1use super::super::*;
2use libc::{size_t, timeval};
3use std::ffi::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void};
4
5pub enum SSL_METHOD {}
6pub enum SSL_CIPHER {}
7pub enum SSL_SESSION {}
8
9stack!(stack_st_SSL_CIPHER);
10
11#[repr(C)]
12pub struct SRTP_PROTECTION_PROFILE {
13 pub name: *const c_char,
14 pub id: c_ulong,
15}
16
17stack!(stack_st_SRTP_PROTECTION_PROFILE);
18
19pub type tls_session_ticket_ext_cb_fn =
20 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
21pub type tls_session_secret_cb_fn = Option<
22 unsafe extern "C" fn(
23 *mut SSL,
24 *mut c_void,
25 *mut c_int,
26 *mut stack_st_SSL_CIPHER,
27 *mut *mut SSL_CIPHER,
28 *mut c_void,
29 ) -> c_int,
30>;
31
32#[cfg(ossl111)]
33pub type SSL_custom_ext_add_cb_ex = Option<
34 unsafe extern "C" fn(
35 ssl: *mut SSL,
36 ext_type: c_uint,
37 context: c_uint,
38 out: *mut *const c_uchar,
39 outlen: *mut size_t,
40 x: *mut X509,
41 chainidx: size_t,
42 al: *mut c_int,
43 add_arg: *mut c_void,
44 ) -> c_int,
45>;
46
47#[cfg(ossl111)]
48pub type SSL_custom_ext_free_cb_ex = Option<
49 unsafe extern "C" fn(
50 ssl: *mut SSL,
51 ext_type: c_uint,
52 context: c_uint,
53 out: *const c_uchar,
54 add_arg: *mut c_void,
55 ),
56>;
57
58#[cfg(ossl111)]
59pub type SSL_custom_ext_parse_cb_ex = Option<
60 unsafe extern "C" fn(
61 ssl: *mut SSL,
62 ext_type: c_uint,
63 context: c_uint,
64 input: *const c_uchar,
65 inlen: size_t,
66 x: *mut X509,
67 chainidx: size_t,
68 al: *mut c_int,
69 parse_arg: *mut c_void,
70 ) -> c_int,
71>;
72
73cfg_if! {
74 if #[cfg(ossl300)] {
75 extern "C" {
76 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
77 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
78 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
79 }
80 } else if #[cfg(ossl110)] {
81 extern "C" {
82 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
83 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
84 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
85 }
86 }
87}
88
89pub type GEN_SESSION_CB =
90 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
91
92extern "C" {
93 pub fn SSL_CTX_sess_set_new_cb(
94 ctx: *mut SSL_CTX,
95 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
96 );
97 pub fn SSL_CTX_sess_set_remove_cb(
98 ctx: *mut SSL_CTX,
99 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
100 );
101}
102extern "C" {
103 pub fn SSL_CTX_sess_set_get_cb(
104 ctx: *mut SSL_CTX,
105 get_session_cb: Option<
106 unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
107 >,
108 );
109}
110extern "C" {
111 pub fn SSL_CTX_set_cookie_generate_cb(
113 s: *mut SSL_CTX,
114 cb: Option<
115 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
116 >,
117 );
118}
119extern "C" {
120 pub fn SSL_CTX_set_cookie_verify_cb(
121 s: *mut SSL_CTX,
122 cb: Option<
123 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
124 >,
125 );
126}
127
128extern "C" {
129 #[cfg(ossl111)]
130 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
131 s: *mut SSL_CTX,
132 cb: Option<
133 unsafe extern "C" fn(
134 ssl: *mut SSL,
135 cookie: *mut c_uchar,
136 cookie_len: *mut size_t,
137 ) -> c_int,
138 >,
139 );
140 #[cfg(ossl111)]
141 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
142 s: *mut SSL_CTX,
143 cb: Option<
144 unsafe extern "C" fn(
145 ssl: *mut SSL,
146 cookie: *const c_uchar,
147 cookie_len: size_t,
148 ) -> c_int,
149 >,
150 );
151
152 pub fn SSL_CTX_set_next_protos_advertised_cb(
153 ssl: *mut SSL_CTX,
154 cb: extern "C" fn(
155 ssl: *mut SSL,
156 out: *mut *const c_uchar,
157 outlen: *mut c_uint,
158 arg: *mut c_void,
159 ) -> c_int,
160 arg: *mut c_void,
161 );
162 pub fn SSL_CTX_set_next_proto_select_cb(
163 ssl: *mut SSL_CTX,
164 cb: extern "C" fn(
165 ssl: *mut SSL,
166 out: *mut *mut c_uchar,
167 outlen: *mut c_uchar,
168 inbuf: *const c_uchar,
169 inlen: c_uint,
170 arg: *mut c_void,
171 ) -> c_int,
172 arg: *mut c_void,
173 );
174 pub fn SSL_get0_next_proto_negotiated(
175 s: *const SSL,
