1use super::super::*;
2use libc::*;
3
4pub enum SSL_METHOD {}
5pub enum SSL_CIPHER {}
6pub enum SSL_SESSION {}
7
8stack!(stack_st_SSL_CIPHER);
9
10#[repr(C)]
11pub struct SRTP_PROTECTION_PROFILE {
12 pub name: *const c_char,
13 pub id: c_ulong,
14}
15
16stack!(stack_st_SRTP_PROTECTION_PROFILE);
17
18pub type tls_session_ticket_ext_cb_fn =
19 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
20pub type tls_session_secret_cb_fn = Option<
21 unsafe extern "C" fn(
22 *mut SSL,
23 *mut c_void,
24 *mut c_int,
25 *mut stack_st_SSL_CIPHER,
26 *mut *mut SSL_CIPHER,
27 *mut c_void,
28 ) -> c_int,
29>;
30
31#[cfg(ossl111)]
32pub type SSL_custom_ext_add_cb_ex = Option<
33 unsafe extern "C" fn(
34 ssl: *mut SSL,
35 ext_type: c_uint,
36 context: c_uint,
37 out: *mut *const c_uchar,
38 outlen: *mut size_t,
39 x: *mut X509,
40 chainidx: size_t,
41 al: *mut c_int,
42 add_arg: *mut c_void,
43 ) -> c_int,
44>;
45
46#[cfg(ossl111)]
47pub type SSL_custom_ext_free_cb_ex = Option<
48 unsafe extern "C" fn(
49 ssl: *mut SSL,
50 ext_type: c_uint,
51 context: c_uint,
52 out: *const c_uchar,
53 add_arg: *mut c_void,
54 ),
55>;
56
57#[cfg(ossl111)]
58pub type SSL_custom_ext_parse_cb_ex = Option<
59 unsafe extern "C" fn(
60 ssl: *mut SSL,
61 ext_type: c_uint,
62 context: c_uint,
63 input: *const c_uchar,
64 inlen: size_t,
65 x: *mut X509,
66 chainidx: size_t,
67 al: *mut c_int,
68 parse_arg: *mut c_void,
69 ) -> c_int,
70>;
71
72cfg_if! {
73 if #[cfg(ossl300)] {
74 extern "C" {
75 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
76 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
77 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
78 }
79 } else if #[cfg(ossl110)] {
80 extern "C" {
81 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
82 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
83 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
84 }
85 }
86}
87
88pub type GEN_SESSION_CB =
89 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
90
91extern "C" {
92 pub fn SSL_CTX_sess_set_new_cb(
93 ctx: *mut SSL_CTX,
94 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
95 );
96 pub fn SSL_CTX_sess_set_remove_cb(
97 ctx: *mut SSL_CTX,
98 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
99 );
100}
101extern "C" {
102 pub fn SSL_CTX_sess_set_get_cb(
103 ctx: *mut SSL_CTX,
104 get_session_cb: Option<
105 unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
106 >,
107 );
108}
109extern "C" {
110 pub fn SSL_CTX_set_cookie_generate_cb(
112 s: *mut SSL_CTX,
113 cb: Option<
114 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
115 >,
116 );
117}
118extern "C" {
119 pub fn SSL_CTX_set_cookie_verify_cb(
120 s: *mut SSL_CTX,
121 cb: Option<
122 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
123 >,
124 );
125}
126
127extern "C" {
128 #[cfg(ossl111)]
129 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
130 s: *mut SSL_CTX,
131 cb: Option<
132 unsafe extern "C" fn(
133 ssl: *mut SSL,
134 cookie: *mut c_uchar,
135 cookie_len: *mut size_t,
136 ) -> c_int,
137 >,
138 );
139 #[cfg(ossl111)]
140 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
141 s: *mut SSL_CTX,
142 cb: Option<
143 unsafe extern "C" fn(
144 ssl: *mut SSL,
145 cookie: *const c_uchar,
146 cookie_len: size_t,
147 ) -> c_int,
148 >,
149 );
150
151 pub fn SSL_CTX_set_next_protos_advertised_cb(
152 ssl: *mut SSL_CTX,
153 cb: extern "C" fn(
154 ssl: *mut SSL,
155 out: *mut *const c_uchar,
156 outlen: *mut c_uint,
157 arg: *mut c_void,
158 ) -> c_int,
159 arg: *mut c_void,
160 );
161 pub fn SSL_CTX_set_next_proto_select_cb(
162 ssl: *mut SSL_CTX,
163 cb: extern "C" fn(
164 ssl: *mut SSL,
165 out: *mut *mut c_uchar,
166 outlen: *mut c_uchar,
167 inbuf: *const c_uchar,
168 inlen: c_uint,
169 arg: *mut c_void,
170 ) -> c_int,
171 arg: *mut c_void,
172 );
173 pub fn SSL_get0_next_proto_negotiated(
174 s: *const SSL,
175 data: *mut *const c_uchar,
176 len: *mut c_uint,
177 );
178
179 pub fn SSL_select_next_proto(
180 out: *mut *mut c_uchar,
181 outlen: *mut c_uchar,
182 inbuf: *const c_uchar,
183 inlen: c_uint,
184 client: *const c_uchar,
185 client_len: c_uint,
186 ) -> c_int;
187}
188
189extern "C" {
190 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
191 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
192 #[link_name = "SSL_CTX_set_alpn_select_cb"]
193 pub fn SSL_CTX_set_alpn_select_cb__fixed_rust(
194 ssl: *mut SSL_CTX,
195 cb: Option<
196 unsafe extern "C" fn(
197 ssl: *mut SSL,
198 out: *mut *const c_uchar,
199 outlen: *mut c_uchar,
200 inbuf: *const c_uchar,
201 inlen: c_uint,
202 arg: *mut c_void,
203 ) -> c_int,
204 >,
205 arg: *mut c_void,
206 );
207 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
208}
209
210#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
