diff --git lang/rust/Makefile lang/rust/Makefile index 83df9263217..3ceec3760a2 100644 --- lang/rust/Makefile +++ lang/rust/Makefile @@ -154,7 +154,7 @@ post-patch: ${WRKSRC}/src/stage0.txt # After patching crates, we need to update their corresponding # `.cargo-checksum.json` to reflect the new checksums verified by Cargo. - @for dir in "${WRKSRC}/src/vendor/libc" "${WRKSRC}/src/vendor/openssl" "${WRKSRC}/src/vendor/openssl-sys"; do \ + @for dir in "${WRKSRC}/src/vendor/libc" "${WRKSRC}/src/vendor/libgit2-sys" "${WRKSRC}/src/vendor/openssl" "${WRKSRC}/src/vendor/openssl-sys"; do \ if ! test -d "$$dir"; then \ continue; \ fi; \ diff --git lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.c lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.c new file mode 100644 index 00000000000..30b3c6bd667 --- /dev/null +++ lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.c @@ -0,0 +1,12 @@ +--- src/vendor/libgit2-sys/libgit2/src/streams/openssl.c.orig 2018-05-07 18:50:07 UTC ++++ src/vendor/libgit2-sys/libgit2/src/streams/openssl.c +@@ -104,7 +104,8 @@ int git_openssl_stream_global_init(void) + ssl_opts |= SSL_OP_NO_COMPRESSION; + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) + SSL_load_error_strings(); + OpenSSL_add_ssl_algorithms(); + #else diff --git lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.h lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.h new file mode 100644 index 00000000000..6e715ef874a --- /dev/null +++ lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.h @@ -0,0 +1,12 @@ +--- src/vendor/libgit2-sys/libgit2/src/streams/openssl.h.orig 2018-05-07 18:50:07 UTC ++++ src/vendor/libgit2-sys/libgit2/src/streams/openssl.h +@@ -31,7 +31,8 @@ extern int git_openssl__set_cert_location(const char * + + + +-# if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++# if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) + + GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name) + { diff --git lang/rust/files/patch-src_vendor_openssl-sys_build.rs lang/rust/files/patch-src_vendor_openssl-sys_build.rs new file mode 100644 index 00000000000..cefa42947fd --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_build.rs @@ -0,0 +1,37 @@ +--- src/vendor/openssl-sys/build.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/build.rs +@@ -323,8 +323,10 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Versi + #include + #include + +-#if LIBRESSL_VERSION_NUMBER >= 0x20700000 ++#if LIBRESSL_VERSION_NUMBER >= 0x20800000 + RUST_LIBRESSL_NEW ++#elif LIBRESSL_VERSION_NUMBER >= 0x20700000 ++RUST_LIBRESSL_27X + #elif LIBRESSL_VERSION_NUMBER >= 0x20603000 + RUST_LIBRESSL_26X + #elif LIBRESSL_VERSION_NUMBER >= 0x20602000 +@@ -473,6 +475,13 @@ See rust-openssl README for more information: + println!("cargo:libressl_version=26x"); + println!("cargo:version=101"); + Version::Libressl ++ } else if expanded.contains("RUST_LIBRESSL_27X") { ++ println!("cargo:rustc-cfg=libressl"); ++ println!("cargo:rustc-cfg=libressl27"); ++ println!("cargo:libressl=true"); ++ println!("cargo:libressl_version=27x"); ++ println!("cargo:version=101"); ++ Version::Libressl + } else if expanded.contains("RUST_OPENSSL_111") { + println!("cargo:rustc-cfg=ossl111"); + println!("cargo:rustc-cfg=ossl110"); +@@ -501,7 +510,7 @@ See rust-openssl README for more information: + " + + This crate is only compatible with OpenSSL 1.0.1 through 1.1.1, or LibreSSL 2.5 +-and 2.6, but a different version of OpenSSL was found. The build is now aborting ++through 2.7, but a different version of OpenSSL was found. The build is now aborting + due to this version mismatch. + + " diff --git lang/rust/files/patch-src_vendor_openssl-sys_src_lib.rs lang/rust/files/patch-src_vendor_openssl-sys_src_lib.rs new file mode 100644 index 00000000000..4880d7b93cb --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_src_lib.rs @@ -0,0 +1,248 @@ +--- src/vendor/openssl-sys/src/lib.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/src/lib.rs +@@ -221,6 +221,7 @@ pub const PEM_R_NO_START_LINE: c_int = 108; + pub const EVP_MAX_MD_SIZE: c_uint = 64; + pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; + pub const EVP_PKEY_HMAC: c_int = NID_hmac; ++pub const EVP_PKEY_CMAC: c_int = NID_cmac; + pub const EVP_PKEY_DSA: c_int = NID_dsa; + pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; + pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; +@@ -228,9 +229,29 @@ pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKe + pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; + + pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; ++pub const EVP_PKEY_CTRL_RSA_PSS_SALTLEN: c_int = EVP_PKEY_ALG_CTRL + 2; + ++pub const EVP_PKEY_CTRL_RSA_MGF1_MD: