1use super::super::*;
2use libc::{size_t, timeval};
3use std::ffi::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void};
4
5pub enum SSL_METHOD {}
6pub enum SSL_CIPHER {}
7pub enum SSL_SESSION {}
8
9stack!(stack_st_SSL_CIPHER);
10
11#[repr(C)]
12pub struct SRTP_PROTECTION_PROFILE {
13 pub name: *const c_char,
14 pub id: c_ulong,
15}
16
17stack!(stack_st_SRTP_PROTECTION_PROFILE);
18
19pub type tls_session_ticket_ext_cb_fn =
20 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
21pub type tls_session_secret_cb_fn = Option<
22 unsafe extern "C" fn(
23 *mut SSL,
24 *mut c_void,
25 *mut c_int,
26 *mut stack_st_SSL_CIPHER,
27 *mut *mut SSL_CIPHER,
28 *mut c_void,
29 ) -> c_int,
30>;
31
32#[cfg(ossl111)]
33pub type SSL_custom_ext_add_cb_ex = Option<
34 unsafe extern "C" fn(
35 ssl: *mut SSL,
36 ext_type: c_uint,
37 context: c_uint,
38 out: *mut *const c_uchar,
39 outlen: *mut size_t,
40 x: *mut X509,
41 chainidx: size_t,
42 al: *mut c_int,
43 add_arg: *mut c_void,
44 ) -> c_int,
45>;
46
47#[cfg(ossl111)]
48pub type SSL_custom_ext_free_cb_ex = Option<
49 unsafe extern "C" fn(
50 ssl: *mut SSL,
51 ext_type: c_uint,
52 context: c_uint,
53 out: *const c_uchar,
54 add_arg: *mut c_void,
55 ),
56>;
57
58#[cfg(ossl111)]
59pub type SSL_custom_ext_parse_cb_ex = Option<
60 unsafe extern "C" fn(
61 ssl: *mut SSL,
62 ext_type: c_uint,
63 context: c_uint,
64 input: *const c_uchar,
65 inlen: size_t,
66 x: *mut X509,
67 chainidx: size_t,
68 al: *mut c_int,
69 parse_arg: *mut c_void,
70 ) -> c_int,
71>;
72
73cfg_if! {
74 if #[cfg(ossl300)] {
75 extern "C" {
76 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
77 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
78 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
79 }
80 } else if #[cfg(ossl110)] {
81 extern "C" {
82 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
83 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
84 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
85 }
86 }
87}
88
89pub type GEN_SESSION_CB =
90 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
91
92extern "C" {
93 pub fn SSL_CTX_sess_set_new_cb(
94 ctx: *mut SSL_CTX,
95 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
96 );
97 pub fn SSL_CTX_sess_set_remove_cb(
98 ctx: *mut SSL_CTX,
99 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
100 );
101}
102extern "C" {
103 pub fn SSL_CTX_sess_set_get_cb(
104 ctx: *mut SSL_CTX,
105 get_session_cb: Option<
106 unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
107 >,
108 );
109}
110extern "C" {
111 pub fn SSL_CTX_set_cookie_generate_cb(
113 s: *mut SSL_CTX,
114 cb: Option<
115 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
116 >,
117 );
118}
119extern "C" {
120 pub fn SSL_CTX_set_cookie_verify_cb(
121 s: *mut SSL_CTX,
122 cb: Option<
123 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
124 >,
125 );
126}
127
128extern "C" {
129 #[cfg(ossl111)]
130 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
131 s: *mut SSL_CTX,
132 cb: Option<
133 unsafe extern "C" fn(
134 ssl: *mut SSL,
135 cookie: *mut c_uchar,
136 cookie_len: *mut size_t,
137 ) -> c_int,
138 >,
139 );
140 #[cfg(ossl111)]
141 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
142 s: *mut SSL_CTX,
143 cb: Option<
144 unsafe extern "C" fn(
145 ssl: *mut SSL,
146 cookie: *const c_uchar,
147 cookie_len: size_t,
148 ) -> c_int,
149 >,
150 );
151
152 pub fn SSL_CTX_set_next_protos_advertised_cb(
153 ssl: *mut SSL_CTX,
154 cb: extern "C" fn(
155 ssl: *mut SSL,
156 out: *mut *const c_uchar,
157 outlen: *mut c_uint,
158 arg: *mut c_void,
159 ) -> c_int,
160 arg: *mut c_void,
161 );
162 pub fn SSL_CTX_set_next_proto_select_cb(
163 ssl: *mut SSL_CTX,
164 cb: extern "C" fn(
165 ssl: *mut SSL,
166 out: *mut *mut c_uchar,
167 outlen: *mut c_uchar,
168 inbuf: *const c_uchar,
169 inlen: c_uint,
170 arg: *mut c_void,
171 ) -> c_int,
172 arg: *mut c_void,
173 );
174 pub fn SSL_get0_next_proto_negotiated(
175 s: *const SSL,
176 data: *mut *const c_uchar,
177 len: *mut c_uint,
178 );
179
180 pub fn SSL_select_next_proto(