176 data: *mut *const c_uchar,
177 len: *mut c_uint,
178 );
179
180 pub fn SSL_select_next_proto(
181 out: *mut *mut c_uchar,
182 outlen: *mut c_uchar,
183 inbuf: *const c_uchar,
184 inlen: c_uint,
185 client: *const c_uchar,
186 client_len: c_uint,
187 ) -> c_int;
188}
189
190extern "C" {
191 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
192 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
193 #[link_name = "SSL_CTX_set_alpn_select_cb"]
194 pub fn SSL_CTX_set_alpn_select_cb__fixed_rust(
195 ssl: *mut SSL_CTX,
196 cb: Option<
197 unsafe extern "C" fn(
198 ssl: *mut SSL,
199 out: *mut *const c_uchar,
200 outlen: *mut c_uchar,
201 inbuf: *const c_uchar,
202 inlen: c_uint,
203 arg: *mut c_void,
204 ) -> c_int,
205 >,
206 arg: *mut c_void,
207 );
208 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
209}
210
211#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
212extern "C" {
213 pub fn SSL_CTX_set_psk_client_callback(
214 ssl: *mut SSL_CTX,
215 psk_client_cb: Option<
216 extern "C" fn(
217 *mut SSL,
218 *const c_char,
219 *mut c_char,
220 c_uint,
221 *mut c_uchar,
222 c_uint,
223 ) -> c_uint,
224 >,
225 );
226 pub fn SSL_CTX_set_psk_server_callback(
227 ssl: *mut SSL_CTX,
228 psk_server_cb: Option<
229 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
230 >,
231 );
232 pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
233 pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
234}
235
236extern "C" {
237 #[cfg(ossl111)]
238 pub fn SSL_CTX_add_custom_ext(
239 ctx: *mut SSL_CTX,
240 ext_type: c_uint,
241 context: c_uint,
242 add_cb: SSL_custom_ext_add_cb_ex,
243 free_cb: SSL_custom_ext_free_cb_ex,
244 add_arg: *mut c_void,
245 parse_cb: SSL_custom_ext_parse_cb_ex,
246 parse_arg: *mut c_void,
247 ) -> c_int;
248
249 #[cfg(ossl110)]
250 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
251}
252
253#[cfg(ossl111)]
254pub type SSL_CTX_keylog_cb_func =
255 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
256
257extern "C" {
258 #[cfg(ossl111)]
259 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
260
261 #[cfg(any(ossl111, libressl))]
262 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
263 #[cfg(any(ossl111, libressl))]
264 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
265 #[cfg(any(ossl111, libressl))]
266 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
267 #[cfg(any(ossl111, libressl))]
268 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
269
270 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
271 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
272
273 pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
274 pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
275}
276
277const_ptr_api! {
278 extern "C" {
279 #[cfg(ossl110)]
280 pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
281 }
282}
283
284cfg_if! {
285 if #[cfg(libressl)] {
286 extern "C" {
287 pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
288 pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
289 pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
290 pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
291
292 pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
293 pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
294 pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
295 pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
296 }
297 }
298}
299
300extern "C" {
301 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
302 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
303 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
304 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
305 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
306 pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
307
308 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
309 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
310 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
311}
312extern "C" {
313 #[cfg(ossl111)]