211extern "C" {
212 pub fn SSL_CTX_set_psk_client_callback(
213 ssl: *mut SSL_CTX,
214 psk_client_cb: Option<
215 extern "C" fn(
216 *mut SSL,
217 *const c_char,
218 *mut c_char,
219 c_uint,
220 *mut c_uchar,
221 c_uint,
222 ) -> c_uint,
223 >,
224 );
225 pub fn SSL_CTX_set_psk_server_callback(
226 ssl: *mut SSL_CTX,
227 psk_server_cb: Option<
228 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
229 >,
230 );
231 pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
232 pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
233}
234
235extern "C" {
236 #[cfg(ossl111)]
237 pub fn SSL_CTX_add_custom_ext(
238 ctx: *mut SSL_CTX,
239 ext_type: c_uint,
240 context: c_uint,
241 add_cb: SSL_custom_ext_add_cb_ex,
242 free_cb: SSL_custom_ext_free_cb_ex,
243 add_arg: *mut c_void,
244 parse_cb: SSL_custom_ext_parse_cb_ex,
245 parse_arg: *mut c_void,
246 ) -> c_int;
247
248 #[cfg(ossl110)]
249 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
250}
251
252#[cfg(ossl111)]
253pub type SSL_CTX_keylog_cb_func =
254 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
255
256extern "C" {
257 #[cfg(ossl111)]
258 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
259
260 #[cfg(any(ossl111, libressl))]
261 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
262 #[cfg(any(ossl111, libressl))]
263 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
264 #[cfg(any(ossl111, libressl))]
265 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
266 #[cfg(any(ossl111, libressl))]
267 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
268
269 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
270 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
271
272 pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
273 pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
274}
275
276const_ptr_api! {
277 extern "C" {
278 #[cfg(ossl110)]
279 pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
280 }
281}
282
283cfg_if! {
284 if #[cfg(libressl)] {
285 extern "C" {
286 pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
287 pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
288 pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
289 pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
290
291 pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
292 pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
293 pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
294 pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
295 }
296 }
297}
298
299extern "C" {
300 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
301 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
302 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
303 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
304 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
305 pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
306
307 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
308 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
309 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
310}
311extern "C" {
312 #[cfg(ossl111)]
313 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
314 #[cfg(ossl111)]
315 pub fn SSL_CIPHER_get_protocol_id(cipher: *const SSL_CIPHER) -> u16;
316 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
317 #[cfg(ossl111)]
318 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
319 #[cfg(ossl111)]
320 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
321
322 pub fn SSL_pending(ssl: *const SSL) -> c_int;
323 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
324 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
325 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
326 #[cfg(any(ossl111, libressl))]
327 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
328 #[cfg(any(ossl111, libressl))]
329 pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
330 pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
331 pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
332 pub fn SSL_set_verify(
333 ssl: *mut SSL,
334 mode: c_int,
335 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
337 );
338 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
339 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
340
341 pub fn SSL_CTX_use_PrivateKey_file(
342 ctx: *mut SSL_CTX,
343 key_file: *const c_char,
344 file_type: c_int,
345 ) -> c_int;
346 pub fn SSL_CTX_use_certificate_file(
347 ctx: *mut SSL_CTX,
348 cert_file: *const c_char,
349 file_type: c_int,
350 ) -> c_int;
351 pub fn SSL_CTX_use_certificate_chain_file(
352 ctx: *mut SSL_CTX,
353 cert_chain_file: *const c_char,
354 ) -> c_int;
355 pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
356 pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
