext<AddFn, ParseFn, T>(
		&mut self, ext_type: u16, context: ExtensionContext, add_cb: AddFn, parse_cb: ParseFn
		&mut self,
		ext_type: u16,
		context: ExtensionContext,
		add_cb: AddFn,
		parse_cb: ParseFn,
		) -> Result<(), ErrorStack>
		where AddFn: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>)
		-> Result<Option<T>, SslAlert> + 'static + Sync + Send,
		T: AsRef<[u8]> + 'static,
		ParseFn: Fn(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>)
		-> Result<(), SslAlert> + 'static + Sync + Send,
		where
		AddFn: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>) -> Result<Option<T>, SslAlert>
		+ 'static
		+ Sync
		+ Send,
		T: AsRef<[u8]> + 'static + Sync + Send,
		ParseFn: Fn(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>) -> Result<(), SslAlert>
		+ 'static
		+ Sync
		+ Send,
		{
		let ret = unsafe {
		let add_cb = Box::new(add_cb);
		ffi::SSL_CTX_set_ex_data(
		self.as_ptr(),
		get_callback_idx::<AddFn>(),
		Box::into_raw(add_cb) as *mut _
		Box::into_raw(add_cb) as *mut _,
		);

		let parse_cb = Box::new(parse_cb);
		@@ -1536,12 +1545,16 @@ impl SslContextBuilder {
		Box::into_raw(parse_cb) as *mut _,
		);

		ffi::SSL_CTX_add_custom_ext(self.as_ptr(), ext_type as c_uint, context.bits(),
		ffi::SSL_CTX_add_custom_ext(
		self.as_ptr(),
		ext_type as c_uint,
		context.bits(),
		Some(raw_custom_ext_add::<AddFn, T>),
		Some(raw_custom_ext_free::<T>),
		ptr::null_mut(),
		Some(raw_custom_ext_parse::<ParseFn>),
		ptr::null_mut())
		ptr::null_mut(),
		)
		};
		if ret == 1 {
		Ok(())