View | Details | Raw Unified | Return to bug 226955 | Differences between
and this patch

Collapse All | Expand All

(-)lang/rust/Makefile (-1 / +1 lines)
Lines 154-160 post-patch: Link Here
154 
		${WRKSRC}/src/stage0.txt
 154 
		${WRKSRC}/src/stage0.txt
155 
# After patching crates, we need to update their corresponding
 155 
# After patching crates, we need to update their corresponding
156 
# `.cargo-checksum.json` to reflect the new checksums verified by Cargo.
 156 
# `.cargo-checksum.json` to reflect the new checksums verified by Cargo.
157 
	@for dir in "${WRKSRC}/src/vendor/libc" "${WRKSRC}/src/vendor/openssl" "${WRKSRC}/src/vendor/openssl-sys"; do \
 157 
	@for dir in "${WRKSRC}/src/vendor/libc" "${WRKSRC}/src/vendor/libgit2-sys" "${WRKSRC}/src/vendor/openssl" "${WRKSRC}/src/vendor/openssl-sys"; do \
158 
		if ! test -d "$$dir"; then \
 158 
		if ! test -d "$$dir"; then \
159 
			continue; \
 159 
			continue; \
160 
		fi; \
 160 
		fi; \
(-)lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.c (+12 lines)
Added Link Here
1 
--- src/vendor/libgit2-sys/libgit2/src/streams/openssl.c.orig	2018-05-07 18:50:07 UTC
2 
+++ src/vendor/libgit2-sys/libgit2/src/streams/openssl.c
3 
@@ -104,7 +104,8 @@ int git_openssl_stream_global_init(void)
4 
 	ssl_opts |= SSL_OP_NO_COMPRESSION;
5 
 #endif
6
7 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
8 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
9 
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
10 
 	SSL_load_error_strings();
11 
 	OpenSSL_add_ssl_algorithms();
12 
 #else
(-)lang/rust/files/patch-src_vendor_libgit2-sys_libgit2_src_streams_openssl.h (+12 lines)
Added Link Here
1 
--- src/vendor/libgit2-sys/libgit2/src/streams/openssl.h.orig	2018-05-07 18:50:07 UTC
2 
+++ src/vendor/libgit2-sys/libgit2/src/streams/openssl.h
3 
@@ -31,7 +31,8 @@ extern int git_openssl__set_cert_location(const char *
4
5
6
7 
-# if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
8 
+# if OPENSSL_VERSION_NUMBER < 0x10100000L || \
9 
+     (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
10
11 
 GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name)
12 
 {
(-)lang/rust/files/patch-src_vendor_openssl-sys_build.rs (+37 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/build.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/build.rs
3 
@@ -323,8 +323,10 @@ fn validate_headers(include_dirs: &[PathBuf]) -> Versi
4 
 #include <openssl/opensslv.h>
5 
 #include <openssl/opensslconf.h>
6
7 
-#if LIBRESSL_VERSION_NUMBER >= 0x20700000
8 
+#if LIBRESSL_VERSION_NUMBER >= 0x20800000
9 
 RUST_LIBRESSL_NEW
10 
+#elif LIBRESSL_VERSION_NUMBER >= 0x20700000
11 
+RUST_LIBRESSL_27X
12 
 #elif LIBRESSL_VERSION_NUMBER >= 0x20603000
13 
 RUST_LIBRESSL_26X
14 
 #elif LIBRESSL_VERSION_NUMBER >= 0x20602000
15 
@@ -473,6 +475,13 @@ See rust-openssl README for more information:
16 
         println!("cargo:libressl_version=26x");
17 
         println!("cargo:version=101");
18 
         Version::Libressl
19 
+    } else if expanded.contains("RUST_LIBRESSL_27X") {
20 
+        println!("cargo:rustc-cfg=libressl");
21 
+        println!("cargo:rustc-cfg=libressl27");
22 
+        println!("cargo:libressl=true");
23 
+        println!("cargo:libressl_version=27x");
24 
+        println!("cargo:version=101");
25 
+        Version::Libressl
26 
     } else if expanded.contains("RUST_OPENSSL_111") {
27 
         println!("cargo:rustc-cfg=ossl111");
28 
         println!("cargo:rustc-cfg=ossl110");
29 
@@ -501,7 +510,7 @@ See rust-openssl README for more information:
30 
             "
31
32 
 This crate is only compatible with OpenSSL 1.0.1 through 1.1.1, or LibreSSL 2.5
33 
-and 2.6, but a different version of OpenSSL was found. The build is now aborting
34 
+through 2.7, but a different version of OpenSSL was found. The build is now aborting
35 
 due to this version mismatch.
