ssl.rs source code [crates/openssl-sys/src/handwritten/ssl.rs]

1	use super::super::*;
2	use libc::*;
3
4	pub enum SSL_METHOD {}
5	pub enum SSL_CIPHER {}
6	cfg_if! {
7	if #[cfg(any(ossl110, libressl280))] {
8	pub enum SSL_SESSION {}
9	} else if #[cfg(libressl251)] {
10	#[repr(C)]
11	pub struct SSL_SESSION {
12	ssl_version: c_int,
13	pub master_key_length: c_int,
14	pub master_key: [c_uchar; `48`],
15	session_id_length: c_uint,
16	session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
17	sid_ctx_length: c_uint,
18	sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
19	peer: *mut X509,
20	verify_result: c_long,
21	timeout: c_long,
22	time: time_t,
23	pub references: c_int,
24	cipher: *const SSL_CIPHER,
25	cipher_id: c_long,
26	ciphers: *mut stack_st_SSL_CIPHER,
27	tlsext_hostname: *mut c_char,
28	tlsext_tick: *mut c_uchar,
29	tlsext_ticklen: size_t,
30	tlsext_tick_lifetime_int: c_long,
31	internal: *mut c_void,
32	}
33	} else if #[cfg(libressl)] {
34	#[repr(C)]
35	pub struct SSL_SESSION {
36	ssl_version: c_int,
37	pub master_key_length: c_int,
38	pub master_key: [c_uchar; `48`],
39	session_id_length: c_uint,
40	session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
41	sid_ctx_length: c_uint,
42	sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
43	not_resumable: c_int,
44	sess_cert: *mut c_void,
45	peer: *mut X509,
46	verify_result: c_long,
47	timeout: c_long,
48	time: time_t,
49	pub references: c_int,
50	cipher: *const c_void,
51	cipher_id: c_ulong,
52	ciphers: *mut c_void,
53	ex_data: CRYPTO_EX_DATA,
54	prev: *mut c_void,
55	next: *mut c_void,
56	tlsext_hostname: *mut c_char,
57	tlsext_ecpointformatlist_length: size_t,
58	tlsext_ecpointformatlist: *mut u8,
59	tlsext_ellipticcurvelist_length: size_t,
60	tlsext_ellipticcurvelist: *mut u16,
61	tlsext_tick: *mut c_uchar,
62	tlsext_ticklen: size_t,
63	tlsext_tick_lifetime_hint: c_long,
64	}
65	} else {
66	#[repr(C)]
67	pub struct SSL_SESSION {
68	ssl_version: c_int,
69	key_arg_length: c_uint,
70	key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize],
71	pub master_key_length: c_int,
72	pub master_key: [c_uchar; `48`],
73	session_id_length: c_uint,
74	session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize],
75	sid_ctx_length: c_uint,
76	sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize],
77	#[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
78	krb5_client_princ_len: c_uint,
79	#[cfg(not(osslconf = "OPENSSL_NO_KRB5"))]
80	krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize],
81	#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
82	psk_identity_hint: *mut c_char,
83	#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
84	psk_identity: *mut c_char,
85	not_resumable: c_int,
86	sess_cert: *mut c_void,
87	peer: *mut X509,
88	verify_result: c_long,
89	pub references: c_int,
90	timeout: c_long,
91	time: c_long,
92	compress_meth: c_uint,
93	cipher: *const c_void,
94	cipher_id: c_ulong,
95	ciphers: *mut c_void,
96	ex_data: CRYPTO_EX_DATA,
97	prev: *mut c_void,
98	next: *mut c_void,
99	#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
100	tlsext_hostname: *mut c_char,
101	#[cfg(all(
102	not(osslconf = "OPENSSL_NO_TLSEXT"),
103	not(osslconf = "OPENSSL_NO_EC")
104	))]
105	tlsext_ecpointformatlist_length: size_t,
106	#[cfg(all(
107	not(osslconf = "OPENSSL_NO_TLSEXT"),
108	not(osslconf = "OPENSSL_NO_EC")
109	))]
110	tlsext_ecpointformatlist: *mut c_uchar,
111	#[cfg(all(
112	not(osslconf = "OPENSSL_NO_TLSEXT"),
113	not(osslconf = "OPENSSL_NO_EC")
114	))]
115	tlsext_ellipticcurvelist_length: size_t,
116	#[cfg(all(
117	not(osslconf = "OPENSSL_NO_TLSEXT"),
118	not(osslconf = "OPENSSL_NO_EC")
119	))]
120	tlsext_ellipticcurvelist: *mut c_uchar,
121	#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
122	tlsext_tick: *mut c_uchar,
123	#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
124	tlsext_ticklen: size_t,
125	#[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))]
126	tlsext_tick_lifetime_hint: c_long,
