openssl.x509.verify_param: Start work on binding X509_VERIFY_PARAM

author: daurnimator <quae@daurnimator.com> 2016-11-09 17:56:31 +1100
committer: daurnimator <quae@daurnimator.com> 2016-12-09 02:56:33 +1100
commit: 830bf16fe424b1e273f9d6c244d56398e713c1dd (patch)
tree: 154c6339197b5406de559ba79d598585605f2a35
parent: db1240b586261e3404975fa0a00a90a5cffe7363 (diff)
download: luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.gz
luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.bz2
luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.zip
3 files changed, 189 insertions, 0 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile
index e7cb54d..015a93c 100644
--- a/src/GNUmakefile
+++ b/src/GNUmakefile
@@ -102,6 +102,7 @@ MODS$(1)_$(d) = \
        $$(DESTDIR)$(3)/openssl/x509/csr.lua \
        $$(DESTDIR)$(3)/openssl/x509/extension.lua \
        $$(DESTDIR)$(3)/openssl/x509/store.lua \
+        $$(DESTDIR)$(3)/openssl/x509/verify_param.lua \
        $$(DESTDIR)$(3)/openssl/pkcs12.lua \
        $$(DESTDIR)$(3)/openssl/ssl/context.lua \
        $$(DESTDIR)$(3)/openssl/ssl.lua \
diff --git a/src/openssl.c b/src/openssl.c
index 38c9888..8d513e6 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -60,6 +60,7 @@
 #include <openssl/bn.h>
 #include <openssl/asn1.h>
 #include <openssl/x509.h>
+#include <openssl/x509_vfy.h>
 #include <openssl/x509v3.h>
 #include <openssl/pkcs12.h>
 #include <openssl/evp.h>
@@ -335,6 +336,7 @@
 #define X509_CSR_CLASS   "X509_REQ*"
 #define X509_CRL_CLASS   "X509_CRL*"
 #define X509_STORE_CLASS "X509_STORE*"
+#define X509_VERIFY_PARAM_CLASS "X509_VERIFY_PARAM*"
 #define X509_STCTX_CLASS "X509_STORE_CTX*"
 #define PKCS12_CLASS     "PKCS12*"
 #define SSL_CTX_CLASS    "SSL_CTX*"
@@ -8184,6 +8186,190 @@ int luaopen__openssl_ssl(lua_State *L) {
 /*
+ * X509_VERIFY_PARAM
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+static int xp_new(lua_State *L) {
+        X509_VERIFY_PARAM **ud = prepsimple(L, X509_VERIFY_PARAM_CLASS);
+        if (!(*ud = X509_VERIFY_PARAM_new()))
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param.new");
+        return 1;
+} /* xp_new() */
+static int xp_interpose(lua_State *L) {
+        return interpose(L, X509_VERIFY_PARAM_CLASS);
+} /* xp_interpose() */
+static const X509_PURPOSE *purpose_checktype(lua_State *L, int index) {
+        const char *purpose_name;
+        int purpose_id;
+        int purpose_idx;
+        const X509_PURPOSE *purpose;
+        if (lua_isnumber(L, index)) {
+                purpose_id = luaL_checkinteger(L, index);
+                purpose_idx = X509_PURPOSE_get_by_id(purpose_id);
+                if (purpose_idx < 0)
+                        luaL_argerror(L, index, lua_pushfstring(L, "%d: invalid purpose", purpose_id));
+        } else {
+                purpose_name = luaL_checkstring(L, index);
+                purpose_idx = X509_PURPOSE_get_by_sname((char*)purpose_name);
+                if (purpose_idx < 0)
+                        luaL_argerror(L, index, lua_pushfstring(L, "%s: invalid purpose", purpose_name));
+        }
+        purpose = X509_PURPOSE_get0(purpose_idx);
+        return purpose;
+} /* purpose_checktype() */
+static int xp_setPurpose(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        const X509_PURPOSE *purpose = purpose_checktype(L, 2);
+        if (!X509_VERIFY_PARAM_set_purpose(xp, X509_PURPOSE_get_id((X509_PURPOSE*)purpose)))
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setPurpose");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setPurpose() */
+static int xp_setTime(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        time_t t = luaL_checkinteger(L, 2);
+        X509_VERIFY_PARAM_set_time(xp, t);
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setTime() */
+static int xp_setDepth(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        int depth = luaL_checkinteger(L, 2);
+        X509_VERIFY_PARAM_set_depth(xp, depth);
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setDepth() */
+static int xp_getDepth(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        int depth = X509_VERIFY_PARAM_get_depth(xp);
+        lua_pushinteger(L, depth);
+        return 1;
+} /* xp_getDepth() */
+static int xp_setHost(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        size_t len;
