testing suits for iOS & Android

.github/workflows/ci.yml

@@ -3,10 +3,10 @@ name: CI
 on:
   pull_request:
     branches:
-      - master
+      - '**'
   push:
     branches:
-      - master
+      - '**'
 
 env:
   RUSTFLAGS: -Dwarnings
@@ -55,4 +55,47 @@ jobs:
           path: target
           key: target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }}
       - run: cargo test --features vendored
-      - run: cargo test --features vendored
+
+  build_n_test_ios:
+    strategy:
+      fail-fast: false
+    runs-on: macos-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Install cargo lipo and rust compiler for ios target
+      if: ${{ !cancelled() }}
+      run: |
+        cargo install --locked cargo-lipo
+        rustup target add x86_64-apple-ios aarch64-apple-ios
+    - name: clippy
+      if: ${{ !cancelled() }}
+      run: cargo clippy --target x86_64-apple-ios --all-features -- -D warnings
+    - name: Build
+      if: ${{ !cancelled() }}
+      run: |
+        cargo lipo --verbose --all-features
+    - name: Abort on error
+      if: ${{ failure() }}
+      run: echo "iOS build job failed" && false
+
+  build_n_test_android:
+    strategy:
+      fail-fast: false
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Install cargo ndk and rust compiler for android target
+      if: ${{ !cancelled() }}
+      run: |
+        cargo install --locked cargo-ndk
+        rustup target add x86_64-linux-android
+    - name: clippy
+      if: ${{ !cancelled() }}
+      run: cargo ndk -t x86_64 clippy --features vendored -- -D warnings
+    - name: Build
+      if: ${{ !cancelled() }}
+      run: |
+        cargo ndk -t x86_64 rustc --verbose --features vendored --lib --crate-type=cdylib
+    - name: Abort on error
+      if: ${{ failure() }}
+      run: echo "Android build job failed" && false

.gitignore

@@ -1,3 +1,4 @@
+.VSCodeCounter/
 target
 Cargo.lock
 .idea

Cargo.toml

@@ -1,6 +1,7 @@
 [package]
 name = "native-tls"
 version = "0.2.12"
+edition = "2018"
 authors = ["Steven Fackler <[email protected]>"]
 license = "MIT OR Apache-2.0"
 description = "A wrapper over a platform's native TLS implementation"
@@ -12,9 +13,13 @@ rust-version = "1.53.0"
 features = ["alpn"]
 rustdoc-args = ["--cfg", "docsrs"]
 
+[lib]
+crate-type = ["staticlib", "rlib"]
+
 [features]
 vendored = ["openssl/vendored"]
 alpn = ["security-framework/alpn"]
+have_min_max_version = []
 
 [target.'cfg(target_vendor = "apple")'.dependencies]
 security-framework = "2.0.0"

src/imp/openssl.rs

@@ -16,9 +16,9 @@ use std::fmt;
 use std::io;
 use std::sync::Once;
 
-use {Protocol, TlsAcceptorBuilder, TlsConnectorBuilder};
+use crate::{Protocol, TlsAcceptorBuilder, TlsConnectorBuilder};
 
-#[cfg(have_min_max_version)]
+#[cfg(feature = "have_min_max_version")]
 fn supported_protocols(
     min: Option<Protocol>,
     max: Option<Protocol>,
@@ -41,7 +41,7 @@ fn supported_protocols(
     Ok(())
 }
 
-#[cfg(not(have_min_max_version))]
+#[cfg(not(feature = "have_min_max_version"))]
 fn supported_protocols(
     min: Option<Protocol>,
     max: Option<Protocol>,

src/imp/schannel.rs

@@ -10,7 +10,7 @@ use std::fmt;
 use std::io;
 use std::str;
 
-use {TlsAcceptorBuilder, TlsConnectorBuilder};
+use crate::{TlsAcceptorBuilder, TlsConnectorBuilder};
 
 const SEC_E_NO_CREDENTIALS: u32 = 0x8009030E;
 
@@ -21,7 +21,10 @@ static PROTOCOLS: &'static [Protocol] = &[
     Protocol::Tls12,
 ];
 