c_int = EVP_PKEY_ALG_CTRL + 5; + pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + ++pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6; ++pub const EVP_PKEY_CTRL_CIPHER: c_int = 12; ++ ++pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2; ++pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3; ++pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4; ++pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5; ++pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6; ++pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7; ++pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; ++pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9; ++ ++pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY ++ | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX ++ | EVP_PKEY_OP_VERIFYCTX; ++ ++pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT; ++ + pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; + pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; + pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; +@@ -1200,9 +1221,16 @@ pub const RSA_SSLV23_PADDING: c_int = 2; + pub const RSA_NO_PADDING: c_int = 3; + pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; + pub const RSA_X931_PADDING: c_int = 5; ++pub const RSA_PKCS1_PSS_PADDING: c_int = 6; + + pub const SHA_LBLOCK: c_int = 16; + ++pub const SSL3_AD_ILLEGAL_PARAMETER: c_int = 47; ++pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER; ++ ++pub const TLS1_AD_DECODE_ERROR: c_int = 50; ++pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR; ++ + pub const TLS1_AD_UNRECOGNIZED_NAME: c_int = 112; + pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME; + +@@ -1249,14 +1277,14 @@ pub const SSL_VERIFY_NONE: c_int = 0; + pub const SSL_VERIFY_PEER: c_int = 1; + pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; + +-#[cfg(not(any(libressl261, libressl262, libressl26x, ossl101)))] ++#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27, ossl101)))] + pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010; +-#[cfg(any(libressl261, libressl262, libressl26x))] ++#[cfg(any(libressl261, libressl262, libressl26x, libressl27))] + pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0; + pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800; +-#[cfg(not(any(libressl261, libressl262, libressl26x)))] ++#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))] + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000; +-#[cfg(any(libressl261, libressl262, libressl26x))] ++#[cfg(any(libressl261, libressl262, libressl26x, libressl27))] + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0; + pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004; + #[cfg(not(libressl))] +@@ -1477,6 +1505,28 @@ pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut E + ) + } + ++pub unsafe fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int { ++ EVP_PKEY_CTX_ctrl( ++ ctx, ++ EVP_PKEY_RSA, ++ EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY, ++ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, ++ len, ++ ptr::null_mut(), ++ ) ++} ++ ++pub unsafe fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { ++ EVP_PKEY_CTX_ctrl( ++ ctx, ++ EVP_PKEY_RSA, ++ EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, ++ EVP_PKEY_CTRL_RSA_MGF1_MD, ++ 0, ++ md as *mut c_void, ++ ) ++} ++ + pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut()) + } +@@ -1605,6 +1655,7 @@ extern "C" { + + pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long; + pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; ++ pub fn ASN1_INTEGER_to_BN(ai: *const ASN1_INTEGER, bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); + pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; + pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; +@@ -1876,6 +1927,20 @@ extern "C" { + ctx: *mut BN_CTX, + ) -> c_int; + ++ pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG; ++ pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG); ++ pub fn ECDSA_do_verify( ++ dgst: *const c_uchar, ++ dgst_len: c_int, ++ sig: *const ECDSA_SIG, ++ eckey: *mut EC_KEY, ++ ) -> c_int; ++ pub fn ECDSA_do_sign( ++ dgst: *const c_uchar, ++ dgst_len: c_int, ++ eckey: *mut EC_KEY, ++ ) -> *mut ECDSA_SIG; ++ + pub fn ERR_peek_last_error() -> c_ulong; + pub fn ERR_get_error() -> c_ulong; + pub fn ERR_get_error_line_data( +@@ -1904,6 +1969,7 @@ extern "C" { + pub fn EVP_aes_128_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER; ++ pub fn EVP_aes_128_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; +@@ -1912,6 +1978,7 @@ extern "C" { + pub fn EVP_aes_256_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER; ++ pub fn