1 use core_foundation_sys::array::CFArrayRef;
2 use core_foundation_sys::base::CFAllocatorRef;
3 use core_foundation_sys::base::{Boolean, CFTypeRef, OSStatus};
4 use std::os::raw::{c_char, c_int, c_void};
5 
6 use crate::cipher_suite::SSLCipherSuite;
7 use crate::trust::SecTrustRef;
8 
9 pub enum SSLContext {}
10 pub type SSLContextRef = *mut SSLContext;
11 
12 pub type SSLConnectionRef = *const c_void;
13 
14 pub type SSLProtocol = c_int;
15 pub const kSSLProtocolUnknown: SSLProtocol = 0;
16 pub const kSSLProtocol3: SSLProtocol = 2;
17 pub const kTLSProtocol1: SSLProtocol = 4;
18 pub const kTLSProtocol11: SSLProtocol = 7;
19 pub const kTLSProtocol12: SSLProtocol = 8;
20 pub const kDTLSProtocol1: SSLProtocol = 9;
21 pub const kTLSProtocol13: SSLProtocol = 10;
22 pub const kSSLProtocol2: SSLProtocol = 1;
23 pub const kSSLProtocol3Only: SSLProtocol = 3;
24 pub const kTLSProtocol1Only: SSLProtocol = 5;
25 pub const kSSLProtocolAll: SSLProtocol = 6;
26 
27 pub type SSLSessionOption = c_int;
28 pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0;
29 pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1;
30 pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2;
31 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))]
32 pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3;
33 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))]
34 pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4;
35 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))]
36 pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5;
37 #[cfg(all(feature = "OSX_10_10", not(target_os = "ios")))]
38 pub const kSSLSessionOptionFallback: SSLSessionOption = 6;
39 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))]
40 pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7;
41 
42 pub type SSLSessionState = c_int;
43 pub const kSSLIdle: SSLSessionState = 0;
44 pub const kSSLHandshake: SSLSessionState = 1;
45 pub const kSSLConnected: SSLSessionState = 2;
46 pub const kSSLClosed: SSLSessionState = 3;
47 pub const kSSLAborted: SSLSessionState = 4;
48 
49 pub type SSLReadFunc =
50     unsafe extern "C" fn(connection: SSLConnectionRef, data: *mut c_void, dataLength: *mut usize)
51         -> OSStatus;
52 
53 pub type SSLWriteFunc = unsafe extern "C" fn(
54     connection: SSLConnectionRef,
55     data: *const c_void,
56     dataLength: *mut usize,
57 ) -> OSStatus;
58 
59 pub type SSLProtocolSide = c_int;
60 pub const kSSLServerSide: SSLProtocolSide = 0;
61 pub const kSSLClientSide: SSLProtocolSide = 1;
62 
63 pub type SSLConnectionType = c_int;
64 pub const kSSLStreamType: SSLConnectionType = 0;
65 pub const kSSLDatagramType: SSLConnectionType = 1;
66 
67 pub const errSSLProtocol: OSStatus = -9800;
68 pub const errSSLNegotiation: OSStatus = -9801;
69 pub const errSSLFatalAlert: OSStatus = -9802;
70 pub const errSSLWouldBlock: OSStatus = -9803;
71 pub const errSSLSessionNotFound: OSStatus = -9804;
72 pub const errSSLClosedGraceful: OSStatus = -9805;
73 pub const errSSLClosedAbort: OSStatus = -9806;
74 pub const errSSLXCertChainInvalid: OSStatus = -9807;
75 pub const errSSLBadCert: OSStatus = -9808;
76 pub const errSSLCrypto: OSStatus = -9809;
77 pub const errSSLInternal: OSStatus = -9810;
78 pub const errSSLModuleAttach: OSStatus = -9811;
79 pub const errSSLUnknownRootCert: OSStatus = -9812;
80 pub const errSSLNoRootCert: OSStatus = -9813;
81 pub const errSSLCertExpired: OSStatus = -9814;
82 pub const errSSLCertNotYetValid: OSStatus = -9815;
83 pub const errSSLClosedNoNotify: OSStatus = -9816;
84 pub const errSSLBufferOverflow: OSStatus = -9817;
85 pub const errSSLBadCipherSuite: OSStatus = -9818;
86 pub const errSSLPeerUnexpectedMsg: OSStatus = -9819;
87 pub const errSSLPeerBadRecordMac: OSStatus = -9820;
88 pub const errSSLPeerDecryptionFail: OSStatus = -9821;
