From 879152dc5e097c338fc5f3957ce5a89630a74530 Mon Sep 17 00:00:00 2001 From: Your Name <1153793677@qq.com> Date: Sun, 4 Dec 2022 15:43:01 +0800 Subject: [PATCH 1/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9goto=E6=8E=A7=E5=88=B6?= =?UTF-8?q?=E6=B5=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rust/rust_project/src/vtls/bearssl.rs | 848 +++++++++++--------------- 1 file changed, 357 insertions(+), 491 deletions(-) diff --git a/rust/rust_project/src/vtls/bearssl.rs b/rust/rust_project/src/vtls/bearssl.rs index cf9a8f5..cb2368a 100644 --- a/rust/rust_project/src/vtls/bearssl.rs +++ b/rust/rust_project/src/vtls/bearssl.rs @@ -8,15 +8,15 @@ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR * PURPOSE. * See the Mulan PSL v2 for more details. - * Author: Drug, + * Author: Drug, * Create: 2022-10-31 * Description: support bearssl backend ******************************************************************************/ +use crate::src::vtls::vtls::*; use ::libc; use rust_ffi::src::ffi_alias::type_alias::*; use rust_ffi::src::ffi_fun::fun_call::*; use rust_ffi::src::ffi_struct::struct_define::*; -use crate::src::vtls::vtls::*; #[inline] unsafe extern "C" fn br_pem_decoder_name( @@ -27,9 +27,7 @@ unsafe extern "C" fn br_pem_decoder_name( #[inline] unsafe extern "C" fn br_pem_decoder_setdest( mut ctx: *mut br_pem_decoder_context, - mut dest: Option::< - unsafe extern "C" fn(*mut libc::c_void, *const libc::c_void, size_t) -> (), - >, + mut dest: Option ()>, mut dest_ctx: *mut libc::c_void, ) { let ref mut fresh0 = (*ctx).dest; @@ -38,9 +36,7 @@ unsafe extern "C" fn br_pem_decoder_setdest( *fresh1 = dest_ctx; } #[inline] -unsafe extern "C" fn br_ssl_engine_last_error( - mut cc: *const br_ssl_engine_context, -) -> libc::c_int { +unsafe extern "C" fn br_ssl_engine_last_error(mut cc: *const br_ssl_engine_context) -> libc::c_int { return (*cc).err; } #[inline] @@ -70,9 +66,9 @@ unsafe extern "C" fn br_x509_decoder_get_pkey( mut ctx: *mut br_x509_decoder_context, ) -> *mut br_x509_pkey { if (*ctx).decoded as libc::c_int != 0 && (*ctx).err == 0 as libc::c_int { - return &mut (*ctx).pkey + return &mut (*ctx).pkey; } else { - return 0 as *mut br_x509_pkey + return 0 as *mut br_x509_pkey; }; } #[inline] @@ -88,9 +84,7 @@ unsafe extern "C" fn br_x509_decoder_last_error( return 0 as libc::c_int; } #[inline] -unsafe extern "C" fn br_x509_decoder_isCA( - mut ctx: *mut br_x509_decoder_context, -) -> libc::c_int { +unsafe extern "C" fn br_x509_decoder_isCA(mut ctx: *mut br_x509_decoder_context) -> libc::c_int { return (*ctx).isCA as libc::c_int; } #[inline] @@ -126,13 +120,10 @@ unsafe extern "C" fn br_ssl_engine_get_selected_protocol( ) -> *const libc::c_char { let mut k: libc::c_uint = 0; k = (*ctx).selected_protocol as libc::c_uint; - return if k == 0 as libc::c_int as libc::c_uint - || k == 0xffff as libc::c_int as libc::c_uint - { + return if k == 0 as libc::c_int as libc::c_uint || k == 0xffff as libc::c_int as libc::c_uint { 0 as *const libc::c_char } else { - *((*ctx).protocol_names) - .offset(k.wrapping_sub(1 as libc::c_int as libc::c_uint) as isize) + *((*ctx).protocol_names).offset(k.wrapping_sub(1 as libc::c_int as libc::c_uint) as isize) }; } unsafe extern "C" fn append_dn( @@ -141,13 +132,11 @@ unsafe extern "C" fn append_dn( mut len: size_t, ) { let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; - if (*ca).err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint - || !(*ca).in_cert - { + if (*ca).err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint || !(*ca).in_cert { return; } - if (::std::mem::size_of::<[libc::c_uchar; 1024]>() as libc::c_ulong) - .wrapping_sub((*ca).dn_len) < len + if (::std::mem::size_of::<[libc::c_uchar; 1024]>() as libc::c_ulong).wrapping_sub((*ca).dn_len) + < len { (*ca).err = CURLE_FAILED_INIT; return; @@ -256,9 +245,7 @@ unsafe extern "C" fn load_cafile( return CURLE_SSL_CACERT_BADFILE; } } - if (*source).type_0 == 2 as libc::c_int - && (*source).len > 2147483647 as libc::c_int as size_t - { + if (*source).type_0 == 2 as libc::c_int && (*source).len > 2147483647 as libc::c_int as size_t { return CURLE_SSL_CACERT_BADFILE; } ca.err = CURLE_OK; @@ -269,215 +256,187 @@ unsafe extern "C" fn load_cafile( br_pem_decoder_setdest( &mut pc, Some( - x509_push - as unsafe extern "C" fn( - *mut libc::c_void, - *const libc::c_void, - size_t, - ) -> (), + x509_push as unsafe extern "C" fn(*mut libc::c_void, *const libc::c_void, size_t) -> (), ), &mut ca as *mut cafile_parser as *mut libc::c_void, ); - 's_106: loop { - if (*source).type_0 == 1 as libc::c_int { - n = fread( - buf.as_mut_ptr() as *mut libc::c_void, - 1 as libc::c_int as libc::c_ulong, - ::std::mem::size_of::<[libc::c_uchar; 8192]>() as libc::c_ulong, - fp, - ); - if n == 0 as libc::c_int as libc::c_ulong { - current_block = 8062065914618164218; - break; - } - p = buf.as_mut_ptr(); - } else if (*source).type_0 == 2 as libc::c_int { - n = (*source).len; - p = (*source).data as *mut libc::c_uchar; - } - while n != 0 { - pushed = br_pem_decoder_push(&mut pc, p as *const libc::c_void, n); - if ca.err as u64 != 0 { - current_block = 16641473711560579579; - break 's_106; + 'fail: loop { + loop { + if (*source).type_0 == 1 as libc::c_int { + n = fread( + buf.as_mut_ptr() as *mut libc::c_void, + 1 as libc::c_int as libc::c_ulong, + ::std::mem::size_of::<[libc::c_uchar; 8192]>() as libc::c_ulong, + fp, + ); + if n == 0 as libc::c_int as libc::c_ulong { + break; + } + p = buf.as_mut_ptr(); + } else if (*source).type_0 == 2 as libc::c_int { + n = (*source).len; + p = (*source).data as *mut libc::c_uchar; } - p = p.offset(pushed as isize); - n = (n as libc::c_ulong).wrapping_sub(pushed) as size_t as size_t; - match br_pem_decoder_event(&mut pc) { - 0 => {} - 1 => { - name = br_pem_decoder_name(&mut pc); - if strcmp(name, b"CERTIFICATE\0" as *const u8 as *const libc::c_char) - != 0 - && strcmp( - name, - b"X509 CERTIFICATE\0" as *const u8 as *const libc::c_char, - ) != 0 - { - continue; - } - br_x509_decoder_init( - &mut ca.xc, - Some( - append_dn - as unsafe extern "C" fn( - *mut libc::c_void, - *const libc::c_void, - size_t, - ) -> (), - ), - &mut ca as *mut cafile_parser as *mut libc::c_void, - ); - if ca.anchors_len - == (18446744073709551615 as libc::c_ulong) - .wrapping_div( - ::std::mem::size_of::() - as libc::c_ulong, - ) - { - ca.err = CURLE_OUT_OF_MEMORY; - current_block = 16641473711560579579; - break 's_106; - } else { - new_anchors_len = (ca.anchors_len) - .wrapping_add(1 as libc::c_int as libc::c_ulong); - new_anchors = Curl_crealloc - .expect( - "non-null function pointer", - )( - ca.anchors as *mut libc::c_void, - new_anchors_len - .wrapping_mul( - ::std::mem::size_of::() - as libc::c_ulong, + while n != 0 { + pushed = br_pem_decoder_push(&mut pc, p as *const libc::c_void, n); + if ca.err as u64 != 0 { + break 'fail; + } + p = p.offset(pushed as isize); + n = (n as libc::c_ulong).wrapping_sub(pushed) as size_t as size_t; + match br_pem_decoder_event(&mut pc) { + 0 => {} + 1 => { + name = br_pem_decoder_name(&mut pc); + if !(strcmp(name, b"CERTIFICATE\0" as *const u8 as *const libc::c_char) + != 0 + && strcmp( + name, + b"X509 CERTIFICATE\0" as *const u8 as *const libc::c_char, + ) != 0) + { + br_x509_decoder_init( + &mut ca.xc, + Some( + append_dn + as unsafe extern "C" fn( + *mut libc::c_void, + *const libc::c_void, + size_t, + ) + -> (), ), - ) as *mut br_x509_trust_anchor; - if new_anchors.is_null() { - ca.err = CURLE_OUT_OF_MEMORY; - current_block = 16641473711560579579; - break 's_106; - } else { + &mut ca as *mut cafile_parser as *mut libc::c_void, + ); + if ca.anchors_len + == (18446744073709551615 as libc::c_ulong) + .wrapping_div(::std::mem::size_of::() + as libc::c_ulong) + { + ca.err = CURLE_OUT_OF_MEMORY; + break 'fail; + } + new_anchors_len = + (ca.anchors_len).wrapping_add(1 as libc::c_int as libc::c_ulong); + new_anchors = Curl_crealloc.expect("non-null function pointer")( + ca.anchors as *mut libc::c_void, + new_anchors_len + .wrapping_mul(::std::mem::size_of::() + as libc::c_ulong), + ) + as *mut br_x509_trust_anchor; + if new_anchors.is_null() { + ca.err = CURLE_OUT_OF_MEMORY; + break 'fail; + } ca.anchors = new_anchors; ca.anchors_len = new_anchors_len; ca.in_cert = 1 as libc::c_int != 0; ca.dn_len = 0 as libc::c_int as size_t; - ta = &mut *(ca.anchors) - .offset( - (ca.anchors_len) - .wrapping_sub(1 as libc::c_int as libc::c_ulong) as isize, - ) as *mut br_x509_trust_anchor; + ta = &mut *(ca.anchors).offset( + (ca.anchors_len).wrapping_sub(1 as libc::c_int as libc::c_ulong) + as isize, + ) as *mut br_x509_trust_anchor; let ref mut fresh5 = (*ta).dn.data; *fresh5 = 0 as *mut libc::c_uchar; } } - } - 2 => { - if !ca.in_cert { - continue; - } - ca.in_cert = 0 as libc::c_int != 0; - if br_x509_decoder_last_error(&mut ca.xc) != 0 { - ca.err = CURLE_SSL_CACERT_BADFILE; - current_block = 16641473711560579579; - break 's_106; - } else { - (*ta).flags = 0 as libc::c_int as libc::c_uint; - if br_x509_decoder_isCA(&mut ca.xc) != 0 { - (*ta).flags |= 0x1 as libc::c_int as libc::c_uint; - } - pkey = br_x509_decoder_get_pkey(&mut ca.xc); - if pkey.is_null() { - ca.err = CURLE_SSL_CACERT_BADFILE; - current_block = 16641473711560579579; - break 's_106; - } else { + 2 => { + if ca.in_cert { + ca.in_cert = 0 as libc::c_int != 0; + if br_x509_decoder_last_error(&mut ca.xc) != 0 { + ca.err = CURLE_SSL_CACERT_BADFILE; + break 'fail; + } + (*ta).flags = 0 as libc::c_int as libc::c_uint; + if br_x509_decoder_isCA(&mut ca.xc) != 0 { + (*ta).flags |= 0x1 as libc::c_int as libc::c_uint; + } + pkey = br_x509_decoder_get_pkey(&mut ca.xc); + if pkey.is_null() { + ca.err = CURLE_SSL_CACERT_BADFILE; + break 'fail; + } (*ta).pkey = *pkey; ta_size = ca.dn_len; match (*pkey).key_type as libc::c_int { 1 => { - ta_size = (ta_size as libc::c_ulong) - .wrapping_add( - ((*pkey).key.rsa.nlen).wrapping_add((*pkey).key.rsa.elen), - ) as size_t as size_t; + ta_size = (ta_size as libc::c_ulong).wrapping_add( + ((*pkey).key.rsa.nlen).wrapping_add((*pkey).key.rsa.elen), + ) as size_t + as size_t; } 2 => { ta_size = (ta_size as libc::c_ulong) - .wrapping_add((*pkey).key.ec.qlen) as size_t as size_t; + .wrapping_add((*pkey).key.ec.qlen) + as size_t + as size_t; } _ => { ca.err = CURLE_FAILED_INIT; - current_block = 16641473711560579579; - break 's_106; + break 'fail; } } let ref mut fresh6 = (*ta).dn.data; - *fresh6 = Curl_cmalloc - .expect("non-null function pointer")(ta_size) + *fresh6 = Curl_cmalloc.expect("non-null function pointer")(ta_size) as *mut libc::c_uchar; if ((*ta).dn.data).is_null() { ca.err = CURLE_OUT_OF_MEMORY; - current_block = 16641473711560579579; - break 's_106; - } else { - memcpy( - (*ta).dn.data as *mut libc::c_void, - (ca.dn).as_mut_ptr() as *const libc::c_void, - ca.dn_len, - ); - (*ta).dn.len = ca.dn_len; - match (*pkey).key_type as libc::c_int { - 1 => { - let ref mut fresh7 = (*ta).pkey.key.rsa.n; - *fresh7 = ((*ta).dn.data).offset((*ta).dn.len as isize); - memcpy( - (*ta).pkey.key.rsa.n as *mut libc::c_void, - (*pkey).key.rsa.n as *const libc::c_void, - (*pkey).key.rsa.nlen, - ); - let ref mut fresh8 = (*ta).pkey.key.rsa.e; - *fresh8 = ((*ta).pkey.key.rsa.n) - .offset((*ta).pkey.key.rsa.nlen as isize); - memcpy( - (*ta).pkey.key.rsa.e as *mut libc::c_void, - (*pkey).key.rsa.e as *const libc::c_void, - (*pkey).key.rsa.elen, - ); - } - 2 => { - let ref mut fresh9 = (*ta).pkey.key.ec.q; - *fresh9 = ((*ta).dn.data).offset((*ta).dn.len as isize); - memcpy( - (*ta).pkey.key.ec.q as *mut libc::c_void, - (*pkey).key.ec.q as *const libc::c_void, - (*pkey).key.ec.qlen, - ); - } - _ => {} + break 'fail; + } + memcpy( + (*ta).dn.data as *mut libc::c_void, + (ca.dn).as_mut_ptr() as *const libc::c_void, + ca.dn_len, + ); + (*ta).dn.len = ca.dn_len; + match (*pkey).key_type as libc::c_int { + 1 => { + let ref mut fresh7 = (*ta).pkey.key.rsa.n; + *fresh7 = ((*ta).dn.data).offset((*ta).dn.len as isize); + memcpy( + (*ta).pkey.key.rsa.n as *mut libc::c_void, + (*pkey).key.rsa.n as *const libc::c_void, + (*pkey).key.rsa.nlen, + ); + let ref mut fresh8 = (*ta).pkey.key.rsa.e; + *fresh8 = ((*ta).pkey.key.rsa.n) + .offset((*ta).pkey.key.rsa.nlen as isize); + memcpy( + (*ta).pkey.key.rsa.e as *mut libc::c_void, + (*pkey).key.rsa.e as *const libc::c_void, + (*pkey).key.rsa.elen, + ); + } + 2 => { + let ref mut fresh9 = (*ta).pkey.key.ec.q; + *fresh9 = ((*ta).dn.data).offset((*ta).dn.len as isize); + memcpy( + (*ta).pkey.key.ec.q as *mut libc::c_void, + (*pkey).key.ec.q as *const libc::c_void, + (*pkey).key.ec.qlen, + ); } + _ => {} } } } - } - _ => { - ca.err = CURLE_SSL_CACERT_BADFILE; - current_block = 16641473711560579579; - break 's_106; + _ => { + ca.err = CURLE_SSL_CACERT_BADFILE; + break 'fail; + } } } - } - if !((*source).type_0 != 2 as libc::c_int) { - current_block = 8062065914618164218; - break; - } - } - match current_block { - 8062065914618164218 => { - if !fp.is_null() && ferror(fp) != 0 { - ca.err = CURLE_READ_ERROR; + if !((*source).type_0 != 2 as libc::c_int) { + break; } } - _ => {} + if !fp.is_null() && ferror(fp) != 0 { + ca.err = CURLE_READ_ERROR; + } + break 'fail; } + if !fp.is_null() { fclose(fp); } @@ -487,10 +446,9 @@ unsafe extern "C" fn load_cafile( } else { i = 0 as libc::c_int as size_t; while i < ca.anchors_len { - Curl_cfree - .expect( - "non-null function pointer", - )((*(ca.anchors).offset(i as isize)).dn.data as *mut libc::c_void); + Curl_cfree.expect("non-null function pointer")( + (*(ca.anchors).offset(i as isize)).dn.data as *mut libc::c_void, + ); i = i.wrapping_add(1); } Curl_cfree.expect("non-null function pointer")(ca.anchors as *mut libc::c_void); @@ -505,16 +463,17 @@ unsafe extern "C" fn x509_start_chain( if !(*x509).verifyhost { server_name = 0 as *const libc::c_char; } - ((*(*x509).minimal.vtable).start_chain) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable, server_name); + ((*(*x509).minimal.vtable).start_chain).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + server_name, + ); } -unsafe extern "C" fn x509_start_cert( - mut ctx: *mut *const br_x509_class, - mut length: uint32_t, -) { +unsafe extern "C" fn x509_start_cert(mut ctx: *mut *const br_x509_class, mut length: uint32_t) { let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).start_cert) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable, length); + ((*(*x509).minimal.vtable).start_cert).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + length, + ); } unsafe extern "C" fn x509_append( mut ctx: *mut *const br_x509_class, @@ -522,19 +481,24 @@ unsafe extern "C" fn x509_append( mut len: size_t, ) { let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).append) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable, buf, len); + ((*(*x509).minimal.vtable).append).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + buf, + len, + ); } unsafe extern "C" fn x509_end_cert(mut ctx: *mut *const br_x509_class) { let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).end_cert) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable); + ((*(*x509).minimal.vtable).end_cert).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + ); } unsafe extern "C" fn x509_end_chain(mut ctx: *mut *const br_x509_class) -> libc::c_uint { let mut x509: *mut x509_context = ctx as *mut x509_context; let mut err: libc::c_uint = 0; - err = ((*(*x509).minimal.vtable).end_chain) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable); + err = ((*(*x509).minimal.vtable).end_chain).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + ); if err != 0 && !(*x509).verifypeer { err = 0 as libc::c_int as libc::c_uint; } @@ -545,8 +509,10 @@ unsafe extern "C" fn x509_get_pkey( mut usages: *mut libc::c_uint, ) -> *const br_x509_pkey { let mut x509: *mut x509_context = ctx as *mut x509_context; - return ((*(*x509).minimal.vtable).get_pkey) - .expect("non-null function pointer")(&mut (*x509).minimal.vtable, usages); + return ((*(*x509).minimal.vtable).get_pkey).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + usages, + ); } static mut x509_vtable: br_x509_class = unsafe { @@ -555,14 +521,10 @@ static mut x509_vtable: br_x509_class = unsafe { context_size: ::std::mem::size_of::() as libc::c_ulong, start_chain: Some( x509_start_chain - as unsafe extern "C" fn( - *mut *const br_x509_class, - *const libc::c_char, - ) -> (), + as unsafe extern "C" fn(*mut *const br_x509_class, *const libc::c_char) -> (), ), start_cert: Some( - x509_start_cert - as unsafe extern "C" fn(*mut *const br_x509_class, uint32_t) -> (), + x509_start_cert as unsafe extern "C" fn(*mut *const br_x509_class, uint32_t) -> (), ), append: Some( x509_append @@ -572,12 +534,9 @@ static mut x509_vtable: br_x509_class = unsafe { size_t, ) -> (), ), - end_cert: Some( - x509_end_cert as unsafe extern "C" fn(*mut *const br_x509_class) -> (), - ), + end_cert: Some(x509_end_cert as unsafe extern "C" fn(*mut *const br_x509_class) -> ()), end_chain: Some( - x509_end_chain - as unsafe extern "C" fn(*mut *const br_x509_class) -> libc::c_uint, + x509_end_chain as unsafe extern "C" fn(*mut *const br_x509_class) -> libc::c_uint, ), get_pkey: Some( x509_get_pkey @@ -595,23 +554,20 @@ unsafe extern "C" fn bearssl_connect_step1( mut conn: *mut connectdata, mut sockindex: libc::c_int, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; #[cfg(not(CURL_DISABLE_PROXY))] - let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as libc::c_int - as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) + let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) { 0 as libc::c_int } else { 1 as libc::c_int }) as usize] - .state as libc::c_uint + .state as libc::c_uint { (*conn).proxy_ssl_config.ca_info_blob } else { @@ -623,17 +579,15 @@ unsafe extern "C" fn bearssl_connect_step1( let ssl_cafile: *const libc::c_char = if !ca_info_blob.is_null() { 0 as *mut libc::c_char } else if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) { 0 as libc::c_int } else { 1 as libc::c_int }) as usize] - .state as libc::c_uint + .state as libc::c_uint { (*conn).proxy_ssl_config.CAfile } else { @@ -642,18 +596,16 @@ unsafe extern "C" fn bearssl_connect_step1( #[cfg(CURL_DISABLE_PROXY)] let ssl_cafile: *const libc::c_char = (*conn).ssl_config.CAfile; #[cfg(not(CURL_DISABLE_PROXY))] - let mut hostname: *const libc::c_char = if CURLPROXY_HTTPS as libc::c_int - as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) + let mut hostname: *const libc::c_char = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) { 0 as libc::c_int } else { 1 as libc::c_int }) as usize] - .state as libc::c_uint + .state as libc::c_uint { (*conn).http_proxy.host.name } else { @@ -663,17 +615,15 @@ unsafe extern "C" fn bearssl_connect_step1( let mut hostname: *const libc::c_char = (*conn).host.name; #[cfg(not(CURL_DISABLE_PROXY))] let verifypeer: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) { 0 as libc::c_int } else { 1 as libc::c_int }) as usize] - .state as libc::c_uint + .state as libc::c_uint { ((*conn).proxy_ssl_config).verifypeer() as libc::c_int } else { @@ -683,17 +633,15 @@ unsafe extern "C" fn bearssl_connect_step1( let verifypeer: bool = ((*conn).ssl_config).verifypeer() as libc::c_int != 0; #[cfg(not(CURL_DISABLE_PROXY))] let verifyhost: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) { 0 as libc::c_int } else { 1 as libc::c_int }) as usize] - .state as libc::c_uint + .state as libc::c_uint { ((*conn).proxy_ssl_config).verifyhost() as libc::c_int } else { @@ -712,29 +660,26 @@ unsafe extern "C" fn bearssl_connect_step1( }; #[cfg(not(ENABLE_IPV6))] let mut addr: in_addr = in_addr { s_addr: 0 }; - + #[cfg(not(CURL_DISABLE_PROXY))] let flag6: libc::c_long = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint - { - (*conn).proxy_ssl_config.version - } else { - (*conn).ssl_config.version - }; + { + (*conn).proxy_ssl_config.version + } else { + (*conn).ssl_config.version + }; #[cfg(CURL_DISABLE_PROXY)] let flag6: libc::c_long = (*conn).ssl_config.version; - match flag6 - { + match flag6 { 2 => { Curl_failf( data, @@ -768,8 +713,7 @@ unsafe extern "C" fn bearssl_connect_step1( _ => { Curl_failf( data, - b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 - as *const libc::c_char, + b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 as *const libc::c_char, ); return CURLE_SSL_CONNECT_ERROR; } @@ -792,8 +736,7 @@ unsafe extern "C" fn bearssl_connect_step1( if verifypeer { Curl_failf( data, - b"error importing CA certificate blob\0" as *const u8 - as *const libc::c_char, + b"error importing CA certificate blob\0" as *const u8 as *const libc::c_char, ); return ret; } @@ -822,16 +765,16 @@ unsafe extern "C" fn bearssl_connect_step1( if verifypeer { Curl_failf( data, - b"error setting certificate verify locations. CAfile: %s\0" - as *const u8 as *const libc::c_char, + b"error setting certificate verify locations. CAfile: %s\0" as *const u8 + as *const libc::c_char, ssl_cafile, ); return ret; } Curl_infof( data, - b"error setting certificate verify locations, continuing anyway:\0" - as *const u8 as *const libc::c_char, + b"error setting certificate verify locations, continuing anyway:\0" as *const u8 + as *const libc::c_char, ); } } @@ -857,46 +800,41 @@ unsafe extern "C" fn bearssl_connect_step1( let flag7: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint - { - ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int - } else { - ((*data).set.ssl.primary).sessionid() as libc::c_int - } != 0; + { + ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int + } else { + ((*data).set.ssl.primary).sessionid() as libc::c_int + } != 0; #[cfg(CURL_DISABLE_PROXY)] let flag7: bool = ((*data).set.ssl.primary).sessionid() as libc::c_int != 0; - if flag7 - { + if flag7 { let mut session: *mut libc::c_void = 0 as *mut libc::c_void; Curl_ssl_sessionid_lock(data); #[cfg(not(CURL_DISABLE_PROXY))] let flag8: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] + == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint; #[cfg(CURL_DISABLE_PROXY)] let flag8: bool = false; if !Curl_ssl_getsessionid( data, conn, - if flag8 - { + if flag8 { 1 as libc::c_int } else { 0 as libc::c_int @@ -923,17 +861,17 @@ unsafe extern "C" fn bearssl_connect_step1( _ => { #[cfg(not(CURL_DISABLE_PROXY))] let CURL_DISABLE_PROXY_flag = (!(CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint) || ((*conn).bits).tunnel_proxy() == 0); + == (*conn).http_proxy.proxytype as libc::c_uint + && ssl_connection_complete as libc::c_int as libc::c_uint + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] + == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] + .state as libc::c_uint) + || ((*conn).bits).tunnel_proxy() == 0); #[cfg(CURL_DISABLE_PROXY)] let CURL_DISABLE_PROXY_flag = true; if (*data).state.httpwant as libc::c_int >= CURL_HTTP_VERSION_2_0 as libc::c_int @@ -951,7 +889,7 @@ unsafe extern "C" fn bearssl_connect_step1( } } #[cfg(not(USE_HTTP2))] - _ => { } + _ => {} } let fresh13 = cur; cur = cur + 1; @@ -988,13 +926,12 @@ unsafe extern "C" fn bearssl_connect_step1( hostname, &mut addr as *mut in_addr as *mut libc::c_void, ); - if ENABLE_IPV6_flag - { + if ENABLE_IPV6_flag { if verifyhost { Curl_failf( data, - b"BearSSL: host verification of IP address is not supported\0" - as *const u8 as *const libc::c_char, + b"BearSSL: host verification of IP address is not supported\0" as *const u8 + as *const libc::c_char, ); return CURLE_PEER_FAILED_VERIFICATION; } @@ -1014,9 +951,8 @@ unsafe extern "C" fn bearssl_run_until( mut sockindex: libc::c_int, mut target: libc::c_uint, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; let mut state: libc::c_uint = 0; @@ -1104,8 +1040,7 @@ unsafe extern "C" fn bearssl_run_until( if ret == 0 as libc::c_int as libc::c_long { Curl_failf( data, - b"SSL: EOF without close notify\0" as *const u8 - as *const libc::c_char, + b"SSL: EOF without close notify\0" as *const u8 as *const libc::c_char, ); return CURLE_READ_ERROR; } @@ -1124,7 +1059,7 @@ unsafe extern "C" fn bearssl_run_until( } br_ssl_engine_recvrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); } - }; + } } unsafe extern "C" fn bearssl_connect_step2( @@ -1132,9 +1067,8 @@ unsafe extern "C" fn bearssl_connect_step2( mut conn: *mut connectdata, mut sockindex: libc::c_int, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut ret: CURLcode = CURLE_OK; ret = bearssl_run_until( @@ -1152,8 +1086,7 @@ unsafe extern "C" fn bearssl_connect_step2( { Curl_failf( data, - b"SSL: connection closed during handshake\0" as *const u8 - as *const libc::c_char, + b"SSL: connection closed during handshake\0" as *const u8 as *const libc::c_char, ); return CURLE_SSL_CONNECT_ERROR; } @@ -1167,9 +1100,8 @@ unsafe extern "C" fn bearssl_connect_step3( mut conn: *mut connectdata, mut sockindex: libc::c_int, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut ret: CURLcode = CURLE_OK; if ((*conn).bits).tls_enable_alpn() != 0 { @@ -1192,17 +1124,14 @@ unsafe extern "C" fn bearssl_connect_step3( (*conn).negnpn = CURL_HTTP_VERSION_2_0 as libc::c_int; } #[cfg(not(USE_HTTP2))] - _ => { } + _ => {} } - } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const libc::c_char) - == 0 - { + } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const libc::c_char) == 0 { (*conn).negnpn = CURL_HTTP_VERSION_1_1 as libc::c_int; } else { Curl_infof( data, - b"ALPN, unrecognized protocol %s\0" as *const u8 - as *const libc::c_char, + b"ALPN, unrecognized protocol %s\0" as *const u8 as *const libc::c_char, protocol, ); } @@ -1217,8 +1146,7 @@ unsafe extern "C" fn bearssl_connect_step3( } else { Curl_infof( data, - b"ALPN, server did not agree to a protocol\0" as *const u8 - as *const libc::c_char, + b"ALPN, server did not agree to a protocol\0" as *const u8 as *const libc::c_char, ); } } @@ -1226,33 +1154,27 @@ unsafe extern "C" fn bearssl_connect_step3( let flag1: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint - { - ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int - } else { - ((*data).set.ssl.primary).sessionid() as libc::c_int - } != 0; + { + ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int + } else { + ((*data).set.ssl.primary).sessionid() as libc::c_int + } != 0; #[cfg(CURL_DISABLE_PROXY)] let flag1: bool = ((*data).set.ssl.primary).sessionid() as libc::c_int != 0; - if flag1 - { + if flag1 { let mut incache: bool = false; let mut oldsession: *mut libc::c_void = 0 as *mut libc::c_void; - let mut session: *mut br_ssl_session_parameters = 0 - as *mut br_ssl_session_parameters; - session = Curl_cmalloc - .expect( - "non-null function pointer", - )(::std::mem::size_of::() as libc::c_ulong) - as *mut br_ssl_session_parameters; + let mut session: *mut br_ssl_session_parameters = 0 as *mut br_ssl_session_parameters; + session = Curl_cmalloc.expect("non-null function pointer")(::std::mem::size_of::< + br_ssl_session_parameters, + >() as libc::c_ulong) as *mut br_ssl_session_parameters; if session.is_null() { return CURLE_OUT_OF_MEMORY; } @@ -1262,22 +1184,20 @@ unsafe extern "C" fn bearssl_connect_step3( let flag1: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] + == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint; #[cfg(CURL_DISABLE_PROXY)] let flag1: bool = false; incache = !Curl_ssl_getsessionid( data, conn, - if flag1 - { + if flag1 { 1 as libc::c_int } else { 0 as libc::c_int @@ -1293,22 +1213,20 @@ unsafe extern "C" fn bearssl_connect_step3( let flag2: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint == (*conn).http_proxy.proxytype as libc::c_uint && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] + != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] + == -(1 as libc::c_int) + { + 0 as libc::c_int + } else { + 1 as libc::c_int + }) as usize] .state as libc::c_uint; #[cfg(CURL_DISABLE_PROXY)] let flag2: bool = false; ret = Curl_ssl_addsessionid( data, conn, - if flag2 - { + if flag2 { 1 as libc::c_int } else { 0 as libc::c_int @@ -1335,19 +1253,13 @@ unsafe extern "C" fn bearssl_send( mut err: *mut CURLcode, ) -> ssize_t { let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut app: *mut libc::c_uchar = 0 as *mut libc::c_uchar; let mut applen: size_t = 0; loop { - *err = bearssl_run_until( - data, - conn, - sockindex, - 0x8 as libc::c_int as libc::c_uint, - ); + *err = bearssl_run_until(data, conn, sockindex, 0x8 as libc::c_int as libc::c_uint); if *err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint { return -(1 as libc::c_int) as ssize_t; } @@ -1355,8 +1267,7 @@ unsafe extern "C" fn bearssl_send( if app.is_null() { Curl_failf( data, - b"SSL: connection closed during write\0" as *const u8 - as *const libc::c_char, + b"SSL: connection closed during write\0" as *const u8 as *const libc::c_char, ); *err = CURLE_SEND_ERROR; return -(1 as libc::c_int) as ssize_t; @@ -1373,7 +1284,7 @@ unsafe extern "C" fn bearssl_send( br_ssl_engine_sendapp_ack(&mut (*backend).bear_ctx.eng, applen); br_ssl_engine_flush(&mut (*backend).bear_ctx.eng, 0 as libc::c_int); (*backend).pending_write = applen; - }; + } } unsafe extern "C" fn bearssl_recv( @@ -1384,9 +1295,8 @@ unsafe extern "C" fn bearssl_recv( mut err: *mut CURLcode, ) -> ssize_t { let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut app: *mut libc::c_uchar = 0 as *mut libc::c_uchar; let mut applen: size_t = 0; @@ -1414,21 +1324,16 @@ unsafe extern "C" fn bearssl_connect_common( mut done: *mut bool, ) -> CURLcode { let mut ret: CURLcode = CURLE_OK; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; let mut timeout_ms: timediff_t = 0; let mut what: libc::c_int = 0; - if ssl_connection_complete as libc::c_int as libc::c_uint - == (*connssl).state as libc::c_uint - { + if ssl_connection_complete as libc::c_int as libc::c_uint == (*connssl).state as libc::c_uint { *done = 1 as libc::c_int != 0; return CURLE_OK; } - if ssl_connect_1 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { + if ssl_connect_1 as libc::c_int as libc::c_uint == (*connssl).connecting_state as libc::c_uint { ret = bearssl_connect_step1(data, conn, sockindex); if ret as u64 != 0 { return ret; @@ -1454,15 +1359,15 @@ unsafe extern "C" fn bearssl_connect_common( || ssl_connect_2_writing as libc::c_int as libc::c_uint == (*connssl).connecting_state as libc::c_uint { - let mut writefd: curl_socket_t = if ssl_connect_2_writing as libc::c_int - as libc::c_uint == (*connssl).connecting_state as libc::c_uint + let mut writefd: curl_socket_t = if ssl_connect_2_writing as libc::c_int as libc::c_uint + == (*connssl).connecting_state as libc::c_uint { sockfd } else { -(1 as libc::c_int) }; - let mut readfd: curl_socket_t = if ssl_connect_2_reading as libc::c_int - as libc::c_uint == (*connssl).connecting_state as libc::c_uint + let mut readfd: curl_socket_t = if ssl_connect_2_reading as libc::c_int as libc::c_uint + == (*connssl).connecting_state as libc::c_uint { sockfd } else { @@ -1481,8 +1386,7 @@ unsafe extern "C" fn bearssl_connect_common( if what < 0 as libc::c_int { Curl_failf( data, - b"select/poll on SSL socket, errno: %d\0" as *const u8 - as *const libc::c_char, + b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const libc::c_char, *__errno_location(), ); return CURLE_SSL_CONNECT_ERROR; @@ -1494,8 +1398,7 @@ unsafe extern "C" fn bearssl_connect_common( } else { Curl_failf( data, - b"SSL connection timeout\0" as *const u8 - as *const libc::c_char, + b"SSL connection timeout\0" as *const u8 as *const libc::c_char, ); return CURLE_OPERATION_TIMEDOUT; } @@ -1515,9 +1418,7 @@ unsafe extern "C" fn bearssl_connect_common( return ret; } } - if ssl_connect_3 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { + if ssl_connect_3 as libc::c_int as libc::c_uint == (*connssl).connecting_state as libc::c_uint { ret = bearssl_connect_step3(data, conn, sockindex); if ret as u64 != 0 { return ret; @@ -1557,24 +1458,24 @@ unsafe extern "C" fn bearssl_connect_common( return CURLE_OK; } -unsafe extern "C" fn bearssl_version( - mut buffer: *mut libc::c_char, - mut size: size_t, -) -> size_t { - return curl_msnprintf(buffer, size, b"BearSSL\0" as *const u8 as *const libc::c_char) - as size_t; +unsafe extern "C" fn bearssl_version(mut buffer: *mut libc::c_char, mut size: size_t) -> size_t { + return curl_msnprintf( + buffer, + size, + b"BearSSL\0" as *const u8 as *const libc::c_char, + ) as size_t; } unsafe extern "C" fn bearssl_data_pending( mut conn: *const connectdata, mut connindex: libc::c_int, ) -> bool { - let mut connssl: *const ssl_connect_data = &*((*conn).ssl) - .as_ptr() - .offset(connindex as isize) as *const ssl_connect_data; + let mut connssl: *const ssl_connect_data = + &*((*conn).ssl).as_ptr().offset(connindex as isize) as *const ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; return br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) - & 0x10 as libc::c_int as libc::c_uint != 0; + & 0x10 as libc::c_int as libc::c_uint + != 0; } unsafe extern "C" fn bearssl_random( @@ -1598,9 +1499,7 @@ unsafe extern "C" fn bearssl_random( 0 as libc::c_int as size_t, ); seeder = br_prng_seeder_system(0 as *mut *const libc::c_char); - if seeder.is_none() - || seeder.expect("non-null function pointer")(&mut ctx.vtable) == 0 - { + if seeder.is_none() || seeder.expect("non-null function pointer")(&mut ctx.vtable) == 0 { return CURLE_FAILED_INIT; } seeded = 1 as libc::c_int != 0; @@ -1616,13 +1515,7 @@ unsafe extern "C" fn bearssl_connect( ) -> CURLcode { let mut ret: CURLcode = CURLE_OK; let mut done: bool = 0 as libc::c_int != 0; - ret = bearssl_connect_common( - data, - conn, - sockindex, - 0 as libc::c_int != 0, - &mut done, - ); + ret = bearssl_connect_common(data, conn, sockindex, 0 as libc::c_int != 0, &mut done); if ret as u64 != 0 { return ret; } @@ -1651,9 +1544,8 @@ unsafe extern "C" fn bearssl_close( mut conn: *mut connectdata, mut sockindex: libc::c_int, ) { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut i: size_t = 0; if (*backend).active { @@ -1662,14 +1554,12 @@ unsafe extern "C" fn bearssl_close( } i = 0 as libc::c_int as size_t; while i < (*backend).anchors_len { - Curl_cfree - .expect( - "non-null function pointer", - )((*((*backend).anchors).offset(i as isize)).dn.data as *mut libc::c_void); + Curl_cfree.expect("non-null function pointer")( + (*((*backend).anchors).offset(i as isize)).dn.data as *mut libc::c_void, + ); i = i.wrapping_add(1); } - Curl_cfree - .expect("non-null function pointer")((*backend).anchors as *mut libc::c_void); + Curl_cfree.expect("non-null function pointer")((*backend).anchors as *mut libc::c_void); } unsafe extern "C" fn bearssl_session_free(mut ptr: *mut libc::c_void) { @@ -1706,17 +1596,14 @@ pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { init }, supports: ((1 as libc::c_int) << 6 as libc::c_int) as libc::c_uint, - sizeof_ssl_backend_data: ::std::mem::size_of::() - as libc::c_ulong, + sizeof_ssl_backend_data: ::std::mem::size_of::() as libc::c_ulong, init: Some(Curl_none_init as unsafe extern "C" fn() -> libc::c_int), cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), version: Some( - bearssl_version - as unsafe extern "C" fn(*mut libc::c_char, size_t) -> size_t, + bearssl_version as unsafe extern "C" fn(*mut libc::c_char, size_t) -> size_t, ), check_cxn: Some( - Curl_none_check_cxn - as unsafe extern "C" fn(*mut connectdata) -> libc::c_int, + Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> libc::c_int, ), shut_down: Some( Curl_none_shutdown @@ -1732,11 +1619,7 @@ pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { ), random: Some( bearssl_random - as unsafe extern "C" fn( - *mut Curl_easy, - *mut libc::c_uchar, - size_t, - ) -> CURLcode, + as unsafe extern "C" fn(*mut Curl_easy, *mut libc::c_uchar, size_t) -> CURLcode, ), cert_status_request: Some( Curl_none_cert_status_request as unsafe extern "C" fn() -> bool, @@ -1760,46 +1643,29 @@ pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { ), getsock: Some( Curl_ssl_getsock - as unsafe extern "C" fn( - *mut connectdata, - *mut curl_socket_t, - ) -> libc::c_int, + as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> libc::c_int, ), get_internals: Some( bearssl_get_internals - as unsafe extern "C" fn( - *mut ssl_connect_data, - CURLINFO, - ) -> *mut libc::c_void, + as unsafe extern "C" fn(*mut ssl_connect_data, CURLINFO) -> *mut libc::c_void, ), close_one: Some( bearssl_close - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> (), - ), - close_all: Some( - Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> (), + as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, libc::c_int) -> (), ), + close_all: Some(Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> ()), session_free: Some( bearssl_session_free as unsafe extern "C" fn(*mut libc::c_void) -> (), ), set_engine: Some( Curl_none_set_engine - as unsafe extern "C" fn( - *mut Curl_easy, - *const libc::c_char, - ) -> CURLcode, + as unsafe extern "C" fn(*mut Curl_easy, *const libc::c_char) -> CURLcode, ), set_engine_default: Some( - Curl_none_set_engine_default - as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, + Curl_none_set_engine_default as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, ), engines_list: Some( - Curl_none_engines_list - as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, + Curl_none_engines_list as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, ), false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), sha256sum: Some( -- Gitee From 5a3a67ed80098a7106d67f51768d4c4d9ccfd212 Mon Sep 17 00:00:00 2001 From: Your Name <1153793677@qq.com> Date: Sun, 4 Dec 2022 16:09:52 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=E4=BC=98=E5=8C=96libc=E7=B1=BB=E5=9E=8B?= =?UTF-8?q?=EF=BC=8C=E5=88=A0=E9=99=A4fresh=E5=8F=98=E9=87=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rust/rust_project/src/vtls/bearssl.rs | 891 +++++++++++--------------- 1 file changed, 379 insertions(+), 512 deletions(-) diff --git a/rust/rust_project/src/vtls/bearssl.rs b/rust/rust_project/src/vtls/bearssl.rs index cb2368a..03dd4b9 100644 --- a/rust/rust_project/src/vtls/bearssl.rs +++ b/rust/rust_project/src/vtls/bearssl.rs @@ -13,15 +13,13 @@ * Description: support bearssl backend ******************************************************************************/ use crate::src::vtls::vtls::*; -use ::libc; +use libc; use rust_ffi::src::ffi_alias::type_alias::*; use rust_ffi::src::ffi_fun::fun_call::*; use rust_ffi::src::ffi_struct::struct_define::*; #[inline] -unsafe extern "C" fn br_pem_decoder_name( - mut ctx: *mut br_pem_decoder_context, -) -> *const libc::c_char { +unsafe extern "C" fn br_pem_decoder_name(mut ctx: *mut br_pem_decoder_context) -> *const i8 { return ((*ctx).name).as_mut_ptr(); } #[inline] @@ -30,13 +28,11 @@ unsafe extern "C" fn br_pem_decoder_setdest( mut dest: Option ()>, mut dest_ctx: *mut libc::c_void, ) { - let ref mut fresh0 = (*ctx).dest; - *fresh0 = dest; - let ref mut fresh1 = (*ctx).dest_ctx; - *fresh1 = dest_ctx; + (*ctx).dest = dest; + (*ctx).dest_ctx = dest_ctx; } #[inline] -unsafe extern "C" fn br_ssl_engine_last_error(mut cc: *const br_ssl_engine_context) -> libc::c_int { +unsafe extern "C" fn br_ssl_engine_last_error(mut cc: *const br_ssl_engine_context) -> i32 { return (*cc).err; } #[inline] @@ -47,7 +43,7 @@ unsafe extern "C" fn br_ssl_engine_set_session_parameters( memcpy( &mut (*cc).session as *mut br_ssl_session_parameters as *mut libc::c_void, pp as *const libc::c_void, - ::std::mem::size_of::() as libc::c_ulong, + ::std::mem::size_of::() as u64, ); } #[inline] @@ -58,40 +54,38 @@ unsafe extern "C" fn br_ssl_engine_get_session_parameters( memcpy( pp as *mut libc::c_void, &(*cc).session as *const br_ssl_session_parameters as *const libc::c_void, - ::std::mem::size_of::() as libc::c_ulong, + ::std::mem::size_of::() as u64, ); } #[inline] unsafe extern "C" fn br_x509_decoder_get_pkey( mut ctx: *mut br_x509_decoder_context, ) -> *mut br_x509_pkey { - if (*ctx).decoded as libc::c_int != 0 && (*ctx).err == 0 as libc::c_int { + if (*ctx).decoded as i32 != 0 && (*ctx).err == 0 as i32 { return &mut (*ctx).pkey; } else { return 0 as *mut br_x509_pkey; }; } #[inline] -unsafe extern "C" fn br_x509_decoder_last_error( - mut ctx: *mut br_x509_decoder_context, -) -> libc::c_int { - if (*ctx).err != 0 as libc::c_int { +unsafe extern "C" fn br_x509_decoder_last_error(mut ctx: *mut br_x509_decoder_context) -> i32 { + if (*ctx).err != 0 as i32 { return (*ctx).err; } if (*ctx).decoded == 0 { - return 34 as libc::c_int; + return 34 as i32; } - return 0 as libc::c_int; + return 0 as i32; } #[inline] -unsafe extern "C" fn br_x509_decoder_isCA(mut ctx: *mut br_x509_decoder_context) -> libc::c_int { - return (*ctx).isCA as libc::c_int; +unsafe extern "C" fn br_x509_decoder_isCA(mut ctx: *mut br_x509_decoder_context) -> i32 { + return (*ctx).isCA as i32; } #[inline] unsafe extern "C" fn br_ssl_engine_set_versions( mut cc: *mut br_ssl_engine_context, - mut version_min: libc::c_uint, - mut version_max: libc::c_uint, + mut version_min: u32, + mut version_max: u32, ) { (*cc).version_min = version_min as uint16_t; (*cc).version_max = version_max as uint16_t; @@ -101,29 +95,27 @@ unsafe extern "C" fn br_ssl_engine_set_x509( mut cc: *mut br_ssl_engine_context, mut x509ctx: *mut *const br_x509_class, ) { - let ref mut fresh2 = (*cc).x509ctx; - *fresh2 = x509ctx; + (*cc).x509ctx = x509ctx; } #[inline] unsafe extern "C" fn br_ssl_engine_set_protocol_names( mut ctx: *mut br_ssl_engine_context, - mut names: *mut *const libc::c_char, + mut names: *mut *const i8, mut num: size_t, ) { - let ref mut fresh3 = (*ctx).protocol_names; - *fresh3 = names; + (*ctx).protocol_names = names; (*ctx).protocol_names_num = num as uint16_t; } #[inline] unsafe extern "C" fn br_ssl_engine_get_selected_protocol( mut ctx: *mut br_ssl_engine_context, -) -> *const libc::c_char { - let mut k: libc::c_uint = 0; - k = (*ctx).selected_protocol as libc::c_uint; - return if k == 0 as libc::c_int as libc::c_uint || k == 0xffff as libc::c_int as libc::c_uint { - 0 as *const libc::c_char +) -> *const i8 { + let mut k: u32 = 0; + k = (*ctx).selected_protocol as u32; + return if k == 0 as i32 as u32 || k == 0xffff as i32 as u32 { + 0 as *const i8 } else { - *((*ctx).protocol_names).offset(k.wrapping_sub(1 as libc::c_int as libc::c_uint) as isize) + *((*ctx).protocol_names).offset(k.wrapping_sub(1 as i32 as u32) as isize) }; } unsafe extern "C" fn append_dn( @@ -132,12 +124,10 @@ unsafe extern "C" fn append_dn( mut len: size_t, ) { let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; - if (*ca).err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint || !(*ca).in_cert { + if (*ca).err as u32 != CURLE_OK as i32 as u32 || !(*ca).in_cert { return; } - if (::std::mem::size_of::<[libc::c_uchar; 1024]>() as libc::c_ulong).wrapping_sub((*ca).dn_len) - < len - { + if (::std::mem::size_of::<[u8; 1024]>() as u64).wrapping_sub((*ca).dn_len) < len { (*ca).err = CURLE_FAILED_INIT; return; } @@ -146,8 +136,7 @@ unsafe extern "C" fn append_dn( buf, len, ); - let ref mut fresh4 = (*ca).dn_len; - *fresh4 = (*fresh4 as libc::c_ulong).wrapping_add(len) as size_t as size_t; + (*ca).dn_len = ((*ca).dn_len as u64).wrapping_add(len) as size_t as size_t; } unsafe extern "C" fn x509_push( mut ctx: *mut libc::c_void, @@ -173,9 +162,9 @@ unsafe extern "C" fn load_cafile( key_type: 0, key: bear_C2RustUnnamed_6 { rsa: br_rsa_public_key { - n: 0 as *mut libc::c_uchar, + n: 0 as *mut u8, nlen: 0, - e: 0 as *mut libc::c_uchar, + e: 0 as *mut u8, elen: 0, }, }, @@ -183,7 +172,7 @@ unsafe extern "C" fn load_cafile( cpu: C2RustUnnamed_30 { dp: 0 as *mut uint32_t, rp: 0 as *mut uint32_t, - ip: 0 as *const libc::c_uchar, + ip: 0 as *const u8, }, dp_stack: [0; 32], rp_stack: [0; 32], @@ -198,7 +187,7 @@ unsafe extern "C" fn load_cafile( copy_dn: 0, append_dn_ctx: 0 as *mut libc::c_void, append_dn: None, - hbuf: 0 as *const libc::c_uchar, + hbuf: 0 as *const u8, hlen: 0, pkey_data: [0; 520], signer_key_type: 0, @@ -213,12 +202,12 @@ unsafe extern "C" fn load_cafile( cpu: C2RustUnnamed_31 { dp: 0 as *mut uint32_t, rp: 0 as *mut uint32_t, - ip: 0 as *const libc::c_uchar, + ip: 0 as *const u8, }, dp_stack: [0; 32], rp_stack: [0; 32], err: 0, - hbuf: 0 as *const libc::c_uchar, + hbuf: 0 as *const u8, hlen: 0, dest: None, dest_ctx: 0 as *mut libc::c_void, @@ -233,25 +222,25 @@ unsafe extern "C" fn load_cafile( let mut new_anchors_len: size_t = 0; let mut pkey: *mut br_x509_pkey = 0 as *mut br_x509_pkey; let mut fp: *mut FILE = 0 as *mut FILE; - let mut buf: [libc::c_uchar; 8192] = [0; 8192]; - let mut p: *const libc::c_uchar = 0 as *const libc::c_uchar; - let mut name: *const libc::c_char = 0 as *const libc::c_char; + let mut buf: [u8; 8192] = [0; 8192]; + let mut p: *const u8 = 0 as *const u8; + let mut name: *const i8 = 0 as *const i8; let mut n: size_t = 0; let mut i: size_t = 0; let mut pushed: size_t = 0; - if (*source).type_0 == 1 as libc::c_int { - fp = fopen((*source).data, b"rb\0" as *const u8 as *const libc::c_char); + if (*source).type_0 == 1 as i32 { + fp = fopen((*source).data, b"rb\0" as *const u8 as *const i8); if fp.is_null() { return CURLE_SSL_CACERT_BADFILE; } } - if (*source).type_0 == 2 as libc::c_int && (*source).len > 2147483647 as libc::c_int as size_t { + if (*source).type_0 == 2 as i32 && (*source).len > 2147483647 as i32 as size_t { return CURLE_SSL_CACERT_BADFILE; } ca.err = CURLE_OK; - ca.in_cert = 0 as libc::c_int != 0; + ca.in_cert = 0 as i32 != 0; ca.anchors = 0 as *mut br_x509_trust_anchor; - ca.anchors_len = 0 as libc::c_int as size_t; + ca.anchors_len = 0 as i32 as size_t; br_pem_decoder_init(&mut pc); br_pem_decoder_setdest( &mut pc, @@ -262,20 +251,20 @@ unsafe extern "C" fn load_cafile( ); 'fail: loop { loop { - if (*source).type_0 == 1 as libc::c_int { + if (*source).type_0 == 1 as i32 { n = fread( buf.as_mut_ptr() as *mut libc::c_void, - 1 as libc::c_int as libc::c_ulong, - ::std::mem::size_of::<[libc::c_uchar; 8192]>() as libc::c_ulong, + 1 as i32 as u64, + ::std::mem::size_of::<[u8; 8192]>() as u64, fp, ); - if n == 0 as libc::c_int as libc::c_ulong { + if n == 0 as i32 as u64 { break; } p = buf.as_mut_ptr(); - } else if (*source).type_0 == 2 as libc::c_int { + } else if (*source).type_0 == 2 as i32 { n = (*source).len; - p = (*source).data as *mut libc::c_uchar; + p = (*source).data as *mut u8; } while n != 0 { pushed = br_pem_decoder_push(&mut pc, p as *const libc::c_void, n); @@ -283,17 +272,13 @@ unsafe extern "C" fn load_cafile( break 'fail; } p = p.offset(pushed as isize); - n = (n as libc::c_ulong).wrapping_sub(pushed) as size_t as size_t; + n = (n as u64).wrapping_sub(pushed) as size_t as size_t; match br_pem_decoder_event(&mut pc) { 0 => {} 1 => { name = br_pem_decoder_name(&mut pc); - if !(strcmp(name, b"CERTIFICATE\0" as *const u8 as *const libc::c_char) - != 0 - && strcmp( - name, - b"X509 CERTIFICATE\0" as *const u8 as *const libc::c_char, - ) != 0) + if !(strcmp(name, b"CERTIFICATE\0" as *const u8 as *const i8) != 0 + && strcmp(name, b"X509 CERTIFICATE\0" as *const u8 as *const i8) != 0) { br_x509_decoder_init( &mut ca.xc, @@ -309,20 +294,20 @@ unsafe extern "C" fn load_cafile( &mut ca as *mut cafile_parser as *mut libc::c_void, ); if ca.anchors_len - == (18446744073709551615 as libc::c_ulong) - .wrapping_div(::std::mem::size_of::() - as libc::c_ulong) + == (18446744073709551615 as u64).wrapping_div( + ::std::mem::size_of::() as u64, + ) { ca.err = CURLE_OUT_OF_MEMORY; break 'fail; } - new_anchors_len = - (ca.anchors_len).wrapping_add(1 as libc::c_int as libc::c_ulong); + new_anchors_len = (ca.anchors_len).wrapping_add(1 as i32 as u64); new_anchors = Curl_crealloc.expect("non-null function pointer")( ca.anchors as *mut libc::c_void, new_anchors_len - .wrapping_mul(::std::mem::size_of::() - as libc::c_ulong), + .wrapping_mul( + ::std::mem::size_of::() as u64 + ), ) as *mut br_x509_trust_anchor; if new_anchors.is_null() { @@ -331,26 +316,24 @@ unsafe extern "C" fn load_cafile( } ca.anchors = new_anchors; ca.anchors_len = new_anchors_len; - ca.in_cert = 1 as libc::c_int != 0; - ca.dn_len = 0 as libc::c_int as size_t; - ta = &mut *(ca.anchors).offset( - (ca.anchors_len).wrapping_sub(1 as libc::c_int as libc::c_ulong) - as isize, - ) as *mut br_x509_trust_anchor; - let ref mut fresh5 = (*ta).dn.data; - *fresh5 = 0 as *mut libc::c_uchar; + ca.in_cert = 1 as i32 != 0; + ca.dn_len = 0 as i32 as size_t; + ta = &mut *(ca.anchors) + .offset((ca.anchors_len).wrapping_sub(1 as i32 as u64) as isize) + as *mut br_x509_trust_anchor; + (*ta).dn.data = 0 as *mut u8; } } 2 => { if ca.in_cert { - ca.in_cert = 0 as libc::c_int != 0; + ca.in_cert = 0 as i32 != 0; if br_x509_decoder_last_error(&mut ca.xc) != 0 { ca.err = CURLE_SSL_CACERT_BADFILE; break 'fail; } - (*ta).flags = 0 as libc::c_int as libc::c_uint; + (*ta).flags = 0 as i32 as u32; if br_x509_decoder_isCA(&mut ca.xc) != 0 { - (*ta).flags |= 0x1 as libc::c_int as libc::c_uint; + (*ta).flags |= 0x1 as i32 as u32; } pkey = br_x509_decoder_get_pkey(&mut ca.xc); if pkey.is_null() { @@ -359,16 +342,15 @@ unsafe extern "C" fn load_cafile( } (*ta).pkey = *pkey; ta_size = ca.dn_len; - match (*pkey).key_type as libc::c_int { + match (*pkey).key_type as i32 { 1 => { - ta_size = (ta_size as libc::c_ulong).wrapping_add( + ta_size = (ta_size as u64).wrapping_add( ((*pkey).key.rsa.nlen).wrapping_add((*pkey).key.rsa.elen), ) as size_t as size_t; } 2 => { - ta_size = (ta_size as libc::c_ulong) - .wrapping_add((*pkey).key.ec.qlen) + ta_size = (ta_size as u64).wrapping_add((*pkey).key.ec.qlen) as size_t as size_t; } @@ -377,9 +359,9 @@ unsafe extern "C" fn load_cafile( break 'fail; } } - let ref mut fresh6 = (*ta).dn.data; - *fresh6 = Curl_cmalloc.expect("non-null function pointer")(ta_size) - as *mut libc::c_uchar; + (*ta).dn.data = + Curl_cmalloc.expect("non-null function pointer")(ta_size) + as *mut u8; if ((*ta).dn.data).is_null() { ca.err = CURLE_OUT_OF_MEMORY; break 'fail; @@ -390,17 +372,16 @@ unsafe extern "C" fn load_cafile( ca.dn_len, ); (*ta).dn.len = ca.dn_len; - match (*pkey).key_type as libc::c_int { + match (*pkey).key_type as i32 { 1 => { - let ref mut fresh7 = (*ta).pkey.key.rsa.n; - *fresh7 = ((*ta).dn.data).offset((*ta).dn.len as isize); + (*ta).pkey.key.rsa.n = + ((*ta).dn.data).offset((*ta).dn.len as isize); memcpy( (*ta).pkey.key.rsa.n as *mut libc::c_void, (*pkey).key.rsa.n as *const libc::c_void, (*pkey).key.rsa.nlen, ); - let ref mut fresh8 = (*ta).pkey.key.rsa.e; - *fresh8 = ((*ta).pkey.key.rsa.n) + (*ta).pkey.key.rsa.e = ((*ta).pkey.key.rsa.n) .offset((*ta).pkey.key.rsa.nlen as isize); memcpy( (*ta).pkey.key.rsa.e as *mut libc::c_void, @@ -409,8 +390,8 @@ unsafe extern "C" fn load_cafile( ); } 2 => { - let ref mut fresh9 = (*ta).pkey.key.ec.q; - *fresh9 = ((*ta).dn.data).offset((*ta).dn.len as isize); + (*ta).pkey.key.ec.q = + ((*ta).dn.data).offset((*ta).dn.len as isize); memcpy( (*ta).pkey.key.ec.q as *mut libc::c_void, (*pkey).key.ec.q as *const libc::c_void, @@ -427,7 +408,7 @@ unsafe extern "C" fn load_cafile( } } } - if !((*source).type_0 != 2 as libc::c_int) { + if !((*source).type_0 != 2 as i32) { break; } } @@ -440,11 +421,11 @@ unsafe extern "C" fn load_cafile( if !fp.is_null() { fclose(fp); } - if ca.err as libc::c_uint == CURLE_OK as libc::c_int as libc::c_uint { + if ca.err as u32 == CURLE_OK as i32 as u32 { *anchors = ca.anchors; *anchors_len = ca.anchors_len; } else { - i = 0 as libc::c_int as size_t; + i = 0 as i32 as size_t; while i < ca.anchors_len { Curl_cfree.expect("non-null function pointer")( (*(ca.anchors).offset(i as isize)).dn.data as *mut libc::c_void, @@ -457,11 +438,11 @@ unsafe extern "C" fn load_cafile( } unsafe extern "C" fn x509_start_chain( mut ctx: *mut *const br_x509_class, - mut server_name: *const libc::c_char, + mut server_name: *const i8, ) { let mut x509: *mut x509_context = ctx as *mut x509_context; if !(*x509).verifyhost { - server_name = 0 as *const libc::c_char; + server_name = 0 as *const i8; } ((*(*x509).minimal.vtable).start_chain).expect("non-null function pointer")( &mut (*x509).minimal.vtable, @@ -477,7 +458,7 @@ unsafe extern "C" fn x509_start_cert(mut ctx: *mut *const br_x509_class, mut len } unsafe extern "C" fn x509_append( mut ctx: *mut *const br_x509_class, - mut buf: *const libc::c_uchar, + mut buf: *const u8, mut len: size_t, ) { let mut x509: *mut x509_context = ctx as *mut x509_context; @@ -493,20 +474,20 @@ unsafe extern "C" fn x509_end_cert(mut ctx: *mut *const br_x509_class) { &mut (*x509).minimal.vtable, ); } -unsafe extern "C" fn x509_end_chain(mut ctx: *mut *const br_x509_class) -> libc::c_uint { +unsafe extern "C" fn x509_end_chain(mut ctx: *mut *const br_x509_class) -> u32 { let mut x509: *mut x509_context = ctx as *mut x509_context; - let mut err: libc::c_uint = 0; + let mut err: u32 = 0; err = ((*(*x509).minimal.vtable).end_chain).expect("non-null function pointer")( &mut (*x509).minimal.vtable, ); if err != 0 && !