-fn convert_protocols(min: Option<::Protocol>, max: Option<::Protocol>) -> &'static [Protocol] {
+fn convert_protocols(
+    min: Option<crate::Protocol>,
+    max: Option<crate::Protocol>,
+) -> &'static [Protocol] {
     let mut protocols = PROTOCOLS;
     if let Some(p) = max.and_then(|max| protocols.get(..=max as usize)) {
         protocols = p;
@@ -236,8 +239,8 @@ impl<S> From<io::Error> for HandshakeError<S> {
 pub struct TlsConnector {
     cert: Option<CertContext>,
     roots: CertStore,
-    min_protocol: Option<::Protocol>,
-    max_protocol: Option<::Protocol>,
+    min_protocol: Option<crate::Protocol>,
+    max_protocol: Option<crate::Protocol>,
     use_sni: bool,
     accept_invalid_hostnames: bool,
     accept_invalid_certs: bool,
@@ -327,8 +330,8 @@ impl TlsConnector {
 #[derive(Clone)]
 pub struct TlsAcceptor {
     cert: CertContext,
-    min_protocol: Option<::Protocol>,
-    max_protocol: Option<::Protocol>,
+    min_protocol: Option<crate::Protocol>,
+    max_protocol: Option<crate::Protocol>,
 }
 
 impl TlsAcceptor {

src/imp/security_framework.rs

@@ -15,7 +15,6 @@ use std::error;
 use std::fmt;
 use std::io;
 use std::str;
-use std::sync::Mutex;
 use std::sync::Once;
 
 #[cfg(not(any(
@@ -56,8 +55,9 @@ use self::security_framework::os::macos::import_export::{
 )))]
 use self::security_framework::os::macos::keychain::{self, KeychainSettings, SecKeychain};
 
-use {Protocol, TlsAcceptorBuilder, TlsConnectorBuilder};
+use crate::{Protocol, TlsAcceptorBuilder, TlsConnectorBuilder};
 
+#[allow(dead_code)]
 static SET_AT_EXIT: Once = Once::new();
 
 #[cfg(not(any(
@@ -66,7 +66,8 @@ static SET_AT_EXIT: Once = Once::new();
     target_os = "tvos",
     target_os = "visionos"
 )))]
-static TEMP_KEYCHAIN: Mutex<Option<(SecKeychain, tempfile::TempDir)>> = Mutex::new(None);
+static TEMP_KEYCHAIN: std::sync::Mutex<Option<(SecKeychain, tempfile::TempDir)>> =
+    std::sync::Mutex::new(None);
 
 fn convert_protocol(protocol: Protocol) -> SslProtocol {
     match protocol {
@@ -233,6 +234,7 @@ impl Identity {
     }
 }
 
+#[allow(dead_code)]
 fn random_password() -> Result<String, Error> {
     use std::fmt::Write;
     let mut bytes = [0_u8; 10];
@@ -479,6 +481,7 @@ impl TlsAcceptor {
 
 pub struct TlsStream<S> {
     stream: secure_transport::SslStream<S>,
+    #[allow(dead_code)]
     cert: Option<SecCertificate>,
 }
 
@@ -641,6 +644,7 @@ impl<S: io::Read + io::Write> io::Write for TlsStream<S> {
     }
 }
 
+#[allow(dead_code)]
 enum Digest {
     Sha224,
     Sha256,
@@ -649,9 +653,10 @@ enum Digest {
 }
 
 impl Digest {
+    #[allow(dead_code)]
     fn hash(&self, data: &[u8]) -> Vec<u8> {
         unsafe {
-            assert!(data.len() <= CC_LONG::max_value() as usize);
+            assert!(data.len() <= CC_LONG::MAX as usize);
             match *self {
                 Digest::Sha224 => {
                     let mut buf = [0; CC_SHA224_DIGEST_LENGTH];
@@ -679,16 +684,24 @@ impl Digest {
 }
 
 // FIXME ideally we'd pull these in from elsewhere
+#[allow(dead_code)]
 const CC_SHA224_DIGEST_LENGTH: usize = 28;
+#[allow(dead_code)]
 const CC_SHA256_DIGEST_LENGTH: usize = 32;
+#[allow(dead_code)]
 const CC_SHA384_DIGEST_LENGTH: usize = 48;
+#[allow(dead_code)]
 const CC_SHA512_DIGEST_LENGTH: usize = 64;
-#[allow(non_camel_case_types)]
+#[allow(non_camel_case_types, dead_code)]
 type CC_LONG = u32;
 
 extern "C" {
+    #[allow(dead_code)]
     fn CC_SHA224(data: *const u8, len: CC_LONG, md: *mut u8) -> *mut u8;
+    #[allow(dead_code)]
     fn CC_SHA256(data: *const u8, len: CC_LONG, md: *mut u8) -> *mut u8;
+    #[allow(dead_code)]
     fn CC_SHA384(data: *const u8, len: CC_LONG, md: *mut u8) -> *mut u8;
+    #[allow(dead_code)]
     fn CC_SHA512(data: *const u8, len: CC_LONG, md: *mut u8) -> *mut u8;
 }

src/lib.rs

@@ -106,7 +106,7 @@ use std::result;
 #[cfg(not(any(target_os = "windows", target_vendor = "apple",)))]
 #[macro_use]
 extern crate log;
-#[cfg(any(target_vendor = "apple",))]
+#[cfg(target_vendor = "apple")]
 #[path = "imp/security_framework.rs"]
 mod imp;
 #[cfg(target_os = "windows")]