diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:41:41 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:41:41 +0000 |
| commit | 10ee2acdd26a7f1298c6f6d6b7af9b469fe29b87 (patch) | |
| tree | bdffd5d80c26cf4a7a518281a204be1ace85b4c1 /vendor/openssl-sys | |
| parent | Releasing progress-linux version 1.70.0+dfsg1-9~progress7.99u1. (diff) | |
| download | rustc-10ee2acdd26a7f1298c6f6d6b7af9b469fe29b87.tar.xz rustc-10ee2acdd26a7f1298c6f6d6b7af9b469fe29b87.zip | |
Merging upstream version 1.70.0+dfsg2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'vendor/openssl-sys')
70 files changed, 10586 insertions, 0 deletions
diff --git a/vendor/openssl-sys/.cargo-checksum.json b/vendor/openssl-sys/.cargo-checksum.json new file mode 100644 index 000000000..78f6eb88a --- /dev/null +++ b/vendor/openssl-sys/.cargo-checksum.json @@ -0,0 +1 @@ +{"files":{"CHANGELOG.md":"9d0df60db1e9d7f84cb5389921492e8a9e85a0450037cfd897e25fd182c4ad15","Cargo.toml":"8126aab372849ec7716c452c66ac350cefe7e17d97eff39eb9b353048ba2727c","LICENSE-MIT":"378f5840b258e2779c39418f3f2d7b2ba96f1c7917dd6be0713f88305dbda397","README.md":"c5ddde25c2756a1115daaa671fb4297cdc83bf23009c8356ba65b5311d0dd30d","build/cfgs.rs":"5657ba246be58efcc3768404f15e507dfdbfa1ca4ffab5f1d88eabb12de598d4","build/expando.c":"e94c3718c79499d8af23cb2056958e81d093a117bb6dc404e235726c00d45c36","build/find_normal.rs":"1f9233e5993c3537767d39b66fa5a43f5268a9bf89b70884886652cfa7e869c6","build/find_vendored.rs":"4907761e6bc1115f5081dd4c42aa1df6ec7db3cc8b6e2a46071631c23125fe15","build/main.rs":"d04538b63898180949bc7d9ced4806395011a3f6c5d374d4ebfdf2b30cd9cc33","build/run_bindgen.rs":"5cfe3a8bc5c9a276ec904b807e2aaf2fcb8bed5e52c32752e4379166c4ec06dd","src/aes.rs":"e744b2d608216fb98d365dced84e044951939b6e1868ab52226bf0eeaac3c0f5","src/asn1.rs":"88ce843ffd803b9c6768869d179ddc38b8c1225b092272fdfddd9bd1bdcb3c44","src/bio.rs":"35a5bfd4f38302f3ea47a70d80889280f4f0ae2e3e119082d21322a27c4bb48e","src/bn.rs":"d1b7578c0ec448e3f8ebe68d5048f2761e46715619d81173a5aa89205b9ba8b2","src/cms.rs":"6dbd69d39da588ece53fabdb3a1e2136602eb24ed26106f59c8b852bce0d1a84","src/crypto.rs":"7aee1518a591e4d8b4049c0d5dadf28987dded69cccc17a9cf5a8808c6261d0c","src/dtls1.rs":"0477022d5bcf2b7a620c70ece4da08a2958be3eca5a57127c89d79525c692ebd","src/ec.rs":"2fa5d9a495bc80bf583064c2a0671e13051da2e11bfd725accf2f32e1dabfb0b","src/err.rs":"2eb2bba43e6fc607d7e9cc99c26dfb006a425e647e9bdd1a0b28c014e1363b67","src/evp.rs":"bc7dd771287d8a8032c7d2635391ce31c96d4b26c3c0d2a16bc03aa68c2a8f2e","src/handwritten/aes.rs":"31d07045f63d7ea88d1d182487f6cbd42a613119bed32f12affef37bcba26879","src/handwritten/asn1.rs":"d198d559bbf01b4d1f856e5d3d25cdfb3a0a156e80672011f734b6b0da48aed8","src/handwritten/bio.rs":"137b2cc9f618bd47b96411e0a46e317f8b9aa7b1a37a8b9fb7fe5fd0392c3ebe","src/handwritten/bn.rs":"e27fb3bbed55998b33b2d7b8e9bd8367e75b118e3d66e0f8aced86aa3ca4fc14","src/handwritten/cms.rs":"2aeff50ca7061f8cba7d0cf9d5da7e17e38909aff0295e5b6301aaa7655c5bfd","src/handwritten/conf.rs":"56835aece385e1093665684fa65b7ade778e3f244e1cc9254d75aa6258eef6b2","src/handwritten/crypto.rs":"910fcf6df345e6bdc43e79088f2eb18bd9b8461a786eee38c7799b9d6ecf9fd4","src/handwritten/dh.rs":"237a4179d33fb06210c08e1dc3198d1a60cebcc781266d41ba11f01df5db7ab7","src/handwritten/dsa.rs":"69da4a548c4bcde09cf1b7ca9d0fb20185fd95d1728638a3efcaf7e4c25fc0e4","src/handwritten/ec.rs":"edc3259e9b3530b5b6f3f3e744dc3497d3287f3493b9b59a8f010cfbb6d16f2c","src/handwritten/err.rs":"391a867241db4656411b3da5cc8b30ab23dcc9e928a290f6f215caeeb498403d","src/handwritten/evp.rs":"a7c4c1dac18648b662b7fb9ed9dae484c1c2aee590524368b99f6d2678f9497c","src/handwritten/hmac.rs":"f31cb39769625adb3bcaf5689a0666801ebea4bf5383077b1e76747451a4d07b","src/handwritten/kdf.rs":"bf4ed9a10d8cbeacbdb7a738c76b1a26885e4aa87758879f217a273a5172607a","src/handwritten/mod.rs":"e4115c363a1d670a28a09757ddcf24b2f8ffc8d081c3c9e1791438578a4bcd46","src/handwritten/object.rs":"a61090c529da9cb05420e76991a428d27a544e3c8e7a6c5c66b86e3a13f7ce74","src/handwritten/ocsp.rs":"27979cc0439dff61f4c21c68e3d585c0221bd025425ff9bc181c8e870d44f1a7","src/handwritten/pem.rs":"1d04f7b600f7422a24e81705d8f9467fdf63a5fa4c61468178da4b71c85ea429","src/handwritten/pkcs12.rs":"65534ca2844850576e08113990be3a3241ac54c486c48ceae77b382a657facc0","src/handwritten/pkcs7.rs":"013159a75032305055cbb9cdb0f844353c5cdf052c390e65ddceebbb0afe14e7","src/handwritten/provider.rs":"86d1dbfd1147fcd3bb7ecde52c5b694e7beb599cd5a26754c5af1b179b170f5d","src/handwritten/rand.rs":"c771057f37c64406aa750f36397fa877caf330a8c725e49356c7081c2b2fdd67","src/handwritten/rsa.rs":"64c34e9d207bb562514e6b7fa9892777b2fb1df32a49d4672bf4eb33345a6e30","src/handwritten/safestack.rs":"6c39e28565d34efad707d77561d4caa99e3f028fcac3a2ef6fd403a78de1190c","src/handwritten/sha.rs":"7107e2e7e09e9f8b10433b0005a3f4aafead896d7d35949b607dc42b76e24d44","src/handwritten/srtp.rs":"0e9693c840c696cb31774c35c5af55f197de675a6c7e3326a19d7c79958f1e78","src/handwritten/ssl.rs":"25225b8ff0b7f860d020abb831e4efe5222c8cb6e6765cfc31772d9ec9a35fb8","src/handwritten/stack.rs":"1a509907283e5a2bf88cf193ce607f49ce7d2d95547c2ce2abc0fd4567aad334","src/handwritten/tls1.rs":"eccb78cf777389a975ec79d5efa634a44802fc963a6a392888640c1cfb00da11","src/handwritten/types.rs":"b362064dd6b185ef1cf25fa067a2ffb3598da394d7d68e3cfa39b63e1a3061c8","src/handwritten/x509.rs":"374141db196b5ab25167184b5a6ed26a38ca9c42758b942102817fa804493cf3","src/handwritten/x509_vfy.rs":"4da8c57787ecc69fd73719c22c48d0e9493a8a0903aca9f6b4c9f9ad290a9ac7","src/handwritten/x509v3.rs":"3e16d43fdae5ee78a46e6f390cf83010f1773eda6e37fcd96aab62188603503f","src/lib.rs":"589aca0d79ae9b447019938f61ce0f55124e435bf606399768e3bf8f238f5893","src/macros.rs":"270fa673eba5497b52bd62159e604773dc767cd4536a2377b24ce35cabf680a6","src/obj_mac.rs":"97a6d6ec98a68569187820786daa9ac7c2ba0d541de59f24115a5b6882efa4a4","src/ocsp.rs":"63c9ce598f67eb0bb162d4c8d78cb5049c53c4baa41988328b42f7b1bd982ac8","src/pem.rs":"3a0197173331d8b6143d8036a6b121e6b59cac260107d8f42f9b1a1a3426d6fe","src/pkcs7.rs":"f77db0a26e5546d752001701ea43cd55a0c1f7c317425e1f7529ff92590c5076","src/rsa.rs":"a255b57723b8c3dcd125eb5d7fd69e897687f3de6d95833f73cd909e82b35e75","src/sha.rs":"a5c50aee5fe7a9ba6287129836fce23b9cb35b18de331778d4edbf500b1163b7","src/srtp.rs":"2829d69f64a7c64635340b5e8db48af1d32678b42e7c3b8266c29e26f5b83838","src/ssl.rs":"d938dcf47286ba4b9c814d1415a8823e89e0f814645123348a04683462412ff0","src/ssl3.rs":"9336c816e00847d552dea22587d4ac72ff3cbd469fa5ff750423a19ea11e68eb","src/tls1.rs":"58138a3acd7c634bb754e8c1ed280cfcaded42b61078179d083fe874c6a9025e","src/types.rs":"e201d386731c7d20ee827acab33d10d0fe8aa65559f3e61efbf465e468fb34eb","src/x509.rs":"3193e9e0de000571468ec7467887ed931fede88de54584f8823a789fdb1edd58","src/x509_vfy.rs":"eb4a8f36623bafc40ccba26ba3eada5c57fd1f4e780bfc0e6210e4d772ce09fc","src/x509v3.rs":"f034d0d33c9dcb67f661a7c9a4142853d8f3dec739635d233b3e7cabd3e60172"},"package":"3a20eace9dc2d82904039cb76dcf50fb1a0bba071cfd1629720b5d6f1ddba0fa"}
\ No newline at end of file diff --git a/vendor/openssl-sys/CHANGELOG.md b/vendor/openssl-sys/CHANGELOG.md new file mode 100644 index 000000000..0d8c1e184 --- /dev/null +++ b/vendor/openssl-sys/CHANGELOG.md @@ -0,0 +1,463 @@ +# Change Log + +## [Unreleased] + +## [v0.9.84] - 2023-04-01 + +### Added + +* Added `ASN1_INTEGER_dup` and `ASN1_INTEGER_cmp`. +* Added `stack_st_X509_NAME_ENTRY`. +* Added `DIST_POINT_NAME`, `DIST_POINT`, `stack_st_DIST_POINT`, `DIST_POINT_free`, and `DIST_POINT_NAME_free`. + +## [v0.9.83] - 2023-03-23 + +### Fixed + +* Fixed version checks for LibreSSL. + +### Added + +* Added `i2d_X509_EXTENSION`. +* Added `GENERAL_NAME_new`. + +## [v0.9.82] - 2023-03-19 + +### Added + +* Added support for LibreSSL 3.7.1. +* Added support for X25519 and Ed25519 on LibreSSL and BoringSSL. + +## [v0.9.81] - 2023-03-14 + +### Fixed + +Fixed builds against OpenSSL built with `no-cast`. + +### Added + +* Added experimental bindgen support for BoringSSL. +* Added `X509_VERIFY_PARAM_set_auth_level`, `X509_VERIFY_PARAM_get_auth_level`, and `X509_VERIFY_PARAM_set_purpose`. +* Added `X509_PURPOSE_*` consts. +* Added `X509_NAME_add_entry`. +* Added `X509_load_crl_file`. +* Added `SSL_set_cipher_list`, `SSL_set_ssl_method`, `SSL_use_PrivateKey_file`, `SSL_use_PrivateKey`, `SSL_use_certificate`, `SSL_use_certificate_chain_file`, `SSL_set_client_CA_list`, `SSL_add_client_CA`, and `SSL_set0_verify_cert_store`. +* Added `X509_PURPOSE`, `X509_STORE_set_purpose`, and `X509_STORE_set_trust`. +* Added `SSL_CTX_set_num_tickets`, `SSL_set_num_tickets`, `SSL_CTX_get_num_tickets`, and `SSL_get_num_tickets`. +* Added `CMS_verify`. + +### Removed + +* Removed an unnecessary link to libatomic for 32-bit android targets. + +## [v0.9.80] - 2022-12-20 + +### Fixed + +* Added `NO_DEPRECATED_3_0` cfg checks for more APIs. + +### Added + +* Added support for LibreSSL 3.7.0. +* Added `SSL_CTRL_CHAIN_CERT` and `SSL_add0_chain_cert`. +* Added `EVP_PKEY_get_security_bits` and `EVP_PKEY_security_bits`. +* Added `OSSL_PROVIDER_set_default_search_path`. + +## [v0.9.79] - 2022-12-06 + +### Added + +* Added `EVP_CIPHER_CTX_num`. +* Added `X509_LOOKUP_file` and `X509_load_cert_file`. + +## [v0.9.78] - 2022-11-23 + +### Added + +* Added support for LibreSSL 3.6.x. +* Added `NID_brainpoolP256r1`, `NID_brainpoolP384r1`, and `NID_brainpool512r1`. +* Added `EVP_camellia_128_cfb128`, `EVP_camellia_128_ecb`, `EVP_camellia_192_cfb128`, `EVP_camellia_192_ecb`, + `EVP_camellia_256_cfb128`, and `EVP_camellia_256_ecb`. +* Added `EVP_cast5_cfb64` and `EVP_cast5_ecb`. +* Added `EVP_idea_cfb64` and `EVP_idea_ecb`. +* Added `DSA_SIG`, `d2i_DSA_SIG`, `i2d_DSA_SIG`, `DSA_SIG_new`, `DSA_SIG_free`, `DSA_SIG_get0`, and `DSA_SIG_set0`. +* Added `X509_STORE_set1_param`, `X509_VERIFY_PARAM_new`, `X509_VERIFY_PARAM_set_time`, and + `X509_VERIFY_PARAM_set_depth`. + +## [v0.9.77] - 2022-10-22 + +### Added + +* Added support for LibreSSL 3.6.0 +* Added `assume_init`. + +## [v0.9.76] - 2022-09-26 + +### Added + +* Added `SSL_get_psk_identity_hint` and `SSL_get_psk_identity`. +* Added SHA-3 NID constants. +* Added `SSL_OP_PRIORITIZE_CHACHA`. +* Added `X509_REQ_print`. +* Added `EVP_MD_CTX_size` and `EVP_MD_CTX_get_size` +* Added `EVP_MD_CTX_reset`. +* Added experimental, unstable support for BoringSSL. + +### Fixed + +* Fixed the deprecation note on `SSL_CTX_set_alpn_select_cb`. + +## [v0.9.75] - 2022-07-09 + +### Added + +* Added SM4 bindings. +* Added `EC_GROUP_set_generator` and `EC_POINT_set_affine_coordinates_GFp`. + +## [v0.9.74] - 2022-06-01 + +### Added + +* Added `EVP_MD_block_size`. +* Added `X509V3_EXT_add_alias`. +* Added `X509_V_ERR_INVALID_CA` back when building against OpenSSL 3.0. + +## [v0.9.73] - 2022-05-02 + +### Added + +* Added support for installations that place libraries in `$OPENSSL_DIR/lib64` in addition to `$OPENSSL_DIR/lib`. +* Added `X509_issuer_name_hash`. +* Added `ASN1_string_set`. +* Added `X509_CRL_dup`, `X509_REQ_dup`, `X509_NAME_dup`, and `X509_dup`. +* Added `X509_print`. +* Added support for LibreSSL 3.5.x. + +## [v0.9.72] - 2021-12-11 + +### Changed + +* Temporarily downgraded the vendored OpenSSL back to 1.1.1 due to significant performance regressions. We will move + back to 3.0.0 when a future release resolves those issues. + +### Added + +* Added `PKCS12_set_mac`. +* Added `EVP_PKEY_sign_init`, `EVP_PKEY_sign`, `EVP_PKEY_verify_init`, and `EVP_PKEY_verify`. +* Added support for LibreSSL 3.4.x. + +## [v0.9.71] + +### Fixed + +* Fixed linkage to static OpenSSL 3.0.0 libraries on some 32 bit Android targets. + +### Added + +* Added support for LibreSSL 3.4.1. +* Added `SSL_get_extms_support` and `SSL_CTRL_GET_EXTMS_SUPPORT`. +* Added `OBJ_create`. +* Added `EVP_CIPHER_CTX_get0_cipher`, `EVP_CIPHER_CTX_get_block_size`, `EVP_CIPHER_CTX_get_key_length`, + `EVP_CIPHER_CTX_get_iv_length`, and `EVP_CIPHER_CTX_get_tag_length`. +* Added `EVP_CIPHER_free`. +* Added `EVP_CIPHER_CTX_rand_key`. +* Added `OSSL_LIB_CTX_new` and `OSSL_LIB_CTX_free`. +* Added `EVP_CIPHER_fetch`. +* Added `EVP_MD_fetch` and `EVP_MD_free`. +* Added `OPENSSL_malloc` and `OPENSSL_free`. +* Added `EVP_DigestSignUpdate` and `EVP_DigestVerifyUpdate`. + +## [v0.9.70] - 2021-10-31 + +### Fixed + +* Fixed linkage to static 3.0.0 OpenSSL libraries on some 32 bit architectures. + +## [v0.9.69] - 2021-10-31 + +### Changed + +* Upgraded the vendored OpenSSL to 3.0.0. + +### Added + +* Added support for automatic detection of Homebrew `openssl@3` installs. +* Added `EVP_PKEY_Q_keygen` and `EVP_EC_gen`. + +## [v0.9.68] - 2021-10-27 + +### Added + +* Added `BN_bn2binpad`. +* Added `i2d_X509_NAME` and `d2i_X509_NAME`. +* Added `BN_FLG_MALLOCED`, `BN_FLG_STATIC_DATA`, `BN_FLG_CONSTTIME`, and `BN_FLG_SECURE`. +* Added `BN_CTX_secure_new`, `BN_secure_new`, `BN_set_flags`, and `BN_get_flags`. + +## [v0.9.67] - 2021-09-21 + +### Added + +* Added support for LibreSSL 3.4.0 + +## [v0.9.66] - 2021-08-17 + +### Added + +* Added `EVP_seed_cbc`, `EVP_seed_cfb128`, `EVP_seed_ecb`, and `EVP_seed_ofb`. +* Added `OBJ_length` and `OBJ_get0_data`. +* Added `i2d_PKCS8PrivateKey_bio`. + +## [v0.9.65] - 2021-06-21 + +### Fixed + +* Restored the accidentally deleted `PEM_read_bio_X509_CRL` function. + +## [v0.9.64] - 2021-06-18 + +### Added + +* Added support for OpenSSL 3.x.x. +* Added `SSL_peek`. +* Added `ERR_LIB_ASN1` and `ASN1_R_HEADER_TOO_LONG`. +* Added `d2i_X509_bio`. +* Added `OBJ_nid2obj`. +* Added `RAND_add`. +* Added `SSL_CTX_set_post_handshake_auth`. +* Added `COMP_get_type`. +* Added `X509_get_default_cert_file_env`, `X509_get_default_cert_file`, `X509_get_default_cert_dir_env`, and + `X509_get_default_cirt_dir`. + +## [v0.9.63] - 2021-05-06 + +### Added + +* Added support for LibreSSL 3.3.x. + +## [v0.9.62] - 2021-04-28 + +### Added + +* Added support for LibreSSL 3.3.2. +* Added `DH_set0_key`. +* Added `EC_POINT_get_affine_coordinates`. + +## [v0.9.61] - 2021-03-13 + +### Added + +* Added support for automatic detection of OpenSSL installations via pkgsrc and MacPorts on macOS. +* Added various `V_ASN1_*` constants. +* Added `DH_generate_parameters_ex`. +* Added `EC_POINT_is_at_infinity` and `EC_POINT_is_on_curve`. +* Added `EVP_CIPHER_nid`. +* Added `EVP_sm3`. +* Added `NID_*` constants related to SM3. +* Added `PKCS7_get0_signers`. +* Added `EVP_PKEY_CTX_set0_rsa_oaep_label`. +* Added `ACCESS_DESCRIPTION` and `ACCESS_DESCRIPTION_free`. + +## [v0.9.60] - 2020-12-24 + +### Added + +* Added support for the default Homebrew install directory on ARM. +* Added `EVP_PKEY_CTX_set_rsa_oaep_md` and `EVP_PKEY_CTRL_RSA_OAEP_MD`. + +## [v0.9.59] - 2020-12-09 + +### Added + +* Added support for LibreSSL 3.2.x, 3.3.0, and 3.3.1. +* Added `DH_generate_parameters`, `DH_generate_key`, `DH_compute_key`, and `DH_size`. +* Added `NID_X25519`, `NID_X448`, `EVP_PKEY_x25519` and `EVP_PKEY_x448`. +* Added `OBJ_txt2obj`. +* Added `d2i_PKCS7` and `i2d_PKCS7`. +* Added `SRTP_AEAD_AES_128_GCM` and `SRTP_AEAD_AES_256_GCM`. + +## [v0.9.58] - 2020-06-05 + +### Added + +* Added `SSL_set_mtu`. +* Added support for LibreSSL 3.2.0. +* Added `PEM_read_bio_EC_PUBKEY`, `PEM_write_bio_EC_PUBKEY`, `d2i_EC_PUBKEY`, and `i2d_EC_PUBKEY`. +* Added `EVP_PKEY_encrypt_init`, `EVP_PKEY_encrypt`, `EVP_PKEY_decrypt_init`, `EVP_PKEY_decrypt`, + `EVP_PKEY_get_raw_public_key`, `EVP_PKEY_new_raw_public_key`, `EVP_PKEY_get_raw_private_key`, + and `EVP_PKEY_new_raw_private_key`. +* Added `OBJ_sn2nid`. + +## [v0.9.57] - 2020-05-24 + +### Added + +* Added support for LibreSSL 3.1.x. + +## [v0.9.56] - 2020-05-07 + +### Fixed + +* Fixed vendored builds on windows-gnu targets. + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.55] - 2020-04-07 + +### Fixed + +* Fixed windows-msvc library names when using OpenSSL from vcpkg. + +### Added + +* If the `OPENSSL_NO_VENDOR` environment variable is set, vendoring will not be used even if enabled. +* Added `SSL_CTX_get_verify_mode` and `SSL_get_verify_mode`. +* Added `SSL_is_init_finished`. +* Added `SSL_CTX_set_cert_store`. +* Added `TLS_server_method` and `TLS_client_method`. +* Added `X509_STORE_get0_objects`. +* Added `X509_OBJECT_free`, `X509_OBJECT_get_type`, and `X509_OBJECT_get0_X509`. + +## [v0.9.54] - 2020-01-29 + +### Added + +* Added `BIO_CTRL_DGRAM_QUERY_MTU`. +* Added `EVP_EncryptInit_ex`, `EVP_EncryptFinal_ex`, `EVP_DecryptInit_ex`, and `EVP_DecryptFinal_ex`. +* Added `EVP_md_null`. +* Added `EVP_PKCS82PKEY`. +* Added `PKCS8_PRIV_KEY_INFO`, `d2i_PKCS8_PRIV_KEY_INFO`, and `PKCS8_PRIV_KEY_INFO_free`. +* Added `SSL_OP_NO_RENEGOTIATION`. + +## [v0.9.53] - 2019-11-22 + +### Added + +* Added `ASN1_TIME_diff`. +* Added `EC_GROUP_order_bits`. +* Added `EVP_EncodeBlock` and `EVP_DecodeBlock`. +* Added `SSL_CTRL_SET_GROUPS_LIST`, `SSL_CTRL_SET_SIGALGS_LIST`, `SSL_CTX_set1_groups_list`, and + `SSL_CTX_set1_sigalgs_list`. +* Added `Clone` implementations to `SHA_CTX`, `SHA256_CTX`, and `SHA512_CTX`. + +## [v0.9.52] - 2019-10-19 + +### Added + +* Added support for LibreSSL 3.0.x. + +## [v0.9.51] - 2019-10-02 + +### Added + +* Added support for LibreSSL 3.0.1. + +## [v0.9.50] - 2019-10-02 + +### Added + +* Added `CRYPTO_LOCK_EVP_PKEY`. +* Added `EVP_PKEY_ED25519` and `EVP_PKEY_ED448`. +* Added `EVP_DigestSign` and `EVP_DigestVerify`. +* Added `EVP_PKEY_up_ref`. +* Added `NID_ED25519` and `NID_ED448`. + +## [v0.9.49] - 2019-08-15 + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.48] - 2019-07-19 + +### Added + +* Added `AES_wrap_key` and `AES_unwrap_key`. +* Added `EC_GROUP_get_cofactor`, `EC_GROUP_get0_generator`, and `EC_POINT_dup`. +* Added `EVP_aes_128_ofb`, `EVP_aes_192_ecb`, `EVP_aes_192_cbc`, `EVP_aes_192_cfb1`, `EVP_aes_192_cfb8`, + `EVP_aes_192_cfb_128`, `EVP_aes_192_ctr`, `EVP_aes_192_ccm`, `EVP_aes_192_gcm`, `EVP_aes_192_ofb`, and + `EVP_aes_256_ofb`. +* Added `PEM_read_bio_CMS` and `PEM_write_bio_CMS`. + +## [v0.9.47] - 2019-05-18 + +### Added + +* Added `SSL_CTX_add_client_CA`. + +## [v0.9.46] - 2019-05-08 + +### Added + +* Added support for the LibreSSL 2.9.x series. + +## [v0.9.45] - 2019-05-03 + +### Fixed + +* Reverted a change to windows-gnu library names that caused regressions. + +## [v0.9.44] - 2019-04-30 + +### Added + +* The `DEP_OPENSSL_VENDORED` environment variable tells downstream build scripts if the vendored feature was enabled. +* Added `EVP_SealInit`, `EVP_SealFinal`, `EVP_EncryptUpdate`, `EVP_OpenInit`, `EVP_OpenFinal`, and `EVP_DecryptUpdate`. +* Added `EVP_PKEY_size`. + +### Fixed + +* Fixed library names when targeting windows-gnu and pkg-config fails. + +## [v0.9.43] - 2019-03-20 + +### Added + +* Added `d2i_CMS_ContentInfo` and `CMS_encrypt`. +* Added `X509_verify` and `X509_REQ_verify`. +* Added `EVP_MD_type` and `EVP_GROUP_get_curve_name`. + +[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.84..master +[v0.9.84]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.83...openssl-sys-v0.9.84 +[v0.9.83]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.82...openssl-sys-v0.9.83 +[v0.9.82]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.81...openssl-sys-v0.9.82 +[v0.9.81]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.80...openssl-sys-v0.9.81 +[v0.9.80]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.79...openssl-sys-v0.9.80 +[v0.9.79]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.78...openssl-sys-v0.9.79 +[v0.9.78]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.77...openssl-sys-v0.9.78 +[v0.9.77]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.76...openssl-sys-v0.9.77 +[v0.9.76]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.75...openssl-sys-v0.9.76 +[v0.9.75]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.74...openssl-sys-v0.9.75 +[v0.9.74]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.73...openssl-sys-v0.9.74 +[v0.9.73]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.72...openssl-sys-v0.9.73 +[v0.9.72]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.71...openssl-sys-v0.9.72 +[v0.9.71]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.70...openssl-sys-v0.9.71 +[v0.9.70]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.69...openssl-sys-v0.9.70 +[v0.9.69]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.68...openssl-sys-v0.9.69 +[v0.9.68]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.67...openssl-sys-v0.9.68 +[v0.9.67]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.66...openssl-sys-v0.9.67 +[v0.9.66]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.65...openssl-sys-v0.9.66 +[v0.9.65]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.64...openssl-sys-v0.9.65 +[v0.9.64]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.63...openssl-sys-v0.9.64 +[v0.9.63]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.62...openssl-sys-v0.9.63 +[v0.9.62]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.61...openssl-sys-v0.9.62 +[v0.9.61]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.60...openssl-sys-v0.9.61 +[v0.9.60]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.59...openssl-sys-v0.9.60 +[v0.9.59]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.58...openssl-sys-v0.9.59 +[v0.9.58]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.57...openssl-sys-v0.9.58 +[v0.9.57]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.56...openssl-sys-v0.9.57 +[v0.9.56]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.55...openssl-sys-v0.9.56 +[v0.9.55]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.54...openssl-sys-v0.9.55 +[v0.9.54]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.53...openssl-sys-v0.9.54 +[v0.9.53]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.52...openssl-sys-v0.9.53 +[v0.9.52]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.51...openssl-sys-v0.9.52 +[v0.9.51]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.50...openssl-sys-v0.9.51 +[v0.9.50]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.49...openssl-sys-v0.9.50 +[v0.9.49]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.48...openssl-sys-v0.9.49 +[v0.9.48]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.47...openssl-sys-v0.9.48 +[v0.9.47]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.46...openssl-sys-v0.9.47 +[v0.9.46]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.45...openssl-sys-v0.9.46 +[v0.9.45]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.44...openssl-sys-v0.9.45 +[v0.9.44]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.43...openssl-sys-v0.9.44 +[v0.9.43]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.42...openssl-sys-v0.9.43 diff --git a/vendor/openssl-sys/Cargo.toml b/vendor/openssl-sys/Cargo.toml new file mode 100644 index 000000000..80afc7c48 --- /dev/null +++ b/vendor/openssl-sys/Cargo.toml @@ -0,0 +1,61 @@ +# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO +# +# When uploading crates to the registry Cargo will automatically +# "normalize" Cargo.toml files for maximal compatibility +# with all versions of Cargo and also rewrite `path` dependencies +# to registry (e.g., crates.io) dependencies. +# +# If you are reading this file be aware that the original Cargo.toml +# will likely look very different (and much more reasonable). +# See Cargo.toml.orig for the original contents. + +[package] +edition = "2018" +name = "openssl-sys" +version = "0.9.84" +authors = [ + "Alex Crichton <alex@alexcrichton.com>", + "Steven Fackler <sfackler@gmail.com>", +] +build = "build/main.rs" +links = "openssl" +description = "FFI bindings to OpenSSL" +readme = "README.md" +categories = [ + "cryptography", + "external-ffi-bindings", +] +license = "MIT" +repository = "https://github.com/sfackler/rust-openssl" + +[package.metadata.pkg-config] +openssl = "1.0.1" + +[dependencies.bssl-sys] +version = "0.1.0" +optional = true + +[dependencies.libc] +version = "0.2" + +[build-dependencies.bindgen] +version = "0.64.0" +features = ["experimental"] +optional = true + +[build-dependencies.cc] +version = "1.0" + +[build-dependencies.openssl-src] +version = "111" +optional = true + +[build-dependencies.pkg-config] +version = "0.3.9" + +[features] +unstable_boringssl = ["bssl-sys"] +vendored = ["openssl-src"] + +[target."cfg(target_env = \"msvc\")".build-dependencies.vcpkg] +version = "0.2.8" diff --git a/vendor/openssl-sys/LICENSE-MIT b/vendor/openssl-sys/LICENSE-MIT new file mode 100644 index 000000000..39e0ed660 --- /dev/null +++ b/vendor/openssl-sys/LICENSE-MIT @@ -0,0 +1,25 @@ +Copyright (c) 2014 Alex Crichton + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/vendor/openssl-sys/README.md b/vendor/openssl-sys/README.md new file mode 100644 index 000000000..50c6d5772 --- /dev/null +++ b/vendor/openssl-sys/README.md @@ -0,0 +1,22 @@ +# rust-openssl + +[](https://crates.io/crates/openssl) + +OpenSSL bindings for the Rust programming language. + +[Documentation](https://docs.rs/openssl). + +## Release Support + +The current supported release of `openssl` is 0.10 and `openssl-sys` is 0.9. + +New major versions will be published at most once per year. After a new +release, the previous major version will be partially supported with bug +fixes for 3 months, after which support will be dropped entirely. + +### Contribution + +Unless you explicitly state otherwise, any contribution intentionally +submitted for inclusion in the work by you, as defined in the Apache-2.0 +license, shall be dual licensed under the terms of both the Apache License, +Version 2.0 and the MIT license without any additional terms or conditions. diff --git a/vendor/openssl-sys/build/cfgs.rs b/vendor/openssl-sys/build/cfgs.rs new file mode 100644 index 000000000..960515f00 --- /dev/null +++ b/vendor/openssl-sys/build/cfgs.rs @@ -0,0 +1,97 @@ +pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&'static str> { + let mut cfgs = vec![]; + + if let Some(libressl_version) = libressl_version { + cfgs.push("libressl"); + + if libressl_version >= 0x2_05_01_00_0 { + cfgs.push("libressl251"); + } + if libressl_version >= 0x2_05_02_00_0 { + cfgs.push("libressl252"); + } + if libressl_version >= 0x2_06_01_00_0 { + cfgs.push("libressl261"); + } + if libressl_version >= 0x2_07_00_00_0 { + cfgs.push("libressl270"); + } + if libressl_version >= 0x2_07_01_00_0 { + cfgs.push("libressl271"); + } + if libressl_version >= 0x2_07_03_00_0 { + cfgs.push("libressl273"); + } + if libressl_version >= 0x2_08_00_00_0 { + cfgs.push("libressl280"); + } + if libressl_version >= 0x2_08_01_00_0 { + cfgs.push("libressl281"); + } + if libressl_version >= 0x2_09_01_00_0 { + cfgs.push("libressl291"); + } + if libressl_version >= 0x3_01_00_00_0 { + cfgs.push("libressl310"); + } + if libressl_version >= 0x3_02_01_00_0 { + cfgs.push("libressl321"); + } + if libressl_version >= 0x3_03_02_00_0 { + cfgs.push("libressl332"); + } + if libressl_version >= 0x3_04_00_00_0 { + cfgs.push("libressl340"); + } + if libressl_version >= 0x3_05_00_00_0 { + cfgs.push("libressl350"); + } + if libressl_version >= 0x3_06_00_00_0 { + cfgs.push("libressl360"); + } + if libressl_version >= 0x3_07_00_00_0 { + cfgs.push("libressl370"); + } + } else { + let openssl_version = openssl_version.unwrap(); + + if openssl_version >= 0x3_00_00_00_0 { + cfgs.push("ossl300"); + } + if openssl_version >= 0x1_00_01_00_0 { + cfgs.push("ossl101"); + } + if openssl_version >= 0x1_00_02_00_0 { + cfgs.push("ossl102"); + } + if openssl_version >= 0x1_00_02_06_0 { + cfgs.push("ossl102f"); + } + if openssl_version >= 0x1_00_02_08_0 { + cfgs.push("ossl102h"); + } + if openssl_version >= 0x1_01_00_00_0 { + cfgs.push("ossl110"); + } + if openssl_version >= 0x1_01_00_06_0 { + cfgs.push("ossl110f"); + } + if openssl_version >= 0x1_01_00_07_0 { + cfgs.push("ossl110g"); + } + if openssl_version >= 0x1_01_00_08_0 { + cfgs.push("ossl110h"); + } + if openssl_version >= 0x1_01_01_00_0 { + cfgs.push("ossl111"); + } + if openssl_version >= 0x1_01_01_02_0 { + cfgs.push("ossl111b"); + } + if openssl_version >= 0x1_01_01_03_0 { + cfgs.push("ossl111c"); + } + } + + cfgs +} diff --git a/vendor/openssl-sys/build/expando.c b/vendor/openssl-sys/build/expando.c new file mode 100644 index 000000000..11fb04db0 --- /dev/null +++ b/vendor/openssl-sys/build/expando.c @@ -0,0 +1,124 @@ +#include <openssl/opensslv.h> +#include <openssl/opensslconf.h> + +#define VERSION2(n, v) RUST_VERSION_##n##_##v +#define VERSION(n, v) VERSION2(n, v) + +#define NEW_VERSION2(a, b, c) RUST_VERSION_NEW_OPENSSL_##a##_##b##_##c +#define NEW_VERSION(a, b, c) NEW_VERSION2(a, b, c) + +#ifdef LIBRESSL_VERSION_NUMBER +VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER) +#elif defined OPENSSL_VERSION_MAJOR +NEW_VERSION(OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH) +#else +VERSION(OPENSSL, OPENSSL_VERSION_NUMBER) +#endif + +#ifdef OPENSSL_IS_BORINGSSL +RUST_OPENSSL_IS_BORINGSSL +#endif + +#ifdef OPENSSL_NO_BF +RUST_CONF_OPENSSL_NO_BF +#endif + +#ifdef OPENSSL_NO_BUF_FREELISTS +RUST_CONF_OPENSSL_NO_BUF_FREELISTS +#endif + +#ifdef OPENSSL_NO_CHACHA +RUST_CONF_OPENSSL_NO_CHACHA +#endif + +#ifdef OPENSSL_NO_IDEA +RUST_CONF_OPENSSL_NO_IDEA +#endif + +#ifdef OPENSSL_NO_CAMELLIA +RUST_CONF_OPENSSL_NO_CAMELLIA +#endif + +#ifdef OPENSSL_NO_CAST +RUST_CONF_OPENSSL_NO_CAST +#endif + +#ifdef OPENSSL_NO_CMS +RUST_CONF_OPENSSL_NO_CMS +#endif + +#ifdef OPENSSL_NO_COMP +RUST_CONF_OPENSSL_NO_COMP +#endif + +#ifdef OPENSSL_NO_EC +RUST_CONF_OPENSSL_NO_EC +#endif + +#ifdef OPENSSL_NO_EC2M +RUST_CONF_OPENSSL_NO_EC2M +#endif + +#ifdef OPENSSL_NO_ENGINE +RUST_CONF_OPENSSL_NO_ENGINE +#endif + +#ifdef OPENSSL_NO_KRB5 +RUST_CONF_OPENSSL_NO_KRB5 +#endif + +#ifdef OPENSSL_NO_NEXTPROTONEG +RUST_CONF_OPENSSL_NO_NEXTPROTONEG +#endif + +#ifdef OPENSSL_NO_OCSP +RUST_CONF_OPENSSL_NO_OCSP +#endif + +#ifdef OPENSSL_NO_PSK +RUST_CONF_OPENSSL_NO_PSK +#endif + +#ifdef OPENSSL_NO_RFC3779 +RUST_CONF_OPENSSL_NO_RFC3779 +#endif + +#ifdef OPENSSL_NO_RMD160 +RUST_CONF_OPENSSL_NO_RMD160 +#endif + +#ifdef OPENSSL_NO_SHA +RUST_CONF_OPENSSL_NO_SHA +#endif + +#ifdef OPENSSL_NO_SRP +RUST_CONF_OPENSSL_NO_SRP +#endif + +#ifdef OPENSSL_NO_SSL3_METHOD +RUST_CONF_OPENSSL_NO_SSL3_METHOD +#endif + +#ifdef OPENSSL_NO_TLSEXT +RUST_CONF_OPENSSL_NO_TLSEXT +#endif + +#ifdef OPENSSL_NO_STDIO +RUST_CONF_OPENSSL_NO_STDIO +#endif + +#ifdef OPENSSL_NO_SM3 +RUST_CONF_OPENSSL_NO_SM3 +#endif + +#ifdef OPENSSL_NO_SM4 +RUST_CONF_OPENSSL_NO_SM4 +#endif + +#ifdef OPENSSL_NO_DEPRECATED_3_0 +RUST_CONF_OPENSSL_NO_DEPRECATED_3_0 +#endif + +#ifdef OPENSSL_NO_SEED +RUST_CONF_OPENSSL_NO_SEED +#endif diff --git a/vendor/openssl-sys/build/find_normal.rs b/vendor/openssl-sys/build/find_normal.rs new file mode 100644 index 000000000..791fc3398 --- /dev/null +++ b/vendor/openssl-sys/build/find_normal.rs @@ -0,0 +1,275 @@ +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +use std::process::{self, Command}; + +use super::env; + +pub fn get_openssl(target: &str) -> (Vec<PathBuf>, PathBuf) { + let lib_dir = env("OPENSSL_LIB_DIR").map(PathBuf::from); + let include_dir = env("OPENSSL_INCLUDE_DIR").map(PathBuf::from); + + match (lib_dir, include_dir) { + (Some(lib_dir), Some(include_dir)) => (vec![lib_dir], include_dir), + (lib_dir, include_dir) => { + let openssl_dir = env("OPENSSL_DIR").unwrap_or_else(|| find_openssl_dir(target)); + let openssl_dir = Path::new(&openssl_dir); + let lib_dir = lib_dir.map(|d| vec![d]).unwrap_or_else(|| { + let mut lib_dirs = vec![]; + // OpenSSL 3.0 now puts it's libraries in lib64/ by default, + // check for both it and lib/. + if openssl_dir.join("lib64").exists() { + lib_dirs.push(openssl_dir.join("lib64")); + } + if openssl_dir.join("lib").exists() { + lib_dirs.push(openssl_dir.join("lib")); + } + lib_dirs + }); + let include_dir = include_dir.unwrap_or_else(|| openssl_dir.join("include")); + (lib_dir, include_dir) + } + } +} + +fn resolve_with_wellknown_homebrew_location(dir: &str) -> Option<PathBuf> { + let versions = ["openssl@3", "openssl@1.1"]; + + // Check up default aarch 64 Homebrew installation location first + // for quick resolution if possible. + // `pkg-config` on brew doesn't necessarily contain settings for openssl apparently. + for version in &versions { + let homebrew = Path::new(dir).join(format!("opt/{}", version)); + if homebrew.exists() { + return Some(homebrew); + } + } + + for version in &versions { + // Calling `brew --prefix <package>` command usually slow and + // takes seconds, and will be used only as a last resort. + let output = execute_command_and_get_output("brew", &["--prefix", version]); + if let Some(ref output) = output { + let homebrew = Path::new(&output); + if homebrew.exists() { + return Some(homebrew.to_path_buf()); + } + } + } + + None +} + +fn resolve_with_wellknown_location(dir: &str) -> Option<PathBuf> { + let root_dir = Path::new(dir); + let include_openssl = root_dir.join("include/openssl"); + if include_openssl.exists() { + Some(root_dir.to_path_buf()) + } else { + None + } +} + +fn find_openssl_dir(target: &str) -> OsString { + let host = env::var("HOST").unwrap(); + + if host == target && target.ends_with("-apple-darwin") { + let homebrew_dir = match target { + "aarch64-apple-darwin" => "/opt/homebrew", + _ => "/usr/local", + }; + + if let Some(dir) = resolve_with_wellknown_homebrew_location(homebrew_dir) { + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/pkg") { + // pkgsrc + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/local") { + // MacPorts + return dir.into(); + } + } + + try_pkg_config(); + try_vcpkg(); + + // FreeBSD ships with OpenSSL but doesn't include a pkg-config file :( + if host == target && target.contains("freebsd") { + return OsString::from("/usr"); + } + + // DragonFly has libressl (or openssl) in ports, but this doesn't include a pkg-config file + if host == target && target.contains("dragonfly") { + return OsString::from("/usr/local"); + } + + let mut msg = format!