Loading openssl-sys/src/lib.rs +8 −2 Original line number Diff line number Diff line Loading @@ -1051,8 +1051,14 @@ pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 2; pub const SSL_MODE_AUTO_RETRY: c_long = 4; pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; pub const SSL_ERROR_NONE: c_int = 0; pub const SSL_ERROR_SSL: c_int = 1; Loading openssl/src/dh.rs +1 −4 Original line number Diff line number Diff line Loading @@ -27,10 +27,7 @@ impl Dh { pub fn from_params(p: BigNum, g: BigNum, q: BigNum) -> Result<Dh, ErrorStack> { unsafe { let dh = Dh(try!(cvt_p(ffi::DH_new()))); try!(cvt(compat::DH_set0_pqg(dh.0, p.as_ptr(), q.as_ptr(), g.as_ptr()))); try!(cvt(compat::DH_set0_pqg(dh.0, p.as_ptr(), q.as_ptr(), g.as_ptr()))); mem::forget((p, g, q)); Ok(dh) } Loading openssl/src/hash.rs +1 −3 Original line number Diff line number Diff line Loading @@ -135,9 +135,7 @@ impl Hasher { try!(self.init()); } unsafe { try!(cvt(ffi::EVP_DigestUpdate(self.ctx, data.as_ptr() as *mut _, data.len()))); try!(cvt(ffi::EVP_DigestUpdate(self.ctx, data.as_ptr() as *mut _, data.len()))); } self.state = Updated; Ok(()) Loading openssl/src/ssl/connector.rs +26 −20 Original line number Diff line number Diff line Loading @@ -39,6 +39,10 @@ fn ctx(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> { opts |= ssl::SSL_OP_CIPHER_SERVER_PREFERENCE; ctx.set_options(opts); let mode = ssl::SSL_MODE_AUTO_RETRY | ssl::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | ssl::SSL_MODE_ENABLE_PARTIAL_WRITE; ctx.set_mode(mode); Ok(ctx) } Loading @@ -53,9 +57,9 @@ impl SslConnectorBuilder { let mut ctx = try!(ctx(method)); try!(ctx.set_default_verify_paths()); // From https://github.com/python/cpython/blob/c30098c8c6014f3340a369a31df9c74bdbacc269/Lib/ssl.py#L191 try!(ctx.set_cipher_list( "ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:\ DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES")); try!(ctx.set_cipher_list("ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:\ DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:\ RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES")); Ok(SslConnectorBuilder(ctx)) } Loading Loading @@ -123,17 +127,20 @@ impl SslAcceptorBuilder { let dh = try!(Dh::from_pem(DHPARAM_PEM.as_bytes())); try!(ctx.set_tmp_dh(&dh)); try!(setup_curves(&mut ctx)); try!(ctx.set_cipher_list( "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ try!(ctx.set_cipher_list("ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:\ ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:\ ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:\ ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:\ DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:\ EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:\ AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS")); DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:\ ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:\ ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:\ ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:\ ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:\ DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:\ DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:\ ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:\ EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:\ AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:\ DES-CBC3-SHA:!DSS")); SslAcceptorBuilder::finish_setup(ctx, private_key, certificate, chain) } Loading @@ -153,12 +160,11 @@ impl SslAcceptorBuilder { { let mut ctx = try!(ctx(method)); try!(setup_curves(&mut ctx)); try!