Merge pull request #213 from sfackler/test-ossl3

sfackler · web-flow · commit 5a695e2392e8 · 2021-12-08T08:05:09.000-05:00
Fix tests with openssl 3
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -11,6 +11,7 @@ on:
 env:
   RUSTFLAGS: -Dwarnings
   RUST_BACKTRACE: 1
+  OPENSSL_CONF: test.conf
 
 jobs:
   rustfmt:
@@ -35,7 +36,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: sfackler/actions/rustup@master
         with:
-          version: 1.37.0
+          version: 1.53.0
       - run: echo "::set-output name=version::$(rustc --version)"
         id: rust-version
       - uses: actions/cache@v1
@@ -54,5 +55,5 @@ jobs:
         with:
           path: target
           key: target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }}
-      - run: cargo test --features vendored
-      - run: cargo test --features vendored,alpn
+      - run: cargo test --features vendored,openssl-src/legacy
+      - run: cargo test --features vendored,openssl-src/legacy,alpn
diff --git a/Cargo.toml b/Cargo.toml
@@ -13,7 +13,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 
 [features]
 vendored = ["openssl/vendored"]
-alpn = ["security-framework/alpn"] 
+alpn = ["security-framework/alpn"]
 
 [target.'cfg(any(target_os = "macos", target_os = "ios"))'.dependencies]
 security-framework = "2.0.0"
@@ -31,6 +31,9 @@ openssl = "0.10.29"
 openssl-sys = "0.9.55"
 openssl-probe = "0.1"
 
+[target.'cfg(not(any(target_os = "windows", target_os = "macos", target_os = "ios")))'.build_dependencies]
+openssl-src = { version = "300.0.3", optional = true }
+
 [dev-dependencies]
 tempfile = "3.0"
 test-cert-gen = "0.1"
diff --git a/src/imp/security_framework.rs b/src/imp/security_framework.rs
@@ -390,6 +390,7 @@ impl<S: io::Read + io::Write> TlsStream<S> {
         Ok(self.stream.context().buffered_read_size()?)
     }
 
+    #[allow(deprecated)]
     pub fn peer_certificate(&self) -> Result<Option<Certificate>, Error> {
         let trust = match self.stream.context().peer_trust2()? {
             Some(trust) => trust,
diff --git a/src/test.rs b/src/test.rs
@@ -200,8 +200,8 @@ fn server_tls11_only() {
         &keys.server.pkcs12_password
     ));
     let builder = p!(TlsAcceptor::builder(identity)
-        .min_protocol_version(Some(Protocol::Tlsv11))
-        .max_protocol_version(Some(Protocol::Tlsv11))
+        .min_protocol_version(Some(Protocol::Tlsv12))
+        .max_protocol_version(Some(Protocol::Tlsv12))
         .build());
 
     let listener = p!(TcpListener::bind("0.0.0.0:0"));
@@ -223,8 +223,8 @@ fn server_tls11_only() {
     let socket = p!(TcpStream::connect(("localhost", port)));
     let builder = p!(TlsConnector::builder()
         .add_root_certificate(root_ca)
-        .min_protocol_version(Some(Protocol::Tlsv11))
-        .max_protocol_version(Some(Protocol::Tlsv11))
+        .min_protocol_version(Some(Protocol::Tlsv12))
+        .max_protocol_version(Some(Protocol::Tlsv12))
         .build());
     let mut socket = p!(builder.connect("localhost", socket));
 
diff --git a/test.conf b/test.conf
@@ -0,0 +1,14 @@
+openssl_conf = openssl_init
+
+[openssl_init]
+providers = providers
+
+[providers]
+default = default_provider
+legacy = legacy_provider
+
+[default_provider]
+activate = 1
+
+[legacy_provider]
+activate = 1

Original file line number	Diff line number	Diff line change
`@@ -390,6 +390,7 @@ impl<S: io::Read + io::Write> TlsStream<S> {`
`390`	`390`	`Ok(self.stream.context().buffered_read_size()?)`
`391`	`391`	`}`
`392`	`392`
	`393`	`+ #[allow(deprecated)]`
`393`	`394`	`pub fn peer_certificate(&self) -> Result<Option<Certificate>, Error> {`
`394`	`395`	`let trust = match self.stream.context().peer_trust2()? {`
`395`	`396`	`Some(trust) => trust,`