Skip to content

Commit a815cdd

Browse files
ManishearthManishearth
committed
Allow arbitrary SSL verification
1 parent 43becc9 commit a815cdd

File tree

2 files changed

+8
-8
lines changed

2 files changed

+8
-8
lines changed

src/client/mod.rs

+2-4
Original file line numberDiff line numberDiff line change
@@ -25,12 +25,10 @@ use std::iter::Extend;
2525
use url::UrlParser;
2626
use url::ParseError as UrlError;
2727

28-
use openssl::ssl::VerifyCallback;
29-
3028
use header::{Headers, Header, HeaderFormat};
3129
use header::common::{ContentLength, Location};
3230
use method::Method;
33-
use net::{NetworkConnector, NetworkStream, HttpConnector};
31+
use net::{ContextVerifier, NetworkConnector, NetworkStream, HttpConnector};
3432
use status::StatusClass::Redirection;
3533
use {Url, Port, HttpResult};
3634
use HttpError::HttpUriError;
@@ -57,7 +55,7 @@ impl Client<HttpConnector> {
5755
}
5856

5957
/// Set the SSL verifier callback for use with OpenSSL.
60-
pub fn set_ssl_verifier(&mut self, verifier: VerifyCallback) {
58+
pub fn set_ssl_verifier(&mut self, verifier: ContextVerifier) {
6159
self.connector = HttpConnector(Some(verifier));
6260
}
6361

src/net.rs

+6-4
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,7 @@ use std::mem::{mod, transmute, transmute_copy};
1111
use std::raw::{mod, TraitObject};
1212

1313
use uany::UncheckedBoxAnyDowncast;
14-
use openssl::ssl::{Ssl, SslStream, SslContext, VerifyCallback};
15-
use openssl::ssl::SslVerifyMode::SslVerifyPeer;
14+
use openssl::ssl::{Ssl, SslStream, SslContext};
1615
use openssl::ssl::SslMethod::Sslv23;
1716
use openssl::ssl::error::{SslError, StreamError, OpenSslErrors, SslSessionClosed};
1817

@@ -240,7 +239,10 @@ impl NetworkStream for HttpStream {
240239

241240
/// A connector that will produce HttpStreams.
242241
#[allow(missing_copy_implementations)]
243-
pub struct HttpConnector(pub Option<VerifyCallback>);
242+
pub struct HttpConnector(pub Option<ContextVerifier>);
243+
244+
/// Can set various verification schemes on the SSL context
245+
pub type ContextVerifier = for <'a> fn(&'a mut SslContext) -> ();
244246

245247
impl NetworkConnector<HttpStream> for HttpConnector {
246248
fn connect(&mut self, host: &str, port: Port, scheme: &str) -> IoResult<HttpStream> {
@@ -254,7 +256,7 @@ impl NetworkConnector<HttpStream> for HttpConnector {
254256
debug!("https scheme");
255257
let stream = try!(TcpStream::connect(addr));
256258
let mut context = try!(SslContext::new(Sslv23).map_err(lift_ssl_error));
257-
self.0.as_ref().map(|cb| context.set_verify(SslVerifyPeer, Some(*cb)));
259+
self.0.map(|cb| cb(&mut context));
258260
let ssl = try!(Ssl::new(&context).map_err(lift_ssl_error));
259261
try!(ssl.set_hostname(host).map_err(lift_ssl_error));
260262
let stream = try!(SslStream::new(&context, stream).map_err(lift_ssl_error));

0 commit comments

Comments
 (0)