From 1a909c8e5ef265473d965bbf5293b252bef25fbf Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 May 2018 08:50:00 -0700 Subject: [PATCH] Some sys cleanup --- openssl-sys/src/lib.rs | 118 +----------------- openssl-sys/src/openssl/mod.rs | 83 ++++++++++++ .../src/{ossl10x.rs => openssl/v10x.rs} | 0 .../src/{ossl110.rs => openssl/v110.rs} | 2 + .../src/{ossl111.rs => openssl/v111.rs} | 1 + 5 files changed, 90 insertions(+), 114 deletions(-) create mode 100644 openssl-sys/src/openssl/mod.rs rename openssl-sys/src/{ossl10x.rs => openssl/v10x.rs} (100%) rename openssl-sys/src/{ossl110.rs => openssl/v110.rs} (99%) rename openssl-sys/src/{ossl111.rs => openssl/v111.rs} (98%) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 9b49e21bb..61e087d08 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -8,20 +8,10 @@ use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void, size_t, FILE use std::mem; use std::ptr; -#[cfg(any(ossl101, ossl102))] -mod ossl10x; -#[cfg(any(ossl101, ossl102))] -pub use ossl10x::*; - -#[cfg(ossl110)] -mod ossl110; -#[cfg(ossl110)] -pub use ossl110::*; - -#[cfg(ossl111)] -mod ossl111; -#[cfg(ossl111)] -pub use ossl111::*; +#[cfg(not(libressl))] +mod openssl; +#[cfg(not(libressl))] +pub use openssl::*; #[cfg(libressl)] mod libressl; @@ -1249,20 +1239,12 @@ pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65; pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70; pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; -#[cfg(not(any(ossl101, libressl)))] -pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; -#[cfg(not(libressl))] -pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; -#[cfg(not(libressl))] -pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; -#[cfg(not(libressl))] -pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; pub const SSL_ERROR_NONE: c_int = 0; pub const SSL_ERROR_SSL: c_int = 1; @@ -1287,8 +1269,6 @@ pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000; #[cfg(any(libressl261, libressl262, libressl26x, libressl27x))] pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0; pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004; -#[cfg(not(libressl))] -pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: c_ulong = 0x00000040; #[cfg(not(any(libressl, ossl110f, ossl111)))] pub const SSL_OP_ALL: c_ulong = 0x80000BFF; #[cfg(any(ossl110f, ossl111))] @@ -1298,27 +1278,13 @@ pub const SSL_OP_ALL: c_ulong = SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT pub const SSL_OP_NO_QUERY_MTU: c_ulong = 0x00001000; pub const SSL_OP_COOKIE_EXCHANGE: c_ulong = 0x00002000; pub const SSL_OP_NO_TICKET: c_ulong = 0x00004000; -#[cfg(not(libressl))] -pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x00008000; pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: c_ulong = 0x00010000; -#[cfg(not(libressl))] -pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x00020000; -#[cfg(not(libressl))] -pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x00040000; pub const SSL_OP_CIPHER_SERVER_PREFERENCE: c_ulong = 0x00400000; pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0x00800000; -#[cfg(not(libressl))] -pub const SSL_OP_NO_SSLv3: c_ulong = 0x02000000; pub const SSL_OP_NO_TLSv1: c_ulong = 0x04000000; pub const SSL_OP_NO_TLSv1_1: c_ulong = 0x10000000; pub const SSL_OP_NO_TLSv1_2: c_ulong = 0x08000000; -#[cfg(ossl111)] -pub const SSL_OP_NO_TLSv1_3: c_ulong = 0x20000000; -#[cfg(not(any(ossl101, libressl)))] -pub const SSL_OP_NO_DTLSv1: c_ulong = 0x04000000; -#[cfg(not(any(ossl101, libressl)))] -pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000; #[cfg(not(any(ossl101, libressl, ossl111)))] pub const SSL_OP_NO_SSL_MASK: c_ulong = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; @@ -1366,8 +1332,6 @@ pub const X509_FILETYPE_DEFAULT: c_int = 3; pub const X509_FILETYPE_PEM: c_int = 1; pub const X509_V_OK: c_int = 0; -#[cfg(not(libressl))] -pub const X509_V_ERR_UNSPECIFIED: c_int = 1; pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2; pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3; pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4; @@ -1465,51 +1429,6 @@ pub const GEN_RID: c_int = 8; pub const DTLS1_COOKIE_LENGTH: c_uint = 256; -#[cfg(not(libressl))] -pub const CMS_TEXT: c_uint = 0x1; -#[cfg(not(libressl))] -pub const CMS_NOCERTS: c_uint = 0x2; -#[cfg(not(libressl))] -pub const CMS_NO_CONTENT_VERIFY: c_uint = 0x4; -#[cfg(not(libressl))] -pub const CMS_NO_ATTR_VERIFY: c_uint = 0x8; -#[cfg(not(libressl))] -pub const CMS_NOSIGS: c_uint = 0x4 | 0x8; -#[cfg(not(libressl))] -pub const CMS_NOINTERN: c_uint = 0x10; -#[cfg(not(libressl))] -pub const CMS_NO_SIGNER_CERT_VERIFY: c_uint = 0x20; -#[cfg(not(libressl))] -pub const CMS_NOVERIFY: c_uint = 0x20; -#[cfg(not(libressl))] -pub const CMS_DETACHED: c_uint = 0x40; -#[cfg(not(libressl))] -pub const CMS_BINARY: c_uint = 0x80; -#[cfg(not(libressl))] -pub const CMS_NOATTR: c_uint = 0x100; -#[cfg(not(libressl))] -pub const CMS_NOSMIMECAP: c_uint = 0x200; -#[cfg(not(libressl))] -pub const CMS_NOOLDMIMETYPE: c_uint = 0x400; -#[cfg(not(libressl))] -pub const CMS_CRLFEOL: c_uint = 0x800; -#[cfg(not(libressl))] -pub const CMS_STREAM: c_uint = 0x1000; -#[cfg(not(libressl))] -pub const CMS_NOCRL: c_uint = 0x2000; -#[cfg(not(libressl))] -pub const CMS_PARTIAL: c_uint = 0x4000; -#[cfg(not(libressl))] -pub const CMS_REUSE_DIGEST: c_uint = 0x8000; -#[cfg(not(libressl))] -pub const CMS_USE_KEYID: c_uint = 0x10000; -#[cfg(not(libressl))] -pub const CMS_DEBUG_DECRYPT: c_uint = 0x20000; -#[cfg(all(not(libressl), not(ossl101)))] -pub const CMS_KEY_PARAM: c_uint = 0x40000; -#[cfg(all(not(libressl), not(ossl101), not(ossl102)))] -pub const CMS_ASCIICRLF: c_uint = 0x80000; - // macros pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long { BIO_ctrl(b, BIO_CTRL_INFO, 0, pp as *mut c_void) @@ -2888,35 +2807,6 @@ extern "C" { pub fn HMAC_Update(ctx: *mut HMAC_CTX, data: *const c_uchar, len: size_t) -> c_int; pub fn HMAC_Final(ctx: *mut HMAC_CTX, md: *mut c_uchar, len: *mut c_uint) -> c_int; - #[cfg(not(libressl))] - pub fn CMS_decrypt( - cms: *mut CMS_ContentInfo, - pkey: *mut EVP_PKEY, - cert: *mut X509, - dcont: *mut BIO, - out: *mut BIO, - flags: c_uint, - ) -> c_int; - #[cfg(not(libressl))] - pub fn SMIME_read_CMS(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut CMS_ContentInfo; - #[cfg(not(libressl))] - pub fn CMS_ContentInfo_free(cms: *mut CMS_ContentInfo); - #[cfg(not(libressl))] - pub fn CMS_sign( - signcert: *mut X509, - pkey: *mut EVP_PKEY, - certs: *mut stack_st_X509, - data: *mut BIO, - flags: c_uint, - ) -> *mut CMS_ContentInfo; - #[cfg(not(libressl))] - pub fn i2d_CMS_ContentInfo(a: *mut CMS_ContentInfo, pp: *mut *mut c_uchar) -> c_int; - - #[cfg(not(libressl))] - pub fn FIPS_mode_set(onoff: c_int) -> c_int; - #[cfg(not(libressl))] - pub fn FIPS_mode() -> c_int; - // FIXME change to unsafe extern "C" fn pub fn SSL_CTX_set_cookie_generate_cb( s: *mut SSL_CTX, diff --git a/openssl-sys/src/openssl/mod.rs b/openssl-sys/src/openssl/mod.rs new file mode 100644 index 000000000..a1e4a345e --- /dev/null +++ b/openssl-sys/src/openssl/mod.rs @@ -0,0 +1,83 @@ +use libc::{c_int, c_long, c_uchar, c_uint, c_ulong}; + +#[cfg(any(ossl101, ossl102))] +mod v10x; +#[cfg(any(ossl101, ossl102))] +pub use openssl::v10x::*; + +#[cfg(ossl110)] +mod v110; +#[cfg(ossl110)] +pub use