3 files changed, 257 insertions, 0 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile
index 99b2336..75e8c3a 100644
--- a/src/GNUmakefile
+++ b/src/GNUmakefile
@@ -94,6 +94,7 @@ MODS$(1)_$(d) = \
        $$(DESTDIR)$(3)/openssl/x509/name.lua \
        $$(DESTDIR)$(3)/openssl/x509/altname.lua \
        $$(DESTDIR)$(3)/openssl/x509/chain.lua \
+        $$(DESTDIR)$(3)/openssl/x509/crl.lua \
        $$(DESTDIR)$(3)/openssl/x509/store.lua \
        $$(DESTDIR)$(3)/openssl/ssl/context.lua \
        $$(DESTDIR)$(3)/openssl/ssl.lua \
diff --git a/src/openssl.c b/src/openssl.c
index 1d15f7c..ef5515e 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -85,6 +85,7 @@
 #define X509_CERT_CLASS  "X509*"
 #define X509_CHAIN_CLASS "STACK_OF(X509)*"
 #define X509_CSR_CLASS   "X509_REQ*"
+#define X509_CRL_CLASS   "X509_CRL*"
 #define X509_STORE_CLASS "X509_STORE*"
 #define X509_STCTX_CLASS "X509_STORE_CTX*"
 #define SSL_CTX_CLASS    "SSL_CTX*"
@@ -2885,6 +2886,259 @@ int luaopen__openssl_x509_csr(lua_State *L) {
 /*
+ * X509_CRL - openssl.x509.crl
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+static int xx_new(lua_State *L) {
+        X509_CRL **ud;
+        ud = prepsimple(L, X509_CRL_CLASS);
+        if (!(*ud = X509_CRL_new())) throwssl(L, "x509.crl.new");
+        X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
+        return 1;
+} /* xx_new() */
+static int xx_interpose(lua_State *L) {
+        return interpose(L, X509_CRL_CLASS);
+} /* xx_interpose() */
+static int xx_getVersion(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        lua_pushinteger(L, X509_CRL_get_version(crl) + 1);
+        return 1;
+} /* xx_getVersion() */
+static int xx_setVersion(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        int version = luaL_checkint(L, 2);
+        if (!X509_CRL_set_version(crl, version - 1))
+                return luaL_error(L, "x509.crl:setVersion: %d: invalid version", version);
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xr_setVersion() */
+static int xx_getUpdateTimes(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double begin = INFINITY, end = INFINITY;
+        ASN1_TIME *time;
+        if ((time = X509_CRL_get_lastUpdate(crl)))
+                begin = timeutc(time);
+        if ((time = X509_CRL_get_nextUpdate(crl)))
+                end = timeutc(time);
+        if (isfinite(begin))
+                lua_pushnumber(L, begin);
+        else
+                lua_pushnil(L);
+        if (isfinite(end))
+                lua_pushnumber(L, end);
+        else
+                lua_pushnil(L);
+        if (isfinite(begin) && isfinite(end) && begin <= end)
+                lua_pushnumber(L, fabs(end - begin));
+        else
+                lua_pushnumber(L, 0.0);
+        return 3;
+} /* xx_getUpdateTimes() */
+static int xx_setUpdateTimes(lua_State *L) {
+        int ok = 1;
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        double ut;
+        ASN1_TIME *time = NULL;
+        lua_settop(L, 3);
+        if (!lua_isnil(L, 2)) {
+                ut = lua_tonumber(L, 2);
+                if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), ut))
+                        goto error;
+        }
+        if (!lua_isnil(L, 3)) {
+                ut = lua_tonumber(L, 3);
+                if (!(time = ASN1_TIME_new())) goto error;
+                if (!ASN1_TIME_set(time, ut)) goto error;
+                if (!X509_CRL_set_nextUpdate(crl, time)) goto error;
+        }
+        goto done;
+        error:
+        ok = 0;
+        done:
+        if (time) ASN1_TIME_free(time);
