Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SBGP extension handling #2053

Open
wants to merge 30 commits into
base: master
Choose a base branch
from
Open

Add SBGP extension handling #2053

Show file tree
Hide file tree
Changes from 29 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
c160383
read AS numbers
nomick Apr 15, 2023
525dcbb
IP address range parsing
nomick Apr 17, 2023
a7dc993
add possibility to define sbgp extensions
nomick Apr 18, 2023
187ee6d
some style fixes
nomick Jul 18, 2023
d27ac33
fixes for current master and OpenSSL 3
thillux Aug 11, 2023
e93ab39
add test for SBGP extension
thillux Aug 11, 2023
815a951
mark supported OpenSSL version range, make CI happy
thillux Oct 12, 2023
df85aef
fix formatting for older rust versions
thillux Oct 14, 2023
78c4b4e
removed local reimpls of ossl functions
PetrichorIT Oct 25, 2023
95f97b3
API refactoring, removed unessecary components
PetrichorIT Oct 26, 2023
98bff2f
switched to internal types for sbgp extension building
PetrichorIT Nov 2, 2023
a24c404
simplified builder, added more tests
PetrichorIT Nov 9, 2023
c4a61d1
removed random whitespace change in systest/build
PetrichorIT Nov 9, 2023
54c6e48
appeased clippy & added missing cfg(ossl110)
PetrichorIT Nov 15, 2023
938a715
fix unused import
PetrichorIT Nov 15, 2023
c5cad36
fixed inherit & critical defaults & canonical
PetrichorIT Nov 27, 2023
0dd8c8d
fix leak, deferred allocation of max
PetrichorIT Nov 29, 2023
e4c23d1
simplified builder, removed nonrepr states
PetrichorIT Dec 4, 2023
2386460
fixed cfg statements
PetrichorIT Dec 4, 2023
49fec48
added assertions & panics + renamed some types
PetrichorIT Dec 6, 2023
cc295b5
docs & AS number extension subset_of test
PetrichorIT Dec 18, 2023
b6f9916
added SBGP IP ext, misssing bindings
PetrichorIT Dec 20, 2023
7949ec4
added missing bindings + fixed fmt
PetrichorIT Jan 25, 2024
ba3bf9f
added OPENSSL_NO_RFC3779 to tests
PetrichorIT Jan 25, 2024
fa9e0b3
tests missing cfg flags + simplified use stmts
PetrichorIT Jan 25, 2024
7cb5e43
Merge branch 'master' into sbgp-extension
PetrichorIT Jan 25, 2024
8f32bb9
fixed missing cfg flags
PetrichorIT Jan 25, 2024
6cc634c
fixed X509V3_asid_subset, no longer available in 1.1.0
PetrichorIT Jan 31, 2024
7bce3d5
fixed rustfmt
PetrichorIT Feb 1, 2024
6dcf781
fix typos & small clippy fix
HolyShitMan Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions openssl-sys/src/handwritten/mod.rs
View file
Open in desktop
Expand Up @@ -31,6 +31,9 @@ pub use self::stack::*;
pub use self::tls1::*;
pub use self::types::*;
pub use self::x509::*;
#[cfg(ossl110)]
#[cfg(not(OPENSSL_NO_RFC3779))]
pub use self::x509_sbgp::*;
pub use self::x509_vfy::*;
pub use self::x509v3::*;

Expand Down Expand Up @@ -67,5 +70,8 @@ mod stack;
mod tls1;
mod types;
mod x509;
#[cfg(ossl110)]
#[cfg(not(OPENSSL_NO_RFC3779))]
mod x509_sbgp;
mod x509_vfy;
mod x509v3;
148 changes: 148 additions & 0 deletions openssl-sys/src/handwritten/x509_sbgp.rs
View file
Open in desktop
@@ -0,0 +1,148 @@
use super::super::*;
use libc::*;

#[repr(C)]
pub struct ASRange {
pub min: *mut ASN1_INTEGER,
pub max: *mut ASN1_INTEGER,
}

#[repr(C)]
pub struct ASIdOrRange {
pub type_: c_int,
pub u: ASIdOrRange_st_anon_union,
}

#[repr(C)]
pub union ASIdOrRange_st_anon_union {
pub id: *mut ASN1_INTEGER,
pub range: *mut ASRange,
}

stack!(stack_st_ASIdOrRange);
type ASIdOrRanges = stack_st_ASIdOrRange;

#[repr(C)]
pub union ASIdentifierChoice_st_anon_union {
pub asIdsOrRanges: *mut stack_st_ASIdOrRange,
}

#[repr(C)]
pub struct ASIdentifierChoice {
pub type_: c_int,
pub u: ASIdentifierChoice_st_anon_union,
}

#[repr(C)]
pub struct ASIdentifiers {
pub asnum: *mut ASIdentifierChoice,
pub rdi: *mut ASIdentifierChoice,
}

#[repr(C)]
pub struct IPAddressRange {
pub min: *mut ASN1_BIT_STRING,
pub max: *mut ASN1_BIT_STRING,
}

#[repr(C)]
pub struct IPAddressOrRange {
pub type_: c_int,
pub u: IPAddressOrRange_st_anon_union,
}
#[repr(C)]
pub union IPAddressOrRange_st_anon_union {
pub addressPrefix: *mut ASN1_BIT_STRING,
pub addressRange: *mut IPAddressRange,
}

stack!(stack_st_IPAddressOrRange);
type IPAddressOrRanges = stack_st_IPAddressOrRange;

#[repr(C)]
pub union IPAddressChoice_st_anon_union {
pub addressesOrRanges: *mut IPAddressOrRanges,
}

