1use super::super::*;
2use libc::*;
3
4pub enum SSL_METHOD {}
5pub enum SSL_CIPHER {}
6pub enum SSL_SESSION {}
7
8stack!(stack_st_SSL_CIPHER);
9
10#[repr(C)]
11pub struct SRTP_PROTECTION_PROFILE {
12 pub name: *const c_char,
13 pub id: c_ulong,
14}
15
16stack!(stack_st_SRTP_PROTECTION_PROFILE);
17
18pub type tls_session_ticket_ext_cb_fn =
19 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
20pub type tls_session_secret_cb_fn = Option<
21 unsafe extern "C" fn(
22 *mut SSL,
23 *mut c_void,
24 *mut c_int,
25 *mut stack_st_SSL_CIPHER,
26 *mut *mut SSL_CIPHER,
27 *mut c_void,
28 ) -> c_int,
29>;
30
31#[cfg(ossl111)]
32pub type SSL_custom_ext_add_cb_ex = Option<
33 unsafe extern "C" fn(
34 ssl: *mut SSL,
35 ext_type: c_uint,
36 context: c_uint,
37 out: *mut *const c_uchar,
38 outlen: *mut size_t,
39 x: *mut X509,
40 chainidx: size_t,
41 al: *mut c_int,
42 add_arg: *mut c_void,
43 ) -> c_int,
44>;
45
46#[cfg(ossl111)]
47pub type SSL_custom_ext_free_cb_ex = Option<
48 unsafe extern "C" fn(
49 ssl: *mut SSL,
50 ext_type: c_uint,
51 context: c_uint,
52 out: *const c_uchar,
53 add_arg: *mut c_void,
54 ),
55>;
56
57#[cfg(ossl111)]
58pub type SSL_custom_ext_parse_cb_ex = Option<
59 unsafe extern "C" fn(
60 ssl: *mut SSL,
61 ext_type: c_uint,
62 context: c_uint,
63 input: *const c_uchar,
64 inlen: size_t,
65 x: *mut X509,
66 chainidx: size_t,
67 al: *mut c_int,
68 parse_arg: *mut c_void,
69 ) -> c_int,
70>;
71
72cfg_if! {
73 if #[cfg(ossl300)] {
74 extern "C" {
75 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
76 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
77 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
78 }
79 } else if #[cfg(ossl110)] {
80 extern "C" {
81 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
82 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
83 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
84 }
85 }
86}
87
88pub type GEN_SESSION_CB =
89 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
90
91extern "C" {
92 pub fn SSL_CTX_sess_set_new_cb(
93 ctx: *mut SSL_CTX,
94 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
95 );
96 pub fn SSL_CTX_sess_set_remove_cb(
97 ctx: *mut SSL_CTX,
98 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
99 );
100}
101extern "C" {
102 pub fn SSL_CTX_sess_set_get_cb(
103 ctx: *mut SSL_CTX,
104 get_session_cb: Option<
105 unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
106 >,
107 );
108}
109extern "C" {
110 pub fn SSL_CTX_set_cookie_generate_cb(
112 s: *mut SSL_CTX,
113 cb: Option<
114 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
115 >,
116 );
117}
118extern "C" {
119 pub fn SSL_CTX_set_cookie_verify_cb(
120 s: *mut SSL_CTX,
121 cb: Option<
122 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
123 >,
124 );
125}
126
127extern "C" {
128 #[cfg(ossl111)]
129 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
130 s: *mut SSL_CTX,
131 cb: Option<
132 unsafe extern "C" fn(
133 ssl: *mut SSL,
134 cookie: *mut c_uchar,
135 cookie_len: *mut size_t,
136 ) -> c_int,
137 >,
138 );
139 #[cfg(ossl111)]
140 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
141 s: *mut SSL_CTX,
142 cb: Option<
143 unsafe extern "C" fn(
144 ssl: *mut SSL,
145 cookie: *const c_uchar,
146 cookie_len: size_t,
147 ) -> c_int,
148 >,
149 );
150
151 pub fn SSL_CTX_set_next_protos_advertised_cb(
152 ssl: *mut SSL_CTX,
153 cb: extern "C" fn(
154 ssl: *mut SSL,
155 out: *mut *const c_uchar,
156 outlen: *mut c_uint,
157 arg: *mut c_void,
158 ) -> c_int,
159 arg: *mut c_void,
160 );
161 pub fn SSL_CTX_set_next_proto_select_cb(
162 ssl: *mut SSL_CTX,
163 cb: extern "C" fn(
164 ssl: *mut SSL,
165 out: *mut *mut c_uchar,
166 outlen: *mut c_uchar,
167 inbuf: *const c_uchar,
168 inlen: c_uint,
169 arg: *mut c_void,
170 ) -> c_int,
171 arg: *mut c_void,
172 );
173 pub fn SSL_get0_next_proto_negotiated(
174 s: *const SSL,
175 data: *mut *const c_uchar,
176 len: *mut c_uint,
177 );
178
179 pub fn SSL_select_next_proto(
180 out: *mut *mut c_uchar,
181 outlen: *mut c_uchar,
