summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/openssl.c556
1 files changed, 277 insertions, 279 deletions
diff --git a/src/openssl.c b/src/openssl.c
index 0894fcf..03cc3f7 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -196,35 +196,6 @@ static const char *xitoa(char *dst, size_t lim, long i) {
196} /* xitoa() */ 196} /* xitoa() */
197 197
198 198
199#define xstrerror(error) xstrerror_r((error), (char[256]){ 0 }, 256)
200
201static const char *xstrerror_r(int error, char *dst, size_t lim) {
202 static const char unknown[] = "Unknown error: ";
203 size_t n;
204
205#if STRERROR_R_CHAR_P
206 char *rv = strerror_r(error, dst, lim);
207
208 if (rv != NULL)
209 return dst;
210#else
211 int rv = strerror_r(error, dst, lim);
212
213 if (0 == rv)
214 return dst;
215#endif
216
217 /*
218 * glibc snprintf can fail on memory pressure, so format our number
219 * manually.
220 */
221 n = MIN(sizeof unknown - 1, lim);
222 memcpy(dst, unknown, n);
223
224 return xitoa(&dst[n], lim - n, error);
225} /* xstrerror_r() */
226
227
228static void *prepudata(lua_State *L, size_t size, const char *tname, int (*gc)(lua_State *)) { 199static void *prepudata(lua_State *L, size_t size, const char *tname, int (*gc)(lua_State *)) {
229 void *p = memset(lua_newuserdata(L, size), 0, size); 200 void *p = memset(lua_newuserdata(L, size), 0, size);
230 201
@@ -278,40 +249,6 @@ static void *testsimple(lua_State *L, int index, const char *tname) {
278} /* testsimple() */ 249} /* testsimple() */
279 250
280 251
281static const char *pusherror(lua_State *L, const char *fun) {
282 unsigned long code;
283 const char *path, *file;
284 int line;
285 char txt[256];
286
287 if (!ERR_peek_error())
288 return lua_pushstring(L, "oops: no OpenSSL errors set");
289
290 code = ERR_get_error_line(&path, &line);
291
292 if ((file = strrchr(path, '/')))
293 ++file;
294 else
295 file = path;
296
297 ERR_clear_error();
298
299 ERR_error_string_n(code, txt, sizeof txt);
300
301 if (fun)
302 return lua_pushfstring(L, "%s: %s:%d:%s", fun, file, line, txt);
303 else
304 return lua_pushfstring(L, "%s:%d:%s", file, line, txt);
305} /* pusherror() */
306
307
308static int throwssl(lua_State *L, const char *fun) {
309 pusherror(L, fun);
310
311 return lua_error(L);
312} /* throwssl() */
313
314
315static int interpose(lua_State *L, const char *mt) { 252static int interpose(lua_State *L, const char *mt) {
316 luaL_getmetatable(L, mt); 253 luaL_getmetatable(L, mt);
317 254
@@ -510,6 +447,69 @@ static const char *pushnid(lua_State *L, int nid) {
510 447
511 448
512/* 449/*
450 * Auxiliary C routines
451 *
452 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
453
454#define aux_strerror(error) aux_strerror_r((error), (char[256]){ 0 }, 256)
455
456static const char *aux_strerror_r(int error, char *dst, size_t lim) {
457 static const char unknown[] = "Unknown error: ";
458 size_t n;
459
460#if STRERROR_R_CHAR_P
461 char *rv = strerror_r(error, dst, lim);
462
463 if (rv != NULL)
464 return dst;
465#else
466 int rv = strerror_r(error, dst, lim);
467
468 if (0 == rv)
469 return dst;
470#endif
471
472 /*
473 * glibc snprintf can fail on memory pressure, so format our number
474 * manually.
475 */
476 n = MIN(sizeof unknown - 1, lim);
477 memcpy(dst, unknown, n);
478
479 return xitoa(&dst[n], lim - n, error);
480} /* aux_strerror_r() */
481
482
483/*
484 * Auxiliary Lua API routines
485 *
486 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
487
488typedef int auxref_t;
489typedef int auxtype_t;
490
491static void auxL_unref(lua_State *L, auxref_t *ref) {
492 luaL_unref(L, LUA_REGISTRYINDEX, *ref);
493 *ref = LUA_NOREF;
494} /* auxL_unref() */
495
496static void auxL_ref(lua_State *L, int index, auxref_t *ref) {
497 auxL_unref(L, ref);
498 lua_pushvalue(L, index);
499 *ref = luaL_ref(L, LUA_REGISTRYINDEX);
500} /* auxL_ref() */
501
502static auxtype_t auxL_getref(lua_State *L, auxref_t ref) {
503 if (ref == LUA_NOREF || ref == LUA_REFNIL) {
504 lua_pushnil(L);
505 } else {
506 lua_rawgeti(L, LUA_REGISTRYINDEX, ref);
507 }
508
509 return lua_type(L, -1);
510} /* auxL_getref() */
511
512/*
513 * Lua 5.3 distinguishes integers and numbers, and by default uses 64-bit 513 * Lua 5.3 distinguishes integers and numbers, and by default uses 64-bit
514 * integers. The following routines try to preserve this distinction and 514 * integers. The following routines try to preserve this distinction and
515 * where possible detect range issues. 515 * where possible detect range issues.
@@ -518,14 +518,13 @@ static const char *pushnid(lua_State *L, int nid) {
518 * sizeof lua_Integer <= sizeof long long. Which is a safe bet where OpenSSL 518 * sizeof lua_Integer <= sizeof long long. Which is a safe bet where OpenSSL
519 * is typically used. 519 * is typically used.
520 */ 520 */
521#define lib_Integer long long 521#define auxL_Integer long long
522#define lib_Unsigned unsigned long long 522#define auxL_Unsigned unsigned long long
523 523
524#define lua_IntegerMax ((1ULL << (sizeof (lua_Integer) * 8 - 1)) - 1) 524#define lua_IntegerMax ((1ULL << (sizeof (lua_Integer) * 8 - 1)) - 1)
525#define lua_IntegerMin (-lua_IntegerMax - 1) 525#define lua_IntegerMin (-lua_IntegerMax - 1)
526 526
527 527static void auxL_pushinteger(lua_State *L, auxL_Integer i) {
528static void lib_pushinteger(lua_State *L, lib_Integer i) {
529 /* 528 /*
530 * TODO: Check value explicitly, but will need to silence compiler 529 * TODO: Check value explicitly, but will need to silence compiler
531 * diagnostics about useless comparisons. 530 * diagnostics about useless comparisons.
@@ -536,71 +535,85 @@ static void lib_pushinteger(lua_State *L, lib_Integer i) {
536 /* TODO: Check overflow. */ 535 /* TODO: Check overflow. */
537 lua_pushnumber(L, i); 536 lua_pushnumber(L, i);
538 } 537 }
539} /* lib_pushinteger() */ 538} /* auxL_pushinteger() */
540
541 539
542NOTUSED static void lib_pushunsigned(lua_State *L, lib_Unsigned i) { 540NOTUSED static void auxL_pushunsigned(lua_State *L, auxL_Unsigned i) {
543 if (i <= lua_IntegerMax) { 541 if (i <= lua_IntegerMax) {
544 lua_pushinteger(L, i); 542 lua_pushinteger(L, i);
545 } else if (i == (lib_Unsigned)(lua_Number)i) { 543 } else if (i == (auxL_Unsigned)(lua_Number)i) {
546 lua_pushnumber(L, i); 544 lua_pushnumber(L, i);
547 } else { 545 } else {
548 luaL_error(L, "unsigned integer value not representable as lua_Integer or lua_Number"); 546 luaL_error(L, "unsigned integer value not representable as lua_Integer or lua_Number");
549 } 547 }
550} /* lib_pushunsigned() */ 548} /* auxL_pushunsigned() */
551
552 549
553static lib_Integer lib_checkinteger(lua_State *L, int index) { 550static auxL_Integer auxL_checkinteger(lua_State *L, int index) {
554 if (sizeof (lua_Integer) >= sizeof (lib_Integer)) { 551 if (sizeof (lua_Integer) >= sizeof (auxL_Integer)) {
555 return luaL_checkinteger(L, index); 552 return luaL_checkinteger(L, index);
556 } else { 553 } else {
557 /* TODO: Check overflow. */ 554 /* TODO: Check overflow. */
558 return (lib_Integer)luaL_checknumber(L, index); 555 return (auxL_Integer)luaL_checknumber(L, index);
559 } 556 }
560} /* lib_checkinteger() */ 557} /* auxL_checkinteger() */
561
562 558
563typedef struct { 559typedef struct {
564 const char *name; 560 const char *name;
565 lib_Integer value; 561 auxL_Integer value;
566} integer_Reg; 562} auxL_IntegerReg;
567 563
568static void lib_setintegers(lua_State *L, const integer_Reg *l) { 564static void auxL_setintegers(lua_State *L, const auxL_IntegerReg *l) {
569 for (; l->name; l++) { 565 for (; l->name; l++) {
570 lib_pushinteger(L, l->value); 566 auxL_pushinteger(L, l->value);
571 lua_setfield(L, -2, l->name); 567 lua_setfield(L, -2, l->name);
572 } 568 }
573} /* lib_setintegers() */ 569} /* auxL_setintegers() */
574 570
571#define auxL_EDYLD -2
572#define auxL_EOPENSSL -1
575 573
576/* 574static const char *auxL_pusherror(lua_State *L, int error, const char *fun) {
577 * Auxiliary Lua API routines 575 if (error == auxL_EOPENSSL) {
578 * 576 unsigned long code;
579 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ 577 const char *path, *file;
578 int line;
579 char txt[256];
580 580
581typedef int auxref_t; 581 if (!ERR_peek_error())
582typedef int auxtype_t; 582 return lua_pushstring(L, "oops: no OpenSSL errors set");
583 583
584static void auxL_unref(lua_State *L, auxref_t *ref) { 584 code = ERR_get_error_line(&path, &line);
585 luaL_unref(L, LUA_REGISTRYINDEX, *ref);
586 *ref = LUA_NOREF;
587} /* auxL_unref() */
588 585
589static void auxL_ref(lua_State *L, int index, auxref_t *ref) { 586 if ((file = strrchr(path, '/'))) {
590 auxL_unref(L, ref); 587 ++file;
591 lua_pushvalue(L, index); 588 } else {
592 *ref = luaL_ref(L, LUA_REGISTRYINDEX); 589 file = path;
593} /* auxL_ref() */ 590 }