314 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
315 #[cfg(ossl111)]
316 pub fn SSL_CIPHER_get_protocol_id(cipher: *const SSL_CIPHER) -> u16;
317 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
318 #[cfg(ossl111)]
319 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
320 #[cfg(ossl111)]
321 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
322
323 pub fn SSL_pending(ssl: *const SSL) -> c_int;
324 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
325 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
326 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
327 #[cfg(any(ossl111, libressl))]
328 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
329 #[cfg(any(ossl111, libressl))]
330 pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
331 pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
332 pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
333 pub fn SSL_set_verify(
334 ssl: *mut SSL,
335 mode: c_int,
336 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
338 );
339 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
340 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
341
342 pub fn SSL_CTX_use_PrivateKey_file(
343 ctx: *mut SSL_CTX,
344 key_file: *const c_char,
345 file_type: c_int,
346 ) -> c_int;
347 pub fn SSL_CTX_use_certificate_file(
348 ctx: *mut SSL_CTX,
349 cert_file: *const c_char,
350 file_type: c_int,
351 ) -> c_int;
352 pub fn SSL_CTX_use_certificate_chain_file(
353 ctx: *mut SSL_CTX,
354 cert_chain_file: *const c_char,
355 ) -> c_int;
356 pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
357 pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
358 pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
359 pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
360 pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
361 pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
362 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
363
364 #[cfg(not(ossl110))]
365 pub fn SSL_load_error_strings();
366 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
367 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
368
369 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
370 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
371 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
372
373 #[cfg(any(ossl111, libressl))]
374 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
375 #[cfg(any(ossl111, libressl))]
376 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
377
378 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
379 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
380 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
381}
382const_ptr_api! {
383 extern "C" {
384 pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
385 }
386}
387extern "C" {
388 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
389 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
390 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
391 pub fn d2i_SSL_SESSION(
392 a: *mut *mut SSL_SESSION,
393 pp: *mut *const c_uchar,
394 len: c_long,
395 ) -> *mut SSL_SESSION;
396
397 #[cfg(not(ossl300))]
398 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
399 #[cfg(ossl300)]
400 pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
401
402 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
403
404 pub fn SSL_CTX_set_verify(
405 ctx: *mut SSL_CTX,
406 mode: c_int,
407 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
408 );
409 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
410
411 #[cfg(any(ossl111, libressl))]
412 pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
413
414 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
415
416 pub fn SSL_CTX_set_session_id_context(
417 ssl: *mut SSL_CTX,
418 sid_ctx: *const c_uchar,
419 sid_ctx_len: c_uint,
420 ) -> c_int;
421
422 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
423
424 pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
