Loading openssl-sys/src/ssl.rs +17 −0 Original line number Diff line number Diff line Loading @@ -697,6 +697,8 @@ pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_MODE: c_int = 33; pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42; pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43; pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; Loading Loading @@ -919,6 +921,11 @@ extern "C" { pub fn SSL_state_string(ssl: *const SSL) -> *const c_char; pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char; pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long; pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long; #[cfg(ossl110)] pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int; #[cfg(ossl111)] pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int; #[cfg(ossl111)] Loading @@ -930,6 +937,8 @@ extern "C" { pub fn SSL_SESSION_free(s: *mut SSL_SESSION); pub fn i2d_SSL_SESSION(s: *mut SSL_SESSION, pp: *mut *mut c_uchar) -> c_int; pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; pub fn d2i_SSL_SESSION( a: *mut *mut SSL_SESSION, pp: *mut *const c_uchar, Loading Loading @@ -1217,6 +1226,14 @@ extern "C" { pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; } pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut()) } pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut()) } pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut()) } Loading openssl/src/ssl/mod.rs +89 −0 Original line number Diff line number Diff line Loading @@ -1675,6 +1675,17 @@ impl SslContextBuilder { } } /// Sets the context's session cache size limit, returning the previous limit. /// /// A value of 0 means that the cache size is unbounded. /// /// This corresponds to [`SSL_CTX_sess_get_cache_size`]. /// /// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html pub fn set_session_cache_size(&mut self, size: i32) -> i64 { unsafe { ffi::SSL_CTX_sess_set_cache_size(self.as_ptr(), size.into()).into() } } /// Consumes the builder, returning a new `SslContext`. pub fn build(self) -> SslContext { self.0 Loading Loading @@ -1841,6 +1852,49 @@ impl SslContextRef { pub fn max_early_data(&self) -> u32 { unsafe { ffi::SSL_CTX_get_max_early_data(self.as_ptr()) } } /// Adds a session to the context's cache. /// /// Returns `true` if the session was successfully added to the cache, and `false` if it was already present. /// /// This corresponds to [`SSL_CTX_add_session`]. /// /// # Safety /// /// The caller of this method is responsible for ensuring that the session has never been used with another /// `SslContext` than this one. /// /// [`SSL_CTX_add_session`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_remove_session.html pub unsafe fn add_session(&self, session: &SslSessionRef) -> bool { ffi::SSL_CTX_add_session(self.as_ptr(), session.as_ptr()) != 0 } /// Removes a session from the context's cache and marks it as non-resumable. /// /// Returns `true` if the session was successfully found and removed, and `false` otherwise. /// /// This corresponds to [`SSL_CTX_remove_session`]. /// /// # Safety /// /// The caller of this method is responsible for ensuring that the session has never been used with another /// `SslContext` than this one. /// /// [`SSL_CTX_remove_session`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_remove_session.html pub unsafe fn remove_session(&self, session: &SslSessionRef) -> bool { ffi::SSL_CTX_remove_session(self.as_ptr(), session.as_ptr()) != 0 } /// Returns the context's session cache size limit. /// /// A value of 0 means that the cache size is unbounded. /// /// This corresponds to [`SSL_CTX_sess_get_cache_size`]. /// /// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html pub fn session_cache_size(&self) -> i64 { unsafe { ffi::SSL_CTX_sess_get_cache_size(self.as_ptr()).into() } } } /// Information about the state of a cipher. Loading Loading @@ -2097,6 +2151,41 @@ impl SslSessionRef { unsafe { ffi::SSL_SESSION_get_max_early_data(self.as_ptr()) } } /// Returns the time at which the session was established, in seconds since the Unix epoch. /// /// This corresponds to [`SSL_SESSION_get_time`]. /// /// [`SSL_SESSION_get_time`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html pub fn time(&self) -> i64 { unsafe { ffi::SSL_SESSION_get_time(self.as_ptr()) as i64 } } /// Returns the sessions timeout, in seconds. /// /// A session older than this time should not be used for session resumption. /// /// This corresponds to [`SSL_SESSION_get_timeout`]. /// /// [`SSL_SESSION_get_timeout`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html pub fn timeout(&self) -> i64 { unsafe { ffi::SSL_SESSION_get_timeout(self.as_ptr()) as i64 } } /// Returns the session's TLS protocol version. /// /// Requires OpenSSL 1.1.0 or newer. /// /// This corresponds to [`SSL_SESSION_get_protocol_version`]. /// /// [`SSL_SESSION_get_protocol_version`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html #[cfg(ossl110)] pub fn protocol_version(&self) -> SslVersion { unsafe { let version = ffi::SSL_SESSION_get_protocol_version(self.as_ptr()); SslVersion(version) } } to_der! { /// Serializes the session into a DER-encoded structure. /// Loading openssl/src/ssl/test.rs +8 −0 Original line number Diff line number Diff line Loading @@ -1849,3 +1849,11 @@ fn openssl_cipher_name() { assert_eq!(super::cipher_name("asdf"), "(NONE)"); } #[test] fn session_cache_size() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_session_cache_size(1234); let ctx = ctx.build(); assert_eq!(ctx.session_cache_size(), 1234); } Loading