(*x509).verifypeer { - err = 0 as libc::c_int as libc::c_uint; + err = 0 as i32 as u32; } return err; } unsafe extern "C" fn x509_get_pkey( mut ctx: *const *const br_x509_class, - mut usages: *mut libc::c_uint, + mut usages: *mut u32, ) -> *const br_x509_pkey { let mut x509: *mut x509_context = ctx as *mut x509_context; return ((*(*x509).minimal.vtable).get_pkey).expect("non-null function pointer")( @@ -518,31 +499,27 @@ unsafe extern "C" fn x509_get_pkey( static mut x509_vtable: br_x509_class = unsafe { { let mut init = br_x509_class_ { - context_size: ::std::mem::size_of::() as libc::c_ulong, + context_size: ::std::mem::size_of::() as u64, start_chain: Some( x509_start_chain - as unsafe extern "C" fn(*mut *const br_x509_class, *const libc::c_char) -> (), + as unsafe extern "C" fn(*mut *const br_x509_class, *const i8) -> (), ), start_cert: Some( x509_start_cert as unsafe extern "C" fn(*mut *const br_x509_class, uint32_t) -> (), ), append: Some( x509_append - as unsafe extern "C" fn( - *mut *const br_x509_class, - *const libc::c_uchar, - size_t, - ) -> (), + as unsafe extern "C" fn(*mut *const br_x509_class, *const u8, size_t) -> (), ), end_cert: Some(x509_end_cert as unsafe extern "C" fn(*mut *const br_x509_class) -> ()), end_chain: Some( - x509_end_chain as unsafe extern "C" fn(*mut *const br_x509_class) -> libc::c_uint, + x509_end_chain as unsafe extern "C" fn(*mut *const br_x509_class) -> u32, ), get_pkey: Some( x509_get_pkey as unsafe extern "C" fn( *const *const br_x509_class, - *mut libc::c_uint, + *mut u32, ) -> *const br_x509_pkey, ), }; @@ -552,22 +529,21 @@ static mut x509_vtable: br_x509_class = unsafe { unsafe extern "C" fn bearssl_connect_step1( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; #[cfg(not(CURL_DISABLE_PROXY))] - let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as i32 as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { (*conn).proxy_ssl_config.ca_info_blob } else { @@ -576,82 +552,75 @@ unsafe extern "C" fn bearssl_connect_step1( #[cfg(CURL_DISABLE_PROXY)] let mut ca_info_blob: *const curl_blob = (*conn).ssl_config.ca_info_blob; #[cfg(not(CURL_DISABLE_PROXY))] - let ssl_cafile: *const libc::c_char = if !ca_info_blob.is_null() { - 0 as *mut libc::c_char - } else if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let ssl_cafile: *const i8 = if !ca_info_blob.is_null() { + 0 as *mut i8 + } else if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { (*conn).proxy_ssl_config.CAfile } else { (*conn).ssl_config.CAfile }; #[cfg(CURL_DISABLE_PROXY)] - let ssl_cafile: *const libc::c_char = (*conn).ssl_config.CAfile; + let ssl_cafile: *const i8 = (*conn).ssl_config.CAfile; #[cfg(not(CURL_DISABLE_PROXY))] - let mut hostname: *const libc::c_char = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let mut hostname: *const i8 = if CURLPROXY_HTTPS as i32 as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { (*conn).http_proxy.host.name } else { (*conn).host.name }; #[cfg(CURL_DISABLE_PROXY)] - let mut hostname: *const libc::c_char = (*conn).host.name; + let mut hostname: *const i8 = (*conn).host.name; #[cfg(not(CURL_DISABLE_PROXY))] - let verifypeer: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let verifypeer: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { - ((*conn).proxy_ssl_config).verifypeer() as libc::c_int + ((*conn).proxy_ssl_config).verifypeer() as i32 } else { - ((*conn).ssl_config).verifypeer() as libc::c_int + ((*conn).ssl_config).verifypeer() as i32 } != 0; #[cfg(CURL_DISABLE_PROXY)] - let verifypeer: bool = ((*conn).ssl_config).verifypeer() as libc::c_int != 0; + let verifypeer: bool = ((*conn).ssl_config).verifypeer() as i32 != 0; #[cfg(not(CURL_DISABLE_PROXY))] - let verifyhost: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let verifyhost: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { - ((*conn).proxy_ssl_config).verifyhost() as libc::c_int + ((*conn).proxy_ssl_config).verifyhost() as i32 } else { - ((*conn).ssl_config).verifyhost() as libc::c_int + ((*conn).ssl_config).verifyhost() as i32 } != 0; #[cfg(CURL_DISABLE_PROXY)] - let verifyhost: bool = ((*conn).ssl_config).verifyhost() as libc::c_int != 0; + let verifyhost: bool = ((*conn).ssl_config).verifyhost() as i32 != 0; let mut ret: CURLcode = CURLE_OK; - let mut version_min: libc::c_uint = 0; - let mut version_max: libc::c_uint = 0; + let mut version_min: u32 = 0; + let mut version_max: u32 = 0; #[cfg(ENABLE_IPV6)] let mut addr: in6_addr = in6_addr { __in6_u: C2RustUnnamed_8 { @@ -662,58 +631,56 @@ unsafe extern "C" fn bearssl_connect_step1( let mut addr: in_addr = in_addr { s_addr: 0 }; #[cfg(not(CURL_DISABLE_PROXY))] - let flag6: libc::c_long = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag6: i64 = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { (*conn).proxy_ssl_config.version } else { (*conn).ssl_config.version }; #[cfg(CURL_DISABLE_PROXY)] - let flag6: libc::c_long = (*conn).ssl_config.version; + let flag6: i64 = (*conn).ssl_config.version; match flag6 { 2 => { Curl_failf( data, - b"BearSSL does not support SSLv2\0" as *const u8 as *const libc::c_char, + b"BearSSL does not support SSLv2\0" as *const u8 as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } 3 => { Curl_failf( data, - b"BearSSL does not support SSLv3\0" as *const u8 as *const libc::c_char, + b"BearSSL does not support SSLv3\0" as *const u8 as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } 4 => { - version_min = 0x301 as libc::c_int as libc::c_uint; - version_max = 0x301 as libc::c_int as libc::c_uint; + version_min = 0x301 as i32 as u32; + version_max = 0x301 as i32 as u32; } 5 => { - version_min = 0x302 as libc::c_int as libc::c_uint; - version_max = 0x302 as libc::c_int as libc::c_uint; + version_min = 0x302 as i32 as u32; + version_max = 0x302 as i32 as u32; } 6 => { - version_min = 0x303 as libc::c_int as libc::c_uint; - version_max = 0x303 as libc::c_int as libc::c_uint; + version_min = 0x303 as i32 as u32; + version_max = 0x303 as i32 as u32; } 0 | 1 => { - version_min = 0x301 as libc::c_int as libc::c_uint; - version_max = 0x303 as libc::c_int as libc::c_uint; + version_min = 0x301 as i32 as u32; + version_max = 0x303 as i32 as u32; } _ => { Curl_failf( data, - b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 as *const libc::c_char, + b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } @@ -721,8 +688,8 @@ unsafe extern "C" fn bearssl_connect_step1( if !ca_info_blob.is_null() { let mut source: cafile_source = { let mut init = cafile_source { - type_0: 2 as libc::c_int, - data: (*ca_info_blob).data as *const libc::c_char, + type_0: 2 as i32, + data: (*ca_info_blob).data as *const i8, len: (*ca_info_blob).len, }; init @@ -732,27 +699,27 @@ unsafe extern "C" fn bearssl_connect_step1( &mut (*backend).anchors, &mut (*backend).anchors_len, ); - if ret as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint { + if ret as u32 != CURLE_OK as i32 as u32 { if verifypeer { Curl_failf( data, - b"error importing CA certificate blob\0" as *const u8 as *const libc::c_char, + b"error importing CA certificate blob\0" as *const u8 as *const i8, ); return ret; } Curl_infof( data, b"error importing CA certificate blob, continuing anyway\0" as *const u8 - as *const libc::c_char, + as *const i8, ); } } if !ssl_cafile.is_null() { let mut source_0: cafile_source = { let mut init = cafile_source { - type_0: 1 as libc::c_int, + type_0: 1 as i32, data: ssl_cafile, - len: 0 as libc::c_int as size_t, + len: 0 as i32 as size_t, }; init }; @@ -761,12 +728,12 @@ unsafe extern "C" fn bearssl_connect_step1( &mut (*backend).anchors, &mut (*backend).anchors_len, ); - if ret as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint { + if ret as u32 != CURLE_OK as i32 as u32 { if verifypeer { Curl_failf( data, b"error setting certificate verify locations. CAfile: %s\0" as *const u8 - as *const libc::c_char, + as *const i8, ssl_cafile, ); return ret; @@ -774,7 +741,7 @@ unsafe extern "C" fn bearssl_connect_step1( Curl_infof( data, b"error setting certificate verify locations, continuing anyway:\0" as *const u8 - as *const libc::c_char, + as *const i8, ); } } @@ -788,57 +755,47 @@ unsafe extern "C" fn bearssl_connect_step1( br_ssl_engine_set_buffer( &mut (*backend).bear_ctx.eng, ((*backend).buf).as_mut_ptr() as *mut libc::c_void, - ::std::mem::size_of::<[libc::c_uchar; 33178]>() as libc::c_ulong, - 1 as libc::c_int, + ::std::mem::size_of::<[u8; 33178]>() as u64, + 1 as i32, ); - let ref mut fresh10 = (*backend).x509.vtable; - *fresh10 = &x509_vtable; + (*backend).x509.vtable = &x509_vtable; (*backend).x509.verifypeer = verifypeer; (*backend).x509.verifyhost = verifyhost; br_ssl_engine_set_x509(&mut (*backend).bear_ctx.eng, &mut (*backend).x509.vtable); #[cfg(not(CURL_DISABLE_PROXY))] - let flag7: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag7: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { - ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int + ((*data).set.proxy_ssl.primary).sessionid() as i32 } else { - ((*data).set.ssl.primary).sessionid() as libc::c_int + ((*data).set.ssl.primary).sessionid() as i32 } != 0; #[cfg(CURL_DISABLE_PROXY)] - let flag7: bool = ((*data).set.ssl.primary).sessionid() as libc::c_int != 0; + let flag7: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; if flag7 { let mut session: *mut libc::c_void = 0 as *mut libc::c_void; Curl_ssl_sessionid_lock(data); #[cfg(not(CURL_DISABLE_PROXY))] - let flag8: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag8: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint; + .state as u32; #[cfg(CURL_DISABLE_PROXY)] let flag8: bool = false; if !Curl_ssl_getsessionid( data, conn, - if flag8 { - 1 as libc::c_int - } else { - 0 as libc::c_int - } != 0, + if flag8 { 1 as i32 } else { 0 as i32 } != 0, &mut session, 0 as *mut size_t, sockindex, @@ -849,42 +806,39 @@ unsafe extern "C" fn bearssl_connect_step1( ); Curl_infof( data, - b"BearSSL: re-using session ID\0" as *const u8 as *const libc::c_char, + b"BearSSL: re-using session ID\0" as *const u8 as *const i8, ); } Curl_ssl_sessionid_unlock(data); } if ((*conn).bits).tls_enable_alpn() != 0 { - let mut cur: libc::c_int = 0 as libc::c_int; + let mut cur: i32 = 0 as i32; match () { #[cfg(USE_HTTP2)] _ => { #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_flag = (!(CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + let CURL_DISABLE_PROXY_flag = (!(CURLPROXY_HTTPS as i32 as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint) + .state as u32) || ((*conn).bits).tunnel_proxy() == 0); #[cfg(CURL_DISABLE_PROXY)] let CURL_DISABLE_PROXY_flag = true; - if (*data).state.httpwant as libc::c_int >= CURL_HTTP_VERSION_2_0 as libc::c_int + if (*data).state.httpwant as i32 >= CURL_HTTP_VERSION_2_0 as i32 && CURL_DISABLE_PROXY_flag { let fresh11 = cur; cur = cur + 1; - let ref mut fresh12 = (*backend).protocols[fresh11 as usize]; - *fresh12 = b"h2\0" as *const u8 as *const libc::c_char; + (*backend).protocols[fresh11 as usize] = b"h2\0" as *const u8 as *const i8; Curl_infof( data, - b"ALPN, offering %s\0" as *const u8 as *const libc::c_char, - b"h2\0" as *const u8 as *const libc::c_char, + b"ALPN, offering %s\0" as *const u8 as *const i8, + b"h2\0" as *const u8 as *const i8, ); } } @@ -893,12 +847,11 @@ unsafe extern "C" fn bearssl_connect_step1( } let fresh13 = cur; cur = cur + 1; - let ref mut fresh14 = (*backend).protocols[fresh13 as usize]; - *fresh14 = b"http/1.1\0" as *const u8 as *const libc::c_char; + (*backend).protocols[fresh13 as usize] = b"http/1.1\0" as *const u8 as *const i8; Curl_infof( data, - b"ALPN, offering %s\0" as *const u8 as *const libc::c_char, - b"http/1.1\0" as *const u8 as *const libc::c_char, + b"ALPN, offering %s\0" as *const u8 as *const i8, + b"http/1.1\0" as *const u8 as *const i8, ); br_ssl_engine_set_protocol_names( &mut (*backend).bear_ctx.eng, @@ -907,22 +860,22 @@ unsafe extern "C" fn bearssl_connect_step1( ); } #[cfg(ENABLE_IPV6)] - let ENABLE_IPV6_flag = 1 as libc::c_int + let ENABLE_IPV6_flag = 1 as i32 == inet_pton( - 2 as libc::c_int, + 2 as i32, hostname, &mut addr as *mut in6_addr as *mut libc::c_void, ) - || 1 as libc::c_int + || 1 as i32 == inet_pton( - 10 as libc::c_int, + 10 as i32, hostname, &mut addr as *mut in6_addr as *mut libc::c_void, ); #[cfg(not(ENABLE_IPV6))] - let ENABLE_IPV6_flag = 1 as libc::c_int + let ENABLE_IPV6_flag = 1 as i32 == inet_pton( - 2 as libc::c_int, + 2 as i32, hostname, &mut addr as *mut in_addr as *mut libc::c_void, ); @@ -931,16 +884,16 @@ unsafe extern "C" fn bearssl_connect_step1( Curl_failf( data, b"BearSSL: host verification of IP address is not supported\0" as *const u8 - as *const libc::c_char, + as *const i8, ); return CURLE_PEER_FAILED_VERIFICATION; } - hostname = 0 as *const libc::c_char; + hostname = 0 as *const i8; } - if br_ssl_client_reset(&mut (*backend).bear_ctx, hostname, 0 as libc::c_int) == 0 { + if br_ssl_client_reset(&mut (*backend).bear_ctx, hostname, 0 as i32) == 0 { return CURLE_FAILED_INIT; } - (*backend).active = 1 as libc::c_int != 0; + (*backend).active = 1 as i32 != 0; (*connssl).connecting_state = ssl_connect_2; return CURLE_OK; } @@ -948,31 +901,28 @@ unsafe extern "C" fn bearssl_connect_step1( unsafe extern "C" fn bearssl_run_until( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, - mut target: libc::c_uint, + mut sockindex: i32, + mut target: u32, ) -> CURLcode { let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; - let mut state: libc::c_uint = 0; - let mut buf: *mut libc::c_uchar = 0 as *mut libc::c_uchar; + let mut state: u32 = 0; + let mut buf: *mut u8 = 0 as *mut u8; let mut len: size_t = 0; let mut ret: ssize_t = 0; - let mut err: libc::c_int = 0; + let mut err: i32 = 0; loop { state = br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng); - if state & 0x1 as libc::c_int as libc::c_uint != 0 { + if state & 0x1 as i32 as u32 != 0 { err = br_ssl_engine_last_error(&mut (*backend).bear_ctx.eng); match err { 0 => { - if (*connssl).state as libc::c_uint - != ssl_connection_complete as libc::c_int as libc::c_uint - { + if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { Curl_failf( data, - b"SSL: connection closed during handshake\0" as *const u8 - as *const libc::c_char, + b"SSL: connection closed during handshake\0" as *const u8 as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } @@ -982,29 +932,29 @@ unsafe extern "C" fn bearssl_run_until( Curl_failf( data, b"SSL: X.509 verification: certificate is expired or not yet valid\0" - as *const u8 as *const libc::c_char, + as *const u8 as *const i8, ); return CURLE_PEER_FAILED_VERIFICATION; } 56 => { Curl_failf( - data, - b"SSL: X.509 verification: expected server name was not found in the chain\0" - as *const u8 as *const libc::c_char, - ); + data, + b"SSL: X.509 verification: expected server name was not found in the chain\0" + as *const u8 as *const i8, + ); return CURLE_PEER_FAILED_VERIFICATION; } 62 => { Curl_failf( data, b"SSL: X.509 verification: chain could not be linked to a trust anchor\0" - as *const u8 as *const libc::c_char, + as *const u8 as *const i8, ); return CURLE_PEER_FAILED_VERIFICATION; } _ => {} } - if err >= 32 as libc::c_int && err < 64 as libc::c_int { + if err >= 32 as i32 && err < 64 as i32 { return CURLE_PEER_FAILED_VERIFICATION; } return CURLE_SSL_CONNECT_ERROR; @@ -1012,21 +962,12 @@ unsafe extern "C" fn bearssl_run_until( if state & target != 0 { return CURLE_OK; } - if state & 0x2 as libc::c_int as libc::c_uint != 0 { + if state & 0x2 as i32 as u32 != 0 { buf = br_ssl_engine_sendrec_buf(&mut (*backend).bear_ctx.eng, &mut len); - ret = send( - sockfd, - buf as *const libc::c_void, - len, - MSG_NOSIGNAL as libc::c_int, - ); - if ret == -(1 as libc::c_int) as libc::c_long { - if *__errno_location() == 11 as libc::c_int - || *__errno_location() == 11 as libc::c_int - { - if (*connssl).state as libc::c_uint - != ssl_connection_complete as libc::c_int as libc::c_uint - { + ret = send(sockfd, buf as *const libc::c_void, len, MSG_NOSIGNAL as i32); + if ret == -(1 as i32) as i64 { + if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { + if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { (*connssl).connecting_state = ssl_connect_2_writing; } return CURLE_AGAIN; @@ -1034,23 +975,19 @@ unsafe extern "C" fn bearssl_run_until( return CURLE_WRITE_ERROR; } br_ssl_engine_sendrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); - } else if state & 0x4 as libc::c_int as libc::c_uint != 0 { + } else if state & 0x4 as i32 as u32 != 0 { buf = br_ssl_engine_recvrec_buf(&mut (*backend).bear_ctx.eng, &mut len); - ret = recv(sockfd, buf as *mut libc::c_void, len, 0 as libc::c_int); - if ret == 0 as libc::c_int as libc::c_long { + ret = recv(sockfd, buf as *mut libc::c_void, len, 0 as i32); + if ret == 0 as i32 as i64 { Curl_failf( data, - b"SSL: EOF without close notify\0" as *const u8 as *const libc::c_char, + b"SSL: EOF without close notify\0" as *const u8 as *const i8, ); return CURLE_READ_ERROR; } - if ret == -(1 as libc::c_int) as libc::c_long { - if *__errno_location() == 11 as libc::c_int - || *__errno_location() == 11 as libc::c_int - { - if (*connssl).state as libc::c_uint - != ssl_connection_complete as libc::c_int as libc::c_uint - { + if ret == -(1 as i32) as i64 { + if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { + if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { (*connssl).connecting_state = ssl_connect_2_reading; } return CURLE_AGAIN; @@ -1065,28 +1002,21 @@ unsafe extern "C" fn bearssl_run_until( unsafe extern "C" fn bearssl_connect_step2( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut ret: CURLcode = CURLE_OK; - ret = bearssl_run_until( - data, - conn, - sockindex, - (0x8 as libc::c_int | 0x10 as libc::c_int) as libc::c_uint, - ); - if ret as libc::c_uint == CURLE_AGAIN as libc::c_int as libc::c_uint { + ret = bearssl_run_until(data, conn, sockindex, (0x8 as i32 | 0x10 as i32) as u32); + if ret as u32 == CURLE_AGAIN as i32 as u32 { return CURLE_OK; } - if ret as libc::c_uint == CURLE_OK as libc::c_int as libc::c_uint { - if br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) - == 0x1 as libc::c_int as libc::c_uint - { + if ret as u32 == CURLE_OK as i32 as u32 { + if br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) == 0x1 as i32 as u32 { Curl_failf( data, - b"SSL: connection closed during handshake\0" as *const u8 as *const libc::c_char, + b"SSL: connection closed during handshake\0" as *const u8 as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } @@ -1098,110 +1028,101 @@ unsafe extern "C" fn bearssl_connect_step2( unsafe extern "C" fn bearssl_connect_step3( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; let mut ret: CURLcode = CURLE_OK; if ((*conn).bits).tls_enable_alpn() != 0 { - let mut protocol: *const libc::c_char = 0 as *const libc::c_char; + let mut protocol: *const i8 = 0 as *const i8; protocol = br_ssl_engine_get_selected_protocol(&mut (*backend).bear_ctx.eng); if !protocol.is_null() { Curl_infof( data, - b"ALPN, server accepted to use %s\0" as *const u8 as *const libc::c_char, + b"ALPN, server accepted to use %s\0" as *const u8 as *const i8, protocol, ); #[cfg(USE_HTTP2)] - let USE_HTTP2_flag = strcmp(protocol, b"h2\0" as *const u8 as *const libc::c_char) == 0; + let USE_HTTP2_flag = strcmp(protocol, b"h2\0" as *const u8 as *const i8) == 0; #[cfg(not(USE_HTTP2))] let USE_HTTP2_flag = false; if USE_HTTP2_flag { match () { #[cfg(USE_HTTP2)] _ => { - (*conn).negnpn = CURL_HTTP_VERSION_2_0 as libc::c_int; + (*conn).negnpn = CURL_HTTP_VERSION_2_0 as i32; } #[cfg(not(USE_HTTP2))] _ => {} } - } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const libc::c_char) == 0 { - (*conn).negnpn = CURL_HTTP_VERSION_1_1 as libc::c_int; + } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const i8) == 0 { + (*conn).negnpn = CURL_HTTP_VERSION_1_1 as i32; } else { Curl_infof( data, - b"ALPN, unrecognized protocol %s\0" as *const u8 as *const libc::c_char, + b"ALPN, unrecognized protocol %s\0" as *const u8 as *const i8, protocol, ); } Curl_multiuse_state( data, - if (*conn).negnpn == CURL_HTTP_VERSION_2_0 as libc::c_int { - 2 as libc::c_int + if (*conn).negnpn == CURL_HTTP_VERSION_2_0 as i32 { + 2 as i32 } else { - -(1 as libc::c_int) + -(1 as i32) }, ); } else { Curl_infof( data, - b"ALPN, server did not agree to a protocol\0" as *const u8 as *const libc::c_char, + b"ALPN, server did not agree to a protocol\0" as *const u8 as *const i8, ); } } #[cfg(not(CURL_DISABLE_PROXY))] - let flag1: bool = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag1: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 { - ((*data).set.proxy_ssl.primary).sessionid() as libc::c_int + ((*data).set.proxy_ssl.primary).sessionid() as i32 } else { - ((*data).set.ssl.primary).sessionid() as libc::c_int + ((*data).set.ssl.primary).sessionid() as i32 } != 0; #[cfg(CURL_DISABLE_PROXY)] - let flag1: bool = ((*data).set.ssl.primary).sessionid() as libc::c_int != 0; + let flag1: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; if flag1 { let mut incache: bool = false; let mut oldsession: *mut libc::c_void = 0 as *mut libc::c_void; let mut session: *mut br_ssl_session_parameters = 0 as *mut br_ssl_session_parameters; session = Curl_cmalloc.expect("non-null function pointer")(::std::mem::size_of::< br_ssl_session_parameters, - >() as libc::c_ulong) as *mut br_ssl_session_parameters; + >() as u64) as *mut br_ssl_session_parameters; if session.is_null() { return CURLE_OUT_OF_MEMORY; } br_ssl_engine_get_session_parameters(&mut (*backend).bear_ctx.eng, session); Curl_ssl_sessionid_lock(data); #[cfg(not(CURL_DISABLE_PROXY))] - let flag1: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag1: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint; + .state as u32; #[cfg(CURL_DISABLE_PROXY)] let flag1: bool = false; incache = !Curl_ssl_getsessionid( data, conn, - if flag1 { - 1 as libc::c_int - } else { - 0 as libc::c_int - } != 0, + if flag1 { 1 as i32 } else { 0 as i32 } != 0, &mut oldsession, 0 as *mut size_t, sockindex, @@ -1210,29 +1131,22 @@ unsafe extern "C" fn bearssl_connect_step3( Curl_ssl_delsessionid(data, oldsession); } #[cfg(not(CURL_DISABLE_PROXY))] - let flag2: bool = CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn).proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + let flag2: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as i32 as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint; + .state as u32; #[cfg(CURL_DISABLE_PROXY)] let flag2: bool = false; ret = Curl_ssl_addsessionid( data, conn, - if flag2 { - 1 as libc::c_int - } else { - 0 as libc::c_int - } != 0, + if flag2 { 1 as i32 } else { 0 as i32 } != 0, session as *mut libc::c_void, - 0 as libc::c_int as size_t, + 0 as i32 as size_t, sockindex, ); Curl_ssl_sessionid_unlock(data); @@ -1247,7 +1161,7 @@ unsafe extern "C" fn bearssl_connect_step3( unsafe extern "C" fn bearssl_send( mut data: *mut Curl_easy, - mut sockindex: libc::c_int, + mut sockindex: i32, mut buf: *const libc::c_void, mut len: size_t, mut err: *mut CURLcode, @@ -1256,25 +1170,25 @@ unsafe extern "C" fn bearssl_send( let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut app: *mut libc::c_uchar = 0 as *mut libc::c_uchar; + let mut app: *mut u8 = 0 as *mut u8; let mut applen: size_t = 0; loop { - *err = bearssl_run_until(data, conn, sockindex, 0x8 as libc::c_int as libc::c_uint); - if *err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint { - return -(1 as libc::c_int) as ssize_t; + *err = bearssl_run_until(data, conn, sockindex, 0x8 as i32 as u32); + if *err as u32 != CURLE_OK as i32 as u32 { + return -(1 as i32) as ssize_t; } app = br_ssl_engine_sendapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); if app.is_null() { Curl_failf( data, - b"SSL: connection closed during write\0" as *const u8 as *const libc::c_char, + b"SSL: connection closed during write\0" as *const u8 as *const i8, ); *err = CURLE_SEND_ERROR; - return -(1 as libc::c_int) as ssize_t; + return -(1 as i32) as ssize_t; } if (*backend).pending_write != 0 { applen = (*backend).pending_write; - (*backend).pending_write = 0 as libc::c_int as size_t; + (*backend).pending_write = 0 as i32 as size_t; return applen as ssize_t; } if applen > len { @@ -1282,15 +1196,15 @@ unsafe extern "C" fn bearssl_send( } memcpy(app as *mut libc::c_void, buf, applen); br_ssl_engine_sendapp_ack(&mut (*backend).bear_ctx.eng, applen); - br_ssl_engine_flush(&mut (*backend).bear_ctx.eng, 0 as libc::c_int); + br_ssl_engine_flush(&mut (*backend).bear_ctx.eng, 0 as i32); (*backend).pending_write = applen; } } unsafe extern "C" fn bearssl_recv( mut data: *mut Curl_easy, - mut sockindex: libc::c_int, - mut buf: *mut libc::c_char, + mut sockindex: i32, + mut buf: *mut i8, mut len: size_t, mut err: *mut CURLcode, ) -> ssize_t { @@ -1298,15 +1212,15 @@ unsafe extern "C" fn bearssl_recv( let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut app: *mut libc::c_uchar = 0 as *mut libc::c_uchar; + let mut app: *mut u8 = 0 as *mut u8; let mut applen: size_t = 0; - *err = bearssl_run_until(data, conn, sockindex, 0x10 as libc::c_int as libc::c_uint); - if *err as libc::c_uint != CURLE_OK as libc::c_int as libc::c_uint { - return -(1 as libc::c_int) as ssize_t; + *err = bearssl_run_until(data, conn, sockindex, 0x10 as i32 as u32); + if *err as u32 != CURLE_OK as i32 as u32 { + return -(1 as i32) as ssize_t; } app = br_ssl_engine_recvapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); if app.is_null() { - return 0 as libc::c_int as ssize_t; + return 0 as i32 as ssize_t; } if applen > len { applen = len; @@ -1319,7 +1233,7 @@ unsafe extern "C" fn bearssl_recv( unsafe extern "C" fn bearssl_connect_common( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, mut nonblocking: bool, mut done: *mut bool, ) -> CURLcode { @@ -1328,159 +1242,133 @@ unsafe extern "C" fn bearssl_connect_common( &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; let mut timeout_ms: timediff_t = 0; - let mut what: libc::c_int = 0; - if ssl_connection_complete as libc::c_int as libc::c_uint == (*connssl).state as libc::c_uint { - *done = 1 as libc::c_int != 0; + let mut what: i32 = 0; + if ssl_connection_complete as i32 as u32 == (*connssl).state as u32 { + *done = 1 as i32 != 0; return CURLE_OK; } - if ssl_connect_1 as libc::c_int as libc::c_uint == (*connssl).connecting_state as libc::c_uint { + if ssl_connect_1 as i32 as u32 == (*connssl).connecting_state as u32 { ret = bearssl_connect_step1(data, conn, sockindex); if ret as u64 != 0 { return ret; } } - while ssl_connect_2 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint + while ssl_connect_2 as i32 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 { - timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as libc::c_int != 0); - if timeout_ms < 0 as libc::c_int as libc::c_long { - Curl_failf( - data, - b"SSL connection timeout\0" as *const u8 as *const libc::c_char, - ); + timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as i32 != 0); + if timeout_ms < 0 as i32 as i64 { + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); return CURLE_OPERATION_TIMEDOUT; } - if ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint + if ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 { - let mut writefd: curl_socket_t = if ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - sockfd - } else { - -(1 as libc::c_int) - }; - let mut readfd: curl_socket_t = if ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - sockfd - } else { - -(1 as libc::c_int) - }; + let mut writefd: curl_socket_t = + if ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 { + sockfd + } else { + -(1 as i32) + }; + let mut readfd: curl_socket_t = + if ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 { + sockfd + } else { + -(1 as i32) + }; what = Curl_socket_check( readfd, - -(1 as libc::c_int), + -(1 as i32), writefd, - if nonblocking as libc::c_int != 0 { - 0 as libc::c_int as libc::c_long + if nonblocking as i32 != 0 { + 0 as i32 as i64 } else { timeout_ms }, ); - if what < 0 as libc::c_int { + if what < 0 as i32 { Curl_failf( data, - b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const libc::c_char, + b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const i8, *__errno_location(), ); return CURLE_SSL_CONNECT_ERROR; } else { - if 0 as libc::c_int == what { + if 0 as i32 == what { if nonblocking { - *done = 0 as libc::c_int != 0; + *done = 0 as i32 != 0; return CURLE_OK; } else { - Curl_failf( - data, - b"SSL connection timeout\0" as *const u8 as *const libc::c_char, - ); + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); return CURLE_OPERATION_TIMEDOUT; } } } } ret = bearssl_connect_step2(data, conn, sockindex); - if ret as libc::c_uint != 0 - || nonblocking as libc::c_int != 0 - && (ssl_connect_2 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint) + if ret as u32 != 0 + || nonblocking as i32 != 0 + && (ssl_connect_2 as i32 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32) { return ret; } } - if ssl_connect_3 as libc::c_int as libc::c_uint == (*connssl).connecting_state as libc::c_uint { + if ssl_connect_3 as i32 as u32 == (*connssl).connecting_state as u32 { ret = bearssl_connect_step3(data, conn, sockindex); if ret as u64 != 0 { return ret; } } - if ssl_connect_done as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { + if ssl_connect_done as i32 as u32 == (*connssl).connecting_state as u32 { (*connssl).state = ssl_connection_complete; - let ref mut fresh15 = (*conn).recv[sockindex as usize]; - *fresh15 = Some( + (*conn).recv[sockindex as usize] = Some( bearssl_recv as unsafe extern "C" fn( *mut Curl_easy, - libc::c_int, - *mut libc::c_char, + i32, + *mut i8, size_t, *mut CURLcode, ) -> ssize_t, ); - let ref mut fresh16 = (*conn).send[sockindex as usize]; - *fresh16 = Some( + (*conn).send[sockindex as usize] = Some( bearssl_send as unsafe extern "C" fn( *mut Curl_easy, - libc::c_int, + i32, *const libc::c_void, size_t, *mut CURLcode, ) -> ssize_t, ); - *done = 1 as libc::c_int != 0; + *done = 1 as i32 != 0; } else { - *done = 0 as libc::c_int != 0; + *done = 0 as i32 != 0; } (*connssl).connecting_state = ssl_connect_1; return CURLE_OK; } -unsafe extern "C" fn bearssl_version(mut buffer: *mut libc::c_char, mut size: size_t) -> size_t { - return curl_msnprintf( - buffer, - size, - b"BearSSL\0" as *const u8 as *const libc::c_char, - ) as size_t; +unsafe extern "C" fn bearssl_version(mut buffer: *mut i8, mut size: size_t) -> size_t { + return curl_msnprintf(buffer, size, b"BearSSL\0" as *const u8 as *const i8) as size_t; } unsafe extern "C" fn bearssl_data_pending( mut conn: *const connectdata, - mut connindex: libc::c_int, + mut connindex: i32, ) -> bool { let mut connssl: *const ssl_connect_data = &*((*conn).ssl).as_ptr().offset(connindex as isize) as *const ssl_connect_data; let mut backend: *mut ssl_backend_data = (*connssl).backend; - return br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) - & 0x10 as libc::c_int as libc::c_uint - != 0; + return br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) & 0x10 as i32 as u32 != 0; } unsafe extern "C" fn bearssl_random( mut data: *mut Curl_easy, - mut entropy: *mut libc::c_uchar, + mut entropy: *mut u8, mut length: size_t, ) -> CURLcode { static mut ctx: br_hmac_drbg_context = br_hmac_drbg_context { @@ -1489,20 +1377,20 @@ unsafe extern "C" fn bearssl_random( V: [0; 64], digest_class: 0 as *const br_hash_class, }; - static mut seeded: bool = 0 as libc::c_int != 0; + static mut seeded: bool = 0 as i32 != 0; if !seeded { let mut seeder: br_prng_seeder = None; br_hmac_drbg_init( &mut ctx, &br_sha256_vtable, 0 as *const libc::c_void, - 0 as libc::c_int as size_t, + 0 as i32 as size_t, ); - seeder = br_prng_seeder_system(0 as *mut *const libc::c_char); + seeder = br_prng_seeder_system(0 as *mut *const i8); if seeder.is_none() || seeder.expect("non-null function pointer")(&mut ctx.vtable) == 0 { return CURLE_FAILED_INIT; } - seeded = 1 as libc::c_int != 0; + seeded = 1 as i32 != 0; } br_hmac_drbg_generate(&mut ctx, entropy as *mut libc::c_void, length); return CURLE_OK; @@ -1511,11 +1399,11 @@ unsafe extern "C" fn bearssl_random( unsafe extern "C" fn bearssl_connect( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { let mut ret: CURLcode = CURLE_OK; - let mut done: bool = 0 as libc::c_int != 0; - ret = bearssl_connect_common(data, conn, sockindex, 0 as libc::c_int != 0, &mut done); + let mut done: bool = 0 as i32 != 0; + ret = bearssl_connect_common(data, conn, sockindex, 0 as i32 != 0, &mut done); if ret as u64 != 0 { return ret; } @@ -1525,10 +1413,10 @@ unsafe extern "C" fn bearssl_connect( unsafe extern "C" fn bearssl_connect_nonblocking( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, mut done: *mut bool, ) -> CURLcode { - return bearssl_connect_common(data, conn, sockindex, 1 as libc::c_int != 0, done); + return bearssl_connect_common(data, conn, sockindex, 1 as i32 != 0, done); } unsafe extern "C" fn bearssl_get_internals( @@ -1542,7 +1430,7 @@ unsafe extern "C" fn bearssl_get_internals( unsafe extern "C" fn bearssl_close( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) { let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; @@ -1550,9 +1438,9 @@ unsafe extern "C" fn bearssl_close( let mut i: size_t = 0; if (*backend).active { br_ssl_engine_close(&mut (*backend).bear_ctx.eng); - bearssl_run_until(data, conn, sockindex, 0x1 as libc::c_int as libc::c_uint); + bearssl_run_until(data, conn, sockindex, 0x1 as i32 as u32); } - i = 0 as libc::c_int as size_t; + i = 0 as i32 as size_t; while i < (*backend).anchors_len { Curl_cfree.expect("non-null function pointer")( (*((*backend).anchors).offset(i as isize)).dn.data as *mut libc::c_void, @@ -1567,9 +1455,9 @@ unsafe extern "C" fn bearssl_session_free(mut ptr: *mut libc::c_void) { } unsafe extern "C" fn bearssl_sha256sum( - mut input: *const libc::c_uchar, + mut input: *const u8, mut inputlen: size_t, - mut sha256sum: *mut libc::c_uchar, + mut sha256sum: *mut u8, mut sha256len: size_t, ) -> CURLcode { let mut ctx: br_sha256_context = br_sha256_context { @@ -1591,75 +1479,59 @@ pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { info: { let mut init = curl_ssl_backend { id: CURLSSLBACKEND_BEARSSL, - name: b"bearssl\0" as *const u8 as *const libc::c_char, + name: b"bearssl\0" as *const u8 as *const i8, }; init }, - supports: ((1 as libc::c_int) << 6 as libc::c_int) as libc::c_uint, - sizeof_ssl_backend_data: ::std::mem::size_of::() as libc::c_ulong, - init: Some(Curl_none_init as unsafe extern "C" fn() -> libc::c_int), + supports: ((1 as i32) << 6 as i32) as u32, + sizeof_ssl_backend_data: ::std::mem::size_of::() as u64, + init: Some(Curl_none_init as unsafe extern "C" fn() -> i32), cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), - version: Some( - bearssl_version as unsafe extern "C" fn(*mut libc::c_char, size_t) -> size_t, - ), - check_cxn: Some( - Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> libc::c_int, - ), + version: Some(bearssl_version as unsafe extern "C" fn(*mut i8, size_t) -> size_t), + check_cxn: Some(Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> i32), shut_down: Some( Curl_none_shutdown - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> libc::c_int, + as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> i32, ), data_pending: Some( - bearssl_data_pending - as unsafe extern "C" fn(*const connectdata, libc::c_int) -> bool, + bearssl_data_pending as unsafe extern "C" fn(*const connectdata, i32) -> bool, ), random: Some( - bearssl_random - as unsafe extern "C" fn(*mut Curl_easy, *mut libc::c_uchar, size_t) -> CURLcode, + bearssl_random as unsafe extern "C" fn(*mut Curl_easy, *mut u8, size_t) -> CURLcode, ), cert_status_request: Some( Curl_none_cert_status_request as unsafe extern "C" fn() -> bool, ), connect_blocking: Some( bearssl_connect - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> CURLcode, + as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> CURLcode, ), connect_nonblocking: Some( bearssl_connect_nonblocking as unsafe extern "C" fn( *mut Curl_easy, *mut connectdata, - libc::c_int, + i32, *mut bool, ) -> CURLcode, ), getsock: Some( Curl_ssl_getsock - as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> libc::c_int, + as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> i32, ), get_internals: Some( bearssl_get_internals as unsafe extern "C" fn(*mut ssl_connect_data, CURLINFO) -> *mut libc::c_void, ), close_one: Some( - bearssl_close - as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, libc::c_int) -> (), + bearssl_close as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> (), ), close_all: Some(Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> ()), session_free: Some( bearssl_session_free as unsafe extern "C" fn(*mut libc::c_void) -> (), ), set_engine: Some( - Curl_none_set_engine - as unsafe extern "C" fn(*mut Curl_easy, *const libc::c_char) -> CURLcode, + Curl_none_set_engine as unsafe extern "C" fn(*mut Curl_easy, *const i8) -> CURLcode, ), set_engine_default: Some( Curl_none_set_engine_default as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, @@ -1670,12 +1542,7 @@ pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), sha256sum: Some( bearssl_sha256sum - as unsafe extern "C" fn( - *const libc::c_uchar, - size_t, - *mut libc::c_uchar, - size_t, - ) -> CURLcode, + as unsafe extern "C" fn(*const u8, size_t, *mut u8, size_t) -> CURLcode, ), associate_connection: None, disassociate_connection: None, -- Gitee From 807f2ac87de0adfb969156121e7ba15d65bb4ad8 Mon Sep 17 00:00:00 2001 From: Your Name <1153793677@qq.com> Date: Sun, 4 Dec 2022 16:54:53 +0800 Subject: [PATCH 3/4] =?UTF-8?q?=E4=BC=98=E5=8C=96as=E8=BD=AC=E6=8D=A2?= =?UTF-8?q?=EF=BC=8C=E5=87=BD=E6=95=B0=E5=A3=B0=E6=98=8Eunsafe=EF=BC=8C?= =?UTF-8?q?=E7=BB=93=E6=9E=84=E4=BD=93=E5=88=9D=E5=A7=8B=E5=8C=96=EF=BC=8C?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=B3=A8=E9=87=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rust/rust_project/src/vtls/bearssl.rs | 2543 +++++++++++++------------ 1 file changed, 1299 insertions(+), 1244 deletions(-) diff --git a/rust/rust_project/src/vtls/bearssl.rs b/rust/rust_project/src/vtls/bearssl.rs index 03dd4b9..bdb7983 100644 --- a/rust/rust_project/src/vtls/bearssl.rs +++ b/rust/rust_project/src/vtls/bearssl.rs @@ -19,157 +19,205 @@ use rust_ffi::src::ffi_fun::fun_call::*; use rust_ffi::src::ffi_struct::struct_define::*; #[inline] -unsafe extern "C" fn br_pem_decoder_name(mut ctx: *mut br_pem_decoder_context) -> *const i8 { - return ((*ctx).name).as_mut_ptr(); +extern "C" fn br_pem_decoder_name(mut ctx: *mut br_pem_decoder_context) -> *const i8 { + unsafe { + return ((*ctx).name).as_mut_ptr(); + } } #[inline] -unsafe extern "C" fn br_pem_decoder_setdest( +extern "C" fn br_pem_decoder_setdest( mut ctx: *mut br_pem_decoder_context, mut dest: Option ()>, mut dest_ctx: *mut libc::c_void, ) { - (*ctx).dest = dest; - (*ctx).dest_ctx = dest_ctx; + unsafe { + (*ctx).dest = dest; + (*ctx).dest_ctx = dest_ctx; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_last_error(mut cc: *const br_ssl_engine_context) -> i32 { - return (*cc).err; +extern "C" fn br_ssl_engine_last_error(mut cc: *const br_ssl_engine_context) -> i32 { + unsafe { + return (*cc).err; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_set_session_parameters( +extern "C" fn br_ssl_engine_set_session_parameters( mut cc: *mut br_ssl_engine_context, mut pp: *const br_ssl_session_parameters, ) { - memcpy( - &mut (*cc).session as *mut br_ssl_session_parameters as *mut libc::c_void, - pp as *const libc::c_void, - ::std::mem::size_of::() as u64, - ); + unsafe { + memcpy( + &mut (*cc).session as *mut br_ssl_session_parameters as *mut libc::c_void, + pp as *const libc::c_void, + ::std::mem::size_of::() as u64, + ); + } } #[inline] -unsafe extern "C" fn br_ssl_engine_get_session_parameters( +extern "C" fn br_ssl_engine_get_session_parameters( mut cc: *const br_ssl_engine_context, mut pp: *mut br_ssl_session_parameters, ) { - memcpy( - pp as *mut libc::c_void, - &(*cc).session as *const br_ssl_session_parameters as *const libc::c_void, - ::std::mem::size_of::() as u64, - ); + unsafe { + memcpy( + pp as *mut libc::c_void, + &(*cc).session as *const br_ssl_session_parameters as *const libc::c_void, + ::std::mem::size_of::() as u64, + ); + } } #[inline] -unsafe extern "C" fn br_x509_decoder_get_pkey( - mut ctx: *mut br_x509_decoder_context, -) -> *mut br_x509_pkey { - if (*ctx).decoded as i32 != 0 && (*ctx).err == 0 as i32 { - return &mut (*ctx).pkey; - } else { - return 0 as *mut br_x509_pkey; - }; +extern "C" fn br_x509_decoder_get_pkey(mut ctx: *mut br_x509_decoder_context) -> *mut br_x509_pkey { + unsafe { + if (*ctx).decoded as i32 != 0 && (*ctx).err == 0 as i32 { + return &mut (*ctx).pkey; + } else { + return 0 as *mut br_x509_pkey; + }; + } } #[inline] -unsafe extern "C" fn br_x509_decoder_last_error(mut ctx: *mut br_x509_decoder_context) -> i32 { - if (*ctx).err != 0 as i32 { - return (*ctx).err; - } - if (*ctx).decoded == 0 { - return 34 as i32; +extern "C" fn br_x509_decoder_last_error(mut ctx: *mut br_x509_decoder_context) -> i32 { + unsafe { + if (*ctx).err != 0 as i32 { + return (*ctx).err; + } + if (*ctx).decoded == 0 { + return 34 as i32; + } + return 0 as i32; } - return 0 as i32; } #[inline] -unsafe extern "C" fn br_x509_decoder_isCA(mut ctx: *mut br_x509_decoder_context) -> i32 { - return (*ctx).isCA as i32; +extern "C" fn br_x509_decoder_isCA(mut ctx: *mut br_x509_decoder_context) -> i32 { + unsafe { + return (*ctx).isCA as i32; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_set_versions( +extern "C" fn br_ssl_engine_set_versions( mut cc: *mut br_ssl_engine_context, mut version_min: u32, mut version_max: u32, ) { - (*cc).version_min = version_min as uint16_t; - (*cc).version_max = version_max as uint16_t; + unsafe { + (*cc).version_min = version_min as uint16_t; + (*cc).version_max = version_max as uint16_t; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_set_x509( +extern "C" fn br_ssl_engine_set_x509( mut cc: *mut br_ssl_engine_context, mut x509ctx: *mut *const br_x509_class, ) { - (*cc).x509ctx = x509ctx; + unsafe { + (*cc).x509ctx = x509ctx; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_set_protocol_names( +extern "C" fn br_ssl_engine_set_protocol_names( mut ctx: *mut br_ssl_engine_context, mut names: *mut *const i8, mut num: size_t, ) { - (*ctx).protocol_names = names; - (*ctx).protocol_names_num = num as uint16_t; + unsafe { + (*ctx).protocol_names = names; + (*ctx).protocol_names_num = num as uint16_t; + } } #[inline] -unsafe extern "C" fn br_ssl_engine_get_selected_protocol( +extern "C" fn br_ssl_engine_get_selected_protocol( mut ctx: *mut br_ssl_engine_context, ) -> *const i8 { - let mut k: u32 = 0; - k = (*ctx).selected_protocol as u32; - return if k == 0 as i32 as u32 || k == 0xffff as i32 as u32 { - 0 as *const i8 - } else { - *((*ctx).protocol_names).offset(k.wrapping_sub(1 as i32 as u32) as isize) - }; -} -unsafe extern "C" fn append_dn( - mut ctx: *mut libc::c_void, - mut buf: *const libc::c_void, - mut len: size_t, -) { - let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; - if (*ca).err as u32 != CURLE_OK as i32 as u32 || !(*ca).in_cert { - return; + unsafe { + let mut k: u32 = 0; + k = (*ctx).selected_protocol as u32; + return if k == 0 as u32 || k == 0xffff as u32 { + 0 as *const i8 + } else { + *((*ctx).protocol_names).offset(k.wrapping_sub(1 as u32) as isize) + }; } - if (::std::mem::size_of::<[u8; 1024]>() as u64).wrapping_sub((*ca).dn_len) < len { - (*ca).err = CURLE_FAILED_INIT; - return; +} +extern "C" fn append_dn(mut ctx: *mut libc::c_void, mut buf: *const libc::c_void, mut len: size_t) { + unsafe { + let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; + if (*ca).err as u32 != CURLE_OK as u32 || !(*ca).in_cert { + return; + } + if (::std::mem::size_of::<[u8; 1024]>() as u64).wrapping_sub((*ca).dn_len) < len { + (*ca).err = CURLE_FAILED_INIT; + return; + } + memcpy( + ((*ca).dn).as_mut_ptr().offset((*ca).dn_len as isize) as *mut libc::c_void, + buf, + len, + ); + (*ca).dn_len = ((*ca).dn_len as u64).wrapping_add(len) as size_t as size_t; } - memcpy( - ((*ca).dn).as_mut_ptr().offset((*ca).dn_len as isize) as *mut libc::c_void, - buf, - len, - ); - (*ca).dn_len = ((*ca).dn_len as u64).wrapping_add(len) as size_t as size_t; } -unsafe extern "C" fn x509_push( - mut ctx: *mut libc::c_void, - mut buf: *const libc::c_void, - mut len: size_t, -) { - let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; - if (*ca).in_cert { - br_x509_decoder_push(&mut (*ca).xc, buf, len); +extern "C" fn x509_push(mut ctx: *mut libc::c_void, mut buf: *const libc::c_void, mut len: size_t) { + unsafe { + let mut ca: *mut cafile_parser = ctx as *mut cafile_parser; + if (*ca).in_cert { + br_x509_decoder_push(&mut (*ca).xc, buf, len); + } } } -unsafe extern "C" fn load_cafile( +extern "C" fn load_cafile( mut source: *mut cafile_source, mut anchors: *mut *mut br_x509_trust_anchor, mut anchors_len: *mut size_t, ) -> CURLcode { - let mut current_block: u64; - let mut ca: cafile_parser = cafile_parser { - err: CURLE_OK, - in_cert: false, - xc: br_x509_decoder_context { - pkey: br_x509_pkey { - key_type: 0, - key: bear_C2RustUnnamed_6 { - rsa: br_rsa_public_key { - n: 0 as *mut u8, - nlen: 0, - e: 0 as *mut u8, - elen: 0, + unsafe { + let mut ca: cafile_parser = cafile_parser { + err: CURLE_OK, + in_cert: false, + xc: br_x509_decoder_context { + pkey: br_x509_pkey { + key_type: 0, + key: bear_C2RustUnnamed_6 { + rsa: br_rsa_public_key { + n: 0 as *mut u8, + nlen: 0, + e: 0 as *mut u8, + elen: 0, + }, }, }, + cpu: C2RustUnnamed_30 { + dp: 0 as *mut uint32_t, + rp: 0 as *mut uint32_t, + ip: 0 as *const u8, + }, + dp_stack: [0; 32], + rp_stack: [0; 32], + err: 0, + pad: [0; 256], + decoded: 0, + notbefore_days: 0, + notbefore_seconds: 0, + notafter_days: 0, + notafter_seconds: 0, + isCA: 0, + copy_dn: 0, + append_dn_ctx: 0 as *mut libc::c_void, + append_dn: None, + hbuf: 0 as *const u8, + hlen: 0, + pkey_data: [0; 520], + signer_key_type: 0, + signer_hash_id: 0, }, - cpu: C2RustUnnamed_30 { + anchors: 0 as *mut br_x509_trust_anchor, + anchors_len: 0, + dn: [0; 1024], + dn_len: 0, + }; + let mut pc: br_pem_decoder_context = br_pem_decoder_context { + cpu: C2RustUnnamed_31 { dp: 0 as *mut uint32_t, rp: 0 as *mut uint32_t, ip: 0 as *const u8, @@ -177,1376 +225,1383 @@ unsafe extern "C" fn load_cafile( dp_stack: [0; 32], rp_stack: [0; 32], err: 0, - pad: [0; 256], - decoded: 0, - notbefore_days: 0, - notbefore_seconds: 0, - notafter_days: 0, - notafter_seconds: 0, - isCA: 0, - copy_dn: 0, - append_dn_ctx: 0 as *mut libc::c_void, - append_dn: None, hbuf: 0 as *const u8, hlen: 0, - pkey_data: [0; 520], - signer_key_type: 0, - signer_hash_id: 0, - }, - anchors: 0 as *mut br_x509_trust_anchor, - anchors_len: 0, - dn: [0; 1024], - dn_len: 0, - }; - let mut pc: br_pem_decoder_context = br_pem_decoder_context { - cpu: C2RustUnnamed_31 { - dp: 0 as *mut uint32_t, - rp: 0 as *mut uint32_t, - ip: 0 as *const u8, - }, - dp_stack: [0; 32], - rp_stack: [0; 32], - err: 0, - hbuf: 0 as *const u8, - hlen: 0, - dest: None, - dest_ctx: 0 as *mut libc::c_void, - event: 0, - name: [0; 128], - buf: [0; 255], - ptr: 0, - }; - let mut ta: *mut br_x509_trust_anchor = 0 as *mut br_x509_trust_anchor; - let mut ta_size: size_t = 0; - let mut new_anchors: *mut br_x509_trust_anchor = 0 as *mut br_x509_trust_anchor; - let mut new_anchors_len: size_t = 0; - let mut pkey: *mut br_x509_pkey = 0 as *mut br_x509_pkey; - let mut fp: *mut FILE = 0 as *mut FILE; - let mut buf: [u8; 8192] = [0; 8192]; - let mut p: *const u8 = 0 as *const u8; - let mut name: *const i8 = 0 as *const i8; - let mut n: size_t = 0; - let mut i: size_t = 0; - let mut pushed: size_t = 0; - if (*source).type_0 == 1 as i32 { - fp = fopen((*source).data, b"rb\0" as *const u8 as *const i8); - if fp.is_null() { + dest: None, + dest_ctx: 0 as *mut libc::c_void, + event: 0, + name: [0; 128], + buf: [0; 255], + ptr: 0, + }; + let mut ta: *mut br_x509_trust_anchor = 0 as *mut br_x509_trust_anchor; + let mut ta_size: size_t = 0; + let mut new_anchors: *mut br_x509_trust_anchor = 0 as *mut br_x509_trust_anchor; + let mut new_anchors_len: size_t = 0; + let mut pkey: *mut br_x509_pkey = 0 as *mut br_x509_pkey; + let mut fp: *mut FILE = 0 as *mut FILE; + let mut buf: [u8; 8192] = [0; 8192]; + let mut p: *const u8 = 0 as *const u8; + let mut name: *const i8 = 0 as *const i8; + let mut n: size_t = 0; + let mut i: size_t = 0; + let mut pushed: size_t = 0; + if (*source).type_0 == 1 as i32 { + fp = fopen((*source).data, b"rb\0" as *const u8 as *const i8); + if fp.is_null() { + return CURLE_SSL_CACERT_BADFILE; + } + } + let int_max = 2147483647 as size_t; + if (*source).type_0 == 2 as i32 && (*source).len > int_max { return CURLE_SSL_CACERT_BADFILE; } - } - if (*source).type_0 == 2 as i32 && (*source).len > 2147483647 as i32 as size_t { - return CURLE_SSL_CACERT_BADFILE; - } - ca.err = CURLE_OK; - ca.in_cert = 0 as i32 != 0; - ca.anchors = 0 as *mut br_x509_trust_anchor; - ca.anchors_len = 0 as i32 as size_t; - br_pem_decoder_init(&mut pc); - br_pem_decoder_setdest( - &mut pc, - Some( - x509_push as unsafe extern "C" fn(*mut libc::c_void, *const libc::c_void, size_t) -> (), - ), - &mut ca as *mut cafile_parser as *mut libc::c_void, - ); - 'fail: loop { - loop { - if (*source).type_0 == 1 as i32 { - n = fread( - buf.as_mut_ptr() as *mut libc::c_void, - 1 as i32 as u64, - ::std::mem::size_of::<[u8; 8192]>() as u64, - fp, - ); - if n == 0 as i32 as u64 { - break; - } - p = buf.as_mut_ptr(); - } else if (*source).type_0 == 2 as i32 { - n = (*source).len; - p = (*source).data as *mut u8; - } - while n != 0 { - pushed = br_pem_decoder_push(&mut pc, p as *const libc::c_void, n); - if ca.err as u64 != 0 { - break 'fail; + ca.err = CURLE_OK; + ca.in_cert = 0 as i32 != 0; + ca.anchors = 0 as *mut br_x509_trust_anchor; + ca.anchors_len = 0 as size_t; + br_pem_decoder_init(&mut pc); + br_pem_decoder_setdest( + &mut pc, + Some( + x509_push + as unsafe extern "C" fn(*mut libc::c_void, *const libc::c_void, size_t) -> (), + ), + &mut ca as *mut cafile_parser as *mut libc::c_void, + ); + 'fail: loop { + loop { + if (*source).type_0 == 1 as i32 { + n = fread( + buf.as_mut_ptr() as *mut libc::c_void, + 1 as u64, + ::std::mem::size_of::<[u8; 8192]>() as u64, + fp, + ); + if n == 0 as u64 { + break; + } + p = buf.as_mut_ptr(); + } else if (*source).type_0 == 2 as i32 { + n = (*source).len; + p = (*source).data as *mut u8; } - p = p.offset(pushed as isize); - n = (n as u64).wrapping_sub(pushed) as size_t as size_t; - match br_pem_decoder_event(&mut pc) { - 0 => {} - 1 => { - name = br_pem_decoder_name(&mut pc); - if !(strcmp(name, b"CERTIFICATE\0" as *const u8 as *const i8) != 0 - && strcmp(name, b"X509 CERTIFICATE\0" as *const u8 as *const i8) != 0) - { - br_x509_decoder_init( - &mut ca.xc, - Some( - append_dn - as unsafe extern "C" fn( - *mut libc::c_void, - *const libc::c_void, - size_t, - ) - -> (), - ), - &mut ca as *mut cafile_parser as *mut libc::c_void, - ); - if ca.anchors_len - == (18446744073709551615 as u64).wrapping_div( - ::std::mem::size_of::() as u64, - ) + while n != 0 { + pushed = br_pem_decoder_push(&mut pc, p as *const libc::c_void, n); + if ca.err as u64 != 0 { + break 'fail; + } + p = p.offset(pushed as isize); + n = (n as u64).wrapping_sub(pushed) as size_t; + match br_pem_decoder_event(&mut pc) { + 0 => {} + 1 => { + name = br_pem_decoder_name(&mut pc); + if !(strcmp(name, b"CERTIFICATE\0" as *const u8 as *const i8) != 0 + && strcmp(name, b"X509 CERTIFICATE\0" as *const u8 as *const i8) + != 0) { - ca.err = CURLE_OUT_OF_MEMORY; - break 'fail; - } - new_anchors_len = (ca.anchors_len).wrapping_add(1 as i32 as u64); - new_anchors = Curl_crealloc.expect("non-null function pointer")( - ca.anchors as *mut libc::c_void, - new_anchors_len - .wrapping_mul( - ::std::mem::size_of::() as u64 + br_x509_decoder_init( + &mut ca.xc, + Some( + append_dn + as unsafe extern "C" fn( + *mut libc::c_void, + *const libc::c_void, + size_t, + ) + -> (), ), - ) - as *mut br_x509_trust_anchor; - if new_anchors.is_null() { - ca.err = CURLE_OUT_OF_MEMORY; - break 'fail; + &mut ca as *mut cafile_parser as *mut libc::c_void, + ); + let size_max = 18446744073709551615 as u64; + if ca.anchors_len + == (size_max).wrapping_div(::std::mem::size_of::< + br_x509_trust_anchor, + >( + ) + as u64) + { + ca.err = CURLE_OUT_OF_MEMORY; + break 'fail; + } + new_anchors_len = (ca.anchors_len).wrapping_add(1 as u64); + new_anchors = Curl_crealloc.expect("non-null function pointer")( + ca.anchors as *mut libc::c_void, + new_anchors_len.wrapping_mul(::std::mem::size_of::< + br_x509_trust_anchor, + >( + ) + as u64), + ) + as *mut br_x509_trust_anchor; + if new_anchors.is_null() { + ca.err = CURLE_OUT_OF_MEMORY; + break 'fail; + } + ca.anchors = new_anchors; + ca.anchors_len = new_anchors_len; + ca.in_cert = 1 as i32 != 0; + ca.dn_len = 0 as size_t; + ta = &mut *(ca.anchors) + .offset((ca.anchors_len).wrapping_sub(1 as u64) as isize) + as *mut br_x509_trust_anchor; + (*ta).dn.data = 0 as *mut u8; } - ca.anchors = new_anchors; - ca.anchors_len = new_anchors_len; - ca.in_cert = 1 as i32 != 0; - ca.dn_len = 0 as i32 as size_t; - ta = &mut *(ca.anchors) - .offset((ca.anchors_len).wrapping_sub(1 as i32 as u64) as isize) - as *mut br_x509_trust_anchor; - (*ta).dn.data = 0 as *mut u8; } - } - 2 => { - if ca.in_cert { - ca.in_cert = 0 as i32 != 0; - if br_x509_decoder_last_error(&mut ca.xc) != 0 { - ca.err = CURLE_SSL_CACERT_BADFILE; - break 'fail; - } - (*ta).flags = 0 as i32 as u32; - if br_x509_decoder_isCA(&mut ca.xc) != 0 { - (*ta).flags |= 0x1 as i32 as u32; - } - pkey = br_x509_decoder_get_pkey(&mut ca.xc); - if pkey.is_null() { - ca.err = CURLE_SSL_CACERT_BADFILE; - break 'fail; - } - (*ta).pkey = *pkey; - ta_size = ca.dn_len; - match (*pkey).key_type as i32 { - 1 => { - ta_size = (ta_size as u64).wrapping_add( - ((*pkey).key.rsa.nlen).wrapping_add((*pkey).key.rsa.elen), - ) as size_t - as size_t; + 2 => { + if ca.in_cert { + ca.in_cert = 0 as i32 != 0; + if br_x509_decoder_last_error(&mut ca.xc) != 0 { + ca.err = CURLE_SSL_CACERT_BADFILE; + break 'fail; } - 2 => { - ta_size = (ta_size as u64).wrapping_add((*pkey).key.ec.qlen) - as size_t - as size_t; + (*ta).flags = 0 as u32; + if br_x509_decoder_isCA(&mut ca.xc) != 0 { + (*ta).flags |= 0x1 as u32; } - _ => { - ca.err = CURLE_FAILED_INIT; + pkey = br_x509_decoder_get_pkey(&mut ca.xc); + if pkey.is_null() { + ca.err = CURLE_SSL_CACERT_BADFILE; break 'fail; } - } - (*ta).dn.data = - Curl_cmalloc.expect("non-null function pointer")(ta_size) - as *mut u8; - if ((*ta).dn.data).is_null() { - ca.err = CURLE_OUT_OF_MEMORY; - break 'fail; - } - memcpy( - (*ta).dn.data as *mut libc::c_void, - (ca.dn).as_mut_ptr() as *const libc::c_void, - ca.dn_len, - ); - (*ta).dn.len = ca.dn_len; - match (*pkey).key_type as i32 { - 1 => { - (*ta).pkey.key.rsa.n = - ((*ta).dn.data).offset((*ta).dn.len as isize); - memcpy( - (*ta).pkey.key.rsa.n as *mut libc::c_void, - (*pkey).key.rsa.n as *const libc::c_void, - (*pkey).key.rsa.nlen, - ); - (*ta).pkey.key.rsa.e = ((*ta).pkey.key.rsa.n) - .offset((*ta).pkey.key.rsa.nlen as isize); - memcpy( - (*ta).pkey.key.rsa.e as *mut libc::c_void, - (*pkey).key.rsa.e as *const libc::c_void, - (*pkey).key.rsa.elen, - ); + (*ta).pkey = *pkey; + /* calculate space needed for trust anchor data */ + ta_size = ca.dn_len; + match (*pkey).key_type as i32 { + 1 => { + ta_size = (ta_size as u64).wrapping_add( + ((*pkey).key.rsa.nlen) + .wrapping_add((*pkey).key.rsa.elen), + ) + as size_t + as size_t; + } + 2 => { + ta_size = (ta_size as u64).wrapping_add((*pkey).key.ec.qlen) + as size_t + as size_t; + } + _ => { + ca.err = CURLE_FAILED_INIT; + break 'fail; + } + } + (*ta).dn.data = + Curl_cmalloc.expect("non-null function pointer")(ta_size) + as *mut u8; + if ((*ta).dn.data).is_null() { + ca.err = CURLE_OUT_OF_MEMORY; + break 'fail; } - 2 => { - (*ta).pkey.key.ec.q = - ((*ta).dn.data).offset((*ta).dn.len as isize); - memcpy( - (*ta).pkey.key.ec.q as *mut libc::c_void, - (*pkey).key.ec.q as *const libc::c_void, - (*pkey).key.ec.qlen, - ); + memcpy( + (*ta).dn.data as *mut libc::c_void, + (ca.dn).as_mut_ptr() as *const libc::c_void, + ca.dn_len, + ); + (*ta).dn.len = ca.dn_len; + match (*pkey).key_type as i32 { + 1 => { + (*ta).pkey.key.rsa.n = + ((*ta).dn.data).offset((*ta).dn.len as isize); + memcpy( + (*ta).pkey.key.rsa.n as *mut libc::c_void, + (*pkey).key.rsa.n as *const libc::c_void, + (*pkey).key.rsa.nlen, + ); + (*ta).pkey.key.rsa.e = ((*ta).pkey.key.rsa.n) + .offset((*ta).pkey.key.rsa.nlen as isize); + memcpy( + (*ta).pkey.key.rsa.e as *mut libc::c_void, + (*pkey).key.rsa.e as *const libc::c_void, + (*pkey).key.rsa.elen, + ); + } + 2 => { + (*ta).pkey.key.ec.q = + ((*ta).dn.data).offset((*ta).dn.len as isize); + memcpy( + (*ta).pkey.key.ec.q as *mut libc::c_void, + (*pkey).key.ec.q as *const libc::c_void, + (*pkey).key.ec.qlen, + ); + } + _ => {} } - _ => {} } } - } - _ => { - ca.err = CURLE_SSL_CACERT_BADFILE; - break 'fail; + _ => { + ca.err = CURLE_SSL_CACERT_BADFILE; + break 'fail; + } } } + if !