1 files changed, 35 insertions, 16 deletions
diff --git a/src/openssl.c b/src/openssl.c
index 63c3985..629373d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -748,7 +748,7 @@ static struct {
        .X509_STORE_free = &X509_STORE_free,
 };
-#if !HAVE_EVP_PKEY_base_id
+#if !HAVE_EVP_PKEY_BASE_ID
 #define EVP_PKEY_base_id(key) compat_EVP_PKEY_base_id((key))
 static int compat_EVP_PKEY_base_id(EVP_PKEY *key) {
@@ -757,7 +757,7 @@ static int compat_EVP_PKEY_base_id(EVP_PKEY *key) {
 #endif
-#if !HAVE_EVP_PKEY_get0
+#if !HAVE_EVP_PKEY_GET0
 #define EVP_PKEY_get0(key) compat_EVP_PKEY_get0((key))
 static void *compat_EVP_PKEY_get0(EVP_PKEY *key) {
@@ -792,6 +792,14 @@ static void *compat_EVP_PKEY_get0(EVP_PKEY *key) {
 } /* compat_EVP_PKEY_get0() */
 #endif
+#if !HAVE_X509_GET0_EXT
+#define X509_get0_ext(crt, i) X509_get_ext((crt), (i))
+#endif
+#if !HAVE_X509_EXTENSION_GET0_DATA
+#define X509_EXTENSION_get0_data(ext) X509_EXTENSION_get_data((ext))
+#endif
 /*
 * X509_STORE_free in OpenSSL versions < 1.0.2 doesn't obey reference count
 */
@@ -2864,25 +2872,33 @@ int luaopen__openssl_x509_altname(lua_State *L) {
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-static int xe_new(lua_State *L) {
+static _Bool xe_new_isder(const char *value, _Bool *crit) {
-        lua_settop(L, 3);
+        if (!strcmp(value, "critical,DER"))
+                return (*crit = 1), 1;
+        if (!strcmp(value, "DER"))
+                return (*crit = 0), 1;
-        X509_EXTENSION **ud = prepsimple(L, X509_EXT_CLASS);
+        return 0;
+} /* xs_new_isder() */
+static int xe_new(lua_State *L) {
        const char *name = luaL_checkstring(L, 1);
        const char *value = luaL_checkstring(L, 2);
        ASN1_OBJECT *obj = NULL;
        ASN1_STRING *oct = NULL;
        CONF *conf = NULL;
        X509V3_CTX cbuf = { 0 }, *ctx = NULL;
+        X509_EXTENSION **ud;
+        lua_settop(L, 3);
+        ud = prepsimple(L, X509_EXT_CLASS);
        if (!lua_isnil(L, 3)) {
                size_t len;
                const char *cdata = luaL_checklstring(L, 3, &len);
-                int crit = !strcmp(value, "critical,DER");
+                _Bool crit;
-                if (crit || !strcmp(value, "DER")) {
+                if (xe_new_isder(value, &crit)) {
                        if (!(obj = OBJ_txt2obj(name, 0)))
                                goto error;
                        if (!(oct = ASN1_STRING_new()))
@@ -2891,8 +2907,10 @@ static int xe_new(lua_State *L) {
                                goto error;
                        if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))
                                goto error;
                        ASN1_OBJECT_free(obj);
                        ASN1_STRING_free(oct);
                        return 1;
                }
@@ -2928,10 +2946,8 @@ static int xe_new(lua_State *L) {
 error:
        if (obj)
                ASN1_OBJECT_free(obj);
        if (oct)
                ASN1_STRING_free(oct);
        if (conf)
                NCONF_free(conf);
@@ -2945,8 +2961,10 @@ static int xe_interpose(lua_State *L) {
 static int xe_getData(lua_State *L) {
-        ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS));
+        ASN1_STRING *data = X509_EXTENSION_get0_data(checksimple(L, 1, X509_EXT_CLASS));
-        lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data));
+        lua_pushlstring(L, (char *)ASN1_STRING_data(data), ASN1_STRING_length(data));
        return 1;
 } /* xe_getData() */
@@ -3696,7 +3714,6 @@ static int xc_addExtension(lua_State *L) {
 static int xc_getExtension(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        const char *name = luaL_checkstring(L, 2);
        X509_EXTENSION *ext, **ud;
        ASN1_OBJECT *obj = NULL;
@@ -3706,16 +3723,17 @@ static int xc_getExtension(lua_State *L) {
