Skip to content

Commit

Permalink
Merge pull request #2138 from zh-jq/update-boringssl
Browse files Browse the repository at this point in the history
add more boringssl methods
  • Loading branch information
alex authored Jan 19, 2024
2 parents 951d771 + 483ce45 commit fde3d03
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 49 deletions.
38 changes: 19 additions & 19 deletions openssl/src/asn1.rs
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ impl Asn1Type {
/// [`diff`]: struct.Asn1TimeRef.html#method.diff
/// [`Asn1TimeRef`]: struct.Asn1TimeRef.html
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
pub struct TimeDiff {
/// Difference in days
pub days: c_int,
Expand Down Expand Up @@ -199,7 +199,7 @@ foreign_type_and_impl_send_sync! {
impl Asn1TimeRef {
/// Find difference between two times
#[corresponds(ASN1_TIME_diff)]
#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
pub fn diff(&self, compare: &Self) -> Result<TimeDiff, ErrorStack> {
let mut days = 0;
let mut secs = 0;
Expand All @@ -215,7 +215,7 @@ impl Asn1TimeRef {

/// Compare two times
#[corresponds(ASN1_TIME_compare)]
#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
pub fn compare(&self, other: &Self) -> Result<Ordering, ErrorStack> {
let d = self.diff(other)?;
if d.days > 0 || d.secs > 0 {
Expand All @@ -229,7 +229,7 @@ impl Asn1TimeRef {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialEq for Asn1TimeRef {
fn eq(&self, other: &Asn1TimeRef) -> bool {
self.diff(other)
Expand All @@ -238,7 +238,7 @@ impl PartialEq for Asn1TimeRef {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialEq<Asn1Time> for Asn1TimeRef {
fn eq(&self, other: &Asn1Time) -> bool {
self.diff(other)
Expand All @@ -247,7 +247,7 @@ impl PartialEq<Asn1Time> for Asn1TimeRef {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl<'a> PartialEq<Asn1Time> for &'a Asn1TimeRef {
fn eq(&self, other: &Asn1Time) -> bool {
self.diff(other)
Expand All @@ -256,21 +256,21 @@ impl<'a> PartialEq<Asn1Time> for &'a Asn1TimeRef {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialOrd for Asn1TimeRef {
fn partial_cmp(&self, other: &Asn1TimeRef) -> Option<Ordering> {
self.compare(other).ok()
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialOrd<Asn1Time> for Asn1TimeRef {
fn partial_cmp(&self, other: &Asn1Time) -> Option<Ordering> {
self.compare(other).ok()
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl<'a> PartialOrd<Asn1Time> for &'a Asn1TimeRef {
fn partial_cmp(&self, other: &Asn1Time) -> Option<Ordering> {
self.compare(other).ok()
Expand Down Expand Up @@ -352,9 +352,9 @@ impl Asn1Time {

/// Creates a new time corresponding to the specified X509 time string.
///
/// Requires OpenSSL 1.1.1 or newer.
/// Requires BoringSSL or OpenSSL 1.1.1 or newer.
#[corresponds(ASN1_TIME_set_string_X509)]
#[cfg(ossl111)]
#[cfg(any(ossl111, boringssl))]
pub fn from_str_x509(s: &str) -> Result<Asn1Time, ErrorStack> {
unsafe {
let s = CString::new(s).unwrap();
Expand All @@ -367,7 +367,7 @@ impl Asn1Time {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialEq for Asn1Time {
fn eq(&self, other: &Asn1Time) -> bool {
self.diff(other)
Expand All @@ -376,7 +376,7 @@ impl PartialEq for Asn1Time {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialEq<Asn1TimeRef> for Asn1Time {
fn eq(&self, other: &Asn1TimeRef) -> bool {
self.diff(other)
Expand All @@ -385,7 +385,7 @@ impl PartialEq<Asn1TimeRef> for Asn1Time {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl<'a> PartialEq<&'a Asn1TimeRef> for Asn1Time {
fn eq(&self, other: &&'a Asn1TimeRef) -> bool {
self.diff(other)
Expand All @@ -394,21 +394,21 @@ impl<'a> PartialEq<&'a Asn1TimeRef> for Asn1Time {
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialOrd for Asn1Time {
fn partial_cmp(&self, other: &Asn1Time) -> Option<Ordering> {
self.compare(other).ok()
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl PartialOrd<Asn1TimeRef> for Asn1Time {
fn partial_cmp(&self, other: &Asn1TimeRef) -> Option<Ordering> {
self.compare(other).ok()
}
}