127	#[cfg(not(osslconf = "OPENSSL_NO_SRP"))]
128	srp_username: *mut c_char,
129	}
130	}
131	}
132
133	stack!(stack_st_SSL_CIPHER);
134
135	#[repr(C)]
136	pub struct SRTP_PROTECTION_PROFILE {
137	pub name: *const c_char,
138	pub id: c_ulong,
139	}
140
141	stack!(stack_st_SRTP_PROTECTION_PROFILE);
142
143	pub type tls_session_ticket_ext_cb_fn =
144	Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
145	pub type tls_session_secret_cb_fn = Option<
146	unsafe extern "C" fn(
147	*mut SSL,
148	*mut c_void,
149	*mut c_int,
150	*mut stack_st_SSL_CIPHER,
151	*mut *mut SSL_CIPHER,
152	*mut c_void,
153	) -> c_int,
154	>;
155
156	#[cfg(ossl111)]
157	pub type SSL_custom_ext_add_cb_ex = Option<
158	unsafe extern "C" fn(
159	ssl: *mut SSL,
160	ext_type: c_uint,
161	context: c_uint,
162	out: *mut *const c_uchar,
163	outlen: *mut size_t,
164	x: *mut X509,
165	chainidx: size_t,
166	al: *mut c_int,
167	add_arg: *mut c_void,
168	) -> c_int,
169	>;
170
171	#[cfg(ossl111)]
172	pub type SSL_custom_ext_free_cb_ex = Option<
173	unsafe extern "C" fn(
174	ssl: *mut SSL,
175	ext_type: c_uint,
176	context: c_uint,
177	out: *const c_uchar,
178	add_arg: *mut c_void,
179	),
180	>;
181
182	#[cfg(ossl111)]
183	pub type SSL_custom_ext_parse_cb_ex = Option<
184	unsafe extern "C" fn(
185	ssl: *mut SSL,
186	ext_type: c_uint,
187	context: c_uint,
188	input: *const c_uchar,
189	inlen: size_t,
190	x: *mut X509,
191	chainidx: size_t,
192	al: *mut c_int,
193	parse_arg: *mut c_void,
194	) -> c_int,
195	>;
196
197	cfg_if! {
198	if #[cfg(ossl300)] {
199	extern "C" {
200	pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64;
201	pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64;
202	pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64;
203	}
204	} else if #[cfg(ossl110)] {
205	extern "C" {
206	pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong;
207	pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
208	pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong;
209	}
210	}
211	}
212
213	pub type GEN_SESSION_CB =
214	Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
215
216	extern "C" {
217	pub fn SSL_CTX_sess_set_new_cb(
218	ctx: *mut SSL_CTX,
219	new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
220	);
221	pub fn SSL_CTX_sess_set_remove_cb(
222	ctx: *mut SSL_CTX,
223	remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
224	);
225	}
226	cfg_if! {
227	// const change in passed function pointer signature
228	if #[cfg(any(ossl110, libressl280))] {
229	extern "C" {
230	pub fn SSL_CTX_sess_set_get_cb(
231	ctx: *mut SSL_CTX,
232	get_session_cb: Option<
233	unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
234	>,
235	);
236	}
237	} else {
238	extern "C" {
239	pub fn SSL_CTX_sess_set_get_cb(
240	ctx: *mut SSL_CTX,
241	get_session_cb: Option<
242	unsafe extern "C" fn(*mut SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION,
243	>,
244	);
245	}
246	}
247	}
248	extern "C" {
249	// FIXME change to unsafe extern "C" fn
250	pub fn SSL_CTX_set_cookie_generate_cb(
251	s: *mut SSL_CTX,
252	cb: Option<
253	extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
254	>,
255	);
256	}
257
258	cfg_if! {
259	// const change in passed function pointer signature
260	if #[cfg(any(ossl110, libressl280))] {
261	extern "C" {
262	pub fn SSL_CTX_set_cookie_verify_cb(
263	s: *mut SSL_CTX,
264	cb: Option<
265	extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int,
266	>,
267	);
268	}
269	} else {
270	extern "C" {
271	pub fn SSL_CTX_set_cookie_verify_cb(
272	s: *mut SSL_CTX,
273	cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: c_uint) -> c_int>,
274	);
275	}
276	}
277	}
278
279	extern "C" {
280	#[cfg(ossl111)]
281	pub fn SSL_CTX_set_stateless_cookie_generate_cb(
282	s: *mut SSL_CTX,
283	cb: Option<
284	unsafe extern "C" fn(
285	ssl: *mut SSL,
286	cookie: *mut c_uchar,
287	cookie_len: *mut size_t,
288	) -> c_int,
289	>,
290	);
291	#[cfg(ossl111)]
292	pub fn SSL_CTX_set_stateless_cookie_verify_cb(
