summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authordaurnimator <quae@daurnimator.com>2017-04-04 15:15:46 +1000
committerdaurnimator <quae@daurnimator.com>2017-04-04 15:17:29 +1000
commita5ba3b4fbadb8369d9f6602f86f33703f3d043de (patch)
tree68be32621392fbf0ab9fd1a6f7c475fc63152224 /src
parent5d6b15859e25da8271a3820662bb9d1f8a935107 (diff)
downloadluaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.tar.gz
luaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.tar.bz2
luaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.zip
Add methods ssl:setVerify(), ssl:getVerify(), ssl:getCertificate() and ssl:setPrivateKey()
Similar to same methods that already exist on ssl.context object
Diffstat (limited to 'src')
-rw-r--r--src/openssl.c69
1 files changed, 69 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c
index a01fde5..b0bc5f6 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -8389,6 +8389,33 @@ static int ssl_getParam(lua_State *L) {
8389} /* ssl_getParam() */ 8389} /* ssl_getParam() */
8390 8390
8391 8391
8392static int ssl_setVerify(lua_State *L) {
8393 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8394 int mode = luaL_optinteger(L, 2, -1);
8395 int depth = luaL_optinteger(L, 3, -1);
8396
8397 if (mode != -1)
8398 SSL_set_verify(ssl, mode, 0);
8399
8400 if (depth != -1)
8401 SSL_set_verify_depth(ssl, depth);
8402
8403 lua_pushboolean(L, 1);
8404
8405 return 1;
8406} /* ssl_setVerify() */
8407
8408
8409static int ssl_getVerify(lua_State *L) {
8410 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8411
8412 lua_pushinteger(L, SSL_get_verify_mode(ssl));
8413 lua_pushinteger(L, SSL_get_verify_depth(ssl));
8414
8415 return 2;
8416} /* ssl_getVerify() */
8417
8418
8392static int ssl_getVerifyResult(lua_State *L) { 8419static int ssl_getVerifyResult(lua_State *L) {
8393 SSL *ssl = checksimple(L, 1, SSL_CLASS); 8420 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8394 long res = SSL_get_verify_result(ssl); 8421 long res = SSL_get_verify_result(ssl);
@@ -8398,6 +8425,44 @@ static int ssl_getVerifyResult(lua_State *L) {
8398} /* ssl_getVerifyResult() */ 8425} /* ssl_getVerifyResult() */
8399 8426
8400 8427
8428static int ssl_setCertificate(lua_State *L) {
8429 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8430 X509 *crt = X509_dup(checksimple(L, 2, X509_CERT_CLASS));
8431 int ok;
8432
8433 ok = SSL_use_certificate(ssl, crt);
8434 X509_free(crt);
8435
8436 if (!ok)
8437 return auxL_error(L, auxL_EOPENSSL, "ssl:setCertificate");
8438
8439 lua_pushboolean(L, 1);
8440
8441 return 1;
8442} /* ssl_setCertificate() */
8443
8444
8445static int ssl_setPrivateKey(lua_State *L) {
8446 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8447 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
8448 /*
8449 * NOTE: No easy way to dup the key, but a shared reference should
8450 * be okay as keys are less mutable than certificates.
8451 *
8452 * FIXME: SSL_use_PrivateKey will return true even if the
8453 * EVP_PKEY object has no private key. Instead, we'll just get a
8454 * segfault during the SSL handshake. We need to check that a
8455 * private key is actually defined in the object.
8456 */
8457 if (!SSL_use_PrivateKey(ssl, key))
8458 return auxL_error(L, auxL_EOPENSSL, "ssl:setPrivateKey");
8459
8460 lua_pushboolean(L, 1);
8461
8462 return 1;
8463} /* ssl_setPrivateKey() */
8464
8465
8401static int ssl_getPeerCertificate(lua_State *L) { 8466static int ssl_getPeerCertificate(lua_State *L) {
8402 SSL *ssl = checksimple(L, 1, SSL_CLASS); 8467 SSL *ssl = checksimple(L, 1, SSL_CLASS);
8403 X509 **x509 = prepsimple(L, X509_CERT_CLASS); 8468 X509 **x509 = prepsimple(L, X509_CERT_CLASS);
@@ -8694,7 +8759,11 @@ static const auxL_Reg ssl_methods[] = {
8694 { "clearOptions", &ssl_clearOptions }, 8759 { "clearOptions", &ssl_clearOptions },
8695 { "setParam", &ssl_setParam }, 8760 { "setParam", &ssl_setParam },
8696 { "getParam", &ssl_getParam }, 8761 { "getParam", &ssl_getParam },
8762 { "setVerify", &ssl_setVerify },
8763 { "getVerify", &ssl_getVerify },
8697 { "getVerifyResult", &ssl_getVerifyResult }, 8764 { "getVerifyResult", &ssl_getVerifyResult },
8765 { "setCertificate", &ssl_setCertificate },
8766 { "setPrivateKey", &ssl_setPrivateKey },
8698 { "getPeerCertificate", &ssl_getPeerCertificate }, 8767 { "getPeerCertificate", &ssl_getPeerCertificate },
8699 { "getPeerChain", &ssl_getPeerChain }, 8768 { "getPeerChain", &ssl_getPeerChain },
8700 { "getCipherInfo", &ssl_getCipherInfo }, 8769 { "getCipherInfo", &ssl_getCipherInfo },