Merge branch 'kunkku-crl'

author: william <william@25tandclement.com> 2014-05-10 18:28:42 -0700
committer: william <william@25tandclement.com> 2014-05-10 18:28:42 -0700
commit: 85f5b3eb7a802984ef3f782faf2e0dcc790845c9 (patch)
tree: 748477651a2d3be197aeef284d60fb858093a312 /src
parent: dd0ad8dc1b0962fc80dbf680aadaaaba6536c96b (diff)
parent: b1d1a810d0fdf8456e2180085d801c937bd516b6 (diff)
download: luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.tar.gz
luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.tar.bz2
luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.zip
3 files changed, 295 insertions, 3 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile
index 99b2336..75e8c3a 100644
--- a/src/GNUmakefile
+++ b/src/GNUmakefile
@@ -94,6 +94,7 @@ MODS$(1)_$(d) = \
        $$(DESTDIR)$(3)/openssl/x509/name.lua \
        $$(DESTDIR)$(3)/openssl/x509/altname.lua \
        $$(DESTDIR)$(3)/openssl/x509/chain.lua \
+        $$(DESTDIR)$(3)/openssl/x509/crl.lua \
        $$(DESTDIR)$(3)/openssl/x509/store.lua \
        $$(DESTDIR)$(3)/openssl/ssl/context.lua \
        $$(DESTDIR)$(3)/openssl/ssl.lua \
diff --git a/src/openssl.c b/src/openssl.c
index 1d15f7c..d5c0122 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -30,7 +30,7 @@
 #include <string.h>       /* memset(3) strerror_r(3) */
 #include <strings.h>      /* strcasecmp(3) */
 #include <math.h>         /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */
-#include <time.h>         /* struct tm time_t strptime(3) */
+#include <time.h>         /* struct tm time_t strptime(3) time(2) */
 #include <ctype.h>        /* tolower(3) */
 #include <errno.h>        /* errno */
@@ -85,6 +85,7 @@
 #define X509_CERT_CLASS  "X509*"
 #define X509_CHAIN_CLASS "STACK_OF(X509)*"
 #define X509_CSR_CLASS   "X509_REQ*"
+#define X509_CRL_CLASS   "X509_CRL*"
 #define X509_STORE_CLASS "X509_STORE*"
 #define X509_STCTX_CLASS "X509_STORE_CTX*"
 #define SSL_CTX_CLASS    "SSL_CTX*"
@@ -194,7 +195,7 @@ static void *prepsimple(lua_State *L, const char *tname, int (*gc)(lua_State *))
 } /* prepsimple() */
 #define prepsimple_(a, b, c, ...) prepsimple((a), (b), (c))
-#define prepsimple(...) prepsimple_(__VA_ARGS__, 0)
+#define prepsimple(...) prepsimple_(__VA_ARGS__, 0, 0)
 static void *checksimple(lua_State *L, int index, const char *tname) {
@@ -403,7 +404,7 @@ static BIGNUM *bn_push(lua_State *L) {
 #define checkbig_(a, b, c, ...) checkbig((a), (b), (c))
-#define checkbig(...) checkbig_(__VA_ARGS__, &(_Bool){ 0 })
+#define checkbig(...) checkbig_(__VA_ARGS__, &(_Bool){ 0 }, 0)
 static BIGNUM *(checkbig)(lua_State *, int, _Bool *);
@@ -2885,6 +2886,294 @@ int luaopen__openssl_x509_csr(lua_State *L) {
 /*
+ * X509_CRL - openssl.x509.crl
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+static int xx_new(lua_State *L) {
+        X509_CRL **ud;
+        ud = prepsimple(L, X509_CRL_CLASS);
+        if (!(*ud = X509_CRL_new()))
+                return throwssl(L, "x509.crl.new");
+        X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
+        return 1;
+} /* xx_new() */
+static int xx_interpose(lua_State *L) {
+        return interpose(L, X509_CRL_CLASS);
+} /* xx_interpose() */
+static int xx_getVersion(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        lua_pushinteger(L, X509_CRL_get_version(crl) + 1);
+        return 1;
+} /* xx_getVersion() */
+static int xx_setVersion(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        int version = luaL_checkint(L, 2);
+        if (!X509_CRL_set_version(crl, version - 1))
+                return luaL_error(L, "x509.crl:setVersion: %d: invalid version", version);
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_setVersion() */
+static int xx_getLastUpdate(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double updated = INFINITY;
+        ASN1_TIME *time;
+        if ((time = X509_CRL_get_lastUpdate(crl)))