89 pub const errSSLPeerRecordOverflow: OSStatus = -9822;
90 pub const errSSLPeerDecompressFail: OSStatus = -9823;
91 pub const errSSLPeerHandshakeFail: OSStatus = -9824;
92 pub const errSSLPeerBadCert: OSStatus = -9825;
93 pub const errSSLPeerUnsupportedCert: OSStatus = -9826;
94 pub const errSSLPeerCertRevoked: OSStatus = -9827;
95 pub const errSSLPeerCertExpired: OSStatus = -9828;
96 pub const errSSLPeerCertUnknown: OSStatus = -9829;
97 pub const errSSLIllegalParam: OSStatus = -9830;
98 pub const errSSLPeerUnknownCA: OSStatus = -9831;
99 pub const errSSLPeerAccessDenied: OSStatus = -9832;
100 pub const errSSLPeerDecodeError: OSStatus = -9833;
101 pub const errSSLPeerDecryptError: OSStatus = -9834;
102 pub const errSSLPeerExportRestriction: OSStatus = -9835;
103 pub const errSSLPeerProtocolVersion: OSStatus = -9836;
104 pub const errSSLPeerInsufficientSecurity: OSStatus = -9837;
105 pub const errSSLPeerInternalError: OSStatus = -9838;
106 pub const errSSLPeerUserCancelled: OSStatus = -9839;
107 pub const errSSLPeerNoRenegotiation: OSStatus = -9840;
108 pub const errSSLPeerAuthCompleted: OSStatus = -9841;
109 pub const errSSLClientCertRequested: OSStatus = -9842;
110 pub const errSSLHostNameMismatch: OSStatus = -9843;
111 pub const errSSLConnectionRefused: OSStatus = -9844;
112 pub const errSSLDecryptionFail: OSStatus = -9845;
113 pub const errSSLBadRecordMac: OSStatus = -9846;
114 pub const errSSLRecordOverflow: OSStatus = -9847;
115 pub const errSSLBadConfiguration: OSStatus = -9848;
116 pub const errSSLClientHelloReceived: OSStatus = -9851;
117 
118 pub type SSLAuthenticate = c_int;
119 pub const kNeverAuthenticate: SSLAuthenticate = 0;
120 pub const kAlwaysAuthenticate: SSLAuthenticate = 1;
121 pub const kTryAuthenticate: SSLAuthenticate = 2;
122 
123 pub type SSLClientCertificateState = c_int;
124 pub const kSSLClientCertNone: SSLClientCertificateState = 0;
125 pub const kSSLClientCertRequested: SSLClientCertificateState = 1;
126 pub const kSSLClientCertSent: SSLClientCertificateState = 2;
127 pub const kSSLClientCertRejected: SSLClientCertificateState = 3;
128 
129 extern "C" {
130     pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID;
131     pub fn SSLCreateContext(
132         alloc: CFAllocatorRef,
133         protocolSide: SSLProtocolSide,
134         connectionType: SSLConnectionType,
135     ) -> SSLContextRef;
136     #[cfg(target_os = "macos")]
137     pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus;
138     #[cfg(target_os = "macos")]
139     pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus;
140     pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus;
141     pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus;
142     pub fn SSLSetIOFuncs(
143         context: SSLContextRef,
144         read: SSLReadFunc,
145         write: SSLWriteFunc,
146     ) -> OSStatus;
147     pub fn SSLHandshake(context: SSLContextRef) -> OSStatus;
148     pub fn SSLClose(context: SSLContextRef) -> OSStatus;
149     pub fn SSLRead(
150         context: SSLContextRef,
151         data: *mut c_void,
152         dataLen: usize,
153         processed: *mut usize,
154     ) -> OSStatus;
155     pub fn SSLWrite(
156         context: SSLContextRef,
157         data: *const c_void,
158         dataLen: usize,
159         processed: *mut usize,
160     ) -> OSStatus;
161     pub fn SSLSetPeerDomainName(
162         context: SSLContextRef,
163         peerName: *const c_char,
164         peerNameLen: usize,
165     ) -> OSStatus;
166     pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus;
167     pub fn SSLGetPeerDomainName(
168         context: SSLContextRef,
169         peerName: *mut c_char,
170         peerNameLen: *mut usize,
171     ) -> OSStatus;
172     pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus;
