From 1e9cc8426ea3e1c45a11f6f3bb902fa1e3b651db Mon Sep 17 00:00:00 2001
From: Noah <33094578+coolreader18@users.noreply.github.com>
Date: Tue, 24 Mar 2020 14:25:07 -0500
Subject: [PATCH] Add functions for SSL{_CTX}_get_verify_mode and
 SSL_is_init_finished

---
 openssl-sys/src/ssl.rs | 15 +++++++++++++++
 openssl/src/ssl/mod.rs | 26 ++++++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs
index 74604ea8a..48986c051 100644
--- a/openssl-sys/src/ssl.rs
+++ b/openssl-sys/src/ssl.rs
@@ -672,6 +672,21 @@ extern "C" {
 
     pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
     pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
+
+    pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
+    pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
+}
+
+cfg_if! {
+    if #[cfg(ossl111)] {
+        extern "C" {
+            pub fn SSL_is_init_finished(s: *const SSL) -> c_int;
+        }
+    } else if #[cfg(ossl110)] {
+        extern "C" {
+            pub fn SSL_is_init_finished(s: *mut SSL) -> c_int;
+        }
+    }
 }
 
 pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER;
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 95c9ce1f9..e7b1e9623 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -1944,6 +1944,16 @@ impl SslContextRef {
     pub fn session_cache_size(&self) -> i64 {
         unsafe { ffi::SSL_CTX_sess_get_cache_size(self.as_ptr()).into() }
     }
+
+    /// Returns the verify mode that was set on this context from [`SslContextBuilder::set_verify`].
+    ///
+    /// This corresponds to `SSL_CTX_get_verify_mode`.
+    ///
+    /// [`SslContextBuilder::set_verify`]: struct.SslContextBuilder.html#method.set_verify
+    pub fn verify_mode(&self) -> SslVerifyMode {
+        let mode = unsafe { ffi::SSL_CTX_get_verify_mode(self.as_ptr()) };
+        SslVerifyMode::from_bits(mode).expect("SSL_CTX_get_verify_mode returned invalid mode")
+    }
 }
 
 /// Information about the state of a cipher.
@@ -2394,6 +2404,14 @@ impl SslRef {
         unsafe { ffi::SSL_set_verify(self.as_ptr(), mode.bits as c_int, None) }
     }
 
+    /// Returns the verify mode that was set using `set_verify`.
+    ///
+    /// This corresponds to `SSL_get_verify_mode`.
+    pub fn verify_mode(&self) -> SslVerifyMode {
+        let mode = unsafe { ffi::SSL_get_verify_mode(self.as_ptr()) };
+        SslVerifyMode::from_bits(mode).expect("SSL_get_verify_mode returned invalid mode")
+    }
+
     /// Like [`SslContextBuilder::set_verify_callback`].
     ///
     /// This corresponds to [`SSL_set_verify`].
@@ -3172,6 +3190,14 @@ impl SslRef {
         }
     }
 
+    /// Determines if the initial handshake has been completed.
+    ///
+    /// This corresponds to `SSL_is_init_finished`.
+    #[cfg(ossl110)]
+    pub fn init_finished(&self) -> bool {
+        unsafe { ffi::SSL_is_init_finished(self.as_ptr()) != 0 }
+    }
+
     /// Determines if the client's hello message is in the SSLv2 format.
     ///
     /// This can only be used inside of the client hello callback. Otherwise, `false` is returned.
-- 
GitLab