2 files changed, 72 insertions, 0 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf
index a51c46e..28e9984 100644
--- a/doc/luaossl.pdf
+++ b/doc/luaossl.pdf
Binary files differ
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index 48faabe..d733ccf 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -555,6 +555,10 @@ Returns a copy of the \module{x509.extension} object identified by $key$ where $
 Returns the integer count of the number of extensions.
+\subsubsection[\fn{x509:getOCSP}]{\fn{x509:getOCSP()}}
+Returns the OCSP urls for the certificate.
 \subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
 Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.
@@ -926,6 +930,20 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
 \emph{Only supported since OpenSSL 1.0.2.}
+\subsubsection[\fn{context:setTLSextStatusType}]{\fn{context:setTLSextStatusType($type$)}}
+Sets the default TLS extension status for SSL objects derived from this context.
+See \fn{ssl:setTLSextStatusType}
+\emph{Only supported since OpenSSL 1.1.0.}
+\subsubsection[\fn{context:getTLSextStatusType}]{\fn{context:getTLSextStatusType()}}
+Gets the default TLS extension status for SSL objects derived from this context as a string.
+See \fn{ssl:getTLSextStatusType}
+\emph{Only supported since OpenSSL 1.1.0.}
 \end{Module}
@@ -1013,6 +1031,30 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
 \emph{Only supported since OpenSSL 1.0.2.}
+\subsubsection[\fn{ssl:setTLSextStatusType}]{\fn{ssl:setTLSextStatusType($type$)}}
+Sets the TLS extension status.
+Only the $type$ ``ocsp'' is currently supported, this is used by a client to request that a server sends a stapled OCSP response as part of the TLS handshake.
+See also: \fn{context:setTLSextStatusType()}
+\subsubsection[\fn{ssl:getTLSextStatusType}]{\fn{ssl:getTLSextStatusType()}}
+Gets the TLS extension status. As set by \fn{ssl:setTLSextStatusType} or \fn{context:setTLSextStatusType}.
+Only the type ``ocsp'' is currently known.
+\emph{Only supported since OpenSSL 1.1.0.}
+\subsubsection[\fn{ssl:setTLSextStatusOCSPResp}]{\fn{ssl:setTLSextStatusOCSPResp($or$)}}
+Sets an \module{openssl.ocsp.response}. Used by a server to staple an OCSP response into a TLS handshake.
+\subsubsection[\fn{ssl:getTLSextStatusOCSPResp}]{\fn{ssl:getTLSextStatusOCSPResp()}}
+Returns the \module{openssl.ocsp.response} associated with the ssl object (or $nil$ if one has not been set).
 \end{Module}
@@ -1095,6 +1137,36 @@ Update the cipher with the specified string(s). Returns the final output string
 \end{Module}
+\begin{Module}{openssl.ocsp.response}
+Binds OpenSSL's \texttt{OCSP\_RESPONSE} object.
+\subsubsection[\fn{response:getBasic}]{\fn{response:getBasic()}}
+Returns a \module{openssl.ocsp.basic} representation of the object contained within the OCSP response.
+\subsubsection[\fn{response:tostring}]{\fn{response:tostring()}}
+Returns a human readable description of the OCSP response as a string.
+\subsubsection[\fn{response:toPEM}]{\fn{response:toPEM()}}
+Returns the OCSP response as a PEM encoded string.
+\end{Module}
+\begin{Module}{openssl.ocsp.basic}
+Binds OpenSSL's \texttt{OCSP\_BASICRESP} object.
+\subsubsection[\fn{basic:verify}]{\fn{basic:verify([$certs$ [, $store$[, $flags$]]])}}
+Verifies that the OCSP response is signed by a certificate in the \module{openssl.x509.chain} $certs$ or a trusted certificate in \module{openssl.x509.store} $store$.
+\end{Module}
 \begin{Module}{openssl.rand}
 Binds OpenSSL's random number interfaces.

diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf index a51c46e..28e9984 100644 --- a/doc/luaossl.pdf +++ b/doc/luaossl.pdf
Binary files differ


diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 48faabe..d733ccf 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex
@@ -555,6 +555,10 @@ Returns a copy of the \module{x509.extension} object identified by $key$ where $
555		555
556	Returns the integer count of the number of extensions.	556	Returns the integer count of the number of extensions.
557		557
		558	\subsubsection[\fn{x509:getOCSP}]{\fn{x509:getOCSP()}}
		559
		560	Returns the OCSP urls for the certificate.
		561
558	\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}	562	\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
559		563
560	Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.	564	Returns a boolean according to whether the specified issuer---an \module{openssl.x509.name} object---signed the instance certificate.