181 out: *mut *mut c_uchar,
182 outlen: *mut c_uchar,
183 inbuf: *const c_uchar,
184 inlen: c_uint,
185 client: *const c_uchar,
186 client_len: c_uint,
187 ) -> c_int;
188}
189
190extern "C" {
191 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
192 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
193 pub fn SSL_CTX_set_alpn_select_cb(
194 ssl: *mut SSL_CTX,
195 cb: Option<
196 unsafe extern "C" fn(
197 ssl: *mut SSL,
198 out: *mut *const c_uchar,
199 outlen: *mut c_uchar,
200 inbuf: *const c_uchar,
201 inlen: c_uint,
202 arg: *mut c_void,
203 ) -> c_int,
204 >,
205 arg: *mut c_void,
206 );
207 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
208}
209
210#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
211extern "C" {
212 pub fn SSL_CTX_set_psk_client_callback(
213 ssl: *mut SSL_CTX,
214 psk_client_cb: Option<
215 extern "C" fn(
216 *mut SSL,
217 *const c_char,
218 *mut c_char,
219 c_uint,
220 *mut c_uchar,
221 c_uint,
222 ) -> c_uint,
223 >,
224 );
225 pub fn SSL_CTX_set_psk_server_callback(
226 ssl: *mut SSL_CTX,
227 psk_server_cb: Option<
228 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
229 >,
230 );
231 pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
232 pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
233}
234
235extern "C" {
236 #[cfg(ossl111)]
237 pub fn SSL_CTX_add_custom_ext(
238 ctx: *mut SSL_CTX,
239 ext_type: c_uint,
240 context: c_uint,
241 add_cb: SSL_custom_ext_add_cb_ex,
242 free_cb: SSL_custom_ext_free_cb_ex,
243 add_arg: *mut c_void,
244 parse_cb: SSL_custom_ext_parse_cb_ex,
245 parse_arg: *mut c_void,
246 ) -> c_int;
247
248 #[cfg(ossl110)]
249 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
250}
251
252#[cfg(ossl111)]
253pub type SSL_CTX_keylog_cb_func =
254 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
255
256extern "C" {
257 #[cfg(ossl111)]
258 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
259
260 #[cfg(any(ossl111, libressl))]
261 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
262 #[cfg(any(ossl111, libressl))]
263 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
264 #[cfg(any(ossl111, libressl))]
265 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
266 #[cfg(any(ossl111, libressl))]
267 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
268
269 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
270 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
271
272 pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
273 pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
274}
275
276const_ptr_api! {
277 extern "C" {
278 #[cfg(ossl110)]
279 pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
280 }
281}
282
283cfg_if! {
284 if #[cfg(libressl)] {
285 extern "C" {
286 pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
287 pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
288 pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
289 pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
290
291 pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
292 pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
293 pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
294 pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
295 }
296 }
297}
298
299extern "C" {
300 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
301 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
302 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
303 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
304 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
305 pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
306
307 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
308 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
309 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> *const c_char;
310}
311extern "C" {
312 #[cfg(ossl111)]
313 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
314 #[cfg(ossl111)]
315 pub fn SSL_CIPHER_get_protocol_id(cipher: *const SSL_CIPHER) -> u16;
316 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