#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
impl<'a> PartialOrd<&'a Asn1TimeRef> for Asn1Time {
fn partial_cmp(&self, other: &&'a Asn1TimeRef) -> Option<Ordering> {
self.compare(other).ok()
Expand Down Expand Up @@ -809,7 +809,7 @@ mod tests {
}

#[test]
#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
fn time_eq() {
let a = Asn1Time::from_str("99991231235959Z").unwrap();
let b = Asn1Time::from_str("99991231235959Z").unwrap();
Expand All @@ -828,7 +828,7 @@ mod tests {
}

#[test]
#[cfg(ossl102)]
#[cfg(any(ossl102, boringssl))]
fn time_ord() {
let a = Asn1Time::from_str("99991231235959Z").unwrap();
let b = Asn1Time::from_str("99991231235959Z").unwrap();
Expand Down
43 changes: 20 additions & 23 deletions openssl/src/ssl/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -654,8 +654,8 @@ impl SslVersion {

/// TLSv1.3
///
/// Requires OpenSSL 1.1.1 or LibreSSL 3.4.0 or newer.
#[cfg(any(ossl111, libressl340))]
/// Requires BoringSSL or OpenSSL 1.1.1 or LibreSSL 3.4.0 or newer.
#[cfg(any(ossl111, libressl340, boringssl))]
pub const TLS1_3: SslVersion = SslVersion(ffi::TLS1_3_VERSION);

/// DTLSv1.0
Expand All @@ -666,7 +666,7 @@ impl SslVersion {
/// DTLSv1.2
///
/// DTLS 1.2 corresponds to TLS 1.2 to harmonize versions. There was never a DTLS 1.1.
#[cfg(any(ossl102, libressl332))]
#[cfg(any(ossl102, libressl332, boringssl))]
pub const DTLS1_2: SslVersion = SslVersion(ffi::DTLS1_2_VERSION);
}

Expand Down Expand Up @@ -1147,9 +1147,9 @@ impl SslContextBuilder {
/// A value of `None` will enable protocol versions down to the lowest version supported by
/// OpenSSL.
///
/// Requires OpenSSL 1.1.0 or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.1.0 or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_CTX_set_min_proto_version)]
#[cfg(any(ossl110, libressl261))]
#[cfg(any(ossl110, libressl261, boringssl))]
pub fn set_min_proto_version(&mut self, version: Option<SslVersion>) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::SSL_CTX_set_min_proto_version(
Expand All @@ -1165,9 +1165,9 @@ impl SslContextBuilder {
/// A value of `None` will enable protocol versions up to the highest version supported by
/// OpenSSL.
///
/// Requires OpenSSL 1.1.0 or or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.1.0 or or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_CTX_set_max_proto_version)]
#[cfg(any(ossl110, libressl261))]
#[cfg(any(ossl110, libressl261, boringssl))]
pub fn set_max_proto_version(&mut self, version: Option<SslVersion>) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::SSL_CTX_set_max_proto_version(
Expand Down Expand Up @@ -1223,16 +1223,16 @@ impl SslContextBuilder {
/// and `http/1.1` is encoded as `b"\x06spdy/1\x08http/1.1"`. The protocols are ordered by
/// preference.
///
/// Requires OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_CTX_set_alpn_protos)]
#[cfg(any(ossl102, libressl261))]
#[cfg(any(ossl102, libressl261, boringssl))]
pub fn set_alpn_protos(&mut self, protocols: &[u8]) -> Result<(), ErrorStack> {
unsafe {
assert!(protocols.len() <= c_uint::max_value() as usize);
let r = ffi::SSL_CTX_set_alpn_protos(
self.as_ptr(),
protocols.as_ptr(),
protocols.len() as c_uint,
protocols.len() as _,
);
// fun fact, SSL_CTX_set_alpn_protos has a reversed return code D:
if r == 0 {
Expand Down Expand Up @@ -2480,19 +2480,16 @@ impl SslRef {

