1use super::super::*;
2use libc::*;
3
4pub enum SSL_METHOD {}
5pub enum SSL_CIPHER {}
6cfg_if! {
7 if #[cfg(any(ossl110, libressl))] {
8 pub enum SSL_SESSION {}
9 } else {
10 #[repr(C)]
11 pub struct SSL_SESSION {
12 ssl_version: c_int,
13 key_arg_length: c_uint,
14 key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize],
15 pub master_key_length: c_int,
16 pub master_key: [c_uchar; 48],
17 session_id_length: c_uint,
18 session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
19 sid_ctx_length: c_uint,
20 sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
21 #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
22 krb5_client_princ_len: c_uint,
23 #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
24 krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize],
25 #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
26 psk_identity_hint: *mut c_char,
27 #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
28 psk_identity: *mut c_char,
29 not_resumable: c_int,
30 sess_cert: *mut c_void,
31 peer: *mut X509,
32 verify_result: c_long,
33 pub references: c_int,
34 timeout: c_long,
35 time: c_long,
36 compress_meth: c_uint,
37 cipher: *const c_void,
38 cipher_id: c_ulong,
39 ciphers: *mut c_void,
40 ex_data: CRYPTO_EX_DATA,
41 prev: *mut c_void,
42 next: *mut c_void,
43 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
44 tlsext_hostname: *mut c_char,
45 #[cfg(all(
46 not(osslconf = "OPENSSL_NO_TLSEXT"),
47 not(osslconf = "OPENSSL_NO_EC")
48 ))]
49 tlsext_ecpointformatlist_length: size_t,
50 #[cfg(all(
51 not(osslconf = "OPENSSL_NO_TLSEXT"),
52 not(osslconf = "OPENSSL_NO_EC")
53 ))]
54 tlsext_ecpointformatlist: *mut c_uchar,
55 #[cfg(all(
56 not(osslconf = "OPENSSL_NO_TLSEXT"),
57 not(osslconf = "OPENSSL_NO_EC")
58 ))]
59 tlsext_ellipticcurvelist_length: size_t,
60 #[cfg(all(
61 not(osslconf = "OPENSSL_NO_TLSEXT"),
62 not(osslconf = "OPENSSL_NO_EC")
63 ))]
64 tlsext_ellipticcurvelist: *mut c_uchar,
65 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
66 tlsext_tick: *mut c_uchar,
67 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
68 tlsext_ticklen: size_t,
69 #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
70 tlsext_tick_lifetime_hint: c_long,
71 #[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
72 srp_username: *mut c_char,
73 }
74 }
75}
76
77stack!(stack_st_SSL_CIPHER);
78
79#[repr(C)]
80pub struct SRTP_PROTECTION_PROFILE {
81 pub name: *const c_char,
82 pub id: c_ulong,
83}
84
85stack!(stack_st_SRTP_PROTECTION_PROFILE);
86
87pub type tls_session_ticket_ext_cb_fn =
88 Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
89pub type tls_session_secret_cb_fn = Option<
90 unsafe extern "C" fn(
91 *mut SSL,
92 *mut c_void,
93 *mut c_int,
94 *mut stack_st_SSL_CIPHER,
95 *mut *mut SSL_CIPHER,
96 *mut c_void,
97 ) -> c_int,
98>;
99
100#[cfg(ossl111)]
101pub type SSL_custom_ext_add_cb_ex = Option<
102 unsafe extern "C" fn(
103 ssl: *mut SSL,
104 ext_type: c_uint,
105 context: c_uint,
106 out: *mut *const c_uchar,
107 outlen: *mut size_t,
108 x: *mut X509,
109 chainidx: size_t,
110 al: *mut c_int,
111 add_arg: *mut c_void,
112 ) -> c_int,
113>;
114
115#[cfg(ossl111)]
116pub type SSL_custom_ext_free_cb_ex = Option<
117 unsafe extern "C" fn(
118 ssl: *mut SSL,
119 ext_type: c_uint,
120 context: c_uint,
121 out: *const c_uchar,
122 add_arg: *mut c_void,
123 ),
124>;
125
126#[cfg(ossl111)]
127pub type SSL_custom_ext_parse_cb_ex = Option<
128 unsafe extern "C" fn(
129 ssl: *mut SSL,
130 ext_type: c_uint,
131 context: c_uint,
132 input: *const c_uchar,
133 inlen: size_t,
134 x: *mut X509,
135 chainidx: size_t,
136 al: *mut c_int,
137 parse_arg: *mut c_void,
138 ) -> c_int,
139>;
140
141cfg_if! {
142 if #[cfg(ossl300)] {
143 extern "C" {
144 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
145 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
146 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
147 }
148 } else if #[cfg(ossl110)] {
