diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/openssl.c | 65 |
1 files changed, 44 insertions, 21 deletions
diff --git a/src/openssl.c b/src/openssl.c index 6e4600a..1ef10e1 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -358,6 +358,14 @@ | |||
| 358 | #define HAVE_X509_CRL_GET0_NEXTUPDATE OPENSSL_PREREQ(1,1,0) | 358 | #define HAVE_X509_CRL_GET0_NEXTUPDATE OPENSSL_PREREQ(1,1,0) |
| 359 | #endif | 359 | #endif |
| 360 | 360 | ||
| 361 | #ifndef HAVE_X509_CRL_SET1_LASTUPDATE | ||
| 362 | #define HAVE_X509_CRL_SET1_LASTUPDATE OPENSSL_PREREQ(1,1,0) | ||
| 363 | #endif | ||
| 364 | |||
| 365 | #ifndef HAVE_X509_CRL_SET1_NEXTUPDATE | ||
| 366 | #define HAVE_X509_CRL_SET1_NEXTUPDATE OPENSSL_PREREQ(1,1,0) | ||
| 367 | #endif | ||
| 368 | |||
| 361 | #ifndef HAVE_X509_GET_SIGNATURE_NID | 369 | #ifndef HAVE_X509_GET_SIGNATURE_NID |
| 362 | #define HAVE_X509_GET_SIGNATURE_NID OPENSSL_PREREQ(1,0,2) | 370 | #define HAVE_X509_GET_SIGNATURE_NID OPENSSL_PREREQ(1,0,2) |
| 363 | #endif | 371 | #endif |
| @@ -1769,6 +1777,14 @@ static int compat_SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) { | |||
| 1769 | #define X509_CRL_get0_nextUpdate(crl) ((const ASN1_TIME*)X509_CRL_get_nextUpdate(crl)) | 1777 | #define X509_CRL_get0_nextUpdate(crl) ((const ASN1_TIME*)X509_CRL_get_nextUpdate(crl)) |
| 1770 | #endif | 1778 | #endif |
| 1771 | 1779 | ||
| 1780 | #if !HAVE_X509_CRL_SET1_LASTUPDATE | ||
| 1781 | #define X509_CRL_set1_lastUpdate(crl, s) X509_CRL_set_lastUpdate((crl), (ASN1_TIME*)(s)) | ||
| 1782 | #endif | ||
| 1783 | |||
| 1784 | #if !HAVE_X509_CRL_SET1_NEXTUPDATE | ||
| 1785 | #define X509_CRL_set1_nextUpdate(crl, s) X509_CRL_set_nextUpdate((crl), (ASN1_TIME*)(s)) | ||
| 1786 | #endif | ||
| 1787 | |||
| 1772 | #if !HAVE_X509_EXTENSION_GET0_OBJECT | 1788 | #if !HAVE_X509_EXTENSION_GET0_OBJECT |
| 1773 | #define X509_EXTENSION_get0_object(ext) X509_EXTENSION_get_object((ext)) | 1789 | #define X509_EXTENSION_get0_object(ext) X509_EXTENSION_get_object((ext)) |
| 1774 | #endif | 1790 | #endif |
| @@ -6855,10 +6871,21 @@ static int xx_new(lua_State *L) { | |||
| 6855 | if (!ok) | 6871 | if (!ok) |
| 6856 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); | 6872 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); |
| 6857 | } else { | 6873 | } else { |
| 6874 | ASN1_TIME *tm; | ||
| 6875 | |||
| 6858 | if (!(*ud = X509_CRL_new())) | 6876 | if (!(*ud = X509_CRL_new())) |
| 6859 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); | 6877 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); |
| 6860 | 6878 | ||
| 6861 | X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0); | 6879 | /* initialize last updated time to now */ |
| 6880 | if (!(tm = ASN1_TIME_set(NULL, time(NULL)))) | ||
| 6881 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); | ||
| 6882 | |||
| 6883 | if (!X509_CRL_set1_lastUpdate(*ud, tm)) { | ||
| 6884 | ASN1_TIME_free(tm); | ||
| 6885 | return auxL_error(L, auxL_EOPENSSL, "x509.crl.new"); | ||
| 6886 | } | ||
