1 use libc::*;
2 use std::ptr;
3
4 use super::*;
5
6 #[cfg(not(ossl110))]
7 pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256;
8
9 #[cfg(not(ossl110))]
10 pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32;
11 #[cfg(not(ossl110))]
12 pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32;
13
14 #[cfg(not(ossl110))]
15 pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8;
16 #[cfg(not(ossl110))]
17 pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48;
18
19 pub const SSL_SENT_SHUTDOWN: c_int = 1;
20 pub const SSL_RECEIVED_SHUTDOWN: c_int = 2;
21
22 pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM;
23 pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1;
24
25 #[cfg(ossl111)]
26 pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001;
27 /* This extension is only allowed in DTLS */
28 #[cfg(ossl111)]
29 pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002;
30 /* Some extensions may be allowed in DTLS but we don't implement them for it */
31 #[cfg(ossl111)]
32 pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004;
33 /* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
34 #[cfg(ossl111)]
35 pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008;
36 /* Extension is only defined for TLS1.2 and below */
37 #[cfg(ossl111)]
38 pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010;
39 /* Extension is only defined for TLS1.3 and above */
40 #[cfg(ossl111)]
41 pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020;
42 /* Ignore this extension during parsing if we are resuming */
43 #[cfg(ossl111)]
44 pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040;
45 #[cfg(ossl111)]
46 pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080;
47 /* Really means TLS1.2 or below */
48 #[cfg(ossl111)]
49 pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100;
50 #[cfg(ossl111)]
51 pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200;
52 #[cfg(ossl111)]
53 pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400;
54 #[cfg(ossl111)]
55 pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800;
56 #[cfg(ossl111)]
57 pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000;
58 #[cfg(ossl111)]
59 pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000;
60 #[cfg(ossl111)]
61 pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000;
62
63 cfg_if! {
64 if #[cfg(ossl300)] {
65 macro_rules! ssl_op_type {
66 () => {u64};
67 }
68 } else {
69 macro_rules! ssl_op_type {
70 () => {c_ulong};
71 }
72 }
73 }
74
75 pub const SSL_OP_LEGACY_SERVER_CONNECT: ssl_op_type!() = 0x00000004;
76 cfg_if! {
77 if #[cfg(libressl261)] {
78 pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x0;
79 } else if #[cfg(any(ossl102, libressl))] {
80 pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x10;
81 }
82 }
83 #[cfg(ossl101)]
84 pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: ssl_op_type!() = 0x00000040;
85
86 pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: ssl_op_type!() = 0x00000800;
87
88 pub const SSL_OP_NO_QUERY_MTU: ssl_op_type!() = 0x00001000;
89 pub const SSL_OP_COOKIE_EXCHANGE: ssl_op_type!() = 0x00002000;
90 pub const SSL_OP_NO_TICKET: ssl_op_type!() = 0x00004000;
91 cfg_if! {
92 if #[cfg(ossl101)] {
93 pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x00008000;
94 } else {
95 pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x0;
96 }
97 }
98
99 pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: ssl_op_type!() = 0x00010000;
100 cfg_if! {
101 if #[cfg(ossl101)] {
102 pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x00020000;
103 pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x00040000;
104 } else {
105 pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x0;
106 pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x0;
107 }
108 }
109
110 #[cfg(ossl111)]
111 pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: ssl_op_type!() = 0x00100000;
112 #[cfg(ossl111)]
113 pub const SSL_OP_PRIORITIZE_CHACHA: ssl_op_type!() = 0x00200000;
114
115 pub const SSL_OP_CIPHER_SERVER_PREFERENCE: ssl_op_type!() = 0x00400000;
116 cfg_if! {
117 if #[cfg(libressl280)] {
118 pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0;
119 } else {
120 pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0x00800000;
121 }
122 }
123
124 cfg_if! {
125 if #[cfg(ossl101)] {
126 pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x02000000;
127 } else {
128 pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x0;
129 }
130 }
131 pub const SSL_OP_NO_TLSv1_1: ssl_op_type!() = 0x10000000;
132 pub const SSL_OP_NO_TLSv1_2: ssl_op_type!() = 0x08000000;
133
