diff --git a/.travis.yml b/.travis.yml index e1061645d17033a9beafe710444d1b231aab3ee8..e19b2d0a4542a849c8b10a4fff4b2a37e3fd9bcc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -72,6 +72,8 @@ matrix: # LibreSSL - env: BUILD_LIBRESSL_VERSION=2.5.0 + - env: BUILD_LIBRESSL_VERSION=2.5.4 + before_install: - ./openssl/test/build.sh - rustup target add $TARGET || true diff --git a/openssl-sys/build.rs b/openssl-sys/build.rs index 5448d48e4701497637588965cedaaba86b63d450..b373ba46729e38c562d1da142dd90078258e0d25 100644 --- a/openssl-sys/build.rs +++ b/openssl-sys/build.rs @@ -240,9 +240,21 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version { #include #include -#ifdef LIBRESSL_VERSION_NUMBER -RUST_LIBRESSL -#elif OPENSSL_VERSION_NUMBER >= 0x10200000 +#if LIBRESSL_VERSION_NUMBER >= 0x20505000 +RUST_LIBRESSL_NEW +#elif LIBRESSL_VERSION_NUMBER >= 0x20504000 +RUST_LIBRESSL_254 +#elif LIBRESSL_VERSION_NUMBER >= 0x20503000 +RUST_LIBRESSL_253 +#elif LIBRESSL_VERSION_NUMBER >= 0x20502000 +RUST_LIBRESSL_252 +#elif LIBRESSL_VERSION_NUMBER >= 0x20501000 +RUST_LIBRESSL_251 +#elif LIBRESSL_VERSION_NUMBER >= 0x20500000 +RUST_LIBRESSL_250 +#elif defined (LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20500000 +RUST_LIBRESSL_OLD +#elif OPENSSL_VERSION_NUMBER >= 0x10101000 RUST_OPENSSL_NEW #elif OPENSSL_VERSION_NUMBER >= 0x10100000 RUST_OPENSSL_110 @@ -305,8 +317,33 @@ See rust-openssl README for more information: } println!("cargo:conf={}", enabled.join(",")); - if expanded.contains("RUST_LIBRESSL") { + if expanded.contains("RUST_LIBRESSL_250") { println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl250"); + println!("cargo:libressl=true"); + println!("cargo:version=101"); + Version::Libressl + } else if expanded.contains("RUST_LIBRESSL_251") { + println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl251"); + println!("cargo:libressl=true"); + println!("cargo:version=101"); + Version::Libressl + } else if expanded.contains("RUST_LIBRESSL_252") { + println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl252"); + println!("cargo:libressl=true"); + println!("cargo:version=101"); + Version::Libressl + } else if expanded.contains("RUST_LIBRESSL_253") { + println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl253"); + println!("cargo:libressl=true"); + println!("cargo:version=101"); + Version::Libressl + } else if expanded.contains("RUST_LIBRESSL_254") { + println!("cargo:rustc-cfg=libressl"); + println!("cargo:rustc-cfg=libressl254"); println!("cargo:libressl=true"); println!("cargo:version=101"); Version::Libressl @@ -325,9 +362,9 @@ See rust-openssl README for more information: } else { panic!(" -This crate is only compatible with OpenSSL 1.0.1, 1.0.2, and 1.1.0, or LibreSSL, -but a different version of OpenSSL was found. The build is now aborting due to -this version mismatch. +This crate is only compatible with OpenSSL 1.0.1, 1.0.2, and 1.1.0, or LibreSSL +2.5.0, 2.5.1, 2.5.2, 2.5.3, and 2.5.4, but a different version of OpenSSL was +found. The build is now aborting due to this version mismatch. "); } diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl/mod.rs similarity index 73% rename from openssl-sys/src/libressl.rs rename to openssl-sys/src/libressl/mod.rs index d43587f05b440e4c525569ba9dfbedf91cc9e497..951ab4d350f91dcd0af00730124e5b02b4aa24c5 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl/mod.rs @@ -3,8 +3,17 @@ use std::sync::{Once, ONCE_INIT}; use std::mem; use std::ptr; +#[cfg(libressl250)] +pub use libressl::v250::*; +#[cfg(not(libressl250))] +pub use libressl::v25x::*; + use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; -use libc::time_t; + +#[cfg(libressl250)] +mod v250; +#[cfg(not(libressl250))] +mod v25x; #[repr(C)] pub struct