149 extern "C" {
150 pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
151 pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
152 pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
153 }
154 }
155}
156
157pub type GEN_SESSION_CB =
158 Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
159
160extern "C" {
161 pub fn SSL_CTX_sess_set_new_cb(
162 ctx: *mut SSL_CTX,
163 new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
164 );
165 pub fn SSL_CTX_sess_set_remove_cb(
166 ctx: *mut SSL_CTX,
167 remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
168 );
169}
170cfg_if! {
171 if #[cfg(any(ossl110, libressl))] {
173 extern "C" {
174 pub fn SSL_CTX_sess_set_get_cb(
175 ctx: *mut SSL_CTX,
176 get_session_cb: Option<
177 unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
178 >,
179 );
180 }
181 } else {
182 extern "C" {
183 pub fn SSL_CTX_sess_set_get_cb(
184 ctx: *mut SSL_CTX,
185 get_session_cb: Option<
186 unsafe extern "C" fn(*mut SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
187 >,
188 );
189 }
190 }
191}
192extern "C" {
193 pub fn SSL_CTX_set_cookie_generate_cb(
195 s: *mut SSL_CTX,
196 cb: Option<
197 extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
198 >,
199 );
200}
201
202cfg_if! {
203 if #[cfg(any(ossl110, libressl))] {
205 extern "C" {
206 pub fn SSL_CTX_set_cookie_verify_cb(
207 s: *mut SSL_CTX,
208 cb: Option<
209 extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
210 >,
211 );
212 }
213 } else {
214 extern "C" {
215 pub fn SSL_CTX_set_cookie_verify_cb(
216 s: *mut SSL_CTX,
217 cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>,
218 );
219 }
220 }
221}
222
223extern "C" {
224 #[cfg(ossl111)]
225 pub fn SSL_CTX_set_stateless_cookie_generate_cb(
226 s: *mut SSL_CTX,
227 cb: Option<
228 unsafe extern "C" fn(
229 ssl: *mut SSL,
230 cookie: *mut c_uchar,
231 cookie_len: *mut size_t,
232 ) -> c_int,
233 >,
234 );
235 #[cfg(ossl111)]
236 pub fn SSL_CTX_set_stateless_cookie_verify_cb(
237 s: *mut SSL_CTX,
238 cb: Option<
239 unsafe extern "C" fn(
240 ssl: *mut SSL,
241 cookie: *const c_uchar,
242 cookie_len: size_t,
243 ) -> c_int,
244 >,
245 );
246
247 pub fn SSL_CTX_set_next_protos_advertised_cb(
248 ssl: *mut SSL_CTX,
249 cb: extern "C" fn(
250 ssl: *mut SSL,
251 out: *mut *const c_uchar,
252 outlen: *mut c_uint,
253 arg: *mut c_void,
254 ) -> c_int,
255 arg: *mut c_void,
256 );
257 pub fn SSL_CTX_set_next_proto_select_cb(
258 ssl: *mut SSL_CTX,
259 cb: extern "C" fn(
260 ssl: *mut SSL,
261 out: *mut *mut c_uchar,
262 outlen: *mut c_uchar,
263 inbuf: *const c_uchar,
264 inlen: c_uint,
265 arg: *mut c_void,
266 ) -> c_int,
267 arg: *mut c_void,
268 );
269 pub fn SSL_get0_next_proto_negotiated(
270 s: *const SSL,
271 data: *mut *const c_uchar,
272 len: *mut c_uint,
273 );
274
275 pub fn SSL_select_next_proto(
276 out: *mut *mut c_uchar,
277 outlen: *mut c_uchar,
278 inbuf: *const c_uchar,
279 inlen: c_uint,
280 client: *const c_uchar,
281 client_len: c_uint,
282 ) -> c_int;
283}
284
285extern "C" {
286 pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
287 pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
288 #[link_name = "SSL_CTX_set_alpn_select_cb"]
289 pub fn SSL_CTX_set_alpn_select_cb__fixed_rust(
290 ssl: *mut SSL_CTX,
291 cb: Option<
292 unsafe extern "C" fn(
293 ssl: *mut SSL,
294 out: *mut *const c_uchar,
295 outlen: *mut c_uchar,
296 inbuf: *const c_uchar,
297 inlen: c_uint,
298 arg: *mut c_void,
299 ) -> c_int,
300 >,
301 arg: *mut c_void,
302 );
303 pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
304}
305
306#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
307extern "C" {
308 pub fn SSL_CTX_set_psk_client_callback(
309 ssl: *mut SSL_CTX,
310 psk_client_cb: Option<
311 extern "C" fn(
312 *mut SSL,
313 *const c_char,
314 *mut c_char,
315 c_uint,
316 *mut c_uchar,
317 c_uint,
318 ) -> c_uint,
319 >,
320 );
321 pub fn SSL_CTX_set_psk_server_callback(
322 ssl: *mut SSL_CTX,
