diff options
author | daurnimator <quae@daurnimator.com> | 2016-11-09 17:56:31 +1100 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2016-12-09 02:56:33 +1100 |
commit | 830bf16fe424b1e273f9d6c244d56398e713c1dd (patch) | |
tree | 154c6339197b5406de559ba79d598585605f2a35 | |
parent | db1240b586261e3404975fa0a00a90a5cffe7363 (diff) | |
download | luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.gz luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.bz2 luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.zip |
openssl.x509.verify_param: Start work on binding X509_VERIFY_PARAM
-rw-r--r-- | src/GNUmakefile | 1 | ||||
-rw-r--r-- | src/openssl.c | 187 | ||||
-rw-r--r-- | src/openssl.x509.verify_param.lua | 1 |
3 files changed, 189 insertions, 0 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile index e7cb54d..015a93c 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile | |||
@@ -102,6 +102,7 @@ MODS$(1)_$(d) = \ | |||
102 | $$(DESTDIR)$(3)/openssl/x509/csr.lua \ | 102 | $$(DESTDIR)$(3)/openssl/x509/csr.lua \ |
103 | $$(DESTDIR)$(3)/openssl/x509/extension.lua \ | 103 | $$(DESTDIR)$(3)/openssl/x509/extension.lua \ |
104 | $$(DESTDIR)$(3)/openssl/x509/store.lua \ | 104 | $$(DESTDIR)$(3)/openssl/x509/store.lua \ |
105 | $$(DESTDIR)$(3)/openssl/x509/verify_param.lua \ | ||
105 | $$(DESTDIR)$(3)/openssl/pkcs12.lua \ | 106 | $$(DESTDIR)$(3)/openssl/pkcs12.lua \ |
106 | $$(DESTDIR)$(3)/openssl/ssl/context.lua \ | 107 | $$(DESTDIR)$(3)/openssl/ssl/context.lua \ |
107 | $$(DESTDIR)$(3)/openssl/ssl.lua \ | 108 | $$(DESTDIR)$(3)/openssl/ssl.lua \ |
diff --git a/src/openssl.c b/src/openssl.c index 38c9888..8d513e6 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
@@ -60,6 +60,7 @@ | |||
60 | #include <openssl/bn.h> | 60 | #include <openssl/bn.h> |
61 | #include <openssl/asn1.h> | 61 | #include <openssl/asn1.h> |
62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
63 | #include <openssl/x509_vfy.h> | ||
63 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
64 | #include <openssl/pkcs12.h> | 65 | #include <openssl/pkcs12.h> |
65 | #include <openssl/evp.h> | 66 | #include <openssl/evp.h> |
@@ -335,6 +336,7 @@ | |||
335 | #define X509_CSR_CLASS "X509_REQ*" | 336 | #define X509_CSR_CLASS "X509_REQ*" |
336 | #define X509_CRL_CLASS "X509_CRL*" | 337 | #define X509_CRL_CLASS "X509_CRL*" |
337 | #define X509_STORE_CLASS "X509_STORE*" | 338 | #define X509_STORE_CLASS "X509_STORE*" |
339 | #define X509_VERIFY_PARAM_CLASS "X509_VERIFY_PARAM*" | ||
338 | #define X509_STCTX_CLASS "X509_STORE_CTX*" | 340 | #define X509_STCTX_CLASS "X509_STORE_CTX*" |
339 | #define PKCS12_CLASS "PKCS12*" | 341 | #define PKCS12_CLASS "PKCS12*" |
340 | #define SSL_CTX_CLASS "SSL_CTX*" | 342 | #define SSL_CTX_CLASS "SSL_CTX*" |
@@ -8184,6 +8186,190 @@ int luaopen__openssl_ssl(lua_State *L) { | |||
8184 | 8186 | ||
8185 | 8187 | ||
8186 | /* | 8188 | /* |
8189 | * X509_VERIFY_PARAM | ||
8190 | * | ||
8191 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ | ||
8192 | |||
8193 | static int xp_new(lua_State *L) { | ||
8194 | X509_VERIFY_PARAM **ud = prepsimple(L, X509_VERIFY_PARAM_CLASS); | ||
8195 | |||
8196 | if (!(*ud = X509_VERIFY_PARAM_new())) | ||
8197 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param.new"); | ||
8198 | |||
8199 | return 1; | ||
8200 | } /* xp_new() */ | ||
8201 | |||
8202 | |||
8203 | static int xp_interpose(lua_State *L) { | ||
8204 | return interpose(L, X509_VERIFY_PARAM_CLASS); | ||
8205 | } /* xp_interpose() */ | ||
8206 | |||
8207 | |||
8208 | static const X509_PURPOSE *purpose_checktype(lua_State *L, int index) { | ||