317 #[cfg(ossl111)]
318 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
319 #[cfg(ossl111)]
320 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
321
322 pub fn SSL_pending(ssl: *const SSL) -> c_int;
323 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
324 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
325 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
326 #[cfg(any(ossl111, libressl))]
327 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
328 #[cfg(any(ossl111, libressl))]
329 pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
330 pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
331 pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
332 pub fn SSL_set_verify(
333 ssl: *mut SSL,
334 mode: c_int,
335 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
337 );
338 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
339 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
340
341 pub fn SSL_CTX_use_PrivateKey_file(
342 ctx: *mut SSL_CTX,
343 key_file: *const c_char,
344 file_type: c_int,
345 ) -> c_int;
346 pub fn SSL_CTX_use_certificate_file(
347 ctx: *mut SSL_CTX,
348 cert_file: *const c_char,
349 file_type: c_int,
350 ) -> c_int;
351 pub fn SSL_CTX_use_certificate_chain_file(
352 ctx: *mut SSL_CTX,
353 cert_chain_file: *const c_char,
354 ) -> c_int;
355 pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
356 pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
357 pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
358 pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
359 pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
360 pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
361 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
362
363 #[cfg(not(ossl110))]
364 pub fn SSL_load_error_strings();
365 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
366 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
367
368 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
369 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
370 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
371
372 #[cfg(any(ossl111, libressl))]
373 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
374 #[cfg(any(ossl111, libressl))]
375 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
376
377 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
378 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
379 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
380}
381cfg_if! {
382 if #[cfg(tongsuo)] {
383 extern "C" {
384 pub fn SSL_CTX_use_enc_PrivateKey(ctx: *mut SSL_CTX, pkey: *mut EVP_PKEY) -> c_int;
385 pub fn SSL_CTX_use_sign_PrivateKey(ctx: *mut SSL_CTX, pkey: *mut EVP_PKEY) -> c_int;
386 pub fn SSL_CTX_use_enc_PrivateKey_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
387 pub fn SSL_CTX_use_sign_PrivateKey_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
388 pub fn SSL_CTX_enable_ntls(ctx: *mut SSL_CTX);
389 pub fn SSL_CTX_disable_ntls(ctx: *mut SSL_CTX);
390 #[cfg(ossl300)]
391 pub fn SSL_CTX_enable_force_ntls(ctx: *mut SSL_CTX);
392 #[cfg(ossl300)]
393 pub fn SSL_CTX_disable_force_ntls(ctx: *mut SSL_CTX);
394 pub fn SSL_enable_ntls(s: *mut SSL);
395 pub fn SSL_disable_ntls(s: *mut SSL);
396 #[cfg(ossl300)]
397 pub fn SSL_enable_force_ntls(s: *mut SSL);
398 #[cfg(ossl300)]
399 pub fn SSL_disable_force_ntls(s: *mut SSL);
400 pub fn SSL_CTX_enable_sm_tls13_strict(ctx: *mut SSL_CTX);
401 pub fn SSL_CTX_disable_sm_tls13_strict(ctx: *mut SSL_CTX);
402 pub fn SSL_enable_sm_tls13_strict(s: *mut SSL);
403 pub fn SSL_disable_sm_tls13_strict(s: *mut SSL);
404 pub fn SSL_CTX_use_enc_certificate(ctx: *mut SSL_CTX, x: *mut X509) -> c_int;
405 pub fn SSL_CTX_use_sign_certificate(ctx: *mut SSL_CTX, x: *mut X509) -> c_int;
406 pub fn SSL_CTX_use_enc_certificate_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
407 pub fn SSL_CTX_use_sign_certificate_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
408 pub fn SSL_is_ntls(s: *const SSL) -> c_int;
409 pub fn NTLS_method() -> *const SSL_METHOD;
