修复 lj-cargo-5686192-0635719 问题

Change-Id: I7b211c5a20d7951ac8830fa54b4f83003267265d
Signed-off-by: peizhe <zhaipeizhe@huawei.com>
This commit is contained in:
peizhe
2024-03-07 10:21:20 +08:00
parent eb6b27ddf4
commit d99b8a769d
5 changed files with 38 additions and 5 deletions
+2
View File
@@ -644,6 +644,8 @@ const_ptr_api! {
extern "C" {
#[cfg(any(ossl110, libressl270))]
pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT;
#[cfg(ossl300)]
pub fn X509_STORE_get1_all_certs(ctx: *mut X509_STORE) -> *mut stack_st_X509;
}
}
+4 -2
View File
@@ -573,7 +573,8 @@ impl CipherCtxRef {
/// output size check removed. It can be used when the exact
/// buffer size control is maintained by the caller.
///
/// SAFETY: The caller is expected to provide `output` buffer
/// # Safety
/// The caller is expected to provide `output` buffer
/// large enough to contain correct number of bytes. For streaming
/// ciphers the output buffer size should be at least as big as
/// the input buffer. For block ciphers the size of the output
@@ -685,7 +686,8 @@ impl CipherCtxRef {
/// This function is the same as [`Self::cipher_final`] but with
/// the output buffer size check removed.
///
/// SAFETY: The caller is expected to provide `output` buffer
/// # Safety
/// The caller is expected to provide `output` buffer
/// large enough to contain correct number of bytes. For streaming
/// ciphers the output buffer can be empty, for block ciphers the
/// output buffer should be at least as big as the block.
+1 -1
View File
@@ -119,7 +119,7 @@
//! ```
#![doc(html_root_url = "https://docs.rs/openssl/0.10")]
#![warn(rust_2018_idioms)]
#![allow(clippy::uninlined_format_args)]
#![allow(clippy::uninlined_format_args, clippy::needless_doctest_main)]
#[doc(inline)]
pub use ffi::init;
+16 -2
View File
@@ -42,13 +42,13 @@
//! ```
use cfg_if::cfg_if;
use foreign_types::ForeignTypeRef;
use foreign_types::{ForeignType, ForeignTypeRef};
use std::mem;
use crate::error::ErrorStack;
#[cfg(not(boringssl))]
use crate::ssl::SslFiletype;
use crate::stack::StackRef;
use crate::stack::{Stack, StackRef};
#[cfg(any(ossl102, libressl261))]
use crate::x509::verify::{X509VerifyFlags, X509VerifyParamRef};
use crate::x509::{X509Object, X509PurposeId, X509};
@@ -260,10 +260,24 @@ foreign_type_and_impl_send_sync! {
impl X509StoreRef {
/// Get a reference to the cache of certificates in this store.
///
/// This method is deprecated. It is **unsound** and will be removed in a
/// future version of rust-openssl. `X509StoreRef::all_certificates`
/// should be used instead.
#[deprecated(
note = "This method is unsound, and will be removed in a future version of rust-openssl. X509StoreRef::all_certificates should be used instead."
)]
#[corresponds(X509_STORE_get0_objects)]
pub fn objects(&self) -> &StackRef<X509Object> {
unsafe { StackRef::from_ptr(X509_STORE_get0_objects(self.as_ptr())) }
}
/// Returns a stack of all the certificates in this store.
#[corresponds(X509_STORE_get1_all_certs)]
#[cfg(ossl300)]
pub fn all_certificates(&self) -> Stack<X509> {
unsafe { Stack::from_ptr(ffi::X509_STORE_get1_all_certs(self.as_ptr())) }
}
}
cfg_if! {
+15
View File
@@ -1108,6 +1108,21 @@ fn ipv6_as_subject_alternative_name_is_formatted_in_debug() {
]);
}
#[test]
#[cfg(ossl300)]
fn test_store_all_certificates() {
let cert = include_bytes!("../../test/cert.pem");
let cert = X509::from_pem(cert).unwrap();
let store = {
let mut b = X509StoreBuilder::new().unwrap();
b.add_cert(cert).unwrap();
b.build()
};
assert_eq!(store.all_certificates().len(), 1);
}
#[cfg(ossl110)]
#[test]
fn other_name_as_subject_alternative_name() {