36
37 
 "
(-)lang/rust/files/patch-src_vendor_openssl-sys_src_lib.rs (+248 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/src/lib.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/src/lib.rs
3 
@@ -221,6 +221,7 @@ pub const PEM_R_NO_START_LINE: c_int = 108;
4 
 pub const EVP_MAX_MD_SIZE: c_uint = 64;
5 
 pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption;
6 
 pub const EVP_PKEY_HMAC: c_int = NID_hmac;
7 
+pub const EVP_PKEY_CMAC: c_int = NID_cmac;
8 
 pub const EVP_PKEY_DSA: c_int = NID_dsa;
9 
 pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement;
10 
 pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey;
11 
@@ -228,9 +229,29 @@ pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKe
12 
 pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000;
13
14 
 pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1;
15 
+pub const EVP_PKEY_CTRL_RSA_PSS_SALTLEN: c_int = EVP_PKEY_ALG_CTRL + 2;
16
17 
+pub const EVP_PKEY_CTRL_RSA_MGF1_MD: c_int = EVP_PKEY_ALG_CTRL + 5;
18 
 pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6;
19
20 
+pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6;
21 
+pub const EVP_PKEY_CTRL_CIPHER: c_int = 12;
22 
+
23 
+pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2;
24 
+pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3;
25 
+pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4;
26 
+pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5;
27 
+pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6;
28 
+pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7;
29 
+pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8;
30 
+pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9;
31 
+
32 
+pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY
33 
+    | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX
34 
+    | EVP_PKEY_OP_VERIFYCTX;
35 
+
36 
+pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT;
37 
+
38 
 pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9;
39 
 pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10;
40 
 pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11;
41 
@@ -1200,9 +1221,16 @@ pub const RSA_SSLV23_PADDING: c_int = 2;
42 
 pub const RSA_NO_PADDING: c_int = 3;
43 
 pub const RSA_PKCS1_OAEP_PADDING: c_int = 4;
44 
 pub const RSA_X931_PADDING: c_int = 5;
45 
+pub const RSA_PKCS1_PSS_PADDING: c_int = 6;
46
47 
 pub const SHA_LBLOCK: c_int = 16;
48
49 
+pub const SSL3_AD_ILLEGAL_PARAMETER: c_int = 47;
50 
+pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER;
51 
+
52 
+pub const TLS1_AD_DECODE_ERROR: c_int = 50;
53 
+pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR;
54 
+
55 
 pub const TLS1_AD_UNRECOGNIZED_NAME: c_int = 112;
56 
 pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME;
57
58 
@@ -1249,14 +1277,14 @@ pub const SSL_VERIFY_NONE: c_int = 0;
59 
 pub const SSL_VERIFY_PEER: c_int = 1;
60 
 pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2;
61
62 
-#[cfg(not(any(libressl261, libressl262, libressl26x, ossl101)))]
63 
+#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27, ossl101)))]
64 
 pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010;
65 
-#[cfg(any(libressl261, libressl262, libressl26x))]
66 
+#[cfg(any(libressl261, libressl262, libressl26x, libressl27))]
67 
 pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x0;
68 
 pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800;
69 
-#[cfg(not(any(libressl261, libressl262, libressl26x)))]
70 
+#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))]
71 
 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x80000000;
72 
-#[cfg(any(libressl261, libressl262, libressl26x))]
73 
+#[cfg(any(libressl261, libressl262, libressl26x, libressl27))]
74 
 pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: c_ulong = 0x0;
75 
 pub const SSL_OP_LEGACY_SERVER_CONNECT: c_ulong = 0x00000004;