410 pub fn NTLS_server_method() -> *const SSL_METHOD;
411 pub fn NTLS_client_method() -> *const SSL_METHOD;
412 pub fn SSL_set_ciphers(s: *mut SSL, cipher_list: *mut stack_st_SSL_CIPHER) -> c_int;
413 pub fn SSL_set_ciphers_by_id(s: *mut SSL, cipher_list_by_id: *mut stack_st_SSL_CIPHER) -> c_int;
414 pub fn SSL_CTX_set_ciphers(ctx: *mut SSL_CTX, cipher_list: *mut stack_st_SSL_CIPHER) -> c_int;
415 pub fn SSL_CTX_get_ciphers_by_id(ctx: *const SSL_CTX) -> *mut stack_st_SSL_CIPHER;
416 pub fn SSL_CTX_set_ciphers_by_id(ctx: *mut SSL_CTX, cipher_list_by_id: *mut stack_st_SSL_CIPHER) -> c_int;
417 pub fn SSL_use_sign_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
418 pub fn SSL_use_sign_certificate_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
419 pub fn SSL_use_enc_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
420 pub fn SSL_use_enc_certificate_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
421 pub fn SSL_use_enc_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
422 pub fn SSL_use_enc_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
423 pub fn SSL_use_sign_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
424 pub fn SSL_use_sign_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
425 }
426 }
427}
428const_ptr_api! {
429 extern "C" {
430 pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
431 }
432}
433extern "C" {
434 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
435 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
436 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
437 pub fn d2i_SSL_SESSION(
438 a: *mut *mut SSL_SESSION,
439 pp: *mut *const c_uchar,
440 len: c_long,
441 ) -> *mut SSL_SESSION;
442
443 #[cfg(not(ossl300))]
444 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
445 #[cfg(ossl300)]
446 pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
447
448 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
449
450 pub fn SSL_CTX_set_verify(
451 ctx: *mut SSL_CTX,
452 mode: c_int,
453 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
454 );
455 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
456
457 #[cfg(any(ossl111, libressl))]
458 pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
459
460 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
461
462 pub fn SSL_CTX_set_session_id_context(
463 ssl: *mut SSL_CTX,
464 sid_ctx: *const c_uchar,
465 sid_ctx_len: c_uint,
466 ) -> c_int;
467
468 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
469
470 pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
471
472 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
473}
474
475#[cfg(ossl111)]
476pub type SSL_client_hello_cb_fn =
477 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
478extern "C" {
479 #[cfg(ossl111)]
480 pub fn SSL_CTX_set_client_hello_cb(
481 c: *mut SSL_CTX,
482 cb: SSL_client_hello_cb_fn,
483 arg: *mut c_void,
484 );
485 #[cfg(ossl111)]
486 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
487 #[cfg(ossl111)]
488 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
489 #[cfg(ossl111)]
490 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
491 #[cfg(ossl111)]
492 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
493 #[cfg(ossl111)]
494 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
495 #[cfg(ossl111)]
496 pub fn SSL_client_hello_get0_compression_methods(
497 s: *mut SSL,
498 out: *mut *const c_uchar,
499 ) -> size_t;
500 #[cfg(ossl111)]
501 pub fn SSL_client_hello_get1_extensions_present(
502 s: *mut SSL,
503 out: *mut *mut c_int,
504 outlen: *mut size_t,
505 ) -> c_int;
506 #[cfg(ossl111)]
507 pub fn SSL_client_hello_get0_ext(
508 s: *mut SSL,
509 type_: c_uint,
510 out: *mut *const c_uchar,
511 outlen: *mut size_t,
512 ) -> c_int;
513
514 pub fn SSL_free(ssl: *mut SSL);
515 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
516 #[cfg(ossl111)]
517 pub fn SSL_stateless(s: *mut SSL) -> c_int;
518 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
519 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