+        return ok ? 0 : throwssl(L, "x509.crl:setUpdateTimes");
+} /* xx_setUpdateTimes() */
+static int xx_getIssuer(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        X509_NAME *name;
+        if (!(name = X509_CRL_get_issuer(crl)))
+                return 0;
+        xn_dup(L, name);
+        return 1;
+} /* xx_getIssuer() */
+static int xx_setIssuer(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
+        if (!X509_CRL_set_issuer_name(crl, name))
+                return throwssl(L, "x509.crl:setIssuer");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_setIssuer() */
+static int xx_add(lua_State *L) {
+        int ok = 1;
+        lua_settop(L, 3);
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        BIGNUM *serial = checkbig(L, 2);
+        X509_REVOKED *rev = NULL;
+        ASN1_INTEGER *aserial = NULL;
+        ASN1_TIME *date = NULL;
+        if (!(rev = X509_REVOKED_new())) goto error;
+        if (!(aserial = BN_to_ASN1_INTEGER(serial, NULL))) goto error;
+        if (!X509_REVOKED_set_serialNumber(rev, aserial)) goto error;
+        if (!(date = ASN1_TIME_new())) goto error;
+        if (lua_isnil(L, 3)) X509_gmtime_adj(date, 0);
+        else if (!ASN1_TIME_set(date, luaL_checknumber(L, 3))) goto error;
+        if (!X509_REVOKED_set_revocationDate(rev, date)) goto error;
+        if (!X509_CRL_add0_revoked(crl, rev)) goto error;
+        goto done;
+        error:
+        ok = 0;
+        done:
+        if (date) ASN1_TIME_free(date);
+        if (serial) ASN1_INTEGER_free(aserial);
+        if (!ok && rev) X509_REVOKED_free(rev);
+        return ok ? 0 : throwssl(L, "x509.crl:add");
+} /* xx_setIssuer() */
+static int xx_sign(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
+        if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key)))
+                return throwssl(L, "x509.crl:sign");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_sign() */
+static int xx__tostring(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        int type = optencoding(L, 2, "pem", X509_PEM|X509_DER);
+        BIO *bio = getbio(L);
+        char *data;
+        long len;
+        switch (type) {
+        case X509_PEM:
+                if (!PEM_write_bio_X509_CRL(bio, crl))
+                        return throwssl(L, "x509.crl:__tostring");
+                break;
+        case X509_DER:
+                if (!i2d_X509_CRL_bio(bio, crl))
+                        return throwssl(L, "x509.crl:__tostring");
+                break;
+        } /* switch() */
+        len = BIO_get_mem_data(bio, &data);
+        lua_pushlstring(L, data, len);
+        return 1;
+} /* xx__tostring() */
+static int xx__gc(lua_State *L) {
+        X509_CRL **ud = luaL_checkudata(L, 1, X509_CRL_CLASS);
+        X509_CRL_free(*ud);
+        *ud = NULL;
+        return 0;
+} /* xx__gc() */
+static const luaL_Reg xx_methods[] = {
+        { "getVersion",     &xx_getVersion },
+        { "setVersion",     &xx_setVersion },
+        { "getUpdateTimes", &xx_getUpdateTimes },
+        { "setUpdateTimes", &xx_setUpdateTimes },
+        { "getIssuer",      &xx_getIssuer },
+        { "setIssuer",      &xx_setIssuer },
+        { "add",            &xx_add },
+        { "sign",           &xx_sign },
+        { NULL,             NULL },
+};
+static const luaL_Reg xx_metatable[] = {
+        { "__tostring", &xx__tostring },
+        { "__gc",       &xx__gc },
+        { NULL,         NULL },
+};
+static const luaL_Reg xx_globals[] = {
+        { "new",       &xx_new },