((*source).type_0 != 2 as i32) { + break; + } } - if !((*source).type_0 != 2 as i32) { - break; + if !fp.is_null() && ferror(fp) != 0 { + ca.err = CURLE_READ_ERROR; } + break 'fail; } - if !fp.is_null() && ferror(fp) != 0 { - ca.err = CURLE_READ_ERROR; - } - break 'fail; - } - if !fp.is_null() { - fclose(fp); - } - if ca.err as u32 == CURLE_OK as i32 as u32 { - *anchors = ca.anchors; - *anchors_len = ca.anchors_len; - } else { - i = 0 as i32 as size_t; - while i < ca.anchors_len { - Curl_cfree.expect("non-null function pointer")( - (*(ca.anchors).offset(i as isize)).dn.data as *mut libc::c_void, - ); - i = i.wrapping_add(1); + if !fp.is_null() { + fclose(fp); } - Curl_cfree.expect("non-null function pointer")(ca.anchors as *mut libc::c_void); + if ca.err as u32 == CURLE_OK as u32 { + *anchors = ca.anchors; + *anchors_len = ca.anchors_len; + } else { + i = 0 as size_t; + while i < ca.anchors_len { + Curl_cfree.expect("non-null function pointer")( + (*(ca.anchors).offset(i as isize)).dn.data as *mut libc::c_void, + ); + i = i.wrapping_add(1); + } + Curl_cfree.expect("non-null function pointer")(ca.anchors as *mut libc::c_void); + } + return ca.err; } - return ca.err; } -unsafe extern "C" fn x509_start_chain( - mut ctx: *mut *const br_x509_class, - mut server_name: *const i8, -) { - let mut x509: *mut x509_context = ctx as *mut x509_context; - if !(*x509).verifyhost { - server_name = 0 as *const i8; +extern "C" fn x509_start_chain(mut ctx: *mut *const br_x509_class, mut server_name: *const i8) { + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + if !(*x509).verifyhost { + server_name = 0 as *const i8; + } + ((*(*x509).minimal.vtable).start_chain).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + server_name, + ); } - ((*(*x509).minimal.vtable).start_chain).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - server_name, - ); } -unsafe extern "C" fn x509_start_cert(mut ctx: *mut *const br_x509_class, mut length: uint32_t) { - let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).start_cert).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - length, - ); +extern "C" fn x509_start_cert(mut ctx: *mut *const br_x509_class, mut length: uint32_t) { + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + ((*(*x509).minimal.vtable).start_cert).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + length, + ); + } } -unsafe extern "C" fn x509_append( - mut ctx: *mut *const br_x509_class, - mut buf: *const u8, - mut len: size_t, -) { - let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).append).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - buf, - len, - ); +extern "C" fn x509_append(mut ctx: *mut *const br_x509_class, mut buf: *const u8, mut len: size_t) { + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + ((*(*x509).minimal.vtable).append).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + buf, + len, + ); + } } -unsafe extern "C" fn x509_end_cert(mut ctx: *mut *const br_x509_class) { - let mut x509: *mut x509_context = ctx as *mut x509_context; - ((*(*x509).minimal.vtable).end_cert).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - ); +extern "C" fn x509_end_cert(mut ctx: *mut *const br_x509_class) { + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + ((*(*x509).minimal.vtable).end_cert).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + ); + } } -unsafe extern "C" fn x509_end_chain(mut ctx: *mut *const br_x509_class) -> u32 { - let mut x509: *mut x509_context = ctx as *mut x509_context; - let mut err: u32 = 0; - err = ((*(*x509).minimal.vtable).end_chain).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - ); - if err != 0 && !(*x509).verifypeer { - err = 0 as i32 as u32; +extern "C" fn x509_end_chain(mut ctx: *mut *const br_x509_class) -> u32 { + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + let mut err: u32 = 0; + err = ((*(*x509).minimal.vtable).end_chain).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + ); + if err != 0 && !(*x509).verifypeer { + /* ignore any X.509 errors */ + err = 0 as u32; + } + return err; } - return err; } -unsafe extern "C" fn x509_get_pkey( +extern "C" fn x509_get_pkey( mut ctx: *const *const br_x509_class, mut usages: *mut u32, ) -> *const br_x509_pkey { - let mut x509: *mut x509_context = ctx as *mut x509_context; - return ((*(*x509).minimal.vtable).get_pkey).expect("non-null function pointer")( - &mut (*x509).minimal.vtable, - usages, - ); + unsafe { + let mut x509: *mut x509_context = ctx as *mut x509_context; + return ((*(*x509).minimal.vtable).get_pkey).expect("non-null function pointer")( + &mut (*x509).minimal.vtable, + usages, + ); + } } -static mut x509_vtable: br_x509_class = unsafe { - { - let mut init = br_x509_class_ { - context_size: ::std::mem::size_of::() as u64, - start_chain: Some( - x509_start_chain - as unsafe extern "C" fn(*mut *const br_x509_class, *const i8) -> (), - ), - start_cert: Some( - x509_start_cert as unsafe extern "C" fn(*mut *const br_x509_class, uint32_t) -> (), - ), - append: Some( - x509_append - as unsafe extern "C" fn(*mut *const br_x509_class, *const u8, size_t) -> (), - ), - end_cert: Some(x509_end_cert as unsafe extern "C" fn(*mut *const br_x509_class) -> ()), - end_chain: Some( - x509_end_chain as unsafe extern "C" fn(*mut *const br_x509_class) -> u32, - ), - get_pkey: Some( - x509_get_pkey - as unsafe extern "C" fn( - *const *const br_x509_class, - *mut u32, - ) -> *const br_x509_pkey, - ), - }; - init - } +static mut x509_vtable: br_x509_class = br_x509_class_ { + context_size: ::std::mem::size_of::() as u64, + start_chain: Some( + x509_start_chain as unsafe extern "C" fn(*mut *const br_x509_class, *const i8) -> (), + ), + start_cert: Some( + x509_start_cert as unsafe extern "C" fn(*mut *const br_x509_class, uint32_t) -> (), + ), + append: Some( + x509_append as unsafe extern "C" fn(*mut *const br_x509_class, *const u8, size_t) -> (), + ), + end_cert: Some(x509_end_cert as unsafe extern "C" fn(*mut *const br_x509_class) -> ()), + end_chain: Some(x509_end_chain as unsafe extern "C" fn(*mut *const br_x509_class) -> u32), + get_pkey: Some( + x509_get_pkey + as unsafe extern "C" fn(*const *const br_x509_class, *mut u32) -> *const br_x509_pkey, + ), }; -unsafe extern "C" fn bearssl_connect_step1( + +extern "C" fn bearssl_connect_step1( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - #[cfg(not(CURL_DISABLE_PROXY))] - let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as i32 as u32 - == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - (*conn).proxy_ssl_config.ca_info_blob - } else { - (*conn).ssl_config.ca_info_blob - }; - #[cfg(CURL_DISABLE_PROXY)] - let mut ca_info_blob: *const curl_blob = (*conn).ssl_config.ca_info_blob; - #[cfg(not(CURL_DISABLE_PROXY))] - let ssl_cafile: *const i8 = if !ca_info_blob.is_null() { - 0 as *mut i8 - } else if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - (*conn).proxy_ssl_config.CAfile - } else { - (*conn).ssl_config.CAfile - }; - #[cfg(CURL_DISABLE_PROXY)] - let ssl_cafile: *const i8 = (*conn).ssl_config.CAfile; - #[cfg(not(CURL_DISABLE_PROXY))] - let mut hostname: *const i8 = if CURLPROXY_HTTPS as i32 as u32 - == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - (*conn).http_proxy.host.name - } else { - (*conn).host.name - }; - #[cfg(CURL_DISABLE_PROXY)] - let mut hostname: *const i8 = (*conn).host.name; - #[cfg(not(CURL_DISABLE_PROXY))] - let verifypeer: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - ((*conn).proxy_ssl_config).verifypeer() as i32 - } else { - ((*conn).ssl_config).verifypeer() as i32 - } != 0; - #[cfg(CURL_DISABLE_PROXY)] - let verifypeer: bool = ((*conn).ssl_config).verifypeer() as i32 != 0; - #[cfg(not(CURL_DISABLE_PROXY))] - let verifyhost: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - ((*conn).proxy_ssl_config).verifyhost() as i32 - } else { - ((*conn).ssl_config).verifyhost() as i32 - } != 0; - #[cfg(CURL_DISABLE_PROXY)] - let verifyhost: bool = ((*conn).ssl_config).verifyhost() as i32 != 0; - let mut ret: CURLcode = CURLE_OK; - let mut version_min: u32 = 0; - let mut version_max: u32 = 0; - #[cfg(ENABLE_IPV6)] - let mut addr: in6_addr = in6_addr { - __in6_u: C2RustUnnamed_8 { - __u6_addr8: [0; 16], - }, - }; - #[cfg(not(ENABLE_IPV6))] - let mut addr: in_addr = in_addr { s_addr: 0 }; + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + #[cfg(not(CURL_DISABLE_PROXY))] + let mut ca_info_blob: *const curl_blob = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.ca_info_blob + } else { + (*conn).ssl_config.ca_info_blob + }; + #[cfg(CURL_DISABLE_PROXY)] + let mut ca_info_blob: *const curl_blob = (*conn).ssl_config.ca_info_blob; + #[cfg(not(CURL_DISABLE_PROXY))] + /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */ + let ssl_cafile: *const i8 = if !ca_info_blob.is_null() { + 0 as *mut i8 + } else if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.CAfile + } else { + (*conn).ssl_config.CAfile + }; + #[cfg(CURL_DISABLE_PROXY)] + let ssl_cafile: *const i8 = (*conn).ssl_config.CAfile; + #[cfg(not(CURL_DISABLE_PROXY))] + let mut hostname: *const i8 = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).http_proxy.host.name + } else { + (*conn).host.name + }; + #[cfg(CURL_DISABLE_PROXY)] + let mut hostname: *const i8 = (*conn).host.name; + #[cfg(not(CURL_DISABLE_PROXY))] + let verifypeer: bool = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + ((*conn).proxy_ssl_config).verifypeer() as i32 + } else { + ((*conn).ssl_config).verifypeer() as i32 + } != 0; + #[cfg(CURL_DISABLE_PROXY)] + let verifypeer: bool = ((*conn).ssl_config).verifypeer() as i32 != 0; + #[cfg(not(CURL_DISABLE_PROXY))] + let verifyhost: bool = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + ((*conn).proxy_ssl_config).verifyhost() as i32 + } else { + ((*conn).ssl_config).verifyhost() as i32 + } != 0; + #[cfg(CURL_DISABLE_PROXY)] + let verifyhost: bool = ((*conn).ssl_config).verifyhost() as i32 != 0; + let mut ret: CURLcode = CURLE_OK; + let mut version_min: u32 = 0; + let mut version_max: u32 = 0; + #[cfg(ENABLE_IPV6)] + let mut addr: in6_addr = in6_addr { + __in6_u: C2RustUnnamed_8 { + __u6_addr8: [0; 16], + }, + }; + #[cfg(not(ENABLE_IPV6))] + let mut addr: in_addr = in_addr { s_addr: 0 }; - #[cfg(not(CURL_DISABLE_PROXY))] - let flag6: i64 = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - (*conn).proxy_ssl_config.version - } else { - (*conn).ssl_config.version - }; - #[cfg(CURL_DISABLE_PROXY)] - let flag6: i64 = (*conn).ssl_config.version; - match flag6 { - 2 => { - Curl_failf( - data, - b"BearSSL does not support SSLv2\0" as *const u8 as *const i8, - ); - return CURLE_SSL_CONNECT_ERROR; - } - 3 => { - Curl_failf( - data, - b"BearSSL does not support SSLv3\0" as *const u8 as *const i8, - ); - return CURLE_SSL_CONNECT_ERROR; - } - 4 => { - version_min = 0x301 as i32 as u32; - version_max = 0x301 as i32 as u32; - } - 5 => { - version_min = 0x302 as i32 as u32; - version_max = 0x302 as i32 as u32; - } - 6 => { - version_min = 0x303 as i32 as u32; - version_max = 0x303 as i32 as u32; - } - 0 | 1 => { - version_min = 0x301 as i32 as u32; - version_max = 0x303 as i32 as u32; - } - _ => { - Curl_failf( - data, - b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 as *const i8, - ); - return CURLE_SSL_CONNECT_ERROR; - } - } - if !ca_info_blob.is_null() { - let mut source: cafile_source = { - let mut init = cafile_source { - type_0: 2 as i32, - data: (*ca_info_blob).data as *const i8, - len: (*ca_info_blob).len, - }; - init + #[cfg(not(CURL_DISABLE_PROXY))] + let flag6: i64 = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.version + } else { + (*conn).ssl_config.version }; - ret = load_cafile( - &mut source, - &mut (*backend).anchors, - &mut (*backend).anchors_len, - ); - if ret as u32 != CURLE_OK as i32 as u32 { - if verifypeer { + #[cfg(CURL_DISABLE_PROXY)] + let flag6: i64 = (*conn).ssl_config.version; + match flag6 { + 2 => { Curl_failf( data, - b"error importing CA certificate blob\0" as *const u8 as *const i8, + b"BearSSL does not support SSLv2\0" as *const u8 as *const i8, ); - return ret; + return CURLE_SSL_CONNECT_ERROR; + } + 3 => { + Curl_failf( + data, + b"BearSSL does not support SSLv3\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + 4 => { + version_min = 0x301 as u32; + version_max = 0x301 as u32; + } + 5 => { + version_min = 0x302 as u32; + version_max = 0x302 as u32; + } + 6 => { + version_min = 0x303 as u32; + version_max = 0x303 as u32; + } + 0 | 1 => { + version_min = 0x301 as u32; + version_max = 0x303 as u32; + } + _ => { + Curl_failf( + data, + b"BearSSL: unknown CURLOPT_SSLVERSION\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; } - Curl_infof( - data, - b"error importing CA certificate blob, continuing anyway\0" as *const u8 - as *const i8, - ); } - } - if !ssl_cafile.is_null() { - let mut source_0: cafile_source = { - let mut init = cafile_source { - type_0: 1 as i32, - data: ssl_cafile, - len: 0 as i32 as size_t, + if !ca_info_blob.is_null() { + let mut source: cafile_source = { + cafile_source { + type_0: 2 as i32, + data: (*ca_info_blob).data as *const i8, + len: (*ca_info_blob).len, + } }; - init - }; - ret = load_cafile( - &mut source_0, - &mut (*backend).anchors, - &mut (*backend).anchors_len, - ); - if ret as u32 != CURLE_OK as i32 as u32 { - if verifypeer { - Curl_failf( + ret = load_cafile( + &mut source, + &mut (*backend).anchors, + &mut (*backend).anchors_len, + ); + if ret as u32 != CURLE_OK as u32 { + if verifypeer { + Curl_failf( + data, + b"error importing CA certificate blob\0" as *const u8 as *const i8, + ); + return ret; + } + Curl_infof( data, - b"error setting certificate verify locations. CAfile: %s\0" as *const u8 + b"error importing CA certificate blob, continuing anyway\0" as *const u8 as *const i8, - ssl_cafile, ); - return ret; } - Curl_infof( - data, - b"error setting certificate verify locations, continuing anyway:\0" as *const u8 - as *const i8, + } + if !ssl_cafile.is_null() { + let mut source_0: cafile_source = { + cafile_source { + type_0: 1 as i32, + data: ssl_cafile, + len: 0 as size_t, + } + }; + ret = load_cafile( + &mut source_0, + &mut (*backend).anchors, + &mut (*backend).anchors_len, ); + if ret as u32 != CURLE_OK as u32 { + if verifypeer { + Curl_failf( + data, + b"error setting certificate verify locations. CAfile: %s\0" as *const u8 + as *const i8, + ssl_cafile, + ); + return ret; + } + /* Only warn if no certificate verification is required. */ + Curl_infof( + data, + b"error setting certificate verify locations, continuing anyway:\0" as *const u8 + as *const i8, + ); + } } - } - br_ssl_client_init_full( - &mut (*backend).bear_ctx, - &mut (*backend).x509.minimal, - (*backend).anchors, - (*backend).anchors_len, - ); - br_ssl_engine_set_versions(&mut (*backend).bear_ctx.eng, version_min, version_max); - br_ssl_engine_set_buffer( - &mut (*backend).bear_ctx.eng, - ((*backend).buf).as_mut_ptr() as *mut libc::c_void, - ::std::mem::size_of::<[u8; 33178]>() as u64, - 1 as i32, - ); - (*backend).x509.vtable = &x509_vtable; - (*backend).x509.verifypeer = verifypeer; - (*backend).x509.verifyhost = verifyhost; - br_ssl_engine_set_x509(&mut (*backend).bear_ctx.eng, &mut (*backend).x509.vtable); - #[cfg(not(CURL_DISABLE_PROXY))] - let flag7: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - ((*data).set.proxy_ssl.primary).sessionid() as i32 - } else { - ((*data).set.ssl.primary).sessionid() as i32 - } != 0; - #[cfg(CURL_DISABLE_PROXY)] - let flag7: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; - if flag7 { - let mut session: *mut libc::c_void = 0 as *mut libc::c_void; - Curl_ssl_sessionid_lock(data); + /* initialize SSL context */ + br_ssl_client_init_full( + &mut (*backend).bear_ctx, + &mut (*backend).x509.minimal, + (*backend).anchors, + (*backend).anchors_len, + ); + br_ssl_engine_set_versions(&mut (*backend).bear_ctx.eng, version_min, version_max); + br_ssl_engine_set_buffer( + &mut (*backend).bear_ctx.eng, + ((*backend).buf).as_mut_ptr() as *mut libc::c_void, + ::std::mem::size_of::<[u8; 33178]>() as u64, + 1 as i32, + ); + (*backend).x509.vtable = &x509_vtable; + (*backend).x509.verifypeer = verifypeer; + (*backend).x509.verifyhost = verifyhost; + br_ssl_engine_set_x509(&mut (*backend).bear_ctx.eng, &mut (*backend).x509.vtable); #[cfg(not(CURL_DISABLE_PROXY))] - let flag8: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + let flag7: bool = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { 0 as i32 } else { 1 as i32 }) as usize] - .state as u32; + .state as u32 + { + ((*data).set.proxy_ssl.primary).sessionid() as i32 + } else { + ((*data).set.ssl.primary).sessionid() as i32 + } != 0; #[cfg(CURL_DISABLE_PROXY)] - let flag8: bool = false; - if !Curl_ssl_getsessionid( - data, - conn, - if flag8 { 1 as i32 } else { 0 as i32 } != 0, - &mut session, - 0 as *mut size_t, - sockindex, - ) { - br_ssl_engine_set_session_parameters( - &mut (*backend).bear_ctx.eng, - session as *const br_ssl_session_parameters, - ); - Curl_infof( + let flag7: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; + if flag7 { + let mut session: *mut libc::c_void = 0 as *mut libc::c_void; + Curl_ssl_sessionid_lock(data); + #[cfg(not(CURL_DISABLE_PROXY))] + let flag8: bool = CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32; + #[cfg(CURL_DISABLE_PROXY)] + let flag8: bool = false; + if !Curl_ssl_getsessionid( data, - b"BearSSL: re-using session ID\0" as *const u8 as *const i8, - ); + conn, + if flag8 { 1 as i32 } else { 0 as i32 } != 0, + &mut session, + 0 as *mut size_t, + sockindex, + ) { + br_ssl_engine_set_session_parameters( + &mut (*backend).bear_ctx.eng, + session as *const br_ssl_session_parameters, + ); + Curl_infof( + data, + b"BearSSL: re-using session ID\0" as *const u8 as *const i8, + ); + } + Curl_ssl_sessionid_unlock(data); } - Curl_ssl_sessionid_unlock(data); - } - if ((*conn).bits).tls_enable_alpn() != 0 { - let mut cur: i32 = 0 as i32; - match () { - #[cfg(USE_HTTP2)] - _ => { - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_flag = (!(CURLPROXY_HTTPS as i32 as u32 - == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32) - || ((*conn).bits).tunnel_proxy() == 0); - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_flag = true; - if (*data).state.httpwant as i32 >= CURL_HTTP_VERSION_2_0 as i32 - && CURL_DISABLE_PROXY_flag - { - let fresh11 = cur; - cur = cur + 1; - (*backend).protocols[fresh11 as usize] = b"h2\0" as *const u8 as *const i8; - Curl_infof( - data, - b"ALPN, offering %s\0" as *const u8 as *const i8, - b"h2\0" as *const u8 as *const i8, - ); + if ((*conn).bits).tls_enable_alpn() != 0 { + let mut cur: i32 = 0 as i32; + match () { + #[cfg(USE_HTTP2)] + _ => { + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_flag = (!(CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32) + || ((*conn).bits).tunnel_proxy() == 0); + /* NOTE: when adding more protocols here, increase the size of the + * protocols array in `struct ssl_backend_data`. + */ + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_flag = true; + if (*data).state.httpwant as i32 >= CURL_HTTP_VERSION_2_0 as i32 + && CURL_DISABLE_PROXY_flag + { + let fresh11 = cur; + cur = cur + 1; + (*backend).protocols[fresh11 as usize] = b"h2\0" as *const u8 as *const i8; + Curl_infof( + data, + b"ALPN, offering %s\0" as *const u8 as *const i8, + b"h2\0" as *const u8 as *const i8, + ); + } } + #[cfg(not(USE_HTTP2))] + _ => {} } - #[cfg(not(USE_HTTP2))] - _ => {} + let fresh13 = cur; + cur = cur + 1; + (*backend).protocols[fresh13 as usize] = b"http/1.1\0" as *const u8 as *const i8; + Curl_infof( + data, + b"ALPN, offering %s\0" as *const u8 as *const i8, + b"http/1.1\0" as *const u8 as *const i8, + ); + br_ssl_engine_set_protocol_names( + &mut (*backend).bear_ctx.eng, + ((*backend).protocols).as_mut_ptr(), + cur as size_t, + ); } - let fresh13 = cur; - cur = cur + 1; - (*backend).protocols[fresh13 as usize] = b"http/1.1\0" as *const u8 as *const i8; - Curl_infof( - data, - b"ALPN, offering %s\0" as *const u8 as *const i8, - b"http/1.1\0" as *const u8 as *const i8, - ); - br_ssl_engine_set_protocol_names( - &mut (*backend).bear_ctx.eng, - ((*backend).protocols).as_mut_ptr(), - cur as size_t, - ); - } - #[cfg(ENABLE_IPV6)] - let ENABLE_IPV6_flag = 1 as i32 - == inet_pton( - 2 as i32, - hostname, - &mut addr as *mut in6_addr as *mut libc::c_void, - ) - || 1 as i32 + #[cfg(ENABLE_IPV6)] + let ENABLE_IPV6_flag = 1 as i32 == inet_pton( - 10 as i32, + 2 as i32, hostname, &mut addr as *mut in6_addr as *mut libc::c_void, + ) + || 1 as i32 + == inet_pton( + 10 as i32, + hostname, + &mut addr as *mut in6_addr as *mut libc::c_void, + ); + #[cfg(not(ENABLE_IPV6))] + let ENABLE_IPV6_flag = 1 as i32 + == inet_pton( + 2 as i32, + hostname, + &mut addr as *mut in_addr as *mut libc::c_void, ); - #[cfg(not(ENABLE_IPV6))] - let ENABLE_IPV6_flag = 1 as i32 - == inet_pton( - 2 as i32, - hostname, - &mut addr as *mut in_addr as *mut libc::c_void, - ); - if ENABLE_IPV6_flag { - if verifyhost { - Curl_failf( - data, - b"BearSSL: host verification of IP address is not supported\0" as *const u8 - as *const i8, - ); - return CURLE_PEER_FAILED_VERIFICATION; + if ENABLE_IPV6_flag { + if verifyhost { + Curl_failf( + data, + b"BearSSL: host verification of IP address is not supported\0" as *const u8 + as *const i8, + ); + return CURLE_PEER_FAILED_VERIFICATION; + } + hostname = 0 as *const i8; } - hostname = 0 as *const i8; - } - if br_ssl_client_reset(&mut (*backend).bear_ctx, hostname, 0 as i32) == 0 { - return CURLE_FAILED_INIT; + if br_ssl_client_reset(&mut (*backend).bear_ctx, hostname, 0 as i32) == 0 { + return CURLE_FAILED_INIT; + } + (*backend).active = 1 as i32 != 0; + (*connssl).connecting_state = ssl_connect_2; + return CURLE_OK; } - (*backend).active = 1 as i32 != 0; - (*connssl).connecting_state = ssl_connect_2; - return CURLE_OK; } -unsafe extern "C" fn bearssl_run_until( +extern "C" fn bearssl_run_until( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, mut target: u32, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; - let mut state: u32 = 0; - let mut buf: *mut u8 = 0 as *mut u8; - let mut len: size_t = 0; - let mut ret: ssize_t = 0; - let mut err: i32 = 0; - loop { - state = br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng); - if state & 0x1 as i32 as u32 != 0 { - err = br_ssl_engine_last_error(&mut (*backend).bear_ctx.eng); - match err { - 0 => { - if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; + let mut state: u32 = 0; + let mut buf: *mut u8 = 0 as *mut u8; + let mut len: size_t = 0; + let mut ret: ssize_t = 0; + let mut err: i32 = 0; + loop { + state = br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng); + if state & 0x1 as u32 != 0 { + err = br_ssl_engine_last_error(&mut (*backend).bear_ctx.eng); + match err { + 0 => { + /* TLS close notify */ + if (*connssl).state as u32 != ssl_connection_complete as u32 { + Curl_failf( + data, + b"SSL: connection closed during handshake\0" as *const u8 + as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + return CURLE_OK; + } + 54 => { Curl_failf( data, - b"SSL: connection closed during handshake\0" as *const u8 as *const i8, + b"SSL: X.509 verification: certificate is expired or not yet valid\0" + as *const u8 as *const i8, ); - return CURLE_SSL_CONNECT_ERROR; + return CURLE_PEER_FAILED_VERIFICATION; } - return CURLE_OK; - } - 54 => { - Curl_failf( - data, - b"SSL: X.509 verification: certificate is expired or not yet valid\0" - as *const u8 as *const i8, - ); - return CURLE_PEER_FAILED_VERIFICATION; - } - 56 => { - Curl_failf( + 56 => { + Curl_failf( data, b"SSL: X.509 verification: expected server name was not found in the chain\0" as *const u8 as *const i8, ); - return CURLE_PEER_FAILED_VERIFICATION; - } - 62 => { - Curl_failf( + return CURLE_PEER_FAILED_VERIFICATION; + } + 62 => { + Curl_failf( data, b"SSL: X.509 verification: chain could not be linked to a trust anchor\0" as *const u8 as *const i8, ); + return CURLE_PEER_FAILED_VERIFICATION; + } + _ => {} + } + /* X.509 errors are documented to have the range 32..63 */ + if err >= 32 as i32 && err < 64 as i32 { return CURLE_PEER_FAILED_VERIFICATION; } - _ => {} + return CURLE_SSL_CONNECT_ERROR; } - if err >= 32 as i32 && err < 64 as i32 { - return CURLE_PEER_FAILED_VERIFICATION; + if state & target != 0 { + return CURLE_OK; } - return CURLE_SSL_CONNECT_ERROR; - } - if state & target != 0 { - return CURLE_OK; - } - if state & 0x2 as i32 as u32 != 0 { - buf = br_ssl_engine_sendrec_buf(&mut (*backend).bear_ctx.eng, &mut len); - ret = send(sockfd, buf as *const libc::c_void, len, MSG_NOSIGNAL as i32); - if ret == -(1 as i32) as i64 { - if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { - if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { - (*connssl).connecting_state = ssl_connect_2_writing; + if state & 0x2 as u32 != 0 { + buf = br_ssl_engine_sendrec_buf(&mut (*backend).bear_ctx.eng, &mut len); + ret = send(sockfd, buf as *const libc::c_void, len, MSG_NOSIGNAL as i32); + if ret == -(1 as i32) as i64 { + if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { + if (*connssl).state as u32 != ssl_connection_complete as u32 { + (*connssl).connecting_state = ssl_connect_2_writing; + } + return CURLE_AGAIN; } - return CURLE_AGAIN; + return CURLE_WRITE_ERROR; } - return CURLE_WRITE_ERROR; - } - br_ssl_engine_sendrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); - } else if state & 0x4 as i32 as u32 != 0 { - buf = br_ssl_engine_recvrec_buf(&mut (*backend).bear_ctx.eng, &mut len); - ret = recv(sockfd, buf as *mut libc::c_void, len, 0 as i32); - if ret == 0 as i32 as i64 { - Curl_failf( - data, - b"SSL: EOF without close notify\0" as *const u8 as *const i8, - ); - return CURLE_READ_ERROR; - } - if ret == -(1 as i32) as i64 { - if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { - if (*connssl).state as u32 != ssl_connection_complete as i32 as u32 { - (*connssl).connecting_state = ssl_connect_2_reading; + br_ssl_engine_sendrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); + } else if state & 0x4 as u32 != 0 { + buf = br_ssl_engine_recvrec_buf(&mut (*backend).bear_ctx.eng, &mut len); + ret = recv(sockfd, buf as *mut libc::c_void, len, 0 as i32); + if ret == 0 as i64 { + Curl_failf( + data, + b"SSL: EOF without close notify\0" as *const u8 as *const i8, + ); + return CURLE_READ_ERROR; + } + if ret == -(1 as i32) as i64 { + if *__errno_location() == 11 as i32 || *__errno_location() == 11 as i32 { + if (*connssl).state as u32 != ssl_connection_complete as u32 { + (*connssl).connecting_state = ssl_connect_2_reading; + } + return CURLE_AGAIN; } - return CURLE_AGAIN; + return CURLE_READ_ERROR; } - return CURLE_READ_ERROR; + br_ssl_engine_recvrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); } - br_ssl_engine_recvrec_ack(&mut (*backend).bear_ctx.eng, ret as size_t); } } } -unsafe extern "C" fn bearssl_connect_step2( +extern "C" fn bearssl_connect_step2( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut ret: CURLcode = CURLE_OK; - ret = bearssl_run_until(data, conn, sockindex, (0x8 as i32 | 0x10 as i32) as u32); - if ret as u32 == CURLE_AGAIN as i32 as u32 { - return CURLE_OK; - } - if ret as u32 == CURLE_OK as i32 as u32 { - if br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) == 0x1 as i32 as u32 { - Curl_failf( - data, - b"SSL: connection closed during handshake\0" as *const u8 as *const i8, - ); - return CURLE_SSL_CONNECT_ERROR; + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut ret: CURLcode = CURLE_OK; + ret = bearssl_run_until(data, conn, sockindex, (0x8 as i32 | 0x10 as i32) as u32); + if ret as u32 == CURLE_AGAIN as u32 { + return CURLE_OK; + } + if ret as u32 == CURLE_OK as u32 { + if br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) == 0x1 as u32 { + Curl_failf( + data, + b"SSL: connection closed during handshake\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + (*connssl).connecting_state = ssl_connect_3; } - (*connssl).connecting_state = ssl_connect_3; + return ret; } - return ret; } -unsafe extern "C" fn bearssl_connect_step3( +extern "C" fn bearssl_connect_step3( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, ) -> CURLcode { - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut ret: CURLcode = CURLE_OK; - if ((*conn).bits).tls_enable_alpn() != 0 { - let mut protocol: *const i8 = 0 as *const i8; - protocol = br_ssl_engine_get_selected_protocol(&mut (*backend).bear_ctx.eng); - if !protocol.is_null() { - Curl_infof( - data, - b"ALPN, server accepted to use %s\0" as *const u8 as *const i8, - protocol, - ); - #[cfg(USE_HTTP2)] - let USE_HTTP2_flag = strcmp(protocol, b"h2\0" as *const u8 as *const i8) == 0; - #[cfg(not(USE_HTTP2))] - let USE_HTTP2_flag = false; - if USE_HTTP2_flag { - match () { - #[cfg(USE_HTTP2)] - _ => { - (*conn).negnpn = CURL_HTTP_VERSION_2_0 as i32; + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut ret: CURLcode = CURLE_OK; + if ((*conn).bits).tls_enable_alpn() != 0 { + let mut protocol: *const i8 = 0 as *const i8; + protocol = br_ssl_engine_get_selected_protocol(&mut (*backend).bear_ctx.eng); + if !protocol.is_null() { + Curl_infof( + data, + b"ALPN, server accepted to use %s\0" as *const u8 as *const i8, + protocol, + ); + #[cfg(USE_HTTP2)] + let USE_HTTP2_flag = strcmp(protocol, b"h2\0" as *const u8 as *const i8) == 0; + #[cfg(not(USE_HTTP2))] + let USE_HTTP2_flag = false; + if USE_HTTP2_flag { + match () { + #[cfg(USE_HTTP2)] + _ => { + (*conn).negnpn = CURL_HTTP_VERSION_2_0 as i32; + } + #[cfg(not(USE_HTTP2))] + _ => {} } - #[cfg(not(USE_HTTP2))] - _ => {} + } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const i8) == 0 { + (*conn).negnpn = CURL_HTTP_VERSION_1_1 as i32; + } else { + Curl_infof( + data, + b"ALPN, unrecognized protocol %s\0" as *const u8 as *const i8, + protocol, + ); } - } else if strcmp(protocol, b"http/1.1\0" as *const u8 as *const i8) == 0 { - (*conn).negnpn = CURL_HTTP_VERSION_1_1 as i32; + Curl_multiuse_state( + data, + if (*conn).negnpn == CURL_HTTP_VERSION_2_0 as i32 { + 2 as i32 + } else { + -(1 as i32) + }, + ); } else { Curl_infof( data, - b"ALPN, unrecognized protocol %s\0" as *const u8 as *const i8, - protocol, + b"ALPN, server did not agree to a protocol\0" as *const u8 as *const i8, ); } - Curl_multiuse_state( - data, - if (*conn).negnpn == CURL_HTTP_VERSION_2_0 as i32 { - 2 as i32 - } else { - -(1 as i32) - }, - ); - } else { - Curl_infof( - data, - b"ALPN, server did not agree to a protocol\0" as *const u8 as *const i8, - ); - } - } - #[cfg(not(CURL_DISABLE_PROXY))] - let flag1: bool = if CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32 - { - ((*data).set.proxy_ssl.primary).sessionid() as i32 - } else { - ((*data).set.ssl.primary).sessionid() as i32 - } != 0; - #[cfg(CURL_DISABLE_PROXY)] - let flag1: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; - if flag1 { - let mut incache: bool = false; - let mut oldsession: *mut libc::c_void = 0 as *mut libc::c_void; - let mut session: *mut br_ssl_session_parameters = 0 as *mut br_ssl_session_parameters; - session = Curl_cmalloc.expect("non-null function pointer")(::std::mem::size_of::< - br_ssl_session_parameters, - >() as u64) as *mut br_ssl_session_parameters; - if session.is_null() { - return CURLE_OUT_OF_MEMORY; - } - br_ssl_engine_get_session_parameters(&mut (*backend).bear_ctx.eng, session); - Curl_ssl_sessionid_lock(data); - #[cfg(not(CURL_DISABLE_PROXY))] - let flag1: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { - 0 as i32 - } else { - 1 as i32 - }) as usize] - .state as u32; - #[cfg(CURL_DISABLE_PROXY)] - let flag1: bool = false; - incache = !Curl_ssl_getsessionid( - data, - conn, - if flag1 { 1 as i32 } else { 0 as i32 } != 0, - &mut oldsession, - 0 as *mut size_t, - sockindex, - ); - if incache { - Curl_ssl_delsessionid(data, oldsession); } #[cfg(not(CURL_DISABLE_PROXY))] - let flag2: bool = CURLPROXY_HTTPS as i32 as u32 == (*conn).http_proxy.proxytype as u32 - && ssl_connection_complete as i32 as u32 - != (*conn).proxy_ssl[(if (*conn).sock[1 as i32 as usize] == -(1 as i32) { + let flag1: bool = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { 0 as i32 } else { 1 as i32 }) as usize] - .state as u32; + .state as u32 + { + ((*data).set.proxy_ssl.primary).sessionid() as i32 + } else { + ((*data).set.ssl.primary).sessionid() as i32 + } != 0; #[cfg(CURL_DISABLE_PROXY)] - let flag2: bool = false; - ret = Curl_ssl_addsessionid( - data, - conn, - if flag2 { 1 as i32 } else { 0 as i32 } != 0, - session as *mut libc::c_void, - 0 as i32 as size_t, - sockindex, - ); - Curl_ssl_sessionid_unlock(data); - if ret as u64 != 0 { - Curl_cfree.expect("non-null function pointer")(session as *mut libc::c_void); - return CURLE_OUT_OF_MEMORY; + let flag1: bool = ((*data).set.ssl.primary).sessionid() as i32 != 0; + if flag1 { + let mut incache: bool = false; + let mut oldsession: *mut libc::c_void = 0 as *mut libc::c_void; + let mut session: *mut br_ssl_session_parameters = 0 as *mut br_ssl_session_parameters; + session = Curl_cmalloc.expect("non-null function pointer")(::std::mem::size_of::< + br_ssl_session_parameters, + >() as u64) as *mut br_ssl_session_parameters; + if session.is_null() { + return CURLE_OUT_OF_MEMORY; + } + br_ssl_engine_get_session_parameters(&mut (*backend).bear_ctx.eng, session); + Curl_ssl_sessionid_lock(data); + #[cfg(not(CURL_DISABLE_PROXY))] + let flag1: bool = CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32; + #[cfg(CURL_DISABLE_PROXY)] + let flag1: bool = false; + incache = !Curl_ssl_getsessionid( + data, + conn, + if flag1 { 1 as i32 } else { 0 as i32 } != 0, + &mut oldsession, + 0 as *mut size_t, + sockindex, + ); + if incache { + Curl_ssl_delsessionid(data, oldsession); + } + #[cfg(not(CURL_DISABLE_PROXY))] + let flag2: bool = CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32; + #[cfg(CURL_DISABLE_PROXY)] + let flag2: bool = false; + ret = Curl_ssl_addsessionid( + data, + conn, + if flag2 { 1 as i32 } else { 0 as i32 } != 0, + session as *mut libc::c_void, + 0 as size_t, + sockindex, + ); + Curl_ssl_sessionid_unlock(data); + if ret as u64 != 0 { + Curl_cfree.expect("non-null function pointer")(session as *mut libc::c_void); + return CURLE_OUT_OF_MEMORY; + } } + (*connssl).connecting_state = ssl_connect_done; + return CURLE_OK; } - (*connssl).connecting_state = ssl_connect_done; - return CURLE_OK; } -unsafe extern "C" fn bearssl_send( +extern "C" fn bearssl_send( mut data: *mut Curl_easy, mut sockindex: i32, mut buf: *const libc::c_void, mut len: size_t, mut err: *mut CURLcode, ) -> ssize_t { - let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut app: *mut u8 = 0 as *mut u8; - let mut applen: size_t = 0; - loop { - *err = bearssl_run_until(data, conn, sockindex, 0x8 as i32 as u32); - if *err as u32 != CURLE_OK as i32 as u32 { - return -(1 as i32) as ssize_t; - } - app = br_ssl_engine_sendapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); - if app.is_null() { - Curl_failf( - data, - b"SSL: connection closed during write\0" as *const u8 as *const i8, - ); - *err = CURLE_SEND_ERROR; - return -(1 as i32) as ssize_t; - } - if (*backend).pending_write != 0 { - applen = (*backend).pending_write; - (*backend).pending_write = 0 as i32 as size_t; - return applen as ssize_t; - } - if applen > len { - applen = len; + unsafe { + let mut conn: *mut connectdata = (*data).conn; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut app: *mut u8 = 0 as *mut u8; + let mut applen: size_t = 0; + loop { + *err = bearssl_run_until(data, conn, sockindex, 0x8 as u32); + if *err as u32 != CURLE_OK as u32 { + return -(1 as i32) as ssize_t; + } + app = br_ssl_engine_sendapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); + if app.is_null() { + Curl_failf( + data, + b"SSL: connection closed during write\0" as *const u8 as *const i8, + ); + *err = CURLE_SEND_ERROR; + return -(1 as i32) as ssize_t; + } + if (*backend).pending_write != 0 { + applen = (*backend).pending_write; + (*backend).pending_write = 0 as size_t; + return applen as ssize_t; + } + if applen > len { + applen = len; + } + memcpy(app as *mut libc::c_void, buf, applen); + br_ssl_engine_sendapp_ack(&mut (*backend).bear_ctx.eng, applen); + br_ssl_engine_flush(&mut (*backend).bear_ctx.eng, 0 as i32); + (*backend).pending_write = applen; } - memcpy(app as *mut libc::c_void, buf, applen); - br_ssl_engine_sendapp_ack(&mut (*backend).bear_ctx.eng, applen); - br_ssl_engine_flush(&mut (*backend).bear_ctx.eng, 0 as i32); - (*backend).pending_write = applen; } } -unsafe extern "C" fn bearssl_recv( +extern "C" fn bearssl_recv( mut data: *mut Curl_easy, mut sockindex: i32, mut buf: *mut i8, mut len: size_t, mut err: *mut CURLcode, ) -> ssize_t { - let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut app: *mut u8 = 0 as *mut u8; - let mut applen: size_t = 0; - *err = bearssl_run_until(data, conn, sockindex, 0x10 as i32 as u32); - if *err as u32 != CURLE_OK as i32 as u32 { - return -(1 as i32) as ssize_t; - } - app = br_ssl_engine_recvapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); - if app.is_null() { - return 0 as i32 as ssize_t; - } - if applen > len { - applen = len; + unsafe { + let mut conn: *mut connectdata = (*data).conn; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut app: *mut u8 = 0 as *mut u8; + let mut applen: size_t = 0; + *err = bearssl_run_until(data, conn, sockindex, 0x10 as u32); + if *err as u32 != CURLE_OK as u32 { + return -(1 as i32) as ssize_t; + } + app = br_ssl_engine_recvapp_buf(&mut (*backend).bear_ctx.eng, &mut applen); + if app.is_null() { + return 0 as ssize_t; + } + if applen > len { + applen = len; + } + memcpy(buf as *mut libc::c_void, app as *const libc::c_void, applen); + br_ssl_engine_recvapp_ack(&mut (*backend).bear_ctx.eng, applen); + return applen as ssize_t; } - memcpy(buf as *mut libc::c_void, app as *const libc::c_void, applen); - br_ssl_engine_recvapp_ack(&mut (*backend).bear_ctx.eng, applen); - return applen as ssize_t; } -unsafe extern "C" fn bearssl_connect_common( +extern "C" fn bearssl_connect_common( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, mut nonblocking: bool, mut done: *mut bool, ) -> CURLcode { - let mut ret: CURLcode = CURLE_OK; - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; - let mut timeout_ms: timediff_t = 0; - let mut what: i32 = 0; - if ssl_connection_complete as i32 as u32 == (*connssl).state as u32 { - *done = 1 as i32 != 0; - return CURLE_OK; - } - if ssl_connect_1 as i32 as u32 == (*connssl).connecting_state as u32 { - ret = bearssl_connect_step1(data, conn, sockindex); - if ret as u64 != 0 { - return ret; + unsafe { + let mut ret: CURLcode = CURLE_OK; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; + let mut timeout_ms: timediff_t = 0; + let mut what: i32 = 0; + /* check if the connection has already been established */ + if ssl_connection_complete as u32 == (*connssl).state as u32 { + *done = 1 as i32 != 0; + return CURLE_OK; } - } - while ssl_connect_2 as i32 as u32 == (*connssl).connecting_state as u32 - || ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 - || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 - { - timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as i32 != 0); - if timeout_ms < 0 as i32 as i64 { - Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); - return CURLE_OPERATION_TIMEDOUT; + if ssl_connect_1 as u32 == (*connssl).connecting_state as u32 { + ret = bearssl_connect_step1(data, conn, sockindex); + if ret as u64 != 0 { + return ret; + } } - if ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 - || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 + while ssl_connect_2 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32 { - let mut writefd: curl_socket_t = - if ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32 { - sockfd - } else { - -(1 as i32) - }; - let mut readfd: curl_socket_t = - if ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 { - sockfd - } else { - -(1 as i32) - }; - what = Curl_socket_check( - readfd, - -(1 as i32), - writefd, - if nonblocking as i32 != 0 { - 0 as i32 as i64 - } else { - timeout_ms - }, - ); - if what < 0 as i32 { - Curl_failf( - data, - b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const i8, - *__errno_location(), - ); - return CURLE_SSL_CONNECT_ERROR; - } else { - if 0 as i32 == what { - if nonblocking { - *done = 0 as i32 != 0; - return CURLE_OK; + /* check allowed time left */ + timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as i32 != 0); + if timeout_ms < 0 as i64 { + /* no need to continue if time already is up */ + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); + return CURLE_OPERATION_TIMEDOUT; + } + /* if ssl is expecting something, check if it's available. */ + if ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32 + { + let mut writefd: curl_socket_t = + if ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32 { + sockfd + } else { + -(1 as i32) + }; + let mut readfd: curl_socket_t = + if ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 { + sockfd } else { - Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); - return CURLE_OPERATION_TIMEDOUT; + -(1 as i32) + }; + what = Curl_socket_check( + readfd, + -(1 as i32), + writefd, + if nonblocking as i32 != 0 { + 0 as i64 + } else { + timeout_ms + }, + ); + if what < 0 as i32 { + /* fatal error */ + Curl_failf( + data, + b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const i8, + *__errno_location(), + ); + return CURLE_SSL_CONNECT_ERROR; + } else { + /* timeout */ + if 0 as i32 == what { + if nonblocking { + *done = 0 as i32 != 0; + return CURLE_OK; + } else { + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); + return CURLE_OPERATION_TIMEDOUT; + } } } + /* socket is readable or writable */ + } + /* Run transaction, and return to the caller if it failed or if this + * connection is done nonblocking and this loop would execute again. This + * permits the owner of a multi handle to abort a connection attempt + * before step2 has completed while ensuring that a client using select() + * or epoll() will always have a valid fdset to wait on. + */ + ret = bearssl_connect_step2(data, conn, sockindex); + if ret as u32 != 0 + || nonblocking as i32 != 0 + && (ssl_connect_2 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32) + { + return ret; } } - ret = bearssl_connect_step2(data, conn, sockindex); - if ret as u32 != 0 - || nonblocking as i32 != 0 - && (ssl_connect_2 as i32 as u32 == (*connssl).connecting_state as u32 - || ssl_connect_2_reading as i32 as u32 == (*connssl).connecting_state as u32 - || ssl_connect_2_writing as i32 as u32 == (*connssl).connecting_state as u32) - { - return ret; + if ssl_connect_3 as u32 == (*connssl).connecting_state as u32 { + ret = bearssl_connect_step3(data, conn, sockindex); + if ret as u64 != 0 { + return ret; + } } - } - if ssl_connect_3 as i32 as u32 == (*connssl).connecting_state as u32 { - ret = bearssl_connect_step3(data, conn, sockindex); - if ret as u64 != 0 { - return ret; + if ssl_connect_done as u32 == (*connssl).connecting_state as u32 { + (*connssl).state = ssl_connection_complete; + (*conn).recv[sockindex as usize] = Some( + bearssl_recv + as unsafe extern "C" fn( + *mut Curl_easy, + i32, + *mut i8, + size_t, + *mut CURLcode, + ) -> ssize_t, + ); + (*conn).send[sockindex as usize] = Some( + bearssl_send + as unsafe extern "C" fn( + *mut Curl_easy, + i32, + *const libc::c_void, + size_t, + *mut CURLcode, + ) -> ssize_t, + ); + *done = 1 as i32 != 0; + } else { + *done = 0 as i32 != 0; } + /* Reset our connect state machine */ + (*connssl).connecting_state = ssl_connect_1; + return CURLE_OK; } - if ssl_connect_done as i32 as u32 == (*connssl).connecting_state as u32 { - (*connssl).state = ssl_connection_complete; - (*conn).recv[sockindex as usize] = Some( - bearssl_recv - as unsafe extern "C" fn( - *mut Curl_easy, - i32, - *mut i8, - size_t, - *mut CURLcode, - ) -> ssize_t, - ); - (*conn).send[sockindex as usize] = Some( - bearssl_send - as unsafe extern "C" fn( - *mut Curl_easy, - i32, - *const libc::c_void, - size_t, - *mut CURLcode, - ) -> ssize_t, - ); - *done = 1 as i32 != 0; - } else { - *done = 0 as i32 != 0; - } - (*connssl).connecting_state = ssl_connect_1; - return CURLE_OK; } -unsafe extern "C" fn bearssl_version(mut buffer: *mut i8, mut size: size_t) -> size_t { - return curl_msnprintf(buffer, size, b"BearSSL\0" as *const u8 as *const i8) as size_t; +extern "C" fn bearssl_version(mut buffer: *mut i8, mut size: size_t) -> size_t { + unsafe { + return curl_msnprintf(buffer, size, b"BearSSL\0" as *const u8 as *const i8) as size_t; + } } - -unsafe extern "C" fn bearssl_data_pending( - mut conn: *const connectdata, - mut connindex: i32, -) -> bool { - let mut connssl: *const ssl_connect_data = - &*((*conn).ssl).as_ptr().offset(connindex as isize) as *const ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - return br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) & 0x10 as i32 as u32 != 0; +extern "C" fn bearssl_data_pending(mut conn: *const connectdata, mut connindex: i32) -> bool { + unsafe { + let mut connssl: *const ssl_connect_data = + &*((*conn).ssl).as_ptr().offset(connindex as isize) as *const ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + return br_ssl_engine_current_state(&mut (*backend).bear_ctx.eng) & 0x10 as u32 != 0; + } } -unsafe extern "C" fn bearssl_random( +extern "C" fn bearssl_random( mut data: *mut Curl_easy, mut entropy: *mut u8, mut length: size_t, ) -> CURLcode { - static mut ctx: br_hmac_drbg_context = br_hmac_drbg_context { - vtable: 0 as *const br_prng_class, - K: [0; 64], - V: [0; 64], - digest_class: 0 as *const br_hash_class, - }; - static mut seeded: bool = 0 as i32 != 0; - if !seeded { - let mut seeder: br_prng_seeder = None; - br_hmac_drbg_init( - &mut ctx, - &br_sha256_vtable, - 0 as *const libc::c_void, - 0 as i32 as size_t, - ); - seeder = br_prng_seeder_system(0 as *mut *const i8); - if seeder.is_none() || seeder.expect("non-null function pointer")(&mut ctx.vtable) == 0 { - return CURLE_FAILED_INIT; + unsafe { + static mut ctx: br_hmac_drbg_context = br_hmac_drbg_context { + vtable: 0 as *const br_prng_class, + K: [0; 64], + V: [0; 64], + digest_class: 0 as *const br_hash_class, + }; + static mut seeded: bool = 0 as i32 != 0; + if !seeded { + let mut seeder: br_prng_seeder = None; + br_hmac_drbg_init( + &mut ctx, + &br_sha256_vtable, + 0 as *const libc::c_void, + 0 as size_t, + ); + seeder = br_prng_seeder_system(0 as *mut *const i8); + if seeder.is_none() || seeder.expect("non-null function pointer")(&mut ctx.vtable) == 0 + { + return CURLE_FAILED_INIT; + } + seeded = 1 as i32 != 0; } - seeded = 1 as i32 != 0; + br_hmac_drbg_generate(&mut ctx, entropy as *mut libc::c_void, length); + return CURLE_OK; } - br_hmac_drbg_generate(&mut ctx, entropy as *mut libc::c_void, length); - return CURLE_OK; } -unsafe extern "C" fn bearssl_connect( +extern "C" fn bearssl_connect( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, ) -> CURLcode { - let mut ret: CURLcode = CURLE_OK; - let mut done: bool = 0 as i32 != 0; - ret = bearssl_connect_common(data, conn, sockindex, 0 as i32 != 0, &mut done); - if ret as u64 != 0 { - return ret; + unsafe { + let mut ret: CURLcode = CURLE_OK; + let mut done: bool = 0 as i32 != 0; + ret = bearssl_connect_common(data, conn, sockindex, 0 as i32 != 0, &mut done); + if ret as u64 != 0 { + return ret; + } + return CURLE_OK; } - return CURLE_OK; } -unsafe extern "C" fn bearssl_connect_nonblocking( +extern "C" fn bearssl_connect_nonblocking( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, mut done: *mut bool, ) -> CURLcode { - return bearssl_connect_common(data, conn, sockindex, 1 as i32 != 0, done); + unsafe { + return bearssl_connect_common(data, conn, sockindex, 1 as i32 != 0, done); + } } -unsafe extern "C" fn bearssl_get_internals( +extern "C" fn bearssl_get_internals( mut connssl: *mut ssl_connect_data, mut info: CURLINFO, ) -> *mut libc::c_void { - let mut backend: *mut ssl_backend_data = (*connssl).backend; - return &mut (*backend).bear_ctx as *mut br_ssl_client_context as *mut libc::c_void; + unsafe { + let mut backend: *mut ssl_backend_data = (*connssl).backend; + return &mut (*backend).bear_ctx as *mut br_ssl_client_context as *mut libc::c_void; + } } -unsafe extern "C" fn bearssl_close( +extern "C" fn bearssl_close( mut data: *mut Curl_easy, mut conn: *mut connectdata, mut sockindex: i32, ) { - let mut connssl: *mut ssl_connect_data = - &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; - let mut backend: *mut ssl_backend_data = (*connssl).backend; - let mut i: size_t = 0; - if (*backend).active { - br_ssl_engine_close(&mut (*backend).bear_ctx.eng); - bearssl_run_until(data, conn, sockindex, 0x1 as i32 as u32); - } - i = 0 as i32 as size_t; - while i < (*backend).anchors_len { - Curl_cfree.expect("non-null function pointer")( - (*((*backend).anchors).offset(i as isize)).dn.data as *mut libc::c_void, - ); - i = i.wrapping_add(1); + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut backend: *mut ssl_backend_data = (*connssl).backend; + let mut i: size_t = 0; + if (*backend).active { + br_ssl_engine_close(&mut (*backend).bear_ctx.eng); + bearssl_run_until(data, conn, sockindex, 0x1 as u32); + } + i = 0 as size_t; + while i < (*backend).anchors_len { + Curl_cfree.expect("non-null function pointer")( + (*((*backend).anchors).offset(i as isize)).dn.data as *mut libc::c_void, + ); + i = i.wrapping_add(1); + } + Curl_cfree.expect("non-null function pointer")((*backend).anchors as *mut libc::c_void); } - Curl_cfree.expect("non-null function pointer")((*backend).anchors as *mut libc::c_void); } -unsafe extern "C" fn bearssl_session_free(mut ptr: *mut libc::c_void) { - Curl_cfree.expect("non-null function pointer")(ptr); +extern "C" fn bearssl_session_free(mut ptr: *mut libc::c_void) { + unsafe { + Curl_cfree.expect("non-null function pointer")(ptr); + } } -unsafe extern "C" fn bearssl_sha256sum( +extern "C" fn bearssl_sha256sum( mut input: *const u8, mut inputlen: size_t, mut sha256sum: *mut u8, mut sha256len: size_t, ) -> CURLcode { - let mut ctx: br_sha256_context = br_sha256_context { - vtable: 0 as *const br_hash_class, - buf: [0; 64], - count: 0, - val: [0; 8], - }; - br_sha256_init(&mut ctx); - br_sha224_update(&mut ctx, input as *const libc::c_void, inputlen); - br_sha256_out(&mut ctx, sha256sum as *mut libc::c_void); - return CURLE_OK; + unsafe { + let mut ctx: br_sha256_context = br_sha256_context { + vtable: 0 as *const br_hash_class, + buf: [0; 64], + count: 0, + val: [0; 8], + }; + br_sha256_init(&mut ctx); + br_sha224_update(&mut ctx, input as *const libc::c_void, inputlen); + br_sha256_out(&mut ctx, sha256sum as *mut libc::c_void); + return CURLE_OK; + } } #[no_mangle] -pub static mut Curl_ssl_bearssl: Curl_ssl = unsafe { - { - let mut init = Curl_ssl { - info: { - let mut init = curl_ssl_backend { - id: CURLSSLBACKEND_BEARSSL, - name: b"bearssl\0" as *const u8 as *const i8, - }; - init - }, - supports: ((1 as i32) << 6 as i32) as u32, - sizeof_ssl_backend_data: ::std::mem::size_of::() as u64, - init: Some(Curl_none_init as unsafe extern "C" fn() -> i32), - cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), - version: Some(bearssl_version as unsafe extern "C" fn(*mut i8, size_t) -> size_t), - check_cxn: Some(Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> i32), - shut_down: Some( - Curl_none_shutdown - as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> i32, - ), - data_pending: Some( - bearssl_data_pending as unsafe extern "C" fn(*const connectdata, i32) -> bool, - ), - random: Some( - bearssl_random as unsafe extern "C" fn(*mut Curl_easy, *mut u8, size_t) -> CURLcode, - ), - cert_status_request: Some( - Curl_none_cert_status_request as unsafe extern "C" fn() -> bool, - ), - connect_blocking: Some( - bearssl_connect - as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> CURLcode, - ), - connect_nonblocking: Some( - bearssl_connect_nonblocking - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - i32, - *mut bool, - ) -> CURLcode, - ), - getsock: Some( - Curl_ssl_getsock - as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> i32, - ), - get_internals: Some( - bearssl_get_internals - as unsafe extern "C" fn(*mut ssl_connect_data, CURLINFO) -> *mut libc::c_void, - ), - close_one: Some( - bearssl_close as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> (), - ), - close_all: Some(Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> ()), - session_free: Some( - bearssl_session_free as unsafe extern "C" fn(*mut libc::c_void) -> (), - ), - set_engine: Some( - Curl_none_set_engine as unsafe extern "C" fn(*mut Curl_easy, *const i8) -> CURLcode, - ), - set_engine_default: Some( - Curl_none_set_engine_default as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, - ), - engines_list: Some( - Curl_none_engines_list as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, - ), - false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), - sha256sum: Some( - bearssl_sha256sum - as unsafe extern "C" fn(*const u8, size_t, *mut u8, size_t) -> CURLcode, - ), - associate_connection: None, - disassociate_connection: None, - }; - init - } +pub static mut Curl_ssl_bearssl: Curl_ssl = Curl_ssl { + info: { + curl_ssl_backend { + id: CURLSSLBACKEND_BEARSSL, + name: b"bearssl\0" as *const u8 as *const i8, + } + }, + supports: ((1 as i32) << 6 as i32) as u32, + sizeof_ssl_backend_data: ::std::mem::size_of::() as u64, + init: Some(Curl_none_init as unsafe extern "C" fn() -> i32), + cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), + version: Some(bearssl_version as unsafe extern "C" fn(*mut i8, size_t) -> size_t), + check_cxn: Some(Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> i32), + shut_down: Some( + Curl_none_shutdown as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> i32, + ), + data_pending: Some( + bearssl_data_pending as unsafe extern "C" fn(*const connectdata, i32) -> bool, + ), + random: Some( + bearssl_random as unsafe extern "C" fn(*mut Curl_easy, *mut u8, size_t) -> CURLcode, + ), + cert_status_request: Some(Curl_none_cert_status_request as unsafe extern "C" fn() -> bool), + connect_blocking: Some( + bearssl_connect as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> CURLcode, + ), + connect_nonblocking: Some( + bearssl_connect_nonblocking + as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32, *mut bool) -> CURLcode, + ), + getsock: Some( + Curl_ssl_getsock as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> i32, + ), + get_internals: Some( + bearssl_get_internals + as unsafe extern "C" fn(*mut ssl_connect_data, CURLINFO) -> *mut libc::c_void, + ), + close_one: Some( + bearssl_close as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> (), + ), + close_all: Some(Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> ()), + session_free: Some(bearssl_session_free as unsafe extern "C" fn(*mut libc::c_void) -> ()), + set_engine: Some( + Curl_none_set_engine as unsafe extern "C" fn(*mut Curl_easy, *const i8) -> CURLcode, + ), + set_engine_default: Some( + Curl_none_set_engine_default as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, + ), + engines_list: Some( + Curl_none_engines_list as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, + ), + false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), + sha256sum: Some( + bearssl_sha256sum as unsafe extern "C" fn(*const u8, size_t, *mut u8, size_t) -> CURLcode, + ), + associate_connection: None, + disassociate_connection: None, }; -- Gitee From 9c4d9d3781e85020c4cc3068f8b366ead30bac3a Mon Sep 17 00:00:00 2001 From: Your Name <1153793677@qq.com> Date: Sun, 4 Dec 2022 18:23:42 +0800 Subject: [PATCH 4/4] =?UTF-8?q?mesalink=E4=BC=98=E5=8C=96lib=E7=B1=BB?