stack_st_ASN1_OBJECT { @@ -322,215 +331,6 @@ pub struct X509_REQ { references: c_int } -#[repr(C)] -pub struct SSL { - version: c_int, - type_: c_int, - method: *const ::SSL_METHOD, - rbio: *mut c_void, - wbio: *mut c_void, - bbio: *mut c_void, - rwstate: c_int, - in_handshake: c_int, - handshake_func: Option c_int>, - pub server: c_int, - new_session: c_int, - quiet_shutdown: c_int, - shutdown: c_int, - state: c_int, - rstate: c_int, - init_buf: *mut c_void, - init_msg: *mut c_void, - init_num: c_int, - init_off: c_int, - packet: *mut c_uchar, - packet_length: c_uint, - s3: *mut c_void, - d1: *mut c_void, - read_ahead: c_int, - msg_callback: Option, - msg_callback_arg: *mut c_void, - hit: c_int, - param: *mut c_void, - cipher_list: *mut stack_st_SSL_CIPHER, - cipher_list_by_id: *mut stack_st_SSL_CIPHER, - mac_flags: c_int, - aead_read_ctx: *mut c_void, - enc_read_ctx: *mut ::EVP_CIPHER_CTX, - read_hash: *mut ::EVP_MD_CTX, - aead_write_ctx: *mut c_void, - enc_write_ctx: *mut ::EVP_CIPHER_CTX, - write_hash: *mut ::EVP_MD_CTX, - cert: *mut c_void, - sid_ctx_length: c_uint, - sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], - session: *mut ::SSL_SESSION, - generate_session_id: ::GEN_SESSION_CB, - verify_mode: c_int, - verify_callback: Option c_int>, - info_callback: Option, - error: c_int, - error_code: c_int, - ctx: *mut ::SSL_CTX, - debug: c_int, - verify_result: c_long, - ex_data: ::CRYPTO_EX_DATA, - client_CA: *mut stack_st_X509_NAME, - references: c_int, - options: c_ulong, - mode: c_ulong, - max_cert_list: c_long, - first_packet: c_int, - client_version: c_int, - max_send_fragment: c_uint, - tlsext_debug_cb: Option, - tlsext_debug_arg: *mut c_void, - tlsext_hostname: *mut c_char, - servername_done: c_int, - tlsext_status_type: c_int, - tlsext_status_expected: c_int, - tlsext_ocsp_ids: *mut c_void, - tlsext_ocsp_exts: *mut c_void, - tlsext_ocsp_resp: *mut c_uchar, - tlsext_ocsp_resplen: c_int, - tlsext_ticket_expected: c_int, - tlsext_ecpointformatlist_length: size_t, - tlsext_ecpointformatlist: *mut c_uchar, - tlsext_ellipticcurvelist_length: size_t, - tlsext_ellipticcurvelist: *mut c_uchar, - tlsext_session_ticket: *mut c_void, - tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn, - tls_session_ticket_ext_cb_arg: *mut c_void, - tls_session_secret_cb: ::tls_session_secret_cb_fn, - tls_session_secret_cb_arg: *mut c_void, - initial_ctx: *mut ::SSL_CTX, - next_proto_negotiated: *mut c_uchar, - next_proto_negotiated_len: c_uchar, - srtp_profiles: *mut c_void, - srtp_profile: *mut c_void, - tlsext_heartbeat: c_uint, - tlsext_hb_pending: c_uint, - tlsext_hb_seq: c_uint, - alpn_client_proto_list: *mut c_uchar, - alpn_client_proto_list_len: c_uint, - renegotiate: c_int, -} - -#[repr(C)] -pub struct SSL_CTX { - method: *mut c_void, - cipher_list: *mut c_void, - cipher_list_by_id: *mut c_void, - cert_store: *mut c_void, - sessions: *mut c_void, - session_cache_size: c_ulong, - session_cache_head: *mut c_void, - session_cache_tail: *mut c_void, - session_cache_mode: c_int, - session_timeout: c_long, - new_session_cb: *mut c_void, - remove_session_cb: *mut c_void, - get_session_cb: *mut c_void, - stats: [c_int; 11], - pub references: c_int, - app_verify_callback: *mut c_void, - app_verify_arg: *mut c_void, - default_passwd_callback: *mut c_void, - default_passwd_callback_userdata: *mut c_void, - client_cert_cb: *mut c_void, - app_gen_cookie_cb: *mut c_void, - app_verify_cookie_cb: *mut c_void, - ex_dat: ::CRYPTO_EX_DATA, - rsa_md5: *mut c_void, - md5: *mut c_void, - sha1: *mut c_void, - extra_certs: *mut c_void, - comp_methods: *mut c_void, - info_callback: *mut c_void, - client_CA: *mut c_void, - options: c_ulong, - mode: c_ulong, - max_cert_list: c_long, - cert: *mut