openssl::v110::*; + +#[cfg(ossl111)] +mod v111; +#[cfg(ossl111)] +pub use openssl::v111::*; + +#[cfg(not(ossl101))] +pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; + +pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; +pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; +pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; + +pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: c_ulong = 0x00000040; + +pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x00008000; +pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x00020000; +pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x00040000; +pub const SSL_OP_NO_SSLv3: c_ulong = 0x02000000; +#[cfg(not(ossl101))] +pub const SSL_OP_NO_DTLSv1: c_ulong = 0x04000000; +#[cfg(not(ossl101))] +pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000; + +pub const X509_V_ERR_UNSPECIFIED: c_int = 1; + +pub const CMS_TEXT: c_uint = 0x1; +pub const CMS_NOCERTS: c_uint = 0x2; +pub const CMS_NO_CONTENT_VERIFY: c_uint = 0x4; +pub const CMS_NO_ATTR_VERIFY: c_uint = 0x8; +pub const CMS_NOSIGS: c_uint = 0x4 | 0x8; +pub const CMS_NOINTERN: c_uint = 0x10; +pub const CMS_NO_SIGNER_CERT_VERIFY: c_uint = 0x20; +pub const CMS_NOVERIFY: c_uint = 0x20; +pub const CMS_DETACHED: c_uint = 0x40; +pub const CMS_BINARY: c_uint = 0x80; +pub const CMS_NOATTR: c_uint = 0x100; +pub const CMS_NOSMIMECAP: c_uint = 0x200; +pub const CMS_NOOLDMIMETYPE: c_uint = 0x400; +pub const CMS_CRLFEOL: c_uint = 0x800; +pub const CMS_STREAM: c_uint = 0x1000; +pub const CMS_NOCRL: c_uint = 0x2000; +pub const CMS_PARTIAL: c_uint = 0x4000; +pub const CMS_REUSE_DIGEST: c_uint = 0x8000; +pub const CMS_USE_KEYID: c_uint = 0x10000; +pub const CMS_DEBUG_DECRYPT: c_uint = 0x20000; +#[cfg(not(ossl101))] +pub const CMS_KEY_PARAM: c_uint = 0x40000; + +extern "C" { + pub fn CMS_decrypt( + cms: *mut ::CMS_ContentInfo, + pkey: *mut ::EVP_PKEY, + cert: *mut ::X509, + dcont: *mut ::BIO, + out: *mut ::BIO, + flags: c_uint, + ) -> c_int; + pub fn SMIME_read_CMS(bio: *mut ::BIO, bcont: *mut *mut ::BIO) -> *mut ::CMS_ContentInfo; + pub fn CMS_ContentInfo_free(cms: *mut ::CMS_ContentInfo); + pub fn CMS_sign( + signcert: *mut ::X509, + pkey: *mut ::EVP_PKEY, + certs: *mut ::stack_st_X509, + data: *mut ::BIO, + flags: c_uint, + ) -> *mut ::CMS_ContentInfo; + pub fn i2d_CMS_ContentInfo(a: *mut ::CMS_ContentInfo, pp: *mut *mut c_uchar) -> c_int; + + pub fn FIPS_mode_set(onoff: c_int) -> c_int; + pub fn FIPS_mode() -> c_int; +} diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/openssl/v10x.rs similarity index 100% rename from openssl-sys/src/ossl10x.rs rename to openssl-sys/src/openssl/v10x.rs diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/openssl/v110.rs similarity index 99% rename from openssl-sys/src/ossl110.rs rename to openssl-sys/src/openssl/v110.rs index d1d7a34ba..4f1aa1c17 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/openssl/v110.rs @@ -34,6 +34,8 @@ pub enum X509_ALGOR {} pub enum X509_VERIFY_PARAM {} pub enum X509_REQ {} +pub const CMS_ASCIICRLF: c_uint = 0x80000; + pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124; #[cfg(ossl110g)] diff --git a/openssl-sys/src/ossl111.rs b/openssl-sys/src/openssl/v111.rs similarity index 98% rename from openssl-sys/src/ossl111.rs rename to openssl-sys/src/openssl/v111.rs index 6d6f8d4f3..8574efc85 100644 --- a/openssl-sys/src/ossl111.rs +++ b/openssl-sys/src/openssl/v111.rs @@ -28,6 +28,7 @@ pub type SSL_custom_ext_parse_cb_ex = pub const SSL_COOKIE_LENGTH: c_int = 4096; pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000; +pub const SSL_OP_NO_TLSv1_3: c_ulong = 0x20000000; pub const TLS1_3_VERSION: c_int = 0x304; -- GitLab