( + " + +Could not find directory of OpenSSL installation, and this `-sys` crate cannot +proceed without this knowledge. If OpenSSL is installed and this crate had +trouble finding it, you can set the `OPENSSL_DIR` environment variable for the +compilation process. + +Make sure you also have the development packages of openssl installed. +For example, `libssl-dev` on Ubuntu or `openssl-devel` on Fedora. + +If you're in a situation where you think the directory *should* be found +automatically, please open a bug at https://github.com/sfackler/rust-openssl +and include information about your system as well as this message. + +$HOST = {} +$TARGET = {} +openssl-sys = {} + +", + host, + target, + env!("CARGO_PKG_VERSION") + ); + + if host.contains("apple-darwin") && target.contains("apple-darwin") { + let system = Path::new("/usr/lib/libssl.0.9.8.dylib"); + if system.exists() { + msg.push_str( + " + +openssl-sys crate build failed: no supported version of OpenSSL found. + +Ways to fix it: +- Use the `vendored` feature of openssl-sys crate to build OpenSSL from source. +- Use Homebrew to install the `openssl` package. + +", + ); + } + } + + if host.contains("unknown-linux") + && target.contains("unknown-linux-gnu") + && Command::new("pkg-config").output().is_err() + { + msg.push_str( + " +It looks like you're compiling on Linux and also targeting Linux. Currently this +requires the `pkg-config` utility to find OpenSSL but unfortunately `pkg-config` +could not be found. If you have OpenSSL installed you can likely fix this by +installing `pkg-config`. + +", + ); + } + + if host.contains("windows") && target.contains("windows-gnu") { + msg.push_str( + " +It looks like you're compiling for MinGW but you may not have either OpenSSL or +pkg-config installed. You can install these two dependencies with: + +pacman -S openssl-devel pkg-config + +and try building this crate again. + +", + ); + } + + if host.contains("windows") && target.contains("windows-msvc") { + msg.push_str( + " +It looks like you're compiling for MSVC but we couldn't detect an OpenSSL +installation. If there isn't one installed then you can try the rust-openssl +README for more information about how to download precompiled binaries of +OpenSSL: + +https://github.com/sfackler/rust-openssl#windows + +", + ); + } + + panic!("{}", msg); +} + +/// Attempt to find OpenSSL through pkg-config. +/// +/// Note that if this succeeds then the function does not return as pkg-config +/// typically tells us all the information that we need. +fn try_pkg_config() { + let target = env::var("TARGET").unwrap(); + let host = env::var("HOST").unwrap(); + + // If we're going to windows-gnu we can use pkg-config, but only so long as + // we're coming from a windows host. + // + // Otherwise if we're going to windows we probably can't use pkg-config. + if target.contains("windows-gnu") && host.contains("windows") { + env::set_var("PKG_CONFIG_ALLOW_CROSS", "1"); + } else if target.contains("windows") { + return; + } + + let lib = match pkg_config::Config::new() + .print_system_libs(false) + .probe("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("run pkg_config fail: {:?}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + for include in lib.include_paths.iter() { + println!("cargo:include={}", include.display()); + } + + process::exit(0); +} + +/// Attempt to find OpenSSL through vcpkg. +/// +/// Note that if this succeeds then the function does not return as vcpkg +/// should emit all of the cargo metadata that we need. +#[cfg(target_env = "msvc")] +fn try_vcpkg() { + // vcpkg will not emit any metadata if it can not find libraries + // appropriate for the target triple with the desired linkage. + + let lib = match vcpkg::Config::new() + .emit_includes(true) + .find_package("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("note: vcpkg did not find openssl: {}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + println!("cargo:rustc-link-lib=user32"); + println!("cargo:rustc-link-lib=gdi32"); + println!("cargo:rustc-link-lib=crypt32"); + + process::exit(0); +} + +#[cfg(not(target_env = "msvc"))] +fn try_vcpkg() {} + +fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option<String> { + let out = Command::new(cmd).args(args).output(); + if let Ok(ref r1) = out { + if r1.status.success() { + let r2 = String::from_utf8(r1.stdout.clone()); + if let Ok(r3) = r2 { + return Some(r3.trim().to_string()); + } + } + } + + None +} diff --git a/vendor/openssl-sys/build/find_vendored.rs b/vendor/openssl-sys/build/find_vendored.rs new file mode 100644 index 000000000..c92b2bd39 --- /dev/null +++ b/vendor/openssl-sys/build/find_vendored.rs @@ -0,0 +1,16 @@ +use openssl_src; +use std::path::PathBuf; + +pub fn get_openssl(_target: &str) -> (Vec<PathBuf>, PathBuf) { + let artifacts = openssl_src::Build::new().build(); + println!("cargo:vendored=1"); + println!( + "cargo:root={}", + artifacts.lib_dir().parent().unwrap().display() + ); + + ( + vec![artifacts.lib_dir().to_path_buf()], + artifacts.include_dir().to_path_buf(), + ) +} diff --git a/vendor/openssl-sys/build/main.rs b/vendor/openssl-sys/build/main.rs new file mode 100644 index 000000000..5c1f668fb --- /dev/null +++ b/vendor/openssl-sys/build/main.rs @@ -0,0 +1,415 @@ +#![allow( + clippy::inconsistent_digit_grouping, + clippy::uninlined_format_args, + clippy::unusual_byte_groupings +)] + +#[cfg(feature = "bindgen")] +extern crate bindgen; +extern crate cc; +#[cfg(feature = "vendored")] +extern crate openssl_src; +extern crate pkg_config; +#[cfg(target_env = "msvc")] +extern crate vcpkg; + +use std::collections::HashSet; +use std::env; +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +mod cfgs; + +mod find_normal; +#[cfg(feature = "vendored")] +mod find_vendored; +mod run_bindgen; + +#[derive(PartialEq)] +enum Version { + Openssl3xx, + Openssl11x, + Openssl10x, + Libressl, + Boringssl, +} + +fn env_inner(name: &str) -> Option<OsString> { + let var = env::var_os(name); + println!("cargo:rerun-if-env-changed={}", name); + + match var { + Some(ref v) => println!("{} = {}", name, v.to_string_lossy()), + None => println!("{} unset", name), + } + + var +} + +fn env(name: &str) -> Option<OsString> { + let prefix = env::var("TARGET").unwrap().to_uppercase().replace('-', "_"); + let prefixed = format!("{}_{}", prefix, name); + env_inner(&prefixed).or_else(|| env_inner(name)) +} + +fn find_openssl(target: &str) -> (Vec<PathBuf>, PathBuf) { + #[cfg(feature = "vendored")] + { + // vendor if the feature is present, unless + // OPENSSL_NO_VENDOR exists and isn't `0` + if env("OPENSSL_NO_VENDOR").map_or(true, |s| s == "0") { + return find_vendored::get_openssl(target); + } + } + find_normal::get_openssl(target) +} + +fn check_ssl_kind() { + if cfg!(feature = "unstable_boringssl") { + println!("cargo:rustc-cfg=boringssl"); + println!("cargo:boringssl=true"); + // BoringSSL does not have any build logic, exit early + std::process::exit(0); + } +} + +fn main() { + check_ssl_kind(); + + let target = env::var("TARGET").unwrap(); + + let (lib_dirs, include_dir) = find_openssl(&target); + + if !lib_dirs.iter().all(|p| Path::new(p).exists()) { + panic!("OpenSSL library directory does not exist: {:?}", lib_dirs); + } + if !Path::new(&include_dir).exists() { + panic!( + "OpenSSL include directory does not exist: {}", + include_dir.to_string_lossy() + ); + } + + for lib_dir in lib_dirs.iter() { + println!( + "cargo:rustc-link-search=native={}", + lib_dir.to_string_lossy() + ); + } + println!("cargo:include={}", include_dir.to_string_lossy()); + + let version = postprocess(&[include_dir]); + + let libs_env = env("OPENSSL_LIBS"); + let libs = match libs_env.as_ref().and_then(|s| s.to_str()) { + Some(v) => { + if v.is_empty() { + vec![] + } else { + v.split(':').collect() + } + } + None => match version { + Version::Openssl10x if target.contains("windows") => vec!["ssleay32", "libeay32"], + Version::Openssl3xx | Version::Openssl11x if target.contains("windows-msvc") => { + vec!["libssl", "libcrypto"] + } + _ => vec!["ssl", "crypto"], + }, + }; + + let kind = determine_mode(&lib_dirs, &libs); + for lib in libs.into_iter() { + println!("cargo:rustc-link-lib={}={}", kind, lib); + } + + if kind == "static" && target.contains("windows") { + println!("cargo:rustc-link-lib=dylib=gdi32"); + println!("cargo:rustc-link-lib=dylib=user32"); + println!("cargo:rustc-link-lib=dylib=crypt32"); + println!("cargo:rustc-link-lib=dylib=ws2_32"); + println!("cargo:rustc-link-lib=dylib=advapi32"); + } +} + +#[allow(clippy::let_and_return)] +fn postprocess(include_dirs: &[PathBuf]) -> Version { + let version = validate_headers(include_dirs); + + // Never run bindgen for BoringSSL, if it was needed we already ran it. + if version != Version::Boringssl { + #[cfg(feature = "bindgen")] + run_bindgen::run(&include_dirs); + } + + version +} + +/// Validates the header files found in `include_dir` and then returns the +/// version string of OpenSSL. +#[allow(clippy::manual_strip)] // we need to support pre-1.45.0 +fn validate_headers(include_dirs: &[PathBuf]) -> Version { + // This `*-sys` crate only works with OpenSSL 1.0.1, 1.0.2, 1.1.0, 1.1.1 and 3.0.0. + // To correctly expose the right API from this crate, take a look at + // `opensslv.h` to see what version OpenSSL claims to be. + // + // OpenSSL has a number of build-time configuration options which affect + // various structs and such. Since OpenSSL 1.1.0 this isn't really a problem + // as the library is much more FFI-friendly, but 1.0.{1,2} suffer this problem. + // + // To handle all this conditional compilation we slurp up the configuration + // file of OpenSSL, `opensslconf.h`, and then dump out everything it defines + // as our own #[cfg] directives. That way the `ossl10x.rs` bindings can + // account for compile differences and such. + println!("cargo:rerun-if-changed=build/expando.c"); + let mut gcc = cc::Build::new(); + for include_dir in include_dirs { + gcc.include(include_dir); + } + let expanded = match gcc.file("build/expando.c").try_expand() { + Ok(expanded) => expanded, + Err(e) => { + panic!( + " +Header expansion error: +{:?} + +Failed to find OpenSSL development headers. + +You can try fixing this setting the `OPENSSL_DIR` environment variable +pointing to your OpenSSL installation or installing OpenSSL headers package +specific to your distribution: + + # On Ubuntu + sudo apt-get install libssl-dev + # On Arch Linux + sudo pacman -S openssl + # On Fedora + sudo dnf install openssl-devel + # On Alpine Linux + apk add openssl-dev + +See rust-openssl documentation for more information: + + https://docs.rs/openssl +", + e + ); + } + }; + let expanded = String::from_utf8(expanded).unwrap(); + + let mut enabled = vec![]; + let mut openssl_version = None; + let mut libressl_version = None; + let mut is_boringssl = false; + for line in expanded.lines() { + let line = line.trim(); + + let openssl_prefix = "RUST_VERSION_OPENSSL_"; + let new_openssl_prefix = "RUST_VERSION_NEW_OPENSSL_"; + let libressl_prefix = "RUST_VERSION_LIBRESSL_"; + let boringsl_prefix = "RUST_OPENSSL_IS_BORINGSSL"; + let conf_prefix = "RUST_CONF_"; + if line.starts_with(openssl_prefix) { + let version = &line[openssl_prefix.len()..]; + openssl_version = Some(parse_version(version)); + } else if line.starts_with(new_openssl_prefix) { + let version = &line[new_openssl_prefix.len()..]; + openssl_version = Some(parse_new_version(version)); + } else if line.starts_with(libressl_prefix) { + let version = &line[libressl_prefix.len()..]; + libressl_version = Some(parse_version(version)); + } else if line.starts_with(conf_prefix) { + enabled.push(&line[conf_prefix.len()..]); + } else if line.starts_with(boringsl_prefix) { + is_boringssl = true; + } + } + + if is_boringssl { + println!("cargo:rustc-cfg=boringssl"); + println!("cargo:boringssl=true"); + run_bindgen::run_boringssl(include_dirs); + return Version::Boringssl; + } + + // We set this for any non-BoringSSL lib. + println!("cargo:rustc-cfg=openssl"); + + for enabled in &enabled { + println!("cargo:rustc-cfg=osslconf=\"{}\"", enabled); + } + println!("cargo:conf={}", enabled.join(",")); + + for cfg in cfgs::get(openssl_version, libressl_version) { + println!("cargo:rustc-cfg={}", cfg); + } + + if let Some(libressl_version) = libressl_version { + println!("cargo:libressl_version_number={:x}", libressl_version); + + let major = (libressl_version >> 28) as u8; + let minor = (libressl_version >> 20) as u8; + let fix = (libressl_version >> 12) as u8; + let (major, minor, fix) = match (major, minor, fix) { + (2, 5, 0) => ('2', '5', '0'), + (2, 5, 1) => ('2', '5', '1'), + (2, 5, 2) => ('2', '5', '2'), + (2, 5, _) => ('2', '5', 'x'), + (2, 6, 0) => ('2', '6', '0'), + (2, 6, 1) => ('2', '6', '1'), + (2, 6, 2) => ('2', '6', '2'), + (2, 6, _) => ('2', '6', 'x'), + (2, 7, _) => ('2', '7', 'x'), + (2, 8, 0) => ('2', '8', '0'), + (2, 8, 1) => ('2', '8', '1'), + (2, 8, _) => ('2', '8', 'x'), + (2, 9, 0) => ('2', '9', '0'), + (2, 9, _) => ('2', '9', 'x'), + (3, 0, 0) => ('3', '0', '0'), + (3, 0, 1) => ('3', '0', '1'), + (3, 0, _) => ('3', '0', 'x'), + (3, 1, 0) => ('3', '1', '0'), + (3, 1, _) => ('3', '1', 'x'), + (3, 2, 0) => ('3', '2', '0'), + (3, 2, 1) => ('3', '2', '1'), + (3, 2, _) => ('3', '2', 'x'), + (3, 3, 0) => ('3', '3', '0'), + (3, 3, 1) => ('3', '3', '1'), + (3, 3, _) => ('3', '3', 'x'), + (3, 4, 0) => ('3', '4', '0'), + (3, 4, _) => ('3', '4', 'x'), + (3, 5, _) => ('3', '5', 'x'), + (3, 6, 0) => ('3', '6', '0'), + (3, 6, _) => ('3', '6', 'x'), + (3, 7, 0) => ('3', '7', '0'), + (3, 7, 1) => ('3', '7', '1'), + _ => version_error(), + }; + + println!("cargo:libressl=true"); + println!("cargo:libressl_version={}{}{}", major, minor, fix); + println!("cargo:version=101"); + Version::Libressl + } else { + let openssl_version = openssl_version.unwrap(); + println!("cargo:version_number={:x}", openssl_version); + + if openssl_version >= 0x4_00_00_00_0 { + version_error() + } else if openssl_version >= 0x3_00_00_00_0 { + Version::Openssl3xx + } else if openssl_version >= 0x1_01_01_00_0 { + println!("cargo:version=111"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_06_0 { + println!("cargo:version=110"); + println!("cargo:patch=f"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_00_0 { + println!("cargo:version=110"); + Version::Openssl11x + } else if openssl_version >= 0x1_00_02_00_0 { + println!("cargo:version=102"); + Version::Openssl10x + } else if openssl_version >= 0x1_00_01_00_0 { + println!("cargo:version=101"); + Version::Openssl10x + } else { + version_error() + } + } +} + +fn version_error() -> ! { + panic!( + " + +This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5 +through 3.7.1, but a different version of OpenSSL was found. The build is now aborting +due to this version mismatch. + +" + ); +} + +// parses a string that looks like "0x100020cfL" +#[allow(deprecated)] // trim_right_matches is now trim_end_matches +#[allow(clippy::match_like_matches_macro)] // matches macro requires rust 1.42.0 +fn parse_version(version: &str) -> u64 { + // cut off the 0x prefix + assert!(version.starts_with("0x")); + let version = &version[2..]; + + // and the type specifier suffix + let version = version.trim_right_matches(|c: char| match c { + '0'..='9' | 'a'..='f' | 'A'..='F' => false, + _ => true, + }); + + u64::from_str_radix(version, 16).unwrap() +} + +// parses a string that looks like 3_0_0 +fn parse_new_version(version: &str) -> u64 { + println!("version: {}", version); + let mut it = version.split('_'); + let major = it.next().unwrap().parse::<u64>().unwrap(); + let minor = it.next().unwrap().parse::<u64>().unwrap(); + let patch = it.next().unwrap().parse::<u64>().unwrap(); + + (major << 28) | (minor << 20) | (patch << 4) +} + +/// Given a libdir for OpenSSL (where artifacts are located) as well as the name +/// of the libraries we're linking to, figure out whether we should link them +/// statically or dynamically. +fn determine_mode(libdirs: &[PathBuf], libs: &[&str]) -> &'static str { + // First see if a mode was explicitly requested + let kind = env("OPENSSL_STATIC"); + match kind.as_ref().and_then(|s| s.to_str()) { + Some("0") => return "dylib", + Some(_) => return "static", + None => {} + } + + // Next, see what files we actually have to link against, and see what our + // possibilities even are. + let mut files = HashSet::new(); + for dir in libdirs { + for path in dir + .read_dir() + .unwrap() + .map(|e| e.unwrap()) + .map(|e| e.file_name()) + .filter_map(|e| e.into_string().ok()) + { + files.insert(path); + } + } + let can_static = libs + .iter() + .all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l))); + let can_dylib = libs.iter().all(|l| { + files.contains(&format!("lib{}.so", l)) + || files.contains(&format!("{}.dll", l)) + || files.contains(&format!("lib{}.dylib", l)) + }); + match (can_static, can_dylib) { + (true, false) => return "static", + (false, true) => return "dylib", + (false, false) => { + panic!( + "OpenSSL libdir at `{:?}` does not contain the required files \ + to either statically or dynamically link OpenSSL", + libdirs + ); + } + (true, true) => {} + } + + // Ok, we've got not explicit preference and can *either* link statically or + // link dynamically. In the interest of "security upgrades" and/or "best + // practices with security libs", let's link dynamically. + "dylib" +} diff --git a/vendor/openssl-sys/build/run_bindgen.rs b/vendor/openssl-sys/build/run_bindgen.rs new file mode 100644 index 000000000..0c127ae5c --- /dev/null +++ b/vendor/openssl-sys/build/run_bindgen.rs @@ -0,0 +1,236 @@ +#[cfg(feature = "bindgen")] +use bindgen::callbacks::{MacroParsingBehavior, ParseCallbacks}; +#[cfg(feature = "bindgen")] +use bindgen::{MacroTypeVariation, RustTarget}; +use std::io::Write; +use std::path::PathBuf; +#[cfg(not(feature = "bindgen"))] +use std::process; +use std::{env, fs}; + +const INCLUDES: &str = " +#include <openssl/aes.h> +#include <openssl/asn1.h> +#include <openssl/bio.h> +#include <openssl/conf.h> +#include <openssl/crypto.h> +#include <openssl/dh.h> +#include <openssl/dsa.h> +#include <openssl/ec.h> +#include <openssl/err.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> +#include <openssl/objects.h> +#include <openssl/opensslv.h> +#include <openssl/pem.h> +#include <openssl/pkcs12.h> +#include <openssl/pkcs7.h> +#include <openssl/rand.h> +#include <openssl/rsa.h> +#include <openssl/safestack.h> +#include <openssl/sha.h> +#include <openssl/ssl.h> +#include <openssl/stack.h> +#include <openssl/x509.h> +#include <openssl/x509_vfy.h> +#include <openssl/x509v3.h> + +// this must be included after ssl.h for libressl! +#include <openssl/srtp.h> + +#if !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) +#include <openssl/cms.h> +#endif + +#if !defined(OPENSSL_IS_BORINGSSL) +#include <openssl/comp.h> +#include <openssl/ocsp.h> +#endif + +#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 +#include <openssl/kdf.h> +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x30000000 +#include <openssl/provider.h> +#endif +"; + +#[cfg(feature = "bindgen")] +pub fn run(include_dirs: &[PathBuf]) { + let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); + + let mut builder = bindgen::builder() + .parse_callbacks(Box::new(OpensslCallbacks)) + .rust_target(RustTarget::Stable_1_47) + .ctypes_prefix("::libc") + .raw_line("use libc::*;") + .raw_line("type evp_pkey_st = EVP_PKEY;") + .allowlist_file(".*/openssl/[^/]+\\.h") + .allowlist_recursively(false) + // libc is missing pthread_once_t on macOS + .blocklist_type("CRYPTO_ONCE") + .blocklist_function("CRYPTO_THREAD_run_once") + // we don't want to mess with va_list + .blocklist_function("BIO_vprintf") + .blocklist_function("BIO_vsnprintf") + .blocklist_function("ERR_vset_error") + .blocklist_function("ERR_add_error_vdata") + .blocklist_function("EVP_KDF_vctrl") + .blocklist_type("OSSL_FUNC_core_vset_error_fn") + .blocklist_type("OSSL_FUNC_BIO_vprintf_fn") + .blocklist_type("OSSL_FUNC_BIO_vsnprintf_fn") + // Maintain compatibility for existing enum definitions + .rustified_enum("point_conversion_form_t") + // Maintain compatibility for pre-union definitions + .blocklist_type("GENERAL_NAME") + .blocklist_type("GENERAL_NAME_st") + .blocklist_type("EVP_PKEY") + .blocklist_type("evp_pkey_st") + .layout_tests(false) + .header_contents("includes.h", INCLUDES); + + for include_dir in include_dirs { + builder = builder + .clang_arg("-I") + .clang_arg(include_dir.display().to_string()); + } + + builder + .generate() + .unwrap() + .write_to_file(out_dir.join("bindgen.rs")) + .unwrap(); +} + +#[cfg(feature = "bindgen")] +pub fn run_boringssl(include_dirs: &[PathBuf]) { + let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); + let mut builder = bindgen::builder() + .rust_target(RustTarget::Stable_1_47) + .ctypes_prefix("::libc") + .derive_default(false) + .enable_function_attribute_detection() + .size_t_is_usize(true) + .default_macro_constant_type(MacroTypeVariation::Signed) + .rustified_enum("point_conversion_form_t") + .allowlist_file(".*/openssl/[^/]+\\.h") + .wrap_static_fns(true) + .wrap_static_fns_path(out_dir.join("boring_static_wrapper").display().to_string()) + .layout_tests(false) + .header_contents("includes.h", INCLUDES); + + for include_dir in include_dirs { + builder = builder + .clang_arg("-I") + .clang_arg(include_dir.display().to_string()); + } + + builder + .generate() + .unwrap() + .write_to_file(out_dir.join("bindgen.rs")) + .unwrap(); + + fs::File::create(out_dir.join("boring_static_wrapper.h")) + .expect("Failed to create boring_static_wrapper.h") + .write_all(INCLUDES.as_bytes()) + .expect("Failed to write contents to boring_static_wrapper.h"); + + cc::Build::new() + .file(out_dir.join("boring_static_wrapper.c")) + .includes(include_dirs) + .flag("-include") + .flag( + &out_dir + .join("boring_static_wrapper.h") + .display() + .to_string(), + ) + .compile("boring_static_wrapper"); +} + +#[cfg(not(feature = "bindgen"))] +pub fn run_boringssl(include_dirs: &[PathBuf]) { + let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); + + fs::File::create(out_dir.join("boring_static_wrapper.h")) + .expect("Failed to create boring_static_wrapper.h") + .write_all(INCLUDES.as_bytes()) + .expect("Failed to write contents to boring_static_wrapper.h"); + + let mut bindgen_cmd = process::Command::new("bindgen"); + bindgen_cmd + .arg("-o") + .arg(out_dir.join("bindgen.rs")) + .arg("--rust-target=1.47") + .arg("--ctypes-prefix=::libc") + .arg("--no-derive-default") + .arg("--enable-function-attribute-detection") + .arg("--size_t-is-usize") + .arg("--default-macro-constant-type=signed") + .arg("--rustified-enum=point_conversion_form_t") + .arg("--allowlist-file=.*/openssl/[^/]+\\.h") + .arg("--experimental") + .arg("--wrap-static-fns") + .arg("--wrap-static-fns-path") + .arg(out_dir.join("boring_static_wrapper").display().to_string()) + .arg("--no-layout-tests") + .arg(out_dir.join("boring_static_wrapper.h")) + .arg("--") + .arg(format!("--target={}", env::var("TARGET").unwrap())); + + for include_dir in include_dirs { + bindgen_cmd.arg("-I").arg(include_dir.display().to_string()); + } + + let result = bindgen_cmd.status().expect("bindgen failed to execute"); + assert!(result.success()); + + cc::Build::new() + .file(out_dir.join("boring_static_wrapper.c")) + .includes(include_dirs) + .flag("-include") + .flag( + &out_dir + .join("boring_static_wrapper.h") + .display() + .to_string(), + ) + .compile("boring_static_wrapper"); +} + +#[derive(Debug)] +struct OpensslCallbacks; + +#[cfg(feature = "bindgen")] +impl ParseCallbacks for OpensslCallbacks { + // for now we'll continue hand-writing constants + fn will_parse_macro(&self, _name: &str) -> MacroParsingBehavior { + MacroParsingBehavior::Ignore + } + + fn item_name(&self, original_item_name: &str) -> Option<String> { + match original_item_name { + // Our original definitions of these are wrong, so rename to avoid breakage + "CRYPTO_EX_new" + | "CRYPTO_EX_dup" + | "CRYPTO_EX_free" + | "BIO_meth_set_write" + | "BIO_meth_set_read" + | "BIO_meth_set_puts" + | "BIO_meth_set_ctrl" + | "BIO_meth_set_create" + | "BIO_meth_set_destroy" + | "CRYPTO_set_locking_callback" + | "CRYPTO_set_id_callback" + | "SSL_CTX_set_tmp_dh_callback" + | "SSL_set_tmp_dh_callback" + | "SSL_CTX_set_tmp_ecdh_callback" + | "SSL_set_tmp_ecdh_callback" + | "SSL_CTX_callback_ctrl" + | "SSL_CTX_set_alpn_select_cb" => Some(format!("{}__fixed_rust", original_item_name)), + _ => None, + } + } +} diff --git a/vendor/openssl-sys/src/aes.rs b/vendor/openssl-sys/src/aes.rs new file mode 100644 index 000000000..ade6e842f --- /dev/null +++ b/vendor/openssl-sys/src/aes.rs @@ -0,0 +1,7 @@ +use libc::*; + +pub const AES_ENCRYPT: c_int = 1; +pub const AES_DECRYPT: c_int = 0; + +pub const AES_MAXNR: c_int = 14; +pub const AES_BLOCK_SIZE: c_int = 16; diff --git a/vendor/openssl-sys/src/asn1.rs b/vendor/openssl-sys/src/asn1.rs new file mode 100644 index 000000000..caf14f7b9 --- /dev/null +++ b/vendor/openssl-sys/src/asn1.rs @@ -0,0 +1,39 @@ +use libc::*; + +use super::*; + +// ASN.1 tag values +pub const V_ASN1_EOC: c_int = 0; +pub const V_ASN1_BOOLEAN: c_int = 1; +pub const V_ASN1_INTEGER: c_int = 2; +pub const V_ASN1_BIT_STRING: c_int = 3; +pub const V_ASN1_OCTET_STRING: c_int = 4; +pub const V_ASN1_NULL: c_int = 5; +pub const V_ASN1_OBJECT: c_int = 6; +pub const V_ASN1_OBJECT_DESCRIPTOR: c_int = 7; +pub const V_ASN1_EXTERNAL: c_int = 8; +pub const V_ASN1_REAL: c_int = 9; +pub const V_ASN1_ENUMERATED: c_int = 10; +pub const V_ASN1_UTF8STRING: c_int = 12; +pub const V_ASN1_SEQUENCE: c_int = 16; +pub const V_ASN1_SET: c_int = 17; +pub const V_ASN1_NUMERICSTRING: c_int = 18; +pub const V_ASN1_PRINTABLESTRING: c_int = 19; +pub const V_ASN1_T61STRING: c_int = 20; +pub const V_ASN1_TELETEXSTRING: c_int = 20; // alias +pub const V_ASN1_VIDEOTEXSTRING: c_int = 21; +pub const V_ASN1_IA5STRING: c_int = 22; +pub const V_ASN1_UTCTIME: c_int = 23; +pub const V_ASN1_GENERALIZEDTIME: c_int = 24; +pub const V_ASN1_GRAPHICSTRING: c_int = 25; +pub const V_ASN1_ISO64STRING: c_int = 26; +pub const V_ASN1_VISIBLESTRING: c_int = 26; // alias +pub const V_ASN1_GENERALSTRING: c_int = 27; +pub const V_ASN1_UNIVERSALSTRING: c_int = 28; +pub const V_ASN1_BMPSTRING: c_int = 30; + +pub const MBSTRING_FLAG: c_int = 0x1000; +pub const MBSTRING_UTF8: c_int = MBSTRING_FLAG; +pub const MBSTRING_ASC: c_int = MBSTRING_FLAG | 1; +pub const MBSTRING_BMP: c_int = MBSTRING_FLAG | 2; +pub const MBSTRING_UNIV: c_int = MBSTRING_FLAG | 4; diff --git a/vendor/openssl-sys/src/bio.rs b/vendor/openssl-sys/src/bio.rs new file mode 100644 index 000000000..ea6053b59 --- /dev/null +++ b/vendor/openssl-sys/src/bio.rs @@ -0,0 +1,72 @@ +use libc::*; + +use super::*; + +pub const BIO_TYPE_NONE: c_int = 0; + +pub const BIO_CTRL_EOF: c_int = 2; +pub const BIO_CTRL_INFO: c_int = 3; +pub const BIO_CTRL_FLUSH: c_int = 11; +pub const BIO_CTRL_DGRAM_QUERY_MTU: c_int = 40; +pub const BIO_C_SET_BUF_MEM_EOF_RETURN: c_int = 130; + +pub unsafe fn BIO_set_retry_read(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_set_retry_write(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_clear_retry_flags(b: *mut BIO) { + BIO_clear_flags(b, BIO_FLAGS_RWS | BIO_FLAGS_SHOULD_RETRY) +} + +pub const BIO_FLAGS_READ: c_int = 0x01; +pub const BIO_FLAGS_WRITE: c_int = 0x02; +pub const BIO_FLAGS_IO_SPECIAL: c_int = 0x04; +pub const BIO_FLAGS_RWS: c_int = BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPECIAL; +pub const BIO_FLAGS_SHOULD_RETRY: c_int = 0x08; + +pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long { + BIO_ctrl(b, BIO_CTRL_INFO, 0, pp as *mut c_void) +} + +extern "C" { + #[deprecated(note = "use BIO_meth_set_write__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_write( + biom: *mut BIO_METHOD, + write: unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_read__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_read( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_puts__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_puts( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_ctrl__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_ctrl( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_create__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_create( + biom: *mut BIO_METHOD, + create: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_destroy__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_destroy( + biom: *mut BIO_METHOD, + destroy: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/bn.rs b/vendor/openssl-sys/src/bn.rs new file mode 100644 index 000000000..a6bbcce88 --- /dev/null +++ b/vendor/openssl-sys/src/bn.rs @@ -0,0 +1,15 @@ +use libc::*; + +#[cfg(target_pointer_width = "64")] +pub type BN_ULONG = c_ulonglong; +#[cfg(target_pointer_width = "32")] +pub type BN_ULONG = c_uint; + +#[cfg(ossl110)] +pub const BN_FLG_MALLOCED: c_int = 0x01; +#[cfg(ossl110)] +pub const BN_FLG_STATIC_DATA: c_int = 0x02; +#[cfg(ossl110)] +pub const BN_FLG_CONSTTIME: c_int = 0x04; +#[cfg(ossl110)] +pub const BN_FLG_SECURE: c_int = 0x08; diff --git a/vendor/openssl-sys/src/cms.rs b/vendor/openssl-sys/src/cms.rs new file mode 100644 index 000000000..f008adb1c --- /dev/null +++ b/vendor/openssl-sys/src/cms.rs @@ -0,0 +1,46 @@ +use libc::*; + +#[cfg(ossl101)] +pub const CMS_TEXT: c_uint = 0x1; +#[cfg(ossl101)] +pub const CMS_NOCERTS: c_uint = 0x2; +#[cfg(ossl101)] +pub const CMS_NO_CONTENT_VERIFY: c_uint = 0x4; +#[cfg(ossl101)] +pub const CMS_NO_ATTR_VERIFY: c_uint = 0x8; +#[cfg(ossl101)] +pub const CMS_NOSIGS: c_uint = 0x4 | 0x8; +#[cfg(ossl101)] +pub const CMS_NOINTERN: c_uint = 0x10; +#[cfg(ossl101)] +pub const CMS_NO_SIGNER_CERT_VERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_NOVERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_DETACHED: c_uint = 0x40; +#[cfg(ossl101)] +pub const CMS_BINARY: c_uint = 0x80; +#[cfg(ossl101)] +pub const CMS_NOATTR: c_uint = 0x100; +#[cfg(ossl101)] +pub const CMS_NOSMIMECAP: c_uint = 0x200; +#[cfg(ossl101)] +pub const CMS_NOOLDMIMETYPE: c_uint = 0x400; +#[cfg(ossl101)] +pub const CMS_CRLFEOL: c_uint = 0x800; +#[cfg(ossl101)] +pub const CMS_STREAM: c_uint = 0x1000; +#[cfg(ossl101)] +pub const CMS_NOCRL: c_uint = 0x2000; +#[cfg(ossl101)] +pub const CMS_PARTIAL: c_uint = 0x4000; +#[cfg(ossl101)] +pub const CMS_REUSE_DIGEST: c_uint = 0x8000; +#[cfg(ossl101)] +pub const CMS_USE_KEYID: c_uint = 0x10000; +#[cfg(ossl101)] +pub const CMS_DEBUG_DECRYPT: c_uint = 0x20000; +#[cfg(ossl102)] +pub const CMS_KEY_PARAM: c_uint = 0x40000; +#[cfg(ossl110)] +pub const CMS_ASCIICRLF: c_uint = 0x80000; diff --git a/vendor/openssl-sys/src/crypto.rs b/vendor/openssl-sys/src/crypto.rs new file mode 100644 index 000000000..35be07ead --- /dev/null +++ b/vendor/openssl-sys/src/crypto.rs @@ -0,0 +1,134 @@ +use super::*; +use libc::*; + +extern "C" { + #[deprecated(note = "use CRYPTO_set_locking_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_locking_callback( + func: unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int), + ); + + #[deprecated(note = "use CRYPTO_set_id_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_id_callback(func: unsafe extern "C" fn() -> c_ulong); +} + +cfg_if! { + if #[cfg(ossl110)] { + type CRYPTO_EX_new_ret = (); + type CRYPTO_EX_dup_from = *const CRYPTO_EX_DATA; + } else { + type CRYPTO_EX_new_ret = c_int; + type CRYPTO_EX_dup_from = *mut CRYPTO_EX_DATA; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + type CRYPTO_EX_dup_from_d = *mut *mut c_void; + } else { + type CRYPTO_EX_dup_from_d = *mut c_void; + } +} + +// FIXME should be options +pub type CRYPTO_EX_new = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> CRYPTO_EX_new_ret; +pub type CRYPTO_EX_dup = unsafe extern "C" fn( + to: *mut CRYPTO_EX_DATA, + from: CRYPTO_EX_dup_from, + from_d: CRYPTO_EX_dup_from_d, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> c_int; +pub type CRYPTO_EX_free = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +); + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: usize) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: c_int) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free( + addr, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free(addr) +} + +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_X509: c_int = 3; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_EVP_PKEY: c_int = 10; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_CTX: c_int = 12; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14; + +cfg_if! { + if #[cfg(ossl110)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 0; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1; + } else if #[cfg(libressl)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 1; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 2; + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + pub const OPENSSL_VERSION: c_int = 0; + pub const OPENSSL_CFLAGS: c_int = 1; + pub const OPENSSL_BUILT_ON: c_int = 2; + pub const OPENSSL_PLATFORM: c_int = 3; + pub const OPENSSL_DIR: c_int = 4; + } else { + pub const SSLEAY_VERSION: c_int = 0; + pub const SSLEAY_CFLAGS: c_int = 2; + pub const SSLEAY_BUILT_ON: c_int = 3; + pub const SSLEAY_PLATFORM: c_int = 4; + pub const SSLEAY_DIR: c_int = 5; + } +} + +pub const CRYPTO_LOCK: c_int = 1; diff --git a/vendor/openssl-sys/src/dtls1.rs b/vendor/openssl-sys/src/dtls1.rs new file mode 100644 index 000000000..9ef5e77f7 --- /dev/null +++ b/vendor/openssl-sys/src/dtls1.rs @@ -0,0 +1,9 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + pub const DTLS1_COOKIE_LENGTH: c_uint = 255; + } else { + pub const DTLS1_COOKIE_LENGTH: c_uint = 256; + } +} diff --git a/vendor/openssl-sys/src/ec.rs b/vendor/openssl-sys/src/ec.rs new file mode 100644 index 000000000..995a84ff6 --- /dev/null +++ b/vendor/openssl-sys/src/ec.rs @@ -0,0 +1,16 @@ +use libc::*; +use std::ptr; + +use super::*; + +pub const OPENSSL_EC_NAMED_CURVE: c_int = 1; + +#[cfg(ossl300)] +pub unsafe fn EVP_EC_gen(curve: *const c_char) -> *mut EVP_PKEY { + EVP_PKEY_Q_keygen( + ptr::null_mut(), + ptr::null_mut(), + "EC\0".as_ptr().cast(), + curve, + ) +} diff --git a/vendor/openssl-sys/src/err.rs b/vendor/openssl-sys/src/err.rs new file mode 100644 index 000000000..4a6a2775e --- /dev/null +++ b/vendor/openssl-sys/src/err.rs @@ -0,0 +1,66 @@ +use libc::*; + +pub const ERR_TXT_MALLOCED: c_int = 0x01; +pub const ERR_TXT_STRING: c_int = 0x02; + +pub const ERR_LIB_SYS: c_int = 2; +pub const ERR_LIB_PEM: c_int = 9; +pub const ERR_LIB_ASN1: c_int = 13; + +cfg_if! { + if #[cfg(ossl300)] { + pub const ERR_SYSTEM_FLAG: c_ulong = c_int::max_value() as c_ulong + 1; + pub const ERR_SYSTEM_MASK: c_ulong = c_int::max_value() as c_ulong; + + pub const ERR_LIB_OFFSET: c_ulong = 23; + pub const ERR_LIB_MASK: c_ulong = 0xff; + pub const ERR_RFLAGS_OFFSET: c_ulong = 18; + pub const ERR_RFLAGS_MASK: c_ulong = 0x1f; + pub const ERR_REASON_MASK: c_ulong = 0x7FFFFF; + + pub const ERR_RFLAG_FATAL: c_ulong = 0x1 << ERR_RFLAGS_OFFSET; + + pub const fn ERR_SYSTEM_ERROR(errcode: c_ulong) -> bool { + errcode & ERR_SYSTEM_FLAG != 0 + } + + pub const fn ERR_GET_LIB(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + (((errcode >> ERR_LIB_OFFSET) & ERR_LIB_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_GET_FUNC(_errcode: c_ulong) -> c_int { + 0 + } + + pub const fn ERR_GET_REASON(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + ((errcode & ERR_REASON_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_PACK(lib: c_int, _func: c_int, reason: c_int) -> c_ulong { + ((lib as c_ulong & ERR_LIB_MASK) << ERR_LIB_OFFSET) | + (reason as c_ulong & ERR_REASON_MASK) + } + } else { + pub const fn ERR_PACK(l: c_int, f: c_int, r: c_int) -> c_ulong { + ((l as c_ulong & 0x0FF) << 24) | + ((f as c_ulong & 0xFFF) << 12) | + (r as c_ulong & 0xFFF) + } + + pub const fn ERR_GET_LIB(l: c_ulong) -> c_int { + ((l >> 24) & 0x0FF) as c_int + } + + pub const fn ERR_GET_FUNC(l: c_ulong) -> c_int { + ((l >> 12) & 0xFFF) as c_int + } + + pub const fn ERR_GET_REASON(l: c_ulong) -> c_int { + (l & 0xFFF) as c_int + } + } +} diff --git a/vendor/openssl-sys/src/evp.rs b/vendor/openssl-sys/src/evp.rs new file mode 100644 index 000000000..69b49fbb0 --- /dev/null +++ b/vendor/openssl-sys/src/evp.rs @@ -0,0 +1,285 @@ +use super::*; +use libc::*; + +pub const EVP_MAX_MD_SIZE: c_uint = 64; + +pub const PKCS5_SALT_LEN: c_int = 8; +pub const PKCS12_DEFAULT_ITER: c_int = 2048; + +pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; +pub const EVP_PKEY_DSA: c_int = NID_dsa; +pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; +pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; +#[cfg(any(ossl111, libressl370))] +pub const EVP_PKEY_X25519: c_int = NID_X25519; +#[cfg(any(ossl111, libressl370))] +pub const EVP_PKEY_ED25519: c_int = NID_ED25519; +#[cfg(ossl111)] +pub const EVP_PKEY_X448: c_int = NID_X448; +#[cfg(ossl111)] +pub const EVP_PKEY_ED448: c_int = NID_ED448; +pub const EVP_PKEY_HMAC: c_int = NID_hmac; +pub const EVP_PKEY_CMAC: c_int = NID_cmac; +#[cfg(ossl110)] +pub const EVP_PKEY_HKDF: c_int = NID_hkdf; + +pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; +pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; +pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; + +pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD { + EVP_get_digestbyname(OBJ_nid2sn(type_)) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD { + EVP_MD_CTX_get0_md(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_get_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx)) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_CTX_get_size(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_block_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_block_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_type(md: *const EVP_MD) -> c_int { + EVP_MD_get_type(md) + } + + #[inline] + pub unsafe fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_key_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_block_size(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_iv_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_nid(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_block_size(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_key_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_iv_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_num(ctx) + } + } else { + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_size(EVP_MD_CTX_md(ctx)) + } + } +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestSignUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(ossl300)] +#[inline] +pub unsafe fn EVP_PKEY_size(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_size(pkey) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + } +} + +pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2; +cfg_if! { + if #[cfg(ossl300)] { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 5; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 6; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 8; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 10; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 11; + } else { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 10; + } +} + +pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN + | EVP_PKEY_OP_VERIFY + | EVP_PKEY_OP_VERIFYRECOVER + | EVP_PKEY_OP_SIGNCTX + | EVP_PKEY_OP_VERIFYCTX; + +pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT; + +pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6; + +pub const EVP_PKEY_CTRL_CIPHER: c_int = 12; + +pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: c_int = 0; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: c_int = 1; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: c_int = 2; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_MD: c_int = EVP_PKEY_ALG_CTRL + 3; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_SALT: c_int = EVP_PKEY_ALG_CTRL + 4; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_KEY: c_int = EVP_PKEY_ALG_CTRL + 5; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_INFO: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(ossl111)] +pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7; + +#[cfg(all(ossl111, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MODE, + mode, + std::ptr::null_mut(), + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_SALT, + saltlen, + salt as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_KEY, + keylen, + key as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_INFO, + infolen, + info as *mut c_void, + ) +} diff --git a/vendor/openssl-sys/src/handwritten/aes.rs b/vendor/openssl-sys/src/handwritten/aes.rs new file mode 100644 index 000000000..ba249362c --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/aes.rs @@ -0,0 +1,40 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct AES_KEY { + // There is some business with AES_LONG which is there to ensure the values here are 32 bits + rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], + rounds: c_int, +} + +extern "C" { + pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn AES_ige_encrypt( + in_: *const c_uchar, + out: *mut c_uchar, + length: size_t, + key: *const AES_KEY, + ivec: *mut c_uchar, + enc: c_int, + ); + + pub fn AES_wrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; + + pub fn AES_unwrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/asn1.rs b/vendor/openssl-sys/src/handwritten/asn1.rs new file mode 100644 index 000000000..d2bc21ce5 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/asn1.rs @@ -0,0 +1,62 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ASN1_ENCODING { + pub enc: *mut c_uchar, + pub len: c_long, + pub modified: c_int, +} + +extern "C" { + pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT); +} + +stack!(stack_st_ASN1_OBJECT); + +extern "C" { + pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; + #[cfg(any(ossl110, libressl273))] + pub fn ASN1_STRING_get0_data(x: *const ASN1_STRING) -> *const c_uchar; + #[cfg(any(all(ossl101, not(ossl110)), libressl))] + pub fn ASN1_STRING_data(x: *mut ASN1_STRING) -> *mut c_uchar; + + pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING); + + pub fn ASN1_STRING_free(x: *mut ASN1_STRING); + pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + + pub fn ASN1_STRING_set(x: *mut ASN1_STRING, data: *const c_void, len: c_int) -> c_int; + + pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); + pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; + pub fn ASN1_TIME_new() -> *mut ASN1_TIME; + #[cfg(ossl102)] + pub fn ASN1_TIME_diff( + pday: *mut c_int, + psec: *mut c_int, + from: *const ASN1_TIME, + to: *const ASN1_TIME, + ) -> c_int; + pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); + pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; + pub fn ASN1_TIME_set(from: *mut ASN1_TIME, to: time_t) -> *mut ASN1_TIME; + + pub fn ASN1_INTEGER_free(x: *mut ASN1_INTEGER); + pub fn ASN1_INTEGER_dup(a: *const ASN1_INTEGER) -> *mut ASN1_INTEGER; + pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long; + pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; + pub fn ASN1_INTEGER_cmp(a: *const ASN1_INTEGER, b: *const ASN1_INTEGER) -> c_int; + pub fn BN_to_ASN1_INTEGER(bn: *const BIGNUM, ai: *mut ASN1_INTEGER) -> *mut ASN1_INTEGER; + pub fn ASN1_INTEGER_to_BN(ai: *const ASN1_INTEGER, bn: *mut BIGNUM) -> *mut BIGNUM; + + pub fn ASN1_TIME_set_string(s: *mut ASN1_TIME, str: *const c_char) -> c_int; + #[cfg(ossl111)] + pub fn ASN1_TIME_set_string_X509(s: *mut ASN1_TIME, str: *const c_char) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: #[const_ptr_if(any(ossl110, libressl280))] ASN1_STRING) -> c_int; + } +} diff --git a/vendor/openssl-sys/src/handwritten/bio.rs b/vendor/openssl-sys/src/handwritten/bio.rs new file mode 100644 index 000000000..7d9752225 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/bio.rs @@ -0,0 +1,107 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BIO_set_flags(b: *mut BIO, flags: c_int); + pub fn BIO_clear_flags(b: *mut BIO, flags: c_int); +} + +pub type bio_info_cb = + Option<unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long)>; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO_METHOD {} + } else { + #[repr(C)] + pub struct BIO_METHOD { + pub type_: c_int, + pub name: *const c_char, + pub bwrite: Option<unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int>, + pub bread: Option<unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int>, + pub bputs: Option<unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int>, + pub bgets: Option<unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int>, + pub ctrl: Option<unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long>, + pub create: Option<unsafe extern "C" fn(*mut BIO) -> c_int>, + pub destroy: Option<unsafe extern "C" fn(*mut BIO) -> c_int>, + pub callback_ctrl: Option<unsafe extern "C" fn(*mut BIO, c_int, bio_info_cb) -> c_long>, + } + } +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_file() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new(type_: #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD) -> *mut BIO; + } +} +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_STDIO"))] + pub fn BIO_new_fp(stream: *mut FILE, close_flag: c_int) -> *mut BIO; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_data(a: *mut BIO, data: *mut c_void); + #[cfg(any(ossl110, libressl273))] + pub fn BIO_get_data(a: *mut BIO) -> *mut c_void; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_init(a: *mut BIO, init: c_int); + pub fn BIO_write(b: *mut BIO, buf: *const c_void, len: c_int) -> c_int; + pub fn BIO_read(b: *mut BIO, buf: *mut c_void, len: c_int) -> c_int; + pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn BIO_free_all(b: *mut BIO); +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_mem() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new_mem_buf(buf: #[const_ptr_if(any(ossl102, libressl280))] c_void, len: c_int) -> *mut BIO; + } +} + +extern "C" { + pub fn BIO_new_socket(sock: c_int, close_flag: c_int) -> *mut BIO; + + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_new(type_: c_int, name: *const c_char) -> *mut BIO_METHOD; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_free(biom: *mut BIO_METHOD); +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_write"] + pub fn BIO_meth_set_write__fixed_rust( + biom: *mut BIO_METHOD, + write: Option<unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_read"] + pub fn BIO_meth_set_read__fixed_rust( + biom: *mut BIO_METHOD, + read: Option<unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_puts"] + pub fn BIO_meth_set_puts__fixed_rust( + biom: *mut BIO_METHOD, + read: Option<unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_ctrl"] + pub fn BIO_meth_set_ctrl__fixed_rust( + biom: *mut BIO_METHOD, + read: Option<unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_create"] + pub fn BIO_meth_set_create__fixed_rust( + biom: *mut BIO_METHOD, + create: Option<unsafe extern "C" fn(*mut BIO) -> c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_destroy"] + pub fn BIO_meth_set_destroy__fixed_rust( + biom: *mut BIO_METHOD, + destroy: Option<unsafe extern "C" fn(*mut BIO) -> c_int>, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/bn.rs b/vendor/openssl-sys/src/handwritten/bn.rs new file mode 100644 index 000000000..81348f692 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/bn.rs @@ -0,0 +1,168 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BN_CTX_new() -> *mut BN_CTX; + #[cfg(ossl110)] + pub fn BN_CTX_secure_new() -> *mut BN_CTX; + pub fn BN_CTX_free(ctx: *mut BN_CTX); + pub fn BN_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + pub fn BN_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + pub fn BN_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_secure_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_set_flags(b: *mut BIGNUM, n: c_int); + #[cfg(ossl110)] + pub fn BN_get_flags(b: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_num_bits(bn: *const BIGNUM) -> c_int; + pub fn BN_clear_free(bn: *mut BIGNUM); + pub fn BN_bin2bn(s: *const u8, size: c_int, ret: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_bn2bin(a: *const BIGNUM, to: *mut u8) -> c_int; + #[cfg(ossl110)] + pub fn BN_bn2binpad(a: *const BIGNUM, to: *mut u8, tolen: c_int) -> c_int; + pub fn BN_sub(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_add(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_mul(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_sqr(r: *mut BIGNUM, a: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_set_negative(bn: *mut BIGNUM, n: c_int); + #[cfg(any(ossl110, libressl350))] + pub fn BN_is_negative(b: *const BIGNUM) -> c_int; + + pub fn BN_div( + dv: *mut BIGNUM, + rem: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_nnmod( + rem: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_add( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sub( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_mul( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sqr( + r: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mod_word(r: *const BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_div_word(r: *mut BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_mul_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_add_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_sub_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_set_word(bn: *mut BIGNUM, n: BN_ULONG) -> c_int; + + pub fn BN_cmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_free(bn: *mut BIGNUM); + pub fn BN_is_bit_set(a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_exp(r: *mut BIGNUM, a: *const BIGNUM, p: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + + pub fn BN_mod_exp( + r: *mut BIGNUM, + a: *const BIGNUM, + p: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mask_bits(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_bn2hex(a: *const BIGNUM) -> *mut c_char; + pub fn BN_bn2dec(a: *const BIGNUM) -> *mut c_char; + pub fn BN_hex2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_dec2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_gcd(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_mod_inverse( + r: *mut BIGNUM, + a: *const BIGNUM, + n: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut BIGNUM; + pub fn BN_clear(bn: *mut BIGNUM); + pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM; + pub fn BN_ucmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_set_bit(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_clear_bit(a: *mut BIGNUM, n: c_int) -> c_int; + + pub fn BN_generate_prime_ex( + r: *mut BIGNUM, + bits: c_int, + safe: c_int, + add: *const BIGNUM, + rem: *const BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_fasttest_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + do_trial_division: c_int, + cb: *mut BN_GENCB, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn BN_get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } else { + extern "C" { + pub fn get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } +} diff --git a/vendor/openssl-sys/src/handwritten/cms.rs b/vendor/openssl-sys/src/handwritten/cms.rs new file mode 100644 index 000000000..a13ea423c --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/cms.rs @@ -0,0 +1,65 @@ +use super::super::*; +use libc::*; + +pub enum CMS_ContentInfo {} + +extern "C" { + #[cfg(ossl101)] + pub fn CMS_ContentInfo_free(cms: *mut CMS_ContentInfo); +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl101)] + pub fn i2d_CMS_ContentInfo(a: #[const_ptr_if(ossl300)] CMS_ContentInfo, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + #[cfg(ossl101)] + pub fn d2i_CMS_ContentInfo( + a: *mut *mut CMS_ContentInfo, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn SMIME_read_CMS(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_verify( + cms: *mut CMS_ContentInfo, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + detached_data: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; + + #[cfg(ossl101)] + pub fn CMS_encrypt( + certs: *mut stack_st_X509, + data: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_decrypt( + cms: *mut CMS_ContentInfo, + pkey: *mut EVP_PKEY, + cert: *mut X509, + dcont: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/conf.rs b/vendor/openssl-sys/src/handwritten/conf.rs new file mode 100644 index 000000000..2348d7d4c --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/conf.rs @@ -0,0 +1,7 @@ +use super::super::*; + +extern "C" { + pub fn NCONF_new(meth: *mut CONF_METHOD) -> *mut CONF; + pub fn NCONF_default() -> *mut CONF_METHOD; + pub fn NCONF_free(conf: *mut CONF); +} diff --git a/vendor/openssl-sys/src/handwritten/crypto.rs b/vendor/openssl-sys/src/handwritten/crypto.rs new file mode 100644 index 000000000..62ccbce1e --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/crypto.rs @@ -0,0 +1,85 @@ +use super::super::*; +use libc::*; + +stack!(stack_st_void); + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + extern "C" { + pub fn OpenSSL_version_num() -> c_ulong; + pub fn OpenSSL_version(key: c_int) -> *const c_char; + } + } else { + extern "C" { + pub fn SSLeay() -> c_ulong; + pub fn SSLeay_version(key: c_int) -> *const c_char; + } + } +} + +extern "C" { + #[cfg(any(ossl110, libressl))] + pub fn CRYPTO_get_ex_new_index( + class_index: c_int, + argl: c_long, + argp: *mut c_void, + new_func: Option<CRYPTO_EX_new>, + dup_func: Option<CRYPTO_EX_dup>, + free_func: Option<CRYPTO_EX_free>, + ) -> c_int; + + #[cfg(not(ossl110))] + pub fn CRYPTO_num_locks() -> c_int; +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_locking_callback"] + pub fn CRYPTO_set_locking_callback__fixed_rust( + func: Option<unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int)>, + ); + + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_id_callback"] + pub fn CRYPTO_set_id_callback__fixed_rust(func: Option<unsafe extern "C" fn() -> c_ulong>); +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn CRYPTO_add_lock( + pointer: *mut c_int, + amount: c_int, + type_: c_int, + file: *const c_char, + line: c_int, + ) -> c_int; +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn CRYPTO_malloc(num: size_t, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); + } + } else { + extern "C" { + pub fn CRYPTO_malloc(num: c_int, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void); + } + } +} + +extern "C" { + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode() -> c_int; + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode_set(onoff: c_int) -> c_int; + + pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void, len: size_t) -> c_int; + + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_new() -> *mut OSSL_LIB_CTX; + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_free(libcts: *mut OSSL_LIB_CTX); +} diff --git a/vendor/openssl-sys/src/handwritten/dh.rs b/vendor/openssl-sys/src/handwritten/dh.rs new file mode 100644 index 000000000..a4de122ea --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/dh.rs @@ -0,0 +1,50 @@ +use super::super::*; + +extern "C" { + pub fn DH_new() -> *mut DH; + pub fn DH_free(dh: *mut DH); + + pub fn DH_generate_parameters( + prime_len: c_int, + generator: c_int, + callback: Option<extern "C" fn(c_int, c_int, *mut c_void)>, + cb_arg: *mut c_void, + ) -> *mut DH; + + pub fn DH_generate_parameters_ex( + dh: *mut DH, + prime_len: c_int, + generator: c_int, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DH_generate_key(dh: *mut DH) -> c_int; + pub fn DH_compute_key(key: *mut c_uchar, pub_key: *const BIGNUM, dh: *mut DH) -> c_int; + pub fn DH_size(dh: *const DH) -> c_int; + + pub fn d2i_DHparams(k: *mut *mut DH, pp: *mut *const c_uchar, length: c_long) -> *mut DH; + pub fn i2d_DHparams(dh: *const DH, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(ossl102)] + pub fn DH_get_1024_160() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_224() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_256() -> *mut DH; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_pqg( + dh: *const DH, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + g: *mut *const BIGNUM, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_key(dh: *mut DH, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_key(dh: *const DH, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); +} diff --git a/vendor/openssl-sys/src/handwritten/dsa.rs b/vendor/openssl-sys/src/handwritten/dsa.rs new file mode 100644 index 000000000..be25f23b6 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/dsa.rs @@ -0,0 +1,85 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA_SIG {} + } else { + #[repr(C)] + pub struct DSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn DSA_new() -> *mut DSA; + pub fn DSA_free(dsa: *mut DSA); + pub fn DSA_up_ref(dsa: *mut DSA) -> c_int; + pub fn DSA_size(dsa: *const DSA) -> c_int; + pub fn DSA_sign( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigret: *mut c_uchar, + siglen: *mut c_uint, + dsa: *mut DSA, + ) -> c_int; + pub fn DSA_verify( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigbuf: *const c_uchar, + siglen: c_int, + dsa: *mut DSA, + ) -> c_int; + + pub fn d2i_DSAPublicKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) + -> *mut DSA; + + pub fn DSA_generate_parameters_ex( + dsa: *mut DSA, + bits: c_int, + seed: *const c_uchar, + seed_len: c_int, + counter_ref: *mut c_int, + h_ret: *mut c_ulong, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DSA_generate_key(dsa: *mut DSA) -> c_int; + pub fn i2d_DSAPublicKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_pqg( + d: *const DSA, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + q: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + pub fn d2i_DSA_SIG( + sig: *mut *mut DSA_SIG, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut DSA_SIG; + pub fn i2d_DSA_SIG(a: *const DSA_SIG, pp: *mut *mut c_uchar) -> c_int; + + pub fn DSA_SIG_new() -> *mut DSA_SIG; + pub fn DSA_SIG_free(sig: *mut DSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_get0(sig: *const DSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_set0(sig: *mut DSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/ec.rs b/vendor/openssl-sys/src/handwritten/ec.rs new file mode 100644 index 000000000..6ee475f32 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/ec.rs @@ -0,0 +1,255 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +#[derive(Copy, Clone)] +pub enum point_conversion_form_t { + POINT_CONVERSION_COMPRESSED = 2, + POINT_CONVERSION_UNCOMPRESSED = 4, + POINT_CONVERSION_HYBRID = 6, +} + +pub enum EC_METHOD {} +pub enum EC_GROUP {} +pub enum EC_POINT {} + +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GF2m_simple_method() -> *const EC_METHOD; + + pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP; + + pub fn EC_GROUP_free(group: *mut EC_GROUP); + + pub fn EC_GROUP_get_order( + group: *const EC_GROUP, + order: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_cofactor( + group: *const EC_GROUP, + cofactor: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get0_generator(group: *const EC_GROUP) -> *const EC_POINT; + + pub fn EC_GROUP_set_generator( + group: *mut EC_GROUP, + generator: *const EC_POINT, + order: *const BIGNUM, + cofactor: *const BIGNUM, + ) -> c_int; + + pub fn EC_GROUP_get_curve_name(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_set_asn1_flag(key: *mut EC_GROUP, flag: c_int); + + pub fn EC_GROUP_get_curve_GFp( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_get_curve_GF2m( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int; + + #[cfg(ossl110)] + pub fn EC_GROUP_order_bits(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_new_curve_GFp( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_new_curve_GF2m( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP; + + pub fn EC_POINT_is_at_infinity(group: *const EC_GROUP, point: *const EC_POINT) -> c_int; + + pub fn EC_POINT_is_on_curve( + group: *const EC_GROUP, + point: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT; + + pub fn EC_POINT_free(point: *mut EC_POINT); + + pub fn EC_POINT_dup(p: *const EC_POINT, group: *const EC_GROUP) -> *mut EC_POINT; + + #[cfg(ossl111)] + pub fn EC_POINT_get_affine_coordinates( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_get_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_set_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *mut EC_POINT, + x: *const BIGNUM, + y: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_POINT_get_affine_coordinates_GF2m( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_point2oct( + group: *const EC_GROUP, + p: *const EC_POINT, + form: point_conversion_form_t, + buf: *mut c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> size_t; + + pub fn EC_POINT_oct2point( + group: *const EC_GROUP, + p: *mut EC_POINT, + buf: *const c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_add( + group: *const EC_GROUP, + r: *mut EC_POINT, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_invert(group: *const EC_GROUP, r: *mut EC_POINT, ctx: *mut BN_CTX) -> c_int; + + pub fn EC_POINT_cmp( + group: *const EC_GROUP, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_mul( + group: *const EC_GROUP, + r: *mut EC_POINT, + n: *const BIGNUM, + q: *const EC_POINT, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_KEY_new() -> *mut EC_KEY; + + pub fn EC_KEY_new_by_curve_name(nid: c_int) -> *mut EC_KEY; + + pub fn EC_KEY_free(key: *mut EC_KEY); + + pub fn EC_KEY_dup(key: *const EC_KEY) -> *mut EC_KEY; + + pub fn EC_KEY_up_ref(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_get0_group(key: *const EC_KEY) -> *const EC_GROUP; + + pub fn EC_KEY_set_group(key: *mut EC_KEY, group: *const EC_GROUP) -> c_int; + + pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; + + pub fn EC_KEY_set_private_key(key: *mut EC_KEY, key: *const BIGNUM) -> c_int; + + pub fn EC_KEY_get0_public_key(key: *const EC_KEY) -> *const EC_POINT; + + pub fn EC_KEY_set_public_key(key: *mut EC_KEY, key: *const EC_POINT) -> c_int; + + pub fn EC_KEY_generate_key(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int; + + pub fn EC_KEY_set_public_key_affine_coordinates( + key: *mut EC_KEY, + x: *mut BIGNUM, + y: *mut BIGNUM, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum ECDSA_SIG {} + } else { + #[repr(C)] + pub struct ECDSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG; + + pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; + + pub fn ECDSA_do_sign( + dgst: *const c_uchar, + dgst_len: c_int, + eckey: *mut EC_KEY, + ) -> *mut ECDSA_SIG; + + pub fn ECDSA_do_verify( + dgst: *const c_uchar, + dgst_len: c_int, + sig: *const ECDSA_SIG, + eckey: *mut EC_KEY, + ) -> c_int; + + pub fn d2i_ECDSA_SIG( + sig: *mut *mut ECDSA_SIG, + inp: *mut *const c_uchar, + length: c_long, + ) -> *mut ECDSA_SIG; + + pub fn i2d_ECDSA_SIG(sig: *const ECDSA_SIG, out: *mut *mut c_uchar) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/err.rs b/vendor/openssl-sys/src/handwritten/err.rs new file mode 100644 index 000000000..5653c1d18 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/err.rs @@ -0,0 +1,55 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ERR_STRING_DATA { + pub error: c_ulong, + pub string: *const c_char, +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn ERR_new(); + pub fn ERR_set_debug(file: *const c_char, line: c_int, func: *const c_char); + pub fn ERR_set_error(lib: c_int, reason: c_int, fmt: *const c_char, ...); + } + } else { + extern "C" { + pub fn ERR_put_error(lib: c_int, func: c_int, reason: c_int, file: *const c_char, line: c_int); + } + } +} + +extern "C" { + pub fn ERR_set_error_data(data: *mut c_char, flags: c_int); + + pub fn ERR_get_error() -> c_ulong; + #[cfg(ossl300)] + pub fn ERR_get_error_all( + file: *mut *const c_char, + line: *mut c_int, + func: *mut *const c_char, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_get_error_line_data( + file: *mut *const c_char, + line: *mut c_int, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_peek_last_error() -> c_ulong; + pub fn ERR_clear_error(); + pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_func_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_reason_error_string(err: c_ulong) -> *const c_char; + #[cfg(ossl110)] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA) -> c_int; + #[cfg(not(ossl110))] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA); + #[cfg(not(ossl110))] + pub fn ERR_load_crypto_strings(); + + pub fn ERR_get_next_error_library() -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/evp.rs b/vendor/openssl-sys/src/handwritten/evp.rs new file mode 100644 index 000000000..1a05b7eae --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/evp.rs @@ -0,0 +1,600 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_MD_get_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_get0_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_get_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_nid(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_CIPHER; + pub fn EVP_CIPHER_free(cipher: *mut EVP_CIPHER); + + pub fn EVP_CIPHER_CTX_get0_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_get_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_tag_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } else { + extern "C" { + pub fn EVP_MD_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int; + + pub fn EVP_CIPHER_CTX_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + #[cfg(ossl110)] + pub fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn EVP_MD_CTX_new() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_free(ctx: *mut EVP_MD_CTX); + } + } else { + extern "C" { + pub fn EVP_MD_CTX_create() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_destroy(ctx: *mut EVP_MD_CTX); + } + } +} + +extern "C" { + pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE) + -> c_int; + pub fn EVP_DigestUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, n: size_t) -> c_int; + pub fn EVP_DigestFinal_ex(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl300)] + pub fn EVP_Q_digest( + libctx: *mut OSSL_LIB_CTX, + name: *const c_char, + propq: *const c_char, + data: *const c_void, + count: size_t, + md: *mut c_uchar, + size: *mut size_t, + ) -> c_int; + pub fn EVP_DigestInit(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD) -> c_int; + pub fn EVP_DigestFinal(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl111)] + pub fn EVP_DigestFinalXOF(ctx: *mut EVP_MD_CTX, res: *mut u8, len: usize) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_MD_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_MD; + + #[cfg(ossl300)] + pub fn EVP_MD_free(md: *mut EVP_MD); + + pub fn EVP_BytesToKey( + typ: *const EVP_CIPHER, + md: *const EVP_MD, + salt: *const u8, + data: *const u8, + datalen: c_int, + count: c_int, + key: *mut u8, + iv: *mut u8, + ) -> c_int; + + pub fn EVP_CipherInit( + ctx: *mut EVP_CIPHER_CTX, + evp: *const EVP_CIPHER, + key: *const u8, + iv: *const u8, + mode: c_int, + ) -> c_int; + pub fn EVP_CipherInit_ex( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + enc: c_int, + ) -> c_int; + pub fn EVP_CipherUpdate( + ctx: *mut EVP_CIPHER_CTX, + outbuf: *mut u8, + outlen: *mut c_int, + inbuf: *const u8, + inlen: c_int, + ) -> c_int; + pub fn EVP_CipherFinal(ctx: *mut EVP_CIPHER_CTX, res: *mut u8, len: *mut c_int) -> c_int; + + pub fn EVP_DigestSignInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_DigestSignUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int; + pub fn EVP_DigestSignFinal( + ctx: *mut EVP_MD_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + ) -> c_int; + pub fn EVP_DigestVerifyInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + #[cfg(ossl300)] + pub fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, + ) -> c_int; + pub fn EVP_SealInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *mut *mut c_uchar, + ekl: *mut c_int, + iv: *mut c_uchar, + pubk: *mut *mut EVP_PKEY, + npubk: c_int, + ) -> c_int; + pub fn