1 use core_foundation_sys::array::CFArrayRef; 2 use core_foundation_sys::base::CFAllocatorRef; 3 use core_foundation_sys::base::{Boolean, CFTypeRef, OSStatus}; 4 use std::os::raw::{c_char, c_int, c_void}; 5 6 use crate::cipher_suite::SSLCipherSuite; 7 use crate::trust::SecTrustRef; 8 9 pub enum SSLContext {} 10 pub type SSLContextRef = *mut SSLContext; 11 12 pub type SSLConnectionRef = *const c_void; 13 14 pub type SSLProtocol = c_int; 15 pub const kSSLProtocolUnknown: SSLProtocol = 0; 16 pub const kSSLProtocol3: SSLProtocol = 2; 17 pub const kTLSProtocol1: SSLProtocol = 4; 18 pub const kTLSProtocol11: SSLProtocol = 7; 19 pub const kTLSProtocol12: SSLProtocol = 8; 20 pub const kDTLSProtocol1: SSLProtocol = 9; 21 pub const kSSLProtocol2: SSLProtocol = 1; 22 pub const kSSLProtocol3Only: SSLProtocol = 3; 23 pub const kTLSProtocol1Only: SSLProtocol = 5; 24 pub const kSSLProtocolAll: SSLProtocol = 6; 25 26 pub type SSLSessionOption = c_int; 27 pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0; 28 pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1; 29 pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2; 30 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 31 pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3; 32 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 33 pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4; 34 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 35 pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5; 36 #[cfg(all(feature = "OSX_10_10", not(target_os = "ios")))] 37 pub const kSSLSessionOptionFallback: SSLSessionOption = 6; 38 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 39 pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7; 40 41 pub type SSLSessionState = c_int; 42 pub const kSSLIdle: SSLSessionState = 0; 43 pub const kSSLHandshake: SSLSessionState = 1; 44 pub const kSSLConnected: SSLSessionState = 2; 45 pub const kSSLClosed: SSLSessionState = 3; 46 pub const kSSLAborted: SSLSessionState = 4; 47 48 pub type SSLReadFunc = 49 unsafe extern "C" fn(connection: SSLConnectionRef, data: *mut c_void, dataLength: *mut usize) 50 -> OSStatus; 51 52 pub type SSLWriteFunc = unsafe extern "C" fn( 53 connection: SSLConnectionRef, 54 data: *const c_void, 55 dataLength: *mut usize, 56 ) -> OSStatus; 57 58 pub type SSLProtocolSide = c_int; 59 pub const kSSLServerSide: SSLProtocolSide = 0; 60 pub const kSSLClientSide: SSLProtocolSide = 1; 61 62 pub type SSLConnectionType = c_int; 63 pub const kSSLStreamType: SSLConnectionType = 0; 64 pub const kSSLDatagramType: SSLConnectionType = 1; 65 66 pub const errSSLProtocol: OSStatus = -9800; 67 pub const errSSLNegotiation: OSStatus = -9801; 68 pub const errSSLFatalAlert: OSStatus = -9802; 69 pub const errSSLWouldBlock: OSStatus = -9803; 70 pub const errSSLSessionNotFound: OSStatus = -9804; 71 pub const errSSLClosedGraceful: OSStatus = -9805; 72 pub const errSSLClosedAbort: OSStatus = -9806; 73 pub const errSSLXCertChainInvalid: OSStatus = -9807; 74 pub const errSSLBadCert: OSStatus = -9808; 75 pub const errSSLCrypto: OSStatus = -9809; 76 pub const errSSLInternal: OSStatus = -9810; 77 pub const errSSLModuleAttach: OSStatus = -9811; 78 pub const errSSLUnknownRootCert: OSStatus = -9812; 79 pub const errSSLNoRootCert: OSStatus = -9813; 80 pub const errSSLCertExpired: OSStatus = -9814; 81 pub const errSSLCertNotYetValid: OSStatus = -9815; 82 pub const errSSLClosedNoNotify: OSStatus = -9816; 83 pub const errSSLBufferOverflow: OSStatus = -9817; 84 pub const errSSLBadCipherSuite: OSStatus = -9818; 85 pub const errSSLPeerUnexpectedMsg: OSStatus = -9819; 86 pub const errSSLPeerBadRecordMac: OSStatus = -9820; 87 pub const errSSLPeerDecryptionFail: OSStatus = -9821; 88 pub const errSSLPeerRecordOverflow: OSStatus = -9822; 89 pub const errSSLPeerDecompressFail: OSStatus = -9823; 90 pub const errSSLPeerHandshakeFail: OSStatus = -9824; 91 pub const errSSLPeerBadCert: OSStatus = -9825; 92 pub const errSSLPeerUnsupportedCert: OSStatus = -9826; 93 pub const errSSLPeerCertRevoked: OSStatus = -9827; 94 pub const errSSLPeerCertExpired: OSStatus = -9828; 95 pub const errSSLPeerCertUnknown: OSStatus = -9829; 96 pub const errSSLIllegalParam: OSStatus = -9830; 97 pub const errSSLPeerUnknownCA: OSStatus = -9831; 98 pub const errSSLPeerAccessDenied: OSStatus = -9832; 99 pub const errSSLPeerDecodeError: OSStatus = -9833; 100 pub const errSSLPeerDecryptError: OSStatus = -9834; 101 pub const errSSLPeerExportRestriction: OSStatus = -9835; 102 pub const errSSLPeerProtocolVersion: OSStatus = -9836; 103 pub const