+                updated = timeutc(time);
+        if (isfinite(updated))
+                lua_pushnumber(L, 1);
+        else
+                lua_pushnil(L);
+        return 1;
+} /* xx_getLastUpdate() */
+static int xx_setLastUpdate(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double updated = luaL_checknumber(L, 2);
+        ASN1_TIME *time = NULL;
+        /* lastUpdate always present */
+        if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), updated))
+                return throwssl(L, "x509.crl:setLastUpdate");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_setLastUpdate() */
+static int xx_getNextUpdate(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double updateby = INFINITY;
+        ASN1_TIME *time;
+        if ((time = X509_CRL_get_nextUpdate(crl)))
+                updateby = timeutc(time);
+        if (isfinite(updateby))
+                lua_pushnumber(L, 1);
+        else
+                lua_pushnil(L);
+        return 1;
+} /* xx_getNextUpdate() */
+static int xx_setNextUpdate(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double updateby = luaL_checknumber(L, 2);
+        ASN1_TIME *time = NULL;
+        if (X509_CRL_get_nextUpdate(crl)) {
+                if (!ASN1_TIME_set(X509_CRL_get_nextUpdate(crl), updateby))
+                        goto error;
+        } else {
+                if (!(time = ASN1_TIME_new()))
+                        goto error;
+                if (!(ASN1_TIME_set(time, updateby)))
+                        goto error;
+                if (!X509_CRL_set_nextUpdate(crl, time))
+                        goto error;
+                time = NULL;
+        }
+        lua_pushboolean(L, 1);
+        return 1;
+error:
+        if (time)
+                ASN1_TIME_free(time);
+        return throwssl(L, "x509.crl:setNextUpdate");
+} /* xx_setNextUpdate() */
+static int xx_getIssuer(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        X509_NAME *name;
+        if (!(name = X509_CRL_get_issuer(crl)))
+                return 0;
+        xn_dup(L, name);
+        return 1;
+} /* xx_getIssuer() */
+static int xx_setIssuer(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
+        if (!X509_CRL_set_issuer_name(crl, name))
+                return throwssl(L, "x509.crl:setIssuer");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_setIssuer() */
+static int xx_add(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        BIGNUM *bn = checkbig(L, 2);
+        double ut = luaL_optnumber(L, 3, time(NULL));
+        X509_REVOKED *rev = NULL;
+        ASN1_INTEGER *serial = NULL;
+        ASN1_TIME *date = NULL;
+        if (!(rev = X509_REVOKED_new()))
+                goto error;
+        if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
+                goto error;
+        if (!X509_REVOKED_set_serialNumber(rev, serial)) /* duplicates serial */
+                goto error;
+        ASN1_INTEGER_free(serial);
+        serial = NULL;
+        if (!(date = ASN1_TIME_new()))
+                goto error;
+        if (!ASN1_TIME_set(date, ut))
+                goto error;
+        if (!X509_REVOKED_set_revocationDate(rev, date)) /* duplicates date */
+                goto error;
+        ASN1_TIME_free(date);
+        date = NULL;
+        if (!X509_CRL_add0_revoked(crl, rev)) /* takes ownership of rev */
+                goto error;
+        lua_pushboolean(L, 1);
+        return 1;
+error:
+        if (date)
+                ASN1_TIME_free(date);
+        if (serial)
+                ASN1_INTEGER_free(serial);
+        if (rev)
+                X509_REVOKED_free(rev);
+        return throwssl(L, "x509.crl:add");
+} /* xx_add() */
+static int xx_sign(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
+        if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key)))
+                return throwssl(L, "x509.crl:sign");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_sign() */