76 
 #[cfg(not(libressl))]
77 
@@ -1477,6 +1505,28 @@ pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut E
78 
     )
79 
 }
80
81 
+pub unsafe fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int {
82 
+    EVP_PKEY_CTX_ctrl(
83 
+        ctx,
84 
+        EVP_PKEY_RSA,
85 
+        EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY,
86 
+        EVP_PKEY_CTRL_RSA_PSS_SALTLEN,
87 
+        len,
88 
+        ptr::null_mut(),
89 
+    )
90 
+}
91 
+
92 
+pub unsafe fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int {
93 
+    EVP_PKEY_CTX_ctrl(
94 
+        ctx,
95 
+        EVP_PKEY_RSA,
96 
+        EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT,
97 
+        EVP_PKEY_CTRL_RSA_MGF1_MD,
98 
+        0,
99 
+        md as *mut c_void,
100 
+    )
101 
+}
102 
+
103 
 pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long {
104 
     SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut())
105 
 }
106 
@@ -1605,6 +1655,7 @@ extern "C" {
107
108 
     pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long;
109 
     pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int;
110 
+    pub fn ASN1_INTEGER_to_BN(ai: *const ASN1_INTEGER, bn: *mut BIGNUM) -> *mut BIGNUM;
111 
     pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME);
112 
     pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int;
113 
     pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING;
114 
@@ -1876,6 +1927,20 @@ extern "C" {
115 
         ctx: *mut BN_CTX,
116 
     ) -> c_int;
117
118 
+    pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG;
119 
+    pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG);
120 
+    pub fn ECDSA_do_verify(
121 
+        dgst: *const c_uchar,
122 
+        dgst_len: c_int,
123 
+        sig: *const ECDSA_SIG,
124 
+        eckey: *mut EC_KEY,
125 
+    ) -> c_int;
126 
+    pub fn ECDSA_do_sign(
127 
+        dgst: *const c_uchar,
128 
+        dgst_len: c_int,
129 
+        eckey: *mut EC_KEY,
130 
+    ) -> *mut ECDSA_SIG;
131 
+
132 
     pub fn ERR_peek_last_error() -> c_ulong;
133 
     pub fn ERR_get_error() -> c_ulong;
134 
     pub fn ERR_get_error_line_data(
135 
@@ -1904,6 +1969,7 @@ extern "C" {
136 
     pub fn EVP_aes_128_xts() -> *const EVP_CIPHER;
137 
     pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER;
138 
     pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER;
139 
+    pub fn EVP_aes_128_ccm() -> *const EVP_CIPHER;
140 
     pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER;
141 
     pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER;
142 
     pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER;
143 
@@ -1912,6 +1978,7 @@ extern "C" {
144 
     pub fn EVP_aes_256_xts() -> *const EVP_CIPHER;
145 
     pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER;
146 
     pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER;
147 
+    pub fn EVP_aes_256_ccm() -> *const EVP_CIPHER;
148 
     pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER;
149 
     pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER;
150 
     pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER;
151 
@@ -2023,6 +2090,7 @@ extern "C" {
152 
     pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH;
153 
     pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY;
154 
     pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int;
155 
+    pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int;
156 
     pub fn EVP_PKEY_new_mac_key(
157 
         type_: c_int,
158 
         e: *mut ENGINE,
159 
@@ -2040,6 +2108,7 @@ extern "C" {
160 
     ) -> *mut EVP_PKEY;
161
162 
     pub fn EVP_PKEY_CTX_new(k: *mut EVP_PKEY, e: *mut ENGINE) -> *mut EVP_PKEY_CTX;
163 
+    pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX;
164 
     pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX);
