plabayo
diff --git a/‎boring-sys/build/main.rs‎
Lines changed: 12 additions & 20 deletions b/‎boring-sys/build/main.rs‎
Lines changed: 12 additions & 20 deletions
diff --git a/‎boring-sys/src/lib.rs‎
Lines changed: 7 additions & 1 deletion b/‎boring-sys/src/lib.rs‎
Lines changed: 7 additions & 1 deletion
diff --git a/‎boring/src/aes.rs‎
Lines changed: 15 additions & 17 deletions b/‎boring/src/aes.rs‎
Lines changed: 15 additions & 17 deletions
diff --git a/‎boring/src/asn1.rs‎
Lines changed: 6 additions & 6 deletions b/‎boring/src/asn1.rs‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎boring/src/bio.rs‎
Lines changed: 3 additions & 10 deletions b/‎boring/src/bio.rs‎
Lines changed: 3 additions & 10 deletions
@@ -3,7 +3,6 @@ use std::env;
 use std::ffi::OsString;
 use std::fs;
 use std::io;
-use std::io::Write;
 use std::path::{Path, PathBuf};
 use std::process::{Command, Output};
 use std::sync::OnceLock;
@@ -281,8 +280,8 @@ fn get_boringssl_cmake_config(config: &Config) -> cmake::Config {
             boringssl_cmake.define("CMAKE_TOOLCHAIN_FILE", toolchain_file);
 
             // 21 is the minimum level tested. You can give higher value.
-            boringssl_cmake.define("ANDROID_NATIVE_API_LEVEL", "21");
-            boringssl_cmake.define("ANDROID_STL", "c++_shared");
+            boringssl_cmake.define("ANDROID_NATIVE_API_LEVEL", "21"); // NOTE: cloudflare uses CMAKE_SYSTEM_VERSION
+            boringssl_cmake.define("ANDROID_STL", "c++_shared"); // NOTE: cloudflare uses CMAKE_ANDROID_STL_TYPE
         }
 
         "macos" => {
@@ -457,25 +456,18 @@ fn get_extra_clang_args_for_bindgen(config: &Config) -> Vec<String> {
             // When cross-compiling for Apple targets, tell bindgen to use SDK sysroot,
             // and *don't* use system headers of the host macOS.
             let sdk = get_apple_sdk_name(config);
-            let output = std::process::Command::new("xcrun")
-                .args(["--show-sdk-path", "--sdk", sdk])
-                .output()
-                .unwrap();
-            if !output.status.success() {
-                if let Some(exit_code) = output.status.code() {
-                    println!("cargo:warning=xcrun failed: exit code {exit_code}");
-                } else {
-                    println!("cargo:warning=xcrun failed: killed");
+            match run_command(Command::new("xcrun").args(["--show-sdk-path", "--sdk", sdk])) {
+                Ok(output) => {
+                    let sysroot = std::str::from_utf8(&output.stdout).expect("xcrun output");
+                    params.push("-isysroot".to_string());
+                    // There is typically a newline at the end which confuses clang.
+                    params.push(sysroot.trim_end().to_string());
+                }
+                Err(e) => {
+                    println!("cargo:warning={e}");
+                    // Uh... let's try anyway, I guess?
                 }
-                std::io::stderr().write_all(&output.stderr).unwrap();
-                // Uh... let's try anyway, I guess?
-                return params;
             }
-            let mut sysroot = String::from_utf8(output.stdout).unwrap();
-            // There is typically a newline at the end which confuses clang.
-            sysroot.truncate(sysroot.trim_end().len());
-            params.push("-isysroot".to_string());
-            params.push(sysroot);
         }
         "android" => {
             let mut android_sysroot = config
 
@@ -10,7 +10,6 @@
     non_upper_case_globals,
     unused_imports
 )]
-#![cfg_attr(docsrs, feature(doc_auto_cfg))]
 
 use std::convert::TryInto;
 use std::ffi::c_void;
@@ -26,6 +25,13 @@ use std::os::raw::{c_char, c_int, c_uint, c_ulong};
 mod generated {
     include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
 }
+
+// explicitly require presence of some symbols to check if the bindings worked
+pub use generated::{ssl_compliance_policy_t, ERR_add_error_data, SSL_set1_groups}; // if these are missing, your include path is incorrect or has a wrong version of boringssl
+pub use generated::{BIO_new, OPENSSL_free, SSL_ERROR_NONE}; // if these are missing, your include path is incorrect
+
+// NOTE: cloudflare has MLKEM768 as well, check if we need this later
+
 pub use generated::*;
 
 #[cfg(target_pointer_width = "64")]
 
@@ -38,7 +38,7 @@
 //! ```
 //!
 use crate::ffi;
-use crate::libc_types::{c_int, c_uint, size_t};
+use crate::libc_types::c_int;
 use openssl_macros::corresponds;
 use std::mem::MaybeUninit;
 use std::ptr;
@@ -63,8 +63,8 @@ impl AesKey {
 
             let mut aes_key = MaybeUninit::uninit();
             let r = ffi::AES_set_encrypt_key(
-                key.as_ptr() as *const _,
-                key.len() as c_uint * 8,
+                key.as_ptr(),
+                (key.len() * 8).try_into().map_err(|_| KeyError(()))?,
                 aes_key.as_mut_ptr(),
             );
             if r == 0 {
@@ -87,8 +87,8 @@ impl AesKey {
 
             let mut aes_key = MaybeUninit::uninit();
             let r = ffi::AES_set_decrypt_key(
-                key.as_ptr() as *const _,
-                key.len() as c_uint * 8,
+                key.as_ptr(),
+                (key.len() * 8).try_into().map_err(|_| KeyError(()))?,
                 aes_key.as_mut_ptr(),
             );
 