(ctx.set_cipher_list( "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ try!(ctx.set_cipher_list("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:\ ECDHE-RSA-AES128-SHA256")); ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:\ ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256")); SslAcceptorBuilder::finish_setup(ctx, private_key, certificate, chain) } Loading openssl/src/ssl/mod.rs +30 −19 Original line number Diff line number Diff line Loading @@ -108,12 +108,11 @@ mod tests; use self::bio::BioMethod; pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor}; pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor}; pub use ssl::error::{Error, HandshakeError}; bitflags! { pub flags SslOptions: c_ulong { pub flags SslOption: c_ulong { const SSL_OP_MICROSOFT_SESS_ID_BUG = ffi::SSL_OP_MICROSOFT_SESS_ID_BUG, const SSL_OP_NETSCAPE_CHALLENGE_BUG = ffi::SSL_OP_NETSCAPE_CHALLENGE_BUG, const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = Loading Loading @@ -154,6 +153,19 @@ bitflags! { } } bitflags! { pub flags SslMode: c_long { const SSL_MODE_ENABLE_PARTIAL_WRITE = ffi::SSL_MODE_ENABLE_PARTIAL_WRITE, const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, const SSL_MODE_AUTO_RETRY = ffi::SSL_MODE_AUTO_RETRY, const SSL_MODE_NO_AUTO_CHAIN = ffi::SSL_MODE_NO_AUTO_CHAIN, const SSL_MODE_RELEASE_BUFFERS = ffi::SSL_MODE_RELEASE_BUFFERS, const SSL_MODE_SEND_CLIENTHELLO_TIME = ffi::SSL_MODE_SEND_CLIENTHELLO_TIME, const SSL_MODE_SEND_SERVERHELLO_TIME = ffi::SSL_MODE_SEND_SERVERHELLO_TIME, const SSL_MODE_SEND_FALLBACK_SCSV = ffi::SSL_MODE_SEND_FALLBACK_SCSV, } } #[derive(Copy, Clone)] pub struct SslMethod(*const ffi::SSL_METHOD); Loading Loading @@ -426,16 +438,12 @@ impl Drop for SslContextBuilder { impl SslContextBuilder { pub fn new(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> { unsafe { init(); let mut ctx = unsafe { let ctx = try!(cvt_p(ffi::SSL_CTX_new(method.as_ptr()))); SslContextBuilder::from_ptr(ctx) }; try!(ctx.set_mode(ffi::SSL_MODE_AUTO_RETRY | ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)); Ok(ctx) Ok(SslContextBuilder::from_ptr(ctx)) } } pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder { Loading Loading @@ -498,8 +506,11 @@ impl SslContextBuilder { } } fn set_mode(&mut self, mode: c_long) -> Result<(), ErrorStack> { unsafe { cvt(ffi::SSL_CTX_set_mode(self.as_ptr(), mode) as c_int).map(|_| ()) } pub fn set_mode(&mut self, mode: SslMode) -> SslMode { unsafe { let mode = ffi::SSL_CTX_set_mode(self.as_ptr(), mode.bits()); SslMode::from_bits(mode).unwrap() } } pub fn set_tmp_dh(&mut self, dh: &DhRef) -> Result<(), ErrorStack> { Loading Loading @@ -630,19 +641,19 @@ impl SslContextBuilder { unsafe { cvt(ffi::SSL_CTX_set_ecdh_auto(self.as_ptr(), onoff as c_int)).map(|_| ()) } } pub fn set_options(&mut self, option: SslOptions) -> SslOptions { pub fn set_options(&mut self, option: SslOption) -> SslOption { let ret = unsafe { compat::SSL_CTX_set_options(self.as_ptr(), option.bits()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } pub fn options(&self) -> SslOptions { pub fn options(&self) -> SslOption { let ret = unsafe { compat::SSL_CTX_get_options(self.as_ptr()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } pub fn clear_options(&mut self, option: SslOptions) -> SslOptions { pub fn clear_options(&mut self, option: SslOption) -> SslOption { let ret = unsafe { compat::SSL_CTX_clear_options(self.as_ptr(), option.bits()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } /// Set the protocols to be used during Next Protocol Negotiation (the protocols Loading Loading