/// Like [`SslContextBuilder::set_alpn_protos`].
///
/// Requires OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
///
/// [`SslContextBuilder::set_alpn_protos`]: struct.SslContextBuilder.html#method.set_alpn_protos
#[corresponds(SSL_set_alpn_protos)]
#[cfg(any(ossl102, libressl261))]
#[cfg(any(ossl102, libressl261, boringssl))]
pub fn set_alpn_protos(&mut self, protocols: &[u8]) -> Result<(), ErrorStack> {
unsafe {
assert!(protocols.len() <= c_uint::max_value() as usize);
let r = ffi::SSL_set_alpn_protos(
self.as_ptr(),
protocols.as_ptr(),
protocols.len() as c_uint,
);
let r =
ffi::SSL_set_alpn_protos(self.as_ptr(), protocols.as_ptr(), protocols.len() as _);
// fun fact, SSL_set_alpn_protos has a reversed return code D:
if r == 0 {
Ok(())
Expand Down Expand Up @@ -2639,9 +2636,9 @@ impl SslRef {
/// The protocol's name is returned is an opaque sequence of bytes. It is up to the client
/// to interpret it.
///
/// Requires OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.0.2 or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_get0_alpn_selected)]
#[cfg(any(ossl102, libressl261))]
#[cfg(any(ossl102, libressl261, boringssl))]
pub fn selected_alpn_protocol(&self) -> Option<&[u8]> {
unsafe {
let mut data: *const c_uchar = ptr::null();
Expand Down Expand Up @@ -3334,9 +3331,9 @@ impl SslRef {
/// A value of `None` will enable protocol versions down to the lowest version supported by
/// OpenSSL.
///
/// Requires OpenSSL 1.1.0 or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.1.0 or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_set_min_proto_version)]
#[cfg(any(ossl110, libressl261))]
#[cfg(any(ossl110, libressl261, boringssl))]
pub fn set_min_proto_version(&mut self, version: Option<SslVersion>) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::SSL_set_min_proto_version(
Expand All @@ -3352,9 +3349,9 @@ impl SslRef {
/// A value of `None` will enable protocol versions up to the highest version supported by
/// OpenSSL.
///
/// Requires OpenSSL 1.1.0 or or LibreSSL 2.6.1 or newer.
/// Requires BoringSSL or OpenSSL 1.1.0 or or LibreSSL 2.6.1 or newer.
#[corresponds(SSL_set_max_proto_version)]
#[cfg(any(ossl110, libressl261))]
#[cfg(any(ossl110, libressl261, boringssl))]
pub fn set_max_proto_version(&mut self, version: Option<SslVersion>) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::SSL_set_max_proto_version(
Expand Down
2 changes: 1 addition & 1 deletion openssl/src/ssl/test/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -552,7 +552,7 @@ fn test_alpn_server_select_none() {
}

#[test]
#[cfg(any(ossl102, libressl261))]
#[cfg(any(boringssl, ossl102, libressl261))]
fn test_alpn_server_unilateral() {
let server = Server::builder().build();

Expand Down
6 changes: 3 additions & 3 deletions openssl/src/x509/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -480,15 +480,15 @@ impl X509Ref {

/// Retrieves the path length extension from a certificate, if it exists.
#[corresponds(X509_get_pathlen)]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
pub fn pathlen(&self) -> Option<u32> {
let v = unsafe { ffi::X509_get_pathlen(self.as_ptr()) };
u32::try_from(v).ok()
}

/// Returns this certificate's subject key id, if it exists.
#[corresponds(X509_get0_subject_key_id)]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
pub fn subject_key_id(&self) -> Option<&Asn1OctetStringRef> {
unsafe {
let data = ffi::X509_get0_subject_key_id(self.as_ptr());
Expand All @@ -498,7 +498,7 @@ impl X509Ref {

/// Returns this certificate's authority key id, if it exists.
#[corresponds(X509_get0_authority_key_id)]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
pub fn authority_key_id(&self) -> Option<&Asn1OctetStringRef> {
unsafe {
let data = ffi::X509_get0_authority_key_id(self.as_ptr());
Expand Down
6 changes: 3 additions & 3 deletions openssl/src/x509/tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ fn test_subject_alt_name() {
}

#[test]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
fn test_retrieve_pathlen() {
let cert = include_bytes!("../../test/root-ca.pem");
let cert = X509::from_pem(cert).unwrap();
Expand All @@ -188,7 +188,7 @@ fn test_retrieve_pathlen() {
}

#[test]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
fn test_subject_key_id() {
let cert = include_bytes!("../../test/certv3.pem");
let cert = X509::from_pem(cert).unwrap();
Expand All @@ -201,7 +201,7 @@ fn test_subject_key_id() {
}

#[test]
#[cfg(ossl110)]
#[cfg(any(ossl110, boringssl))]
fn test_authority_key_id() {
let cert = include_bytes!("../../test/certv3.pem");
let cert = X509::from_pem(cert).unwrap();
Expand Down

0 comments on commit fde3d03

Please sign in to comment.