+static int xx__tostring(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        int type = optencoding(L, 2, "pem", X509_PEM|X509_DER);
+        BIO *bio = getbio(L);
+        char *data;
+        long len;
+        switch (type) {
+        case X509_PEM:
+                if (!PEM_write_bio_X509_CRL(bio, crl))
+                        return throwssl(L, "x509.crl:__tostring");
+                break;
+        case X509_DER:
+                if (!i2d_X509_CRL_bio(bio, crl))
+                        return throwssl(L, "x509.crl:__tostring");
+                break;
+        } /* switch() */
+        len = BIO_get_mem_data(bio, &data);
+        lua_pushlstring(L, data, len);
+        return 1;
+} /* xx__tostring() */
+static int xx__gc(lua_State *L) {
+        X509_CRL **ud = luaL_checkudata(L, 1, X509_CRL_CLASS);
+        X509_CRL_free(*ud);
+        *ud = NULL;
+        return 0;
+} /* xx__gc() */
+static const luaL_Reg xx_methods[] = {
+        { "getVersion",     &xx_getVersion },
+        { "setVersion",     &xx_setVersion },
+        { "getLastUpdate",  &xx_getLastUpdate },
+        { "setLastUpdate",  &xx_setLastUpdate },
+        { "getNextUpdate",  &xx_getNextUpdate },
+        { "setNextUpdate",  &xx_setNextUpdate },
+        { "getIssuer",      &xx_getIssuer },
+        { "setIssuer",      &xx_setIssuer },
+        { "add",            &xx_add },
+        { "sign",           &xx_sign },
+        { "tostring",       &xx__tostring },
+        { NULL,             NULL },
+};
+static const luaL_Reg xx_metatable[] = {
+        { "__tostring", &xx__tostring },
+        { "__gc",       &xx__gc },
+        { NULL,         NULL },
+};
+static const luaL_Reg xx_globals[] = {
+        { "new",       &xx_new },
+        { "interpose", &xx_interpose },
+        { NULL,        NULL },
+};
+int luaopen__openssl_x509_crl(lua_State *L) {
+        initall(L);
+        luaL_newlib(L, xx_globals);
+        return 1;
+} /* luaopen__openssl_x509_crl() */
+/*
 * STACK_OF(X509) - openssl.x509.chain
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4465,6 +4754,7 @@ static void initall(lua_State *L) {
        addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);
        addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
        addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);
+        addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
        addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
        addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
        addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);
diff --git a/src/openssl.x509.crl.lua b/src/openssl.x509.crl.lua
new file mode 100644
index 0000000..7f8a019
--- /dev/null
+++ b/src/openssl.x509.crl.lua
@@ -0,0 +1 @@
+return require('_openssl.x509.crl')
author	william <william@25tandclement.com>	2014-05-10 18:28:42 -0700
committer	william <william@25tandclement.com>	2014-05-10 18:28:42 -0700
commit	85f5b3eb7a802984ef3f782faf2e0dcc790845c9 (patch)
tree	748477651a2d3be197aeef284d60fb858093a312 /src
parent	dd0ad8dc1b0962fc80dbf680aadaaaba6536c96b (diff)
parent	b1d1a810d0fdf8456e2180085d801c937bd516b6 (diff)
download	luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.tar.gz luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.tar.bz2 luaossl-85f5b3eb7a802984ef3f782faf2e0dcc790845c9.zip

diff --git a/src/GNUmakefile b/src/GNUmakefile index 99b2336..75e8c3a 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile
@@ -94,6 +94,7 @@ MODS$(1)_$(d) = \
94	$$(DESTDIR)$(3)/openssl/x509/name.lua \	94	$$(DESTDIR)$(3)/openssl/x509/name.lua \
95	$$(DESTDIR)$(3)/openssl/x509/altname.lua \	95	$$(DESTDIR)$(3)/openssl/x509/altname.lua \
96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \	96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \
		97	$$(DESTDIR)$(3)/openssl/x509/crl.lua \