594 591
595static auxtype_t auxL_getref(lua_State *L, auxref_t ref) { 592 ERR_clear_error();
596 if (ref == LUA_NOREF || ref == LUA_REFNIL) { 593
597 lua_pushnil(L); 594 ERR_error_string_n(code, txt, sizeof txt);
595
596 if (fun) {
597 return lua_pushfstring(L, "%s: %s:%d:%s", fun, file, line, txt);
598 } else {
599 return lua_pushfstring(L, "%s:%d:%s", file, line, txt);
600 }
601 } else if (error == auxL_EDYLD) {
602 const char *const fmt = (fun)? "%s: %s" : "%.0s%s";
603
604 return lua_pushfstring(L, fmt, (fun)? fun : "", dlerror());
598 } else { 605 } else {
599 lua_rawgeti(L, LUA_REGISTRYINDEX, ref); 606 const char *const fmt = (fun)? "%s: %s" : "%.0s%s";
607
608 return lua_pushfstring(L, fmt, (fun)? fun : "", aux_strerror(error));
600 } 609 }
610} /* auxL_pusherror() */
601 611
602 return lua_type(L, -1); 612static int auxL_error(lua_State *L, int error, const char *fun) {
603} /* auxL_getref() */ 613 auxL_pusherror(L, error, fun);
614
615 return lua_error(L);
616} /* auxL_error() */
604 617
605 618
606/* 619/*
@@ -636,7 +649,7 @@ epilog:
636 649
637 return error; 650 return error;
638dlerr: 651dlerr:
639 error = -2; 652 error = auxL_EDYLD;
640 653
641 goto epilog; 654 goto epilog;
642#else 655#else
@@ -845,7 +858,7 @@ epilog:
845 858
846 return error; 859 return error;
847sslerr: 860sslerr:
848 error = -1; 861 error = auxL_EOPENSSL;
849 862
850 goto epilog; 863 goto epilog;
851} /* compat_init() */ 864} /* compat_init() */
@@ -946,7 +959,7 @@ epilog:
946 959
947 return error; 960 return error;
948sslerr: 961sslerr:
949 error = -1; 962 error = auxL_EOPENSSL;
950 963
951 goto epilog; 964 goto epilog;
952} /* ex_init() */ 965} /* ex_init() */
@@ -1249,7 +1262,7 @@ int luaopen__openssl(lua_State *L) {
1249 } 1262 }
1250 } 1263 }
1251 1264
1252 lib_pushinteger(L, OPENSSL_VERSION_NUMBER); 1265 auxL_pushinteger(L, OPENSSL_VERSION_NUMBER);
1253 lua_setfield(L, -2, "VERSION_NUMBER"); 1266 lua_setfield(L, -2, "VERSION_NUMBER");
1254 1267
1255 lua_pushstring(L, OPENSSL_VERSION_TEXT); 1268 lua_pushstring(L, OPENSSL_VERSION_TEXT);
@@ -1274,7 +1287,7 @@ static BIGNUM *bn_push(lua_State *L) {
1274 BIGNUM **ud = prepsimple(L, BIGNUM_CLASS); 1287 BIGNUM **ud = prepsimple(L, BIGNUM_CLASS);
1275 1288
1276 if (!(*ud = BN_new())) 1289 if (!(*ud = BN_new()))
1277 throwssl(L, "bignum.new"); 1290 auxL_error(L, auxL_EOPENSSL, "bignum.new");
1278 1291
1279 return *ud; 1292 return *ud;
1280} /* bn_push() */ 1293} /* bn_push() */
@@ -1392,7 +1405,7 @@ static BIGNUM *(checkbig)(lua_State *L, int index, _Bool *lvalue) {
1392 bn = prepsimple(L, BIGNUM_CLASS); 1405 bn = prepsimple(L, BIGNUM_CLASS);
1393 1406
1394 if (!BN_dec2bn(bn, dec)) 1407 if (!BN_dec2bn(bn, dec))
1395 throwssl(L, "bignum"); 1408 auxL_error(L, auxL_EOPENSSL, "bignum");
1396 1409
1397 lua_replace(L, index); 1410 lua_replace(L, index);
1398 1411
@@ -1403,7 +1416,7 @@ static BIGNUM *(checkbig)(lua_State *L, int index, _Bool *lvalue) {
1403 bn = prepsimple(L, BIGNUM_CLASS); 1416 bn = prepsimple(L, BIGNUM_CLASS);
1404 1417
1405 if (!f2bn(bn, lua_tonumber(L, index))) 1418 if (!f2bn(bn, lua_tonumber(L, index)))
1406 throwssl(L, "bignum"); 1419 auxL_error(L, auxL_EOPENSSL, "bignum");
1407 1420
1408 lua_replace(L, index); 1421 lua_replace(L, index);
1409 1422
@@ -1461,7 +1474,7 @@ static BN_CTX *getctx(lua_State *L) {
1461 ctx = prepsimple(L, NULL, &ctx__gc); 1474 ctx = prepsimple(L, NULL, &ctx__gc);
1462 1475
1463 if (!(*ctx = BN_CTX_new())) 1476 if (!(*ctx = BN_CTX_new()))
1464 throwssl(L, "bignum"); 1477 auxL_error(L, auxL_EOPENSSL, "bignum");
1465 1478
1466 lua_pushcfunction(L, &ctx__gc); 1479 lua_pushcfunction(L, &ctx__gc);
1467 lua_pushvalue(L, -2); 1480 lua_pushvalue(L, -2);
@@ -1481,7 +1494,7 @@ static int bn__add(lua_State *L) {
1481 bn_prepops(L, &r, &a, &b, 1); 1494 bn_prepops(L, &r, &a, &b, 1);
1482 1495
1483 if (!BN_add(r, a, b)) 1496 if (!BN_add(r, a, b))
1484 return throwssl(L, "bignum:__add"); 1497 return auxL_error(L, auxL_EOPENSSL, "bignum:__add");
1485 1498
1486 return 1; 1499 return 1;
1487} /* bn__add() */ 1500} /* bn__add() */
@@ -1493,7 +1506,7 @@ static int bn__sub(lua_State *L) {
1493 bn_prepops(L, &r, &a, &b, 0); 1506 bn_prepops(L, &r, &a, &b, 0);
1494 1507
1495 if (!BN_sub(r, a, b)) 1508 if (!BN_sub(r, a, b))
1496 return throwssl(L, "bignum:__sub"); 1509 return auxL_error(L, auxL_EOPENSSL, "bignum:__sub");
1497 1510
1498 return 1; 1511 return 1;
1499} /* bn__sub() */ 1512} /* bn__sub() */
@@ -1505,7 +1518,7 @@ static int bn__mul(lua_State *L) {
1505 bn_prepops(L, &r, &a, &b, 1); 1518 bn_prepops(L, &r, &a, &b, 1);
1506 1519
1507 if (!BN_mul(r, a, b, getctx(L))) 1520 if (!BN_mul(r, a, b, getctx(L)))
1508 return throwssl(L, "bignum:__mul"); 1521 return auxL_error(L, auxL_EOPENSSL, "bignum:__mul");
1509 1522
1510 return 1; 1523 return 1;
1511} /* bn__mul() */ 1524} /* bn__mul() */
@@ -1518,7 +1531,7 @@ static int bn__div(lua_State *L) {
1518 bn_prepops(L, &r, &a, &b, 0); 1531 bn_prepops(L, &r, &a, &b, 0);
1519 1532
1520 if (!BN_div(r, NULL, a, b, getctx(L))) 1533 if (!BN_div(r, NULL, a, b, getctx(L)))
1521 return throwssl(L, "bignum:__div"); 1534 return auxL_error(L, auxL_EOPENSSL, "bignum:__div");
1522 1535
1523 return 1; 1536 return 1;
1524} /* bn__div() */ 1537} /* bn__div() */
@@ -1531,7 +1544,7 @@ static int bn__mod(lua_State *L) {
1531 bn_prepops(L, &r, &a, &b, 0); 1544 bn_prepops(L, &r, &a, &b, 0);
1532 1545
1533 if (!BN_mod(r, a, b, getctx(L))) 1546 if (!BN_mod(r, a, b, getctx(L)))
1534 return throwssl(L, "bignum:__mod"); 1547 return auxL_error(L, auxL_EOPENSSL, "bignum:__mod");
1535 1548
1536 return 1; 1549 return 1;
1537} /* bn__mod() */ 1550} /* bn__mod() */
@@ -1544,7 +1557,7 @@ static int bn__pow(lua_State *L) {
1544 bn_prepops(L, &r, &a, &b, 0); 1557 bn_prepops(L, &r, &a, &b, 0);
1545 1558
1546 if (!BN_exp(r, a, b, getctx(L))) 1559 if (!BN_exp(r, a, b, getctx(L)))
1547 return throwssl(L, "bignum:__pow"); 1560 return auxL_error(L, auxL_EOPENSSL, "bignum:__pow");
1548 1561
1549 return 1; 1562 return 1;
1550} /* bn__pow() */ 1563} /* bn__pow() */
@@ -1608,7 +1621,7 @@ static int bn__tostring(lua_State *L) {
1608 char *txt; 1621 char *txt;
1609 1622
1610 if (!(txt = BN_bn2dec(bn))) 1623 if (!(txt = BN_bn2dec(bn)))
1611 return throwssl(L, "bignum:__tostring"); 1624 return auxL_error(L, auxL_EOPENSSL, "bignum:__tostring");
1612 1625
1613 lua_pushstring(L, txt); 1626 lua_pushstring(L, txt);
1614 1627
@@ -1680,7 +1693,7 @@ static BIO *getbio(lua_State *L) {
1680 bio = prepsimple(L, NULL, &bio__gc); 1693 bio = prepsimple(L, NULL, &bio__gc);
1681 1694
1682 if (!(*bio = BIO_new(BIO_s_mem()))) 1695 if (!(*bio = BIO_new(BIO_s_mem())))
1683 throwssl(L, "BIO_new"); 1696 auxL_error(L, auxL_EOPENSSL, "BIO_new");
1684 1697
1685 lua_pushcfunction(L, &bio__gc); 1698 lua_pushcfunction(L, &bio__gc);
1686 lua_pushvalue(L, -2); 1699 lua_pushvalue(L, -2);
@@ -1753,14 +1766,14 @@ static int pk_new(lua_State *L) {
1753 1766
1754creat: 1767creat:
1755 if (!(*ud = EVP_PKEY_new())) 1768 if (!(*ud = EVP_PKEY_new()))
1756 return throwssl(L, "pkey.new"); 1769 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1757 1770
1758 switch (EVP_PKEY_type(type)) { 1771 switch (EVP_PKEY_type(type)) {
1759 case EVP_PKEY_RSA: { 1772 case EVP_PKEY_RSA: {
1760 RSA *rsa; 1773 RSA *rsa;
1761 1774
1762 if (!(rsa = RSA_generate_key(bits, exp, 0, 0))) 1775 if (!(rsa = RSA_generate_key(bits, exp, 0, 0)))
1763 return throwssl(L, "pkey.new"); 1776 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1764 1777
1765 EVP_PKEY_set1_RSA(*ud, rsa); 1778 EVP_PKEY_set1_RSA(*ud, rsa);
1766 1779
@@ -1772,11 +1785,11 @@ creat:
1772 DSA *dsa; 1785 DSA *dsa;
1773 1786
1774 if (!(dsa = DSA_generate_parameters(bits, 0, 0, 0, 0, 0, 0))) 1787 if (!(dsa = DSA_generate_parameters(bits, 0, 0, 0, 0, 0, 0)))
1775 return throwssl(L, "pkey.new"); 1788 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1776 1789
1777 if (!DSA_generate_key(dsa)) { 1790 if (!DSA_generate_key(dsa)) {
1778 DSA_free(dsa); 1791 DSA_free(dsa);
1779 return throwssl(L, "pkey.new"); 1792 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1780 } 1793 }
1781 1794
1782 EVP_PKEY_set1_DSA(*ud, dsa); 1795 EVP_PKEY_set1_DSA(*ud, dsa);
@@ -1789,11 +1802,11 @@ creat:
1789 DH *dh; 1802 DH *dh;
1790 1803
1791 if (!(dh = DH_generate_parameters(bits, exp, 0, 0))) 1804 if (!(dh = DH_generate_parameters(bits, exp, 0, 0)))
1792 return throwssl(L, "pkey.new"); 1805 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1793 1806
1794 if (!DH_generate_key(dh)) { 1807 if (!DH_generate_key(dh)) {
1795 DH_free(dh); 1808 DH_free(dh);
1796 return throwssl(L, "pkey.new"); 1809 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1797 } 1810 }
1798 1811
1799 EVP_PKEY_set1_DH(*ud, dh); 1812 EVP_PKEY_set1_DH(*ud, dh);
@@ -1808,7 +1821,7 @@ creat:
1808 EC_KEY *key; 1821 EC_KEY *key;
1809 1822
1810 if (!(grp = EC_GROUP_new_by_curve_name(curve))) 1823 if (!(grp = EC_GROUP_new_by_curve_name(curve)))
1811 return throwssl(L, "pkey.new"); 1824 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1812 1825
1813 EC_GROUP_set_asn1_flag(grp, OPENSSL_EC_NAMED_CURVE); 1826 EC_GROUP_set_asn1_flag(grp, OPENSSL_EC_NAMED_CURVE);
1814 1827
@@ -1817,7 +1830,7 @@ creat:
1817 1830
1818 if (!(key = EC_KEY_new())) { 1831 if (!(key = EC_KEY_new())) {
1819 EC_GROUP_free(grp); 1832 EC_GROUP_free(grp);
1820 return throwssl(L, "pkey.new"); 1833 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1821 } 1834 }
1822 1835
1823 EC_KEY_set_group(key, grp); 1836 EC_KEY_set_group(key, grp);
@@ -1826,7 +1839,7 @@ creat:
1826 1839
1827 if (!EC_KEY_generate_key(key)) { 1840 if (!EC_KEY_generate_key(key)) {
1828 EC_KEY_free(key); 1841 EC_KEY_free(key);
1829 return throwssl(L, "pkey.new"); 1842 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1830 } 1843 }
1831 1844
1832 EVP_PKEY_set1_EC_KEY(*ud, key); 1845 EVP_PKEY_set1_EC_KEY(*ud, key);
@@ -1862,7 +1875,7 @@ creat:
1862 data = luaL_checklstring(L, 1, &len); 1875 data = luaL_checklstring(L, 1, &len);
1863 1876
1864 if (!(bio = BIO_new_mem_buf((void *)data, len))) 1877 if (!(bio = BIO_new_mem_buf((void *)data, len)))
1865 return throwssl(L, "pkey.new"); 1878 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1866 1879
1867 if (type == X509_PEM || type == X509_ANY) { 1880 if (type == X509_PEM || type == X509_ANY) {
1868 if (!prvtonly && !pub) { 1881 if (!prvtonly && !pub) {
@@ -1936,7 +1949,7 @@ done:
1936 1949
1937 if (!*ud) { 1950 if (!*ud) {
1938 if (goterr) 1951 if (goterr)
1939 return throwssl(L, "pkey.new"); 1952 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1940 1953
1941 /* we should never get here */ 1954 /* we should never get here */
1942 return luaL_error(L, "failed to load key for some unexpected reason"); 1955 return luaL_error(L, "failed to load key for some unexpected reason");
@@ -1978,7 +1991,7 @@ static int pk_setPublicKey(lua_State *L) {
1978 type = optencoding(L, 3, "*", X509_ANY|X509_PEM|X509_DER); 1991 type = optencoding(L, 3, "*", X509_ANY|X509_PEM|X509_DER);
1979 1992
1980 if (!(bio = BIO_new_mem_buf((void *)data, len))) 1993 if (!(bio = BIO_new_mem_buf((void *)data, len)))
1981 return throwssl(L, "pkey.new"); 1994 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1982 1995
1983 if (type == X509_ANY || type == X509_PEM) { 1996 if (type == X509_ANY || type == X509_PEM) {
1984 ok = !!PEM_read_bio_PUBKEY(bio, key, 0, ""); 1997 ok = !!PEM_read_bio_PUBKEY(bio, key, 0, "");
@@ -1991,7 +2004,7 @@ static int pk_setPublicKey(lua_State *L) {
1991 BIO_free(bio); 2004 BIO_free(bio);
1992 2005
1993 if (!ok) 2006 if (!ok)
1994 return throwssl(L, "pkey.new"); 2007 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
1995 2008
1996 lua_pushboolean(L, 1); 2009 lua_pushboolean(L, 1);
1997 2010
@@ -2010,7 +2023,7 @@ static int pk_setPrivateKey(lua_State *L) {
2010 type = optencoding(L, 3, "*", X509_ANY|X509_PEM|X509_DER); 2023 type = optencoding(L, 3, "*", X509_ANY|X509_PEM|X509_DER);
2011 2024
2012 if (!(bio = BIO_new_mem_buf((void *)data, len))) 2025 if (!(bio = BIO_new_mem_buf((void *)data, len)))
2013 return throwssl(L, "pkey.new"); 2026 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
2014 2027
2015 if (type == X509_ANY || type == X509_PEM) { 2028 if (type == X509_ANY || type == X509_PEM) {
2016 ok = !!PEM_read_bio_PrivateKey(bio, key, 0, ""); 2029 ok = !!PEM_read_bio_PrivateKey(bio, key, 0, "");
@@ -2023,7 +2036,7 @@ static int pk_setPrivateKey(lua_State *L) {
2023 BIO_free(bio); 2036 BIO_free(bio);
2024 2037
2025 if (!ok) 2038 if (!ok)
2026 return throwssl(L, "pkey.new"); 2039 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
2027 2040
2028 lua_pushboolean(L, 1); 2041 lua_pushboolean(L, 1);
2029 2042
@@ -2044,7 +2057,7 @@ static int pk_sign(lua_State *L) {
2044 n = LUAL_BUFFERSIZE; 2057 n = LUAL_BUFFERSIZE;
2045 2058
2046 if (!EVP_SignFinal(md, (void *)luaL_prepbuffer(&B), &n, key)) 2059 if (!EVP_SignFinal(md, (void *)luaL_prepbuffer(&B), &n, key))
2047 return throwssl(L, "pkey:sign"); 2060 return auxL_error(L, auxL_EOPENSSL, "pkey:sign");
2048 2061
2049 luaL_addsize(&B, n); 2062 luaL_addsize(&B, n);
2050 luaL_pushresult(&B); 2063 luaL_pushresult(&B);
@@ -2070,7 +2083,7 @@ static int pk_verify(lua_State *L) {
2070 2083
2071 break; 2084 break;
2072 default: 2085 default:
2073 return throwssl(L, "pkey:verify"); 2086 return auxL_error(L, auxL_EOPENSSL, "pkey:verify");
2074 } 2087 }
2075 2088
2076 return 1; 2089 return 1;
@@ -2102,7 +2115,7 @@ static int pk_toPEM(lua_State *L) {
2102 switch (checkoption(L, i, NULL, opts)) { 2115 switch (checkoption(L, i, NULL, opts)) {
2103 case 0: case 1: /* public, PublicKey */ 2116 case 0: case 1: /* public, PublicKey */
2104 if (!PEM_write_bio_PUBKEY(bio, key)) 2117 if (!PEM_write_bio_PUBKEY(bio, key))
2105 return throwssl(L, "pkey:__tostring"); 2118 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2106 2119
2107 len = BIO_get_mem_data(bio, &pem); 2120 len = BIO_get_mem_data(bio, &pem);
2108 lua_pushlstring(L, pem, len); 2121 lua_pushlstring(L, pem, len);
@@ -2111,7 +2124,7 @@ static int pk_toPEM(lua_State *L) {
2111 break; 2124 break;
2112 case 2: case 3: /* private, PrivateKey */ 2125 case 2: case 3: /* private, PrivateKey */
2113 if (!PEM_write_bio_PrivateKey(bio, key, 0, 0, 0, 0, 0)) 2126 if (!PEM_write_bio_PrivateKey(bio, key, 0, 0, 0, 0, 0))
2114 return throwssl(L, "pkey:__tostring"); 2127 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2115 2128
2116 len = BIO_get_mem_data(bio, &pem); 2129 len = BIO_get_mem_data(bio, &pem);
2117 lua_pushlstring(L, pem, len); 2130 lua_pushlstring(L, pem, len);
@@ -2131,7 +2144,7 @@ static int pk_toPEM(lua_State *L) {
2131 DSA_free(dsa); 2144 DSA_free(dsa);
2132 2145
2133 if (!ok) 2146 if (!ok)
2134 return throwssl(L, "pkey:__tostring"); 2147 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2135 2148
2136 break; 2149 break;
2137 } 2150 }
@@ -2143,7 +2156,7 @@ static int pk_toPEM(lua_State *L) {
2143 DH_free(dh); 2156 DH_free(dh);
2144 2157
2145 if (!ok) 2158 if (!ok)
2146 return throwssl(L, "pkey:__tostring"); 2159 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2147 2160
2148 break; 2161 break;
2149 } 2162 }
@@ -2157,7 +2170,7 @@ static int pk_toPEM(lua_State *L) {
2157 EC_KEY_free(ec); 2170 EC_KEY_free(ec);
2158 2171
2159 if (!ok) 2172 if (!ok)
2160 return throwssl(L, "pkey:__tostring"); 2173 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2161 2174
2162 break; 2175 break;
2163 } 2176 }
@@ -2194,11 +2207,11 @@ static int pk__tostring(lua_State *L) {
2194 switch (type) { 2207 switch (type) {
2195 case X509_PEM: 2208 case X509_PEM:
2196 if (!PEM_write_bio_PUBKEY(bio, key)) 2209 if (!PEM_write_bio_PUBKEY(bio, key))
2197 return throwssl(L, "pkey:__tostring"); 2210 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2198 break; 2211 break;
2199 case X509_DER: 2212 case X509_DER:
2200 if (!i2d_PUBKEY_bio(bio, key)) 2213 if (!i2d_PUBKEY_bio(bio, key))
2201 return throwssl(L, "pkey:__tostring"); 2214 return auxL_error(L, auxL_EOPENSSL, "pkey:__tostring");
2202 break; 2215 break;
2203 } /* switch() */ 2216 } /* switch() */
2204 2217
@@ -2271,7 +2284,7 @@ static X509_NAME *xn_dup(lua_State *L, X509_NAME *name) {
2271 X509_NAME **ud = prepsimple(L, X509_NAME_CLASS); 2284 X509_NAME **ud = prepsimple(L, X509_NAME_CLASS);
2272 2285
2273 if (!(*ud = X509_NAME_dup(name))) 2286 if (!(*ud = X509_NAME_dup(name)))
2274 throwssl(L, "x509.name.dup"); 2287 auxL_error(L, auxL_EOPENSSL, "x509.name.dup");
2275 2288
2276 return *ud; 2289 return *ud;
2277} /* xn_dup() */ 2290} /* xn_dup() */
@@ -2281,7 +2294,7 @@ static int xn_new(lua_State *L) {
2281 X509_NAME **ud = prepsimple(L, X509_NAME_CLASS); 2294 X509_NAME **ud = prepsimple(L, X509_NAME_CLASS);
2282 2295
2283 if (!(*ud = X509_NAME_new())) 2296 if (!(*ud = X509_NAME_new()))
2284 return throwssl(L, "x509.name.new"); 2297 return auxL_error(L, auxL_EOPENSSL, "x509.name.new");
2285 2298
2286 return 1; 2299 return 1;
2287} /* xn_new() */ 2300} /* xn_new() */
@@ -2308,7 +2321,7 @@ static int xn_add(lua_State *L) {
2308 ASN1_OBJECT_free(obj); 2321 ASN1_OBJECT_free(obj);
2309 2322
2310 if (!ok) 2323 if (!ok)
2311 return throwssl(L, "x509.name:add"); 2324 return auxL_error(L, auxL_EOPENSSL, "x509.name:add");
2312 2325
2313 lua_pushvalue(L, 1); 2326 lua_pushvalue(L, 1);
2314 2327
@@ -2337,7 +2350,7 @@ static int xn_all(lua_State *L) {
2337 nid = OBJ_obj2nid(obj); 2350 nid = OBJ_obj2nid(obj);
2338 2351
2339 if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1))) 2352 if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1)))
2340 return throwssl(L, "x509.name:all"); 2353 return auxL_error(L, auxL_EOPENSSL, "x509.name:all");