323 psk_server_cb: Option<
324 extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
325 >,
326 );
327 pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
328 pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
329}
330
331extern "C" {
332 #[cfg(ossl111)]
333 pub fn SSL_CTX_add_custom_ext(
334 ctx: *mut SSL_CTX,
335 ext_type: c_uint,
336 context: c_uint,
337 add_cb: SSL_custom_ext_add_cb_ex,
338 free_cb: SSL_custom_ext_free_cb_ex,
339 add_arg: *mut c_void,
340 parse_cb: SSL_custom_ext_parse_cb_ex,
341 parse_arg: *mut c_void,
342 ) -> c_int;
343
344 #[cfg(ossl102)]
345 pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
346}
347
348#[cfg(ossl111)]
349pub type SSL_CTX_keylog_cb_func =
350 Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
351
352extern "C" {
353 #[cfg(ossl111)]
354 pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
355
356 #[cfg(any(ossl111, libressl))]
357 pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
358 #[cfg(any(ossl111, libressl))]
359 pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
360 #[cfg(any(ossl111, libressl))]
361 pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
362 #[cfg(any(ossl111, libressl))]
363 pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
364
365 pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
366 pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
367
368 pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
369 pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
370}
371
372const_ptr_api! {
373 extern "C" {
374 #[cfg(ossl110)]
375 pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
376 }
377}
378
379cfg_if! {
380 if #[cfg(libressl)] {
381 extern "C" {
382 pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
383 pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
384 pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
385 pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
386
387 pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
388 pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
389 pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
390 pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
391 }
392 }
393}
394
395extern "C" {
396 pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
397 pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
398 pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
399 #[cfg(any(ossl110, libressl))]
400 pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
401 pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
402 pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
403
404 pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
405 pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
406}
407const_ptr_api! {
408 extern "C" {
409 pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> #[const_ptr_if(any(ossl110, libressl))] c_char;
410 }
411}
412extern "C" {
413 #[cfg(ossl111)]
414 pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
415 #[cfg(ossl111)]
416 pub fn SSL_CIPHER_get_protocol_id(cipher: *const SSL_CIPHER) -> u16;
417 pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
418 #[cfg(ossl111)]
419 pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
420 #[cfg(ossl111)]
421 pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
422
423 pub fn SSL_pending(ssl: *const SSL) -> c_int;
424 pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
425 pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
426 pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
427 #[cfg(any(ossl111, libressl))]
428 pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
429 #[cfg(any(ossl111, libressl))]
430 pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
431 pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
432 pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
433 pub fn SSL_set_verify(
434 ssl: *mut SSL,
435 mode: c_int,
436 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
438 );
