1 files changed, 72 insertions, 0 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index 7db7463..15881a8 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -538,6 +538,10 @@ Returns a copy of the \module{x509.extension} object identified by $key$ where $
 Returns the integer count of the number of extensions.
+\subsubsection[\fn{x509:getOCSP}]{\fn{x509:getOCSP()}}
+Returns the OCSP urls for the certificate.
 \subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
 Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.
@@ -897,6 +901,20 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
 \emph{Only supported since OpenSSL 1.0.2.}
+\subsubsection[\fn{context:setTLSextStatusType}]{\fn{context:setTLSextStatusType($type$)}}
+Sets the default TLS extension status for SSL objects derived from this context.
+See \fn{ssl:setTLSextStatusType}
+\emph{Only supported since OpenSSL 1.1.0.}
+\subsubsection[\fn{context:getTLSextStatusType}]{\fn{context:getTLSextStatusType()}}
+Gets the default TLS extension status for SSL objects derived from this context as a string.
+See \fn{ssl:getTLSextStatusType}
+\emph{Only supported since OpenSSL 1.1.0.}
 \end{Module}
@@ -984,6 +1002,30 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
 \emph{Only supported since OpenSSL 1.0.2.}
+\subsubsection[\fn{ssl:setTLSextStatusType}]{\fn{ssl:setTLSextStatusType($type$)}}
+Sets the TLS extension status.
+Only the $type$ ``ocsp'' is currently supported, this is used by a client to request that a server sends a stapled OCSP response as part of the TLS handshake.
+See also: \fn{context:setTLSextStatusType()}
+\subsubsection[\fn{ssl:getTLSextStatusType}]{\fn{ssl:getTLSextStatusType()}}
+Gets the TLS extension status. As set by \fn{ssl:setTLSextStatusType} or \fn{context:setTLSextStatusType}.
+Only the type ``ocsp'' is currently known.
+\emph{Only supported since OpenSSL 1.1.0.}
+\subsubsection[\fn{ssl:setTLSextStatusOCSPResp}]{\fn{ssl:setTLSextStatusOCSPResp($or$)}}
+Sets an \module{openssl.ocsp.response}. Used by a server to staple an OCSP response into a TLS handshake.
+\subsubsection[\fn{ssl:getTLSextStatusOCSPResp}]{\fn{ssl:getTLSextStatusOCSPResp()}}
+Returns the \module{openssl.ocsp.response} associated with the ssl object (or $nil$ if one has not been set).
 \end{Module}
@@ -1066,6 +1108,36 @@ Update the cipher with the specified string(s). Returns the final output string
 \end{Module}
+\begin{Module}{openssl.ocsp.response}
+Binds OpenSSL's \texttt{OCSP\_RESPONSE} object.
+\subsubsection[\fn{response:getBasic}]{\fn{response:getBasic()}}
+Returns a \module{openssl.ocsp.basic} representation of the object contained within the OCSP response.
+\subsubsection[\fn{response:tostring}]{\fn{response:tostring()}}
+Returns a human readable description of the OCSP response as a string.
+\subsubsection[\fn{response:toPEM}]{\fn{response:toPEM()}}
+Returns the OCSP response as a PEM encoded string.
+\end{Module}
+\begin{Module}{openssl.ocsp.basic}
+Binds OpenSSL's \texttt{OCSP\_BASICRESP} object.
+\subsubsection[\fn{basic:verify}]{\fn{basic:verify([$certs$ [, $store$[, $flags$]]])}}
+Verifies that the OCSP response is signed by a certificate in the \module{openssl.x509.chain} $certs$ or a trusted certificate in \module{openssl.x509.store} $store$.
+\end{Module}
 \begin{Module}{openssl.rand}
 Binds OpenSSL's random number interfaces.

diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 7db7463..15881a8 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex
@@ -538,6 +538,10 @@ Returns a copy of the \module{x509.extension} object identified by $key$ where $
538		538
539	Returns the integer count of the number of extensions.	539	Returns the integer count of the number of extensions.
540		540
		541	\subsubsection[\fn{x509:getOCSP}]{\fn{x509:getOCSP()}}
		542
		543	Returns the OCSP urls for the certificate.
		544
541	\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}	545	\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
542		546
543	Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.	547	Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.