2341 2354
2342 lua_pushlstring(L, txt, len); 2355 lua_pushlstring(L, txt, len);
2343 2356
@@ -2391,7 +2404,7 @@ static int xn__next(lua_State *L) {
2391 lua_pushstring(L, id); 2404 lua_pushstring(L, id);
2392 } else { 2405 } else {
2393 if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1))) 2406 if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1)))
2394 return throwssl(L, "x509.name:__pairs"); 2407 return auxL_error(L, auxL_EOPENSSL, "x509.name:__pairs");
2395 2408
2396 lua_pushlstring(L, txt, len); 2409 lua_pushlstring(L, txt, len);
2397 } 2410 }
@@ -2481,7 +2494,7 @@ static GENERAL_NAMES *gn_dup(lua_State *L, GENERAL_NAMES *gens) {
2481 GENERAL_NAMES **ud = prepsimple(L, X509_GENS_CLASS); 2494 GENERAL_NAMES **ud = prepsimple(L, X509_GENS_CLASS);
2482 2495
2483 if (!(*ud = sk_GENERAL_NAME_dup(gens))) 2496 if (!(*ud = sk_GENERAL_NAME_dup(gens)))
2484 throwssl(L, "x509.altname.dup"); 2497 auxL_error(L, auxL_EOPENSSL, "x509.altname.dup");
2485 2498
2486 return *ud; 2499 return *ud;
2487} /* gn_dup() */ 2500} /* gn_dup() */
@@ -2491,7 +2504,7 @@ static int gn_new(lua_State *L) {
2491 GENERAL_NAMES **ud = prepsimple(L, X509_GENS_CLASS); 2504 GENERAL_NAMES **ud = prepsimple(L, X509_GENS_CLASS);
2492 2505
2493 if (!(*ud = sk_GENERAL_NAME_new_null())) 2506 if (!(*ud = sk_GENERAL_NAME_new_null()))
2494 return throwssl(L, "x509.altname.new"); 2507 return auxL_error(L, auxL_EOPENSSL, "x509.altname.new");
2495 2508
2496 return 1; 2509 return 1;
2497} /* gn_new() */ 2510} /* gn_new() */
@@ -2591,7 +2604,7 @@ text:
2591error: 2604error:
2592 GENERAL_NAME_free(gen); 2605 GENERAL_NAME_free(gen);
2593 2606
2594 return throwssl(L, "x509.altname:add"); 2607 return auxL_error(L, auxL_EOPENSSL, "x509.altname:add");
2595} /* gn_add() */ 2608} /* gn_add() */
2596 2609
2597 2610
@@ -2778,7 +2791,7 @@ error:
2778 if (conf) 2791 if (conf)
2779 NCONF_free(conf); 2792 NCONF_free(conf);
2780 2793
2781 return throwssl(L, "x509.extension.new"); 2794 return auxL_error(L, auxL_EOPENSSL, "x509.extension.new");
2782} /* xe_new() */ 2795} /* xe_new() */
2783 2796
2784 2797
@@ -2844,7 +2857,7 @@ static int xc_new(lua_State *L) {
2844 int ok = 0; 2857 int ok = 0;
2845 2858
2846 if (!(tmp = BIO_new_mem_buf((char *)data, len))) 2859 if (!(tmp = BIO_new_mem_buf((char *)data, len)))
2847 return throwssl(L, "x509.cert.new"); 2860 return auxL_error(L, auxL_EOPENSSL, "x509.cert.new");
2848 2861
2849 if (type == X509_PEM || type == X509_ANY) { 2862 if (type == X509_PEM || type == X509_ANY) {
2850 ok = !!(*ud = PEM_read_bio_X509(tmp, NULL, 0, "")); /* no password */ 2863 ok = !!(*ud = PEM_read_bio_X509(tmp, NULL, 0, "")); /* no password */
@@ -2857,10 +2870,10 @@ static int xc_new(lua_State *L) {
2857 BIO_free(tmp); 2870 BIO_free(tmp);
2858 2871
2859 if (!ok) 2872 if (!ok)
2860 return throwssl(L, "x509.cert.new"); 2873 return auxL_error(L, auxL_EOPENSSL, "x509.cert.new");
2861 } else { 2874 } else {
2862 if (!(*ud = X509_new())) 2875 if (!(*ud = X509_new()))
2863 return throwssl(L, "x509.cert.new"); 2876 return auxL_error(L, auxL_EOPENSSL, "x509.cert.new");
2864 2877
2865 X509_gmtime_adj(X509_get_notBefore(*ud), 0); 2878 X509_gmtime_adj(X509_get_notBefore(*ud), 0);
2866 X509_gmtime_adj(X509_get_notAfter(*ud), 0); 2879 X509_gmtime_adj(X509_get_notAfter(*ud), 0);
@@ -2904,7 +2917,7 @@ static int xc_getSerial(lua_State *L) {
2904 2917
2905 if ((i = X509_get_serialNumber(crt))) { 2918 if ((i = X509_get_serialNumber(crt))) {
2906 if (!ASN1_INTEGER_to_BN(i, serial)) 2919 if (!ASN1_INTEGER_to_BN(i, serial))
2907 return throwssl(L, "x509.cert:getSerial"); 2920 return auxL_error(L, auxL_EOPENSSL, "x509.cert:getSerial");
2908 } 2921 }
2909 2922
2910 return 1; 2923 return 1;
@@ -2929,7 +2942,7 @@ static int xc_setSerial(lua_State *L) {
2929error: 2942error:
2930 ASN1_INTEGER_free(serial); 2943 ASN1_INTEGER_free(serial);
2931 2944
2932 return throwssl(L, "x509.cert:setSerial"); 2945 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setSerial");
2933} /* xc_setSerial() */ 2946} /* xc_setSerial() */
2934 2947
2935 2948
@@ -2953,7 +2966,7 @@ static int xc_digest(lua_State *L) {
2953 BIGNUM *bn = bn_push(L); 2966 BIGNUM *bn = bn_push(L);
2954 2967
2955 if (!BN_bin2bn(md, len, bn)) 2968 if (!BN_bin2bn(md, len, bn))
2956 return throwssl(L, "x509.cert:digest"); 2969 return auxL_error(L, auxL_EOPENSSL, "x509.cert:digest");
2957 2970
2958 break; 2971 break;
2959 } 2972 }
@@ -3172,11 +3185,11 @@ static int xc_setLifetime(lua_State *L) {
3172 ut = lua_tonumber(L, 2); 3185 ut = lua_tonumber(L, 2);
3173 3186
3174 if (!ASN1_TIME_set(X509_get_notBefore(crt), ut)) 3187 if (!ASN1_TIME_set(X509_get_notBefore(crt), ut))
3175 return throwssl(L, "x509.cert:setLifetime"); 3188 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setLifetime");
3176#if 0 3189#if 0
3177 } else if ((dt = luaL_optstring(L, 2, 0))) { 3190 } else if ((dt = luaL_optstring(L, 2, 0))) {
3178 if (!ASN1_TIME_set_string(X509_get_notBefore(crt), dt)) 3191 if (!ASN1_TIME_set_string(X509_get_notBefore(crt), dt))
3179 return throwssl(L, "x509.cert:setLifetime"); 3192 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setLifetime");
3180#endif 3193#endif
3181 } 3194 }
3182 3195
@@ -3184,11 +3197,11 @@ static int xc_setLifetime(lua_State *L) {
3184 ut = lua_tonumber(L, 3); 3197 ut = lua_tonumber(L, 3);
3185 3198
3186 if (!ASN1_TIME_set(X509_get_notAfter(crt), ut)) 3199 if (!ASN1_TIME_set(X509_get_notAfter(crt), ut))
3187 return throwssl(L, "x509.cert:setLifetime"); 3200 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setLifetime");
3188#if 0 3201#if 0
3189 } else if ((dt = luaL_optstring(L, 3, 0))) { 3202 } else if ((dt = luaL_optstring(L, 3, 0))) {
3190 if (!ASN1_TIME_set_string(X509_get_notAfter(crt), dt)) 3203 if (!ASN1_TIME_set_string(X509_get_notAfter(crt), dt))
3191 return throwssl(L, "x509.cert:setLifetime"); 3204 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setLifetime");
3192#endif 3205#endif
3193 } 3206 }
3194 3207
@@ -3216,7 +3229,7 @@ static int xc_setIssuer(lua_State *L) {
3216 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); 3229 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
3217 3230
3218 if (!X509_set_issuer_name(crt, name)) 3231 if (!X509_set_issuer_name(crt, name))
3219 return throwssl(L, "x509.cert:setIssuer"); 3232 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setIssuer");
3220 3233
3221 lua_pushboolean(L, 1); 3234 lua_pushboolean(L, 1);
3222 3235
@@ -3242,7 +3255,7 @@ static int xc_setSubject(lua_State *L) {
3242 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); 3255 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
3243 3256
3244 if (!X509_set_subject_name(crt, name)) 3257 if (!X509_set_subject_name(crt, name))
3245 return throwssl(L, "x509.cert:setSubject"); 3258 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setSubject");
3246 3259
3247 lua_pushboolean(L, 1); 3260 lua_pushboolean(L, 1);
3248 3261
@@ -3290,7 +3303,7 @@ static int xc_setIssuerAlt(lua_State *L) {
3290 GENERAL_NAMES *gens = checksimple(L, 2, X509_GENS_CLASS); 3303 GENERAL_NAMES *gens = checksimple(L, 2, X509_GENS_CLASS);
3291 3304
3292 if (!X509_add1_ext_i2d(crt, NID_issuer_alt_name, gens, 0, X509V3_ADD_REPLACE)) 3305 if (!X509_add1_ext_i2d(crt, NID_issuer_alt_name, gens, 0, X509V3_ADD_REPLACE))
3293 return throwssl(L, "x509.altname:setIssuerAlt"); 3306 return auxL_error(L, auxL_EOPENSSL, "x509.altname:setIssuerAlt");
3294 3307
3295 lua_pushboolean(L, 1); 3308 lua_pushboolean(L, 1);
3296 3309
@@ -3316,7 +3329,7 @@ static int xc_setSubjectAlt(lua_State *L) {
3316 GENERAL_NAMES *gens = checksimple(L, 2, X509_GENS_CLASS); 3329 GENERAL_NAMES *gens = checksimple(L, 2, X509_GENS_CLASS);
3317 3330
3318 if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, X509V3_ADD_REPLACE)) 3331 if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, X509V3_ADD_REPLACE))
3319 return throwssl(L, "x509.altname:setSubjectAlt"); 3332 return auxL_error(L, auxL_EOPENSSL, "x509.altname:setSubjectAlt");
3320 3333
3321 lua_pushboolean(L, 1); 3334 lua_pushboolean(L, 1);
3322 3335
@@ -3492,7 +3505,7 @@ static int xc_setBasicConstraint(lua_State *L) {
3492error: 3505error:
3493 BASIC_CONSTRAINTS_free(bs); 3506 BASIC_CONSTRAINTS_free(bs);
3494 3507
3495 return throwssl(L, "x509.cert:setBasicConstraint"); 3508 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setBasicConstraint");
3496} /* xc_setBasicConstraint() */ 3509} /* xc_setBasicConstraint() */
3497 3510
3498 3511
@@ -3522,7 +3535,7 @@ static int xc_addExtension(lua_State *L) {
3522 X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS); 3535 X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
3523 3536
3524 if (!X509_add_ext(crt, ext, -1)) 3537 if (!X509_add_ext(crt, ext, -1))
