diff options
| author | daurnimator <quae@daurnimator.com> | 2016-11-09 17:56:31 +1100 |
|---|---|---|
| committer | daurnimator <quae@daurnimator.com> | 2016-12-09 02:56:33 +1100 |
| commit | 830bf16fe424b1e273f9d6c244d56398e713c1dd (patch) | |
| tree | 154c6339197b5406de559ba79d598585605f2a35 /src | |
| parent | db1240b586261e3404975fa0a00a90a5cffe7363 (diff) | |
| download | luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.gz luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.tar.bz2 luaossl-830bf16fe424b1e273f9d6c244d56398e713c1dd.zip | |
openssl.x509.verify_param: Start work on binding X509_VERIFY_PARAM
Diffstat (limited to 'src')
| -rw-r--r-- | src/GNUmakefile | 1 | ||||
| -rw-r--r-- | src/openssl.c | 187 | ||||
| -rw-r--r-- | src/openssl.x509.verify_param.lua | 1 |
3 files changed, 189 insertions, 0 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile index e7cb54d..015a93c 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile | |||
| @@ -102,6 +102,7 @@ MODS$(1)_$(d) = \ | |||
| 102 | $$(DESTDIR)$(3)/openssl/x509/csr.lua \ | 102 | $$(DESTDIR)$(3)/openssl/x509/csr.lua \ |
| 103 | $$(DESTDIR)$(3)/openssl/x509/extension.lua \ | 103 | $$(DESTDIR)$(3)/openssl/x509/extension.lua \ |
| 104 | $$(DESTDIR)$(3)/openssl/x509/store.lua \ | 104 | $$(DESTDIR)$(3)/openssl/x509/store.lua \ |
| 105 | $$(DESTDIR)$(3)/openssl/x509/verify_param.lua \ | ||
| 105 | $$(DESTDIR)$(3)/openssl/pkcs12.lua \ | 106 | $$(DESTDIR)$(3)/openssl/pkcs12.lua \ |
| 106 | $$(DESTDIR)$(3)/openssl/ssl/context.lua \ | 107 | $$(DESTDIR)$(3)/openssl/ssl/context.lua \ |
| 107 | $$(DESTDIR)$(3)/openssl/ssl.lua \ | 108 | $$(DESTDIR)$(3)/openssl/ssl.lua \ |
diff --git a/src/openssl.c b/src/openssl.c index 38c9888..8d513e6 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -60,6 +60,7 @@ | |||
| 60 | #include <openssl/bn.h> | 60 | #include <openssl/bn.h> |
| 61 | #include <openssl/asn1.h> | 61 | #include <openssl/asn1.h> |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | #include <openssl/x509_vfy.h> | ||
| 63 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
| 64 | #include <openssl/pkcs12.h> | 65 | #include <openssl/pkcs12.h> |
| 65 | #include <openssl/evp.h> | 66 | #include <openssl/evp.h> |
| @@ -335,6 +336,7 @@ | |||
| 335 | #define X509_CSR_CLASS "X509_REQ*" | 336 | #define X509_CSR_CLASS "X509_REQ*" |
| 336 | #define X509_CRL_CLASS "X509_CRL*" | 337 | #define X509_CRL_CLASS "X509_CRL*" |
| 337 | #define X509_STORE_CLASS "X509_STORE*" | 338 | #define X509_STORE_CLASS "X509_STORE*" |
| 339 | #define X509_VERIFY_PARAM_CLASS "X509_VERIFY_PARAM*" | ||
| 338 | #define X509_STCTX_CLASS "X509_STORE_CTX*" | 340 | #define X509_STCTX_CLASS "X509_STORE_CTX*" |
| 339 | #define PKCS12_CLASS "PKCS12*" | 341 | #define PKCS12_CLASS "PKCS12*" |
| 340 | #define SSL_CTX_CLASS "SSL_CTX*" | 342 | #define SSL_CTX_CLASS "SSL_CTX*" |
| @@ -8184,6 +8186,190 @@ int luaopen__openssl_ssl(lua_State *L) { | |||
| 8184 | 8186 | ||
| 8185 | 8187 | ||
| 8186 | /* | 8188 | /* |
| 8189 | * X509_VERIFY_PARAM | ||
| 8190 | * | ||
| 8191 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ | ||
| 8192 | |||
| 8193 | static int xp_new(lua_State *L) { | ||
| 8194 | X509_VERIFY_PARAM **ud = prepsimple(L, X509_VERIFY_PARAM_CLASS); | ||
| 8195 | |||
| 8196 | if (!(*ud = X509_VERIFY_PARAM_new())) | ||
| 8197 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param.new"); | ||
| 8198 | |||
| 8199 | return 1; | ||
| 8200 | } /* xp_new() */ | ||
| 8201 | |||
| 8202 | |||
| 8203 | static int xp_interpose(lua_State *L) { | ||
| 8204 | return interpose(L, X509_VERIFY_PARAM_CLASS); | ||
| 8205 | } /* xp_interpose() */ | ||
| 8206 | |||
| 8207 | |||
| 8208 | static const X509_PURPOSE *purpose_checktype(lua_State *L, int index) { | ||
| 8209 | const char *purpose_name; | ||