EVP_aes_256_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; +@@ -2023,6 +2090,7 @@ extern "C" { + pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; + pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY; + pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; ++ pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_new_mac_key( + type_: c_int, + e: *mut ENGINE, +@@ -2040,6 +2108,7 @@ extern "C" { + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_CTX_new(k: *mut EVP_PKEY, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; ++ pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX); + pub fn EVP_PKEY_CTX_ctrl( + ctx: *mut EVP_PKEY_CTX, +@@ -2050,6 +2119,9 @@ extern "C" { + p2: *mut c_void, + ) -> c_int; + ++ pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int; ++ pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int; ++ + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; + + pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int; +@@ -2059,6 +2131,7 @@ extern "C" { + a: *const ASN1_OBJECT, + no_name: c_int, + ) -> c_int; ++ pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; + + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; + pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); +@@ -2605,6 +2678,7 @@ extern "C" { + pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; + pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; ++ pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int; + pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; + pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; + pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; +@@ -2638,6 +2712,14 @@ extern "C" { + pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; + ++ pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; ++ pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); ++ pub fn X509_STORE_CTX_init( ++ ctx: *mut X509_STORE_CTX, ++ store: *mut X509_STORE, ++ x509: *mut X509, ++ chain: *mut stack_st_X509, ++ ) -> c_int; + pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); + pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; + pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int; +@@ -2772,30 +2854,25 @@ extern "C" { + + pub fn SSL_CTX_set_cookie_generate_cb( + s: *mut SSL_CTX, +- cb: Option c_int> ++ cb: Option< ++ extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, ++ >, + ); + + #[cfg(ossl110)] + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, +- cb: Option c_int> ++ cb: Option< ++ extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int, ++ >, + ); + + #[cfg(not(ossl110))] + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, +- cb: Option c_int> ++ cb: Option c_int>, + ); ++ ++ pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; ++ pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; + } diff --git lang/rust/files/patch-src_vendor_openssl-sys_src_libressl_mod.rs lang/rust/files/patch-src_vendor_openssl-sys_src_libressl_mod.rs new file mode 100644 index 00000000000..688157e3564 --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_src_libressl_mod.rs @@ -0,0 +1,39 @@ +--- src/vendor/openssl-sys/src/libressl/mod.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/src/libressl/mod.rs +@@ -134,6 +134,12 @@ pub struct DSA { + } + + #[repr(C)] ++pub struct ECDSA_SIG { ++ pub r: *mut ::BIGNUM, ++ pub s: *mut ::BIGNUM, ++} ++ ++#[repr(C)] + pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, +@@ -331,9 +337,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32; + pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; + pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; + +-#[cfg(any(libressl261, libressl262, libressl26x))] ++#[cfg(any(libressl261, libressl262, libressl26x, libressl27))] + pub const SSL_OP_ALL: c_ulong = 0x4; +-#[cfg(not(any(libressl261, libressl262, libressl26x)))] ++#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))] + pub const SSL_OP_ALL: c_ulong = 0x80000014; + pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0; + pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0; +@@ -346,9 +352,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0; + pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0; +-#[cfg(any(libressl261, libressl262, libressl26x))] ++#[cfg(any(libressl261, libressl262, libressl26x, libressl27))] + pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0; +-#[cfg(not(any(libressl261, libressl262, libressl26x)))] ++#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))] + pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; + pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; diff --git lang/rust/files/patch-src_vendor_openssl-sys_src_ossl10x.rs lang/rust/files/patch-src_vendor_openssl-sys_src_ossl10x.rs new file mode 100644 index 00000000000..494d23594cc --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_src_ossl10x.rs @@ -0,0 +1,23 @@ +--- src/vendor/openssl-sys/src/ossl10x.