97	$$(DESTDIR)$(3)/openssl/x509/store.lua \	98	$$(DESTDIR)$(3)/openssl/x509/store.lua \
98	$$(DESTDIR)$(3)/openssl/ssl/context.lua \	99	$$(DESTDIR)$(3)/openssl/ssl/context.lua \
99	$$(DESTDIR)$(3)/openssl/ssl.lua \	100	$$(DESTDIR)$(3)/openssl/ssl.lua \


diff --git a/src/openssl.c b/src/openssl.c index 1d15f7c..d5c0122 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -30,7 +30,7 @@
30	#include <string.h> /* memset(3) strerror_r(3) */	30	#include <string.h> /* memset(3) strerror_r(3) */
31	#include <strings.h> /* strcasecmp(3) */	31	#include <strings.h> /* strcasecmp(3) */
32	#include <math.h> /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */	32	#include <math.h> /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */
33	#include <time.h> /* struct tm time_t strptime(3) */	33	#include <time.h> /* struct tm time_t strptime(3) time(2) */
34	#include <ctype.h> /* tolower(3) */	34	#include <ctype.h> /* tolower(3) */
35	#include <errno.h> /* errno */	35	#include <errno.h> /* errno */
36		36
@@ -85,6 +85,7 @@
85	#define X509_CERT_CLASS "X509*"	85	#define X509_CERT_CLASS "X509*"
86	#define X509_CHAIN_CLASS "STACK_OF(X509)*"	86	#define X509_CHAIN_CLASS "STACK_OF(X509)*"
87	#define X509_CSR_CLASS "X509_REQ*"	87	#define X509_CSR_CLASS "X509_REQ*"
		88	#define X509_CRL_CLASS "X509_CRL*"
88	#define X509_STORE_CLASS "X509_STORE*"	89	#define X509_STORE_CLASS "X509_STORE*"
89	#define X509_STCTX_CLASS "X509_STORE_CTX*"	90	#define X509_STCTX_CLASS "X509_STORE_CTX*"
90	#define SSL_CTX_CLASS "SSL_CTX*"	91	#define SSL_CTX_CLASS "SSL_CTX*"
@@ -194,7 +195,7 @@ static void prepsimple(lua_State L, const char tname, int (gc)(lua_State *))
194	} /* prepsimple() */	195	} /* prepsimple() */
195		196
196	#define prepsimple_(a, b, c, ...) prepsimple((a), (b), (c))	197	#define prepsimple_(a, b, c, ...) prepsimple((a), (b), (c))
197	#define prepsimple(...) prepsimple_(__VA_ARGS__, 0)	198	#define prepsimple(...) prepsimple_(__VA_ARGS__, 0, 0)
198		199
199		200
200	static void checksimple(lua_State L, int index, const char *tname) {	201	static void checksimple(lua_State L, int index, const char *tname) {
@@ -403,7 +404,7 @@ static BIGNUM bn_push(lua_State L) {
403		404
404		405
405	#define checkbig_(a, b, c, ...) checkbig((a), (b), (c))	406	#define checkbig_(a, b, c, ...) checkbig((a), (b), (c))
406	#define checkbig(...) checkbig_(__VA_ARGS__, &(_Bool){ 0 })	407	#define checkbig(...) checkbig_(__VA_ARGS__, &(_Bool){ 0 }, 0)
407		408
408	static BIGNUM (checkbig)(lua_State , int, _Bool *);	409	static BIGNUM (checkbig)(lua_State , int, _Bool *);
409		410
@@ -2885,6 +2886,294 @@ int luaopen__openssl_x509_csr(lua_State *L) {
2885		2886
2886		2887
2887	/*	2888	/*
		2889	* X509_CRL - openssl.x509.crl
		2890	*
		2891	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
		2892
		2893	static int xx_new(lua_State *L) {
		2894	X509_CRL **ud;
		2895
		2896	ud = prepsimple(L, X509_CRL_CLASS);
		2897
		2898	if (!(*ud = X509_CRL_new()))
		2899	return throwssl(L, "x509.crl.new");
		2900
		2901	X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
		2902
		2903	return 1;
		2904	} /* xx_new() */
		2905
		2906
		2907	static int xx_interpose(lua_State *L) {
		2908	return interpose(L, X509_CRL_CLASS);
		2909	} /* xx_interpose() */
		2910
		2911
		2912	static int xx_getVersion(lua_State *L) {
		2913	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2914
		2915	lua_pushinteger(L, X509_CRL_get_version(crl) + 1);
		2916
		2917	return 1;
		2918	} /* xx_getVersion() */
		2919
		2920
		2921	static int xx_setVersion(lua_State *L) {
		2922	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2923	int version = luaL_checkint(L, 2);
		2924
		2925	if (!X509_CRL_set_version(crl, version - 1))
		2926	return luaL_error(L, "x509.crl:setVersion: %d: invalid version", version);
		2927
		2928	lua_pushboolean(L, 1);
		2929
		2930	return 1;
		2931	} /* xx_setVersion() */