520 #[cfg(any(ossl111, libressl))]
521 pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
522 -> c_int;
523 pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
524 #[cfg(any(ossl111, libressl))]
525 pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
526 -> c_int;
527 #[cfg(any(ossl111, libressl))]
528 pub fn SSL_read_early_data(
529 s: *mut SSL,
530 buf: *mut c_void,
531 num: size_t,
532 readbytes: *mut size_t,
533 ) -> c_int;
534 #[cfg(ossl111)]
535 pub fn SSL_bytes_to_cipher_list(
536 s: *mut SSL,
537 bytes: *const c_uchar,
538 len: size_t,
539 isv2format: c_int,
540 sk: *mut *mut stack_st_SSL_CIPHER,
541 scsvs: *mut *mut stack_st_SSL_CIPHER,
542 ) -> c_int;
543}
544
545extern "C" {
546 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
547 #[cfg(any(ossl111, libressl))]
548 pub fn SSL_write_ex(
549 ssl: *mut SSL,
550 buf: *const c_void,
551 num: size_t,
552 written: *mut size_t,
553 ) -> c_int;
554 #[cfg(any(ossl111, libressl))]
555 pub fn SSL_write_early_data(
556 s: *mut SSL,
557 buf: *const c_void,
558 num: size_t,
559 written: *mut size_t,
560 ) -> c_int;
561 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
562 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
563 pub fn SSL_CTX_callback_ctrl(
564 ctx: *mut SSL_CTX,
565 cmd: c_int,
566 fp: Option<unsafe extern "C" fn()>,
567 ) -> c_long;
568}
569
570extern "C" {
571 pub fn TLS_method() -> *const SSL_METHOD;
572
573 pub fn DTLS_method() -> *const SSL_METHOD;
574
575 pub fn TLS_server_method() -> *const SSL_METHOD;
576
577 pub fn TLS_client_method() -> *const SSL_METHOD;
578
579 pub fn DTLS_server_method() -> *const SSL_METHOD;
580
581 pub fn DTLS_client_method() -> *const SSL_METHOD;
582}
583
584extern "C" {
585 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
586 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
587
588 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
589 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
590
591 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
592
593 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
594
595 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
596 pub fn SSL_CTX_load_verify_locations(
597 ctx: *mut SSL_CTX,
598 CAfile: *const c_char,
599 CApath: *const c_char,
600 ) -> c_int;
601}
602
603const_ptr_api! {
604 extern "C" {
605 pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
606 }
607}
608
609extern "C" {
610 pub fn SSL_set_connect_state(s: *mut SSL);
611 pub fn SSL_set_accept_state(s: *mut SSL);
612
613 #[cfg(not(ossl110))]
614 pub fn SSL_library_init() -> c_int;
615
616 pub fn SSL_CIPHER_description(
617 cipher: *const SSL_CIPHER,
618 buf: *mut c_char,
619 size: c_int,
620 ) -> *mut c_char;
621
622 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
623 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
624}
625
626extern "C" {
627 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
628 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
629
630 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
631 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
632 pub fn SSL_version(ssl: *const SSL) -> c_int;
633 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
634 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
635 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
636
637 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
638 #[cfg(ossl110)]
639 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
640
641 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
642 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
643 pub fn SSL_SESSION_get_master_key(
644 session: *const SSL_SESSION,
645 out: *mut c_uchar,
646 outlen: size_t,
647 ) -> size_t;
648}
649
650extern "C" {
651 #[cfg(not(ossl110))]
652 pub fn SSL_get_ex_new_index(
653 argl: c_long,
654 argp: *mut c_void,
655 new_func: CRYPTO_EX_new,
656 dup_func: CRYPTO_EX_dup,
657 free_func: CRYPTO_EX_free,
658 ) -> c_int;
659
660 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
661 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