425
426 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
427}
428
429#[cfg(ossl111)]
430pub type SSL_client_hello_cb_fn =
431 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
432extern "C" {
433 #[cfg(ossl111)]
434 pub fn SSL_CTX_set_client_hello_cb(
435 c: *mut SSL_CTX,
436 cb: SSL_client_hello_cb_fn,
437 arg: *mut c_void,
438 );
439 #[cfg(ossl111)]
440 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
441 #[cfg(ossl111)]
442 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
443 #[cfg(ossl111)]
444 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
445 #[cfg(ossl111)]
446 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
447 #[cfg(ossl111)]
448 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
449 #[cfg(ossl111)]
450 pub fn SSL_client_hello_get0_compression_methods(
451 s: *mut SSL,
452 out: *mut *const c_uchar,
453 ) -> size_t;
454 #[cfg(ossl111)]
455 pub fn SSL_client_hello_get1_extensions_present(
456 s: *mut SSL,
457 out: *mut *mut c_int,
458 outlen: *mut size_t,
459 ) -> c_int;
460 #[cfg(ossl111)]
461 pub fn SSL_client_hello_get0_ext(
462 s: *mut SSL,
463 type_: c_uint,
464 out: *mut *const c_uchar,
465 outlen: *mut size_t,
466 ) -> c_int;
467
468 pub fn SSL_free(ssl: *mut SSL);
469 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
470 #[cfg(ossl111)]
471 pub fn SSL_stateless(s: *mut SSL) -> c_int;
472 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
473 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
474 #[cfg(any(ossl111, libressl))]
475 pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
476 -> c_int;
477 pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
478 #[cfg(any(ossl111, libressl))]
479 pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
480 -> c_int;
481 #[cfg(any(ossl111, libressl))]
482 pub fn SSL_read_early_data(
483 s: *mut SSL,
484 buf: *mut c_void,
485 num: size_t,
486 readbytes: *mut size_t,
487 ) -> c_int;
488 #[cfg(ossl111)]
489 pub fn SSL_bytes_to_cipher_list(
490 s: *mut SSL,
491 bytes: *const c_uchar,
492 len: size_t,
493 isv2format: c_int,
494 sk: *mut *mut stack_st_SSL_CIPHER,
495 scsvs: *mut *mut stack_st_SSL_CIPHER,
496 ) -> c_int;
497}
498
499extern "C" {
500 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
501 #[cfg(any(ossl111, libressl))]
502 pub fn SSL_write_ex(
503 ssl: *mut SSL,
504 buf: *const c_void,
505 num: size_t,
506 written: *mut size_t,
507 ) -> c_int;
508 #[cfg(any(ossl111, libressl))]
509 pub fn SSL_write_early_data(
510 s: *mut SSL,
511 buf: *const c_void,
512 num: size_t,
513 written: *mut size_t,
514 ) -> c_int;
515 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
516 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
517 #[link_name = "SSL_CTX_callback_ctrl"]
518 pub fn SSL_CTX_callback_ctrl__fixed_rust(
519 ctx: *mut SSL_CTX,
520 cmd: c_int,
521 fp: Option<unsafe extern "C" fn()>,
522 ) -> c_long;
523}
524
525extern "C" {
526 pub fn TLS_method() -> *const SSL_METHOD;
527
528 pub fn DTLS_method() -> *const SSL_METHOD;
529
530 pub fn TLS_server_method() -> *const SSL_METHOD;
531
532 pub fn TLS_client_method() -> *const SSL_METHOD;
533
534 pub fn DTLS_server_method() -> *const SSL_METHOD;
535
536 pub fn DTLS_client_method() -> *const SSL_METHOD;
537}
538
539extern "C" {
540 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
541 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
542
543 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
544 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
545
546 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
547
548 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
549
550 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
551 pub fn SSL_CTX_load_verify_locations(
552 ctx: *mut SSL_CTX,
553 CAfile: *const c_char,
554 CApath: *const c_char,
555 ) -> c_int;
556}
557
558const_ptr_api! {
559 extern "C" {
560 pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
561 }
562}
563
564extern "C" {