@@ -125,12 +125,11 @@ pub fn wrap_key(
         assert!(out.len() >= in_.len() + 8); // Ciphertext is 64 bits longer (see 2.2.1)
 
         let written = ffi::AES_wrap_key(
-            &key.0 as *const _ as *mut _, // this is safe, the implementation only uses the key as a const pointer.
-            iv.as_ref()
-                .map_or(ptr::null(), |iv| iv.as_ptr() as *const _),
-            out.as_ptr() as *mut _,
-            in_.as_ptr() as *const _,
-            in_.len() as size_t,
+            std::ptr::addr_of!(key.0).cast_mut(), // this is safe, the implementation only uses the key as a const pointer.
+            iv.as_ref().map_or(ptr::null(), |iv| iv.as_ptr()),
+            out.as_mut_ptr(),
+            in_.as_ptr(),
+            in_.len(),
         );
         if written <= 0 {
             Err(KeyError(()))
@@ -164,12 +163,11 @@ pub fn unwrap_key(
         assert!(out.len() + 8 <= in_.len());
 
         let written = ffi::AES_unwrap_key(
-            &key.0 as *const _ as *mut _, // this is safe, the implementation only uses the key as a const pointer.
-            iv.as_ref()
-                .map_or(ptr::null(), |iv| iv.as_ptr() as *const _),
-            out.as_ptr() as *mut _,
-            in_.as_ptr() as *const _,
-            in_.len() as size_t,
+            std::ptr::addr_of!(key.0).cast_mut(), // this is safe, the implementation only uses the key as a const pointer.
+            iv.as_ref().map_or(ptr::null(), |iv| iv.as_ptr().cast()),
+            out.as_ptr().cast_mut(),
+            in_.as_ptr().cast(),
+            in_.len(),
         );
 
         if written <= 0 {
 
@@ -25,7 +25,7 @@
 //! let tomorrow = Asn1Time::days_from_now(1);
 //! ```
 use crate::ffi;
-use crate::libc_types::{c_char, c_int, c_long, time_t};
+use crate::libc_types::{c_int, c_long, time_t};
 use foreign_types::{ForeignType, ForeignTypeRef};
 use std::cmp::Ordering;
 use std::ffi::CString;
@@ -405,7 +405,7 @@ impl Asn1StringRef {
                 return Err(ErrorStack::get());
             }
 
-            Ok(OpensslString::from_ptr(ptr as *mut c_char))
+            Ok(OpensslString::from_ptr(ptr.cast()))
         }
     }
 
@@ -544,7 +544,7 @@ impl Asn1BitStringRef {
     #[corresponds(ASN1_STRING_length)]
     #[must_use]
     pub fn len(&self) -> usize {
-        unsafe { ffi::ASN1_STRING_length(self.as_ptr() as *const _) as usize }
+        unsafe { ffi::ASN1_STRING_length(self.as_ptr().cast_const()) as usize }
     }
 
     /// Determines if the string is empty.
@@ -586,7 +586,7 @@ impl Asn1Object {
         unsafe {
             ffi::init();
             let txt = CString::new(txt).map_err(ErrorStack::internal_error)?;
-            let obj: *mut ffi::ASN1_OBJECT = cvt_p(ffi::OBJ_txt2obj(txt.as_ptr() as *const _, 0))?;
+            let obj: *mut ffi::ASN1_OBJECT = cvt_p(ffi::OBJ_txt2obj(txt.as_ptr(), 0))?;
             Ok(Asn1Object::from_ptr(obj))
         }
     }
@@ -603,9 +603,9 @@ impl Asn1ObjectRef {
 impl fmt::Display for Asn1ObjectRef {
     fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
         unsafe {
-            let mut buf = [0; 80];
+            let mut buf = [0u8; 80];
             let len = ffi::OBJ_obj2txt(
-                buf.as_mut_ptr() as *mut _,
+                buf.as_mut_ptr().cast(),
                 buf.len() as c_int,
                 self.as_ptr(),
                 0,
 
@@ -1,5 +1,6 @@
 use crate::ffi;
 use crate::ffi::BIO_new_mem_buf;
+use crate::try_int;
 use std::marker::PhantomData;
 use std::ptr;
 use std::slice;
@@ -19,17 +20,9 @@ impl Drop for MemBioSlice<'_> {
 
 impl<'a> MemBioSlice<'a> {
     pub fn new(buf: &'a [u8]) -> Result<MemBioSlice<'a>, ErrorStack> {
-        type BufLen = isize;
-
         ffi::init();
 
-        assert!(buf.len() <= BufLen::MAX as usize);
-        let bio = unsafe {
-            cvt_p(BIO_new_mem_buf(
-                buf.as_ptr() as *const _,
-                buf.len() as BufLen,
-            ))?
-        };
+        let bio = unsafe { cvt_p(BIO_new_mem_buf(buf.as_ptr().cast(), try_int(buf.len())?))? };
 
         Ok(MemBioSlice(bio, PhantomData))
     }
@@ -65,7 +58,7 @@ impl MemBio {
         unsafe {
             let mut ptr = ptr::null_mut();
             let len = ffi::BIO_get_mem_data(self.0, &mut ptr);
-            if ptr.is_null() {
+            if ptr.is_null() || len < 0 {
                 return &[];
             }
             slice::from_raw_parts(ptr.cast_const().cast(), len as usize)