3525 return throwssl(L, "x509.cert:addExtension"); 3538 return auxL_error(L, auxL_EOPENSSL, "x509.cert:addExtension");
3526 3539
3527 lua_pushboolean(L, 1); 3540 lua_pushboolean(L, 1);
3528 3541
@@ -3572,7 +3585,7 @@ static int xc_getPublicKey(lua_State *L) {
3572 EVP_PKEY **key = prepsimple(L, PKEY_CLASS); 3585 EVP_PKEY **key = prepsimple(L, PKEY_CLASS);
3573 3586
3574 if (!(*key = X509_get_pubkey(crt))) 3587 if (!(*key = X509_get_pubkey(crt)))
3575 return throwssl(L, "x509.cert:getPublicKey"); 3588 return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKey");
3576 3589
3577 return 1; 3590 return 1;
3578} /* xc_getPublicKey() */ 3591} /* xc_getPublicKey() */
@@ -3583,7 +3596,7 @@ static int xc_setPublicKey(lua_State *L) {
3583 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); 3596 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
3584 3597
3585 if (!X509_set_pubkey(crt, key)) 3598 if (!X509_set_pubkey(crt, key))
3586 return throwssl(L, "x509.cert:setPublicKey"); 3599 return auxL_error(L, auxL_EOPENSSL, "x509.cert:setPublicKey");
3587 3600
3588 lua_pushboolean(L, 1); 3601 lua_pushboolean(L, 1);
3589 3602
@@ -3615,7 +3628,7 @@ static int xc_sign(lua_State *L) {
3615 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); 3628 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
3616 3629
3617 if (!X509_sign(crt, key, xc_signature(L, 3, key))) 3630 if (!X509_sign(crt, key, xc_signature(L, 3, key)))
3618 return throwssl(L, "x509.cert:sign"); 3631 return auxL_error(L, auxL_EOPENSSL, "x509.cert:sign");
3619 3632
3620 lua_pushboolean(L, 1); 3633 lua_pushboolean(L, 1);
3621 3634
@@ -3673,7 +3686,7 @@ static int xc_text(lua_State *L) {
3673 } 3686 }
3674 3687
3675 if (!X509_print_ex(bio, crt, 0, flags)) 3688 if (!X509_print_ex(bio, crt, 0, flags))
3676 return throwssl(L, "x509.cert:text"); 3689 return auxL_error(L, auxL_EOPENSSL, "x509.cert:text");
3677 3690
3678 len = BIO_get_mem_data(bio, &data); 3691 len = BIO_get_mem_data(bio, &data);
3679 3692
@@ -3693,11 +3706,11 @@ static int xc__tostring(lua_State *L) {
3693 switch (type) { 3706 switch (type) {
3694 case X509_PEM: 3707 case X509_PEM:
3695 if (!PEM_write_bio_X509(bio, crt)) 3708 if (!PEM_write_bio_X509(bio, crt))
3696 return throwssl(L, "x509.cert:__tostring"); 3709 return auxL_error(L, auxL_EOPENSSL, "x509.cert:__tostring");
3697 break; 3710 break;
3698 case X509_DER: 3711 case X509_DER:
3699 if (!i2d_X509_bio(bio, crt)) 3712 if (!i2d_X509_bio(bio, crt))
3700 return throwssl(L, "x509.cert:__tostring"); 3713 return auxL_error(L, auxL_EOPENSSL, "x509.cert:__tostring");
3701 break; 3714 break;
3702 } /* switch() */ 3715 } /* switch() */
3703 3716
@@ -3796,14 +3809,14 @@ static int xr_new(lua_State *L) {
3796 3809
3797 if ((crt = testsimple(L, 1, X509_CERT_CLASS))) { 3810 if ((crt = testsimple(L, 1, X509_CERT_CLASS))) {
3798 if (!(*ud = X509_to_X509_REQ(crt, 0, 0))) 3811 if (!(*ud = X509_to_X509_REQ(crt, 0, 0)))
3799 return throwssl(L, "x509.csr.new"); 3812 return auxL_error(L, auxL_EOPENSSL, "x509.csr.new");
3800 } else if ((data = luaL_optlstring(L, 1, NULL, &len))) { 3813 } else if ((data = luaL_optlstring(L, 1, NULL, &len))) {
3801 int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER); 3814 int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);
3802 BIO *tmp; 3815 BIO *tmp;
3803 int ok = 0; 3816 int ok = 0;
3804 3817
3805 if (!(tmp = BIO_new_mem_buf((char *)data, len))) 3818 if (!(tmp = BIO_new_mem_buf((char *)data, len)))
3806 return throwssl(L, "x509.csr.new"); 3819 return auxL_error(L, auxL_EOPENSSL, "x509.csr.new");
3807 3820
3808 if (type == X509_PEM || type == X509_ANY) { 3821 if (type == X509_PEM || type == X509_ANY) {
3809 ok = !!(*ud = PEM_read_bio_X509_REQ(tmp, NULL, 0, "")); /* no password */ 3822 ok = !!(*ud = PEM_read_bio_X509_REQ(tmp, NULL, 0, "")); /* no password */
@@ -3816,10 +3829,10 @@ static int xr_new(lua_State *L) {
3816 BIO_free(tmp); 3829 BIO_free(tmp);
3817 3830
3818 if (!ok) 3831 if (!ok)
3819 return throwssl(L, "x509.csr.new"); 3832 return auxL_error(L, auxL_EOPENSSL, "x509.csr.new");
3820 } else { 3833 } else {
3821 if (!(*ud = X509_REQ_new())) 3834 if (!(*ud = X509_REQ_new()))
3822 return throwssl(L, "x509.csr.new"); 3835 return auxL_error(L, auxL_EOPENSSL, "x509.csr.new");
3823 } 3836 }
3824 3837
3825 return 1; 3838 return 1;
@@ -3871,7 +3884,7 @@ static int xr_setSubject(lua_State *L) {
3871 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); 3884 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
3872 3885
3873 if (!X509_REQ_set_subject_name(csr, name)) 3886 if (!X509_REQ_set_subject_name(csr, name))
3874 return throwssl(L, "x509.csr:setSubject"); 3887 return auxL_error(L, auxL_EOPENSSL, "x509.csr:setSubject");
3875 3888
3876 lua_pushboolean(L, 1); 3889 lua_pushboolean(L, 1);
3877 3890
@@ -3884,7 +3897,7 @@ static int xr_getPublicKey(lua_State *L) {
3884 EVP_PKEY **key = prepsimple(L, PKEY_CLASS); 3897 EVP_PKEY **key = prepsimple(L, PKEY_CLASS);
3885 3898
3886 if (!(*key = X509_REQ_get_pubkey(csr))) 3899 if (!(*key = X509_REQ_get_pubkey(csr)))
3887 return throwssl(L, "x509.cert:getPublicKey"); 3900 return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKey");
3888 3901
3889 return 1; 3902 return 1;
3890} /* xr_getPublicKey() */ 3903} /* xr_getPublicKey() */
@@ -3895,7 +3908,7 @@ static int xr_setPublicKey(lua_State *L) {
3895 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); 3908 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
3896 3909
3897 if (!X509_REQ_set_pubkey(csr, key)) 3910 if (!X509_REQ_set_pubkey(csr, key))
3898 return throwssl(L, "x509.csr:setPublicKey"); 3911 return auxL_error(L, auxL_EOPENSSL, "x509.csr:setPublicKey");
3899 3912
3900 lua_pushboolean(L, 1); 3913 lua_pushboolean(L, 1);
3901 3914
@@ -3908,7 +3921,7 @@ static int xr_sign(lua_State *L) {
3908 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); 3921 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
3909 3922
3910 if (!X509_REQ_sign(csr, key, xc_signature(L, 3, key))) 3923 if (!X509_REQ_sign(csr, key, xc_signature(L, 3, key)))
3911 return throwssl(L, "x509.csr:sign"); 3924 return auxL_error(L, auxL_EOPENSSL, "x509.csr:sign");
3912 3925
3913 lua_pushboolean(L, 1); 3926 lua_pushboolean(L, 1);
3914 3927
@@ -3926,11 +3939,11 @@ static int xr__tostring(lua_State *L) {
3926 switch (type) { 3939 switch (type) {
3927 case X509_PEM: 3940 case X509_PEM:
3928 if (!PEM_write_bio_X509_REQ(bio, csr)) 3941 if (!PEM_write_bio_X509_REQ(bio, csr))
3929 return throwssl(L, "x509.csr:__tostring"); 3942 return auxL_error(L, auxL_EOPENSSL, "x509.csr:__tostring");
3930 break; 3943 break;
3931 case X509_DER: 3944 case X509_DER:
3932 if (!i2d_X509_REQ_bio(bio, csr)) 3945 if (!i2d_X509_REQ_bio(bio, csr))
3933 return throwssl(L, "x509.csr:__tostring"); 3946 return auxL_error(L, auxL_EOPENSSL, "x509.csr:__tostring");
3934 break; 3947 break;
3935 } /* switch() */ 3948 } /* switch() */
3936 3949
@@ -4007,7 +4020,7 @@ static int xx_new(lua_State *L) {
4007 int ok = 0; 4020 int ok = 0;
4008 4021
4009 if (!(tmp = BIO_new_mem_buf((char *)data, len))) 4022 if (!(tmp = BIO_new_mem_buf((char *)data, len)))
4010 return throwssl(L, "x509.crl.new"); 4023 return auxL_error(L, auxL_EOPENSSL, "x509.crl.new");
4011 4024
4012 if (type == X509_PEM || type == X509_ANY) { 4025 if (type == X509_PEM || type == X509_ANY) {
4013 ok = !!(*ud = PEM_read_bio_X509_CRL(tmp, NULL, 0, "")); /* no password */ 4026 ok = !!(*ud = PEM_read_bio_X509_CRL(tmp, NULL, 0, "")); /* no password */
@@ -4020,10 +4033,10 @@ static int xx_new(lua_State *L) {
4020 BIO_free(tmp); 4033 BIO_free(tmp);
4021 4034
4022 if (!ok) 4035 if (!ok)
4023 return throwssl(L, "x509.crl.new"); 4036 return auxL_error(L, auxL_EOPENSSL, "x509.crl.new");
4024 } else { 4037 } else {
4025 if (!(*ud = X509_CRL_new())) 4038 if (!(*ud = X509_CRL_new()))
4026 return throwssl(L, "x509.crl.new"); 4039 return auxL_error(L, auxL_EOPENSSL, "x509.crl.new");
4027 4040
4028 X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0); 4041 X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
4029 } 4042 }
@@ -4083,7 +4096,7 @@ static int xx_setLastUpdate(lua_State *L) {
4083 4096
4084 /* lastUpdate always present */ 4097 /* lastUpdate always present */
4085 if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), updated)) 4098 if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), updated))
4086 return throwssl(L, "x509.crl:setLastUpdate"); 4099 return auxL_error(L, auxL_EOPENSSL, "x509.crl:setLastUpdate");
4087 4100
4088 lua_pushboolean(L, 1); 4101 lua_pushboolean(L, 1);
4089 4102
@@ -4136,7 +4149,7 @@ error:
4136 if (time) 4149 if (time)
4137 ASN1_TIME_free(time); 4150 ASN1_TIME_free(time);
4138 4151
4139 return throwssl(L, "x509.crl:setNextUpdate"); 4152 return auxL_error(L, auxL_EOPENSSL, "x509.crl:setNextUpdate");