662
663 #[cfg(not(ossl110))]
664 pub fn SSL_CTX_get_ex_new_index(
665 argl: c_long,
666 argp: *mut c_void,
667 new_func: CRYPTO_EX_new,
668 dup_func: CRYPTO_EX_dup,
669 free_func: CRYPTO_EX_free,
670 ) -> c_int;
671
672 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
673 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
674
675 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
676}
677
678#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
679extern "C" {
680 pub fn SSL_CTX_set_info_callback(
681 ctx: *mut SSL_CTX,
682 cb: ::std::option::Option<
683 unsafe extern "C" fn(ssl: *const SSL, type_: ::libc::c_int, val: ::libc::c_int),
684 >,
685 );
686 pub fn SSL_set_info_callback(
687 ssl: *mut SSL,
688 cb: ::std::option::Option<
689 unsafe extern "C" fn(ssl: *const SSL, type_: ::libc::c_int, val: ::libc::c_int),
690 >,
691 );
692}
693
694extern "C" {
695 pub fn SSL_CTX_set_tmp_dh_callback(
696 ctx: *mut SSL_CTX,
697 dh: Option<
698 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
699 >,
700 );
701 pub fn SSL_set_tmp_dh_callback(
702 ctx: *mut SSL,
703 dh: Option<
704 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
705 >,
706 );
707 #[cfg(not(ossl110))]
708 pub fn SSL_CTX_set_tmp_ecdh_callback(
709 ctx: *mut SSL_CTX,
710 ecdh: Option<
711 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
712 >,
713 );
714 #[cfg(not(ossl110))]
715 pub fn SSL_set_tmp_ecdh_callback(
716 ssl: *mut SSL,
717 ecdh: Option<
718 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
719 >,
720 );
721}
722
723cfg_if! {
724 if #[cfg(libressl)] {
725 extern "C" {
726 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const c_void;
727 }
728 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
729 const_ptr_api! {
730 extern "C" {
731 pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
732 }
733 }
734 }
735}
736cfg_if! {
737 if #[cfg(libressl)] {
738 extern "C" {
739 pub fn SSL_COMP_get_name(comp: *const c_void) -> *const c_char;
740 }
741 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
742 extern "C" {
743 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
744 }
745 }
746}
747
748#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
749extern "C" {
750 #[cfg(ossl110)]
751 pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
752}
753
754extern "C" {
755 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
756 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
757}
758
759const_ptr_api! {
760 extern "C" {
761 #[cfg(ossl110)]
762 pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
763 }
764}
765
766const_ptr_api! {
767 extern "C" {
768 pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl))] SSL) -> c_int;
769 }
770}
771
772extern "C" {
773 #[cfg(ossl110)]
774 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
775}
776
777extern "C" {
778 #[cfg(ossl111)]
779 pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
780
781 #[cfg(ossl111)]
782 pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
783
784 #[cfg(ossl111b)]
785 pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
786 #[cfg(all(ossl111, not(ossl111b)))]
787 pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
788
789 #[cfg(ossl111b)]
790 pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
791 #[cfg(all(ossl111, not(ossl111b)))]
792 pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
793}
794
795extern "C" {
796 #[cfg(any(ossl110, libressl360))]
797 pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
798
799 #[cfg(any(ossl110, libressl360))]
800 pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
801
802 #[cfg(any(ossl110, libressl360))]
803 pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
804
805 #[cfg(any(ossl110, libressl360))]
806 pub fn SSL_get_security_level(s: *const SSL) -> c_int;
807}
808
809#[cfg(ossl111)]
810extern "C" {
811 pub fn SSL_enable_ct(s: *mut SSL, validation_mode: c_int) -> c_int;
812 pub fn SSL_CTX_enable_ct(ctx: *mut SSL_CTX, validation_mode: c_int) -> c_int;
813 pub fn SSL_ct_is_enabled(s: *const SSL) -> c_int;