@@ -897,6 +901,20 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
897		901
898	\emph{Only supported since OpenSSL 1.0.2.}	902	\emph{Only supported since OpenSSL 1.0.2.}
899		903
		904	\subsubsection[\fn{context:setTLSextStatusType}]{\fn{context:setTLSextStatusType($type$)}}
		905
		906	Sets the default TLS extension status for SSL objects derived from this context.
		907	See \fn{ssl:setTLSextStatusType}
		908
		909	\emph{Only supported since OpenSSL 1.1.0.}
		910
		911	\subsubsection[\fn{context:getTLSextStatusType}]{\fn{context:getTLSextStatusType()}}
		912
		913	Gets the default TLS extension status for SSL objects derived from this context as a string.
		914	See \fn{ssl:getTLSextStatusType}
		915
		916	\emph{Only supported since OpenSSL 1.1.0.}
		917
900	\end{Module}	918	\end{Module}
901		919
902		920
@@ -984,6 +1002,30 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
984		1002
985	\emph{Only supported since OpenSSL 1.0.2.}	1003	\emph{Only supported since OpenSSL 1.0.2.}
986		1004
		1005	\subsubsection[\fn{ssl:setTLSextStatusType}]{\fn{ssl:setTLSextStatusType($type$)}}
		1006
		1007	Sets the TLS extension status.
		1008
		1009	Only the $type$ ``ocsp'' is currently supported, this is used by a client to request that a server sends a stapled OCSP response as part of the TLS handshake.
		1010
		1011	See also: \fn{context:setTLSextStatusType()}
		1012
		1013	\subsubsection[\fn{ssl:getTLSextStatusType}]{\fn{ssl:getTLSextStatusType()}}
		1014
		1015	Gets the TLS extension status. As set by \fn{ssl:setTLSextStatusType} or \fn{context:setTLSextStatusType}.
		1016
		1017	Only the type ``ocsp'' is currently known.
		1018
		1019	\emph{Only supported since OpenSSL 1.1.0.}
		1020
		1021	\subsubsection[\fn{ssl:setTLSextStatusOCSPResp}]{\fn{ssl:setTLSextStatusOCSPResp($or$)}}
		1022
		1023	Sets an \module{openssl.ocsp.response}. Used by a server to staple an OCSP response into a TLS handshake.
		1024
		1025	\subsubsection[\fn{ssl:getTLSextStatusOCSPResp}]{\fn{ssl:getTLSextStatusOCSPResp()}}
		1026
		1027	Returns the \module{openssl.ocsp.response} associated with the ssl object (or $nil$ if one has not been set).
		1028
987	\end{Module}	1029	\end{Module}
988		1030
989		1031
@@ -1066,6 +1108,36 @@ Update the cipher with the specified string(s). Returns the final output string
1066	\end{Module}	1108	\end{Module}
1067		1109
1068		1110
		1111	\begin{Module}{openssl.ocsp.response}
		1112
		1113	Binds OpenSSL's \texttt{OCSP\_RESPONSE} object.
		1114
		1115	\subsubsection[\fn{response:getBasic}]{\fn{response:getBasic()}}
		1116
		1117	Returns a \module{openssl.ocsp.basic} representation of the object contained within the OCSP response.
		1118
		1119	\subsubsection[\fn{response:tostring}]{\fn{response:tostring()}}
		1120
		1121	Returns a human readable description of the OCSP response as a string.
		1122
		1123	\subsubsection[\fn{response:toPEM}]{\fn{response:toPEM()}}
		1124
		1125	Returns the OCSP response as a PEM encoded string.
		1126
		1127	\end{Module}
		1128
		1129
		1130	\begin{Module}{openssl.ocsp.basic}
		1131
		1132	Binds OpenSSL's \texttt{OCSP\_BASICRESP} object.
		1133
		1134	\subsubsection[\fn{basic:verify}]{\fn{basic:verify([$certs$ [, $store$[, $flags$]]])}}
		1135
		1136	Verifies that the OCSP response is signed by a certificate in the \module{openssl.x509.chain} $certs$ or a trusted certificate in \module{openssl.x509.store} $store$.
		1137
		1138	\end{Module}
		1139
		1140
1069	\begin{Module}{openssl.rand}	1141	\begin{Module}{openssl.rand}
1070		1142
1071	Binds OpenSSL's random number interfaces.	1143	Binds OpenSSL's random number interfaces.