From 0e4aec06f2a30f67c287cfc98015da9fcf15562f Mon Sep 17 00:00:00 2001 From: Jonas Platte Date: Wed, 30 Dec 2020 23:17:53 +0100 Subject: Switch from lazy_static to once_cell This also changes the MSRV from 1.34.0 to 1.36.0. --- .circleci/config.yml | 4 ++-- .github/workflows/ci.yml | 2 +- openssl/Cargo.toml | 2 +- openssl/src/lib.rs | 3 +-- openssl/src/ssl/connector.rs | 6 +++--- openssl/src/ssl/mod.rs | 9 ++++----- 6 files changed, 12 insertions(+), 14 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 78231e24..9806dc94 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -22,7 +22,7 @@ jobs: default: false image: type: string - default: 1.34.0 + default: 1.36.0 minimal_build: type: boolean default: false @@ -175,7 +175,7 @@ jobs: default: false image: type: string - default: 1.34.0 + default: 1.36.0 macos: xcode: "12.2.0" environment: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9a09c6ad..37e8565b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -63,7 +63,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: Install Rust - run: rustup update --no-self-update 1.34.0 && rustup default 1.34.0 + run: rustup update --no-self-update 1.36.0 && rustup default 1.36.0 - name: Get rust version id: rust-version run: echo "::set-output name=version::$(rustc --version)" diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index 2b6c8edf..5c741d2d 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -22,8 +22,8 @@ vendored = ['openssl-sys/vendored'] bitflags = "1.0" cfg-if = "1.0" foreign-types = "0.3.1" -lazy_static = "1" libc = "0.2" +once_cell = "1.5.2" openssl-sys = { version = "0.9.60", path = "../openssl-sys" } diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs index 1027eb52..3c2c020b 100644 --- a/openssl/src/lib.rs +++ b/openssl/src/lib.rs @@ -116,9 +116,8 @@ extern crate bitflags; extern crate cfg_if; #[macro_use] extern crate foreign_types; -#[macro_use] -extern crate lazy_static; extern crate libc; +extern crate once_cell; extern crate openssl_sys as ffi; #[cfg(test)] diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 644a0488..ebc3e7d6 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -414,10 +414,10 @@ cfg_if! { GeneralName, X509NameRef, X509Ref, X509StoreContext, X509StoreContextRef, X509VerifyResult, }; + use once_cell::sync::Lazy; - lazy_static! { - pub static ref HOSTNAME_IDX: Index = Ssl::new_ex_index().unwrap(); - } + pub static HOSTNAME_IDX: Lazy> = + Lazy::new(|| Ssl::new_ex_index().unwrap()); pub fn verify_callback(preverify_ok: bool, x509_ctx: &mut X509StoreContextRef) -> bool { if !preverify_ok || x509_ctx.error_depth() != 0 { diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index f60b1ee1..2edb972f 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -87,6 +87,7 @@ use ex_data::Index; use hash::MessageDigest; #[cfg(ossl110)] use nid::Nid; +use once_cell::sync::Lazy; use pkey::{HasPrivate, PKeyRef, Params, Private}; use srtp::{SrtpProtectionProfile, SrtpProtectionProfileRef}; use ssl::bio::BioMethod; @@ -512,11 +513,9 @@ impl NameType { } } -lazy_static! { - static ref INDEXES: Mutex> = Mutex::new(HashMap::new()); - static ref SSL_INDEXES: Mutex> = Mutex::new(HashMap::new()); - static ref SESSION_CTX_INDEX: Index = Ssl::new_ex_index().unwrap(); -} +static INDEXES: Lazy>> = Lazy::new(|| Mutex::new(HashMap::new())); +static SSL_INDEXES: Lazy>> = Lazy::new(|| Mutex::new(HashMap::new())); +static SESSION_CTX_INDEX: Lazy> = Lazy::new(|| Ssl::new_ex_index().unwrap()); unsafe extern "C" fn free_data_box( _parent: *mut c_void, -- cgit v1.2.3 From f999e8ae2680110e40a933d1f30e53d8ceb46696 Mon Sep 17 00:00:00 2001 From: Jonas Platte Date: Thu, 31 Dec 2020 13:51:18 +0100 Subject: Replace some uses of Lazy by OnceCell so some initialization errors don't result in a panic. --- openssl/src/ssl/callbacks.rs | 16 ++++++++++------ openssl/src/ssl/connector.rs | 17 ++++++++++++----- openssl/src/ssl/mod.rs | 11 ++++++++--- 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/openssl/src/ssl/callbacks.rs b/openssl/src/ssl/callbacks.rs index 70bb189a..42fb033b 100644 --- a/openssl/src/ssl/callbacks.rs +++ b/openssl/src/ssl/callbacks.rs @@ -22,12 +22,12 @@ use error::ErrorStack; use pkey::Params; #[cfg(any(ossl102, libressl261))] use ssl::AlpnError; -#[cfg(ossl111)] -use ssl::{ClientHelloResponse, ExtensionContext}; use ssl::{ - SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef, - SESSION_CTX_INDEX, + try_get_session_ctx_index, SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, + SslSession, SslSessionRef, }; +#[cfg(ossl111)] +use ssl::{ClientHelloResponse, ExtensionContext}; use