diff options
| -rw-r--r-- | openssl/Cargo.toml | 2 | ||||
| -rw-r--r-- | openssl/src/dh.rs | 12 | ||||
| -rw-r--r-- | openssl/src/pkcs5.rs | 4 | ||||
| -rw-r--r-- | openssl/src/ssl/callbacks.rs | 6 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 41 | ||||
| -rw-r--r-- | openssl/src/ssl/test.rs | 38 | ||||
| -rw-r--r-- | openssl/src/symm.rs | 8 | ||||
| -rw-r--r-- | openssl/src/verify.rs | 2 | ||||
| -rw-r--r-- | openssl/src/x509/mod.rs | 4 |
9 files changed, 74 insertions, 43 deletions
diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index 9478e475..b8e88ea9 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -17,7 +17,7 @@ all-features = true v101 = [] v102 = [] v110 = [] -v111 = ["v110"] +v111 = [] [dependencies] bitflags = "1.0" diff --git a/openssl/src/dh.rs b/openssl/src/dh.rs index 7dcb3390..58b4026c 100644 --- a/openssl/src/dh.rs +++ b/openssl/src/dh.rs @@ -84,7 +84,8 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn get_1024_160() -> Result<Dh<Params>, ErrorStack> { unsafe { ffi::init(); @@ -93,7 +94,8 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn get_2048_224() -> Result<Dh<Params>, ErrorStack> { unsafe { ffi::init(); @@ -102,7 +104,8 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn get_2048_256() -> Result<Dh<Params>, ErrorStack> { unsafe { ffi::init(); @@ -142,7 +145,8 @@ mod tests { use ssl::{SslContext, SslMethod}; #[test] - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_dh_rfc5114() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let dh1 = Dh::get_1024_160().unwrap(); diff --git a/openssl/src/pkcs5.rs b/openssl/src/pkcs5.rs index 926e5438..7253837f 100644 --- a/openssl/src/pkcs5.rs +++ b/openssl/src/pkcs5.rs @@ -108,7 +108,7 @@ pub fn pbkdf2_hmac( /// Derives a key from a password and salt using the scrypt algorithm. /// /// Requires OpenSSL 1.1.0 or 1.1.1 and the corresponding Cargo feature. -#[cfg(all(feature = "v110", ossl110))] +#[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))] pub fn scrypt( pass: &[u8], salt: &[u8], @@ -271,7 +271,7 @@ mod tests { } #[test] - #[cfg(all(feature = "v110", ossl110))] + #[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))] fn scrypt() { use hex; diff --git a/openssl/src/ssl/callbacks.rs b/openssl/src/ssl/callbacks.rs index 7d884b4e..9a3d3de1 100644 --- a/openssl/src/ssl/callbacks.rs +++ b/openssl/src/ssl/callbacks.rs @@ -12,7 +12,8 @@ use dh::Dh; use ec::EcKey; use pkey::Params; use ssl::{get_callback_idx, get_ssl_callback_idx, SniError, SslAlert, SslRef}; -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use ssl::AlpnError; use x509::X509StoreContextRef; @@ -107,7 +108,8 @@ where } } -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub extern "C" fn raw_alpn_select<F>( ssl: *mut ffi::SSL, out: *mut *const c_uchar, diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 51176583..8e483015 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -85,7 +85,8 @@ use ec::EcKeyRef; use ec::EcKey; use x509::{X509, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult}; use x509::store::{X509StoreBuilderRef, X509StoreRef}; -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use x509::store::X509Store; #[cfg(any(ossl102, ossl110))] use verify::X509VerifyParamRef; @@ -186,12 +187,14 @@ bitflags! { /// Disables the use of DTLSv1.0 /// /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] const NO_DTLSV1 = ffi::SSL_OP_NO_DTLSv1; /// Disables the use of DTLSv1.2. /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] const NO_DTLSV1_2 = ffi::SSL_OP_NO_DTLSv1_2; /// Disables the use of all (D)TLS protocol versions. @@ -209,7 +212,8 @@ bitflags! { /// /// let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2; /// ``` - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] const NO_SSL_MASK = ffi::SSL_OP_NO_SSL_MASK; } } @@ -460,16 +464,18 @@ impl SslAlert { /// An error returned from an ALPN selection callback. /// /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] #[derive(Debug, Copy, Clone)] pub struct AlpnError(c_int); -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] impl AlpnError { /// Terminate the handshake with a fatal alert. /// /// Requires OpenSSL 1.1.0 or 1.1.1 and the corresponding Cargo feature. - #[cfg(all(feature = "v110", ossl110))] + #[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))] pub const ALERT_FATAL: AlpnError = AlpnError(ffi::SSL_TLSEXT_ERR_ALERT_FATAL); /// Do not select a protocol, but continue the handshake. @@ -621,7 +627,8 @@ impl SslContextBuilder { /// This corresponds to [`SSL_CTX_set0_verify_cert_store`]. /// /// [`SSL_CTX_set0_verify_cert_store`]: https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set0_verify_cert_store.