Unverified Commit 812d7a61 authored by Steven Fackler's avatar Steven Fackler Committed by GitHub
Browse files

Merge pull request #884 from sfackler/libressl-27 

Support LibreSSL 2.7.0
parents c1f6a7db f0614f4a

.circleci/config.yml

+5 −5
Original line number Diff line number Diff line
@@ -104,9 +104,9 @@ openssl_101: &OPENSSL_101 
libressl_250: &LIBRESSL_250

  LIBRARY: libressl

  VERSION: 2.5.0

libressl_263: &LIBRESSL_263

libressl_263: &LIBRESSL_270

  LIBRARY: libressl

  VERSION: 2.6.3

  VERSION: 2.7.0



x86_64: &X86_64

  TARGET: x86_64-unknown-linux-gnu
@@ -171,10 +171,10 @@ jobs: 
    <<: *JOB

    environment:

      <<: [*LIBRESSL_250, *X86_64, *BASE]

  x86_64-libressl-2.6.3:

  x86_64-libressl-2.7.0:

    <<: *JOB

    environment:

      <<: [*LIBRESSL_263, *X86_64, *BASE]

      <<: [*LIBRESSL_270, *X86_64, *BASE]

  macos:

    <<: *MACOS_JOB

workflows:
@@ -192,5 +192,5 @@ workflows: 
    - armhf-openssl-1.1.0

    - armhf-openssl-1.0.2

    - x86_64-libressl-2.5.0

    - x86_64-libressl-2.6.3

    - x86_64-libressl-2.7.0

    - macos

openssl-sys/build.rs

+10 −1
Original line number Diff line number Diff line
@@ -323,8 +323,10 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Version { 
#include <openssl/opensslv.h>

#include <openssl/opensslconf.h>



#if LIBRESSL_VERSION_NUMBER >= 0x20700000

#if LIBRESSL_VERSION_NUMBER >= 0x20701000

RUST_LIBRESSL_NEW

#elif LIBRESSL_VERSION_NUMBER >= 0x20700000

RUST_LIBRESSL_270

#elif LIBRESSL_VERSION_NUMBER >= 0x20603000

RUST_LIBRESSL_26X

#elif LIBRESSL_VERSION_NUMBER >= 0x20602000
@@ -473,6 +475,13 @@ See rust-openssl README for more information: 
        println!("cargo:libressl_version=26x");

        println!("cargo:version=101");

        Version::Libressl

    } else if expanded.contains("RUST_LIBRESSL_270") {

        println!("cargo:rustc-cfg=libressl");

        println!("cargo:rustc-cfg=libressl270");

        println!("cargo:libressl=true");

        println!("cargo:libressl_version=270");

        println!("cargo:version=101");

        Version::Libressl

    } else if expanded.contains("RUST_OPENSSL_111") {

        println!("cargo:rustc-cfg=ossl111");

        println!("cargo:rustc-cfg=ossl110");

openssl-sys/src/lib.rs

+30 −24
Original line number Diff line number Diff line
@@ -247,7 +247,8 @@ pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; 
pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9;



pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY

    | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX;

    | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX

    | EVP_PKEY_OP_VERIFYCTX;



pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT;
@@ -1276,14 +1277,14 @@ pub const SSL_VERIFY_NONE: c_int = 0; 
pub const SSL_VERIFY_PEER: c_int = 1;

pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2;



#[cfg(not(any(libressl261, libressl262, libressl26x, ossl101)))]

#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270, ossl101)))]

pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010;

#[cfg(any(libressl261, libressl262, libressl26x))]

#[cfg(any(libressl261, libressl262, libressl26x, libressl270))]

pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0;

pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800;

#[cfg(not(any(libressl261, libressl262, libressl26x)))]

#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))]

pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000;

#[cfg(any(libressl261, libressl262, libressl26x))]

#[cfg(any(libressl261, libressl262, libressl26x, libressl270))]

pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0;

pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004;