8209 | const char *purpose_name; | ||
8210 | int purpose_id; | ||
8211 | int purpose_idx; | ||
8212 | const X509_PURPOSE *purpose; | ||
8213 | |||
8214 | if (lua_isnumber(L, index)) { | ||
8215 | purpose_id = luaL_checkinteger(L, index); | ||
8216 | purpose_idx = X509_PURPOSE_get_by_id(purpose_id); | ||
8217 | if (purpose_idx < 0) | ||
8218 | luaL_argerror(L, index, lua_pushfstring(L, "%d: invalid purpose", purpose_id)); | ||
8219 | } else { | ||
8220 | purpose_name = luaL_checkstring(L, index); | ||
8221 | purpose_idx = X509_PURPOSE_get_by_sname((char*)purpose_name); | ||
8222 | if (purpose_idx < 0) | ||
8223 | luaL_argerror(L, index, lua_pushfstring(L, "%s: invalid purpose", purpose_name)); | ||
8224 | } | ||
8225 | |||
8226 | purpose = X509_PURPOSE_get0(purpose_idx); | ||
8227 | return purpose; | ||
8228 | } /* purpose_checktype() */ | ||
8229 | |||
8230 | |||
8231 | static int xp_setPurpose(lua_State *L) { | ||
8232 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8233 | const X509_PURPOSE *purpose = purpose_checktype(L, 2); | ||
8234 | |||
8235 | if (!X509_VERIFY_PARAM_set_purpose(xp, X509_PURPOSE_get_id((X509_PURPOSE*)purpose))) | ||
8236 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setPurpose"); | ||
8237 | |||
8238 | lua_pushboolean(L, 1); | ||
8239 | return 1; | ||
8240 | } /* xp_setPurpose() */ | ||
8241 | |||
8242 | |||
8243 | static int xp_setTime(lua_State *L) { | ||
8244 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8245 | time_t t = luaL_checkinteger(L, 2); | ||
8246 | |||
8247 | X509_VERIFY_PARAM_set_time(xp, t); | ||
8248 | |||
8249 | lua_pushboolean(L, 1); | ||
8250 | return 1; | ||
8251 | } /* xp_setTime() */ | ||
8252 | |||
8253 | |||
8254 | static int xp_setDepth(lua_State *L) { | ||
8255 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8256 | int depth = luaL_checkinteger(L, 2); | ||
8257 | |||
8258 | X509_VERIFY_PARAM_set_depth(xp, depth); | ||
8259 | |||
8260 | lua_pushboolean(L, 1); | ||
8261 | return 1; | ||
8262 | } /* xp_setDepth() */ | ||
8263 | |||
8264 | |||
8265 | static int xp_getDepth(lua_State *L) { | ||
8266 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8267 | |||
8268 | int depth = X509_VERIFY_PARAM_get_depth(xp); | ||
8269 | |||
8270 | lua_pushinteger(L, depth); | ||
8271 | return 1; | ||
8272 | } /* xp_getDepth() */ | ||
8273 | |||
8274 | |||
8275 | static int xp_setHost(lua_State *L) { | ||
8276 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8277 | size_t len; | ||
8278 | const char *str = luaL_optlstring(L, 2, NULL, &len); /* NULL = clear hosts */ | ||
8279 | |||
8280 | if (!X509_VERIFY_PARAM_set1_host(xp, str, len)) | ||
8281 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
8282 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setHost"); | ||
8283 | |||
8284 | lua_pushboolean(L, 1); | ||
8285 | return 1; | ||
8286 | } /* xp_setHost() */ | ||
8287 | |||
8288 | |||
8289 | static int xp_addHost(lua_State *L) { | ||
8290 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8291 | size_t len; | ||
8292 | const char *str = luaL_checklstring(L, 2, &len); | ||
8293 | |||
8294 | if (!X509_VERIFY_PARAM_add1_host(xp, str, len)) | ||
8295 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
8296 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:addHost"); | ||
8297 | |||
8298 | lua_pushboolean(L, 1); | ||
8299 | return 1; | ||
8300 | } /* xp_addHost() */ | ||
8301 | |||
8302 | |||
8303 | static int xp_setEmail(lua_State *L) { | ||
8304 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8305 | size_t len; | ||