#[repr(C)]
pub struct IPAddressChoice {
pub type_: c_int,
pub u: IPAddressChoice_st_anon_union,
}

#[repr(C)]
pub struct IPAddressFamily {
pub addressFamily: *mut ASN1_OCTET_STRING,
pub ipAddressChoice: *mut IPAddressChoice,
}

stack!(stack_st_IPAddressFamily);
type IPAddrBlocks = stack_st_IPAddressFamily;

extern "C" {
/*
* Constructors / Destructors for SBGP autonomousSysNum
*/
pub fn ASIdentifiers_new() -> *mut ASIdentifiers;
pub fn ASIdentifiers_free(asi: *mut ASIdentifiers);
pub fn ASIdOrRange_free(asi: *mut ASIdOrRange);

/*
* Constructors / Destructors for SBGP ipAddrBlock
*/
pub fn IPAddressFamily_free(asi: *mut IPAddressFamily);
pub fn IPAddressOrRange_free(asi: *mut IPAddressOrRange);

/*
* Utility functions for working with RFC 3779 values,
* since their encodings are a bit tedious.
*/
pub fn X509v3_asid_add_id_or_range(
asid: *mut ASIdentifiers,
which: c_int,
min: *mut ASN1_INTEGER,
max: *mut ASN1_INTEGER,
) -> c_int;
pub fn X509v3_asid_add_inherit(asid: *mut ASIdentifiers, which: c_int) -> c_int;
pub fn X509v3_asid_canonize(asid: *mut ASIdentifiers) -> c_int;
pub fn X509v3_asid_is_canonical(asid: *mut ASIdentifiers) -> c_int;
pub fn X509v3_asid_inherits(asid: *mut ASIdentifiers) -> c_int;
pub fn X509v3_asid_subset(child: *mut ASIdentifiers, parent: *mut ASIdentifiers) -> c_int;
pub fn X509v3_asid_validate_path(ctx: *mut X509_STORE_CTX) -> c_int;
pub fn X509v3_asid_validate_resource_set(
chain: *mut stack_st_X509,
ext: *mut ASIdentifiers,
allow_inheritence: c_int,
) -> c_int;

pub fn X509v3_addr_get_range(
aor: *mut IPAddressOrRange,
afi: c_uint,
min: *mut c_uchar,
max: *mut c_uchar,
length: c_int,
) -> c_int;
pub fn X509v3_addr_get_afi(f: *const IPAddressFamily) -> c_uint;
pub fn X509v3_addr_add_range(
addr: *mut IPAddrBlocks,
afi: c_uint,
safi: *const c_uint,
min: *mut c_uchar,
max: *mut c_uchar,
) -> c_int;
pub fn X509v3_addr_add_inherit(
addr: *mut IPAddrBlocks,
afi: c_uint,
safi: *const c_uint,
) -> c_int;
pub fn X509v3_addr_canonize(addr: *mut IPAddrBlocks) -> c_int;
pub fn X509v3_addr_is_canonical(addr: *mut IPAddrBlocks) -> c_int;
pub fn X509v3_addr_inherits(addr: *mut IPAddrBlocks) -> c_int;
pub fn X509v3_addr_subset(a: *mut IPAddrBlocks, b: *mut IPAddrBlocks) -> c_int;
pub fn X509v3_addr_validate_path(ctx: *mut X509_STORE_CTX) -> c_int;
pub fn X509v3_addr_validate_resource_set(
chain: *mut stack_st_X509,
ext: *mut IPAddrBlocks,
allow_inheritence: c_int,
) -> c_int;
}
2 changes: 2 additions & 0 deletions openssl-sys/src/lib.rs
View file
Open in desktop
Expand Up @@ -64,6 +64,7 @@ mod openssl {
pub use self::tls1::*;
pub use self::types::*;
pub use self::x509::*;
pub use self::x509_sbgp::*;
pub use self::x509_vfy::*;
pub use self::x509v3::*;

Expand Down Expand Up @@ -94,6 +95,7 @@ mod openssl {
mod tls1;
mod types;
mod x509;
mod x509_sbgp;
mod x509_vfy;
mod x509v3;

Expand Down
35 changes: 35 additions & 0 deletions openssl-sys/src/x509_sbgp.rs
View file
Open in desktop
@@ -0,0 +1,35 @@
#[cfg(ossl110)]
use libc::*;

#[cfg(ossl110)]
use super::*;

#[cfg(ossl110)]
pub const ASIdOrRange_id: c_int = 0;
#[cfg(ossl110)]
pub const ASIdOrRange_range: c_int = 1;

#[cfg(ossl110)]
pub const ASIdentifierChoice_inherit: c_int = 0;
#[cfg(ossl110)]
pub const ASIdentifierChoice_asIdsOrRanges: c_int = 1;

#[cfg(ossl110)]
pub const IPAddressOrRange_addressPrefix: c_int = 0;
#[cfg(ossl110)]
pub const IPAddressOrRange_addressRange: c_int = 1;

#[cfg(ossl110)]
pub const IPAddressChoice_inherit: c_int = 0;
#[cfg(ossl110)]
pub const IPAddressChoice_addressesOrRanges: c_int = 1;

#[cfg(ossl110)]
pub const IANA_AFI_IPV4: c_int = 1;
#[cfg(ossl110)]
pub const IANA_AFI_IPV6: c_int = 2;

#[cfg(ossl110)]
pub const V3_ASID_ASNUM: c_int = 0;
#[cfg(ossl110)]
pub const V3_ASID_RDI: c_int = 1;