134 pub const SSL_OP_NO_TLSv1: ssl_op_type!() = 0x04000000;
135 cfg_if! {
136 if #[cfg(ossl102)] {
137 pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x04000000;
138 pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x08000000;
139 } else if #[cfg(libressl332)] {
140 pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x40000000;
141 pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x80000000;
142 }
143 }
144 #[cfg(any(ossl111, libressl340))]
145 pub const SSL_OP_NO_TLSv1_3: ssl_op_type!() = 0x20000000;
146
147 #[cfg(ossl110h)]
148 pub const SSL_OP_NO_RENEGOTIATION: ssl_op_type!() = 0x40000000;
149
150 cfg_if! {
151 if #[cfg(ossl111)] {
152 pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = SSL_OP_NO_SSLv2
153 | SSL_OP_NO_SSLv3
154 | SSL_OP_NO_TLSv1
155 | SSL_OP_NO_TLSv1_1
156 | SSL_OP_NO_TLSv1_2
157 | SSL_OP_NO_TLSv1_3;
158 } else if #[cfg(ossl102)] {
159 pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() =
160 SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
161 }
162 }
163
164 cfg_if! {
165 if #[cfg(libressl261)] {
166 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x0;
167 } else {
168 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x80000000;
169 }
170 }
171
172 cfg_if! {
173 if #[cfg(ossl300)] {
174 pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG
175 | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
176 | SSL_OP_TLSEXT_PADDING
177 | SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
178 } else if #[cfg(ossl110f)] {
179 pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG
180 | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
181 | SSL_OP_LEGACY_SERVER_CONNECT
182 | SSL_OP_TLSEXT_PADDING
183 | SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
184 } else if #[cfg(libressl261)] {
185 pub const SSL_OP_ALL: ssl_op_type!() = 0x4;
186 } else if #[cfg(libressl)] {
187 pub const SSL_OP_ALL: ssl_op_type!() = 0x80000014;
188 } else {
189 pub const SSL_OP_ALL: ssl_op_type!() = 0x80000BFF;
190 }
191 }
192
193 cfg_if! {
194 if #[cfg(ossl110)] {
195 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000000;
196 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000000;
197 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000000;
198 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000000;
199 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000000;
200 pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000000;
201 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000000;
202 pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00000000;
203 pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00000000;
204 pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x00000000;
205 } else if #[cfg(ossl101)] {
206 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000001;
207 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000002;
208 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000008;
209 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000020;
210 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000080;
211 pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000100;
212 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000200;
213 pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000;
214 pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000;
215 pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x01000000;
216 } else {
217 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x0;
218 pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x0;
219 pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x0;
220 pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x0;
221 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x0;
222 pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x0;
223 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x0;
224 #[cfg(libressl261)]
225 pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x0;
226 #[cfg(not(libressl261))]
227 pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000;
228 pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000;
229 pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x0;
230 }
231 }
232
233 pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1;
234 pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2;
235 pub const SSL_MODE_AUTO_RETRY: c_long = 0x4;
236 pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8;
237 pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10;
238 #[cfg(ossl101)]
239 pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20;
240 #[cfg(ossl101)]
241 pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40;
242 #[cfg(ossl101)]