165 
     pub fn EVP_PKEY_CTX_ctrl(
166 
         ctx: *mut EVP_PKEY_CTX,
167 
@@ -2050,6 +2119,9 @@ extern "C" {
168 
         p2: *mut c_void,
169 
     ) -> c_int;
170
171 
+    pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
172 
+    pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int;
173 
+
174 
     pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int;
175
176 
     pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int;
177 
@@ -2059,6 +2131,7 @@ extern "C" {
178 
         a: *const ASN1_OBJECT,
179 
         no_name: c_int,
180 
     ) -> c_int;
181 
+    pub fn OBJ_nid2sn(nid: c_int) -> *const c_char;
182
183 
     pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP;
184 
     pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP);
185 
@@ -2605,6 +2678,7 @@ extern "C" {
186 
     pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
187 
     pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY;
188 
     pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ;
189 
+    pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int;
190 
     pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char;
191 
     pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING;
192 
     pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int;
193 
@@ -2638,6 +2712,14 @@ extern "C" {
194 
     pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int;
195 
     pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int;
196
197 
+    pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX;
198 
+    pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX);
199 
+    pub fn X509_STORE_CTX_init(
200 
+        ctx: *mut X509_STORE_CTX,
201 
+        store: *mut X509_STORE,
202 
+        x509: *mut X509,
203 
+        chain: *mut stack_st_X509,
204 
+    ) -> c_int;
205 
     pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX);
206 
     pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509;
207 
     pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;
208 
@@ -2772,30 +2854,25 @@ extern "C" {
209
210 
     pub fn SSL_CTX_set_cookie_generate_cb(
211 
         s: *mut SSL_CTX,
212 
-        cb: Option<extern "C" fn(
213 
-            ssl: *mut SSL,
214 
-            cookie: *mut c_uchar,
215 
-            cookie_len: *mut c_uint
216 
-        ) -> c_int>
217 
+        cb: Option<
218 
+            extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
219 
+        >,
220 
     );
221
222 
     #[cfg(ossl110)]
223 
     pub fn SSL_CTX_set_cookie_verify_cb(
224 
         s: *mut SSL_CTX,
225 
-        cb: Option<extern "C" fn(
226 
-            ssl: *mut SSL,
227 
-            cookie: *const c_uchar,
228 
-            cookie_len: c_uint
229 
-        ) -> c_int>
230 
+        cb: Option<
231 
+            extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
232 
+        >,
233 
     );
234
235 
     #[cfg(not(ossl110))]
236 
     pub fn SSL_CTX_set_cookie_verify_cb(
237 
         s: *mut SSL_CTX,
238 
-        cb: Option<extern "C" fn(
239 
-            ssl: *mut SSL,
240 
-            cookie: *mut c_uchar,
241 
-            cookie_len: c_uint
242 
-        ) -> c_int>
243 
+        cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>,
244 
     );
245 
+
246 
+    pub fn EVP_MD_size(md: *const EVP_MD) -> c_int;
247 
+    pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER;
248 
 }
(-)lang/rust/files/patch-src_vendor_openssl-sys_src_libressl_mod.rs (+39 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/src/libressl/mod.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/src/libressl/mod.rs
3 
@@ -134,6 +134,12 @@ pub struct DSA {
4 
 }
5
6 
 #[repr(C)]
7 
+pub struct ECDSA_SIG {
8 
+    pub r: *mut ::BIGNUM,
9 
+    pub s: *mut ::BIGNUM,
10 
+}
11 
+
12 
+#[repr(C)]
13 
 pub struct EVP_PKEY {
14 
     pub type_: c_int,