565 pub fn SSL_set_connect_state(s: *mut SSL);
566 pub fn SSL_set_accept_state(s: *mut SSL);
567
568 #[cfg(not(ossl110))]
569 pub fn SSL_library_init() -> c_int;
570
571 pub fn SSL_CIPHER_description(
572 cipher: *const SSL_CIPHER,
573 buf: *mut c_char,
574 size: c_int,
575 ) -> *mut c_char;
576
577 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
578 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
579}
580
581extern "C" {
582 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
583 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
584
585 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
586 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
587 pub fn SSL_version(ssl: *const SSL) -> c_int;
588 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
589 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
590 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
591
592 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
593 #[cfg(ossl110)]
594 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
595
596 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
597 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
598 pub fn SSL_SESSION_get_master_key(
599 session: *const SSL_SESSION,
600 out: *mut c_uchar,
601 outlen: size_t,
602 ) -> size_t;
603}
604
605extern "C" {
606 #[cfg(not(ossl110))]
607 pub fn SSL_get_ex_new_index(
608 argl: c_long,
609 argp: *mut c_void,
610 new_func: Option<CRYPTO_EX_new>,
611 dup_func: Option<CRYPTO_EX_dup>,
612 free_func: Option<CRYPTO_EX_free>,
613 ) -> c_int;
614
615 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
616 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
617
618 #[cfg(not(ossl110))]
619 pub fn SSL_CTX_get_ex_new_index(
620 argl: c_long,
621 argp: *mut c_void,
622 new_func: Option<CRYPTO_EX_new>,
623 dup_func: Option<CRYPTO_EX_dup>,
624 free_func: Option<CRYPTO_EX_free>,
625 ) -> c_int;
626
627 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
628 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
629
630 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
631}
632
633#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
634extern "C" {
635 #[link_name = "SSL_CTX_set_tmp_dh_callback"]
636 pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust(
637 ctx: *mut SSL_CTX,
638 dh: Option<
639 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
640 >,
641 );
642 #[link_name = "SSL_set_tmp_dh_callback"]
643 pub fn SSL_set_tmp_dh_callback__fixed_rust(
644 ctx: *mut SSL,
645 dh: Option<
646 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
647 >,
648 );
649 #[cfg(not(ossl110))]
650 #[link_name = "SSL_CTX_set_tmp_ecdh_callback"]
651 pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust(
652 ctx: *mut SSL_CTX,
653 ecdh: Option<
654 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
655 >,
656 );
657 #[cfg(not(ossl110))]
658 #[link_name = "SSL_set_tmp_ecdh_callback"]
659 pub fn SSL_set_tmp_ecdh_callback__fixed_rust(
660 ssl: *mut SSL,
661 ecdh: Option<
662 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
663 >,
664 );
665}
666
667cfg_if! {
668 if #[cfg(libressl)] {
669 extern "C" {
670 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const c_void;
671 }
672 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
673 const_ptr_api! {
674 extern "C" {
675 pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
676 }
677 }
678 }
679}
680cfg_if! {
681 if #[cfg(libressl)] {
682 extern "C" {
683 pub fn SSL_COMP_get_name(comp: *const c_void) -> *const c_char;
684 }
685 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
686 extern "C" {
687 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
688 }
689 }
690}
691
692#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
693extern "C" {
694 #[cfg(ossl110)]
695 pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
696}
697
698extern "C" {
699 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
700 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