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn set_verify_cert_store(&mut self, cert_store: X509Store) -> Result<(), ErrorStack> { unsafe { let ptr = cert_store.as_ptr(); @@ -979,7 +986,8 @@ impl SslContextBuilder { /// Requires OpenSSL 1.0.2, 1.1.0, or 1.1.1 and the corresponding Cargo feature. /// /// [`SSL_CTX_set_alpn_protos`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_alpn_protos.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn set_alpn_protos(&mut self, protocols: &[u8]) -> Result<(), ErrorStack> { unsafe { assert!(protocols.len() <= c_uint::max_value() as usize); @@ -1012,7 +1020,8 @@ impl SslContextBuilder { /// [`SslContextBuilder::set_alpn_protos`]: struct.SslContextBuilder.html#method.set_alpn_protos /// [`select_next_proto`]: fn.select_next_proto.html /// [`SSL_CTX_set_alpn_select_cb`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_alpn_protos.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn set_alpn_select_callback<F>(&mut self, callback: F) where F: for<'a> Fn(&mut SslRef, &'a [u8]) -> Result<&'a [u8], AlpnError> + 'static + Sync + Send, @@ -1210,7 +1219,8 @@ impl SslContextRef { /// This corresponds to [`SSL_CTX_get0_certificate`]. /// /// [`SSL_CTX_get0_certificate`]: https://www.openssl.org/docs/man1.1.0/ssl/ssl.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn certificate(&self) -> Option<&X509Ref> { unsafe { let ptr = ffi::SSL_CTX_get0_certificate(self.as_ptr()); @@ -1229,7 +1239,8 @@ impl SslContextRef { /// This corresponds to [`SSL_CTX_get0_privatekey`]. /// /// [`SSL_CTX_get0_privatekey`]: https://www.openssl.org/docs/man1.1.0/ssl/ssl.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn private_key(&self) -> Option<&PKeyRef<Private>> { unsafe { let ptr = ffi::SSL_CTX_get0_privatekey(self.as_ptr()); @@ -1786,7 +1797,8 @@ impl SslRef { /// This corresponds to [`SSL_get0_alpn_selected`]. /// /// [`SSL_get0_alpn_selected`]: https://www.openssl.org/docs/manmaster/man3/SSL_get0_next_proto_negotiated.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn selected_alpn_protocol(&self) -> Option<&[u8]> { unsafe { let mut data: *const c_uchar = ptr::null(); @@ -1861,7 +1873,8 @@ impl SslRef { /// This corresponds to [`SSL_get0_param`]. /// /// [`SSL_get0_param`]: https://www.openssl.org/docs/man1.0.2/ssl/SSL_get0_param.html - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub fn param_mut(&mut self) -> &mut X509VerifyParamRef { self._param_mut() } diff --git a/openssl/src/ssl/test.rs b/openssl/src/ssl/test.rs index 765d3044..51ae6cae 100644 --- a/openssl/src/ssl/test.rs +++ b/openssl/src/ssl/test.rs @@ -21,7 +21,8 @@ use ssl; use ssl::{Error, HandshakeError, ShutdownResult, Ssl, SslAcceptor, SslConnector, SslContext, SslFiletype, SslMethod, SslStream, SslVerifyMode, StatusType}; use x509::{X509, X509Name, X509StoreContext, X509VerifyResult}; -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use x509::verify::X509CheckFlags; use pkey::PKey; @@ -135,14 +136,17 @@ macro_rules! run_test( use ssl::{SslContext, Ssl, SslStream, SslVerifyMode, SslOptions}; use hash::MessageDigest; use x509::{X509StoreContext, X509VerifyResult}; - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use x509::X509; - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use x509::store::X509StoreBuilder; use hex::FromHex; use foreign_types::ForeignTypeRef; use super::Server; - #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] + #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] use super::ROOT_CERT; #[test] @@ -182,7 +186,8 @@ run_test!(verify_trusted, |method, stream| { } }); -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] run_test!