| 8210 | int purpose_id; | ||
| 8211 | int purpose_idx; | ||
| 8212 | const X509_PURPOSE *purpose; | ||
| 8213 | |||
| 8214 | if (lua_isnumber(L, index)) { | ||
| 8215 | purpose_id = luaL_checkinteger(L, index); | ||
| 8216 | purpose_idx = X509_PURPOSE_get_by_id(purpose_id); | ||
| 8217 | if (purpose_idx < 0) | ||
| 8218 | luaL_argerror(L, index, lua_pushfstring(L, "%d: invalid purpose", purpose_id)); | ||
| 8219 | } else { | ||
| 8220 | purpose_name = luaL_checkstring(L, index); | ||
| 8221 | purpose_idx = X509_PURPOSE_get_by_sname((char*)purpose_name); | ||
| 8222 | if (purpose_idx < 0) | ||
| 8223 | luaL_argerror(L, index, lua_pushfstring(L, "%s: invalid purpose", purpose_name)); | ||
| 8224 | } | ||
| 8225 | |||
| 8226 | purpose = X509_PURPOSE_get0(purpose_idx); | ||
| 8227 | return purpose; | ||
| 8228 | } /* purpose_checktype() */ | ||
| 8229 | |||
| 8230 | |||
| 8231 | static int xp_setPurpose(lua_State *L) { | ||
| 8232 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8233 | const X509_PURPOSE *purpose = purpose_checktype(L, 2); | ||
| 8234 | |||
| 8235 | if (!X509_VERIFY_PARAM_set_purpose(xp, X509_PURPOSE_get_id((X509_PURPOSE*)purpose))) | ||
| 8236 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setPurpose"); | ||
| 8237 | |||
| 8238 | lua_pushboolean(L, 1); | ||
| 8239 | return 1; | ||
| 8240 | } /* xp_setPurpose() */ | ||
| 8241 | |||
| 8242 | |||
| 8243 | static int xp_setTime(lua_State *L) { | ||
| 8244 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8245 | time_t t = luaL_checkinteger(L, 2); | ||
| 8246 | |||
| 8247 | X509_VERIFY_PARAM_set_time(xp, t); | ||
| 8248 | |||
| 8249 | lua_pushboolean(L, 1); | ||
| 8250 | return 1; | ||
| 8251 | } /* xp_setTime() */ | ||
| 8252 | |||
| 8253 | |||
| 8254 | static int xp_setDepth(lua_State *L) { | ||
| 8255 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8256 | int depth = luaL_checkinteger(L, 2); | ||
| 8257 | |||
| 8258 | X509_VERIFY_PARAM_set_depth(xp, depth); | ||
| 8259 | |||
| 8260 | lua_pushboolean(L, 1); | ||
| 8261 | return 1; | ||
| 8262 | } /* xp_setDepth() */ | ||
| 8263 | |||
| 8264 | |||
| 8265 | static int xp_getDepth(lua_State *L) { | ||
| 8266 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8267 | |||
| 8268 | int depth = X509_VERIFY_PARAM_get_depth(xp); | ||
| 8269 | |||
| 8270 | lua_pushinteger(L, depth); | ||
| 8271 | return 1; | ||
| 8272 | } /* xp_getDepth() */ | ||
| 8273 | |||
| 8274 | |||
| 8275 | static int xp_setHost(lua_State *L) { | ||
| 8276 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8277 | size_t len; | ||
| 8278 | const char *str = luaL_optlstring(L, 2, NULL, &len); /* NULL = clear hosts */ | ||
| 8279 | |||
| 8280 | if (!X509_VERIFY_PARAM_set1_host(xp, str, len)) | ||
| 8281 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
| 8282 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setHost"); | ||
| 8283 | |||
| 8284 | lua_pushboolean(L, 1); | ||
| 8285 | return 1; | ||
| 8286 | } /* xp_setHost() */ | ||
| 8287 | |||
| 8288 | |||
| 8289 | static int xp_addHost(lua_State *L) { | ||
| 8290 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8291 | size_t len; | ||
| 8292 | const char *str = luaL_checklstring(L, 2, &len); | ||
| 8293 | |||
| 8294 | if (!X509_VERIFY_PARAM_add1_host(xp, str, len)) | ||
| 8295 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
| 8296 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:addHost"); | ||
| 8297 | |||
| 8298 | lua_pushboolean(L, 1); | ||
| 8299 | return 1; | ||
| 8300 | } /* xp_addHost() */ | ||
| 8301 | |||
| 8302 | |||
| 8303 | static int xp_setEmail(lua_State *L) { | ||
| 8304 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8305 | size_t len; | ||
| 8306 | const char *str = luaL_checklstring(L, 2, &len); | ||
| 8307 | |||
