1 use core_foundation_sys::array::CFArrayRef; 2 use core_foundation_sys::base::CFAllocatorRef; 3 use core_foundation_sys::base::{Boolean, CFTypeRef, OSStatus}; 4 use std::os::raw::{c_char, c_int, c_void}; 5 6 use crate::cipher_suite::SSLCipherSuite; 7 use crate::trust::SecTrustRef; 8 9 pub enum SSLContext {} 10 pub type SSLContextRef = *mut SSLContext; 11 12 pub type SSLConnectionRef = *const c_void; 13 14 pub type SSLProtocol = c_int; 15 pub const kSSLProtocolUnknown: SSLProtocol = 0; 16 pub const kSSLProtocol3: SSLProtocol = 2; 17 pub const kTLSProtocol1: SSLProtocol = 4; 18 pub const kTLSProtocol11: SSLProtocol = 7; 19 pub const kTLSProtocol12: SSLProtocol = 8; 20 pub const kDTLSProtocol1: SSLProtocol = 9; 21 pub const kTLSProtocol13: SSLProtocol = 10; 22 pub const kSSLProtocol2: SSLProtocol = 1; 23 pub const kSSLProtocol3Only: SSLProtocol = 3; 24 pub const kTLSProtocol1Only: SSLProtocol = 5; 25 pub const kSSLProtocolAll: SSLProtocol = 6; 26 27 pub type SSLSessionOption = c_int; 28 pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0; 29 pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1; 30 pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2; 31 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 32 pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3; 33 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 34 pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4; 35 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 36 pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5; 37 #[cfg(all(feature = "OSX_10_10", not(target_os = "ios")))] 38 pub const kSSLSessionOptionFallback: SSLSessionOption = 6; 39 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 40 pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7; 41 42 pub type SSLSessionState = c_int; 43 pub const kSSLIdle: SSLSessionState = 0; 44 pub const kSSLHandshake: SSLSessionState = 1; 45 pub const kSSLConnected: SSLSessionState = 2; 46 pub const kSSLClosed: SSLSessionState = 3; 47 pub const kSSLAborted: SSLSessionState = 4; 48 49 pub type SSLReadFunc = 50 unsafe extern "C" fn(connection: SSLConnectionRef, data: *mut c_void, dataLength: *mut usize) 51 -> OSStatus; 52 53 pub type SSLWriteFunc = unsafe extern "C" fn( 54 connection: SSLConnectionRef, 55 data: *const c_void, 56 dataLength: *mut usize, 57 ) -> OSStatus; 58 59 pub type SSLProtocolSide = c_int; 60 pub const kSSLServerSide: SSLProtocolSide = 0; 61 pub const kSSLClientSide: SSLProtocolSide = 1; 62 63 pub type SSLConnectionType = c_int; 64 pub const kSSLStreamType: SSLConnectionType = 0; 65 pub const kSSLDatagramType: SSLConnectionType = 1; 66 67 pub const errSSLProtocol: OSStatus = -9800; 68 pub const errSSLNegotiation: OSStatus = -9801; 69 pub const errSSLFatalAlert: OSStatus = -9802; 70 pub const errSSLWouldBlock: OSStatus = -9803; 71 pub const errSSLSessionNotFound: OSStatus = -9804; 72 pub const errSSLClosedGraceful: OSStatus = -9805; 73 pub const errSSLClosedAbort: OSStatus = -9806; 74 pub const errSSLXCertChainInvalid: OSStatus = -9807; 75 pub const errSSLBadCert: OSStatus = -9808; 76 pub const errSSLCrypto: OSStatus = -9809; 77 pub const errSSLInternal: OSStatus = -9810; 78 pub const errSSLModuleAttach: OSStatus = -9811; 79 pub const errSSLUnknownRootCert: OSStatus = -9812; 80 pub const errSSLNoRootCert: OSStatus = -9813; 81 pub const errSSLCertExpired: OSStatus = -9814; 82 pub const errSSLCertNotYetValid: OSStatus = -9815; 83 pub const errSSLClosedNoNotify: OSStatus = -9816; 84 pub const errSSLBufferOverflow: OSStatus = -9817; 85 pub const errSSLBadCipherSuite: OSStatus = -9818; 86 pub const errSSLPeerUnexpectedMsg: OSStatus = -9819; 87 pub const errSSLPeerBadRecordMac: OSStatus = -9820; 88 pub const errSSLPeerDecryptionFail: OSStatus = -9821; 89 pub const errSSLPeerRecordOverflow: OSStatus = -9822; 90 pub const errSSLPeerDecompressFail: OSStatus = -9823; 91 pub const errSSLPeerHandshakeFail: OSStatus = -9824; 92 pub const errSSLPeerBadCert: OSStatus = -9825; 93 pub const errSSLPeerUnsupportedCert: OSStatus = -9826; 94 pub const errSSLPeerCertRevoked: OSStatus = -9827; 95 pub const errSSLPeerCertExpired: OSStatus = -9828; 96 pub const errSSLPeerCertUnknown: OSStatus = -9829; 97 pub const errSSLIllegalParam: OSStatus = -9830; 98 pub const errSSLPeerUnknownCA: OSStatus = -9831; 99 pub const errSSLPeerAccessDenied: OSStatus = -9832; 100 pub const errSSLPeerDecodeError: OSStatus = -9833; 101 pub const errSSLPeerDecryptError: OSStatus = -9834; 102 pub const errSSLPeerExportRestriction: OSStatus = -9835; 103 pub const errSSLPeerProtocolVersion: OSStatus = -9836; 104 pub const errSSLPeerInsufficientSecurity: OSStatus = -9837; 105 pub const errSSLPeerInternalError: OSStatus = -9838; 106 pub const errSSLPeerUserCancelled: OSStatus = -9839; 107 pub const errSSLPeerNoRenegotiation: OSStatus = -9840; 108 pub const errSSLPeerAuthCompleted: OSStatus = -9841; 109 pub const errSSLClientCertRequested: OSStatus = -9842; 110 pub const errSSLHostNameMismatch: OSStatus = -9843; 111 pub const errSSLConnectionRefused: OSStatus = -9844; 112 pub const errSSLDecryptionFail: OSStatus = -9845; 113 pub const errSSLBadRecordMac: OSStatus = -9846; 114 pub const errSSLRecordOverflow: OSStatus = -9847; 115 pub const errSSLBadConfiguration: OSStatus = -9848; 116 pub const errSSLClientHelloReceived: OSStatus = -9851; 117 118 pub type SSLAuthenticate = c_int; 119 pub const kNeverAuthenticate: SSLAuthenticate = 0; 120 pub const kAlwaysAuthenticate: SSLAuthenticate = 1; 121 pub const kTryAuthenticate: SSLAuthenticate = 2; 122 123 pub type SSLClientCertificateState = c_int; 124 pub const kSSLClientCertNone: SSLClientCertificateState = 0; 125 pub const kSSLClientCertRequested: SSLClientCertificateState = 1; 126 pub const kSSLClientCertSent: SSLClientCertificateState = 2; 127 pub const kSSLClientCertRejected: SSLClientCertificateState = 3; 128 129 extern "C" { SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID130 pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID; SSLCreateContext( alloc: CFAllocatorRef, protocolSide: SSLProtocolSide, connectionType: SSLConnectionType, ) -> SSLContextRef131 pub fn SSLCreateContext( 132 alloc: CFAllocatorRef, 133 protocolSide: SSLProtocolSide, 134 connectionType: SSLConnectionType, 135 ) -> SSLContextRef; 136 #[cfg(target_os = "macos")] SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus137 pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus; 138 #[cfg(target_os = "macos")] SSLDisposeContext(context: SSLContextRef) -> OSStatus139 pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus; SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus140 pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus; SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus141 pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus; SSLSetIOFuncs( context: SSLContextRef, read: SSLReadFunc, write: SSLWriteFunc, ) -> OSStatus142 pub fn SSLSetIOFuncs( 143 context: SSLContextRef, 144 read: SSLReadFunc, 145 write: SSLWriteFunc, 146 ) -> OSStatus; SSLHandshake(context: SSLContextRef) -> OSStatus147 pub fn SSLHandshake(context: SSLContextRef) -> OSStatus; SSLClose(context: SSLContextRef) -> OSStatus148 pub fn SSLClose(context: SSLContextRef) -> OSStatus; SSLRead( context: SSLContextRef, data: *mut c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus149 pub fn SSLRead( 150 context: SSLContextRef, 151 data: *mut c_void, 152 dataLen: usize, 153 processed: *mut usize, 154 ) -> OSStatus; SSLWrite( context: SSLContextRef, data: *const c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus155 pub fn SSLWrite( 156 context: SSLContextRef, 157 data: *const c_void, 158 dataLen: usize, 159 processed: *mut usize, 160 ) -> OSStatus; SSLSetPeerDomainName( context: SSLContextRef, peerName: *const c_char, peerNameLen: usize, ) -> OSStatus161 pub fn SSLSetPeerDomainName( 162 context: SSLContextRef, 163 peerName: *const c_char, 164 peerNameLen: usize, 165 ) -> OSStatus; SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus166 pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus; SSLGetPeerDomainName( context: SSLContextRef, peerName: *mut c_char, peerNameLen: *mut usize, ) -> OSStatus167 pub fn SSLGetPeerDomainName( 168 context: SSLContextRef, 169 peerName: *mut c_char, 170 peerNameLen: *mut usize, 171 ) -> OSStatus; SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus172 pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus; 173 #[cfg(target_os = "macos")] SSLSetCertificateAuthorities( context: SSLContextRef, certificateOrArray: CFTypeRef, replaceExisting: Boolean, ) -> OSStatus174 pub fn SSLSetCertificateAuthorities( 175 context: SSLContextRef, 176 certificateOrArray: CFTypeRef, 177 replaceExisting: Boolean, 178 ) -> OSStatus; 179 #[cfg(target_os = "macos")] SSLCopyCertificateAuthorities( context: SSLContextRef, certificates: *mut CFArrayRef, ) -> OSStatus180 pub fn SSLCopyCertificateAuthorities( 181 context: SSLContextRef, 182 certificates: *mut CFArrayRef, 183 ) -> OSStatus; SSLSetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: Boolean, ) -> OSStatus184 pub fn SSLSetSessionOption( 185 context: SSLContextRef, 186 option: SSLSessionOption, 187 value: Boolean, 188 ) -> OSStatus; SSLGetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: *mut