439 pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
440 pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
441
442 pub fn SSL_CTX_use_PrivateKey_file(
443 ctx: *mut SSL_CTX,
444 key_file: *const c_char,
445 file_type: c_int,
446 ) -> c_int;
447 pub fn SSL_CTX_use_certificate_file(
448 ctx: *mut SSL_CTX,
449 cert_file: *const c_char,
450 file_type: c_int,
451 ) -> c_int;
452 pub fn SSL_CTX_use_certificate_chain_file(
453 ctx: *mut SSL_CTX,
454 cert_chain_file: *const c_char,
455 ) -> c_int;
456 pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
457 pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
458 pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
459 #[cfg(any(ossl110, libressl))]
460 pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
461 pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
462 pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
463 pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
464
465 #[cfg(not(ossl110))]
466 pub fn SSL_load_error_strings();
467 pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
468 pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
469
470 pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
471 pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
472 #[cfg(any(ossl110, libressl))]
473 pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
474
475 #[cfg(any(ossl111, libressl))]
476 pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
477 #[cfg(any(ossl111, libressl))]
478 pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
479
480 pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
481 #[cfg(any(ossl110, libressl))]
482 pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
483 pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
484}
485const_ptr_api! {
486 extern "C" {
487 pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
488 }
489}
490extern "C" {
491 pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
492 pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
493 pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
494 pub fn d2i_SSL_SESSION(
495 a: *mut *mut SSL_SESSION,
496 pp: *mut *const c_uchar,
497 len: c_long,
498 ) -> *mut SSL_SESSION;
499
500 #[cfg(not(ossl300))]
501 pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
502 #[cfg(ossl300)]
503 pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
504
505 pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
506
507 pub fn SSL_CTX_set_verify(
508 ctx: *mut SSL_CTX,
509 mode: c_int,
510 verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
511 );
512 pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
513
514 #[cfg(any(ossl111, libressl))]
515 pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
516
517 pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
518
519 pub fn SSL_CTX_set_session_id_context(
520 ssl: *mut SSL_CTX,
521 sid_ctx: *const c_uchar,
522 sid_ctx_len: c_uint,
523 ) -> c_int;
524
525 pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
526
527 pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
528
529 pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
530}
531
532#[cfg(ossl111)]
533pub type SSL_client_hello_cb_fn =
534 Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
535extern "C" {
536 #[cfg(ossl111)]
537 pub fn SSL_CTX_set_client_hello_cb(
538 c: *mut SSL_CTX,
539 cb: SSL_client_hello_cb_fn,
540 arg: *mut c_void,
541 );
542 #[cfg(ossl111)]
543 pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
544 #[cfg(ossl111)]
545 pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
546 #[cfg(ossl111)]
547 pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
548 #[cfg(ossl111)]
549 pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
550 #[cfg(ossl111)]
551 pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
552 #[cfg(ossl111)]
553 pub fn SSL_client_hello_get0_compression_methods(
554 s: *mut SSL,
555 out: *mut *const c_uchar,
556 ) -> size_t;
557 #[cfg(ossl111)]