182 inbuf: *const c_uchar,
183 inlen: c_uint,
184 client: *const c_uchar,
185 client_len: c_uint,
186 ) -> c_int;
187}
188
189extern "C" {
190 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
191 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
192 pub fn SSL_CTX_set_alpn_select_cb(
193 ssl: *mut SSL_CTX,
194 cb: Option<
195 unsafe extern "C" fn(
196 ssl: *mut SSL,
197 out: *mut *const c_uchar,
198 outlen: *mut c_uchar,
199 inbuf: *const c_uchar,
200 inlen: c_uint,
201 arg: *mut c_void,
202 ) -> c_int,
203 >,
204 arg: *mut c_void,
205 );
206 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
207}
208
209#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
210extern "C" {
211 pub fn SSL_CTX_set_psk_client_callback(
212 ssl: *mut SSL_CTX,
213 psk_client_cb: Option<
214 extern "C" fn(
215 *mut SSL,
216 *const c_char,
217 *mut c_char,
218 c_uint,
219 *mut c_uchar,
220 c_uint,
221 ) -> c_uint,
222 >,
223 );
224 pub fn SSL_CTX_set_psk_server_callback(
225 ssl: *mut SSL_CTX,
226 psk_server_cb: Option<
227 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
228 >,
229 );
230 pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
231 pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
232}
233
234extern "C" {
235 #[cfg(ossl111)]
236 pub fn SSL_CTX_add_custom_ext(
237 ctx: *mut SSL_CTX,
238 ext_type: c_uint,
239 context: c_uint,
240 add_cb: SSL_custom_ext_add_cb_ex,
241 free_cb: SSL_custom_ext_free_cb_ex,
242 add_arg: *mut c_void,
243 parse_cb: SSL_custom_ext_parse_cb_ex,
244 parse_arg: *mut c_void,
245 ) -> c_int;
246
247 #[cfg(ossl110)]
248 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
249}
250
251#[cfg(ossl111)]
252pub type SSL_CTX_keylog_cb_func =
253 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
254
255extern "C" {
256 #[cfg(ossl111)]
257 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
258
259 #[cfg(any(ossl111, libressl))]
260 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
261 #[cfg(any(ossl111, libressl))]
262 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
263 #[cfg(any(ossl111, libressl))]
264 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
265 #[cfg(any(ossl111, libressl))]
266 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
267
268 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
269 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
270
271 pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
272 pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
273}
274
275const_ptr_api! {
276 extern "C" {
277 #[cfg(ossl110)]
278 pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
279 }
280}
281
282cfg_if! {
283 if #[cfg(libressl)] {
284 extern "C" {
285 pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
286 pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
287 pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
288 pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
289
290 pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
291 pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
292 pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
293 pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
294 }
295 }
296}
297
298extern "C" {
299 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
300 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
301 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
302 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
303 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
304 pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
305
306 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
307 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
308 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
309}
310extern "C" {
311 #[cfg(ossl111)]
312 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
313 #[cfg(ossl111)]
314 pub fn SSL_CIPHER_get_protocol_id(cipher: *const SSL_CIPHER) -> u16;
315 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
316 #[cfg(ossl111)]
317 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