+        { "interpose", &xx_interpose },
+        { NULL,        NULL },
+};
+int luaopen__openssl_x509_crl(lua_State *L) {
+        initall(L);
+        luaL_newlib(L, xx_globals);
+        return 1;
+} /* luaopen__openssl_x509_crl() */
+/*
 * STACK_OF(X509) - openssl.x509.chain
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4465,6 +4719,7 @@ static void initall(lua_State *L) {
        addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);
        addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
        addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);
+        addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
        addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
        addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
        addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);
diff --git a/src/openssl.x509.crl.lua b/src/openssl.x509.crl.lua
new file mode 100644
index 0000000..7f8a019
--- /dev/null
+++ b/src/openssl.x509.crl.lua
@@ -0,0 +1 @@
+return require('_openssl.x509.crl')

diff --git a/src/GNUmakefile b/src/GNUmakefile index 99b2336..75e8c3a 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile
@@ -94,6 +94,7 @@ MODS$(1)_$(d) = \
94	$$(DESTDIR)$(3)/openssl/x509/name.lua \	94	$$(DESTDIR)$(3)/openssl/x509/name.lua \
95	$$(DESTDIR)$(3)/openssl/x509/altname.lua \	95	$$(DESTDIR)$(3)/openssl/x509/altname.lua \
96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \	96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \
		97	$$(DESTDIR)$(3)/openssl/x509/crl.lua \
97	$$(DESTDIR)$(3)/openssl/x509/store.lua \	98	$$(DESTDIR)$(3)/openssl/x509/store.lua \
98	$$(DESTDIR)$(3)/openssl/ssl/context.lua \	99	$$(DESTDIR)$(3)/openssl/ssl/context.lua \
99	$$(DESTDIR)$(3)/openssl/ssl.lua \	100	$$(DESTDIR)$(3)/openssl/ssl.lua \


diff --git a/src/openssl.c b/src/openssl.c index 1d15f7c..ef5515e 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -85,6 +85,7 @@
85	#define X509_CERT_CLASS "X509*"	85	#define X509_CERT_CLASS "X509*"
86	#define X509_CHAIN_CLASS "STACK_OF(X509)*"	86	#define X509_CHAIN_CLASS "STACK_OF(X509)*"
87	#define X509_CSR_CLASS "X509_REQ*"	87	#define X509_CSR_CLASS "X509_REQ*"
		88	#define X509_CRL_CLASS "X509_CRL*"
88	#define X509_STORE_CLASS "X509_STORE*"	89	#define X509_STORE_CLASS "X509_STORE*"
89	#define X509_STCTX_CLASS "X509_STORE_CTX*"	90	#define X509_STCTX_CLASS "X509_STORE_CTX*"
90	#define SSL_CTX_CLASS "SSL_CTX*"	91	#define SSL_CTX_CLASS "SSL_CTX*"
@@ -2885,6 +2886,259 @@ int luaopen__openssl_x509_csr(lua_State *L) {
2885		2886
2886		2887
2887	/*	2888	/*
		2889	* X509_CRL - openssl.x509.crl
		2890	*
		2891	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
		2892
		2893	static int xx_new(lua_State *L) {
		2894	X509_CRL **ud;
		2895
		2896	ud = prepsimple(L, X509_CRL_CLASS);
		2897	if (!(*ud = X509_CRL_new())) throwssl(L, "x509.crl.new");
		2898
		2899	X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
		2900
		2901	return 1;
		2902	} /* xx_new() */
		2903
		2904
		2905	static int xx_interpose(lua_State *L) {
		2906	return interpose(L, X509_CRL_CLASS);
		2907	} /* xx_interpose() */
		2908
		2909
		2910	static int xx_getVersion(lua_State *L) {
		2911	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2912
		2913	lua_pushinteger(L, X509_CRL_get_version(crl) + 1);
		2914
		2915	return 1;
		2916	} /* xx_getVersion() */
		2917
		2918
		2919	static int xx_setVersion(lua_State *L) {
		2920	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2921	int version = luaL_checkint(L, 2);
		2922
		2923	if (!X509_CRL_set_version(crl, version - 1))