= =?UTF-8?q?=E5=9E=8B=EF=BC=8C=E4=BC=98=E5=8C=96as,=E4=BC=98=E5=8C=96unsafe?= =?UTF-8?q?=E5=87=BD=E6=95=B0=E5=A3=B0=E6=98=8E=EF=BC=8C=E4=BC=98=E5=8C=96?= =?UTF-8?q?fresh=EF=BC=8C=E6=B7=BB=E5=8A=A0=E6=B3=A8=E9=87=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rust/rust_project/src/vtls/mesalink.rs | 1921 +++++++++++------------- 1 file changed, 884 insertions(+), 1037 deletions(-) diff --git a/rust/rust_project/src/vtls/mesalink.rs b/rust/rust_project/src/vtls/mesalink.rs index 9f76990..c617070 100644 --- a/rust/rust_project/src/vtls/mesalink.rs +++ b/rust/rust_project/src/vtls/mesalink.rs @@ -8,1228 +8,1075 @@ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR * PURPOSE. * See the Mulan PSL v2 for more details. - * Author: pnext, + * Author: pnext, * Create: 2022-10-31 * Description: support mesalink ******************************************************************************/ -use ::libc; +use crate::src::vtls::vtls::*; +use libc; use rust_ffi::src::ffi_alias::type_alias::*; use rust_ffi::src::ffi_fun::fun_call::*; use rust_ffi::src::ffi_struct::struct_define::*; -use crate::src::vtls::vtls::*; // 内部没有宏 -unsafe extern "C" fn do_file_type(mut type_0: *const libc::c_char) -> libc::c_int { - if type_0.is_null() || *type_0.offset(0 as libc::c_int as isize) == 0 { - return MESALINK_FILETYPE_PEM as libc::c_int; - } - if Curl_strcasecompare(type_0, b"PEM\0" as *const u8 as *const libc::c_char) != 0 { - return MESALINK_FILETYPE_PEM as libc::c_int; - } - if Curl_strcasecompare(type_0, b"DER\0" as *const u8 as *const libc::c_char) != 0 { - return MESALINK_FILETYPE_ASN1 as libc::c_int; +extern "C" fn do_file_type(mut type_0: *const i8) -> i32 { + unsafe { + if type_0.is_null() || *type_0.offset(0 as isize) == 0 { + return MESALINK_FILETYPE_PEM as i32; + } + if Curl_strcasecompare(type_0, b"PEM\0" as *const u8 as *const i8) != 0 { + return MESALINK_FILETYPE_PEM as i32; + } + if Curl_strcasecompare(type_0, b"DER\0" as *const u8 as *const i8) != 0 { + return MESALINK_FILETYPE_ASN1 as i32; + } + return -(1 as i32); } - return -(1 as libc::c_int); } +/* + * This function loads all the client/CA certificates and CRLs. Setup the TLS + * layer and do all necessary magic. + */ // todo - 有两个选项待翻译:MESALINK_HAVE_CIPHER 和 MESALINK_HAVE_SESSION -unsafe extern "C" fn mesalink_connect_step1( +extern "C" fn mesalink_connect_step1( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { - let mut ciphers: *mut libc::c_char = 0 as *mut libc::c_char; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - let mut addr4: in_addr = in_addr { s_addr: 0 }; - #[cfg(ENABLE_IPV6)] // done - 98 - let mut addr6: in6_addr = in6_addr { - __in6_u: C2RustUnnamed_8 { - __u6_addr8: [0; 16], - }, - }; - #[cfg(not(CURL_DISABLE_PROXY))] - let hostname: *const libc::c_char = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + unsafe { + let mut ciphers: *mut i8 = 0 as *mut i8; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut addr4: in_addr = in_addr { s_addr: 0 }; + #[cfg(ENABLE_IPV6)] // done - 98 + let mut addr6: in6_addr = in6_addr { + __in6_u: C2RustUnnamed_8 { + __u6_addr8: [0; 16], + }, + }; + #[cfg(not(CURL_DISABLE_PROXY))] + let hostname: *const i8 = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint - { - (*conn).http_proxy.host.name - } else { - (*conn).host.name - }; - // vtls.h - #[cfg(CURL_DISABLE_PROXY)] - let hostname: *const libc::c_char = (*conn).host.name; - let mut hostname_len: size_t = strlen(hostname); - let mut req_method: *mut MESALINK_METHOD = 0 as *mut MESALINK_METHOD; - let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; - if (*connssl).state as libc::c_uint - == ssl_connection_complete as libc::c_int as libc::c_uint - { - return CURLE_OK; - } - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_1 = (if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.version_max - } else { - (*conn).ssl_config.version_max - }); - // vtls.h - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_1 = (*conn).ssl_config.version_max; - if CURL_DISABLE_PROXY_1 != CURL_SSLVERSION_MAX_NONE as libc::c_int as libc::c_long - { - Curl_failf( - data, - b"MesaLink does not support to set maximum SSL/TLS version\0" as *const u8 - as *const libc::c_char, - ); - return CURLE_SSL_CONNECT_ERROR; - } - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_2 = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.version - } else { - (*conn).ssl_config.version - } ; - // vtls.h - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_2 = (*conn).ssl_config.version; - match CURL_DISABLE_PROXY_2 { - 3 | 1 | 4 | 5 => { + .state as u32 + { + (*conn).http_proxy.host.name + } else { + (*conn).host.name + }; + // vtls.h + #[cfg(CURL_DISABLE_PROXY)] + let hostname: *const i8 = (*conn).host.name; + let mut hostname_len: size_t = strlen(hostname); + let mut req_method: *mut MESALINK_METHOD = 0 as *mut MESALINK_METHOD; + let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; + if (*connssl).state as u32 == ssl_connection_complete as u32 { + return CURLE_OK; + } + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_1 = (if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.version_max + } else { + (*conn).ssl_config.version_max + }); + // vtls.h + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_1 = (*conn).ssl_config.version_max; + if CURL_DISABLE_PROXY_1 != CURL_SSLVERSION_MAX_NONE as i64 { Curl_failf( data, - b"MesaLink does not support SSL 3.0, TLS 1.0, or TLS 1.1\0" as *const u8 - as *const libc::c_char, + b"MesaLink does not support to set maximum SSL/TLS version\0" as *const u8 + as *const i8, ); - return CURLE_NOT_BUILT_IN; - } - 0 | 6 => { - req_method = mesalink_TLSv1_2_client_method(); + return CURLE_SSL_CONNECT_ERROR; } - 7 => { - req_method = mesalink_TLSv1_3_client_method(); + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_2 = if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.version + } else { + (*conn).ssl_config.version + }; + // vtls.h + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_2 = (*conn).ssl_config.version; + match CURL_DISABLE_PROXY_2 { + 3 | 1 | 4 | 5 => { + Curl_failf( + data, + b"MesaLink does not support SSL 3.0, TLS 1.0, or TLS 1.1\0" as *const u8 + as *const i8, + ); + return CURLE_NOT_BUILT_IN; + } + 0 | 6 => { + req_method = mesalink_TLSv1_2_client_method(); + } + 7 => { + req_method = mesalink_TLSv1_3_client_method(); + } + 2 => { + Curl_failf( + data, + b"MesaLink does not support SSLv2\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + _ => { + Curl_failf( + data, + b"Unrecognized parameter passed via CURLOPT_SSLVERSION\0" as *const u8 + as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } } - 2 => { + if req_method.is_null() { Curl_failf( data, - b"MesaLink does not support SSLv2\0" as *const u8 as *const libc::c_char, + b"SSL: couldn't create a method!\0" as *const u8 as *const i8, ); - return CURLE_SSL_CONNECT_ERROR; + return CURLE_OUT_OF_MEMORY; } - _ => { + if !((*(*connssl).backend).mesalink_ctx).is_null() { + mesalink_SSL_CTX_free((*(*connssl).backend).mesalink_ctx); + } + (*(*connssl).backend).mesalink_ctx = mesalink_SSL_CTX_new(req_method); + if ((*(*connssl).backend).mesalink_ctx).is_null() { Curl_failf( data, - b"Unrecognized parameter passed via CURLOPT_SSLVERSION\0" as *const u8 - as *const libc::c_char, + b"SSL: couldn't create a context!\0" as *const u8 as *const i8, ); - return CURLE_SSL_CONNECT_ERROR; + return CURLE_OUT_OF_MEMORY; } - } - if req_method.is_null() { - Curl_failf( - data, - b"SSL: couldn't create a method!\0" as *const u8 as *const libc::c_char, - ); - return CURLE_OUT_OF_MEMORY; - } - if !((*(*connssl).backend).mesalink_ctx).is_null() { - mesalink_SSL_CTX_free((*(*connssl).backend).mesalink_ctx); - } - let ref mut fresh0 = (*(*connssl).backend).mesalink_ctx; - *fresh0 = mesalink_SSL_CTX_new(req_method); - if ((*(*connssl).backend).mesalink_ctx).is_null() { - Curl_failf( - data, - b"SSL: couldn't create a context!\0" as *const u8 as *const libc::c_char, + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_verifypeer = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + ((*conn).proxy_ssl_config).verifypeer() as i32 + } else { + ((*conn).ssl_config).verifypeer() as i32 + }; + // vtls.h + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_verifypeer = ((*conn).ssl_config).verifypeer() as i32; + mesalink_SSL_CTX_set_verify( + (*(*connssl).backend).mesalink_ctx, + if CURL_DISABLE_PROXY_verifypeer != 0 { + MESALINK_SSL_VERIFY_PEER as i32 + } else { + MESALINK_SSL_VERIFY_NONE as i32 + }, + None, ); - return CURLE_OUT_OF_MEMORY; - } - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_verifypeer = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - ((*conn).proxy_ssl_config).verifypeer() as libc::c_int - } else { - ((*conn).ssl_config).verifypeer() as libc::c_int - }; - // vtls.h - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_verifypeer = ((*conn).ssl_config).verifypeer() as libc::c_int; - mesalink_SSL_CTX_set_verify( - (*(*connssl).backend).mesalink_ctx, - if CURL_DISABLE_PROXY_verifypeer != 0 + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_CAfile_1 = !(if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 { - MESALINK_SSL_VERIFY_PEER as libc::c_int + (*conn).proxy_ssl_config.CAfile } else { - MESALINK_SSL_VERIFY_NONE as libc::c_int - }, - None, - ); - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_CAfile_1 = !(if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.CAfile - } else { - (*conn).ssl_config.CAfile - }) - .is_null() ; - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_CAfile_1 = !((*conn).ssl_config.CAfile).is_null(); + (*conn).ssl_config.CAfile + }) + .is_null(); + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_CAfile_1 = !((*conn).ssl_config.CAfile).is_null(); - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_CApath_1 = !(if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.CApath - } else { - (*conn).ssl_config.CApath - }) - .is_null(); - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_CApath_1 = !((*conn).ssl_config.CApath).is_null(); - - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_CAfile_2 = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.CAfile - } else { - (*conn).ssl_config.CAfile - }; - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_CAfile_2 = (*conn).ssl_config.CAfile; + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_CApath_1 = !(if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.CApath + } else { + (*conn).ssl_config.CApath + }) + .is_null(); + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_CApath_1 = !((*conn).ssl_config.CApath).is_null(); - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_CApath_2 = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.CApath - } else { - (*conn).ssl_config.CApath - }; - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_CApath_2 = (*conn).ssl_config.CApath; + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_CAfile_2 = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.CAfile + } else { + (*conn).ssl_config.CAfile + }; + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_CAfile_2 = (*conn).ssl_config.CAfile; - if CURL_DISABLE_PROXY_CAfile_1 || CURL_DISABLE_PROXY_CApath_1 - { - if mesalink_SSL_CTX_load_verify_locations( - (*(*connssl).backend).mesalink_ctx, - CURL_DISABLE_PROXY_CAfile_2, - CURL_DISABLE_PROXY_CApath_2, - ) == 0 + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_CApath_2 = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 { - if CURL_DISABLE_PROXY_verifypeer != 0 + (*conn).proxy_ssl_config.CApath + } else { + (*conn).ssl_config.CApath + }; + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_CApath_2 = (*conn).ssl_config.CApath; + + if CURL_DISABLE_PROXY_CAfile_1 || CURL_DISABLE_PROXY_CApath_1 { + if mesalink_SSL_CTX_load_verify_locations( + (*(*connssl).backend).mesalink_ctx, + CURL_DISABLE_PROXY_CAfile_2, + CURL_DISABLE_PROXY_CApath_2, + ) == 0 { - Curl_failf( + if CURL_DISABLE_PROXY_verifypeer != 0 { + Curl_failf( + data, + b"error setting certificate verify locations: CAfile: %s CApath: %s\0" + as *const u8 as *const i8, + if CURL_DISABLE_PROXY_CAfile_1 { + CURL_DISABLE_PROXY_CAfile_2 as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, + if CURL_DISABLE_PROXY_CApath_1 { + CURL_DISABLE_PROXY_CApath_2 as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, + ); + return CURLE_SSL_CACERT_BADFILE; + } + Curl_infof( data, - b"error setting certificate verify locations: CAfile: %s CApath: %s\0" - as *const u8 as *const libc::c_char, - if CURL_DISABLE_PROXY_CAfile_1 - { - CURL_DISABLE_PROXY_CAfile_2 as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, - if CURL_DISABLE_PROXY_CApath_1 - { - CURL_DISABLE_PROXY_CApath_2 as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, + b"error setting certificate verify locations, continuing anyway:\0" as *const u8 + as *const i8, + ); + } else { + Curl_infof( + data, + b"successfully set certificate verify locations:\0" as *const u8 as *const i8, ); - return CURLE_SSL_CACERT_BADFILE; } Curl_infof( data, - b"error setting certificate verify locations, continuing anyway:\0" - as *const u8 as *const libc::c_char, + b" CAfile: %s\0" as *const u8 as *const i8, + if CURL_DISABLE_PROXY_CAfile_1 { + CURL_DISABLE_PROXY_CAfile_2 as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, ); - } else { Curl_infof( data, - b"successfully set certificate verify locations:\0" as *const u8 - as *const libc::c_char, + b" CApath: %s\0" as *const u8 as *const i8, + if CURL_DISABLE_PROXY_CApath_1 { + CURL_DISABLE_PROXY_CApath_2 as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, ); } - Curl_infof( - data, - b" CAfile: %s\0" as *const u8 as *const libc::c_char, - if CURL_DISABLE_PROXY_CAfile_1 - { - CURL_DISABLE_PROXY_CAfile_2 as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, - ); - Curl_infof( - data, - b" CApath: %s\0" as *const u8 as *const libc::c_char, - if CURL_DISABLE_PROXY_CApath_1 - { - CURL_DISABLE_PROXY_CApath_2 as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, - ); - } - #[cfg(not(CURL_DISABLE_PROXY))] - if !(if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + #[cfg(not(CURL_DISABLE_PROXY))] + if !(if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint - { - (*data).set.proxy_ssl.primary.clientcert - } else { - (*data).set.ssl.primary.clientcert - }) - .is_null() - && !(if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint + .state as u32 { - (*data).set.proxy_ssl.key + (*data).set.proxy_ssl.primary.clientcert } else { - (*data).set.ssl.key + (*data).set.ssl.primary.clientcert }) - .is_null() - { - let mut file_type: libc::c_int = do_file_type( - if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint + .is_null() + && !(if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 { - (*data).set.proxy_ssl.cert_type + (*data).set.proxy_ssl.key } else { - (*data).set.ssl.cert_type - }, - ); - if mesalink_SSL_CTX_use_certificate_chain_file( - (*(*connssl).backend).mesalink_ctx, - (if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + (*data).set.ssl.key + }) + .is_null() + { + let mut file_type: i32 = do_file_type( + if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint - { - (*data).set.proxy_ssl.primary.clientcert - } else { - (*data).set.ssl.primary.clientcert - }), - file_type, - ) != 1 as libc::c_int - { - Curl_failf( - data, - b"unable to use client certificate (no key or wrong pass phrase?)\0" - as *const u8 as *const libc::c_char, + .state as u32 + { + (*data).set.proxy_ssl.cert_type + } else { + (*data).set.ssl.cert_type + }, ); - return CURLE_SSL_CONNECT_ERROR; - } - file_type = do_file_type( - if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + if mesalink_SSL_CTX_use_certificate_chain_file( + (*(*connssl).backend).mesalink_ctx, + (if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 + { + (*data).set.proxy_ssl.primary.clientcert + } else { + (*data).set.ssl.primary.clientcert + }), + file_type, + ) != 1 as i32 { - (*data).set.proxy_ssl.key_type - } else { - (*data).set.ssl.key_type - }, - ); - if mesalink_SSL_CTX_use_PrivateKey_file( - (*(*connssl).backend).mesalink_ctx, - (if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + Curl_failf( + data, + b"unable to use client certificate (no key or wrong pass phrase?)\0" + as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + file_type = do_file_type( + if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint - { - (*data).set.proxy_ssl.key - } else { - (*data).set.ssl.key - }), - file_type, - ) != 1 as libc::c_int - { - Curl_failf( - data, - b"unable to set private key\0" as *const u8 as *const libc::c_char, + .state as u32 + { + (*data).set.proxy_ssl.key_type + } else { + (*data).set.ssl.key_type + }, ); - return CURLE_SSL_CONNECT_ERROR; - } - Curl_infof( - data, - b"client cert: %s\0" as *const u8 as *const libc::c_char, - if !if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int + if mesalink_SSL_CTX_use_PrivateKey_file( + (*(*connssl).backend).mesalink_ctx, + (if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 } else { - 1 as libc::c_int + 1 as i32 }) as usize] - .state as libc::c_uint + .state as u32 + { + (*data).set.proxy_ssl.key + } else { + (*data).set.ssl.key + }), + file_type, + ) != 1 as i32 { - (*conn).proxy_ssl_config.clientcert - } else { - (*conn).ssl_config.clientcert + Curl_failf( + data, + b"unable to set private key\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; } - .is_null() - { - (if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint + Curl_infof( + data, + b"client cert: %s\0" as *const u8 as *const i8, + if !if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 { (*conn).proxy_ssl_config.clientcert } else { (*conn).ssl_config.clientcert - }) as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, - ); - } - #[cfg(CURL_DISABLE_PROXY)] - if !((*data).set.ssl.primary.clientcert).is_null() - && !((*data).set.ssl.key).is_null() - { - let mut file_type: libc::c_int = do_file_type((*data).set.ssl.cert_type); - if mesalink_SSL_CTX_use_certificate_chain_file( - (*(*connssl).backend).mesalink_ctx, - (*data).set.ssl.primary.clientcert, - file_type, - ) != 1 as libc::c_int - { - Curl_failf( + } + .is_null() + { + (if CURLPROXY_HTTPS as u32 == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + (*conn).proxy_ssl_config.clientcert + } else { + (*conn).ssl_config.clientcert + }) as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, + ); + } + #[cfg(CURL_DISABLE_PROXY)] + if !((*data).set.ssl.primary.clientcert).is_null() && !((*data).set.ssl.key).is_null() { + let mut file_type: i32 = do_file_type((*data).set.ssl.cert_type); + if mesalink_SSL_CTX_use_certificate_chain_file( + (*(*connssl).backend).mesalink_ctx, + (*data).set.ssl.primary.clientcert, + file_type, + ) != 1 as i32 + { + Curl_failf( + data, + b"unable to use client certificate (no key or wrong pass phrase?)\0" + as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + file_type = do_file_type((*data).set.ssl.key_type); + if mesalink_SSL_CTX_use_PrivateKey_file( + (*(*connssl).backend).mesalink_ctx, + (*data).set.ssl.key, + file_type, + ) != 1 as i32 + { + Curl_failf( + data, + b"unable to set private key\0" as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + Curl_infof( data, - b"unable to use client certificate (no key or wrong pass phrase?)\0" - as *const u8 as *const libc::c_char, + b"client cert: %s\0" as *const u8 as *const i8, + if !((*conn).ssl_config.clientcert).is_null() { + (*conn).ssl_config.clientcert as *const i8 + } else { + b"none\0" as *const u8 as *const i8 + }, ); - return CURLE_SSL_CONNECT_ERROR; } - file_type = do_file_type((*data).set.ssl.key_type); - if mesalink_SSL_CTX_use_PrivateKey_file( - (*(*connssl).backend).mesalink_ctx, - (*data).set.ssl.key, - file_type, - ) != 1 as libc::c_int + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_cipher_list = if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 { - Curl_failf( + (*conn).proxy_ssl_config.cipher_list + } else { + (*conn).ssl_config.cipher_list + }; + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_cipher_list = (*conn).ssl_config.cipher_list; + + ciphers = CURL_DISABLE_PROXY_cipher_list; + if !ciphers.is_null() { + // TODO - 206 + if cfg!(MESALINK_HAVE_CIPHER) { + // 选项:MESALINK_HAVE_CIPHER + } + Curl_infof( data, - b"unable to set private key\0" as *const u8 as *const libc::c_char, + b"Cipher selection: %s\0" as *const u8 as *const i8, + ciphers, ); - return CURLE_SSL_CONNECT_ERROR; } - Curl_infof( - data, - b"client cert: %s\0" as *const u8 as *const libc::c_char, - if !((*conn).ssl_config.clientcert).is_null() { - (*conn).ssl_config.clientcert as *const libc::c_char - } else { - b"none\0" as *const u8 as *const libc::c_char - }, - ); - } - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_cipher_list = if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - (*conn).proxy_ssl_config.cipher_list - } else { - (*conn).ssl_config.cipher_list - }; - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_cipher_list = (*conn).ssl_config.cipher_list; - - ciphers = CURL_DISABLE_PROXY_cipher_list; - if !ciphers.is_null() { - // TODO - 206 - if cfg!(MESALINK_HAVE_CIPHER){ - // 选项:MESALINK_HAVE_CIPHER + if !((*(*connssl).backend).mesalink_handle).is_null() { + mesalink_SSL_free((*(*connssl).backend).mesalink_handle); } - Curl_infof( - data, - b"Cipher selection: %s\0" as *const u8 as *const libc::c_char, - ciphers, - ); - } - if !((*(*connssl).backend).mesalink_handle).is_null() { - mesalink_SSL_free((*(*connssl).backend).mesalink_handle); - } - let ref mut fresh1 = (*(*connssl).backend).mesalink_handle; - *fresh1 = mesalink_SSL_new((*(*connssl).backend).mesalink_ctx); - if ((*(*connssl).backend).mesalink_handle).is_null() { - Curl_failf( - data, - b"SSL: couldn't create a context (handle)!\0" as *const u8 - as *const libc::c_char, - ); - return CURLE_OUT_OF_MEMORY; - } - // done - 225 - #[cfg(ENABLE_IPV6)] - let ENABLE_IPV6_flag = 0 as libc::c_int - == inet_pton( - 10 as libc::c_int, - hostname, - &mut addr6 as *mut in6_addr as *mut libc::c_void - ); - #[cfg(not(ENABLE_IPV6))] // 如果没有ENABLE_IPV6这个选项,那就不要这个条件,那么一定是true - let ENABLE_IPV6_flag = true; - if hostname_len - < (32767 as libc::c_int * 2 as libc::c_int + 1 as libc::c_int) as libc::c_ulong - && 0 as libc::c_int + (*(*connssl).backend).mesalink_handle = + mesalink_SSL_new((*(*connssl).backend).mesalink_ctx); + if ((*(*connssl).backend).mesalink_handle).is_null() { + Curl_failf( + data, + b"SSL: couldn't create a context (handle)!