318 #[cfg(ossl111)]
319 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
320
321 pub fn SSL_pending(ssl: *const SSL) -> c_int;
322 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
323 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
324 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
325 #[cfg(any(ossl111, libressl))]
326 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
327 #[cfg(any(ossl111, libressl))]
328 pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
329 pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
330 pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
331 pub fn SSL_set_verify(
332 ssl: *mut SSL,
333 mode: c_int,
334 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
336 );
337 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
338 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
339
340 pub fn SSL_CTX_use_PrivateKey_file(
341 ctx: *mut SSL_CTX,
342 key_file: *const c_char,
343 file_type: c_int,
344 ) -> c_int;
345 pub fn SSL_CTX_use_certificate_file(
346 ctx: *mut SSL_CTX,
347 cert_file: *const c_char,
348 file_type: c_int,
349 ) -> c_int;
350 pub fn SSL_CTX_use_certificate_chain_file(
351 ctx: *mut SSL_CTX,
352 cert_chain_file: *const c_char,
353 ) -> c_int;
354 pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
355 pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
356 pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
357 pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
358 pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
359 pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
360 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
361
362 #[cfg(not(ossl110))]
363 pub fn SSL_load_error_strings();
364 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
365 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
366
367 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
368 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
369 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
370
371 #[cfg(any(ossl111, libressl))]
372 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
373 #[cfg(any(ossl111, libressl))]
374 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
375
376 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
377 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
378 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
379}
380cfg_if! {
381 if #[cfg(tongsuo)] {
382 extern "C" {
383 pub fn SSL_CTX_use_enc_PrivateKey(ctx: *mut SSL_CTX, pkey: *mut EVP_PKEY) -> c_int;
384 pub fn SSL_CTX_use_sign_PrivateKey(ctx: *mut SSL_CTX, pkey: *mut EVP_PKEY) -> c_int;
385 pub fn SSL_CTX_use_enc_PrivateKey_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
386 pub fn SSL_CTX_use_sign_PrivateKey_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
387 pub fn SSL_CTX_enable_ntls(ctx: *mut SSL_CTX);
388 pub fn SSL_CTX_disable_ntls(ctx: *mut SSL_CTX);
389 #[cfg(ossl300)]
390 pub fn SSL_CTX_enable_force_ntls(ctx: *mut SSL_CTX);
391 #[cfg(ossl300)]
392 pub fn SSL_CTX_disable_force_ntls(ctx: *mut SSL_CTX);
393 pub fn SSL_enable_ntls(s: *mut SSL);
394 pub fn SSL_disable_ntls(s: *mut SSL);
395 #[cfg(ossl300)]
396 pub fn SSL_enable_force_ntls(s: *mut SSL);
397 #[cfg(ossl300)]
398 pub fn SSL_disable_force_ntls(s: *mut SSL);
399 pub fn SSL_CTX_enable_sm_tls13_strict(ctx: *mut SSL_CTX);
400 pub fn SSL_CTX_disable_sm_tls13_strict(ctx: *mut SSL_CTX);
401 pub fn SSL_enable_sm_tls13_strict(s: *mut SSL);
402 pub fn SSL_disable_sm_tls13_strict(s: *mut SSL);
403 pub fn SSL_CTX_use_enc_certificate(ctx: *mut SSL_CTX, x: *mut X509) -> c_int;
404 pub fn SSL_CTX_use_sign_certificate(ctx: *mut SSL_CTX, x: *mut X509) -> c_int;
405 pub fn SSL_CTX_use_enc_certificate_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
406 pub fn SSL_CTX_use_sign_certificate_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
407 pub fn SSL_is_ntls(s: *const SSL) -> c_int;
408 pub fn NTLS_method() -> *const SSL_METHOD;
409 pub fn NTLS_server_method() -> *const SSL_METHOD;