243 pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80;
244
SSL_CTX_set_modenull245 pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long {
246 SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut())
247 }
248
249 #[cfg(ossl111)]
250 pub const SSL_COOKIE_LENGTH: c_int = 4096;
251
252 cfg_if! {
253 if #[cfg(not(ossl110))] {
SSL_CTX_get_optionsnull254 pub unsafe fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong {
255 SSL_CTX_ctrl(ctx as *mut _, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) as c_ulong
256 }
257
SSL_CTX_set_optionsnull258 pub unsafe fn SSL_CTX_set_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong {
259 SSL_CTX_ctrl(
260 ctx as *mut _,
261 SSL_CTRL_OPTIONS,
262 op as c_long,
263 ptr::null_mut(),
264 ) as c_ulong
265 }
266
SSL_CTX_clear_optionsnull267 pub unsafe fn SSL_CTX_clear_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong {
268 SSL_CTX_ctrl(
269 ctx as *mut _,
270 SSL_CTRL_CLEAR_OPTIONS,
271 op as c_long,
272 ptr::null_mut(),
273 ) as c_ulong
274 }
275 }
276 }
277
SSL_set_mtunull278 pub unsafe fn SSL_set_mtu(ssl: *mut SSL, mtu: c_long) -> c_long {
279 SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut())
280 }
281
282 #[cfg(ossl110)]
SSL_get_extms_supportnull283 pub unsafe fn SSL_get_extms_support(ssl: *mut SSL) -> c_long {
284 SSL_ctrl(ssl, SSL_CTRL_GET_EXTMS_SUPPORT, 0, ptr::null_mut())
285 }
286
287 pub const SSL_SESS_CACHE_OFF: c_long = 0x0;
288 pub const SSL_SESS_CACHE_CLIENT: c_long = 0x1;
289 pub const SSL_SESS_CACHE_SERVER: c_long = 0x2;
290 pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER;
291 pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80;
292 pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100;
293 pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200;
294 pub const SSL_SESS_CACHE_NO_INTERNAL: c_long =
295 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE;
296
297 pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0;
298 pub const OPENSSL_NPN_NEGOTIATED: c_int = 1;
299 pub const OPENSSL_NPN_NO_OVERLAP: c_int = 2;
300
301 pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER;
302 pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR;
303 pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME;
304 pub const SSL_ERROR_NONE: c_int = 0;
305 pub const SSL_ERROR_SSL: c_int = 1;
306 pub const SSL_ERROR_SYSCALL: c_int = 5;
307 pub const SSL_ERROR_WANT_ACCEPT: c_int = 8;
308 pub const SSL_ERROR_WANT_CONNECT: c_int = 7;
309 pub const SSL_ERROR_WANT_READ: c_int = 2;
310 pub const SSL_ERROR_WANT_WRITE: c_int = 3;
311 pub const SSL_ERROR_WANT_X509_LOOKUP: c_int = 4;
312 pub const SSL_ERROR_ZERO_RETURN: c_int = 6;
313 #[cfg(ossl111)]
314 pub const SSL_ERROR_WANT_CLIENT_HELLO_CB: c_int = 11;
315 pub const SSL_VERIFY_NONE: c_int = 0;
316 pub const SSL_VERIFY_PEER: c_int = 1;
317 pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2;
318 pub const SSL_CTRL_SET_TMP_DH: c_int = 3;
319 pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4;
320 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
321 pub const SSL_CTRL_GET_SESSION_REUSED: c_int = 8;
322 pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14;
323 pub const SSL_CTRL_SET_MTU: c_int = 17;
324 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
325 pub const SSL_CTRL_OPTIONS: c_int = 32;
326 pub const SSL_CTRL_MODE: c_int = 33;
327 pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41;
328 pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42;
329 pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43;
330 pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44;
331 pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53;
332 pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54;
333 pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55;
334 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63;
335 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64;
336 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65;
337 pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70;
338 pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71;
339 #[cfg(any(libressl, all(ossl101, not(ossl110))))]
340 pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77;
341 pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82;
342 #[cfg(ossl102)]
343 pub const SSL_CTRL_CHAIN_CERT: c_int = 89;
344 #[cfg(any(ossl111, libressl252))]
345 pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92;
346 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
347 pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94;
348 #[cfg(ossl102)]