openssl-sys/src/lib.rs +8 −2 Original line number Diff line number Diff line Loading @@ -1051,8 +1051,14 @@ pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 2; pub const SSL_MODE_AUTO_RETRY: c_long = 4; pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; pub const SSL_ERROR_NONE: c_int = 0; pub const SSL_ERROR_SSL: c_int = 1; Loading
openssl/src/dh.rs +1 −4 Original line number Diff line number Diff line Loading @@ -27,10 +27,7 @@ impl Dh { pub fn from_params(p: BigNum, g: BigNum, q: BigNum) -> Result<Dh, ErrorStack> { unsafe { let dh = Dh(try!(cvt_p(ffi::DH_new()))); try!(cvt(compat::DH_set0_pqg(dh.0, p.as_ptr(), q.as_ptr(), g.as_ptr()))); try!(cvt(compat::DH_set0_pqg(dh.0, p.as_ptr(), q.as_ptr(), g.as_ptr()))); mem::forget((p, g, q)); Ok(dh) } Loading
openssl/src/hash.rs +1 −3 Original line number Diff line number Diff line Loading @@ -135,9 +135,7 @@ impl Hasher { try!(self.init()); } unsafe { try!(cvt(ffi::EVP_DigestUpdate(self.ctx, data.as_ptr() as *mut _, data.len()))); try!(cvt(ffi::EVP_DigestUpdate(self.ctx, data.as_ptr() as *mut _, data.len()))); } self.state = Updated; Ok(()) Loading
openssl/src/ssl/connector.rs +26 −20 Original line number Diff line number Diff line Loading @@ -39,6 +39,10 @@ fn ctx(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> { opts |= ssl::SSL_OP_CIPHER_SERVER_PREFERENCE; ctx.set_options(opts); let mode = ssl::SSL_MODE_AUTO_RETRY | ssl::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | ssl::SSL_MODE_ENABLE_PARTIAL_WRITE; ctx.set_mode(mode); Ok(ctx) } Loading @@ -53,9 +57,9 @@ impl SslConnectorBuilder { let mut ctx = try!(ctx(method)); try!(ctx.set_default_verify_paths()); // From https://github.com/python/cpython/blob/c30098c8c6014f3340a369a31df9c74bdbacc269/Lib/ssl.py#L191 try!(ctx.set_cipher_list( "ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:\ DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES")); try!(ctx.set_cipher_list("ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:\ DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:\ RSA+AES:RSA+HIGH:!aNULL:!eNULL:!MD5:!3DES")); Ok(SslConnectorBuilder(ctx)) } Loading Loading @@ -123,17 +127,20 @@ impl SslAcceptorBuilder { let dh = try!(Dh::from_pem(DHPARAM_PEM.as_bytes())); try!(ctx.set_tmp_dh(&dh)); try!(setup_curves(&mut ctx)); try!(ctx.set_cipher_list( "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ try!(ctx.set_cipher_list("ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:\ ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:\ ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:\ ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:\ DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:\ EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:\ AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS")); DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:\ ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:\ ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:\ ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:\ ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:\ DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:\ DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:\ ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:\ EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:\ AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:\ DES-CBC3-SHA:!DSS")); SslAcceptorBuilder::finish_setup(ctx, private_key, certificate, chain) } Loading @@ -153,12 +160,11 @@ impl SslAcceptorBuilder { { let mut ctx = try!(ctx(method)); try!(setup_curves(&mut ctx)); try!(ctx.set_cipher_list( "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ try!(ctx.set_cipher_list("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\ ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\ ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:\ ECDHE-RSA-AES128-SHA256")); ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:\ ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256")); SslAcceptorBuilder::finish_setup(ctx, private_key, certificate, chain) } Loading