| 8308 | if (!X509_VERIFY_PARAM_set1_email(xp, str, len)) | ||
| 8309 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
| 8310 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setEmail"); | ||
| 8311 | |||
| 8312 | lua_pushboolean(L, 1); | ||
| 8313 | return 1; | ||
| 8314 | } /* xp_setEmail() */ | ||
| 8315 | |||
| 8316 | |||
| 8317 | static int xp_setIP(lua_State *L) { | ||
| 8318 | X509_VERIFY_PARAM *xp = checksimple(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8319 | const char *str = luaL_checkstring(L, 2); | ||
| 8320 | |||
| 8321 | if (!X509_VERIFY_PARAM_set1_ip_asc(xp, str)) | ||
| 8322 | /* Note: openssl doesn't set an error as it should for some cases */ | ||
| 8323 | return auxL_error(L, auxL_EOPENSSL, "x509.verify_param:setIP"); | ||
| 8324 | |||
| 8325 | lua_pushboolean(L, 1); | ||
| 8326 | return 1; | ||
| 8327 | } /* xp_setIP() */ | ||
| 8328 | |||
| 8329 | |||
| 8330 | static int xp__gc(lua_State *L) { | ||
| 8331 | X509_VERIFY_PARAM **ud = luaL_checkudata(L, 1, X509_VERIFY_PARAM_CLASS); | ||
| 8332 | |||
| 8333 | X509_VERIFY_PARAM_free(*ud); | ||
| 8334 | *ud = NULL; | ||
| 8335 | |||
| 8336 | return 0; | ||
| 8337 | } /* xp__gc() */ | ||
| 8338 | |||
| 8339 | |||
| 8340 | static const auxL_Reg xp_methods[] = { | ||
| 8341 | { "setPurpose", &xp_setPurpose }, | ||
| 8342 | { "setTime", &xp_setTime }, | ||
| 8343 | { "setDepth", &xp_setDepth }, | ||
| 8344 | { "getDepth", &xp_getDepth }, | ||
| 8345 | { "setHost", &xp_setHost }, | ||
| 8346 | { "addHost", &xp_addHost }, | ||
| 8347 | { "setEmail", &xp_setEmail }, | ||
| 8348 | { "setIP", &xp_setIP }, | ||
| 8349 | { NULL, NULL }, | ||
| 8350 | }; | ||
| 8351 | |||
| 8352 | static const auxL_Reg xp_metatable[] = { | ||
| 8353 | { "__gc", &xp__gc }, | ||
| 8354 | { NULL, NULL }, | ||
| 8355 | }; | ||
| 8356 | |||
| 8357 | static const auxL_Reg xp_globals[] = { | ||
| 8358 | { "new", &xp_new }, | ||
| 8359 | { "interpose", &xp_interpose }, | ||
| 8360 | { NULL, NULL }, | ||
| 8361 | }; | ||
| 8362 | |||
| 8363 | int luaopen__openssl_x509_verify_param(lua_State *L) { | ||
| 8364 | initall(L); | ||
| 8365 | |||
| 8366 | auxL_newlib(L, xp_globals, 0); | ||
| 8367 | |||
| 8368 | return 1; | ||
| 8369 | } /* luaopen__openssl_x509_verify_param() */ | ||
| 8370 | |||
| 8371 | |||
| 8372 | /* | ||
| 8187 | * Digest - openssl.digest | 8373 | * Digest - openssl.digest |
| 8188 | * | 8374 | * |
| 8189 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ | 8375 | * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ |
| @@ -9171,6 +9357,7 @@ static void initall(lua_State *L) { | |||
| 9171 | auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0); | 9357 | auxL_addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable, 0); |
| 9172 | auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0); | 9358 | auxL_addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable, 0); |
| 9173 | auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0); | 9359 | auxL_addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable, 0); |
| 9360 | auxL_addclass(L, X509_VERIFY_PARAM_CLASS, xp_methods, xp_metatable, 0); | ||
| 9174 | auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0); | 9361 | auxL_addclass(L, PKCS12_CLASS, p12_methods, p12_metatable, 0); |
| 9175 | auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0); | 9362 | auxL_addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable, 0); |
| 9176 | auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0); | 9363 | auxL_addclass(L, SSL_CLASS, ssl_methods, ssl_metatable, 0); |
diff --git a/src/openssl.x509.verify_param.lua b/src/openssl.x509.verify_param.lua new file mode 100644 index 0000000..a3148e6 --- /dev/null +++ b/src/openssl.x509.verify_param.lua | |||
| @@ -0,0 +1 @@ | |||
| return require('_openssl.x509.verify_param') | |||