        int i = X509_get_ext_by_OBJ(crt, obj, -1);
        if (i > -1) {
                ud = prepsimple(L, X509_EXT_CLASS);
-                if (!(ext = X509_get_ext(crt, i)))
+                if (!(ext = X509_get0_ext(crt, i)))
                        goto error;
                if (!(*ud = X509_EXTENSION_dup(ext)))
                        goto error;
+        } else {
+                lua_pushnil(L);
        }
-        else lua_pushnil(L);
        ASN1_OBJECT_free(obj);
-        return 1;
+        return 1;
 error:
        if (obj)
                ASN1_OBJECT_free(obj);
@@ -4434,6 +4452,7 @@ static int xx_addExtension(lua_State *L) {
        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
        X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
+        /* NOTE: Will dup extension in X509v3_add_ext. */
        if (!X509_CRL_add_ext(crl, ext, -1))
                return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");

diff --git a/src/openssl.c b/src/openssl.c index 63c3985..629373d 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -748,7 +748,7 @@ static struct {
748	.X509_STORE_free = &X509_STORE_free,	748	.X509_STORE_free = &X509_STORE_free,
749	};	749	};
750		750
751	#if !HAVE_EVP_PKEY_base_id	751	#if !HAVE_EVP_PKEY_BASE_ID
752	#define EVP_PKEY_base_id(key) compat_EVP_PKEY_base_id((key))	752	#define EVP_PKEY_base_id(key) compat_EVP_PKEY_base_id((key))
753		753
754	static int compat_EVP_PKEY_base_id(EVP_PKEY *key) {	754	static int compat_EVP_PKEY_base_id(EVP_PKEY *key) {
@@ -757,7 +757,7 @@ static int compat_EVP_PKEY_base_id(EVP_PKEY *key) {
757	#endif	757	#endif
758		758
759		759
760	#if !HAVE_EVP_PKEY_get0	760	#if !HAVE_EVP_PKEY_GET0
761	#define EVP_PKEY_get0(key) compat_EVP_PKEY_get0((key))	761	#define EVP_PKEY_get0(key) compat_EVP_PKEY_get0((key))
762		762
763	static void compat_EVP_PKEY_get0(EVP_PKEY key) {	763	static void compat_EVP_PKEY_get0(EVP_PKEY key) {
@@ -792,6 +792,14 @@ static void compat_EVP_PKEY_get0(EVP_PKEY key) {
792	} /* compat_EVP_PKEY_get0() */	792	} /* compat_EVP_PKEY_get0() */
793	#endif	793	#endif
794		794
		795	#if !HAVE_X509_GET0_EXT
		796	#define X509_get0_ext(crt, i) X509_get_ext((crt), (i))
		797	#endif
		798
		799	#if !HAVE_X509_EXTENSION_GET0_DATA
		800	#define X509_EXTENSION_get0_data(ext) X509_EXTENSION_get_data((ext))
		801	#endif
		802
795	/*	803	/*
796	* X509_STORE_free in OpenSSL versions < 1.0.2 doesn't obey reference count	804	* X509_STORE_free in OpenSSL versions < 1.0.2 doesn't obey reference count
797	*/	805	*/
@@ -2864,25 +2872,33 @@ int luaopen__openssl_x509_altname(lua_State *L) {
2864	*	2872	*
2865	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	2873	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2866		2874
2867	static int xe_new(lua_State *L) {	2875	static _Bool xe_new_isder(const char value, _Bool crit) {
2868	lua_settop(L, 3);	2876	if (!strcmp(value, "critical,DER"))
		2877	return (*crit = 1), 1;
		2878	if (!strcmp(value, "DER"))
		2879	return (*crit = 0), 1;
2869		2880
2870	X509_EXTENSION **ud = prepsimple(L, X509_EXT_CLASS);	2881	return 0;
		2882	} /* xs_new_isder() */
2871		2883
		2884	static int xe_new(lua_State *L) {
2872	const char *name = luaL_checkstring(L, 1);	2885	const char *name = luaL_checkstring(L, 1);
2873	const char *value = luaL_checkstring(L, 2);	2886	const char *value = luaL_checkstring(L, 2);
2874
2875	ASN1_OBJECT *obj = NULL;	2887	ASN1_OBJECT *obj = NULL;
2876	ASN1_STRING *oct = NULL;	2888	ASN1_STRING *oct = NULL;
2877	CONF *conf = NULL;	2889	CONF *conf = NULL;
2878	X509V3_CTX cbuf = { 0 }, *ctx = NULL;	2890	X509V3_CTX cbuf = { 0 }, *ctx = NULL;
		2891	X509_EXTENSION **ud;
		2892
		2893	lua_settop(L, 3);
		2894	ud = prepsimple(L, X509_EXT_CLASS);
2879		2895
2880	if (!lua_isnil(L, 3)) {	2896	if (!lua_isnil(L, 3)) {
