From e9f16fa7037f72c02f4dc82a93f852d08d08ca39 Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Mon, 16 Jan 2017 16:35:13 +1100
Subject: Use X509_get_signature_nid instead of X509_get_signature_type to
 implement cert:getSignatureName()

Fixes #79
---
 src/openssl.c | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/src/openssl.c b/src/openssl.c
index fa7dd79..a640ed6 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -6017,23 +6017,17 @@ static int xc_getPublicKeyDigest(lua_State *L) {
 } /* xc_getPublicKeyDigest() */
 
 
-#if 0
-/*
- * TODO: X509_get_signature_type always seems to return NID_undef. Are we
- * using it wrong or is it broken?
- */
 static int xc_getSignatureName(lua_State *L) {
 	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
 	int nid;
 
-	if (NID_undef == (nid = X509_get_signature_type(crt)))
+	if (NID_undef == (nid = X509_get_signature_nid(crt)))
 		return 0;
 
 	auxL_pushnid(L, nid);
 
 	return 1;
 } /* xc_getSignatureName() */
-#endif
 
 
 static int xc_sign(lua_State *L) {
@@ -6180,9 +6174,7 @@ static const auxL_Reg xc_methods[] = {
 	{ "getPublicKey",  &xc_getPublicKey },
 	{ "setPublicKey",  &xc_setPublicKey },
 	{ "getPublicKeyDigest", &xc_getPublicKeyDigest },
-#if 0
 	{ "getSignatureName", &xc_getSignatureName },
-#endif
 	{ "sign",          &xc_sign },
 	{ "text",          &xc_text },
 	{ "tostring",      &xc__tostring },
-- 
cgit v1.2.3-55-g6feb


From 9c2be15399e2026849529cd7bc79df2b0bfff4a9 Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Mon, 3 Apr 2017 16:58:06 +1000
Subject: Add compat with openssl < 1.0.2 for X509_get_signature_nid

---
 src/openssl.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/openssl.c b/src/openssl.c
index a640ed6..dd406bc 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -302,6 +302,10 @@
 #define HAVE_SSLV2_SERVER_METHOD (!OPENSSL_PREREQ(1,1,0) && !defined OPENSSL_NO_SSL2)
 #endif
 
+#ifndef HAVE_X509_GET_SIGNATURE_NID
+#define HAVE_X509_GET_SIGNATURE_NID (OPENSSL_PREREQ(1,0,2))
+#endif
+
 #ifndef HAVE_X509_STORE_REFERENCES
 #define HAVE_X509_STORE_REFERENCES (!OPENSSL_PREREQ(1,1,0))
 #endif
@@ -1615,6 +1619,10 @@ static int compat_SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) {
 #define X509_get0_ext(crt, i) X509_get_ext((crt), (i))
 #endif
 
+#if !HAVE_X509_GET_SIGNATURE_NID
+#define X509_get_signature_nid(crt) OBJ_obj2nid((crt)->sig_alg->algorithm)
+#endif
+
 #if !HAVE_X509_CRL_GET0_EXT
 #define X509_CRL_get0_ext(crt, i) X509_CRL_get_ext((crt), (i))
 #endif
-- 
cgit v1.2.3-55-g6feb