349 pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98;
350 #[cfg(ossl102)]
351 pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106;
352 #[cfg(ossl110)]
353 pub const SSL_CTRL_GET_EXTMS_SUPPORT: c_int = 122;
354 #[cfg(any(ossl110, libressl261))]
355 pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123;
356 #[cfg(any(ossl110, libressl261))]
357 pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124;
358 #[cfg(any(ossl110g, libressl270))]
359 pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130;
360 #[cfg(any(ossl110g, libressl270))]
361 pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131;
362
SSL_CTX_set_tmp_dhnull363 pub unsafe fn SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long {
364 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void)
365 }
366
SSL_CTX_set_tmp_ecdhnull367 pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long {
368 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void)
369 }
370
SSL_set_tmp_dhnull371 pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long {
372 SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void)
373 }
374
SSL_set_tmp_ecdhnull375 pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long {
376 SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void)
377 }
378
SSL_CTX_add_extra_chain_certnull379 pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long {
380 SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void)
381 }
382
SSL_CTX_get_extra_chain_certsnull383 pub unsafe fn SSL_CTX_get_extra_chain_certs(
384 ctx: *mut SSL_CTX,
385 chain: *mut *mut stack_st_X509,
386 ) -> c_long {
387 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void)
388 }
389
390 #[cfg(ossl102)]
SSL_CTX_set0_verify_cert_storenull391 pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long {
392 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void)
393 }
394
395 #[cfg(ossl102)]
SSL_set0_verify_cert_storenull396 pub unsafe fn SSL_set0_verify_cert_store(ssl: *mut SSL, st: *mut X509_STORE) -> c_long {
397 SSL_ctrl(ssl, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void)
398 }
399
400 cfg_if! {
401 if #[cfg(ossl111)] {
SSL_CTX_set1_groups_listnull402 pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long {
403 SSL_CTX_ctrl(
404 ctx,
405 SSL_CTRL_SET_GROUPS_LIST,
406 0,
407 s as *const c_void as *mut c_void,
408 )
409 }
410 } else if #[cfg(libressl251)] {
411 extern "C" {
SSL_CTX_set1_groups_listnull412 pub fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_int;
413 }
414 }
415 }
416
417 #[cfg(ossl102)]
SSL_add0_chain_certnull418 pub unsafe fn SSL_add0_chain_cert(ssl: *mut SSL, ptr: *mut X509) -> c_long {
419 SSL_ctrl(ssl, SSL_CTRL_CHAIN_CERT, 0, ptr as *mut c_void)
420 }
421
422 #[cfg(ossl102)]
SSL_CTX_set1_sigalgs_listnull423 pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long {
424 SSL_CTX_ctrl(
425 ctx,
426 SSL_CTRL_SET_SIGALGS_LIST,
427 0,
428 s as *const c_void as *mut c_void,
429 )
430 }
431
432 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
SSL_CTX_set_ecdh_autonull433 pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int {
434 SSL_CTX_ctrl(
435 ctx,
436 SSL_CTRL_SET_ECDH_AUTO,
437 onoff as c_long,
438 ptr::null_mut(),
439 ) as c_int
440 }
441
442 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
SSL_set_ecdh_autonull443 pub unsafe fn SSL_set_ecdh_auto(ssl: *mut SSL, onoff: c_int) -> c_int {
444 SSL_ctrl(
445 ssl,
446 SSL_CTRL_SET_ECDH_AUTO,
447 onoff as c_long,
448 ptr::null_mut(),
449 ) as c_int
450 }
451
452 cfg_if! {
453 if #[cfg(ossl110)] {
SSL_CTX_set_min_proto_versionnull454 pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int {
455 SSL_CTX_ctrl(
456 ctx,
457 SSL_CTRL_SET_MIN_PROTO_VERSION,
458 version as c_long,
459 ptr::null_mut(),
460 ) as c_int
461 }
462
SSL_CTX_set_max_proto_versionnull463 pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int {
464 SSL_CTX_ctrl(
465 ctx,
466 SSL_CTRL_SET_MAX_PROTO_VERSION,
467 version as c_long,
468 ptr::null_mut(),
469 ) as c_int
470 }
471
SSL_set_min_proto_versionnull472 pub unsafe fn SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int {
473 SSL_ctrl(
474 s,
475 SSL_CTRL_SET_MIN_PROTO_VERSION,
476 version as c_long,
477 ptr::null_mut(),
478 ) as c_int
479 }
480
SSL_set_max_proto_versionnull481 pub unsafe fn SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int {
482 SSL_ctrl(
483 s,
484 SSL_CTRL_SET_MAX_PROTO_VERSION,
485 version as c_long,
486 ptr::null_mut(),
487 ) as c_int
488 }
489 }
490 }
491
492 cfg_if! {
493 if #[cfg(ossl110g)] {
SSL_CTX_get_min_proto_versionnull494 pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int {
495 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