357 pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
358 pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
359 pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
360 pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
361 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
362
363 #[cfg(not(ossl110))]
364 pub fn SSL_load_error_strings();
365 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
366 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
367
368 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
369 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
370 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
371
372 #[cfg(any(ossl111, libressl))]
373 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
374 #[cfg(any(ossl111, libressl))]
375 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
376
377 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
378 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
379 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
380}
381const_ptr_api! {
382 extern "C" {
383 pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
384 }
385}
386extern "C" {
387 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
388 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
389 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
390 pub fn d2i_SSL_SESSION(
391 a: *mut *mut SSL_SESSION,
392 pp: *mut *const c_uchar,
393 len: c_long,
394 ) -> *mut SSL_SESSION;
395
396 #[cfg(not(ossl300))]
397 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
398 #[cfg(ossl300)]
399 pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
400
401 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
402
403 pub fn SSL_CTX_set_verify(
404 ctx: *mut SSL_CTX,
405 mode: c_int,
406 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
407 );
408 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
409
410 #[cfg(any(ossl111, libressl))]
411 pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
412
413 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
414
415 pub fn SSL_CTX_set_session_id_context(
416 ssl: *mut SSL_CTX,
417 sid_ctx: *const c_uchar,
418 sid_ctx_len: c_uint,
419 ) -> c_int;
420
421 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
422
423 pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
424
425 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
426}
427
428#[cfg(ossl111)]
429pub type SSL_client_hello_cb_fn =
430 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
431extern "C" {
432 #[cfg(ossl111)]
433 pub fn SSL_CTX_set_client_hello_cb(
434 c: *mut SSL_CTX,
435 cb: SSL_client_hello_cb_fn,
436 arg: *mut c_void,
437 );
438 #[cfg(ossl111)]
439 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
440 #[cfg(ossl111)]
441 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
442 #[cfg(ossl111)]
443 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
444 #[cfg(ossl111)]
445 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
446 #[cfg(ossl111)]
447 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
448 #[cfg(ossl111)]
449 pub fn SSL_client_hello_get0_compression_methods(
450 s: *mut SSL,
451 out: *mut *const c_uchar,
452 ) -> size_t;
453 #[cfg(ossl111)]
454 pub fn SSL_client_hello_get1_extensions_present(
455 s: *mut SSL,
456 out: *mut *mut c_int,
457 outlen: *mut size_t,
458 ) -> c_int;
459 #[cfg(ossl111)]
460 pub fn SSL_client_hello_get0_ext(
461 s: *mut SSL,
462 type_: c_uint,
463 out: *mut *const c_uchar,
464 outlen: *mut size_t,
465 ) -> c_int;
466
467 pub fn SSL_free(ssl: *mut SSL);
468 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
469 #[cfg(ossl111)]
470 pub fn SSL_stateless(s: *mut SSL) -> c_int;
471 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
472 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
473 #[cfg(any(ossl111, libressl))]
474 pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
475 -> c_int;
476 pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
477 #[cfg(any(ossl111, libressl))]
478 pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
479 -> c_int;
480 #[cfg(any(ossl111, libressl))]
481 pub fn SSL_read_early_data(
482 s: *mut SSL,
483 buf: *mut c_void,
484 num: size_t,
485 readbytes: *mut size_t,
486 ) -> c_int;
487 #[cfg(ossl111)]
488 pub fn SSL_bytes_to_cipher_list(
489 s: *mut SSL,
490 bytes: *const c_uchar,
491 len: size_t,
492 isv2format: c_int,
493 sk: *mut *mut stack_st_SSL_CIPHER,
494 scsvs: *mut *mut stack_st_SSL_CIPHER,
495 ) -> c_int;
496}
497
498extern "C" {
499 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
500 #[cfg(any(ossl111, libressl))]
501 pub fn SSL_write_ex(
502 ssl: *mut SSL,
503 buf: *const c_void,
504 num: size_t,
505 written: *mut size_t,