293	s: *mut SSL_CTX,
294	cb: Option<
295	unsafe extern "C" fn(
296	ssl: *mut SSL,
297	cookie: *const c_uchar,
298	cookie_len: size_t,
299	) -> c_int,
300	>,
301	);
302
303	pub fn SSL_CTX_set_next_protos_advertised_cb(
304	ssl: *mut SSL_CTX,
305	cb: extern "C" fn(
306	ssl: *mut SSL,
307	out: *mut *const c_uchar,
308	outlen: *mut c_uint,
309	arg: *mut c_void,
310	) -> c_int,
311	arg: *mut c_void,
312	);
313	pub fn SSL_CTX_set_next_proto_select_cb(
314	ssl: *mut SSL_CTX,
315	cb: extern "C" fn(
316	ssl: *mut SSL,
317	out: *mut *mut c_uchar,
318	outlen: *mut c_uchar,
319	inbuf: *const c_uchar,
320	inlen: c_uint,
321	arg: *mut c_void,
322	) -> c_int,
323	arg: *mut c_void,
324	);
325	pub fn SSL_get0_next_proto_negotiated(
326	s: *const SSL,
327	data: *mut *const c_uchar,
328	len: *mut c_uint,
329	);
330
331	pub fn SSL_select_next_proto(
332	out: *mut *mut c_uchar,
333	outlen: *mut c_uchar,
334	inbuf: *const c_uchar,
335	inlen: c_uint,
336	client: *const c_uchar,
337	client_len: c_uint,
338	) -> c_int;
339	}
340
341	extern "C" {
342	#[cfg(any(ossl102, libressl261))]
343	pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int;
344	#[cfg(any(ossl102, libressl261))]
345	pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int;
346	#[cfg(any(ossl102, libressl261))]
347	#[link_name = "SSL_CTX_set_alpn_select_cb"]
348	pub fn SSL_CTX_set_alpn_select_cb__fixed_rust(
349	ssl: *mut SSL_CTX,
350	cb: Option<
351	unsafe extern "C" fn(
352	ssl: *mut SSL,
353	out: *mut *const c_uchar,
354	outlen: *mut c_uchar,
355	inbuf: *const c_uchar,
356	inlen: c_uint,
357	arg: *mut c_void,
358	) -> c_int,
359	>,
360	arg: *mut c_void,
361	);
362	#[cfg(any(ossl102, libressl261))]
363	pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
364	}
365
366	#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
367	extern "C" {
368	pub fn SSL_CTX_set_psk_client_callback(
369	ssl: *mut SSL_CTX,
370	psk_client_cb: Option<
371	extern "C" fn(
372	*mut SSL,
373	*const c_char,
374	*mut c_char,
375	c_uint,
376	*mut c_uchar,
377	c_uint,
378	) -> c_uint,
379	>,
380	);
381	pub fn SSL_CTX_set_psk_server_callback(
382	ssl: *mut SSL_CTX,
383	psk_server_cb: Option<
384	extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
385	>,
386	);
387	pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
388	pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
389	}
390
391	extern "C" {
392	#[cfg(ossl111)]
393	pub fn SSL_CTX_add_custom_ext(
394	ctx: *mut SSL_CTX,
395	ext_type: c_uint,
396	context: c_uint,
397	add_cb: SSL_custom_ext_add_cb_ex,
398	free_cb: SSL_custom_ext_free_cb_ex,
399	add_arg: *mut c_void,
400	parse_cb: SSL_custom_ext_parse_cb_ex,
401	parse_arg: *mut c_void,
402	) -> c_int;
403
404	#[cfg(ossl102)]
405	pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
406	}
407
408	#[cfg(ossl111)]
409	pub type SSL_CTX_keylog_cb_func =
410	Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
411
412	extern "C" {
413	#[cfg(ossl111)]
414	pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func);
415
416	#[cfg(any(ossl111, libressl340))]
417	pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int;
418	#[cfg(any(ossl111, libressl340))]
419	pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32;
420	#[cfg(any(ossl111, libressl340))]
421	pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int;
422	#[cfg(any(ossl111, libressl340))]
423	pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32;
424
425	pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
426	pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t;
427
428	pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int;
429	pub fn SSL_get_verify_mode(s: *const SSL) -> c_int;
430	}
431
432	const_ptr_api! {
433	extern "C" {
434	#[cfg(ossl110)]
435	pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int;
436	}
437	}
438
439	cfg_if! {
440	if #[cfg(libressl261)] {
441	extern "C" {
442	pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
443	pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int;