		2924	return luaL_error(L, "x509.crl:setVersion: %d: invalid version", version);
		2925
		2926	lua_pushboolean(L, 1);
		2927
		2928	return 1;
		2929	} /* xr_setVersion() */
		2930
		2931
		2932	static int xx_getUpdateTimes(lua_State *L) {
		2933	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2934	double begin = INFINITY, end = INFINITY;
		2935	ASN1_TIME *time;
		2936
		2937	if ((time = X509_CRL_get_lastUpdate(crl)))
		2938	begin = timeutc(time);
		2939
		2940	if ((time = X509_CRL_get_nextUpdate(crl)))
		2941	end = timeutc(time);
		2942
		2943	if (isfinite(begin))
		2944	lua_pushnumber(L, begin);
		2945	else
		2946	lua_pushnil(L);
		2947
		2948	if (isfinite(end))
		2949	lua_pushnumber(L, end);
		2950	else
		2951	lua_pushnil(L);
		2952
		2953	if (isfinite(begin) && isfinite(end) && begin <= end)
		2954	lua_pushnumber(L, fabs(end - begin));
		2955	else
		2956	lua_pushnumber(L, 0.0);
		2957
		2958	return 3;
		2959	} /* xx_getUpdateTimes() */
		2960
		2961
		2962	static int xx_setUpdateTimes(lua_State *L) {
		2963	int ok = 1;
		2964
		2965	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2966	double ut;
		2967	ASN1_TIME *time = NULL;
		2968
		2969	lua_settop(L, 3);
		2970
		2971	if (!lua_isnil(L, 2)) {
		2972	ut = lua_tonumber(L, 2);
		2973	if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), ut))
		2974	goto error;
		2975	}
		2976
		2977	if (!lua_isnil(L, 3)) {
		2978	ut = lua_tonumber(L, 3);
		2979	if (!(time = ASN1_TIME_new())) goto error;
		2980	if (!ASN1_TIME_set(time, ut)) goto error;
		2981	if (!X509_CRL_set_nextUpdate(crl, time)) goto error;
		2982	}
		2983
		2984	goto done;
		2985
		2986	error:
		2987	ok = 0;
		2988
		2989	done:
		2990	if (time) ASN1_TIME_free(time);
		2991
		2992	return ok ? 0 : throwssl(L, "x509.crl:setUpdateTimes");
		2993	} /* xx_setUpdateTimes() */
		2994
		2995
		2996	static int xx_getIssuer(lua_State *L) {
		2997	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		2998	X509_NAME *name;
		2999
		3000	if (!(name = X509_CRL_get_issuer(crl)))
		3001	return 0;
		3002
		3003	xn_dup(L, name);
		3004
		3005	return 1;
		3006	} /* xx_getIssuer() */
		3007
		3008
		3009	static int xx_setIssuer(lua_State *L) {
		3010	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3011	X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
		3012
		3013	if (!X509_CRL_set_issuer_name(crl, name))
		3014	return throwssl(L, "x509.crl:setIssuer");
		3015
		3016	lua_pushboolean(L, 1);
		3017
		3018	return 1;
		3019	} /* xx_setIssuer() */
		3020
		3021
		3022	static int xx_add(lua_State *L) {
		3023	int ok = 1;
		3024
		3025	lua_settop(L, 3);
		3026	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3027	BIGNUM *serial = checkbig(L, 2);
		3028
		3029	X509_REVOKED *rev = NULL;
		3030	ASN1_INTEGER *aserial = NULL;
		3031	ASN1_TIME *date = NULL;
		3032
		3033	if (!(rev = X509_REVOKED_new())) goto error;
		3034
		3035	if (!(aserial = BN_to_ASN1_INTEGER(serial, NULL))) goto error;
		3036	if (!X509_REVOKED_set_serialNumber(rev, aserial)) goto error;
		3037
		3038	if (!(date = ASN1_TIME_new())) goto error;
		3039	if (lua_isnil(L, 3)) X509_gmtime_adj(date, 0);
		3040	else if (!ASN1_TIME_set(date, luaL_checknumber(L, 3))) goto error;
		3041	if (!X509_REVOKED_set_revocationDate(rev, date)) goto error;
		3042
		3043	if (!X509_CRL_add0_revoked(crl, rev)) goto error;
		3044
		3045	goto done;
		3046
		3047	error:
		3048	ok = 0;
		3049
		3050	done:
		3051	if (date) ASN1_TIME_free(date);
		3052	if (serial) ASN1_INTEGER_free(aserial);
		3053	if (!ok && rev) X509_REVOKED_free(rev);
		3054