4140} /* xx_setNextUpdate() */ 4153} /* xx_setNextUpdate() */
4141 4154
4142 4155
@@ -4158,7 +4171,7 @@ static int xx_setIssuer(lua_State *L) {
4158 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); 4171 X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
4159 4172
4160 if (!X509_CRL_set_issuer_name(crl, name)) 4173 if (!X509_CRL_set_issuer_name(crl, name))
4161 return throwssl(L, "x509.crl:setIssuer"); 4174 return auxL_error(L, auxL_EOPENSSL, "x509.crl:setIssuer");
4162 4175
4163 lua_pushboolean(L, 1); 4176 lua_pushboolean(L, 1);
4164 4177
@@ -4212,7 +4225,7 @@ error:
4212 if (rev) 4225 if (rev)
4213 X509_REVOKED_free(rev); 4226 X509_REVOKED_free(rev);
4214 4227
4215 return throwssl(L, "x509.crl:add"); 4228 return auxL_error(L, auxL_EOPENSSL, "x509.crl:add");
4216} /* xx_add() */ 4229} /* xx_add() */
4217 4230
4218 4231
@@ -4221,7 +4234,7 @@ static int xx_sign(lua_State *L) {
4221 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS); 4234 EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
4222 4235
4223 if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key))) 4236 if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key)))
4224 return throwssl(L, "x509.crl:sign"); 4237 return auxL_error(L, auxL_EOPENSSL, "x509.crl:sign");
4225 4238
4226 lua_pushboolean(L, 1); 4239 lua_pushboolean(L, 1);
4227 4240
@@ -4237,7 +4250,7 @@ static int xx_text(lua_State *L) {
4237 long len; 4250 long len;
4238 4251
4239 if (!X509_CRL_print(bio, crl)) 4252 if (!X509_CRL_print(bio, crl))
4240 return throwssl(L, "x509.crl:text"); 4253 return auxL_error(L, auxL_EOPENSSL, "x509.crl:text");
4241 4254
4242 len = BIO_get_mem_data(bio, &data); 4255 len = BIO_get_mem_data(bio, &data);
4243 4256
@@ -4257,11 +4270,11 @@ static int xx__tostring(lua_State *L) {
4257 switch (type) { 4270 switch (type) {
4258 case X509_PEM: 4271 case X509_PEM:
4259 if (!PEM_write_bio_X509_CRL(bio, crl)) 4272 if (!PEM_write_bio_X509_CRL(bio, crl))
4260 return throwssl(L, "x509.crl:__tostring"); 4273 return auxL_error(L, auxL_EOPENSSL, "x509.crl:__tostring");
4261 break; 4274 break;
4262 case X509_DER: 4275 case X509_DER:
4263 if (!i2d_X509_CRL_bio(bio, crl)) 4276 if (!i2d_X509_CRL_bio(bio, crl))
4264 return throwssl(L, "x509.crl:__tostring"); 4277 return auxL_error(L, auxL_EOPENSSL, "x509.crl:__tostring");
4265 break; 4278 break;
4266 } /* switch() */ 4279 } /* switch() */
4267 4280
@@ -4365,7 +4378,7 @@ static void xl_dup(lua_State *L, STACK_OF(X509) *src, _Bool copy) {
4365 4378
4366 return; 4379 return;
4367error: 4380error:
4368 throwssl(L, "sk_X509_dup"); 4381 auxL_error(L, auxL_EOPENSSL, "sk_X509_dup");
4369} /* xl_dup() */ 4382} /* xl_dup() */
4370 4383
4371 4384
@@ -4373,7 +4386,7 @@ static int xl_new(lua_State *L) {
4373 STACK_OF(X509) **chain = prepsimple(L, X509_CHAIN_CLASS); 4386 STACK_OF(X509) **chain = prepsimple(L, X509_CHAIN_CLASS);
4374 4387
4375 if (!(*chain = sk_X509_new_null())) 4388 if (!(*chain = sk_X509_new_null()))
4376 return throwssl(L, "x509.chain.new"); 4389 return auxL_error(L, auxL_EOPENSSL, "x509.chain.new");
4377 4390
4378 return 1; 4391 return 1;
4379} /* xl_new() */ 4392} /* xl_new() */
@@ -4390,11 +4403,11 @@ static int xl_add(lua_State *L) {
4390 X509 *dup; 4403 X509 *dup;
4391 4404
4392 if (!(dup = X509_dup(crt))) 4405 if (!(dup = X509_dup(crt)))
4393 return throwssl(L, "x509.chain:add"); 4406 return auxL_error(L, auxL_EOPENSSL, "x509.chain:add");
4394 4407
4395 if (!sk_X509_push(chain, dup)) { 4408 if (!sk_X509_push(chain, dup)) {
4396 X509_free(dup); 4409 X509_free(dup);
4397 return throwssl(L, "x509.chain:add"); 4410 return auxL_error(L, auxL_EOPENSSL, "x509.chain:add");
4398 } 4411 }
4399 4412
4400 lua_pushvalue(L, 1); 4413 lua_pushvalue(L, 1);
@@ -4421,7 +4434,7 @@ static int xl__next(lua_State *L) {
4421 ret = prepsimple(L, X509_CERT_CLASS); 4434 ret = prepsimple(L, X509_CERT_CLASS);
4422 4435
4423 if (!(*ret = X509_dup(crt))) 4436 if (!(*ret = X509_dup(crt)))
4424 return throwssl(L, "x509.chain:__next"); 4437 return auxL_error(L, auxL_EOPENSSL, "x509.chain:__next");
4425 4438
4426 break; 4439 break;
4427 } 4440 }
@@ -4489,7 +4502,7 @@ static int xs_new(lua_State *L) {
4489 X509_STORE **ud = prepsimple(L, X509_STORE_CLASS); 4502 X509_STORE **ud = prepsimple(L, X509_STORE_CLASS);
4490 4503
4491 if (!(*ud = X509_STORE_new())) 4504 if (!(*ud = X509_STORE_new()))
4492 return throwssl(L, "x509.store"); 4505 return auxL_error(L, auxL_EOPENSSL, "x509.store");
4493 4506
4494 return 1; 4507 return 1;
4495} /* xs_new() */ 4508} /* xs_new() */
@@ -4510,11 +4523,11 @@ static int xs_add(lua_State *L) {
4510 X509 *dup; 4523 X509 *dup;
4511 4524
4512 if (!(dup = X509_dup(crt))) 4525 if (!(dup = X509_dup(crt)))
4513 return throwssl(L, "x509.store:add"); 4526 return auxL_error(L, auxL_EOPENSSL, "x509.store:add");
4514 4527
4515 if (!X509_STORE_add_cert(store, dup)) { 4528 if (!X509_STORE_add_cert(store, dup)) {
4516 X509_free(dup); 4529 X509_free(dup);
4517 return throwssl(L, "x509.store:add"); 4530 return auxL_error(L, auxL_EOPENSSL, "x509.store:add");
4518 } 4531 }
4519 } else { 4532 } else {
4520 const char *path = luaL_checkstring(L, i); 4533 const char *path = luaL_checkstring(L, i);
@@ -4522,7 +4535,7 @@ static int xs_add(lua_State *L) {
4522 int ok; 4535 int ok;
4523 4536
4524 if (0 != stat(path, &st)) 4537 if (0 != stat(path, &st))
4525 return luaL_error(L, "%s: %s", path, xstrerror(errno)); 4538 return luaL_error(L, "%s: %s", path, aux_strerror(errno));
4526 4539
4527 if (S_ISDIR(st.st_mode)) 4540 if (S_ISDIR(st.st_mode))
4528 ok = X509_STORE_load_locations(store, NULL, path); 4541 ok = X509_STORE_load_locations(store, NULL, path);
@@ -4530,7 +4543,7 @@ static int xs_add(lua_State *L) {
4530 ok = X509_STORE_load_locations(store, path, NULL); 4543 ok = X509_STORE_load_locations(store, path, NULL);
4531 4544
4532 if (!ok) 4545 if (!ok)
4533 return throwssl(L, "x509.store:add"); 4546 return auxL_error(L, auxL_EOPENSSL, "x509.store:add");
4534 } 4547 }
4535 } 4548 }
4536 4549
@@ -4556,7 +4569,7 @@ static int xs_verify(lua_State *L) {
4556 int i, n; 4569 int i, n;
4557 4570
4558 if (!(chain = sk_X509_dup(checksimple(L, 3, X509_CHAIN_CLASS)))) 4571 if (!(chain = sk_X509_dup(checksimple(L, 3, X509_CHAIN_CLASS))))
4559 return throwssl(L, "x509.store:verify"); 4572 return auxL_error(L, auxL_EOPENSSL, "x509.store:verify");
4560 4573
4561 n = sk_X509_num(chain); 4574 n = sk_X509_num(chain);
4562 4575
@@ -4569,7 +4582,7 @@ static int xs_verify(lua_State *L) {
4569 4582
4570 if (!X509_STORE_CTX_init(&ctx, store, crt, chain)) { 4583 if (!X509_STORE_CTX_init(&ctx, store, crt, chain)) {
4571 sk_X509_pop_free(chain, X509_free); 4584 sk_X509_pop_free(chain, X509_free);
4572 return throwssl(L, "x509.store:verify"); 4585 return auxL_error(L, auxL_EOPENSSL, "x509.store:verify");
4573 } 4586 }
4574 4587
4575 ERR_clear_error(); 4588 ERR_clear_error();
@@ -4583,7 +4596,7 @@ static int xs_verify(lua_State *L) {
4583 X509_STORE_CTX_cleanup(&ctx); 4596 X509_STORE_CTX_cleanup(&ctx);
4584 4597
4585 if (!*proof) 4598 if (!*proof)
4586 return throwssl(L, "x509.store:verify"); 4599 return auxL_error(L, auxL_EOPENSSL, "x509.store:verify");
4587 4600
4588 lua_pushboolean(L, 1); 4601 lua_pushboolean(L, 1);
4589 lua_pushvalue(L, -2); 4602 lua_pushvalue(L, -2);
@@ -4601,7 +4614,7 @@ static int xs_verify(lua_State *L) {
4601 default: 4614 default:
4602 X509_STORE_CTX_cleanup(&ctx); 4615 X509_STORE_CTX_cleanup(&ctx);
4603 4616
4604 return throwssl(L, "x509.store:verify"); 4617 return auxL_error(L, auxL_EOPENSSL, "x509.store:verify");
4605 } 4618 }
4606} /* xs_verify() */ 4619} /* xs_verify() */
4607 4620
@@ -4659,7 +4672,7 @@ static int stx_new(lua_State *L) {
4659 STACK_OF(X509) *chain; 4672 STACK_OF(X509) *chain;
4660 4673
4661 if (!(*ud = X509_STORE_CTX_new())) 4674 if (!(*ud = X509_STORE_CTX_new()))
4662 return throwssl(L, "x509.store.context"); 4675 return auxL_error(L, auxL_EOPENSSL, "x509.store.context");
4663 4676
4664 return 1; 4677 return 1;
4665} /* stx_new() */ 4678} /* stx_new() */
@@ -4771,7 +4784,7 @@ error:
4771 if (no_kcert) 4784 if (no_kcert)
4772 luaL_argerror(L, 1, lua_pushfstring(L, "certificate matching the key not found")); 4785 luaL_argerror(L, 1, lua_pushfstring(L, "certificate matching the key not found"));
4773 4786
4774 return throwssl(L, "pkcs12.new"); 4787 return auxL_error(L, auxL_EOPENSSL, "pkcs12.new");
4775} /* p12_new() */ 4788} /* p12_new() */
4776 4789
4777 4790
@@ -4787,7 +4800,7 @@ static int p12__tostring(lua_State *L) {
4787 long len; 4800 long len;
4788 4801
4789 if (!i2d_PKCS12_bio(bio, p12)) 4802 if (!i2d_PKCS12_bio(bio, p12))
4790 return throwssl(L, "pkcs12:__tostring"); 4803 return auxL_error(L, auxL_EOPENSSL, "pkcs12:__tostring");
4791 4804