444	pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int;
445	pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int;
446	}
447	}
448	}
449
450	cfg_if! {
451	if #[cfg(libressl270)] {
452	extern "C" {
453	pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int;
454	pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int;
455	pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int;
456	pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int;
457	}
458	}
459	}
460
461	extern "C" {
462	pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int;
463	pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX;
464	pub fn SSL_CTX_free(ctx: *mut SSL_CTX);
465	#[cfg(any(ossl110, libressl273))]
466	pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int;
467	pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE;
468	pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE);
469
470	pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER;
471	pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int;
472	}
473	const_ptr_api! {
474	extern "C" {
475	pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> #[const_ptr_if(any(ossl110, libressl280))] c_char;
476	}
477	}
478	extern "C" {
479	#[cfg(ossl111)]
480	pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD;
481	pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
482	#[cfg(ossl111)]
483	pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
484	#[cfg(ossl111)]
485	pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
486
487	pub fn SSL_pending(ssl: *const SSL) -> c_int;
488	pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);
489	pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO;
490	pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO;
491	#[cfg(any(ossl111, libressl340))]
492	pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int;
493	#[cfg(any(ossl111, libressl340))]
494	pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int;
495	pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int;
496	pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int;
497	pub fn SSL_set_verify(
498	ssl: *mut SSL,
499	mode: c_int,
500	// FIXME should be unsafe
501	verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
502	);
503	pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
504	pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
505
506	pub fn SSL_CTX_use_PrivateKey_file(
507	ctx: *mut SSL_CTX,
508	key_file: *const c_char,
509	file_type: c_int,
510	) -> c_int;
511	pub fn SSL_CTX_use_certificate_file(
512	ctx: *mut SSL_CTX,
513	cert_file: *const c_char,
514	file_type: c_int,
515	) -> c_int;
516	pub fn SSL_CTX_use_certificate_chain_file(
517	ctx: *mut SSL_CTX,
518	cert_chain_file: *const c_char,
519	) -> c_int;
520	pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
521	pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
522	pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
523	#[cfg(any(ossl110, libressl332))]
524	pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int;
525	pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME);
526	pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int;
527	pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME;
528
529	#[cfg(not(ossl110))]
530	pub fn SSL_load_error_strings();
531	pub fn SSL_state_string(ssl: *const SSL) -> *const c_char;
532	pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char;
533
534	pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long;
535	pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long;
536	#[cfg(any(ossl110, libressl270))]
537	pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int;
538
539	#[cfg(any(ossl111, libressl340))]
540	pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int;
541	#[cfg(any(ossl111, libressl340))]
542	pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32;
543
544	pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar;
545	#[cfg(any(ossl110, libressl273))]
