rust: bssl-tls: Make certificate store more ergonomic To avoid possibly repeated store construction, it is better to let builders take borrows. Signed-off-by: Xiangfei Ding <xfding@google.com> Change-Id: Ib8f3add3683850e7865a796d604ecda56a6a6964 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/93767 Reviewed-by: David Benjamin <davidben@google.com> Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Rudolf Polzer <rpolzer@google.com>
diff --git a/rust/bssl-tls/src/connection/credentials.rs b/rust/bssl-tls/src/connection/credentials.rs index 413a0b3..7cbb2d8 100644 --- a/rust/bssl-tls/src/connection/credentials.rs +++ b/rust/bssl-tls/src/connection/credentials.rs
@@ -104,13 +104,13 @@ /// # Certificate verification impl<M> TlsConnectionInHandshake<'_, Client, M> { /// Set certificate verification store. - pub fn set_certificate_store(&mut self, store: X509Store) -> &mut Self { + pub fn set_certificate_store(&mut self, store: &X509Store) -> &mut Self { unsafe { // Safety: // - the validity of the handle `self.0` is witnessed by `self`. // - when pending handshake, the assignment is always successful. // - `SSL_set1_verify_cert_store` bumps the ref-count on the store. - bssl_sys::SSL_set1_verify_cert_store(self.ptr(), store.as_raw()); + bssl_sys::SSL_set1_verify_cert_store(self.ptr(), store.as_mut_ptr()); } self }
diff --git a/rust/bssl-tls/src/context/credentials.rs b/rust/bssl-tls/src/context/credentials.rs index d6b2f79..23aa16f 100644 --- a/rust/bssl-tls/src/context/credentials.rs +++ b/rust/bssl-tls/src/context/credentials.rs
@@ -91,12 +91,15 @@ /// # Certificate verification impl<M> TlsContextBuilder<M> { /// Set certificate verification store. - pub fn with_certificate_store(&mut self, store: X509Store) -> &mut Self { + pub fn with_certificate_store(&mut self, store: &X509Store) -> &mut Self { unsafe { // Safety: // - the validity of the handle `self.0` is witnessed by `self`. // - `SSL_CTX_set1_verify_cert_store` bumps the ref-count on `store`. - bssl_sys::SSL_CTX_set1_verify_cert_store(self.ptr(), store.as_raw()); + assert_eq!( + bssl_sys::SSL_CTX_set1_verify_cert_store(self.ptr(), store.as_mut_ptr()), + 1, + ); } self }
diff --git a/rust/bssl-x509/src/store.rs b/rust/bssl-x509/src/store.rs index f81b2ae..f1b0acb 100644 --- a/rust/bssl-x509/src/store.rs +++ b/rust/bssl-x509/src/store.rs
@@ -173,7 +173,7 @@ /// /// `self` **must** outlive the uses of the returned handle. /// Verify the callsite contract to honour the lifetime contracts. - pub unsafe fn as_raw(&self) -> *mut bssl_sys::X509_STORE { + pub unsafe fn as_mut_ptr(&self) -> *mut bssl_sys::X509_STORE { self.0.as_ptr() } }
diff --git a/rust/bssl-x509/src/verify.rs b/rust/bssl-x509/src/verify.rs index 7ee4006..c8ea2cb 100644 --- a/rust/bssl-x509/src/verify.rs +++ b/rust/bssl-x509/src/verify.rs
@@ -84,7 +84,12 @@ // - `chain` is a valid stack pointer, kept alive by `ctx.chain`. // - The input objects will outlive `'a`, so the verifier is outlived by // these objects. - bssl_sys::X509_STORE_CTX_init(ctx.ptr(), store.as_raw(), cert.ptr(), ctx.chain.ptr()) + bssl_sys::X509_STORE_CTX_init( + ctx.ptr(), + store.as_mut_ptr(), + cert.ptr(), + ctx.chain.ptr(), + ) }); Ok(ctx) }