(verify_trusted_with_set_cert, |method, stream| { let x509 = X509::from_pem(ROOT_CERT).unwrap(); let mut store = X509StoreBuilder::new().unwrap(); @@ -477,7 +482,8 @@ fn test_state() { /// Tests that connecting with the client using ALPN, but the server not does not /// break the existing connection behavior. #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_connect_with_unilateral_alpn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); @@ -499,7 +505,8 @@ fn test_connect_with_unilateral_alpn() { /// Tests that when both the client as well as the server use ALPN and their /// lists of supported protocols have an overlap, the correct protocol is chosen. #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_connect_with_alpn_successful_multiple_matching() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); @@ -522,7 +529,8 @@ fn test_connect_with_alpn_successful_multiple_matching() { /// lists of supported protocols have an overlap -- with only ONE protocol /// being valid for both. #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_connect_with_alpn_successful_single_match() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); @@ -544,7 +552,8 @@ fn test_connect_with_alpn_successful_single_match() { /// Tests that when the `SslStream` is created as a server stream, the protocols /// are correctly advertised to the client. #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_alpn_server_advertise_multiple() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let localhost = listener.local_addr().unwrap(); @@ -586,7 +595,7 @@ fn test_alpn_server_advertise_multiple() { } #[test] -#[cfg(all(feature = "v110", ossl110))] +#[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))] fn test_alpn_server_select_none_fatal() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let localhost = listener.local_addr().unwrap(); @@ -620,7 +629,8 @@ fn test_alpn_server_select_none_fatal() { } #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn test_alpn_server_select_none() { let listener = TcpListener::bind("127.0.0.1:0").unwrap(); let localhost = listener.local_addr().unwrap(); @@ -787,7 +797,8 @@ fn add_extra_chain_cert() { } #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn verify_valid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); @@ -812,7 +823,8 @@ fn verify_valid_hostname() { } #[test] -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] fn verify_invalid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs index 9129b061..7863fafb 100644 --- a/openssl/src/symm.rs +++ b/openssl/src/symm.rs @@ -142,13 +142,13 @@ impl Cipher { } /// Requires OpenSSL 1.1.0 or 1.1.1 and the corresponding Cargo feature. - #[cfg(all(ossl110, feature = "v110"))] + #[cfg(any(all(ossl110, feature = "v110"), all(ossl111, feature = "v111")))] pub fn chacha20() -> Cipher { unsafe { Cipher(ffi::EVP_chacha20()) } } /// Requires OpenSSL 1.1.0 or 1.1.1 and the corresponding Cargo feature. - #[cfg(all(ossl110, feature = "v110"))] + #[cfg(any(all(ossl110, feature = "v110"), all(ossl111, feature = "v111")))] pub fn chacha20_poly1305() -> Cipher { unsafe { Cipher(ffi::EVP_chacha20_poly1305()) } } @@ -968,7 +968,7 @@ mod tests { } #[test] - #[cfg(all(ossl110, feature = "v110"))] + #[cfg(any(all(ossl110, feature = "v110"), all(ossl111, feature = "v111")))] fn test_chacha20() { let key = "0000000000000000000000000000000000000000000000000000000000000000"; let iv = "00000000000000000000000000000000"; @@ -983,7 +983,7 @@ mod tests { } #[test] - #[cfg(all(ossl110, feature = "v110"))] + #[cfg(any(all(ossl110, feature = "v110"), all(ossl111, feature = "v111")))] fn test_chacha20_poly1305() { let key = "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f"; let iv = "070000004041424344454647"; diff --git a/openssl/src/verify.rs b/openssl/src/verify.rs index 75f0071c..de76f61f 100644 --- a/openssl/src/verify.rs +++ b/openssl/src/verify.rs @@ -16,7 +16,7 @@ bitflags! { const SINGLE_LABEL_SUBDOMAINS = ffi::X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS; /// Requires OpenSSL 1.1.0 or 1.1.1 and the corresponding Cargo feature. - #[cfg(all(feature = "v110", ossl110))] + #[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))] const NEVER_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; } } diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index f3a8b8e6..a4bbb5f0 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -73,7 +73,8 @@ use ffi::{ASN1_STRING_get0_data as ASN1_STRING_data, X509_STORE_CTX_get0_chain as X509_STORE_CTX_get_chain, X509_set1_notAfter as X509_set_notAfter, X509_set1_notBefore as X509_set_notBefore}; -#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] +#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110), + all(feature = "v111", ossl111)))] pub mod verify; pub mod extension; @@ -1090,7 +1091,6 @@ foreign_type_and_impl_send_sync! { } impl GeneralNameRef { - fn ia5_string(&self, ffi_type: c_int) -> Option<&str> { unsafe { if (*self.as_ptr()).type_ != ffi_type { |