@@ -926,6 +930,20 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
926		930
927	\emph{Only supported since OpenSSL 1.0.2.}	931	\emph{Only supported since OpenSSL 1.0.2.}
928		932
		933	\subsubsection[\fn{context:setTLSextStatusType}]{\fn{context:setTLSextStatusType($type$)}}
		934
		935	Sets the default TLS extension status for SSL objects derived from this context.
		936	See \fn{ssl:setTLSextStatusType}
		937
		938	\emph{Only supported since OpenSSL 1.1.0.}
		939
		940	\subsubsection[\fn{context:getTLSextStatusType}]{\fn{context:getTLSextStatusType()}}
		941
		942	Gets the default TLS extension status for SSL objects derived from this context as a string.
		943	See \fn{ssl:getTLSextStatusType}
		944
		945	\emph{Only supported since OpenSSL 1.1.0.}
		946
929	\end{Module}	947	\end{Module}
930		948
931		949
@@ -1013,6 +1031,30 @@ Sets the advertised ALPN protocols. $table$ is an array of protocol string ident
1013		1031
1014	\emph{Only supported since OpenSSL 1.0.2.}	1032	\emph{Only supported since OpenSSL 1.0.2.}
1015		1033
		1034	\subsubsection[\fn{ssl:setTLSextStatusType}]{\fn{ssl:setTLSextStatusType($type$)}}
		1035
		1036	Sets the TLS extension status.
		1037
		1038	Only the $type$ ``ocsp'' is currently supported, this is used by a client to request that a server sends a stapled OCSP response as part of the TLS handshake.
		1039
		1040	See also: \fn{context:setTLSextStatusType()}
		1041
		1042	\subsubsection[\fn{ssl:getTLSextStatusType}]{\fn{ssl:getTLSextStatusType()}}
		1043
		1044	Gets the TLS extension status. As set by \fn{ssl:setTLSextStatusType} or \fn{context:setTLSextStatusType}.
		1045
		1046	Only the type ``ocsp'' is currently known.
		1047
		1048	\emph{Only supported since OpenSSL 1.1.0.}
		1049
		1050	\subsubsection[\fn{ssl:setTLSextStatusOCSPResp}]{\fn{ssl:setTLSextStatusOCSPResp($or$)}}
		1051
		1052	Sets an \module{openssl.ocsp.response}. Used by a server to staple an OCSP response into a TLS handshake.
		1053
		1054	\subsubsection[\fn{ssl:getTLSextStatusOCSPResp}]{\fn{ssl:getTLSextStatusOCSPResp()}}
		1055
		1056	Returns the \module{openssl.ocsp.response} associated with the ssl object (or $nil$ if one has not been set).
		1057
1016	\end{Module}	1058	\end{Module}
1017		1059
1018		1060
@@ -1095,6 +1137,36 @@ Update the cipher with the specified string(s). Returns the final output string
1095	\end{Module}	1137	\end{Module}
1096		1138
1097		1139
		1140	\begin{Module}{openssl.ocsp.response}
		1141
		1142	Binds OpenSSL's \texttt{OCSP\_RESPONSE} object.
		1143
		1144	\subsubsection[\fn{response:getBasic}]{\fn{response:getBasic()}}
		1145
		1146	Returns a \module{openssl.ocsp.basic} representation of the object contained within the OCSP response.
		1147
		1148	\subsubsection[\fn{response:tostring}]{\fn{response:tostring()}}
		1149
		1150	Returns a human readable description of the OCSP response as a string.
		1151
		1152	\subsubsection[\fn{response:toPEM}]{\fn{response:toPEM()}}
		1153
		1154	Returns the OCSP response as a PEM encoded string.
		1155
		1156	\end{Module}
		1157
		1158
		1159	\begin{Module}{openssl.ocsp.basic}
		1160
		1161	Binds OpenSSL's \texttt{OCSP\_BASICRESP} object.
		1162
		1163	\subsubsection[\fn{basic:verify}]{\fn{basic:verify([$certs$ [, $store$[, $flags$]]])}}
		1164
		1165	Verifies that the OCSP response is signed by a certificate in the \module{openssl.x509.chain} $certs$ or a trusted certificate in \module{openssl.x509.store} $store$.
		1166
		1167	\end{Module}
		1168
		1169
1098	\begin{Module}{openssl.rand}	1170	\begin{Module}{openssl.rand}
1099		1171
1100	Binds OpenSSL's random number interfaces.	1172	Binds OpenSSL's random number interfaces.