506 ) -> c_int;
507 #[cfg(any(ossl111, libressl))]
508 pub fn SSL_write_early_data(
509 s: *mut SSL,
510 buf: *const c_void,
511 num: size_t,
512 written: *mut size_t,
513 ) -> c_int;
514 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
515 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
516 #[link_name = "SSL_CTX_callback_ctrl"]
517 pub fn SSL_CTX_callback_ctrl__fixed_rust(
518 ctx: *mut SSL_CTX,
519 cmd: c_int,
520 fp: Option<unsafe extern "C" fn()>,
521 ) -> c_long;
522}
523
524extern "C" {
525 pub fn TLS_method() -> *const SSL_METHOD;
526
527 pub fn DTLS_method() -> *const SSL_METHOD;
528
529 pub fn TLS_server_method() -> *const SSL_METHOD;
530
531 pub fn TLS_client_method() -> *const SSL_METHOD;
532
533 pub fn DTLS_server_method() -> *const SSL_METHOD;
534
535 pub fn DTLS_client_method() -> *const SSL_METHOD;
536}
537
538extern "C" {
539 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
540 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
541
542 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
543 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
544
545 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
546
547 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
548
549 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
550 pub fn SSL_CTX_load_verify_locations(
551 ctx: *mut SSL_CTX,
552 CAfile: *const c_char,
553 CApath: *const c_char,
554 ) -> c_int;
555}
556
557const_ptr_api! {
558 extern "C" {
559 pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
560 }
561}
562
563extern "C" {
564 pub fn SSL_set_connect_state(s: *mut SSL);
565 pub fn SSL_set_accept_state(s: *mut SSL);
566
567 #[cfg(not(ossl110))]
568 pub fn SSL_library_init() -> c_int;
569
570 pub fn SSL_CIPHER_description(
571 cipher: *const SSL_CIPHER,
572 buf: *mut c_char,
573 size: c_int,
574 ) -> *mut c_char;
575
576 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
577 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
578}
579
580extern "C" {
581 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
582 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
583
584 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
585 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
586 pub fn SSL_version(ssl: *const SSL) -> c_int;
587 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
588 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
589 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
590
591 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
592 #[cfg(ossl110)]
593 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
594
595 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
596 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
597 pub fn SSL_SESSION_get_master_key(
598 session: *const SSL_SESSION,
599 out: *mut c_uchar,
600 outlen: size_t,
601 ) -> size_t;
602}
603
604extern "C" {
605 #[cfg(not(ossl110))]
606 pub fn SSL_get_ex_new_index(
607 argl: c_long,
608 argp: *mut c_void,
609 new_func: Option<CRYPTO_EX_new>,
610 dup_func: Option<CRYPTO_EX_dup>,
611 free_func: Option<CRYPTO_EX_free>,
612 ) -> c_int;
613
614 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
615 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
616
617 #[cfg(not(ossl110))]
618 pub fn SSL_CTX_get_ex_new_index(
619 argl: c_long,
620 argp: *mut c_void,
621 new_func: Option<CRYPTO_EX_new>,
622 dup_func: Option<CRYPTO_EX_dup>,
623 free_func: Option<CRYPTO_EX_free>,
624 ) -> c_int;
625
626 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
627 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
628
629 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
630}
631
632#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
633extern "C" {
634 #[link_name = "SSL_CTX_set_tmp_dh_callback"]
635 pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust(
636 ctx: *mut SSL_CTX,
637 dh: Option<
638 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
639 >,
640 );
641 #[link_name = "SSL_set_tmp_dh_callback"]
642 pub fn SSL_set_tmp_dh_callback__fixed_rust(
643 ctx: *mut SSL,
644 dh: Option<
645 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
646 >,
647 );
648 #[cfg(not(ossl110))]
649 #[link_name = "SSL_CTX_set_tmp_ecdh_callback"]
650 pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust(
651 ctx: *mut SSL_CTX,
652 ecdh: Option<
653 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
654 >,
655 );
656 #[cfg(not(ossl110))]
657 #[link_name = "SSL_set_tmp_ecdh_callback"]
658 pub fn SSL_set_tmp_ecdh_callback__fixed_rust(
659 ssl: *mut SSL,
660 ecdh: Option<
661 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
662 >,
663 );
664}
665
666cfg_if! {
667 if #[cfg(libressl)] {
668 extern "C" {
669 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void;