173     #[cfg(target_os = "macos")]
174     pub fn SSLSetCertificateAuthorities(
175         context: SSLContextRef,
176         certificateOrArray: CFTypeRef,
177         replaceExisting: Boolean,
178     ) -> OSStatus;
179     #[cfg(target_os = "macos")]
180     pub fn SSLCopyCertificateAuthorities(
181         context: SSLContextRef,
182         certificates: *mut CFArrayRef,
183     ) -> OSStatus;
184     pub fn SSLSetSessionOption(
185         context: SSLContextRef,
186         option: SSLSessionOption,
187         value: Boolean,
188     ) -> OSStatus;
189     pub fn SSLGetSessionOption(
190         context: SSLContextRef,
191         option: SSLSessionOption,
192         value: *mut Boolean,
193     ) -> OSStatus;
194     pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus;
195     pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus;
196     pub fn SSLGetSupportedCiphers(
197         context: SSLContextRef,
198         ciphers: *mut SSLCipherSuite,
199         numCiphers: *mut usize,
200     ) -> OSStatus;
201     pub fn SSLGetNumberSupportedCiphers(
202         context: SSLContextRef,
203         numCiphers: *mut usize,
204     ) -> OSStatus;
205     pub fn SSLGetEnabledCiphers(
206         context: SSLContextRef,
207         ciphers: *mut SSLCipherSuite,
208         numCiphers: *mut usize,
209     ) -> OSStatus;
210     pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus;
211     pub fn SSLSetEnabledCiphers(
212         context: SSLContextRef,
213         ciphers: *const SSLCipherSuite,
214         numCiphers: usize,
215     ) -> OSStatus;
216     pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus;
217     pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus;
218     #[cfg(target_os = "macos")]
219     pub fn SSLSetDiffieHellmanParams(
220         context: SSLContextRef,
221         dhParams: *const c_void,
222         dhParamsLen: usize,
223     ) -> OSStatus;
224     #[cfg(target_os = "macos")]
225     pub fn SSLGetDiffieHellmanParams(
226         context: SSLContextRef,
227         dhParams: *mut *const c_void,
228         dhParamsLen: *mut usize,
229     ) -> OSStatus;
230     pub fn SSLSetPeerID(
231         context: SSLContextRef,
232         peerID: *const c_void,
233         peerIDLen: usize,
234     ) -> OSStatus;
235     pub fn SSLGetPeerID(
236         context: SSLContextRef,
237         peerID: *mut *const c_void,
238         peerIDLen: *mut usize,
239     ) -> OSStatus;
240     pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus;
241     pub fn SSLGetClientCertificateState(
242         context: SSLContextRef,
243         clientState: *mut SSLClientCertificateState,
244     ) -> OSStatus;
245     pub fn SSLGetNegotiatedProtocolVersion(
246         context: SSLContextRef,
247         protocol: *mut SSLProtocol,
248     ) -> OSStatus;
249     pub fn SSLGetProtocolVersionMax(
250         context: SSLContextRef,
251         maxVersion: *mut SSLProtocol,
252     ) -> OSStatus;
253     pub fn SSLGetProtocolVersionMin(
254         context: SSLContextRef,
255         minVersion: *mut SSLProtocol,
256     ) -> OSStatus;
257     pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus;
258     pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus;
259     #[cfg(target_os = "macos")]
260     pub fn SSLSetProtocolVersionEnabled(
261         context: SSLContextRef,
262         protocol: SSLProtocol,
263         enable: Boolean,
264     ) -> OSStatus;
265     #[cfg(feature = "OSX_10_13")]
266     pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus;
267     #[cfg(feature = "OSX_10_13")]
268     pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus;
269     #[cfg(feature = "OSX_10_13")]
270     pub fn SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus;
271 }
272