small fixes, a couple new API fns, and a bunch of stubs

.github/dependabot.yml

@@ -1,11 +1,11 @@
 version: 2
 updates:
-- package-ecosystem: cargo
-  directory: "/"
-  schedule:
-    interval: daily
-  open-pull-requests-limit: 10
-- package-ecosystem: github-actions
-  directory: "/"
-  schedule:
-    interval: weekly
+  - package-ecosystem: cargo
+    directory: "/"
+    schedule:
+      interval: daily
+    open-pull-requests-limit: 10
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly

.gitignore

@@ -0,0 +1,2 @@
+target/
+/.idea

Cargo.toml

@@ -13,6 +13,6 @@ crate-type = ["cdylib"]
 env_logger = "0.10"
 log = "0.4"
 openssl-probe = "0.1"
-openssl-sys = "0.9.98"
-rustls = "0.23.5"
+openssl-sys = "0.9"
+rustls = "0.23"
 rustls-pemfile = "2"

MATRIX.md

@@ -265,8 +265,8 @@
 | `SSL_add_store_cert_subjects_to_stack`  |  |  |  |
 | `SSL_alert_desc_string`  |  |  | :white_check_mark: |
 | `SSL_alert_desc_string_long`  | :white_check_mark: |  | :white_check_mark: |
-| `SSL_alert_type_string`  |  |  |  |
-| `SSL_alert_type_string_long`  |  |  |  |
+| `SSL_alert_type_string`  |  |  | :white_check_mark: |
+| `SSL_alert_type_string_long`  |  |  | :white_check_mark: |
 | `SSL_alloc_buffers`  |  |  |  |
 | `SSL_bytes_to_cipher_list`  |  |  |  |
 | `SSL_callback_ctrl`  |  |  |  |
@@ -427,7 +427,7 @@
 | `SSL_set_bio`  | :white_check_mark: | :white_check_mark: | :white_check_mark: |
 | `SSL_set_block_padding`  |  |  |  |
 | `SSL_set_cert_cb`  |  |  |  |
-| `SSL_set_cipher_list`  |  |  |  |
+| `SSL_set_cipher_list`  |  |  | :white_check_mark: |
 | `SSL_set_ciphersuites`  |  |  |  |
 | `SSL_set_client_CA_list`  |  |  |  |
 | `SSL_set_connect_state`  | :white_check_mark: | :white_check_mark: | :white_check_mark: |
@@ -475,7 +475,7 @@
 | `SSL_set_trust`  |  |  |  |
 | `SSL_set_verify`  |  | :white_check_mark: | :white_check_mark: |
 | `SSL_set_verify_depth`  |  | :white_check_mark: | :white_check_mark: |
-| `SSL_set_verify_result`  |  |  |  |
+| `SSL_set_verify_result`  |  |  | :white_check_mark: |
 | `SSL_set_wfd` [^sock] |  |  |  |
 | `SSL_shutdown`  | :white_check_mark: | :white_check_mark: | :white_check_mark: |
 | `SSL_srp_server_param_with_username` [^deprecatedin_3_0] [^srp] |  |  |  |

Makefile

@@ -62,6 +62,7 @@ format:
 	find src tests \
 		-name '*.[c|h]' | \
 		xargs clang-format -i
+	admin/format
 
 format-check:
 	find src tests \

build.rs

@@ -49,6 +49,8 @@ const ENTRYPOINTS: &[&str] = &[
     "SSL_accept",
     "SSL_alert_desc_string",
     "SSL_alert_desc_string_long",
+    "SSL_alert_type_string",
+    "SSL_alert_type_string_long",
     "SSL_check_private_key",
     "SSL_CIPHER_description",
     "SSL_CIPHER_find",
@@ -192,6 +194,7 @@ const ENTRYPOINTS: &[&str] = &[
     "SSL_set_accept_state",
     "SSL_set_alpn_protos",
     "SSL_set_bio",
+    "SSL_set_cipher_list",
     "SSL_set_connect_state",
     "SSL_set_ex_data",
     "SSL_set_fd",
@@ -206,6 +209,7 @@ const ENTRYPOINTS: &[&str] = &[
     "SSL_set_SSL_CTX",
     "SSL_set_verify",
     "SSL_set_verify_depth",
+    "SSL_set_verify_result",
     "SSL_shutdown",
     "SSL_up_ref",
     "SSL_use_certificate",

src/constants.rs

@@ -4,6 +4,7 @@ use openssl_sys::{
     NID_ED25519, NID_ED448, NID_X25519, NID_X448,
 };
 