814 pub fn SSL_CTX_ct_is_enabled(ctx: *const SSL_CTX) -> c_int;
815}
816
817#[cfg(ossl320)]
818extern "C" {
819 pub fn SSL_CTX_compress_certs(ctx: *mut SSL_CTX, alg: c_int) -> c_int;
820 pub fn SSL_compress_certs(ssl: *mut SSL, alg: c_int) -> c_int;
821 pub fn SSL_CTX_set1_cert_comp_preference(
822 ctx: *mut SSL_CTX,
823 algs: *mut c_int,
824 len: usize,
825 ) -> c_int;
826 pub fn SSL_set1_cert_comp_preference(ssl: *mut SSL, algs: *mut c_int, len: usize) -> c_int;
827}
828
829#[cfg(tongsuo)]
830pub type SSL_cert_compress_cb_fn = Option<
831 unsafe extern "C" fn(
832 s: *mut SSL,
833 in_: *const c_uchar,
834 inlen: usize,
835 out: *mut c_uchar,
836 outlen: *mut usize,
837 ) -> c_int,
838>;
839#[cfg(tongsuo)]
840pub type SSL_cert_decompress_cb_fn = Option<
841 unsafe extern "C" fn(
842 s: *mut SSL,
843 in_: *const c_uchar,
844 inlen: usize,
845 out: *mut c_uchar,
846 outlen: usize,
847 ) -> c_int,
848>;
849#[cfg(tongsuo)]
850extern "C" {
851 pub fn SSL_get_cert_compression_compress_id(s: *mut SSL) -> c_int;
852 pub fn SSL_get_cert_compression_decompress_id(s: *mut SSL) -> c_int;
853 pub fn SSL_add_cert_compression_alg(
854 s: *mut SSL,
855 alg_id: c_int,
856 compress: SSL_cert_compress_cb_fn,
857 decompress: SSL_cert_decompress_cb_fn,
858 ) -> c_int;
859 pub fn SSL_CTX_add_cert_compression_alg(
860 ctx: *mut SSL_CTX,
861 alg_id: c_int,
862 compress: SSL_cert_compress_cb_fn,
863 decompress: SSL_cert_decompress_cb_fn,
864 ) -> c_int;
865}
866
867#[cfg(ossl320)]
868extern "C" {
869 pub fn OSSL_QUIC_client_method() -> *const SSL_METHOD;
870 pub fn OSSL_QUIC_client_thread_method() -> *const SSL_METHOD;
871 pub fn SSL_get_event_timeout(s: *mut SSL, tv: *mut timeval, is_infinite: *mut c_int) -> c_int;
872 pub fn SSL_handle_events(s: *mut SSL) -> c_int;
873 pub fn SSL_get_blocking_mode(s: *mut SSL) -> c_int;
874 pub fn SSL_set_blocking_mode(s: *mut SSL, blocking: c_int) -> c_int;
875 pub fn SSL_get_rpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
876 pub fn SSL_get_wpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
877 pub fn SSL_net_read_desired(s: *mut SSL) -> c_int;
878 pub fn SSL_net_write_desired(s: *mut SSL) -> c_int;
879 pub fn SSL_set1_initial_peer_addr(s: *mut SSL, peer_addr: *const BIO_ADDR) -> c_int;
880 pub fn SSL_shutdown_ex(
881 ssl: *mut SSL,
882 flags: u64,
883 args: *const SSL_SHUTDOWN_EX_ARGS,
884 args_len: usize,
885 ) -> c_int;
886 pub fn SSL_stream_conclude(ssl: *mut SSL, flags: u64) -> c_int;
887 pub fn SSL_stream_reset(
888 ssl: *mut SSL,
889 args: *const SSL_STREAM_RESET_ARGS,
890 args_len: usize,
891 ) -> c_int;
892 pub fn SSL_get_stream_read_state(ssl: *mut SSL) -> c_int;
893 pub fn SSL_get_stream_write_state(ssl: *mut SSL) -> c_int;
894 pub fn SSL_get_conn_close_info(
895 ssl: *mut SSL,
896 info: *mut SSL_CONN_CLOSE_INFO,
897 info_len: usize,
898 ) -> c_int;
899 pub fn SSL_get0_connection(s: *mut SSL) -> *mut SSL;
900 pub fn SSL_is_connection(s: *mut SSL) -> c_int;
901 pub fn SSL_get_stream_type(s: *mut SSL) -> c_int;
902 pub fn SSL_get_stream_id(s: *mut SSL) -> u64;
903 pub fn SSL_new_stream(s: *mut SSL, flags: u64) -> *mut SSL;
904 pub fn SSL_accept_stream(s: *mut SSL, flags: u64) -> *mut SSL;
905 pub fn SSL_set_incoming_stream_policy(s: *mut SSL, policy: c_int, aec: u64) -> c_int;
906 pub fn SSL_get_accept_stream_queue_len(s: *mut SSL) -> usize;
907 pub fn SSL_set_default_stream_mode(s: *mut SSL, mode: u32) -> c_int;
908 pub fn SSL_get0_group_name(s: *mut SSL) -> *const c_char;
909}
910
911#[cfg(ossl330)]
912extern "C" {
913 pub fn SSL_write_ex2(
914 s: *mut SSL,
915 buf: *const c_void,
916 num: usize,
917 flags: u64,
918 written: *mut usize,
919 ) -> c_int;
920 pub fn SSL_get_value_uint(s: *mut SSL, class_: u32, id: u32, v: *mut u64) -> c_int;
921 pub fn SSL_set_value_uint(s: *mut SSL, class_: u32, id: u32, v: u64) -> c_int;
922}
923
924#[cfg(ossl300)]
925extern "C" {
926 pub fn SSL_CTX_set0_tmp_dh_pkey(ctx: *mut SSL_CTX, dhpkey: *mut EVP_PKEY) -> c_int;
927 pub fn SSL_set0_tmp_dh_pkey(s: *mut SSL, dhpkey: *mut EVP_PKEY) -> c_int;
928}