lib: make _SSL_new constructor fallible

The `SSL_new` entry point is described as returning `NULL` for error
conditions. Prior to this commit the only possible error was from the
`SSL_CTX` Mutex being poisoned - the `SSL::new` constructor was
infallible.

To support loading certs on-demand from default locations when
constructing a `SSL` from a `SSL_CTX` this commit updates the `SSL::new`
constructor fn to be fallible. We convert any error to a `NULL`
return in the entry-point wrapper.

Author: cpu

rustls-libssl/src/entry.rs

@@ -299,10 +299,17 @@ entry! {
     pub fn _SSL_new(ctx: *mut SSL_CTX) -> *mut SSL {
         let ctx = try_clone_arc!(ctx);
 
-        ctx.lock()
-            .ok()
-            .map(|c| to_arc_mut_ptr(Mutex::new(crate::Ssl::new(ctx.clone(), &c))))
-            .unwrap_or_else(ptr::null_mut)
+        let ssl_ctx = match ctx.lock().ok() {
+            Some(ssl_ctx) => ssl_ctx,
+            None => return ptr::null_mut(),
+        };
+
+        let ssl = match crate::Ssl::new(ctx.clone(), &ssl_ctx).ok() {
+            Some(ssl) => ssl,
+            None => return ptr::null_mut(),
+        };
+
+        to_arc_mut_ptr(Mutex::new(ssl))
     }
 }
 

rustls-libssl/src/lib.rs

@@ -297,8 +297,8 @@ struct Ssl {
 }
 
 impl Ssl {
-    fn new(ctx: Arc<Mutex<SslContext>>, inner: &SslContext) -> Self {
-        Self {
+    fn new(ctx: Arc<Mutex<SslContext>>, inner: &SslContext) -> Result<Self, error::Error> {
+        Ok(Self {
             ctx,
             raw_options: inner.raw_options,
             mode: inner.method.mode(),
@@ -313,7 +313,7 @@ impl Ssl {
             peer_cert: None,
             peer_cert_chain: None,
             shutdown_flags: ShutdownFlags::default(),
-        }
+        })
     }
 
     fn get_options(&self) -> u64 {