670 }
671 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
672 const_ptr_api! {
673 extern "C" {
674 pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
675 }
676 }
677 }
678}
679cfg_if! {
680 if #[cfg(libressl)] {
681 extern "C" {
682 pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char;
683 }
684 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
685 extern "C" {
686 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
687 }
688 }
689}
690
691#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
692extern "C" {
693 #[cfg(ossl110)]
694 pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
695}
696
697extern "C" {
698 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
699 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
700}
701
702const_ptr_api! {
703 extern "C" {
704 #[cfg(ossl110)]
705 pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
706 }
707}
708
709const_ptr_api! {
710 extern "C" {
711 pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl))] SSL) -> c_int;
712 }
713}
714
715extern "C" {
716 #[cfg(ossl110)]
717 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
718}
719
720extern "C" {
721 #[cfg(ossl111)]
722 pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
723
724 #[cfg(ossl111)]
725 pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
726
727 #[cfg(ossl111b)]
728 pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
729 #[cfg(all(ossl111, not(ossl111b)))]
730 pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
731
732 #[cfg(ossl111b)]
733 pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
734 #[cfg(all(ossl111, not(ossl111b)))]
735 pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
736}
737
738extern "C" {
739 #[cfg(any(ossl110, libressl360))]
740 pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
741
742 #[cfg(any(ossl110, libressl360))]
743 pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
744
745 #[cfg(any(ossl110, libressl360))]
746 pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
747
748 #[cfg(any(ossl110, libressl360))]
749 pub fn SSL_get_security_level(s: *const SSL) -> c_int;
750}
751
752#[cfg(ossl320)]
753extern "C" {
754 pub fn OSSL_QUIC_client_method() -> *const SSL_METHOD;
755 pub fn OSSL_QUIC_client_thread_method() -> *const SSL_METHOD;
756 pub fn SSL_get_event_timeout(s: *mut SSL, tv: *mut timeval, is_infinite: *mut c_int) -> c_int;
757 pub fn SSL_handle_events(s: *mut SSL) -> c_int;
758 pub fn SSL_get_blocking_mode(s: *mut SSL) -> c_int;
759 pub fn SSL_set_blocking_mode(s: *mut SSL, blocking: c_int) -> c_int;
760 pub fn SSL_get_rpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
761 pub fn SSL_get_wpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
762 pub fn SSL_net_read_desired(s: *mut SSL) -> c_int;
763 pub fn SSL_net_write_desired(s: *mut SSL) -> c_int;
764 pub fn SSL_set1_initial_peer_addr(s: *mut SSL, peer_addr: *const BIO_ADDR) -> c_int;
765 pub fn SSL_shutdown_ex(
766 ssl: *mut SSL,
767 flags: u64,
768 args: *const SSL_SHUTDOWN_EX_ARGS,
769 args_len: usize,
770 ) -> c_int;
771 pub fn SSL_stream_conclude(ssl: *mut SSL, flags: u64) -> c_int;
772 pub fn SSL_stream_reset(
773 ssl: *mut SSL,
774 args: *const SSL_STREAM_RESET_ARGS,
775 args_len: usize,
776 ) -> c_int;
777 pub fn SSL_get_stream_read_state(ssl: *mut SSL) -> c_int;
778 pub fn SSL_get_stream_write_state(ssl: *mut SSL) -> c_int;
779 pub fn SSL_get_conn_close_info(
780 ssl: *mut SSL,
781 info: *mut SSL_CONN_CLOSE_INFO,
782 info_len: usize,
783 ) -> c_int;
784 pub fn SSL_get0_connection(s: *mut SSL) -> *mut SSL;
785 pub fn SSL_is_connection(s: *mut SSL) -> c_int;
786 pub fn SSL_get_stream_type(s: *mut SSL) -> c_int;
787 pub fn SSL_get_stream_id(s: *mut SSL) -> u64;
788 pub fn SSL_new_stream(s: *mut SSL, flags: u64) -> *mut SSL;
789 pub fn SSL_accept_stream(s: *mut SSL, flags: u64) -> *mut SSL;
790 pub fn SSL_set_incoming_stream_policy(s: *mut SSL, policy: c_int, aec: u64) -> c_int;
791 pub fn SSL_get_accept_stream_queue_len(s: *mut SSL) -> usize;
792 pub fn SSL_set_default_stream_mode(s: *mut SSL, mode: u32) -> c_int;
793 pub fn SSL_get0_group_name(s: *mut SSL) -> *const c_char;
794}
795
796#[cfg(ossl330)]
797extern "C" {
798 pub fn SSL_write_ex2(
799 s: *mut SSL,
800 buf: *const c_void,
801 num: usize,
802 flags: u64,
803 written: *mut usize,
804 ) -> c_int;
805 pub fn SSL_get_value_uint(s: *mut SSL, class_: u32, id: u32, v: *mut u64) -> c_int;
806 pub fn SSL_set_value_uint(s: *mut SSL, class_: u32, id: u32, v: u64) -> c_int;
807}
808
809#[cfg(ossl300)]
810extern "C" {
811 pub fn SSL_CTX_set0_tmp_dh_pkey(ctx: *mut SSL_CTX, dhpkey: *mut EVP_PKEY) -> c_int;
812 pub fn SSL_set0_tmp_dh_pkey(s: *mut SSL, dhpkey: *mut EVP_PKEY) -> c_int;
813}