EVP_SealFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_EncryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_EncryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_EncryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; + pub fn EVP_OpenInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *const c_uchar, + ekl: c_int, + iv: *const c_uchar, + priv_: *mut EVP_PKEY, + ) -> c_int; + pub fn EVP_OpenFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_DecryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_DecryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_DecryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + outm: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; +} +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_size(pkey: *const EVP_PKEY) -> c_int; + } + } else { + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_size(pkey: #[const_ptr_if(any(ossl111b, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +cfg_if! { + if #[cfg(any(ossl111, libressl370))] { + extern "C" { + pub fn EVP_DigestSign( + ctx: *mut EVP_MD_CTX, + sigret: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + + pub fn EVP_DigestVerify( + ctx: *mut EVP_MD_CTX, + sigret: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + } + } +} +const_ptr_api! { + extern "C" { + pub fn EVP_DigestVerifyFinal( + ctx: *mut EVP_MD_CTX, + sigret: #[const_ptr_if(any(ossl102, libressl280))] c_uchar, + siglen: size_t, + ) -> c_int; + } +} + +extern "C" { + pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX; + pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX); + pub fn EVP_MD_CTX_copy_ex(dst: *mut EVP_MD_CTX, src: *const EVP_MD_CTX) -> c_int; + #[cfg(ossl111)] + pub fn EVP_MD_CTX_reset(ctx: *mut EVP_MD_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_set_key_length(ctx: *mut EVP_CIPHER_CTX, keylen: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_set_padding(ctx: *mut EVP_CIPHER_CTX, padding: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_ctrl( + ctx: *mut EVP_CIPHER_CTX, + type_: c_int, + arg: c_int, + ptr: *mut c_void, + ) -> c_int; + pub fn EVP_CIPHER_CTX_rand_key(ctx: *mut EVP_CIPHER_CTX, key: *mut c_uchar) -> c_int; + + pub fn EVP_md_null() -> *const EVP_MD; + pub fn EVP_md5() -> *const EVP_MD; + pub fn EVP_sha1() -> *const EVP_MD; + pub fn EVP_sha224() -> *const EVP_MD; + pub fn EVP_sha256() -> *const EVP_MD; + pub fn EVP_sha384() -> *const EVP_MD; + pub fn EVP_sha512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_224() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_256() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_384() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake128() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake256() -> *const EVP_MD; + pub fn EVP_ripemd160() -> *const EVP_MD; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM3")))] + pub fn EVP_sm3() -> *const EVP_MD; + pub fn EVP_des_ecb() -> *const EVP_CIPHER; + pub fn EVP_des_ede3() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cbc() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cfb64() -> *const EVP_CIPHER; + pub fn EVP_des_cbc() -> *const EVP_CIPHER; + pub fn EVP_rc4() -> *const EVP_CIPHER; + pub fn EVP_bf_ecb() -> *const EVP_CIPHER; + pub fn EVP_bf_cbc() -> *const EVP_CIPHER; + pub fn EVP_bf_cfb64() -> *const EVP_CIPHER; + pub fn EVP_bf_ofb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20_poly1305() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cbc() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cfb128() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ecb() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ofb() -> *const EVP_CIPHER; + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ecb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cbc() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cfb128() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ofb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ctr() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_ecb() -> *const EVP_CIPHER; + + #[cfg(not(ossl110))] + pub fn OPENSSL_add_all_algorithms_noconf(); + + pub fn EVP_get_digestbyname(name: *const c_char) -> *const EVP_MD; + pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_id(pkey: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_bits(key: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_security_bits(key: *const EVP_PKEY) -> c_int; + } + + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + + } else { + extern "C" { + pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int; + } + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_bits(key: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl360))] + pub fn EVP_PKEY_security_bits(pkey: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +extern "C" { + pub fn EVP_PKEY_assign(pkey: *mut EVP_PKEY, typ: c_int, key: *mut c_void) -> c_int; + + pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; + pub fn EVP_PKEY_get1_RSA(k: *mut EVP_PKEY) -> *mut RSA; + pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; + pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; + pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY; + + pub fn EVP_PKEY_new() -> *mut EVP_PKEY; + pub fn EVP_PKEY_free(k: *mut EVP_PKEY); + #[cfg(any(ossl110, libressl270))] + pub fn EVP_PKEY_up_ref(pkey: *mut EVP_PKEY) -> c_int; + + pub fn d2i_AutoPrivateKey( + a: *mut *mut EVP_PKEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_copy_parameters(to: *mut EVP_PKEY, from: *const EVP_PKEY) -> c_int; + + pub fn PKCS5_PBKDF2_HMAC_SHA1( + pass: *const c_char, + passlen: c_int, + salt: *const u8, + saltlen: c_int, + iter: c_int, + keylen: c_int, + out: *mut u8, + ) -> c_int; + pub fn PKCS5_PBKDF2_HMAC( + pass: *const c_char, + passlen: c_int, + salt: *const c_uchar, + saltlen: c_int, + iter: c_int, + digest: *const EVP_MD, + keylen: c_int, + out: *mut u8, + ) -> c_int; + + #[cfg(ossl110)] + pub fn EVP_PBE_scrypt( + pass: *const c_char, + passlen: size_t, + salt: *const c_uchar, + saltlen: size_t, + N: u64, + r: u64, + p: u64, + maxmem: u64, + key: *mut c_uchar, + keylen: size_t, + ) -> c_int; + + pub fn EVP_PKEY_CTX_new(k: *mut EVP_PKEY, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX); + + pub fn EVP_PKEY_CTX_ctrl( + ctx: *mut EVP_PKEY_CTX, + keytype: c_int, + optype: c_int, + cmd: c_int, + p1: c_int, + p2: *mut c_void, + ) -> c_int; + + pub fn EVP_PKEY_new_mac_key( + type_: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: c_int, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_derive_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_derive_set_peer(ctx: *mut EVP_PKEY_CTX, peer: *mut EVP_PKEY) -> c_int; + pub fn EVP_PKEY_derive(ctx: *mut EVP_PKEY_CTX, key: *mut c_uchar, size: *mut size_t) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_PKEY_Q_keygen( + libctx: *mut OSSL_LIB_CTX, + propq: *const c_char, + type_: *const c_char, + ... + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_sign_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_sign( + ctx: *mut EVP_PKEY_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_verify_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_verify( + ctx: *mut EVP_PKEY_CTX, + sig: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_encrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_encrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; + pub fn EVP_PKEY_decrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_decrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn EVP_PKCS82PKEY(p8: #[const_ptr_if(any(ossl110, libressl280))] PKCS8_PRIV_KEY_INFO) -> *mut EVP_PKEY; + } +} + +cfg_if! { + if #[cfg(any(ossl111, libressl370))] { + extern "C" { + pub fn EVP_PKEY_get_raw_public_key( + pkey: *const EVP_PKEY, + ppub: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_public_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_get_raw_private_key( + pkey: *const EVP_PKEY, + ppriv: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_private_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + } + } +} + +extern "C" { + pub fn EVP_EncodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; + pub fn EVP_DecodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/hmac.rs b/vendor/openssl-sys/src/handwritten/hmac.rs new file mode 100644 index 000000000..b52d63fb1 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/hmac.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn HMAC_CTX_new() -> *mut HMAC_CTX; + pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); + } + } else { + extern "C" { + pub fn HMAC_CTX_init(ctx: *mut HMAC_CTX); + pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX); + } + } +} + +extern "C" { + pub fn HMAC_Init_ex( + ctx: *mut HMAC_CTX, + key: *const c_void, + len: c_int, + md: *const EVP_MD, + impl_: *mut ENGINE, + ) -> c_int; + pub fn HMAC_Update(ctx: *mut HMAC_CTX, data: *const c_uchar, len: size_t) -> c_int; + pub fn HMAC_Final(ctx: *mut HMAC_CTX, md: *mut c_uchar, len: *mut c_uint) -> c_int; + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/kdf.rs b/vendor/openssl-sys/src/handwritten/kdf.rs new file mode 100644 index 000000000..0f14b63a9 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/kdf.rs @@ -0,0 +1,26 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, + ) -> c_int; + } + } +} diff --git a/vendor/openssl-sys/src/handwritten/mod.rs b/vendor/openssl-sys/src/handwritten/mod.rs new file mode 100644 index 000000000..28aa4aecd --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/mod.rs @@ -0,0 +1,65 @@ +pub use self::aes::*; +pub use self::asn1::*; +pub use self::bio::*; +pub use self::bn::*; +pub use self::cms::*; +pub use self::conf::*; +pub use self::crypto::*; +pub use self::dh::*; +pub use self::dsa::*; +pub use self::ec::*; +pub use self::err::*; +pub use self::evp::*; +pub use self::hmac::*; +pub use self::kdf::*; +pub use self::object::*; +pub use self::ocsp::*; +pub use self::pem::*; +pub use self::pkcs12::*; +pub use self::pkcs7::*; +pub use self::provider::*; +pub use self::rand::*; +pub use self::rsa::*; +pub use self::safestack::*; +pub use self::sha::*; +pub use self::srtp::*; +pub use self::ssl::*; +pub use self::stack::*; +pub use self::tls1::*; +pub use self::types::*; +pub use self::x509::*; +pub use self::x509_vfy::*; +pub use self::x509v3::*; + +mod aes; +mod asn1; +mod bio; +mod bn; +mod cms; +mod conf; +mod crypto; +mod dh; +mod dsa; +mod ec; +mod err; +mod evp; +mod hmac; +mod kdf; +mod object; +mod ocsp; +mod pem; +mod pkcs12; +mod pkcs7; +mod provider; +mod rand; +mod rsa; +mod safestack; +mod sha; +mod srtp; +mod ssl; +mod stack; +mod tls1; +mod types; +mod x509; +mod x509_vfy; +mod x509v3; diff --git a/vendor/openssl-sys/src/handwritten/object.rs b/vendor/openssl-sys/src/handwritten/object.rs new file mode 100644 index 000000000..06e655343 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/object.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +extern "C" { + pub fn OBJ_nid2ln(nid: c_int) -> *const c_char; + pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; + pub fn OBJ_nid2obj(n: c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int; + pub fn OBJ_obj2txt( + buf: *mut c_char, + buf_len: c_int, + a: *const ASN1_OBJECT, + no_name: c_int, + ) -> c_int; + + pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) + -> c_int; + pub fn OBJ_sn2nid(sn: *const libc::c_char) -> libc::c_int; + pub fn OBJ_txt2obj(s: *const libc::c_char, no_name: libc::c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_create( + oid: *const libc::c_char, + sn: *const libc::c_char, + ln: *const libc::c_char, + ) -> c_int; + #[cfg(ossl111)] + pub fn OBJ_length(obj: *const ASN1_OBJECT) -> libc::size_t; + #[cfg(ossl111)] + pub fn OBJ_get0_data(obj: *const ASN1_OBJECT) -> *const c_uchar; +} diff --git a/vendor/openssl-sys/src/handwritten/ocsp.rs b/vendor/openssl-sys/src/handwritten/ocsp.rs new file mode 100644 index 000000000..c194a831b --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/ocsp.rs @@ -0,0 +1,89 @@ +use super::super::*; +use libc::*; + +pub enum OCSP_CERTID {} + +pub enum OCSP_ONEREQ {} + +pub enum OCSP_REQUEST {} + +pub enum OCSP_BASICRESP {} + +const_ptr_api! { + extern "C" { + pub fn OCSP_cert_to_id( + dgst: *const EVP_MD, + subject: #[const_ptr_if(any(ossl110, libressl281))] X509, + issuer: #[const_ptr_if(any(ossl110, libressl281))] X509, + ) -> *mut OCSP_CERTID; + } +} + +extern "C" { + pub fn OCSP_request_add0_id(r: *mut OCSP_REQUEST, id: *mut OCSP_CERTID) -> *mut OCSP_ONEREQ; + + pub fn OCSP_resp_find_status( + bs: *mut OCSP_BASICRESP, + id: *mut OCSP_CERTID, + status: *mut c_int, + reason: *mut c_int, + revtime: *mut *mut ASN1_GENERALIZEDTIME, + thisupd: *mut *mut ASN1_GENERALIZEDTIME, + nextupd: *mut *mut ASN1_GENERALIZEDTIME, + ) -> c_int; + pub fn OCSP_check_validity( + thisupd: *mut ASN1_GENERALIZEDTIME, + nextupd: *mut ASN1_GENERALIZEDTIME, + sec: c_long, + maxsec: c_long, + ) -> c_int; + + pub fn OCSP_response_status(resp: *mut OCSP_RESPONSE) -> c_int; + pub fn OCSP_response_get1_basic(resp: *mut OCSP_RESPONSE) -> *mut OCSP_BASICRESP; + + pub fn OCSP_response_create(status: c_int, bs: *mut OCSP_BASICRESP) -> *mut OCSP_RESPONSE; + + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; + pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); + pub fn OCSP_RESPONSE_new() -> *mut OCSP_RESPONSE; + pub fn OCSP_RESPONSE_free(r: *mut OCSP_RESPONSE); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_RESPONSE(a: #[const_ptr_if(ossl300)] OCSP_RESPONSE, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_RESPONSE( + a: *mut *mut OCSP_RESPONSE, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_RESPONSE; + pub fn OCSP_ONEREQ_free(r: *mut OCSP_ONEREQ); + pub fn OCSP_CERTID_free(id: *mut OCSP_CERTID); + pub fn OCSP_REQUEST_new() -> *mut OCSP_REQUEST; + pub fn OCSP_REQUEST_free(r: *mut OCSP_REQUEST); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_REQUEST(a: #[const_ptr_if(ossl300)] OCSP_REQUEST, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_REQUEST( + a: *mut *mut OCSP_REQUEST, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_REQUEST; + + pub fn OCSP_basic_verify( + bs: *mut OCSP_BASICRESP, + certs: *mut stack_st_X509, + st: *mut X509_STORE, + flags: c_ulong, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/pem.rs b/vendor/openssl-sys/src/handwritten/pem.rs new file mode 100644 index 000000000..42997177e --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/pem.rs @@ -0,0 +1,191 @@ +use super::super::*; +use libc::*; + +pub type pem_password_cb = Option< + unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int, +>; + +const_ptr_api! { + extern "C" { + pub fn PEM_write_bio_X509(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn PEM_write_bio_X509_REQ(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn PEM_write_bio_X509_CRL(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_CRL) -> c_int; + pub fn PEM_write_bio_RSAPrivateKey( + bp: *mut BIO, + rsa: #[const_ptr_if(ossl300)] RSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_RSA_PUBKEY(bp: *mut BIO, rsa: #[const_ptr_if(ossl300)] RSA) -> c_int; + pub fn PEM_write_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: #[const_ptr_if(ossl300)] DSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_ECPrivateKey( + bio: *mut BIO, + key: #[const_ptr_if(ossl300)] EC_KEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_DSA_PUBKEY(bp: *mut BIO, dsa: #[const_ptr_if(ossl300)] DSA) -> c_int; + pub fn PEM_write_bio_PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PUBKEY(bp: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn PEM_write_bio_PKCS8PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PKCS7(bp: *mut BIO, x: #[const_ptr_if(ossl300)] PKCS7) -> c_int; + pub fn PEM_write_bio_EC_PUBKEY(bp: *mut BIO, ec: #[const_ptr_if(ossl300)] EC_KEY) -> c_int; + pub fn i2d_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: #[const_ptr_if(ossl300)] EVP_PKEY, + enc: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + cb: pem_password_cb, + u: *mut c_void, + ) -> c_int; + } +} + +extern "C" { + pub fn PEM_read_bio_X509( + bio: *mut BIO, + out: *mut *mut X509, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509; + pub fn PEM_read_bio_X509_REQ( + bio: *mut BIO, + out: *mut *mut X509_REQ, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_REQ; + pub fn PEM_read_bio_X509_CRL( + bio: *mut BIO, + out: *mut *mut X509_CRL, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_CRL; + pub fn PEM_read_bio_RSAPrivateKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_RSAPublicKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_write_bio_RSAPublicKey(bp: *mut BIO, rsa: *const RSA) -> c_int; + pub fn PEM_read_bio_RSA_PUBKEY( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_DSA_PUBKEY( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_ECPrivateKey( + bio: *mut BIO, + key: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_EC_PUBKEY( + bp: *mut BIO, + ec: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_DHparams( + bio: *mut BIO, + out: *mut *mut DH, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DH; + pub fn PEM_write_bio_DHparams(bio: *mut BIO, x: *const DH) -> c_int; + pub fn PEM_read_bio_PrivateKey( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn PEM_read_bio_PUBKEY( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + + pub fn d2i_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: *mut *mut EVP_PKEY, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn d2i_PKCS8_PRIV_KEY_INFO( + k: *mut *mut PKCS8_PRIV_KEY_INFO, + buf: *mut *const u8, + length: c_long, + ) -> *mut PKCS8_PRIV_KEY_INFO; + pub fn PKCS8_PRIV_KEY_INFO_free(p8inf: *mut PKCS8_PRIV_KEY_INFO); + + pub fn PEM_read_bio_PKCS7( + bio: *mut BIO, + out: *mut *mut PKCS7, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut PKCS7; + + #[cfg(ossl101)] + pub fn PEM_read_bio_CMS( + bio: *mut BIO, + out: *mut *mut CMS_ContentInfo, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut CMS_ContentInfo; + #[cfg(ossl101)] + pub fn PEM_write_bio_CMS(bio: *mut BIO, cms: *const CMS_ContentInfo) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/pkcs12.rs b/vendor/openssl-sys/src/handwritten/pkcs12.rs new file mode 100644 index 000000000..728c333ad --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/pkcs12.rs @@ -0,0 +1,53 @@ +use libc::*; + +use super::super::*; + +pub enum PKCS12 {} + +extern "C" { + pub fn PKCS12_free(p12: *mut PKCS12); +} +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS12(a: #[const_ptr_if(ossl300)] PKCS12, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; + + pub fn PKCS12_parse( + p12: *mut PKCS12, + pass: *const c_char, + pkey: *mut *mut EVP_PKEY, + cert: *mut *mut X509, + ca: *mut *mut stack_st_X509, + ) -> c_int; + + pub fn PKCS12_set_mac( + p12: *mut PKCS12, + pass: *const c_char, + passlen: c_int, + salt: *mut c_uchar, + saltlen: c_int, + iter: c_int, + md_type: *const EVP_MD, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn PKCS12_create( + pass: #[const_ptr_if(any(ossl110, libressl280))] c_char, + friendly_name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int, + ) -> *mut PKCS12; + + pub fn i2d_PKCS12_bio(b: *mut BIO, a: #[const_ptr_if(ossl300)] PKCS12) -> c_int; + } +} diff --git a/vendor/openssl-sys/src/handwritten/pkcs7.rs b/vendor/openssl-sys/src/handwritten/pkcs7.rs new file mode 100644 index 000000000..78f96ec3e --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/pkcs7.rs @@ -0,0 +1,70 @@ +use super::super::*; +use libc::*; + +pub enum PKCS7_SIGNED {} +pub enum PKCS7_ENVELOPE {} +pub enum PKCS7_SIGN_ENVELOPE {} +pub enum PKCS7_DIGEST {} +pub enum PKCS7_ENCRYPT {} +pub enum PKCS7 {} + +extern "C" { + pub fn d2i_PKCS7(a: *mut *mut PKCS7, pp: *mut *const c_uchar, length: c_long) -> *mut PKCS7; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS7(a: #[const_ptr_if(ossl300)] PKCS7, buf: *mut *mut u8) -> c_int; + } +} + +extern "C" { + pub fn PKCS7_encrypt( + certs: *mut stack_st_X509, + b: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_verify( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + indata: *mut BIO, + out: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_get0_signers( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + flags: c_int, + ) -> *mut stack_st_X509; + + pub fn PKCS7_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_decrypt( + pkcs7: *mut PKCS7, + pkey: *mut EVP_PKEY, + cert: *mut X509, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_free(pkcs7: *mut PKCS7); + + pub fn SMIME_write_PKCS7( + out: *mut BIO, + pkcs7: *mut PKCS7, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn SMIME_read_PKCS7(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut PKCS7; +} diff --git a/vendor/openssl-sys/src/handwritten/provider.rs b/vendor/openssl-sys/src/handwritten/provider.rs new file mode 100644 index 000000000..3e18a02be --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/provider.rs @@ -0,0 +1,20 @@ +use super::super::*; +use libc::*; + +extern "C" { + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_load(ctx: *mut OSSL_LIB_CTX, name: *const c_char) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_try_load( + ctx: *mut OSSL_LIB_CTX, + name: *const c_char, + retain_fallbacks: c_int, + ) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_unload(prov: *mut OSSL_PROVIDER) -> c_int; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_set_default_search_path( + ctx: *mut OSSL_LIB_CTX, + path: *const c_char, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/rand.rs b/vendor/openssl-sys/src/handwritten/rand.rs new file mode 100644 index 000000000..3bf9da592 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/rand.rs @@ -0,0 +1,12 @@ +use libc::*; + +extern "C" { + pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int; + + #[cfg(ossl111)] + pub fn RAND_keep_random_devices_open(keep: c_int); + + pub fn RAND_status() -> c_int; + + pub fn RAND_add(buf: *const c_void, num: c_int, randomness: c_double); +} diff --git a/vendor/openssl-sys/src/handwritten/rsa.rs b/vendor/openssl-sys/src/handwritten/rsa.rs new file mode 100644 index 000000000..d05edfc30 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/rsa.rs @@ -0,0 +1,124 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: *mut c_int) -> c_int; + + pub fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + } + } +} + +extern "C" { + pub fn RSA_new() -> *mut RSA; + pub fn RSA_size(k: *const RSA) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_key(r: *mut RSA, n: *mut BIGNUM, e: *mut BIGNUM, d: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_factors(r: *mut RSA, p: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_crt_params( + r: *mut RSA, + dmp1: *mut BIGNUM, + dmq1: *mut BIGNUM, + iqmp: *mut BIGNUM, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_key( + r: *const RSA, + n: *mut *const BIGNUM, + e: *mut *const BIGNUM, + d: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_factors(r: *const RSA, p: *mut *const BIGNUM, q: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_crt_params( + r: *const RSA, + dmp1: *mut *const BIGNUM, + dmq1: *mut *const BIGNUM, + iqmp: *mut *const BIGNUM, + ); + + #[cfg(not(ossl110))] + pub fn RSA_generate_key( + modsz: c_int, + e: c_ulong, + cb: Option<extern "C" fn(c_int, c_int, *mut c_void)>, + cbarg: *mut c_void, + ) -> *mut RSA; + + pub fn RSA_generate_key_ex( + rsa: *mut RSA, + bits: c_int, + e: *mut BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn RSA_public_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_public_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_check_key(r: *const RSA) -> c_int; + pub fn RSA_free(rsa: *mut RSA); + pub fn RSA_up_ref(rsa: *mut RSA) -> c_int; + + pub fn i2d_RSAPublicKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPublicKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn i2d_RSAPrivateKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPrivateKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + + pub fn RSA_sign( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *mut u8, + siglen: *mut c_uint, + k: *mut RSA, + ) -> c_int; + pub fn RSA_verify( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *const u8, + siglen: c_uint, + k: *mut RSA, + ) -> c_int; + + pub fn RSA_padding_check_PKCS1_type_2( + to: *mut c_uchar, + tlen: c_int, + f: *const c_uchar, + fl: c_int, + rsa_len: c_int, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/safestack.rs b/vendor/openssl-sys/src/handwritten/safestack.rs new file mode 100644 index 000000000..0bee90d96 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/safestack.rs @@ -0,0 +1 @@ +stack!(stack_st_OPENSSL_STRING); diff --git a/vendor/openssl-sys/src/handwritten/sha.rs b/vendor/openssl-sys/src/handwritten/sha.rs new file mode 100644 index 000000000..7d00b592f --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/sha.rs @@ -0,0 +1,101 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA_CTX { + pub h0: SHA_LONG, + pub h1: SHA_LONG, + pub h2: SHA_LONG, + pub h3: SHA_LONG, + pub h4: SHA_LONG, + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + } + + extern "C" { + pub fn SHA1_Init(c: *mut SHA_CTX) -> c_int; + pub fn SHA1_Update(c: *mut SHA_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA1_Final(md: *mut c_uchar, c: *mut SHA_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA256_CTX { + pub h: [SHA_LONG; 8], + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA224_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA224_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA224_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA256_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA512_CTX { + pub h: [SHA_LONG64; 8], + pub Nl: SHA_LONG64, + pub Nh: SHA_LONG64, + // this is a union but we don't want to require 1.19 + u: [SHA_LONG64; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA384_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA384_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA384_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA512_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} diff --git a/vendor/openssl-sys/src/handwritten/srtp.rs b/vendor/openssl-sys/src/handwritten/srtp.rs new file mode 100644 index 000000000..d4c7af8eb --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/srtp.rs @@ -0,0 +1,10 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_CTX_set_tlsext_use_srtp(ctx: *mut SSL_CTX, profiles: *const c_char) -> c_int; + pub fn SSL_set_tlsext_use_srtp(ssl: *mut SSL, profiles: *const c_char) -> c_int; + + pub fn SSL_get_srtp_profiles(ssl: *mut SSL) -> *mut stack_st_SRTP_PROTECTION_PROFILE; + pub fn SSL_get_selected_srtp_profile(ssl: *mut SSL) -> *mut SRTP_PROTECTION_PROFILE; +} diff --git a/vendor/openssl-sys/src/handwritten/ssl.rs b/vendor/openssl-sys/src/handwritten/ssl.rs new file mode 100644 index 000000000..f179a04ab --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/ssl.rs @@ -0,0 +1,913 @@ +use super::super::*; +use libc::*; + +pub enum SSL_METHOD {} +pub enum SSL_CIPHER {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_SESSION {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const SSL_CIPHER, + cipher_id: c_long, + ciphers: *mut stack_st_SSL_CIPHER, + tlsext_hostname: *mut c_char, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_int: c_long, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + tlsext_hostname: *mut c_char, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut u8, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut u16, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_hint: c_long, + } + } else { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + key_arg_length: c_uint, + key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize], + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity: *mut c_char, + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + pub references: c_int, + timeout: c_long, + time: c_long, + compress_meth: c_uint, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticklen: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_lifetime_hint: c_long, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_username: *mut c_char, + } + } +} + +stack!(stack_st_SSL_CIPHER); + +#[repr(C)] +pub struct SRTP_PROTECTION_PROFILE { + pub name: *const c_char, + pub id: c_ulong, +} + +stack!(stack_st_SRTP_PROTECTION_PROFILE); + +pub type tls_session_ticket_ext_cb_fn = + Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>; +pub type tls_session_secret_cb_fn = Option< + unsafe extern "C" fn( + *mut SSL, + *mut c_void, + *mut c_int, + *mut stack_st_SSL_CIPHER, + *mut *mut SSL_CIPHER, + *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_add_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + add_arg: *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_free_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *const c_uchar, + add_arg: *mut c_void, + ), +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_parse_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + input: *const c_uchar, + inlen: size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + parse_arg: *mut c_void, + ) -> c_int, +>; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64; + } + } else if #[cfg(ossl110)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + } + } +} + +pub type GEN_SESSION_CB = + Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>; + +extern "C" { + pub fn SSL_CTX_sess_set_new_cb( + ctx: *mut SSL_CTX, + new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>, + ); + pub fn SSL_CTX_sess_set_remove_cb( + ctx: *mut SSL_CTX, + remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>, + ); +} +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } +} +extern "C" { + // FIXME change to unsafe extern "C" fn + pub fn SSL_CTX_set_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, + >, + ); +} + +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>, + ); + } + } +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *mut c_uchar, + cookie_len: *mut size_t, + ) -> c_int, + >, + ); + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *const c_uchar, + cookie_len: size_t, + ) -> c_int, + >, + ); + + pub fn SSL_CTX_set_next_protos_advertised_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_CTX_set_next_proto_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_get0_next_proto_negotiated( + s: *const SSL, + data: *mut *const c_uchar, + len: *mut c_uint, + ); + + pub fn SSL_select_next_proto( + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + client: *const c_uchar, + client_len: c_uint, + ) -> c_int; +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + #[link_name = "SSL_CTX_set_alpn_select_cb"] + pub fn SSL_CTX_set_alpn_select_cb__fixed_rust( + ssl: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + >, + arg: *mut c_void, + ); + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint); +} + +#[cfg(not(osslconf = "OPENSSL_NO_PSK"))] +extern "C" { + pub fn SSL_CTX_set_psk_client_callback( + ssl: *mut SSL_CTX, + psk_client_cb: Option< + extern "C" fn( + *mut SSL, + *const c_char, + *mut c_char, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_uint, + >, + ); + pub fn SSL_CTX_set_psk_server_callback( + ssl: *mut SSL_CTX, + psk_server_cb: Option< + extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint, + >, + ); + pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char; + pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_add_custom_ext( + ctx: *mut SSL_CTX, + ext_type: c_uint, + context: c_uint, + add_cb: SSL_custom_ext_add_cb_ex, + free_cb: SSL_custom_ext_free_cb_ex, + add_arg: *mut c_void, + parse_cb: SSL_custom_ext_parse_cb_ex, + parse_arg: *mut c_void, + ) -> c_int; + + #[cfg(ossl102)] + pub fn SSL_extension_supported(ext_type: c_uint) -> c_int; +} + +#[cfg(ossl111)] +pub type SSL_CTX_keylog_cb_func = + Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>; + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32; + + pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + + pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int; + pub fn SSL_get_verify_mode(s: *const SSL) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + extern "C" { + pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int; + pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(libressl270)] { + extern "C" { + pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int; + pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int; + } + } +} + +extern "C" { + pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int; + pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX; + pub fn SSL_CTX_free(ctx: *mut SSL_CTX); + #[cfg(any(ossl110, libressl273))] + pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE; + pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE); + + pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; + pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> #[const_ptr_if(any(ossl110, libressl280))] c_char; + } +} +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD; + pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char; + + pub fn SSL_pending(ssl: *const SSL) -> c_int; + pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO); + pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO; + pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int; + pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int; + pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int; + pub fn SSL_set_verify( + ssl: *mut SSL, + mode: c_int, + // FIXME should be unsafe + verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, + ); + pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int; + pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; + + pub fn SSL_CTX_use_PrivateKey_file( + ctx: *mut SSL_CTX, + key_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_file( + ctx: *mut SSL_CTX, + cert_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_chain_file( + ctx: *mut SSL_CTX, + cert_chain_file: *const c_char, + ) -> c_int; + pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int; + pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int; + pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int; + #[cfg(any(ossl110, libressl332))] + pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int; + pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME); + pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int; + pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME; + + #[cfg(not(ossl110))] + pub fn SSL_load_error_strings(); + pub fn SSL_state_string(ssl: *const SSL) -> *const c_char; + pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char; + + pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long; + pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int; + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32; + + pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int; + pub fn SSL_SESSION_free(s: *mut SSL_SESSION); +} +const_ptr_api! { + extern "C" { + pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn d2i_SSL_SESSION( + a: *mut *mut SSL_SESSION, + pp: *mut *const c_uchar, + len: c_long, + ) -> *mut SSL_SESSION; + + #[cfg(not(ossl300))] + pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509; + #[cfg(ossl300)] + pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509; + + pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509; + + pub fn SSL_CTX_set_verify( + ctx: *mut SSL_CTX, + mode: c_int, + verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, + ); + pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int); + + pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; + + pub fn SSL_CTX_set_session_id_context( + ssl: *mut SSL_CTX, + sid_ctx: *const c_uchar, + sid_ctx_len: c_uint, + ) -> c_int; + + pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM; +} + +#[cfg(ossl111)] +pub type SSL_client_hello_cb_fn = + Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>; +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_client_hello_cb( + c: *mut SSL_CTX, + cb: SSL_client_hello_cb_fn, + arg: *mut c_void, + ); + #[cfg(ossl111)] + pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_compression_methods( + s: *mut SSL, + out: *mut *const c_uchar, + ) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get1_extensions_present( + s: *mut SSL, + out: *mut *mut c_int, + outlen: *mut size_t, + ) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ext( + s: *mut SSL, + type_: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + ) -> c_int; + + pub fn SSL_free(ssl: *mut SSL); + pub fn SSL_accept(ssl: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_stateless(s: *mut SSL) -> c_int; + pub fn SSL_connect(ssl: *mut SSL) -> c_int; + pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_read_early_data( + s: *mut SSL, + buf: *mut c_void, + num: size_t, + readbytes: *mut size_t, + ) -> c_int; +} + +extern "C" { + pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_write_early_data( + s: *mut SSL, + buf: *const c_void, + num: size_t, + written: *mut size_t, + ) -> c_int; + pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + #[link_name = "SSL_CTX_callback_ctrl"] + pub fn SSL_CTX_callback_ctrl__fixed_rust( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option<unsafe extern "C" fn()>, + ) -> c_long; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl291))] { + extern "C" { + pub fn TLS_method() -> *const SSL_METHOD; + + pub fn DTLS_method() -> *const SSL_METHOD; + + pub fn TLS_server_method() -> *const SSL_METHOD; + + pub fn TLS_client_method() -> *const SSL_METHOD; + } + } else { + extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))] + pub fn SSLv3_method() -> *const SSL_METHOD; + + pub fn SSLv23_method() -> *const SSL_METHOD; + + pub fn SSLv23_client_method() -> *const SSL_METHOD; + + pub fn SSLv23_server_method() -> *const SSL_METHOD; + + pub fn TLSv1_method() -> *const SSL_METHOD; + + pub fn TLSv1_1_method() -> *const SSL_METHOD; + + pub fn TLSv1_2_method() -> *const SSL_METHOD; + + pub fn DTLSv1_method() -> *const SSL_METHOD; + + #[cfg(ossl102)] + pub fn DTLSv1_2_method() -> *const SSL_METHOD; + } + } +} + +extern "C" { + pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int; + pub fn SSL_get_version(ssl: *const SSL) -> *const c_char; + + pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int; + pub fn SSL_shutdown(ssl: *mut SSL) -> c_int; + + pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); + + pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int; + + pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_load_verify_locations( + ctx: *mut SSL_CTX, + CAfile: *const c_char, + CApath: *const c_char, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD; + } +} + +extern "C" { + pub fn SSL_set_connect_state(s: *mut SSL); + pub fn SSL_set_accept_state(s: *mut SSL); + + #[cfg(not(ossl110))] + pub fn SSL_library_init() -> c_int; + + pub fn SSL_CIPHER_description( + cipher: *const SSL_CIPHER, + buf: *mut c_char, + size: c_int, + ) -> *mut c_char; + + pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509; +} +const_ptr_api! { + extern "C" { + pub fn SSL_get_privatekey(ssl: #[const_ptr_if(any(ossl102, libressl280))] SSL) -> *mut EVP_PKEY; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl270))] + pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; + #[cfg(any(ossl102, libressl340))] + pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY; + + pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int); + pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int; + pub fn SSL_version(ssl: *const SSL) -> c_int; + pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; + pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX; + pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX; + + pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long; + #[cfg(ossl110)] + pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509; + + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_get_master_key( + session: *const SSL_SESSION, + out: *mut c_uchar, + outlen: size_t, + ) -> size_t; +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn SSL_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option<CRYPTO_EX_new>, + dup_func: Option<CRYPTO_EX_dup>, + free_func: Option<CRYPTO_EX_free>, + ) -> c_int; + + pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void; + + #[cfg(not(ossl110))] + pub fn SSL_CTX_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option<CRYPTO_EX_new>, + dup_func: Option<CRYPTO_EX_dup>, + free_func: Option<CRYPTO_EX_free>, + ) -> c_int; + + pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void; + + pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; +} + +extern "C" { + #[link_name = "SSL_CTX_set_tmp_dh_callback"] + pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL_CTX, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[link_name = "SSL_set_tmp_dh_callback"] + pub fn SSL_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_CTX_set_tmp_ecdh_callback"] + pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust( + ctx: *mut SSL_CTX, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_set_tmp_ecdh_callback"] + pub fn SSL_set_tmp_ecdh_callback__fixed_rust( + ssl: *mut SSL, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); +} + +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + const_ptr_api! { + extern "C" { + pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD; + } + } + } +} +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_COMP"))] +extern "C" { + #[cfg(ossl110)] + pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32; +} + +extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl273))] + pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl273))] SSL) -> c_int; + } +} + +extern "C" { + #[cfg(ossl110)] + pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t; + + #[cfg(ossl111)] + pub fn SSL_get_num_tickets(s: *const SSL) -> size_t; +} diff --git a/vendor/openssl-sys/src/handwritten/stack.rs b/vendor/openssl-sys/src/handwritten/stack.rs new file mode 100644 index 000000000..7f2feef6d --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/stack.rs @@ -0,0 +1,45 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl110)] { + pub enum OPENSSL_STACK {} + } else { + #[repr(C)] + pub struct _STACK { + pub num: c_int, + pub data: *mut *mut c_char, + pub sorted: c_int, + pub num_alloc: c_int, + pub comp: Option<unsafe extern "C" fn(*const c_void, *const c_void) -> c_int>, + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn OPENSSL_sk_num(stack: *const OPENSSL_STACK) -> c_int; + pub fn OPENSSL_sk_value(stack: *const OPENSSL_STACK, idx: c_int) -> *mut c_void; + + pub fn OPENSSL_sk_new_null() -> *mut OPENSSL_STACK; + pub fn OPENSSL_sk_free(st: *mut OPENSSL_STACK); + pub fn OPENSSL_sk_pop_free( + st: *mut OPENSSL_STACK, + free: Option<unsafe extern "C" fn(*mut c_void)>, + ); + pub fn OPENSSL_sk_push(st: *mut OPENSSL_STACK, data: *const c_void) -> c_int; + pub fn OPENSSL_sk_pop(st: *mut OPENSSL_STACK) -> *mut c_void; + } + } else { + extern "C" { + pub fn sk_num(st: *const _STACK) -> c_int; + pub fn sk_value(st: *const _STACK, n: c_int) -> *mut c_void; + + pub fn sk_new_null() -> *mut _STACK; + pub fn sk_free(st: *mut _STACK); + pub fn sk_pop_free(st: *mut _STACK, free: Option<unsafe extern "C" fn(*mut c_void)>); + pub fn sk_push(st: *mut _STACK, data: *mut c_void) -> c_int; + pub fn sk_pop(st: *mut _STACK) -> *mut c_void; + } + } +} diff --git a/vendor/openssl-sys/src/handwritten/tls1.rs b/vendor/openssl-sys/src/handwritten/tls1.rs new file mode 100644 index 000000000..8cf992fbc --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/tls1.rs @@ -0,0 +1,28 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_get_servername(ssl: *const SSL, name_type: c_int) -> *const c_char; + + pub fn SSL_export_keying_material( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + use_context: c_int, + ) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_export_keying_material_early( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + ) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/types.rs b/vendor/openssl-sys/src/handwritten/types.rs new file mode 100644 index 000000000..b229a3759 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/types.rs @@ -0,0 +1,1078 @@ +use libc::*; + +#[allow(unused_imports)] +use super::super::*; + +pub enum ASN1_INTEGER {} +pub enum ASN1_GENERALIZEDTIME {} +pub enum ASN1_STRING {} +pub enum ASN1_BIT_STRING {} +pub enum ASN1_TIME {} +pub enum ASN1_TYPE {} +pub enum ASN1_OBJECT {} +pub enum ASN1_OCTET_STRING {} + +pub enum bio_st {} // FIXME remove +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO {} + } else { + #[repr(C)] + pub struct BIO { + pub method: *mut BIO_METHOD, + pub callback: Option< + unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long, + >, + pub cb_arg: *mut c_char, + pub init: c_int, + pub shutdown: c_int, + pub flags: c_int, + pub retry_reason: c_int, + pub num: c_int, + pub ptr: *mut c_void, + pub next_bio: *mut BIO, + pub prev_bio: *mut BIO, + pub references: c_int, + pub num_read: c_ulong, + pub num_write: c_ulong, + pub ex_data: CRYPTO_EX_DATA, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum BIGNUM {} + } else { + #[repr(C)] + pub struct BIGNUM { + pub d: *mut BN_ULONG, + pub top: c_int, + pub dmax: c_int, + pub neg: c_int, + pub flags: c_int, + } + } +} +pub enum BN_BLINDING {} +pub enum BN_MONT_CTX {} + +pub enum BN_CTX {} +pub enum BN_GENCB {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_CIPHER {} + } else { + #[repr(C)] + pub struct EVP_CIPHER { + pub nid: c_int, + pub block_size: c_int, + pub key_len: c_int, + pub iv_len: c_int, + pub flags: c_ulong, + pub init: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int, + >, + pub do_cipher: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int, + >, + pub cleanup: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX) -> c_int>, + pub ctx_size: c_int, + pub set_asn1_parameters: + Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *mut ASN1_TYPE) -> c_int>, + pub get_asn1_parameters: + Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *mut ASN1_TYPE) -> c_int>, + pub ctrl: + Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, c_int, c_int, *mut c_void) -> c_int>, + pub app_data: *mut c_void, + } + } +} +pub enum EVP_CIPHER_CTX {} +pub enum EVP_MD {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_MD_CTX {} + } else { + #[repr(C)] + pub struct EVP_MD_CTX { + digest: *mut EVP_MD, + engine: *mut ENGINE, + flags: c_ulong, + md_data: *mut c_void, + pctx: *mut EVP_PKEY_CTX, + update: *mut c_void, + } + } +} + +pub enum PKCS8_PRIV_KEY_INFO {} + +pub enum EVP_PKEY_ASN1_METHOD {} + +pub enum EVP_PKEY_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum HMAC_CTX {} + } else { + #[repr(C)] + pub struct HMAC_CTX { + md: *mut EVP_MD, + md_ctx: EVP_MD_CTX, + i_ctx: EVP_MD_CTX, + o_ctx: EVP_MD_CTX, + key_length: c_uint, + key: [c_uchar; 128], + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DH {} + } else { + #[repr(C)] + pub struct DH { + pub pad: c_int, + pub version: c_int, + pub p: *mut BIGNUM, + pub g: *mut BIGNUM, + pub length: c_long, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub q: *mut BIGNUM, + pub j: *mut BIGNUM, + pub seed: *mut c_uchar, + pub seedlen: c_int, + pub counter: *mut BIGNUM, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DH_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DH_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA {} + } else { + #[repr(C)] + pub struct DSA { + pub pad: c_int, + pub version: c_long, + pub write_params: c_int, + + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub g: *mut BIGNUM, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub kinv: *mut BIGNUM, + pub r: *mut BIGNUM, + + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DSA_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DSA_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum RSA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } else { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub bignum_data: *mut c_char, + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } +} +pub enum RSA_METHOD {} + +pub enum EC_KEY {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509 {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } else { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_addr: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_asid: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub enum X509_ALGOR {} + } else { + #[repr(C)] + pub struct X509_ALGOR { + pub algorithm: *mut ASN1_OBJECT, + parameter: *mut c_void, + } + } +} + +pub enum X509_LOOKUP_METHOD {} + +pub enum X509_NAME {} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_STORE {} + } else { + #[repr(C)] + pub struct X509_STORE { + cache: c_int, + pub objs: *mut stack_st_X509_OBJECT, + get_cert_methods: *mut stack_st_X509_LOOKUP, + param: *mut X509_VERIFY_PARAM, + verify: Option<extern "C" fn(ctx: *mut X509_STORE_CTX) -> c_int>, + verify_cb: Option<extern "C" fn(ok: c_int, ctx: *mut X509_STORE_CTX) -> c_int>, + get_issuer: Option< + extern "C" fn(issuer: *mut *mut X509, ctx: *mut X509_STORE_CTX, x: *mut X509) -> c_int, + >, + check_issued: + Option<extern "C" fn(ctx: *mut X509_STORE_CTX, x: *mut X509, issuer: *mut X509) -> c_int>, + check_revocation: Option<extern "C" fn(ctx: *mut X509_STORE_CTX) -> c_int>, + get_crl: Option< + extern "C" fn(ctx: *mut X509_STORE_CTX, crl: *mut *mut X509_CRL, x: *mut X509) -> c_int, + >, + check_crl: Option<extern "C" fn(ctx: *mut X509_STORE_CTX, crl: *mut X509_CRL) -> c_int>, + cert_crl: + Option<extern "C" fn(ctx: *mut X509_STORE_CTX, crl: *mut X509_CRL, x: *mut X509) -> c_int>, + lookup_certs: + Option<extern "C" fn(ctx: *mut X509_STORE_CTX, nm: *const X509_NAME) -> *mut stack_st_X509>, + lookup_crls: Option< + extern "C" fn(ctx: *const X509_STORE_CTX, nm: *const X509_NAME) -> *mut stack_st_X509_CRL, + >, + cleanup: Option<extern "C" fn(ctx: *mut X509_STORE_CTX) -> c_int>, + ex_data: CRYPTO_EX_DATA, + references: c_int, + } + } +} + +pub enum X509_STORE_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509_VERIFY_PARAM {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + id: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + //pub id: *mut X509_VERIFY_PARAM_ID, + } + } else { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + #[cfg(ossl102)] + pub id: *mut X509_VERIFY_PARAM_ID, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_OBJECT {} + } else { + #[repr(C)] + pub struct X509_OBJECT { + pub type_: c_int, + pub data: X509_OBJECT_data, + } + #[repr(C)] + pub union X509_OBJECT_data { + pub ptr: *mut c_char, + pub x509: *mut X509, + pub crl: *mut X509_CRL, + pub pkey: *mut EVP_PKEY, + } + } +} + +pub enum X509_LOOKUP {} + +#[repr(C)] +pub struct X509V3_CTX { + flags: c_int, + issuer_cert: *mut c_void, + subject_cert: *mut c_void, + subject_req: *mut c_void, + crl: *mut c_void, + db_meth: *mut c_void, + db: *mut c_void, + #[cfg(ossl300)] + issuer_pkey: *mut c_void, + // I like the last comment line, it is copied from OpenSSL sources: + // Maybe more here +} +pub enum CONF {} +#[cfg(ossl110)] +pub enum OPENSSL_INIT_SETTINGS {} + +pub enum ENGINE {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL { + version: c_int, + method: *const SSL_METHOD, + rbio: *mut BIO, + wbio: *mut BIO, + bbio: *mut BIO, + pub server: c_int, + s3: *mut c_void, + d1: *mut c_void, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + verify_mode: c_int, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + verify_result: c_long, + references: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_hostname: *mut c_char, + tlsext_status_type: c_int, + initial_ctx: *mut SSL_CTX, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option<unsafe extern "C" fn(*mut SSL) -> c_int>, + pub server: c_int, + new_session: c_int, + quiet_shutdown: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, + c_int, + c_int, + *const c_void, + size_t, + *mut SSL, + *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + aead_read_ctx: *mut c_void, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + aead_write_ctx: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option<unsafe extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, + info_callback: Option<unsafe extern "C" fn(*mut SSL, c_int, c_int)>, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_debug_cb: + Option<unsafe extern "C" fn(*mut SSL, c_int, c_int, *mut c_uchar, c_int, *mut c_void)>, + tlsext_debug_arg: *mut c_void, + tlsext_hostname: *mut c_char, + servername_done: c_int, + tlsext_status_type: c_int, + tlsext_status_expected: c_int, + tlsext_ocsp_ids: *mut c_void, + tlsext_ocsp_exts: *mut c_void, + tlsext_ocsp_resp: *mut c_uchar, + tlsext_ocsp_resplen: c_int, + tlsext_ticket_expected: c_int, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut c_uchar, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut c_uchar, + tlsext_session_ticket: *mut c_void, + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + tls_session_ticket_ext_cb_arg: *mut c_void, + tls_session_secret_cb: tls_session_secret_cb_fn, + tls_session_secret_cb_arg: *mut c_void, + initial_ctx: *mut SSL_CTX, + next_proto_negotiated: *mut c_uchar, + next_proto_negotiated_len: c_uchar, + srtp_profiles: *mut c_void, + srtp_profile: *mut c_void, + tlsext_heartbeat: c_uint, + tlsext_hb_pending: c_uint, + tlsext_hb_seq: c_uint, + alpn_client_proto_list: *mut c_uchar, + alpn_client_proto_list_len: c_uint, + renegotiate: c_int, + } + } else { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option<unsafe extern "C" fn(*mut SSL) -> c_int>, + pub server: c_int, + new_session: c_int, + quiet_session: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s2: *mut c_void, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + expand: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + compress: *mut c_void, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option<unsafe extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>, + info_callback: Option<unsafe extern "C" fn(*mut SSL, c_int, c_int)>, + error: c_int, + error_code: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + kssl_ctx: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: Option< + unsafe extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint) + -> c_uint, + >, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: + Option<unsafe extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint>, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_cb: + Option<unsafe extern "C" fn(*mut SSL, c_int, c_int, *mut c_uchar, c_int, *mut c_void)>, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + servername_done: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_type: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_expected: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_ids: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_exts: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resp: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resplen: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_expected: c_int, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_len: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_ticket_ext_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb: tls_session_secret_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + initial_ctx: *mut SSL_CTX, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated_len: c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profiles: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profile: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_heartbeat: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_pending: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_seq: c_uint, + renegotiate: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_CTX {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_CTX { + method: *const SSL_METHOD, + cipher_list: *mut stack_st_SSL_CIPHER, + cert_store: *mut c_void, + session_timeout: c_long, + pub references: c_int, + extra_certs: *mut stack_st_X509, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + param: *mut X509_VERIFY_PARAM, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + tlsext_servername_callback: *mut c_void, + tlsect_servername_arg: *mut c_void, + tlsext_tick_key_name: [c_uchar; 16], + tlsext_tick_hmac_key: [c_uchar; 16], + tlsext_tick_aes_key: [c_uchar; 16], + tlsext_ticket_key_cb: *mut c_void, + tlsext_status_cb: *mut c_void, + tlsext_status_arg: *mut c_void, + tlsext_opaque_prf_input_callback: *mut c_void, + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + next_protos_advertised_cb: *mut c_void, + next_protos_advertised_cb_arg: *mut c_void, + next_proto_select_cb: *mut c_void, + next_proto_select_cb_arg: *mut c_void, + + srtp_profiles: *mut c_void, + } + } else { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_servername_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsect_servername_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_key_name: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_hmac_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_aes_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_key_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + freelist_max_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + wbuf_freelist: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + rbuf_freelist: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb_arg: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb_arg: *mut c_void, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] + srtp_profiles: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb_arg: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + } + + #[repr(C)] + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + pub struct SRP_CTX { + SRP_cb_arg: *mut c_void, + TLS_ext_srp_username_callback: *mut c_void, + SRP_verify_param_callback: *mut c_void, + SRP_give_srp_client_pwd_callback: *mut c_void, + login: *mut c_void, + N: *mut c_void, + g: *mut c_void, + s: *mut c_void, + B: *mut c_void, + A: *mut c_void, + a: *mut c_void, + b: *mut c_void, + v: *mut c_void, + info: *mut c_void, + stringth: c_int, + srp_Mask: c_ulong, + } + } +} + +pub enum COMP_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum COMP_METHOD {} + } else { + #[repr(C)] + pub struct COMP_METHOD { + pub type_: c_int, + pub name: *const c_char, + init: Option<unsafe extern "C" fn(*mut COMP_CTX) -> c_int>, + finish: Option<unsafe extern "C" fn(*mut COMP_CTX)>, + compress: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + expand: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + ctrl: Option<unsafe extern "C" fn() -> c_long>, + callback_ctrl: Option<unsafe extern "C" fn() -> c_long>, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum CRYPTO_EX_DATA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + } + } else { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + pub dummy: c_int, + } + } +} + +pub enum OCSP_RESPONSE {} + +#[cfg(ossl300)] +pub enum OSSL_PROVIDER {} + +#[cfg(ossl300)] +pub enum OSSL_LIB_CTX {} diff --git a/vendor/openssl-sys/src/handwritten/x509.rs b/vendor/openssl-sys/src/handwritten/x509.rs new file mode 100644 index 000000000..37bbf7b08 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/x509.rs @@ -0,0 +1,675 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct X509_VAL { + pub notBefore: *mut ASN1_TIME, + pub notAfter: *mut ASN1_TIME, +} + +pub enum X509_NAME_ENTRY {} + +stack!(stack_st_X509_NAME_ENTRY); + +stack!(stack_st_X509_NAME); + +pub enum X509_EXTENSION {} + +stack!(stack_st_X509_EXTENSION); + +stack!(stack_st_X509_ATTRIBUTE); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ_INFO {} + } else { + #[repr(C)] + pub struct X509_REQ_INFO { + pub enc: ASN1_ENCODING, + pub version: *mut ASN1_INTEGER, + pub subject: *mut X509_NAME, + pubkey: *mut c_void, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL {} + } else { + #[repr(C)] + pub struct X509_CRL { + pub crl: *mut X509_CRL_INFO, + sig_alg: *mut X509_ALGOR, + signature: *mut c_void, + references: c_int, + flags: c_int, + akid: *mut c_void, + idp: *mut c_void, + idp_flags: c_int, + idp_reasons: c_int, + crl_number: *mut ASN1_INTEGER, + base_crl_number: *mut ASN1_INTEGER, + sha1_hash: [c_uchar; 20], + issuers: *mut c_void, + meth: *const c_void, + meth_data: *mut c_void, + } + } +} + +stack!(stack_st_X509_CRL); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL_INFO {} + } else { + #[repr(C)] + pub struct X509_CRL_INFO { + version: *mut ASN1_INTEGER, + sig_alg: *mut X509_ALGOR, + pub issuer: *mut X509_NAME, + pub lastUpdate: *mut ASN1_TIME, + pub nextUpdate: *mut ASN1_TIME, + pub revoked: *mut stack_st_X509_REVOKED, + extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REVOKED {} + } else { + #[repr(C)] + pub struct X509_REVOKED { + pub serialNumber: *mut ASN1_INTEGER, + pub revocationDate: *mut ASN1_TIME, + pub extensions: *mut stack_st_X509_EXTENSION, + issuer: *mut stack_st_GENERAL_NAME, + reason: c_int, + sequence: c_int, + } + } +} + +stack!(stack_st_X509_REVOKED); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ {} + } else { + #[repr(C)] + pub struct X509_REQ { + pub req_info: *mut X509_REQ_INFO, + sig_alg: *mut c_void, + signature: *mut c_void, + references: c_int, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CINF {} + } else { + #[repr(C)] + pub struct X509_CINF { + version: *mut c_void, + serialNumber: *mut c_void, + signature: *mut c_void, + issuer: *mut c_void, + pub validity: *mut X509_VAL, + subject: *mut c_void, + key: *mut c_void, + issuerUID: *mut c_void, + subjectUID: *mut c_void, + pub extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +stack!(stack_st_X509); + +stack!(stack_st_X509_OBJECT); + +stack!(stack_st_X509_LOOKUP); + +extern "C" { + pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; + + pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + + pub fn X509_digest( + x: *const X509, + digest: *const EVP_MD, + buf: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + + pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_X509_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn i2d_X509_REQ_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn i2d_PrivateKey_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn i2d_PUBKEY_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + + pub fn i2d_PUBKEY(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_RSA_PUBKEY(k: #[const_ptr_if(ossl300)] RSA, buf: *mut *mut u8) -> c_int; + pub fn i2d_DSA_PUBKEY(a: #[const_ptr_if(ossl300)] DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_PrivateKey(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_ECPrivateKey(ec_key: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_EC_PUBKEY(a: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY; + pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_EC_PUBKEY( + a: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; + + pub fn d2i_ECPrivateKey( + k: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl350))] + pub fn X509_ALGOR_get0( + paobj: *mut #[const_ptr_if(any(ossl110, libressl350))] ASN1_OBJECT, + pptype: *mut c_int, + ppval: *mut #[const_ptr_if(any(ossl110, libressl350))] c_void, + alg: #[const_ptr_if(any(ossl110, libressl350))] X509_ALGOR, + ); + } +} + +extern "C" { + pub fn X509_gmtime_adj(time: *mut ASN1_TIME, adj: c_long) -> *mut ASN1_TIME; + + pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; + + pub fn X509_ALGOR_free(x: *mut X509_ALGOR); + + pub fn X509_REVOKED_new() -> *mut X509_REVOKED; + pub fn X509_REVOKED_free(x: *mut X509_REVOKED); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_dup(rev: #[const_ptr_if(ossl300)] X509_REVOKED) -> *mut X509_REVOKED; + } +} + +extern "C" { + pub fn d2i_X509_REVOKED( + a: *mut *mut X509_REVOKED, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REVOKED; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REVOKED(x: #[const_ptr_if(ossl300)] X509_REVOKED, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_new() -> *mut X509_CRL; + pub fn X509_CRL_free(x: *mut X509_CRL); + pub fn d2i_X509_CRL( + a: *mut *mut X509_CRL, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_CRL; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_CRL(x: #[const_ptr_if(ossl300)] X509_CRL, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_dup(x: #[const_ptr_if(ossl300)] X509_CRL) -> *mut X509_CRL; + } +} + +extern "C" { + pub fn X509_REQ_new() -> *mut X509_REQ; + pub fn X509_REQ_free(x: *mut X509_REQ); + pub fn d2i_X509_REQ( + a: *mut *mut X509_REQ, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REQ; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REQ(x: #[const_ptr_if(ossl300)] X509_REQ, buf: *mut *mut u8) -> c_int; + + #[cfg(any(ossl102, libressl273))] + pub fn X509_get0_signature( + psig: *mut #[const_ptr_if(any(ossl110, libressl273))] ASN1_BIT_STRING, + palg: *mut #[const_ptr_if(any(ossl110, libressl273))] X509_ALGOR, + x: *const X509, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REQ_dup(x: #[const_ptr_if(ossl300)] X509_REQ) -> *mut X509_REQ; + } +} +extern "C" { + #[cfg(ossl102)] + pub fn X509_get_signature_nid(x: *const X509) -> c_int; + + pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION); + + pub fn X509_NAME_ENTRY_free(x: *mut X509_NAME_ENTRY); + + pub fn X509_NAME_new() -> *mut X509_NAME; + pub fn X509_NAME_free(x: *mut X509_NAME); + + pub fn X509_new() -> *mut X509; + pub fn X509_free(x: *mut X509); +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509(x: #[const_ptr_if(ossl300)] X509, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_NAME_dup(x: #[const_ptr_if(ossl300)] X509_NAME) -> *mut X509_NAME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_dup(x: #[const_ptr_if(ossl300)] X509) -> *mut X509; + #[cfg(any(ossl101, libressl350))] + pub fn X509_NAME_add_entry( + name: *mut X509_NAME, + ne: #[const_ptr_if(any(ossl110, libressl))] X509_NAME_ENTRY, + loc: c_int, + set: c_int, + ) -> c_int; + } +} +extern "C" { + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; + pub fn d2i_X509_bio(b: *mut BIO, a: *mut *mut X509) -> *mut X509; + + pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; + + pub fn X509_set_version(x: *mut X509, version: c_long) -> c_int; + #[cfg(ossl110)] + pub fn X509_get_version(x: *const X509) -> c_long; + pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int; + pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER; +} +const_ptr_api! { + extern "C" { + pub fn X509_set_issuer_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_issuer_name_hash(x: *mut X509) -> c_ulong; + pub fn X509_subject_name_hash(x: *mut X509) -> c_ulong; +} +const_ptr_api! { + extern "C" { + pub fn X509_get_issuer_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + pub fn X509_set_subject_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + pub fn X509_get_subject_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_set1_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set1_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } else { + extern "C" { + pub fn X509_set_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } +} +extern "C" { + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; + pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int; + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut X509_NAME; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY; + pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: #[const_ptr_if(ossl300)] stack_st_X509_EXTENSION) + -> c_int; + } +} +extern "C" { + pub fn X509_set_pubkey(x: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_verify(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notBefore(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notAfter(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_up_ref(x: *mut X509) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION; + + pub fn X509_REVOKED_set_serialNumber(r: *mut X509_REVOKED, serial: *mut ASN1_INTEGER) -> c_int; + pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int; + + pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + pub fn X509_CRL_digest( + x: *const X509_CRL, + digest: *const EVP_MD, + md: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_CRL_get0_by_cert( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + cert: *mut X509, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_get0_by_serial( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + serial: #[const_ptr_if(ossl300)] ASN1_INTEGER, + ) -> c_int; + } +} + +extern "C" { + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME; + + #[cfg(ossl110)] + pub fn X509_get0_extensions(req: *const X509) -> *const stack_st_X509_EXTENSION; + + pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int; + pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int; +} +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + extern "C" { + pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } else { + // libressl270 kept them, ossl110 "#define"s them to the variants above + extern "C" { + pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_NAME_entry_count(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME) -> c_int; + pub fn X509_NAME_get_index_by_NID(n: #[const_ptr_if(any(ossl300, libressl280))] X509_NAME, nid: c_int, last_pos: c_int) -> c_int; + pub fn X509_NAME_get_entry(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY; + pub fn X509_NAME_add_entry_by_NID( + x: *mut X509_NAME, + field: c_int, + ty: c_int, + bytes: #[const_ptr_if(any(ossl110, libressl280))] c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn i2d_X509_NAME(n: #[const_ptr_if(ossl300)] X509_NAME, buf: *mut *mut u8) -> c_int; + pub fn X509_NAME_ENTRY_get_object(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_OBJECT; + pub fn X509_NAME_ENTRY_get_data(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_STRING; + } +} +extern "C" { + pub fn X509_NAME_add_entry_by_txt( + x: *mut X509_NAME, + field: *const c_char, + ty: c_int, + bytes: *const c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn d2i_X509_NAME( + n: *mut *mut X509_NAME, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_NAME; +} + +// "raw" X509_EXTENSION related functions +extern "C" { + // in X509 + pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_add1_ext_i2d( + x: *mut X509, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_CRL + pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_CRL_add1_ext_i2d( + x: *mut X509_CRL, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_REVOKED + pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_add_ext( + x: *mut X509_REVOKED, + ext: *mut X509_EXTENSION, + loc: c_int, + ) -> c_int; + pub fn X509_REVOKED_add1_ext_i2d( + x: *mut X509_REVOKED, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // X509_EXTENSION stack + // - these getters always used *const STACK + pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int; + pub fn X509v3_get_ext_by_NID( + x: *const stack_st_X509_EXTENSION, + nid: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext_by_critical( + x: *const stack_st_X509_EXTENSION, + crit: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_add_ext( + x: *mut *mut stack_st_X509_EXTENSION, + ex: *mut X509_EXTENSION, + loc: c_int, + ) -> *mut stack_st_X509_EXTENSION; + // - X509V3_add1_i2d in x509v3.rs + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_NID( + ex: *mut *mut X509_EXTENSION, + nid: c_int, + crit: c_int, + data: *mut ASN1_OCTET_STRING, + ) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int; + pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int; + pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT; + pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_OCTET_STRING; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_X509_EXTENSION(ext: #[const_ptr_if(ossl300)] X509_EXTENSION, pp: *mut *mut c_uchar) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + // in X509 + pub fn X509_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> c_int; + pub fn X509_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_CRL + pub fn X509_CRL_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL) -> c_int; + pub fn X509_CRL_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_REVOKED + pub fn X509_REVOKED_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED) -> c_int; + pub fn X509_REVOKED_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // X509_EXTENSION stack + pub fn X509v3_get_ext_by_OBJ(x: *const stack_st_X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT) -> c_int; + pub fn X509_EXTENSION_get_critical(ex: #[const_ptr_if(any(ossl110, libressl280))] X509_EXTENSION) -> c_int; + } +} + +extern "C" { + pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT; + } +} +#[cfg(any(ossl110, libressl270))] +extern "C" { + pub fn X509_OBJECT_get0_X509(x: *const X509_OBJECT) -> *mut X509; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_OBJECT_free(a: *mut X509_OBJECT); + } + } else { + extern "C" { + pub fn X509_OBJECT_free_contents(a: *mut X509_OBJECT); + } + } +} + +extern "C" { + pub fn X509_get_default_cert_file_env() -> *const c_char; + pub fn X509_get_default_cert_file() -> *const c_char; + pub fn X509_get_default_cert_dir_env() -> *const c_char; + pub fn X509_get_default_cert_dir() -> *const c_char; +} + +extern "C" { + pub fn X509_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_NAME_cmp(a: *const X509_NAME, b: *const X509_NAME) -> c_int; + pub fn X509_issuer_and_serial_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_issuer_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_subject_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_CRL_cmp(a: *const X509_CRL, b: *const X509_CRL) -> c_int; + pub fn X509_CRL_match(a: *const X509_CRL, b: *const X509_CRL) -> c_int; +} + +extern "C" { + pub fn X509_print(bio: *mut BIO, x509: *mut X509) -> c_int; + pub fn X509_REQ_print(bio: *mut BIO, req: *mut X509_REQ) -> c_int; +} + +#[repr(C)] +pub struct X509_PURPOSE { + pub purpose: c_int, + pub trust: c_int, // Default trust ID + pub flags: c_int, + pub check_purpose: + Option<unsafe extern "C" fn(*const X509_PURPOSE, *const X509, c_int) -> c_int>, + pub name: *mut c_char, + pub sname: *mut c_char, + pub usr_data: *mut c_void, +} + +const_ptr_api! { + extern "C" { + pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int; + pub fn X509_PURPOSE_get0(idx: c_int) -> *mut X509_PURPOSE; + } +} diff --git a/vendor/openssl-sys/src/handwritten/x509_vfy.rs b/vendor/openssl-sys/src/handwritten/x509_vfy.rs new file mode 100644 index 000000000..9adf63fa0 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/x509_vfy.rs @@ -0,0 +1,132 @@ +use super::super::*; +use libc::*; + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub enum X509_VERIFY_PARAM_ID {} + +extern "C" { + #[cfg(ossl110)] + pub fn X509_LOOKUP_meth_free(method: *mut X509_LOOKUP_METHOD); +} + +extern "C" { + pub fn X509_LOOKUP_free(ctx: *mut X509_LOOKUP); + pub fn X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_file() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_ctrl( + ctx: *mut X509_LOOKUP, + cmd: c_int, + argc: *const c_char, + argl: c_long, + ret: *mut *mut c_char, + ) -> c_int; + pub fn X509_load_cert_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; + pub fn X509_load_crl_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; +} + +extern "C" { + pub fn X509_STORE_new() -> *mut X509_STORE; + pub fn X509_STORE_free(store: *mut X509_STORE); + + pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; + + pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); + pub fn X509_STORE_CTX_init( + ctx: *mut X509_STORE_CTX, + store: *mut X509_STORE, + x509: *mut X509, + chain: *mut stack_st_X509, + ) -> c_int; + pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); + + pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + + pub fn X509_STORE_add_lookup( + store: *mut X509_STORE, + meth: *mut X509_LOOKUP_METHOD, + ) -> *mut X509_LOOKUP; + + pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; + pub fn X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int; + pub fn X509_STORE_set_purpose(ctx: *mut X509_STORE, purpose: c_int) -> c_int; + pub fn X509_STORE_set_trust(ctx: *mut X509_STORE, trust: c_int) -> c_int; + +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_set1_param(store: *mut X509_STORE, pm: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get_ex_data(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX, idx: c_int) -> *mut c_void; + pub fn X509_STORE_CTX_get_error(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_error_depth(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_current_cert(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut X509; + } +} +extern "C" { + pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int); +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get0_chain(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut stack_st_X509; + } + } + } else { + extern "C" { + pub fn X509_STORE_CTX_get_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509; + } + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_new() -> *mut X509_VERIFY_PARAM; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_clear_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_time(param: *mut X509_VERIFY_PARAM, t: time_t); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_depth(param: *mut X509_VERIFY_PARAM, depth: c_int); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_get_flags(param: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_ulong; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_host( + param: *mut X509_VERIFY_PARAM, + name: *const c_char, + namelen: size_t, + ) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_ip( + param: *mut X509_VERIFY_PARAM, + ip: *const c_uchar, + iplen: size_t, + ) -> c_int; + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_set_auth_level(param: *mut X509_VERIFY_PARAM, lvl: c_int); + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_get_auth_level(param: *const X509_VERIFY_PARAM) -> c_int; + #[cfg(ossl102)] + pub fn X509_VERIFY_PARAM_set_purpose(param: *mut X509_VERIFY_PARAM, purpose: c_int) -> c_int; +} diff --git a/vendor/openssl-sys/src/handwritten/x509v3.rs b/vendor/openssl-sys/src/handwritten/x509v3.rs new file mode 100644 index 000000000..4a15f3df5 --- /dev/null +++ b/vendor/openssl-sys/src/handwritten/x509v3.rs @@ -0,0 +1,132 @@ +use super::super::*; +use libc::*; + +pub enum CONF_METHOD {} + +extern "C" { + pub fn GENERAL_NAME_new() -> *mut GENERAL_NAME; + pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); +} + +#[repr(C)] +pub struct ACCESS_DESCRIPTION { + pub method: *mut ASN1_OBJECT, + pub location: *mut GENERAL_NAME, +} + +stack!(stack_st_ACCESS_DESCRIPTION); + +extern "C" { + pub fn ACCESS_DESCRIPTION_free(ad: *mut ACCESS_DESCRIPTION); +} + +#[repr(C)] +pub struct AUTHORITY_KEYID { + pub keyid: *mut ASN1_OCTET_STRING, + pub issuer: *mut stack_st_GENERAL_NAME, + pub serial: *mut ASN1_INTEGER, +} + +extern "C" { + pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_EXT_nconf_nid( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + ext_nid: c_int, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + pub fn X509V3_EXT_nconf( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + } +} + +extern "C" { + pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; + pub fn X509_verify(req: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + + pub fn X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF); + + pub fn X509V3_set_ctx( + ctx: *mut X509V3_CTX, + issuer: *mut X509, + subject: *mut X509, + req: *mut X509_REQ, + crl: *mut X509_CRL, + flags: c_int, + ); + + pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_get_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + pub fn X509V3_extensions_print(out: *mut BIO, title: #[const_ptr_if(any(ossl110, libressl280))] c_char, exts: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; + } +} + +extern "C" { + pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int; + pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; + pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; + pub fn X509V3_add1_i2d( + x: *mut *mut stack_st_X509_EXTENSION, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + pub fn X509V3_EXT_print( + out: *mut BIO, + ext: *mut X509_EXTENSION, + flag: c_ulong, + indent: c_int, + ) -> c_int; + + #[cfg(ossl110)] + pub fn X509_get_extension_flags(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_key_usage(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; +} + +#[repr(C)] +pub struct DIST_POINT_NAME { + pub type_: c_int, + pub name: DIST_POINT_NAME_st_anon_union, + pub dpname: *mut X509_NAME, +} + +#[repr(C)] +pub union DIST_POINT_NAME_st_anon_union { + pub fullname: *mut stack_st_GENERAL_NAME, + pub relativename: *mut stack_st_X509_NAME_ENTRY, +} + +#[repr(C)] +pub struct DIST_POINT { + pub distpoint: *mut DIST_POINT_NAME, + pub reasons: *mut ASN1_BIT_STRING, + pub CRLissuer: *mut stack_st_GENERAL_NAME, + pub dp_reasons: c_int, +} +stack!(stack_st_DIST_POINT); + +extern "C" { + pub fn DIST_POINT_free(dist_point: *mut DIST_POINT); + pub fn DIST_POINT_NAME_free(dist_point: *mut DIST_POINT_NAME); +} diff --git a/vendor/openssl-sys/src/lib.rs b/vendor/openssl-sys/src/lib.rs new file mode 100644 index 000000000..c3084755c --- /dev/null +++ b/vendor/openssl-sys/src/lib.rs @@ -0,0 +1,212 @@ +#![allow( + clippy::missing_safety_doc, + clippy::unreadable_literal, + clippy::uninlined_format_args, + clippy::upper_case_acronyms, + dead_code, + non_camel_case_types, + non_snake_case, + non_upper_case_globals, + overflowing_literals, + unused_imports +)] +#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")] +#![recursion_limit = "128"] // configure fixed limit across all rust versions + +extern crate libc; +pub use libc::*; + +#[cfg(feature = "unstable_boringssl")] +extern crate bssl_sys; +#[cfg(feature = "unstable_boringssl")] +pub use bssl_sys::*; + +#[cfg(all(boringssl, not(feature = "unstable_boringssl")))] +#[path = "."] +mod boringssl { + include!(concat!(env!("OUT_DIR"), "/bindgen.rs")); + + pub fn init() { + unsafe { + CRYPTO_library_init(); + } + } +} +#[cfg(all(boringssl, not(feature = "unstable_boringssl")))] +pub use boringssl::*; + +#[cfg(openssl)] +#[path = "."] +mod openssl { + use libc::*; + + #[cfg(feature = "bindgen")] + include!(concat!(env!("OUT_DIR"), "/bindgen.rs")); + + pub use self::aes::*; + pub use self::asn1::*; + pub use self::bio::*; + pub use self::bn::*; + pub use self::cms::*; + pub use self::crypto::*; + pub use self::dtls1::*; + pub use self::ec::*; + pub use self::err::*; + pub use self::evp::*; + #[cfg(not(feature = "bindgen"))] + pub use self::handwritten::*; + pub use self::obj_mac::*; + pub use self::ocsp::*; + pub use self::pem::*; + pub use self::pkcs7::*; + pub use self::rsa::*; + pub use self::sha::*; + pub use self::srtp::*; + pub use self::ssl::*; + pub use self::ssl3::*; + pub use self::tls1::*; + pub use self::types::*; + pub use self::x509::*; + pub use self::x509_vfy::*; + pub use self::x509v3::*; + + #[macro_use] + mod macros; + + mod aes; + mod asn1; + mod bio; + mod bn; + mod cms; + mod crypto; + mod dtls1; + mod ec; + mod err; + mod evp; + #[cfg(not(feature = "bindgen"))] + mod handwritten; + mod obj_mac; + mod ocsp; + mod pem; + mod pkcs7; + mod rsa; + mod sha; + mod srtp; + mod ssl; + mod ssl3; + mod tls1; + mod types; + mod x509; + mod x509_vfy; + mod x509v3; + + use std::sync::Once; + // explicitly initialize to work around https://github.com/openssl/openssl/issues/3505 + static INIT: Once = Once::new(); + + // FIXME remove + pub type PasswordCallback = unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int; + + #[cfg(ossl110)] + pub fn init() { + use std::ptr; + + #[cfg(not(ossl111b))] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS; + #[cfg(ossl111b)] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_NO_ATEXIT; + + INIT.call_once(|| unsafe { + OPENSSL_init_ssl(init_options, ptr::null_mut()); + }) + } + + #[cfg(not(ossl110))] + pub fn init() { + use std::io::{self, Write}; + use std::mem; + use std::process; + use std::sync::{Mutex, MutexGuard}; + + static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>; + static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = + 0 as *mut Vec<Option<MutexGuard<'static, ()>>>; + + unsafe extern "C" fn locking_function( + mode: c_int, + n: c_int, + _file: *const c_char, + _line: c_int, + ) { + let mutex = &(*MUTEXES)[n as usize]; + + if mode & CRYPTO_LOCK != 0 { + (*GUARDS)[n as usize] = Some(mutex.lock().unwrap()); + } else { + if let None = (*GUARDS)[n as usize].take() { + let _ = writeln!( + io::stderr(), + "BUG: rust-openssl lock {} already unlocked, aborting", + n + ); + process::abort(); + } + } + } + + cfg_if! { + if #[cfg(unix)] { + fn set_id_callback() { + unsafe extern "C" fn thread_id() -> c_ulong { + ::libc::pthread_self() as c_ulong + } + + unsafe { + CRYPTO_set_id_callback__fixed_rust(Some(thread_id)); + } + } + } else { + fn set_id_callback() {} + } + } + + INIT.call_once(|| unsafe { + SSL_library_init(); + SSL_load_error_strings(); + OPENSSL_add_all_algorithms_noconf(); + + let num_locks = CRYPTO_num_locks(); + let mut mutexes = Box::new(Vec::new()); + for _ in 0..num_locks { + mutexes.push(Mutex::new(())); + } + MUTEXES = mem::transmute(mutexes); + let guards: Box<Vec<Option<MutexGuard<()>>>> = + Box::new((0..num_locks).map(|_| None).collect()); + GUARDS = mem::transmute(guards); + + CRYPTO_set_locking_callback__fixed_rust(Some(locking_function)); + set_id_callback(); + }) + } + + /// Disable explicit initialization of the openssl libs. + /// + /// This is only appropriate to use if the openssl crate is being consumed by an application + /// that will be performing the initialization explicitly. + /// + /// # Safety + /// + /// In some versions of openssl, skipping initialization will fall back to the default procedure + /// while other will cause difficult to debug errors so care must be taken when calling this. + pub unsafe fn assume_init() { + INIT.call_once(|| {}); + } +} +#[cfg(openssl)] +pub use openssl::*; diff --git a/vendor/openssl-sys/src/macros.rs b/vendor/openssl-sys/src/macros.rs new file mode 100644 index 000000000..96523db8f --- /dev/null +++ b/vendor/openssl-sys/src/macros.rs @@ -0,0 +1,280 @@ +#![allow(unused_macros)] + +// vendored from the cfg-if crate to avoid breaking ctest +macro_rules! cfg_if { + // match if/else chains with a final `else` + ($( + if #[cfg($($meta:meta),*)] { $($it:item)* } + ) else * else { + $($it2:item)* + }) => { + cfg_if! { + @__items + () ; + $( ( ($($meta),*) ($($it)*) ), )* + ( () ($($it2)*) ), + } + }; + + // match if/else chains lacking a final `else` + ( + if #[cfg($($i_met:meta),*)] { $($i_it:item)* } + $( + else if #[cfg($($e_met:meta),*)] { $($e_it:item)* } + )* + ) => { + cfg_if! { + @__items + () ; + ( ($($i_met),*) ($($i_it)*) ), + $( ( ($($e_met),*) ($($e_it)*) ), )* + ( () () ), + } + }; + + // Internal and recursive macro to emit all the items + // + // Collects all the negated cfgs in a list at the beginning and after the + // semicolon is all the remaining items + (@__items ($($not:meta,)*) ; ) => {}; + (@__items ($($not:meta,)*) ; ( ($($m:meta),*) ($($it:item)*) ), $($rest:tt)*) => { + // Emit all items within one block, applying an appropriate #[cfg]. The + // #[cfg] will require all `$m` matchers specified and must also negate + // all previous matchers. + cfg_if! { @__apply cfg(all($($m,)* not(any($($not),*)))), $($it)* } + + // Recurse to emit all other items in `$rest`, and when we do so add all + // our `$m` matchers to the list of `$not` matchers as future emissions + // will have to negate everything we just matched as well. + cfg_if! { @__items ($($not,)* $($m,)*) ; $($rest)* } + }; + + // Internal macro to Apply a cfg attribute to a list of items + (@__apply $m:meta, $($it:item)*) => { + $(#[$m] $it)* + }; +} + +macro_rules! stack { + ($t:ident) => { + cfg_if! { + if #[cfg(ossl110)] { + pub enum $t {} + } else { + #[repr(C)] + pub struct $t { + pub stack: $crate::_STACK, + } + } + } + }; +} + +// openssl changes `*mut` to `*const` in certain parameters in certain versions; +// in C this is ABI and (mostly) API compatible. +// +// We need to handle this explicitly, and this macro helps annotate which +// parameter got converted in which version. +// +// Input is: +// extern "C" { +// #[attributes...] +// pub fn name(args) -> rettype; // `-> rettype` optional +// // more functions... +// } +// +// This macro replaces `#[const_ptr_if(...)]` in types with `*const` or `*mut` +// (depending on the inner cfg flags) +// +// Walks through all argument and return types, but only finds inner types of +// `*const` and `*mut`; doesn't walk arrays or generics. +// +// NOTE: can't abstract `pub` as `$fn_vis:vis`, as ctest macro handling doesn't +// support it (old syntax crate). But we really only need `pub` anyway. +// +// NOTE: ctest seams to simply ignore macros it can't expand (whatever the +// reason) +macro_rules! const_ptr_api { + // ---------------------------------------------------------------- + // (partialarg): partial argument, waiting for "final" argument type + // MAGIC PART 1: hande conditional const ptr in argument type + ( (partialarg) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_arg:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + const_ptr_api!( (partialarg) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*mut` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *mut $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*const` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *const $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + }; + // finish partial argument with trailing comma + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty, $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ $($arg_rem)* ] $ret_packed ); + }; + // finish final partial argument (no trailing comma) + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ ] $ret_packed ); + }; + + // ---------------------------------------------------------------- + // (parseargs): parsing arguments + // start next argument + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ $arg_name:ident : $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $arg_name: ] [ $($arg_rem)* ] $ret_packed ); + }; + // end of arguments, there is a return type; start parsing it + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ -> $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [] [ $($rem)* ] ); + }; + // end of arguments, no return type + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { () } ); + }; + + // ---------------------------------------------------------------- + // (partialret): have partial return type, waiting for final return type + // MAGIC PART 2: hande conditional const ptr in return type + ( (partialret) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_ret:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + const_ptr_api!( (partialret) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* mut` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *mut $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* const` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *const $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + }; + // final part of return type + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ $ret_ty:ty ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { $($part_ret)* $ret_ty } ); + }; + + // ---------------------------------------------------------------- + // generate + ( (generate) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + { $({ $arg_name:ident: $($arg_ty:tt)* })* } + { $ret_ty:ty } + ) => { + extern "C" { + $(#[$fn_attr])* + pub fn $fn_name( $( + $arg_name: $($arg_ty)* + ),* ) -> $ret_ty; + } + }; + + // ---------------------------------------------------------------- + // (fn): gather tokens for return type until ";" + // found end; start parsing current function, and parse remaining functions + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + $ret_packed:tt + [ ; $($rem:tt)* ] + ) => { + const_ptr_api!( (parseargs) $def_packed {} $arg_tts_packed $ret_packed ); + const_ptr_api!( (extern) [ $($rem)* ] ); + }; + // not ";" - all other tokens are part of the return type. + // don't expand return type yet; otherwise we'd have to remember in which branch `rem` needs + // to be used to parse further functions. + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + [ $($ret_tt:tt)* ] + [ $tt:tt $($rem:tt)* ] + ) => { + const_ptr_api!( (fn) $def_packed $arg_tts_packed [ $($ret_tt)* $tt ] [ $($rem)* ] ); + }; + + // ---------------------------------------------------------------- + // (extern): in extern block, find next function + // try to split into functions as fast as possible to reduce recursion depth + ( (extern) [ + $(#[$fn_attr:meta])* + pub fn $fn_name:ident( $($arg_rem:tt)* ) $($rem:tt)* + ] ) => { + const_ptr_api!( (fn) + { $(#[$fn_attr])* pub fn $fn_name } [ $($arg_rem)* ] [] [ $($rem)* ] + ); + }; + // end of extern block + ( (extern) [] ) => {}; + + // ---------------------------------------------------------------- + // macro start; find extern block + ( extern "C" { $($rem:tt)* } ) => { + const_ptr_api!( (extern) [ $($rem)* ] ); + }; +} diff --git a/vendor/openssl-sys/src/obj_mac.rs b/vendor/openssl-sys/src/obj_mac.rs new file mode 100644 index 000000000..1f8e10003 --- /dev/null +++ b/vendor/openssl-sys/src/obj_mac.rs @@ -0,0 +1,982 @@ +use libc::*; + +pub const NID_undef: c_int = 0; +pub const NID_itu_t: c_int = 645; +pub const NID_ccitt: c_int = 404; +pub const NID_iso: c_int = 181; +pub const NID_joint_iso_itu_t: c_int = 646; +pub const NID_joint_iso_ccitt: c_int = 393; +pub const NID_member_body: c_int = 182; +pub const NID_identified_organization: c_int = 676; +pub const NID_hmac_md5: c_int = 780; +pub const NID_hmac_sha1: c_int = 781; +pub const NID_certicom_arc: c_int = 677; +pub const NID_international_organizations: c_int = 647; +pub const NID_wap: c_int = 678; +pub const NID_wap_wsg: c_int = 679; +pub const NID_selected_attribute_types: c_int = 394; +pub const NID_clearance: c_int = 395; +pub const NID_ISO_US: c_int = 183; +pub const NID_X9_57: c_int = 184; +pub const NID_X9cm: c_int = 185; +pub const NID_dsa: c_int = 116; +pub const NID_dsaWithSHA1: c_int = 113; +pub const NID_ansi_X9_62: c_int = 405; +pub const NID_X9_62_prime_field: c_int = 406; +pub const NID_X9_62_characteristic_two_field: c_int = 407; +pub const NID_X9_62_id_characteristic_two_basis: c_int = 680; +pub const NID_X9_62_onBasis: c_int = 681; +pub const NID_X9_62_tpBasis: c_int = 682; +pub const NID_X9_62_ppBasis: c_int = 683; +pub const NID_X9_62_id_ecPublicKey: c_int = 408; +pub const NID_X9_62_c2pnb163v1: c_int = 684; +pub const NID_X9_62_c2pnb163v2: c_int = 685; +pub const NID_X9_62_c2pnb163v3: c_int = 686; +pub const NID_X9_62_c2pnb176v1: c_int = 687; +pub const NID_X9_62_c2tnb191v1: c_int = 688; +pub const NID_X9_62_c2tnb191v2: c_int = 689; +pub const NID_X9_62_c2tnb191v3: c_int = 690; +pub const NID_X9_62_c2onb191v4: c_int = 691; +pub const NID_X9_62_c2onb191v5: c_int = 692; +pub const NID_X9_62_c2pnb208w1: c_int = 693; +pub const NID_X9_62_c2tnb239v1: c_int = 694; +pub const NID_X9_62_c2tnb239v2: c_int = 695; +pub const NID_X9_62_c2tnb239v3: c_int = 696; +pub const NID_X9_62_c2onb239v4: c_int = 697; +pub const NID_X9_62_c2onb239v5: c_int = 698; +pub const NID_X9_62_c2pnb272w1: c_int = 699; +pub const NID_X9_62_c2pnb304w1: c_int = 700; +pub const NID_X9_62_c2tnb359v1: c_int = 701; +pub const NID_X9_62_c2pnb368w1: c_int = 702; +pub const NID_X9_62_c2tnb431r1: c_int = 703; +pub const NID_X9_62_prime192v1: c_int = 409; +pub const NID_X9_62_prime192v2: c_int = 410; +pub const NID_X9_62_prime192v3: c_int = 411; +pub const NID_X9_62_prime239v1: c_int = 412; +pub const NID_X9_62_prime239v2: c_int = 413; +pub const NID_X9_62_prime239v3: c_int = 414; +pub const NID_X9_62_prime256v1: c_int = 415; +pub const NID_ecdsa_with_SHA1: c_int = 416; +pub const NID_ecdsa_with_Recommended: c_int = 791; +pub const NID_ecdsa_with_Specified: c_int = 792; +pub const NID_ecdsa_with_SHA224: c_int = 793; +pub const NID_ecdsa_with_SHA256: c_int = 794; +pub const NID_ecdsa_with_SHA384: c_int = 795; +pub const NID_ecdsa_with_SHA512: c_int = 796; +pub const NID_secp112r1: c_int = 704; +pub const NID_secp112r2: c_int = 705; +pub const NID_secp128r1: c_int = 706; +pub const NID_secp128r2: c_int = 707; +pub const NID_secp160k1: c_int = 708; +pub const NID_secp160r1: c_int = 709; +pub const NID_secp160r2: c_int = 710; +pub const NID_secp192k1: c_int = 711; +pub const NID_secp224k1: c_int = 712; +pub const NID_secp224r1: c_int = 713; +pub const NID_secp256k1: c_int = 714; +pub const NID_secp384r1: c_int = 715; +pub const NID_secp521r1: c_int = 716; +pub const NID_sect113r1: c_int = 717; +pub const NID_sect113r2: c_int = 718; +pub const NID_sect131r1: c_int = 719; +pub const NID_sect131r2: c_int = 720; +pub const NID_sect163k1: c_int = 721; +pub const NID_sect163r1: c_int = 722; +pub const NID_sect163r2: c_int = 723; +pub const NID_sect193r1: c_int = 724; +pub const NID_sect193r2: c_int = 725; +pub const NID_sect233k1: c_int = 726; +pub const NID_sect233r1: c_int = 727; +pub const NID_sect239k1: c_int = 728; +pub const NID_sect283k1: c_int = 729; +pub const NID_sect283r1: c_int = 730; +pub const NID_sect409k1: c_int = 731; +pub const NID_sect409r1: c_int = 732; +pub const NID_sect571k1: c_int = 733; +pub const NID_sect571r1: c_int = 734; +#[cfg(ossl110)] +pub const NID_brainpoolP256r1: c_int = 927; +#[cfg(ossl110)] +pub const NID_brainpoolP384r1: c_int = 931; +#[cfg(ossl110)] +pub const NID_brainpoolP512r1: c_int = 933; +pub const NID_wap_wsg_idm_ecid_wtls1: c_int = 735; +pub const NID_wap_wsg_idm_ecid_wtls3: c_int = 736; +pub const NID_wap_wsg_idm_ecid_wtls4: c_int = 737; +pub const NID_wap_wsg_idm_ecid_wtls5: c_int = 738; +pub const NID_wap_wsg_idm_ecid_wtls6: c_int = 739; +pub const NID_wap_wsg_idm_ecid_wtls7: c_int = 740; +pub const NID_wap_wsg_idm_ecid_wtls8: c_int = 741; +pub const NID_wap_wsg_idm_ecid_wtls9: c_int = 742; +pub const NID_wap_wsg_idm_ecid_wtls10: c_int = 743; +pub const NID_wap_wsg_idm_ecid_wtls11: c_int = 744; +pub const NID_wap_wsg_idm_ecid_wtls12: c_int = 745; +pub const NID_cast5_cbc: c_int = 108; +pub const NID_cast5_ecb: c_int = 109; +pub const NID_cast5_cfb64: c_int = 110; +pub const NID_cast5_ofb64: c_int = 111; +pub const NID_pbeWithMD5AndCast5_CBC: c_int = 112; +pub const NID_id_PasswordBasedMAC: c_int = 782; +pub const NID_id_DHBasedMac: c_int = 783; +pub const NID_rsadsi: c_int = 1; +pub const NID_pkcs: c_int = 2; +pub const NID_pkcs1: c_int = 186; +pub const NID_rsaEncryption: c_int = 6; +pub const NID_md2WithRSAEncryption: c_int = 7; +pub const NID_md4WithRSAEncryption: c_int = 396; +pub const NID_md5WithRSAEncryption: c_int = 8; +pub const NID_sha1WithRSAEncryption: c_int = 65; +pub const NID_rsaesOaep: c_int = 919; +pub const NID_mgf1: c_int = 911; +pub const NID_rsassaPss: c_int = 912; +pub const NID_sha256WithRSAEncryption: c_int = 668; +pub const NID_sha384WithRSAEncryption: c_int = 669; +pub const NID_sha512WithRSAEncryption: c_int = 670; +pub const NID_sha224WithRSAEncryption: c_int = 671; +pub const NID_pkcs3: c_int = 27; +pub const NID_dhKeyAgreement: c_int = 28; +pub const NID_pkcs5: c_int = 187; +pub const NID_pbeWithMD2AndDES_CBC: c_int = 9; +pub const NID_pbeWithMD5AndDES_CBC: c_int = 10; +pub const NID_pbeWithMD2AndRC2_CBC: c_int = 168; +pub const NID_pbeWithMD5AndRC2_CBC: c_int = 169; +pub const NID_pbeWithSHA1AndDES_CBC: c_int = 170; +pub const NID_pbeWithSHA1AndRC2_CBC: c_int = 68; +pub const NID_id_pbkdf2: c_int = 69; +pub const NID_pbes2: c_int = 161; +pub const NID_pbmac1: c_int = 162; +pub const NID_pkcs7: c_int = 20; +pub const NID_pkcs7_data: c_int = 21; +pub const NID_pkcs7_signed: c_int = 22; +pub const NID_pkcs7_enveloped: c_int = 23; +pub const NID_pkcs7_signedAndEnveloped: c_int = 24; +pub const NID_pkcs7_digest: c_int = 25; +pub const NID_pkcs7_encrypted: c_int = 26; +pub const NID_pkcs9: c_int = 47; +pub const NID_pkcs9_emailAddress: c_int = 48; +pub const NID_pkcs9_unstructuredName: c_int = 49; +pub const NID_pkcs9_contentType: c_int = 50; +pub const NID_pkcs9_messageDigest: c_int = 51; +pub const NID_pkcs9_signingTime: c_int = 52; +pub const NID_pkcs9_countersignature: c_int = 53; +pub const NID_pkcs9_challengePassword: c_int = 54; +pub const NID_pkcs9_unstructuredAddress: c_int = 55; +pub const NID_pkcs9_extCertAttributes: c_int = 56; +pub const NID_ext_req: c_int = 172; +pub const NID_SMIMECapabilities: c_int = 167; +pub const NID_SMIME: c_int = 188; +pub const NID_id_smime_mod: c_int = 189; +pub const NID_id_smime_ct: c_int = 190; +pub const NID_id_smime_aa: c_int = 191; +pub const NID_id_smime_alg: c_int = 192; +pub const NID_id_smime_cd: c_int = 193; +pub const NID_id_smime_spq: c_int = 194; +pub const NID_id_smime_cti: c_int = 195; +pub const NID_id_smime_mod_cms: c_int = 196; +pub const NID_id_smime_mod_ess: c_int = 197; +pub const NID_id_smime_mod_oid: c_int = 198; +pub const NID_id_smime_mod_msg_v3: c_int = 199; +pub const NID_id_smime_mod_ets_eSignature_88: c_int = 200; +pub const NID_id_smime_mod_ets_eSignature_97: c_int = 201; +pub const NID_id_smime_mod_ets_eSigPolicy_88: c_int = 202; +pub const NID_id_smime_mod_ets_eSigPolicy_97: c_int = 203; +pub const NID_id_smime_ct_receipt: c_int = 204; +pub const NID_id_smime_ct_authData: c_int = 205; +pub const NID_id_smime_ct_publishCert: c_int = 206; +pub const NID_id_smime_ct_TSTInfo: c_int = 207; +pub const NID_id_smime_ct_TDTInfo: c_int = 208; +pub const NID_id_smime_ct_contentInfo: c_int = 209; +pub const NID_id_smime_ct_DVCSRequestData: c_int = 210; +pub const NID_id_smime_ct_DVCSResponseData: c_int = 211; +pub const NID_id_smime_ct_compressedData: c_int = 786; +pub const NID_id_ct_asciiTextWithCRLF: c_int = 787; +pub const NID_id_smime_aa_receiptRequest: c_int = 212; +pub const NID_id_smime_aa_securityLabel: c_int = 213; +pub const NID_id_smime_aa_mlExpandHistory: c_int = 214; +pub const NID_id_smime_aa_contentHint: c_int = 215; +pub const NID_id_smime_aa_msgSigDigest: c_int = 216; +pub const NID_id_smime_aa_encapContentType: c_int = 217; +pub const NID_id_smime_aa_contentIdentifier: c_int = 218; +pub const NID_id_smime_aa_macValue: c_int = 219; +pub const NID_id_smime_aa_equivalentLabels: c_int = 220; +pub const NID_id_smime_aa_contentReference: c_int = 221; +pub const NID_id_smime_aa_encrypKeyPref: c_int = 222; +pub const NID_id_smime_aa_signingCertificate: c_int = 223; +pub const NID_id_smime_aa_smimeEncryptCerts: c_int = 224; +pub const NID_id_smime_aa_timeStampToken: c_int = 225; +pub const NID_id_smime_aa_ets_sigPolicyId: c_int = 226; +pub const NID_id_smime_aa_ets_commitmentType: c_int = 227; +pub const NID_id_smime_aa_ets_signerLocation: c_int = 228; +pub const NID_id_smime_aa_ets_signerAttr: c_int = 229; +pub const NID_id_smime_aa_ets_otherSigCert: c_int = 230; +pub const NID_id_smime_aa_ets_contentTimestamp: c_int = 231; +pub const NID_id_smime_aa_ets_CertificateRefs: c_int = 232; +pub const NID_id_smime_aa_ets_RevocationRefs: c_int = 233; +pub const NID_id_smime_aa_ets_certValues: c_int = 234; +pub const NID_id_smime_aa_ets_revocationValues: c_int = 235; +pub const NID_id_smime_aa_ets_escTimeStamp: c_int = 236; +pub const NID_id_smime_aa_ets_certCRLTimestamp: c_int = 237; +pub const NID_id_smime_aa_ets_archiveTimeStamp: c_int = 238; +pub const NID_id_smime_aa_signatureType: c_int = 239; +pub const NID_id_smime_aa_dvcs_dvc: c_int = 240; +pub const NID_id_smime_alg_ESDHwith3DES: c_int = 241; +pub const NID_id_smime_alg_ESDHwithRC2: c_int = 242; +pub const NID_id_smime_alg_3DESwrap: c_int = 243; +pub const NID_id_smime_alg_RC2wrap: c_int = 244; +pub const NID_id_smime_alg_ESDH: c_int = 245; +pub const NID_id_smime_alg_CMS3DESwrap: c_int = 246; +pub const NID_id_smime_alg_CMSRC2wrap: c_int = 247; +pub const NID_id_alg_PWRI_KEK: c_int = 893; +pub const NID_id_smime_cd_ldap: c_int = 248; +pub const NID_id_smime_spq_ets_sqt_uri: c_int = 249; +pub const NID_id_smime_spq_ets_sqt_unotice: c_int = 250; +pub const NID_id_smime_cti_ets_proofOfOrigin: c_int = 251; +pub const NID_id_smime_cti_ets_proofOfReceipt: c_int = 252; +pub const NID_id_smime_cti_ets_proofOfDelivery: c_int = 253; +pub const NID_id_smime_cti_ets_proofOfSender: c_int = 254; +pub const NID_id_smime_cti_ets_proofOfApproval: c_int = 255; +pub const NID_id_smime_cti_ets_proofOfCreation: c_int = 256; +pub const NID_friendlyName: c_int = 156; +pub const NID_localKeyID: c_int = 157; +pub const NID_ms_csp_name: c_int = 417; +pub const NID_LocalKeySet: c_int = 856; +pub const NID_x509Certificate: c_int = 158; +pub const NID_sdsiCertificate: c_int = 159; +pub const NID_x509Crl: c_int = 160; +pub const NID_pbe_WithSHA1And128BitRC4: c_int = 144; +pub const NID_pbe_WithSHA1And40BitRC4: c_int = 145; +pub const NID_pbe_WithSHA1And3_Key_TripleDES_CBC: c_int = 146; +pub const NID_pbe_WithSHA1And2_Key_TripleDES_CBC: c_int = 147; +pub const NID_pbe_WithSHA1And128BitRC2_CBC: c_int = 148; +pub const NID_pbe_WithSHA1And40BitRC2_CBC: c_int = 149; +pub const NID_keyBag: c_int = 150; +pub const NID_pkcs8ShroudedKeyBag: c_int = 151; +pub const NID_certBag: c_int = 152; +pub const NID_crlBag: c_int = 153; +pub const NID_secretBag: c_int = 154; +pub const NID_safeContentsBag: c_int = 155; +pub const NID_md2: c_int = 3; +pub const NID_md4: c_int = 257; +pub const NID_md5: c_int = 4; +pub const NID_md5_sha1: c_int = 114; +pub const NID_hmacWithMD5: c_int = 797; +pub const NID_hmacWithSHA1: c_int = 163; +pub const NID_hmacWithSHA224: c_int = 798; +pub const NID_hmacWithSHA256: c_int = 799; +pub const NID_hmacWithSHA384: c_int = 800; +pub const NID_hmacWithSHA512: c_int = 801; +pub const NID_rc2_cbc: c_int = 37; +pub const NID_rc2_ecb: c_int = 38; +pub const NID_rc2_cfb64: c_int = 39; +pub const NID_rc2_ofb64: c_int = 40; +pub const NID_rc2_40_cbc: c_int = 98; +pub const NID_rc2_64_cbc: c_int = 166; +pub const NID_rc4: c_int = 5; +pub const NID_rc4_40: c_int = 97; +pub const NID_des_ede3_cbc: c_int = 44; +pub const NID_rc5_cbc: c_int = 120; +pub const NID_rc5_ecb: c_int = 121; +pub const NID_rc5_cfb64: c_int = 122; +pub const NID_rc5_ofb64: c_int = 123; +pub const NID_ms_ext_req: c_int = 171; +pub const NID_ms_code_ind: c_int = 134; +pub const NID_ms_code_com: c_int = 135; +pub const NID_ms_ctl_sign: c_int = 136; +pub const NID_ms_sgc: c_int = 137; +pub const NID_ms_efs: c_int = 138; +pub const NID_ms_smartcard_login: c_int = 648; +pub const NID_ms_upn: c_int = 649; +pub const NID_idea_cbc: c_int = 34; +pub const NID_idea_ecb: c_int = 36; +pub const NID_idea_cfb64: c_int = 35; +pub const NID_idea_ofb64: c_int = 46; +pub const NID_bf_cbc: c_int = 91; +pub const NID_bf_ecb: c_int = 92; +pub const NID_bf_cfb64: c_int = 93; +pub const NID_bf_ofb64: c_int = 94; +pub const NID_id_pkix: c_int = 127; +pub const NID_id_pkix_mod: c_int = 258; +pub const NID_id_pe: c_int = 175; +pub const NID_id_qt: c_int = 259; +pub const NID_id_kp: c_int = 128; +pub const NID_id_it: c_int = 260; +pub const NID_id_pkip: c_int = 261; +pub const NID_id_alg: c_int = 262; +pub const NID_id_cmc: c_int = 263; +pub const NID_id_on: c_int = 264; +pub const NID_id_pda: c_int = 265; +pub const NID_id_aca: c_int = 266; +pub const NID_id_qcs: c_int = 267; +pub const NID_id_cct: c_int = 268; +pub const NID_id_ppl: c_int = 662; +pub const NID_id_ad: c_int = 176; +pub const NID_id_pkix1_explicit_88: c_int = 269; +pub const NID_id_pkix1_implicit_88: c_int = 270; +pub const NID_id_pkix1_explicit_93: c_int = 271; +pub const NID_id_pkix1_implicit_93: c_int = 272; +pub const NID_id_mod_crmf: c_int = 273; +pub const NID_id_mod_cmc: c_int = 274; +pub const NID_id_mod_kea_profile_88: c_int = 275; +pub const NID_id_mod_kea_profile_93: c_int = 276; +pub const NID_id_mod_cmp: c_int = 277; +pub const NID_id_mod_qualified_cert_88: c_int = 278; +pub const NID_id_mod_qualified_cert_93: c_int = 279; +pub const NID_id_mod_attribute_cert: c_int = 280; +pub const NID_id_mod_timestamp_protocol: c_int = 281; +pub const NID_id_mod_ocsp: c_int = 282; +pub const NID_id_mod_dvcs: c_int = 283; +pub const NID_id_mod_cmp2000: c_int = 284; +pub const NID_info_access: c_int = 177; +pub const NID_biometricInfo: c_int = 285; +pub const NID_qcStatements: c_int = 286; +pub const NID_ac_auditEntity: c_int = 287; +pub const NID_ac_targeting: c_int = 288; +pub const NID_aaControls: c_int = 289; +pub const NID_sbgp_ipAddrBlock: c_int = 290; +pub const NID_sbgp_autonomousSysNum: c_int = 291; +pub const NID_sbgp_routerIdentifier: c_int = 292; +pub const NID_ac_proxying: c_int = 397; +pub const NID_sinfo_access: c_int = 398; +pub const NID_proxyCertInfo: c_int = 663; +pub const NID_id_qt_cps: c_int = 164; +pub const NID_id_qt_unotice: c_int = 165; +pub const NID_textNotice: c_int = 293; +pub const NID_server_auth: c_int = 129; +pub const NID_client_auth: c_int = 130; +pub const NID_code_sign: c_int = 131; +pub const NID_email_protect: c_int = 132; +pub const NID_ipsecEndSystem: c_int = 294; +pub const NID_ipsecTunnel: c_int = 295; +pub const NID_ipsecUser: c_int = 296; +pub const NID_time_stamp: c_int = 133; +pub const NID_OCSP_sign: c_int = 180; +pub const NID_dvcs: c_int = 297; +pub const NID_id_it_caProtEncCert: c_int = 298; +pub const NID_id_it_signKeyPairTypes: c_int = 299; +pub const NID_id_it_encKeyPairTypes: c_int = 300; +pub const NID_id_it_preferredSymmAlg: c_int = 301; +pub const NID_id_it_caKeyUpdateInfo: c_int = 302; +pub const NID_id_it_currentCRL: c_int = 303; +pub const NID_id_it_unsupportedOIDs: c_int = 304; +pub const NID_id_it_subscriptionRequest: c_int = 305; +pub const NID_id_it_subscriptionResponse: c_int = 306; +pub const NID_id_it_keyPairParamReq: c_int = 307; +pub const NID_id_it_keyPairParamRep: c_int = 308; +pub const NID_id_it_revPassphrase: c_int = 309; +pub const NID_id_it_implicitConfirm: c_int = 310; +pub const NID_id_it_confirmWaitTime: c_int = 311; +pub const NID_id_it_origPKIMessage: c_int = 312; +pub const NID_id_it_suppLangTags: c_int = 784; +pub const NID_id_regCtrl: c_int = 313; +pub const NID_id_regInfo: c_int = 314; +pub const NID_id_regCtrl_regToken: c_int = 315; +pub const NID_id_regCtrl_authenticator: c_int = 316; +pub const NID_id_regCtrl_pkiPublicationInfo: c_int = 317; +pub const NID_id_regCtrl_pkiArchiveOptions: c_int = 318; +pub const NID_id_regCtrl_oldCertID: c_int = 319; +pub const NID_id_regCtrl_protocolEncrKey: c_int = 320; +pub const NID_id_regInfo_utf8Pairs: c_int = 321; +pub const NID_id_regInfo_certReq: c_int = 322; +pub const NID_id_alg_des40: c_int = 323; +pub const NID_id_alg_noSignature: c_int = 324; +pub const NID_id_alg_dh_sig_hmac_sha1: c_int = 325; +pub const NID_id_alg_dh_pop: c_int = 326; +pub const NID_id_cmc_statusInfo: c_int = 327; +pub const NID_id_cmc_identification: c_int = 328; +pub const NID_id_cmc_identityProof: c_int = 329; +pub const NID_id_cmc_dataReturn: c_int = 330; +pub const NID_id_cmc_transactionId: c_int = 331; +pub const NID_id_cmc_senderNonce: c_int = 332; +pub const NID_id_cmc_recipientNonce: c_int = 333; +pub const NID_id_cmc_addExtensions: c_int = 334; +pub const NID_id_cmc_encryptedPOP: c_int = 335; +pub const NID_id_cmc_decryptedPOP: c_int = 336; +pub const NID_id_cmc_lraPOPWitness: c_int = 337; +pub const NID_id_cmc_getCert: c_int = 338; +pub const NID_id_cmc_getCRL: c_int = 339; +pub const NID_id_cmc_revokeRequest: c_int = 340; +pub const NID_id_cmc_regInfo: c_int = 341; +pub const NID_id_cmc_responseInfo: c_int = 342; +pub const NID_id_cmc_queryPending: c_int = 343; +pub const NID_id_cmc_popLinkRandom: c_int = 344; +pub const NID_id_cmc_popLinkWitness: c_int = 345; +pub const NID_id_cmc_confirmCertAcceptance: c_int = 346; +pub const NID_id_on_personalData: c_int = 347; +pub const NID_id_on_permanentIdentifier: c_int = 858; +pub const NID_id_pda_dateOfBirth: c_int = 348; +pub const NID_id_pda_placeOfBirth: c_int = 349; +pub const NID_id_pda_gender: c_int = 351; +pub const NID_id_pda_countryOfCitizenship: c_int = 352; +pub const NID_id_pda_countryOfResidence: c_int = 353; +pub const NID_id_aca_authenticationInfo: c_int = 354; +pub const NID_id_aca_accessIdentity: c_int = 355; +pub const NID_id_aca_chargingIdentity: c_int = 356; +pub const NID_id_aca_group: c_int = 357; +pub const NID_id_aca_role: c_int = 358; +pub const NID_id_aca_encAttrs: c_int = 399; +pub const NID_id_qcs_pkixQCSyntax_v1: c_int = 359; +pub const NID_id_cct_crs: c_int = 360; +pub const NID_id_cct_PKIData: c_int = 361; +pub const NID_id_cct_PKIResponse: c_int = 362; +pub const NID_id_ppl_anyLanguage: c_int = 664; +pub const NID_id_ppl_inheritAll: c_int = 665; +pub const NID_Independent: c_int = 667; +pub const NID_ad_OCSP: c_int = 178; +pub const NID_ad_ca_issuers: c_int = 179; +pub const NID_ad_timeStamping: c_int = 363; +pub const NID_ad_dvcs: c_int = 364; +pub const NID_caRepository: c_int = 785; +pub const NID_id_pkix_OCSP_basic: c_int = 365; +pub const NID_id_pkix_OCSP_Nonce: c_int = 366; +pub const NID_id_pkix_OCSP_CrlID: c_int = 367; +pub const NID_id_pkix_OCSP_acceptableResponses: c_int = 368; +pub const NID_id_pkix_OCSP_noCheck: c_int = 369; +pub const NID_id_pkix_OCSP_archiveCutoff: c_int = 370; +pub const NID_id_pkix_OCSP_serviceLocator: c_int = 371; +pub const NID_id_pkix_OCSP_extendedStatus: c_int = 372; +pub const NID_id_pkix_OCSP_valid: c_int = 373; +pub const NID_id_pkix_OCSP_path: c_int = 374; +pub const NID_id_pkix_OCSP_trustRoot: c_int = 375; +pub const NID_algorithm: c_int = 376; +pub const NID_md5WithRSA: c_int = 104; +pub const NID_des_ecb: c_int = 29; +pub const NID_des_cbc: c_int = 31; +pub const NID_des_ofb64: c_int = 45; +pub const NID_des_cfb64: c_int = 30; +pub const NID_rsaSignature: c_int = 377; +pub const NID_dsa_2: c_int = 67; +pub const NID_dsaWithSHA: c_int = 66; +pub const NID_shaWithRSAEncryption: c_int = 42; +pub const NID_des_ede_ecb: c_int = 32; +pub const NID_des_ede3_ecb: c_int = 33; +pub const NID_des_ede_cbc: c_int = 43; +pub const NID_des_ede_cfb64: c_int = 60; +pub const NID_des_ede3_cfb64: c_int = 61; +pub const NID_des_ede_ofb64: c_int = 62; +pub const NID_des_ede3_ofb64: c_int = 63; +pub const NID_desx_cbc: c_int = 80; +pub const NID_sha: c_int = 41; +pub const NID_sha1: c_int = 64; +pub const NID_dsaWithSHA1_2: c_int = 70; +pub const NID_sha1WithRSA: c_int = 115; +pub const NID_ripemd160: c_int = 117; +pub const NID_ripemd160WithRSA: c_int = 119; +pub const NID_sxnet: c_int = 143; +pub const NID_X500: c_int = 11; +pub const NID_X509: c_int = 12; +pub const NID_commonName: c_int = 13; +pub const NID_surname: c_int = 100; +pub const NID_serialNumber: c_int = 105; +pub const NID_countryName: c_int = 14; +pub const NID_localityName: c_int = 15; +pub const NID_stateOrProvinceName: c_int = 16; +pub const NID_streetAddress: c_int = 660; +pub const NID_organizationName: c_int = 17; +pub const NID_organizationalUnitName: c_int = 18; +pub const NID_title: c_int = 106; +pub const NID_description: c_int = 107; +pub const NID_searchGuide: c_int = 859; +pub const NID_businessCategory: c_int = 860; +pub const NID_postalAddress: c_int = 861; +pub const NID_postalCode: c_int = 661; +pub const NID_postOfficeBox: c_int = 862; +pub const NID_physicalDeliveryOfficeName: c_int = 863; +pub const NID_telephoneNumber: c_int = 864; +pub const NID_telexNumber: c_int = 865; +pub const NID_teletexTerminalIdentifier: c_int = 866; +pub const NID_facsimileTelephoneNumber: c_int = 867; +pub const NID_x121Address: c_int = 868; +pub const NID_internationaliSDNNumber: c_int = 869; +pub const NID_registeredAddress: c_int = 870; +pub const NID_destinationIndicator: c_int = 871; +pub const NID_preferredDeliveryMethod: c_int = 872; +pub const NID_presentationAddress: c_int = 873; +pub const NID_supportedApplicationContext: c_int = 874; +pub const NID_member: c_int = 875; +pub const NID_owner: c_int = 876; +pub const NID_roleOccupant: c_int = 877; +pub const NID_seeAlso: c_int = 878; +pub const NID_userPassword: c_int = 879; +pub const NID_userCertificate: c_int = 880; +pub const NID_cACertificate: c_int = 881; +pub const NID_authorityRevocationList: c_int = 882; +pub const NID_certificateRevocationList: c_int = 883; +pub const NID_crossCertificatePair: c_int = 884; +pub const NID_name: c_int = 173; +pub const NID_givenName: c_int = 99; +pub const NID_initials: c_int = 101; +pub const NID_generationQualifier: c_int = 509; +pub const NID_x500UniqueIdentifier: c_int = 503; +pub const NID_dnQualifier: c_int = 174; +pub const NID_enhancedSearchGuide: c_int = 885; +pub const NID_protocolInformation: c_int = 886; +pub const NID_distinguishedName: c_int = 887; +pub const NID_uniqueMember: c_int = 888; +pub const NID_houseIdentifier: c_int = 889; +pub const NID_supportedAlgorithms: c_int = 890; +pub const NID_deltaRevocationList: c_int = 891; +pub const NID_dmdName: c_int = 892; +pub const NID_pseudonym: c_int = 510; +pub const NID_role: c_int = 400; +pub const NID_X500algorithms: c_int = 378; +pub const NID_rsa: c_int = 19; +pub const NID_mdc2WithRSA: c_int = 96; +pub const NID_mdc2: c_int = 95; +pub const NID_id_ce: c_int = 81; +pub const NID_subject_directory_attributes: c_int = 769; +pub const NID_subject_key_identifier: c_int = 82; +pub const NID_key_usage: c_int = 83; +pub const NID_private_key_usage_period: c_int = 84; +pub const NID_subject_alt_name: c_int = 85; +pub const NID_issuer_alt_name: c_int = 86; +pub const NID_basic_constraints: c_int = 87; +pub const NID_crl_number: c_int = 88; +pub const NID_crl_reason: c_int = 141; +pub const NID_invalidity_date: c_int = 142; +pub const NID_delta_crl: c_int = 140; +pub const NID_issuing_distribution_point: c_int = 770; +pub const NID_certificate_issuer: c_int = 771; +pub const NID_name_constraints: c_int = 666; +pub const NID_crl_distribution_points: c_int = 103; +pub const NID_certificate_policies: c_int = 89; +pub const NID_any_policy: c_int = 746; +pub const NID_policy_mappings: c_int = 747; +pub const NID_authority_key_identifier: c_int = 90; +pub const NID_policy_constraints: c_int = 401; +pub const NID_ext_key_usage: c_int = 126; +pub const NID_freshest_crl: c_int = 857; +pub const NID_inhibit_any_policy: c_int = 748; +pub const NID_target_information: c_int = 402; +pub const NID_no_rev_avail: c_int = 403; +pub const NID_anyExtendedKeyUsage: c_int = 910; +pub const NID_netscape: c_int = 57; +pub const NID_netscape_cert_extension: c_int = 58; +pub const NID_netscape_data_type: c_int = 59; +pub const NID_netscape_cert_type: c_int = 71; +pub const NID_netscape_base_url: c_int = 72; +pub const NID_netscape_revocation_url: c_int = 73; +pub const NID_netscape_ca_revocation_url: c_int = 74; +pub const NID_netscape_renewal_url: c_int = 75; +pub const NID_netscape_ca_policy_url: c_int = 76; +pub const NID_netscape_ssl_server_name: c_int = 77; +pub const NID_netscape_comment: c_int = 78; +pub const NID_netscape_cert_sequence: c_int = 79; +pub const NID_ns_sgc: c_int = 139; +pub const NID_org: c_int = 379; +pub const NID_dod: c_int = 380; +pub const NID_iana: c_int = 381; +pub const NID_Directory: c_int = 382; +pub const NID_Management: c_int = 383; +pub const NID_Experimental: c_int = 384; +pub const NID_Private: c_int = 385; +pub const NID_Security: c_int = 386; +pub const NID_SNMPv2: c_int = 387; +pub const NID_Mail: c_int = 388; +pub const NID_Enterprises: c_int = 389; +pub const NID_dcObject: c_int = 390; +pub const NID_mime_mhs: c_int = 504; +pub const NID_mime_mhs_headings: c_int = 505; +pub const NID_mime_mhs_bodies: c_int = 506; +pub const NID_id_hex_partial_message: c_int = 507; +pub const NID_id_hex_multipart_message: c_int = 508; +pub const NID_zlib_compression: c_int = 125; +pub const NID_aes_128_ecb: c_int = 418; +pub const NID_aes_128_cbc: c_int = 419; +pub const NID_aes_128_ofb128: c_int = 420; +pub const NID_aes_128_cfb128: c_int = 421; +pub const NID_id_aes128_wrap: c_int = 788; +pub const NID_aes_128_gcm: c_int = 895; +pub const NID_aes_128_ccm: c_int = 896; +pub const NID_id_aes128_wrap_pad: c_int = 897; +pub const NID_aes_192_ecb: c_int = 422; +pub const NID_aes_192_cbc: c_int = 423; +pub const NID_aes_192_ofb128: c_int = 424; +pub const NID_aes_192_cfb128: c_int = 425; +pub const NID_id_aes192_wrap: c_int = 789; +pub const NID_aes_192_gcm: c_int = 898; +pub const NID_aes_192_ccm: c_int = 899; +pub const NID_id_aes192_wrap_pad: c_int = 900; +pub const NID_aes_256_ecb: c_int = 426; +pub const NID_aes_256_cbc: c_int = 427; +pub const NID_aes_256_ofb128: c_int = 428; +pub const NID_aes_256_cfb128: c_int = 429; +pub const NID_id_aes256_wrap: c_int = 790; +pub const NID_aes_256_gcm: c_int = 901; +pub const NID_aes_256_ccm: c_int = 902; +pub const NID_id_aes256_wrap_pad: c_int = 903; +pub const NID_aes_128_cfb1: c_int = 650; +pub const NID_aes_192_cfb1: c_int = 651; +pub const NID_aes_256_cfb1: c_int = 652; +pub const NID_aes_128_cfb8: c_int = 653; +pub const NID_aes_192_cfb8: c_int = 654; +pub const NID_aes_256_cfb8: c_int = 655; +pub const NID_aes_128_ctr: c_int = 904; +pub const NID_aes_192_ctr: c_int = 905; +pub const NID_aes_256_ctr: c_int = 906; +pub const NID_aes_128_xts: c_int = 913; +pub const NID_aes_256_xts: c_int = 914; +pub const NID_des_cfb1: c_int = 656; +pub const NID_des_cfb8: c_int = 657; +pub const NID_des_ede3_cfb1: c_int = 658; +pub const NID_des_ede3_cfb8: c_int = 659; +pub const NID_sha256: c_int = 672; +pub const NID_sha384: c_int = 673; +pub const NID_sha512: c_int = 674; +pub const NID_sha224: c_int = 675; +pub const NID_dsa_with_SHA224: c_int = 802; +pub const NID_dsa_with_SHA256: c_int = 803; +pub const NID_hold_instruction_code: c_int = 430; +pub const NID_hold_instruction_none: c_int = 431; +pub const NID_hold_instruction_call_issuer: c_int = 432; +pub const NID_hold_instruction_reject: c_int = 433; +pub const NID_data: c_int = 434; +pub const NID_pss: c_int = 435; +pub const NID_ucl: c_int = 436; +pub const NID_pilot: c_int = 437; +pub const NID_pilotAttributeType: c_int = 438; +pub const NID_pilotAttributeSyntax: c_int = 439; +pub const NID_pilotObjectClass: c_int = 440; +pub const NID_pilotGroups: c_int = 441; +pub const NID_iA5StringSyntax: c_int = 442; +pub const NID_caseIgnoreIA5StringSyntax: c_int = 443; +pub const NID_pilotObject: c_int = 444; +pub const NID_pilotPerson: c_int = 445; +pub const NID_account: c_int = 446; +pub const NID_document: c_int = 447; +pub const NID_room: c_int = 448; +pub const NID_documentSeries: c_int = 449; +pub const NID_Domain: c_int = 392; +pub const NID_rFC822localPart: c_int = 450; +pub const NID_dNSDomain: c_int = 451; +pub const NID_domainRelatedObject: c_int = 452; +pub const NID_friendlyCountry: c_int = 453; +pub const NID_simpleSecurityObject: c_int = 454; +pub const NID_pilotOrganization: c_int = 455; +pub const NID_pilotDSA: c_int = 456; +pub const NID_qualityLabelledData: c_int = 457; +pub const NID_userId: c_int = 458; +pub const NID_textEncodedORAddress: c_int = 459; +pub const NID_rfc822Mailbox: c_int = 460; +pub const NID_info: c_int = 461; +pub const NID_favouriteDrink: c_int = 462; +pub const NID_roomNumber: c_int = 463; +pub const NID_photo: c_int = 464; +pub const NID_userClass: c_int = 465; +pub const NID_host: c_int = 466; +pub const NID_manager: c_int = 467; +pub const NID_documentIdentifier: c_int = 468; +pub const NID_documentTitle: c_int = 469; +pub const NID_documentVersion: c_int = 470; +pub const NID_documentAuthor: c_int = 471; +pub const NID_documentLocation: c_int = 472; +pub const NID_homeTelephoneNumber: c_int = 473; +pub const NID_secretary: c_int = 474; +pub const NID_otherMailbox: c_int = 475; +pub const NID_lastModifiedTime: c_int = 476; +pub const NID_lastModifiedBy: c_int = 477; +pub const NID_domainComponent: c_int = 391; +pub const NID_aRecord: c_int = 478; +pub const NID_pilotAttributeType27: c_int = 479; +pub const NID_mXRecord: c_int = 480; +pub const NID_nSRecord: c_int = 481; +pub const NID_sOARecord: c_int = 482; +pub const NID_cNAMERecord: c_int = 483; +pub const NID_associatedDomain: c_int = 484; +pub const NID_associatedName: c_int = 485; +pub const NID_homePostalAddress: c_int = 486; +pub const NID_personalTitle: c_int = 487; +pub const NID_mobileTelephoneNumber: c_int = 488; +pub const NID_pagerTelephoneNumber: c_int = 489; +pub const NID_friendlyCountryName: c_int = 490; +pub const NID_organizationalStatus: c_int = 491; +pub const NID_janetMailbox: c_int = 492; +pub const NID_mailPreferenceOption: c_int = 493; +pub const NID_buildingName: c_int = 494; +pub const NID_dSAQuality: c_int = 495; +pub const NID_singleLevelQuality: c_int = 496; +pub const NID_subtreeMinimumQuality: c_int = 497; +pub const NID_subtreeMaximumQuality: c_int = 498; +pub const NID_personalSignature: c_int = 499; +pub const NID_dITRedirect: c_int = 500; +pub const NID_audio: c_int = 501; +pub const NID_documentPublisher: c_int = 502; +pub const NID_id_set: c_int = 512; +pub const NID_set_ctype: c_int = 513; +pub const NID_set_msgExt: c_int = 514; +pub const NID_set_attr: c_int = 515; +pub const NID_set_policy: c_int = 516; +pub const NID_set_certExt: c_int = 517; +pub const NID_set_brand: c_int = 518; +pub const NID_setct_PANData: c_int = 519; +pub const NID_setct_PANToken: c_int = 520; +pub const NID_setct_PANOnly: c_int = 521; +pub const NID_setct_OIData: c_int = 522; +pub const NID_setct_PI: c_int = 523; +pub const NID_setct_PIData: c_int = 524; +pub const NID_setct_PIDataUnsigned: c_int = 525; +pub const NID_setct_HODInput: c_int = 526; +pub const NID_setct_AuthResBaggage: c_int = 527; +pub const NID_setct_AuthRevReqBaggage: c_int = 528; +pub const NID_setct_AuthRevResBaggage: c_int = 529; +pub const NID_setct_CapTokenSeq: c_int = 530; +pub const NID_setct_PInitResData: c_int = 531; +pub const NID_setct_PI_TBS: c_int = 532; +pub const NID_setct_PResData: c_int = 533; +pub const NID_setct_AuthReqTBS: c_int = 534; +pub const NID_setct_AuthResTBS: c_int = 535; +pub const NID_setct_AuthResTBSX: c_int = 536; +pub const NID_setct_AuthTokenTBS: c_int = 537; +pub const NID_setct_CapTokenData: c_int = 538; +pub const NID_setct_CapTokenTBS: c_int = 539; +pub const NID_setct_AcqCardCodeMsg: c_int = 540; +pub const NID_setct_AuthRevReqTBS: c_int = 541; +pub const NID_setct_AuthRevResData: c_int = 542; +pub const NID_setct_AuthRevResTBS: c_int = 543; +pub const NID_setct_CapReqTBS: c_int = 544; +pub const NID_setct_CapReqTBSX: c_int = 545; +pub const NID_setct_CapResData: c_int = 546; +pub const NID_setct_CapRevReqTBS: c_int = 547; +pub const NID_setct_CapRevReqTBSX: c_int = 548; +pub const NID_setct_CapRevResData: c_int = 549; +pub const NID_setct_CredReqTBS: c_int = 550; +pub const NID_setct_CredReqTBSX: c_int = 551; +pub const NID_setct_CredResData: c_int = 552; +pub const NID_setct_CredRevReqTBS: c_int = 553; +pub const NID_setct_CredRevReqTBSX: c_int = 554; +pub const NID_setct_CredRevResData: c_int = 555; +pub const NID_setct_PCertReqData: c_int = 556; +pub const NID_setct_PCertResTBS: c_int = 557; +pub const NID_setct_BatchAdminReqData: c_int = 558; +pub const NID_setct_BatchAdminResData: c_int = 559; +pub const NID_setct_CardCInitResTBS: c_int = 560; +pub const NID_setct_MeAqCInitResTBS: c_int = 561; +pub const NID_setct_RegFormResTBS: c_int = 562; +pub const NID_setct_CertReqData: c_int = 563; +pub const NID_setct_CertReqTBS: c_int = 564; +pub const NID_setct_CertResData: c_int = 565; +pub const NID_setct_CertInqReqTBS: c_int = 566; +pub const NID_setct_ErrorTBS: c_int = 567; +pub const NID_setct_PIDualSignedTBE: c_int = 568; +pub const NID_setct_PIUnsignedTBE: c_int = 569; +pub const NID_setct_AuthReqTBE: c_int = 570; +pub const NID_setct_AuthResTBE: c_int = 571; +pub const NID_setct_AuthResTBEX: c_int = 572; +pub const NID_setct_AuthTokenTBE: c_int = 573; +pub const NID_setct_CapTokenTBE: c_int = 574; +pub const NID_setct_CapTokenTBEX: c_int = 575; +pub const NID_setct_AcqCardCodeMsgTBE: c_int = 576; +pub const NID_setct_AuthRevReqTBE: c_int = 577; +pub const NID_setct_AuthRevResTBE: c_int = 578; +pub const NID_setct_AuthRevResTBEB: c_int = 579; +pub const NID_setct_CapReqTBE: c_int = 580; +pub const NID_setct_CapReqTBEX: c_int = 581; +pub const NID_setct_CapResTBE: c_int = 582; +pub const NID_setct_CapRevReqTBE: c_int = 583; +pub const NID_setct_CapRevReqTBEX: c_int = 584; +pub const NID_setct_CapRevResTBE: c_int = 585; +pub const NID_setct_CredReqTBE: c_int = 586; +pub const NID_setct_CredReqTBEX: c_int = 587; +pub const NID_setct_CredResTBE: c_int = 588; +pub const NID_setct_CredRevReqTBE: c_int = 589; +pub const NID_setct_CredRevReqTBEX: c_int = 590; +pub const NID_setct_CredRevResTBE: c_int = 591; +pub const NID_setct_BatchAdminReqTBE: c_int = 592; +pub const NID_setct_BatchAdminResTBE: c_int = 593; +pub const NID_setct_RegFormReqTBE: c_int = 594; +pub const NID_setct_CertReqTBE: c_int = 595; +pub const NID_setct_CertReqTBEX: c_int = 596; +pub const NID_setct_CertResTBE: c_int = 597; +pub const NID_setct_CRLNotificationTBS: c_int = 598; +pub const NID_setct_CRLNotificationResTBS: c_int = 599; +pub const NID_setct_BCIDistributionTBS: c_int = 600; +pub const NID_setext_genCrypt: c_int = 601; +pub const NID_setext_miAuth: c_int = 602; +pub const NID_setext_pinSecure: c_int = 603; +pub const NID_setext_pinAny: c_int = 604; +pub const NID_setext_track2: c_int = 605; +pub const NID_setext_cv: c_int = 606; +pub const NID_set_policy_root: c_int = 607; +pub const NID_setCext_hashedRoot: c_int = 608; +pub const NID_setCext_certType: c_int = 609; +pub const NID_setCext_merchData: c_int = 610; +pub const NID_setCext_cCertRequired: c_int = 611; +pub const NID_setCext_tunneling: c_int = 612; +pub const NID_setCext_setExt: c_int = 613; +pub const NID_setCext_setQualf: c_int = 614; +pub const NID_setCext_PGWYcapabilities: c_int = 615; +pub const NID_setCext_TokenIdentifier: c_int = 616; +pub const NID_setCext_Track2Data: c_int = 617; +pub const NID_setCext_TokenType: c_int = 618; +pub const NID_setCext_IssuerCapabilities: c_int = 619; +pub const NID_setAttr_Cert: c_int = 620; +pub const NID_setAttr_PGWYcap: c_int = 621; +pub const NID_setAttr_TokenType: c_int = 622; +pub const NID_setAttr_IssCap: c_int = 623; +pub const NID_set_rootKeyThumb: c_int = 624; +pub const NID_set_addPolicy: c_int = 625; +pub const NID_setAttr_Token_EMV: c_int = 626; +pub const NID_setAttr_Token_B0Prime: c_int = 627; +pub const NID_setAttr_IssCap_CVM: c_int = 628; +pub const NID_setAttr_IssCap_T2: c_int = 629; +pub const NID_setAttr_IssCap_Sig: c_int = 630; +pub const NID_setAttr_GenCryptgrm: c_int = 631; +pub const NID_setAttr_T2Enc: c_int = 632; +pub const NID_setAttr_T2cleartxt: c_int = 633; +pub const NID_setAttr_TokICCsig: c_int = 634; +pub const NID_setAttr_SecDevSig: c_int = 635; +pub const NID_set_brand_IATA_ATA: c_int = 636; +pub const NID_set_brand_Diners: c_int = 637; +pub const NID_set_brand_AmericanExpress: c_int = 638; +pub const NID_set_brand_JCB: c_int = 639; +pub const NID_set_brand_Visa: c_int = 640; +pub const NID_set_brand_MasterCard: c_int = 641; +pub const NID_set_brand_Novus: c_int = 642; +pub const NID_des_cdmf: c_int = 643; +pub const NID_rsaOAEPEncryptionSET: c_int = 644; +pub const NID_ipsec3: c_int = 749; +pub const NID_ipsec4: c_int = 750; +pub const NID_whirlpool: c_int = 804; +pub const NID_cryptopro: c_int = 805; +pub const NID_cryptocom: c_int = 806; +pub const NID_id_GostR3411_94_with_GostR3410_2001: c_int = 807; +pub const NID_id_GostR3411_94_with_GostR3410_94: c_int = 808; +pub const NID_id_GostR3411_94: c_int = 809; +pub const NID_id_HMACGostR3411_94: c_int = 810; +pub const NID_id_GostR3410_2001: c_int = 811; +pub const NID_id_GostR3410_94: c_int = 812; +pub const NID_id_Gost28147_89: c_int = 813; +pub const NID_gost89_cnt: c_int = 814; +pub const NID_id_Gost28147_89_MAC: c_int = 815; +pub const NID_id_GostR3411_94_prf: c_int = 816; +pub const NID_id_GostR3410_2001DH: c_int = 817; +pub const NID_id_GostR3410_94DH: c_int = 818; +pub const NID_id_Gost28147_89_CryptoPro_KeyMeshing: c_int = 819; +pub const NID_id_Gost28147_89_None_KeyMeshing: c_int = 820; +pub const NID_id_GostR3411_94_TestParamSet: c_int = 821; +pub const NID_id_GostR3411_94_CryptoProParamSet: c_int = 822; +pub const NID_id_Gost28147_89_TestParamSet: c_int = 823; +pub const NID_id_Gost28147_89_CryptoPro_A_ParamSet: c_int = 824; +pub const NID_id_Gost28147_89_CryptoPro_B_ParamSet: c_int = 825; +pub const NID_id_Gost28147_89_CryptoPro_C_ParamSet: c_int = 826; +pub const NID_id_Gost28147_89_CryptoPro_D_ParamSet: c_int = 827; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet: c_int = 828; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet: c_int = 829; +pub const NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet: c_int = 830; +pub const NID_id_GostR3410_94_TestParamSet: c_int = 831; +pub const NID_id_GostR3410_94_CryptoPro_A_ParamSet: c_int = 832; +pub const NID_id_GostR3410_94_CryptoPro_B_ParamSet: c_int = 833; +pub const NID_id_GostR3410_94_CryptoPro_C_ParamSet: c_int = 834; +pub const NID_id_GostR3410_94_CryptoPro_D_ParamSet: c_int = 835; +pub const NID_id_GostR3410_94_CryptoPro_XchA_ParamSet: c_int = 836; +pub const NID_id_GostR3410_94_CryptoPro_XchB_ParamSet: c_int = 837; +pub const NID_id_GostR3410_94_CryptoPro_XchC_ParamSet: c_int = 838; +pub const NID_id_GostR3410_2001_TestParamSet: c_int = 839; +pub const NID_id_GostR3410_2001_CryptoPro_A_ParamSet: c_int = 840; +pub const NID_id_GostR3410_2001_CryptoPro_B_ParamSet: c_int = 841; +pub const NID_id_GostR3410_2001_CryptoPro_C_ParamSet: c_int = 842; +pub const NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet: c_int = 843; +pub const NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet: c_int = 844; +pub const NID_id_GostR3410_94_a: c_int = 845; +pub const NID_id_GostR3410_94_aBis: c_int = 846; +pub const NID_id_GostR3410_94_b: c_int = 847; +pub const NID_id_GostR3410_94_bBis: c_int = 848; +pub const NID_id_Gost28147_89_cc: c_int = 849; +pub const NID_id_GostR3410_94_cc: c_int = 850; +pub const NID_id_GostR3410_2001_cc: c_int = 851; +pub const NID_id_GostR3411_94_with_GostR3410_94_cc: c_int = 852; +pub const NID_id_GostR3411_94_with_GostR3410_2001_cc: c_int = 853; +pub const NID_id_GostR3410_2001_ParamSet_cc: c_int = 854; +pub const NID_camellia_128_cbc: c_int = 751; +pub const NID_camellia_192_cbc: c_int = 752; +pub const NID_camellia_256_cbc: c_int = 753; +pub const NID_id_camellia128_wrap: c_int = 907; +pub const NID_id_camellia192_wrap: c_int = 908; +pub const NID_id_camellia256_wrap: c_int = 909; +pub const NID_camellia_128_ecb: c_int = 754; +pub const NID_camellia_128_ofb128: c_int = 766; +pub const NID_camellia_128_cfb128: c_int = 757; +pub const NID_camellia_192_ecb: c_int = 755; +pub const NID_camellia_192_ofb128: c_int = 767; +pub const NID_camellia_192_cfb128: c_int = 758; +pub const NID_camellia_256_ecb: c_int = 756; +pub const NID_camellia_256_ofb128: c_int = 768; +pub const NID_camellia_256_cfb128: c_int = 759; +pub const NID_camellia_128_cfb1: c_int = 760; +pub const NID_camellia_192_cfb1: c_int = 761; +pub const NID_camellia_256_cfb1: c_int = 762; +pub const NID_camellia_128_cfb8: c_int = 763; +pub const NID_camellia_192_cfb8: c_int = 764; +pub const NID_camellia_256_cfb8: c_int = 765; +pub const NID_kisa: c_int = 773; +pub const NID_seed_ecb: c_int = 776; +pub const NID_seed_cbc: c_int = 777; +pub const NID_seed_cfb128: c_int = 779; +pub const NID_seed_ofb128: c_int = 778; +pub const NID_hmac: c_int = 855; +pub const NID_cmac: c_int = 894; +pub const NID_rc4_hmac_md5: c_int = 915; +pub const NID_aes_128_cbc_hmac_sha1: c_int = 916; +pub const NID_aes_192_cbc_hmac_sha1: c_int = 917; +pub const