Skip to content

Commit 43c57d0

Browse files
committed
Change signature for set_select_certificate_callback
To handle lifetimes better and allow returning a &mut SslRef from the client hello struct passed to the closure from SslContextBuilder::set_select_certificate_callback, we make the ClientHello struct itself own a reference to the FFI client hello struct.
1 parent c1d690d commit 43c57d0

2 files changed

Lines changed: 14 additions & 10 deletions

File tree

boring/src/ssl/callbacks.rs

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -223,14 +223,13 @@ pub(super) unsafe extern "C" fn raw_select_cert<F>(
223223
client_hello: *const ffi::SSL_CLIENT_HELLO,
224224
) -> ffi::ssl_select_cert_result_t
225225
where
226-
F: Fn(&ClientHello) -> Result<(), SelectCertError> + Sync + Send + 'static,
226+
F: Fn(ClientHello<'_>) -> Result<(), SelectCertError> + Sync + Send + 'static,
227227
{
228228
// SAFETY: boring provides valid inputs.
229-
let client_hello = unsafe { &*(client_hello as *const ClientHello) };
229+
let client_hello = ClientHello(unsafe { &*client_hello });
230230

231-
let callback = client_hello
232-
.ssl()
233-
.ssl_context()
231+
let ssl_context = client_hello.ssl().ssl_context().to_owned();
232+
let callback = ssl_context
234233
.ex_data(SslContext::cached_ex_index::<F>())
235234
.expect("BUG: select cert callback missing");
236235

boring/src/ssl/mod.rs

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1361,6 +1361,7 @@ impl SslContextBuilder {
13611361
);
13621362
}
13631363
}
1364+
13641365
/// Sets a callback that is called before most ClientHello processing and before the decision whether
13651366
/// to resume a session is made. The callback may inspect the ClientHello and configure the
13661367
/// connection.
@@ -1370,7 +1371,7 @@ impl SslContextBuilder {
13701371
/// [`SSL_CTX_set_select_certificate_cb`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_select_certificate_cb.html
13711372
pub fn set_select_certificate_callback<F>(&mut self, callback: F)
13721373
where
1373-
F: Fn(&ClientHello) -> Result<(), SelectCertError> + Sync + Send + 'static,
1374+
F: Fn(ClientHello<'_>) -> Result<(), SelectCertError> + Sync + Send + 'static,
13741375
{
13751376
unsafe {
13761377
self.set_ex_data(SslContext::cached_ex_index::<F>(), callback);
@@ -1945,9 +1946,9 @@ pub struct CipherBits {
19451946
}
19461947

19471948
#[repr(transparent)]
1948-
pub struct ClientHello(ffi::SSL_CLIENT_HELLO);
1949+
pub struct ClientHello<'ssl>(&'ssl ffi::SSL_CLIENT_HELLO);
19491950

1950-
impl ClientHello {
1951+
impl ClientHello<'_> {
19511952
/// Returns the data of a given extension, if present.
19521953
///
19531954
/// This corresponds to [`SSL_early_callback_ctx_extension_get`].
@@ -1958,15 +1959,19 @@ impl ClientHello {
19581959
let mut ptr = ptr::null();
19591960
let mut len = 0;
19601961
let result =
1961-
ffi::SSL_early_callback_ctx_extension_get(&self.0, ext_type.0, &mut ptr, &mut len);
1962+
ffi::SSL_early_callback_ctx_extension_get(self.0, ext_type.0, &mut ptr, &mut len);
19621963
if result == 0 {
19631964
return None;
19641965
}
19651966
Some(slice::from_raw_parts(ptr, len))
19661967
}
19671968
}
19681969

1969-
fn ssl(&self) -> &SslRef {
1970+
pub fn ssl_mut(&mut self) -> &mut SslRef {
1971+
unsafe { SslRef::from_ptr_mut(self.0.ssl) }
1972+
}
1973+
1974+
pub fn ssl(&self) -> &SslRef {
19701975
unsafe { SslRef::from_ptr(self.0.ssl) }
19711976
}
19721977

0 commit comments

Comments
 (0)