546	pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int;
547	pub fn SSL_SESSION_free(s: *mut SSL_SESSION);
548	}
549	const_ptr_api! {
550	extern "C" {
551	pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int;
552	}
553	}
554	extern "C" {
555	pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
556	pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
557	pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
558	pub fn d2i_SSL_SESSION(
559	a: *mut *mut SSL_SESSION,
560	pp: *mut *const c_uchar,
561	len: c_long,
562	) -> *mut SSL_SESSION;
563
564	#[cfg(not(ossl300))]
565	pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
566	#[cfg(ossl300)]
567	pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509;
568
569	pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
570
571	pub fn SSL_CTX_set_verify(
572	ctx: *mut SSL_CTX,
573	mode: c_int,
574	verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
575	);
576	pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
577
578	#[cfg(any(ossl111, libressl340))]
579	pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int);
580
581	pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
582
583	pub fn SSL_CTX_set_session_id_context(
584	ssl: *mut SSL_CTX,
585	sid_ctx: *const c_uchar,
586	sid_ctx_len: c_uint,
587	) -> c_int;
588
589	pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
590
591	#[cfg(any(ossl102, libressl261))]
592	pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM;
593
594	#[cfg(any(ossl102, libressl261))]
595	pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM;
596	}
597
598	#[cfg(ossl111)]
599	pub type SSL_client_hello_cb_fn =
600	Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
601	extern "C" {
602	#[cfg(ossl111)]
603	pub fn SSL_CTX_set_client_hello_cb(
604	c: *mut SSL_CTX,
605	cb: SSL_client_hello_cb_fn,
606	arg: *mut c_void,
607	);
608	#[cfg(ossl111)]
609	pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
610	#[cfg(ossl111)]
611	pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint;
612	#[cfg(ossl111)]
613	pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
614	#[cfg(ossl111)]
615	pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
616	#[cfg(ossl111)]
617	pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
618	#[cfg(ossl111)]
619	pub fn SSL_client_hello_get0_compression_methods(
620	s: *mut SSL,
621	out: *mut *const c_uchar,
622	) -> size_t;
623	#[cfg(ossl111)]
624	pub fn SSL_client_hello_get1_extensions_present(
625	s: *mut SSL,
626	out: *mut *mut c_int,
627	outlen: *mut size_t,
628	) -> c_int;
629	#[cfg(ossl111)]
630	pub fn SSL_client_hello_get0_ext(
631	s: *mut SSL,
632	type_: c_uint,
633	out: *mut *const c_uchar,
634	outlen: *mut size_t,
635	) -> c_int;
636
637	pub fn SSL_free(ssl: *mut SSL);
638	pub fn SSL_accept(ssl: *mut SSL) -> c_int;
639	#[cfg(ossl111)]
640	pub fn SSL_stateless(s: *mut SSL) -> c_int;
641	pub fn SSL_connect(ssl: *mut SSL) -> c_int;
642	pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
643	#[cfg(any(ossl111, libressl350))]
644	pub fn SSL_read_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
645	-> c_int;
646	pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
647	#[cfg(any(ossl111, libressl350))]
648	pub fn SSL_peek_ex(ssl: *mut SSL, buf: *mut c_void, num: usize, readbytes: *mut usize)
649	-> c_int;
650	#[cfg(any(ossl111, libressl340))]
651	pub fn SSL_read_early_data(
652	s: *mut SSL,
653	buf: *mut c_void,
654	num: size_t,
655	readbytes: *mut size_t,
656	) -> c_int;
657	#[cfg(ossl111)]
658	pub fn SSL_bytes_to_cipher_list(
659	s: *mut SSL,
660	bytes: *const c_uchar,
661	len: size_t,
662	isv2format: c_int,
663	sk: *mut *mut stack_st_SSL_CIPHER,
664	scsvs: *mut *mut stack_st_SSL_CIPHER,
665	) -> c_int;
666	}
667
668	extern "C" {
669	pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
670	#[cfg(any(ossl111, libressl350))]
671	pub fn SSL_write_ex(
672	ssl: *mut SSL,
673	buf: *const c_void,
674	num: size_t,
675	written: *mut size_t,
676	) -> c_int;