4792 len = BIO_get_mem_data(bio, &data); 4805 len = BIO_get_mem_data(bio, &data);
4793 4806
@@ -4908,7 +4921,7 @@ static int sx_new(lua_State *L) {
4908 ud = prepsimple(L, SSL_CTX_CLASS); 4921 ud = prepsimple(L, SSL_CTX_CLASS);
4909 4922
4910 if (!(*ud = SSL_CTX_new(method()))) 4923 if (!(*ud = SSL_CTX_new(method())))
4911 return throwssl(L, "ssl.context.new"); 4924 return auxL_error(L, auxL_EOPENSSL, "ssl.context.new");
4912 4925
4913 SSL_CTX_set_options(*ud, options); 4926 SSL_CTX_set_options(*ud, options);
4914 4927
@@ -4923,9 +4936,9 @@ static int sx_interpose(lua_State *L) {
4923 4936
4924static int sx_setOptions(lua_State *L) { 4937static int sx_setOptions(lua_State *L) {
4925 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); 4938 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
4926 lib_Integer options = lib_checkinteger(L, 2); 4939 auxL_Integer options = auxL_checkinteger(L, 2);
4927 4940
4928 lib_pushinteger(L, SSL_CTX_set_options(ctx, options)); 4941 auxL_pushinteger(L, SSL_CTX_set_options(ctx, options));
4929 4942
4930 return 1; 4943 return 1;
4931} /* sx_setOptions() */ 4944} /* sx_setOptions() */
@@ -4934,7 +4947,7 @@ static int sx_setOptions(lua_State *L) {
4934static int sx_getOptions(lua_State *L) { 4947static int sx_getOptions(lua_State *L) {
4935 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); 4948 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
4936 4949
4937 lib_pushinteger(L, SSL_CTX_get_options(ctx)); 4950 auxL_pushinteger(L, SSL_CTX_get_options(ctx));
4938 4951
4939 return 1; 4952 return 1;
4940} /* sx_getOptions() */ 4953} /* sx_getOptions() */
@@ -4942,9 +4955,9 @@ static int sx_getOptions(lua_State *L) {
4942 4955
4943static int sx_clearOptions(lua_State *L) { 4956static int sx_clearOptions(lua_State *L) {
4944 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); 4957 SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
4945 lib_Integer options = lib_checkinteger(L, 2); 4958 auxL_Integer options = auxL_checkinteger(L, 2);
4946 4959
4947 lib_pushinteger(L, SSL_CTX_clear_options(ctx, options)); 4960 auxL_pushinteger(L, SSL_CTX_clear_options(ctx, options));
4948 4961
4949 return 1; 4962 return 1;
4950} /* sx_clearOptions() */ 4963} /* sx_clearOptions() */
@@ -4998,7 +5011,7 @@ static int sx_setCertificate(lua_State *L) {
4998 X509_free(crt); 5011 X509_free(crt);
4999 5012
5000 if (!ok) 5013 if (!ok)
5001 return throwssl(L, "ssl.context:setCertificate"); 5014 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setCertificate");
5002 5015
5003 lua_pushboolean(L, 1); 5016 lua_pushboolean(L, 1);
5004 5017
@@ -5020,7 +5033,7 @@ static int sx_setPrivateKey(lua_State *L) {
5020 * private key is actually defined in the object. 5033 * private key is actually defined in the object.
5021 */ 5034 */
5022 if (!SSL_CTX_use_PrivateKey(ctx, key)) 5035 if (!SSL_CTX_use_PrivateKey(ctx, key))
5023 return throwssl(L, "ssl.context:setPrivateKey"); 5036 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setPrivateKey");
5024 5037
5025 lua_pushboolean(L, 1); 5038 lua_pushboolean(L, 1);
5026 5039
@@ -5033,7 +5046,7 @@ static int sx_setCipherList(lua_State *L) {
5033 const char *ciphers = luaL_checkstring(L, 2); 5046 const char *ciphers = luaL_checkstring(L, 2);
5034 5047
5035 if (!SSL_CTX_set_cipher_list(ctx, ciphers)) 5048 if (!SSL_CTX_set_cipher_list(ctx, ciphers))
5036 return throwssl(L, "ssl.context:setCipherList"); 5049 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setCipherList");
5037 5050
5038 lua_pushboolean(L, 1); 5051 lua_pushboolean(L, 1);
5039 5052
@@ -5054,26 +5067,26 @@ static int sx_setEphemeralKey(lua_State *L) {
5054 switch (EVP_PKEY_base_id(key)) { 5067 switch (EVP_PKEY_base_id(key)) {
5055 case EVP_PKEY_RSA: 5068 case EVP_PKEY_RSA:
5056 if (!(tmp = EVP_PKEY_get0(key))) 5069 if (!(tmp = EVP_PKEY_get0(key)))
5057 return throwssl(L, "ssl.context:setEphemeralKey"); 5070 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5058 5071
5059 if (!SSL_CTX_set_tmp_rsa(ctx, tmp)) 5072 if (!SSL_CTX_set_tmp_rsa(ctx, tmp))
5060 return throwssl(L, "ssl.context:setEphemeralKey"); 5073 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5061 5074
5062 break; 5075 break;
5063 case EVP_PKEY_DH: 5076 case EVP_PKEY_DH:
5064 if (!(tmp = EVP_PKEY_get0(key))) 5077 if (!(tmp = EVP_PKEY_get0(key)))
5065 return throwssl(L, "ssl.context:setEphemeralKey"); 5078 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5066 5079
5067 if (!SSL_CTX_set_tmp_dh(ctx, tmp)) 5080 if (!SSL_CTX_set_tmp_dh(ctx, tmp))
5068 return throwssl(L, "ssl.context:setEphemeralKey"); 5081 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5069 5082
5070 break; 5083 break;
5071 case EVP_PKEY_EC: 5084 case EVP_PKEY_EC:
5072 if (!(tmp = EVP_PKEY_get0(key))) 5085 if (!(tmp = EVP_PKEY_get0(key)))
5073 return throwssl(L, "ssl.context:setEphemeralKey"); 5086 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5074 5087
5075 if (!SSL_CTX_set_tmp_ecdh(ctx, tmp)) 5088 if (!SSL_CTX_set_tmp_ecdh(ctx, tmp))
5076 return throwssl(L, "ssl.context:setEphemeralKey"); 5089 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setEphemeralKey");
5077 5090
5078 break; 5091 break;
5079 default: 5092 default:
@@ -5102,9 +5115,9 @@ static int sx_setAlpnProtos(lua_State *L) {
5102 ERR_clear_error(); 5115 ERR_clear_error();
5103 if (0 != SSL_CTX_set_alpn_protos(ctx, (const unsigned char*)tmp, len)) { 5116 if (0 != SSL_CTX_set_alpn_protos(ctx, (const unsigned char*)tmp, len)) {
5104 if (!ERR_peek_error()) { 5117 if (!ERR_peek_error()) {
5105 return luaL_error(L, "unable to set ALPN protocols: %s", xstrerror(ENOMEM)); 5118 return luaL_error(L, "unable to set ALPN protocols: %s", aux_strerror(ENOMEM));
5106 } else { 5119 } else {
5107 return throwssl(L, "ssl.context:setAlpnProtos"); 5120 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setAlpnProtos");
5108 } 5121 }
5109 } 5122 }
5110 5123
@@ -5163,11 +5176,11 @@ static int sx_setAlpnSelect(lua_State *L) {
5163 luaL_checktype(L, 2, LUA_TFUNCTION); 5176 luaL_checktype(L, 2, LUA_TFUNCTION);
5164 if ((error = ex_setdata(L, EX_SSL_CTX_ALPN_SELECT_CB, ctx, 1))) { 5177 if ((error = ex_setdata(L, EX_SSL_CTX_ALPN_SELECT_CB, ctx, 1))) {
5165 if (error > 0) { 5178 if (error > 0) {
5166 return luaL_error(L, "unable to set ALPN protocol selection callback: %s", xstrerror(error)); 5179 return luaL_error(L, "unable to set ALPN protocol selection callback: %s", aux_strerror(error));
5167 } else if (!ERR_peek_error()) { 5180 } else if (!ERR_peek_error()) {
5168 return luaL_error(L, "unable to set ALPN protocol selection callback: Unknown internal error"); 5181 return luaL_error(L, "unable to set ALPN protocol selection callback: Unknown internal error");
5169 } else { 5182 } else {
5170 return throwssl(L, "ssl.context:setAlpnSelect"); 5183 return auxL_error(L, auxL_EOPENSSL, "ssl.context:setAlpnSelect");
5171 } 5184 }
5172 } 5185 }
5173 5186
@@ -5220,7 +5233,7 @@ static const luaL_Reg sx_globals[] = {
5220 { NULL, NULL }, 5233 { NULL, NULL },
5221}; 5234};
5222 5235
5223static const integer_Reg sx_verify[] = { 5236static const auxL_IntegerReg sx_verify[] = {
5224 { "VERIFY_NONE", SSL_VERIFY_NONE }, 5237 { "VERIFY_NONE", SSL_VERIFY_NONE },
5225 { "VERIFY_PEER", SSL_VERIFY_PEER }, 5238 { "VERIFY_PEER", SSL_VERIFY_PEER },
5226 { "VERIFY_FAIL_IF_NO_PEER_CERT", SSL_VERIFY_FAIL_IF_NO_PEER_CERT }, 5239 { "VERIFY_FAIL_IF_NO_PEER_CERT", SSL_VERIFY_FAIL_IF_NO_PEER_CERT },
@@ -5228,7 +5241,7 @@ static const integer_Reg sx_verify[] = {
5228 { NULL, 0 }, 5241 { NULL, 0 },
5229}; 5242};
5230 5243
5231static const integer_Reg sx_option[] = { 5244static const auxL_IntegerReg sx_option[] = {
5232 { "OP_MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG }, 5245 { "OP_MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG },
5233 { "OP_NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG }, 5246 { "OP_NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG },
5234 { "OP_LEGACY_SERVER_CONNECT", SSL_OP_LEGACY_SERVER_CONNECT }, 5247 { "OP_LEGACY_SERVER_CONNECT", SSL_OP_LEGACY_SERVER_CONNECT },
@@ -5278,8 +5291,8 @@ int luaopen__openssl_ssl_context(lua_State *L) {
5278 initall(L); 5291 initall(L);
5279 5292
5280 luaL_newlib(L, sx_globals); 5293 luaL_newlib(L, sx_globals);
5281 lib_setintegers(L, sx_verify); 5294 auxL_setintegers(L, sx_verify);
5282 lib_setintegers(L, sx_option); 5295 auxL_setintegers(L, sx_option);
5283 5296
5284 return 1; 5297 return 1;
5285} /* luaopen__openssl_ssl_context() */ 5298} /* luaopen__openssl_ssl_context() */
@@ -5313,9 +5326,9 @@ static int ssl_interpose(lua_State *L) {
5313 5326
5314static int ssl_setOptions(lua_State *L) { 5327static int ssl_setOptions(lua_State *L) {
5315 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS); 5328 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS);