| 6887 | |||
| 6888 | ASN1_TIME_free(tm); | ||
| 6862 | } | 6889 | } |
| 6863 | 6890 | ||
| 6864 | return 1; | 6891 | return 1; |
| @@ -6912,14 +6939,21 @@ static int xx_getLastUpdate(lua_State *L) { | |||
| 6912 | static int xx_setLastUpdate(lua_State *L) { | 6939 | static int xx_setLastUpdate(lua_State *L) { |
| 6913 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); | 6940 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); |
| 6914 | double updated = luaL_checknumber(L, 2); | 6941 | double updated = luaL_checknumber(L, 2); |
| 6942 | ASN1_TIME *time; | ||
| 6915 | 6943 | ||
| 6916 | /* lastUpdate always present */ | 6944 | if (!(time = ASN1_TIME_set(NULL, updated))) |
| 6917 | if (!ASN1_TIME_set(X509_CRL_get_lastUpdate(crl), updated)) | 6945 | goto error; |
| 6918 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:setLastUpdate"); | 6946 | |
| 6947 | if (!X509_CRL_set1_lastUpdate(crl, time)) | ||
| 6948 | goto error; | ||
| 6919 | 6949 | ||
| 6920 | lua_pushboolean(L, 1); | 6950 | lua_pushboolean(L, 1); |
| 6921 | 6951 | ||
| 6922 | return 1; | 6952 | return 1; |
| 6953 | error: | ||
| 6954 | ASN1_TIME_free(time); | ||
| 6955 | |||
| 6956 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:setLastUpdate"); | ||
| 6923 | } /* xx_setLastUpdate() */ | 6957 | } /* xx_setLastUpdate() */ |
| 6924 | 6958 | ||
| 6925 | 6959 | ||
| @@ -6943,30 +6977,19 @@ static int xx_getNextUpdate(lua_State *L) { | |||
| 6943 | static int xx_setNextUpdate(lua_State *L) { | 6977 | static int xx_setNextUpdate(lua_State *L) { |
| 6944 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); | 6978 | X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS); |
| 6945 | double updateby = luaL_checknumber(L, 2); | 6979 | double updateby = luaL_checknumber(L, 2); |
| 6946 | ASN1_TIME *time = NULL; | 6980 | ASN1_TIME *time; |
| 6947 | |||
| 6948 | if (X509_CRL_get0_nextUpdate(crl)) { | ||
| 6949 | if (!ASN1_TIME_set(X509_CRL_get_nextUpdate(crl), updateby)) | ||
| 6950 | goto error; | ||
| 6951 | } else { | ||
| 6952 | if (!(time = ASN1_TIME_new())) | ||
| 6953 | goto error; | ||
| 6954 | |||
| 6955 | if (!(ASN1_TIME_set(time, updateby))) | ||
| 6956 | goto error; | ||
| 6957 | 6981 | ||
| 6958 | if (!X509_CRL_set_nextUpdate(crl, time)) | 6982 | if (!(time = ASN1_TIME_set(NULL, updateby))) |
| 6959 | goto error; | 6983 | goto error; |
| 6960 | 6984 | ||
| 6961 | time = NULL; | 6985 | if (!X509_CRL_set1_nextUpdate(crl, time)) |
| 6962 | } | 6986 | goto error; |
| 6963 | 6987 | ||
| 6964 | lua_pushboolean(L, 1); | 6988 | lua_pushboolean(L, 1); |
| 6965 | 6989 | ||
| 6966 | return 1; | 6990 | return 1; |
| 6967 | error: | 6991 | error: |
| 6968 | if (time) | 6992 | ASN1_TIME_free(time); |
| 6969 | ASN1_TIME_free(time); | ||
| 6970 | 6993 | ||
| 6971 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:setNextUpdate"); | 6994 | return auxL_error(L, auxL_EOPENSSL, "x509.crl:setNextUpdate"); |
| 6972 | } /* xx_setNextUpdate() */ | 6995 | } /* xx_setNextUpdate() */ |