677	#[cfg(any(ossl111, libressl340))]
678	pub fn SSL_write_early_data(
679	s: *mut SSL,
680	buf: *const c_void,
681	num: size_t,
682	written: *mut size_t,
683	) -> c_int;
684	pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
685	pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
686	#[link_name = "SSL_CTX_callback_ctrl"]
687	pub fn SSL_CTX_callback_ctrl__fixed_rust(
688	ctx: *mut SSL_CTX,
689	cmd: c_int,
690	fp: Option<unsafe extern "C" fn()>,
691	) -> c_long;
692	}
693
694	cfg_if! {
695	if #[cfg(any(ossl110, libressl291))] {
696	extern "C" {
697	pub fn TLS_method() -> *const SSL_METHOD;
698
699	pub fn DTLS_method() -> *const SSL_METHOD;
700
701	pub fn TLS_server_method() -> *const SSL_METHOD;
702
703	pub fn TLS_client_method() -> *const SSL_METHOD;
704	}
705	} else {
706	extern "C" {
707	#[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))]
708	pub fn SSLv3_method() -> *const SSL_METHOD;
709
710	pub fn SSLv23_method() -> *const SSL_METHOD;
711
712	pub fn SSLv23_client_method() -> *const SSL_METHOD;
713
714	pub fn SSLv23_server_method() -> *const SSL_METHOD;
715
716	pub fn TLSv1_method() -> *const SSL_METHOD;
717
718	pub fn TLSv1_1_method() -> *const SSL_METHOD;
719
720	pub fn TLSv1_2_method() -> *const SSL_METHOD;
721
722	pub fn DTLSv1_method() -> *const SSL_METHOD;
723
724	#[cfg(ossl102)]
725	pub fn DTLSv1_2_method() -> *const SSL_METHOD;
726	}
727	}
728	}
729
730	extern "C" {
731	pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int;
732	pub fn SSL_get_version(ssl: *const SSL) -> *const c_char;
733
734	pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int;
735	pub fn SSL_shutdown(ssl: *mut SSL) -> c_int;
736
737	pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME);
738
739	pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
740
741	pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
742	pub fn SSL_CTX_load_verify_locations(
743	ctx: *mut SSL_CTX,
744	CAfile: *const c_char,
745	CApath: *const c_char,
746	) -> c_int;
747	}
748
749	const_ptr_api! {
750	extern "C" {
751	pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD;
752	}
753	}
754
755	extern "C" {
756	pub fn SSL_set_connect_state(s: *mut SSL);
757	pub fn SSL_set_accept_state(s: *mut SSL);
758
759	#[cfg(not(ossl110))]
760	pub fn SSL_library_init() -> c_int;
761
762	pub fn SSL_CIPHER_description(
763	cipher: *const SSL_CIPHER,
764	buf: *mut c_char,
765	size: c_int,
766	) -> *mut c_char;
767
768	pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
769	}
770	const_ptr_api! {
771	extern "C" {
772	pub fn SSL_get_privatekey(ssl: #[const_ptr_if(any(ossl102, libressl280))] SSL) -> *mut EVP_PKEY;
773	}
774	}
775
776	extern "C" {
777	#[cfg(any(ossl102, libressl270))]
778	pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509;
779	#[cfg(any(ossl102, libressl340))]
780	pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY;
781
782	pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int);
783	pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int;
784	pub fn SSL_version(ssl: *const SSL) -> c_int;
785	pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION;
786	pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX;
787	pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX;
788
789	pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long;
790	#[cfg(ossl110)]
791	pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509;
792
793	#[cfg(any(ossl110, libressl270))]
794	pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
795	#[cfg(any(ossl110, libressl270))]
796	pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
797	#[cfg(any(ossl110, libressl273))]
798	pub fn SSL_SESSION_get_master_key(
799	session: *const SSL_SESSION,
800	out: *mut c_uchar,
801	outlen: size_t,
802	) -> size_t;
803	}
804
805	extern "C" {
806	#[cfg(not(ossl110))]
807	pub fn SSL_get_ex_new_index(
808	argl: c_long,
809	argp: *mut c_void,
810	new_func: Option<CRYPTO_EX_new>,
811	dup_func: Option<CRYPTO_EX_dup>,
812	free_func: Option<CRYPTO_EX_free>,
