diff options
author | daurnimator <quae@daurnimator.com> | 2017-04-04 15:15:46 +1000 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2017-04-04 15:17:29 +1000 |
commit | a5ba3b4fbadb8369d9f6602f86f33703f3d043de (patch) | |
tree | 68be32621392fbf0ab9fd1a6f7c475fc63152224 /src | |
parent | 5d6b15859e25da8271a3820662bb9d1f8a935107 (diff) | |
download | luaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.tar.gz luaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.tar.bz2 luaossl-a5ba3b4fbadb8369d9f6602f86f33703f3d043de.zip |
Add methods ssl:setVerify(), ssl:getVerify(), ssl:getCertificate() and ssl:setPrivateKey()
Similar to same methods that already exist on ssl.context object
Diffstat (limited to 'src')
-rw-r--r-- | src/openssl.c | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index a01fde5..b0bc5f6 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
@@ -8389,6 +8389,33 @@ static int ssl_getParam(lua_State *L) { | |||
8389 | } /* ssl_getParam() */ | 8389 | } /* ssl_getParam() */ |
8390 | 8390 | ||
8391 | 8391 | ||
8392 | static int ssl_setVerify(lua_State *L) { | ||
8393 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | ||
8394 | int mode = luaL_optinteger(L, 2, -1); | ||
8395 | int depth = luaL_optinteger(L, 3, -1); | ||
8396 | |||
8397 | if (mode != -1) | ||
8398 | SSL_set_verify(ssl, mode, 0); | ||
8399 | |||
8400 | if (depth != -1) | ||
8401 | SSL_set_verify_depth(ssl, depth); | ||
8402 | |||
8403 | lua_pushboolean(L, 1); | ||
8404 | |||
8405 | return 1; | ||
8406 | } /* ssl_setVerify() */ | ||
8407 | |||
8408 | |||
8409 | static int ssl_getVerify(lua_State *L) { | ||
8410 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | ||
8411 | |||
8412 | lua_pushinteger(L, SSL_get_verify_mode(ssl)); | ||
8413 | lua_pushinteger(L, SSL_get_verify_depth(ssl)); | ||
8414 | |||
8415 | return 2; | ||
8416 | } /* ssl_getVerify() */ | ||
8417 | |||
8418 | |||
8392 | static int ssl_getVerifyResult(lua_State *L) { | 8419 | static int ssl_getVerifyResult(lua_State *L) { |
8393 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | 8420 | SSL *ssl = checksimple(L, 1, SSL_CLASS); |
8394 | long res = SSL_get_verify_result(ssl); | 8421 | long res = SSL_get_verify_result(ssl); |
@@ -8398,6 +8425,44 @@ static int ssl_getVerifyResult(lua_State *L) { | |||
8398 | } /* ssl_getVerifyResult() */ | 8425 | } /* ssl_getVerifyResult() */ |
8399 | 8426 | ||
8400 | 8427 | ||
8428 | static int ssl_setCertificate(lua_State *L) { | ||
8429 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | ||
8430 | X509 *crt = X509_dup(checksimple(L, 2, X509_CERT_CLASS)); | ||
8431 | int ok; | ||
8432 | |||
8433 | ok = SSL_use_certificate(ssl, crt); | ||
8434 | X509_free(crt); | ||
8435 | |||
8436 | if (!ok) | ||
8437 | return auxL_error(L, auxL_EOPENSSL, "ssl:setCertificate"); | ||
8438 | |||
8439 | lua_pushboolean(L, 1); | ||
8440 | |||
8441 | return 1; | ||
8442 | } /* ssl_setCertificate() */ | ||
8443 | |||
8444 | |||
8445 | static int ssl_setPrivateKey(lua_State *L) { | ||
8446 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | ||
8447 | EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); | ||
8448 | /* | ||
8449 | * NOTE: No easy way to dup the key, but a shared reference should | ||
8450 | * be okay as keys are less mutable than certificates. | ||
8451 | * | ||
8452 | * FIXME: SSL_use_PrivateKey will return true even if the | ||
8453 | * EVP_PKEY object has no private key. Instead, we'll just get a | ||
8454 | * segfault during the SSL handshake. We need to check that a | ||
8455 | * private key is actually defined in the object. | ||
8456 | */ | ||
8457 | if (!SSL_use_PrivateKey(ssl, key)) | ||
8458 | return auxL_error(L, auxL_EOPENSSL, "ssl:setPrivateKey"); | ||
8459 | |||
8460 | lua_pushboolean(L, 1); | ||
8461 | |||
8462 | return 1; | ||
8463 | } /* ssl_setPrivateKey() */ | ||
8464 | |||
8465 | |||
8401 | static int ssl_getPeerCertificate(lua_State *L) { | 8466 | static int ssl_getPeerCertificate(lua_State *L) { |
8402 | SSL *ssl = checksimple(L, 1, SSL_CLASS); | 8467 | SSL *ssl = checksimple(L, 1, SSL_CLASS); |
8403 | X509 **x509 = prepsimple(L, X509_CERT_CLASS); | 8468 | X509 **x509 = prepsimple(L, X509_CERT_CLASS); |
@@ -8694,7 +8759,11 @@ static const auxL_Reg ssl_methods[] = { | |||
8694 | { "clearOptions", &ssl_clearOptions }, | 8759 | { "clearOptions", &ssl_clearOptions }, |
8695 | { "setParam", &ssl_setParam }, | 8760 | { "setParam", &ssl_setParam }, |
8696 | { "getParam", &ssl_getParam }, | 8761 | { "getParam", &ssl_getParam }, |
8762 | { "setVerify", &ssl_setVerify }, | ||
8763 | { "getVerify", &ssl_getVerify }, | ||
8697 | { "getVerifyResult", &ssl_getVerifyResult }, | 8764 | { "getVerifyResult", &ssl_getVerifyResult }, |
8765 | { "setCertificate", &ssl_setCertificate }, | ||
8766 | { "setPrivateKey", &ssl_setPrivateKey }, | ||
8698 | { "getPeerCertificate", &ssl_getPeerCertificate }, | 8767 | { "getPeerCertificate", &ssl_getPeerCertificate }, |
8699 | { "getPeerChain", &ssl_getPeerChain }, | 8768 | { "getPeerChain", &ssl_getPeerChain }, |
8700 | { "getCipherInfo", &ssl_getCipherInfo }, | 8769 | { "getCipherInfo", &ssl_getCipherInfo }, |