From 4c57a0009026f1957f574467105f1e3941fd13bf Mon Sep 17 00:00:00 2001 From: Rushil Mehra Date: Sun, 4 Aug 2024 01:32:59 -0700 Subject: [PATCH] Properly handle `Option` in `SslRef::set_curves` --- boring/src/ssl/mod.rs | 9 +++------ boring/src/ssl/test/mod.rs | 13 +++++++++++++ 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/boring/src/ssl/mod.rs b/boring/src/ssl/mod.rs index bce58f43..be26aa94 100644 --- a/boring/src/ssl/mod.rs +++ b/boring/src/ssl/mod.rs @@ -1970,16 +1970,13 @@ impl SslContextBuilder { // when the flags are used, the preferences are set just before connecting or accepting. #[cfg(not(feature = "kx-safe-default"))] pub fn set_curves(&mut self, curves: &[SslCurve]) -> Result<(), ErrorStack> { - let mut nid_curves = Vec::with_capacity(curves.len()); - for curve in curves { - nid_curves.push(curve.nid()) - } + let curves: Vec = curves.iter().filter_map(|curve| curve.nid()).collect(); unsafe { cvt_0i(ffi::SSL_CTX_set1_curves( self.as_ptr(), - nid_curves.as_ptr() as *const _, - nid_curves.len(), + curves.as_ptr() as *const _, + curves.len(), )) .map(|_| ()) } diff --git a/boring/src/ssl/test/mod.rs b/boring/src/ssl/test/mod.rs index 91236b54..131b1127 100644 --- a/boring/src/ssl/test/mod.rs +++ b/boring/src/ssl/test/mod.rs @@ -945,6 +945,19 @@ fn get_curve_name() { assert_eq!(SslCurve::X25519.name(), Some("X25519")); } +#[cfg(not(feature = "kx-safe-default"))] +#[test] +fn set_curves() { + let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); + ctx.set_curves(&[ + SslCurve::SECP224R1, + SslCurve::SECP256R1, + SslCurve::SECP384R1, + SslCurve::X25519, + ]) + .expect("Failed to set curves"); +} + #[test] fn test_get_ciphers() { let ctx_builder = SslContext::builder(SslMethod::tls()).unwrap();