openssl.ssl: Bind SSL_set1_curves_list as ssl:setCurvesList()

author: daurnimator <quae@daurnimator.com> 2017-04-06 14:51:22 +1000
committer: daurnimator <quae@daurnimator.com> 2017-04-12 15:35:48 +1000
commit: f92ced1a1448c07ae19c3832a278867859371f76 (patch)
tree: 621c2583562ab12a2eebaa93a4b5c3c467cf3bc3
parent: a0346d8054d3b19a7e30b5de70048c001d8c2c26 (diff)
download: luaossl-f92ced1a1448c07ae19c3832a278867859371f76.tar.gz
luaossl-f92ced1a1448c07ae19c3832a278867859371f76.tar.bz2
luaossl-f92ced1a1448c07ae19c3832a278867859371f76.zip
3 files changed, 46 insertions, 2 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index 32a4dba..76821a1 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -978,6 +978,12 @@ TLS1\_2\_VERSION & 16-bit TLSv1.2 identifier (0x0303).  \\
 Returns the SSL/TLS version supported by the client, which should be greater than or equal to the negotiated version. See \fn{ssl:getVersion}.
+\subsubsection[\fn{ssl:setCurvesList}]{\fn{ssl:setCurvesList($string$ [, ...])}}
+Sets the supported curves for this SSL connection instance. See \fn{openssl.ssl.context:setCurvesList}.
+\emph{Only supported since OpenSSL 1.0.2.}
 \subsubsection[\fn{ssl:getAlpnSelected}]{\fn{ssl:getAlpnSelected()}}
 Returns the negotiated ALPN protocol as a string.
diff --git a/src/openssl.c b/src/openssl.c
index 652e38a..8217deb 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -294,6 +294,10 @@
 #define HAVE_SSL_SET_ALPN_PROTOS HAVE_SSL_CTX_SET_ALPN_PROTOS
 #endif
+#ifndef HAVE_SSL_SET_CURVES_LIST
+#define HAVE_SSL_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,5,1))
+#endif
 #ifndef HAVE_SSL_SET1_PARAM
 #define HAVE_SSL_SET1_PARAM OPENSSL_PREREQ(1,0,2)
 #endif
@@ -8214,6 +8218,21 @@ static int ssl_getCipherInfo(lua_State *L) {
 } /* ssl_getCipherInfo() */
+#if HAVE_SSL_SET_CURVES_LIST
+static int ssl_setCurvesList(lua_State *L) {
+        SSL *ssl = checksimple(L, 1, SSL_CLASS);
+        const char *curves = luaL_checkstring(L, 2);
+        if (!SSL_set1_curves_list(ssl, curves))
+                return auxL_error(L, auxL_EOPENSSL, "ssl:setCurvesList");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* ssl_setCurvesList() */
+#endif
 static int ssl_getHostName(lua_State *L) {
        SSL *ssl = checksimple(L, 1, SSL_CLASS);
        const char *host;
@@ -8357,6 +8376,9 @@ static const auxL_Reg ssl_methods[] = {
        { "getPeerCertificate", &ssl_getPeerCertificate },
        { "getPeerChain",     &ssl_getPeerChain },
        { "getCipherInfo",    &ssl_getCipherInfo },
+#if HAVE_SSL_SET_CURVES_LIST
+        { "setCurvesList",    &ssl_setCurvesList },
+#endif
        { "getHostName",      &ssl_getHostName },
        { "setHostName",      &ssl_setHostName },
        { "getVersion",       &ssl_getVersion },
diff --git a/src/openssl.ssl.lua b/src/openssl.ssl.lua
index 3c348f6..bf90f29 100644
--- a/src/openssl.ssl.lua
+++ b/src/openssl.ssl.lua
@@ -1,3 +1,19 @@
-local ctx = require"_openssl.ssl"
+local ssl = require"_openssl.ssl"
-return ctx
+local pack = table.pack or function(...) return { n = select("#", ...); ... } end
+-- Allow passing a vararg of curves, or an array
+local setCurvesList = ssl.interpose("setCurvesList", nil)
+if setCurvesList then
+        ssl.interpose("setCurvesList", function (self, curves, ...)
+                if (...) then
+                        local curves_t = pack(curves, ...)
+                        curves = table.concat(curves_t, ":", 1, curves_t.n)
+                elseif type(curves) == "table" then
+                        curves = table.concat(curves, ":")
+                end
+                return setCurvesList(self, curves)
+        end)
+end
+return ssl
author	daurnimator <quae@daurnimator.com>	2017-04-06 14:51:22 +1000
committer	daurnimator <quae@daurnimator.com>	2017-04-12 15:35:48 +1000
commit	f92ced1a1448c07ae19c3832a278867859371f76 (patch)
tree	621c2583562ab12a2eebaa93a4b5c3c467cf3bc3
parent	a0346d8054d3b19a7e30b5de70048c001d8c2c26 (diff)
download	luaossl-f92ced1a1448c07ae19c3832a278867859371f76.tar.gz luaossl-f92ced1a1448c07ae19c3832a278867859371f76.tar.bz2 luaossl-f92ced1a1448c07ae19c3832a278867859371f76.zip

diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 32a4dba..76821a1 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex
@@ -978,6 +978,12 @@ TLS1\_2\_VERSION & 16-bit TLSv1.2 identifier (0x0303). \\
978		978
979	Returns the SSL/TLS version supported by the client, which should be greater than or equal to the negotiated version. See \fn{ssl:getVersion}.	979	Returns the SSL/TLS version supported by the client, which should be greater than or equal to the negotiated version. See \fn{ssl:getVersion}.
980		980
		981	\subsubsection[\fn{ssl:setCurvesList}]{\fn{ssl:setCurvesList($string$ [, ...])}}
		982
		983	Sets the supported curves for this SSL connection instance. See \fn{openssl.ssl.context:setCurvesList}.
		984
		985	\emph{Only supported since OpenSSL 1.0.2.}
		986
981	\subsubsection[\fn{ssl:getAlpnSelected}]{\fn{ssl:getAlpnSelected()}}	987	\subsubsection[\fn{ssl:getAlpnSelected}]{\fn{ssl:getAlpnSelected()}}
982		988
983	Returns the negotiated ALPN protocol as a string.	989	Returns the negotiated ALPN protocol as a string.


diff --git a/src/openssl.c b/src/openssl.c index 652e38a..8217deb 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -294,6 +294,10 @@
294	#define HAVE_SSL_SET_ALPN_PROTOS HAVE_SSL_CTX_SET_ALPN_PROTOS	294	#define HAVE_SSL_SET_ALPN_PROTOS HAVE_SSL_CTX_SET_ALPN_PROTOS
295	#endif	295	#endif
296		296
		297	#ifndef HAVE_SSL_SET_CURVES_LIST
		298	#define HAVE_SSL_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) \|\| LIBRESSL_PREREQ(2,5,1))
		299	#endif
		300
297	#ifndef HAVE_SSL_SET1_PARAM	301	#ifndef HAVE_SSL_SET1_PARAM
298	#define HAVE_SSL_SET1_PARAM OPENSSL_PREREQ(1,0,2)	302	#define HAVE_SSL_SET1_PARAM OPENSSL_PREREQ(1,0,2)
299	#endif	303	#endif
@@ -8214,6 +8218,21 @@ static int ssl_getCipherInfo(lua_State *L) {
8214	} /* ssl_getCipherInfo() */	8218	} /* ssl_getCipherInfo() */
8215		8219
8216		8220
		8221	#if HAVE_SSL_SET_CURVES_LIST
		8222	static int ssl_setCurvesList(lua_State *L) {
		8223	SSL *ssl = checksimple(L, 1, SSL_CLASS);
		8224	const char *curves = luaL_checkstring(L, 2);
		8225
		8226	if (!SSL_set1_curves_list(ssl, curves))
		8227	return auxL_error(L, auxL_EOPENSSL, "ssl:setCurvesList");
		8228
		8229	lua_pushboolean(L, 1);
		8230
		8231	return 1;
		8232	} /* ssl_setCurvesList() */
		8233	#endif
		8234
		8235
8217	static int ssl_getHostName(lua_State *L) {	8236	static int ssl_getHostName(lua_State *L) {
8218	SSL *ssl = checksimple(L, 1, SSL_CLASS);	8237	SSL *ssl = checksimple(L, 1, SSL_CLASS);
8219	const char *host;	8238	const char *host;
@@ -8357,6 +8376,9 @@ static const auxL_Reg ssl_methods[] = {
8357	{ "getPeerCertificate", &ssl_getPeerCertificate },	8376	{ "getPeerCertificate", &ssl_getPeerCertificate },
8358	{ "getPeerChain", &ssl_getPeerChain },	8377	{ "getPeerChain", &ssl_getPeerChain },
8359	{ "getCipherInfo", &ssl_getCipherInfo },	8378	{ "getCipherInfo", &ssl_getCipherInfo },
		8379	#if HAVE_SSL_SET_CURVES_LIST
		8380	{ "setCurvesList", &ssl_setCurvesList },
		8381	#endif
8360	{ "getHostName", &ssl_getHostName },	8382	{ "getHostName", &ssl_getHostName },
8361	{ "setHostName", &ssl_setHostName },	8383	{ "setHostName", &ssl_setHostName },
8362	{ "getVersion", &ssl_getVersion },	8384	{ "getVersion", &ssl_getVersion },


diff --git a/src/openssl.ssl.lua b/src/openssl.ssl.lua index 3c348f6..bf90f29 100644 --- a/src/openssl.ssl.lua +++ b/src/openssl.ssl.lua
@@ -1,3 +1,19 @@
1	local ctx = require"_openssl.ssl"	1	local ssl = require"_openssl.ssl"
2		2
3	return ctx	3	local pack = table.pack or function(...) return { n = select("#", ...); ... } end
		4
		5	-- Allow passing a vararg of curves, or an array
		6	local setCurvesList = ssl.interpose("setCurvesList", nil)
		7	if setCurvesList then
		8	ssl.interpose("setCurvesList", function (self, curves, ...)
		9	if (...) then
		10	local curves_t = pack(curves, ...)
		11	curves = table.concat(curves_t, ":", 1, curves_t.n)
		12	elseif type(curves) == "table" then
		13	curves = table.concat(curves, ":")
		14	end
		15	return setCurvesList(self, curves)
		16	end)
		17	end
		18
		19	return ssl