1 files changed, 45 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c
index c589d6c..a0af882 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -2496,6 +2496,50 @@ static int xc_setBasicConstraintsCritical(lua_State *L) {
 } /* xc_setBasicConstraintsCritical() */
+static int xc_addExtension(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        char *name = (char *) luaL_checkstring(L, 2);
+        char *value = (char *) luaL_checkstring(L, 3);
+        int ok = 1;
+        BIO *bio = NULL;
+        CONF *conf = NULL;
+        X509V3_CTX *ctx = NULL;
+        X509_EXTENSION *ext = NULL;
+        if (lua_gettop(L) > 3) {
+          char *cdata = (char *) luaL_checkstring(L, 4);
+                bio = BIO_new(BIO_s_mem());
+                if (!bio) goto error;
+                if (BIO_puts(bio, cdata) < 0) goto error;
+                conf = NCONF_new(NULL);
+                if (!conf) goto error;
+                if (!NCONF_load_bio(conf, bio, NULL)) goto error;
+                ctx = (X509V3_CTX *) malloc(sizeof (X509V3_CTX));
+                X509V3_set_nconf(ctx, conf);
+        }
+        ext = X509V3_EXT_nconf(conf, ctx, name, value);
+        if (ext && X509_add_ext(crt, ext, -1)) goto done;
+        error:
+        ok = 0;
+        done:
+        if (ext) X509_EXTENSION_free(ext);
+        if (ctx) free(ctx);
+        if (conf) NCONF_free(conf);
+        if (bio) BIO_free(bio);
+        return ok ? 0 : throwssl(L, "x509.cert:addExtension");
+} /* xc_addExtension() */
 static int xc_isIssuedBy(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);
@@ -2651,6 +2695,7 @@ static const luaL_Reg xc_methods[] = {
        { "setBasicConstraint",  &xc_setBasicConstraint },
        { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
        { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
+        { "addExtension",  &xc_addExtension },
        { "isIssuedBy",    &xc_isIssuedBy },
        { "getPublicKey",  &xc_getPublicKey },
        { "setPublicKey",  &xc_setPublicKey },

diff --git a/src/openssl.c b/src/openssl.c index c589d6c..a0af882 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -2496,6 +2496,50 @@ static int xc_setBasicConstraintsCritical(lua_State *L) {
2496	} /* xc_setBasicConstraintsCritical() */	2496	} /* xc_setBasicConstraintsCritical() */
2497		2497
2498		2498
		2499	static int xc_addExtension(lua_State *L) {
		2500	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		2501	char name = (char ) luaL_checkstring(L, 2);
		2502	char value = (char ) luaL_checkstring(L, 3);
		2503
		2504	int ok = 1;
		2505
		2506	BIO *bio = NULL;
		2507	CONF *conf = NULL;
		2508	X509V3_CTX *ctx = NULL;
		2509	X509_EXTENSION *ext = NULL;
		2510
		2511	if (lua_gettop(L) > 3) {
		2512	char cdata = (char ) luaL_checkstring(L, 4);
		2513
		2514	bio = BIO_new(BIO_s_mem());
		2515	if (!bio) goto error;
		2516	if (BIO_puts(bio, cdata) < 0) goto error;
		2517
		2518	conf = NCONF_new(NULL);
		2519	if (!conf) goto error;
		2520	if (!NCONF_load_bio(conf, bio, NULL)) goto error;
		2521
		2522	ctx = (X509V3_CTX *) malloc(sizeof (X509V3_CTX));
		2523	X509V3_set_nconf(ctx, conf);
		2524	}
		2525
		2526	ext = X509V3_EXT_nconf(conf, ctx, name, value);
		2527
		2528	if (ext && X509_add_ext(crt, ext, -1)) goto done;
		2529
		2530	error:
		2531	ok = 0;
		2532
		2533	done:
		2534	if (ext) X509_EXTENSION_free(ext);
		2535	if (ctx) free(ctx);
		2536	if (conf) NCONF_free(conf);
		2537	if (bio) BIO_free(bio);
		2538
		2539	return ok ? 0 : throwssl(L, "x509.cert:addExtension");
		2540	} /* xc_addExtension() */
		2541
		2542
2499	static int xc_isIssuedBy(lua_State *L) {	2543	static int xc_isIssuedBy(lua_State *L) {
2500	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	2544	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
2501	X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);	2545	X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);
@@ -2651,6 +2695,7 @@ static const luaL_Reg xc_methods[] = {
2651	{ "setBasicConstraint", &xc_setBasicConstraint },	2695	{ "setBasicConstraint", &xc_setBasicConstraint },
2652	{ "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },	2696	{ "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
2653	{ "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },	2697	{ "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
		2698	{ "addExtension", &xc_addExtension },
2654	{ "isIssuedBy", &xc_isIssuedBy },	2699	{ "isIssuedBy", &xc_isIssuedBy },
2655	{ "getPublicKey", &xc_getPublicKey },	2700	{ "getPublicKey", &xc_getPublicKey },
2656	{ "setPublicKey", &xc_setPublicKey },	2701	{ "setPublicKey", &xc_setPublicKey },