expose DANE functions for SSL/SSL_CTX

The docs at https://www.openssl.org/docs/man1.1.1/man3/SSL_dane_clear_flags.html indicate that DANE functionality has been available since version 1.1.0
sfackler · Oct 14, 2023 · 9229407 · 9229407
1 parent 9e79073
commit 9229407
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs
@@ -924,3 +924,41 @@ extern "C" {
     #[cfg(all(ossl111, not(ossl111b)))]
     pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
 }
+
+#[cfg(ossl110)]
+extern "C" {
+    pub fn SSL_CTX_dane_enable(ctx: *mut SSL_CTX) -> c_int;
+    pub fn SSL_CTX_dane_mtype_set(
+        ctx: *mut SSL_CTX,
+        md: *const EVP_MD,
+        mtype: u8,
+        ord: u8,
+    ) -> c_int;
+    pub fn SSL_dane_enable(s: *mut SSL, basedomain: *const c_char) -> c_int;
+    pub fn SSL_dane_tlsa_add(
+        s: *mut SSL,
+        usage: u8,
+        selector: u8,
+        mtype: u8,
+        data: *const c_uchar,
+        dlen: size_t,
+    ) -> c_int;
+    pub fn SSL_get0_dane_authority(
+        s: *mut SSL,
+        mcert: *mut *mut X509,
+        mspki: *mut *mut EVP_PKEY,
+    ) -> c_int;
+    pub fn SSL_get0_dane_tlsa(
+        s: *mut SSL,
+        usage: *mut u8,
+        selector: *mut u8,
+        mtype: *mut u8,
+        data: *mut *const c_uchar,
+        dlen: *mut size_t,
+    ) -> c_int;
+
+    pub fn SSL_CTX_dane_set_flags(ctx: *mut SSL_CTX, flags: c_ulong) -> c_ulong;
+    pub fn SSL_CTX_dane_clear_flags(ctx: *mut SSL_CTX, flags: c_ulong) -> c_ulong;
+    pub fn SSL_dane_set_flags(ssl: *mut SSL, flags: c_ulong) -> c_ulong;
+    pub fn SSL_dane_clear_flags(ssl: *mut SSL, flags: c_ulong) -> c_ulong;
+}