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/src/ossl10x.rs +@@ -129,6 +129,12 @@ pub struct DSA { + } + + #[repr(C)] ++pub struct ECDSA_SIG { ++ pub r: *mut BIGNUM, ++ pub s: *mut BIGNUM ++} ++ ++#[repr(C)] + pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, +@@ -969,4 +975,7 @@ extern "C" { + + pub fn SSLeay() -> c_ulong; + pub fn SSLeay_version(key: c_int) -> *const c_char; ++ ++ #[cfg(ossl102)] ++ pub fn SSL_extension_supported(ext_type: c_uint) -> c_int; + } diff --git lang/rust/files/patch-src_vendor_openssl-sys_src_ossl110.rs lang/rust/files/patch-src_vendor_openssl-sys_src_ossl110.rs new file mode 100644 index 00000000000..1d6a53fa7e5 --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_src_ossl110.rs @@ -0,0 +1,21 @@ +--- src/vendor/openssl-sys/src/ossl110.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/src/ossl110.rs +@@ -8,6 +8,7 @@ pub enum BIO_METHOD {} + pub enum CRYPTO_EX_DATA {} + pub enum DH {} + pub enum DSA {} ++pub enum ECDSA_SIG {} + pub enum EVP_CIPHER {} + pub enum EVP_MD_CTX {} + pub enum EVP_PKEY {} +@@ -363,4 +364,10 @@ extern "C" { + ) -> *mut PKCS12; + pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; + pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut ::X509_NAME; ++ pub fn SSL_extension_supported(ext_type: c_uint) -> c_int; ++ pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); ++ pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; ++ ++ pub fn SSL_CIPHER_get_cipher_nid(c: *const ::SSL_CIPHER) -> c_int; ++ pub fn SSL_CIPHER_get_digest_nid(c: *const ::SSL_CIPHER) -> c_int; + } diff --git lang/rust/files/patch-src_vendor_openssl-sys_src_ossl111.rs lang/rust/files/patch-src_vendor_openssl-sys_src_ossl111.rs new file mode 100644 index 00000000000..034a3a3b4c4 --- /dev/null +++ lang/rust/files/patch-src_vendor_openssl-sys_src_ossl111.rs @@ -0,0 +1,89 @@ +--- src/vendor/openssl-sys/src/ossl111.rs.orig 2018-05-07 18:50:12 UTC ++++ src/vendor/openssl-sys/src/ossl111.rs +@@ -1,15 +1,84 @@ +-use libc::{c_char, c_int, c_ulong}; ++use libc::{c_char, c_uchar, c_int, c_uint, c_ulong, size_t, c_void}; + + pub type SSL_CTX_keylog_cb_func = + Option; + +-pub const SSL_COOKIE_LENGTH: c_int = 255; ++pub type SSL_custom_ext_add_cb_ex = ++ Option c_int>; + ++pub type SSL_custom_ext_free_cb_ex = ++ Option; ++ ++pub type SSL_custom_ext_parse_cb_ex = ++ Option c_int>; ++ ++pub const SSL_COOKIE_LENGTH: c_int = 4096; ++ + pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000; + + pub const TLS1_3_VERSION: c_int = 0x304; + ++pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001; ++/* This extension is only allowed in DTLS */ ++pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002; ++/* Some extensions may be allowed in DTLS but we don't implement them for it */ ++pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004; ++/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ ++pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008; ++/* Extension is only defined for TLS1.2 and below */ ++pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010; ++/* Extension is only defined for TLS1.3 and above */ ++pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020; ++/* Ignore this extension during parsing if we are resuming */ ++pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040; ++pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080; ++/* Really means TLS1.2 or below */ ++pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100; ++pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200; ++pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400; ++pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800; ++pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000; ++pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000; ++pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000; ++ ++ + extern "C" { + pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func); ++ pub fn SSL_CTX_add_custom_ext(ctx: *mut ::SSL_CTX, ext_type: c_uint, context: c_uint, ++ add_cb: SSL_custom_ext_add_cb_ex, ++ free_cb: SSL_custom_ext_free_cb_ex, ++ add_arg: *mut c_void, ++ parse_cb: SSL_custom_ext_parse_cb_ex, ++ parse_arg: *mut c_void) -> c_int; + pub fn SSL_stateless(s: *mut ::SSL) -> c_int; ++ pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD; ++ pub fn SSL_CTX_set_stateless_cookie_generate_cb( ++ s: *mut ::SSL_CTX, ++ cb: Option c_int> ++ ); ++ pub fn SSL_CTX_set_stateless_cookie_verify_cb( ++ s: *mut ::SSL_CTX, ++ cb: Option c_int> ++ ); + }