Fix wrong assert if padding is disabled

boring-sys/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "boring-sys"
-version = "1.1.0"
+version = "1.1.1"
 authors = ["Alex Crichton <[email protected]>",
            "Steven Fackler <[email protected]>",
            "Ivan Nikulin <[email protected]>"]

boring-sys/src/lib.rs

@@ -3,6 +3,7 @@
     clippy::redundant_static_lifetimes,
     clippy::too_many_arguments,
     clippy::unreadable_literal,
+    clippy::upper_case_acronyms,
     improper_ctypes,
     non_camel_case_types,
     non_snake_case,

boring/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "boring"
-version = "1.1.4"
+version = "1.1.6"
 authors = ["Steven Fackler <[email protected]>", "Ivan Nikulin <[email protected]>"]
 license = "Apache-2.0"
 description = "BoringSSL bindings"

boring/src/ssl/bio.rs

@@ -213,7 +213,7 @@ use ffi::{BIO_get_data, BIO_set_data, BIO_set_flags, BIO_set_init};
 #[allow(bad_style)]
 unsafe fn BIO_set_num(_bio: *mut ffi::BIO, _num: c_int) {}
 
-#[allow(bad_style)]
+#[allow(bad_style, clippy::upper_case_acronyms)]
 struct BIO_METHOD(*mut ffi::BIO_METHOD);
 
 impl BIO_METHOD {

boring/src/ssl/mod.rs

@@ -520,7 +520,7 @@ impl From<u16> for ExtensionType {
 }
 
 /// An SSL/TLS protocol version.
-#[derive(Debug, Copy, Clone, PartialEq, Eq)]
+#[derive(Copy, Clone, PartialEq, Eq)]
 pub struct SslVersion(u16);
 
 impl SslVersion {
@@ -540,6 +540,32 @@ impl SslVersion {
     pub const TLS1_3: SslVersion = SslVersion(ffi::TLS1_3_VERSION as _);
 }
 
+impl fmt::Debug for SslVersion {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        f.write_str(match *self {
+            Self::SSL3 => "SSL3",
+            Self::TLS1 => "TLS1",
+            Self::TLS1_1 => "TLS1_1",
+            Self::TLS1_2 => "TLS1_2",
+            Self::TLS1_3 => "TLS1_3",
+            _ => return write!(f, "{:#06x}", self.0),
+        })
+    }
+}
+
+impl fmt::Display for SslVersion {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        f.write_str(match *self {
+            Self::SSL3 => "SSLv3",
+            Self::TLS1 => "TLSv1",
+            Self::TLS1_1 => "TLSv1.1",
+            Self::TLS1_2 => "TLSv1.2",
+            Self::TLS1_3 => "TLSv1.3",
+            _ => return write!(f, "unknown ({:#06x})", self.0),
+        })
+    }
+}
+
 /// A signature verification algorithm.
 #[repr(transparent)]
 #[derive(Debug, Copy, Clone, PartialEq, Eq)]
@@ -1779,6 +1805,25 @@ impl ClientHello {
             Some(slice::from_raw_parts(ptr, len))
         }
     }
+
+    fn ssl(&self) -> &SslRef {
+        unsafe { SslRef::from_ptr(self.0.ssl) }
+    }
+
+    /// Returns the servername sent by the client via Server Name Indication (SNI).
+    pub fn servername(&self, type_: NameType) -> Option<&str> {
+        self.ssl().servername(type_)
+    }
+
+    /// Returns the version sent by the client in its Client Hello record.
+    pub fn client_version(&self) -> SslVersion {
+        SslVersion(self.0.version)
+    }
+
+    /// Returns a string describing the protocol version of the connection.
+    pub fn version_str(&self) -> &'static str {
+        self.ssl().version_str()
+    }
 }
 
 /// Information about a cipher.

boring/src/symm.rs

@@ -281,6 +281,7 @@ unsafe impl Send for Cipher {}
 pub struct Crypter {
     ctx: *mut ffi::EVP_CIPHER_CTX,
     block_size: usize,
+    padding: bool,
 }
 
 unsafe impl Sync for Crypter {}
@@ -307,6 +308,7 @@ impl Crypter {
             let crypter = Crypter {
                 ctx,
                 block_size: t.block_size(),
+                padding: true,
             };
 
             let mode = match mode {
@@ -364,6 +366,7 @@ impl Crypter {
     /// If padding is disabled, total amount of data encrypted/decrypted must
     /// be a multiple of the cipher's block size.
     pub fn pad(&mut self, padding: bool) {
+        self.padding = padding;
         unsafe {
             ffi::EVP_CIPHER_CTX_set_padding(self.ctx, padding as c_int);
         }
@@ -464,7 +467,11 @@ impl Crypter {
             } else {
                 0
             };
-            assert!(output.len() >= input.len() + block_size);
+            if self.padding {
+                assert!(output.len() >= input.len() + block_size);
+            } else {
+                assert!(output.len() >= input.len());
+            }
             assert!(output.len() <= c_int::max_value() as usize);
             let mut outl = output.len() as c_int;
             let inl = input.len() as c_int;

tokio-boring/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "tokio-boring"
-version = "2.1.1"
+version = "2.1.3"
 authors = ["Alex Crichton <[email protected]>", "Ivan Nikulin <[email protected]>"]
 license = "MIT/Apache-2.0"
 edition = "2018"

tokio-boring/src/lib.rs

@@ -292,6 +292,22 @@ impl<S> HandshakeError<S> {
             _ => None,
         }
     }
+
+    /// Returns the error code, if any.
+    pub fn code(&self) -> Option<ErrorCode> {
+        match &self.0 {
+            ssl::HandshakeError::Failure(s) => Some(s.error().code()),
+            _ => None,
+        }
+    }
+
+    /// Returns a reference to the inner I/O error, if any.
+    pub fn as_io_error(&self) -> Option<&io::Error> {
+        match &self.0 {
+            ssl::HandshakeError::Failure(s) => s.error().io_error(),
+            _ => None,
+        }
+    }
 }
 
 impl<S> fmt::Debug for HandshakeError<S>