c_void, - read_ahead: c_int, - msg_callback: *mut c_void, - msg_callback_arg: *mut c_void, - verify_mode: c_int, - sid_ctx_length: c_uint, - sid_ctx: [c_uchar; 32], - default_verify_callback: *mut c_void, - generate_session_id: *mut c_void, - param: *mut c_void, - quiet_shutdown: c_int, - max_send_fragment: c_uint, - - #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] - client_cert_engine: *mut c_void, - - tlsext_servername_callback: *mut c_void, - tlsect_servername_arg: *mut c_void, - tlsext_tick_key_name: [c_uchar; 16], - tlsext_tick_hmac_key: [c_uchar; 16], - tlsext_tick_aes_key: [c_uchar; 16], - tlsext_ticket_key_cb: *mut c_void, - tlsext_status_cb: *mut c_void, - tlsext_status_arg: *mut c_void, - tlsext_opaque_prf_input_callback: *mut c_void, - tlsext_opaque_prf_input_callback_arg: *mut c_void, - - next_protos_advertised_cb: *mut c_void, - next_protos_advertised_cb_arg: *mut c_void, - next_proto_select_cb: *mut c_void, - next_proto_select_cb_arg: *mut c_void, - - srtp_profiles: *mut c_void, -} - -#[repr(C)] -pub struct SSL_SESSION { - ssl_version: c_int, - pub master_key_length: c_int, - pub master_key: [c_uchar; 48], - session_id_length: c_uint, - session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], - sid_ctx_length: c_uint, - sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], - not_resumable: c_int, - sess_cert: *mut c_void, - peer: *mut X509, - verify_result: c_long, - timeout: c_long, - time: time_t, - pub references: c_int, - cipher: *const c_void, - cipher_id: c_ulong, - ciphers: *mut c_void, - ex_data: ::CRYPTO_EX_DATA, - prev: *mut c_void, - next: *mut c_void, - tlsext_hostname: *mut c_char, - tlsext_ecpointformatlist_length: size_t, - tlsext_ecpointformatlist: *mut u8, - tlsext_ellipticcurvelist_length: size_t, - tlsext_ellipticcurvelist: *mut u16, - tlsext_tick: *mut c_uchar, - tlsext_ticklen: size_t, - tlsext_tick_lifetime_hint: c_long, -} - -#[repr(C)] -pub struct X509_VERIFY_PARAM { - pub name: *mut c_char, - pub check_time: time_t, - pub inh_flags: c_ulong, - pub flags: c_ulong, - pub purpose: c_int, - pub trust: c_int, - pub depth: c_int, - pub policies: *mut stack_st_ASN1_OBJECT, - //pub id: *mut X509_VERIFY_PARAM_ID, -} - pub enum X509_VERIFY_PARAM_ID {} pub enum PKCS12 {} diff --git a/openssl-sys/src/libressl/v250.rs b/openssl-sys/src/libressl/v250.rs new file mode 100644 index 0000000000000000000000000000000000000000..39306f8de04b2f9913d13c83459843fbce880ea7 --- /dev/null +++ b/openssl-sys/src/libressl/v250.rs @@ -0,0 +1,212 @@ +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t}; + +use super::*; + +#[repr(C)] +pub struct SSL { + version: c_int, + type_: c_int, + method: *const ::SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_shutdown: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + aead_read_ctx: *mut c_void, + enc_read_ctx: *mut ::EVP_CIPHER_CTX, + read_hash: *mut ::EVP_MD_CTX, + aead_write_ctx: *mut c_void, + enc_write_ctx: *mut ::EVP_CIPHER_CTX, + write_hash: *mut ::EVP_MD_CTX, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut ::SSL_SESSION, + generate_session_id: ::GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + ctx: *mut ::SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: ::CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_debug_cb: Option, + tlsext_debug_arg: *mut c_void, + tlsext_hostname: *mut c_char, + servername_done: c_int, + tlsext_status_type: c_int, + tlsext_status_expected: c_int, + tlsext_ocsp_ids: *mut c_void, + tlsext_ocsp_exts: *mut c_void, + tlsext_ocsp_resp: *mut c_uchar, + tlsext_ocsp_resplen: c_int, + tlsext_ticket_expected: c_int, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut c_uchar, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut c_uchar, + tlsext_session_ticket: *mut c_void, + tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn, + tls_session_ticket_ext_cb_arg: *mut c_void, + tls_session_secret_cb: ::tls_session_secret_cb_fn, + tls_session_secret_cb_arg: *mut c_void, + initial_ctx: *mut ::SSL_CTX, + next_proto_negotiated: *mut c_uchar, + next_proto_negotiated_len: c_uchar, + srtp_profiles: *mut c_void, + srtp_profile: *mut c_void, + tlsext_heartbeat: c_uint, + tlsext_hb_pending: c_uint, + tlsext_hb_seq: c_uint, + alpn_client_proto_list: *mut c_uchar, + alpn_client_proto_list_len: c_uint, + renegotiate: c_int, +} + +#[repr(C)] +pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: ::CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + tlsext_servername_callback: *mut c_void, + tlsect_servername_arg: *mut c_void, + tlsext_tick_key_name: [c_uchar; 16], + tlsext_tick_hmac_key: [c_uchar; 16], + tlsext_tick_aes_key: [c_uchar; 16], + tlsext_ticket_key_cb: *mut c_void, + tlsext_status_cb: *mut c_void, + tlsext_status_arg: *mut c_void, + tlsext_opaque_prf_input_callback: *mut c_void, + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + next_protos_advertised_cb: *mut c_void, + next_protos_advertised_cb_arg: *mut c_void, + next_proto_select_cb: *mut c_void, + next_proto_select_cb_arg: *mut c_void, + + srtp_profiles: *mut c_void, +} + +#[repr(C)] +pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: ::CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + tlsext_hostname: *mut c_char, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut u8, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut u16, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_hint: c_long, +} + +#[repr(C)] +pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + //pub id: *mut X509_VERIFY_PARAM_ID, +} diff --git a/openssl-sys/src/libressl/v25x.rs b/openssl-sys/src/libressl/v25x.rs new file mode 100644 index 0000000000000000000000000000000000000000..1654f52e0ec82e4759b04b551bfe8817b4c23281 --- /dev/null +++ b/openssl-sys/src/libressl/v25x.rs @@ -0,0 +1,89 @@ +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t}; + +use super::*; + +#[repr(C)] +pub struct SSL { + version: c_int, + method: *const ::SSL_METHOD, + rbio: *mut ::BIO, + wbio: *mut ::BIO, + bbio: *mut ::BIO, + pub server: c_int, + s3: *mut c_void, + d1: *mut c_void, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut ::SSL_SESSION, + verify_mode: c_int, + error: c_int, + error_code: c_int, + ctx: *mut ::SSL_CTX, + verify_result: c_long, + references: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_hostname: *mut c_char, + tlsext_status_type: c_int, + initial_ctx: *mut ::SSL_CTX, + enc_read_ctx: *mut ::EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + internal: *mut c_void, +} + +#[repr(C)] +pub struct SSL_CTX { + method: *const ::SSL_METHOD, + cipher_list: *mut stack_st_SSL_CIPHER, + cert_store: *mut c_void, + session_timeout: c_long, + pub references: c_int, + extra_certs: *mut stack_st_X509, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + param: *mut ::X509_VERIFY_PARAM, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + internal: *mut c_void, +} + +#[repr(C)] +pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48 /*::SSL_MAX_MASTER_KEY_LENGTH as usize */], + session_id_length: c_uint, + session_id: [c_uchar; ::SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + peer: *mut ::X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const ::SSL_CIPHER, + cipher_id: c_long, + ciphers: *mut stack_st_SSL_CIPHER, + tlsext_hostname: *mut c_char, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_int: c_long, + internal: *mut c_void, +} + +#[repr(C)] +pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + policies: *mut stack_st_ASN1_OBJECT, + id: *mut c_void, +}