\0" as *const u8 as *const i8, + ); + return CURLE_OUT_OF_MEMORY; + } + // done - 225 + #[cfg(ENABLE_IPV6)] + let ENABLE_IPV6_flag = 0 as i32 == inet_pton( - 2 as libc::c_int, + 10 as i32, hostname, - &mut addr4 as *mut in_addr as *mut libc::c_void, - ) - && ENABLE_IPV6_flag - { - if mesalink_SSL_set_tlsext_host_name((*(*connssl).backend).mesalink_handle, hostname) - != MESALINK_SUCCESS as libc::c_int + &mut addr6 as *mut in6_addr as *mut libc::c_void, + ); + #[cfg(not(ENABLE_IPV6))] // 如果没有ENABLE_IPV6这个选项,那就不要这个条件,那么一定是true + let ENABLE_IPV6_flag = true; + if hostname_len < (32767 as i32 * 2 as i32 + 1 as i32) as u64 + && 0 as i32 + == inet_pton( + 2 as i32, + hostname, + &mut addr4 as *mut in_addr as *mut libc::c_void, + ) + && ENABLE_IPV6_flag { + /* hostname is not a valid IP address */ + if mesalink_SSL_set_tlsext_host_name((*(*connssl).backend).mesalink_handle, hostname) + != MESALINK_SUCCESS as i32 + { + Curl_failf( + data, + b"WARNING: failed to configure server name indication (SNI) TLS extension\n\0" + as *const u8 as *const i8, + ); + return CURLE_SSL_CONNECT_ERROR; + } + } else { + /* Check if the hostname is 127.0.0.1 or [::1]; + * otherwise reject because MesaLink always wants a valid DNS Name + * specified in RFC 5280 Section 7.2 */ + // done - CURLDEBUG不加 238 Curl_failf( data, - b"WARNING: failed to configure server name indication (SNI) TLS extension\n\0" - as *const u8 as *const libc::c_char, + b"ERROR: MesaLink does not accept an IP address as a hostname\n\0" as *const u8 + as *const i8, ); return CURLE_SSL_CONNECT_ERROR; } - } else { - // done - CURLDEBUG不加 238 - Curl_failf( - data, - b"ERROR: MesaLink does not accept an IP address as a hostname\n\0" - as *const u8 as *const libc::c_char, - ); - return CURLE_SSL_CONNECT_ERROR; - } - // todo - 258 选项:MESALINK_HAVE_SESSION - // #[cfg(MESALINK_HAVE_SESSION)] - if mesalink_SSL_set_fd((*(*connssl).backend).mesalink_handle, sockfd) - != MESALINK_SUCCESS as libc::c_int - { - Curl_failf( - data, - b"SSL: SSL_set_fd failed\0" as *const u8 as *const libc::c_char, - ); - return CURLE_SSL_CONNECT_ERROR; + // todo - 258 选项:MESALINK_HAVE_SESSION + // #[cfg(MESALINK_HAVE_SESSION)] + if mesalink_SSL_set_fd((*(*connssl).backend).mesalink_handle, sockfd) + != MESALINK_SUCCESS as i32 + { + Curl_failf(data, b"SSL: SSL_set_fd failed\0" as *const u8 as *const i8); + return CURLE_SSL_CONNECT_ERROR; + } + (*connssl).connecting_state = ssl_connect_2; + return CURLE_OK; } - (*connssl).connecting_state = ssl_connect_2; - return CURLE_OK; } // 内部没有宏 -unsafe extern "C" fn mesalink_connect_step2( +extern "C" fn mesalink_connect_step2( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { - let mut ret: libc::c_int = -(1 as libc::c_int); - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - let ref mut fresh2 = (*conn).recv[sockindex as usize]; - *fresh2 = Some(mesalink_recv as Curl_recv); - let ref mut fresh3 = (*conn).send[sockindex as usize]; - *fresh3 = Some(mesalink_send as Curl_send); - ret = mesalink_SSL_connect((*(*connssl).backend).mesalink_handle); - if ret != MESALINK_SUCCESS as libc::c_int { - let mut detail: libc::c_int = mesalink_SSL_get_error( - (*(*connssl).backend).mesalink_handle, - ret, - ); - if MESALINK_ERROR_WANT_CONNECT as libc::c_int == detail - || MESALINK_ERROR_WANT_READ as libc::c_int == detail - { - (*connssl).connecting_state = ssl_connect_2_reading; - return CURLE_OK; - } else { - let mut error_buffer: [libc::c_char; 80] = [0; 80]; - Curl_failf( - data, - b"SSL_connect failed with error %d: %s\0" as *const u8 - as *const libc::c_char, - detail, - mesalink_ERR_error_string_n( - detail as libc::c_ulong, - error_buffer.as_mut_ptr(), - ::std::mem::size_of::<[libc::c_char; 80]>() as libc::c_ulong, - ), - ); - mesalink_ERR_print_errors_fp(stderr); - #[cfg(not(CURL_DISABLE_PROXY))] - let CURL_DISABLE_PROXY_verifypeer_2 = (if CURLPROXY_HTTPS as libc::c_int as libc::c_uint - == (*conn).http_proxy.proxytype as libc::c_uint - && ssl_connection_complete as libc::c_int as libc::c_uint - != (*conn) - .proxy_ssl[(if (*conn).sock[1 as libc::c_int as usize] - == -(1 as libc::c_int) - { - 0 as libc::c_int - } else { - 1 as libc::c_int - }) as usize] - .state as libc::c_uint - { - ((*conn).proxy_ssl_config).verifypeer() as libc::c_int - } else { - ((*conn).ssl_config).verifypeer() as libc::c_int - }) != 0 ; - #[cfg(CURL_DISABLE_PROXY)] - let CURL_DISABLE_PROXY_verifypeer_2 = ((*conn).ssl_config).verifypeer() as libc::c_int != 0 ; - if detail != 0 && CURL_DISABLE_PROXY_verifypeer_2{ - detail &= !(0xff as libc::c_int); - if detail == TLS_ERROR_WEBPKI_ERRORS as libc::c_int { - Curl_failf( - data, - b"Cert verify failed\0" as *const u8 as *const libc::c_char, - ); - return CURLE_PEER_FAILED_VERIFICATION; + unsafe { + let mut ret: i32 = -(1 as i32); + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + (*conn).recv[sockindex as usize] = Some(mesalink_recv as Curl_recv); + (*conn).send[sockindex as usize] = Some(mesalink_send as Curl_send); + ret = mesalink_SSL_connect((*(*connssl).backend).mesalink_handle); + if ret != MESALINK_SUCCESS as i32 { + let mut detail: i32 = + mesalink_SSL_get_error((*(*connssl).backend).mesalink_handle, ret); + if MESALINK_ERROR_WANT_CONNECT as i32 == detail + || MESALINK_ERROR_WANT_READ as i32 == detail + { + (*connssl).connecting_state = ssl_connect_2_reading; + return CURLE_OK; + } else { + let mut error_buffer: [i8; 80] = [0; 80]; + Curl_failf( + data, + b"SSL_connect failed with error %d: %s\0" as *const u8 as *const i8, + detail, + mesalink_ERR_error_string_n( + detail as u64, + error_buffer.as_mut_ptr(), + ::std::mem::size_of::<[i8; 80]>() as u64, + ), + ); + mesalink_ERR_print_errors_fp(stderr); + #[cfg(not(CURL_DISABLE_PROXY))] + let CURL_DISABLE_PROXY_verifypeer_2 = (if CURLPROXY_HTTPS as u32 + == (*conn).http_proxy.proxytype as u32 + && ssl_connection_complete as u32 + != (*conn).proxy_ssl[(if (*conn).sock[1 as usize] == -(1 as i32) { + 0 as i32 + } else { + 1 as i32 + }) as usize] + .state as u32 + { + ((*conn).proxy_ssl_config).verifypeer() as i32 + } else { + ((*conn).ssl_config).verifypeer() as i32 + }) != 0; + #[cfg(CURL_DISABLE_PROXY)] + let CURL_DISABLE_PROXY_verifypeer_2 = ((*conn).ssl_config).verifypeer() as i32 != 0; + if detail != 0 && CURL_DISABLE_PROXY_verifypeer_2 { + detail &= !(0xff as i32); + if detail == TLS_ERROR_WEBPKI_ERRORS as i32 { + Curl_failf(data, b"Cert verify failed\0" as *const u8 as *const i8); + return CURLE_PEER_FAILED_VERIFICATION; + } } + return CURLE_SSL_CONNECT_ERROR; } - return CURLE_SSL_CONNECT_ERROR; } + (*connssl).connecting_state = ssl_connect_3; + Curl_infof( + data, + b"SSL connection using %s / %s\0" as *const u8 as *const i8, + mesalink_SSL_get_version((*(*connssl).backend).mesalink_handle), + mesalink_SSL_get_cipher_name((*(*connssl).backend).mesalink_handle), + ); + return CURLE_OK; } - (*connssl).connecting_state = ssl_connect_3; - Curl_infof( - data, - b"SSL connection using %s / %s\0" as *const u8 as *const libc::c_char, - mesalink_SSL_get_version((*(*connssl).backend).mesalink_handle), - mesalink_SSL_get_cipher_name((*(*connssl).backend).mesalink_handle), - ); - return CURLE_OK; } // todo - 有一个待翻译的宏:MESALINK_HAVE_SESSION -unsafe extern "C" fn mesalink_connect_step3( - mut conn: *mut connectdata, - mut sockindex: libc::c_int, -) -> CURLcode { - let mut result: CURLcode = CURLE_OK; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - // todo - 344 - // #[cfg(MESALINK_HAVE_SESSION)] - (*connssl).connecting_state = ssl_connect_done; - return result; +extern "C" fn mesalink_connect_step3(mut conn: *mut connectdata, mut sockindex: i32) -> CURLcode { + unsafe { + let mut result: CURLcode = CURLE_OK; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + // todo - 344 + // #[cfg(MESALINK_HAVE_SESSION)] + (*connssl).connecting_state = ssl_connect_done; + return result; + } } // 内部没有宏 -unsafe extern "C" fn mesalink_send( +extern "C" fn mesalink_send( mut data: *mut Curl_easy, - mut sockindex: libc::c_int, + mut sockindex: i32, mut mem: *const libc::c_void, mut len: size_t, mut curlcode: *mut CURLcode, ) -> ssize_t { - let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - let mut error_buffer: [libc::c_char; 80] = [0; 80]; - let mut memlen: libc::c_int = if len > 2147483647 as libc::c_int as size_t { - 2147483647 as libc::c_int - } else { - len as libc::c_int - }; - let mut rc: libc::c_int = mesalink_SSL_write( - (*(*connssl).backend).mesalink_handle, - mem, - memlen, - ); - if rc < 0 as libc::c_int { - let mut err: libc::c_int = mesalink_SSL_get_error( - (*(*connssl).backend).mesalink_handle, - rc, - ); - match err { - 2 | 3 => { - *curlcode = CURLE_AGAIN; - return -(1 as libc::c_int) as ssize_t; - } - _ => { - Curl_failf( - data, - b"SSL write: %s, errno %d\0" as *const u8 as *const libc::c_char, - mesalink_ERR_error_string_n( - err as libc::c_ulong, - error_buffer.as_mut_ptr(), - ::std::mem::size_of::<[libc::c_char; 80]>() as libc::c_ulong, - ), - *__errno_location(), - ); - *curlcode = CURLE_SEND_ERROR; - return -(1 as libc::c_int) as ssize_t; + unsafe { + let mut conn: *mut connectdata = (*data).conn; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut error_buffer: [i8; 80] = [0; 80]; + const int_max: size_t = 2147483647 as size_t; + let mut memlen: i32 = if len > int_max { + int_max as i32 + } else { + len as i32 + }; + let mut rc: i32 = mesalink_SSL_write((*(*connssl).backend).mesalink_handle, mem, memlen); + if rc < 0 as i32 { + let mut err: i32 = mesalink_SSL_get_error((*(*connssl).backend).mesalink_handle, rc); + match err { + 2 | 3 => { + /* there's data pending, re-invoke SSL_write() */ + *curlcode = CURLE_AGAIN; + return -(1 as i32) as ssize_t; + } + _ => { + Curl_failf( + data, + b"SSL write: %s, errno %d\0" as *const u8 as *const i8, + mesalink_ERR_error_string_n( + err as u64, + error_buffer.as_mut_ptr(), + ::std::mem::size_of::<[i8; 80]>() as u64, + ), + *__errno_location(), + ); + *curlcode = CURLE_SEND_ERROR; + return -(1 as i32) as ssize_t; + } } } + return rc as ssize_t; } - return rc as ssize_t; } // 内部没有宏 -unsafe extern "C" fn mesalink_close( +extern "C" fn mesalink_close( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) { - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - if !((*(*connssl).backend).mesalink_handle).is_null() { - mesalink_SSL_shutdown((*(*connssl).backend).mesalink_handle); - mesalink_SSL_free((*(*connssl).backend).mesalink_handle); - let ref mut fresh4 = (*(*connssl).backend).mesalink_handle; - *fresh4 = 0 as *mut MESALINK_SSL; - } - if !((*(*connssl).backend).mesalink_ctx).is_null() { - mesalink_SSL_CTX_free((*(*connssl).backend).mesalink_ctx); - let ref mut fresh5 = (*(*connssl).backend).mesalink_ctx; - *fresh5 = 0 as *mut MESALINK_CTX; + unsafe { + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + if !((*(*connssl).backend).mesalink_handle).is_null() { + mesalink_SSL_shutdown((*(*connssl).backend).mesalink_handle); + mesalink_SSL_free((*(*connssl).backend).mesalink_handle); + (*(*connssl).backend).mesalink_handle = 0 as *mut MESALINK_SSL; + } + if !((*(*connssl).backend).mesalink_ctx).is_null() { + mesalink_SSL_CTX_free((*(*connssl).backend).mesalink_ctx); + (*(*connssl).backend).mesalink_ctx = 0 as *mut MESALINK_CTX; + } } } // 内部没有宏 -unsafe extern "C" fn mesalink_recv( +extern "C" fn mesalink_recv( mut data: *mut Curl_easy, - mut num: libc::c_int, - mut buf: *mut libc::c_char, + mut num: i32, + mut buf: *mut i8, mut buffersize: size_t, mut curlcode: *mut CURLcode, ) -> ssize_t { - let mut conn: *mut connectdata = (*data).conn; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(num as isize) as *mut ssl_connect_data; - let mut error_buffer: [libc::c_char; 80] = [0; 80]; - let mut buffsize: libc::c_int = if buffersize > 2147483647 as libc::c_int as size_t { - 2147483647 as libc::c_int - } else { - buffersize as libc::c_int - }; - let mut nread: libc::c_int = mesalink_SSL_read( - (*(*connssl).backend).mesalink_handle, - buf as *mut libc::c_void, - buffsize, - ); - if nread <= 0 as libc::c_int { - let mut err: libc::c_int = mesalink_SSL_get_error( + unsafe { + let mut conn: *mut connectdata = (*data).conn; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(num as isize) as *mut ssl_connect_data; + let mut error_buffer: [i8; 80] = [0; 80]; + const int_max: size_t = 2147483647 as size_t; + let mut buffsize: i32 = if buffersize > int_max { + int_max as i32 + } else { + buffersize as i32 + }; + let mut nread: i32 = mesalink_SSL_read( (*(*connssl).backend).mesalink_handle, - nread, + buf as *mut libc::c_void, + buffsize, ); - match err { - 1 | 33554437 => {} - 2 | 3 => { - *curlcode = CURLE_AGAIN; - return -(1 as libc::c_int) as ssize_t; - } - _ => { - Curl_failf( - data, - b"SSL read: %s, errno %d\0" as *const u8 as *const libc::c_char, - mesalink_ERR_error_string_n( - err as libc::c_ulong, - error_buffer.as_mut_ptr(), - ::std::mem::size_of::<[libc::c_char; 80]>() as libc::c_ulong, - ), - *__errno_location(), - ); - *curlcode = CURLE_RECV_ERROR; - return -(1 as libc::c_int) as ssize_t; + if nread <= 0 as i32 { + let mut err: i32 = mesalink_SSL_get_error((*(*connssl).backend).mesalink_handle, nread); + match err { + 1 | 33554437 => {} + 2 | 3 => { + /* there's data pending, re-invoke SSL_read() */ + *curlcode = CURLE_AGAIN; + return -(1 as i32) as ssize_t; + } + _ => { + Curl_failf( + data, + b"SSL read: %s, errno %d\0" as *const u8 as *const i8, + mesalink_ERR_error_string_n( + err as u64, + error_buffer.as_mut_ptr(), + ::std::mem::size_of::<[i8; 80]>() as u64, + ), + *__errno_location(), + ); + *curlcode = CURLE_RECV_ERROR; + return -(1 as i32) as ssize_t; + } } } + return nread as ssize_t; } - return nread as ssize_t; } // 内部没有宏 -unsafe extern "C" fn mesalink_version( - mut buffer: *mut libc::c_char, - mut size: size_t, -) -> size_t { - return curl_msnprintf( - buffer, - size, - b"MesaLink/%s\0" as *const u8 as *const libc::c_char, - b"0.10.1\0" as *const u8 as *const libc::c_char, - ) as size_t; +extern "C" fn mesalink_version(mut buffer: *mut i8, mut size: size_t) -> size_t { + unsafe { + return curl_msnprintf( + buffer, + size, + b"MesaLink/%s\0" as *const u8 as *const i8, + b"0.10.1\0" as *const u8 as *const i8, + ) as size_t; + } } // 内部没有宏 -unsafe extern "C" fn mesalink_init() -> libc::c_int { - return (mesalink_library_init() == MESALINK_SUCCESS as libc::c_int) as libc::c_int; +extern "C" fn mesalink_init() -> i32 { + unsafe { + return (mesalink_library_init() == MESALINK_SUCCESS as i32) as i32; + } } +/* + * This function is called to shut down the SSL layer but keep the + * socket open (CCC - Clear Command Channel) + */ // 内部没有宏 -unsafe extern "C" fn mesalink_shutdown( +extern "C" fn mesalink_shutdown( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, -) -> libc::c_int { - let mut retval: libc::c_int = 0 as libc::c_int; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - if !((*(*connssl).backend).mesalink_handle).is_null() { - mesalink_SSL_free((*(*connssl).backend).mesalink_handle); - let ref mut fresh6 = (*(*connssl).backend).mesalink_handle; - *fresh6 = 0 as *mut MESALINK_SSL; + mut sockindex: i32, +) -> i32 { + unsafe { + let mut retval: i32 = 0 as i32; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + if !((*(*connssl).backend).mesalink_handle).is_null() { + mesalink_SSL_free((*(*connssl).backend).mesalink_handle); + (*(*connssl).backend).mesalink_handle = 0 as *mut MESALINK_SSL; + } + return retval; } - return retval; } // 内部没有宏 -unsafe extern "C" fn mesalink_connect_common( +extern "C" fn mesalink_connect_common( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, mut nonblocking: bool, mut done: *mut bool, ) -> CURLcode { - let mut result: CURLcode = CURLE_OK; - let mut connssl: *mut ssl_connect_data = &mut *((*conn).ssl) - .as_mut_ptr() - .offset(sockindex as isize) as *mut ssl_connect_data; - let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; - let mut timeout_ms: timediff_t = 0; - let mut what: libc::c_int = 0; - if ssl_connection_complete as libc::c_int as libc::c_uint - == (*connssl).state as libc::c_uint - { - *done = 1 as libc::c_int != 0; - return CURLE_OK; - } - if ssl_connect_1 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as libc::c_int != 0); - if timeout_ms < 0 as libc::c_int as libc::c_long { - Curl_failf( - data, - b"SSL connection timeout\0" as *const u8 as *const libc::c_char, - ); - return CURLE_OPERATION_TIMEDOUT; - } - result = mesalink_connect_step1(data, conn, sockindex); - if result as u64 != 0 { - return result; + unsafe { + let mut result: CURLcode = CURLE_OK; + let mut connssl: *mut ssl_connect_data = + &mut *((*conn).ssl).as_mut_ptr().offset(sockindex as isize) as *mut ssl_connect_data; + let mut sockfd: curl_socket_t = (*conn).sock[sockindex as usize]; + let mut timeout_ms: timediff_t = 0; + let mut what: i32 = 0; + /* check if the connection has already been established */ + if ssl_connection_complete as i32 as u32 == (*connssl).state as u32 { + *done = 1 as i32 != 0; + return CURLE_OK; } - } - while ssl_connect_2 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as libc::c_int != 0); - if timeout_ms < 0 as libc::c_int as libc::c_long { - Curl_failf( - data, - b"SSL connection timeout\0" as *const u8 as *const libc::c_char, - ); - return CURLE_OPERATION_TIMEDOUT; + if ssl_connect_1 as u32 == (*connssl).connecting_state as u32 { + /* Find out how much more time we're allowed */ + timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as i32 != 0); + if timeout_ms < 0 as i64 { + /* no need to continue if time already is up */ + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); + return CURLE_OPERATION_TIMEDOUT; + } + result = mesalink_connect_step1(data, conn, sockindex); + if result as u64 != 0 { + return result; + } } - if (*connssl).connecting_state as libc::c_uint - == ssl_connect_2_reading as libc::c_int as libc::c_uint - || (*connssl).connecting_state as libc::c_uint - == ssl_connect_2_writing as libc::c_int as libc::c_uint + while ssl_connect_2 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32 { - let mut writefd: curl_socket_t = if ssl_connect_2_writing as libc::c_int - as libc::c_uint == (*connssl).connecting_state as libc::c_uint - { - sockfd - } else { - -(1 as libc::c_int) - }; - let mut readfd: curl_socket_t = if ssl_connect_2_reading as libc::c_int - as libc::c_uint == (*connssl).connecting_state as libc::c_uint + /* check allowed time left */ + timeout_ms = Curl_timeleft(data, 0 as *mut curltime, 1 as i32 != 0); + if timeout_ms < 0 as i64 { + /* no need to continue if time already is up */ + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); + return CURLE_OPERATION_TIMEDOUT; + } + /* if ssl is expecting something, check if it's available. */ + if (*connssl).connecting_state as u32 == ssl_connect_2_reading as u32 + || (*connssl).connecting_state as u32 == ssl_connect_2_writing as u32 { - sockfd - } else { - -(1 as libc::c_int) - }; - what = Curl_socket_check( - readfd, - -(1 as libc::c_int), - writefd, - if nonblocking as libc::c_int != 0 { - 0 as libc::c_int as libc::c_long - } else { - timeout_ms - }, - ); - if what < 0 as libc::c_int { - Curl_failf( - data, - b"select/poll on SSL socket, errno: %d\0" as *const u8 - as *const libc::c_char, - *__errno_location(), - ); - return CURLE_SSL_CONNECT_ERROR; - } else { - if 0 as libc::c_int == what { - if nonblocking { - *done = 0 as libc::c_int != 0; - return CURLE_OK; + let mut writefd: curl_socket_t = + if ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32 { + sockfd + } else { + -(1 as i32) + }; + let mut readfd: curl_socket_t = + if ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 { + sockfd } else { - Curl_failf( - data, - b"SSL connection timeout\0" as *const u8 - as *const libc::c_char, - ); - return CURLE_OPERATION_TIMEDOUT; + -(1 as i32) + }; + what = Curl_socket_check( + readfd, + -(1 as i32), + writefd, + if nonblocking as i32 != 0 { + 0 as i64 + } else { + timeout_ms + }, + ); + if what < 0 as i32 { + /* fatal error */ + Curl_failf( + data, + b"select/poll on SSL socket, errno: %d\0" as *const u8 as *const i8, + *__errno_location(), + ); + return CURLE_SSL_CONNECT_ERROR; + } else { + if 0 as i32 == what { + if nonblocking { + *done = 0 as i32 != 0; + return CURLE_OK; + } else { + /* timeout */ + Curl_failf(data, b"SSL connection timeout\0" as *const u8 as *const i8); + return CURLE_OPERATION_TIMEDOUT; + } } } + /* socket is readable or writable */ + } + /* Run transaction, and return to the caller if it failed or if + * this connection is part of a multi handle and this loop would + * execute again. This permits the owner of a multi handle to + * abort a connection attempt before step2 has completed while + * ensuring that a client using select() or epoll() will always + * have a valid fdset to wait on. + */ + result = mesalink_connect_step2(data, conn, sockindex); + if result as u32 != 0 + || nonblocking as i32 != 0 + && (ssl_connect_2 as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_reading as u32 == (*connssl).connecting_state as u32 + || ssl_connect_2_writing as u32 == (*connssl).connecting_state as u32) + { + return result; + } + } /* repeat step2 until all transactions are done. */ + if ssl_connect_3 as i32 as u32 == (*connssl).connecting_state as u32 { + result = mesalink_connect_step3(conn, sockindex); + if result as u64 != 0 { + return result; } } - result = mesalink_connect_step2(data, conn, sockindex); - if result as libc::c_uint != 0 - || nonblocking as libc::c_int != 0 - && (ssl_connect_2 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_reading as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - || ssl_connect_2_writing as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint) - { - return result; - } - } - if ssl_connect_3 as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - result = mesalink_connect_step3(conn, sockindex); - if result as u64 != 0 { - return result; + if ssl_connect_done as u32 == (*connssl).connecting_state as u32 { + (*connssl).state = ssl_connection_complete; + (*conn).recv[sockindex as usize] = Some(mesalink_recv as Curl_recv); + (*conn).send[sockindex as usize] = Some(mesalink_send as Curl_send); + *done = 1 as i32 != 0; + } else { + *done = 0 as i32 != 0; } + /* Reset our connect state machine */ + (*connssl).connecting_state = ssl_connect_1; + return CURLE_OK; } - if ssl_connect_done as libc::c_int as libc::c_uint - == (*connssl).connecting_state as libc::c_uint - { - (*connssl).state = ssl_connection_complete; - let ref mut fresh7 = (*conn).recv[sockindex as usize]; - *fresh7 = Some(mesalink_recv as Curl_recv); - let ref mut fresh8 = (*conn).send[sockindex as usize]; - *fresh8 = Some(mesalink_send as Curl_send); - *done = 1 as libc::c_int != 0; - } else { - *done = 0 as libc::c_int != 0; - } - (*connssl).connecting_state = ssl_connect_1; - return CURLE_OK; } // 内部没有宏 -unsafe extern "C" fn mesalink_connect_nonblocking( +extern "C" fn mesalink_connect_nonblocking( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, mut done: *mut bool, ) -> CURLcode { - return mesalink_connect_common(data, conn, sockindex, 1 as libc::c_int != 0, done); + unsafe { + return mesalink_connect_common(data, conn, sockindex, 1 as i32 != 0, done); + } } // 内部没有宏 -unsafe extern "C" fn mesalink_connect( +extern "C" fn mesalink_connect( mut data: *mut Curl_easy, mut conn: *mut connectdata, - mut sockindex: libc::c_int, + mut sockindex: i32, ) -> CURLcode { - let mut result: CURLcode = CURLE_OK; - let mut done: bool = 0 as libc::c_int != 0; - result = mesalink_connect_common( - data, - conn, - sockindex, - 0 as libc::c_int != 0, - &mut done, - ); - if result as u64 != 0 { - return result; + unsafe { + let mut result: CURLcode = CURLE_OK; + let mut done: bool = 0 as i32 != 0; + result = mesalink_connect_common(data, conn, sockindex, 0 as i32 != 0, &mut done); + if result as u64 != 0 { + return result; + } + return CURLE_OK; } - return CURLE_OK; } // 内部没有宏 -unsafe extern "C" fn mesalink_get_internals( +extern "C" fn mesalink_get_internals( mut connssl: *mut ssl_connect_data, mut info: CURLINFO, ) -> *mut libc::c_void { - return (*(*connssl).backend).mesalink_handle as *mut libc::c_void; + unsafe { + return (*(*connssl).backend).mesalink_handle as *mut libc::c_void; + } } // 内部没有宏 #[no_mangle] -pub static mut Curl_ssl_mesalink: Curl_ssl = unsafe { - { - let mut init = Curl_ssl { - info: { - let mut init = curl_ssl_backend { - id: CURLSSLBACKEND_MESALINK, - name: b"MesaLink\0" as *const u8 as *const libc::c_char, - }; - init - }, - supports: ((1 as libc::c_int) << 3 as libc::c_int) as libc::c_uint, - sizeof_ssl_backend_data: ::std::mem::size_of::() - as libc::c_ulong, - init: Some(mesalink_init as unsafe extern "C" fn() -> libc::c_int), - cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), - version: Some( - mesalink_version - as unsafe extern "C" fn(*mut libc::c_char, size_t) -> size_t, - ), - check_cxn: Some( - Curl_none_check_cxn - as unsafe extern "C" fn(*mut connectdata) -> libc::c_int, - ), - shut_down: Some( - mesalink_shutdown - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> libc::c_int, - ), - data_pending: Some( - Curl_none_data_pending - as unsafe extern "C" fn(*const connectdata, libc::c_int) -> bool, - ), - random: Some( - Curl_none_random - as unsafe extern "C" fn( - *mut Curl_easy, - *mut libc::c_uchar, - size_t, - ) -> CURLcode, - ), - cert_status_request: Some( - Curl_none_cert_status_request as unsafe extern "C" fn() -> bool, - ), - connect_blocking: Some( - mesalink_connect - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> CURLcode, - ), - connect_nonblocking: Some( - mesalink_connect_nonblocking - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - *mut bool, - ) -> CURLcode, - ), - getsock: Some( - Curl_ssl_getsock - as unsafe extern "C" fn( - *mut connectdata, - *mut curl_socket_t, - ) -> libc::c_int, - ), - get_internals: Some( - mesalink_get_internals - as unsafe extern "C" fn( - *mut ssl_connect_data, - CURLINFO, - ) -> *mut libc::c_void, - ), - close_one: Some( - mesalink_close - as unsafe extern "C" fn( - *mut Curl_easy, - *mut connectdata, - libc::c_int, - ) -> (), - ), - close_all: Some( - Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> (), - ), - session_free: Some( - Curl_none_session_free as unsafe extern "C" fn(*mut libc::c_void) -> (), - ), - set_engine: Some( - Curl_none_set_engine - as unsafe extern "C" fn( - *mut Curl_easy, - *const libc::c_char, - ) -> CURLcode, - ), - set_engine_default: Some( - Curl_none_set_engine_default - as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, - ), - engines_list: Some( - Curl_none_engines_list - as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, - ), - false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), - sha256sum: None, - associate_connection: None, - disassociate_connection: None, - }; - init - } +pub static mut Curl_ssl_mesalink: Curl_ssl = Curl_ssl { + info: { + curl_ssl_backend { + id: CURLSSLBACKEND_MESALINK, + name: b"MesaLink\0" as *const u8 as *const i8, + } + }, + supports: ((1 as i32) << 3 as i32) as u32, + sizeof_ssl_backend_data: ::std::mem::size_of::() as u64, + init: Some(mesalink_init as unsafe extern "C" fn() -> i32), + cleanup: Some(Curl_none_cleanup as unsafe extern "C" fn() -> ()), + version: Some(mesalink_version as unsafe extern "C" fn(*mut i8, size_t) -> size_t), + check_cxn: Some(Curl_none_check_cxn as unsafe extern "C" fn(*mut connectdata) -> i32), + shut_down: Some( + mesalink_shutdown as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> i32, + ), + data_pending: Some( + Curl_none_data_pending as unsafe extern "C" fn(*const connectdata, i32) -> bool, + ), + random: Some( + Curl_none_random as unsafe extern "C" fn(*mut Curl_easy, *mut u8, size_t) -> CURLcode, + ), + cert_status_request: Some(Curl_none_cert_status_request as unsafe extern "C" fn() -> bool), + connect_blocking: Some( + mesalink_connect as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> CURLcode, + ), + connect_nonblocking: Some( + mesalink_connect_nonblocking + as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32, *mut bool) -> CURLcode, + ), + getsock: Some( + Curl_ssl_getsock as unsafe extern "C" fn(*mut connectdata, *mut curl_socket_t) -> i32, + ), + get_internals: Some( + mesalink_get_internals + as unsafe extern "C" fn(*mut ssl_connect_data, CURLINFO) -> *mut libc::c_void, + ), + close_one: Some( + mesalink_close as unsafe extern "C" fn(*mut Curl_easy, *mut connectdata, i32) -> (), + ), + close_all: Some(Curl_none_close_all as unsafe extern "C" fn(*mut Curl_easy) -> ()), + session_free: Some(Curl_none_session_free as unsafe extern "C" fn(*mut libc::c_void) -> ()), + set_engine: Some( + Curl_none_set_engine as unsafe extern "C" fn(*mut Curl_easy, *const i8) -> CURLcode, + ), + set_engine_default: Some( + Curl_none_set_engine_default as unsafe extern "C" fn(*mut Curl_easy) -> CURLcode, + ), + engines_list: Some( + Curl_none_engines_list as unsafe extern "C" fn(*mut Curl_easy) -> *mut curl_slist, + ), + false_start: Some(Curl_none_false_start as unsafe extern "C" fn() -> bool), + sha256sum: None, + associate_connection: None, + disassociate_connection: None, }; -- Gitee