		2932
		2933
		2934	static int xx_getLastUpdate(lua_State *L) {
		2935	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2936	double updated = INFINITY;
		2937	ASN1_TIME *time;
		2938
		2939	if ((time = X509_CRL_get_lastUpdate(crl)))
		2940	updated = timeutc(time);
		2941
		2942	if (isfinite(updated))
		2943	lua_pushnumber(L, 1);
		2944	else
		2945	lua_pushnil(L);
		2946
		2947	return 1;
		2948	} /* xx_getLastUpdate() */
		2949
		2950
		2951	static int xx_setLastUpdate(lua_State *L) {
		2952	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2953	double updated = luaL_checknumber(L, 2);
		2954	ASN1_TIME *time = NULL;
		2955
		2956	/* lastUpdate always present */
		2957	if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), updated))
		2958	return throwssl(L, "x509.crl:setLastUpdate");
		2959
		2960	lua_pushboolean(L, 1);
		2961
		2962	return 1;
		2963	} /* xx_setLastUpdate() */
		2964
		2965
		2966	static int xx_getNextUpdate(lua_State *L) {
		2967	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2968	double updateby = INFINITY;
		2969	ASN1_TIME *time;
		2970
		2971	if ((time = X509_CRL_get_nextUpdate(crl)))
		2972	updateby = timeutc(time);
		2973
		2974	if (isfinite(updateby))
		2975	lua_pushnumber(L, 1);
		2976	else
		2977	lua_pushnil(L);
		2978
		2979	return 1;
		2980	} /* xx_getNextUpdate() */
		2981
		2982
		2983	static int xx_setNextUpdate(lua_State *L) {
		2984	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2985	double updateby = luaL_checknumber(L, 2);
		2986	ASN1_TIME *time = NULL;
		2987
		2988	if (X509_CRL_get_nextUpdate(crl)) {
		2989	if (!ASN1_TIME_set(X509_CRL_get_nextUpdate(crl), updateby))
		2990	goto error;
		2991	} else {
		2992	if (!(time = ASN1_TIME_new()))
		2993	goto error;
		2994
		2995	if (!(ASN1_TIME_set(time, updateby)))
		2996	goto error;
		2997
		2998	if (!X509_CRL_set_nextUpdate(crl, time))
		2999	goto error;
		3000
		3001	time = NULL;
		3002	}
		3003
		3004	lua_pushboolean(L, 1);
		3005
		3006	return 1;
		3007	error:
		3008	if (time)
		3009	ASN1_TIME_free(time);
		3010
		3011	return throwssl(L, "x509.crl:setNextUpdate");
		3012	} /* xx_setNextUpdate() */
		3013
		3014
		3015	static int xx_getIssuer(lua_State *L) {
		3016	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3017	X509_NAME *name;
		3018
		3019	if (!(name = X509_CRL_get_issuer(crl)))
		3020	return 0;
		3021
		3022	xn_dup(L, name);
		3023
		3024	return 1;
		3025	} /* xx_getIssuer() */
		3026
		3027
		3028	static int xx_setIssuer(lua_State *L) {
		3029	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3030	X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
		3031
		3032	if (!X509_CRL_set_issuer_name(crl, name))
		3033	return throwssl(L, "x509.crl:setIssuer");
		3034
		3035	lua_pushboolean(L, 1);
		3036
		3037	return 1;
		3038	} /* xx_setIssuer() */
		3039
		3040
		3041	static int xx_add(lua_State *L) {
		3042	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3043	BIGNUM *bn = checkbig(L, 2);
		3044	double ut = luaL_optnumber(L, 3, time(NULL));
		3045	X509_REVOKED *rev = NULL;
		3046	ASN1_INTEGER *serial = NULL;
		3047	ASN1_TIME *date = NULL;
		3048
		3049	if (!(rev = X509_REVOKED_new()))
		3050	goto error;
		3051
		3052	if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
		3053	goto error;
		3054
		3055	if (!X509_REVOKED_set_serialNumber(rev, serial)) /* duplicates serial */
		3056	goto error;
		3057
		3058	ASN1_INTEGER_free(serial);
		3059	serial = NULL;
		3060
		3061	if (!(date = ASN1_TIME_new()))
		3062	goto error;
		3063
		3064	if (!ASN1_TIME_set(date, ut))
		3065	goto error;
		3066
		3067	if (!X509_REVOKED_set_revocationDate(rev, date)) /* duplicates date */
		3068	goto error;
		3069
		3070	ASN1_TIME_free(date);
		3071	date = NULL;
		3072
		3073	if (!X509_CRL_add0_revoked(crl, rev)) /* takes ownership of rev */
		3074	goto error;
		3075
		3076	lua_pushboolean(L, 1);
		3077
