switch back to use tongsuo 8.3 for performance reason

G3-OSS · Feb 19, 2024 · e5c76ed · e5c76ed
1 parent 5439958
commit e5c76ed
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 5 deletions.
diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml
@@ -26,7 +26,7 @@ aws-lc-sys = { version = "0.13.0", optional = true, features = ["ssl"] }
 bindgen = { version = "0.69.0", optional = true, features = ["experimental"] }
 cc = "1.0.61"
 openssl-src = { version = "300.1.2", optional = true }
-tongsuo-src = { version = "840.2.0", optional = true }
+tongsuo-src = { version = "833", optional = true }
 pkg-config = "0.3.9"
 vcpkg = "0.2.8"
 

diff --git a/openssl-sys/build/expando.c b/openssl-sys/build/expando.c
@@ -25,6 +25,9 @@ RUST_CONF_OPENSSL_NO_OCSP
 RUST_OPENSSL_IS_BORINGSSL
 #endif
 
+#ifdef BABASSL_VERSION_NUMBER
+RUST_OPENSSL_IS_TONGSUO
+#endif
 #ifdef TONGSUO_VERSION_NUMBER
 RUST_OPENSSL_IS_TONGSUO
 

diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs
@@ -555,11 +555,15 @@ cfg_if! {
             pub fn SSL_CTX_use_sign_PrivateKey_file(ctx: *mut SSL_CTX, file: *const c_char, type_: c_int) -> c_int;
             pub fn SSL_CTX_enable_ntls(ctx: *mut SSL_CTX);
             pub fn SSL_CTX_disable_ntls(ctx: *mut SSL_CTX);
+            #[cfg(ossl300)]
             pub fn SSL_CTX_enable_force_ntls(ctx: *mut SSL_CTX);
+            #[cfg(ossl300)]
             pub fn SSL_CTX_disable_force_ntls(ctx: *mut SSL_CTX);
             pub fn SSL_enable_ntls(s: *mut SSL);
             pub fn SSL_disable_ntls(s: *mut SSL);
+            #[cfg(ossl300)]
             pub fn SSL_enable_force_ntls(s: *mut SSL);
+            #[cfg(ossl300)]
             pub fn SSL_disable_force_ntls(s: *mut SSL);
             pub fn SSL_CTX_enable_sm_tls13_strict(ctx: *mut SSL_CTX);
             pub fn SSL_CTX_disable_sm_tls13_strict(ctx: *mut SSL_CTX);

diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs
@@ -317,6 +317,8 @@ impl SslAcceptor {
     #[cfg(tongsuo)]
     pub fn tongsuo_tlcp() -> Result<SslAcceptorBuilder, ErrorStack> {
         let mut ctx = ctx(SslMethod::ntls_server())?;
+        ctx.enable_ntls();
+        #[cfg(ossl300)]
         ctx.enable_force_ntls();
         // the EC curves should always be SM2
         ctx.set_cipher_list(

diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
@@ -852,13 +852,13 @@ impl SslContextBuilder {
         unsafe { ffi::SSL_CTX_disable_ntls(self.as_ptr()) }
     }
 
-    #[cfg(tongsuo)]
+    #[cfg(all(tongsuo, ossl300))]
     #[corresponds(SSL_CTX_enable_force_ntls)]
     pub fn enable_force_ntls(&mut self) {
         unsafe { ffi::SSL_CTX_enable_force_ntls(self.as_ptr()) }
     }
 
-    #[cfg(tongsuo)]
+    #[cfg(all(tongsuo, ossl300))]
     #[corresponds(SSL_CTX_disable_force_ntls)]
     pub fn disable_force_ntls(&mut self) {
         unsafe { ffi::SSL_CTX_disable_force_ntls(self.as_ptr()) }
@@ -2853,13 +2853,13 @@ impl SslRef {
         unsafe { ffi::SSL_disable_ntls(self.as_ptr()) }
     }
 
-    #[cfg(tongsuo)]
+    #[cfg(all(tongsuo, ossl300))]
     #[corresponds(SSL_enable_force_ntls)]
     pub fn enable_force_ntls(&mut self) {
         unsafe { ffi::SSL_enable_force_ntls(self.as_ptr()) }
     }
 
-    #[cfg(tongsuo)]
+    #[cfg(all(tongsuo, ossl300))]
     #[corresponds(SSL_disable_force_ntls)]
     pub fn disable_force_ntls(&mut self) {
         unsafe { ffi::SSL_disable_force_ntls(self.as_ptr()) }