558 pub fn SSL_client_hello_get1_extensions_present(
559 s: *mut SSL,
560 out: *mut *mut c_int,
561 outlen: *mut size_t,
562 ) -> c_int;
563 #[cfg(ossl111)]
564 pub fn SSL_client_hello_get0_ext(
565 s: *mut SSL,
566 type_: c_uint,
567 out: *mut *const c_uchar,
568 outlen: *mut size_t,
569 ) -> c_int;
570
571 pub fn SSL_free(ssl: *mut SSL);
572 pub fn SSL_accept(ssl: *mut SSL) -> c_int;
573 #[cfg(ossl111)]
574 pub fn SSL_stateless(s: *mut SSL) -> c_int;
575 pub fn SSL_connect(ssl: *mut SSL) -> c_int;
576 pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
577 #[cfg(any(ossl111, libressl))]
578 pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
579 -> c_int;
580 pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
581 #[cfg(any(ossl111, libressl))]
582 pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
583 -> c_int;
584 #[cfg(any(ossl111, libressl))]
585 pub fn SSL_read_early_data(
586 s: *mut SSL,
587 buf: *mut c_void,
588 num: size_t,
589 readbytes: *mut size_t,
590 ) -> c_int;
591 #[cfg(ossl111)]
592 pub fn SSL_bytes_to_cipher_list(
593 s: *mut SSL,
594 bytes: *const c_uchar,
595 len: size_t,
596 isv2format: c_int,
597 sk: *mut *mut stack_st_SSL_CIPHER,
598 scsvs: *mut *mut stack_st_SSL_CIPHER,
599 ) -> c_int;
600}
601
602extern "C" {
603 pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
604 #[cfg(any(ossl111, libressl))]
605 pub fn SSL_write_ex(
606 ssl: *mut SSL,
607 buf: *const c_void,
608 num: size_t,
609 written: *mut size_t,
610 ) -> c_int;
611 #[cfg(any(ossl111, libressl))]
612 pub fn SSL_write_early_data(
613 s: *mut SSL,
614 buf: *const c_void,
615 num: size_t,
616 written: *mut size_t,
617 ) -> c_int;
618 pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
619 pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
620 #[link_name = "SSL_CTX_callback_ctrl"]
621 pub fn SSL_CTX_callback_ctrl__fixed_rust(
622 ctx: *mut SSL_CTX,
623 cmd: c_int,
624 fp: Option<unsafe extern "C" fn()>,
625 ) -> c_long;
626}
627
628cfg_if! {
629 if #[cfg(any(ossl110, libressl))] {
630 extern "C" {
631 pub fn TLS_method() -> *const SSL_METHOD;
632
633 pub fn DTLS_method() -> *const SSL_METHOD;
634
635 pub fn TLS_server_method() -> *const SSL_METHOD;
636
637 pub fn TLS_client_method() -> *const SSL_METHOD;
638
639 pub fn DTLS_server_method() -> *const SSL_METHOD;
640
641 pub fn DTLS_client_method() -> *const SSL_METHOD;
642 }
643 } else {
644 extern "C" {
645 #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))]
646 pub fn SSLv3_method() -> *const SSL_METHOD;
647
648 pub fn SSLv23_method() -> *const SSL_METHOD;
649
650 pub fn SSLv23_client_method() -> *const SSL_METHOD;
651
652 pub fn SSLv23_server_method() -> *const SSL_METHOD;
653
654 pub fn TLSv1_method() -> *const SSL_METHOD;
655
656 pub fn TLSv1_1_method() -> *const SSL_METHOD;
657
658 pub fn TLSv1_2_method() -> *const SSL_METHOD;
659
660 pub fn DTLSv1_method() -> *const SSL_METHOD;
661
662 #[cfg(ossl102)]
663 pub fn DTLSv1_2_method() -> *const SSL_METHOD;
664 }
665 }
666}
667
668extern "C" {
669 pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
670 pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
671
672 pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
673 pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
674
675 pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
676
677 pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
678
679 pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
680 pub fn SSL_CTX_load_verify_locations(
681 ctx: *mut SSL_CTX,
682 CAfile: *const c_char,
683 CApath: *const c_char,
684 ) -> c_int;
685}
686
687const_ptr_api! {
688 extern "C" {
689 pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
690 }
691}
692
693extern "C" {
694 pub fn SSL_set_connect_state(s: *mut SSL);
695 pub fn SSL_set_accept_state(s: *mut SSL);
696
697 #[cfg(not(ossl110))]
698 pub fn SSL_library_init() -> c_int;
699
700 pub fn SSL_CIPHER_description(
701 cipher: *const SSL_CIPHER,