		3078	return 1;
		3079	error:
		3080	if (date)
		3081	ASN1_TIME_free(date);
		3082	if (serial)
		3083	ASN1_INTEGER_free(serial);
		3084	if (rev)
		3085	X509_REVOKED_free(rev);
		3086
		3087	return throwssl(L, "x509.crl:add");
		3088	} /* xx_add() */
		3089
		3090
		3091	static int xx_sign(lua_State *L) {
		3092	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3093	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
		3094
		3095	if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key)))
		3096	return throwssl(L, "x509.crl:sign");
		3097
		3098	lua_pushboolean(L, 1);
		3099
		3100	return 1;
		3101	} /* xx_sign() */
		3102
		3103
		3104	static int xx__tostring(lua_State *L) {
		3105	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3106	int type = optencoding(L, 2, "pem", X509_PEM\|X509_DER);
		3107	BIO *bio = getbio(L);
		3108	char *data;
		3109	long len;
		3110
		3111	switch (type) {
		3112	case X509_PEM:
		3113	if (!PEM_write_bio_X509_CRL(bio, crl))
		3114	return throwssl(L, "x509.crl:__tostring");
		3115	break;
		3116	case X509_DER:
		3117	if (!i2d_X509_CRL_bio(bio, crl))
		3118	return throwssl(L, "x509.crl:__tostring");
		3119	break;
		3120	} /* switch() */
		3121
		3122	len = BIO_get_mem_data(bio, &data);
		3123
		3124	lua_pushlstring(L, data, len);
		3125
		3126	return 1;
		3127	} /* xx__tostring() */
		3128
		3129
		3130	static int xx__gc(lua_State *L) {
		3131	X509_CRL **ud = luaL_checkudata(L, 1, X509_CRL_CLASS);
		3132
		3133	X509_CRL_free(*ud);
		3134	*ud = NULL;
		3135
		3136	return 0;
		3137	} /* xx__gc() */
		3138
		3139	static const luaL_Reg xx_methods[] = {
		3140	{ "getVersion", &xx_getVersion },
		3141	{ "setVersion", &xx_setVersion },
		3142	{ "getLastUpdate", &xx_getLastUpdate },
		3143	{ "setLastUpdate", &xx_setLastUpdate },
		3144	{ "getNextUpdate", &xx_getNextUpdate },
		3145	{ "setNextUpdate", &xx_setNextUpdate },
		3146	{ "getIssuer", &xx_getIssuer },
		3147	{ "setIssuer", &xx_setIssuer },
		3148	{ "add", &xx_add },
		3149	{ "sign", &xx_sign },
		3150	{ "tostring", &xx__tostring },
		3151	{ NULL, NULL },
		3152	};
		3153
		3154	static const luaL_Reg xx_metatable[] = {
		3155	{ "__tostring", &xx__tostring },
		3156	{ "__gc", &xx__gc },
		3157	{ NULL, NULL },
		3158	};
		3159
		3160
		3161	static const luaL_Reg xx_globals[] = {
		3162	{ "new", &xx_new },
		3163	{ "interpose", &xx_interpose },
		3164	{ NULL, NULL },
		3165	};
		3166
		3167	int luaopen__openssl_x509_crl(lua_State *L) {
		3168	initall(L);
		3169
		3170	luaL_newlib(L, xx_globals);
		3171
		3172	return 1;
		3173	} /* luaopen__openssl_x509_crl() */
		3174
		3175
		3176	/*
2888	* STACK_OF(X509) - openssl.x509.chain	3177	* STACK_OF(X509) - openssl.x509.chain
2889	*	3178	*
2890	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	3179	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4465,6 +4754,7 @@ static void initall(lua_State *L) {
4465	addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);	4754	addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);
4466	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);	4755	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
4467	addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);	4756	addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);
		4757	addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
4468	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);	4758	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
4469	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);	4759	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
4470	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);	4760	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);


diff --git a/src/openssl.x509.crl.lua b/src/openssl.x509.crl.lua new file mode 100644 index 0000000..7f8a019 --- /dev/null +++ b/src/openssl.x509.crl.lua
@@ -0,0 +1 @@
			return require('_openssl.x509.crl')