1 use core_foundation_sys::array::CFArrayRef; 2 use core_foundation_sys::base::CFAllocatorRef; 3 #[cfg(target_os = "macos")] 4 use core_foundation_sys::base::CFTypeRef; 5 use core_foundation_sys::base::{Boolean, OSStatus}; 6 use std::os::raw::{c_char, c_int, c_void}; 7 8 use crate::cipher_suite::SSLCipherSuite; 9 use crate::trust::SecTrustRef; 10 11 pub enum SSLContext {} 12 pub type SSLContextRef = *mut SSLContext; 13 14 pub type SSLConnectionRef = *const c_void; 15 16 pub type SSLProtocol = c_int; 17 pub const kSSLProtocolUnknown: SSLProtocol = 0; 18 pub const kSSLProtocol3: SSLProtocol = 2; 19 pub const kTLSProtocol1: SSLProtocol = 4; 20 pub const kTLSProtocol11: SSLProtocol = 7; 21 pub const kTLSProtocol12: SSLProtocol = 8; 22 pub const kDTLSProtocol1: SSLProtocol = 9; 23 pub const kTLSProtocol13: SSLProtocol = 10; 24 pub const kSSLProtocol2: SSLProtocol = 1; 25 pub const kSSLProtocol3Only: SSLProtocol = 3; 26 pub const kTLSProtocol1Only: SSLProtocol = 5; 27 pub const kSSLProtocolAll: SSLProtocol = 6; 28 29 pub type SSLSessionOption = c_int; 30 pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0; 31 pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1; 32 pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2; 33 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 34 pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3; 35 #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] 36 pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4; 37 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 38 pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5; 39 #[cfg(all(feature = "OSX_10_10", not(target_os = "ios")))] 40 pub const kSSLSessionOptionFallback: SSLSessionOption = 6; 41 #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] 42 pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7; 43 44 pub type SSLSessionState = c_int; 45 pub const kSSLIdle: SSLSessionState = 0; 46 pub const kSSLHandshake: SSLSessionState = 1; 47 pub const kSSLConnected: SSLSessionState = 2; 48 pub const kSSLClosed: SSLSessionState = 3; 49 pub const kSSLAborted: SSLSessionState = 4; 50 51 pub type SSLReadFunc = 52 unsafe extern "C" fn(connection: SSLConnectionRef, data: *mut c_void, dataLength: *mut usize) 53 -> OSStatus; 54 55 pub type SSLWriteFunc = unsafe extern "C" fn( 56 connection: SSLConnectionRef, 57 data: *const c_void, 58 dataLength: *mut usize, 59 ) -> OSStatus; 60 61 pub type SSLProtocolSide = c_int; 62 pub const kSSLServerSide: SSLProtocolSide = 0; 63 pub const kSSLClientSide: SSLProtocolSide = 1; 64 65 pub type SSLConnectionType = c_int; 66 pub const kSSLStreamType: SSLConnectionType = 0; 67 pub const kSSLDatagramType: SSLConnectionType = 1; 68 69 pub const errSSLProtocol: OSStatus = -9800; 70 pub const errSSLNegotiation: OSStatus = -9801; 71 pub const errSSLFatalAlert: OSStatus = -9802; 72 pub const errSSLWouldBlock: OSStatus = -9803; 73 pub const errSSLSessionNotFound: OSStatus = -9804; 74 pub const errSSLClosedGraceful: OSStatus = -9805; 75 pub const errSSLClosedAbort: OSStatus = -9806; 76 pub const errSSLXCertChainInvalid: OSStatus = -9807; 77 pub const errSSLBadCert: OSStatus = -9808; 78 pub const errSSLCrypto: OSStatus = -9809; 79 pub const errSSLInternal: OSStatus = -9810; 80 pub const errSSLModuleAttach: OSStatus = -9811; 81 pub const errSSLUnknownRootCert: OSStatus = -9812; 82 pub const errSSLNoRootCert: OSStatus = -9813; 83 pub const errSSLCertExpired: OSStatus = -9814; 84 pub const errSSLCertNotYetValid: OSStatus = -9815; 85 pub const errSSLClosedNoNotify: OSStatus = -9816; 86 pub const errSSLBufferOverflow: OSStatus = -9817; 87 pub const errSSLBadCipherSuite: OSStatus = -9818; 88 pub const errSSLPeerUnexpectedMsg: OSStatus = -9819; 89 pub const errSSLPeerBadRecordMac: OSStatus = -9820; 90 pub const errSSLPeerDecryptionFail: OSStatus = -9821; 91 pub const errSSLPeerRecordOverflow: OSStatus = -9822; 92 pub const errSSLPeerDecompressFail: OSStatus = -9823; 93 pub const errSSLPeerHandshakeFail: OSStatus = -9824; 94 pub const errSSLPeerBadCert: OSStatus = -9825; 95 pub const errSSLPeerUnsupportedCert: OSStatus = -9826; 96 pub const errSSLPeerCertRevoked: OSStatus = -9827; 97 pub const errSSLPeerCertExpired: OSStatus = -9828; 98 pub const errSSLPeerCertUnknown: OSStatus = -9829; 99 pub const errSSLIllegalParam: OSStatus = -9830; 100 pub const errSSLPeerUnknownCA: OSStatus = -9831; 101 pub const errSSLPeerAccessDenied: OSStatus = -9832; 102 pub const errSSLPeerDecodeError: OSStatus = -9833; 103 pub const errSSLPeerDecryptError: OSStatus = -9834; 104 pub const errSSLPeerExportRestriction: OSStatus = -9835; 105 pub const errSSLPeerProtocolVersion: OSStatus = -9836; 