702 buf: *mut c_char,
703 size: c_int,
704 ) -> *mut c_char;
705
706 pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
707 pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY;
708}
709
710extern "C" {
711 pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
712 pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
713
714 pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
715 pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
716 pub fn SSL_version(ssl: *const SSL) -> c_int;
717 pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
718 pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
719 pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
720
721 pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
722 #[cfg(ossl110)]
723 pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
724
725 #[cfg(any(ossl110, libressl))]
726 pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
727 #[cfg(any(ossl110, libressl))]
728 pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
729 #[cfg(any(ossl110, libressl))]
730 pub fn SSL_SESSION_get_master_key(
731 session: *const SSL_SESSION,
732 out: *mut c_uchar,
733 outlen: size_t,
734 ) -> size_t;
735}
736
737extern "C" {
738 #[cfg(not(ossl110))]
739 pub fn SSL_get_ex_new_index(
740 argl: c_long,
741 argp: *mut c_void,
742 new_func: Option<CRYPTO_EX_new>,
743 dup_func: Option<CRYPTO_EX_dup>,
744 free_func: Option<CRYPTO_EX_free>,
745 ) -> c_int;
746
747 pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
748 pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
749
750 #[cfg(not(ossl110))]
751 pub fn SSL_CTX_get_ex_new_index(
752 argl: c_long,
753 argp: *mut c_void,
754 new_func: Option<CRYPTO_EX_new>,
755 dup_func: Option<CRYPTO_EX_dup>,
756 free_func: Option<CRYPTO_EX_free>,
757 ) -> c_int;
758
759 pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
760 pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
761
762 pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
763}
764
765#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
766extern "C" {
767 #[link_name = "SSL_CTX_set_tmp_dh_callback"]
768 pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust(
769 ctx: *mut SSL_CTX,
770 dh: Option<
771 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
772 >,
773 );
774 #[link_name = "SSL_set_tmp_dh_callback"]
775 pub fn SSL_set_tmp_dh_callback__fixed_rust(
776 ctx: *mut SSL,
777 dh: Option<
778 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
779 >,
780 );
781 #[cfg(not(ossl110))]
782 #[link_name = "SSL_CTX_set_tmp_ecdh_callback"]
783 pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust(
784 ctx: *mut SSL_CTX,
785 ecdh: Option<
786 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
787 >,
788 );
789 #[cfg(not(ossl110))]
790 #[link_name = "SSL_set_tmp_ecdh_callback"]
791 pub fn SSL_set_tmp_ecdh_callback__fixed_rust(
792 ssl: *mut SSL,
793 ecdh: Option<
794 unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
795 >,
796 );
797}
798
799cfg_if! {
800 if #[cfg(libressl)] {
801 extern "C" {
802 pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void;
803 }
804 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
805 const_ptr_api! {
806 extern "C" {
807 pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
808 }
809 }
810 }
811}
812cfg_if! {
813 if #[cfg(libressl)] {
814 extern "C" {
815 pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char;
816 }
817 } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
818 extern "C" {
819 pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
820 }
821 }
822}
823
824#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
825extern "C" {
826 #[cfg(ossl110)]
827 pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
828}
829
830extern "C" {
831 #[cfg(any(ossl110, libressl))]
832 pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
833 #[cfg(any(ossl110, libressl))]
834 pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
835}