Boolean, ) -> OSStatus189 pub fn SSLGetSessionOption( 190 context: SSLContextRef, 191 option: SSLSessionOption, 192 value: *mut Boolean, 193 ) -> OSStatus; SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus194 pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus; SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus195 pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus; SSLGetSupportedCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus196 pub fn SSLGetSupportedCiphers( 197 context: SSLContextRef, 198 ciphers: *mut SSLCipherSuite, 199 numCiphers: *mut usize, 200 ) -> OSStatus; SSLGetNumberSupportedCiphers( context: SSLContextRef, numCiphers: *mut usize, ) -> OSStatus201 pub fn SSLGetNumberSupportedCiphers( 202 context: SSLContextRef, 203 numCiphers: *mut usize, 204 ) -> OSStatus; SSLGetEnabledCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus205 pub fn SSLGetEnabledCiphers( 206 context: SSLContextRef, 207 ciphers: *mut SSLCipherSuite, 208 numCiphers: *mut usize, 209 ) -> OSStatus; SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus210 pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus; SSLSetEnabledCiphers( context: SSLContextRef, ciphers: *const SSLCipherSuite, numCiphers: usize, ) -> OSStatus211 pub fn SSLSetEnabledCiphers( 212 context: SSLContextRef, 213 ciphers: *const SSLCipherSuite, 214 numCiphers: usize, 215 ) -> OSStatus; SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus216 pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus; SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus217 pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus; 218 #[cfg(target_os = "macos")] SSLSetDiffieHellmanParams( context: SSLContextRef, dhParams: *const c_void, dhParamsLen: usize, ) -> OSStatus219 pub fn SSLSetDiffieHellmanParams( 220 context: SSLContextRef, 221 dhParams: *const c_void, 222 dhParamsLen: usize, 223 ) -> OSStatus; 224 #[cfg(target_os = "macos")] SSLGetDiffieHellmanParams( context: SSLContextRef, dhParams: *mut *const c_void, dhParamsLen: *mut usize, ) -> OSStatus225 pub fn SSLGetDiffieHellmanParams( 226 context: SSLContextRef, 227 dhParams: *mut *const c_void, 228 dhParamsLen: *mut usize, 229 ) -> OSStatus; SSLSetPeerID( context: SSLContextRef, peerID: *const c_void, peerIDLen: usize, ) -> OSStatus230 pub fn SSLSetPeerID( 231 context: SSLContextRef, 232 peerID: *const c_void, 233 peerIDLen: usize, 234 ) -> OSStatus; SSLGetPeerID( context: SSLContextRef, peerID: *mut *const c_void, peerIDLen: *mut usize, ) -> OSStatus235 pub fn SSLGetPeerID( 236 context: SSLContextRef, 237 peerID: *mut *const c_void, 238 peerIDLen: *mut usize, 239 ) -> OSStatus; SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus240 pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus; SSLGetClientCertificateState( context: SSLContextRef, clientState: *mut SSLClientCertificateState, ) -> OSStatus241 pub fn SSLGetClientCertificateState( 242 context: SSLContextRef, 243 clientState: *mut SSLClientCertificateState, 244 ) -> OSStatus; SSLGetNegotiatedProtocolVersion( context: SSLContextRef, protocol: *mut SSLProtocol, ) -> OSStatus245 pub fn SSLGetNegotiatedProtocolVersion( 246 context: SSLContextRef, 247 protocol: *mut SSLProtocol, 248 ) -> OSStatus; SSLGetProtocolVersionMax( context: SSLContextRef, maxVersion: *mut SSLProtocol, ) -> OSStatus249 pub fn SSLGetProtocolVersionMax( 250 context: SSLContextRef, 251 maxVersion: *mut SSLProtocol, 252 ) -> OSStatus; SSLGetProtocolVersionMin( context: SSLContextRef, minVersion: *mut SSLProtocol, ) -> OSStatus253 pub fn SSLGetProtocolVersionMin( 254 context: SSLContextRef, 255 minVersion: *mut SSLProtocol, 256 ) -> OSStatus; SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus257 pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus; SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus258 pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus; 259 #[cfg(target_os = "macos")] SSLSetProtocolVersionEnabled( context: SSLContextRef, protocol: SSLProtocol, enable: Boolean, ) -> OSStatus260 pub fn SSLSetProtocolVersionEnabled( 261 context: SSLContextRef, 262 protocol: SSLProtocol, 263 enable: Boolean, 264 ) -> OSStatus; 265 #[cfg(feature = "OSX_10_13")] SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus266 pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus; 267 #[cfg(feature = "OSX_10_13")] SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus268 pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus; 269 #[cfg(feature = "OSX_10_13")] SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus270 pub fn SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus; 271 } 272