410 pub fn NTLS_client_method() -> *const SSL_METHOD;
411 pub fn SSL_set_ciphers(s: *mut SSL, cipher_list: *mut stack_st_SSL_CIPHER) -> c_int;
412 pub fn SSL_set_ciphers_by_id(s: *mut SSL, cipher_list_by_id: *mut stack_st_SSL_CIPHER) -> c_int;
413 pub fn SSL_CTX_set_ciphers(ctx: *mut SSL_CTX, cipher_list: *mut stack_st_SSL_CIPHER) -> c_int;
414 pub fn SSL_CTX_get_ciphers_by_id(ctx: *const SSL_CTX) -> *mut stack_st_SSL_CIPHER;
415 pub fn SSL_CTX_set_ciphers_by_id(ctx: *mut SSL_CTX, cipher_list_by_id: *mut stack_st_SSL_CIPHER) -> c_int;
416 pub fn SSL_use_sign_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
417 pub fn SSL_use_sign_certificate_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
418 pub fn SSL_use_enc_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
419 pub fn SSL_use_enc_certificate_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
420 pub fn SSL_use_enc_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
421 pub fn SSL_use_enc_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
422 pub fn SSL_use_sign_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
423 pub fn SSL_use_sign_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
424 }
425 }
426}
427const_ptr_api! {
428 extern "C" {
429 pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
430 }
431}
432extern "C" {
433 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
434 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
435 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
436 pub fn d2i_SSL_SESSION(
437 a: *mut *mut SSL_SESSION,
438 pp: *mut *const c_uchar,
439 len: c_long,
440 ) -> *mut SSL_SESSION;
441
442 #[cfg(not(ossl300))]
443 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
444 #[cfg(ossl300)]
445 pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
446
447 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
448
449 pub fn SSL_CTX_set_verify(
450 ctx: *mut SSL_CTX,
451 mode: c_int,
452 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
453 );
454 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
455
456 #[cfg(any(ossl111, libressl))]
457 pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
458
459 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
460
461 pub fn SSL_CTX_set_session_id_context(
462 ssl: *mut SSL_CTX,
463 sid_ctx: *const c_uchar,
464 sid_ctx_len: c_uint,
465 ) -> c_int;
466
467 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
468
469 pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
470
471 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
472}
473
474#[cfg(ossl111)]
475pub type SSL_client_hello_cb_fn =
476 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
477extern "C" {
478 #[cfg(ossl111)]
479 pub fn SSL_CTX_set_client_hello_cb(
480 c: *mut SSL_CTX,
481 cb: SSL_client_hello_cb_fn,
482 arg: *mut c_void,
483 );
484 #[cfg(ossl111)]
485 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
486 #[cfg(ossl111)]
487 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
488 #[cfg(ossl111)]
489 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
490 #[cfg(ossl111)]
491 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
492 #[cfg(ossl111)]
493 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
494 #[cfg(ossl111)]
495 pub fn SSL_client_hello_get0_compression_methods(
496 s: *mut SSL,
497 out: *mut *const c_uchar,
498 ) -> size_t;
499 #[cfg(ossl111)]
500 pub fn SSL_client_hello_get1_extensions_present(
501 s: *mut SSL,
502 out: *mut *mut c_int,
503 outlen: *mut size_t,
504 ) -> c_int;
505 #[cfg(ossl111)]
506 pub fn SSL_client_hello_get0_ext(
507 s: *mut SSL,
508 type_: c_uint,
509 out: *mut *const c_uchar,
510 outlen: *mut size_t,
511 ) -> c_int;
512
513 pub fn SSL_free(ssl: *mut SSL);
514 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
515 #[cfg(ossl111)]
516 pub fn SSL_stateless(s: *mut SSL) -> c_int;
517 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
518 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
519 #[cfg(any(ossl111, libressl))]