106 pub const errSSLPeerInsufficientSecurity: OSStatus = -9837; 107 pub const errSSLPeerInternalError: OSStatus = -9838; 108 pub const errSSLPeerUserCancelled: OSStatus = -9839; 109 pub const errSSLPeerNoRenegotiation: OSStatus = -9840; 110 pub const errSSLPeerAuthCompleted: OSStatus = -9841; 111 pub const errSSLClientCertRequested: OSStatus = -9842; 112 pub const errSSLHostNameMismatch: OSStatus = -9843; 113 pub const errSSLConnectionRefused: OSStatus = -9844; 114 pub const errSSLDecryptionFail: OSStatus = -9845; 115 pub const errSSLBadRecordMac: OSStatus = -9846; 116 pub const errSSLRecordOverflow: OSStatus = -9847; 117 pub const errSSLBadConfiguration: OSStatus = -9848; 118 pub const errSSLClientHelloReceived: OSStatus = -9851; 119 120 pub type SSLAuthenticate = c_int; 121 pub const kNeverAuthenticate: SSLAuthenticate = 0; 122 pub const kAlwaysAuthenticate: SSLAuthenticate = 1; 123 pub const kTryAuthenticate: SSLAuthenticate = 2; 124 125 pub type SSLClientCertificateState = c_int; 126 pub const kSSLClientCertNone: SSLClientCertificateState = 0; 127 pub const kSSLClientCertRequested: SSLClientCertificateState = 1; 128 pub const kSSLClientCertSent: SSLClientCertificateState = 2; 129 pub const kSSLClientCertRejected: SSLClientCertificateState = 3; 130 131 extern "C" { SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID132 pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID; SSLCreateContext( alloc: CFAllocatorRef, protocolSide: SSLProtocolSide, connectionType: SSLConnectionType, ) -> SSLContextRef133 pub fn SSLCreateContext( 134 alloc: CFAllocatorRef, 135 protocolSide: SSLProtocolSide, 136 connectionType: SSLConnectionType, 137 ) -> SSLContextRef; 138 #[cfg(target_os = "macos")] SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus139 pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus; 140 #[cfg(target_os = "macos")] SSLDisposeContext(context: SSLContextRef) -> OSStatus141 pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus; SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus142 pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus; SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus143 pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus; SSLSetIOFuncs( context: SSLContextRef, read: SSLReadFunc, write: SSLWriteFunc, ) -> OSStatus144 pub fn SSLSetIOFuncs( 145 context: SSLContextRef, 146 read: SSLReadFunc, 147 write: SSLWriteFunc, 148 ) -> OSStatus; SSLHandshake(context: SSLContextRef) -> OSStatus149 pub fn SSLHandshake(context: SSLContextRef) -> OSStatus; SSLClose(context: SSLContextRef) -> OSStatus150 pub fn SSLClose(context: SSLContextRef) -> OSStatus; SSLRead( context: SSLContextRef, data: *mut c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus151 pub fn SSLRead( 152 context: SSLContextRef, 153 data: *mut c_void, 154 dataLen: usize, 155 processed: *mut usize, 156 ) -> OSStatus; SSLWrite( context: SSLContextRef, data: *const c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus157 pub fn SSLWrite( 158 context: SSLContextRef, 159 data: *const c_void, 160 dataLen: usize, 161 processed: *mut usize, 162 ) -> OSStatus; SSLSetPeerDomainName( context: SSLContextRef, peerName: *const c_char, peerNameLen: usize, ) -> OSStatus163 pub fn SSLSetPeerDomainName( 164 context: SSLContextRef, 165 peerName: *const c_char, 166 peerNameLen: usize, 167 ) -> OSStatus; SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus168 pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus; SSLGetPeerDomainName( context: SSLContextRef, peerName: *mut c_char, peerNameLen: *mut usize, ) -> OSStatus169 pub fn SSLGetPeerDomainName( 170 context: SSLContextRef, 171 peerName: *mut c_char, 172 peerNameLen: *mut usize, 173 ) -> OSStatus; SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus174 pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus; 175 #[cfg(target_os = "macos")] SSLSetCertificateAuthorities( context: SSLContextRef, certificateOrArray: CFTypeRef, replaceExisting: Boolean, ) -> OSStatus176 pub fn SSLSetCertificateAuthorities( 177 context: SSLContextRef, 178 certificateOrArray: CFTypeRef, 179 replaceExisting: Boolean, 180 ) -> OSStatus; 181 #[cfg(target_os = "macos")] SSLCopyCertificateAuthorities( context: SSLContextRef, certificates: *mut CFArrayRef, ) -> OSStatus182 pub fn SSLCopyCertificateAuthorities( 183 context: SSLContextRef, 184 certificates: *mut CFArrayRef, 185 ) -> OSStatus; SSLSetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: Boolean, ) -> OSStatus186 pub fn SSLSetSessionOption( 187 context: SSLContextRef, 188 option: SSLSessionOption, 189 value: Boolean, 190 ) -> OSStatus; SSLGetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: *mut Boolean, ) -> OSStatus191 pub fn SSLGetSessionOption( 192 context: SSLContextRef, 193 option: SSLSessionOption, 194 value: *mut Boolean, 195 ) -> OSStatus; SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus196 pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus; SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus197 pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus; SSLGetSupportedCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus198 pub fn SSLGetSupportedCiphers( 199 context: SSLContextRef, 200 ciphers: *mut SSLCipherSuite, 201 numCiphers: *mut usize, 202 ) -> OSStatus; SSLGetNumberSupportedCiphers( context: SSLContextRef, numCiphers: *mut usize, ) -> OSStatus203 pub fn SSLGetNumberSupportedCiphers( 204 context: SSLContextRef, 205 numCiphers: *mut usize, 206 ) -> OSStatus; SSLGetEnabledCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus207 pub fn SSLGetEnabledCiphers( 208 context: SSLContextRef, 209 ciphers: *mut SSLCipherSuite, 210 numCiphers: *mut usize, 211 ) -> OSStatus; SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus212 pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus; SSLSetEnabledCiphers( context: SSLContextRef, ciphers: *const SSLCipherSuite, numCiphers: usize, ) -> OSStatus213 pub fn SSLSetEnabledCiphers( 214 context: SSLContextRef, 215 ciphers: *const SSLCipherSuite, 216 numCiphers: usize, 217 ) -> OSStatus; SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus218 pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus; SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus219 pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus; 220 #[cfg(target_os = "macos")] SSLSetDiffieHellmanParams( context: SSLContextRef, dhParams: *const c_void, dhParamsLen: usize, ) -> OSStatus221 pub fn SSLSetDiffieHellmanParams( 222 context: SSLContextRef, 223 dhParams: *const c_void, 224 dhParamsLen: usize, 225 ) -> OSStatus; 226 #[cfg(target_os = "macos")] SSLGetDiffieHellmanParams( context: SSLContextRef, dhParams: *mut *const c_void, dhParamsLen: *mut usize, ) -> OSStatus227 pub fn SSLGetDiffieHellmanParams( 228 context: SSLContextRef, 229 dhParams: *mut *const c_void, 230 dhParamsLen: *mut usize, 231 ) -> OSStatus; SSLSetPeerID( context: SSLContextRef, peerID: *const c_void, peerIDLen: usize, ) -> OSStatus232 pub fn SSLSetPeerID( 233 context: SSLContextRef, 234 peerID: *const c_void, 235 peerIDLen: usize, 236 ) -> OSStatus; SSLGetPeerID( context: SSLContextRef, peerID: *mut *const c_void, peerIDLen: *mut usize, ) -> OSStatus237 pub fn SSLGetPeerID( 238 context: SSLContextRef, 239 peerID: *mut *const c_void, 240 peerIDLen: *mut usize, 241 ) -> OSStatus; SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus242 pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus; SSLGetClientCertificateState( context: SSLContextRef, clientState: *mut SSLClientCertificateState, ) -> OSStatus243 pub fn SSLGetClientCertificateState( 244 context: SSLContextRef, 245 clientState: *mut SSLClientCertificateState, 246 ) -> OSStatus; SSLGetNegotiatedProtocolVersion( context: SSLContextRef, protocol: *mut SSLProtocol, ) -> OSStatus247 pub fn SSLGetNegotiatedProtocolVersion( 248 context: SSLContextRef, 249 protocol: *mut SSLProtocol, 250 ) -> OSStatus; SSLGetProtocolVersionMax( context: SSLContextRef, maxVersion: *mut SSLProtocol, ) -> OSStatus251 pub fn SSLGetProtocolVersionMax( 252 context: SSLContextRef, 253 maxVersion: *mut SSLProtocol, 254 ) -> OSStatus; SSLGetProtocolVersionMin( context: SSLContextRef, minVersion: *mut SSLProtocol, ) -> OSStatus255 pub fn SSLGetProtocolVersionMin( 256 context: SSLContextRef, 257 minVersion: *mut SSLProtocol, 258 ) -> OSStatus; SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus259 pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus; SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus260 pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus; 261 #[cfg(target_os = "macos")] SSLSetProtocolVersionEnabled( context: SSLContextRef, protocol: SSLProtocol, enable: Boolean, ) -> OSStatus262 pub fn SSLSetProtocolVersionEnabled( 263 context: SSLContextRef, 264 protocol: SSLProtocol, 265 enable: Boolean, 266 ) -> OSStatus; 267 #[cfg(feature = "OSX_10_13")] SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus268 pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus; 269 #[cfg(feature = "OSX_10_13")] SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus270 pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus; 271 #[cfg(feature = "OSX_10_13")] SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus272 pub fn SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus; 273 } 274