diff options
| author | william <william+macosx@25thandclement.com> | 2015-06-04 13:28:26 -0700 |
|---|---|---|
| committer | william <william+macosx@25thandclement.com> | 2015-06-04 13:28:26 -0700 |
| commit | f9ad758d661f8f288e11f7071a05fa3d7d64ff27 (patch) | |
| tree | 03f2763f4344efa078bb249d6087493d5418a7f2 | |
| parent | 2a63f87e7b6e03d8a9075c52813788658030cc68 (diff) | |
| download | luaossl-f9ad758d661f8f288e11f7071a05fa3d7d64ff27.tar.gz luaossl-f9ad758d661f8f288e11f7071a05fa3d7d64ff27.tar.bz2 luaossl-f9ad758d661f8f288e11f7071a05fa3d7d64ff27.zip | |
clarify ownership semantics of new extension features, some consistency work, and a little bit of refactoring to help me understand how the new code works
| -rw-r--r-- | src/openssl.c | 51 |
1 files changed, 35 insertions, 16 deletions
diff --git a/src/openssl.c b/src/openssl.c index 63c3985..629373d 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -748,7 +748,7 @@ static struct { | |||
| 748 | .X509_STORE_free = &X509_STORE_free, | 748 | .X509_STORE_free = &X509_STORE_free, |
| 749 | }; | 749 | }; |
| 750 | 750 | ||
| 751 | #if !HAVE_EVP_PKEY_base_id | 751 | #if !HAVE_EVP_PKEY_BASE_ID |
| 752 | #define EVP_PKEY_base_id(key) compat_EVP_PKEY_base_id((key)) | 752 | #define EVP_PKEY_base_id(key) compat_EVP_PKEY_base_id((key)) |
| 753 | 753 | ||
| 754 | static int compat_EVP_PKEY_base_id(EVP_PKEY *key) { | 754 | static int compat_EVP_PKEY_base_id(EVP_PKEY *key) { |
| @@ -757,7 +757,7 @@ static int compat_EVP_PKEY_base_id(EVP_PKEY *key) { | |||
| 757 | #endif | 757 | #endif |
| 758 | 758 | ||
| 759 | 759 | ||
| 760 | #if !HAVE_EVP_PKEY_get0 | 760 | #if !HAVE_EVP_PKEY_GET0 |
| 761 | #define EVP_PKEY_get0(key) compat_EVP_PKEY_get0((key)) | 761 | #define EVP_PKEY_get0(key) compat_EVP_PKEY_get0((key)) |
| 762 | 762 | ||
| 763 | static void *compat_EVP_PKEY_get0(EVP_PKEY *key) { | 763 | static void *compat_EVP_PKEY_get0(EVP_PKEY *key) { |
| @@ -792,6 +792,14 @@ static void *compat_EVP_PKEY_get0(EVP_PKEY *key) { | |||
| 792 | } /* compat_EVP_PKEY_get0() */ | 792 | } /* compat_EVP_PKEY_get0() */ |
| 793 | #endif | 793 | #endif |
| 794 | 794 | ||
| 795 | #if !HAVE_X509_GET0_EXT | ||
| 796 | #define X509_get0_ext(crt, i) X509_get_ext((crt), (i)) | ||
| 797 | #endif | ||
| 798 | |||
| 799 | #if !HAVE_X509_EXTENSION_GET0_DATA | ||
| 800 | #define X509_EXTENSION_get0_data(ext) X509_EXTENSION_get_data((ext)) | ||
| 801 | #endif | ||
| 802 | |||
| 795 | /* | 803 | /* |
| 796 | * X509_STORE_free in OpenSSL versions < 1.0.2 doesn't obey reference count | 804 | * X509_STORE_free in OpenSSL versions < 1.0.2 doesn't obey reference count |
| 797 | */ | 805 | */ |
| @@ -2864,25 +2872,33 @@ int luaopen__openssl_x509_altname(lua_State *L) { | |||
| 2864 | * | 2872 | * |
| 2865 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ | 2873 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ |
| 2866 | 2874 | ||
| 2867 | static int xe_new(lua_State *L) { | 2875 | static _Bool xe_new_isder(const char *value, _Bool *crit) { |
| 2868 | lua_settop(L, 3); | 2876 | if (!strcmp(value, "critical,DER")) |
| 2877 | return (*crit = 1), 1; | ||
| 2878 | if (!strcmp(value, "DER")) | ||
| 2879 | return (*crit = 0), 1; | ||
| 2869 | 2880 | ||
| 2870 | X509_EXTENSION **ud = prepsimple(L, X509_EXT_CLASS); | 2881 | return 0; |
| 2882 | } /* xs_new_isder() */ | ||
| 2871 | 2883 | ||
| 2884 | static int xe_new(lua_State *L) { | ||
| 2872 | const char *name = luaL_checkstring(L, 1); | 2885 | const char *name = luaL_checkstring(L, 1); |
| 2873 | const char *value = luaL_checkstring(L, 2); | 2886 | const char *value = luaL_checkstring(L, 2); |
| 2874 | |||
| 2875 | ASN1_OBJECT *obj = NULL; | 2887 | ASN1_OBJECT *obj = NULL; |
| 2876 | ASN1_STRING *oct = NULL; | 2888 | ASN1_STRING *oct = NULL; |
| 2877 | CONF *conf = NULL; | 2889 | CONF *conf = NULL; |
| 2878 | X509V3_CTX cbuf = { 0 }, *ctx = NULL; | 2890 | X509V3_CTX cbuf = { 0 }, *ctx = NULL; |
| 2891 | X509_EXTENSION **ud; | ||
| 2892 | |||
| 2893 | lua_settop(L, 3); | ||
| 2894 | ud = prepsimple(L, X509_EXT_CLASS); | ||
| 2879 | 2895 | ||
| 2880 | if (!lua_isnil(L, 3)) { | 2896 | if (!lua_isnil(L, 3)) { |
| 2881 | size_t len; | 2897 | size_t len; |
| 2882 | const char *cdata = luaL_checklstring(L, 3, &len); | 2898 | const char *cdata = luaL_checklstring(L, 3, &len); |
| 2883 | int crit = !strcmp(value, "critical,DER"); | 2899 | _Bool crit; |
| 2884 | 2900 | ||
| 2885 | if (crit || !strcmp(value, "DER")) { | 2901 | if (xe_new_isder(value, &crit)) { |
| 2886 | if (!(obj = OBJ_txt2obj(name, 0))) | 2902 | if (!(obj = OBJ_txt2obj(name, 0))) |
| 2887 | goto error; | 2903 | goto error; |
| 2888 | if (!(oct = ASN1_STRING_new())) | 2904 | if (!(oct = ASN1_STRING_new())) |
| @@ -2891,8 +2907,10 @@ static int xe_new(lua_State *L) { | |||
| 2891 | goto error; | 2907 | goto error; |
| 2892 | if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct))) | 2908 | if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct))) |
| 2893 | goto error; | 2909 | goto error; |
| 2910 | |||
| 2894 | ASN1_OBJECT_free(obj); | 2911 | ASN1_OBJECT_free(obj); |
| 2895 | ASN1_STRING_free(oct); | 2912 | ASN1_STRING_free(oct); |
| 2913 | |||
| 2896 | return 1; | 2914 | return 1; |
| 2897 | } | 2915 | } |
| 2898 | 2916 | ||
| @@ -2928,10 +2946,8 @@ static int xe_new(lua_State *L) { | |||
| 2928 | error: | 2946 | error: |
| 2929 | if (obj) | 2947 | if (obj) |
| 2930 | ASN1_OBJECT_free(obj); | 2948 | ASN1_OBJECT_free(obj); |
| 2931 | |||
| 2932 | if (oct) | 2949 | if (oct) |
| 2933 | ASN1_STRING_free(oct); | 2950 | ASN1_STRING_free(oct); |
| 2934 | |||
| 2935 | if (conf) | 2951 | if (conf) |
| 2936 | NCONF_free(conf); | 2952 | NCONF_free(conf); |
| 2937 | 2953 | ||
| @@ -2945,8 +2961,10 @@ static int xe_interpose(lua_State *L) { | |||