5316 lib_Integer options = lib_checkinteger(L, 2); 5329 auxL_Integer options = auxL_checkinteger(L, 2);
5317 5330
5318 lib_pushinteger(L, SSL_set_options(ssl, options)); 5331 auxL_pushinteger(L, SSL_set_options(ssl, options));
5319 5332
5320 return 1; 5333 return 1;
5321} /* ssl_setOptions() */ 5334} /* ssl_setOptions() */
@@ -5324,7 +5337,7 @@ static int ssl_setOptions(lua_State *L) {
5324static int ssl_getOptions(lua_State *L) { 5337static int ssl_getOptions(lua_State *L) {
5325 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS); 5338 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS);
5326 5339
5327 lib_pushinteger(L, SSL_get_options(ssl)); 5340 auxL_pushinteger(L, SSL_get_options(ssl));
5328 5341
5329 return 1; 5342 return 1;
5330} /* ssl_getOptions() */ 5343} /* ssl_getOptions() */
@@ -5332,9 +5345,9 @@ static int ssl_getOptions(lua_State *L) {
5332 5345
5333static int ssl_clearOptions(lua_State *L) { 5346static int ssl_clearOptions(lua_State *L) {
5334 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS); 5347 SSL *ssl = checksimple(L, 1, SSL_CTX_CLASS);
5335 lib_Integer options = lib_checkinteger(L, 2); 5348 auxL_Integer options = auxL_checkinteger(L, 2);
5336 5349
5337 lib_pushinteger(L, SSL_clear_options(ssl, options)); 5350 auxL_pushinteger(L, SSL_clear_options(ssl, options));
5338 5351
5339 return 1; 5352 return 1;
5340} /* ssl_clearOptions() */ 5353} /* ssl_clearOptions() */
@@ -5408,7 +5421,7 @@ static int ssl_setHostName(lua_State *L) {
5408 const char *host = luaL_checkstring(L, 2); 5421 const char *host = luaL_checkstring(L, 2);
5409 5422
5410 if (!SSL_set_tlsext_host_name(ssl, host)) 5423 if (!SSL_set_tlsext_host_name(ssl, host))
5411 return throwssl(L, "ssl:setHostName"); 5424 return auxL_error(L, auxL_EOPENSSL, "ssl:setHostName");
5412 5425
5413 lua_pushboolean(L, 1); 5426 lua_pushboolean(L, 1);
5414 5427
@@ -5498,9 +5511,9 @@ static int ssl_setAlpnProtos(lua_State *L) {
5498 ERR_clear_error(); 5511 ERR_clear_error();
5499 if (0 != SSL_set_alpn_protos(ssl, (const unsigned char*)tmp, len)) { 5512 if (0 != SSL_set_alpn_protos(ssl, (const unsigned char*)tmp, len)) {
5500 if (!ERR_peek_error()) { 5513 if (!ERR_peek_error()) {
5501 return luaL_error(L, "unable to set ALPN protocols: %s", xstrerror(ENOMEM)); 5514 return luaL_error(L, "unable to set ALPN protocols: %s", aux_strerror(ENOMEM));
5502 } else { 5515 } else {
5503 return throwssl(L, "ssl:setAlpnProtos"); 5516 return auxL_error(L, auxL_EOPENSSL, "ssl:setAlpnProtos");
5504 } 5517 }
5505 } 5518 }
5506 5519
@@ -5554,7 +5567,7 @@ static const luaL_Reg ssl_globals[] = {
5554 { NULL, NULL }, 5567 { NULL, NULL },
5555}; 5568};
5556 5569
5557static const integer_Reg ssl_version[] = { 5570static const auxL_IntegerReg ssl_version[] = {
5558 { "SSL2_VERSION", SSL2_VERSION }, 5571 { "SSL2_VERSION", SSL2_VERSION },
5559 { "SSL3_VERSION", SSL3_VERSION }, 5572 { "SSL3_VERSION", SSL3_VERSION },
5560 { "TLS1_VERSION", TLS1_VERSION }, 5573 { "TLS1_VERSION", TLS1_VERSION },
@@ -5572,9 +5585,9 @@ int luaopen__openssl_ssl(lua_State *L) {
5572 initall(L); 5585 initall(L);
5573 5586
5574 luaL_newlib(L, ssl_globals); 5587 luaL_newlib(L, ssl_globals);
5575 lib_setintegers(L, ssl_version); 5588 auxL_setintegers(L, ssl_version);
5576 lib_setintegers(L, sx_verify); 5589 auxL_setintegers(L, sx_verify);
5577 lib_setintegers(L, sx_option); 5590 auxL_setintegers(L, sx_option);
5578 5591
5579 return 1; 5592 return 1;
5580} /* luaopen__openssl_ssl() */ 5593} /* luaopen__openssl_ssl() */
@@ -5605,7 +5618,7 @@ static int md_new(lua_State *L) {
5605 EVP_MD_CTX_init(ctx); 5618 EVP_MD_CTX_init(ctx);
5606 5619
5607 if (!EVP_DigestInit_ex(ctx, type, NULL)) 5620 if (!EVP_DigestInit_ex(ctx, type, NULL))
5608 return throwssl(L, "digest.new"); 5621 return auxL_error(L, auxL_EOPENSSL, "digest.new");
5609 5622
5610 return 1; 5623 return 1;
5611} /* md_new() */ 5624} /* md_new() */
@@ -5626,7 +5639,7 @@ static void md_update_(lua_State *L, EVP_MD_CTX *ctx, int from, int to) {
5626 p = luaL_checklstring(L, i, &n); 5639 p = luaL_checklstring(L, i, &n);
5627 5640
5628 if (!EVP_DigestUpdate(ctx, p, n)) 5641 if (!EVP_DigestUpdate(ctx, p, n))
5629 throwssl(L, "digest:update"); 5642 auxL_error(L, auxL_EOPENSSL, "digest:update");
5630 } 5643 }
5631} /* md_update_() */ 5644} /* md_update_() */
5632 5645
@@ -5651,7 +5664,7 @@ static int md_final(lua_State *L) {
5651 md_update_(L, ctx, 2, lua_gettop(L)); 5664 md_update_(L, ctx, 2, lua_gettop(L));
5652 5665
5653 if (!EVP_DigestFinal_ex(ctx, md, &len)) 5666 if (!EVP_DigestFinal_ex(ctx, md, &len))
5654 return throwssl(L, "digest:final"); 5667 return auxL_error(L, auxL_EOPENSSL, "digest:final");
5655 5668
5656 lua_pushlstring(L, (char *)md, len); 5669 lua_pushlstring(L, (char *)md, len);
5657 5670
@@ -5822,7 +5835,7 @@ static int cipher_new(lua_State *L) {
5822 EVP_CIPHER_CTX_init(ctx); 5835 EVP_CIPHER_CTX_init(ctx);
5823 5836
5824 if (!EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, -1)) 5837 if (!EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, -1))
5825 return throwssl(L, "cipher.new"); 5838 return auxL_error(L, auxL_EOPENSSL, "cipher.new");
5826 5839
5827 return 1; 5840 return 1;
5828} /* cipher_new() */ 5841} /* cipher_new() */
@@ -5860,7 +5873,7 @@ static int cipher_init(lua_State *L, _Bool encrypt) {
5860 5873
5861 return 1; 5874 return 1;
5862sslerr: 5875sslerr:
5863 return throwssl(L, (encrypt)? "cipher:encrypt" : "cipher:decrypt"); 5876 return auxL_error(L, auxL_EOPENSSL, (encrypt)? "cipher:encrypt" : "cipher:decrypt");
5864} /* cipher_init() */ 5877} /* cipher_init() */
5865 5878
5866 5879
@@ -5919,7 +5932,7 @@ static int cipher_update(lua_State *L) {
5919 return 1; 5932 return 1;
5920sslerr: 5933sslerr:
5921 lua_pushnil(L); 5934 lua_pushnil(L);
5922 pusherror(L, NULL); 5935 auxL_pusherror(L, auxL_EOPENSSL, NULL);
5923 5936
5924 return 2; 5937 return 2;
5925} /* cipher_update() */ 5938} /* cipher_update() */
@@ -5950,7 +5963,7 @@ static int cipher_final(lua_State *L) {
5950 return 1; 5963 return 1;
5951sslerr: 5964sslerr:
5952 lua_pushnil(L); 5965 lua_pushnil(L);
5953 pusherror(L, NULL); 5966 auxL_pusherror(L, auxL_EOPENSSL, NULL);
5954 5967
5955 return 2; 5968 return 2;
5956} /* cipher_final() */ 5969} /* cipher_final() */
@@ -6137,7 +6150,7 @@ static int rand_stir(lua_State *L) {
6137 6150
6138 if (error) { 6151 if (error) {
6139 lua_pushboolean(L, 0); 6152 lua_pushboolean(L, 0);
6140 lua_pushstring(L, xstrerror(error)); 6153 lua_pushstring(L, aux_strerror(error));
6141 lua_pushinteger(L, error); 6154 lua_pushinteger(L, error);
6142 6155
6143 return 3; 6156 return 3;
@@ -6178,7 +6191,7 @@ static int rand_bytes(lua_State *L) {
6178 n = MIN((size - count), LUAL_BUFFERSIZE); 6191 n = MIN((size - count), LUAL_BUFFERSIZE);
6179 6192
6180 if (!RAND_bytes((void *)luaL_prepbuffer(&B), n)) 6193 if (!RAND_bytes((void *)luaL_prepbuffer(&B), n))
6181 return throwssl(L, "rand.bytes"); 6194 return auxL_error(L, auxL_EOPENSSL, "rand.bytes");
6182 6195
6183 luaL_addsize(&B, n); 6196 luaL_addsize(&B, n);
6184 count += n; 6197 count += n;
@@ -6201,7 +6214,7 @@ static unsigned long long rand_llu(lua_State *L) {
6201 unsigned long long llu; 6214 unsigned long long llu;
6202 6215
6203 if (!RAND_bytes((void *)&llu, sizeof llu)) 6216 if (!RAND_bytes((void *)&llu, sizeof llu))
6204 throwssl(L, "rand.uniform"); 6217 auxL_error(L, auxL_EOPENSSL, "rand.uniform");
6205 6218
6206 return llu; 6219 return llu;
6207} /* rand_llu() */ 6220} /* rand_llu() */
@@ -6486,13 +6499,8 @@ static void initall(lua_State *L) {
6486 static int initssl; 6499 static int initssl;
6487 int error; 6500 int error;
6488 6501
6489 if ((error = mt_init())) { 6502 if ((error = mt_init()))
6490 if (error == -1) { 6503 auxL_error(L, error, "openssl.init");
6491 luaL_error(L, "openssl.init: %s", dlerror());
6492 } else {
6493 luaL_error(L, "openssl.init: %s", xstrerror(error));
6494 }
6495 }
6496 6504
6497 pthread_mutex_lock(&mutex); 6505 pthread_mutex_lock(&mutex);
6498 6506
@@ -6512,21 +6520,11 @@ static void initall(lua_State *L) {
6512 6520
6513 pthread_mutex_unlock(&mutex); 6521 pthread_mutex_unlock(&mutex);
6514 6522
6515 if ((error = compat_init())) { 6523 if ((error = compat_init()))
6516 if (error == -1) { 6524 auxL_error(L, error, "openssl.init");
6517 throwssl(L, "openssl.init");
6518 } else {
6519 luaL_error(L, "openssl.init: %s", xstrerror(error));
6520 }
6521 }
6522 6525
6523 if ((error = ex_init())) { 6526 if ((error = ex_init()))
6524 if (error == -1) { 6527 auxL_error(L, error, "openssl.init");
6525 throwssl(L, "openssl.init");
6526 } else {
6527 luaL_error(L, "openssl.init: %s", xstrerror(error));
6528 }
6529 }
6530 6528
6531 ex_newstate(L); 6529 ex_newstate(L);
6532 6530
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-23 10:36:19 +0000