#[cfg(not(libressl))]
@@ -1927,9 +1928,17 @@ extern "C" { 


    pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG;

    pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG);

    pub fn ECDSA_do_verify(dgst: *const c_uchar, dgst_len: c_int,

                           sig: *const ECDSA_SIG, eckey: *mut EC_KEY) -> c_int;

    pub fn ECDSA_do_sign(dgst: *const c_uchar, dgst_len: c_int, eckey: *mut EC_KEY) -> *mut ECDSA_SIG;

    pub fn ECDSA_do_verify(

        dgst: *const c_uchar,

        dgst_len: c_int,

        sig: *const ECDSA_SIG,

        eckey: *mut EC_KEY,

    ) -> c_int;

    pub fn ECDSA_do_sign(

        dgst: *const c_uchar,

        dgst_len: c_int,

        eckey: *mut EC_KEY,

    ) -> *mut ECDSA_SIG;



    pub fn ERR_peek_last_error() -> c_ulong;

    pub fn ERR_get_error() -> c_ulong;
@@ -2704,7 +2713,12 @@ extern "C" { 


    pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX;

    pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX);

    pub fn X509_STORE_CTX_init(ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509) -> c_int;

    pub fn X509_STORE_CTX_init(

        ctx: *mut X509_STORE_CTX,

        store: *mut X509_STORE,

        x509: *mut X509,

        chain: *mut stack_st_X509,

    ) -> c_int;

    pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX);

    pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509;

    pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;
@@ -2839,31 +2853,23 @@ extern "C" { 


    pub fn SSL_CTX_set_cookie_generate_cb(

        s: *mut SSL_CTX,

        cb: Option<extern "C" fn(

            ssl: *mut SSL,

            cookie: *mut c_uchar,

            cookie_len: *mut c_uint

        ) -> c_int>

        cb: Option<

            extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,

        >,

    );



    #[cfg(ossl110)]

    pub fn SSL_CTX_set_cookie_verify_cb(

        s: *mut SSL_CTX,

        cb: Option<extern "C" fn(

            ssl: *mut SSL,

            cookie: *const c_uchar,

            cookie_len: c_uint

        ) -> c_int>

        cb: Option<

            extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,

        >,

    );



    #[cfg(not(ossl110))]

    pub fn SSL_CTX_set_cookie_verify_cb(

        s: *mut SSL_CTX,

        cb: Option<extern "C" fn(

            ssl: *mut SSL,

            cookie: *mut c_uchar,

            cookie_len: c_uint

        ) -> c_int>

        cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>,

    );



    pub fn EVP_MD_size(md: *const EVP_MD) -> c_int;

openssl-sys/src/libressl/mod.rs

+5 −5
Original line number Diff line number Diff line
@@ -136,7 +136,7 @@ pub struct DSA { 
#[repr(C)]

pub struct ECDSA_SIG {

    pub r: *mut ::BIGNUM,

    pub s: *mut ::BIGNUM

    pub s: *mut ::BIGNUM,

}



#[repr(C)]
@@ -337,9 +337,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32; 
pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77;

pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94;



#[cfg(any(libressl261, libressl262, libressl26x))]

#[cfg(any(libressl261, libressl262, libressl26x, libressl270))]

pub const SSL_OP_ALL: c_ulong = 0x4;

#[cfg(not(any(libressl261, libressl262, libressl26x)))]

#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))]

pub const SSL_OP_ALL: c_ulong = 0x80000014;

pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0;

pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0;
@@ -352,9 +352,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0; 
pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0;

pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0;

pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0;

#[cfg(any(libressl261, libressl262, libressl26x))]

#[cfg(any(libressl261, libressl262, libressl26x, libressl270))]

pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0;

#[cfg(not(any(libressl261, libressl262, libressl26x)))]

#[cfg(not(any(libressl261, libressl262, libressl26x, libressl270)))]

pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000;

pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000;

pub const SSL_OP_NO_SSLv2: c_ulong = 0x0;