836
837const_ptr_api! {
838 extern "C" {
839 #[cfg(ossl110)]
840 pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
841 }
842}
843
844const_ptr_api! {
845 extern "C" {
846 pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl))] SSL) -> c_int;
847 }
848}
849
850extern "C" {
851 #[cfg(ossl110)]
852 pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
853}
854
855extern "C" {
856 #[cfg(ossl111)]
857 pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
858
859 #[cfg(ossl111)]
860 pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
861
862 #[cfg(ossl111b)]
863 pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
864 #[cfg(all(ossl111, not(ossl111b)))]
865 pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
866
867 #[cfg(ossl111b)]
868 pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
869 #[cfg(all(ossl111, not(ossl111b)))]
870 pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
871}
872
873extern "C" {
874 #[cfg(any(ossl110, libressl360))]
875 pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
876
877 #[cfg(any(ossl110, libressl360))]
878 pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
879
880 #[cfg(any(ossl110, libressl360))]
881 pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
882
883 #[cfg(any(ossl110, libressl360))]
884 pub fn SSL_get_security_level(s: *const SSL) -> c_int;
885}
886
887#[cfg(ossl320)]
888extern "C" {
889 pub fn OSSL_QUIC_client_method() -> *const SSL_METHOD;
890 pub fn OSSL_QUIC_client_thread_method() -> *const SSL_METHOD;
891 pub fn SSL_get_event_timeout(s: *mut SSL, tv: *mut timeval, is_infinite: *mut c_int) -> c_int;
892 pub fn SSL_handle_events(s: *mut SSL) -> c_int;
893 pub fn SSL_get_blocking_mode(s: *mut SSL) -> c_int;
894 pub fn SSL_set_blocking_mode(s: *mut SSL, blocking: c_int) -> c_int;
895 pub fn SSL_get_rpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
896 pub fn SSL_get_wpoll_descriptor(s: *mut SSL, desc: *mut BIO_POLL_DESCRIPTOR) -> c_int;
897 pub fn SSL_net_read_desired(s: *mut SSL) -> c_int;
898 pub fn SSL_net_write_desired(s: *mut SSL) -> c_int;
899 pub fn SSL_set1_initial_peer_addr(s: *mut SSL, peer_addr: *const BIO_ADDR) -> c_int;
900 pub fn SSL_shutdown_ex(
901 ssl: *mut SSL,
902 flags: u64,
903 args: *const SSL_SHUTDOWN_EX_ARGS,
904 args_len: usize,
905 ) -> c_int;
906 pub fn SSL_stream_conclude(ssl: *mut SSL, flags: u64) -> c_int;
907 pub fn SSL_stream_reset(
908 ssl: *mut SSL,
909 args: *const SSL_STREAM_RESET_ARGS,
910 args_len: usize,
911 ) -> c_int;
912 pub fn SSL_get_stream_read_state(ssl: *mut SSL) -> c_int;
913 pub fn SSL_get_stream_write_state(ssl: *mut SSL) -> c_int;
914 pub fn SSL_get_conn_close_info(
915 ssl: *mut SSL,
916 info: *mut SSL_CONN_CLOSE_INFO,
917 info_len: usize,
918 ) -> c_int;
919 pub fn SSL_get0_connection(s: *mut SSL) -> *mut SSL;
920 pub fn SSL_is_connection(s: *mut SSL) -> c_int;
921 pub fn SSL_get_stream_type(s: *mut SSL) -> c_int;
922 pub fn SSL_get_stream_id(s: *mut SSL) -> u64;
923 pub fn SSL_new_stream(s: *mut SSL, flags: u64) -> *mut SSL;
924 pub fn SSL_accept_stream(s: *mut SSL, flags: u64) -> *mut SSL;
925 pub fn SSL_set_incoming_stream_policy(s: *mut SSL, policy: c_int, aec: u64) -> c_int;
926 pub fn SSL_get_accept_stream_queue_len(s: *mut SSL) -> usize;
927 pub fn SSL_set_default_stream_mode(s: *mut SSL, mode: u32) -> c_int;
928 pub fn SSL_get0_group_name(s: *mut SSL) -> *const c_char;
929}
930
931#[cfg(ossl330)]
932extern "C" {
933 pub fn SSL_write_ex2(
934 s: *mut SSL,
935 buf: *const c_void,
936 num: usize,
937 flags: u64,
938 written: *mut usize,
939 ) -> c_int;
940 pub fn SSL_get_value_uint(s: *mut SSL, class_: u32, id: u32, v: *mut u64) -> c_int;
941 pub fn SSL_set_value_uint(s: *mut SSL, class_: u32, id: u32, v: u64) -> c_int;
942}
943
944#[cfg(ossl300)]
945extern "C" {
946 pub fn SSL_CTX_set0_tmp_dh_pkey(ctx: *mut SSL_CTX, dhpkey: *mut EVP_PKEY) -> c_int;
947 pub fn SSL_set0_tmp_dh_pkey(s: *mut SSL, dhpkey: *mut EVP_PKEY) -> c_int;
948}