+        const char *str = luaL_optlstring(L, 2, NULL, &len); /* NULL = clear hosts */
+        if (!X509_VERIFY_PARAM_set1_host(xp, str, len))
+                /* Note: openssl doesn't set an error as it should for some cases */
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setHost");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setHost() */
+static int xp_addHost(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        size_t len;
+        const char *str = luaL_checklstring(L, 2, &len);
+        if (!X509_VERIFY_PARAM_add1_host(xp, str, len))
+                /* Note: openssl doesn't set an error as it should for some cases */
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:addHost");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_addHost() */
+static int xp_setEmail(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        size_t len;
+        const char *str = luaL_checklstring(L, 2, &len);
+        if (!X509_VERIFY_PARAM_set1_email(xp, str, len))
+                /* Note: openssl doesn't set an error as it should for some cases */
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setEmail");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setEmail() */
+static int xp_setIP(lua_State *L) {
+        X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
+        const char *str = luaL_checkstring(L, 2);
+        if (!X509_VERIFY_PARAM_set1_ip_asc(xp, str))
+                /* Note: openssl doesn't set an error as it should for some cases */
+                return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setIP");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xp_setIP() */
+static int xp__gc(lua_State *L) {
+        X509_VERIFY_PARAM **ud = luaL_checkudata(L, 1, X509_VERIFY_PARAM_CLASS);
+        X509_VERIFY_PARAM_free(*ud);
+        *ud = NULL;
+        return 0;
+} /* xp__gc() */
+static const auxL_Reg xp_methods[] = {
+        { "setPurpose", &xp_setPurpose },
+        { "setTime", &xp_setTime },
+        { "setDepth", &xp_setDepth },
+        { "getDepth", &xp_getDepth },
+        { "setHost", &xp_setHost },
+        { "addHost", &xp_addHost },
+        { "setEmail", &xp_setEmail },
+        { "setIP", &xp_setIP },
+        { NULL, NULL },
+};
+static const auxL_Reg xp_metatable[] = {
+        { "__gc", &xp__gc },
+        { NULL, NULL },
+};
+static const auxL_Reg xp_globals[] = {
+        { "new", &xp_new },
+        { "interpose", &xp_interpose },
+        { NULL, NULL },
+};
+int luaopen__openssl_x509_verify_param(lua_State *L) {
+        initall(L);
+        auxL_newlib(L, xp_globals, 0);
+        return 1;
+} /* luaopen__openssl_x509_verify_param() */
+/*
 * Digest - openssl.digest
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -9171,6 +9357,7 @@ static void initall(lua_State *L) {
        auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0);
        auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0);
        auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0);
+        auxL_addclass(L, X509_VERIFY_PARAM_CLASS, xp_methods, xp_metatable, 0);
        auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0);
        auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0);
        auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0);
diff --git a/src/openssl.x509.verify_param.lua b/src/openssl.x509.verify_param.lua
new file mode 100644
index 0000000..a3148e6
--- /dev/null
+++ b/src/openssl.x509.verify_param.lua
@@ -0,0 +1 @@
+return require('_openssl.x509.verify_param')
author	daurnimator <quae@daurnimator.com>	2016-11-09 17:56:31 +1100
committer	daurnimator <quae@daurnimator.com>	2016-12-09 02:56:33 +1100
commit	830bf16fe424b1e273f9d6c244d56398e713c1dd (patch)
tree	154c6339197b5406de559ba79d598585605f2a35
parent	db1240b586261e3404975fa0a00a90a5cffe7363 (diff)
download	luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.gz luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.bz2 luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.zip

diff --git a/src/GNUmakefile b/src/GNUmakefile index e7cb54d..015a93c 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile
@@ -102,6 +102,7 @@ MODS$(1)_$(d) = \
102	$$(DESTDIR)$(3)/openssl/x509/csr.lua \	102	$$(DESTDIR)$(3)/openssl/x509/csr.lua \
103	$$(DESTDIR)$(3)/openssl/x509/extension.lua \	103	$$(DESTDIR)$(3)/openssl/x509/extension.lua \