15 
     pub save_type: c_int,
16 
@@ -331,9 +337,9 @@ pub const SSL_CTRL_OPTIONS: c_int = 32;
17 
 pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77;
18 
 pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94;
19
20 
-#[cfg(any(libressl261, libressl262, libressl26x))]
21 
+#[cfg(any(libressl261, libressl262, libressl26x, libressl27))]
22 
 pub const SSL_OP_ALL: c_ulong = 0x4;
23 
-#[cfg(not(any(libressl261, libressl262, libressl26x)))]
24 
+#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))]
25 
 pub const SSL_OP_ALL: c_ulong = 0x80000014;
26 
 pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0;
27 
 pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0;
28 
@@ -346,9 +352,9 @@ pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong =
29 
 pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0;
30 
 pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0;
31 
 pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0;
32 
-#[cfg(any(libressl261, libressl262, libressl26x))]
33 
+#[cfg(any(libressl261, libressl262, libressl26x, libressl27))]
34 
 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x0;
35 
-#[cfg(not(any(libressl261, libressl262, libressl26x)))]
36 
+#[cfg(not(any(libressl261, libressl262, libressl26x, libressl27)))]
37 
 pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000;
38 
 pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000;
39 
 pub const SSL_OP_NO_SSLv2: c_ulong = 0x0;
(-)lang/rust/files/patch-src_vendor_openssl-sys_src_ossl10x.rs (+23 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/src/ossl10x.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/src/ossl10x.rs
3 
@@ -129,6 +129,12 @@ pub struct DSA {
4 
 }
5
6 
 #[repr(C)]
7 
+pub struct ECDSA_SIG {
8 
+    pub r: *mut BIGNUM,
9 
+    pub s: *mut BIGNUM
10 
+}
11 
+
12 
+#[repr(C)]
13 
 pub struct EVP_PKEY {
14 
     pub type_: c_int,
15 
     pub save_type: c_int,
16 
@@ -969,4 +975,7 @@ extern "C" {
17
18 
     pub fn SSLeay() -> c_ulong;
19 
     pub fn SSLeay_version(key: c_int) -> *const c_char;
20 
+
21 
+    #[cfg(ossl102)]
22 
+    pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
23 
 }
(-)lang/rust/files/patch-src_vendor_openssl-sys_src_ossl110.rs (+21 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/src/ossl110.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/src/ossl110.rs
3 
@@ -8,6 +8,7 @@ pub enum BIO_METHOD {}
4 
 pub enum CRYPTO_EX_DATA {}
5 
 pub enum DH {}
6 
 pub enum DSA {}
7 
+pub enum ECDSA_SIG {}
8 
 pub enum EVP_CIPHER {}
9 
 pub enum EVP_MD_CTX {}
10 
 pub enum EVP_PKEY {}
11 
@@ -363,4 +364,10 @@ extern "C" {
12 
     ) -> *mut PKCS12;
13 
     pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long;
14 
     pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut ::X509_NAME;
15 
+    pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
16 
+    pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM);
17 
+    pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int;
18 
+
19 
+    pub fn SSL_CIPHER_get_cipher_nid(c: *const ::SSL_CIPHER) -> c_int;
20 
+    pub fn SSL_CIPHER_get_digest_nid(c: *const ::SSL_CIPHER) -> c_int;
21 
 }
(-)lang/rust/files/patch-src_vendor_openssl-sys_src_ossl111.rs (+89 lines)
Added Link Here
1 
--- src/vendor/openssl-sys/src/ossl111.rs.orig	2018-05-07 18:50:12 UTC
2 
+++ src/vendor/openssl-sys/src/ossl111.rs
3 
@@ -1,15 +1,84 @@
4 
-use libc::{c_char, c_int, c_ulong};
5 
+use libc::{c_char, c_uchar, c_int, c_uint, c_ulong, size_t, c_void};
6
7 
 pub type SSL_CTX_keylog_cb_func =
8 
     Option<unsafe extern "C" fn(ssl: *const ::SSL, line: *const c_char)>;
9
10 
-pub const SSL_COOKIE_LENGTH: c_int = 255;
11 
+pub type SSL_custom_ext_add_cb_ex =
12 
+    Option<unsafe extern "C" fn(ssl: *mut ::SSL, ext_type: c_uint,
13 
+                                context: c_uint,
14 