+use rustls::internal::msgs::enums::AlertLevel;
 use rustls::{AlertDescription, NamedGroup, SignatureScheme};
 
 pub fn alert_desc_to_long_string(value: c_int) -> &'static CStr {
@@ -88,6 +89,22 @@ pub fn alert_desc_to_short_string(value: c_int) -> &'static CStr {
     }
 }
 
+pub fn alert_level_to_short_string(value: u8) -> &'static CStr {
+    match AlertLevel::from(value) {
+        AlertLevel::Warning => c"W",
+        AlertLevel::Fatal => c"F",
+        _ => c"U",
+    }
+}
+
+pub fn alert_level_to_long_string(value: u8) -> &'static CStr {
+    match AlertLevel::from(value) {
+        AlertLevel::Warning => c"warning",
+        AlertLevel::Fatal => c"fatal",
+        _ => c"unknown",
+    }
+}
+
 pub fn sig_scheme_to_nid(scheme: SignatureScheme) -> Option<c_int> {
     use SignatureScheme::*;
     match scheme {

src/entry.rs

@@ -77,6 +77,20 @@ entry! {
     }
 }
 
+entry! {
+    pub fn _SSL_alert_type_string(value: c_int) -> *const c_char {
+        crate::constants::alert_level_to_short_string(u8::try_from(value).unwrap_or_default())
+            .as_ptr() as *const c_char
+    }
+}
+
+entry! {
+    pub fn _SSL_alert_type_string_long(value: c_int) -> *const c_char {
+        crate::constants::alert_level_to_long_string(u8::try_from(value).unwrap_or_default())
+            .as_ptr() as *const c_char
+    }
+}
+
 entry! {
     pub fn _BIO_f_ssl() -> *const BIO_METHOD {
         &crate::bio::SSL_BIO_METHOD
@@ -941,6 +955,15 @@ entry! {
     }
 }
 
+entry! {
+    pub fn _SSL_set_cipher_list(_ssl: *mut SSL, str: *const c_char) -> c_int {
+        match try_str!(str) {
+            "HIGH:!aNULL:!MD5" => C_INT_SUCCESS,
+            _ => Error::not_supported("SSL_set_cipher_list").raise().into(),
+        }
+    }
+}
+
 entry! {
     pub fn _SSL_set_connect_state(ssl: *mut SSL) {
         try_clone_arc!(ssl).get_mut().set_client_mode()
@@ -1271,6 +1294,12 @@ entry! {
     }
 }
 
+entry! {
+    pub fn _SSL_set_verify_result(ssl: *mut SSL, v: c_long) {
+        try_clone_arc!(ssl).get().set_last_verification_result(v)
+    }
+}
+
 entry! {
     pub fn _SSL_get_certificate(ssl: *const SSL) -> *mut X509 {
         try_clone_arc!(ssl).get().get_certificate()

src/lib.rs

@@ -1395,6 +1395,14 @@ impl Ssl {
         }
     }
 
+    fn set_last_verification_result(&self, v: i64) {
+        match &self.conn {
+            ConnState::Client(_, verifier) => verifier.update_last_result(v),
+            ConnState::Server(_, verifier, _) => verifier.update_last_result(v),
+            _ => {}
+        }
+    }
+
     fn get_last_verification_sig_scheme(&self) -> Option<SignatureScheme> {
         match &self.conn {
             ConnState::Client(_, verifier) => verifier.last_sig_scheme(),

src/verifier.rs

@@ -66,6 +66,10 @@ impl ServerVerifier {
         self.last_result.load(Ordering::Acquire)
     }
 
+    pub fn update_last_result(&self, v: i64) {
+        self.last_result.store(v, Ordering::Relaxed);
+    }
+
     pub fn last_sig_scheme(&self) -> Option<SignatureScheme> {
         self.last_sig_scheme.read().ok().map(|scheme| *scheme)?
     }
@@ -202,6 +206,10 @@ impl ClientVerifier {
         self.last_result.load(Ordering::Acquire)
     }
 
+    pub fn update_last_result(&self, v: i64) {
+        self.last_result.store(v, Ordering::Relaxed);
+    }
+
     pub fn last_sig_scheme(&self) -> Option<SignatureScheme> {
         self.last_sig_scheme.read().ok().map(|scheme| *scheme)?
     }