openssl-sys/src/ssl.rs +17 −0 Original line number Diff line number Diff line Loading @@ -697,6 +697,8 @@ pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_MODE: c_int = 33; pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42; pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43; pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; Loading Loading @@ -919,6 +921,11 @@ extern "C" { pub fn SSL_state_string(ssl: *const SSL) -> *const c_char; pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char; pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long; pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long; #[cfg(ossl110)] pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int; #[cfg(ossl111)] pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int; #[cfg(ossl111)] Loading @@ -930,6 +937,8 @@ extern "C" { pub fn SSL_SESSION_free(s: *mut SSL_SESSION); pub fn i2d_SSL_SESSION(s: *mut SSL_SESSION, pp: *mut *mut c_uchar) -> c_int; pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; pub fn d2i_SSL_SESSION( a: *mut *mut SSL_SESSION, pp: *mut *const c_uchar, Loading Loading @@ -1217,6 +1226,14 @@ extern "C" { pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; } pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut()) } pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut()) } pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut()) } Loading
openssl/src/ssl/mod.rs +89 −0 Original line number Diff line number Diff line Loading @@ -1675,6 +1675,17 @@ impl SslContextBuilder { } } /// Sets the context's session cache size limit, returning the previous limit. /// /// A value of 0 means that the cache size is unbounded. /// /// This corresponds to [`SSL_CTX_sess_get_cache_size`]. /// /// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html pub fn set_session_cache_size(&mut self, size: i32) -> i64 { unsafe { ffi::SSL_CTX_sess_set_cache_size(self.as_ptr(), size.into()).into() } } /// Consumes the builder, returning a new `SslContext`. pub fn build(self) -> SslContext { self.0 Loading Loading @@ -1841,6 +1852,49 @@ impl SslContextRef { pub fn max_early_data(&self) -> u32 { unsafe { ffi::SSL_CTX_get_max_early_data(self.as_ptr()) } } /// Adds a session to the context's cache. /// /// Returns `true` if the session was successfully added to the cache, and `false` if it was already present. /// /// This corresponds to [`SSL_CTX_add_session`]. /// /// # Safety /// /// The caller of this method is responsible for ensuring that the session has never been used with another /// `SslContext` than this one. /// /// [`SSL_CTX_add_session`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_remove_session.html pub unsafe fn add_session(&self, session: &SslSessionRef) -> bool { ffi::SSL_CTX_add_session(self.as_ptr(), session.as_ptr()) != 0 } /// Removes a session from the context's cache and marks it as non-resumable. /// /// Returns `true` if the session was successfully found and removed, and `false` otherwise. /// /// This corresponds to [`SSL_CTX_remove_session`]. /// /// # Safety /// /// The caller of this method is responsible for ensuring that the session has never been used with another /// `SslContext` than this one. /// /// [`SSL_CTX_remove_session`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_remove_session.html pub unsafe fn remove_session(&self, session: &SslSessionRef) -> bool { ffi::SSL_CTX_remove_session(self.as_ptr(), session.as_ptr()) != 0 } /// Returns the context's session cache size limit. /// /// A value of 0 means that the cache size is unbounded. /// /// This corresponds to [`SSL_CTX_sess_get_cache_size`]. /// /// [`SSL_CTX_sess_get_cache_size`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_sess_set_cache_size.html pub fn session_cache_size(&self) -> i64 { unsafe { ffi::SSL_CTX_sess_get_cache_size(self.as_ptr()).into() } } } /// Information about the state of a cipher. Loading Loading @@ -2097,6 +2151,41 @@ impl SslSessionRef { unsafe { ffi::SSL_SESSION_get_max_early_data(self.as_ptr()) } } /// Returns the time at which the session was established, in seconds since the Unix epoch. /// /// This corresponds to [`SSL_SESSION_get_time`]. /// /// [`SSL_SESSION_get_time`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html pub fn time(&self) -> i64 { unsafe { ffi::SSL_SESSION_get_time(self.as_ptr()) as i64 } } /// Returns the sessions timeout, in seconds. /// /// A session older than this time should not be used for session resumption. /// /// This corresponds to [`SSL_SESSION_get_timeout`]. /// /// [`SSL_SESSION_get_timeout`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html pub fn timeout(&self) -> i64 { unsafe { ffi::SSL_SESSION_get_timeout(self.as_ptr()) as i64 } } /// Returns the session's TLS protocol version. /// /// Requires OpenSSL 1.1.0 or newer. /// /// This corresponds to [`SSL_SESSION_get_protocol_version`]. /// /// [`SSL_SESSION_get_protocol_version`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_get_time.html #[cfg(ossl110)] pub fn protocol_version(&self) -> SslVersion { unsafe { let version = ffi::SSL_SESSION_get_protocol_version(self.as_ptr()); SslVersion(version) } } to_der! { /// Serializes the session into a DER-encoded structure. /// Loading
openssl/src/ssl/test.rs +8 −0 Original line number Diff line number Diff line Loading @@ -1849,3 +1849,11 @@ fn openssl_cipher_name() { assert_eq!(super::cipher_name("asdf"), "(NONE)"); } #[test] fn session_cache_size() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_session_cache_size(1234); let ctx = ctx.build(); assert_eq!(ctx.session_cache_size(), 1234); }