104	$$(DESTDIR)$(3)/openssl/x509/store.lua \	104	$$(DESTDIR)$(3)/openssl/x509/store.lua \
		105	$$(DESTDIR)$(3)/openssl/x509/verify_param.lua \
105	$$(DESTDIR)$(3)/openssl/pkcs12.lua \	106	$$(DESTDIR)$(3)/openssl/pkcs12.lua \
106	$$(DESTDIR)$(3)/openssl/ssl/context.lua \	107	$$(DESTDIR)$(3)/openssl/ssl/context.lua \
107	$$(DESTDIR)$(3)/openssl/ssl.lua \	108	$$(DESTDIR)$(3)/openssl/ssl.lua \


diff --git a/src/openssl.c b/src/openssl.c index 38c9888..8d513e6 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -60,6 +60,7 @@
60	#include <openssl/bn.h>	60	#include <openssl/bn.h>
61	#include <openssl/asn1.h>	61	#include <openssl/asn1.h>
62	#include <openssl/x509.h>	62	#include <openssl/x509.h>
		63	#include <openssl/x509_vfy.h>
63	#include <openssl/x509v3.h>	64	#include <openssl/x509v3.h>
64	#include <openssl/pkcs12.h>	65	#include <openssl/pkcs12.h>
65	#include <openssl/evp.h>	66	#include <openssl/evp.h>
@@ -335,6 +336,7 @@
335	#define X509_CSR_CLASS "X509_REQ*"	336	#define X509_CSR_CLASS "X509_REQ*"
336	#define X509_CRL_CLASS "X509_CRL*"	337	#define X509_CRL_CLASS "X509_CRL*"
337	#define X509_STORE_CLASS "X509_STORE*"	338	#define X509_STORE_CLASS "X509_STORE*"
		339	#define X509_VERIFY_PARAM_CLASS "X509_VERIFY_PARAM*"
338	#define X509_STCTX_CLASS "X509_STORE_CTX*"	340	#define X509_STCTX_CLASS "X509_STORE_CTX*"
339	#define PKCS12_CLASS "PKCS12*"	341	#define PKCS12_CLASS "PKCS12*"
340	#define SSL_CTX_CLASS "SSL_CTX*"	342	#define SSL_CTX_CLASS "SSL_CTX*"
@@ -8184,6 +8186,190 @@ int luaopen__openssl_ssl(lua_State *L) {
8184		8186
8185		8187
8186	/*	8188	/*
		8189	* X509_VERIFY_PARAM
		8190	*
		8191	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
		8192
		8193	static int xp_new(lua_State *L) {
		8194	X509_VERIFY_PARAM **ud = prepsimple(L, X509_VERIFY_PARAM_CLASS);
		8195
		8196	if (!(*ud = X509_VERIFY_PARAM_new()))
		8197	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param.new");
		8198
		8199	return 1;
		8200	} /* xp_new() */
		8201
		8202
		8203	static int xp_interpose(lua_State *L) {
		8204	return interpose(L, X509_VERIFY_PARAM_CLASS);
		8205	} /* xp_interpose() */
		8206
		8207
		8208	static const X509_PURPOSE purpose_checktype(lua_State L, int index) {
		8209	const char *purpose_name;
		8210	int purpose_id;
		8211	int purpose_idx;
		8212	const X509_PURPOSE *purpose;
		8213
		8214	if (lua_isnumber(L, index)) {
		8215	purpose_id = luaL_checkinteger(L, index);
		8216	purpose_idx = X509_PURPOSE_get_by_id(purpose_id);
		8217	if (purpose_idx < 0)
		8218	luaL_argerror(L, index, lua_pushfstring(L, "%d: invalid purpose", purpose_id));
		8219	} else {
		8220	purpose_name = luaL_checkstring(L, index);
		8221	purpose_idx = X509_PURPOSE_get_by_sname((char*)purpose_name);
		8222	if (purpose_idx < 0)
		8223	luaL_argerror(L, index, lua_pushfstring(L, "%s: invalid purpose", purpose_name));
		8224	}
		8225
		8226	purpose = X509_PURPOSE_get0(purpose_idx);
		8227	return purpose;
		8228	} /* purpose_checktype() */
		8229
		8230
		8231	static int xp_setPurpose(lua_State *L) {
		8232	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8233	const X509_PURPOSE *purpose = purpose_checktype(L, 2);
		8234
		8235	if (!X509_VERIFY_PARAM_set_purpose(xp, X509_PURPOSE_get_id((X509_PURPOSE*)purpose)))
		8236	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setPurpose");
		8237
		8238	lua_pushboolean(L, 1);
		8239	return 1;
		8240	} /* xp_setPurpose() */
		8241
		8242
		8243	static int xp_setTime(lua_State *L) {
		8244	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8245	time_t t = luaL_checkinteger(L, 2);
		8246
		8247	X509_VERIFY_PARAM_set_time(xp, t);
		8248
		8249	lua_pushboolean(L, 1);
		8250	return 1;
		8251	} /* xp_setTime() */
		8252
		8253
		8254	static int xp_setDepth(lua_State *L) {
		8255	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8256	int depth = luaL_checkinteger(L, 2);
		8257
		8258	X509_VERIFY_PARAM_set_depth(xp, depth);
		8259
		8260	lua_pushboolean(L, 1);
		8261	return 1;
		8262	} /* xp_setDepth() */
		8263
		8264
		8265	static int xp_getDepth(lua_State *L) {
		8266	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8267
		8268	int depth = X509_VERIFY_PARAM_get_depth(xp);
		8269
		8270	lua_pushinteger(L, depth);
		8271	return 1;
		8272	} /* xp_getDepth() */
		8273
		8274
		8275	static int xp_setHost(lua_State *L) {
