2 files changed, 36 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c
index fa7dd79..d679d92 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -254,6 +254,10 @@
 #define HAVE_SSL_CTX_GET0_PARAM OPENSSL_PREREQ(1,0,2)
 #endif
+#ifndef HAVE_SSL_CTX_SET_CURVES_LIST
+#define HAVE_SSL_CTX_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,5,1))
+#endif
 #ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS
 #define HAVE_SSL_CTX_SET_ALPN_PROTOS (OPENSSL_PREREQ(1,0,2) || LIBRESSL_PREREQ(2,1,3))
 #endif
@@ -7746,6 +7750,21 @@ static int sx_setCipherList(lua_State *L) {
 } /* sx_setCipherList() */
+#if HAVE_SSL_CTX_SET_CURVES_LIST
+static int sx_setCurvesList(lua_State *L) {
+        SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
+        const char *curves = luaL_checkstring(L, 2);
+        if (!SSL_CTX_set1_curves_list(ctx, curves))
+                return auxL_error(L, auxL_EOPENSSL, "ssl.context:setCurvesList");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* sx_setCurvesList() */
+#endif
 static int sx_setEphemeralKey(lua_State *L) {
        SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
        EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
@@ -7941,6 +7960,9 @@ static const auxL_Reg sx_methods[] = {
        { "setCertificate",   &sx_setCertificate },
        { "setPrivateKey",    &sx_setPrivateKey },
        { "setCipherList",    &sx_setCipherList },
+#if HAVE_SSL_CTX_SET_CURVES_LIST
+        { "setCurvesList",    &sx_setCurvesList },
+#endif
        { "setEphemeralKey",  &sx_setEphemeralKey },
 #if HAVE_SSL_CTX_SET_ALPN_PROTOS
        { "setAlpnProtos",    &sx_setAlpnProtos },
diff --git a/src/openssl.ssl.context.lua b/src/openssl.ssl.context.lua
index 2098b54..3263fb1 100644
--- a/src/openssl.ssl.context.lua
+++ b/src/openssl.ssl.context.lua
@@ -13,4 +13,18 @@ local setCipherList; setCipherList = ctx.interpose("setCipherList", function (se
        return setCipherList(self, ciphers)
 end)
+-- Allow passing a vararg of curves, or an array
+local setCurvesList = ctx.interpose("setCurvesList", nil)
+if setCurvesList then
+        ctx.interpose("setCurvesList", function (self, curves, ...)
+                if (...) then
+                        local curves_t = pack(curves, ...)
+                        curves = table.concat(curves_t, ":", 1, curves_t.n)
+                elseif type(curves) == "table" then
+                        curves = table.concat(curves, ":")
+                end
+                return setCurvesList(self, curves)
+        end)
+end
 return ctx

diff --git a/src/openssl.c b/src/openssl.c index fa7dd79..d679d92 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -254,6 +254,10 @@
254	#define HAVE_SSL_CTX_GET0_PARAM OPENSSL_PREREQ(1,0,2)	254	#define HAVE_SSL_CTX_GET0_PARAM OPENSSL_PREREQ(1,0,2)
255	#endif	255	#endif
256		256
		257	#ifndef HAVE_SSL_CTX_SET_CURVES_LIST
		258	#define HAVE_SSL_CTX_SET_CURVES_LIST (OPENSSL_PREREQ(1,0,2) \|\| LIBRESSL_PREREQ(2,5,1))
		259	#endif
		260
257	#ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS	261	#ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS
258	#define HAVE_SSL_CTX_SET_ALPN_PROTOS (OPENSSL_PREREQ(1,0,2) \|\| LIBRESSL_PREREQ(2,1,3))	262	#define HAVE_SSL_CTX_SET_ALPN_PROTOS (OPENSSL_PREREQ(1,0,2) \|\| LIBRESSL_PREREQ(2,1,3))
259	#endif	263	#endif
@@ -7746,6 +7750,21 @@ static int sx_setCipherList(lua_State *L) {
7746	} /* sx_setCipherList() */	7750	} /* sx_setCipherList() */
7747		7751
7748		7752
		7753	#if HAVE_SSL_CTX_SET_CURVES_LIST
		7754	static int sx_setCurvesList(lua_State *L) {
		7755	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
		7756	const char *curves = luaL_checkstring(L, 2);
		7757
		7758	if (!SSL_CTX_set1_curves_list(ctx, curves))
		7759	return auxL_error(L, auxL_EOPENSSL, "ssl.context:setCurvesList");
		7760
		7761	lua_pushboolean(L, 1);
		7762
		7763	return 1;
		7764	} /* sx_setCurvesList() */
		7765	#endif
		7766
		7767
7749	static int sx_setEphemeralKey(lua_State *L) {	7768	static int sx_setEphemeralKey(lua_State *L) {
7750	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);	7769	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
7751	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);	7770	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
@@ -7941,6 +7960,9 @@ static const auxL_Reg sx_methods[] = {
7941	{ "setCertificate", &sx_setCertificate },	7960	{ "setCertificate", &sx_setCertificate },
7942	{ "setPrivateKey", &sx_setPrivateKey },	7961	{ "setPrivateKey", &sx_setPrivateKey },
7943	{ "setCipherList", &sx_setCipherList },	7962	{ "setCipherList", &sx_setCipherList },
		7963	#if HAVE_SSL_CTX_SET_CURVES_LIST
		7964	{ "setCurvesList", &sx_setCurvesList },
		7965	#endif
7944	{ "setEphemeralKey", &sx_setEphemeralKey },	7966	{ "setEphemeralKey", &sx_setEphemeralKey },
7945	#if HAVE_SSL_CTX_SET_ALPN_PROTOS	7967	#if HAVE_SSL_CTX_SET_ALPN_PROTOS
7946	{ "setAlpnProtos", &sx_setAlpnProtos },	7968	{ "setAlpnProtos", &sx_setAlpnProtos },


diff --git a/src/openssl.ssl.context.lua b/src/openssl.ssl.context.lua index 2098b54..3263fb1 100644 --- a/src/openssl.ssl.context.lua +++ b/src/openssl.ssl.context.lua
@@ -13,4 +13,18 @@ local setCipherList; setCipherList = ctx.interpose("setCipherList", function (se
13	return setCipherList(self, ciphers)	13	return setCipherList(self, ciphers)
14	end)	14	end)
15		15
		16	-- Allow passing a vararg of curves, or an array
		17	local setCurvesList = ctx.interpose("setCurvesList", nil)
		18	if setCurvesList then
		19	ctx.interpose("setCurvesList", function (self, curves, ...)
		20	if (...) then
		21	local curves_t = pack(curves, ...)
		22	curves = table.concat(curves_t, ":", 1, curves_t.n)
		23	elseif type(curves) == "table" then
		24	curves = table.concat(curves, ":")
		25	end
		26	return setCurvesList(self, curves)
		27	end)
		28	end
		29
16	return ctx	30	return ctx