+                                out: *mut *const c_uchar,
15 
+                                outlen: *mut size_t, x: *mut ::X509,
16 
+                                chainidx: size_t, al: *mut c_int,
17 
+                                add_arg: *mut c_void) -> c_int>;
18
19 
+pub type SSL_custom_ext_free_cb_ex =
20 
+    Option<unsafe extern "C" fn(ssl: *mut ::SSL, ext_type: c_uint,
21 
+                                context: c_uint,
22 
+                                out: *mut *const c_uchar,
23 
+                                add_arg: *mut c_void)>;
24 
+
25 
+pub type SSL_custom_ext_parse_cb_ex =
26 
+    Option<unsafe extern "C" fn(ssl: *mut ::SSL, ext_type: c_uint,
27 
+                                context: c_uint,
28 
+                                input: *const c_uchar,
29 
+                                inlen: size_t, x: *mut ::X509,
30 
+                                chainidx: size_t, al: *mut c_int,
31 
+                                parse_arg: *mut c_void) -> c_int>;
32 
+
33 
+pub const SSL_COOKIE_LENGTH: c_int = 4096;
34 
+
35 
 pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: c_ulong = 0x00100000;
36
37 
 pub const TLS1_3_VERSION: c_int = 0x304;
38
39 
+pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001;
40 
+/* This extension is only allowed in DTLS */
41 
+pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002;
42 
+/* Some extensions may be allowed in DTLS but we don't implement them for it */
43 
+pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004;
44 
+/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
45 
+pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008;
46 
+/* Extension is only defined for TLS1.2 and below */
47 
+pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010;
48 
+/* Extension is only defined for TLS1.3 and above */
49 
+pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020;
50 
+/* Ignore this extension during parsing if we are resuming */
51 
+pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040;
52 
+pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080;
53 
+/* Really means TLS1.2 or below */
54 
+pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100;
55 
+pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200;
56 
+pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400;
57 
+pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800;
58 
+pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000;
59 
+pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000;
60 
+pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000;
61 
+
62 
+
63 
 extern "C" {
64 
     pub fn SSL_CTX_set_keylog_callback(ctx: *mut ::SSL_CTX, cb: SSL_CTX_keylog_cb_func);
65 
+    pub fn SSL_CTX_add_custom_ext(ctx: *mut ::SSL_CTX, ext_type: c_uint, context: c_uint,
66 
+                                  add_cb: SSL_custom_ext_add_cb_ex,
67 
+                                  free_cb: SSL_custom_ext_free_cb_ex,
68 
+                                  add_arg: *mut c_void,
69 
+                                  parse_cb: SSL_custom_ext_parse_cb_ex,
70 
+                                  parse_arg: *mut c_void) -> c_int;
71 
     pub fn SSL_stateless(s: *mut ::SSL) -> c_int;
72 
+    pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD;
73 
+    pub fn SSL_CTX_set_stateless_cookie_generate_cb(
74 
+        s: *mut ::SSL_CTX,
75 
+        cb: Option<unsafe extern "C" fn(
76 
+            ssl: *mut ::SSL,
77 
+            cookie: *mut c_uchar,
78 
+            cookie_len: *mut size_t
79 
+        ) -> c_int>
80 
+    );
81 
+    pub fn SSL_CTX_set_stateless_cookie_verify_cb(
82 
+        s: *mut ::SSL_CTX,
83 
+        cb: Option<unsafe extern "C" fn(
84 
+            ssl: *mut ::SSL,
85 
+            cookie: *const c_uchar,
86 
+            cookie_len: size_t
87 
+        ) -> c_int>
88 
+    );
89 
 }

Return to bug 226955