813	) -> c_int;
814
815	pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int;
816	pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void;
817
818	#[cfg(not(ossl110))]
819	pub fn SSL_CTX_get_ex_new_index(
820	argl: c_long,
821	argp: *mut c_void,
822	new_func: Option<CRYPTO_EX_new>,
823	dup_func: Option<CRYPTO_EX_dup>,
824	free_func: Option<CRYPTO_EX_free>,
825	) -> c_int;
826
827	pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int;
828	pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void;
829
830	pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
831	}
832
833	extern "C" {
834	#[link_name = "SSL_CTX_set_tmp_dh_callback"]
835	pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust(
836	ctx: *mut SSL_CTX,
837	dh: Option<
838	unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
839	>,
840	);
841	#[link_name = "SSL_set_tmp_dh_callback"]
842	pub fn SSL_set_tmp_dh_callback__fixed_rust(
843	ctx: *mut SSL,
844	dh: Option<
845	unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
846	>,
847	);
848	#[cfg(not(ossl110))]
849	#[link_name = "SSL_CTX_set_tmp_ecdh_callback"]
850	pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust(
851	ctx: *mut SSL_CTX,
852	ecdh: Option<
853	unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
854	>,
855	);
856	#[cfg(not(ossl110))]
857	#[link_name = "SSL_set_tmp_ecdh_callback"]
858	pub fn SSL_set_tmp_ecdh_callback__fixed_rust(
859	ssl: *mut SSL,
860	ecdh: Option<
861	unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
862	>,
863	);
864	}
865
866	cfg_if! {
867	if #[cfg(libressl)] {
868	extern "C" {
869	pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void;
870	}
871	} else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
872	const_ptr_api! {
873	extern "C" {
874	pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD;
875	}
876	}
877	}
878	}
879	cfg_if! {
880	if #[cfg(libressl)] {
881	extern "C" {
882	pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char;
883	}
884	} else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] {
885	extern "C" {
886	pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
887	}
888	}
889	}
890
891	#[cfg(not(osslconf = "OPENSSL_NO_COMP"))]
892	extern "C" {
893	#[cfg(ossl110)]
894	pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32;
895	}
896
897	extern "C" {
898	#[cfg(any(ossl110, libressl270))]
899	pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int;
900	#[cfg(any(ossl110, libressl270))]
901	pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int;
902	}
903
904	const_ptr_api! {
905	extern "C" {
906	#[cfg(ossl110)]
907	pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int;
908	}
909	}
910
911	const_ptr_api! {
912	extern "C" {
913	#[cfg(any(ossl102, libressl273))]
914	pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl273))] SSL) -> c_int;
915	}
916	}
917
918	extern "C" {
919	#[cfg(ossl110)]
920	pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int;
921	}
922
923	extern "C" {
924	#[cfg(ossl111)]
925	pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int;
926
927	#[cfg(ossl111)]
928	pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int;
929
930	#[cfg(ossl111b)]
931	pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t;
932	#[cfg(all(ossl111, not(ossl111b)))]
933	pub fn SSL_CTX_get_num_tickets(ctx: *mut SSL_CTX) -> size_t;
934
935	#[cfg(ossl111b)]
936	pub fn SSL_get_num_tickets(s: *const SSL) -> size_t;
937	#[cfg(all(ossl111, not(ossl111b)))]
938	pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
939	}
940
941	extern "C" {
942	#[cfg(any(ossl110, libressl360))]
943	pub fn SSL_CTX_set_security_level(ctx: *mut SSL_CTX, level: c_int);
944
945	#[cfg(any(ossl110, libressl360))]
946	pub fn SSL_set_security_level(s: *mut SSL, level: c_int);
947
948	#[cfg(any(ossl110, libressl360))]
949	pub fn SSL_CTX_get_security_level(ctx: *const SSL_CTX) -> c_int;
950
951	#[cfg(any(ossl110, libressl360))]
952	pub fn SSL_get_security_level(s: *const SSL) -> c_int;
953	}
954