errSSLPeerInsufficientSecurity: OSStatus = -9837; 104 pub const errSSLPeerInternalError: OSStatus = -9838; 105 pub const errSSLPeerUserCancelled: OSStatus = -9839; 106 pub const errSSLPeerNoRenegotiation: OSStatus = -9840; 107 pub const errSSLPeerAuthCompleted: OSStatus = -9841; 108 pub const errSSLClientCertRequested: OSStatus = -9842; 109 pub const errSSLHostNameMismatch: OSStatus = -9843; 110 pub const errSSLConnectionRefused: OSStatus = -9844; 111 pub const errSSLDecryptionFail: OSStatus = -9845; 112 pub const errSSLBadRecordMac: OSStatus = -9846; 113 pub const errSSLRecordOverflow: OSStatus = -9847; 114 pub const errSSLBadConfiguration: OSStatus = -9848; 115 pub const errSSLClientHelloReceived: OSStatus = -9851; 116 117 pub type SSLAuthenticate = c_int; 118 pub const kNeverAuthenticate: SSLAuthenticate = 0; 119 pub const kAlwaysAuthenticate: SSLAuthenticate = 1; 120 pub const kTryAuthenticate: SSLAuthenticate = 2; 121 122 pub type SSLClientCertificateState = c_int; 123 pub const kSSLClientCertNone: SSLClientCertificateState = 0; 124 pub const kSSLClientCertRequested: SSLClientCertificateState = 1; 125 pub const kSSLClientCertSent: SSLClientCertificateState = 2; 126 pub const kSSLClientCertRejected: SSLClientCertificateState = 3; 127 128 extern "C" { SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID129 pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID; SSLCreateContext( alloc: CFAllocatorRef, protocolSide: SSLProtocolSide, connectionType: SSLConnectionType, ) -> SSLContextRef130 pub fn SSLCreateContext( 131 alloc: CFAllocatorRef, 132 protocolSide: SSLProtocolSide, 133 connectionType: SSLConnectionType, 134 ) -> SSLContextRef; 135 #[cfg(target_os = "macos")] SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus136 pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus; 137 #[cfg(target_os = "macos")] SSLDisposeContext(context: SSLContextRef) -> OSStatus138 pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus; SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus139 pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus; SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus140 pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus; SSLSetIOFuncs( context: SSLContextRef, read: SSLReadFunc, write: SSLWriteFunc, ) -> OSStatus141 pub fn SSLSetIOFuncs( 142 context: SSLContextRef, 143 read: SSLReadFunc, 144 write: SSLWriteFunc, 145 ) -> OSStatus; SSLHandshake(context: SSLContextRef) -> OSStatus146 pub fn SSLHandshake(context: SSLContextRef) -> OSStatus; SSLClose(context: SSLContextRef) -> OSStatus147 pub fn SSLClose(context: SSLContextRef) -> OSStatus; SSLRead( context: SSLContextRef, data: *mut c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus148 pub fn SSLRead( 149 context: SSLContextRef, 150 data: *mut c_void, 151 dataLen: usize, 152 processed: *mut usize, 153 ) -> OSStatus; SSLWrite( context: SSLContextRef, data: *const c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus154 pub fn SSLWrite( 155 context: SSLContextRef, 156 data: *const c_void, 157 dataLen: usize, 158 processed: *mut usize, 159 ) -> OSStatus; SSLSetPeerDomainName( context: SSLContextRef, peerName: *const c_char, peerNameLen: usize, ) -> OSStatus160 pub fn SSLSetPeerDomainName( 161 context: SSLContextRef, 162 peerName: *const c_char, 163 peerNameLen: usize, 164 ) -> OSStatus; SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus165 pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus; SSLGetPeerDomainName( context: SSLContextRef, peerName: *mut c_char, peerNameLen: *mut usize, ) -> OSStatus166 pub fn SSLGetPeerDomainName( 167 context: SSLContextRef, 168 peerName: *mut c_char, 169 peerNameLen: *mut usize, 170 ) -> OSStatus; SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus171 pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus; 172 #[cfg(target_os = "macos")] SSLSetCertificateAuthorities( context: SSLContextRef, certificateOrArray: CFTypeRef, replaceExisting: Boolean, ) -> OSStatus173 pub fn SSLSetCertificateAuthorities( 174 context: SSLContextRef, 175 certificateOrArray: CFTypeRef, 176 replaceExisting: Boolean, 177 ) -> OSStatus; 178 #[cfg(target_os = "macos")] SSLCopyCertificateAuthorities( context: SSLContextRef, certificates: *mut CFArrayRef, ) -> OSStatus179 pub fn SSLCopyCertificateAuthorities( 180 context: SSLContextRef, 181 certificates: *mut CFArrayRef, 182 ) -> OSStatus; SSLSetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: Boolean, ) -> OSStatus183 pub fn SSLSetSessionOption( 184 context: SSLContextRef, 185 option: SSLSessionOption, 186 value: Boolean, 