520 pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
521 -> c_int;
522 pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
523 #[cfg(any(ossl111, libressl))]
524 pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
525 -> c_int;
526 #[cfg(any(ossl111, libressl))]
527 pub fn SSL_read_early_data(
528 s: *mut SSL,
529 buf: *mut c_void,
530 num: size_t,
531 readbytes: *mut size_t,
532 ) -> c_int;
533 #[cfg(ossl111)]
534 pub fn SSL_bytes_to_cipher_list(
535 s: *mut SSL,
536 bytes: *const c_uchar,
537 len: size_t,
538 isv2format: c_int,
539 sk: *mut *mut stack_st_SSL_CIPHER,
540 scsvs: *mut *mut stack_st_SSL_CIPHER,
541 ) -> c_int;
542}
543
544extern "C" {
545 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
546 #[cfg(any(ossl111, libressl))]
547 pub fn SSL_write_ex(
548 ssl: *mut SSL,
549 buf: *const c_void,
550 num: size_t,
551 written: *mut size_t,
552 ) -> c_int;
553 #[cfg(any(ossl111, libressl))]
554 pub fn SSL_write_early_data(
555 s: *mut SSL,
556 buf: *const c_void,
557 num: size_t,
558 written: *mut size_t,
559 ) -> c_int;
560 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
561 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
562 pub fn SSL_CTX_callback_ctrl(
563 ctx: *mut SSL_CTX,
564 cmd: c_int,
565 fp: Option<unsafe extern "C" fn()>,
566 ) -> c_long;
567}
568
569extern "C" {
570 pub fn TLS_method() -> *const SSL_METHOD;
571
572 pub fn DTLS_method() -> *const SSL_METHOD;
573
574 pub fn TLS_server_method() -> *const SSL_METHOD;
575
576 pub fn TLS_client_method() -> *const SSL_METHOD;
577
578 pub fn DTLS_server_method() -> *const SSL_METHOD;
579
580 pub fn DTLS_client_method() -> *const SSL_METHOD;
581}
582
583extern "C" {
584 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
585 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
586
587 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
588 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
589
590 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
591
592 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
593
594 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
595 pub fn SSL_CTX_load_verify_locations(
596 ctx: *mut SSL_CTX,
597 CAfile: *const c_char,
598 CApath: *const c_char,
599 ) -> c_int;
600}
601
602const_ptr_api! {
603 extern "C" {
604 pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
605 }
606}
607
608extern "C" {
609 pub fn SSL_set_connect_state(s: *mut SSL);
610 pub fn SSL_set_accept_state(s: *mut SSL);
611
612 #[cfg(not(ossl110))]
613 pub fn SSL_library_init() -> c_int;
614
615 pub fn SSL_CIPHER_description(
616 cipher: *const SSL_CIPHER,
617 buf: *mut c_char,
618 size: c_int,
619 ) -> *mut c_char;
620
621 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
622 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
623}
624
625extern "C" {
626 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
627 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
628
629 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
630 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
631 pub fn SSL_version(ssl: *const SSL) -> c_int;
632 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
633 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
634 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
635
636 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
637 #[cfg(ossl110)]
638 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
639
640 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
641 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
642 pub fn SSL_SESSION_get_master_key(
643 session: *const SSL_SESSION,
644 out: *mut c_uchar,
645 outlen: size_t,
646 ) -> size_t;
647}
648
649extern "C" {
650 #[cfg(not(ossl110))]
651 pub fn SSL_get_ex_new_index(
652 argl: c_long,
653 argp: *mut c_void,
654 new_func: CRYPTO_EX_new,
655 dup_func: CRYPTO_EX_dup,
656 free_func: CRYPTO_EX_free,
657 ) -> c_int;
658
659 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
660 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
661