		3055	return ok ? 0 : throwssl(L, "x509.crl:add");
		3056	} /* xx_setIssuer() */
		3057
		3058
		3059	static int xx_sign(lua_State *L) {
		3060	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3061	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
		3062
		3063	if (!X509_CRL_sign(crl, key, xc_signature(L, 3, key)))
		3064	return throwssl(L, "x509.crl:sign");
		3065
		3066	lua_pushboolean(L, 1);
		3067
		3068	return 1;
		3069	} /* xx_sign() */
		3070
		3071
		3072	static int xx__tostring(lua_State *L) {
		3073	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		3074	int type = optencoding(L, 2, "pem", X509_PEM\|X509_DER);
		3075	BIO *bio = getbio(L);
		3076	char *data;
		3077	long len;
		3078
		3079	switch (type) {
		3080	case X509_PEM:
		3081	if (!PEM_write_bio_X509_CRL(bio, crl))
		3082	return throwssl(L, "x509.crl:__tostring");
		3083	break;
		3084	case X509_DER:
		3085	if (!i2d_X509_CRL_bio(bio, crl))
		3086	return throwssl(L, "x509.crl:__tostring");
		3087	break;
		3088	} /* switch() */
		3089
		3090	len = BIO_get_mem_data(bio, &data);
		3091
		3092	lua_pushlstring(L, data, len);
		3093
		3094	return 1;
		3095	} /* xx__tostring() */
		3096
		3097
		3098	static int xx__gc(lua_State *L) {
		3099	X509_CRL **ud = luaL_checkudata(L, 1, X509_CRL_CLASS);
		3100
		3101	X509_CRL_free(*ud);
		3102	*ud = NULL;
		3103
		3104	return 0;
		3105	} /* xx__gc() */
		3106
		3107	static const luaL_Reg xx_methods[] = {
		3108	{ "getVersion", &xx_getVersion },
		3109	{ "setVersion", &xx_setVersion },
		3110	{ "getUpdateTimes", &xx_getUpdateTimes },
		3111	{ "setUpdateTimes", &xx_setUpdateTimes },
		3112	{ "getIssuer", &xx_getIssuer },
		3113	{ "setIssuer", &xx_setIssuer },
		3114	{ "add", &xx_add },
		3115	{ "sign", &xx_sign },
		3116	{ NULL, NULL },
		3117	};
		3118
		3119	static const luaL_Reg xx_metatable[] = {
		3120	{ "__tostring", &xx__tostring },
		3121	{ "__gc", &xx__gc },
		3122	{ NULL, NULL },
		3123	};
		3124
		3125
		3126	static const luaL_Reg xx_globals[] = {
		3127	{ "new", &xx_new },
		3128	{ "interpose", &xx_interpose },
		3129	{ NULL, NULL },
		3130	};
		3131
		3132	int luaopen__openssl_x509_crl(lua_State *L) {
		3133	initall(L);
		3134
		3135	luaL_newlib(L, xx_globals);
		3136
		3137	return 1;
		3138	} /* luaopen__openssl_x509_crl() */
		3139
		3140
		3141	/*
2888	* STACK_OF(X509) - openssl.x509.chain	3142	* STACK_OF(X509) - openssl.x509.chain
2889	*	3143	*
2890	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	3144	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4465,6 +4719,7 @@ static void initall(lua_State *L) {
4465	addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);	4719	addclass(L, X509_GENS_CLASS, gn_methods, gn_metatable);
4466	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);	4720	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
4467	addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);	4721	addclass(L, X509_CSR_CLASS, xr_methods, xr_metatable);
		4722	addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
4468	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);	4723	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
4469	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);	4724	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
4470	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);	4725	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);


diff --git a/src/openssl.x509.crl.lua b/src/openssl.x509.crl.lua new file mode 100644 index 0000000..7f8a019 --- /dev/null +++ b/src/openssl.x509.crl.lua
@@ -0,0 +1 @@
			return require('_openssl.x509.crl')