187 ) -> OSStatus; SSLGetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: *mut Boolean, ) -> OSStatus188 pub fn SSLGetSessionOption( 189 context: SSLContextRef, 190 option: SSLSessionOption, 191 value: *mut Boolean, 192 ) -> OSStatus; SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus193 pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus; SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus194 pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus; SSLGetSupportedCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus195 pub fn SSLGetSupportedCiphers( 196 context: SSLContextRef, 197 ciphers: *mut SSLCipherSuite, 198 numCiphers: *mut usize, 199 ) -> OSStatus; SSLGetNumberSupportedCiphers( context: SSLContextRef, numCiphers: *mut usize, ) -> OSStatus200 pub fn SSLGetNumberSupportedCiphers( 201 context: SSLContextRef, 202 numCiphers: *mut usize, 203 ) -> OSStatus; SSLGetEnabledCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus204 pub fn SSLGetEnabledCiphers( 205 context: SSLContextRef, 206 ciphers: *mut SSLCipherSuite, 207 numCiphers: *mut usize, 208 ) -> OSStatus; SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus209 pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus; SSLSetEnabledCiphers( context: SSLContextRef, ciphers: *const SSLCipherSuite, numCiphers: usize, ) -> OSStatus210 pub fn SSLSetEnabledCiphers( 211 context: SSLContextRef, 212 ciphers: *const SSLCipherSuite, 213 numCiphers: usize, 214 ) -> OSStatus; SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus215 pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus; SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus216 pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus; 217 #[cfg(target_os = "macos")] SSLSetDiffieHellmanParams( context: SSLContextRef, dhParams: *const c_void, dhParamsLen: usize, ) -> OSStatus218 pub fn SSLSetDiffieHellmanParams( 219 context: SSLContextRef, 220 dhParams: *const c_void, 221 dhParamsLen: usize, 222 ) -> OSStatus; 223 #[cfg(target_os = "macos")] SSLGetDiffieHellmanParams( context: SSLContextRef, dhParams: *mut *const c_void, dhParamsLen: *mut usize, ) -> OSStatus224 pub fn SSLGetDiffieHellmanParams( 225 context: SSLContextRef, 226 dhParams: *mut *const c_void, 227 dhParamsLen: *mut usize, 228 ) -> OSStatus; SSLSetPeerID( context: SSLContextRef, peerID: *const c_void, peerIDLen: usize, ) -> OSStatus229 pub fn SSLSetPeerID( 230 context: SSLContextRef, 231 peerID: *const c_void, 232 peerIDLen: usize, 233 ) -> OSStatus; SSLGetPeerID( context: SSLContextRef, peerID: *mut *const c_void, peerIDLen: *mut usize, ) -> OSStatus234 pub fn SSLGetPeerID( 235 context: SSLContextRef, 236 peerID: *mut *const c_void, 237 peerIDLen: *mut usize, 238 ) -> OSStatus; SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus239 pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus; SSLGetClientCertificateState( context: SSLContextRef, clientState: *mut SSLClientCertificateState, ) -> OSStatus240 pub fn SSLGetClientCertificateState( 241 context: SSLContextRef, 242 clientState: *mut SSLClientCertificateState, 243 ) -> OSStatus; SSLGetNegotiatedProtocolVersion( context: SSLContextRef, protocol: *mut SSLProtocol, ) -> OSStatus244 pub fn SSLGetNegotiatedProtocolVersion( 245 context: SSLContextRef, 246 protocol: *mut SSLProtocol, 247 ) -> OSStatus; SSLGetProtocolVersionMax( context: SSLContextRef, maxVersion: *mut SSLProtocol, ) -> OSStatus248 pub fn SSLGetProtocolVersionMax( 249 context: SSLContextRef, 250 maxVersion: *mut SSLProtocol, 251 ) -> OSStatus; SSLGetProtocolVersionMin( context: SSLContextRef, minVersion: *mut SSLProtocol, ) -> OSStatus252 pub fn SSLGetProtocolVersionMin( 253 context: SSLContextRef, 254 minVersion: *mut SSLProtocol, 255 ) -> OSStatus; SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus256 pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus; SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus257 pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus; 258 #[cfg(target_os = "macos")] SSLSetProtocolVersionEnabled( context: SSLContextRef, protocol: SSLProtocol, enable: Boolean, ) -> OSStatus259 pub fn SSLSetProtocolVersionEnabled( 260 context: SSLContextRef, 261 protocol: SSLProtocol, 262 enable: Boolean, 263 ) -> OSStatus; 264 #[cfg(feature = "OSX_10_13")] SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus265 pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus; 266 #[cfg(feature = "OSX_10_13")] SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus267 pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus; 268 } 269