662 #[cfg(not(ossl110))]
663 pub fn SSL_CTX_get_ex_new_index(
664 argl: c_long,
665 argp: *mut c_void,
666 new_func: CRYPTO_EX_new,
667 dup_func: CRYPTO_EX_dup,
668 free_func: CRYPTO_EX_free,
669 ) -> c_int;
670
671 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
672 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
673
674 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
675}
676
677#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
678extern "C" {
679 pub fn SSL_CTX_set_info_callback(
680 ctx: *mut SSL_CTX,
681 cb: ::std::option::Option<
682 unsafe extern "C" fn(ssl: *const SSL, type_: ::libc::c_int, val: ::libc::c_int),
683 >,
684 );
685 pub fn SSL_set_info_callback(
686 ssl: *mut SSL,
687 cb: ::std::option::Option<
688 unsafe extern "C" fn(ssl: *const SSL, type_: ::libc::c_int, val: ::libc::c_int),
689 >,
690 );
691}
692
693extern "C" {
694 pub fn SSL_CTX_set_tmp_dh_callback(
695 ctx: *mut SSL_CTX,
696 dh: Option<
697 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
698 >,
699 );
700 pub fn SSL_set_tmp_dh_callback(
701 ctx: *mut SSL,
702 dh: Option<
703 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
704 >,
705 );
706 #[cfg(not(ossl110))]
707 pub fn SSL_CTX_set_tmp_ecdh_callback(
708 ctx: *mut SSL_CTX,
709 ecdh: Option<
710 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
711 >,
712 );
713 #[cfg(not(ossl110))]
714 pub fn SSL_set_tmp_ecdh_callback(
715 ssl: *mut SSL,
716 ecdh: Option<
717 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
718 >,
719 );
720}
721
722cfg_if! {
723 if #[cfg(libressl)] {
724 extern "C" {
725 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void;
726 }
727 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
728 const_ptr_api! {
729 extern "C" {
730 pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
731 }
732 }
733 }
734}
735cfg_if! {
736 if #[cfg(libressl)] {
737 extern "C" {
738 pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char;
739 }
740 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
741 extern "C" {
742 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
743 }
744 }
745}
746
747#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
748extern "C" {
749 #[cfg(ossl110)]
750 pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
751}
752
753extern "C" {
754 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
755 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
756}
757
758const_ptr_api! {
759 extern "C" {
760 #[cfg(ossl110)]
761 pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
762 }
763}
764
765const_ptr_api! {
766 extern "C" {
767 pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl))] SSL) -> c_int;
768 }
769}
770
771extern "C" {
772 #[cfg(ossl110)]
773 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
774}
775
776extern "C" {
777 #[cfg(ossl111)]
778 pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
779
780 #[cfg(ossl111)]
781 pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
782
783 #[cfg(ossl111b)]
784 pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
785 #[cfg(all(ossl111, not(ossl111b)))]
786 pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
787
788 #[cfg(ossl111b)]
789 pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
790 #[cfg(all(ossl111, not(ossl111b)))]
791 pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
792}
793
794extern "C" {
795 #[cfg(any(ossl110, libressl360))]
796 pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
797
798 #[cfg(any(ossl110, libressl360))]
799 pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
800
801 #[cfg(any(ossl110, libressl360))]
802 pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
803
804 #[cfg(any(ossl110, libressl360))]
805 pub fn SSL_get_security_level(s: *const SSL) -> c_int;
806}
807
808#[cfg(ossl111)]
809extern "C" {
810 pub fn SSL_enable_ct(s: *mut SSL, validation_mode: c_int) -> c_int;
811 pub fn SSL_CTX_enable_ct(ctx: *mut SSL_CTX, validation_mode: c_int) -> c_int;
812 pub fn SSL_ct_is_enabled(s: *const SSL) -> c_int;