openssl/src/ssl/mod.rs +30 −19 Original line number Diff line number Diff line Loading @@ -108,12 +108,11 @@ mod tests; use self::bio::BioMethod; pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor}; pub use ssl::connector::{SslConnectorBuilder, SslConnector, SslAcceptorBuilder, SslAcceptor}; pub use ssl::error::{Error, HandshakeError}; bitflags! { pub flags SslOptions: c_ulong { pub flags SslOption: c_ulong { const SSL_OP_MICROSOFT_SESS_ID_BUG = ffi::SSL_OP_MICROSOFT_SESS_ID_BUG, const SSL_OP_NETSCAPE_CHALLENGE_BUG = ffi::SSL_OP_NETSCAPE_CHALLENGE_BUG, const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = Loading Loading @@ -154,6 +153,19 @@ bitflags! { } } bitflags! { pub flags SslMode: c_long { const SSL_MODE_ENABLE_PARTIAL_WRITE = ffi::SSL_MODE_ENABLE_PARTIAL_WRITE, const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, const SSL_MODE_AUTO_RETRY = ffi::SSL_MODE_AUTO_RETRY, const SSL_MODE_NO_AUTO_CHAIN = ffi::SSL_MODE_NO_AUTO_CHAIN, const SSL_MODE_RELEASE_BUFFERS = ffi::SSL_MODE_RELEASE_BUFFERS, const SSL_MODE_SEND_CLIENTHELLO_TIME = ffi::SSL_MODE_SEND_CLIENTHELLO_TIME, const SSL_MODE_SEND_SERVERHELLO_TIME = ffi::SSL_MODE_SEND_SERVERHELLO_TIME, const SSL_MODE_SEND_FALLBACK_SCSV = ffi::SSL_MODE_SEND_FALLBACK_SCSV, } } #[derive(Copy, Clone)] pub struct SslMethod(*const ffi::SSL_METHOD); Loading Loading @@ -426,16 +438,12 @@ impl Drop for SslContextBuilder { impl SslContextBuilder { pub fn new(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> { unsafe { init(); let mut ctx = unsafe { let ctx = try!(cvt_p(ffi::SSL_CTX_new(method.as_ptr()))); SslContextBuilder::from_ptr(ctx) }; try!(ctx.set_mode(ffi::SSL_MODE_AUTO_RETRY | ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)); Ok(ctx) Ok(SslContextBuilder::from_ptr(ctx)) } } pub unsafe fn from_ptr(ctx: *mut ffi::SSL_CTX) -> SslContextBuilder { Loading Loading @@ -498,8 +506,11 @@ impl SslContextBuilder { } } fn set_mode(&mut self, mode: c_long) -> Result<(), ErrorStack> { unsafe { cvt(ffi::SSL_CTX_set_mode(self.as_ptr(), mode) as c_int).map(|_| ()) } pub fn set_mode(&mut self, mode: SslMode) -> SslMode { unsafe { let mode = ffi::SSL_CTX_set_mode(self.as_ptr(), mode.bits()); SslMode::from_bits(mode).unwrap() } } pub fn set_tmp_dh(&mut self, dh: &DhRef) -> Result<(), ErrorStack> { Loading Loading @@ -630,19 +641,19 @@ impl SslContextBuilder { unsafe { cvt(ffi::SSL_CTX_set_ecdh_auto(self.as_ptr(), onoff as c_int)).map(|_| ()) } } pub fn set_options(&mut self, option: SslOptions) -> SslOptions { pub fn set_options(&mut self, option: SslOption) -> SslOption { let ret = unsafe { compat::SSL_CTX_set_options(self.as_ptr(), option.bits()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } pub fn options(&self) -> SslOptions { pub fn options(&self) -> SslOption { let ret = unsafe { compat::SSL_CTX_get_options(self.as_ptr()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } pub fn clear_options(&mut self, option: SslOptions) -> SslOptions { pub fn clear_options(&mut self, option: SslOption) -> SslOption { let ret = unsafe { compat::SSL_CTX_clear_options(self.as_ptr(), option.bits()) }; SslOptions::from_bits(ret).unwrap() SslOption::from_bits(ret).unwrap() } /// Set the protocols to be used during Next Protocol Negotiation (the protocols Loading