496 }
497
SSL_CTX_get_max_proto_versionnull498 pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int {
499 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
500 }
SSL_get_min_proto_versionnull501 pub unsafe fn SSL_get_min_proto_version(s: *mut SSL) -> c_int {
502 SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int
503 }
SSL_get_max_proto_versionnull504 pub unsafe fn SSL_get_max_proto_version(s: *mut SSL) -> c_int {
505 SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int
506 }
507 }
508 }
509
510 #[cfg(ossl111)]
511 pub const SSL_CLIENT_HELLO_SUCCESS: c_int = 1;
512 #[cfg(ossl111)]
513 pub const SSL_CLIENT_HELLO_ERROR: c_int = 0;
514 #[cfg(ossl111)]
515 pub const SSL_CLIENT_HELLO_RETRY: c_int = -1;
516
517 #[cfg(any(ossl111, libressl340))]
518 pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0;
519 #[cfg(any(ossl111, libressl340))]
520 pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1;
521 #[cfg(any(ossl111, libressl340))]
522 pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2;
523
524 cfg_if! {
525 if #[cfg(ossl110)] {
SSL_get_ex_new_indexnull526 pub unsafe fn SSL_get_ex_new_index(
527 l: c_long,
528 p: *mut c_void,
529 newf: Option<CRYPTO_EX_new>,
530 dupf: Option<CRYPTO_EX_dup>,
531 freef: Option<CRYPTO_EX_free>,
532 ) -> c_int {
533 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
534 }
535 }
536 }
537 cfg_if! {
538 if #[cfg(ossl110)] {
SSL_CTX_get_ex_new_indexnull539 pub unsafe fn SSL_CTX_get_ex_new_index(
540 l: c_long,
541 p: *mut c_void,
542 newf: Option<CRYPTO_EX_new>,
543 dupf: Option<CRYPTO_EX_dup>,
544 freef: Option<CRYPTO_EX_free>,
545 ) -> c_int {
546 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
547 }
548 }
549 }
550
SSL_CTX_sess_set_cache_sizenull551 pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long {
552 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut())
553 }
554
SSL_CTX_sess_get_cache_sizenull555 pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long {
556 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut())
557 }
558
SSL_CTX_set_session_cache_modenull559 pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long {
560 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut())
561 }
562
SSL_CTX_set_read_aheadnull563 pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long {
564 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, ptr::null_mut())
565 }
566
567 #[allow(clashing_extern_declarations)]
568 extern "C" {
569 #[deprecated(note = "use SSL_CTX_set_tmp_dh_callback__fixed_rust instead")]
SSL_CTX_set_tmp_dh_callbacknull570 pub fn SSL_CTX_set_tmp_dh_callback(
571 ctx: *mut SSL_CTX,
572 dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
573 );
574 #[deprecated(note = "use SSL_set_tmp_dh_callback__fixed_rust instead")]
SSL_set_tmp_dh_callbacknull575 pub fn SSL_set_tmp_dh_callback(
576 ctx: *mut SSL,
577 dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
578 );
579 #[deprecated(note = "use SSL_CTX_set_tmp_ecdh_callback__fixed_rust instead")]
580 #[cfg(not(ossl110))]
SSL_CTX_set_tmp_ecdh_callbacknull581 pub fn SSL_CTX_set_tmp_ecdh_callback(
582 ctx: *mut SSL_CTX,
583 ecdh: unsafe extern "C" fn(
584 ssl: *mut SSL,
585 is_export: c_int,
586 keylength: c_int,
587 ) -> *mut EC_KEY,
588 );
589 #[deprecated(note = "use SSL_set_tmp_ecdh_callback__fixed_rust instead")]
590 #[cfg(not(ossl110))]
SSL_set_tmp_ecdh_callbacknull591 pub fn SSL_set_tmp_ecdh_callback(
592 ssl: *mut SSL,
593 ecdh: unsafe extern "C" fn(
594 ssl: *mut SSL,
595 is_export: c_int,
596 keylength: c_int,
597 ) -> *mut EC_KEY,
598 );
599
600 #[deprecated(note = "use SSL_CTX_callback_ctrl__fixed_rust instead")]
SSL_CTX_callback_ctrlnull601 pub fn SSL_CTX_callback_ctrl(
602 ctx: *mut SSL_CTX,
603 cmd: c_int,
604 fp: Option<extern "C" fn()>,
605 ) -> c_long;
606
607 #[deprecated(note = "use SSL_CTX_set_alpn_select_cb__fixed_rust instead")]
608 #[cfg(any(ossl102, libressl261))]
SSL_CTX_set_alpn_select_cbnull609 pub fn SSL_CTX_set_alpn_select_cb(
610 ssl: *mut SSL_CTX,
611 cb: extern "C" fn(
612 ssl: *mut SSL,
613 out: *mut *const c_uchar,
614 outlen: *mut c_uchar,
615 inbuf: *const c_uchar,
616 inlen: c_uint,
617 arg: *mut c_void,
618 ) -> c_int,
619 arg: *mut c_void,
620 );
621 }
622
623 #[cfg(not(ossl110))]
SSL_session_reusednull624 pub unsafe fn SSL_session_reused(ssl: *mut SSL) -> c_int {
625 SSL_ctrl(ssl, SSL_CTRL_GET_SESSION_REUSED, 0, ptr::null_mut()) as c_int
626 }
627
628 #[cfg(ossl110)]
629 pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000;
630 #[cfg(ossl111b)]
631 pub const OPENSSL_INIT_NO_ATEXIT: u64 = 0x00080000;
632