8306 | const char *str = luaL_checklstring(L, 2, &len); | ||
8307 | |||
8308 | if (!X509_VERIFY_PARAM_set1_email(xp, str, len)) | ||
8309 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
8310 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setEmail"); | ||
8311 | |||
8312 | lua_pushboolean(L, 1); | ||
8313 | return 1; | ||
8314 | } /* xp_setEmail() */ | ||
8315 | |||
8316 | |||
8317 | static int xp_setIP(lua_State *L) { | ||
8318 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8319 | const char *str = luaL_checkstring(L, 2); | ||
8320 | |||
8321 | if (!X509_VERIFY_PARAM_set1_ip_asc(xp, str)) | ||
8322 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
8323 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setIP"); | ||
8324 | |||
8325 | lua_pushboolean(L, 1); | ||
8326 | return 1; | ||
8327 | } /* xp_setIP() */ | ||
8328 | |||
8329 | |||
8330 | static int xp__gc(lua_State *L) { | ||
8331 | X509_VERIFY_PARAM **ud = luaL_checkudata(L, 1, X509_VERIFY_PARAM_CLASS); | ||
8332 | |||
8333 | X509_VERIFY_PARAM_free(*ud); | ||
8334 | *ud = NULL; | ||
8335 | |||
8336 | return 0; | ||
8337 | } /* xp__gc() */ | ||
8338 | |||
8339 | |||
8340 | static const auxL_Reg xp_methods[] = { | ||
8341 | { "setPurpose", &xp_setPurpose }, | ||
8342 | { "setTime", &xp_setTime }, | ||
8343 | { "setDepth", &xp_setDepth }, | ||
8344 | { "getDepth", &xp_getDepth }, | ||
8345 | { "setHost", &xp_setHost }, | ||
8346 | { "addHost", &xp_addHost }, | ||
8347 | { "setEmail", &xp_setEmail }, | ||
8348 | { "setIP", &xp_setIP }, | ||
8349 | { NULL, NULL }, | ||
8350 | }; | ||
8351 | |||
8352 | static const auxL_Reg xp_metatable[] = { | ||
8353 | { "__gc", &xp__gc }, | ||
8354 | { NULL, NULL }, | ||
8355 | }; | ||
8356 | |||
8357 | static const auxL_Reg xp_globals[] = { | ||
8358 | { "new", &xp_new }, | ||
8359 | { "interpose", &xp_interpose }, | ||
8360 | { NULL, NULL }, | ||
8361 | }; | ||
8362 | |||
8363 | int luaopen__openssl_x509_verify_param(lua_State *L) { | ||
8364 | initall(L); | ||
8365 | |||
8366 | auxL_newlib(L, xp_globals, 0); | ||
8367 | |||
8368 | return 1; | ||
8369 | } /* luaopen__openssl_x509_verify_param() */ | ||
8370 | |||
8371 | |||
8372 | /* | ||
8187 | * Digest - openssl.digest | 8373 | * Digest - openssl.digest |
8188 | * | 8374 | * |
8189 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ | 8375 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ |
@@ -9171,6 +9357,7 @@ static void initall(lua_State *L) { | |||
9171 | auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0); | 9357 | auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0); |
9172 | auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0); | 9358 | auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0); |
9173 | auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0); | 9359 | auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0); |
9360 | auxL_addclass(L, X509_VERIFY_PARAM_CLASS, xp_methods, xp_metatable, 0); | ||
9174 | auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0); | 9361 | auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0); |
9175 | auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0); | 9362 | auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0); |
9176 | auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0); | 9363 | auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0); |
diff --git a/src/openssl.x509.verify_param.lua b/src/openssl.x509.verify_param.lua new file mode 100644 index 0000000..a3148e6 --- /dev/null +++ b/src/openssl.x509.verify_param.lua | |||
@@ -0,0 +1 @@ | |||
return require('_openssl.x509.verify_param') | |||