NID_aes_256_cbc_hmac_sha1: c_int = 918; +#[cfg(ossl111)] +pub const NID_X25519: c_int = 1034; +#[cfg(libressl370)] +pub const NID_X25519: c_int = 950; +#[cfg(ossl111)] +pub const NID_X448: c_int = 1035; +#[cfg(ossl110)] +pub const NID_hkdf: c_int = 1036; +#[cfg(ossl111)] +pub const NID_ED25519: c_int = 1087; +#[cfg(libressl370)] +pub const NID_ED25519: c_int = 952; +#[cfg(ossl111)] +pub const NID_ED448: c_int = 1088; +#[cfg(ossl111)] +pub const NID_sm3: c_int = 1143; +#[cfg(libressl291)] +pub const NID_sm3: c_int = 968; +#[cfg(ossl111)] +pub const NID_sm3WithRSAEncryption: c_int = 1144; +#[cfg(libressl291)] +pub const NID_sm3WithRSAEncryption: c_int = 969; +#[cfg(ossl111)] +pub const NID_sm4_ecb: c_int = 1133; +#[cfg(libressl291)] +pub const NID_sm4_ecb: c_int = 973; +#[cfg(ossl111)] +pub const NID_sm4_cbc: c_int = 1134; +#[cfg(libressl291)] +pub const NID_sm4_cbc: c_int = 974; +#[cfg(ossl111)] +pub const NID_sm4_ofb128: c_int = 1135; +#[cfg(libressl291)] +pub const NID_sm4_ofb128: c_int = 975; +#[cfg(ossl111)] +pub const NID_sm4_cfb128: c_int = 1137; +#[cfg(libressl291)] +pub const NID_sm4_cfb128: c_int = 976; +#[cfg(ossl111)] +pub const NID_sm4_cfb1: c_int = 1136; +#[cfg(libressl291)] +pub const NID_sm4_cfb1: c_int = 977; +#[cfg(ossl111)] +pub const NID_sm4_cfb8: c_int = 1138; +#[cfg(libressl291)] +pub const NID_sm4_cfb8: c_int = 978; +#[cfg(ossl111)] +pub const NID_sm4_ctr: c_int = 1139; +#[cfg(libressl291)] +pub const NID_sm4_ctr: c_int = 979; +#[cfg(ossl111)] +pub const NID_sha3_224: c_int = 1096; +#[cfg(ossl111)] +pub const NID_sha3_256: c_int = 1097; +#[cfg(ossl111)] +pub const NID_sha3_384: c_int = 1098; +#[cfg(ossl111)] +pub const NID_sha3_512: c_int = 1099; +#[cfg(ossl111)] +pub const NID_shake128: c_int = 1100; +#[cfg(ossl111)] +pub const NID_shake256: c_int = 1101; diff --git a/vendor/openssl-sys/src/ocsp.rs b/vendor/openssl-sys/src/ocsp.rs new file mode 100644 index 000000000..fc0db39e9 --- /dev/null +++ b/vendor/openssl-sys/src/ocsp.rs @@ -0,0 +1,35 @@ +use libc::*; + +pub const OCSP_REVOKED_STATUS_NOSTATUS: c_int = -1; +pub const OCSP_REVOKED_STATUS_UNSPECIFIED: c_int = 0; +pub const OCSP_REVOKED_STATUS_KEYCOMPROMISE: c_int = 1; +pub const OCSP_REVOKED_STATUS_CACOMPROMISE: c_int = 2; +pub const OCSP_REVOKED_STATUS_AFFILIATIONCHANGED: c_int = 3; +pub const OCSP_REVOKED_STATUS_SUPERSEDED: c_int = 4; +pub const OCSP_REVOKED_STATUS_CESSATIONOFOPERATION: c_int = 5; +pub const OCSP_REVOKED_STATUS_CERTIFICATEHOLD: c_int = 6; +pub const OCSP_REVOKED_STATUS_REMOVEFROMCRL: c_int = 8; + +pub const OCSP_NOCERTS: c_ulong = 0x1; +pub const OCSP_NOINTERN: c_ulong = 0x2; +pub const OCSP_NOSIGS: c_ulong = 0x4; +pub const OCSP_NOCHAIN: c_ulong = 0x8; +pub const OCSP_NOVERIFY: c_ulong = 0x10; +pub const OCSP_NOEXPLICIT: c_ulong = 0x20; +pub const OCSP_NOCASIGN: c_ulong = 0x40; +pub const OCSP_NODELEGATED: c_ulong = 0x80; +pub const OCSP_NOCHECKS: c_ulong = 0x100; +pub const OCSP_TRUSTOTHER: c_ulong = 0x200; +pub const OCSP_RESPID_KEY: c_ulong = 0x400; +pub const OCSP_NOTIME: c_ulong = 0x800; + +pub const OCSP_RESPONSE_STATUS_SUCCESSFUL: c_int = 0; +pub const OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: c_int = 1; +pub const OCSP_RESPONSE_STATUS_INTERNALERROR: c_int = 2; +pub const OCSP_RESPONSE_STATUS_TRYLATER: c_int = 3; +pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; +pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; + +pub const V_OCSP_CERTSTATUS_GOOD: c_int = 0; +pub const V_OCSP_CERTSTATUS_REVOKED: c_int = 1; +pub const V_OCSP_CERTSTATUS_UNKNOWN: c_int = 2; diff --git a/vendor/openssl-sys/src/pem.rs b/vendor/openssl-sys/src/pem.rs new file mode 100644 index 000000000..f7dd8ac30 --- /dev/null +++ b/vendor/openssl-sys/src/pem.rs @@ -0,0 +1,3 @@ +use libc::*; + +pub const PEM_R_NO_START_LINE: c_int = 108; diff --git a/vendor/openssl-sys/src/pkcs7.rs b/vendor/openssl-sys/src/pkcs7.rs new file mode 100644 index 000000000..0a56225a9 --- /dev/null +++ b/vendor/openssl-sys/src/pkcs7.rs @@ -0,0 +1,20 @@ +use libc::*; + +pub const PKCS7_TEXT: c_int = 0x1; +pub const PKCS7_NOCERTS: c_int = 0x2; +pub const PKCS7_NOSIGS: c_int = 0x4; +pub const PKCS7_NOCHAIN: c_int = 0x8; +pub const PKCS7_NOINTERN: c_int = 0x10; +pub const PKCS7_NOVERIFY: c_int = 0x20; +pub const PKCS7_DETACHED: c_int = 0x40; +pub const PKCS7_BINARY: c_int = 0x80; +pub const PKCS7_NOATTR: c_int = 0x100; +pub const PKCS7_NOSMIMECAP: c_int = 0x200; +pub const PKCS7_NOOLDMIMETYPE: c_int = 0x400; +pub const PKCS7_CRLFEOL: c_int = 0x800; +pub const PKCS7_STREAM: c_int = 0x1000; +pub const PKCS7_NOCRL: c_int = 0x2000; +pub const PKCS7_PARTIAL: c_int = 0x4000; +pub const PKCS7_REUSE_DIGEST: c_int = 0x8000; +#[cfg(not(any(ossl101, ossl102, libressl)))] +pub const PKCS7_NO_DUAL_CONTENT: c_int = 0x10000; diff --git a/vendor/openssl-sys/src/rsa.rs b/vendor/openssl-sys/src/rsa.rs new file mode 100644 index 000000000..ff30cf1e2 --- /dev/null +++ b/vendor/openssl-sys/src/rsa.rs @@ -0,0 +1,101 @@ +use libc::*; +use std::ptr; + +use super::super::*; + +pub const RSA_F4: c_long = 0x10001; + +cfg_if! { + if #[cfg(not(ossl300))] { + pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_RSA_PADDING, + pad, + ptr::null_mut(), + ) + } + pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_GET_RSA_PADDING, + 0, + ppad as *mut c_void, + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY, + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, + len, + ptr::null_mut(), + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_MGF1_MD, + 0, + md as *mut c_void, + ) + } + } +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set_rsa_oaep_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set0_rsa_oaep_label( + ctx: *mut EVP_PKEY_CTX, + label: *mut c_void, + len: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_LABEL, + len, + label as *mut c_void, + ) +} + +pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; +pub const EVP_PKEY_CTRL_RSA_PSS_SALTLEN: c_int = EVP_PKEY_ALG_CTRL + 2; + +pub const EVP_PKEY_CTRL_RSA_MGF1_MD: c_int = EVP_PKEY_ALG_CTRL + 5; + +pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_MD: c_int = EVP_PKEY_ALG_CTRL + 9; +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_LABEL: c_int = EVP_PKEY_ALG_CTRL + 10; + +pub const RSA_PKCS1_PADDING: c_int = 1; +#[cfg(not(ossl300))] +pub const RSA_SSLV23_PADDING: c_int = 2; +pub const RSA_NO_PADDING: c_int = 3; +pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; +pub const RSA_X931_PADDING: c_int = 5; +pub const RSA_PKCS1_PSS_PADDING: c_int = 6; diff --git a/vendor/openssl-sys/src/sha.rs b/vendor/openssl-sys/src/sha.rs new file mode 100644 index 000000000..4ad0c17cd --- /dev/null +++ b/vendor/openssl-sys/src/sha.rs @@ -0,0 +1,103 @@ +use super::*; +use libc::*; +use std::ptr; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub const SHA_LBLOCK: c_int = 16; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG = c_uint; + +cfg_if! { + if #[cfg(ossl300)] { + #[cfg(ossl300)] + // Ideally we'd macro define these, but that crashes ctest :( + pub unsafe fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA1\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 + { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA224\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA256\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG64 = u64; + +cfg_if! { + if #[cfg(ossl300)] { + pub unsafe fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA384\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA512\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} diff --git a/vendor/openssl-sys/src/srtp.rs b/vendor/openssl-sys/src/srtp.rs new file mode 100644 index 000000000..93c77970c --- /dev/null +++ b/vendor/openssl-sys/src/srtp.rs @@ -0,0 +1,14 @@ +use libc::*; + +pub const SRTP_AES128_CM_SHA1_80: c_ulong = 0x0001; +pub const SRTP_AES128_CM_SHA1_32: c_ulong = 0x0002; +pub const SRTP_AES128_F8_SHA1_80: c_ulong = 0x0003; +pub const SRTP_AES128_F8_SHA1_32: c_ulong = 0x0004; +pub const SRTP_NULL_SHA1_80: c_ulong = 0x0005; +pub const SRTP_NULL_SHA1_32: c_ulong = 0x0006; + +/* AEAD SRTP protection profiles from RFC 7714 */ +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_128_GCM: c_ulong = 0x0007; +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_256_GCM: c_ulong = 0x0008; diff --git a/vendor/openssl-sys/src/ssl.rs b/vendor/openssl-sys/src/ssl.rs new file mode 100644 index 000000000..e81267333 --- /dev/null +++ b/vendor/openssl-sys/src/ssl.rs @@ -0,0 +1,631 @@ +use libc::*; +use std::ptr; + +use super::*; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256; + +#[cfg(not(ossl110))] +pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32; +#[cfg(not(ossl110))] +pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8; +#[cfg(not(ossl110))] +pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48; + +pub const SSL_SENT_SHUTDOWN: c_int = 1; +pub const SSL_RECEIVED_SHUTDOWN: c_int = 2; + +pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM; +pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1; + +#[cfg(ossl111)] +pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001; +/* This extension is only allowed in DTLS */ +#[cfg(ossl111)] +pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002; +/* Some extensions may be allowed in DTLS but we don't implement them for it */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004; +/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ +#[cfg(ossl111)] +pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008; +/* Extension is only defined for TLS1.2 and below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010; +/* Extension is only defined for TLS1.3 and above */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020; +/* Ignore this extension during parsing if we are resuming */ +#[cfg(ossl111)] +pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040; +#[cfg(ossl111)] +pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080; +/* Really means TLS1.2 or below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000; + +cfg_if! { + if #[cfg(ossl300)] { + macro_rules! ssl_op_type { + () => {u64}; + } + } else { + macro_rules! ssl_op_type { + () => {c_ulong}; + } + } +} + +pub const SSL_OP_LEGACY_SERVER_CONNECT: ssl_op_type!() = 0x00000004; +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x0; + } else if #[cfg(any(ossl102, libressl))] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x10; + } +} +#[cfg(ossl101)] +pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: ssl_op_type!() = 0x00000040; + +pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: ssl_op_type!() = 0x00000800; + +pub const SSL_OP_NO_QUERY_MTU: ssl_op_type!() = 0x00001000; +pub const SSL_OP_COOKIE_EXCHANGE: ssl_op_type!() = 0x00002000; +pub const SSL_OP_NO_TICKET: ssl_op_type!() = 0x00004000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x00008000; + } else { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x0; + } +} + +pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: ssl_op_type!() = 0x00010000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x00020000; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x00040000; + } else { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x0; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x0; + } +} + +#[cfg(ossl111)] +pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: ssl_op_type!() = 0x00100000; +#[cfg(ossl111)] +pub const SSL_OP_PRIORITIZE_CHACHA: ssl_op_type!() = 0x00200000; + +pub const SSL_OP_CIPHER_SERVER_PREFERENCE: ssl_op_type!() = 0x00400000; +cfg_if! { + if #[cfg(libressl280)] { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0; + } else { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0x00800000; + } +} + +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x02000000; + } else { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x0; + } +} +pub const SSL_OP_NO_TLSv1_1: ssl_op_type!() = 0x10000000; +pub const SSL_OP_NO_TLSv1_2: ssl_op_type!() = 0x08000000; + +pub const SSL_OP_NO_TLSv1: ssl_op_type!() = 0x04000000; +cfg_if! { + if #[cfg(ossl102)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x04000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x08000000; + } else if #[cfg(libressl332)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x40000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x80000000; + } +} +#[cfg(any(ossl111, libressl340))] +pub const SSL_OP_NO_TLSv1_3: ssl_op_type!() = 0x20000000; + +#[cfg(ossl110h)] +pub const SSL_OP_NO_RENEGOTIATION: ssl_op_type!() = 0x40000000; + +cfg_if! { + if #[cfg(ossl111)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv3 + | SSL_OP_NO_TLSv1 + | SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 + | SSL_OP_NO_TLSv1_3; + } else if #[cfg(ossl102)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = + SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x0; + } else { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x80000000; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(ossl110f)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_LEGACY_SERVER_CONNECT + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(libressl261)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x4; + } else if #[cfg(libressl)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000014; + } else { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000BFF; + } +} + +cfg_if! { + if #[cfg(ossl110)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x00000000; + } else if #[cfg(ossl101)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000001; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000002; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000008; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000020; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000080; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000100; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000200; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x01000000; + } else { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x0; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x0; + #[cfg(libressl261)] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x0; + #[cfg(not(libressl261))] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x0; + } +} + +pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; +pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; +pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; +pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; +pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; + +pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut()) +} + +#[cfg(ossl111)] +pub const SSL_COOKIE_LENGTH: c_int = 4096; + +cfg_if! { + if #[cfg(not(ossl110))] { + pub unsafe fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong { + SSL_CTX_ctrl(ctx as *mut _, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) as c_ulong + } + + pub unsafe fn SSL_CTX_set_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + + pub unsafe fn SSL_CTX_clear_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_CLEAR_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + } +} + +pub unsafe fn SSL_set_mtu(ssl: *mut SSL, mtu: c_long) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut()) +} + +#[cfg(ossl110)] +pub unsafe fn SSL_get_extms_support(ssl: *mut SSL) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_GET_EXTMS_SUPPORT, 0, ptr::null_mut()) +} + +pub const SSL_SESS_CACHE_OFF: c_long = 0x0; +pub const SSL_SESS_CACHE_CLIENT: c_long = 0x1; +pub const SSL_SESS_CACHE_SERVER: c_long = 0x2; +pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER; +pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80; +pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100; +pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200; +pub const SSL_SESS_CACHE_NO_INTERNAL: c_long = + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE; + +pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0; +pub const OPENSSL_NPN_NEGOTIATED: c_int = 1; +pub const OPENSSL_NPN_NO_OVERLAP: c_int = 2; + +pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER; +pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR; +pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME; +pub const SSL_ERROR_NONE: c_int = 0; +pub const SSL_ERROR_SSL: c_int = 1; +pub const SSL_ERROR_SYSCALL: c_int = 5; +pub const SSL_ERROR_WANT_ACCEPT: c_int = 8; +pub const SSL_ERROR_WANT_CONNECT: c_int = 7; +pub const SSL_ERROR_WANT_READ: c_int = 2; +pub const SSL_ERROR_WANT_WRITE: c_int = 3; +pub const SSL_ERROR_WANT_X509_LOOKUP: c_int = 4; +pub const SSL_ERROR_ZERO_RETURN: c_int = 6; +#[cfg(ossl111)] +pub const SSL_ERROR_WANT_CLIENT_HELLO_CB: c_int = 11; +pub const SSL_VERIFY_NONE: c_int = 0; +pub const SSL_VERIFY_PEER: c_int = 1; +pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; +pub const SSL_CTRL_SET_TMP_DH: c_int = 3; +pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_GET_SESSION_REUSED: c_int = 8; +pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; +pub const SSL_CTRL_SET_MTU: c_int = 17; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_OPTIONS: c_int = 32; +pub const SSL_CTRL_MODE: c_int = 33; +pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; +pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42; +pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43; +pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; +pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65; +pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; +pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; +#[cfg(ossl102)] +pub const SSL_CTRL_CHAIN_CERT: c_int = 89; +#[cfg(any(ossl111, libressl252))] +pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92; +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; +#[cfg(ossl110)] +pub const SSL_CTRL_GET_EXTMS_SUPPORT: c_int = 122; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131; + +pub unsafe fn SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void) +} + +pub unsafe fn SSL_CTX_get_extra_chain_certs( + ctx: *mut SSL_CTX, + chain: *mut *mut stack_st_X509, +) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_set0_verify_cert_store(ssl: *mut SSL, st: *mut X509_STORE) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +cfg_if! { + if #[cfg(ossl111)] { + pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_GROUPS_LIST, + 0, + s as *const c_void as *mut c_void, + ) + } + } else if #[cfg(libressl251)] { + extern "C" { + pub fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_int; + } + } +} + +#[cfg(ossl102)] +pub unsafe fn SSL_add0_chain_cert(ssl: *mut SSL, ptr: *mut X509) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_CHAIN_CERT, 0, ptr as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_SIGALGS_LIST, + 0, + s as *const c_void as *mut c_void, + ) +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_set_ecdh_auto(ssl: *mut SSL, onoff: c_int) -> c_int { + SSL_ctrl( + ssl, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + } +} + +cfg_if! { + if #[cfg(ossl110g)] { + pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + + pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_min_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_max_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + } +} + +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_SUCCESS: c_int = 1; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_ERROR: c_int = 0; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_RETRY: c_int = -1; + +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2; + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option<CRYPTO_EX_new>, + dupf: Option<CRYPTO_EX_dup>, + freef: Option<CRYPTO_EX_free>, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef) + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option<CRYPTO_EX_new>, + dupf: Option<CRYPTO_EX_dup>, + freef: Option<CRYPTO_EX_free>, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef) + } + } +} + +pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, ptr::null_mut()) +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[deprecated(note = "use SSL_CTX_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_CTX_set_tmp_dh_callback( + ctx: *mut SSL_CTX, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_set_tmp_dh_callback( + ctx: *mut SSL, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_CTX_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_CTX_set_tmp_ecdh_callback( + ctx: *mut SSL_CTX, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + #[deprecated(note = "use SSL_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_set_tmp_ecdh_callback( + ssl: *mut SSL, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + + #[deprecated(note = "use SSL_CTX_callback_ctrl__fixed_rust instead")] + pub fn SSL_CTX_callback_ctrl( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option<extern "C" fn()>, + ) -> c_long; + + #[deprecated(note = "use SSL_CTX_set_alpn_select_cb__fixed_rust instead")] + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); +} + +#[cfg(not(ossl110))] +pub unsafe fn SSL_session_reused(ssl: *mut SSL) -> c_int { + SSL_ctrl(ssl, SSL_CTRL_GET_SESSION_REUSED, 0, ptr::null_mut()) as c_int +} + +#[cfg(ossl110)] +pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000; +#[cfg(ossl111b)] +pub const OPENSSL_INIT_NO_ATEXIT: u64 = 0x00080000; diff --git a/vendor/openssl-sys/src/ssl3.rs b/vendor/openssl-sys/src/ssl3.rs new file mode 100644 index 000000000..822613eb2 --- /dev/null +++ b/vendor/openssl-sys/src/ssl3.rs @@ -0,0 +1,5 @@ +use libc::*; + +pub const SSL3_VERSION: c_int = 0x300; + +pub const SSL3_AD_ILLEGAL_PARAMETER: c_int = 47; diff --git a/vendor/openssl-sys/src/tls1.rs b/vendor/openssl-sys/src/tls1.rs new file mode 100644 index 000000000..f7ae30204 --- /dev/null +++ b/vendor/openssl-sys/src/tls1.rs @@ -0,0 +1,94 @@ +use libc::*; +use std::mem; +use std::ptr; + +use super::*; + +pub const TLS1_VERSION: c_int = 0x301; +pub const TLS1_1_VERSION: c_int = 0x302; +pub const TLS1_2_VERSION: c_int = 0x303; +#[cfg(any(ossl111, libressl340))] +pub const TLS1_3_VERSION: c_int = 0x304; + +pub const TLS1_AD_DECODE_ERROR: c_int = 50; +pub const TLS1_AD_UNRECOGNIZED_NAME: c_int = 112; + +pub const TLSEXT_NAMETYPE_host_name: c_int = 0; +pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1; + +pub unsafe fn SSL_set_tlsext_host_name(s: *mut SSL, name: *mut c_char) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_HOSTNAME, + TLSEXT_NAMETYPE_host_name as c_long, + name as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, + type_ as c_long, + ptr::null_mut(), + ) +} + +pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, + 0, + resp as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_ocsp_resp( + ssl: *mut SSL, + resp: *mut c_uchar, + len: c_long, +) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, + len, + resp as *mut c_void, + ) +} + +#[deprecated(note = "use SSL_CTX_set_tlsext_servername_callback__fixed_rust instead")] +#[allow(deprecated)] +pub unsafe fn SSL_CTX_set_tlsext_servername_callback( + ctx: *mut SSL_CTX, + // FIXME should have the right signature + cb: Option<extern "C" fn()>, +) -> c_long { + SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, cb) +} + +pub unsafe fn SSL_CTX_set_tlsext_servername_callback__fixed_rust( + ctx: *mut SSL_CTX, + cb: Option<unsafe extern "C" fn(*mut SSL, *mut c_int, *mut c_void) -> c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, mem::transmute(cb)) +} + +pub const SSL_TLSEXT_ERR_OK: c_int = 0; +pub const SSL_TLSEXT_ERR_ALERT_WARNING: c_int = 1; +pub const SSL_TLSEXT_ERR_ALERT_FATAL: c_int = 2; +pub const SSL_TLSEXT_ERR_NOACK: c_int = 3; + +pub unsafe fn SSL_CTX_set_tlsext_servername_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, arg) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_cb( + ctx: *mut SSL_CTX, + cb: Option<unsafe extern "C" fn(*mut SSL, *mut c_void) -> c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, mem::transmute(cb)) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg) +} diff --git a/vendor/openssl-sys/src/types.rs b/vendor/openssl-sys/src/types.rs new file mode 100644 index 000000000..10c8f6771 --- /dev/null +++ b/vendor/openssl-sys/src/types.rs @@ -0,0 +1,21 @@ +use libc::*; + +use super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_PKEY {} + } else { + #[repr(C)] + pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, + pub references: c_int, + pub ameth: *const EVP_PKEY_ASN1_METHOD, + pub engine: *mut ENGINE, + pub pkey: *mut c_void, + pub save_parameters: c_int, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} diff --git a/vendor/openssl-sys/src/x509.rs b/vendor/openssl-sys/src/x509.rs new file mode 100644 index 000000000..714b06c9b --- /dev/null +++ b/vendor/openssl-sys/src/x509.rs @@ -0,0 +1,15 @@ +use libc::*; + +pub const X509_FILETYPE_PEM: c_int = 1; +pub const X509_FILETYPE_ASN1: c_int = 2; +pub const X509_FILETYPE_DEFAULT: c_int = 3; + +pub const ASN1_R_HEADER_TOO_LONG: c_int = 123; + +cfg_if! { + if #[cfg(not(any(ossl110, libressl350)))] { + pub const X509_LU_FAIL: c_int = 0; + pub const X509_LU_X509: c_int = 1; + pub const X509_LU_CRL: c_int = 2; + } +} diff --git a/vendor/openssl-sys/src/x509_vfy.rs b/vendor/openssl-sys/src/x509_vfy.rs new file mode 100644 index 000000000..2fa176fed --- /dev/null +++ b/vendor/openssl-sys/src/x509_vfy.rs @@ -0,0 +1,149 @@ +use libc::*; + +use super::*; + +pub const X509_V_OK: c_int = 0; +#[cfg(ossl102f)] +pub const X509_V_ERR_UNSPECIFIED: c_int = 1; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2; +pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5; +pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6; +pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7; +pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8; +pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9; +pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10; +pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11; +pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14; +pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15; +pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16; +pub const X509_V_ERR_OUT_OF_MEM: c_int = 17; +pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18; +pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20; +pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21; +pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22; +pub const X509_V_ERR_CERT_REVOKED: c_int = 23; +cfg_if! { + if #[cfg(ossl300)] { + pub const X509_V_ERR_NO_ISSUER_PUBLIC_KEY: c_int = 24; + } else { + pub const X509_V_ERR_INVALID_CA: c_int = 24; + } +} +pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25; +pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26; +pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27; +pub const X509_V_ERR_CERT_REJECTED: c_int = 28; +pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29; +pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30; +pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31; +pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32; +pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33; +pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34; +pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35; +pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36; +pub const X509_V_ERR_INVALID_NON_CA: c_int = 37; +pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38; +pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39; +pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40; +pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41; +pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42; +pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43; +pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44; +pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; +pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46; +pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47; +pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48; +pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49; +pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52; +pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; +pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61; +#[cfg(ossl102)] +pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62; +#[cfg(ossl102)] +pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63; +#[cfg(ossl102)] +pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64; +cfg_if! { + if #[cfg(ossl110)] { + pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65; + pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66; + pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67; + pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68; + pub const X509_V_ERR_INVALID_CALL: c_int = 69; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 70; + pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71; + } else if #[cfg(ossl102h)] { + pub const X509_V_ERR_INVALID_CALL: c_int = 65; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 66; + pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67; + } +} +#[cfg(ossl300)] +pub const X509_V_ERR_INVALID_CA: c_int = 79; + +#[cfg(not(any(ossl110, libressl370)))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x1; +#[cfg(any(ossl110, libressl370))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x0; +pub const X509_V_FLAG_USE_CHECK_TIME: c_ulong = 0x2; +pub const X509_V_FLAG_CRL_CHECK: c_ulong = 0x4; +pub const X509_V_FLAG_CRL_CHECK_ALL: c_ulong = 0x8; +pub const X509_V_FLAG_IGNORE_CRITICAL: c_ulong = 0x10; +pub const X509_V_FLAG_X509_STRICT: c_ulong = 0x20; +pub const X509_V_FLAG_ALLOW_PROXY_CERTS: c_ulong = 0x40; +pub const X509_V_FLAG_POLICY_CHECK: c_ulong = 0x80; +pub const X509_V_FLAG_EXPLICIT_POLICY: c_ulong = 0x100; +pub const X509_V_FLAG_INHIBIT_ANY: c_ulong = 0x200; +pub const X509_V_FLAG_INHIBIT_MAP: c_ulong = 0x400; +pub const X509_V_FLAG_NOTIFY_POLICY: c_ulong = 0x800; +pub const X509_V_FLAG_EXTENDED_CRL_SUPPORT: c_ulong = 0x1000; +pub const X509_V_FLAG_USE_DELTAS: c_ulong = 0x2000; +pub const X509_V_FLAG_CHECK_SS_SIGNATURE: c_ulong = 0x4000; +#[cfg(ossl102)] +pub const X509_V_FLAG_TRUSTED_FIRST: c_ulong = 0x8000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS_ONLY: c_ulong = 0x10000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_192_LOS: c_ulong = 0x20000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS: c_ulong = 0x30000; +#[cfg(ossl102)] +pub const X509_V_FLAG_PARTIAL_CHAIN: c_ulong = 0x80000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000; + +pub unsafe fn X509_LOOKUP_add_dir( + ctx: *mut X509_LOOKUP, + name: *const c_char, + _type: c_int, +) -> c_int { + const X509_L_ADD_DIR: c_int = 2; + X509_LOOKUP_ctrl( + ctx, + X509_L_ADD_DIR, + name, + _type as c_long, + std::ptr::null_mut(), + ) +} diff --git a/vendor/openssl-sys/src/x509v3.rs b/vendor/openssl-sys/src/x509v3.rs new file mode 100644 index 000000000..5ae443908 --- /dev/null +++ b/vendor/openssl-sys/src/x509v3.rs @@ -0,0 +1,93 @@ +use libc::*; + +use super::*; + +#[repr(C)] +pub struct GENERAL_NAME { + pub type_: c_int, + // FIXME should be a union + pub d: *mut c_void, +} + +stack!(stack_st_GENERAL_NAME); + +pub const GEN_OTHERNAME: c_int = 0; +pub const GEN_EMAIL: c_int = 1; +pub const GEN_DNS: c_int = 2; +pub const GEN_X400: c_int = 3; +pub const GEN_DIRNAME: c_int = 4; +pub const GEN_EDIPARTY: c_int = 5; +pub const GEN_URI: c_int = 6; +pub const GEN_IPADD: c_int = 7; +pub const GEN_RID: c_int = 8; + +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; +#[cfg(ossl110)] +pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; + +pub const X509V3_ADD_DEFAULT: c_ulong = 0; +pub const X509V3_ADD_APPEND: c_ulong = 1; +pub const X509V3_ADD_REPLACE: c_ulong = 2; +pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; +pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; +pub const X509V3_ADD_DELETE: c_ulong = 5; +pub const X509V3_ADD_SILENT: c_ulong = 0x10; + +pub const EXFLAG_BCONS: u32 = 0x1; +pub const EXFLAG_KUSAGE: u32 = 0x2; +pub const EXFLAG_XKUSAGE: u32 = 0x4; +pub const EXFLAG_NSCERT: u32 = 0x8; +pub const EXFLAG_CA: u32 = 0x10; +pub const EXFLAG_SI: u32 = 0x20; +pub const EXFLAG_V1: u32 = 0x40; +pub const EXFLAG_INVALID: u32 = 0x80; +pub const EXFLAG_SET: u32 = 0x100; +pub const EXFLAG_CRITICAL: u32 = 0x200; +pub const EXFLAG_PROXY: u32 = 0x400; +pub const EXFLAG_INVALID_POLICY: u32 = 0x800; +pub const EXFLAG_FRESHEST: u32 = 0x1000; +#[cfg(any(ossl102, libressl261))] +pub const EXFLAG_SS: u32 = 0x2000; + +pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; +pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; +pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; +pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; +pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; +pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; +pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; +pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; +pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; +pub const X509v3_KU_UNDEF: u32 = 0xffff; + +pub const XKU_SSL_SERVER: u32 = 0x1; +pub const XKU_SSL_CLIENT: u32 = 0x2; +pub const XKU_SMIME: u32 = 0x4; +pub const XKU_CODE_SIGN: u32 = 0x8; +pub const XKU_SGC: u32 = 0x10; +pub const XKU_OCSP_SIGN: u32 = 0x20; +pub const XKU_TIMESTAMP: u32 = 0x40; +pub const XKU_DVCS: u32 = 0x80; +#[cfg(ossl110)] +pub const XKU_ANYEKU: u32 = 0x100; + +pub const X509_PURPOSE_SSL_CLIENT: c_int = 1; +pub const X509_PURPOSE_SSL_SERVER: c_int = 2; +pub const X509_PURPOSE_NS_SSL_SERVER: c_int = 3; +pub const X509_PURPOSE_SMIME_SIGN: c_int = 4; +pub const X509_PURPOSE_SMIME_ENCRYPT: c_int = 5; +pub const X509_PURPOSE_CRL_SIGN: c_int = 6; +pub const X509_PURPOSE_ANY: c_int = 7; +pub const X509_PURPOSE_OCSP_HELPER: c_int = 8; +pub const X509_PURPOSE_TIMESTAMP_SIGN: c_int = 9; +pub const X509_PURPOSE_MIN: c_int = 1; +pub const X509_PURPOSE_MAX: c_int = 9; |