701}
702
703const_ptr_api! {
704 extern "C" {
705 #[cfg(ossl110)]
706 pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
707 }
708}
709
710const_ptr_api! {
711 extern "C" {
712 pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl))] SSL) -> c_int;
713 }
714}
715
716extern "C" {
717 #[cfg(ossl110)]
718 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
719}
720
721extern "C" {
722 #[cfg(ossl111)]
723 pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
724
725 #[cfg(ossl111)]
726 pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
727
728 #[cfg(ossl111b)]
729 pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
730 #[cfg(all(ossl111, not(ossl111b)))]
731 pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
732
733 #[cfg(ossl111b)]
734 pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
735 #[cfg(all(ossl111, not(ossl111b)))]
736 pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
737}
738
739extern "C" {
740 #[cfg(any(ossl110, libressl360))]
741 pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
742
743 #[cfg(any(ossl110, libressl360))]
744 pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
745
746 #[cfg(any(ossl110, libressl360))]
747 pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
748
749 #[cfg(any(ossl110, libressl360))]
750 pub fn SSL_get_security_level(s: *const SSL) -> c_int;
751}
752
753#[cfg(ossl320)]
754extern "C" {
755 pub fn OSSL_QUIC_client_method() -> *const SSL_METHOD;
756 pub fn OSSL_QUIC_client_thread_method() -> *const SSL_METHOD;
757 pub fn SSL_get_event_timeout(s: *mut SSL, tv: *mut timeval, is_infinite: *mut c_int) -> c_int;
758 pub fn SSL_handle_events(s: *mut SSL) -> c_int;
759 pub fn SSL_get_blocking_mode(s: *mut SSL) -> c_int;
760 pub fn SSL_set_blocking_mode(s: *mut SSL, blocking: c_int) -> c_int;
761 pub fn SSL_get_rpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
762 pub fn SSL_get_wpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
763 pub fn SSL_net_read_desired(s: *mut SSL) -> c_int;
764 pub fn SSL_net_write_desired(s: *mut SSL) -> c_int;
765 pub fn SSL_set1_initial_peer_addr(s: *mut SSL, peer_addr: *const BIO_ADDR) -> c_int;
766 pub fn SSL_shutdown_ex(
767 ssl: *mut SSL,
768 flags: u64,
769 args: *const SSL_SHUTDOWN_EX_ARGS,
770 args_len: usize,
771 ) -> c_int;
772 pub fn SSL_stream_conclude(ssl: *mut SSL, flags: u64) -> c_int;
773 pub fn SSL_stream_reset(
774 ssl: *mut SSL,
775 args: *const SSL_STREAM_RESET_ARGS,
776 args_len: usize,
777 ) -> c_int;
778 pub fn SSL_get_stream_read_state(ssl: *mut SSL) -> c_int;
779 pub fn SSL_get_stream_write_state(ssl: *mut SSL) -> c_int;
780 pub fn SSL_get_conn_close_info(
781 ssl: *mut SSL,
782 info: *mut SSL_CONN_CLOSE_INFO,
783 info_len: usize,
784 ) -> c_int;
785 pub fn SSL_get0_connection(s: *mut SSL) -> *mut SSL;
786 pub fn SSL_is_connection(s: *mut SSL) -> c_int;
787 pub fn SSL_get_stream_type(s: *mut SSL) -> c_int;
788 pub fn SSL_get_stream_id(s: *mut SSL) -> u64;
789 pub fn SSL_new_stream(s: *mut SSL, flags: u64) -> *mut SSL;
790 pub fn SSL_accept_stream(s: *mut SSL, flags: u64) -> *mut SSL;
791 pub fn SSL_set_incoming_stream_policy(s: *mut SSL, policy: c_int, aec: u64) -> c_int;
792 pub fn SSL_get_accept_stream_queue_len(s: *mut SSL) -> usize;
793 pub fn SSL_set_default_stream_mode(s: *mut SSL, mode: u32) -> c_int;
794 pub fn SSL_get0_group_name(s: *mut SSL) -> *const c_char;
795}
796
797#[cfg(ossl330)]
798extern "C" {
799 pub fn SSL_write_ex2(
800 s: *mut SSL,
801 buf: *const c_void,
802 num: usize,
803 flags: u64,
804 written: *mut usize,
805 ) -> c_int;
806 pub fn SSL_get_value_uint(s: *mut SSL, class_: u32, id: u32, v: *mut u64) -> c_int;
807 pub fn SSL_set_value_uint(s: *mut SSL, class_: u32, id: u32, v: u64) -> c_int;
808}
809
810#[cfg(ossl300)]
811extern "C" {
812 pub fn SSL_CTX_set0_tmp_dh_pkey(ctx: *mut SSL_CTX, dhpkey: *mut EVP_PKEY) -> c_int;
813 pub fn SSL_set0_tmp_dh_pkey(s: *mut SSL, dhpkey: *mut EVP_PKEY) -> c_int;
814}