813 pub fn SSL_CTX_ct_is_enabled(ctx: *const SSL_CTX) -> c_int;
814}
815
816#[cfg(ossl320)]
817extern "C" {
818 pub fn SSL_CTX_compress_certs(ctx: *mut SSL_CTX, alg: c_int) -> c_int;
819 pub fn SSL_compress_certs(ssl: *mut SSL, alg: c_int) -> c_int;
820 pub fn SSL_CTX_set1_cert_comp_preference(
821 ctx: *mut SSL_CTX,
822 algs: *mut c_int,
823 len: usize,
824 ) -> c_int;
825 pub fn SSL_set1_cert_comp_preference(ssl: *mut SSL, algs: *mut c_int, len: usize) -> c_int;
826}
827
828#[cfg(tongsuo)]
829pub type SSL_cert_compress_cb_fn = Option<
830 unsafe extern "C" fn(
831 s: *mut SSL,
832 in_: *const c_uchar,
833 inlen: usize,
834 out: *mut c_uchar,
835 outlen: *mut usize,
836 ) -> c_int,
837>;
838#[cfg(tongsuo)]
839pub type SSL_cert_decompress_cb_fn = Option<
840 unsafe extern "C" fn(
841 s: *mut SSL,
842 in_: *const c_uchar,
843 inlen: usize,
844 out: *mut c_uchar,
845 outlen: usize,
846 ) -> c_int,
847>;
848#[cfg(tongsuo)]
849extern "C" {
850 pub fn SSL_get_cert_compression_compress_id(s: *mut SSL) -> c_int;
851 pub fn SSL_get_cert_compression_decompress_id(s: *mut SSL) -> c_int;
852 pub fn SSL_add_cert_compression_alg(
853 s: *mut SSL,
854 alg_id: c_int,
855 compress: SSL_cert_compress_cb_fn,
856 decompress: SSL_cert_decompress_cb_fn,
857 ) -> c_int;
858 pub fn SSL_CTX_add_cert_compression_alg(
859 ctx: *mut SSL_CTX,
860 alg_id: c_int,
861 compress: SSL_cert_compress_cb_fn,
862 decompress: SSL_cert_decompress_cb_fn,
863 ) -> c_int;
864}
865
866#[cfg(ossl320)]
867extern "C" {
868 pub fn OSSL_QUIC_client_method() -> *const SSL_METHOD;
869 pub fn OSSL_QUIC_client_thread_method() -> *const SSL_METHOD;
870 pub fn SSL_get_event_timeout(s: *mut SSL, tv: *mut timeval, is_infinite: *mut c_int) -> c_int;
871 pub fn SSL_handle_events(s: *mut SSL) -> c_int;
872 pub fn SSL_get_blocking_mode(s: *mut SSL) -> c_int;
873 pub fn SSL_set_blocking_mode(s: *mut SSL, blocking: c_int) -> c_int;
874 pub fn SSL_get_rpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
875 pub fn SSL_get_wpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
876 pub fn SSL_net_read_desired(s: *mut SSL) -> c_int;
877 pub fn SSL_net_write_desired(s: *mut SSL) -> c_int;
878 pub fn SSL_set1_initial_peer_addr(s: *mut SSL, peer_addr: *const BIO_ADDR) -> c_int;
879 pub fn SSL_shutdown_ex(
880 ssl: *mut SSL,
881 flags: u64,
882 args: *const SSL_SHUTDOWN_EX_ARGS,
883 args_len: usize,
884 ) -> c_int;
885 pub fn SSL_stream_conclude(ssl: *mut SSL, flags: u64) -> c_int;
886 pub fn SSL_stream_reset(
887 ssl: *mut SSL,
888 args: *const SSL_STREAM_RESET_ARGS,
889 args_len: usize,
890 ) -> c_int;
891 pub fn SSL_get_stream_read_state(ssl: *mut SSL) -> c_int;
892 pub fn SSL_get_stream_write_state(ssl: *mut SSL) -> c_int;
893 pub fn SSL_get_conn_close_info(
894 ssl: *mut SSL,
895 info: *mut SSL_CONN_CLOSE_INFO,
896 info_len: usize,
897 ) -> c_int;
898 pub fn SSL_get0_connection(s: *mut SSL) -> *mut SSL;
899 pub fn SSL_is_connection(s: *mut SSL) -> c_int;
900 pub fn SSL_get_stream_type(s: *mut SSL) -> c_int;
901 pub fn SSL_get_stream_id(s: *mut SSL) -> u64;
902 pub fn SSL_new_stream(s: *mut SSL, flags: u64) -> *mut SSL;
903 pub fn SSL_accept_stream(s: *mut SSL, flags: u64) -> *mut SSL;
904 pub fn SSL_set_incoming_stream_policy(s: *mut SSL, policy: c_int, aec: u64) -> c_int;
905 pub fn SSL_get_accept_stream_queue_len(s: *mut SSL) -> usize;
906 pub fn SSL_set_default_stream_mode(s: *mut SSL, mode: u32) -> c_int;
907 pub fn SSL_get0_group_name(s: *mut SSL) -> *const c_char;
908}
909
910#[cfg(ossl330)]
911extern "C" {
912 pub fn SSL_write_ex2(
913 s: *mut SSL,
914 buf: *const c_void,
915 num: usize,
916 flags: u64,
917 written: *mut usize,
918 ) -> c_int;
919 pub fn SSL_get_value_uint(s: *mut SSL, class_: u32, id: u32, v: *mut u64) -> c_int;
920 pub fn SSL_set_value_uint(s: *mut SSL, class_: u32, id: u32, v: u64) -> c_int;
921}
922
923#[cfg(ossl300)]
924extern "C" {
925 pub fn SSL_CTX_set0_tmp_dh_pkey(ctx: *mut SSL_CTX, dhpkey: *mut EVP_PKEY) -> c_int;
926 pub fn SSL_set0_tmp_dh_pkey(s: *mut SSL, dhpkey: *mut EVP_PKEY) -> c_int;
927}