		8276	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8277	size_t len;
		8278	const char str = luaL_optlstring(L, 2, NULL, &len); / NULL = clear hosts */
		8279
		8280	if (!X509_VERIFY_PARAM_set1_host(xp, str, len))
		8281	/* Note: openssl doesn't set an error as it should for some cases */
		8282	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setHost");
		8283
		8284	lua_pushboolean(L, 1);
		8285	return 1;
		8286	} /* xp_setHost() */
		8287
		8288
		8289	static int xp_addHost(lua_State *L) {
		8290	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8291	size_t len;
		8292	const char *str = luaL_checklstring(L, 2, &len);
		8293
		8294	if (!X509_VERIFY_PARAM_add1_host(xp, str, len))
		8295	/* Note: openssl doesn't set an error as it should for some cases */
		8296	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:addHost");
		8297
		8298	lua_pushboolean(L, 1);
		8299	return 1;
		8300	} /* xp_addHost() */
		8301
		8302
		8303	static int xp_setEmail(lua_State *L) {
		8304	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8305	size_t len;
		8306	const char *str = luaL_checklstring(L, 2, &len);
		8307
		8308	if (!X509_VERIFY_PARAM_set1_email(xp, str, len))
		8309	/* Note: openssl doesn't set an error as it should for some cases */
		8310	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setEmail");
		8311
		8312	lua_pushboolean(L, 1);
		8313	return 1;
		8314	} /* xp_setEmail() */
		8315
		8316
		8317	static int xp_setIP(lua_State *L) {
		8318	X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS);
		8319	const char *str = luaL_checkstring(L, 2);
		8320
		8321	if (!X509_VERIFY_PARAM_set1_ip_asc(xp, str))
		8322	/* Note: openssl doesn't set an error as it should for some cases */
		8323	return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setIP");
		8324
		8325	lua_pushboolean(L, 1);
		8326	return 1;
		8327	} /* xp_setIP() */
		8328
		8329
		8330	static int xp__gc(lua_State *L) {
		8331	X509_VERIFY_PARAM **ud = luaL_checkudata(L, 1, X509_VERIFY_PARAM_CLASS);
		8332
		8333	X509_VERIFY_PARAM_free(*ud);
		8334	*ud = NULL;
		8335
		8336	return 0;
		8337	} /* xp__gc() */
		8338
		8339
		8340	static const auxL_Reg xp_methods[] = {
		8341	{ "setPurpose", &xp_setPurpose },
		8342	{ "setTime", &xp_setTime },
		8343	{ "setDepth", &xp_setDepth },
		8344	{ "getDepth", &xp_getDepth },
		8345	{ "setHost", &xp_setHost },
		8346	{ "addHost", &xp_addHost },
		8347	{ "setEmail", &xp_setEmail },
		8348	{ "setIP", &xp_setIP },
		8349	{ NULL, NULL },
		8350	};
		8351
		8352	static const auxL_Reg xp_metatable[] = {
		8353	{ "__gc", &xp__gc },
		8354	{ NULL, NULL },
		8355	};
		8356
		8357	static const auxL_Reg xp_globals[] = {
		8358	{ "new", &xp_new },
		8359	{ "interpose", &xp_interpose },
		8360	{ NULL, NULL },
		8361	};
		8362
		8363	int luaopen__openssl_x509_verify_param(lua_State *L) {
		8364	initall(L);
		8365
		8366	auxL_newlib(L, xp_globals, 0);
		8367
		8368	return 1;
		8369	} /* luaopen__openssl_x509_verify_param() */
		8370
		8371
		8372	/*
8187	* Digest - openssl.digest	8373	* Digest - openssl.digest
8188	*	8374	*
8189	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	8375	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -9171,6 +9357,7 @@ static void initall(lua_State *L) {
9171	auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0);	9357	auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0);
9172	auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0);	9358	auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0);
9173	auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0);	9359	auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0);
		9360	auxL_addclass(L, X509_VERIFY_PARAM_CLASS, xp_methods, xp_metatable, 0);
9174	auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0);	9361	auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0);
9175	auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0);	9362	auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0);
9176	auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0);	9363	auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0);


diff --git a/src/openssl.x509.verify_param.lua b/src/openssl.x509.verify_param.lua new file mode 100644 index 0000000..a3148e6 --- /dev/null +++ b/src/openssl.x509.verify_param.lua
@@ -0,0 +1 @@
			return require('_openssl.x509.verify_param')