util::ForeignTypeRefExt; #[cfg(ossl111)] use x509::X509Ref; @@ -355,9 +355,11 @@ pub unsafe extern "C" fn raw_new_session( where F: Fn(&mut SslRef, SslSession) + 'static + Sync + Send, { + let session_ctx_index = + try_get_session_ctx_index().expect("BUG: session context index initialization failed"); let ssl = SslRef::from_ptr_mut(ssl); let callback = ssl - .ex_data(*SESSION_CTX_INDEX) + .ex_data(*session_ctx_index) .expect("BUG: session context missing") .ex_data(SslContext::cached_ex_index::()) .expect("BUG: new session callback missing") as *const F; @@ -401,9 +403,11 @@ pub unsafe extern "C" fn raw_get_session( where F: Fn(&mut SslRef, &[u8]) -> Option + 'static + Sync + Send, { + let session_ctx_index = + try_get_session_ctx_index().expect("BUG: session context index initialization failed"); let ssl = SslRef::from_ptr_mut(ssl); let callback = ssl - .ex_data(*SESSION_CTX_INDEX) + .ex_data(*session_ctx_index) .expect("BUG: session context missing") .ex_data(SslContext::cached_ex_index::()) .expect("BUG: get session callback missing") as *const F; diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index ebc3e7d6..9788e416 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -398,7 +398,8 @@ cfg_if! { fn setup_verify_hostname(ssl: &mut Ssl, domain: &str) -> Result<(), ErrorStack> { let domain = domain.to_string(); - ssl.set_ex_data(*verify::HOSTNAME_IDX, domain); + let hostname_idx = verify::try_get_hostname_idx()?; + ssl.set_ex_data(*hostname_idx, domain); Ok(()) } @@ -406,6 +407,7 @@ cfg_if! { use std::net::IpAddr; use std::str; + use error::ErrorStack; use ex_data::Index; use nid::Nid; use ssl::Ssl; @@ -414,22 +416,27 @@ cfg_if! { GeneralName, X509NameRef, X509Ref, X509StoreContext, X509StoreContextRef, X509VerifyResult, }; - use once_cell::sync::Lazy; + use once_cell::sync::OnceCell; - pub static HOSTNAME_IDX: Lazy> = - Lazy::new(|| Ssl::new_ex_index().unwrap()); + static HOSTNAME_IDX: OnceCell> = OnceCell::new(); + + pub fn try_get_hostname_idx() -> Result<&'static Index, ErrorStack> { + HOSTNAME_IDX.get_or_try_init(Ssl::new_ex_index) + } pub fn verify_callback(preverify_ok: bool, x509_ctx: &mut X509StoreContextRef) -> bool { if !preverify_ok || x509_ctx.error_depth() != 0 { return preverify_ok; } + let hostname_idx = + try_get_hostname_idx.expect("failed to initialize hostname index"); let ok = match ( x509_ctx.current_cert(), X509StoreContext::ssl_idx() .ok() .and_then(|idx| x509_ctx.ex_data(idx)) - .and_then(|ssl| ssl.ex_data(*HOSTNAME_IDX)), + .and_then(|ssl| ssl.ex_data(*hostname_idx)), ) { (Some(x509), Some(domain)) => verify_hostname(domain, &x509), _ => true, diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 2edb972f..6ee91a8a 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -87,7 +87,7 @@ use ex_data::Index; use hash::MessageDigest; #[cfg(ossl110)] use nid::Nid; -use once_cell::sync::Lazy; +use once_cell::sync::{Lazy, OnceCell}; use pkey::{HasPrivate, PKeyRef, Params, Private}; use srtp::{SrtpProtectionProfile, SrtpProtectionProfileRef}; use ssl::bio::BioMethod; @@ -515,7 +515,11 @@ impl NameType { static INDEXES: Lazy>> = Lazy::new(|| Mutex::new(HashMap::new())); static SSL_INDEXES: Lazy>> = Lazy::new(|| Mutex::new(HashMap::new())); -static SESSION_CTX_INDEX: Lazy> = Lazy::new(|| Ssl::new_ex_index().unwrap()); +static SESSION_CTX_INDEX: OnceCell> = OnceCell::new(); + +fn try_get_session_ctx_index() -> Result<&'static Index, ErrorStack> { + SESSION_CTX_INDEX.get_or_try_init(Ssl::new_ex_index) +} unsafe extern "C" fn free_data_box( _parent: *mut c_void, @@ -2389,10 +2393,11 @@ impl Ssl { /// [`SSL_new`]: https://www.openssl.org/docs/man1.0.2/ssl/SSL_new.html // FIXME should take &SslContextRef pub fn new(ctx: &SslContextRef) -> Result { + let session_ctx_index = try_get_session_ctx_index()?; unsafe { let ptr = cvt_p(ffi::SSL_new(ctx.as_ptr()))?; let mut ssl = Ssl::from_ptr(ptr); - ssl.set_ex_data(*SESSION_CTX_INDEX, ctx.to_owned()); + ssl.set_ex_data(*session_ctx_index, ctx.to_owned()); Ok(ssl) } -- cgit v1.2.3 From cef3a3faa93097ac0d14fc4696791f02c4267d98 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Thu, 31 Dec 2020 08:19:18 -0500 Subject: Update openssl/src/ssl/connector.rs --- openssl/src/ssl/connector.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index 9788e416..94c5a5f2 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -430,7 +430,7 @@ cfg_if! { } let hostname_idx = - try_get_hostname_idx.expect("failed to initialize hostname index"); + try_get_hostname_idx().expect("failed to initialize hostname index"); let ok = match ( x509_ctx.current_cert(), X509StoreContext::ssl_idx() -- cgit v1.2.3