| 2945 | 2961 | ||
| 2946 | 2962 | ||
| 2947 | static int xe_getData(lua_State *L) { | 2963 | static int xe_getData(lua_State *L) { |
| 2948 | ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS)); | 2964 | ASN1_STRING *data = X509_EXTENSION_get0_data(checksimple(L, 1, X509_EXT_CLASS)); |
| 2949 | lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data)); | 2965 | |
| 2966 | lua_pushlstring(L, (char *)ASN1_STRING_data(data), ASN1_STRING_length(data)); | ||
| 2967 | |||
| 2950 | return 1; | 2968 | return 1; |
| 2951 | } /* xe_getData() */ | 2969 | } /* xe_getData() */ |
| 2952 | 2970 | ||
| @@ -3696,7 +3714,6 @@ static int xc_addExtension(lua_State *L) { | |||
| 3696 | static int xc_getExtension(lua_State *L) { | 3714 | static int xc_getExtension(lua_State *L) { |
| 3697 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 3715 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 3698 | const char *name = luaL_checkstring(L, 2); | 3716 | const char *name = luaL_checkstring(L, 2); |
| 3699 | |||
| 3700 | X509_EXTENSION *ext, **ud; | 3717 | X509_EXTENSION *ext, **ud; |
| 3701 | ASN1_OBJECT *obj = NULL; | 3718 | ASN1_OBJECT *obj = NULL; |
| 3702 | 3719 | ||
| @@ -3706,16 +3723,17 @@ static int xc_getExtension(lua_State *L) { | |||
| 3706 | int i = X509_get_ext_by_OBJ(crt, obj, -1); | 3723 | int i = X509_get_ext_by_OBJ(crt, obj, -1); |
| 3707 | if (i > -1) { | 3724 | if (i > -1) { |
| 3708 | ud = prepsimple(L, X509_EXT_CLASS); | 3725 | ud = prepsimple(L, X509_EXT_CLASS); |
| 3709 | if (!(ext = X509_get_ext(crt, i))) | 3726 | if (!(ext = X509_get0_ext(crt, i))) |
| 3710 | goto error; | 3727 | goto error; |
| 3711 | if (!(*ud = X509_EXTENSION_dup(ext))) | 3728 | if (!(*ud = X509_EXTENSION_dup(ext))) |
| 3712 | goto error; | 3729 | goto error; |
| 3730 | } else { | ||
| 3731 | lua_pushnil(L); | ||
| 3713 | } | 3732 | } |
| 3714 | else lua_pushnil(L); | ||
| 3715 | 3733 | ||
| 3716 | ASN1_OBJECT_free(obj); | 3734 | ASN1_OBJECT_free(obj); |
| 3717 | return 1; | ||
| 3718 | 3735 | ||
| 3736 | return 1; | ||
| 3719 | error: | 3737 | error: |
| 3720 | if (obj) | 3738 | if (obj) |
| 3721 | ASN1_OBJECT_free(obj); | 3739 | ASN1_OBJECT_free(obj); |
| @@ -4434,6 +4452,7 @@ static int xx_addExtension(lua_State *L) { | |||
| 4434 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); | 4452 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); |
| 4435 | X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS); | 4453 | X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS); |
| 4436 | 4454 | ||
| 4455 | /* NOTE: Will dup extension in X509v3_add_ext. */ | ||
| 4437 | if (!X509_CRL_add_ext(crl, ext, -1)) | 4456 | if (!X509_CRL_add_ext(crl, ext, -1)) |
| 4438 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension"); | 4457 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension"); |
| 4439 | 4458 | ||