2881	size_t len;	2897	size_t len;
2882	const char *cdata = luaL_checklstring(L, 3, &len);	2898	const char *cdata = luaL_checklstring(L, 3, &len);
2883	int crit = !strcmp(value, "critical,DER");	2899	_Bool crit;
2884		2900
2885	if (crit \|\| !strcmp(value, "DER")) {	2901	if (xe_new_isder(value, &crit)) {
2886	if (!(obj = OBJ_txt2obj(name, 0)))	2902	if (!(obj = OBJ_txt2obj(name, 0)))
2887	goto error;	2903	goto error;
2888	if (!(oct = ASN1_STRING_new()))	2904	if (!(oct = ASN1_STRING_new()))
@@ -2891,8 +2907,10 @@ static int xe_new(lua_State *L) {
2891	goto error;	2907	goto error;
2892	if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))	2908	if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))
2893	goto error;	2909	goto error;
		2910
2894	ASN1_OBJECT_free(obj);	2911	ASN1_OBJECT_free(obj);
2895	ASN1_STRING_free(oct);	2912	ASN1_STRING_free(oct);
		2913
2896	return 1;	2914	return 1;
2897	}	2915	}
2898		2916
@@ -2928,10 +2946,8 @@ static int xe_new(lua_State *L) {
2928	error:	2946	error:
2929	if (obj)	2947	if (obj)
2930	ASN1_OBJECT_free(obj);	2948	ASN1_OBJECT_free(obj);
2931
2932	if (oct)	2949	if (oct)
2933	ASN1_STRING_free(oct);	2950	ASN1_STRING_free(oct);
2934
2935	if (conf)	2951	if (conf)
2936	NCONF_free(conf);	2952	NCONF_free(conf);
2937		2953
@@ -2945,8 +2961,10 @@ static int xe_interpose(lua_State *L) {
2945		2961
2946		2962
2947	static int xe_getData(lua_State *L) {	2963	static int xe_getData(lua_State *L) {
2948	ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS));	2964	ASN1_STRING *data = X509_EXTENSION_get0_data(checksimple(L, 1, X509_EXT_CLASS));
2949	lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data));	2965
		2966	lua_pushlstring(L, (char *)ASN1_STRING_data(data), ASN1_STRING_length(data));
		2967
2950	return 1;	2968	return 1;
2951	} /* xe_getData() */	2969	} /* xe_getData() */
2952		2970
@@ -3696,7 +3714,6 @@ static int xc_addExtension(lua_State *L) {
3696	static int xc_getExtension(lua_State *L) {	3714	static int xc_getExtension(lua_State *L) {
3697	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	3715	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
3698	const char *name = luaL_checkstring(L, 2);	3716	const char *name = luaL_checkstring(L, 2);
3699
3700	X509_EXTENSION ext, *ud;	3717	X509_EXTENSION ext, *ud;
3701	ASN1_OBJECT *obj = NULL;	3718	ASN1_OBJECT *obj = NULL;
3702		3719
@@ -3706,16 +3723,17 @@ static int xc_getExtension(lua_State *L) {
3706	int i = X509_get_ext_by_OBJ(crt, obj, -1);	3723	int i = X509_get_ext_by_OBJ(crt, obj, -1);
3707	if (i > -1) {	3724	if (i > -1) {
3708	ud = prepsimple(L, X509_EXT_CLASS);	3725	ud = prepsimple(L, X509_EXT_CLASS);
3709	if (!(ext = X509_get_ext(crt, i)))	3726	if (!(ext = X509_get0_ext(crt, i)))
3710	goto error;	3727	goto error;
3711	if (!(*ud = X509_EXTENSION_dup(ext)))	3728	if (!(*ud = X509_EXTENSION_dup(ext)))
3712	goto error;	3729	goto error;
		3730	} else {
		3731	lua_pushnil(L);
3713	}	3732	}
3714	else lua_pushnil(L);
3715		3733
3716	ASN1_OBJECT_free(obj);	3734	ASN1_OBJECT_free(obj);
3717	return 1;
3718		3735
		3736	return 1;
3719	error:	3737	error:
3720	if (obj)	3738	if (obj)
3721	ASN1_OBJECT_free(obj);	3739	ASN1_OBJECT_free(obj);
@@ -4434,6 +4452,7 @@ static int xx_addExtension(lua_State *L) {
4434	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);	4452	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
4435	X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);	4453	X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
4436		4454
		4455	/* NOTE: Will dup extension in X509v3_add_ext. */
4437	if (!X509_CRL_add_ext(crl, ext, -1))	4456	if (!X509_CRL_add_ext(crl, ext, -1))
4438	return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");	4457	return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");
4439		4458