diff --git a/openssl-sys-extras/src/openssl_shim.c b/openssl-sys-extras/src/openssl_shim.c index db2a8786d94f4d78bae9d8ff24d3eb89bbefb515..974312b9118e4fd3ccf1cb4b08a7ded7786766d6 100644 --- a/openssl-sys-extras/src/openssl_shim.c +++ b/openssl-sys-extras/src/openssl_shim.c @@ -138,7 +138,3 @@ DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) { long SSL_set_tlsext_host_name_shim(SSL *s, char *name) { return SSL_set_tlsext_host_name(s, name); } - -STACK_OF(X509_EXTENSION) *X509_get_extensions_shim(X509 *x) { - return x->cert_info ? x->cert_info->extensions : NULL; -} diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index 4669f7e5f35505bdc0994a604fa1481b15452e03..f4f4673cb9abda6db5f39ee3cbb7c5716e7b7ab1 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -28,6 +28,7 @@ pkcs5_pbkdf2_hmac = ["openssl-sys/pkcs5_pbkdf2_hmac"] c_helpers = ["gcc"] x509_clone = ["c_helpers"] +x509_generator_request = ["c_helpers"] ssl_context_clone = ["c_helpers"] [dependencies] diff --git a/openssl/src/c_helpers.c b/openssl/src/c_helpers.c index 5b1b96157fac4cc0cc5451097062b134e5b78eda..f8bc2d0d01693e338da0fac269dae62a3cb5e2fb 100644 --- a/openssl/src/c_helpers.c +++ b/openssl/src/c_helpers.c @@ -7,3 +7,7 @@ void rust_SSL_CTX_clone(SSL_CTX *ctx) { void rust_X509_clone(X509 *x509) { CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); } + +STACK_OF(X509_EXTENSION) *rust_X509_get_extensions(X509 *x) { + return x->cert_info ? x->cert_info->extensions : NULL; +} diff --git a/openssl/src/c_helpers.rs b/openssl/src/c_helpers.rs index 3d93819291aef34364beb19e460be249464c637b..f074d4042245c1f104e05061999e2b8e812f8145 100644 --- a/openssl/src/c_helpers.rs +++ b/openssl/src/c_helpers.rs @@ -4,4 +4,5 @@ use ffi; extern "C" { pub fn rust_SSL_CTX_clone(cxt: *mut ffi::SSL_CTX); pub fn rust_X509_clone(x509: *mut ffi::X509); + pub fn rust_X509_get_extensions(x: *mut ffi::X509) -> *mut ffi::stack_st_X509_EXTENSION; } diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index b7503e0aa73b9b20088052ac5441f4303317618b..3bdbaa67c13b0b951da9e82ede7822efaf168aa4 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -17,7 +17,6 @@ use crypto::hash::Type as HashType; use crypto::pkey::PKey; use crypto::rand::rand_bytes; use ffi; -use ffi_extras; use nid::Nid; use error::ErrorStack; @@ -346,6 +345,9 @@ impl X509Generator { } /// Obtain a certificate signing request (CSR) + /// + /// Requries the `x509_generator_request` feature. + #[cfg(feature = "x509_generator_request")] pub fn request(&self, p_key: &PKey) -> Result { let cert = match self.sign(p_key) { Ok(c) => c, @@ -356,7 +358,7 @@ impl X509Generator { let req = ffi::X509_to_X509_REQ(cert.handle(), ptr::null_mut(), ptr::null()); try_ssl_null!(req); - let exts = ffi_extras::X509_get_extensions(cert.handle()); + let exts = ::c_helpers::rust_X509_get_extensions(cert.handle()); if exts != ptr::null_mut() { try_ssl!(ffi::X509_REQ_add_extensions(req, exts)); } diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs index ab48083682a5508c7c458196fba57e4f1a05b0d5..c09b31cde2d009ea4f6adca657738a44e914638c 100644 --- a/openssl/src/x509/tests.rs +++ b/openssl/src/x509/tests.rs @@ -69,6 +69,7 @@ fn test_cert_gen_extension_bad_ordering() { } #[test] +#[cfg(feature = "x509_generator_request")] fn test_req_gen() { let pkey = pkey(); diff --git a/openssl/test/run.sh b/openssl/test/run.sh index 9f833e6512b7a47582f848fd155c79a90e95f7f6..22a54c4d2320361282fbf7147a50afbadeda1e89 100755 --- a/openssl/test/run.sh +++ b/openssl/test/run.sh @@ -4,7 +4,7 @@ set -e MAIN_TARGETS=https://static.rust-lang.org/dist if [ "$TEST_FEATURES" == "true" ]; then - FEATURES="tlsv1_2 tlsv1_1 dtlsv1 dtlsv1_2 sslv3 aes_xts aes_ctr npn alpn rfc5114 ecdh_auto pkcs5_pbkdf2_hmac x509_clone ssl_context_clone" + FEATURES="tlsv1_2 tlsv1_1 dtlsv1 dtlsv1_2 sslv3 aes_xts aes_ctr npn alpn rfc5114 ecdh_auto pkcs5_pbkdf2_hmac x509_clone ssl_context_clone x509_generator_request" fi if [ "$TRAVIS_OS_NAME" != "osx" ]; then